forked from PADL/nss_ldap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfigure.in
376 lines (336 loc) · 14 KB
/
configure.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
AC_INIT(ldap-nss.c)
AC_CANONICAL_SYSTEM
AC_PREFIX_DEFAULT()
AM_INIT_AUTOMAKE(nss_ldap, 266)
AM_CONFIG_HEADER(config.h)
AM_MAINTAINER_MODE
AC_PROG_CC
AC_PROG_CPP
AC_PROG_INSTALL
dnl
dnl --enable-rfc2307bis is now deprecated; if this option is set,
dnl then RFC2307bis support will be enabled by default. However
dnl it can now always be enabled at runtime with the nss_schema
dnl keyword. See nss_ldap(5) for more information.
dnl
AC_ARG_ENABLE(rfc2307bis, [ --enable-rfc2307bis use RFC2307bis schema by default ], [AC_DEFINE(RFC2307BIS)])
dnl
dnl --enable-schema-mapping is no longer necessary as schema
dnl mapping is enabled by default
dnl
dnl AC_ARG_ENABLE(schema-mapping, [ --enable-schema-mapping enable attribute/objectclass mapping ], [AC_DEFINE(AT_OC_MAP)])
dnl
AC_ARG_ENABLE(debugging, [ --enable-debugging enable debug code ], [AC_DEFINE(DEBUG)])
AC_ARG_ENABLE(syslog-debugging, [ --enable-syslog-debugging enable syslog debug code ], [AC_DEFINE(DEBUG_SYSLOG)])
dnl
dnl --enable-paged-results is now deprecated; if this option is set,
dnl then paged results will be enabled by default. However, it can
dnl now always be enabled at runtime (as long as the underlying LDAP
dnl library supports ldap_search_ext()) with the nss_paged_results
dnl keyword. See nss_ldap(5) for more information
dnl
AC_ARG_ENABLE(paged-results, [ --enable-paged-results use paged results control by default ], [AC_DEFINE(PAGE_RESULTS)])
dnl
dnl XXX TODO make configurable-krb5-ccname-* configurable at runtime
dnl
AC_ARG_ENABLE(configurable-krb5-ccname-env, [ --enable-configurable-krb5-ccname-env enable configurable Kerberos V credentials cache name (putenv method)], [AC_DEFINE(CONFIGURE_KRB5_CCNAME) AC_DEFINE(CONFIGURE_KRB5_CCNAME_ENV)])
AC_ARG_ENABLE(configurable-krb5-ccname-gssapi, [ --enable-configurable-krb5-ccname-gssapi enable configurable Kerberos V credentials cache name (gssapi method)], [AC_DEFINE(CONFIGURE_KRB5_CCNAME) AC_DEFINE(CONFIGURE_KRB5_CCNAME_GSSAPI)])
AC_ARG_ENABLE(configurable-krb5-keytab, [ --enable-configurable-krb5-keytab enable configurable Kerberos V keytab file name], [AC_DEFINE(CONFIGURE_KRB5_KEYTAB)])
AC_ARG_WITH(ldap-lib, [ --with-ldap-lib=type select ldap library [auto|netscape5|netscape4|netscape3|umich|openldap]])
AC_ARG_WITH(ldap-dir, [ --with-ldap-dir=DIR base directory of LDAP SDK])
AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file],
[ NSS_LDAP_PATH_CONF="$with_ldap_conf_file" ],
[ NSS_LDAP_PATH_CONF="/etc/ldap.conf" ])
AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP root secret file],
[ NSS_LDAP_PATH_ROOTPASSWD="$with_ldap_secret_file" ],
[ NSS_LDAP_PATH_ROOTPASSWD="/etc/ldap.secret" ])
AC_ARG_WITH(gssapi-dir, [ --with-gssapi-dir=DIR base directory of gssapi SDK])
AC_ARG_WITH(ngroups, [ --with-ngroups=num average group size hint, experts only], [AC_DEFINE_UNQUOTED(LDAP_NSS_NGROUPS, $with_ngroups)])
AC_DEFINE_UNQUOTED(NSS_LDAP_PATH_CONF, "$NSS_LDAP_PATH_CONF")
AC_DEFINE_UNQUOTED(NSS_LDAP_PATH_ROOTPASSWD, "$NSS_LDAP_PATH_ROOTPASSWD")
AC_SUBST(NSS_LDAP_PATH_CONF)
AC_SUBST(NSS_LDAP_PATH_ROOTPASSWD)
if test "$ac_cv_prog_gcc" = "yes"; then CFLAGS="$CFLAGS -Wall -fPIC"; fi
dnl This is needed for the native Solaris LDAP SDK and
dnl OpenLDAP 2.2, respectively
CPPFLAGS="$CPPFLAGS -DLDAP_REFERRALS -DLDAP_DEPRECATED"
case "$target_os" in
aix*) CPPFLAGS="$CPPFLAGS -D_THREAD_SAFE" ;;
*) CPPFLAGS="$CPPFLAGS -D_REENTRANT" ;;
esac
# Always use native linker on Solaris and AIX
# but only invoke directly if compiling with gcc (?)
case "$target_os" in
aix*) if test "$ac_cv_prog_gcc" = "yes"; then
nss_ldap_so_LD="/usr/bin/ld"
fi
LDFLAGS="$LDFLAGS -Wl,-brtl"
nss_ldap_so_LDFLAGS="-bM:SRE -bnoentry -bE:\$(srcdir)/exports.aix -brtl -lc"
NSS_LDAP_LDFLAGS="-bM:SRE -enss_ldap_initialize -brtl -lc"
CPPFLAGS="$CPPFLAGS -I."
need_pthread=yes
TARGET_OS=AIX ;;
solaris*) if test "$ac_cv_prog_gcc" = yes; then
nss_ldap_so_LD="/usr/ccs/bin/ld"
fi
nss_ldap_so_LDFLAGS="-Bdirect -z nodelete -Bdynamic -M \$(srcdir)/exports.solaris -G" ;;
hpux*) if test "$ac_cv_prog_gcc" = yes; then
nss_ldap_so_LD="/bin/ld"
fi
nss_ldap_so_LDFLAGS="-b -dynamic -G `cat exports.hpux`"
CPPFLAGS="$CPPFLAGS -I. -DHPUX"
TARGET_OS=HPUX ;;
linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;;
freebsd*) TARGET_OS=FreeBSD
nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic"
CPPFLAGS="$CPPFLAGS -DPIC -D_REENTRANT" ;;
*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;;
esac
AM_CONDITIONAL(GCC, test "$GCC" = "yes")
AM_CONDITIONAL(GLIBC, test "$target_os" = "linux" -o "$target_os" = "linux-gnu" -o "$target_os" = "linux-gnueabi")
AM_CONDITIONAL(AIX, test "$TARGET_OS" = AIX)
AM_CONDITIONAL(HPUX, test "$TARGET_OS" = HPUX)
AM_CONDITIONAL(FreeBSD, test "$TARGET_OS" = FreeBSD)
AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$nss_ldap_so_LD")
# unfortunately the linker flags have to be defined twice for
# AIX as we can't force using the native linker for configure
# tests, and the gcc front-end does not understand native
# linker flags.
if test -n "$with_ldap_dir"; then
CPPFLAGS="$CPPFLAGS -I$with_ldap_dir/include"
LDFLAGS="$LDFLAGS -L$with_ldap_dir/lib"
case "$target_os" in
aix*) LDFLAGS="$LDFLAGS -Wl,-blibpath:$with_ldap_dir/lib"
nss_ldap_so_LDFLAGS="$nss_ldap_so_LDFLAGS -L$with_ldap_dir/lib -blibpath:$with_ldap_dir/lib"
NSS_LDAP_LDFLAGS="$NSS_LDAP_LDFLAGS -L$with_ldap_dir/lib -blibpath:$with_ldap_dir/lib" ;;
hpux*) LDFLAGS="$LDFLAGS -Wl,+b$with_ldap_dir/lib"
nss_ldap_so_LDFLAGS="$nss_ldap_so_LDFLAGS -L$with_ldap_dir/lib +b$with_ldap_dir/lib" ;;
solaris*) LDFLAGS="$LDFLAGS -R$with_ldap_dir/lib"
nss_ldap_so_LDFLAGS="$nss_ldap_so_LDFLAGS -L$with_ldap_dir/lib -R$with_ldap_dir/lib" ;;
*) LDFLAGS="$LDFLAGS -Wl,-rpath,$with_ldap_dir/lib" ;;
esac
fi
if test -n "$with_gssapi_dir"; then
CPPFLAGS="$CPPFLAGS -I$with_gssapi_dir/include"
LDFLAGS="$LDFLAGS -L$with_gssapi_dir/lib"
fi
AC_SUBST(nss_ldap_so_LD)
AC_SUBST(nss_ldap_so_LDFLAGS)
AC_SUBST(NSS_LDAP_LDFLAGS)
AC_CHECK_HEADERS(lber.h)
AC_CHECK_HEADERS(ldap.h, , AC_MSG_ERROR(could not locate <ldap.h>))
AC_CHECK_HEADERS(ldap_ssl.h)
dnl AC_MSG_CHECKING(for ldap_ssl.h)
dnl AC_TRY_COMPILE([#include <sys/types.h>
dnl #include <ldap.h>
dnl #include <ldap_ssl.h>], ,
dnl [
dnl AC_MSG_RESULT(yes),
dnl AC_DEFINE(HAVE_LDAP_SSL_H, 1)
dnl ],
dnl AC_MSG_RESULT(no))
# For HP-UX and AIX we use private APIs, the headers for which
# are included locally.
# For FreeBSD we want to include the GNU-style nsswitch
# headers, not the BSD-style ones.
case "$target_os" in
aix*) AC_CHECK_HEADERS(irs.h usersec.h) ;;
hpux*) AC_CHECK_HEADERS(nsswitch.h) ;;
freebsd*) AC_CHECK_HEADERS(nss.h irs.h) ;;
*) AC_CHECK_HEADERS(nss.h)
AC_CHECK_HEADERS(nsswitch.h)
AC_CHECK_HEADERS(irs.h) ;;
esac
AC_CHECK_HEADERS(thread.h)
AC_CHECK_HEADERS(pthread.h)
AC_CHECK_HEADERS(synch.h)
AC_CHECK_HEADERS(malloc.h)
AC_CHECK_HEADERS(shadow.h)
AC_CHECK_HEADERS(prot.h)
AC_CHECK_HEADERS(port_before.h)
AC_CHECK_HEADERS(port_after.h)
AC_CHECK_HEADERS(aliases.h)
AC_CHECK_HEADERS(net/route.h)
AC_CHECK_HEADERS(netinet/if_ether.h)
AC_CHECK_HEADERS(netinet/ether.h)
AC_CHECK_HEADERS(arpa/nameser.h)
AC_CHECK_HEADERS(arpa/nameser_compat.h)
AC_CHECK_HEADERS(ctype.h)
dnl AC_CHECK_HEADERS(db.h)
dnl AC_CHECK_HEADERS(db1/db.h)
dnl AC_CHECK_HEADERS(db_185.h)
dnl AC_CHECK_HEADERS(db3/db_185.h)
AC_CHECK_HEADERS(alignof.h)
AC_CHECK_HEADERS(rpc/rpcent.h)
AC_CHECK_HEADERS(sys/byteorder.h)
AC_CHECK_HEADERS(sys/un.h)
AC_CHECK_HEADERS(sys/stat.h)
AC_CHECK_HEADERS(libc-lock.h)
AC_CHECK_HEADERS(bits/libc-lock.h)
AC_CHECK_HEADERS(sasl.h sasl/sasl.h)
AC_CHECK_HEADERS(strings.h)
AC_CHECK_HEADERS(gssldap.h)
AC_CHECK_HEADERS(gsssasl.h)
AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi.h)
AC_CHECK_HEADERS(krb5.h)
AC_CHECK_LIB(resolv, main)
AC_CHECK_LIB(nsl, main)
AC_CHECK_LIB(socket, main)
AC_CHECK_FUNCS(strtok_r)
AC_CHECK_FUNCS(sigaction)
AC_CHECK_FUNCS(sigset)
AC_CHECK_FUNCS(res_search)
AC_CHECK_FUNCS(dn_expand)
AC_CHECK_HEADERS(resolv.h)
if test x$ac_cv_func_res_search = xno ; then
AC_MSG_CHECKING([for res_search again])
AC_TRY_LINK([#ifdef HAVE_RESOLV_H
#include <resolv.h>
#endif
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif],
[res_search(NULL,0,0,NULL,0);],
AC_DEFINE(HAVE_RES_SEARCH,1,
[Define if you have res_search().])
ac_cv_func_res_search=yes)
AC_CHECK_FUNCS(res_search)
fi
if test x$ac_cv_func_dn_expand = xno ; then
AC_MSG_CHECKING([for dn_expand again])
AC_TRY_LINK([#ifdef HAVE_RESOLV_H
#include <resolv.h>
#endif
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif],
[dn_expand(NULL,NULL,NULL,NULL,0);],
AC_DEFINE(HAVE_DN_EXPAND,1,
[Define if you have dn_expand().])
ac_cv_func_dn_expand=yes)
AC_CHECK_FUNCS(dn_expand)
fi
AC_CHECK_FUNCS(snprintf)
AC_CHECK_FUNCS(gethostbyname)
AC_CHECK_FUNCS(nsdispatch)
AC_CHECK_LIB(pthread_nonshared, main)
AC_CHECK_FUNCS(pthread_atfork)
AC_CHECK_FUNCS(pthread_once)
AC_CHECK_FUNCS(ether_aton)
AC_CHECK_FUNCS(ether_ntoa)
AC_MSG_CHECKING(for struct ether_addr)
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/if_ether.h>],
[struct ether_addr x;],
[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_STRUCT_ETHER_ADDR, 1)
],
AC_MSG_RESULT(no))
AC_MSG_CHECKING(for socklen_t)
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[socklen_t len;],
[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_SOCKLEN_T, 1)
],
AC_MSG_RESULT(no))
AC_MSG_CHECKING(for pw_change in struct passwd)
AC_TRY_COMPILE([#include <pwd.h>],
[struct passwd pwd; time_t t = pwd.pw_change],
[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_PASSWD_PW_CHANGE, 1)
],
AC_MSG_RESULT(no))
AC_MSG_CHECKING(for pw_expire in struct passwd)
AC_TRY_COMPILE([#include <pwd.h>],
[struct passwd pwd; time_t t = pwd.pw_expire],
[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_PASSWD_PW_EXPIRE, 1)
],
AC_MSG_RESULT(no))
dnl check which ldap library we have
dnl check which ldap library we have
if test -z "$with_ldap_lib"; then
with_ldap_lib=auto
fi
AC_CHECK_SIZEOF([unsigned int])
AC_CHECK_SIZEOF([unsigned long])
AC_CHECK_SIZEOF([uid_t],,[#include <pwd.h>])
AC_CHECK_SIZEOF([gid_t],,[#include <grp.h>])
AC_CHECK_LIB(dl, dlopen,[LIBS="-ldl $LIBS"],,$LIBS)
dnl AC_CHECK_LIB(db, main,[LIBS="-ldb $LIBS"],,$LIBS)
if test "x$enable_configurable_krb5_ccname_env" = "xyes" -o \
"x$enable_configurable_krb5_ccname_gssapi" = "xyes" -o \
"x$enable_configurable_krb5_keytab" = "xyes" ; then
AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS)
if test -z "$found_gssapi_lib"; then
AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS)
fi
dnl Following checks probably not strictly necessary.
dnl AC_CHECK_LIB(crypto, main,[LIBS="-lcrypto $LIBS"],,$LIBS)
dnl AC_CHECK_LIB(ssl, main,[LIBS="-lssl $LIBS"],,$LIBS)
AC_CHECK_LIB(com_err, main,[LIBS="-lcom_err $LIBS"],,$LIBS)
dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS)
AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS)
dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS)
fi
AC_CHECK_LIB(sasl2, sasl_client_init)
if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \); then
AC_CHECK_LIB(lber, main)
AC_CHECK_LIB(ldap, main, [LIBS="-lldap $LIBS" found_ldap_lib=yes],,$LIBS)
fi
if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape5 \); then
AC_CHECK_LIB(ldap50, main, LIBS="-lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread)
fi
if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape4 \); then
AC_CHECK_LIB(ldapssl41, main, LIBS="-lldapssl41 -lplc3 -lplds3 -lnspr3 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread)
if test -z "$found_ldap_lib"; then
AC_CHECK_LIB(ldapssl40, main, LIBS="-lldapssl40 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread)
fi
if test -z "$found_ldap_lib"; then
AC_CHECK_LIB(ldap41, main, LIBS="-lldap41 $LIBS" found_ldap_lib=yes need_pthread=no,,)
fi
if test -z "$found_ldap_lib"; then
AC_CHECK_LIB(ldap40, main, LIBS="-lldap40 $LIBS" found_ldap_lib=yes need_pthread=no,,)
fi
fi
if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape3 \); then
AC_CHECK_LIB(ldapssl30, main, LIBS="-lldapssl30 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread)
fi
if test -z "$found_ldap_lib"; then
AC_MSG_ERROR(could not locate a valid LDAP library)
fi
if test "$need_pthread" = "yes"; then
AC_CHECK_LIB(pthread, main)
fi
AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS)
AC_CHECK_FUNCS(sasl_auxprop_request)
AC_CHECK_FUNCS(ldap_init ldap_get_lderrno ldap_parse_result ldap_memfree ldap_controls_free)
AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option)
AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext)
AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control)
if test "$enable_ssl" \!= "no"; then
AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls)
fi
AC_CHECK_FUNCS(gethostbyname_r)
if test "$ac_cv_func_gethostbyname_r" = "yes"; then
AC_CACHE_CHECK(whether gethostbyname_r takes 6 arguments, nss_ldap_cv_gethostbyname_r_args, [
AC_TRY_COMPILE([
#include <netdb.h>], [gethostbyname_r(0, 0, 0, 0, 0, 0);], [nss_ldap_cv_gethostbyname_r_args=6], [nss_ldap_cv_gethostbyname_r_args=5]) ])
AC_DEFINE_UNQUOTED(GETHOSTBYNAME_R_ARGS, $nss_ldap_cv_gethostbyname_r_args)
fi
AC_CHECK_FUNCS(ldap_set_rebind_proc)
AC_CACHE_CHECK(whether ldap_set_rebind_proc takes 3 arguments, nss_ldap_cv_ldap_set_rebind_proc, [
AC_TRY_COMPILE([
#include <lber.h>
#include <ldap.h>], [ldap_set_rebind_proc(0, 0, 0);], [nss_ldap_cv_ldap_set_rebind_proc=3], [nss_ldap_cv_ldap_set_rebind_proc=2]) ])
AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $nss_ldap_cv_ldap_set_rebind_proc)
AC_CHECK_FUNCS(usleep nanosleep)
AC_OUTPUT(Makefile)