summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsource3/wscript180
-rwxr-xr-xwscript9
-rw-r--r--wscript_build18
-rw-r--r--wscript_build_embedded_heimdal1
-rw-r--r--wscript_build_system_heimdal1
-rw-r--r--wscript_configure_krb5187
6 files changed, 205 insertions, 191 deletions
diff --git a/source3/wscript b/source3/wscript
index ef415d08fd..46aa582748 100755
--- a/source3/wscript
+++ b/source3/wscript
@@ -542,186 +542,6 @@ msg.msg_acctrightslen = sizeof(fd);
conf.SET_TARGET_TYPE('ldap', 'EMPTY')
conf.SET_TARGET_TYPE('lber', 'EMPTY')
- # Check for kerberos
- have_gssapi=False
- if Options.options.with_mit_krb5_checks:
- Logs.info("Looking for kerberos features")
- conf.find_program('krb5-config', var='KRB5_CONFIG')
- if conf.env.KRB5_CONFIG:
- conf.check_cfg(path="krb5-config", args="--cflags --libs",
- package="gssapi", uselib_store="KRB5")
- conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
- conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h com_err.h', lib='krb5')
-
- if conf.CONFIG_SET('HAVE_KRB5_LOCATE_PLUGIN_H'):
- conf.env['WINBIND_KRB5_LOCATOR'] = 'bin/winbind_krb5_locator.so'
-
- conf.CHECK_FUNCS_IN('_et_list', 'com_err')
- conf.CHECK_FUNCS_IN('krb5_encrypt_data', 'k5crypto')
- conf.CHECK_FUNCS_IN('des_set_key','crypto')
- conf.CHECK_FUNCS_IN('copy_Authenticator', 'asn1')
- conf.CHECK_FUNCS_IN('roken_getaddrinfo_hostspec', 'roken')
- if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
- conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
- have_gssapi=True
- conf.CHECK_FUNCS_IN('''
- gss_wrap_iov
- gss_krb5_import_cred
- gss_get_name_attribute
- gss_mech_krb5
- gss_oid_equal
- gss_inquire_sec_context_by_oid
- gsskrb5_extract_authz_data_from_sec_context
- gss_krb5_export_lucid_sec_context
- ''', 'gssapi gssapi_krb5 krb5')
- conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
- conf.CHECK_FUNCS('''
-krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
-krb5_set_default_tgs_ktypes krb5_principal2salt
-krb5_c_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
-krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes
-krb5_get_default_in_tkt_etypes krb5_free_data_contents
-krb5_principal_get_comp_string krb5_free_unparsed_name
-krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init
-krb5_krbhst_get_addrinfo
-krb5_crypto_init krb5_crypto_destroy
-krb5_c_verify_checksum krb5_principal_compare_any_realm
-krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
-krb5_get_renewed_creds krb5_free_error_contents
-initialize_krb5_error_table krb5_get_init_creds_opt_alloc
-krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
-krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
-krb5_get_creds_opt_alloc krb5_get_creds_opt_set_impersonate krb5_get_creds
-krb5_get_credentials_for_user krb5_get_host_realm krb5_free_host_realm''',
- lib='krb5 k5crypto')
- conf.CHECK_DECLS('''krb5_get_credentials_for_user
- krb5_auth_con_set_req_cksumtype''',
- headers='krb5.h', always=True)
- conf.CHECK_VARIABLE('AP_OPTS_USE_SUBKEY', headers='krb5.h')
- conf.CHECK_VARIABLE('KV5M_KEYTAB', headers='krb5.h')
- conf.CHECK_VARIABLE('KRB5_KU_OTHER_CKSUM', headers='krb5.h')
- conf.CHECK_VARIABLE('KRB5_KEYUSAGE_APP_DATA_CKSUM', headers='krb5.h')
- conf.CHECK_VARIABLE('ENCTYPE_AES128_CTS_HMAC_SHA1_96', headers='krb5.h')
- conf.CHECK_VARIABLE('ENCTYPE_AES256_CTS_HMAC_SHA1_96', headers='krb5.h')
- conf.CHECK_DECLS('KRB5_PDU_NONE', reverse=True, headers='krb5.h')
- conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'key', headers='krb5.h',
- define='HAVE_KRB5_KEYTAB_ENTRY_KEY')
- conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'keyblock', headers='krb5.h',
- define='HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK')
- conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'magic', headers='krb5.h',
- define='HAVE_MAGIC_IN_KRB5_ADDRESS')
- conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'addrtype', headers='krb5.h',
- define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
- conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
- define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
-
- conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')
-
- conf.CHECK_CODE('''
-krb5_context ctx;
-krb5_get_init_creds_opt *opt = NULL;
-krb5_get_init_creds_opt_free(ctx, opt);
-''',
- 'KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT',
- headers='krb5.h', link=False,
- msg="Checking whether krb5_get_init_creds_opt_free takes a context argument")
- conf.CHECK_CODE('''
-const krb5_data *pkdata;
-krb5_context context;
-krb5_principal principal;
-pkdata = krb5_princ_component(context, principal, 0);
-''',
- 'HAVE_KRB5_PRINC_COMPONENT',
- headers='krb5.h', lib='krb5',
- msg="Checking whether krb5_princ_component is available")
-
- conf.CHECK_CODE('''
-int main(void) {
-char buf[256];
-krb5_enctype_to_string(1, buf, 256);
-return 0;
-}''',
- 'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG',
- headers='krb5.h', lib='krb5 k5crypto',
- addmain=False, cflags='-Werror',
- msg="Checking whether krb5_enctype_to_string takes size_t argument")
-
- conf.CHECK_CODE('''
-int main(void) {
-krb5_context context = NULL;
-char *str = NULL;
-krb5_enctype_to_string(context, 1, &str);
-if (str) free (str);
-return 0;
-}''',
- 'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG',
- headers='krb5.h stdlib.h', lib='krb5',
- addmain=False, cflags='-Werror',
- msg="Checking whether krb5_enctype_to_string takes krb5_context argument")
- conf.CHECK_CODE('''
-int main(void) {
-krb5_context ctx = NULL;
-krb5_principal princ = NULL;
-const char *str = krb5_princ_realm(ctx, princ)->data;
-return 0;
-}''',
- 'HAVE_KRB5_PRINC_REALM',
- headers='krb5.h', lib='krb5',
- addmain=False,
- msg="Checking whether the macro krb5_princ_realm is defined")
- conf.CHECK_CODE('''
-int main(void) {
- krb5_context context;
- krb5_principal principal;
- const char *realm; realm = krb5_principal_get_realm(context, principal);
- return 0;
-}''',
- 'HAVE_KRB5_PRINCIPAL_GET_REALM',
- headers='krb5.h', lib='krb5',
- addmain=False,
- msg="Checking whether krb5_principal_get_realm is defined")
- conf.CHECK_CODE('''
-krb5_enctype enctype;
-enctype = ENCTYPE_ARCFOUR_HMAC_MD5;
-''',
- '_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5',
- headers='krb5.h', lib='krb5',
- msg="Checking whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type definition is available");
- conf.CHECK_CODE('''
-krb5_keytype keytype;
-keytype = KEYTYPE_ARCFOUR_56;
-''',
- '_HAVE_KEYTYPE_ARCFOUR_56',
- headers='krb5.h', lib='krb5',
- msg="Checking whether the HAVE_KEYTYPE_ARCFOUR_56 key type definition is available");
- if conf.CONFIG_SET('_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and conf.CONFIG_SET('_HAVE_KEYTYPE_ARCFOUR_56'):
- conf.DEFINE('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5', '1')
-
- conf.CHECK_CODE('''
-krb5_enctype enctype;
-enctype = ENCTYPE_ARCFOUR_HMAC;
-''',
- 'HAVE_ENCTYPE_ARCFOUR_HMAC',
- headers='krb5.h', lib='krb5',
- msg="Checking whether the ENCTYPE_ARCFOUR_HMAC key type definition is available");
-
- conf.CHECK_CODE('''
-krb5_context context;
-krb5_keytab keytab;
-krb5_init_context(&context);
-return krb5_kt_resolve(context, "WRFILE:api", &keytab);
-''',
- 'HAVE_WRFILE_KEYTAB',
- headers='krb5.h', lib='krb5', execute=True,
- msg="Checking whether the WRFILE:-keytab is supported");
-
- # Check for KRB5_DEPRECATED handling
- conf.CHECK_CODE('''#define KRB5_DEPRECATED 1
-#include <krb5.h>''',
- 'HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER', addmain=False,
- link=False,
- msg="Checking for KRB5_DEPRECATED define taking an identifier")
-
if Options.options.with_ads:
use_ads=True
if not conf.CONFIG_SET('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and \
diff --git a/wscript b/wscript
index 15e1ce51bf..337643621c 100755
--- a/wscript
+++ b/wscript
@@ -84,7 +84,14 @@ def configure(conf):
conf.RECURSE('dynconfig')
conf.RECURSE('lib/ldb')
- if not os.getenv('USING_SYSTEM_KRB5'):
+ if Options.options.with_mit_krb5_checks:
+ conf.PROCESS_SEPARATE_RULE('krb5')
+ # Only process heimdal_build for non-MIT KRB5 builds
+ # When MIT KRB5 checks are done as above, conf.env.KRB5_VENDOR will be set
+ # to the lowcased output of 'krb5-config --vendor'.
+ # If it is not set or the output is 'heimdal', we are dealing with
+ # system-provided or embedded Heimdal build
+ if conf.CONFIG_GET('KRB5_VENDOR') in (None, 'heimdal'):
conf.RECURSE('source4/heimdal_build')
conf.RECURSE('source4/lib/tls')
conf.RECURSE('source4/ntvfs/sysdep')
diff --git a/wscript_build b/wscript_build
index ad790ca506..717d8b0a1a 100644
--- a/wscript_build
+++ b/wscript_build
@@ -95,7 +95,6 @@ bld.RECURSE('libcli/smb')
bld.RECURSE('libcli/util')
bld.RECURSE('libcli/cldap')
bld.RECURSE('lib/subunit/c')
-bld.RECURSE('source4/kdc')
bld.RECURSE('lib/smbconf')
bld.RECURSE('lib/async_req')
bld.RECURSE('libcli/security')
@@ -112,17 +111,16 @@ bld.RECURSE('libcli/registry')
bld.RECURSE('source4/lib/policy')
bld.RECURSE('libcli/named_pipe_auth')
-if bld.CONFIG_SET("USING_SYSTEM_KRB5"):
- if bld.CONFIG_SET("HEIMDAL_KRB5_CONFIG") and bld.CONFIG_SET("KRB5_CONFIG"):
- if bld.CONFIG_GET("HEIMDAL_KRB5_CONFIG") != bld.CONFIG_GET("KRB5_CONFIG"):
- # When both HEIMDAL_KRB5_CONFIG and KRB5_CONFIG are set and not equal,
- # it means one is Heimdal-specific (krb5-config.heimdal, for example)
- # and there is system heimdal
- bld.PROCESS_SEPARATE_RULE('system_heimdal')
+if bld.CONFIG_GET('KRB5_VENDOR') in (None, 'heimdal'):
+ if bld.CONFIG_GET("HEIMDAL_KRB5_CONFIG") and bld.CONFIG_GET("USING_SYSTEM_KRB5"):
+ # When both HEIMDAL_KRB5_CONFIG and KRB5_CONFIG are set and not equal,
+ # it means one is Heimdal-specific (krb5-config.heimdal, for example)
+ # and there is system heimdal
+ bld.PROCESS_SEPARATE_RULE('system_heimdal')
else:
- bld.PROCESS_SEPARATE_RULE('system_krb5')
+ bld.PROCESS_SEPARATE_RULE('embedded_heimdal')
else:
- bld.PROCESS_SEPARATE_RULE('embedded_heimdal')
+ bld.PROCESS_SEPARATE_RULE('system_mitkrb5')
bld.RECURSE('libcli/smbreadline')
bld.RECURSE('codepages')
diff --git a/wscript_build_embedded_heimdal b/wscript_build_embedded_heimdal
index 9b829d83c0..fec28bedf6 100644
--- a/wscript_build_embedded_heimdal
+++ b/wscript_build_embedded_heimdal
@@ -1,4 +1,5 @@
import Logs
Logs.info("\tSelected embedded Heimdal build")
+bld.RECURSE('source4/kdc')
bld.RECURSE('source4/heimdal_build')
diff --git a/wscript_build_system_heimdal b/wscript_build_system_heimdal
index 4ea8cd7351..8ec09b4783 100644
--- a/wscript_build_system_heimdal
+++ b/wscript_build_system_heimdal
@@ -1,4 +1,5 @@
import Logs
Logs.info("\tSelected system Heimdal build")
+bld.RECURSE('source4/kdc')
bld.RECURSE('source4/heimdal_build')
diff --git a/wscript_configure_krb5 b/wscript_configure_krb5
new file mode 100644
index 0000000000..2fb1c586fd
--- /dev/null
+++ b/wscript_configure_krb5
@@ -0,0 +1,187 @@
+import Logs, Options
+
+# Check for kerberos
+have_gssapi=False
+
+Logs.info("Looking for kerberos features")
+conf.find_program('krb5-config.heimdal', var='HEIMDAL_KRB5_CONFIG')
+conf.find_program('krb5-config', var='KRB5_CONFIG')
+if conf.env.KRB5_CONFIG:
+ conf.check_cfg(path="krb5-config", args="--cflags --libs",
+ package="gssapi", uselib_store="KRB5")
+ vendor = conf.cmd_and_log("%(path)s --vendor" % dict(path=conf.env.KRB5_CONFIG), dict())
+ conf.env.KRB5_VENDOR = vendor.strip().lower()
+ if conf.env.KRB5_VENDOR != 'heimdal':
+ conf.define('USING_SYSTEM_KRB5', 1)
+ del conf.env.HEIMDAL_KRB5_CONFIG
+
+conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
+conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h com_err.h', lib='krb5')
+
+if conf.CONFIG_SET('HAVE_KRB5_LOCATE_PLUGIN_H'):
+ conf.env['WINBIND_KRB5_LOCATOR'] = 'bin/winbind_krb5_locator.so'
+
+conf.CHECK_FUNCS_IN('_et_list', 'com_err')
+conf.CHECK_FUNCS_IN('krb5_encrypt_data', 'k5crypto')
+conf.CHECK_FUNCS_IN('des_set_key','crypto')
+conf.CHECK_FUNCS_IN('copy_Authenticator', 'asn1')
+conf.CHECK_FUNCS_IN('roken_getaddrinfo_hostspec', 'roken')
+if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
+ conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
+ have_gssapi=True
+conf.CHECK_FUNCS_IN('''
+ gss_wrap_iov
+ gss_krb5_import_cred
+ gss_get_name_attribute
+ gss_mech_krb5
+ gss_oid_equal
+ gss_inquire_sec_context_by_oid
+ gsskrb5_extract_authz_data_from_sec_context
+ gss_krb5_export_lucid_sec_context
+ ''', 'gssapi gssapi_krb5 krb5')
+conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
+conf.CHECK_FUNCS('''
+ krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
+ krb5_set_default_tgs_ktypes krb5_principal2salt
+ krb5_c_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
+ krb5_auth_con_setuseruserkey krb5_get_permitted_enctypes
+ krb5_get_default_in_tkt_etypes krb5_free_data_contents
+ krb5_principal_get_comp_string krb5_free_unparsed_name
+ krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init
+ krb5_krbhst_get_addrinfo
+ krb5_crypto_init krb5_crypto_destroy
+ krb5_c_verify_checksum krb5_principal_compare_any_realm
+ krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
+ krb5_get_renewed_creds krb5_free_error_contents
+ initialize_krb5_error_table krb5_get_init_creds_opt_alloc
+ krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
+ krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
+ krb5_get_creds_opt_alloc krb5_get_creds_opt_set_impersonate krb5_get_creds
+ krb5_get_credentials_for_user krb5_get_host_realm krb5_free_host_realm''',
+ lib='krb5 k5crypto')
+conf.CHECK_DECLS('''krb5_get_credentials_for_user
+ krb5_auth_con_set_req_cksumtype''',
+ headers='krb5.h', always=True)
+conf.CHECK_VARIABLE('AP_OPTS_USE_SUBKEY', headers='krb5.h')
+conf.CHECK_VARIABLE('KV5M_KEYTAB', headers='krb5.h')
+conf.CHECK_VARIABLE('KRB5_KU_OTHER_CKSUM', headers='krb5.h')
+conf.CHECK_VARIABLE('KRB5_KEYUSAGE_APP_DATA_CKSUM', headers='krb5.h')
+conf.CHECK_VARIABLE('ENCTYPE_AES128_CTS_HMAC_SHA1_96', headers='krb5.h')
+conf.CHECK_VARIABLE('ENCTYPE_AES256_CTS_HMAC_SHA1_96', headers='krb5.h')
+conf.CHECK_DECLS('KRB5_PDU_NONE', reverse=True, headers='krb5.h')
+conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'key', headers='krb5.h',
+ define='HAVE_KRB5_KEYTAB_ENTRY_KEY')
+conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'keyblock', headers='krb5.h',
+ define='HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK')
+conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'magic', headers='krb5.h',
+ define='HAVE_MAGIC_IN_KRB5_ADDRESS')
+conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'addrtype', headers='krb5.h',
+ define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
+conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
+ define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
+
+conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')
+
+conf.CHECK_CODE('''
+ krb5_context ctx;
+ krb5_get_init_creds_opt *opt = NULL;
+ krb5_get_init_creds_opt_free(ctx, opt);
+ ''',
+ 'KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT',
+ headers='krb5.h', link=False,
+ msg="Checking whether krb5_get_init_creds_opt_free takes a context argument")
+conf.CHECK_CODE('''
+ const krb5_data *pkdata;
+ krb5_context context;
+ krb5_principal principal;
+ pkdata = krb5_princ_component(context, principal, 0);
+ ''',
+ 'HAVE_KRB5_PRINC_COMPONENT',
+ headers='krb5.h', lib='krb5',
+ msg="Checking whether krb5_princ_component is available")
+
+conf.CHECK_CODE('''
+ int main(void) {
+ char buf[256];
+ krb5_enctype_to_string(1, buf, 256);
+ return 0;
+ }''',
+ 'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG',
+ headers='krb5.h', lib='krb5 k5crypto',
+ addmain=False, cflags='-Werror',
+ msg="Checking whether krb5_enctype_to_string takes size_t argument")
+
+conf.CHECK_CODE('''
+ int main(void) {
+ krb5_context context = NULL;
+ char *str = NULL;
+ krb5_enctype_to_string(context, 1, &str);
+ if (str) free (str);
+ return 0;
+ }''',
+ 'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG',
+ headers='krb5.h stdlib.h', lib='krb5',
+ addmain=False, cflags='-Werror',
+ msg="Checking whether krb5_enctype_to_string takes krb5_context argument")
+conf.CHECK_CODE('''
+ int main(void) {
+ krb5_context ctx = NULL;
+ krb5_principal princ = NULL;
+ const char *str = krb5_princ_realm(ctx, princ)->data;
+ return 0;
+ }''',
+ 'HAVE_KRB5_PRINC_REALM',
+ headers='krb5.h', lib='krb5',
+ addmain=False,
+ msg="Checking whether the macro krb5_princ_realm is defined")
+conf.CHECK_CODE('''
+ int main(void) {
+ krb5_context context;
+ krb5_principal principal;
+ const char *realm; realm = krb5_principal_get_realm(context, principal);
+ return 0;
+ }''',
+ 'HAVE_KRB5_PRINCIPAL_GET_REALM',
+ headers='krb5.h', lib='krb5',
+ addmain=False,
+ msg="Checking whether krb5_principal_get_realm is defined")
+conf.CHECK_CODE('''
+ krb5_enctype enctype;
+ enctype = ENCTYPE_ARCFOUR_HMAC_MD5;
+ ''',
+ '_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5',
+ headers='krb5.h', lib='krb5',
+ msg="Checking whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type definition is available");
+conf.CHECK_CODE('''
+ krb5_keytype keytype;
+ keytype = KEYTYPE_ARCFOUR_56;
+ ''',
+ '_HAVE_KEYTYPE_ARCFOUR_56',
+ headers='krb5.h', lib='krb5',
+ msg="Checking whether the HAVE_KEYTYPE_ARCFOUR_56 key type definition is available");
+if conf.CONFIG_SET('_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and conf.CONFIG_SET('_HAVE_KEYTYPE_ARCFOUR_56'):
+ conf.DEFINE('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5', '1')
+
+conf.CHECK_CODE('''
+ krb5_enctype enctype;
+ enctype = ENCTYPE_ARCFOUR_HMAC;
+ ''',
+ 'HAVE_ENCTYPE_ARCFOUR_HMAC',
+ headers='krb5.h', lib='krb5',
+ msg="Checking whether the ENCTYPE_ARCFOUR_HMAC key type definition is available");
+
+conf.CHECK_CODE('''
+ krb5_context context;
+ krb5_keytab keytab;
+ krb5_init_context(&context);
+ return krb5_kt_resolve(context, "WRFILE:api", &keytab);
+ ''',
+ 'HAVE_WRFILE_KEYTAB',
+ headers='krb5.h', lib='krb5', execute=True,
+ msg="Checking whether the WRFILE:-keytab is supported");
+# Check for KRB5_DEPRECATED handling
+conf.CHECK_CODE('''#define KRB5_DEPRECATED 1
+ #include <krb5.h>''',
+ 'HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER', addmain=False,
+ link=False,
+ msg="Checking for KRB5_DEPRECATED define taking an identifier")