AC_CHECK_LIB($gssapi_lib, krb5int_derive_key,
[HAVE_KRB5INT_DERIVE_KEY=1; AC_DEFINE(HAVE_KRB5INT_DERIVE_KEY, 1, [Define this if the function krb5int_derive_key is available])], ,$KRBLIBS)
+ dnl Version 1.15 introduced aes-sha2 support, which changes the
+ dnl number of paramters of function krb5int_derive_key.
+ if test $K5VERS -ge 1150; then
+ AC_DEFINE(HAVE_AES_SHA2_SUPPORT, 1,
+ [aes-sha2 is supported by krb5])
+ fi
+
dnl Check for krb5_derive_key
AC_CHECK_LIB($gssapi_lib, krb5_derive_key,
[HAVE_KRB5_DERIVE_KEY=1; AC_DEFINE(HAVE_KRB5_DERIVE_KEY, 1, [Define this if the function krb5_derive_key is available])], ,$KRBLIBS)
#endif
};
+#ifdef HAVE_AES_SHA2_SUPPORT
extern krb5_error_code krb5int_derive_key(const void *enc,
+ const void *hash,
krb5_key inkey, krb5_key *outkey,
const krb5_data *in_constant,
enum deriv_alg alg);
+#define ll_krb5int_derive_key(enc, inkey, outkey, in_constant, alg) \
+ krb5int_derive_key((enc), (NULL), (inkey), (outkey), (in_constant), \
+ (alg))
+#else
+extern krb5_error_code krb5int_derive_key(const void *enc,
+ krb5_key inkey, krb5_key *outkey,
+ const krb5_data *in_constant,
+ enum deriv_alg alg);
+#define ll_krb5int_derive_key(enc, inkey, outkey, in_constant, alg) \
+ krb5int_derive_key((enc), (inkey), (outkey), (in_constant), (alg))
+#endif
extern krb5_error_code krb5_k_create_key(krb5_context context,
const krb5_keyblock *key_data,
krb5_key *out);
if (code)
goto out;
- code = krb5int_derive_key(enc, key_in, &key_out, &datain,
- DERIVE_RFC3961);
+ code = ll_krb5int_derive_key(enc, key_in, &key_out, &datain,
+ DERIVE_RFC3961);
krb5_k_free_key(kcontext, key_in);
if (code == 0) {