mirror of
https://github.com/samba-team/samba.git
synced 2025-01-03 01:18:10 +03:00
waf: move krb5 checks to a separate waf file
With PROCESS_SEPARATE_RULE in wafsamba it is now possible to simplify configuration and checks for MIT/Heimdal Kerberos implementations. 1. Move MIT krb5 checks from source3/wscript to wscript_configure_krb5 2. Make sure they are called same way (--with-mit-krb5-checks) 3. If no configure checks identified MIT krb5 in system (or were disabled), make sure Heimdal build is selected, embedded (default) or system-provided. This makes logic of configuration unchanged for Heimdal builds but adds less hacky way to use MIT krb5 builds. The latter does not work yet as we need to untangle more subsystems from HDB/Heimdal-specific details but lays out a foundation for that. Signed-off-by: Simo Sorce <idra@samba.org>
This commit is contained in:
Alexander Bokovoy
Simo Sorce
parent
5b5b696c1e
commit
4291fdcf39
180
source3/wscript
180
source3/wscript
@ -542,186 +542,6 @@ msg.msg_acctrightslen = sizeof(fd);
|
||||
conf.SET_TARGET_TYPE('ldap', 'EMPTY')
|
||||
conf.SET_TARGET_TYPE('lber', 'EMPTY')
|
||||
|
||||
# Check for kerberos
|
||||
have_gssapi=False
|
||||
if Options.options.with_mit_krb5_checks:
|
||||
Logs.info("Looking for kerberos features")
|
||||
conf.find_program('krb5-config', var='KRB5_CONFIG')
|
||||
if conf.env.KRB5_CONFIG:
|
||||
conf.check_cfg(path="krb5-config", args="--cflags --libs",
|
||||
package="gssapi", uselib_store="KRB5")
|
||||
conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
|
||||
conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h com_err.h', lib='krb5')
|
||||
|
||||
if conf.CONFIG_SET('HAVE_KRB5_LOCATE_PLUGIN_H'):
|
||||
conf.env['WINBIND_KRB5_LOCATOR'] = 'bin/winbind_krb5_locator.so'
|
||||
|
||||
conf.CHECK_FUNCS_IN('_et_list', 'com_err')
|
||||
conf.CHECK_FUNCS_IN('krb5_encrypt_data', 'k5crypto')
|
||||
conf.CHECK_FUNCS_IN('des_set_key','crypto')
|
||||
conf.CHECK_FUNCS_IN('copy_Authenticator', 'asn1')
|
||||
conf.CHECK_FUNCS_IN('roken_getaddrinfo_hostspec', 'roken')
|
||||
if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
|
||||
conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
|
||||
have_gssapi=True
|
||||
conf.CHECK_FUNCS_IN('''
|
||||
gss_wrap_iov
|
||||
gss_krb5_import_cred
|
||||
gss_get_name_attribute
|
||||
gss_mech_krb5
|
||||
gss_oid_equal
|
||||
gss_inquire_sec_context_by_oid
|
||||
gsskrb5_extract_authz_data_from_sec_context
|
||||
gss_krb5_export_lucid_sec_context
|
||||
''', 'gssapi gssapi_krb5 krb5')
|
||||
conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
|
||||
conf.CHECK_FUNCS('''
|
||||
krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
|
||||
krb5_set_default_tgs_ktypes krb5_principal2salt
|
||||
krb5_c_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
|
||||
krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes
|
||||
krb5_get_default_in_tkt_etypes krb5_free_data_contents
|
||||
krb5_principal_get_comp_string krb5_free_unparsed_name
|
||||
krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init
|
||||
krb5_krbhst_get_addrinfo
|
||||
krb5_crypto_init krb5_crypto_destroy
|
||||
krb5_c_verify_checksum krb5_principal_compare_any_realm
|
||||
krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
|
||||
krb5_get_renewed_creds krb5_free_error_contents
|
||||
initialize_krb5_error_table krb5_get_init_creds_opt_alloc
|
||||
krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
|
||||
krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
|
||||
krb5_get_creds_opt_alloc krb5_get_creds_opt_set_impersonate krb5_get_creds
|
||||
krb5_get_credentials_for_user krb5_get_host_realm krb5_free_host_realm''',
|
||||
lib='krb5 k5crypto')
|
||||
conf.CHECK_DECLS('''krb5_get_credentials_for_user
|
||||
krb5_auth_con_set_req_cksumtype''',
|
||||
headers='krb5.h', always=True)
|
||||
conf.CHECK_VARIABLE('AP_OPTS_USE_SUBKEY', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('KV5M_KEYTAB', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('KRB5_KU_OTHER_CKSUM', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('KRB5_KEYUSAGE_APP_DATA_CKSUM', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('ENCTYPE_AES128_CTS_HMAC_SHA1_96', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('ENCTYPE_AES256_CTS_HMAC_SHA1_96', headers='krb5.h')
|
||||
conf.CHECK_DECLS('KRB5_PDU_NONE', reverse=True, headers='krb5.h')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'key', headers='krb5.h',
|
||||
define='HAVE_KRB5_KEYTAB_ENTRY_KEY')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'keyblock', headers='krb5.h',
|
||||
define='HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'magic', headers='krb5.h',
|
||||
define='HAVE_MAGIC_IN_KRB5_ADDRESS')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'addrtype', headers='krb5.h',
|
||||
define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
|
||||
define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
|
||||
|
||||
conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
krb5_context ctx;
|
||||
krb5_get_init_creds_opt *opt = NULL;
|
||||
krb5_get_init_creds_opt_free(ctx, opt);
|
||||
''',
|
||||
'KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT',
|
||||
headers='krb5.h', link=False,
|
||||
msg="Checking whether krb5_get_init_creds_opt_free takes a context argument")
|
||||
conf.CHECK_CODE('''
|
||||
const krb5_data *pkdata;
|
||||
krb5_context context;
|
||||
krb5_principal principal;
|
||||
pkdata = krb5_princ_component(context, principal, 0);
|
||||
''',
|
||||
'HAVE_KRB5_PRINC_COMPONENT',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether krb5_princ_component is available")
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
char buf[256];
|
||||
krb5_enctype_to_string(1, buf, 256);
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG',
|
||||
headers='krb5.h', lib='krb5 k5crypto',
|
||||
addmain=False, cflags='-Werror',
|
||||
msg="Checking whether krb5_enctype_to_string takes size_t argument")
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
krb5_context context = NULL;
|
||||
char *str = NULL;
|
||||
krb5_enctype_to_string(context, 1, &str);
|
||||
if (str) free (str);
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG',
|
||||
headers='krb5.h stdlib.h', lib='krb5',
|
||||
addmain=False, cflags='-Werror',
|
||||
msg="Checking whether krb5_enctype_to_string takes krb5_context argument")
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
krb5_context ctx = NULL;
|
||||
krb5_principal princ = NULL;
|
||||
const char *str = krb5_princ_realm(ctx, princ)->data;
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_PRINC_REALM',
|
||||
headers='krb5.h', lib='krb5',
|
||||
addmain=False,
|
||||
msg="Checking whether the macro krb5_princ_realm is defined")
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
krb5_context context;
|
||||
krb5_principal principal;
|
||||
const char *realm; realm = krb5_principal_get_realm(context, principal);
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_PRINCIPAL_GET_REALM',
|
||||
headers='krb5.h', lib='krb5',
|
||||
addmain=False,
|
||||
msg="Checking whether krb5_principal_get_realm is defined")
|
||||
conf.CHECK_CODE('''
|
||||
krb5_enctype enctype;
|
||||
enctype = ENCTYPE_ARCFOUR_HMAC_MD5;
|
||||
''',
|
||||
'_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type definition is available");
|
||||
conf.CHECK_CODE('''
|
||||
krb5_keytype keytype;
|
||||
keytype = KEYTYPE_ARCFOUR_56;
|
||||
''',
|
||||
'_HAVE_KEYTYPE_ARCFOUR_56',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether the HAVE_KEYTYPE_ARCFOUR_56 key type definition is available");
|
||||
if conf.CONFIG_SET('_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and conf.CONFIG_SET('_HAVE_KEYTYPE_ARCFOUR_56'):
|
||||
conf.DEFINE('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5', '1')
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
krb5_enctype enctype;
|
||||
enctype = ENCTYPE_ARCFOUR_HMAC;
|
||||
''',
|
||||
'HAVE_ENCTYPE_ARCFOUR_HMAC',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether the ENCTYPE_ARCFOUR_HMAC key type definition is available");
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
krb5_context context;
|
||||
krb5_keytab keytab;
|
||||
krb5_init_context(&context);
|
||||
return krb5_kt_resolve(context, "WRFILE:api", &keytab);
|
||||
''',
|
||||
'HAVE_WRFILE_KEYTAB',
|
||||
headers='krb5.h', lib='krb5', execute=True,
|
||||
msg="Checking whether the WRFILE:-keytab is supported");
|
||||
|
||||
# Check for KRB5_DEPRECATED handling
|
||||
conf.CHECK_CODE('''#define KRB5_DEPRECATED 1
|
||||
#include <krb5.h>''',
|
||||
'HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER', addmain=False,
|
||||
link=False,
|
||||
msg="Checking for KRB5_DEPRECATED define taking an identifier")
|
||||
|
||||
if Options.options.with_ads:
|
||||
use_ads=True
|
||||
if not conf.CONFIG_SET('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and \
|
||||
|
||||
9
wscript
9
wscript
@ -84,7 +84,14 @@ def configure(conf):
|
||||
|
||||
conf.RECURSE('dynconfig')
|
||||
conf.RECURSE('lib/ldb')
|
||||
if not os.getenv('USING_SYSTEM_KRB5'):
|
||||
if Options.options.with_mit_krb5_checks:
|
||||
conf.PROCESS_SEPARATE_RULE('krb5')
|
||||
# Only process heimdal_build for non-MIT KRB5 builds
|
||||
# When MIT KRB5 checks are done as above, conf.env.KRB5_VENDOR will be set
|
||||
# to the lowcased output of 'krb5-config --vendor'.
|
||||
# If it is not set or the output is 'heimdal', we are dealing with
|
||||
# system-provided or embedded Heimdal build
|
||||
if conf.CONFIG_GET('KRB5_VENDOR') in (None, 'heimdal'):
|
||||
conf.RECURSE('source4/heimdal_build')
|
||||
conf.RECURSE('source4/lib/tls')
|
||||
conf.RECURSE('source4/ntvfs/sysdep')
|
||||
|
||||
@ -95,7 +95,6 @@ bld.RECURSE('libcli/smb')
|
||||
bld.RECURSE('libcli/util')
|
||||
bld.RECURSE('libcli/cldap')
|
||||
bld.RECURSE('lib/subunit/c')
|
||||
bld.RECURSE('source4/kdc')
|
||||
bld.RECURSE('lib/smbconf')
|
||||
bld.RECURSE('lib/async_req')
|
||||
bld.RECURSE('libcli/security')
|
||||
@ -112,17 +111,16 @@ bld.RECURSE('libcli/registry')
|
||||
bld.RECURSE('source4/lib/policy')
|
||||
bld.RECURSE('libcli/named_pipe_auth')
|
||||
|
||||
if bld.CONFIG_SET("USING_SYSTEM_KRB5"):
|
||||
if bld.CONFIG_SET("HEIMDAL_KRB5_CONFIG") and bld.CONFIG_SET("KRB5_CONFIG"):
|
||||
if bld.CONFIG_GET("HEIMDAL_KRB5_CONFIG") != bld.CONFIG_GET("KRB5_CONFIG"):
|
||||
if bld.CONFIG_GET('KRB5_VENDOR') in (None, 'heimdal'):
|
||||
if bld.CONFIG_GET("HEIMDAL_KRB5_CONFIG") and bld.CONFIG_GET("USING_SYSTEM_KRB5"):
|
||||
# When both HEIMDAL_KRB5_CONFIG and KRB5_CONFIG are set and not equal,
|
||||
# it means one is Heimdal-specific (krb5-config.heimdal, for example)
|
||||
# and there is system heimdal
|
||||
bld.PROCESS_SEPARATE_RULE('system_heimdal')
|
||||
else:
|
||||
bld.PROCESS_SEPARATE_RULE('system_krb5')
|
||||
else:
|
||||
bld.PROCESS_SEPARATE_RULE('embedded_heimdal')
|
||||
else:
|
||||
bld.PROCESS_SEPARATE_RULE('system_mitkrb5')
|
||||
|
||||
bld.RECURSE('libcli/smbreadline')
|
||||
bld.RECURSE('codepages')
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
import Logs
|
||||
|
||||
Logs.info("\tSelected embedded Heimdal build")
|
||||
bld.RECURSE('source4/kdc')
|
||||
bld.RECURSE('source4/heimdal_build')
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
import Logs
|
||||
|
||||
Logs.info("\tSelected system Heimdal build")
|
||||
bld.RECURSE('source4/kdc')
|
||||
bld.RECURSE('source4/heimdal_build')
|
||||
|
||||
187
wscript_configure_krb5
Normal file
187
wscript_configure_krb5
Normal file
@ -0,0 +1,187 @@
|
||||
import Logs, Options
|
||||
|
||||
# Check for kerberos
|
||||
have_gssapi=False
|
||||
|
||||
Logs.info("Looking for kerberos features")
|
||||
conf.find_program('krb5-config.heimdal', var='HEIMDAL_KRB5_CONFIG')
|
||||
conf.find_program('krb5-config', var='KRB5_CONFIG')
|
||||
if conf.env.KRB5_CONFIG:
|
||||
conf.check_cfg(path="krb5-config", args="--cflags --libs",
|
||||
package="gssapi", uselib_store="KRB5")
|
||||
vendor = conf.cmd_and_log("%(path)s --vendor" % dict(path=conf.env.KRB5_CONFIG), dict())
|
||||
conf.env.KRB5_VENDOR = vendor.strip().lower()
|
||||
if conf.env.KRB5_VENDOR != 'heimdal':
|
||||
conf.define('USING_SYSTEM_KRB5', 1)
|
||||
del conf.env.HEIMDAL_KRB5_CONFIG
|
||||
|
||||
conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
|
||||
conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h com_err.h', lib='krb5')
|
||||
|
||||
if conf.CONFIG_SET('HAVE_KRB5_LOCATE_PLUGIN_H'):
|
||||
conf.env['WINBIND_KRB5_LOCATOR'] = 'bin/winbind_krb5_locator.so'
|
||||
|
||||
conf.CHECK_FUNCS_IN('_et_list', 'com_err')
|
||||
conf.CHECK_FUNCS_IN('krb5_encrypt_data', 'k5crypto')
|
||||
conf.CHECK_FUNCS_IN('des_set_key','crypto')
|
||||
conf.CHECK_FUNCS_IN('copy_Authenticator', 'asn1')
|
||||
conf.CHECK_FUNCS_IN('roken_getaddrinfo_hostspec', 'roken')
|
||||
if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
|
||||
conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
|
||||
have_gssapi=True
|
||||
conf.CHECK_FUNCS_IN('''
|
||||
gss_wrap_iov
|
||||
gss_krb5_import_cred
|
||||
gss_get_name_attribute
|
||||
gss_mech_krb5
|
||||
gss_oid_equal
|
||||
gss_inquire_sec_context_by_oid
|
||||
gsskrb5_extract_authz_data_from_sec_context
|
||||
gss_krb5_export_lucid_sec_context
|
||||
''', 'gssapi gssapi_krb5 krb5')
|
||||
conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
|
||||
conf.CHECK_FUNCS('''
|
||||
krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
|
||||
krb5_set_default_tgs_ktypes krb5_principal2salt
|
||||
krb5_c_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
|
||||
krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes
|
||||
krb5_get_default_in_tkt_etypes krb5_free_data_contents
|
||||
krb5_principal_get_comp_string krb5_free_unparsed_name
|
||||
krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init
|
||||
krb5_krbhst_get_addrinfo
|
||||
krb5_crypto_init krb5_crypto_destroy
|
||||
krb5_c_verify_checksum krb5_principal_compare_any_realm
|
||||
krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
|
||||
krb5_get_renewed_creds krb5_free_error_contents
|
||||
initialize_krb5_error_table krb5_get_init_creds_opt_alloc
|
||||
krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
|
||||
krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
|
||||
krb5_get_creds_opt_alloc krb5_get_creds_opt_set_impersonate krb5_get_creds
|
||||
krb5_get_credentials_for_user krb5_get_host_realm krb5_free_host_realm''',
|
||||
lib='krb5 k5crypto')
|
||||
conf.CHECK_DECLS('''krb5_get_credentials_for_user
|
||||
krb5_auth_con_set_req_cksumtype''',
|
||||
headers='krb5.h', always=True)
|
||||
conf.CHECK_VARIABLE('AP_OPTS_USE_SUBKEY', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('KV5M_KEYTAB', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('KRB5_KU_OTHER_CKSUM', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('KRB5_KEYUSAGE_APP_DATA_CKSUM', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('ENCTYPE_AES128_CTS_HMAC_SHA1_96', headers='krb5.h')
|
||||
conf.CHECK_VARIABLE('ENCTYPE_AES256_CTS_HMAC_SHA1_96', headers='krb5.h')
|
||||
conf.CHECK_DECLS('KRB5_PDU_NONE', reverse=True, headers='krb5.h')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'key', headers='krb5.h',
|
||||
define='HAVE_KRB5_KEYTAB_ENTRY_KEY')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'keyblock', headers='krb5.h',
|
||||
define='HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'magic', headers='krb5.h',
|
||||
define='HAVE_MAGIC_IN_KRB5_ADDRESS')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'addrtype', headers='krb5.h',
|
||||
define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
|
||||
define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
|
||||
|
||||
conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
krb5_context ctx;
|
||||
krb5_get_init_creds_opt *opt = NULL;
|
||||
krb5_get_init_creds_opt_free(ctx, opt);
|
||||
''',
|
||||
'KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT',
|
||||
headers='krb5.h', link=False,
|
||||
msg="Checking whether krb5_get_init_creds_opt_free takes a context argument")
|
||||
conf.CHECK_CODE('''
|
||||
const krb5_data *pkdata;
|
||||
krb5_context context;
|
||||
krb5_principal principal;
|
||||
pkdata = krb5_princ_component(context, principal, 0);
|
||||
''',
|
||||
'HAVE_KRB5_PRINC_COMPONENT',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether krb5_princ_component is available")
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
char buf[256];
|
||||
krb5_enctype_to_string(1, buf, 256);
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG',
|
||||
headers='krb5.h', lib='krb5 k5crypto',
|
||||
addmain=False, cflags='-Werror',
|
||||
msg="Checking whether krb5_enctype_to_string takes size_t argument")
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
krb5_context context = NULL;
|
||||
char *str = NULL;
|
||||
krb5_enctype_to_string(context, 1, &str);
|
||||
if (str) free (str);
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG',
|
||||
headers='krb5.h stdlib.h', lib='krb5',
|
||||
addmain=False, cflags='-Werror',
|
||||
msg="Checking whether krb5_enctype_to_string takes krb5_context argument")
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
krb5_context ctx = NULL;
|
||||
krb5_principal princ = NULL;
|
||||
const char *str = krb5_princ_realm(ctx, princ)->data;
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_PRINC_REALM',
|
||||
headers='krb5.h', lib='krb5',
|
||||
addmain=False,
|
||||
msg="Checking whether the macro krb5_princ_realm is defined")
|
||||
conf.CHECK_CODE('''
|
||||
int main(void) {
|
||||
krb5_context context;
|
||||
krb5_principal principal;
|
||||
const char *realm; realm = krb5_principal_get_realm(context, principal);
|
||||
return 0;
|
||||
}''',
|
||||
'HAVE_KRB5_PRINCIPAL_GET_REALM',
|
||||
headers='krb5.h', lib='krb5',
|
||||
addmain=False,
|
||||
msg="Checking whether krb5_principal_get_realm is defined")
|
||||
conf.CHECK_CODE('''
|
||||
krb5_enctype enctype;
|
||||
enctype = ENCTYPE_ARCFOUR_HMAC_MD5;
|
||||
''',
|
||||
'_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type definition is available");
|
||||
conf.CHECK_CODE('''
|
||||
krb5_keytype keytype;
|
||||
keytype = KEYTYPE_ARCFOUR_56;
|
||||
''',
|
||||
'_HAVE_KEYTYPE_ARCFOUR_56',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether the HAVE_KEYTYPE_ARCFOUR_56 key type definition is available");
|
||||
if conf.CONFIG_SET('_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and conf.CONFIG_SET('_HAVE_KEYTYPE_ARCFOUR_56'):
|
||||
conf.DEFINE('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5', '1')
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
krb5_enctype enctype;
|
||||
enctype = ENCTYPE_ARCFOUR_HMAC;
|
||||
''',
|
||||
'HAVE_ENCTYPE_ARCFOUR_HMAC',
|
||||
headers='krb5.h', lib='krb5',
|
||||
msg="Checking whether the ENCTYPE_ARCFOUR_HMAC key type definition is available");
|
||||
|
||||
conf.CHECK_CODE('''
|
||||
krb5_context context;
|
||||
krb5_keytab keytab;
|
||||
krb5_init_context(&context);
|
||||
return krb5_kt_resolve(context, "WRFILE:api", &keytab);
|
||||
''',
|
||||
'HAVE_WRFILE_KEYTAB',
|
||||
headers='krb5.h', lib='krb5', execute=True,
|
||||
msg="Checking whether the WRFILE:-keytab is supported");
|
||||
# Check for KRB5_DEPRECATED handling
|
||||
conf.CHECK_CODE('''#define KRB5_DEPRECATED 1
|
||||
#include <krb5.h>''',
|
||||
'HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER', addmain=False,
|
||||
link=False,
|
||||
msg="Checking for KRB5_DEPRECATED define taking an identifier")
|
||||
Loading…
Reference in New Issue
Block a user