From 476b7e3d43eadb9adc07587cb47ade03d7fc6f22 Mon Sep 17 00:00:00 2001 From: des Date: Mon, 23 Sep 2013 20:35:54 +0000 Subject: Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of a repeat performance by introducing a script that runs configure with and without Kerberos, diffs the result and generates krb5_config.h, which contains the preprocessor macros that need to be defined in the Kerberos case and undefined otherwise. Approved by: re (marius) --- crypto/openssh/FREEBSD-upgrade | 10 ++++++++-- crypto/openssh/config.h | 18 +++++++++--------- crypto/openssh/freebsd-configure.sh | 30 ++++++++++++++++++++++++++++++ crypto/openssh/krb5_config.h | 11 +++++++++++ crypto/openssh/ssh-gss.h | 6 +++--- crypto/openssh/sshd.c | 6 +++--- 6 files changed, 64 insertions(+), 17 deletions(-) create mode 100755 crypto/openssh/freebsd-configure.sh create mode 100644 crypto/openssh/krb5_config.h (limited to 'crypto') diff --git a/crypto/openssh/FREEBSD-upgrade b/crypto/openssh/FREEBSD-upgrade index 03b7dbf..2a3dc7f 100644 --- a/crypto/openssh/FREEBSD-upgrade +++ b/crypto/openssh/FREEBSD-upgrade @@ -3,7 +3,13 @@ FreeBSD maintainer's guide to OpenSSH-portable ============================================== -[needs rewriting for svn] +XXX +XXX this needs a complete rewrite +XXX svn merge from vendor branch, resolve conflicts manually +XXX (see FREEBSD-tricks for tips on how to reduce conflicts) +XXX run freebsd-configure.sh to generate config.h and krb5_config.h +XXX svn diff Makefile.in to see if the Makefiles need adjusting +XXX 0) Make sure your mail spool has plenty of free space. It'll fill up pretty fast once you're done with this checklist. @@ -116,7 +122,7 @@ B) Re-commit everything on repoman (you *did* use a test repo for This port was brought to you by (in no particular order) DARPA, NAI -Labs, ThinkSec, Nescafé, the Aberlour Glenlivet Distillery Co., +Labs, ThinkSec, NescafĂ©, the Aberlour Glenlivet Distillery Co., Suzanne Vega, and a Sanford's #69 Deluxe Marker. -- des@FreeBSD.org diff --git a/crypto/openssh/config.h b/crypto/openssh/config.h index cc3d1e7..ad1d852 100644 --- a/crypto/openssh/config.h +++ b/crypto/openssh/config.h @@ -157,7 +157,7 @@ /* #undef GLOB_HAS_GL_STATV */ /* Define this if you want GSSAPI support in the version 2 protocol */ -#define GSSAPI 1 +/* #undef GSSAPI */ /* Define if you want to use shadow password expire field */ /* #undef HAS_SHADOW_EXPIRE */ @@ -271,7 +271,7 @@ /* Define to 1 if you have the declaration of `GSS_C_NT_HOSTBASED_SERVICE', and to 0 if you don't. */ -#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE 1 +/* #undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE */ /* Define to 1 if you have the declaration of `howmany', and to 0 if you don't. */ @@ -535,10 +535,10 @@ /* #undef HAVE_GSSAPI_GSSAPI_GENERIC_H */ /* Define to 1 if you have the header file. */ -#define HAVE_GSSAPI_GSSAPI_H 1 +/* #undef HAVE_GSSAPI_GSSAPI_H */ /* Define to 1 if you have the header file. */ -#define HAVE_GSSAPI_GSSAPI_KRB5_H 1 +/* #undef HAVE_GSSAPI_GSSAPI_KRB5_H */ /* Define to 1 if you have the header file. */ /* #undef HAVE_GSSAPI_H */ @@ -601,13 +601,13 @@ #define HAVE_ISBLANK 1 /* Define to 1 if you have the `krb5_cc_new_unique' function. */ -#define HAVE_KRB5_CC_NEW_UNIQUE 1 +/* #undef HAVE_KRB5_CC_NEW_UNIQUE */ /* Define to 1 if you have the `krb5_free_error_message' function. */ -#define HAVE_KRB5_FREE_ERROR_MESSAGE 1 +/* #undef HAVE_KRB5_FREE_ERROR_MESSAGE */ /* Define to 1 if you have the `krb5_get_error_message' function. */ -#define HAVE_KRB5_GET_ERROR_MESSAGE 1 +/* #undef HAVE_KRB5_GET_ERROR_MESSAGE */ /* Define to 1 if you have the header file. */ /* #undef HAVE_LASTLOG_H */ @@ -1310,7 +1310,7 @@ #define HAVE___func__ 1 /* Define this if you are using the Heimdal version of Kerberos V5 */ -#define HEIMDAL 1 +/* #undef HEIMDAL */ /* Define if you need to use IP address instead of hostname in $DISPLAY */ /* #undef IPADDR_IN_DISPLAY */ @@ -1322,7 +1322,7 @@ /* #undef IP_TOS_IS_BROKEN */ /* Define if you want Kerberos 5 support */ -#define KRB5 1 +/* #undef KRB5 */ /* Define if pututxline updates lastlog too */ /* #undef LASTLOG_WRITE_PUTUTXLINE */ diff --git a/crypto/openssh/freebsd-configure.sh b/crypto/openssh/freebsd-configure.sh new file mode 100755 index 0000000..8004880 --- /dev/null +++ b/crypto/openssh/freebsd-configure.sh @@ -0,0 +1,30 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +configure_args=" + --prefix=/usr + --sysconfdir=/etc/ssh + --with-pam + --with-tcp-wrappers + --with-libedit + --with-ssl-engine + --without-xauth +" + +set -e + +# generate config.h with krb5 and stash it +sh configure $configure_args --with-kerberos5 +mv config.log config.log.orig +mv config.h config.h.orig + +# generate config.h without krb5 +sh configure $configure_args --without-kerberos5 + +# extract the difference +echo '/* $Free''BSD$ */' > krb5_config.h +diff -u config.h.orig config.h | + sed -n '/^-#define/s/^-//p' | + grep -Ff /dev/stdin config.h.orig >> krb5_config.h diff --git a/crypto/openssh/krb5_config.h b/crypto/openssh/krb5_config.h new file mode 100644 index 0000000..af1f80b --- /dev/null +++ b/crypto/openssh/krb5_config.h @@ -0,0 +1,11 @@ +/* $FreeBSD$ */ +#define GSSAPI 1 +#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE 1 +#define HAVE_GSSAPI_GSSAPI_H 1 +#define HAVE_GSSAPI_GSSAPI_KRB5_H 1 +#define HAVE_GSSAPI_H 1 +#define HAVE_KRB5_CC_NEW_UNIQUE 1 +#define HAVE_KRB5_FREE_ERROR_MESSAGE 1 +#define HAVE_KRB5_GET_ERROR_MESSAGE 1 +#define HEIMDAL 1 +#define KRB5 1 diff --git a/crypto/openssh/ssh-gss.h b/crypto/openssh/ssh-gss.h index 077e13c..3fcc2d1 100644 --- a/crypto/openssh/ssh-gss.h +++ b/crypto/openssh/ssh-gss.h @@ -28,10 +28,10 @@ #ifdef GSSAPI -#ifdef HAVE_GSSAPI_H -#include -#elif defined(HAVE_GSSAPI_GSSAPI_H) +#if defined(HAVE_GSSAPI_GSSAPI_H) #include +#elif defined(HAVE_GSSAPI_H) +#include #endif #ifdef KRB5 diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 4bc1bd5..12b559e 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -88,10 +88,10 @@ __RCSID("$FreeBSD$"); #ifdef __FreeBSD__ #include -#if defined(GSSAPI) && defined(HAVE_GSSAPI_H) -#include -#elif defined(GSSAPI) && defined(HAVE_GSSAPI_GSSAPI_H) +#if defined(GSSAPI) && defined(HAVE_GSSAPI_GSSAPI_H) #include +#elif defined(GSSAPI) && defined(HAVE_GSSAPI_H) +#include #endif #endif -- cgit v1.1