wscript: Correctly determine dependencies for system Heimdal build

Previously, the call to CHECK_BUNDLED_SYSTEM() in
check_system_heimdal_lib() could have us pick up MIT Kerberos headers
when we should only be using system Heimdal headers. Now, we just
perform an explicit check for the functions we require, which should
avoid any use of the MIT libraries.

We also remove some library checks for Heimdal components that we don't
use directly, restricting the checks to only the functions we need.

Finally, we no longer need to recurse into third_party/heimdal_build
when performing a system Heimdal build.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/wscript_build_system_heimdal b/wscript_build_system_heimdal
index 1fc738ea69ccf9453411a7259620668beed190bf..16ed3ed9ed807dae385f47ff8a165252fca25296 100644 (file)
--- a/wscript_build_system_heimdal
+++ b/wscript_build_system_heimdal
@@ -1,4 +1,10 @@
 from waflib import Logs
 
 Logs.info("\tSelected system Heimdal build")
-bld.RECURSE('third_party/heimdal_build')
+
+# Alias subsystem to allow common kerberos code that will
+# otherwise link against MIT's gssapi_krb5 and k5crypto
+#
+# Note: that we also need this if we use system heimdal libraries
+bld.SAMBA_SUBSYSTEM('gssapi_krb5', '', deps='gssapi')
+bld.SAMBA_SUBSYSTEM('k5crypto', '', deps='krb5')

diff --git a/wscript_configure_system_heimdal b/wscript_configure_system_heimdal
index 6033dad08dcacf001dfa1413321dd352e89225a0..5dbb5e4b3f737ccb2f1467e2142cbe9b7087fde2 100644 (file)
--- a/wscript_configure_system_heimdal
+++ b/wscript_configure_system_heimdal
@@ -24,35 +24,20 @@ if krb5_config:
     finally:
         f.close()
 
-def check_system_heimdal_lib(name, functions='', headers='', onlyif=None):
+def check_system_heimdal_lib(name, functions='', headers=''):
     # Only use system library if the user requested the bundled one not be
     # used.
     if conf.LIB_MAY_BE_BUNDLED(name):
         return False
     setattr(conf.env, "CPPPATH_%s" % name.upper(), heimdal_includedirs)
     setattr(conf.env, "LIBPATH_%s" % name.upper(), heimdal_libdirs)
-    if not conf.CHECK_BUNDLED_SYSTEM(name, checkfunctions=functions, headers=headers,
-                                     onlyif=onlyif):
-        return False
-    conf.define('USING_SYSTEM_%s' % name.upper(), 1)
-    return True
-
-def check_system_heimdal_binary(name):
-    if conf.LIB_MAY_BE_BUNDLED(name):
-        return False
-    if not conf.find_program(name, var=name.upper()):
+    if not conf.CHECK_FUNCS_IN(functions, name, headers=headers, empty_decl=False, set_target=True):
         return False
     conf.define('USING_SYSTEM_%s' % name.upper(), 1)
     return True
 
 check_system_heimdal_lib("com_err", "com_right_r com_err", "com_err.h")
 
-if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"):
-    conf.env.CPPPATH_ROKEN_HOSTCC = conf.env.CPPPATH_ROKEN
-    conf.env.LIBPATH_ROKEN_HOSTCC = conf.env.LIBPATH_ROKEN
-    conf.env.LIB_ROKEN_HOSTCC = "roken"
-    conf.SET_TARGET_TYPE("ROKEN_HOSTCC", 'SYSLIB')
-
 # Make sure HAVE_CONFIG_H is unset, as the system Heimdal headers use it
 # and include config.h if it is set, resulting in failure (since config.h
 # doesn't yet exist)
@@ -62,23 +47,10 @@ conf.undefine("HAVE_CONFIG_H")
 while "HAVE_CONFIG_H=1" in conf.env.DEFINES:
     conf.env.DEFINES.remove("HAVE_CONFIG_H=1")
 try:
-    check_system_heimdal_lib("wind", "wind_stringprep", "wind.h", onlyif="roken")
-    check_system_heimdal_lib("hx509", "hx509_bitstring_print", "hx509.h", onlyif="roken wind")
-    check_system_heimdal_lib("asn1", "initialize_asn1_error_table", "asn1_err.h", onlyif="roken com_err")
-    check_system_heimdal_lib("heimbase", "heim_cmp", "heimbase.h", onlyif="roken")
-    check_system_heimdal_lib("hcrypto", "MD4_Init", "hcrypto/md4.h",
-        onlyif="asn1 roken com_err")
-    if check_system_heimdal_lib("krb5", "krb5_anyaddr", "krb5.h",
-        onlyif="roken wind asn1 hx509 hcrypto com_err heimbase"):
+    check_system_heimdal_lib("asn1", "decode_Ticket", "krb5_asn1.h")
+    if check_system_heimdal_lib("krb5", "krb5_anyaddr", "krb5.h"):
         conf.CHECK_FUNCS_IN('krb5_free_unparsed_name', 'krb5', headers="krb5.h")
-    check_system_heimdal_lib("gssapi", "gss_oid_to_name", "gssapi.h",
-        onlyif="hcrypto asn1 roken krb5 com_err wind")
-    check_system_heimdal_lib("heimntlm", "heim_ntlm_ntlmv2_key", "heimntlm.h",
-        onlyif="roken hcrypto krb5")
-    check_system_heimdal_lib("hdb", "hdb_db_dir", "krb5.h hdb.h",
-        onlyif="roken krb5 hcrypto com_err wind")
-    check_system_heimdal_lib("kdc", "kdc_log", "kdc.h",
-        onlyif="roken krb5 hdb asn1 heimntlm hcrypto com_err wind heimbase")
+    check_system_heimdal_lib("gssapi", "gss_oid_to_name", "gssapi.h")
 finally:
     conf.env.DEFINES = DEFINES
 
@@ -86,9 +58,6 @@ finally:
 #if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'):
 #    conf.define('USING_SYSTEM_TOMMATH', 1)
 
-check_system_heimdal_binary("compile_et")
-check_system_heimdal_binary("asn1_compile")
-
 conf.env.KRB5_VENDOR = 'heimdal'
 conf.define('USING_SYSTEM_KRB5', 1)
 conf.define('USING_SYSTEM_HEIMDAL', 1)