#endif /* HAVE_E_DATA_POINTER_IN_KRB5_ERROR */
#ifndef HAVE_KRB5_CONST_PAC
-typedef krb5_pac krb5_const_pac;
+#ifdef KRB5_CONST_PAC_GET_BUFFER
+typedef const struct krb5_pac_data *krb5_const_pac;
+#else
+/*
+ * Certain Heimdal versions include a version of krb5_pac_get_buffer() that is
+ * unusable in certain cases, taking a krb5_pac when a krb5_const_pac may be all
+ * that we can supply. Furthermore, MIT Kerberos doesn't declare krb5_const_pac
+ * at all. In such cases, we must declare krb5_const_pac as a non-const typedef
+ * so that the build can succeed.
+ */
+typedef struct krb5_pac_data *krb5_const_pac;
+#endif
#endif
krb5_error_code smb_krb5_parse_name(krb5_context context,
--- /dev/null
+#!/usr/bin/env python
+
+# Check whether we have the krb5_const_pac type, if we aren't sure already.
+if conf.CONFIG_SET('HAVE_KRB5_CONST_PAC') or (
+ conf.CHECK_TYPE('krb5_const_pac',
+ headers='krb5.h',
+ lib='krb5')):
+ # If the type is available, check whether krb5_pac_get_buffer() accepts it
+ # as its second parameter, or whether it takes krb5_pac instead.
+ conf.CHECK_C_PROTOTYPE('krb5_pac_get_buffer',
+ 'krb5_error_code krb5_pac_get_buffer('
+ ' krb5_context context,'
+ ' krb5_const_pac p,'
+ ' uint32_t type,'
+ ' krb5_data *data)',
+ define='KRB5_CONST_PAC_GET_BUFFER',
+ headers='krb5.h',
+ lib='krb5')
conf.define('HAVE_DECL_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE', 0)
conf.define('HAVE_DECL_KRB5_GET_CREDENTIALS_FOR_USER', 0)
conf.define('HAVE_E_DATA_POINTER_IN_KRB5_ERROR', 1)
-conf.define('HAVE_KRB5_CONST_PAC', 1)
conf.define('HAVE_INITIALIZE_KRB5_ERROR_TABLE', 1)
conf.define('HAVE_KRB5_ADDRESSES', 1)
conf.define('HAVE_KRB5_AUTH_CON_SETKEY', 1)
if conf.CONFIG_SET('USING_EMBEDDED_HEIMDAL'):
conf.define('HAVE_KRB5_ADDLOG_FUNC_NEED_CONTEXT', 1)
+ conf.define('HAVE_KRB5_CONST_PAC', 1)
+ conf.define('KRB5_CONST_PAC_GET_BUFFER', 1)
else:
pass # TODO
conf.RECURSE('lib/socket')
conf.RECURSE('lib/mscat')
conf.RECURSE('packaging')
+ conf.RECURSE('lib/krb5_wrap')
conf.SAMBA_CHECK_UNDEFINED_SYMBOL_FLAGS()