AC_INIT(ldap-nss.c) AC_CANONICAL_SYSTEM AC_PREFIX_DEFAULT() AM_INIT_AUTOMAKE(nss_ldap, 265) AM_CONFIG_HEADER(config.h) AM_MAINTAINER_MODE AC_PROG_CC AC_PROG_CPP AC_PROG_INSTALL dnl dnl --enable-rfc2307bis is now deprecated; if this option is set, dnl then RFC2307bis support will be enabled by default. However dnl it can now always be enabled at runtime with the nss_schema dnl keyword. See nss_ldap(5) for more information. dnl AC_ARG_ENABLE(rfc2307bis, [ --enable-rfc2307bis use RFC2307bis schema by default ], [AC_DEFINE(RFC2307BIS)]) dnl dnl --enable-schema-mapping is no longer necessary as schema dnl mapping is enabled by default dnl dnl AC_ARG_ENABLE(schema-mapping, [ --enable-schema-mapping enable attribute/objectclass mapping ], [AC_DEFINE(AT_OC_MAP)]) dnl AC_ARG_ENABLE(debugging, [ --enable-debugging enable debug code ], [AC_DEFINE(DEBUG)]) dnl dnl --enable-paged-results is now deprecated; if this option is set, dnl then paged results will be enabled by default. However, it can dnl now always be enabled at runtime (as long as the underlying LDAP dnl library supports ldap_search_ext()) with the nss_paged_results dnl keyword. See nss_ldap(5) for more information dnl AC_ARG_ENABLE(paged-results, [ --enable-paged-results use paged results control by default ], [AC_DEFINE(PAGE_RESULTS)]) dnl dnl XXX TODO make configurable-krb5-ccname-* configurable at runtime dnl AC_ARG_ENABLE(configurable-krb5-ccname-env, [ --enable-configurable-krb5-ccname-env enable configurable Kerberos V credentials cache name (putenv method)], [AC_DEFINE(CONFIGURE_KRB5_CCNAME) AC_DEFINE(CONFIGURE_KRB5_CCNAME_ENV)]) AC_ARG_ENABLE(configurable-krb5-ccname-gssapi, [ --enable-configurable-krb5-ccname-gssapi enable configurable Kerberos V credentials cache name (gssapi method)], [AC_DEFINE(CONFIGURE_KRB5_CCNAME) AC_DEFINE(CONFIGURE_KRB5_CCNAME_GSSAPI)]) AC_ARG_ENABLE(configurable-krb5-keytab, [ --enable-configurable-krb5-keytab enable configurable Kerberos V keytab file name], [AC_DEFINE(CONFIGURE_KRB5_KEYTAB)]) AC_ARG_WITH(ldap-lib, [ --with-ldap-lib=type select ldap library [auto|netscape5|netscape4|netscape3|umich|openldap]]) AC_ARG_WITH(ldap-dir, [ --with-ldap-dir=DIR base directory of LDAP SDK]) AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file], [ NSS_LDAP_PATH_CONF="$with_ldap_conf_file" ], [ NSS_LDAP_PATH_CONF="/etc/ldap.conf" ]) AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP root secret file], [ NSS_LDAP_PATH_ROOTPASSWD="$with_ldap_secret_file" ], [ NSS_LDAP_PATH_ROOTPASSWD="/etc/ldap.secret" ]) AC_ARG_WITH(gssapi-dir, [ --with-gssapi-dir=DIR base directory of gssapi SDK]) AC_ARG_WITH(ngroups, [ --with-ngroups=num average group size hint, experts only], [AC_DEFINE_UNQUOTED(LDAP_NSS_NGROUPS, $with_ngroups)]) AC_DEFINE_UNQUOTED(NSS_LDAP_PATH_CONF, "$NSS_LDAP_PATH_CONF") AC_DEFINE_UNQUOTED(NSS_LDAP_PATH_ROOTPASSWD, "$NSS_LDAP_PATH_ROOTPASSWD") AC_SUBST(NSS_LDAP_PATH_CONF) AC_SUBST(NSS_LDAP_PATH_ROOTPASSWD) if test "$ac_cv_prog_gcc" = "yes"; then CFLAGS="$CFLAGS -Wall -fPIC"; fi dnl This is needed for the native Solaris LDAP SDK and dnl OpenLDAP 2.2, respectively CPPFLAGS="$CPPFLAGS -DLDAP_REFERRALS -DLDAP_DEPRECATED" case "$target_os" in freebsd*) CPPFLAGS="$CPPFLAGS -DPIC -D_REENTRANT" ;; aix*) CPPFLAGS="$CPPFLAGS -D_THREAD_SAFE" ;; *) CPPFLAGS="$CPPFLAGS -D_REENTRANT" ;; esac # Always use native linker on Solaris and AIX # but only invoke directly if compiling with gcc (?) case "$target_os" in aix*) if test "$ac_cv_prog_gcc" = "yes"; then nss_ldap_so_LD="/usr/bin/ld" fi LDFLAGS="$LDFLAGS -Wl,-brtl" nss_ldap_so_LDFLAGS="-bM:SRE -bnoentry -bE:\$(srcdir)/exports.aix -brtl -lc" NSS_LDAP_LDFLAGS="-bM:SRE -enss_ldap_initialize -brtl -lc" CPPFLAGS="$CPPFLAGS -I." need_pthread=yes TARGET_OS=AIX ;; solaris*) if test "$ac_cv_prog_gcc" = yes; then nss_ldap_so_LD="/usr/ccs/bin/ld" fi nss_ldap_so_LDFLAGS="-Bdirect -z nodelete -Bdynamic -M \$(srcdir)/exports.solaris -G" ;; hpux*) if test "$ac_cv_prog_gcc" = yes; then nss_ldap_so_LD="/bin/ld" fi nss_ldap_so_LDFLAGS="-b -dynamic -G `cat exports.hpux`" CPPFLAGS="$CPPFLAGS -I. -DHPUX" TARGET_OS=HPUX ;; linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;; *) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;; esac AM_CONDITIONAL(GCC, test "$GCC" = "yes") AM_CONDITIONAL(GLIBC, test "forcedpass" = "forcedpass") AM_CONDITIONAL(AIX, test "$TARGET_OS" = AIX) AM_CONDITIONAL(HPUX, test "$TARGET_OS" = HPUX) AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$nss_ldap_so_LD") # unfortunately the linker flags have to be defined twice for # AIX as we can't force using the native linker for configure # tests, and the gcc front-end does not understand native # linker flags. if test -n "$with_ldap_dir"; then CPPFLAGS="$CPPFLAGS -I$with_ldap_dir/include" LDFLAGS="$LDFLAGS -L$with_ldap_dir/lib" case "$target_os" in aix*) LDFLAGS="$LDFLAGS -Wl,-blibpath:$with_ldap_dir/lib" nss_ldap_so_LDFLAGS="$nss_ldap_so_LDFLAGS -L$with_ldap_dir/lib -blibpath:$with_ldap_dir/lib" NSS_LDAP_LDFLAGS="$NSS_LDAP_LDFLAGS -L$with_ldap_dir/lib -blibpath:$with_ldap_dir/lib" ;; hpux*) LDFLAGS="$LDFLAGS -Wl,+b$with_ldap_dir/lib" nss_ldap_so_LDFLAGS="$nss_ldap_so_LDFLAGS -L$with_ldap_dir/lib +b$with_ldap_dir/lib" ;; solaris*) LDFLAGS="$LDFLAGS -R$with_ldap_dir/lib" nss_ldap_so_LDFLAGS="$nss_ldap_so_LDFLAGS -L$with_ldap_dir/lib -R$with_ldap_dir/lib" ;; *) LDFLAGS="$LDFLAGS -Wl,-rpath,$with_ldap_dir/lib" ;; esac fi if test -n "$with_gssapi_dir"; then CPPFLAGS="$CPPFLAGS -I$with_gssapi_dir/include" LDFLAGS="$LDFLAGS -L$with_gssapi_dir/lib" fi AC_SUBST(nss_ldap_so_LD) AC_SUBST(nss_ldap_so_LDFLAGS) AC_SUBST(NSS_LDAP_LDFLAGS) AC_CHECK_HEADERS(lber.h) AC_CHECK_HEADERS(ldap.h, , AC_MSG_ERROR(could not locate )) AC_CHECK_HEADERS(ldap_ssl.h) dnl AC_MSG_CHECKING(for ldap_ssl.h) dnl AC_TRY_COMPILE([#include dnl #include dnl #include ], , dnl [ dnl AC_MSG_RESULT(yes), dnl AC_DEFINE(HAVE_LDAP_SSL_H, 1) dnl ], dnl AC_MSG_RESULT(no)) # For HP-UX and AIX we use private API, the headers for which # are included locally. We need to do something to stop both # API being detected. case "$target_os" in aix*) AC_CHECK_HEADERS(irs.h usersec.h) ;; hpux*) AC_CHECK_HEADERS(nsswitch.h) ;; *) AC_CHECK_HEADERS(nss.h) AC_CHECK_HEADERS(nsswitch.h) AC_CHECK_HEADERS(irs.h) ;; esac AC_CHECK_HEADERS(thread.h) AC_CHECK_HEADERS(pthread.h) AC_CHECK_HEADERS(synch.h) AC_CHECK_HEADERS(malloc.h) AC_CHECK_HEADERS(shadow.h) AC_CHECK_HEADERS(prot.h) AC_CHECK_HEADERS(port_before.h) AC_CHECK_HEADERS(port_after.h) AC_CHECK_HEADERS(aliases.h) AC_CHECK_HEADERS(net/route.h) AC_CHECK_HEADERS(netinet/if_ether.h) AC_CHECK_HEADERS(netinet/ether.h) AC_CHECK_HEADERS(arpa/nameser.h) AC_CHECK_HEADERS(arpa/nameser_compat.h) AC_CHECK_HEADERS(ctype.h) dnl AC_CHECK_HEADERS(db.h) dnl AC_CHECK_HEADERS(db1/db.h) dnl AC_CHECK_HEADERS(db_185.h) dnl AC_CHECK_HEADERS(db3/db_185.h) AC_CHECK_HEADERS(alignof.h) AC_CHECK_HEADERS(rpc/rpcent.h) AC_CHECK_HEADERS(sys/byteorder.h) AC_CHECK_HEADERS(sys/un.h) AC_CHECK_HEADERS(libc-lock.h) AC_CHECK_HEADERS(bits/libc-lock.h) AC_CHECK_HEADERS(sasl.h sasl/sasl.h) AC_CHECK_HEADERS(strings.h) AC_CHECK_HEADERS(gssldap.h) AC_CHECK_HEADERS(gsssasl.h) AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi.h) AC_CHECK_HEADERS(krb5.h) AC_CHECK_LIB(resolv, main) AC_CHECK_LIB(nsl, main) AC_CHECK_LIB(socket, main) AC_CHECK_FUNCS(strtok_r) AC_CHECK_FUNCS(sigaction) AC_CHECK_FUNCS(sigset) AC_CHECK_FUNCS(res_search) AC_CHECK_FUNCS(dn_expand) AC_CHECK_HEADERS(resolv.h) if test x$ac_cv_func_res_search = xno ; then AC_MSG_CHECKING([for res_search again]) AC_TRY_LINK([#ifdef HAVE_RESOLV_H #include #endif #ifdef HAVE_STDLIB_H #include #endif], [res_search(NULL,0,0,NULL,0);], AC_DEFINE(HAVE_RES_SEARCH,1, [Define if you have res_search().]) ac_cv_func_res_search=yes) AC_CHECK_FUNCS(res_search) fi if test x$ac_cv_func_dn_expand = xno ; then AC_MSG_CHECKING([for dn_expand again]) AC_TRY_LINK([#ifdef HAVE_RESOLV_H #include #endif #ifdef HAVE_STDLIB_H #include #endif], [dn_expand(NULL,NULL,NULL,NULL,0);], AC_DEFINE(HAVE_DN_EXPAND,1, [Define if you have dn_expand().]) ac_cv_func_dn_expand=yes) AC_CHECK_FUNCS(dn_expand) fi AC_CHECK_FUNCS(snprintf) AC_CHECK_FUNCS(gethostbyname) AC_CHECK_FUNCS(nsdispatch) AC_CHECK_LIB(pthread_nonshared, main) AC_CHECK_FUNCS(pthread_atfork) AC_CHECK_FUNCS(pthread_once) AC_CHECK_FUNCS(ether_aton) AC_CHECK_FUNCS(ether_ntoa) AC_CHECK_FUNCS(__libc_once __libc_atfork __libc_lock_lock __libc_lock_unlock) AC_MSG_CHECKING(for struct ether_addr) AC_TRY_COMPILE([#include #include #include #include #include ], [struct ether_addr x;], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_STRUCT_ETHER_ADDR, 1) ], AC_MSG_RESULT(no)) AC_MSG_CHECKING(for socklen_t) AC_TRY_COMPILE([#include #include ], [socklen_t len;], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_SOCKLEN_T, 1) ], AC_MSG_RESULT(no)) AC_MSG_CHECKING(for pw_change in struct passwd) AC_TRY_COMPILE([#include ], [struct passwd pwd; time_t t = pwd.pw_change], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_PASSWD_PW_CHANGE, 1) ], AC_MSG_RESULT(no)) AC_MSG_CHECKING(for pw_expire in struct passwd) AC_TRY_COMPILE([#include ], [struct passwd pwd; time_t t = pwd.pw_expire], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_PASSWD_PW_EXPIRE, 1) ], AC_MSG_RESULT(no)) dnl check which ldap library we have dnl check which ldap library we have if test -z "$with_ldap_lib"; then with_ldap_lib=auto fi AC_CHECK_SIZEOF([unsigned int]) AC_CHECK_SIZEOF([unsigned long]) AC_CHECK_SIZEOF([uid_t],,[#include ]) AC_CHECK_SIZEOF([gid_t],,[#include ]) AC_CHECK_LIB(dl, dlopen,[LIBS="-ldl $LIBS"],,$LIBS) dnl AC_CHECK_LIB(db, main,[LIBS="-ldb $LIBS"],,$LIBS) AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS) if test -z "$found_gssapi_lib"; then AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS) fi dnl Following checks probably not strictly necessary. dnl AC_CHECK_LIB(crypto, main,[LIBS="-lcrypto $LIBS"],,$LIBS) dnl AC_CHECK_LIB(ssl, main,[LIBS="-lssl $LIBS"],,$LIBS) AC_CHECK_LIB(com_err, main,[LIBS="-lcom_err $LIBS"],,$LIBS) dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS) AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS) dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS) AC_CHECK_LIB(sasl2, sasl_client_init) if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \); then AC_CHECK_LIB(lber, main) AC_CHECK_LIB(ldap, main, [LIBS="-lldap $LIBS" found_ldap_lib=yes],,$LIBS) fi if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape5 \); then AC_CHECK_LIB(ldap50, main, LIBS="-lldap50 -lssldap50 -lssl3 -lnss3 -lnspr4 -lprldap50 -lplc4 -lplds4 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread) fi if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape4 \); then AC_CHECK_LIB(ldapssl41, main, LIBS="-lldapssl41 -lplc3 -lplds3 -lnspr3 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread) if test -z "$found_ldap_lib"; then AC_CHECK_LIB(ldapssl40, main, LIBS="-lldapssl40 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread) fi if test -z "$found_ldap_lib"; then AC_CHECK_LIB(ldap41, main, LIBS="-lldap41 $LIBS" found_ldap_lib=yes need_pthread=no,,) fi if test -z "$found_ldap_lib"; then AC_CHECK_LIB(ldap40, main, LIBS="-lldap40 $LIBS" found_ldap_lib=yes need_pthread=no,,) fi fi if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = netscape3 \); then AC_CHECK_LIB(ldapssl30, main, LIBS="-lldapssl30 $LIBS" found_ldap_lib=yes need_pthread=yes,, -lpthread) fi if test -z "$found_ldap_lib"; then AC_MSG_ERROR(could not locate a valid LDAP library) fi if test "$need_pthread" = "yes"; then AC_CHECK_LIB(pthread, main) fi AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS) AC_CHECK_FUNCS(sasl_auxprop_request) AC_CHECK_FUNCS(ldap_init ldap_get_lderrno ldap_parse_result ldap_memfree ldap_controls_free) AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option) AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext) AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control) if test "$enable_ssl" \!= "no"; then AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls) fi AC_CHECK_FUNCS(gethostbyname_r) if test "$ac_cv_func_gethostbyname_r" = "yes"; then AC_CACHE_CHECK(whether gethostbyname_r takes 6 arguments, nss_ldap_cv_gethostbyname_r_args, [ AC_TRY_COMPILE([ #include ], [gethostbyname_r(0, 0, 0, 0, 0, 0);], [nss_ldap_cv_gethostbyname_r_args=6], [nss_ldap_cv_gethostbyname_r_args=5]) ]) AC_DEFINE_UNQUOTED(GETHOSTBYNAME_R_ARGS, $nss_ldap_cv_gethostbyname_r_args) fi AC_CHECK_FUNCS(ldap_set_rebind_proc) AC_CACHE_CHECK(whether ldap_set_rebind_proc takes 3 arguments, nss_ldap_cv_ldap_set_rebind_proc, [ AC_TRY_COMPILE([ #include #include ], [ldap_set_rebind_proc(0, 0, 0);], [nss_ldap_cv_ldap_set_rebind_proc=3], [nss_ldap_cv_ldap_set_rebind_proc=2]) ]) AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $nss_ldap_cv_ldap_set_rebind_proc) AC_OUTPUT(Makefile)