+# Kerberos settings. The flavor must be provided from outside, either through
+# the script "config" or manually.
+if ($no_krb5
+ || !defined($withargs{"krb5-flavor"})
+ || $withargs{"krb5-flavor"} eq "")
+ {
+ $cflags="-DNO_KRB5 $cflags";
+ $options.=" no-krb5" unless $no_krb5;
+ $openssl_algorithm_defines .= "#define NO_KRB5\n";
+ }
+else
+ {
+ if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
+ {
+ $withargs{"krb5-dir"} = "/usr/heimdal"
+ if $withargs{"krb5-dir"} eq "";
+ $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
+ "/lib -lgssapi -lkrb5 -lcom_err"
+ if $withargs{"krb5-lib"} eq "";
+ $cflags="-DKRB5_HEIMDAL $cflags";
+ }
+ if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]$/)
+ {
+ $withargs{"krb5-dir"} = "/usr/kerberos"
+ if $withargs{"krb5-dir"} eq "";
+ $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
+ "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
+ if $withargs{"krb5-lib"} eq "";
+ $cflags="-DKRB5_MIT $cflags";
+ }
+ $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
+ if $withargs{"krb5-include"} eq "" && $withargs{"krb5-dir"} ne "";
+ }
+
+# The DSO code currently always implements all functions so that no
+# applications will have to worry about that from a compilation point
+# of view. However, the "method"s may return zero unless that platform
+# has support compiled in for them. Currently each method is enabled
+# by a define "DSO_<name>" ... we translate the "dso_scheme" config
+# string entry into using the following logic;
+my $dso_cflags;
+if (!$no_dso && $dso_scheme ne "")
+ {
+ $dso_scheme =~ tr/[a-z]/[A-Z]/;
+ if ($dso_scheme eq "DLFCN")
+ {
+ $dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
+ $openssl_other_defines .= "#define DSO_DLFCN\n";
+ $openssl_other_defines .= "#define HAVE_DLFCN_H\n";
+ }
+ elsif ($dso_scheme eq "DLFCN_NO_H")
+ {
+ $dso_cflags = "-DDSO_DLFCN";
+ $openssl_other_defines .= "#define DSO_DLFCN\n";
+ }
+ else
+ {
+ $dso_cflags = "-DDSO_$dso_scheme";
+ $openssl_other_defines .= "#define DSO_$dso_scheme\n";
+ }
+ $cflags = "$dso_cflags $cflags";
+ }
+