diff options
| -rw-r--r-- | LICENSE | 8 | ||||
| -rw-r--r-- | Makefile.am | 28 | ||||
| -rw-r--r-- | NEWS | 11 | ||||
| -rw-r--r-- | README | 62 | ||||
| -rw-r--r-- | TODO | 6 | ||||
| -rw-r--r-- | configure.ac | 89 | ||||
| -rw-r--r-- | m4/afs.m4 | 94 | ||||
| -rw-r--r-- | m4/gssapi.m4 | 136 | ||||
| -rw-r--r-- | m4/krb4.m4 | 143 | ||||
| -rw-r--r-- | m4/krb5.m4 | 164 | ||||
| -rw-r--r-- | m4/lib-depends.m4 | 23 | ||||
| -rw-r--r-- | m4/remctl.m4 | 69 | ||||
| -rwxr-xr-x | perl/t/keytab.t | 39 |
13 files changed, 766 insertions, 106 deletions
@@ -1,7 +1,7 @@ The wallet package as a whole is: - Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University. - All rights reserved. + Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. + University. All rights reserved. and covered under the following license: @@ -27,8 +27,8 @@ files. Collected copyright notices for the entire package: - Copyright 1994, 1998, 1999, 2000, 2002, 2003, 2004, 2005, 2006, 2007 - Board of Trustees, Leland Stanford Jr. University. + Copyright 1994, 1998, 1999, 2000, 2002, 2003, 2004, 2005, 2006, 2007, + 2008 Board of Trustees, Leland Stanford Jr. University Copyright 2000, 2001, 2004 Russ Allbery <rra@stanford.edu> Copyright 2004, 2005, 2006 by Internet Systems Consortium, Inc. ("ISC") diff --git a/Makefile.am b/Makefile.am index c89b2ff..c5a8f6c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2,7 +2,7 @@ # $Id$ # # Written by Russ Allbery <rra@stanford.edu> -# Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University +# Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. University # See LICENSE for licensing terms. AUTOMAKE_OPTIONS = foreign subdir-objects @@ -31,20 +31,24 @@ util_libutil_a_SOURCES = util/concat.c util/messages.c util/util.h \ util/xmalloc.c bin_PROGRAMS = client/wallet -sbin_PROGRAMS = kasetkey/kasetkey dist_sbin_SCRIPTS = server/keytab-backend server/wallet-backend client_wallet_SOURCES = client/file.c client/internal.h client/keytab.c \ client/remctl.c client/srvtab.c client/wallet.c system.h -client_wallet_CPPFLAGS = @REMCTL_CPPFLAGS@ -client_wallet_LDFLAGS = @REMCTL_LDFLAGS@ -client_wallet_LDADD = util/libutil.a portable/libportable.a -lremctl -lkrb5 -kasetkey_kasetkey_CPPFLAGS = @AFS_CPPFLAGS@ -kasetkey_kasetkey_LDFLAGS = @AFS_LDFLAGS@ -kasetkey_kasetkey_LDADD = util/libutil.a portable/libportable.a @AFS_LIBS@ \ - -lkrb4 - -dist_man_MANS = client/wallet.1 kasetkey/kasetkey.8 server/keytab-backend.8 \ - server/wallet-backend.8 +client_wallet_CPPFLAGS = $(REMCTL_CPPFLAGS) +client_wallet_LDFLAGS = $(REMCTL_LDFLAGS) +client_wallet_LDADD = util/libutil.a portable/libportable.a $(REMCTL_LIBS) \ + $(KRB5_LIBS) + +dist_man_MANS = client/wallet.1 server/keytab-backend.8 server/wallet-backend.8 + +if AFS +sbin_PROGRAMS = kasetkey/kasetkey +kasetkey_kasetkey_CPPFLAGS = $(AFS_CPPFLAGS) $(KRB4_CPPFLAGS) +kasetkey_kasetkey_LDFLAGS = $(AFS_LDFLAGS) $(KRB4_LDFLAGS) +kasetkey_kasetkey_LDADD = util/libutil.a portable/libportable.a $(AFS_LIBS) \ + $(KRB4_LIBS) +dist_man_MANS += kasetkey/kasetkey.8 +endif $(srcdir)/client/wallet.1: $(srcdir)/client/wallet.pod pod2man --release=$(VERSION) --center="Administrative Commands" \ @@ -1,5 +1,16 @@ User-Visible wallet Changes +wallet 0.6 (unreleased) + + The build system now probes for GSS-API, Kerberos v5 and v4, and AFS + libraries as necessary rather than hard-coding libraries. Building + on systems without strong shared library dependencies and building + against static libraries should now work. + + Building kasetkey (for AFS kaserver synchronization) is now optional + and not enabled by default. Pass --with-afs to enable it. This + allows wallet to be easily built in an environment without AFS. + wallet 0.5 (2007-12-06) Allow the empty string in wallet-backend arguments. @@ -3,9 +3,9 @@ Written by Russ Allbery <rra@stanford.edu> - Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University. - This software is distributed under a BSD-style license. Please see the - file LICENSE in the distribution for more information. + Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. + University. This software is distributed under a BSD-style license. + Please see the file LICENSE in the distribution for more information. This software is beta-quality and should be treated with caution. It is currently being tested for production deployment at Stanford. @@ -71,11 +71,6 @@ REQUIREMENTS The wallet client currently requires MIT Kerberos and will need some minor portability modifications to build with Heimdal. - The kasetkey program requires AFS libraries and MIT Kerberos and its - Kerberos v4 compatibility libraries. Currently, kasetkey is built - unconditionally. It will become optional and disabled by default in a - future release. - The wallet server is written in Perl and requires Perl 5.6.0 or later. It uses the Perl DBI layer to talk to a database, and therefore the DBI module and a DBD module for the database it will use must be installed. @@ -108,7 +103,9 @@ REQUIREMENTS server. To support synchronization with an AFS kaserver, the server must have - the Authen::Krb5 Perl module installed. + the Authen::Krb5 Perl module installed. AFS kaserver synchronization + support also requires building kasetkey, which requires AFS and Kerberos + v4 libraries. To run the test suite, you must have the Perl modules Test::More, IO::String, and DBI installed. You will also need a DBD module @@ -159,10 +156,49 @@ BUILD AND INSTALLATION If remctl was installed in a path not normally searched by your compiler, you must specify its installation prefix to configure with the - --with-remctl=DIR option. If the AFS library headers are not found by - your compiler, specify their location with --with-afs-headers=DIR; - similarly, if the AFS libraries are not found by your compiler, specify - their location with --with-afs-libs=DIR. + --with-remctl=DIR option. If the GSS-API libraries used by remctl + aren't in a path normally searched by your compiler, you must generally + also specify its installation prefix with the --with-gssapi=DIR option. + + Normally, configure will use krb5-config to determine the flags to use + to compile with your Kerberos libraries. If krb5-config isn't found, it + will look for the standard Kerberos libraries in locations already + searched by your compiler. If the the krb5-config script first in your + path is not the one corresponding to the Kerberos libraries you want to + use or if your Kerberos libraries and includes aren't in a location + searched by default by your compiler, you need to specify + --with-krb5=PATH: + + ./configure --with-krb5=/usr/pubsw + + To specify a particular krb5-config script to use, either set the + KRB5_CONFIG environment variable or pass it to configure like: + + ./configure KRB5_CONFIG=/path/to/krb5-config + + To build with AFS kaserver synchronization support, pass --with-afs to + configure. You may need to include the path to the AFS include files + and libraries, such as: + + ./configure --with-afs=/usr/afsws + + The AFS kaserver support also requires Kerberos v4 libraries and tries + to use krb5-config to find such libraries. If your Kerberos v4 + libraries aren't somewhere found by your compiler and the krb5-config + script doesn't produce correct results, you need to specify + --with-krb4=PATH giving the root path of the Kerberos v4 installation. + + You can pass the --enable-reduced-depends flag to configure to try to + minimize the shared library dependencies encoded in the binaries. This + omits from the link line all the libraries included solely because the + Kerberos libraries depend on them and instead links the programs only + against libraries whose APIs are called directly. This will only work + with shared Kerberos libraries and will only work on platforms where + shared libraries properly encode their own dependencies (such as Linux). + It is intended primarily for building packages for Linux distributions + to avoid encoding unnecessary shared library dependencies that make + shared library migrations more difficult. If none of the above made any + sense to you, don't bother with this flag. Currently, building in a different directory from the source directory is not supported due to the complexity of integration with the Perl @@ -30,14 +30,8 @@ Release 1.0: * Rewrite the client test suite to use Perl and to make better use of shared code so that it can be broken into function components. -* Stop hard-coding library names in the build system for kasetkey and - wallet. - * Add a test suite for kasetkey. -* Compiling kasetkey should be optional and probably not enabled by - default. - * Log failures in the wallet-backend properly, which also requires catching all exceptions. diff --git a/configure.ac b/configure.ac index da5c302..dd4b502 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,8 @@ dnl Process this file with Autoconf to produce a configure script. dnl $Id$ dnl dnl Written by Russ Allbery <rra@stanford.edu> -dnl Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University +dnl Copyright 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University dnl dnl See LICENSE for licensing terms. @@ -14,34 +15,18 @@ AC_CONFIG_LIBOBJ_DIR([portable]) AM_INIT_AUTOMAKE([1.10]) AM_MAINTAINER_MODE -AFS_CPPFLAGS= -AC_ARG_WITH([afs-headers], - AC_HELP_STRING([--with-afs-headers=DIR], - [Prefix for AFS headers (for kasetkey)]), - [if test x"$withval" != xno ; then - AFS_CPPFLAGS="-I${withval}" - fi]) -AC_SUBST([AFS_CPPFLAGS]) -AFS_LDFLAGS= -AC_ARG_WITH([afs-libs], - AC_HELP_STRING([--with-afs-libs=DIR], - [Prefix for AFS libraries (for kasetkey)]), - [if test x"$withval" != xno ; then - AFS_LDFLAGS="-L${withval} -L${withval}/afs" - fi]) -AC_SUBST([AFS_LDFLAGS]) +AC_PROG_CC +AM_PROG_CC_C_O +AC_PROG_INSTALL +AC_PROG_RANLIB -REMCTL_CPPFLAGS= -REMCTL_LDFLAGS= -AC_ARG_WITH([remctl], - AC_HELP_STRING([--with-remctl=DIR], - [Prefix for remctl headers and libraries]), - [if test x"$withval" != xno ; then - REMCTL_CPPFLAGS="-I${withval}/include" - REMCTL_LDFLAGS="-L${withval}/lib" - fi]) -AC_SUBST([REMCTL_CPPFLAGS]) -AC_SUBST([REMCTL_LDFLAGS]) +AC_CHECK_DECLS([snprintf, vsnprintf]) +RRA_C_C99_VAMACROS +RRA_C_GNU_VAMACROS +AC_CHECK_TYPES([long long]) +RRA_FUNC_SNPRINTF +AC_CHECK_FUNCS([setrlimit]) +AC_REPLACE_FUNCS([asprintf]) AC_ARG_WITH([wallet-server], AC_HELP_STRING([--with-wallet-server=HOST], [Default wallet server]), @@ -57,6 +42,16 @@ AC_ARG_WITH([wallet-port], [Define to the default server port.]) fi]) +RRA_LIB_REMCTL +RRA_LIB_KRB5 +RRA_LIB_AFS +AS_IF([test x"$rra_afs" = xtrue], + [RRA_LIB_KRB4 + RRA_LIB_AFS_SWITCH + AC_CHECK_DECLS([ubik_Call], , , [#include <ubik.h>]) + RRA_LIB_AFS_RESTORE]) +AM_CONDITIONAL([AFS], [test x"$rra_afs" = xtrue]) + AC_ARG_VAR([REMCTLD], [Path to the remctld binary]) AC_PATH_PROG([REMCTLD], [remctld], , [$PATH:/usr/sbin:/usr/local/sbin]) if test x"$REMCTLD" != x ; then @@ -64,44 +59,6 @@ if test x"$REMCTLD" != x ; then [Define to the full path to remctld to run remctl tests.]) fi -AC_PROG_CC -AM_PROG_CC_C_O -AC_PROG_INSTALL -AC_PROG_RANLIB -AC_SEARCH_LIBS([gethostbyname], [nsl]) -AC_SEARCH_LIBS([socket], [socket], , - [AC_CHECK_LIB([nsl], [socket], - [LIBS="-lnsl -lsocket $LIBS"], , [-lsocket])]) -AC_SEARCH_LIBS([res_search], [resolv], , - [AC_SEARCH_LIBS([__res_search], [resolv])]) - -save_LDFLAGS=$LDFLAGS -LDFLAGS="$AFS_LDFLAGS $LDFLAGS" -AC_CHECK_LIB([afsauthent], [KAM_DeleteUser], - [AFS_LIBS="-lafsauthent -lafsrpc -lpthread"], - [AFS_LIBS="-lkauth.krb -lauth.krb -lubik -lrxkad -lrx -llwp -lsys" - AFS_LIBS="${AFS_LIBS} -lcom_err -lafsutil"], - [-lafsrpc -lpthread]) -LDFLAGS="$save_LDFLAGS" -AC_SUBST([AFS_LIBS]) - -AC_CHECK_HEADERS([kerberosIV/krb.h]) -AC_CHECK_DECLS([snprintf, vsnprintf]) -AC_CHECK_DECLS([ubik_Call], , , [#include <ubik.h>]) -RRA_C_C99_VAMACROS -RRA_C_GNU_VAMACROS -AC_CHECK_TYPES([long long]) -RRA_FUNC_SNPRINTF -AC_CHECK_FUNCS([setrlimit]) -AC_REPLACE_FUNCS([asprintf]) - -save_LIBS=$LIBS -LIBS=-lkrb5 -AC_CHECK_FUNCS([krb5_get_error_message \ - krb5_free_error_message \ - krb5_get_err_text]) -LIBS=$save_LIBS - dnl Needed to get prototypes for functions like asprintf on Linux. AC_DEFINE([_GNU_SOURCE], [1], [Define to 1 on Linux to get full prototypes.]) diff --git a/m4/afs.m4 b/m4/afs.m4 new file mode 100644 index 0000000..66a3f08 --- /dev/null +++ b/m4/afs.m4 @@ -0,0 +1,94 @@ +dnl afs.m4 -- Find the compiler and linker flags for OpenAFS. +dnl $Id$ +dnl +dnl If --with-afs is given, finds the compiler and linker flags for building +dnl with OpenAFS libraries; sets AFS_CPPFLAGS, AFS_LDFLAGS, and AFS_LIBS as +dnl appropriate; and defines HAVE_AFS. Provides the macro RRA_LIB_AFS, which +dnl takes no arguments. +dnl +dnl This function also sets rra_afs to true if AFS was requested, which can be +dnl checked to determine if further checks should be done. +dnl +dnl Also provides RRA_LIB_AFS_SET to set CPPFLAGS, LDFLAGS, and LIBS to +dnl include the AFS libraries; RRA_LIB_AFS_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_AFS_RESTORE to restore those settings to +dnl before the last RRA_LIB_AFS_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Based on code developed by Derrick Brashear and Ken Hornstein of Sine +dnl Nomine Associates, on behalf of Stanford University. +dnl Copyright 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the AFS settings. +AC_DEFUN([RRA_LIB_AFS_SET], +[CPPFLAGS="$AFS_CPPFLAGS $CPPFLAGS" + LDFLAGS="$AFS_LDFLAGS $LDFLAGS" + LIBS="$AFS_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the AFS flags. Used as a wrapper, with +dnl RRA_LIB_AFS_RESTORE, around tests. +AC_DEFUN([RRA_LIB_AFS_SWITCH], +[rra_afs_save_CPPFLAGS="$CPPFLAGS" + rra_afs_save_LDFLAGS="$LDFLAGS" + rra_afs_save_LIBS="$LIBS" + RRA_LIB_AFS_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_AFS_SWITCH was called). +AC_DEFUN([RRA_LIB_AFS_RESTORE], +[CPPFLAGS="$rra_afs_save_CPPFLAGS" + LDFLAGS="$rra_afs_save_LDFLAGS" + LIBS="$rra_afs_save_LIBS"]) + +dnl The function that does the work checking for the AFS libraries. +AC_DEFUN([_RRA_LIB_AFS_CHECK], +[RRA_LIB_AFS_SET + LIBS= + AC_SEARCH_LIBS([pthread_getspecific], [pthread]) + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AFS_LIBS="$AFS_LIBS $LIBS" + LIBS="$AFS_LIBS" + AC_CACHE_CHECK([whether linking with AFS libraries work], [rra_cv_lib_afs], + [AC_TRY_LINK( +[#include <afs/param.h> +#include <afs/kautils.h>], +[char cell[256] = "EXAMPLE.COM"; +char realm[256]; +int local; + +ka_CellToRealm(cell, realm, &local);], + [rra_cv_lib_afs=yes], + [rra_cv_lib_afs=no])]) + AS_IF([test "$rra_cv_lib_afs" = no], + [AC_MSG_ERROR([unable to link test AFS program])]) + RRA_LIB_AFS_RESTORE]) + +dnl The public entry point. Sets up the --with option and only does the +dnl library check if AFS linkage was requested. +AC_DEFUN([RRA_LIB_AFS], +[rra_afs=false + AFS_CPPFLAGS= + AFS_LDFLAGS= + AFS_LIBS="-lafsauthent -lafsrpc" + AC_SUBST([AFS_CPPFLAGS]) + AC_SUBST([AFS_LDFLAGS]) + AC_SUBST([AFS_LIBS]) + AC_ARG_WITH([afs], + [AC_HELP_STRING([--with-afs@<:@=DIR@:>@], + [Compile with AFS kaserver sync support])], + [AS_IF([test x"$withval" != xno], + [rra_afs=true + AS_IF([test x"$withval" != xyes], + [AFS_CPPFLAGS="-I${withval}/include" + AFS_LDFLAGS="-L${withval}/lib"]) + _RRA_LIB_AFS_CHECK + AC_DEFINE([HAVE_AFS], 1, + [Define to enable AFS kaserver support.])])])]) diff --git a/m4/gssapi.m4 b/m4/gssapi.m4 new file mode 100644 index 0000000..bf6acff --- /dev/null +++ b/m4/gssapi.m4 @@ -0,0 +1,136 @@ +dnl gssapi.m4 -- Find the compiler and linker flags for GSS-API. +dnl $Id$ +dnl +dnl Finds the compiler and linker flags for linking with GSS-API libraries +dnl and sets the substitution variables GSSAPI_CPPFLAGS, GSSAPI_LDFLAGS, and +dnl GSSAPI_LIBS. Provides the --with-gssapi configure option to specify a +dnl non-standard path to the GSS-API libraries. Uses krb5-config where +dnl available unless reduced dependencies is requested. +dnl +dnl Provides the macro RRA_LIB_GSSAPI and sets the substitution variables +dnl GSSAPI_CPPFLAGS, GSSAPI_LDFLAGS, and GSSAPI_LIBS. Also provides +dnl RRA_LIB_GSSAPI_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl GSS-API libraries; RRA_LIB_GSSAPI_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_GSSAPI_RESTORE to restore those settings +dnl to before the last RRA_LIB_GSSAPI_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the GSS-API settings. +AC_DEFUN([RRA_LIB_GSSAPI_SET], +[CPPFLAGS="$GSSAPI_CPPFLAGS $CPPFLAGS" + LDFLAGS="$GSSAPI_LDFLAGS $LDFLAGS" + LIBS="$GSSAPI_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the GSS-API flags. Used as a wrapper, with +dnl RRA_LIB_GSSAPI_RESTORE, around tests. +AC_DEFUN([RRA_LIB_GSSAPI_SWITCH], +[rra_gssapi_save_CPPFLAGS="$CPPFLAGS" + rra_gssapi_save_LDFLAGS="$LDFLAGS" + rra_gssapi_save_LIBS="$LIBS" + RRA_LIB_GSSAPI_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_GSSAPI_SWITCH was called). +AC_DEFUN([RRA_LIB_GSSAPI_RESTORE], +[CPPFLAGS="$rra_gssapi_save_CPPFLAGS" + LDFLAGS="$rra_gssapi_save_LDFLAGS" + LIBS="$rra_gssapi_save_LIBS"]) + +dnl Set GSSAPI_CPPFLAGS and GSSAPI_LDFLAGS based on rra_gssapi_root. +AC_DEFUN([_RRA_LIB_GSSAPI_PATHS], +[AS_IF([test x"$rra_gssapi_root" != x], + [AS_IF([test x"$rra_gssapi_root" != x/usr], + [GSSAPI_CPPFLAGS="-I${rra_gssapi_root}/include"]) + GSSAPI_LDFLAGS="-L${rra_gssapi_root}/lib"])]) + +dnl Does the appropriate library checks for reduced-dependency GSS-API +dnl linkage. +AC_DEFUN([_RRA_LIB_GSSAPI_REDUCED], +[RRA_LIB_GSSAPI_SWITCH + AC_CHECK_LIB([gssapi_krb5], [gss_import_name], [GSSAPI_LIBS="-lgssapi_krb5"], + [AC_CHECK_LIB([gssapi], [gss_import_name], [GSSAPI_LIBS="-lgssapi"], + [AC_MSG_ERROR([cannot find usable GSS-API library])])])]) + +dnl Does the appropriate library checks for GSS-API linkage when we don't +dnl have krb5-config or reduced dependencies. +AC_DEFUN([_RRA_LIB_GSSAPI_MANUAL], +[RRA_LIB_GSSAPI_SWITCH + rra_gssapi_extra= + LIBS= + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AC_SEARCH_LIBS([crypt], [crypt]) + rra_gssapi_extra="$LIBS" + LIBS="$rra_gssapi_save_LIBS" + AC_CHECK_LIB([gssapi], [gss_import_name], + [GSSAPI_LIBS="-lgssapi -lkrb5 -lasn1 -lroken -lcrypto -lcom_err" + GSSAPI_LIBS="$GSSAPI_LIBS $rra_gssapi_extra"], + [AC_CHECK_LIB([krb5support], [krb5int_getspecific], + [rra_gssapi_extra="-lkrb5support $rra_gssapi_extra"], + [AC_CHECK_LIB([pthreads], [pthread_setspecific], + [rra_gssapi_pthread="-lpthreads"], + [AC_CHECK_LIB([pthread], [pthread_setspecific], + [rra_gssapi_pthread="-lpthread"])]) + AC_CHECK_LIB([krb5support], [krb5int_setspecific], + [rra_gssapi_extra="-lkrb5support $rra_gssapi_extra" + rra_gssapi_extra="$rra_gssapi_extra $rra_gssapi_pthread"], + [$rra_gssapi_pthread])]) + AC_CHECK_LIB([com_err], [error_message], + [rra_gssapi_extra="-lcom_err $rra_gssapi_extra"]) + AC_CHECK_LIB([k5crypto], [krb5int_hash_md5], + [rra_gssapi_extra="-lk5crypto $rra_gssapi_extra"]) + rra_gssapi_extra="-lkrb5 $rra_gssapi_extra" + AC_CHECK_LIB([gssapi_krb5], [gss_import_name], + [GSSAPI_LIBS="-lgssapi_krb5 $rra_gssapi_extra"], + [AC_MSG_ERROR([cannot find usable GSS-API library])], + [$rra_gssapi_extra])], + [-lkrb5 -lasn1 -lroken -lcrypto -lcom_err $rra_gssapi_extra]) + RRA_LIB_GSSAPI_RESTORE]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_GSSAPI], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_gssapi_root= +GSSAPI_CPPFLAGS= +GSSAPI_LDFLAGS= +GSSAPI_LIBS= +AC_SUBST([GSSAPI_CPPFLAGS]) +AC_SUBST([GSSAPI_LDFLAGS]) +AC_SUBST([GSSAPI_LIBS]) +AC_ARG_WITH([gssapi], + [AC_HELP_STRING([--with-gssapi=DIR], + [Location of GSS-API headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_gssapi_root="$withval"])]) +AS_IF([test x"$rra_reduced_depends" = xtrue], + [_RRA_LIB_GSSAPI_PATHS + _RRA_LIB_GSSAPI_REDUCED], + [AC_ARG_VAR([KRB5_CONFIG], [Path to krb5-config]) + AS_IF([test x"$rra_gssapi_root" != x], + [AS_IF([test -x "${rra_gssapi_root}/bin/krb5-config"], + [KRB5_CONFIG="${rra_gssapi_root}/bin/krb5-config"])], + [AC_PATH_PROG([KRB5_CONFIG], [krb5-config])]) + AS_IF([test x"$KRB5_CONFIG" != x], + [AC_CACHE_CHECK([for gssapi support in krb5-config], + [rra_cv_lib_gssapi_config], + [AS_IF(["$KRB5_CONFIG" | grep gssapi > /dev/null 2>&1], + [rra_cv_lib_gssapi_config=yes], + [rra_cv_lib_gssapi_config=no])]) + AS_IF([test "$rra_cv_lib_gssapi_config" = yes], + [GSSAPI_CPPFLAGS=`"$KRB5_CONFIG" --cflags gssapi` + GSSAPI_LIBS=`"$KRB5_CONFIG" --libs gssapi`], + [GSSAPI_CPPFLAGS=`"$KRB5_CONFIG" --cflags` + GSSAPI_LIBS=`"$KRB5_CONFIG" --libs`]) + GSSAPI_CPPFLAGS=`echo "$GSSAPI_CPPFLAGS" \ + | sed 's%-I/usr/include ?%%'`], + [_RRA_LIB_GSSAPI_PATHS + _RRA_LIB_GSSAPI_MANUAL])])]) diff --git a/m4/krb4.m4 b/m4/krb4.m4 new file mode 100644 index 0000000..997a3a4 --- /dev/null +++ b/m4/krb4.m4 @@ -0,0 +1,143 @@ +dnl krb4.m4 -- Find the compiler and linker flags for Kerberos v4. +dnl $Id$ +dnl +dnl Finds the compiler and linker flags for linking with Kerberos v4 libraries +dnl and sets the substitution variables KRB4_CPPFLAGS, KRB4_LDFLAGS, and +dnl KRB4_LIBS. Provides the --with-krb4 configure option to specify a +dnl non-standard path to the Kerberos libraries. Uses krb5-config where +dnl available unless reduced dependencies is requested. +dnl +dnl Provides the macro RRA_LIB_KRB4 and sets the substitution variables +dnl KRB4_CPPFLAGS, KRB4_LDFLAGS, and KRB4_LIBS. Also provides +dnl RRA_LIB_KRB4_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl Kerberos libraries; RRA_LIB_KRB4_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_KRB4_RESTORE to restore those settings +dnl to before the last RRA_LIB_KRB4_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the Kerberos v4 +dnl settings. +AC_DEFUN([RRA_LIB_KRB4_SET], +[CPPFLAGS="$KRB4_CPPFLAGS $CPPFLAGS" + LDFLAGS="$KRB4_LDFLAGS $LDFLAGS" + LIBS="$KRB4_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the Kerberos v4 flags. Used as a wrapper, with +dnl RRA_LIB_KRB4_RESTORE, around tests. +AC_DEFUN([RRA_LIB_KRB4_SWITCH], +[rra_krb4_save_CPPFLAGS="$CPPFLAGS" + rra_krb4_save_LDFLAGS="$LDFLAGS" + rra_krb4_save_LIBS="$LIBS" + RRA_LIB_KRB4_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_KRB4_SWITCH was called). +AC_DEFUN([RRA_LIB_KRB4_RESTORE], +[CPPFLAGS="$rra_krb4_save_CPPFLAGS" + LDFLAGS="$rra_krb4_save_LDFLAGS" + LIBS="$rra_krb4_save_LIBS"]) + +dnl Set KRB4_CPPFLAGS and KRB4_LDFLAGS based on rra_krb4_root. +AC_DEFUN([_RRA_LIB_KRB4_PATHS], +[AS_IF([test x"$rra_krb4_root" != x], + [AS_IF([test x"$rra_krb4_root" != x/usr], + [KRB4_CPPFLAGS="-I${rra_krb4_root}/include"]) + KRB4_LDFLAGS="-L${rra_krb4_root}/lib"])]) + +dnl Does the appropriate library checks for reduced-dependency Kerberos v4 +dnl linkage. +AC_DEFUN([_RRA_LIB_KRB4_REDUCED], +[RRA_LIB_KRB4_SWITCH + AC_CHECK_LIB([krb4], [krb_get_svc_in_tkt], [KRB4_LIBS="-lkrb4"], + [AC_CHECK_LIB([krb], [krb_get_svc_in_tkt], [KRB4_LIBS="-lkrb"], + [AC_MSG_ERROR([cannot find usable Kerberos v4 library])])]) + RRA_LIB_KRB4_RESTORE]) + +dnl Does the appropriate library checks for Kerberos v4 linkage when we don't +dnl have krb5-config or reduced dependencies. +AC_DEFUN([_RRA_LIB_KRB4_MANUAL], +[RRA_LIB_KRB4_SWITCH + rra_krb4_extra= + LIBS= + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AC_SEARCH_LIBS([crypt], [crypt]) + rra_krb4_extra="$LIBS" + LIBS="$rra_krb4_save_LIBS" + AC_CHECK_LIB([crypto], [des_set_key], + [rra_krb4_extra="-lcrypto $rra_krb4_extra"], + [AC_CHECK_LIB([des], [des_set_key], + [rra_krb4_extra="-ldes $rra_krb4_extra"])]) + AC_CHECK_LIB([krb], [krb_get_svc_in_tkt], + [KRB4_LIBS="-lkrb $rra_krb4_extra"], + [rra_krb4_extra="-ldes425 -lkrb5 -lk5crypto -lcom_err $rra_krb4_extra" + AC_CHECK_LIB([krb5support], [krb5int_getspecific], + [rra_krb4_extra="$rra_krb4_extra -lkrb5support"], + [AC_CHECK_LIB([pthreads], [pthread_setspecific], + [rra_krb4_pthread="-lpthreads"], + [AC_CHECK_LIB([pthread], [pthread_setspecific], + [rra_krb4_pthread="-lpthread"])]) + AC_CHECK_LIB([krb5support], [krb5int_setspecific], + [rra_krb4_extra="-lkrb5support $rra_krb4_pthread"], + [$rra_krb4_pthread])]) + AC_CHECK_LIB([krb4], [krb_get_svc_in_tkt], + [KRB4_LIBS="-lkrb4 $rra_krb4_extra"], + [AC_MSG_ERROR([cannot find usable Kerberos v4 library])], + [$rra_krb4_extra])], + [$rra_krb4_extra]) + RRA_LIB_KRB4_RESTORE]) + +dnl Additional checks for portability that apply to either way that we find +dnl the right libraries. +AC_DEFUN([_RRA_LIB_KRB4_EXTRA], +[RRA_LIB_KRB4_SWITCH + AC_CHECK_HEADERS([kerberosIV/krb.h]) + RRA_LIB_KRB4_RESTORE]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_KRB4], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_krb4_root= +KRB4_CPPFLAGS= +KRB4_LDFLAGS= +KRB4_LIBS= +AC_SUBST([KRB4_CPPFLAGS]) +AC_SUBST([KRB4_LDFLAGS]) +AC_SUBST([KRB4_LIBS]) +AC_ARG_WITH([krb4], + [AC_HELP_STRING([--with-krb4=DIR], + [Location of Kerberos v4 headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_krb4_root="$withval"])]) +AS_IF([test x"$rra_reduced_depends" = xtrue], + [_RRA_LIB_KRB4_PATHS + _RRA_LIB_KRB4_REDUCED], + [AC_ARG_VAR([KRB5_CONFIG], [Path to krb5-config]) + AS_IF([test x"$rra_krb4_root" != x], + [AS_IF([test -x "${rra_krb4_root}/bin/krb5-config"], + [KRB5_CONFIG="${rra_krb4_root}/bin/krb5-config"])], + [AC_PATH_PROG([KRB5_CONFIG], [krb5-config])]) + AS_IF([test x"$KRB5_CONFIG" != x], + [AC_CACHE_CHECK([for krb4 support in krb5-config], + [rra_cv_lib_krb4_config], + [AS_IF(["$KRB5_CONFIG" | grep krb4 > /dev/null 2>&1], + [rra_cv_lib_krb4_config=yes], + [rra_cv_lib_krb4_config=no])]) + AS_IF([test "$rra_cv_lib_krb4_config" = yes], + [KRB4_CPPFLAGS=`"$KRB5_CONFIG" --cflags krb4` + KRB4_LIBS=`"$KRB5_CONFIG" --libs krb4`], + [_RRA_LIB_KRB4_PATHS + _RRA_LIB_KRB4_MANUAL]) + KRB4_CPPFLAGS=`echo "$KRB5_CPPFLAGS" | sed 's%-I/usr/include ?%%'`], + [_RRA_LIB_KRB4_PATHS + _RRA_LIB_KRB4_MANUAL])]) + _RRA_LIB_KRB4_EXTRA]) diff --git a/m4/krb5.m4 b/m4/krb5.m4 new file mode 100644 index 0000000..2474b47 --- /dev/null +++ b/m4/krb5.m4 @@ -0,0 +1,164 @@ +dnl krb5.m4 -- Find the compiler and linker flags for Kerberos v5. +dnl $Id$ +dnl +dnl Finds the compiler and linker flags for linking with Kerberos v5 libraries +dnl and sets the substitution variables KRB5_CPPFLAGS, KRB5_LDFLAGS, and +dnl KRB5_LIBS. Provides the --with-krb5 configure option to specify a +dnl non-standard path to the Kerberos libraries. Uses krb5-config where +dnl available unless reduced dependencies is requested. +dnl +dnl Provides the macro RRA_LIB_KRB5 and sets the substitution variables +dnl KRB5_CPPFLAGS, KRB5_LDFLAGS, and KRB5_LIBS. Also provides +dnl RRA_LIB_KRB5_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl Kerberos libraries; RRA_LIB_KRB5_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_KRB5_RESTORE to restore those settings +dnl to before the last RRA_LIB_KRB5_SWITCH. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007, 2008 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the Kerberos v5 +dnl settings. +AC_DEFUN([RRA_LIB_KRB5_SET], +[CPPFLAGS="$KRB5_CPPFLAGS $CPPFLAGS" + LDFLAGS="$KRB5_LDFLAGS $LDFLAGS" + LIBS="$KRB5_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the Kerberos v5 flags. Used as a wrapper, with +dnl RRA_LIB_KRB5_RESTORE, around tests. +AC_DEFUN([RRA_LIB_KRB5_SWITCH], +[rra_krb5_save_CPPFLAGS="$CPPFLAGS" + rra_krb5_save_LDFLAGS="$LDFLAGS" + rra_krb5_save_LIBS="$LIBS" + RRA_LIB_KRB5_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_KRB5_SWITCH was called). +AC_DEFUN([RRA_LIB_KRB5_RESTORE], +[CPPFLAGS="$rra_krb5_save_CPPFLAGS" + LDFLAGS="$rra_krb5_save_LDFLAGS" + LIBS="$rra_krb5_save_LIBS"]) + +dnl Set KRB5_CPPFLAGS and KRB5_LDFLAGS based on rra_krb5_root. +AC_DEFUN([_RRA_LIB_KRB5_PATHS], +[AS_IF([test x"$rra_krb5_root" != x], + [AS_IF([test x"$rra_krb5_root" != x/usr], + [KRB5_CPPFLAGS="-I${rra_krb5_root}/include"]) + KRB5_LDFLAGS="-L${rra_krb5_root}/lib"])]) + +dnl Does the appropriate library checks for reduced-dependency Kerberos v5 +dnl linkage. +AC_DEFUN([_RRA_LIB_KRB5_REDUCED], +[RRA_LIB_KRB5_SWITCH + AC_CHECK_LIB([krb5], [krb5_init_context], [KRB5_LIBS="-lkrb5"], + [AC_MSG_ERROR([cannot find usable Kerberos v5 library])]) + LIBS="$KRB5_LIBS $LIBS" + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_err_txt], , + [AC_CHECK_LIB([ksvc], [krb5_svc_get_msg], + [KRB5_LIBS="$KRB5_LIBS -lksvc" + AC_DEFINE([HAVE_KRB5_SVC_GET_MSG], [1]) + AC_CHECK_HEADERS([ibm_svc/krb5_svc.h])], + [AC_CHECK_LIB([com_err], [com_err], + [KRB5_LIBS="$KRB5_LIBS -lcom_err"], + [AC_MSG_ERROR([cannot find usable com_err library])]) + AC_CHECK_HEADERS([et/com_err.h])])])]) + RRA_LIB_KRB5_RESTORE]) + +dnl Does the appropriate library checks for Kerberos v5 linkage when we don't +dnl have krb5-config or reduced dependencies. +AC_DEFUN([_RRA_LIB_KRB5_MANUAL], +[RRA_LIB_KRB5_SWITCH + rra_krb5_extra= + LIBS= + AC_SEARCH_LIBS([res_search], [resolv], , + [AC_SEARCH_LIBS([__res_search], [resolv])]) + AC_SEARCH_LIBS([gethostbyname], [nsl]) + AC_SEARCH_LIBS([socket], [socket], , + [AC_CHECK_LIB([nsl], [socket], [LIBS="-lnsl -lsocket $LIBS"], , + [-lsocket])]) + AC_SEARCH_LIBS([crypt], [crypt]) + rra_krb5_extra="$LIBS" + LIBS="$rra_krb5_save_LIBS" + AC_CHECK_LIB([krb5], [krb5_init_context], + [KRB5_LIBS="-lkrb5 -lasn1 -lroken -lcrypto -lcom_err $rra_krb5_extra"], + [AC_CHECK_LIB([krb5support], [krb5int_getspecific], + [rra_krb5_extra="-lkrb5support $rra_krb5_extra"], + [AC_CHECK_LIB([pthreads], [pthread_setspecific], + [rra_krb5_pthread="-lpthreads"], + [AC_CHECK_LIB([pthread], [pthread_setspecific], + [rra_krb5_pthread="-lpthread"])]) + AC_CHECK_LIB([krb5support], [krb5int_setspecific], + [rra_krb5_extra="-lkrb5support $rra_krb5_extra $rra_krb5_pthread"], + [$rra_krb5_pthread])]) + AC_CHECK_LIB([com_err], [error_message], + [rra_krb5_extra="-lcom_err $rra_krb5_extra"]) + AC_CHECK_LIB([ksvc], [krb5_svc_get_msg], + [rra_krb5_extra="-lksvc $rra_krb5_extra"]) + AC_CHECK_LIB([k5crypto], [krb5int_hash_md5], + [rra_krb5_extra="-lk5crypto $rra_krb5_extra"]) + AC_CHECK_LIB([k5profile], [profile_get_values], + [rra_krb5_extra="-lk5profile $rra_krb5_extra"]) + AC_CHECK_LIB([krb5], [krb5_cc_default], + [KRB5_LIBS="-lkrb5 $rra_krb5_extra"], + [AC_MSG_ERROR([cannot find usable Kerberos v5 library])], + [$rra_krb5_extra])], + [-lasn1 -lroken -lcrypto -lcom_err $rra_krb5_extra]) + LIBS="$KRB5_LIBS $LIBS" + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_err_txt], , + [AC_CHECK_FUNCS([krb5_svc_get_msg], + [AC_CHECK_HEADERS([ibm_svc/krb5_svc.h])], + [AC_CHECK_HEADERS([et/com_err.h])])])]) + RRA_LIB_KRB5_RESTORE]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_KRB5], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_krb5_root= +KRB5_CPPFLAGS= +KRB5_LDFLAGS= +KRB5_LIBS= +AC_SUBST([KRB5_CPPFLAGS]) +AC_SUBST([KRB5_LDFLAGS]) +AC_SUBST([KRB5_LIBS]) +AC_ARG_WITH([krb5], + [AC_HELP_STRING([--with-krb5=DIR], + [Location of Kerberos v5 headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_krb5_root="$withval"])]) +AS_IF([test x"$rra_reduced_depends" = xtrue], + [_RRA_LIB_KRB5_PATHS + _RRA_LIB_KRB5_REDUCED], + [AC_ARG_VAR([KRB5_CONFIG], [Path to krb5-config]) + AS_IF([test x"$rra_krb5_root" != x], + [AS_IF([test -x "${rra_krb5_root}/bin/krb5-config"], + [KRB5_CONFIG="${rra_krb5_root}/bin/krb5-config"])], + [AC_PATH_PROG([KRB5_CONFIG], [krb5-config])]) + AS_IF([test x"$KRB5_CONFIG" != x], + [AC_CACHE_CHECK([for krb5 support in krb5-config], + [rra_cv_lib_krb5_config], + [AS_IF(["$KRB5_CONFIG" | grep krb5 > /dev/null 2>&1], + [rra_cv_lib_krb5_config=yes], + [rra_cv_lib_krb5_config=no])]) + AS_IF([test "$rra_cv_lib_krb5_config" = yes], + [KRB5_CPPFLAGS=`"$KRB5_CONFIG" --cflags krb5` + KRB5_LIBS=`"$KRB5_CONFIG" --libs krb5`], + [KRB5_CPPFLAGS=`"$KRB5_CONFIG" --cflags` + KRB5_LIBS=`"$KRB5_CONFIG" --libs`]) + KRB5_CPPFLAGS=`echo "$KRB5_CPPFLAGS" | sed 's%-I/usr/include ?%%'` + RRA_LIB_KRB5_SWITCH + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_err_txt], , + [AC_CHECK_FUNCS([krb5_svc_get_msg], + [AC_CHECK_HEADERS([ibm_svc/krb5_svc.h])], + [AC_CHECK_HEADERS([et/com_err.h])])])]) + RRA_LIB_KRB5_RESTORE], + [_RRA_LIB_KRB5_PATHS + _RRA_LIB_KRB5_MANUAL])])]) diff --git a/m4/lib-depends.m4 b/m4/lib-depends.m4 new file mode 100644 index 0000000..54a8f43 --- /dev/null +++ b/m4/lib-depends.m4 @@ -0,0 +1,23 @@ +dnl lib-depends.m4 -- Provides option to change library probes. +dnl $Id$ +dnl +dnl This file provides RRA_ENABLE_REDUCED_DEPENDS, which adds the configure +dnl option --enable-reduced-depends to request that library probes assume +dnl shared libraries are in use and dependencies of libraries should not be +dnl probed. If this option is given, the shell variable rra_reduced_depends +dnl is set to true; otherwise, it is set to false. +dnl +dnl This macro doesn't do much but is defined separately so that other macros +dnl can require it with AC_REQUIRE. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2005, 2006, 2007 +dnl Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +AC_DEFUN([RRA_ENABLE_REDUCED_DEPENDS], +[rra_reduced_depends=false +AC_ARG_ENABLE([reduced-depends], + [AC_HELP_STRING([--enable-reduced-depends], + [Try to minimize shared library dependencies])], + [AS_IF([test x"$enableval" = xyes], [rra_reduced_depends=true])])]) diff --git a/m4/remctl.m4 b/m4/remctl.m4 new file mode 100644 index 0000000..2941f19 --- /dev/null +++ b/m4/remctl.m4 @@ -0,0 +1,69 @@ +dnl remctl.m4 -- Find the compiler and linker flags for remctl. +dnl $Id$ +dnl +dnl This file provides RRA_LIB_REMCTL, which finds the compiler and linker +dnl flags for linking with remctl libraries and sets the substitution +dnl variables REMCTL_CPPFLAGS, REMCTL_LDFLAGS, and REMCTL_LIBS. Also provides +dnl RRA_LIB_REMCTL_SET to set CPPFLAGS, LDFLAGS, and LIBS to include the +dnl remctl libraries; RRA_LIB_REMCTL_SWITCH to do the same but save the +dnl current values first; and RRA_LIB_REMCTL_RESTORE to restore those settings +dnl to before the last RRA_LIB_REMCTL_SWITCH. +dnl +dnl This macro depends on RRA_ENABLE_REDUCED_DEPENDS and RRA_LIB_GSSAPI. +dnl +dnl Written by Russ Allbery <rra@stanford.edu> +dnl Copyright 2008 Board of Trustees, Leland Stanford Jr. University +dnl See LICENSE for licensing terms. + +dnl Set CPPFLAGS, LDFLAGS, and LIBS to values including the Kerberos v5 +dnl settings. +AC_DEFUN([RRA_LIB_REMCTL_SET], +[CPPFLAGS="$REMCTL_CPPFLAGS $CPPFLAGS" + LDFLAGS="$REMCTL_LDFLAGS $LDFLAGS" + LIBS="$REMCTL_LIBS $LIBS"]) + +dnl Save the current CPPFLAGS, LDFLAGS, and LIBS settings and switch to +dnl versions that include the Kerberos v5 flags. Used as a wrapper, with +dnl RRA_LIB_REMCTL_RESTORE, around tests. +AC_DEFUN([RRA_LIB_REMCTL_SWITCH], +[rra_remctl_save_CPPFLAGS="$CPPFLAGS" + rra_remctl_save_LDFLAGS="$LDFLAGS" + rra_remctl_save_LIBS="$LIBS" + RRA_LIB_REMCTL_SET]) + +dnl Restore CPPFLAGS, LDFLAGS, and LIBS to their previous values (before +dnl RRA_LIB_REMCTL_SWITCH was called). +AC_DEFUN([RRA_LIB_REMCTL_RESTORE], +[CPPFLAGS="$rra_remctl_save_CPPFLAGS" + LDFLAGS="$rra_remctl_save_LDFLAGS" + LIBS="$rra_remctl_save_LIBS"]) + +dnl Set REMCTL_CPPFLAGS and REMCTL_LDFLAGS based on rra_remctl_root. +AC_DEFUN([_RRA_LIB_REMCTL_PATHS], +[AS_IF([test x"$rra_remctl_root" != x], + [AS_IF([test x"$rra_remctl_root" != x/usr], + [REMCTL_CPPFLAGS="-I${rra_remctl_root}/include"]) + REMCTL_LDFLAGS="-L${rra_remctl_root}/lib"])]) + +dnl The main macro. +AC_DEFUN([RRA_LIB_REMCTL], +[AC_REQUIRE([RRA_ENABLE_REDUCED_DEPENDS]) +rra_remctl_root= +REMCTL_CPPFLAGS= +REMCTL_LDFLAGS= +REMCTL_LIBS= +AC_SUBST([REMCTL_CPPFLAGS]) +AC_SUBST([REMCTL_LDFLAGS]) +AC_SUBST([REMCTL_LIBS]) +AC_ARG_WITH([remctl], + [AC_HELP_STRING([--with-remctl=DIR], + [Location of remctl headers and libraries])], + [AS_IF([test x"$withval" != xyes && test x"$withval" != xno], + [rra_remctl_root="$withval"])]) +_RRA_LIB_REMCTL_PATHS +AS_IF([test x"$rra_reduced_depends" = xtrue], + [REMCTL_LIBS="-lremctl"], + [RRA_LIB_GSSAPI + REMCTL_CPPFLAGS="$REMCTL_CPPFLAGS $GSSAPI_CPPFLAGS" + REMCTL_LDFLAGS="$REMCTL_LDFLAGS $GSSAPI_LDFLAGS" + REMCTL_LIBS="-lremctl $GSSAPI_LIBS"])]) diff --git a/perl/t/keytab.t b/perl/t/keytab.t index 0dd6bc3..bb6b048 100755 --- a/perl/t/keytab.t +++ b/perl/t/keytab.t @@ -4,12 +4,12 @@ # t/keytab.t -- Tests for the keytab object implementation. # # Written by Russ Allbery <rra@stanford.edu> -# Copyright 2007 Board of Trustees, Leland Stanford Jr. University +# Copyright 2007, 2008 Board of Trustees, Leland Stanford Jr. University # # See LICENSE for licensing terms. use POSIX qw(strftime); -use Test::More tests => 217; +use Test::More tests => 223; use Wallet::Config; use Wallet::Object::Keytab; @@ -478,7 +478,7 @@ EOO # Tests for kaserver synchronization support. SKIP: { - skip 'no keytab configuration', 100 unless -f 't/data/test.keytab'; + skip 'no keytab configuration', 106 unless -f 't/data/test.keytab'; # Test the principal mapping. We can do this without having a kaserver # configuration. We only need a basic keytab object configuration. Do @@ -569,9 +569,22 @@ $date add kaserver to attribute sync by $user from $host EOO is ($one->history, $history, ' and history is correct for attributes'); + is ($one->destroy (@trace), undef, 'Destroying wallet/one fails'); + is ($one->error, 'kaserver synchronization not configured', + ' because kaserver support is not configured'); + is ($one->attr ('sync', [], @trace), 1, + ' but removing the kaserver sync attribute works'); + is ($one->destroy (@trace),1, ' and then destroying wallet/one works'); + $history .= <<"EOO"; +$date remove kaserver from attribute sync + by $user from $host +$date destroy + by $user from $host +EOO # Set up our configuration. - skip 'no AFS kaserver configuration', 32 unless -f 't/data/test.srvtab'; + skip 'no AFS kaserver configuration', 34 unless -f 't/data/test.srvtab'; + skip 'no kaserver support', 34 unless -x '../kasetkey/kasetkey'; $Wallet::Config::KEYTAB_FILE = 't/data/test.keytab'; $Wallet::Config::KEYTAB_PRINCIPAL = contents ('t/data/test.principal'); $Wallet::Config::KEYTAB_REALM = contents ('t/data/test.realm'); @@ -580,6 +593,14 @@ EOO my $realm = $Wallet::Config::KEYTAB_REALM; my $k5 = "wallet/one\@$realm"; + # Recreate and reconfigure the object. + $one = eval { + Wallet::Object::Keytab->create ('keytab', 'wallet/one', $dbh, @trace) + }; + ok (defined ($one), 'Creating wallet/one succeeds'); + is ($one->attr ('sync', [ 'kaserver' ], @trace), 1, + ' and setting the kaserver sync attribute works'); + # Finally, we can test. is ($one->get (@trace), undef, 'Get without configuration fails'); is ($one->error, 'kaserver synchronization not configured', @@ -661,6 +682,10 @@ EOO # Check that history is still correct. $history .= <<"EOO"; +$date create + by $user from $host +$date add kaserver to attribute sync + by $user from $host $date get by $user from $host $date remove kaserver from attribute sync @@ -704,7 +729,11 @@ SKIP: { my $one = eval { Wallet::Object::Keytab->create ('keytab', 'wallet/one', $dbh, @trace) }; - ok (defined ($one), 'Creating wallet/one succeeds'); + if (defined ($one)) { + ok (1, 'Creating wallet/one succeeds'); + } else { + is ($@, '', 'Creating wallet/one succeeds'); + } my $keytab = $one->get (@trace); ok (defined ($keytab), ' and retrieving the keytab works'); my @enctypes = grep { $_ ne 'UNKNOWN' } enctypes ($keytab); |