From eb9e3e8a54aa7d6b805d280fd5586f9d1a2a094a Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Wed, 2 May 2012 12:24:34 -0400
Subject: auth-session: MIT doesn't have import/export cred yet

For now let's just loose this functionality with the MIT build.
gss_import/export_cred should be availa ble when MIT 1.11 is released and this
code is used only in some proxy scenario. Not normally needed for common
configurations.
---
 source4/auth/session.c                  | 8 +++++---
 source4/heimdal_build/wscript_configure | 2 ++
 wscript_configure_krb5                  | 1 +
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/source4/auth/session.c b/source4/auth/session.c
index 805659c5a4..de417cc54b 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -156,6 +156,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
 	return NT_STATUS_OK;
 }
 
+
 /* Fill out the auth_session_info with a cli_credentials based on the
  * auth_session_info we were forwarded over named pipe forwarding.
  *
@@ -169,7 +170,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 {
 	struct auth_session_info *session_info;
 	session_info = talloc_steal(mem_ctx, session_info_transport->session_info);
-
+#ifdef HAVE_GSS_IMPORT_CRED
 	if (session_info_transport->exported_gssapi_credentials.length) {
 		struct cli_credentials *creds;
 		OM_uint32 minor_status;
@@ -220,7 +221,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 						   CRED_MUST_USE_KERBEROS);
 
 	}
-
+#endif
 	return session_info;
 }
 
@@ -246,7 +247,7 @@ NTSTATUS auth_session_info_transport_from_session(TALLOC_CTX *mem_ctx,
 	if (!session_info_transport->session_info) {
 		return NT_STATUS_NO_MEMORY;
 	};
-
+#ifdef HAVE_GSS_EXPORT_CRED
 	if (session_info->credentials) {
 		struct gssapi_creds_container *gcc;
 		OM_uint32 gret;
@@ -280,6 +281,7 @@ NTSTATUS auth_session_info_transport_from_session(TALLOC_CTX *mem_ctx,
 			NT_STATUS_HAVE_NO_MEMORY(session_info_transport->exported_gssapi_credentials.data);
 		}
 	}
+#endif
 	*transport_out = session_info_transport;
 	return NT_STATUS_OK;
 }
diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure
index 8357f3aa42..a350a8bae9 100755
--- a/source4/heimdal_build/wscript_configure
+++ b/source4/heimdal_build/wscript_configure
@@ -87,6 +87,8 @@ conf.define('HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID', 1)
 conf.define('HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT', 1)
 conf.define('HAVE_GSSKRB5_GET_SUBKEY', 1)
 conf.define('HAVE_GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT', 1)
+conf.define('HAVE_GSS_IMPORT_CRED', 1)
+conf.define('HAVE_GSS_EXPORT_CRED', 1)
 conf.define('HAVE_LIBGSSAPI', 1)
 conf.define('HAVE_ADDR_TYPE_IN_KRB5_ADDRESS', 1)
 conf.define('HAVE_CHECKSUM_IN_KRB5_CHECKSUM', 1)
diff --git a/wscript_configure_krb5 b/wscript_configure_krb5
index 37f883e38e..4dbf2aee59 100644
--- a/wscript_configure_krb5
+++ b/wscript_configure_krb5
@@ -38,6 +38,7 @@ conf.CHECK_FUNCS_IN('''
        gss_inquire_sec_context_by_oid
        gsskrb5_extract_authz_data_from_sec_context
        gss_krb5_export_lucid_sec_context
+       gss_import_cred gss_export_cred
        ''', 'gssapi gssapi_krb5 krb5')
 conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
 conf.CHECK_FUNCS('''
-- 
cgit