+ ethereal_save_CFLAGS="$CFLAGS"
+ ethereal_save_CPPFLAGS="$CPPFLAGS"
+ if test "x$krb5_dir" != "x"
+ then
+ #
+ # The user specified a directory in which kerberos resides,
+ # so add the "include" subdirectory of that directory to
+ # the include file search path and the "lib" subdirectory
+ # of that directory to the library search path.
+ #
+ # XXX - if there's also a kerberos in a directory that's
+ # already in CFLAGS, CPPFLAGS, or LDFLAGS, this won't
+ # make us find the version in the specified directory,
+ # as the compiler and/or linker will search that other
+ # directory before it searches the specified directory.
+ #
+ CFLAGS="$CFLAGS -I$krb5_dir/include"
+ CPPFLAGS="$CPPFLAGS -I$krb5_dir/include"
+ ac_heimdal_version=`grep heimdal $krb5_dir/include/krb5.h | head -n 1 | sed 's/^.*heimdal.*$/HEIMDAL/'`
+ ac_mit_version=`grep 'Massachusetts Institute of Technology' $krb5_dir/include/krb5.h | head -n 1 | sed 's/^.*Massachusetts Institute of Technology.*$/MIT/'`
+ ac_krb5_version="$ac_heimdal_version$ac_mit_version"
+ if test "x$ac_krb5_version" = "xHEIMDAL"
+ KRB5_LIBS="-L$krb5_dir/lib -lkrb5 -lasn1 $SSL_LIBS -lroken -lcrypt"
+ then
+ KRB5_LIBS="-L$krb5_dir/lib -lkrb5 -lk5crypto -lcom_err"
+ fi
+ if test "x$ac_krb5_version" = "xMIT"
+ then
+ AC_DEFINE(HAVE_MIT_KERBEROS, 1, [Define to use MIT kerberos])
+ fi
+ else
+ AC_PATH_PROG(KRB5_CONFIG, krb5-config)
+ if test -x "$KRB5_CONFIG"
+ then
+ KRB5_FLAGS=`"$KRB5_CONFIG" --cflags`
+ KRB5_LIBS=`"$KRB5_CONFIG" --libs`
+ CFLAGS="$CFLAGS $KRB5_FLAGS"
+ CPPFLAGS="$CPPFLAGS $KRB5_FLAGS"
+ #
+ # If -lcrypto is in KRB5_FLAGS, we require it to build
+ # with Heimdal/MIT. We don't want to built with it by
+ # default, due to annoying license incompatibilities
+ # between the OpenSSL license and the GPL, so:
+ #
+ # if SSL_LIBS is set to a non-empty string, we
+ # remove -lcrypto from KRB5_LIBS and replace
+ # it with SSL_LIBS;
+ #
+ # if SSL_LIBS is not set to a non-empty string
+ # we fail with an appropriate error message.
+ #
+ case "$KRB5_LIBS" in
+ *-lcrypto*)
+ if test ! -z "$SSL_LIBS"
+ then
+ KRB5_LIBS=`echo $KRB5_LIBS | sed 's/-lcrypto//'`
+ KRB5_LIBS="$KRB5_LIBS $SSL_LIBS"
+ else
+ AC_MSG_ERROR([Kerberos library requires -lcrypto but --with-ssl not specified])
+ fi
+ ;;
+ esac
+ ac_krb5_version=`"$KRB5_CONFIG" --version | head -n 1 | sed -e 's/^.*heimdal.*$/HEIMDAL/' -e 's/^Kerberos .*$/MIT/'`
+ fi
+ fi
+
+ #
+ # Make sure we have "krb5.h". If we don't, it means we probably
+ # don't have kerberos, so don't use it.
+ #
+ AC_CHECK_HEADER(krb5.h,,
+ [
+ if test "x$krb5_dir" != "x"
+ then
+ #
+ # The user used "--with-krb5=" to specify a directory
+ # containing kerberos, but we didn't find the header file
+ # there; that either means they didn't specify the
+ # right directory or are confused about whether kerberos
+ # is, in fact, installed. Report the error and give up.
+ #
+ AC_MSG_ERROR([kerberos header not found in directory specified in --with-krb5])
+ else
+ if test "x$want_krb5" = "xyes"
+ then
+ #
+ # The user tried to force us to use the library, but we
+ # couldn't find the header file; report an error.
+ #
+ AC_MSG_ERROR(Header file krb5.h not found.)
+ else
+ #
+ # We couldn't find the header file; don't use the
+ # library, as it's probably not present.
+ #
+ want_krb5=no
+ AC_MSG_RESULT(No Heimdal or MIT header found - disabling dissection for some kerberos data in packet decoding)
+ fi
+ fi
+ ])
+
+ if test "x$want_krb5" != "xno"
+ then
+ #
+ # Well, we at least have the krb5 header file.
+ # Check whether this is Heimdal or MIT.
+ #
+ AC_MSG_CHECKING(whether the Kerberos library is Heimdal or MIT)
+ if test "x$ac_krb5_version" = "xHEIMDAL" -o "x$ac_krb5_version" = "xMIT"
+ then
+ #
+ # Yes.
+ # Check whether we have krb5_kt_resolve - and whether
+ # we need to link with -lresolv when linking with
+ # the Kerberos library.
+ #
+ AC_MSG_RESULT($ac_krb5_version)
+ ethereal_save_LIBS="$LIBS"
+ found_krb5_kt_resolve=no
+ for extras in "" "-lresolv"
+ do
+ LIBS="$KRB5_LIBS $extras"
+ if test -z "$extras"
+ then
+ AC_MSG_CHECKING([whether $ac_krb5_version includes krb5_kt_resolve])
+ else
+ AC_MSG_CHECKING([whether $ac_krb5_version includes krb5_kt_resolve (linking with $extras)])
+ fi
+ AC_TRY_LINK(
+ [
+ ],
+ [
+ krb5_kt_resolve();
+ ],
+ [
+ #
+ # We found "krb5_kt_resolve()", and required
+ # the libraries in extras as well.
+ #
+ AC_MSG_RESULT(yes)
+ KRB5_LIBS="$LIBS"
+ AC_DEFINE(HAVE_KERBEROS, 1, [Define to use kerberos])
+ if test "x$ac_krb5_version" = "xHEIMDAL"
+ then
+ AC_DEFINE(HAVE_HEIMDAL_KERBEROS, 1, [Define to use heimdal kerberos])
+ elif test "x$ac_krb5_version" = "xMIT"
+ then
+ AC_DEFINE(HAVE_MIT_KERBEROS, 1, [Define to use MIT kerberos])
+ fi
+ found_krb5_kt_resolve=yes
+ break
+ ],
+ [
+ AC_MSG_RESULT(no)
+ ])
+ done
+ if test "$found_krb5_kt_resolve" = no
+ then
+ #
+ # We didn't find "krb5_kt_resolve()" in the
+ # Kerberos library, even when we tried linking
+ # with -lresolv; we can't link with kerberos.
+ #
+ if test "x$want_krb5" = "xyes"
+ then
+ #
+ # The user tried to force us to use the library,
+ # but we can't do so; report an error.
+ #
+ AC_MSG_ERROR(Usable $ac_krb5_version not found)
+ else
+ #
+ # Restore the versions of CFLAGS and CPPFLAGS
+ # from before we added the flags for Kerberos.
+ #
+ AC_MSG_RESULT(Usable $ac_krb5_version not found - disabling dissection for some kerberos data in packet decoding)
+ CFLAGS="$ethereal_save_CFLAGS"
+ CPPFLAGS="$ethereal_save_CPPFLAGS"
+ KRB5_LIBS=""
+ want_krb5=no
+ fi
+ else
+ #
+ # We can link with Kerberos; see whether krb5.h
+ # defines KEYTYPE_ARCFOUR_56 (where "defines" means
+ # "as a #define or as an enum member).
+ #
+ AC_MSG_CHECKING([whether krb5.h defines KEYTYPE_ARCFOUR_56])
+ AC_COMPILE_IFELSE(
+ [
+ AC_LANG_SOURCE(
+ [[
+ #include <krb5.h>
+ #include <stdio.h>
+
+ main()
+ {
+ printf("%u\n", KEYTYPE_ARCFOUR_56);
+ }
+ ]])
+ ],
+ [