From: Markus Moeller Date: Tue, 12 Jul 2011 05:54:58 +0000 (-0600) Subject: Bug 3195: kerberos_ldap_group will not build without kerberos X-Git-Tag: take08~55^2~73 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bec91ba0c3ebbe1009e121ca749ee1ecb1e7e2fd;p=thirdparty%2Fsquid.git Bug 3195: kerberos_ldap_group will not build without kerberos cleans up include file which does not require any gssapi headers and checks for kerberos availability. --- diff --git a/helpers/external_acl/kerberos_ldap_group/support.h b/helpers/external_acl/kerberos_ldap_group/support.h index 9a42ec3c54..a8342958de 100644 --- a/helpers/external_acl/kerberos_ldap_group/support.h +++ b/helpers/external_acl/kerberos_ldap_group/support.h @@ -28,24 +28,6 @@ #include #endif -#if HAVE_GSSAPI_GSSAPI_H -#include -#elif HAVE_GSSAPI_H -#include -#endif /* HAVE_GSSAPI_GSSAPI_H/HAVE_GSSAPI_H */ - -#if !HAVE_HEIMDAL_KERBEROS -#if HAVE_GSSAPI_GSSAPI_KRB5_H -#include -#endif -#if HAVE_GSSAPI_GSSAPI_GENERIC_H -#include -#endif -#if HAVE_GSSAPI_GSSAPI_EXT_H -#include -#endif -#endif - #if HAVE_KRB5_H #if HAVE_BROKEN_SOLARIS_KRB5_H #warn "Warning! You have a broken Solaris system header" @@ -71,10 +53,6 @@ extern "C" { #define error_message(code) krb5_get_err_text(kparam.context,code) #endif /* HAVE_COM_ERR_H */ -#ifndef gss_nt_service_name -#define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE -#endif - #define LDAP_DEPRECATED 1 #ifdef HAVE_LDAP_REBIND_FUNCTION #define LDAP_REFERRALS @@ -180,8 +158,10 @@ int create_gd(struct main_args *margs); int create_nd(struct main_args *margs); int create_ls(struct main_args *margs); +#ifdef HAVE_KRB5 int krb5_create_cache(struct main_args *margs, char *domain); void krb5_cleanup(void); +#endif int get_ldap_hostname_list(struct main_args *margs, struct hstruct **hlist, int nhosts, char *domain); int get_hostname_list(struct main_args *margs, struct hstruct **hlist, int nhosts, char *name); diff --git a/helpers/external_acl/kerberos_ldap_group/support_krb5.cc b/helpers/external_acl/kerberos_ldap_group/support_krb5.cc index 51865bb527..0495fc51f6 100644 --- a/helpers/external_acl/kerberos_ldap_group/support_krb5.cc +++ b/helpers/external_acl/kerberos_ldap_group/support_krb5.cc @@ -25,7 +25,7 @@ #include "config.h" #include "util.h" -#ifdef HAVE_LDAP +#if defined(HAVE_LDAP) && defined(HAVE_KRB5) #include "support.h" diff --git a/helpers/external_acl/kerberos_ldap_group/support_ldap.cc b/helpers/external_acl/kerberos_ldap_group/support_ldap.cc index f2a5fefbf4..d15baf69c8 100644 --- a/helpers/external_acl/kerberos_ldap_group/support_ldap.cc +++ b/helpers/external_acl/kerberos_ldap_group/support_ldap.cc @@ -833,11 +833,17 @@ get_memberof(struct main_args *margs, char *user, char *domain, char *group) if (domain) { debug((char *) "%s| %s: DEBUG: Setup Kerberos credential cache\n", LogTime(), PROGRAM); +#ifdef HAVE_KRB5 kc = krb5_create_cache(margs, domain); if (kc) { error((char *) "%s| %s: ERROR: Error during setup of Kerberos credential cache\n", LogTime(), PROGRAM); } +#else + kc = 1; + debug((char *) "%s| %s: DEBUG: Kerberos is not supported. Use username/passwaord with ldap url instead\n", LogTime(), PROGRAM); +#endif } + if (kc && (!margs->lurl || !margs->luser | !margs->lpass)) { /* * If Kerberos fails and no url given exit here @@ -1200,8 +1206,10 @@ get_memberof(struct main_args *margs, char *user, char *domain, char *group) } debug((char *) "%s| %s: DEBUG: Unbind ldap server\n", LogTime(), PROGRAM); cleanup: +#ifdef HAVE_KRB5 if (domain) krb5_cleanup(); +#endif if (lcreds) { if (lcreds->dn) xfree(lcreds->dn);