Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of a

repeat performance by introducing a script that runs configure with and
without Kerberos, diffs the result and generates krb5_config.h, which
contains the preprocessor macros that need to be defined in the Kerberos
case and undefined otherwise.

Approved by:	re (marius)
This commit is contained in:
des 2013-09-23 20:35:54 +00:00
parent 6d86a0080b
commit 476b7e3d43
9 changed files with 76 additions and 21 deletions

View File

@ -3,7 +3,13 @@
FreeBSD maintainer's guide to OpenSSH-portable
==============================================
[needs rewriting for svn]
XXX
XXX this needs a complete rewrite
XXX svn merge from vendor branch, resolve conflicts manually
XXX (see FREEBSD-tricks for tips on how to reduce conflicts)
XXX run freebsd-configure.sh to generate config.h and krb5_config.h
XXX svn diff Makefile.in to see if the Makefiles need adjusting
XXX
0) Make sure your mail spool has plenty of free space. It'll fill up
pretty fast once you're done with this checklist.
@ -116,7 +122,7 @@ B) Re-commit everything on repoman (you *did* use a test repo for
This port was brought to you by (in no particular order) DARPA, NAI
Labs, ThinkSec, Nescafé, the Aberlour Glenlivet Distillery Co.,
Labs, ThinkSec, Nescafé, the Aberlour Glenlivet Distillery Co.,
Suzanne Vega, and a Sanford's #69 Deluxe Marker.
-- des@FreeBSD.org

View File

@ -157,7 +157,7 @@
/* #undef GLOB_HAS_GL_STATV */
/* Define this if you want GSSAPI support in the version 2 protocol */
#define GSSAPI 1
/* #undef GSSAPI */
/* Define if you want to use shadow password expire field */
/* #undef HAS_SHADOW_EXPIRE */
@ -271,7 +271,7 @@
/* Define to 1 if you have the declaration of `GSS_C_NT_HOSTBASED_SERVICE',
and to 0 if you don't. */
#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE 1
/* #undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE */
/* Define to 1 if you have the declaration of `howmany', and to 0 if you
don't. */
@ -535,10 +535,10 @@
/* #undef HAVE_GSSAPI_GSSAPI_GENERIC_H */
/* Define to 1 if you have the <gssapi/gssapi.h> header file. */
#define HAVE_GSSAPI_GSSAPI_H 1
/* #undef HAVE_GSSAPI_GSSAPI_H */
/* Define to 1 if you have the <gssapi/gssapi_krb5.h> header file. */
#define HAVE_GSSAPI_GSSAPI_KRB5_H 1
/* #undef HAVE_GSSAPI_GSSAPI_KRB5_H */
/* Define to 1 if you have the <gssapi.h> header file. */
/* #undef HAVE_GSSAPI_H */
@ -601,13 +601,13 @@
#define HAVE_ISBLANK 1
/* Define to 1 if you have the `krb5_cc_new_unique' function. */
#define HAVE_KRB5_CC_NEW_UNIQUE 1
/* #undef HAVE_KRB5_CC_NEW_UNIQUE */
/* Define to 1 if you have the `krb5_free_error_message' function. */
#define HAVE_KRB5_FREE_ERROR_MESSAGE 1
/* #undef HAVE_KRB5_FREE_ERROR_MESSAGE */
/* Define to 1 if you have the `krb5_get_error_message' function. */
#define HAVE_KRB5_GET_ERROR_MESSAGE 1
/* #undef HAVE_KRB5_GET_ERROR_MESSAGE */
/* Define to 1 if you have the <lastlog.h> header file. */
/* #undef HAVE_LASTLOG_H */
@ -1310,7 +1310,7 @@
#define HAVE___func__ 1
/* Define this if you are using the Heimdal version of Kerberos V5 */
#define HEIMDAL 1
/* #undef HEIMDAL */
/* Define if you need to use IP address instead of hostname in $DISPLAY */
/* #undef IPADDR_IN_DISPLAY */
@ -1322,7 +1322,7 @@
/* #undef IP_TOS_IS_BROKEN */
/* Define if you want Kerberos 5 support */
#define KRB5 1
/* #undef KRB5 */
/* Define if pututxline updates lastlog too */
/* #undef LASTLOG_WRITE_PUTUTXLINE */

View File

@ -0,0 +1,30 @@
#!/bin/sh
#
# $FreeBSD$
#
configure_args="
--prefix=/usr
--sysconfdir=/etc/ssh
--with-pam
--with-tcp-wrappers
--with-libedit
--with-ssl-engine
--without-xauth
"
set -e
# generate config.h with krb5 and stash it
sh configure $configure_args --with-kerberos5
mv config.log config.log.orig
mv config.h config.h.orig
# generate config.h without krb5
sh configure $configure_args --without-kerberos5
# extract the difference
echo '/* $Free''BSD$ */' > krb5_config.h
diff -u config.h.orig config.h |
sed -n '/^-#define/s/^-//p' |
grep -Ff /dev/stdin config.h.orig >> krb5_config.h

View File

@ -0,0 +1,11 @@
/* $FreeBSD$ */
#define GSSAPI 1
#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE 1
#define HAVE_GSSAPI_GSSAPI_H 1
#define HAVE_GSSAPI_GSSAPI_KRB5_H 1
#define HAVE_GSSAPI_H 1
#define HAVE_KRB5_CC_NEW_UNIQUE 1
#define HAVE_KRB5_FREE_ERROR_MESSAGE 1
#define HAVE_KRB5_GET_ERROR_MESSAGE 1
#define HEIMDAL 1
#define KRB5 1

View File

@ -28,10 +28,10 @@
#ifdef GSSAPI
#ifdef HAVE_GSSAPI_H
#include <gssapi.h>
#elif defined(HAVE_GSSAPI_GSSAPI_H)
#if defined(HAVE_GSSAPI_GSSAPI_H)
#include <gssapi/gssapi.h>
#elif defined(HAVE_GSSAPI_H)
#include <gssapi.h>
#endif
#ifdef KRB5

View File

@ -88,10 +88,10 @@ __RCSID("$FreeBSD$");
#ifdef __FreeBSD__
#include <resolv.h>
#if defined(GSSAPI) && defined(HAVE_GSSAPI_H)
#include <gssapi.h>
#elif defined(GSSAPI) && defined(HAVE_GSSAPI_GSSAPI_H)
#if defined(GSSAPI) && defined(HAVE_GSSAPI_GSSAPI_H)
#include <gssapi/gssapi.h>
#elif defined(GSSAPI) && defined(HAVE_GSSAPI_H)
#include <gssapi.h>
#endif
#endif

View File

@ -39,7 +39,7 @@ USEPRIVATELIB+= ldns
CFLAGS+= -I${SSHDIR} -include ssh_namespace.h
.if ${MK_KERBEROS_SUPPORT} != "no"
CFLAGS+= -DGSSAPI -DHAVE_GSSAPI_GSSAPI_H=1 -DKRB5 -DHEIMDAL
CFLAGS+= -include krb5_config.h
DPADD+= ${LIBGSSAPI} ${LIBKRB5} ${LIBHX509} ${LIBASN1} ${LIBCOM_ERR} ${LIBMD} ${LIBROKEN}
LDADD+= -lgssapi -lkrb5 -lhx509 -lasn1 -lcom_err -lmd -lroken
.endif
@ -58,3 +58,6 @@ LDADD+= -lcrypto -lcrypt -lz
.PATH: ${SSHDIR} ${SSHDIR}/openbsd-compat
${OBJS} ${POBJS} ${SOBJS}: ssh_namespace.h
.if ${MK_KERBEROS_SUPPORT} != "no"
${OBJS} ${POBJS} ${SOBJS}: krb5_config.h
.endif

View File

@ -27,7 +27,7 @@ USEPRIVATELIB+= ldns
.endif
.if ${MK_KERBEROS_SUPPORT} != "no"
CFLAGS+= -DGSSAPI -DHAVE_GSSAPI_GSSAPI_H=1 -DKRB5 -DHEIMDAL
CFLAGS+= -include krb5_config.h
DPADD+= ${LIBGSSAPI}
LDADD+= -lgssapi
.endif
@ -48,3 +48,6 @@ CFLAGS+= -DXAUTH_PATH=\"${LOCALBASE}/bin/xauth\"
.PATH: ${SSHDIR}
${OBJS} ${POBJS} ${SOBJS}: ssh_namespace.h
.if ${MK_KERBEROS_SUPPORT} != "no"
${OBJS} ${POBJS} ${SOBJS}: krb5_config.h
.endif

View File

@ -42,8 +42,7 @@ LDADD+= -lbsm
.endif
.if ${MK_KERBEROS_SUPPORT} != "no"
CFLAGS+= -DGSSAPI -DKRB5 -DHEIMDAL \
-DHAVE_GSSAPI_GSSAPI_H=1 -DHAVE_GSSAPI_GSSAPI_KRB5_H=1
CFLAGS+= -include krb5_config.h
DPADD+= ${LIBGSSAPI_KRB5} ${LIBGSSAPI} ${LIBKRB5} ${LIBHX509} ${LIBASN1} \
${LIBCOM_ERR} ${LIBROKEN} ${LIBWIND} ${LIBHEIMBASE} ${LIBHEIMIPCC}
LDADD+= -lgssapi_krb5 -lgssapi -lkrb5 -lhx509 -lasn1 \
@ -66,3 +65,6 @@ CFLAGS+= -DXAUTH_PATH=\"${LOCALBASE}/bin/xauth\"
.PATH: ${SSHDIR}
${OBJS} ${POBJS} ${SOBJS}: ssh_namespace.h
.if ${MK_KERBEROS_SUPPORT} != "no"
${OBJS} ${POBJS} ${SOBJS}: krb5_config.h
.endif