Cannot build ROOT with Heimdal Kerberos

mks · May 1, 2007, 11:23am

I have known this problem to be present for quite a while, but since it still hasn’t been resolved in 5.14.00 and I couldn’t find any mention of it in the forums, here it is: on a system using Heimdal rather than MIT Kerberos ROOT doesn’t build (unless krb5 support is explicitly disabled), even though configure correctly recognises the installed version of Kerberos as non-MIT. Here is exactly what happens:

bin/rmkdepend -R -fkrb5auth/src/Krb5Auth.d -Y -w 1000 -- -pipe -Wall -m64 -fPIC -Iinclude  -pthread -DR__KRB5INIT="\"/usr/bin/kinit\""  -D__cplusplus -- krb5auth/src/Krb5Auth.cxx
g++ -O2 -pipe -Wall -m64 -fPIC -Iinclude  -pthread -DR__KRB5INIT="\"/usr/bin/kinit\""  -DUSEPCH -include precompile.h -o krb5auth/src/Krb5Auth.o -c krb5auth/src/Krb5Auth.cxx
include/Krb5Auth.h:51: error: declaration of C function ‘int krb5_net_read(krb5_context_data*, int, char*, int)’ conflicts with
/usr/include/krb5-protos.h:2317: error: previous declaration ‘krb5_ssize_t krb5_net_read(krb5_context_data*, void*, void*, size_t)’ here
krb5auth/src/Krb5Auth.cxx: In function ‘Int_t Krb5Authenticate(TAuthenticate*, TString&, TString&, Int_t)’:
krb5auth/src/Krb5Auth.cxx:263: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:263: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:264: error: request for member ‘length’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:264: error: request for member ‘data’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:286: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:286: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:287: error: request for member ‘length’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:287: error: request for member ‘data’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:285: warning: unused variable ‘ticketPrincipal’
krb5auth/src/Krb5Auth.cxx:335: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:335: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:339: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:339: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:340: error: request for member ‘length’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:340: error: request for member ‘data’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:424: error: ‘valid_cksumtype’ was not declared in this scope
krb5auth/src/Krb5Auth.cxx:453: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:453: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:454: error: request for member ‘length’ in ‘server->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:454: error: request for member ‘data’ in ‘server->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:501: error: ‘struct KRB_ERROR’ has no member named ‘text’
krb5auth/src/Krb5Auth.cxx:501: error: ‘struct KRB_ERROR’ has no member named ‘text’
krb5auth/src/Krb5Auth.cxx:545: error: invalid conversion from ‘void*’ to ‘char*’
krb5auth/src/Krb5Auth.cxx:551: error: pointer of type ‘void *’ used in arithmetic
krb5auth/src/Krb5Auth.cxx:551: error: ‘void*’ is not a pointer-to-object type
krb5auth/src/Krb5Auth.cxx:551: error: pointer of type ‘void *’ used in arithmetic
krb5auth/src/Krb5Auth.cxx:551: error: ‘void*’ is not a pointer-to-object type
krb5auth/src/Krb5Auth.cxx:551: error: pointer of type ‘void *’ used in arithmetic
krb5auth/src/Krb5Auth.cxx:551: error: ‘void*’ is not a pointer-to-object type
krb5auth/src/Krb5Auth.cxx:555: warning: format ‘%d’ expects type ‘int’, but argument 3 has type ‘size_t’
krb5auth/src/Krb5Auth.cxx: In function ‘Int_t Krb5CheckCred(krb5_context_data*, krb5_ccache_data*, TString, TDatime&)’:
krb5auth/src/Krb5Auth.cxx:770: error: ‘struct Principal’ has no member named ‘length’
krb5auth/src/Krb5Auth.cxx:772: error: request for member ‘length’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:772: error: request for member ‘data’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:775: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:775: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:777: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:777: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:782: error: ‘struct Principal’ has no member named ‘length’
krb5auth/src/Krb5Auth.cxx:783: error: request for member ‘data’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:784: error: request for member ‘length’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
krb5auth/src/Krb5Auth.cxx:785: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:786: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:787: error: ‘struct Principal’ has no member named ‘data’
krb5auth/src/Krb5Auth.cxx:788: error: ‘struct Principal’ has no member named ‘data’
make: *** [krb5auth/src/Krb5Auth.o] Error 1

Any chance of getting it fixed in the near future? If there is something I can help with here, let me know.

ganis · May 2, 2007, 11:47am

Hello,

Currently we only support MIT-Krb5: configure should detect that (as, you wrote, it does) AND should disable krb5 if Heimdal, which apparently does not happen.
This should be fixed asap.
Could you post the relevant output from “configure”?

There is no plan, for the time being, to extend the support to Heimdal-Krb: yours is the first request in this direction.
Your help would be appreciated.

G. Ganis

mks · May 2, 2007, 2:18pm

Attached you will find the output of configure on my system.

PS. On an unrelated note, would you by any chance know what that error from basename during OpenSSL detection means?

ganis · May 2, 2007, 3:34pm

Hi,

Thanks for the output. I think I have understood what’s wrong.
We will commit a fix asap.

For the SSL related issue: a ‘basename’ command is called with an empty argument. To try to debug it I need to know the exact version of configure.
Was that 5.14.00 ?

G. Ganis

mks · May 2, 2007, 3:58pm

Yes, 5.14.00e.

ganis · May 3, 2007, 12:00pm

Hi,

We have just committed in the CVS head a patch to configure which disables Kerberos if the available implementation is not MIT, and should also fix the ‘basename’ problem after the unsuccessful detection of openssl/x509.h .

Thanks for reporting these problems.

G. Ganis

angus · February 17, 2011, 3:52am

This doesn’t seem to be fixed at the moment. configure detects that Kerberos is non-MIT, but it doesn’t actually disable it.

config.log says:

Checking whether we're using MIT Kerberos
Result: no

but I still get this:

g++ -O2 -pipe -m64 -Wshadow -Wall -W -Woverloaded-virtual -fPIC -Iinclude  -pthread -DR__KRB5    -DR__SSL -DOPENSSL_NO_KRB5 -DR__KRB5INIT="\"\""   -o net/krb5auth/src/Krb5Auth.o -c /data/root-unmodified/net/krb5auth/src/Krb5Auth.cxx
In file included from net/krb5auth/src/Krb5Auth.cxx:47:0:
include/Krb5Auth.h:51:52: error: declaration of C function ‘int krb5_net_read(krb5_context_data*, int, char*, int)’ conflicts with
/usr/include/krb5-protos.h:2918:1: error: previous declaration ‘krb5_ssize_t krb5_net_read(krb5_context_data*, void*, void*, size_t)’ here
net/krb5auth/src/Krb5Auth.cxx: In destructor ‘TKrb5CleanUp::~TKrb5CleanUp()’:
net/krb5auth/src/Krb5Auth.cxx:96:28: error: ‘free’ was not declared in this scope
net/krb5auth/src/Krb5Auth.cxx: In function ‘Int_t Krb5Authenticate(TAuthenticate*, TString&, TString&, Int_t)’:
net/krb5auth/src/Krb5Auth.cxx:229:30: error: ‘free’ was not declared in this scope
net/krb5auth/src/Krb5Auth.cxx:271:40: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:271:62: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:272:46: error: request for member ‘length’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:272:68: error: request for member ‘data’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:294:47: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:294:69: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:295:53: error: request for member ‘length’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:295:75: error: request for member ‘data’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:343:29: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:343:49: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:347:20: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:347:42: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:348:26: error: request for member ‘length’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:348:48: error: request for member ‘data’ in ‘client->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:461:20: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:461:42: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:462:26: error: request for member ‘length’ in ‘server->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:462:48: error: request for member ‘data’ in ‘server->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:509:22: error: ‘struct krb5_error’ has no member named ‘text’
net/krb5auth/src/Krb5Auth.cxx:509:44: error: ‘struct krb5_error’ has no member named ‘text’
net/krb5auth/src/Krb5Auth.cxx:553:34: error: invalid conversion from ‘void*’ to ‘char*’
net/krb5auth/src/Krb5Auth.cxx:559:32: warning: pointer of type ‘void *’ used in arithmetic
net/krb5auth/src/Krb5Auth.cxx:559:32: error: ‘void*’ is not a pointer-to-object type
net/krb5auth/src/Krb5Auth.cxx:559:49: warning: pointer of type ‘void *’ used in arithmetic
net/krb5auth/src/Krb5Auth.cxx:559:49: error: ‘void*’ is not a pointer-to-object type
net/krb5auth/src/Krb5Auth.cxx:559:66: warning: pointer of type ‘void *’ used in arithmetic
net/krb5auth/src/Krb5Auth.cxx:559:66: error: ‘void*’ is not a pointer-to-object type
net/krb5auth/src/Krb5Auth.cxx:563:51: warning: format ‘%d’ expects type ‘int’, but argument 4 has type ‘size_t’
net/krb5auth/src/Krb5Auth.cxx:563:51: warning: format ‘%d’ expects type ‘int’, but argument 4 has type ‘size_t’
net/krb5auth/src/Krb5Auth.cxx:580:38: warning: format ‘%d’ expects type ‘int’, but argument 4 has type ‘size_t’
net/krb5auth/src/Krb5Auth.cxx: In function ‘Int_t Krb5CheckCred(krb5_context_data*, krb5_ccache_data*, TString, TDatime&)’:
net/krb5auth/src/Krb5Auth.cxx:779:30: error: ‘struct Principal’ has no member named ‘length’
net/krb5auth/src/Krb5Auth.cxx:781:36: error: request for member ‘length’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:781:64: error: request for member ‘data’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:784:30: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:784:60: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:786:30: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:786:60: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:788:66: warning: format ‘%d’ expects type ‘int’, but argument 3 has type ‘krb5_timestamp’
net/krb5auth/src/Krb5Auth.cxx:791:25: error: ‘struct Principal’ has no member named ‘length’
net/krb5auth/src/Krb5Auth.cxx:792:39: error: request for member ‘data’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:793:53: error: request for member ‘length’ in ‘creds.krb5_creds::server->Principal::realm’, which is of non-class type ‘char*’
net/krb5auth/src/Krb5Auth.cxx:794:41: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:795:42: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:796:41: error: ‘struct Principal’ has no member named ‘data’
net/krb5auth/src/Krb5Auth.cxx:797:47: error: ‘struct Principal’ has no member named ‘data’
make: *** [net/krb5auth/src/Krb5Auth.o] Error 1

I think the fix is something like:

Index: configure
===================================================================
--- configure   (revision 38106)
+++ configure   (working copy)
@@ -5247,6 +5247,8 @@
          fi
 
        fi
+    else
+        enable_krb5=no
     fi
 
     if test ! "x$enable_krb5" = "xyes" ; then

rdm · March 1, 2011, 11:27am

Thanks for the fix. Now applied in the trunk.

Cheers, Fons.