* configure.ac: test for differences between the Heimdal and MIT Kerberos APIs

* src/krb5-auth-dialog.c: abstract out differences in how credential flags and realm names are stored. git-svn-id: http://svn.gnome.org/svn/krb5-auth-dialog/trunk@41 517b70f8-ed25-0410-8bf6-f5db08f7b76e
author: nalin <nalin@517b70f8-ed25-0410-8bf6-f5db08f7b76e> 2005-11-02 23:10:01 +0000
committer: nalin <nalin@517b70f8-ed25-0410-8bf6-f5db08f7b76e> 2005-11-02 23:10:01 +0000
commit: dad3cb195802282569999bface564bbc5d22a0f1 (patch)
tree: 1d3ba6da10419600d0e78930888fdf11bd5795d2
parent: b0b87bb0cd2ec02d562a4c091b64520e539b6e02 (diff)
3 files changed, 138 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index 00298f9..5fec10d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2005-11-02  Nalin Dahyabhai <nalin@redhat.com>
+
+	* configure.ac: test for differences between the Heimdal and MIT
+	Kerberos APIs
+	* src/krb5-auth-dialog.c: abstract out differences in how credential
+	flags and realm names are stored.
+
 2005-11-01  Christopher Aillon  <caillon@redhat.com>
 
 	* configure.ac: Release 0.4
diff --git a/configure.ac b/configure.ac
index 5c55243..52497b4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -28,11 +28,6 @@ PKG_CHECK_MODULES(GNOME,
 	libgnomeui-2.0 >= 2.4.0
 ])
 
-AC_ARG_WITH(heimdal, [ --with-heimdal ], with_heimdal="$withval", with_heimdal="no" )
-if test "x$with_heimdal" != "xno"; then
-	AC_DEFINE_UNQUOTED(HEIMDAL, "", "")
-fi
-
 AC_PATH_PROG([KRB5_CONFIG], krb5-config, none, $PATH:/usr/kerberos/bin)
 if test "x$KRB5_CONFIG" != "xnone"; then
    KRB5_LIBS="`${KRB5_CONFIG} --libs krb5`"
@@ -41,6 +36,46 @@ if test "x$KRB5_CONFIG" != "xnone"; then
    AC_SUBST(KRB5_LIBS)
 fi
 
+dnl Check for API differences between Heimdal and MIT Kerberos
+savedCFLAGS="$CFLAGS"
+CFLAGS="$KRB5_CFLAGS $CFLAGS"
+AC_CHECK_MEMBERS(krb5_creds.ticket_flags,,,[#include <krb5.h>])
+AC_CHECK_MEMBERS(krb5_creds.flags.b.forwardable,,,[#include <krb5.h>])
+AC_CHECK_MEMBERS(krb5_creds.flags.b.renewable,,,[#include <krb5.h>])
+AC_CHECK_MEMBERS(krb5_creds.flags.b.proxiable,,,[#include <krb5.h>])
+AC_CHECK_MEMBERS(krb5_creds.flags,,,[#include <krb5.h>])
+AC_CHECK_DECLS([KDC_OPT_FORWARDABLE,KDC_OPT_RENEWABLE,KDC_OPT_PROXIABLE])
+AC_CHECK_DECLS([TKT_FLG_FORWARDABLE,TKT_FLG_RENEWABLE,TKT_FLG_PROXIABLE])
+AC_MSG_CHECKING(if a krb5_principal->realm is a char*)
+AC_COMPILE_IFELSE([
+$ac_includes_default
+#include <krb5.h>
+#include <string.h>
+int
+main(int argc, char **argv)
+{
+	static krb5_principal foo;
+	return strlen(foo->realm);
+}],[AC_DEFINE(HAVE_KRB5_PRINCIPAL_REALM_AS_STRING,1,[Define if the realm of a krb5_principal is a char*])
+AC_MSG_RESULT(yes)],
+AC_MSG_RESULT(no))
+
+AC_MSG_CHECKING(if a krb5_principal->realm is a krb5_data)
+AC_COMPILE_IFELSE([
+$ac_includes_default
+#include <krb5.h>
+int
+main(int argc, char **argv)
+{
+	static krb5_principal foo;
+	static krb5_data bar;
+	foo->realm = bar;
+	return 0;
+}],[AC_DEFINE(HAVE_KRB5_PRINCIPAL_REALM_AS_DATA,1,[Define if the realm of a krb5_principal is a krb5_data])
+AC_MSG_RESULT(yes)],
+AC_MSG_RESULT(no))
+CFLAGS="$savedCFLAGS"
+
 dnl NetworkManager
 
 AC_MSG_CHECKING([whether to enable NetworkManager support])
diff --git a/src/krb5-auth-dialog.c b/src/krb5-auth-dialog.c
index 907531b..8852cc7 100644
--- a/src/krb5-auth-dialog.c
+++ b/src/krb5-auth-dialog.c
@@ -271,6 +271,66 @@ credentials_expiring (gpointer *data)
 	return TRUE;
 }
 
+#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(HAVE_DECL_TKT_FLG_FORWARDABLE)
+static int
+get_cred_forwardable(krb5_creds *creds)
+{
+	return creds->ticket_flags & TKT_FLG_FORWARDABLE;
+}
+#elif defined(HAVE_KRB5_CREDS_FLAGS_B_FORWARDABLE)
+static int
+get_cred_forwardable(krb5_creds *creds)
+{
+	return creds->flags.b.forwardable;
+}
+#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(HAVE_DECL_KDC_OPT_FORWARDABLE)
+static int
+get_cred_forwardable(krb5_creds *creds)
+{
+	return creds->flags & KDC_OPT_FORWARDABLE;
+}
+#endif
+
+#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(HAVE_DECL_TKT_FLG_RENEWABLE)
+static int
+get_cred_renewable(krb5_creds *creds)
+{
+	return creds->ticket_flags & TKT_FLG_RENEWABLE;
+}
+#elif defined(HAVE_KRB5_CREDS_FLAGS_B_RENEWABLE)
+static int
+get_cred_renewable(krb5_creds *creds)
+{
+	return creds->flags.b.renewable;
+}
+#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(HAVE_DECL_KDC_OPT_RENEWABLE)
+static int
+get_cred_renewable(krb5_creds *creds)
+{
+	return creds->flags & KDC_OPT_RENEWABLE;
+}
+#endif
+
+#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(HAVE_DECL_TKT_FLG_PROXIABLE)
+static int
+get_cred_proxiable(krb5_creds *creds)
+{
+	return creds->ticket_flags & TKT_FLG_PROXIABLE;
+}
+#elif defined(HAVE_KRB5_CREDS_FLAGS_B_PROXIABLE)
+static int
+get_cred_proxiable(krb5_creds *creds)
+{
+	return creds->flags.b.proxiable;
+}
+#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(HAVE_DECL_KDC_OPT_PROXIABLE)
+static int
+get_cred_proxiable(krb5_creds *creds)
+{
+	return creds->flags & KDC_OPT_PROXIABLE;
+}
+#endif
+
 static void
 set_options_using_creds(krb5_context context,
 			krb5_creds *creds,
@@ -279,11 +339,11 @@ set_options_using_creds(krb5_context context,
 	krb5_deltat renew_lifetime;
 	int flag;
 
-	flag = (creds->ticket_flags & TKT_FLG_FORWARDABLE) != 0;
+	flag = get_cred_forwardable(creds) != 0;
 	krb5_get_init_creds_opt_set_forwardable(opts, flag);
-	flag = (creds->ticket_flags & TKT_FLG_PROXIABLE) != 0;
+	flag = get_cred_proxiable(creds) != 0;
 	krb5_get_init_creds_opt_set_proxiable(opts, flag);
-	flag = (creds->ticket_flags & TKT_FLG_RENEWABLE) != 0;
+	flag = get_cred_renewable(creds) != 0;
 	if (flag && (creds->times.renew_till > creds->times.starttime)) {
 		renew_lifetime = creds->times.renew_till -
 				 creds->times.starttime;
@@ -363,6 +423,30 @@ out:
 	return retval;
 }
 
+#if defined(HAVE_KRB5_PRINCIPAL_REALM_AS_STRING)
+static size_t
+get_principal_realm_length(krb5_principal p)
+{
+	return strlen(p->realm);
+}
+static const char *
+get_principal_realm_data(krb5_principal p)
+{
+	return p->realm;
+}
+#elif defined(HAVE_KRB5_PRINCIPAL_REALM_AS_DATA)
+static size_t
+get_principal_realm_length(krb5_principal p)
+{
+	return p->realm.length;
+}
+static const char *
+get_principal_realm_data(krb5_principal p)
+{
+	return p->realm.data;
+}
+#endif
+
 static gboolean
 get_tgt_from_ccache (krb5_context context, krb5_creds *creds)
 {
@@ -380,12 +464,12 @@ get_tgt_from_ccache (krb5_context context, krb5_creds *creds)
 		{
 			memset(&tgt_principal, 0, sizeof(tgt_principal));
 			if (krb5_build_principal_ext(context, &tgt_principal,
-			                             principal->realm.length,
-			                             principal->realm.data,
+			                             get_principal_realm_length(principal),
+			                             get_principal_realm_data(principal),
 			                             KRB5_TGS_NAME_SIZE,
 			                             KRB5_TGS_NAME,
-			                             principal->realm.length,
-			                             principal->realm.data,
+			                             get_principal_realm_length(principal),
+			                             get_principal_realm_data(principal),
 			                             0) == 0) {
 				memset(creds, 0, sizeof(*creds));
 				memset(&mcreds, 0, sizeof(mcreds));
author	nalin <nalin@517b70f8-ed25-0410-8bf6-f5db08f7b76e>	2005-11-02 23:10:01 +0000
committer	nalin <nalin@517b70f8-ed25-0410-8bf6-f5db08f7b76e>	2005-11-02 23:10:01 +0000
commit	dad3cb195802282569999bface564bbc5d22a0f1 (patch)
tree	1d3ba6da10419600d0e78930888fdf11bd5795d2
parent	b0b87bb0cd2ec02d562a4c091b64520e539b6e02 (diff)