NetBSD portability patches from Brendan Cully.

diff --git a/acconfig.h b/acconfig.h
index 963f0880c368a4cf8eb8c60a04cb091e64b7e2c0..0da54fda64bc55f326a010b7cbee27715a8a8b9b 100644 (file)
--- a/acconfig.h
+++ b/acconfig.h
@@ -48,9 +48,21 @@
 /* Do you want support for IMAP GSSAPI authentication? (--with-gss) */
 #undef USE_GSS
 
+/* Do you have the Heimdal version of Kerberos V? (for gss support) */
+#undef HAVE_HEIMDAL
+
 /* Do you want support for SSL? (--enable-ssl) */
 #undef USE_SSL
 
+/* Avoid SSL routines which used patent-encumbered RC5 algorithms */
+#undef NO_RC5
+
+/* Avoid SSL routines which used patent-encumbered IDEA algorithms */
+#undef NO_IDEA
+
+/* Avoid SSL routines which used patent-encumbered RSA algorithms */
+#undef NO_RSA
+
 /*
  * Is mail spooled to the user's home directory?  If defined, MAILPATH should
  * be set to the filename of the spool mailbox relative the the home

diff --git a/configure.in b/configure.in
index 7c874f32b9a2aa442f6c72e10f8a7dc73519cfb2..8dc9929cf3463bb14da13a2356eb1d90f16ebf27 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -473,16 +473,40 @@ AC_ARG_WITH(gss,    [    --with-gss[=DIR]         Compile in GSSAPI authenticati
            LDFLAGS="$LDFLAGS -L$with_gss/lib"
          fi
 
-         saved_LIBS="$LIBS"
-         AC_CHECK_LIB(krb5, krb5_change_cache,,
-           AC_MSG_ERROR([could not find libkrb5 which is needed for GSS authentication]))
-         AC_CHECK_LIB(gssapi_krb5, g_order_init,,
-           AC_MSG_ERROR([could not find libgssapi_krb5 which is needed for GSS authentication]), -lkrb5)
-         LIBS="$saved_LIBS"
-         MUTTLIBS="$MUTTLIBS -lgssapi_krb5 -lkrb5 -lcrypto -lcom_err"
-         AC_DEFINE(USE_GSS)
-          need_gss="yes"
-       fi
+         saved_LIBS="$LIBS"
+          gss_type="none"
+
+          dnl MIT kerberos V support
+          dnl Note: older krb5 distributions use -lcrypto instead of
+          dnl -lk5crypto, which collides with OpenSSL. I punt and ignore
+          dnl it here.
+          AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context, [
+            gss_type="MIT",
+            MUTTLIBS="$MUTTLIBS -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err"
+            ],, -lkrb5 -lk5crypto -lcom_err)
+
+          dnl Heimdal kerberos V support
+          if test x$gss_type = xnone
+          then
+            AC_CHECK_LIB(gssapi, gss_init_sec_context, [
+              gss_type="Heimdal",
+              MUTTLIBS="$MUTTLIBS -lgssapi -lkrb5 -ldes -lasn1 -lroken"
+              MUTTLIBS="$MUTTLIBS -lcrypt -lcom_err"
+              AC_DEFINE(HAVE_HEIMDAL)
+              ],, -lgssapi -lkrb5 -ldes -lasn1 -lroken -lcrypt -lcom_err)
+          fi
+
+          if test x$gss_type = xnone
+          then
+            AC_CACHE_SAVE
+            AC_MSG_ERROR([GSSAPI support not found])
+          fi
+
+         LIBS="$saved_LIBS"
+         AC_DEFINE(USE_GSS)
+            need_gss="yes"
+       fi
+
 ])
 AM_CONDITIONAL(USE_GSS, test x$need_gss = xyes)
 
@@ -509,6 +533,11 @@ AC_ARG_WITH(ssl, [    --with-ssl[=PFX]         Compile in SSL socket support for
          LIBS="$saved_LIBS"
          MUTTLIBS="$MUTTLIBS -lssl -lcrypto"
          need_ssl=yes
+
+          dnl Some systems avoid certain patent-encumbered SSL routines
+          AC_CHECK_HEADER(openssl/rc5.h,,AC_DEFINE(NO_RC5))
+          AC_CHECK_HEADER(openssl/idea.h,,AC_DEFINE(NO_IDEA))
+          AC_CHECK_HEADER(openssl/rsa.h,,AC_DEFINE(NO_RSA))
        fi
 ])
 AM_CONDITIONAL(USE_SSL, test x$need_ssl = xyes)

diff --git a/imap/auth_gss.c b/imap/auth_gss.c
index 2102ff82a7a64ffa12fc2e526b2885b2e749c9b5..fdfaea60fb7a9818c74579abcb4d55eb6622d2b9 100644 (file)
--- a/imap/auth_gss.c
+++ b/imap/auth_gss.c
@@ -18,12 +18,20 @@
 
 /* GSS login/authentication code */
 
+/* for HAVE_HEIMDAL */
+#include "config.h"
+
 #include "mutt.h"
 #include "imap_private.h"
 
 #include <netinet/in.h>
-#include <gssapi/gssapi.h>
-#include <gssapi/gssapi_generic.h>
+
+#ifdef HAVE_HEIMDAL
+#  include <gssapi.h>
+#else
+#  include <gssapi/gssapi.h>
+#  include <gssapi/gssapi_generic.h>
+#endif
 
 #define GSS_BUFSIZE 8192
 

diff --git a/imap/imap_ssl.c b/imap/imap_ssl.c
index 0691702d2ff422a5d7c5c2bee17bd9346a697862..d40b4cf9b2da0873173530ba3f5e2bab38e7ac68 100644 (file)
--- a/imap/imap_ssl.c
+++ b/imap/imap_ssl.c
@@ -15,6 +15,10 @@
  *     along with this program; if not, write to the Free Software
  *     Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111, USA.
  */
+
+/* for SSL NO_* defines */
+#include "config.h"
+
 #include <openssl/ssl.h>
 #include <openssl/x509.h>
 #include <openssl/err.h>