Expect the Heimdal password strength checking plugin header in
kadm5/kadm5-pwcheck.h instead of outside of the kadm5 directory. This
- is the path used by current versions of Heimdal.
+ is the path used by current versions of Heimdal. Drop support for
+ older versions of Heimdal that don't install this header file.
Update to rra-c-util 4.9:
RRA_LIB_KRB5
RRA_LIB_KRB5_SWITCH
AC_CHECK_HEADERS([kadm5/kadm5-pwcheck.h kadm5/kadm5_err.h], [], [],
- [RRA_INCLUDE_KRB5])
+ [RRA_INCLUDES_KRB5])
AC_CHECK_HEADERS([krb5/pwqual_plugin.h], [], [], [RRA_INCLUDES_KRB5])
AC_CHECK_TYPES([krb5_realm], [], [], [RRA_INCLUDES_KRB5])
AC_CHECK_FUNCS([krb5_free_default_realm \
#include <portable/system.h>
#include <errno.h>
+#ifdef HAVE_KADM5_KADM5_PWCHECK_H
+# include <kadm5/kadm5-pwcheck.h>
+#endif
#include <plugin/internal.h>
#include <util/macros.h>
/* Skip this entire file if not building with Heimdal. */
#ifdef HAVE_KRB5_REALM
-/* kadm5/kadm5-pwcheck.h isn't always installed by Heimdal. */
-# ifdef HAVE_KADM5_KADM5_PWCHECK_H
-# include <kadm5/kadm5-pwcheck.h>
-# else
-# define KADM5_PASSWD_VERSION_V1 1
-
-typedef int
-(*kadm5_passwd_quality_check_func)(krb5_context context,
- krb5_principal principal,
- krb5_data *password,
- const char *tuning,
- char *message,
- size_t length);
-
-struct kadm5_pw_policy_check_func {
- const char *name;
- kadm5_passwd_quality_check_func func;
-};
-
-struct kadm5_pw_policy_verifier {
- const char *name;
- int version;
- const char *vendor;
- const struct kadm5_pw_policy_check_func *funcs;
-};
-# endif /* !HAVE_KADM5_PWCHECK_H */
/*
* This is the single check function that we provide. It does the glue
#include <dlfcn.h>
#include <errno.h>
+#ifdef HAVE_KADM5_KADM5_PWCHECK_H
+# include <kadm5/kadm5-pwcheck.h>
+#endif
#include <tests/tap/basic.h>
#include <tests/tap/kerberos.h>
#include <tests/tap/string.h>
#include <util/macros.h>
-/* kadm5-pwcheck.h isn't always installed by Heimdal. */
-#ifdef HAVE_KADM5_PWCHECK_H
-# include <kadm5-pwcheck.h>
-#else
-# define KADM5_PASSWD_VERSION_V1 1
-
-typedef int
-(*kadm5_passwd_quality_check_func)(krb5_context context,
- krb5_principal principal,
- krb5_data *password,
- const char *tuning,
- char *message,
- size_t length);
-
-struct kadm5_pw_policy_check_func {
- const char *name;
- kadm5_passwd_quality_check_func func;
-};
-
-struct kadm5_pw_policy_verifier {
- const char *name;
- int version;
- const char *vendor;
- const struct kadm5_pw_policy_check_func *funcs;
-};
-#endif /* !HAVE_KADM5_PWCHECK_H */
-
/*
* The password test data, generated from the JSON source. Defines an arrays
* named cdb_tests, cracklib_tests, and generic_tests.
#include <tests/data/passwords/length.c>
+#ifndef HAVE_KADM5_KADM5_PWCHECK_H
+/*
+ * If we're not building with Heimdal, we can't run this test and much of the
+ * test won't even compile. Replace this test with a small program that just
+ * calls skip_all.
+ */
+int
+main(void)
+{
+ skip_all("not built against Heimdal libraries");
+ return 0;
+}
+
+#else
+
/*
* Loads the Heimdal password change plugin and tests that its metadata is
* correct. Returns a pointer to the kadm5_pw_policy_verifier struct or bails
" configured in krb5.conf",
};
- /* If we're not building with Heimdal, we can't run this test. */
-#ifndef HAVE_KRB5_REALM
- skip_all("not built against Heimdal libraries");
-#endif
-
/*
* Calculate how many tests we have. There are five tests for the module
* metadata, one more password test than the list of password tests we
free(krb5_config);
return 0;
}
+
+#endif /* HAVE_KADM5_KADM5_PWCHECK_H */