From c880d51849753a40af5b102df2ae131552a974e8 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Sat, 18 Dec 2010 14:46:21 +0000
Subject: [PATCH] gsskrb5_register_acceptor_identity is not available on all
 platforms

---
 configure.in                 |  6 +-----
 lib/dns/gssapictx.c          | 27 ++++++++++++++++-----------
 lib/dns/include/dst/gssapi.h |  4 +++-
 3 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/configure.in b/configure.in
index 090acdb225..c0af032839 100644
--- a/configure.in
+++ b/configure.in
@@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl
 esyscmd([sed "s/^/# /" COPYRIGHT])dnl
 AC_DIVERT_POP()dnl
 
-AC_REVISION($Revision: 1.505 $)
+AC_REVISION($Revision: 1.506 $)
 
 AC_INIT(lib/dns/name.c)
 AC_PREREQ(2.59)
@@ -796,10 +796,6 @@ case "$use_gssapi" in
 		AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h,
 		    [ISC_PLATFORM_GSSAPI_KRB5_HEADER="#define ISC_PLATFORM_GSSAPI_KRB5_HEADER <$ac_header>"])
 
-		if test "$ISC_PLATFORM_GSSAPI_KRB5_HEADER" = ""; then
-		    AC_MSG_ERROR([gssapi_krb5.h not found])
-		fi
-
 		AC_CHECK_HEADERS(krb5.h krb5/krb5.h kerberosv5/krb5.h,
 		    [ISC_PLATFORM_KRB5HEADER="#define ISC_PLATFORM_KRB5HEADER <$ac_header>"])
 
diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c
index 111dffa6dd..bf5115f125 100644
--- a/lib/dns/gssapictx.c
+++ b/lib/dns/gssapictx.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: gssapictx.c,v 1.19 2010/12/18 01:56:22 each Exp $ */
+/* $Id: gssapictx.c,v 1.20 2010/12/18 14:46:21 marka Exp $ */
 
 #include <config.h>
 
@@ -746,16 +746,21 @@ dst_gssapi_acceptctx(gss_cred_id_t cred,
 	else
 		context = *ctxout;
 
-	if (gssapi_keytab) {
-	       gret = gsskrb5_register_acceptor_identity(gssapi_keytab);
-	       if (gret != GSS_S_COMPLETE) {
-		       gss_log(3, "failed "
-				  "gsskrb5_register_acceptor_identity(%s): %s",
-			       gssapi_keytab,
-			       gss_error_tostring(gret, minor,
-						  buf, sizeof(buf)));
-		       return (DNS_R_INVALIDTKEY);
-	       }
+	if (gssapi_keytab != NULL) {
+#ifdef ISC_PLATFORM_GSSAPI_KRB5_HEADER
+		return (ISC_R_NOTIMPLEMENTED);
+#else
+
+		gret = gsskrb5_register_acceptor_identity(gssapi_keytab);
+		if (gret != GSS_S_COMPLETE) {
+			gss_log(3, "failed "
+				"gsskrb5_register_acceptor_identity(%s): %s",
+				gssapi_keytab,
+				gss_error_tostring(gret, minor,
+						   buf, sizeof(buf)));
+			return (DNS_R_INVALIDTKEY);
+		}
+#endif
 	}
 
 	gret = gss_accept_sec_context(&minor, &context, cred, &gintoken,
diff --git a/lib/dns/include/dst/gssapi.h b/lib/dns/include/dst/gssapi.h
index 3f6b5e462d..5439b3915b 100644
--- a/lib/dns/include/dst/gssapi.h
+++ b/lib/dns/include/dst/gssapi.h
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: gssapi.h,v 1.12 2010/12/18 01:56:22 each Exp $ */
+/* $Id: gssapi.h,v 1.13 2010/12/18 14:46:21 marka Exp $ */
 
 #ifndef DST_GSSAPI_H
 #define DST_GSSAPI_H 1
@@ -37,8 +37,10 @@
 #include <gssapi/gssapi_krb5.h>
 #else
 #include ISC_PLATFORM_GSSAPIHEADER
+#ifdef ISC_PLATFORM_GSSAPI_KRB5_HEADER
 #include ISC_PLATFORM_GSSAPI_KRB5_HEADER
 #endif
+#endif
 #ifndef GSS_SPNEGO_MECHANISM
 #define GSS_SPNEGO_MECHANISM ((void*)0)
 #endif