From 0d27ed1c19d6de6bd50ab1f5096aee1c1ee97f69 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 24 Feb 2004 10:37:33 +1100 Subject: [PATCH] - (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found with krb5-config, hunt down gssapi.h and friends. Based partially on patch from deengert at anl.gov. For the MIT Kerberos bug against krb5-config related to this see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=2240 --- ChangeLog | 5 ++++- configure.ac | 31 +++++++++++++++---------------- gss-serv-krb5.c | 8 ++++++-- ssh-gss.h | 12 ++++++++++-- 4 files changed, 35 insertions(+), 21 deletions(-) diff --git a/ChangeLog b/ChangeLog index 10a82eec8..297a12773 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,9 @@ - markus@cvs.openbsd.org 2004/02/23 15:16:46 [version.h] enter 3.8 + - (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found + with krb5-config, hunt down gssapi.h and friends. Based partially on patch + from deengert at anl.gov. 20040223 - (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in the @@ -1916,4 +1919,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.3247 2004/02/23 22:24:01 dtucker Exp $ +$Id: ChangeLog,v 1.3248 2004/02/23 23:37:33 dtucker Exp $ diff --git a/configure.ac b/configure.ac index 15bb53322..3769a739e 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.200 2004/02/22 00:37:48 dtucker Exp $ +# $Id: configure.ac,v 1.201 2004/02/23 23:37:33 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -2084,18 +2084,15 @@ AC_ARG_WITH(kerberos5, AC_MSG_CHECKING(for gssapi support) if $KRB5CONF | grep gssapi >/dev/null ; then AC_MSG_RESULT(yes) - K5CFLAGS="`$KRB5CONF --cflags gssapi`" - dnl m4 quadragraphs: "sed 's/-l[^ ]* //g'" - K5LDFLAGS="`$KRB5CONF --libs gssapi | sed 's/-l@<:@^ @:>@* //g'`" - K5LIBS="`$KRB5CONF --libs gssapi | sed 's/-L@<:@^ @:>@* //g'`" + AC_DEFINE(GSSAPI) + k5confopts=gssapi else AC_MSG_RESULT(no) - K5CFLAGS="`$KRB5CONF --cflags`" - K5LDFLAGS="`$KRB5CONF --libs | sed 's/-l@<:@^ @:>@* //g'`" - K5LIBS="`$KRB5CONF --libs | sed 's/-L@<:@^ @:>@* //g'`" + k5confopts="" fi + K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" + K5LIBS="`$KRB5CONF --libs $k5confopts`" CPPFLAGS="$CPPFLAGS $K5CFLAGS" - LDFLAGS="$LDFLAGS $K5LDFLAGS" AC_MSG_CHECKING(whether we are using Heimdal) AC_TRY_COMPILE([ #include ], [ char *tmp = heimdal_version; ], @@ -2152,14 +2149,16 @@ AC_ARG_WITH(kerberos5, if test ! -z "$blibpath" ; then blibpath="$blibpath:${KRB5ROOT}/lib" fi - fi ] - AC_SEARCH_LIBS(k_hasafs, kafs, - [ AC_DEFINE(USE_AFS) - K5LIBS="-lkafs $K5LIBS" - ] - ) + fi + + AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) + AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) + AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) + + LIBS="$LIBS $K5LIBS" + AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) + ] ) -LIBS="$LIBS $K5LIBS" # Looking for programs, paths and files diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 7373beb6d..8ba3e7182 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -39,9 +39,13 @@ extern ServerOptions options; #ifdef HEIMDAL -#include +# include #else -#include +# ifdef HAVE_GSSAPI_KRB5 +# include +# elif HAVE_GSSAPI_GSSAPI_KRB5 +# include +# endif #endif static krb5_context krb_context = NULL; diff --git a/ssh-gss.h b/ssh-gss.h index 2b6fe2130..4f032aa8f 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -30,11 +30,19 @@ #include "buffer.h" +#ifdef HAVE_GSSAPI_H #include +#elif defined(HAVE_GSSAPI_GSSAPI_H) +#include +#endif #ifdef KRB5 -#ifndef HEIMDAL -#include +# ifndef HEIMDAL +# ifdef HAVE_GSSAPI_GENERIC_H +# include +# elif defined(HAVE_GSSAPI_GSSAPI_GENERIC_H) +# include +# endif /* MIT Kerberos doesn't seem to define GSS_NT_HOSTBASED_SERVICE */