src/gssapi_client.cpp

src/gssapi_client.hpp

@@ -20,6 +20,8 @@
 #ifndef __ZMQ_GSSAPI_CLIENT_HPP_INCLUDED__
 #define __ZMQ_GSSAPI_CLIENT_HPP_INCLUDED__
 
+#ifdef HAVE_LIBGSSAPI_KRB5
+
 #include "gssapi_mechanism_base.hpp"
 
 namespace zmq
@@ -43,7 +45,7 @@ namespace zmq
         virtual bool is_handshake_complete () const;
 
     private:
- 
+
         enum state_t {
             call_next_init,
             send_next_token,
@@ -77,3 +79,5 @@ namespace zmq
 }
 
 #endif
+
+#endif

src/gssapi_mechanism_base.cpp

@@ -18,6 +18,9 @@
 */
 
 #include "platform.hpp"
+
+#ifdef HAVE_LIBGSSAPI_KRB5
+
 #ifdef ZMQ_HAVE_WINDOWS
 #include "windows.hpp"
 #endif
@@ -74,10 +77,10 @@ int zmq::gssapi_mechanism_base_t::encode_message (msg_t *msg_)
 
     plaintext.value = plaintext_buffer;
     plaintext.length = msg_->size ()+1;
- 
+
     maj_stat = gss_wrap(&min_stat, context, 1, GSS_C_QOP_DEFAULT,
                         &plaintext, &state, &wrapped);
-    
+
     zmq_assert (maj_stat == GSS_S_COMPLETE);
     zmq_assert (state);
 
@@ -89,7 +92,7 @@ int zmq::gssapi_mechanism_base_t::encode_message (msg_t *msg_)
     zmq_assert (rc == 0);
 
     uint8_t *ptr = static_cast <uint8_t *> (msg_->data ());
-    
+
     // Add command string
     memcpy (ptr, "\x07MESSAGE", 8);
     ptr += 8;
@@ -129,7 +132,7 @@ int zmq::gssapi_mechanism_base_t::decode_message (msg_t *msg_)
     wrapped.length = get_uint32 (ptr);
     ptr += 4;
     bytes_left -= 4;
-    
+
     // Get token value
     if (bytes_left < wrapped.length) {
         errno = EPROTO;
@@ -164,9 +167,9 @@ int zmq::gssapi_mechanism_base_t::decode_message (msg_t *msg_)
     const uint8_t flags = static_cast <char *> (plaintext.value)[0];
     if (flags & 0x01)
 	    msg_->set_flags (msg_t::more);
-    
+
     memcpy (msg_->data (), static_cast <char *> (plaintext.value)+1, plaintext.length-1);
-    
+
     gss_release_buffer (&min_stat, &plaintext);
     gss_release_buffer (&min_stat, &wrapped);
 
@@ -184,12 +187,12 @@ int zmq::gssapi_mechanism_base_t::produce_initiate (msg_t *msg_, void *token_val
     zmq_assert (token_length_ <= 0xFFFFFFFFUL);
 
     const size_t command_size = 9 + 4 + token_length_;
-    
+
     const int rc = msg_->init_size (command_size);
     errno_assert (rc == 0);
-    
+
     uint8_t *ptr = static_cast <uint8_t *> (msg_->data ());
-    
+
     // Add command string
     memcpy (ptr, "\x08INITIATE", 9);
     ptr += 9;
@@ -208,7 +211,7 @@ int zmq::gssapi_mechanism_base_t::produce_initiate (msg_t *msg_, void *token_val
 int zmq::gssapi_mechanism_base_t::process_initiate (msg_t *msg_, void **token_value_, size_t &token_length_)
 {
     zmq_assert (token_value_);
-    
+
     const uint8_t *ptr = static_cast <uint8_t *> (msg_->data ());
     size_t bytes_left = msg_->size ();
 
@@ -228,7 +231,7 @@ int zmq::gssapi_mechanism_base_t::process_initiate (msg_t *msg_, void **token_va
     token_length_ = get_uint32 (ptr);
     ptr += 4;
     bytes_left -= 4;
-    
+
     // Get token value
     if (bytes_left < token_length_) {
         errno = EPROTO;
@@ -246,7 +249,7 @@ int zmq::gssapi_mechanism_base_t::process_initiate (msg_t *msg_, void **token_va
         errno = EPROTO;
         return -1;
     }
- 
+
     return 0;
 }
 
@@ -287,7 +290,7 @@ int zmq::gssapi_mechanism_base_t::produce_ready (msg_t *msg_)
 
 int zmq::gssapi_mechanism_base_t::process_ready (msg_t *msg_)
 {
-    if (do_encryption) { 
+    if (do_encryption) {
         const int rc = decode_message (msg_);
         if (rc != 0)
             return rc;
@@ -310,11 +313,11 @@ int zmq::gssapi_mechanism_base_t::acquire_credentials (char * service_name_, gss
     OM_uint32 maj_stat;
     OM_uint32 min_stat;
     gss_name_t server_name;
-    
+
     gss_buffer_desc name_buf;
     name_buf.value = service_name_;
     name_buf.length = strlen ((char *) name_buf.value) + 1;
-    
+
     maj_stat = gss_import_name (&min_stat, &name_buf,
                                 gss_nt_service_name, &server_name);
 
@@ -333,3 +336,4 @@ int zmq::gssapi_mechanism_base_t::acquire_credentials (char * service_name_, gss
     return 0;
 }
 
+#endif

src/gssapi_mechanism_base.hpp

@@ -20,6 +20,10 @@
 #ifndef __ZMQ_GSSAPI_MECHANISM_BASE_HPP_INCLUDED__
 #define __ZMQ_GSSAPI_MECHANISM_BASE_HPP_INCLUDED__
 
+#include "platform.hpp"
+
+#ifdef HAVE_LIBGSSAPI_KRB5
+
 #include <gssapi/gssapi_generic.h>
 #include <gssapi/gssapi_krb5.h>
 
@@ -46,7 +50,7 @@ namespace zmq
         //  Produce a context-level GSSAPI token (INITIATE command)
         //  during security context initialization.
         int produce_initiate (msg_t *msg_, void *data_, size_t data_len_);
-        
+
         //  Process a context-level GSSAPI token (INITIATE command)
         //  during security context initialization.
         int process_initiate (msg_t *msg_, void **data_, size_t &data_len_);
@@ -56,15 +60,15 @@ namespace zmq
 
         // Process a metadata ready msg (READY)
         int process_ready (msg_t *msg_);
-        
+
         //  Encode a per-message GSSAPI token (MESSAGE command) using
         //  the established security context.
         int encode_message (msg_t *msg_);
-        
+
         //  Decode a per-message GSSAPI token (MESSAGE command) using
         //  the  established security context.
         int decode_message (msg_t *msg_);
-        
+
         //  Acquire security context credentials from the
         //  underlying mechanism.
         static int acquire_credentials (char * principal_name_,
@@ -73,13 +77,13 @@ namespace zmq
     protected:
         //  Opaque GSSAPI token for outgoing data
         gss_buffer_desc send_tok;
-        
+
         //  Opaque GSSAPI token for incoming data
         gss_buffer_desc recv_tok;
-        
+
         //  Opaque GSSAPI representation of principal
         gss_name_t target_name;
-        
+
         //  Human-readable principal name
         char * principal_name;
 
@@ -95,10 +99,10 @@ namespace zmq
 
         //  Flags returned by GSSAPI (ignored)
         OM_uint32 ret_flags;
-        
+
         //  Flags returned by GSSAPI (ignored)
         OM_uint32 gss_flags;
-        
+
         //  Credentials used to establish security context
         gss_cred_id_t cred;
 
@@ -110,6 +114,7 @@ namespace zmq
     };
 
 }
-    
+
 #endif
 
+#endif

src/gssapi_server.cpp

@@ -18,6 +18,9 @@
 */
 
 #include "platform.hpp"
+
+#ifdef HAVE_LIBGSSAPI_KRB5
+
 #ifdef ZMQ_HAVE_WINDOWS
 #include "windows.hpp"
 #endif
@@ -98,7 +101,7 @@ int zmq::gssapi_server_t::process_handshake_command (msg_t *msg_)
 {
     if (state == recv_ready) {
         int rc = process_ready(msg_);
-        if (rc == 0) 
+        if (rc == 0)
             state = connected;
 
         return rc;
@@ -138,7 +141,7 @@ int zmq::gssapi_server_t::process_handshake_command (msg_t *msg_)
     return 0;
 }
 
-void zmq::gssapi_server_t::send_zap_request () 
+void zmq::gssapi_server_t::send_zap_request ()
 {
     int rc;
     msg_t msg;
@@ -358,3 +361,4 @@ void zmq::gssapi_server_t::accept_context ()
     }
 }
 
+#endif

src/gssapi_server.hpp

@@ -20,6 +20,8 @@
 #ifndef __ZMQ_GSSAPI_SERVER_HPP_INCLUDED__
 #define __ZMQ_GSSAPI_SERVER_HPP_INCLUDED__
 
+#ifdef HAVE_LIBGSSAPI_KRB5
+
 #include "gssapi_mechanism_base.hpp"
 
 namespace zmq
@@ -58,9 +60,9 @@ namespace zmq
         };
 
         session_base_t * const session;
-       
+
         const std::string peer_address;
-        
+
         //  Current FSM state
         state_t state;
 
@@ -80,3 +82,5 @@ namespace zmq
 }
 
 #endif
+
+#endif

src/stream_engine.cpp

@@ -55,7 +55,7 @@
 #include "likely.hpp"
 #include "wire.hpp"
 
-zmq::stream_engine_t::stream_engine_t (fd_t fd_, const options_t &options_, 
+zmq::stream_engine_t::stream_engine_t (fd_t fd_, const options_t &options_,
                                        const std::string &endpoint_) :
     s (fd_),
     inpos (NULL),
@@ -82,7 +82,7 @@ zmq::stream_engine_t::stream_engine_t (fd_t fd_, const options_t &options_,
 {
     int rc = tx_msg.init ();
     errno_assert (rc == 0);
-    
+
     //  Put the socket into non-blocking mode.
     unblock_socket (s);
 
@@ -595,6 +595,7 @@ bool zmq::stream_engine_t::handshake ()
             alloc_assert (mechanism);
         }
 #endif
+#ifdef HAVE_LIBGSSAPI_KRB5
         else
         if (memcmp (greeting_recv + 12, "GSSAPI\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) {
             if (options.as_server)
@@ -604,6 +605,7 @@ bool zmq::stream_engine_t::handshake ()
                 mechanism = new (std::nothrow) gssapi_client_t (options);
             alloc_assert (mechanism);
         }
+#endif
         else {
             error ();
             return false;
@@ -829,7 +831,7 @@ int zmq::stream_engine_t::write (const void *data_, size_t size_)
     //  we'll get an error (this may happen during the speculative write).
     if (nbytes == SOCKET_ERROR && WSAGetLastError () == WSAEWOULDBLOCK)
         return 0;
-        
+
     //  Signalise peer failure.
     if (nbytes == SOCKET_ERROR && (
           WSAGetLastError () == WSAENETDOWN ||