[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: kerberos support in ssh/lsh

Brian May <bam@snoopy.apana.org.au> writes:

> I think MIT requires:
> -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err
> bug Heimdal requires:
> -lgssapi -lkrb5 -ldes -lasn1 -lroken -lcrypt -lcom_err
> at least, if you use gssapi.
> Hopefully, this yucky situation will be fixed when libtool 1.4 is
> released, and interdependencies between un-installed shared libraries
> are supported.

I don't see why you would need libtool for that. lsh's configure.in
simply uses

  AC_CHECK_KRB_LIB(roken, strlcpy)
  AC_CHECK_KRB_LIB(resolv, dn_expand)
  AC_CHECK_KRB_LIB(des, des_cbc_encrypt)
  AC_CHECK_KRB_LIB(asn1, der_get_octet_string)
  AC_CHECK_KRB_LIB(krb5, krb5_cc_gen_new,, [enable_kerberos=no])

(where AC_CHECK_KRB_LIB is a variant of AC_CHECK_LIB that adds the
libraries to $KRB_LIBS rather than to $LIBS). I believe it should be
fairly straight forward to check for MIT libraries as well, even if I
haven't tried it. It may be that libtool would be helpful if I tried
to *build* shared libraries, but I haven't played very much with
shared libraries.