summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
diff options
context:
space:
mode:
authorRobbie Harwood (frozencemetery) <rharwood@club.cc.cmu.edu>2013-08-16 12:45:03 -0400
committerGreg Hudson <ghudson@mit.edu>2014-06-02 17:58:26 -0400
commitd0be57ac45ea639baa3cff0dd2108c34e834bfa7 (patch)
treea5b957d19f889e2790bb9449a34c36d08d2e5b85 /src/lib/krb5
parent9c6be00daca0b80aed94ec9680724f95e6be92e1 (diff)
downloadkrb5-d0be57ac45ea639baa3cff0dd2108c34e834bfa7.tar.gz
krb5-d0be57ac45ea639baa3cff0dd2108c34e834bfa7.tar.xz
krb5-d0be57ac45ea639baa3cff0dd2108c34e834bfa7.zip
Build support for TLS used by HTTPS proxy support
Add a --with-proxy-tls-impl option to configure, taking 'openssl', 'auto', or invocation as --without-proxy-tls-impl. Use related CFLAGS when building lib/krb5/os, and LIBS when linking libkrb5. Call the OpenSSL library startup functions during library initialization. ticket: 7929
Diffstat (limited to 'src/lib/krb5')
-rw-r--r--src/lib/krb5/Makefile.in3
-rw-r--r--src/lib/krb5/krb5_libinit.c2
-rw-r--r--src/lib/krb5/os/Makefile.in2
-rw-r--r--src/lib/krb5/os/os-proto.h1
-rw-r--r--src/lib/krb5/os/sendto_kdc.c14
5 files changed, 20 insertions, 2 deletions
diff --git a/src/lib/krb5/Makefile.in b/src/lib/krb5/Makefile.in
index d9cddc1c6..472c0081d 100644
--- a/src/lib/krb5/Makefile.in
+++ b/src/lib/krb5/Makefile.in
@@ -56,7 +56,8 @@ RELDIR=krb5
SHLIB_EXPDEPS = \
$(TOPLIBD)/libk5crypto$(SHLIBEXT) \
$(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
-SHLIB_EXPLIBS=-lk5crypto -lcom_err $(SUPPORT_LIB) @GEN_LIB@ $(LIBS)
+SHLIB_EXPLIBS=-lk5crypto -lcom_err $(PROXY_TLS_IMPL_LIBS) $(SUPPORT_LIB) \
+ @GEN_LIB@ $(LIBS)
all-unix:: all-liblinks
diff --git a/src/lib/krb5/krb5_libinit.c b/src/lib/krb5/krb5_libinit.c
index f83d25b1c..f2382d1d8 100644
--- a/src/lib/krb5/krb5_libinit.c
+++ b/src/lib/krb5/krb5_libinit.c
@@ -58,6 +58,8 @@ int krb5int_lib_init(void)
if (err)
return err;
+ k5_sendto_kdc_initialize();
+
return 0;
}
diff --git a/src/lib/krb5/os/Makefile.in b/src/lib/krb5/os/Makefile.in
index 5add9f98e..fb4001a29 100644
--- a/src/lib/krb5/os/Makefile.in
+++ b/src/lib/krb5/os/Makefile.in
@@ -2,7 +2,7 @@ mydir=lib$(S)krb5$(S)os
BUILDTOP=$(REL)..$(S)..$(S)..
DEFINES=-DLIBDIR=\"$(KRB5_LIBDIR)\" -DBINDIR=\"$(CLIENT_BINDIR)\" \
-DSBINDIR=\"$(ADMIN_BINDIR)\"
-LOCALINCLUDES=-I$(top_srcdir)/util/profile
+LOCALINCLUDES= $(PROXY_TLS_IMPL_CFLAGS) -I$(top_srcdir)/util/profile
##DOS##BUILDTOP = ..\..\..
##DOS##PREFIXDIR=os
diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h
index 3196bca3f..f23dda579 100644
--- a/src/lib/krb5/os/os-proto.h
+++ b/src/lib/krb5/os/os-proto.h
@@ -184,5 +184,6 @@ krb5_error_code localauth_k5login_initvt(krb5_context context, int maj_ver,
krb5_plugin_vtable vtable);
krb5_error_code localauth_an2ln_initvt(krb5_context context, int maj_ver,
int min_ver, krb5_plugin_vtable vtable);
+void k5_sendto_kdc_initialize(void);
#endif /* KRB5_LIBOS_INT_PROTO__ */
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 3f99ce80c..c6aae8ef3 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -48,6 +48,10 @@
#endif
#endif
+#ifdef PROXY_TLS_IMPL_OPENSSL
+#include <openssl/ssl.h>
+#endif
+
#define MAX_PASS 3
#define DEFAULT_UDP_PREF_LIMIT 1465
#define HARD_UDP_LIMIT 32700 /* could probably do 64K-epsilon ? */
@@ -107,6 +111,16 @@ struct conn_state {
krb5_boolean defer;
};
+void
+k5_sendto_kdc_initialize(void)
+{
+#ifdef PROXY_TLS_IMPL_OPENSSL
+ SSL_library_init();
+ SSL_load_error_strings();
+ OpenSSL_add_all_algorithms();
+#endif
+}
+
/* Get current time in milliseconds. */
static krb5_error_code
get_curtime_ms(time_ms *time_out)
generated by cgit (git 2.34.1) at 2026-01-06 09:18:22 +0000