diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | acconfig.h | 5 | ||||
| -rw-r--r-- | configure.ac | 7 | ||||
| -rw-r--r-- | includes.h | 5 | ||||
| -rw-r--r-- | servconf.c | 4 | ||||
| -rw-r--r-- | session.c | 2 |
6 files changed, 23 insertions, 4 deletions
@@ -1,6 +1,8 @@ 20040105 - (dtucker) [contrib/ssh-copy-id] Bug #781: exit if ssh fails. Patch from cjwatson at debian.org. + - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c] + Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@ 20040102 - (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report from @@ -1648,4 +1650,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.3162 2004/01/04 21:16:34 dtucker Exp $ +$Id: ChangeLog,v 1.3163 2004/01/05 11:36:51 dtucker Exp $ @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.170 2004/01/02 07:02:44 djm Exp $ */ +/* $Id: acconfig.h,v 1.171 2004/01/05 11:36:52 dtucker Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -256,6 +256,9 @@ /* Define this if you are using the Heimdal version of Kerberos V5 */ #undef HEIMDAL +/* Define this if you want to use Heimdal's AFS support */ +#undef AFS + /* Define if you want S/Key support */ #undef SKEY diff --git a/configure.ac b/configure.ac index 9127489d..afc4ae9b 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.182 2004/01/02 07:01:31 djm Exp $ +# $Id: configure.ac,v 1.183 2004/01/05 11:36:52 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -2037,6 +2037,11 @@ AC_ARG_WITH(kerberos5, [ AC_MSG_RESULT(yes) AC_DEFINE(HEIMDAL) K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" + AC_SEARCH_LIBS(k_hasafs, kafs, + [ AC_DEFINE(AFS) + K5LIBS="-lkafs $K5LIBS" + ] + ) ], [ AC_MSG_RESULT(no) K5LIBS="-lkrb5 -lk5crypto -lcom_err" @@ -169,6 +169,11 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } # include <libutil.h> /* Openpty on FreeBSD at least */ #endif +#if defined(HEIMDAL) && defined(AFS) +# include <krb5.h> +# include <kafs.h> +#endif + #include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */ #include "defines.h" @@ -305,8 +305,12 @@ static struct { { "kerberosauthentication", sKerberosAuthentication }, { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, { "kerberosticketcleanup", sKerberosTicketCleanup }, +#ifdef AFS { "kerberosgetafstoken", sKerberosGetAFSToken }, #else + { "kerberosgetafstoken", sUnsupported }, +#endif +#else { "kerberosauthentication", sUnsupported }, { "kerberosorlocalpasswd", sUnsupported }, { "kerberosticketcleanup", sUnsupported }, @@ -1415,7 +1415,7 @@ do_child(Session *s, const char *command) */ environ = env; -#ifdef KRB5 +#if defined(HEIMDAL) && defined(AFS) /* * At this point, we check to see if AFS is active and if we have * a valid Kerberos 5 TGT. If so, it seems like a good idea to see |