diff options
| author | Russ Allbery <rra@stanford.edu> | 2008-01-04 02:13:41 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2008-01-04 02:13:41 +0000 |
| commit | 71ab261ffdb5be4c70c1e5575ee1547913ea77fa (patch) | |
| tree | a12269f87d70b58a599e7ed45143d8d5cff79721 | |
| parent | a7f692f43917e4a1f3cc2b9f6dbb87ab66ca96d1 (diff) | |
The build system now probes for GSS-API, Kerberos v5 and v4, and AFS
libraries as necessary rather than hard-coding libraries. Building
on systems without strong shared library dependencies and building
against static libraries should now work.
Building kasetkey (for AFS kaserver synchronization) is now optional
and not enabled by default. Pass --with-afs to enable it. This
allows wallet to be easily built in an environment without AFS.
| -rw-r--r-- | LICENSE | 8 | ||||
| -rw-r--r-- | Makefile.am | 28 | ||||
| -rw-r--r-- | NEWS | 11 | ||||
| -rw-r--r-- | README | 62 | ||||
| -rw-r--r-- | TODO | 6 | ||||
| -rw-r--r-- | configure.ac | 89 | ||||
| -rw-r--r-- | m4/afs.m4 | 94 | ||||
| -rw-r--r-- | m4/gssapi.m4 | 136 | ||||
| -rw-r--r-- | m4/krb4.m4 | 143 | ||||
| -rw-r--r-- | m4/krb5.m4 | 164 | ||||
| -rw-r--r-- | m4/lib-depends.m4 | 23 | ||||
| -rw-r--r-- | m4/remctl.m4 | 69 | ||||
| -rwxr-xr-x | perl/t/keytab.t | 39 |
13 files changed, 766 insertions, 106 deletions
@@ -1,7 +1,7 @@ The wallet package as a whole is: - Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University. - All rights reserved. + Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. + University. All rights reserved. and covered under the following license: @@ -27,8 +27,8 @@ files. Collected copyright notices for the entire package: - Copyright 1994, 1998, 1999, 2000, 2002, 2003, 2004, 2005, 2006, 2007 - Board of Trustees, Leland Stanford Jr. University. + Copyright 1994, 1998, 1999, 2000, 2002, 2003, 2004, 2005, 2006, 2007, + 2008 Board of Trustees, Leland Stanford Jr. University Copyright 2000, 2001, 2004 Russ Allbery <rra@stanford.edu> Copyright 2004, 2005, 2006 by Internet Systems Consortium, Inc. ("ISC") diff --git a/Makefile.am b/Makefile.am index c89b2ff..c5a8f6c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2,7 +2,7 @@ # $Id$ # # Written by Russ Allbery <rra@stanford.edu> -# Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University +# Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. University # See LICENSE for licensing terms. AUTOMAKE_OPTIONS = foreign subdir-objects @@ -31,20 +31,24 @@ util_libutil_a_SOURCES = util/concat.c util/messages.c util/util.h \ util/xmalloc.c bin_PROGRAMS = client/wallet -sbin_PROGRAMS = kasetkey/kasetkey dist_sbin_SCRIPTS = server/keytab-backend server/wallet-backend client_wallet_SOURCES = client/file.c client/internal.h client/keytab.c \ client/remctl.c client/srvtab.c client/wallet.c system.h -client_wallet_CPPFLAGS = @REMCTL_CPPFLAGS@ -client_wallet_LDFLAGS = @REMCTL_LDFLAGS@ -client_wallet_LDADD = util/libutil.a portable/libportable.a -lremctl -lkrb5 -kasetkey_kasetkey_CPPFLAGS = @AFS_CPPFLAGS@ -kasetkey_kasetkey_LDFLAGS = @AFS_LDFLAGS@ -kasetkey_kasetkey_LDADD = util/libutil.a portable/libportable.a @AFS_LIBS@ \ - -lkrb4 - -dist_man_MANS = client/wallet.1 kasetkey/kasetkey.8 server/keytab-backend.8 \ - server/wallet-backend.8 +client_wallet_CPPFLAGS = $(REMCTL_CPPFLAGS) +client_wallet_LDFLAGS = $(REMCTL_LDFLAGS) +client_wallet_LDADD = util/libutil.a portable/libportable.a $(REMCTL_LIBS) \ + $(KRB5_LIBS) + +dist_man_MANS = client/wallet.1 server/keytab-backend.8 server/wallet-backend.8 + +if AFS +sbin_PROGRAMS = kasetkey/kasetkey +kasetkey_kasetkey_CPPFLAGS = $(AFS_CPPFLAGS) $(KRB4_CPPFLAGS) +kasetkey_kasetkey_LDFLAGS = $(AFS_LDFLAGS) $(KRB4_LDFLAGS) +kasetkey_kasetkey_LDADD = util/libutil.a portable/libportable.a $(AFS_LIBS) \ + $(KRB4_LIBS) +dist_man_MANS += kasetkey/kasetkey.8 +endif $(srcdir)/client/wallet.1: $(srcdir)/client/wallet.pod pod2man --release=$(VERSION) --center="Administrative Commands" \ @@ -1,5 +1,16 @@ User-Visible wallet Changes +wallet 0.6 (unreleased) + + The build system now probes for GSS-API, Kerberos v5 and v4, and AFS + libraries as necessary rather than hard-coding libraries. Building + on systems without strong shared library dependencies and building + against static libraries should now work. + + Building kasetkey (for AFS kaserver synchronization) is now optional + and not enabled by default. Pass --with-afs to enable it. This + allows wallet to be easily built in an environment without AFS. + wallet 0.5 (2007-12-06) Allow the empty string in wallet-backend arguments. @@ -3,9 +3,9 @@ Written by Russ Allbery <rra@stanford.edu> - Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University. - This software is distributed under a BSD-style license. Please see the - file LICENSE in the distribution for more information. + Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. + University. This software is distributed under a BSD-style license. + Please see the file LICENSE in the distribution for more information. This software is beta-quality and should be treated with caution. It is currently being tested for production deployment at Stanford. @@ -71,11 +71,6 @@ REQUIREMENTS The wallet client currently requires MIT Kerberos and will need some minor portability modifications to build with Heimdal. - The kasetkey program requires AFS libraries and MIT Kerberos and its - Kerberos v4 compatibility libraries. Currently, kasetkey is built - unconditionally. It will become optional and disabled by default in a - future release. - The wallet server is written in Perl and requires Perl 5.6.0 or later. It uses the Perl DBI layer to talk to a database, and therefore the DBI module and a DBD module for the database it will use must be installed. @@ -108,7 +103,9 @@ REQUIREMENTS server. To support synchronization with an AFS kaserver, the server must have - the Authen::Krb5 Perl module installed. + the Authen::Krb5 Perl module installed. AFS kaserver synchronization + support also requires building kasetkey, which requires AFS and Kerberos + v4 libraries. To run the test suite, you must have the Perl modules Test::More, IO::String, and DBI installed. You will also need a DBD module @@ -159,10 +156,49 @@ BUILD AND INSTALLATION If remctl was installed in a path not normally searched by your compiler, you must specify its installation prefix to configure with the - --with-remctl=DIR option. If the AFS library headers are not found by - your compiler, specify their location with --with-afs-headers=DIR; - similarly, if the AFS libraries are not found by your compiler, specify - their location with --with-afs-libs=DIR. + --with-remctl=DIR option. If the GSS-API libraries used by remctl + aren't in a path normally searched by your compiler, you must generally + also specify its installation prefix with the --with-gssapi=DIR option. + + Normally, configure will use krb5-config to determine the flags to use + to compile with your Kerberos libraries. If krb5-config isn't found, it + will look for the standard Kerberos libraries in locations already + searched by your compiler. If the the krb5-config script first in your + path is not the one corresponding to the Kerberos libraries you want to + use or if your Kerberos libraries and includes aren't in a location + searched by default by your compiler, you need to specify + --with-krb5=PATH: + + ./configure --with-krb5=/usr/pubsw + + To specify a particular krb5-config script to use, either set the + KRB5_CONFIG environment variable or pass it to configure like: + + ./configure KRB5_CONFIG=/path/to/krb5-config + + To build with AFS kaserver synchronization support, pass --with-afs to + configure. You may need to include the path to the AFS include files + and libraries, such as: + + ./configure --with-afs=/usr/afsws + + The AFS kaserver support also requires Kerberos v4 libraries and tries + to use krb5-config to find such libraries. If your Kerberos v4 + libraries aren't somewhere found by your compiler and the krb5-config + script doesn't produce correct results, you need to specify + --with-krb4=PATH giving the root path of the Kerberos v4 installation. + + You can pass the --enable-reduced-depends flag to configure to try to + minimize the shared library dependencies encoded in the binaries. This + omits from the link line all the libraries included solely because the + Kerberos libraries depend on them and instead links the programs only + against libraries whose APIs are called directly. This will only work + with shared Kerberos libraries and will only work on platforms where + shared libraries properly encode their own dependencies (such as Linux). + It is intended primarily for building packages for Linux distributions + to avoid encoding unnecessary shared library dependencies that make + shared library migrations more difficult. If none of the above made any + sense to you, don't bother with this flag. Currently, building in a different directory from the source directory is not supported due to the complexity of integration with the Perl @@ -30,14 +30,8 @@ Release 1.0: * Rewrite the client test suite to use Perl and to make better use of shared code so that it can be broken into function components. -* Stop hard-coding library names in the build system for kasetkey and - wallet. - * Add a test suite for kasetkey. -* Compiling kasetkey should be optional and probably not enabled by - default. - * Log failures in the wallet-backend properly, which also requires catching all exceptions. diff --git a/configure.ac b/configure.ac index da5c302..dd4b502 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,8 @@ dnl Process this file with Autoconf to produce a configure script. dnl $Id$ dnl dnl Written by Russ Allbery <rra@stanford.edu> -dnl Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University +dnl Copyright 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University dnl dnl See LICENSE for licensing terms. @@ -14,34 +15,18 @@ AC_CONFIG_LIBOBJ_DIR([portable]) AM_INIT_AUTOMAKE([1.10]) AM_MAINTAINER_MODE -AFS_CPPFLAGS= -AC_ARG_WITH([afs-headers], - AC_HELP_STRING([--with-afs-headers=DIR], - [Prefix for AFS headers (for kasetkey)]), - [if test x"$withval" != xno ; then - AFS_CPPFLAGS="-I${withval}" - fi]) -AC_SUBST([AFS_CPPFLAGS]) -AFS_LDFLAGS= -AC_ARG_WITH([afs-libs], - AC_HELP_STRING([--with-afs-libs=DIR], - [Prefix for AFS libraries (for kasetkey)]), - [if test x"$withval" != xno ; then - AFS_LDFLAGS="-L${withval} -L${withval}/afs" - fi]) -AC_SUBST([AFS_LDFLAGS]) +AC_PROG_CC +AM_PROG_CC_C_O +AC_PROG_INSTALL +AC_PROG_RANLIB -REMCTL_CPPFLAGS= -REMCTL_LDFLAGS= -AC_ARG_WITH([remctl], - AC_HELP_STRING([--with-remctl=DIR], - [Prefix for remctl headers and libraries]), - [if test x"$withval" != xno ; then - REMCTL_CPPFLAGS="-I${withval}/include" - REMCTL_LDFLAGS="-L${withval}/lib" - fi]) -AC_SUBST([REMCTL_CPPFLAGS]) -AC_SUBST([REMCTL_LDFLAGS]) +AC_CHECK_DECLS([snprintf, vsnprintf]) +RRA_C_C99_VAMACROS +RRA_C_GNU_VAMACROS +AC_CHECK_TYPES([long long]) +RRA_FUNC_SNPRINTF +AC_CHECK_FUNCS([setrlimit]) +AC_REPLACE_FUNCS([asprintf]) AC_ARG_WITH([wallet-server], AC_HELP_STRING([--with-wallet-server=HOST], [Default wallet server]), @@ -57,6 +42,16 @@ AC_ARG_WITH([wallet-port], [Define to the default server port.]) fi]) +RRA_LIB_REMCTL +RRA_LIB_KRB5 +RRA_LIB_AFS +AS_IF([test x"$rra_afs" = xtrue], + [RRA_LIB_KRB4 + RRA_LIB_AFS_SWITCH + AC_CHECK_DECLS([ubik_Call], , , [#include <ubik.h>]) + RRA_LIB_AFS_RESTORE]) +AM_CONDITIONAL([AFS], [test x"$rra_afs" = xtrue]) + AC_ARG_VAR([REMCTLD], [Path to the remctld binary]) AC_PATH_PROG([REMCTLD], [remctld], , [$PATH:/usr/sbin:/usr/local/sbin]) if test x"$REMCTLD" != x ; then @@ -64,44 +59,6 @@ if test x"$REMCTLD" != x ; then [Define to the full path to remctld to run remctl tests.]) fi -AC_PROG_CC -AM_PROG_CC_C_O -AC_PROG_INSTALL -AC_PROG_RANLIB -AC_SEARCH_LIBS([gethostbyname], [nsl]) -AC_SEARCH_LIBS([socket], [socket], , - [AC_CHECK_LIB([nsl], [socket], - [LIBS="-lnsl -lsocket $LIBS"], , [-lsocket])]) -AC_SEARCH_LIBS([res_search], [resolv], , - [AC_SEARCH_LIBS([__res_search], [resolv])]) - -save_LDFLAGS=$LDFLAGS -LDFLAGS="$AFS_LDFLAGS $LDFLAGS" -AC_CHECK_LIB([afsauthent], [KAM_DeleteUser], - [AFS_LIBS="-lafsauthent -lafsrpc -lpthread"], - [AFS_LIBS="-lkauth.krb -lauth.krb -lubik -lrxkad -lrx -llwp -lsys" - AFS_LIBS="${AFS_LIBS} -lcom_err -lafsutil"], - [-lafsrpc -lpthread]) -LDFLAGS="$save_LDFLAGS" -AC_SUBST([AFS_LIBS]) - -AC_CHECK_HEADERS([kerberosIV/krb.h]) -AC_CHECK_DECLS([snprintf, vsnprintf]) -AC_CHECK_DECLS([ubik_Call], , , [#include <ubik.h>]) -RRA_C_C99_VAMACROS -RRA_C_GNU_VAMACROS -AC_CHECK_TYPES([long long]) -RRA_FUNC_SNPRINTF -AC_CHECK_FUNCS([setrlimit]) -AC_REPLACE_FUNCS([asprintf]) - -save_LIBS=$LIBS -LIBS=-lkrb5 -AC_CHECK_FUNCS([krb5_get_error_message \ - krb5_free_error_message \ - krb5_get_err_text]) -LIBS=$save_LIBS - dnl Needed to get prototypes for functions like asprintf on Linux. AC_DEFINE([_GNU_SOURCE], [1], [Define to 1 on Linux to get full prototypes.]) diff --git a/m4/afs.m4 b/m4/afs.m4 new file mode 100644 index 0000000..66a3f08 --- /dev/null +++ b/m4/afs.m4 @@ -0,0 +1,94 @@ +dnl afs.m4 -- Find the compiler and linker flags for OpenAFS. +dnl $Id$ +dnl +dnl If --with-afs is given, finds the compiler and linker flags for building +dnl with OpenAFS libraries; sets AFS_CPPFLAGS, AFS_LDFLAGS, and AFS_LIBS as +dnl appropriate; and defines HAVE_AFS. Provides the macro RRA_LIB_AFS, which +dnl takes no arguments. +dnl +dnl This function also sets rra_afs to true if AFS was requested, which can be +dnl checked to determine if further checks should be done. +dnl +dnl Also provides RRA_LIB_AFS_SET to set CPPFLAGS, LDFLAGS, and LIBS to +dnl include the AFS libraries; RRA_LIB_AFS_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_AFS_RESTORE to restore those settings to +dnl before the last RRA_LIB_AFS_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Based on code developed by Derrick Brashear and Ken Hornstein of Sine +dnl Nomine Associates, on behalf of Stanford University. +dnl Copyright 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the AFS settings. +AC_DEFUN([RRA_LIB_AFS_SET], +[CPPFLAGS="$AFS_CPPFLAGS $CPPFLAGS" + LDFLAGS="$AFS_LDFLAGS $LDFLAGS" + LIBS="$AFS_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the AFS flags. Used as a wrapper, with +dnl RRA_LIB_AFS_RESTORE, around tests. +AC_DEFUN([RRA_LIB_AFS_SWITCH], +[rra_afs_save_CPPFLAGS="$CPPFLAGS" + rra_afs_save_LDFLAGS="$LDFLAGS" + rra_afs_save_LIBS="$LIBS" + RRA_LIB_AFS_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_AFS_SWITCH was called). +AC_DEFUN([RRA_LIB_AFS_RESTORE], +[CPPFLAGS="$rra_afs_save_CPPFLAGS" + LDFLAGS="$rra_afs_save_LDFLAGS" + LIBS="$rra_afs_save_LIBS"]) + +dnl The function that does the work checking for the AFS libraries. +AC_DEFUN([_RRA_LIB_AFS_CHECK], +[RRA_LIB_AFS_SET + LIBS= + AC_SEARCH_LIBS([pthread_getspecific], [pthread]) + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AFS_LIBS="$AFS_LIBS $LIBS" + LIBS="$AFS_LIBS" + AC_CACHE_CHECK([whether linking with AFS libraries work], [rra_cv_lib_afs], + [AC_TRY_LINK( +[#include <afs/param.h> +#include <afs/kautils.h>], +[char cell[256] = "EXAMPLE.COM"; +char realm[256]; +int local; + +ka_CellToRealm(cell, realm, &local);], + [rra_cv_lib_afs=yes], + [rra_cv_lib_afs=no])]) + AS_IF([test "$rra_cv_lib_afs" = no], + [AC_MSG_ERROR([unable to link test AFS program])]) + RRA_LIB_AFS_RESTORE]) + +dnl The public entry point. Sets up the --with option and only does the +dnl library check if AFS linkage was requested. +AC_DEFUN([RRA_LIB_AFS], +[rra_afs=false + AFS_CPPFLAGS= + AFS_LDFLAGS= + AFS_LIBS="-lafsauthent -lafsrpc" + AC_SUBST([AFS_CPPFLAGS]) + AC_SUBST([AFS_LDFLAGS]) + AC_SUBST([AFS_LIBS]) + AC_ARG_WITH([afs], + [AC_HELP_STRING([--with-afs@<:@=DIR@:>@], + [Compile with AFS kaserver sync support])], + [AS_IF([test x"$withval" != xno], + [rra_afs=true + AS_IF([test x"$withval" != xyes], + [AFS_CPPFLAGS="-I${withval}/include" + AFS_LDFLAGS="-L${withval}/lib"]) + _RRA_LIB_AFS_CHECK + AC_DEFINE([HAVE_AFS], 1, + [Define to enable AFS kaserver support.])])])]) diff --git a/m4/gssapi.m4 b/m4/gssapi.m4 new file mode 100644 index 0000000..bf6acff --- /dev/null +++ b/m4/gssapi.m4 @@ -0,0 +1,136 @@ +dnl gssapi.m4 -- Find the compiler and linker flags for GSS-API. +dnl $Id$ +dnl +dnl Finds the compiler and linker flags for linking with GSS-API libraries +dnl and sets the substitution variables GSSAPI_CPPFLAGS, GSSAPI_LDFLAGS, and +dnl GSSAPI_LIBS. Provides the --with-gssapi configure option to specify a +dnl non-standard path to the GSS-API libraries. Uses krb5-config where +dnl available unless reduced dependencies is requested. +dnl +dnl Provides the macro RRA_LIB_GSSAPI and sets the substitution variables +dnl GSSAPI_CPPFLAGS, GSSAPI_LDFLAGS, and GSSAPI_LIBS. Also provides +dnl RRA_LIB_GSSAPI_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl GSS-API libraries; RRA_LIB_GSSAPI_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_GSSAPI_RESTORE to restore those settings +dnl to before the last RRA_LIB_GSSAPI_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the GSS-API settings. +AC_DEFUN([RRA_LIB_GSSAPI_SET], +[CPPFLAGS="$GSSAPI_CPPFLAGS $CPPFLAGS" + LDFLAGS="$GSSAPI_LDFLAGS $LDFLAGS" + LIBS="$GSSAPI_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the GSS-API flags. Used as a wrapper, with +dnl RRA_LIB_GSSAPI_RESTORE, around tests. +AC_DEFUN([RRA_LIB_GSSAPI_SWITCH], +[rra_gssapi_save_CPPFLAGS="$CPPFLAGS" + rra_gssapi_save_LDFLAGS="$LDFLAGS" + rra_gssapi_save_LIBS="$LIBS" + RRA_LIB_GSSAPI_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_GSSAPI_SWITCH was called). +AC_DEFUN([RRA_LIB_GSSAPI_RESTORE], +[CPPFLAGS="$rra_gssapi_save_CPPFLAGS" + LDFLAGS="$rra_gssapi_save_LDFLAGS" + LIBS="$rra_gssapi_save_LIBS"]) + +dnl Set GSSAPI_CPPFLAGS and GSSAPI_LDFLAGS based on rra_gssapi_root. +AC_DEFUN([_RRA_LIB_GSSAPI_PATHS], +[AS_IF([test x"$rra_gssapi_root" != x], + [AS_IF([test x"$rra_gssapi_root" != x/usr], + [GSSAPI_CPPFLAGS="-I${rra_gssapi_root}/include"]) + GSSAPI_LDFLAGS="-L${rra_gssapi_root}/lib"])]) + +dnl Does the appropriate library checks for reduced-dependency GSS-API +dnl linkage. +AC_DEFUN([_RRA_LIB_GSSAPI_REDUCED], +[RRA_LIB_GSSAPI_SWITCH + AC_CHECK_LIB([gssapi_krb5], [gss_import_name], [GSSAPI_LIBS="-lgssapi_krb5"], + [AC_CHECK_LIB([gssapi], [gss_import_name], [GSSAPI_LIBS="-lgssapi"], + [AC_MSG_ERROR([cannot find usable GSS-API library])])])]) + +dnl Does the appropriate library checks for GSS-API linkage when we don't +dnl have krb5-config or reduced dependencies. +AC_DEFUN([_RRA_LIB_GSSAPI_MANUAL], +[RRA_LIB_GSSAPI_SWITCH + rra_gssapi_extra= + LIBS= + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AC_SEARCH_LIBS([crypt], [crypt]) + rra_gssapi_extra="$LIBS" + LIBS="$rra_gssapi_save_LIBS" + AC_CHECK_LIB([gssapi], [gss_import_name], + [GSSAPI_LIBS="-lgssapi -lkrb5 -lasn1 -lroken -lcrypto -lcom_err" + GSSAPI_LIBS="$GSSAPI_LIBS $rra_gssapi_extra"], + [AC_CHECK_LIB([krb5support], [krb5int_getspecific], + [rra_gssapi_extra="-lkrb5support $rra_gssapi_extra"], + [AC_CHECK_LIB([pthreads], [pthread_setspecific], + [rra_gssapi_pthread="-lpthreads"], + [AC_CHECK_LIB([pthread], [pthread_setspecific], + [rra_gssapi_pthread="-lpthread"])]) + AC_CHECK_LIB([krb5support], [krb5int_setspecific], + [rra_gssapi_extra="-lkrb5support $rra_gssapi_extra" + rra_gssapi_extra="$rra_gssapi_extra $rra_gssapi_pthread"], + [$rra_gssapi_pthread])]) + AC_CHECK_LIB([com_err], [error_message], + [rra_gssapi_extra="-lcom_err $rra_gssapi_extra"]) + AC_CHECK_LIB([k5crypto], [krb5int_hash_md5], + [rra_gssapi_extra="-lk5crypto $rra_gssapi_extra"]) + rra_gssapi_extra="-lkrb5 $rra_gssapi_extra" + AC_CHECK_LIB([gssapi_krb5], [gss_import_name], + [GSSAPI_LIBS="-lgssapi_krb5 $rra_gssapi_extra"], + [AC_MSG_ERROR([cannot find usable GSS-API library])], + [$rra_gssapi_extra])], + [-lkrb5 -lasn1 -lroken -lcrypto -lcom_err $rra_gssapi_extra]) + RRA_LIB_GSSAPI_RESTORE]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_GSSAPI], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_gssapi_root= +GSSAPI_CPPFLAGS= +GSSAPI_LDFLAGS= +GSSAPI_LIBS= +AC_SUBST([GSSAPI_CPPFLAGS]) +AC_SUBST([GSSAPI_LDFLAGS]) +AC_SUBST([GSSAPI_LIBS]) +AC_ARG_WITH([gssapi], + [AC_HELP_STRING([--with-gssapi=DIR], + [Location of GSS-API headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_gssapi_root="$withval"])]) +AS_IF([test x"$rra_reduced_depends" = xtrue], + [_RRA_LIB_GSSAPI_PATHS + _RRA_LIB_GSSAPI_REDUCED], + [AC_ARG_VAR([KRB5_CONFIG], [Path to krb5-config]) + AS_IF([test x"$rra_gssapi_root" != x], + [AS_IF([test -x "${rra_gssapi_root}/bin/krb5-config"], + [KRB5_CONFIG="${rra_gssapi_root}/bin/krb5-config"])], + [AC_PATH_PROG([KRB5_CONFIG], [krb5-config])]) + AS_IF([test x"$KRB5_CONFIG" != x], + [AC_CACHE_CHECK([for gssapi support in krb5-config], + [rra_cv_lib_gssapi_config], + [AS_IF(["$KRB5_CONFIG" | grep gssapi > /dev/null 2>&1], + [rra_cv_lib_gssapi_config=yes], + [rra_cv_lib_gssapi_config=no])]) + AS_IF([test "$rra_cv_lib_gssapi_config" = yes], + [GSSAPI_CPPFLAGS=`"$KRB5_CONFIG" --cflags gssapi` + GSSAPI_LIBS=`"$KRB5_CONFIG" --libs gssapi`], + [GSSAPI_CPPFLAGS=`"$KRB5_CONFIG" --cflags` + GSSAPI_LIBS=`"$KRB5_CONFIG" --libs`]) + GSSAPI_CPPFLAGS=`echo "$GSSAPI_CPPFLAGS" \ + | sed 's%-I/usr/include ?%%'`], + [_RRA_LIB_GSSAPI_PATHS + _RRA_LIB_GSSAPI_MANUAL])])]) diff --git a/m4/krb4.m4 b/m4/krb4.m4 new file mode 100644 index 0000000..997a3a4 --- /dev/null +++ b/m4/krb4.m4 @@ -0,0 +1,143 @@ +dnl krb4.m4 -- Find the compiler and linker flags for Kerberos v4. +dnl $Id$ +dnl +dnl Finds the compiler and linker flags for linking with Kerberos v4 libraries +dnl and sets the substitution variables KRB4_CPPFLAGS, KRB4_LDFLAGS, and +dnl KRB4_LIBS. Provides the --with-krb4 configure option to specify a +dnl non-standard path to the Kerberos libraries. Uses krb5-config where +dnl available unless reduced dependencies is requested. +dnl +dnl Provides the macro RRA_LIB_KRB4 and sets the substitution variables +dnl KRB4_CPPFLAGS, KRB4_LDFLAGS, and KRB4_LIBS. Also provides +dnl RRA_LIB_KRB4_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl Kerberos libraries; RRA_LIB_KRB4_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_KRB4_RESTORE to restore those settings +dnl to before the last RRA_LIB_KRB4_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the Kerberos v4 +dnl settings. +AC_DEFUN([RRA_LIB_KRB4_SET], +[CPPFLAGS="$KRB4_CPPFLAGS $CPPFLAGS" + LDFLAGS="$KRB4_LDFLAGS $LDFLAGS" + LIBS="$KRB4_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the Kerberos v4 flags. Used as a wrapper, with +dnl RRA_LIB_KRB4_RESTORE, around tests. +AC_DEFUN([RRA_LIB_KRB4_SWITCH], +[rra_krb4_save_CPPFLAGS="$CPPFLAGS" + rra_krb4_save_LDFLAGS="$LDFLAGS" + rra_krb4_save_LIBS="$LIBS" + RRA_LIB_KRB4_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_KRB4_SWITCH was called). +AC_DEFUN([RRA_LIB_KRB4_RESTORE], +[CPPFLAGS="$rra_krb4_save_CPPFLAGS" + LDFLAGS="$rra_krb4_save_LDFLAGS" + LIBS="$rra_krb4_save_LIBS"]) + +dnl Set KRB4_CPPFLAGS and KRB4_LDFLAGS based on rra_krb4_root. +AC_DEFUN([_RRA_LIB_KRB4_PATHS], +[AS_IF([test x"$rra_krb4_root" != x], + [AS_IF([test x"$rra_krb4_root" != x/usr], + [KRB4_CPPFLAGS="-I${rra_krb4_root}/include"]) + KRB4_LDFLAGS="-L${rra_krb4_root}/lib"])]) + +dnl Does the appropriate library checks for reduced-dependency Kerberos v4 +dnl linkage. +AC_DEFUN([_RRA_LIB_KRB4_REDUCED], +[RRA_LIB_KRB4_SWITCH + AC_CHECK_LIB([krb4], [krb_get_svc_in_tkt], [KRB4_LIBS="-lkrb4"], + [AC_CHECK_LIB([krb], [krb_get_svc_in_tkt], [KRB4_LIBS="-lkrb"], + [AC_MSG_ERROR([cannot find usable Kerberos v4 library])])]) + RRA_LIB_KRB4_RESTORE]) + +dnl Does the appropriate library checks for Kerberos v4 linkage when we don't +dnl have krb5-config or reduced dependencies. +AC_DEFUN([_RRA_LIB_KRB4_MANUAL], +[RRA_LIB_KRB4_SWITCH + rra_krb4_extra= + LIBS= + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AC_SEARCH_LIBS([crypt], [crypt]) + rra_krb4_extra="$LIBS" + LIBS="$rra_krb4_save_LIBS" + AC_CHECK_LIB([crypto], [des_set_key], + [rra_krb4_extra="-lcrypto $rra_krb4_extra"], + [AC_CHECK_LIB([des], [des_set_key], + [rra_krb4_extra="-ldes $rra_krb4_extra"])]) + AC_CHECK_LIB([krb], [krb_get_svc_in_tkt], + [KRB4_LIBS="-lkrb $rra_krb4_extra"], + [rra_krb4_extra="-ldes425 -lkrb5 -lk5crypto -lcom_err $rra_krb4_extra" + AC_CHECK_LIB([krb5support], [krb5int_getspecific], + [rra_krb4_extra="$rra_krb4_extra -lkrb5support"], + [AC_CHECK_LIB([pthreads], [pthread_setspecific], + [rra_krb4_pthread="-lpthreads"], + [AC_CHECK_LIB([pthread], [pthread_setspecific], + [rra_krb4_pthread="-lpthread"])]) + AC_CHECK_LIB([krb5support], [krb5int_setspecific], + [rra_krb4_extra="-lkrb5support $rra_krb4_pthread"], + [$rra_krb4_pthread])]) + AC_CHECK_LIB([krb4], [krb_get_svc_in_tkt], + [KRB4_LIBS="-lkrb4 $rra_krb4_extra"], + [AC_MSG_ERROR([cannot find usable Kerberos v4 library])], + [$rra_krb4_extra])], + [$rra_krb4_extra]) + RRA_LIB_KRB4_RESTORE]) + +dnl Additional checks for portability that apply to either way that we find +dnl the right libraries. +AC_DEFUN([_RRA_LIB_KRB4_EXTRA], +[RRA_LIB_KRB4_SWITCH + AC_CHECK_HEADERS([kerberosIV/krb.h]) + RRA_LIB_KRB4_RESTORE]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_KRB4], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_krb4_root= +KRB4_CPPFLAGS= +KRB4_LDFLAGS= +KRB4_LIBS= +AC_SUBST([KRB4_CPPFLAGS]) +AC_SUBST([KRB4_LDFLAGS]) +AC_SUBST([KRB4_LIBS]) +AC_ARG_WITH([krb4], + [AC_HELP_STRING([--with-krb4=DIR], + [Location of Kerberos v4 headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_krb4_root="$withval"])]) +AS_IF([test x"$rra_reduced_depends" = xtrue], + [_RRA_LIB_KRB4_PATHS + _RRA_LIB_KRB4_REDUCED], + [AC_ARG_VAR([KRB5_CONFIG], [Path to krb5-config]) + AS_IF([test x"$rra_krb4_root" != x], + [AS_IF([test -x "${rra_krb4_root}/bin/krb5-config"], + [KRB5_CONFIG="${rra_krb4_root}/bin/krb5-config"])], + [AC_PATH_PROG([KRB5_CONFIG], [krb5-config])]) + AS_IF([test x"$KRB5_CONFIG" != x], + [AC_CACHE_CHECK([for krb4 support in krb5-config], + [rra_cv_lib_krb4_config], + [AS_IF(["$KRB5_CONFIG" | grep krb4 > /dev/null 2>&1], + [rra_cv_lib_krb4_config=yes], + [rra_cv_lib_krb4_config=no])]) + AS_IF([test "$rra_cv_lib_krb4_config" = yes], + [KRB4_CPPFLAGS=`"$KRB5_CONFIG" --cflags krb4` + KRB4_LIBS=`"$KRB5_CONFIG" --libs krb4`], + [_RRA_LIB_KRB4_PATHS + _RRA_LIB_KRB4_MANUAL]) + KRB4_CPPFLAGS=`echo "$KRB5_CPPFLAGS" | sed 's%-I/usr/include ?%%'`], + [_RRA_LIB_KRB4_PATHS + _RRA_LIB_KRB4_MANUAL])]) + _RRA_LIB_KRB4_EXTRA]) diff --git a/m4/krb5.m4 b/m4/krb5.m4 new file mode 100644 index 0000000..2474b47 --- /dev/null +++ b/m4/krb5.m4 @@ -0,0 +1,164 @@ +dnl krb5.m4 -- Find the compiler and linker flags for Kerberos v5. +dnl $Id$ +dnl +dnl Finds the compiler and linker flags for linking with Kerberos v5 libraries +dnl and sets the substitution variables KRB5_CPPFLAGS, KRB5_LDFLAGS, and +dnl KRB5_LIBS. Provides the --with-krb5 configure option to specify a +dnl non-standard path to the Kerberos libraries. Uses krb5-config where +dnl available unless reduced dependencies is requested. +dnl +dnl Provides the macro RRA_LIB_KRB5 and sets the substitution variables +dnl KRB5_CPPFLAGS, KRB5_LDFLAGS, and KRB5_LIBS. Also provides +dnl RRA_LIB_KRB5_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl Kerberos libraries; RRA_LIB_KRB5_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_KRB5_RESTORE to restore those settings +dnl to before the last RRA_LIB_KRB5_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the Kerberos v5 +dnl settings. +AC_DEFUN([RRA_LIB_KRB5_SET], +[CPPFLAGS="$KRB5_CPPFLAGS $CPPFLAGS" + LDFLAGS="$KRB5_LDFLAGS $LDFLAGS" + LIBS="$KRB5_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the Kerberos v5 flags. Used as a wrapper, with +dnl RRA_LIB_KRB5_RESTORE, around tests. +AC_DEFUN([RRA_LIB_KRB5_SWITCH], +[rra_krb5_save_CPPFLAGS="$CPPFLAGS" + rra_krb5_save_LDFLAGS="$LDFLAGS" + rra_krb5_save_LIBS="$LIBS" + RRA_LIB_KRB5_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_KRB5_SWITCH was called). +AC_DEFUN([RRA_LIB_KRB5_RESTORE], +[CPPFLAGS="$rra_krb5_save_CPPFLAGS" + LDFLAGS="$rra_krb5_save_LDFLAGS" + LIBS="$rra_krb5_save_LIBS"]) + +dnl Set KRB5_CPPFLAGS and KRB5_LDFLAGS based on rra_krb5_root. +AC_DEFUN([_RRA_LIB_KRB5_PATHS], +[AS_IF([test x"$rra_krb5_root" != x], + [AS_IF([test x"$rra_krb5_root" != x/usr], + [KRB5_CPPFLAGS="-I${rra_krb5_root}/include"]) + KRB5_LDFLAGS="-L${rra_krb5_root}/lib"])]) + +dnl Does the appropriate library checks for reduced-dependency Kerberos v5 +dnl linkage. +AC_DEFUN([_RRA_LIB_KRB5_REDUCED], +[RRA_LIB_KRB5_SWITCH + AC_CHECK_LIB([krb5], [krb5_init_context], [KRB5_LIBS="-lkrb5"], + [AC_MSG_ERROR([cannot find usable Kerberos v5 library])]) + LIBS="$KRB5_LIBS $LIBS" + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_err_txt], , + [AC_CHECK_LIB([ksvc], [krb5_svc_get_msg], + [KRB5_LIBS="$KRB5_LIBS -lksvc" + AC_DEFINE([HAVE_KRB5_SVC_GET_MSG], [1]) + AC_CHECK_HEADERS([ibm_svc/krb5_svc.h])], + [AC_CHECK_LIB([com_err], [com_err], + [KRB5_LIBS="$KRB5_LIBS -lcom_err"], + [AC_MSG_ERROR([cannot find usable com_err library])]) + AC_CHECK_HEADERS([et/com_err.h])])])]) + RRA_LIB_KRB5_RESTORE]) + +dnl Does the appropriate library checks for Kerberos v5 linkage when we don't +dnl have krb5-config or reduced dependencies. +AC_DEFUN([_RRA_LIB_KRB5_MANUAL], +[RRA_LIB_KRB5_SWITCH + rra_krb5_extra= + LIBS= + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AC_SEARCH_LIBS([crypt], [crypt]) + rra_krb5_extra="$LIBS" + LIBS="$rra_krb5_save_LIBS" + AC_CHECK_LIB([krb5], [krb5_init_context], + [KRB5_LIBS="-lkrb5 -lasn1 -lroken -lcrypto -lcom_err $rra_krb5_extra"], + [AC_CHECK_LIB([krb5support], [krb5int_getspecific], + [rra_krb5_extra="-lkrb5support $rra_krb5_extra"], + [AC_CHECK_LIB([pthreads], [pthread_setspecific], + [rra_krb5_pthread="-lpthreads"], + [AC_CHECK_LIB([pthread], [pthread_setspecific], + [rra_krb5_pthread="-lpthread"])]) + AC_CHECK_LIB([krb5support], [krb5int_setspecific], + [rra_krb5_extra="-lkrb5support $rra_krb5_extra $rra_krb5_pthread"], + [$rra_krb5_pthread])]) + AC_CHECK_LIB([com_err], [error_message], + [rra_krb5_extra="-lcom_err $rra_krb5_extra"]) + AC_CHECK_LIB([ksvc], [krb5_svc_get_msg], + [rra_krb5_extra="-lksvc $rra_krb5_extra"]) + AC_CHECK_LIB([k5crypto], [krb5int_hash_md5], + [rra_krb5_extra="-lk5crypto $rra_krb5_extra"]) + AC_CHECK_LIB([k5profile], [profile_get_values], + [rra_krb5_extra="-lk5profile $rra_krb5_extra"]) + AC_CHECK_LIB([krb5], [krb5_cc_default], + [KRB5_LIBS="-lkrb5 $rra_krb5_extra"], + [AC_MSG_ERROR([cannot find usable Kerberos v5 library])], + [$rra_krb5_extra])], + [-lasn1 -lroken -lcrypto -lcom_err $rra_krb5_extra]) + LIBS="$KRB5_LIBS $LIBS" + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_err_txt], , + [AC_CHECK_FUNCS([krb5_svc_get_msg], + [AC_CHECK_HEADERS([ibm_svc/krb5_svc.h])], + [AC_CHECK_HEADERS([et/com_err.h])])])]) + RRA_LIB_KRB5_RESTORE]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_KRB5], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_krb5_root= +KRB5_CPPFLAGS= +KRB5_LDFLAGS= +KRB5_LIBS= +AC_SUBST([KRB5_CPPFLAGS]) +AC_SUBST([KRB5_LDFLAGS]) +AC_SUBST([KRB5_LIBS]) +AC_ARG_WITH([krb5], + [AC_HELP_STRING([--with-krb5=DIR], + [Location of Kerberos v5 headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_krb5_root="$withval"])]) +AS_IF([test x"$rra_reduced_depends" = xtrue], + [_RRA_LIB_KRB5_PATHS + _RRA_LIB_KRB5_REDUCED], + [AC_ARG_VAR([KRB5_CONFIG], [Path to krb5-config]) + AS_IF([test x"$rra_krb5_root" != x], + [AS_IF([test -x "${rra_krb5_root}/bin/krb5-config"], + [KRB5_CONFIG="${rra_krb5_root}/bin/krb5-config"])], + [AC_PATH_PROG([KRB5_CONFIG], [krb5-config])]) + AS_IF([test x"$KRB5_CONFIG" != x], + [AC_CACHE_CHECK([for krb5 support in krb5-config], + [rra_cv_lib_krb5_config], + [AS_IF(["$KRB5_CONFIG" | grep krb5 > /dev/null 2>&1], + [rra_cv_lib_krb5_config=yes], + [rra_cv_lib_krb5_config=no])]) + AS_IF([test "$rra_cv_lib_krb5_config" = yes], + [KRB5_CPPFLAGS=`"$KRB5_CONFIG" --cflags krb5` + KRB5_LIBS=`"$KRB5_CONFIG" --libs krb5`], + [KRB5_CPPFLAGS=`"$KRB5_CONFIG" --cflags` + KRB5_LIBS=`"$KRB5_CONFIG" --libs`]) + KRB5_CPPFLAGS=`echo "$KRB5_CPPFLAGS" | sed 's%-I/usr/include ?%%'` + RRA_LIB_KRB5_SWITCH + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_err_txt], , + [AC_CHECK_FUNCS([krb5_svc_get_msg], + [AC_CHECK_HEADERS([ibm_svc/krb5_svc.h])], + [AC_CHECK_HEADERS([et/com_err.h])])])]) + RRA_LIB_KRB5_RESTORE], + [_RRA_LIB_KRB5_PATHS + _RRA_LIB_KRB5_MANUAL])])]) diff --git a/m4/lib-depends.m4 b/m4/lib-depends.m4 new file mode 100644 index 0000000..54a8f43 --- /dev/null +++ b/m4/lib-depends.m4 @@ -0,0 +1,23 @@ +dnl lib-depends.m4 -- Provides option to change library probes. +dnl $Id$ +dnl +dnl This file provides RRA_ENABLE_REDUCED_DEPENDS, which adds the configure +dnl option --enable-reduced-depends to request that library probes assume +dnl shared libraries are in use and dependencies of libraries should not be +dnl probed. If this option is given, the shell variable rra_reduced_depends +dnl is set to true; otherwise, it is set to false. +dnl +dnl This macro doesn't do much but is defined separately so that other macros +dnl can require it with AC_REQUIRE. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +AC_DEFUN([RRA_ENABLE_REDUCED_DEPENDS], +[rra_reduced_depends=false +AC_ARG_ENABLE([reduced-depends], + [AC_HELP_STRING([--enable-reduced-depends], + [Try to minimize shared library dependencies])], + [AS_IF([test x"$enableval" = xyes], [rra_reduced_depends=true])])]) diff --git a/m4/remctl.m4 b/m4/remctl.m4 new file mode 100644 index 0000000..2941f19 --- /dev/null +++ b/m4/remctl.m4 @@ -0,0 +1,69 @@ +dnl remctl.m4 -- Find the compiler and linker flags for remctl. +dnl $Id$ +dnl +dnl This file provides RRA_LIB_REMCTL, which finds the compiler and linker +dnl flags for linking with remctl libraries and sets the substitution +dnl variables REMCTL_CPPFLAGS, REMCTL_LDFLAGS, and REMCTL_LIBS. Also provides +dnl RRA_LIB_REMCTL_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl remctl libraries; RRA_LIB_REMCTL_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_REMCTL_RESTORE to restore those settings +dnl to before the last RRA_LIB_REMCTL_SWITCH. +dnl +dnl This macro depends on RRA_ENABLE_REDUCED_DEPENDS and RRA_LIB_GSSAPI. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2008 Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the Kerberos v5 +dnl settings. +AC_DEFUN([RRA_LIB_REMCTL_SET], +[CPPFLAGS="$REMCTL_CPPFLAGS $CPPFLAGS" + LDFLAGS="$REMCTL_LDFLAGS $LDFLAGS" + LIBS="$REMCTL_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the Kerberos v5 flags. Used as a wrapper, with +dnl RRA_LIB_REMCTL_RESTORE, around tests. +AC_DEFUN([RRA_LIB_REMCTL_SWITCH], +[rra_remctl_save_CPPFLAGS="$CPPFLAGS" + rra_remctl_save_LDFLAGS="$LDFLAGS" + rra_remctl_save_LIBS="$LIBS" + RRA_LIB_REMCTL_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_REMCTL_SWITCH was called). +AC_DEFUN([RRA_LIB_REMCTL_RESTORE], +[CPPFLAGS="$rra_remctl_save_CPPFLAGS" + LDFLAGS="$rra_remctl_save_LDFLAGS" + LIBS="$rra_remctl_save_LIBS"]) + +dnl Set REMCTL_CPPFLAGS and REMCTL_LDFLAGS based on rra_remctl_root. +AC_DEFUN([_RRA_LIB_REMCTL_PATHS], +[AS_IF([test x"$rra_remctl_root" != x], + [AS_IF([test x"$rra_remctl_root" != x/usr], + [REMCTL_CPPFLAGS="-I${rra_remctl_root}/include"]) + REMCTL_LDFLAGS="-L${rra_remctl_root}/lib"])]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_REMCTL], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_remctl_root= +REMCTL_CPPFLAGS= +REMCTL_LDFLAGS= +REMCTL_LIBS= +AC_SUBST([REMCTL_CPPFLAGS]) +AC_SUBST([REMCTL_LDFLAGS]) +AC_SUBST([REMCTL_LIBS]) +AC_ARG_WITH([remctl], + [AC_HELP_STRING([--with-remctl=DIR], + [Location of remctl headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_remctl_root="$withval"])]) +_RRA_LIB_REMCTL_PATHS +AS_IF([test x"$rra_reduced_depends" = xtrue], + [REMCTL_LIBS="-lremctl"], + [RRA_LIB_GSSAPI + REMCTL_CPPFLAGS="$REMCTL_CPPFLAGS $GSSAPI_CPPFLAGS" + REMCTL_LDFLAGS="$REMCTL_LDFLAGS $GSSAPI_LDFLAGS" + REMCTL_LIBS="-lremctl $GSSAPI_LIBS"])]) diff --git a/perl/t/keytab.t b/perl/t/keytab.t index 0dd6bc3..bb6b048 100755 --- a/perl/t/keytab.t +++ b/perl/t/keytab.t @@ -4,12 +4,12 @@ # t/keytab.t -- Tests for the keytab object implementation. # # Written by Russ Allbery <rra@stanford.edu> -# Copyright 2007 Board of Trustees, Leland Stanford Jr. University +# Copyright 2007, 2008 Board of Trustees, Leland Stanford Jr. University # # See LICENSE for licensing terms. use POSIX qw(strftime); -use Test::More tests => 217; +use Test::More tests => 223; use Wallet::Config; use Wallet::Object::Keytab; @@ -478,7 +478,7 @@ EOO # Tests for kaserver synchronization support. SKIP: { - skip 'no keytab configuration', 100 unless -f 't/data/test.keytab'; + skip 'no keytab configuration', 106 unless -f 't/data/test.keytab'; # Test the principal mapping. We can do this without having a kaserver # configuration. We only need a basic keytab object configuration. Do @@ -569,9 +569,22 @@ $date add kaserver to attribute sync by $user from $host EOO is ($one->history, $history, ' and history is correct for attributes'); + is ($one->destroy (@trace), undef, 'Destroying wallet/one fails'); + is ($one->error, 'kaserver synchronization not configured', + ' because kaserver support is not configured'); + is ($one->attr ('sync', [], @trace), 1, + ' but removing the kaserver sync attribute works'); + is ($one->destroy (@trace),1, ' and then destroying wallet/one works'); + $history .= <<"EOO"; +$date remove kaserver from attribute sync + by $user from $host +$date destroy + by $user from $host +EOO # Set up our configuration. - skip 'no AFS kaserver configuration', 32 unless -f 't/data/test.srvtab'; + skip 'no AFS kaserver configuration', 34 unless -f 't/data/test.srvtab'; + skip 'no kaserver support', 34 unless -x '../kasetkey/kasetkey'; $Wallet::Config::KEYTAB_FILE = 't/data/test.keytab'; $Wallet::Config::KEYTAB_PRINCIPAL = contents ('t/data/test.principal'); $Wallet::Config::KEYTAB_REALM = contents ('t/data/test.realm'); @@ -580,6 +593,14 @@ EOO my $realm = $Wallet::Config::KEYTAB_REALM; my $k5 = "wallet/one\@$realm"; + # Recreate and reconfigure the object. + $one = eval { + Wallet::Object::Keytab->create ('keytab', 'wallet/one', $dbh, @trace) + }; + ok (defined ($one), 'Creating wallet/one succeeds'); + is ($one->attr ('sync', [ 'kaserver' ], @trace), 1, + ' and setting the kaserver sync attribute works'); + # Finally, we can test. is ($one->get (@trace), undef, 'Get without configuration fails'); is ($one->error, 'kaserver synchronization not configured', @@ -661,6 +682,10 @@ EOO # Check that history is still correct. $history .= <<"EOO"; +$date create + by $user from $host +$date add kaserver to attribute sync + by $user from $host $date get by $user from $host $date remove kaserver from attribute sync @@ -704,7 +729,11 @@ SKIP: { my $one = eval { Wallet::Object::Keytab->create ('keytab', 'wallet/one', $dbh, @trace) }; - ok (defined ($one), 'Creating wallet/one succeeds'); + if (defined ($one)) { + ok (1, 'Creating wallet/one succeeds'); + } else { + is ($@, '', 'Creating wallet/one succeeds'); + } my $keytab = $one->get (@trace); ok (defined ($keytab), ' and retrieving the keytab works'); my @enctypes = grep { $_ ne 'UNKNOWN' } enctypes ($keytab); |