diff --git a/CMakeLists.txt b/CMakeLists.txt index a026b27b2..b1f89b487 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -657,9 +657,9 @@ set(SOXR_FEATURE_TYPE "OPTIONAL") set(SOXR_FEATURE_PURPOSE "codec") set(SOXR_FEATURE_DESCRIPTION "SOX audio resample library") -set(GSSAPI_FEATURE_TYPE "OPTIONAL") -set(GSSAPI_FEATURE_PURPOSE "auth") -set(GSSAPI_FEATURE_DESCRIPTION "add kerberos support") +set(KRB5_FEATURE_TYPE "OPTIONAL") +set(KRB5_FEATURE_PURPOSE "auth") +set(KRB5_FEATURE_DESCRIPTION "add kerberos support") if(WIN32) set(X11_FEATURE_TYPE "DISABLED") @@ -750,7 +750,7 @@ find_feature(LAME ${LAME_FEATURE_TYPE} ${LAME_FEATURE_PURPOSE} ${LAME_FEATURE_DE find_feature(FAAD2 ${FAAD2_FEATURE_TYPE} ${FAAD2_FEATURE_PURPOSE} ${FAAD2_FEATURE_DESCRIPTION}) find_feature(FAAC ${FAAC_FEATURE_TYPE} ${FAAC_FEATURE_PURPOSE} ${FAAC_FEATURE_DESCRIPTION}) find_feature(soxr ${SOXR_FEATURE_TYPE} ${SOXR_FEATURE_PURPOSE} ${SOXR_FEATURE_DESCRIPTION}) -find_feature(GSSAPI ${GSSAPI_FEATURE_TYPE} ${GSSAPI_FEATURE_PURPOSE} ${GSSAPI_FEATURE_DESCRIPTION}) +find_feature(KRB5 ${KRB5_FEATURE_TYPE} ${KRB5_FEATURE_PURPOSE} ${KRB5_FEATURE_DESCRIPTION}) if (WITH_OPENH264 AND NOT WITH_OPENH264_LOADING) option(WITH_OPENH264_LOADING "Use LoadLibrary to load openh264 at runtime" OFF) diff --git a/ci/cmake-preloads/config-debian-squeeze.txt b/ci/cmake-preloads/config-debian-squeeze.txt index 5f0bcfda7..b676c98ae 100644 --- a/ci/cmake-preloads/config-debian-squeeze.txt +++ b/ci/cmake-preloads/config-debian-squeeze.txt @@ -2,7 +2,7 @@ message("PRELOADING cache") set (WITH_MANPAGES OFF CACHE BOOL "man pages") set (CMAKE_BUILD_TYPE "Debug" CACHE STRING "build type") set (WITH_CUPS OFF CACHE BOOL "CUPS printing") -set (WITH_GSSAPI ON CACHE BOOL "Kerberos support") +set (WITH_KRB5 ON CACHE BOOL "Kerberos support") set (WITH_ALSA OFF CACHE BOOL "alsa audio") set (WITH_FFMPEG OFF CACHE BOOL "ffmepg support") set (WITH_XV OFF CACHE BOOL "xvideo support") diff --git a/ci/cmake-preloads/config-linux-all.txt b/ci/cmake-preloads/config-linux-all.txt index 9b1552fba..fd5edbaab 100644 --- a/ci/cmake-preloads/config-linux-all.txt +++ b/ci/cmake-preloads/config-linux-all.txt @@ -7,7 +7,7 @@ set (WITH_PULSE ON CACHE BOOL "pulse") set (WITH_CHANNELS ON CACHE BOOL "channels") set (WITH_CUPS ON CACHE BOOL "cups") set (WITH_WAYLAND ON CACHE BOOL "wayland") -set (WITH_GSSAPI OFF CACHE BOOL "Kerberos support") +set (WITH_KRB5 OFF CACHE BOOL "Kerberos support") set (WITH_PCSC ON CACHE BOOL "PCSC") set (WITH_JPEG ON CACHE BOOL "jpeg") set (WITH_GSTREAMER_0_10 ON CACHE BOOL "gstreamer") diff --git a/ci/cmake-preloads/config-ubuntu-1204.txt b/ci/cmake-preloads/config-ubuntu-1204.txt index 822f62121..61731b17d 100644 --- a/ci/cmake-preloads/config-ubuntu-1204.txt +++ b/ci/cmake-preloads/config-ubuntu-1204.txt @@ -2,7 +2,7 @@ message("PRELOADING cache") set (WITH_MANPAGES OFF CACHE BOOL "man pages") set (CMAKE_BUILD_TYPE "Debug" CACHE STRING "build type") set (WITH_CUPS OFF CACHE BOOL "CUPS printing") -set (WITH_GSSAPI ON CACHE BOOL "Kerberos support") +set (WITH_KRB5 ON CACHE BOOL "Kerberos support") set (WITH_ALSA OFF CACHE BOOL "alsa audio") set (WITH_FFMPEG OFF CACHE BOOL "ffmepg support") set (WITH_XV OFF CACHE BOOL "xvideo support") diff --git a/cmake/FindGSSAPI.cmake b/cmake/FindGSSAPI.cmake deleted file mode 100644 index 54d3070d3..000000000 --- a/cmake/FindGSSAPI.cmake +++ /dev/null @@ -1,453 +0,0 @@ -# - Try to find the GSS Kerberos libraries -# Once done this will define -# -# GSS_ROOT_DIR - Set this variable to the root installation of GSS -# GSS_ROOT_FLAVOUR - Set this variable to the flavour of Kerberos installation (MIT or Heimdal) -# -# Read-Only variables: -# GSS_FOUND - system has the Heimdal library -# GSS_FLAVOUR - "MIT" or "Heimdal" if anything found. -# GSS_INCLUDE_DIR - the Heimdal include directory -# GSS_LIBRARIES - The libraries needed to use GSS -# GSS_LINK_DIRECTORIES - Directories to add to linker search path -# GSS_LINKER_FLAGS - Additional linker flags -# GSS_COMPILER_FLAGS - Additional compiler flags -# GSS_VERSION - This is set to version advertised by pkg-config or read from manifest. -# In case the library is found but no version info availabe it'll be set to "unknown" - -set(_MIT_MODNAME mit-krb5-gssapi) -set(_HEIMDAL_MODNAME heimdal-gssapi) - -include(CheckIncludeFile) -include(CheckIncludeFiles) -include(CheckTypeSize) - -# export GSS_ROOT_FLAVOUR to use pkg-config system under UNIX -if(UNIX) - if(NOT "$ENV{GSS_ROOT_FLAVOUR} " STREQUAL " ") - string(REGEX MATCH "^[M|m]it$" MIT_FLAVOUR "$ENV{GSS_ROOT_FLAVOUR}") - if(NOT MIT_FLAVOUR) - string(REGEX MATCH "^MIT$" MIT_FLAVOUR "$ENV{GSS_ROOT_FLAVOUR}") - endif() - string(REGEX MATCH "^[H|h]eimdal$" HEIMDAL_FLAVOUR "$ENV{GSS_ROOT_FLAVOUR}") - if(NOT HEIMDAL_FLAVOUR) - string(REGEX MATCH "^HEIMDAL$" HEIMDAL_FLAVOUR "$ENV{GSS_ROOT_FLAVOUR}") - endif() - if(MIT_FLAVOUR) - set(GSS_FLAVOUR "MIT") - elseif(HEIMDAL_FLAVOUR) - set(GSS_FLAVOUR "Heimdal") - else() - message(SEND_ERROR "Kerberos flavour unknown ($ENV{GSS_ROOT_FLAVOUR}). Choose MIT or Heimdal.") - endif() - endif() -endif() - -set(_GSS_ROOT_HINTS - "${GSS_ROOT_DIR}" - "$ENV{GSS_ROOT_DIR}" -) - -# try to find library using system pkg-config if user did not specify root dir -if(UNIX) - if("$ENV{GSS_ROOT_DIR} " STREQUAL " ") - if(GSS_FLAVOUR) - find_package(PkgConfig QUIET) - if(GSS_FLAVOUR STREQUAL "MIT") - pkg_search_module(_GSS_PKG ${_MIT_MODNAME}) - else() - pkg_search_module(_GSS_PKG ${_HEIMDAL_MODNAME}) - endif() - - if("${_GSS_PKG_PREFIX} " STREQUAL " ") - if(NOT "$ENV{PKG_CONFIG_PATH} " STREQUAL " ") - list(APPEND _GSS_ROOT_HINTS "$ENV{PKG_CONFIG_PATH}") - else() - message(SEND_ERROR "pkg_search_module failed : try to set PKG_CONFIG_PATH to PREFIX_OF_KERBEROS/lib/pkgconfig") - endif() - else() - if($ENV{GSS_ROOT_FLAVOUR} STREQUAL "Heimdal") - string(FIND "${_GSS_PKG_PREFIX}" "heimdal" PKG_HEIMDAL_PREFIX_POSITION) - if(PKG_HEIMDAL_PREFIX_POSITION STREQUAL "-1") - message(WARNING "Try to set PKG_CONFIG_PATH to \"PREFIX_OF_KERBEROS/lib/pkgconfig\"") - else() - list(APPEND _GSS_ROOT_HINTS "${_GSS_PKG_PREFIX}") - endif() - else() - list(APPEND _GSS_ROOT_HINTS "${_GSS_PKG_PREFIX}") - endif() - endif() - else() - message(WARNING "export GSS_ROOT_FLAVOUR to use pkg-config") - endif() - endif() -elseif(WIN32) - list(APPEND _GSS_ROOT_HINTS "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos;InstallDir]") -endif() - -if(NOT GSS_FOUND) # not found by pkg-config. Let's take more traditional approach. - find_file(_GSS_CONFIGURE_SCRIPT - NAMES - "krb5-config" - HINTS - ${_GSS_ROOT_HINTS} - PATH_SUFFIXES - bin - NO_CMAKE_PATH - NO_CMAKE_ENVIRONMENT_PATH - ) - - # if not found in user-supplied directories, maybe system knows better - find_file(_GSS_CONFIGURE_SCRIPT - NAMES - "krb5-config" - PATH_SUFFIXES - bin - ) - - execute_process( - COMMAND ${_GSS_CONFIGURE_SCRIPT} "--vendor" - OUTPUT_VARIABLE _GSS_VENDOR - RESULT_VARIABLE _GSS_CONFIGURE_FAILED - ) - - if(NOT _GSS_CONFIGURE_FAILED) - string(STRIP "${_GSS_VENDOR}" _GSS_VENDOR) - if((GSS_FLAVOUR STREQUAL "Heimdal" AND NOT _GSS_VENDOR STREQUAL "Heimdal") - OR (GSS_FLAVOUR STREQUAL "MIT" AND NOT _GSS_VENDOR STREQUAL "Massachusetts Institute of Technology")) - message(SEND_ERROR "GSS vendor and GSS flavour are not matching : _GSS_VENDOR=${_GSS_VENDOR} ; GSS_FLAVOUR=${GSS_FLAVOUR}") - message(STATUS "Try to set the path to GSS root folder in the system variable GSS_ROOT_DIR") - endif() - else() - message(SEND_ERROR "GSS configure script failed to get vendor") - endif() - - # NOTE: fail to link Heimdal libraries using configure script due to limitations - # during Heimdal linking process. Then, we do it "manually". - if(NOT "${_GSS_CONFIGURE_SCRIPT} " STREQUAL " " AND GSS_FLAVOUR AND NOT _GSS_VENDOR STREQUAL "Heimdal") - execute_process( - COMMAND ${_GSS_CONFIGURE_SCRIPT} "--cflags" "gssapi" - OUTPUT_VARIABLE _GSS_CFLAGS - RESULT_VARIABLE _GSS_CONFIGURE_FAILED - ) - - if(NOT _GSS_CONFIGURE_FAILED) # 0 means success - # should also work in an odd case when multiple directories are given - string(STRIP "${_GSS_CFLAGS}" _GSS_CFLAGS) - string(REGEX REPLACE " +-I" ";" _GSS_CFLAGS "${_GSS_CFLAGS}") - string(REGEX REPLACE " +-([^I][^ \\t;]*)" ";-\\1" _GSS_CFLAGS "${_GSS_CFLAGS}") - - foreach(_flag ${_GSS_CFLAGS}) - if(_flag MATCHES "^-I.*") - string(REGEX REPLACE "^-I" "" _val "${_flag}") - list(APPEND _GSS_INCLUDE_DIR "${_val}") - else() - list(APPEND _GSS_COMPILER_FLAGS "${_flag}") - endif() - endforeach() - endif() - - if(_GSS_VENDOR STREQUAL "Massachusetts Institute of Technology") - execute_process( - COMMAND ${_GSS_CONFIGURE_SCRIPT} "--libs" "gssapi" - OUTPUT_VARIABLE _GSS_LIB_FLAGS - RESULT_VARIABLE _GSS_CONFIGURE_FAILED - ) - elseif(_GSS_VENDOR STREQUAL "Heimdal") - execute_process( - COMMAND ${_GSS_CONFIGURE_SCRIPT} "--deps --libs" "gssapi kafs" - OUTPUT_VARIABLE _GSS_LIB_FLAGS - RESULT_VARIABLE _GSS_CONFIGURE_FAILED - ) - else() - message(SEND_ERROR "Unknown vendor") - endif() - - if(NOT _GSS_CONFIGURE_FAILED) # 0 means success - # this script gives us libraries and link directories. We have to deal with it. - string(STRIP "${_GSS_LIB_FLAGS}" _GSS_LIB_FLAGS) - string(REGEX REPLACE " +-(L|l)" ";-\\1" _GSS_LIB_FLAGS "${_GSS_LIB_FLAGS}") - string(REGEX REPLACE " +-([^Ll][^ \\t;]*)" ";-\\1" _GSS_LIB_FLAGS "${_GSS_LIB_FLAGS}") - - foreach(_flag ${_GSS_LIB_FLAGS}) - if(_flag MATCHES "^-l.*") - string(REGEX REPLACE "^-l" "" _val "${_flag}") - list(APPEND _GSS_LIBRARIES "${_val}") - elseif(_flag MATCHES "^-L.*") - string(REGEX REPLACE "^-L" "" _val "${_flag}") - list(APPEND _GSS_LINK_DIRECTORIES "${_val}") - else() - list(APPEND _GSS_LINKER_FLAGS "${_flag}") - endif() - endforeach() - - endif() - - execute_process( - COMMAND ${_GSS_CONFIGURE_SCRIPT} "--version" - OUTPUT_VARIABLE _GSS_VERSION - RESULT_VARIABLE _GSS_CONFIGURE_FAILED - ) - - # older versions may not have the "--version" parameter. In this case we just don't care. - if(_GSS_CONFIGURE_FAILED) - set(_GSS_VERSION 0) - endif() - - else() # either there is no config script or we are on platform that doesn't provide one (Windows?) - if(_GSS_VENDOR STREQUAL "Massachusetts Institute of Technology") - find_path(_GSS_INCLUDE_DIR - NAMES - "gssapi/gssapi_generic.h" - HINTS - ${_GSS_ROOT_HINTS} - PATH_SUFFIXES - include - inc - ) - - if(_GSS_INCLUDE_DIR) # we've found something - set(CMAKE_REQUIRED_INCLUDES "${_GSS_INCLUDE_DIR}") - check_include_files( "gssapi/gssapi_generic.h;gssapi/gssapi_ext.h" _GSS_HAVE_MIT_HEADERS) - if(_GSS_HAVE_MIT_HEADERS) - set(GSS_FLAVOUR "MIT") - else() - message(SEND_ERROR "Try to set the Kerberos flavour (GSS_ROOT_FLAVOUR)") - endif() - elseif("$ENV{PKG_CONFIG_PATH} " STREQUAL " ") - message(WARNING "Try to set PKG_CONFIG_PATH to PREFIX_OF_KERBEROS/lib/pkgconfig") - endif() - elseif(_GSS_VENDOR STREQUAL "Heimdal") - find_path(_GSS_INCLUDE_DIR - NAMES - "gssapi/gssapi_spnego.h" - HINTS - ${_GSS_ROOT_HINTS} - PATHS - /usr/heimdal - /usr/local/heimdal - PATH_SUFFIXES - include - inc - ) - - if(_GSS_INCLUDE_DIR) # we've found something - set(CMAKE_REQUIRED_INCLUDES "${_GSS_INCLUDE_DIR}") - # prevent compiling the header - just check if we can include it - set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D__ROKEN_H__") - check_include_file( "roken.h" _GSS_HAVE_ROKEN_H) - check_include_file( "heimdal/roken.h" _GSS_HAVE_HEIMDAL_ROKEN_H) - if(_GSS_HAVE_ROKEN_H OR _GSS_HAVE_HEIMDAL_ROKEN_H) - set(GSS_FLAVOUR "Heimdal") - endif() - set(CMAKE_REQUIRED_DEFINITIONS "") - elseif("$ENV{PKG_CONFIG_PATH} " STREQUAL " ") - message(WARNING "Try to set PKG_CONFIG_PATH to PREFIX_OF_KERBEROS/lib/pkgconfig") - endif() - else() - message(SEND_ERROR "Kerberos vendor unknown (${_GSS_VENDOR})") - endif() - - # if we have headers, check if we can link libraries - if(GSS_FLAVOUR) - set(_GSS_LIBDIR_SUFFIXES "") - set(_GSS_LIBDIR_HINTS ${_GSS_ROOT_HINTS}) - get_filename_component(_GSS_CALCULATED_POTENTIAL_ROOT "${_GSS_INCLUDE_DIR}" PATH) - list(APPEND _GSS_LIBDIR_HINTS ${_GSS_CALCULATED_POTENTIAL_ROOT}) - - if(WIN32) - if(CMAKE_SIZEOF_VOID_P EQUAL 8) - list(APPEND _GSS_LIBDIR_SUFFIXES "lib/AMD64") - if(GSS_FLAVOUR STREQUAL "MIT") - set(_GSS_LIBNAME "gssapi64") - else() - set(_GSS_LIBNAME "libgssapi") - endif() - else() - list(APPEND _GSS_LIBDIR_SUFFIXES "lib/i386") - if(GSS_FLAVOUR STREQUAL "MIT") - set(_GSS_LIBNAME "gssapi32") - else() - set(_GSS_LIBNAME "libgssapi") - endif() - endif() - else() - list(APPEND _GSS_LIBDIR_SUFFIXES "lib;lib64;x86_64-linux-gnu") # those suffixes are not checked for HINTS - if(GSS_FLAVOUR STREQUAL "MIT") - set(_GSS_LIBNAME "gssapi_krb5") - set(_KRB5_LIBNAME "krb5") - set(_COMERR_LIBNAME "com_err") - set(_KRB5SUPPORT_LIBNAME "krb5support") - else() - set(_GSS_LIBNAME "gssapi") - set(_KRB5_LIBNAME "krb5") - set(_KAFS_LIBNAME "kafs") - set(_ROKEN_LIBNAME "roken") - endif() - endif() - - find_library(_GSS_LIBRARIES - NAMES - ${_GSS_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - - if(GSS_FLAVOUR STREQUAL "MIT") - find_library(_KRB5_LIBRARY - NAMES - ${_KRB5_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - find_library(_COMERR_LIBRARY - NAMES - ${_COMERR_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - find_library(_KRB5SUPPORT_LIBRARY - NAMES - ${_KRB5SUPPORT_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - list(APPEND _GSS_LIBRARIES ${_KRB5_LIBRARY} ${_KRB5SUPPORT_LIBRARY} ${_COMERR_LIBRARY}) - endif() - - if(GSS_FLAVOUR STREQUAL "Heimdal") - find_library(_KRB5_LIBRARY - NAMES - ${_KRB5_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - find_library(_KAFS_LIBRARY - NAMES - ${_KAFS_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - find_library(_ROKEN_LIBRARY - NAMES - ${_ROKEN_LIBNAME} - HINTS - ${_GSS_LIBDIR_HINTS} - PATH_SUFFIXES - ${_GSS_LIBDIR_SUFFIXES} - ) - list(APPEND _GSS_LIBRARIES ${_KRB5_LIBRARY} ${_KAFS_LIBRARY} ${_ROKEN_LIBRARY}) - endif() - endif() - - execute_process( - COMMAND ${_GSS_CONFIGURE_SCRIPT} "--version" - OUTPUT_VARIABLE _GSS_VERSION - RESULT_VARIABLE _GSS_CONFIGURE_FAILED - ) - - # older versions may not have the "--version" parameter. In this case we just don't care. - if(_GSS_CONFIGURE_FAILED) - set(_GSS_VERSION 0) - endif() - - endif() -else() - if(_GSS_PKG_${_MIT_MODNAME}_VERSION) - set(GSS_FLAVOUR "MIT") - set(_GSS_VERSION _GSS_PKG_${_MIT_MODNAME}_VERSION) - else() - set(GSS_FLAVOUR "Heimdal") - set(_GSS_VERSION _GSS_PKG_${_HEIMDAL_MODNAME}_VERSION) - endif() -endif() - -set(GSS_INCLUDE_DIR ${_GSS_INCLUDE_DIR}) -set(GSS_LIBRARIES ${_GSS_LIBRARIES}) -set(GSS_LINK_DIRECTORIES ${_GSS_LINK_DIRECTORIES}) -set(GSS_LINKER_FLAGS ${_GSS_LINKER_FLAGS}) -set(GSS_COMPILER_FLAGS ${_GSS_COMPILER_FLAGS}) -set(GSS_VERSION ${_GSS_VERSION}) - -if(GSS_FLAVOUR) - if(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "Heimdal") - if(CMAKE_SIZEOF_VOID_P EQUAL 8) - set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.amd64.manifest") - else() - set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.x86.manifest") - endif() - if(EXISTS "${GSS_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}") - file(STRINGS "${GSS_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}" heimdal_version_str - REGEX "^.*version=\"[0-9]\\.[^\"]+\".*$") - - string(REGEX MATCH "[0-9]\\.[^\"]+" - GSS_VERSION "${heimdal_version_str}") - endif() - if(NOT GSS_VERSION) - set(GSS_VERSION "Heimdal Unknown") - endif() - elseif(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "MIT") - get_filename_component(_MIT_VERSION "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos\\SDK\\CurrentVersion;VersionString]" NAME CACHE) - if(WIN32 AND _MIT_VERSION) - set(GSS_VERSION "${_MIT_VERSION}") - else() - set(GSS_VERSION "MIT Unknown") - endif() - endif() -endif() - -include(FindPackageHandleStandardArgs) - -set(_GSS_REQUIRED_VARS GSS_LIBRARIES GSS_FLAVOUR) - -find_package_handle_standard_args(GSS - REQUIRED_VARS - ${_GSS_REQUIRED_VARS} - VERSION_VAR - GSS_VERSION - FAIL_MESSAGE - "Could NOT find GSS, try to set the path to GSS root folder in the system variable GSS_ROOT_DIR" -) - -if(GSS_FLAVOUR STREQUAL "MIT") - string(STRIP "${GSS_VERSION}" GSS_VERSION) - string(SUBSTRING ${GSS_VERSION} 19 -1 GSS_RELEASE_NUMBER) - string(REGEX MATCH "([0-9]+)\\." GSS_VERSION_MAJOR ${GSS_RELEASE_NUMBER}) - string(REGEX REPLACE "\\." "" GSS_VERSION_MAJOR "${GSS_VERSION_MAJOR}") - string(REGEX MATCH "\\.([0-9]+)$" GSS_VERSION_MINOR ${GSS_RELEASE_NUMBER}) - if(NOT GSS_VERSION_MINOR) - string(REGEX MATCH "\\.([0-9]+)[-\\.]" GSS_VERSION_MINOR ${GSS_RELEASE_NUMBER}) - string(REGEX REPLACE "\\." "" GSS_VERSION_MINOR "${GSS_VERSION_MINOR}") - string(REGEX REPLACE "\\." "" GSS_VERSION_MINOR "${GSS_VERSION_MINOR}") - string(REGEX REPLACE "-" "" GSS_VERSION_MINOR "${GSS_VERSION_MINOR}") - string(REGEX MATCH "\\.([0-9]+)$" GSS_VERSION_PATCH "${GSS_RELEASE_NUMBER}") - string(REGEX REPLACE "\\." "" GSS_VERSION_PATCH "${GSS_VERSION_PATCH}") - if(NOT GSS_VERSION_PATCH) - set(GSS_VERSION_PATCH "0") - endif() - else() - string(REGEX REPLACE "\\." "" GSS_VERSION_MINOR "${GSS_VERSION_MINOR}") - set(GSS_VERSION_PATCH "0") - endif() - if(GSS_VERSION_MAJOR AND GSS_VERSION_MINOR) - string(COMPARE GREATER ${GSS_VERSION_MAJOR} 0 GSS_VERSION_1) - string(COMPARE GREATER ${GSS_VERSION_MINOR} 12 GSS_VERSION_1_13) - else() - message(SEND_ERROR "Failed to retrieved Kerberos version number") - endif() - message(STATUS "Located Kerberos ${GSS_VERSION_MAJOR}.${GSS_VERSION_MINOR}.${GSS_VERSION_PATCH}") -endif() - -mark_as_advanced(GSS_INCLUDE_DIR GSS_LIBRARIES) diff --git a/cmake/FindKRB5.cmake b/cmake/FindKRB5.cmake new file mode 100644 index 000000000..f1949a406 --- /dev/null +++ b/cmake/FindKRB5.cmake @@ -0,0 +1,439 @@ +# - Try to find the Kerberos libraries +# Once done this will define +# +# KRB_ROOT_DIR - Set this variable to the root installation of Kerberos +# KRB_ROOT_FLAVOUR - Set this variable to the flavour of Kerberos installation (MIT or Heimdal) +# +# Read-Only variables: +# KRB5_FOUND - system has the Heimdal library +# KRB5_FLAVOUR - "MIT" or "Heimdal" if anything found. +# KRB5_INCLUDE_DIR - the Heimdal include directory +# KRB5_LIBRARIES - The libraries needed to use Kerberos +# KRB5_LINK_DIRECTORIES - Directories to add to linker search path +# KRB5_LINKER_FLAGS - Additional linker flags +# KRB5_COMPILER_FLAGS - Additional compiler flags +# KRB5_VERSION - This is set to version advertised by pkg-config or read from manifest. +# In case the library is found but no version info availabe it'll be set to "unknown" + +set(_MIT_MODNAME mit-krb5) +set(_HEIMDAL_MODNAME heimdal-krb5) + +include(CheckIncludeFile) +include(CheckIncludeFiles) +include(CheckTypeSize) + +# export KRB_ROOT_FLAVOUR to use pkg-config system under UNIX +if(UNIX) + if(NOT "$ENV{KRB_ROOT_FLAVOUR} " STREQUAL " ") + string(REGEX MATCH "^[M|m]it$" MIT_FLAVOUR "$ENV{KRB_ROOT_FLAVOUR}") + if(NOT MIT_FLAVOUR) + string(REGEX MATCH "^MIT$" MIT_FLAVOUR "$ENV{KRB_ROOT_FLAVOUR}") + endif() + string(REGEX MATCH "^[H|h]eimdal$" HEIMDAL_FLAVOUR "$ENV{KRB_ROOT_FLAVOUR}") + if(NOT HEIMDAL_FLAVOUR) + string(REGEX MATCH "^HEIMDAL$" HEIMDAL_FLAVOUR "$ENV{KRB_ROOT_FLAVOUR}") + endif() + if(MIT_FLAVOUR) + set(KRB5_FLAVOUR "MIT") + elseif(HEIMDAL_FLAVOUR) + set(KRB5_FLAVOUR "Heimdal") + else() + message(SEND_ERROR "Kerberos flavour unknown ($ENV{KRB_ROOT_FLAVOUR}). Choose MIT or Heimdal.") + endif() + endif() +endif() + +set(_KRB5_ROOT_HINTS + "${KRB_ROOT_DIR}" + "$ENV{KRB_ROOT_DIR}" +) + +# try to find library using system pkg-config if user did not specify root dir +if(UNIX) + if("$ENV{KRB_ROOT_DIR} " STREQUAL " ") + if(KRB5_FLAVOUR) + find_package(PkgConfig QUIET) + if(KRB5_FLAVOUR STREQUAL "MIT") + pkg_search_module(_KRB5_PKG ${_MIT_MODNAME}) + else() + pkg_search_module(_KRB5_PKG ${_HEIMDAL_MODNAME}) + endif() + + if("${_KRB5_PKG_PREFIX} " STREQUAL " ") + if(NOT "$ENV{PKG_CONFIG_PATH} " STREQUAL " ") + list(APPEND _KRB5_ROOT_HINTS "$ENV{PKG_CONFIG_PATH}") + else() + message(SEND_ERROR "pkg_search_module failed : try to set PKG_CONFIG_PATH to PREFIX_OF_KERBEROS/lib/pkgconfig") + endif() + else() + if($ENV{KRB_ROOT_FLAVOUR} STREQUAL "Heimdal") + string(FIND "${_KRB5_PKG_PREFIX}" "heimdal" PKG_HEIMDAL_PREFIX_POSITION) + if(PKG_HEIMDAL_PREFIX_POSITION STREQUAL "-1") + message(WARNING "Try to set PKG_CONFIG_PATH to \"PREFIX_OF_KERBEROS/lib/pkgconfig\"") + else() + list(APPEND _KRB5_ROOT_HINTS "${_KRB5_PKG_PREFIX}") + endif() + else() + list(APPEND _KRB5_ROOT_HINTS "${_KRB5_PKG_PREFIX}") + endif() + endif() + else() + message(WARNING "export KRB_ROOT_FLAVOUR to use pkg-config") + endif() + endif() +elseif(WIN32) + list(APPEND _KRB5_ROOT_HINTS "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos;InstallDir]") +endif() + +if(NOT KRB5_FOUND) # not found by pkg-config. Let's take more traditional approach. + if(KRB5_FLAVOUR STREQUAL "MIT") + set(_KRB5_CONFIGURE_SCRIPT_SUFFIX ".mit") + elseif(KRB5_FLAVOUR STREQUAL "Heimdal") + set(_KRB5_CONFIGURE_SCRIPT_SUFFIX ".heimdal") + endif() + + find_file(_KRB5_CONFIGURE_SCRIPT + NAMES + "krb5-config${_KRB5_CONFIGURE_SCRIPT_SUFFIX}" + HINTS + ${_KRB5_ROOT_HINTS} + PATH_SUFFIXES + bin + NO_CMAKE_PATH + NO_CMAKE_ENVIRONMENT_PATH + ) + + # if not found in user-supplied directories, maybe system knows better + find_file(_KRB5_CONFIGURE_SCRIPT + NAMES + "krb5-config${_KRB5_CONFIGURE_SCRIPT_SUFFIX}" + PATH_SUFFIXES + bin + ) + + execute_process( + COMMAND ${_KRB5_CONFIGURE_SCRIPT} "--vendor" + OUTPUT_VARIABLE _KRB5_VENDOR + RESULT_VARIABLE _KRB5_CONFIGURE_FAILED + ) + + if(NOT _KRB5_CONFIGURE_FAILED) + string(STRIP "${_KRB5_VENDOR}" _KRB5_VENDOR) + if((KRB5_FLAVOUR STREQUAL "Heimdal" AND NOT _KRB5_VENDOR STREQUAL "Heimdal") + OR (KRB5_FLAVOUR STREQUAL "MIT" AND NOT _KRB5_VENDOR STREQUAL "Massachusetts Institute of Technology")) + message(SEND_ERROR "Kerberos vendor and Kerberos flavour are not matching : _KRB5_VENDOR=${_KRB5_VENDOR} ; KRB5_FLAVOUR=${KRB5_FLAVOUR}") + message(STATUS "Try to set the path to Kerberos root folder in the system variable KRB_ROOT_DIR") + endif() + else() + message(SEND_ERROR "Kerberos configure script failed to get vendor") + endif() + + # NOTE: fail to link Heimdal libraries using configure script due to limitations + # during Heimdal linking process. Then, we do it "manually". + if(NOT "${_KRB5_CONFIGURE_SCRIPT} " STREQUAL " " AND KRB5_FLAVOUR AND NOT _KRB5_VENDOR STREQUAL "Heimdal") + execute_process( + COMMAND ${_KRB5_CONFIGURE_SCRIPT} "--cflags" + OUTPUT_VARIABLE _KRB5_CFLAGS + RESULT_VARIABLE _KRB5_CONFIGURE_FAILED + ) + + if(NOT _KRB5_CONFIGURE_FAILED) # 0 means success + # should also work in an odd case when multiple directories are given + string(STRIP "${_KRB5_CFLAGS}" _KRB5_CFLAGS) + string(REGEX REPLACE " +-I" ";" _KRB5_CFLAGS "${_KRB5_CFLAGS}") + string(REGEX REPLACE " +-([^I][^ \\t;]*)" ";-\\1" _KRB5_CFLAGS "${_KRB5_CFLAGS}") + + foreach(_flag ${_KRB5_CFLAGS}) + if(_flag MATCHES "^-I.*") + string(REGEX REPLACE "^-I" "" _val "${_flag}") + list(APPEND _KRB5_INCLUDE_DIR "${_val}") + else() + list(APPEND _KRB5_COMPILER_FLAGS "${_flag}") + endif() + endforeach() + endif() + + if(_KRB5_VENDOR STREQUAL "Massachusetts Institute of Technology") + execute_process( + COMMAND ${_KRB5_CONFIGURE_SCRIPT} "--libs" + OUTPUT_VARIABLE _KRB5_LIB_FLAGS + RESULT_VARIABLE _KRB5_CONFIGURE_FAILED + ) + elseif(_KRB5_VENDOR STREQUAL "Heimdal") + execute_process( + COMMAND ${_KRB5_CONFIGURE_SCRIPT} "--deps --libs" + OUTPUT_VARIABLE _KRB5_LIB_FLAGS + RESULT_VARIABLE _KRB5_CONFIGURE_FAILED + ) + else() + message(SEND_ERROR "Unknown vendor") + endif() + + if(NOT _KRB5_CONFIGURE_FAILED) # 0 means success + # this script gives us libraries and link directories. We have to deal with it. + string(STRIP "${_KRB5_LIB_FLAGS}" _KRB5_LIB_FLAGS) + string(REGEX REPLACE " +-(L|l)" ";-\\1" _KRB5_LIB_FLAGS "${_KRB5_LIB_FLAGS}") + string(REGEX REPLACE " +-([^Ll][^ \\t;]*)" ";-\\1" _KRB5_LIB_FLAGS "${_KRB5_LIB_FLAGS}") + + foreach(_flag ${_KRB5_LIB_FLAGS}) + if(_flag MATCHES "^-l.*") + string(REGEX REPLACE "^-l" "" _val "${_flag}") + list(APPEND _KRB5_LIBRARIES "${_val}") + elseif(_flag MATCHES "^-L.*") + string(REGEX REPLACE "^-L" "" _val "${_flag}") + list(APPEND _KRB5_LINK_DIRECTORIES "${_val}") + else() + list(APPEND _KRB5_LINKER_FLAGS "${_flag}") + endif() + endforeach() + + endif() + + execute_process( + COMMAND ${_KRB5_CONFIGURE_SCRIPT} "--version" + OUTPUT_VARIABLE _KRB5_VERSION + RESULT_VARIABLE _KRB5_CONFIGURE_FAILED + ) + + # older versions may not have the "--version" parameter. In this case we just don't care. + if(_KRB5_CONFIGURE_FAILED) + set(_KRB5_VERSION 0) + endif() + + else() # either there is no config script or we are on platform that doesn't provide one (Windows?) + if(_KRB5_VENDOR STREQUAL "Massachusetts Institute of Technology") + find_path(_KRB5_INCLUDE_DIR + NAMES + "gssapi/gssapi_generic.h" + HINTS + ${_KRB5_ROOT_HINTS} + PATH_SUFFIXES + include + inc + ) + + if(_KRB5_INCLUDE_DIR) # we've found something + set(CMAKE_REQUIRED_INCLUDES "${_KRB5_INCLUDE_DIR}") + check_include_files( "krb5/krb5.h" _KRB5_HAVE_MIT_HEADERS) + if(_KRB5_HAVE_MIT_HEADERS) + set(KRB5_FLAVOUR "MIT") + else() + message(SEND_ERROR "Try to set the Kerberos flavour (KRB_ROOT_FLAVOUR)") + endif() + elseif("$ENV{PKG_CONFIG_PATH} " STREQUAL " ") + message(WARNING "Try to set PKG_CONFIG_PATH to PREFIX_OF_KERBEROS/lib/pkgconfig") + endif() + elseif(_KRB5_VENDOR STREQUAL "Heimdal") + find_path(_KRB5_INCLUDE_DIR + NAMES + "gssapi/gssapi_spnego.h" + HINTS + ${_KRB5_ROOT_HINTS} + PATHS + /usr/heimdal + /usr/local/heimdal + PATH_SUFFIXES + include + inc + ) + + if(_KRB5_INCLUDE_DIR) # we've found something + set(CMAKE_REQUIRED_INCLUDES "${_KRB5_INCLUDE_DIR}") + # prevent compiling the header - just check if we can include it + set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -D__ROKEN_H__") + check_include_file( "roken.h" _KRB5_HAVE_ROKEN_H) + check_include_file( "heimdal/roken.h" _KRB5_HAVE_HEIMDAL_ROKEN_H) + if(_KRB5_HAVE_ROKEN_H OR _KRB5_HAVE_HEIMDAL_ROKEN_H) + set(KRB5_FLAVOUR "Heimdal") + endif() + set(CMAKE_REQUIRED_DEFINITIONS "") + elseif("$ENV{PKG_CONFIG_PATH} " STREQUAL " ") + message(WARNING "Try to set PKG_CONFIG_PATH to PREFIX_OF_KERBEROS/lib/pkgconfig") + endif() + else() + message(SEND_ERROR "Kerberos vendor unknown (${_KRB5_VENDOR})") + endif() + + # if we have headers, check if we can link libraries + if(KRB5_FLAVOUR) + set(_KRB5_LIBDIR_SUFFIXES "") + set(_KRB5_LIBDIR_HINTS ${_KRB5_ROOT_HINTS}) + get_filename_component(_KRB5_CALCULATED_POTENTIAL_ROOT "${_KRB5_INCLUDE_DIR}" PATH) + list(APPEND _KRB5_LIBDIR_HINTS ${_KRB5_CALCULATED_POTENTIAL_ROOT}) + + if(WIN32) + if(CMAKE_SIZEOF_VOID_P EQUAL 8) + list(APPEND _KRB5_LIBDIR_SUFFIXES "lib/AMD64") + if(KRB5_FLAVOUR STREQUAL "MIT") + set(_KRB5_LIBNAME "krb5_64") + else() + set(_KRB5_LIBNAME "libkrb5") + endif() + else() + list(APPEND _KRB5_LIBDIR_SUFFIXES "lib/i386") + if(KRB5_FLAVOUR STREQUAL "MIT") + set(_KRB5_LIBNAME "krb5_32") + else() + set(_KRB5_LIBNAME "libkrb5") + endif() + endif() + else() + list(APPEND _KRB5_LIBDIR_SUFFIXES "lib;lib64;x86_64-linux-gnu") # those suffixes are not checked for HINTS + if(KRB5_FLAVOUR STREQUAL "MIT") + set(_KRB5_LIBNAME "krb5") + set(_COMERR_LIBNAME "com_err") + set(_KRB5SUPPORT_LIBNAME "krb5support") + else() + set(_KRB5_LIBNAME "krb5") + set(_ROKEN_LIBNAME "roken") + endif() + endif() + + if(KRB5_FLAVOUR STREQUAL "MIT") + find_library(_KRB5_LIBRARY + NAMES + ${_KRB5_LIBNAME} + HINTS + ${_KRB5_LIBDIR_HINTS} + PATH_SUFFIXES + ${_KRB5_LIBDIR_SUFFIXES} + ) + find_library(_COMERR_LIBRARY + NAMES + ${_COMERR_LIBNAME} + HINTS + ${_KRB5_LIBDIR_HINTS} + PATH_SUFFIXES + ${_KRB5_LIBDIR_SUFFIXES} + ) + find_library(_KRB5SUPPORT_LIBRARY + NAMES + ${_KRB5SUPPORT_LIBNAME} + HINTS + ${_KRB5_LIBDIR_HINTS} + PATH_SUFFIXES + ${_KRB5_LIBDIR_SUFFIXES} + ) + list(APPEND _KRB5_LIBRARIES ${_KRB5_LIBRARY} ${_KRB5SUPPORT_LIBRARY} ${_COMERR_LIBRARY}) + endif() + + if(KRB5_FLAVOUR STREQUAL "Heimdal") + find_library(_KRB5_LIBRARY + NAMES + ${_KRB5_LIBNAME} + HINTS + ${_KRB5_LIBDIR_HINTS} + PATH_SUFFIXES + ${_KRB5_LIBDIR_SUFFIXES} + ) + find_library(_ROKEN_LIBRARY + NAMES + ${_ROKEN_LIBNAME} + HINTS + ${_KRB5_LIBDIR_HINTS} + PATH_SUFFIXES + ${_KRB5_LIBDIR_SUFFIXES} + ) + list(APPEND _KRB5_LIBRARIES ${_KRB5_LIBRARY}) + endif() + endif() + + execute_process( + COMMAND ${_KRB5_CONFIGURE_SCRIPT} "--version" + OUTPUT_VARIABLE _KRB5_VERSION + RESULT_VARIABLE _KRB5_CONFIGURE_FAILED + ) + + # older versions may not have the "--version" parameter. In this case we just don't care. + if(_KRB5_CONFIGURE_FAILED) + set(_KRB5_VERSION 0) + endif() + + endif() +else() + if(_KRB5_PKG_${_MIT_MODNAME}_VERSION) + set(KRB5_FLAVOUR "MIT") + set(_KRB5_VERSION _KRB5_PKG_${_MIT_MODNAME}_VERSION) + else() + set(KRB5_FLAVOUR "Heimdal") + set(_KRB5_VERSION _KRB5_PKG_${_HEIMDAL_MODNAME}_VERSION) + endif() +endif() + +set(KRB5_INCLUDE_DIR ${_KRB5_INCLUDE_DIR}) +set(KRB5_LIBRARIES ${_KRB5_LIBRARIES}) +set(KRB5_LINK_DIRECTORIES ${_KRB5_LINK_DIRECTORIES}) +set(KRB5_LINKER_FLAGS ${_KRB5_LINKER_FLAGS}) +set(KRB5_COMPILER_FLAGS ${_KRB5_COMPILER_FLAGS}) +set(KRB5_VERSION ${_KRB5_VERSION}) + +if(KRB5_FLAVOUR) + if(NOT KRB5_VERSION AND KRB5_FLAVOUR STREQUAL "Heimdal") + if(CMAKE_SIZEOF_VOID_P EQUAL 8) + set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.amd64.manifest") + else() + set(HEIMDAL_MANIFEST_FILE "Heimdal.Application.x86.manifest") + endif() + if(EXISTS "${KRB5_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}") + file(STRINGS "${KRB5_INCLUDE_DIR}/${HEIMDAL_MANIFEST_FILE}" heimdal_version_str + REGEX "^.*version=\"[0-9]\\.[^\"]+\".*$") + + string(REGEX MATCH "[0-9]\\.[^\"]+" + KRB5_VERSION "${heimdal_version_str}") + endif() + if(NOT KRB5_VERSION) + set(KRB5_VERSION "Heimdal Unknown") + endif() + elseif(NOT KRB5_VERSION AND KRB5_FLAVOUR STREQUAL "MIT") + get_filename_component(_MIT_VERSION "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos\\SDK\\CurrentVersion;VersionString]" NAME CACHE) + if(WIN32 AND _MIT_VERSION) + set(KRB5_VERSION "${_MIT_VERSION}") + else() + set(KRB5_VERSION "MIT Unknown") + endif() + endif() +endif() + +include(FindPackageHandleStandardArgs) + +set(_KRB5_REQUIRED_VARS KRB5_LIBRARIES KRB5_FLAVOUR) + +find_package_handle_standard_args(KRB5 + REQUIRED_VARS + ${_KRB5_REQUIRED_VARS} + VERSION_VAR + KRB5_VERSION + FAIL_MESSAGE + "Could NOT find Kerberos, try to set the path to Kerberos root folder in the system variable KRB_ROOT_DIR" +) + +if(KRB5_FLAVOUR STREQUAL "MIT") + string(STRIP "${KRB5_VERSION}" KRB5_VERSION) + string(SUBSTRING ${KRB5_VERSION} 19 -1 KRB5_RELEASE_NUMBER) + string(REGEX MATCH "([0-9]+)\\." KRB5_VERSION_MAJOR ${KRB5_RELEASE_NUMBER}) + string(REGEX REPLACE "\\." "" KRB5_VERSION_MAJOR "${KRB5_VERSION_MAJOR}") + string(REGEX MATCH "\\.([0-9]+)$" KRB5_VERSION_MINOR ${KRB5_RELEASE_NUMBER}) + if(NOT KRB5_VERSION_MINOR) + string(REGEX MATCH "\\.([0-9]+)[-\\.]" KRB5_VERSION_MINOR ${KRB5_RELEASE_NUMBER}) + string(REGEX REPLACE "\\." "" KRB5_VERSION_MINOR "${KRB5_VERSION_MINOR}") + string(REGEX REPLACE "\\." "" KRB5_VERSION_MINOR "${KRB5_VERSION_MINOR}") + string(REGEX REPLACE "-" "" KRB5_VERSION_MINOR "${KRB5_VERSION_MINOR}") + string(REGEX MATCH "\\.([0-9]+)$" KRB5_VERSION_PATCH "${KRB5_RELEASE_NUMBER}") + string(REGEX REPLACE "\\." "" KRB5_VERSION_PATCH "${KRB5_VERSION_PATCH}") + if(NOT KRB5_VERSION_PATCH) + set(KRB5_VERSION_PATCH "0") + endif() + else() + string(REGEX REPLACE "\\." "" KRB5_VERSION_MINOR "${KRB5_VERSION_MINOR}") + set(KRB5_VERSION_PATCH "0") + endif() + if(KRB5_VERSION_MAJOR AND KRB5_VERSION_MINOR) + string(COMPARE GREATER ${KRB5_VERSION_MAJOR} 0 KRB5_VERSION_1) + string(COMPARE GREATER ${KRB5_VERSION_MINOR} 12 KRB5_VERSION_1_13) + else() + message(SEND_ERROR "Failed to retrieved Kerberos version number") + endif() + message(STATUS "Located Kerberos ${KRB5_VERSION_MAJOR}.${KRB5_VERSION_MINOR}.${KRB5_VERSION_PATCH}") +endif() + +mark_as_advanced(KRB5_INCLUDE_DIR KRB5_LIBRARIES) diff --git a/libfreerdp/core/CMakeLists.txt b/libfreerdp/core/CMakeLists.txt index 1f9a3d3f3..5b38e80bd 100644 --- a/libfreerdp/core/CMakeLists.txt +++ b/libfreerdp/core/CMakeLists.txt @@ -21,7 +21,7 @@ set(MODULE_PREFIX "FREERDP_CORE") freerdp_definition_add(-DEXT_PATH="${FREERDP_EXTENSION_PATH}") freerdp_include_directory_add(${OPENSSL_INCLUDE_DIR}) -freerdp_include_directory_add(${GSS_INCLUDE_DIR}) +freerdp_include_directory_add(${KRB5_INCLUDE_DIR}) set(${MODULE_PREFIX}_GATEWAY_DIR "gateway") diff --git a/packaging/flatpak/com.freerdp.FreeRDP.json b/packaging/flatpak/com.freerdp.FreeRDP.json index 6e2bc83e5..8d73afd4b 100644 --- a/packaging/flatpak/com.freerdp.FreeRDP.json +++ b/packaging/flatpak/com.freerdp.FreeRDP.json @@ -129,7 +129,7 @@ "-DCHANNEL_URBDRC:BOOL=ON", "-DBUILD_TESTING:BOOL=OFF", "-DWITH_MANPAGES:BOOL=OFF", - "-DWITH_GSSAPI:BOOL=OFF", + "-DWITH_KRB5:BOOL=OFF", "-DWITH_PCSC:BOOL=ON", "-DWITH_PKCS11:BOOL=ON", "-DWITH_SWSCALE:BOOL=ON", diff --git a/packaging/rpm/freerdp-nightly.spec b/packaging/rpm/freerdp-nightly.spec index f3945a68d..b5764ff14 100644 --- a/packaging/rpm/freerdp-nightly.spec +++ b/packaging/rpm/freerdp-nightly.spec @@ -123,7 +123,7 @@ cp %{_topdir}/SOURCES/source_version freerdp-nightly-%{version}/.source_version %if 0%{?fedora} < 21 || 0%{?rhel} < 8 -DWITH_WAYLAND=OFF \ %endif - -DWITH_GSSAPI=OFF \ + -DWITH_KRB5=OFF \ -DCHANNEL_URBDRC=ON \ -DCHANNEL_URBDRC_CLIENT=ON \ -DWITH_SERVER=ON \ diff --git a/winpr/CMakeLists.txt b/winpr/CMakeLists.txt index da99a7f3c..0737db22e 100644 --- a/winpr/CMakeLists.txt +++ b/winpr/CMakeLists.txt @@ -64,21 +64,21 @@ option(WITH_DEBUG_SYMBOLS "Pack debug symbols to installer" OFF) option(WITH_NATIVE_SSPI "Use native SSPI modules" ${NATIVE_SSPI}) option(WITH_SMARTCARD_INSPECT "Enable SmartCard API Inspector" OFF) option(WITH_DEBUG_MUTEX "Print mutex debug messages" ${DEFAULT_DEBUG_OPTION}) -option(WITH_GSSAPI "Compile support for kerberos authentication. (EXPERIMENTAL)" OFF) +option(WITH_KRB5 "Compile support for kerberos authentication. (EXPERIMENTAL)" OFF) option(WITH_INTERNAL_MD4 "Use compiled in md4 hash functions instead of OpenSSL/MBedTLS" OFF) option(WITH_INTERNAL_MD5 "Use compiled in md5 hash functions instead of OpenSSL/MBedTLS" OFF) -if ( (WITH_GSSAPI) AND (NOT GSS_FOUND)) - message(WARNING "-DWITH_GSSAPI=ON is set, but not GSSAPI implementation was found, disabling") -elseif(WITH_GSSAPI) - if(GSS_FLAVOUR STREQUAL "MIT") - add_definitions("-DWITH_GSSAPI -DWITH_GSSAPI_MIT") - if(GSS_VERSION_1_13) +if ( (WITH_KRB5) AND (NOT KRB5_FOUND)) + message(WARNING "-DWITH_KRB5=ON is set, but no kerberos implementation was found, disabling") +elseif(WITH_KRB5) + if(KRB5_FLAVOUR STREQUAL "MIT") + add_definitions("-DWITH_KRB5 -DWITH_KRB5_MIT") + if(KRB5_VERSION_1_13) add_definitions("-DHAVE_AT_LEAST_KRB_V1_13") endif() - include_directories(${_GSS_INCLUDE_DIR}) - elseif(GSS_FLAVOUR STREQUAL "Heimdal") - add_definitions("-DWITH_GSSAPI -DWITH_GSSAPI_HEIMDAL") - include_directories(${_GSS_INCLUDE_DIR}) + include_directories(${_KRB5_INCLUDE_DIR}) + elseif(KRB5_FLAVOUR STREQUAL "Heimdal") + add_definitions("-DWITH_KRB5 -DWITH_KRB5_HEIMDAL") + include_directories(${_KRB5_INCLUDE_DIR}) else() message(WARNING "Kerberos version not detected") endif() @@ -92,7 +92,7 @@ if(SSPI_DLL) endif() include(CMakeDependentOption) -CMAKE_DEPENDENT_OPTION(WITH_GSS_NO_NTLM_FALLBACK "Do not fall back to NTLM if no kerberos ticket available" OFF "WITH_GSSAPI" OFF) +CMAKE_DEPENDENT_OPTION(WITH_GSS_NO_NTLM_FALLBACK "Do not fall back to NTLM if no kerberos ticket available" OFF "WITH_KRB5" OFF) if (WITH_GSS_NO_NTLM_FALLBACK) add_definitions("-DWITH_GSS_NO_NTLM_FALLBACK") endif() diff --git a/winpr/libwinpr/sspi/CMakeLists.txt b/winpr/libwinpr/sspi/CMakeLists.txt index 757935d69..e62336b74 100644 --- a/winpr/libwinpr/sspi/CMakeLists.txt +++ b/winpr/libwinpr/sspi/CMakeLists.txt @@ -72,9 +72,9 @@ if(MBEDTLS_FOUND) winpr_library_add_private(${MBEDTLS_LIBRARIES}) endif() -if(GSS_FOUND) - winpr_include_directory_add(${GSS_INCLUDE_DIR}) - winpr_library_add_private(${GSS_LIBRARIES}) +if(KRB5_FOUND) + winpr_include_directory_add(${KRB5_INCLUDE_DIR}) + winpr_library_add_private(${KRB5_LIBRARIES}) endif() if(WIN32) diff --git a/winpr/libwinpr/sspi/Kerberos/kerberos.c b/winpr/libwinpr/sspi/Kerberos/kerberos.c index f2b5633e9..33c7a2aed 100644 --- a/winpr/libwinpr/sspi/Kerberos/kerberos.c +++ b/winpr/libwinpr/sspi/Kerberos/kerberos.c @@ -41,7 +41,7 @@ #include "kerberos.h" -#ifdef WITH_GSSAPI_HEIMDAL +#ifdef WITH_KRB5_HEIMDAL #include #endif @@ -76,7 +76,7 @@ const SecPkgInfoW KERBEROS_SecPkgInfoW = { KERBEROS_SecPkgInfoW_Comment /* Comment */ }; -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 enum KERBEROS_STATE { @@ -188,14 +188,14 @@ static INLINE void kerberos_set_krb_opts(krb5_context ctx, krb5_get_init_creds_o krb_settings->pkinitX509Anchors); } -#endif /* WITH_GSSAPI */ +#endif /* WITH_KRB5 */ static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA( SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 SEC_WINPR_KERBEROS_SETTINGS* krb_settings = NULL; KRB_CREDENTIALS* credentials = NULL; krb5_error_code rv = 0; @@ -310,7 +310,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA( kerberos_set_krb_opts(ctx, gic_opt, krb_settings); } -#ifdef WITH_GSSAPI_MIT +#ifdef WITH_KRB5_MIT krb5_get_init_creds_opt_set_out_ccache(ctx, gic_opt, ccache); krb5_get_init_creds_opt_set_in_ccache(ctx, gic_opt, ccache); #endif @@ -322,7 +322,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA( if ((rv = krb5_init_creds_get(ctx, creds_ctx))) goto cleanup; -#ifdef WITH_GSSAPI_HEIMDAL +#ifdef WITH_KRB5_HEIMDAL { krb5_creds creds; if ((rv = krb5_init_creds_get_creds(ctx, creds_ctx, &creds))) @@ -418,7 +418,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW( static SECURITY_STATUS SEC_ENTRY kerberos_FreeCredentialsHandle(PCredHandle phCredential) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CREDENTIALS* credentials; krb5_context ctx; @@ -451,7 +451,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW(PCredHandl ULONG ulAttribute, void* pBuffer) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 if (ulAttribute == SECPKG_CRED_ATTR_NAMES) { return SEC_E_OK; @@ -471,7 +471,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA(PCredHandl return kerberos_QueryCredentialsAttributesW(phCredential, ulAttribute, pBuffer); } -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 static BOOL kerberos_mk_tgt_token(SecBuffer* buf, int msg_type, char* sname, char* host, const krb5_data* ticket) @@ -668,7 +668,7 @@ fail: return FALSE; } -#endif /* WITH_GSSAPI */ +#endif /* WITH_KRB5 */ static BOOL kerberos_hash_channel_bindings(WINPR_DIGEST_CTX* md5, SEC_CHANNEL_BINDINGS* bindings) { @@ -717,7 +717,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextA( ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG* pfContextAttr, PTimeStamp ptsExpiry) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CREDENTIALS* credentials; KRB_CONTEXT* context; KRB_CONTEXT new_context = { 0 }; @@ -1010,7 +1010,7 @@ bad_token: goto cleanup; #else return SEC_E_UNSUPPORTED_FUNCTION; -#endif /* WITH_GSSAPI */ +#endif /* WITH_KRB5 */ } static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextW( @@ -1043,7 +1043,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_AcceptSecurityContext( ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG* pfContextAttr, PTimeStamp ptsExpity) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CREDENTIALS* credentials; KRB_CONTEXT* context; KRB_CONTEXT new_context = { 0 }; @@ -1257,7 +1257,7 @@ bad_token: goto cleanup; #else return SEC_E_UNSUPPORTED_FUNCTION; -#endif /* WITH_GSSAPI */ +#endif /* WITH_KRB5 */ } static KRB_CONTEXT* get_context(PCtxtHandle phContext) @@ -1273,7 +1273,7 @@ static KRB_CONTEXT* get_context(PCtxtHandle phContext) static SECURITY_STATUS SEC_ENTRY kerberos_DeleteSecurityContext(PCtxtHandle phContext) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CONTEXT* context = get_context(phContext); if (!context) return SEC_E_INVALID_HANDLE; @@ -1289,7 +1289,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_DeleteSecurityContext(PCtxtHandle phCo static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 if (!phContext) return SEC_E_INVALID_HANDLE; @@ -1376,7 +1376,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesX(PCredHandle void* pBuffer, ULONG cbBuffer, BOOL unicode) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CREDENTIALS* credentials; if (!phCredential) @@ -1449,7 +1449,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CONTEXT* context = get_context(phContext); PSecBuffer sig_buffer, data_buffer; char* header; @@ -1539,7 +1539,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG* pfQOP) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CONTEXT* context = get_context(phContext); PSecBuffer sig_buffer, data_buffer; krb5_key key; @@ -1642,7 +1642,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(PCtxtHandle phContext, static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 KRB_CONTEXT* context = get_context(phContext); PSecBuffer sig_buffer, data_buffer; krb5_key key; @@ -1717,7 +1717,7 @@ static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG* pfQOP) { -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 PSecBuffer sig_buffer, data_buffer; krb5_key key; krb5_keyusage usage; diff --git a/winpr/libwinpr/sspi/Kerberos/kerberos.h b/winpr/libwinpr/sspi/Kerberos/kerberos.h index 4e366c487..a52b00b7a 100644 --- a/winpr/libwinpr/sspi/Kerberos/kerberos.h +++ b/winpr/libwinpr/sspi/Kerberos/kerberos.h @@ -27,7 +27,7 @@ #include "../sspi.h" #include "../../log.h" -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 #include #endif diff --git a/winpr/libwinpr/sspi/Negotiate/negotiate.c b/winpr/libwinpr/sspi/Negotiate/negotiate.c index d509648e5..1636fcd5d 100644 --- a/winpr/libwinpr/sspi/Negotiate/negotiate.c +++ b/winpr/libwinpr/sspi/Negotiate/negotiate.c @@ -95,7 +95,7 @@ static const WinPrAsn1_OID kerberos_wrong_OID = { 9, (BYTE*)"\x2a\x86\x48\x82\xf7\x12\x01\x02\x02" }; static const WinPrAsn1_OID ntlm_OID = { 10, (BYTE*)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" }; -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 static const SecPkg SecPkgTable[] = { { KERBEROS_SSP_NAME, &KERBEROS_SecurityFunctionTableA, &KERBEROS_SecurityFunctionTableW }, { NTLM_SSP_NAME, &NTLM_SecurityFunctionTableA, &NTLM_SecurityFunctionTableW } diff --git a/winpr/libwinpr/sspi/sspi_gss.h b/winpr/libwinpr/sspi/sspi_gss.h index 42e85f0b5..8e089f9bc 100644 --- a/winpr/libwinpr/sspi/sspi_gss.h +++ b/winpr/libwinpr/sspi/sspi_gss.h @@ -25,7 +25,7 @@ #include #include -#ifdef WITH_GSSAPI +#ifdef WITH_KRB5 #include typedef krb5_data sspi_gss_data; #else