I merged all of these plus a few others except for 529 (added a
comment). Take a look at the commit logs. Attached is the diff from rc8.
I was able to find a desktop running a slightly older OS which still
allows me to build a distro (building docsrc/ fails on newer Fedora). I
will probably wait a day or two for people to review the current changes
and request others. I will be able to SSH to my build machine from my
hotel this weekend and will construct a final release and get it to my
colleagues for posting my Monday.
On 9/18/18 11:05 AM, Quanah Gibson-Mount wrote:
--On Tuesday, September 18, 2018 11:10 AM -0400 Ken Murchison
<murch@xxxxxxxxxxxx> wrote:
I want to get 2.1.27 released this week, but I'm not sure where we stand
with the GSSAPI stuff, and since I'm no longer at CMU, I don't have a
Kerberos infrastructure to test with.
So, I need someone to summarize the existing problem(s) and solution(s),
preferably with a pull request or patch.
Hi Ken,
On GSSAPI: There is no mechanism in Heimdal to allow for pulling the
SSF level for a Kerberos mechanism (only exists in MIT). I've opened
an issue on the Heimdal side for this, but I wouldn't hold the release
on this. I don't have an MIT environment, so someone else would need
to confirm the SSF bits (no more hard coded "56" with GSSAPI, for
example) are working correctly.
Otherwise, there are several pull requests fixing issues with building
the last RC:
<https://github.com/cyrusimap/cyrus-sasl/pull/532>
<https://github.com/cyrusimap/cyrus-sasl/pull/530>
<https://github.com/cyrusimap/cyrus-sasl/pull/529>
<https://github.com/cyrusimap/cyrus-sasl/pull/527>
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
--
Ken Murchison
Cyrus Development Team
FastMail US LLC
diff --git a/configure.ac b/configure.ac
index ac59f14..5452420 100644
--- a/configure.ac
+++ b/configure.ac
@@ -80,6 +80,7 @@ AC_ARG_ENABLE(cmulocal,
AC_ARG_ENABLE(sample,
[AC_HELP_STRING([--enable-sample],
[compile sample code [[yes]]])],
+ [],
enable_sample=yes)
AC_ARG_ENABLE(obsolete_cram_attr,
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index 2b02a52..6101158 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -149,4 +149,4 @@ passdss_init.c sasldb_init.c sql_init.c ldapdb_init.c
CLEANFILES=$(init_src)
${init_src}: $(srcdir)/makeinit.sh
- $(SHELL) $(srcdir)/makeinit.sh
+ $(SHELL) $(srcdir)/makeinit.sh $@
diff --git a/plugins/NTMakefile b/plugins/NTMakefile
index e42f5e5..3bf715a 100755
--- a/plugins/NTMakefile
+++ b/plugins/NTMakefile
@@ -119,9 +119,16 @@ OPENSSL_FLAGS= /I $(OPENSSL_INCLUDE)
OPENSSL_FLAGS=
!ENDIF
+!IF "$(GSSAPILIB)" == ""
+GSSAPILIB=gssapi32.lib
+!ENDIF
+
!IF "$(GSSAPI)" == "CyberSafe"
GSS_FLAGS= /I $(GSSAPI_INCLUDE) /D "HAVE_GSS_C_NT_HOSTBASED_SERVICE" /D "HAVE_GSS_C_NT_USER_NAME"
-GSS_LIBS=/libpath:$(GSSAPI_LIBPATH) gssapi32.lib
+GSS_LIBS=/libpath:$(GSSAPI_LIBPATH) $(GSSAPILIB)
+!ELSE IF "$(GSSAPI)" == "MITKerberos"
+GSS_FLAGS= /I $(GSSAPI_INCLUDE) /D "HAVE_GSS_C_NT_HOSTBASED_SERVICE" /D "HAVE_GSS_C_NT_USER_NAME"
+GSS_LIBS=/libpath:$(GSSAPI_LIBPATH) $(GSSAPILIB)
!ELSE
GSS_FLAGS=
GSS_LIBS=
diff --git a/plugins/makeinit.sh b/plugins/makeinit.sh
index cc65f7d..3131877 100644
--- a/plugins/makeinit.sh
+++ b/plugins/makeinit.sh
@@ -1,7 +1,9 @@
+plugin_init="$1"
# mechanism plugins
for mech in anonymous crammd5 digestmd5 scram gssapiv2 kerberos4 login ntlm otp passdss plain srp gs2; do
+ if [ ${plugin_init} = "${mech}_init.c" ];then
-echo "
+ echo "
#include <config.h>
#include <string.h>
@@ -43,13 +45,16 @@ BOOL APIENTRY DllMain( HANDLE hModule,
SASL_CLIENT_PLUG_INIT( $mech )
SASL_SERVER_PLUG_INIT( $mech )
-" > ${mech}_init.c
+" > ${mech}_init.c
+ echo "generating $1"
+ fi # End of `if [ ${plugin_init} = "${mech}_init.c" ];then'
done
# auxprop plugins
for auxprop in sasldb sql ldapdb; do
+ if [ ${plugin_init} = "${auxprop}_init.c" ];then
-echo "
+ echo "
#include <config.h>
#include <string.h>
@@ -86,8 +91,12 @@ BOOL APIENTRY DllMain( HANDLE hModule,
#endif
SASL_AUXPROP_PLUG_INIT( $auxprop )
-" > ${auxprop}_init.c
+" > ${auxprop}_init.c
+ echo "generating $1"
+ fi # End of `if [ ${plugin_init} = "${auxprop}_init.c" ];then'
done
# ldapdb is also a canon_user plugin
-echo "SASL_CANONUSER_PLUG_INIT( ldapdb )" >> ldapdb_init.c
+if [ ${plugin_init} = "ldapdb_init.c" ];then
+ echo "SASL_CANONUSER_PLUG_INIT( ldapdb )" >> ldapdb_init.c
+fi
diff --git a/sample/server.c b/sample/server.c
index 8637700..315d74d 100644
--- a/sample/server.c
+++ b/sample/server.c
@@ -85,8 +85,12 @@
#ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
#include <gssapi/gssapi.h>
+#ifndef KRB5_HEIMDAL
+#ifdef HAVE_GSSAPI_GSSAPI_EXT_H
#include <gssapi/gssapi_ext.h>
#endif
+#endif
+#endif
#include "common.h"
diff --git a/saslauthd/Makefile.am b/saslauthd/Makefile.am
index d7244be..864b29b 100644
--- a/saslauthd/Makefile.am
+++ b/saslauthd/Makefile.am
@@ -34,7 +34,7 @@ saslcache_SOURCES = saslcache.c
EXTRA_DIST = saslauthd.8 saslauthd.mdoc include \
getnameinfo.c getaddrinfo.c LDAP_SASLAUTHD
-AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_srcdir)/../include -I$(top_builddir)/common
+AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_builddir)/common -I$(top_srcdir)/common
DEFS = @DEFS@ -DSASLAUTHD_CONF_FILE_DEFAULT=\"@sysconfdir@/saslauthd.conf\" -I. -I$(srcdir) -I..
