diff options
| author | Richard Levitte <levitte@openssl.org> | 2001-07-09 21:46:58 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2001-07-09 21:46:58 +0000 |
| commit | 2a1ef754358e35c8e86df903e0a2f92c35a550d0 (patch) | |
| tree | 6ac406a5043c584c2ce0912d35192c3c30376f67 /Configure | |
| parent | c148d7097811c18f277a8559753c770f4ff85771 (diff) | |
Patches from Vern Staats <staatsvr@asc.hpc.mil> to get Kerberos 5 in
SSL according to RFC 2712. His comment is:
This is a patch to openssl-SNAP-20010702 to support Kerberized SSL
authentication. I'm expecting to have the full kssl-0.5 kit up on
sourceforge by the end of the week. The full kit includes patches
for mod-ssl, apache, and a few text clients. The sourceforge URL
is http://sourceforge.net/projects/kssl/ .
Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ
message with a real KerberosWrapper struct. I think this is fully
RFC 2712 compliant now, including support for the optional
authenticator field. I also added openssl-style ASN.1 macros for
a few Kerberos structs; see crypto/krb5/ if you're interested.
Diffstat (limited to 'Configure')
| -rwxr-xr-x | Configure | 23 |
1 files changed, 21 insertions, 2 deletions
@@ -723,6 +723,7 @@ if ($no_krb5 } else { + my ($lresolv, $lpath, $lext); if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) { $withargs{"krb5-dir"} = "/usr/heimdal" @@ -732,7 +733,7 @@ else if $withargs{"krb5-lib"} eq ""; $cflags="-DKRB5_HEIMDAL $cflags"; } - if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]$/) + if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/) { $withargs{"krb5-dir"} = "/usr/kerberos" if $withargs{"krb5-dir"} eq ""; @@ -740,9 +741,27 @@ else "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto" if $withargs{"krb5-lib"} eq ""; $cflags="-DKRB5_MIT $cflags"; + $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//; + if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/) + { + $cflags="-DKRB5_MIT_OLD11 $cflags"; + } + } + LRESOLV: + foreach $lpath ("/lib", "/usr/lib") + { + foreach $lext ("a", "so") + { + $lresolv = "$lpath/libresolv.$lext"; + last LRESOLV if (-r "$lresolv"); + $lresolv = ""; + } } + $withargs{"krb5-lib"} .= " -lresolv" + if ("$lresolv"); $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" - if $withargs{"krb5-include"} eq "" && $withargs{"krb5-dir"} ne ""; + if $withargs{"krb5-include"} eq "" && + $withargs{"krb5-dir"} ne ""; } # The DSO code currently always implements all functions so that no |