AC_CHECK_FUNC_EXT(krb5_princ_size, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_get_init_creds_opt_set_pac_request, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_get_renewed_creds, $KRB5_LIBS)
- AC_CHECK_FUNC_EXT(krb5_get_kdc_cred, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_free_error_contents, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(initialize_krb5_error_table, $KRB5_LIBS)
AC_CHECK_FUNC_EXT(krb5_get_init_creds_opt_alloc, $KRB5_LIBS)
use_ads=no
fi
+ if test x"$ac_cv_func_ext_krb5_get_renewed_creds" != x"yes"
+ then
+ AC_MSG_WARN(krb5_get_renewed_creds not found in -lkrb5)
+ use_ads=no
+ fi
+
if test x"$ac_cv_func_ext_krb5_principal2salt" != x"yes" -a \
x"$ac_cv_func_ext_krb5_get_pw_salt" != x"yes"
then
}
}
-#ifdef HAVE_KRB5_GET_RENEWED_CREDS /* MIT */
- {
- ret = krb5_get_renewed_creds(context, &creds, client, ccache, discard_const_p(char, service_string));
- if (ret) {
- DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
- goto done;
- }
- }
-#elif defined(HAVE_KRB5_GET_KDC_CRED) /* Heimdal */
- {
- krb5_kdc_flags flags;
- krb5_realm *client_realm = NULL;
-
- ret = krb5_copy_principal(context, client, &creds_in.client);
- if (ret) {
- goto done;
- }
-
- if (service_string) {
- ret = smb_krb5_parse_name(context, service_string, &creds_in.server);
- if (ret) {
- goto done;
- }
- } else {
- /* build tgt service by default */
- client_realm = krb5_princ_realm(context, creds_in.client);
- if (!client_realm) {
- ret = ENOMEM;
- goto done;
- }
- ret = krb5_make_principal(context, &creds_in.server, *client_realm, KRB5_TGS_NAME, *client_realm, NULL);
- if (ret) {
- goto done;
- }
- }
-
- flags.i = 0;
- flags.b.renewable = flags.b.renew = True;
-
- ret = krb5_get_kdc_cred(context, ccache, flags, NULL, NULL, &creds_in, &creds_out);
- if (ret) {
- DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
- goto done;
- }
-
- creds = *creds_out;
+ ret = krb5_get_renewed_creds(context, &creds, client, ccache, discard_const_p(char, service_string));
+ if (ret) {
+ DEBUG(10,("smb_krb5_renew_ticket: krb5_get_kdc_cred failed: %s\n", error_message(ret)));
+ goto done;
}
-#else
-#error NO_SUITABLE_KRB5_TICKET_RENEW_FUNCTION_AVAILABLE
-#endif
/* hm, doesn't that create a new one if the old one wasn't there? - Guenther */
ret = krb5_cc_initialize(context, ccache, client);
krb5_crypto_init krb5_crypto_destroy krb5_decode_ap_req free_AP_REQ
krb5_c_verify_checksum krb5_principal_compare_any_realm
krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
-krb5_get_renewed_creds krb5_get_kdc_cred krb5_free_error_contents
+krb5_get_renewed_creds krb5_free_error_contents
initialize_krb5_error_table krb5_get_init_creds_opt_alloc
krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
if not conf.CONFIG_SET('KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT'):
Logs.warn("krb5_get_init_creds_opt_free was not found or was too old in -lkrb5")
use_ads=False
+ if not conf.CONFIG_SET('HAVE_KRB5_GET_RENEWED_CREDS'):
+ Logs.warn("krb5_get_renewed_creds not found in -lkrb5")
+ use_ads=False
if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL2SALT') and \
not conf.CONFIG_SET('HAVE_KRB5_GET_PW_SALT'):
Logs.warn("no CREATE_KEY_FUNCTIONS detected")
conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_FREE', 1)
conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_GET_ERROR', 1)
conf.define('HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST', 1)
-conf.define('HAVE_KRB5_GET_KDC_CRED', 1)
conf.define('HAVE_KRB5_GET_PW_SALT', 1)
conf.define('HAVE_KRB5_GET_RENEWED_CREDS', 1)
conf.define('HAVE_KRB5_KEYBLOCK_KEYVALUE', 1)
git.samba.org / metze / samba / wip.git / commitdiff