-import Logs, Options
+import Logs, Options, sys
# Check for kerberos
have_gssapi=False
Logs.info("Looking for kerberos features")
conf.find_program('krb5-config.heimdal', var='HEIMDAL_KRB5_CONFIG')
-conf.find_program('krb5-config', var='KRB5_CONFIG')
+
+if isinstance(Options.options.with_system_mitkrb5, list):
+ path_krb5_config = [x+'/bin' for x in Options.options.with_system_mitkrb5]
+else:
+ path_krb5_config = None
+
+conf.find_program('krb5-config', path_list=path_krb5_config, var='KRB5_CONFIG')
if conf.env.KRB5_CONFIG:
- conf.check_cfg(path="krb5-config", args="--cflags --libs",
+ conf.check_cfg(path=conf.env.KRB5_CONFIG, args="--cflags --libs",
package="", uselib_store="KRB5")
krb5_define_syslib(conf, "krb5", conf.env['LIB_KRB5'])
- for lib in conf.env['LIB_KRB5']:
- krb5_define_syslib(conf, lib, lib)
- conf.check_cfg(path="krb5-config", args="--cflags --libs",
+ conf.check_cfg(path=conf.env.KRB5_CONFIG, args="--cflags --libs",
package="gssapi", uselib_store="GSSAPI")
krb5_define_syslib(conf, "gssapi", conf.env['LIB_GSSAPI'])
+ if 'gssapi_krb5' in conf.env['LIB_GSSAPI']:
+ krb5_define_syslib(conf, "gssapi_krb5", conf.env['LIB_GSSAPI'])
vendor = conf.cmd_and_log("%(path)s --vendor" % dict(path=conf.env.KRB5_CONFIG), dict())
conf.env.KRB5_VENDOR = vendor.strip().lower()
if conf.env.KRB5_VENDOR != 'heimdal':
conf.define('USING_SYSTEM_KRB5', 1)
del conf.env.HEIMDAL_KRB5_CONFIG
+ kversion = conf.cmd_and_log("%(path)s --version" % dict(path=conf.env.KRB5_CONFIG), dict()).strip()
+ kversion_split = kversion.split(' ')[-1].split('.')
+ # drop '-prerelease' suffix
+ if kversion_split[-1].find('-') > 0:
+ last_digit = kversion_split[-1].split('-')[0]
+ kversion_split[-1] = last_digit
+ kversion_check = map(int, kversion_split)
+ if kversion_check < [1, 9]:
+ Logs.error('ERROR: MIT krb5 build requires at least 1.9.0. %s is found and cannot be used' % (kversion))
+ Logs.error('ERROR: You may try to build with embedded Heimdal Kerebros by not specifying --with-system-mitkrb5')
+ sys.exit(1)
+ else:
+ Logs.info('%s is detected, MIT krb5 build can proceed' % (kversion))
conf.check_cfg(args="--cflags --libs", package="com_err", uselib_store="com_err")
conf.CHECK_FUNCS_IN('_et_list', 'com_err')
conf.CHECK_FUNCS_IN('des_set_key','crypto')
conf.CHECK_FUNCS_IN('copy_Authenticator', 'asn1')
conf.CHECK_FUNCS_IN('roken_getaddrinfo_hostspec', 'roken')
-if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
- conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
+
+if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi gssapi_krb5'):
have_gssapi=True
+
+if not have_gssapi:
+ if conf.env.KRB5_CONFIG and conf.env.KRB5_CONFIG != 'heimdal':
+ Logs.error("ERROR: WAF build with MIT Krb5 requires working GSSAPI implementation")
+ sys.exit(1)
+
conf.CHECK_FUNCS_IN('''
gss_wrap_iov
gss_krb5_import_cred
gsskrb5_extract_authz_data_from_sec_context
gss_krb5_export_lucid_sec_context
gss_import_cred gss_export_cred
- ''', 'gssapi gssapi_krb5 krb5')
+ ''', 'gssapi gssapi_krb5')
conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
conf.CHECK_FUNCS('''
krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
krb5_get_init_creds_keyblock krb5_get_init_creds_keytab
krb5_make_principal krb5_build_principal_alloc_va
krb5_cc_get_lifetime krb5_cc_retrieve_cred
- krb5_free_checksum_contents krb5_c_make_checksum''',
+ krb5_free_checksum_contents krb5_c_make_checksum krb5_create_checksum''',
lib='krb5 k5crypto')
conf.CHECK_DECLS('''krb5_get_credentials_for_user
krb5_auth_con_set_req_cksumtype''',
}''',
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG',
headers='krb5.h', lib='krb5 k5crypto',
- addmain=False, cflags='-Werror',
+ addmain=False, cflags=conf.env['WERROR_CFLAGS'],
msg="Checking whether krb5_enctype_to_string takes size_t argument")
conf.CHECK_CODE('''
}''',
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG',
headers='krb5.h stdlib.h', lib='krb5',
- addmain=False, cflags='-Werror',
+ addmain=False, cflags=conf.env['WERROR_CFLAGS'],
msg="Checking whether krb5_enctype_to_string takes krb5_context argument")
conf.CHECK_CODE('''
int main(void) {
'HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER', addmain=False,
link=False,
msg="Checking for KRB5_DEPRECATED define taking an identifier")
+
+conf.CHECK_CODE('''
+ krb5_creds creds;
+ creds.flags.b.initial = 0;
+ ''',
+ 'HAVE_FLAGS_IN_KRB5_CREDS',
+ headers='krb5.h', lib='krb5', execute=False,
+ msg="Checking whether krb5_creds have flags property")
git.samba.org / kai / samba.git / blobdiff