sshd: exclude gssapi when building without cgo

MR #682 broke building without cgo enabled as it introduced a dependency
on a Kerberos library. This can only be disabled at runtime and thus
static builds of gitlab-sshd are no longer possible.

This change introduces an alternative implementation of the GSSAPI
structure which just rejects attempts to use it.
That alternative implementation gets automatically activated in case the
user is building without cgo.

3 files changed, 38 insertions, 0 deletions

diff --git a/internal/sshd/gssapi.go b/internal/sshd/gssapi.go
index bf65a15..c67b707 100644
--- a/internal/sshd/gssapi.go
+++ b/internal/sshd/gssapi.go
@@ -1,3 +1,5 @@
+//go:build cgo
+
 package sshd
 
 import (
diff --git a/internal/sshd/gssapi_test.go b/internal/sshd/gssapi_test.go
index f4f19cf..c417a41 100644
--- a/internal/sshd/gssapi_test.go
+++ b/internal/sshd/gssapi_test.go
@@ -1,3 +1,5 @@
+//go:build cgo
+
 package sshd
 
 import (
diff --git a/internal/sshd/gssapi_unsupported.go b/internal/sshd/gssapi_unsupported.go
new file mode 100644
index 0000000..27660af
--- /dev/null
+++ b/internal/sshd/gssapi_unsupported.go
@@ -0,0 +1,34 @@
+//go:build !cgo
+
+package sshd
+
+import (
+	"errors"
+
+	"gitlab.com/gitlab-org/gitlab-shell/v14/internal/config"
+
+	"gitlab.com/gitlab-org/labkit/log"
+)
+
+func LoadGSSAPILib(c *config.GSSAPIConfig) error {
+	if c.Enabled {
+		log.New().Error("gssapi-with-mic disabled, built without CGO")
+		c.Enabled = false
+	}
+	return nil
+}
+
+type OSGSSAPIServer struct {
+	ServicePrincipalName string
+}
+
+func (*OSGSSAPIServer) AcceptSecContext([]byte) ([]byte, string, bool, error) {
+	return []byte{}, "", false, errors.New("gssapi is unsupported")
+}
+
+func (*OSGSSAPIServer) VerifyMIC([]byte, []byte) error {
+	return errors.New("gssapi is unsupported")
+}
+func (*OSGSSAPIServer) DeleteSecContext() error {
+	return errors.New("gssapi is unsupported")
+}