From 7d378e9a116e47facf1f5a7d696e680c458ae843 Mon Sep 17 00:00:00 2001
From: Jim McDonough <jmcd@samba.org>
Date: Tue, 2 Sep 2003 18:31:41 +0000
Subject: Disable rc4-hmac on broken heimdal setups.  Pre-0.7 heimdal (or at
 least up to a very recent snapshot) has arcfour-hmac code that doesn't work
 with windows.  Love suggested detecting it via the existence of
 KEYTYPE_ARCFOUR_56 which only exists in working versions. (This used to be
 commit e039a61e51c50a1999ed8e375c4d5df8b622e310)

---
 source3/configure.in | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/source3/configure.in b/source3/configure.in
index a91dbf117d..b152f0b46c 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -2543,8 +2543,16 @@ if test x"$with_ads_support" != x"no"; then
       [krb5_enctype enctype; enctype = ENCTYPE_ARCFOUR_HMAC_MD5;],
       samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5=yes,
       samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5=no)])
-
-  if test x"$samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5" = x"yes"; then
+  AC_CACHE_CHECK([for KEYTYPE_ARCFOUR_56],
+                 samba_cv_HAVE_KEYTYPE_ARCFOUR_56,[
+    AC_TRY_COMPILE([#include <krb5.h>],
+      [krb5_keytype keytype; keytype = KEYTYPE_ARCFOUR_56;],
+      samba_cv_HAVE_KEYTYPE_ARCFOUR_56=yes,
+      samba_cv_HAVE_KEYTYPE_ARCFOUR_56=no)])
+# Heimdals with KEYTYPE_ARCFOUR but not KEYTYPE_ARCFOUR_56 are broken
+# w.r.t. arcfour and windows, so we must not enable it here
+  if test x"$samba_cv_HAVE_ENCTYPE_ARCFOUR_HMAC_MD5" = x"yes" -a\
+          x"$samba_cv_HAVE_KEYTYPE_ARCFOUR_56" = x"yes"; then
     AC_DEFINE(HAVE_ENCTYPE_ARCFOUR_HMAC_MD5,1,
               [Whether the ENCTYPE_ARCFOUR_HMAC_MD5 key type is available])
   fi
-- 
cgit