IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-13 09:41:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
03cdc22c94
freeipa/daemons/configure.ac
Alexander Bokovoy cc56723151 ipasam: add enumeration of UPN suffixes based on the realm domains 
PASSDB API in Samba adds support for specifying UPN suffixes. The change
in ipasam will allow to pass through list of realm domains as UPN suffixes
so that Active Directory domain controller will be able to recognize
non-primary UPN suffixes as belonging to IPA and properly find our KDC
for cross-realm TGT.

Since Samba already returns primary DNS domain separately, filter it out
from list of UPN suffixes.

Also enclose provider of UPN suffixes into #ifdef to support both
Samba with and without pdb_enum_upn_suffixes().

Part of https://fedorahosted.org/freeipa/ticket/2848
2013-03-29 13:45:50 +01:00

413 lines
14 KiB
Plaintext
Raw Blame History

AC_PREREQ(2.59)
m4_include(../version.m4)
AC_INIT([ipa-server],
IPA_VERSION,
[https://hosted.fedoraproject.org/projects/freeipa/newticket])
AC_CONFIG_HEADERS([config.h])
AM_INIT_AUTOMAKE([foreign])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES])
AM_MAINTAINER_MODE
AC_PROG_CC
AC_STDC_HEADERS
AC_DISABLE_STATIC
AC_PROG_LIBTOOL
AC_HEADER_STDC
AM_CONDITIONAL([HAVE_GCC], [test "$ac_cv_prog_gcc" = yes])
AC_SUBST(VERSION)
dnl ---------------------------------------------------------------------------
dnl - Check for NSPR
dnl ---------------------------------------------------------------------------
AC_CHECK_HEADER(nspr4/nspr.h)
AC_CHECK_HEADER(nspr/nspr.h)
if test "x$ac_cv_header_nspr4_nspr_h" = "xno" && test "x$ac_cv_header_nspr_nspr_h" = "xno" ; then
AC_MSG_ERROR([Required NSPR header not available (nspr-devel)])
fi
if test "x$ac_cv_header_nspr4_nspr_h" = "xyes" ; then
NSPR4="-I/usr/include/nspr4"
fi
if test "x$ac_cv_header_nspr_nspr_h" = "xyes" ; then
NSPR4="-I/usr/include/nspr"
fi
dnl ---------------------------------------------------------------------------
dnl - Check for NSS
dnl ---------------------------------------------------------------------------
SAVE_CPPFLAGS=$CPPFLAGS
CPPFLAGS=$NSPR4
AC_CHECK_HEADER(nss3/nss.h)
AC_CHECK_HEADER(nss/nss.h)
CPPFLAGS=$SAVE_CPPFLAGS
if test "x$ac_cv_header_nss3_nss_h" = "xno" && test "x$ac_cv_header_nss_nss_h" = "xno" ; then
AC_MSG_ERROR([Required NSS header not available (nss-devel)])
fi
if test "x$ac_cv_header_nss3_nss_h" = "xyes" ; then
NSS3="-I/usr/include/nss3"
fi
if test "x$ac_cv_header_nss_nss_h" = "xyes" ; then
NSS3="-I/usr/include/nss"
fi
dnl ---------------------------------------------------------------------------
dnl - Check for DS slapi plugin
dnl ---------------------------------------------------------------------------
# Need to hack CPPFLAGS to be able to correctly detetct slapi-plugin.h
SAVE_CPPFLAGS=$CPPFLAGS
CPPFLAGS=$NSPR4
AC_CHECK_HEADER(dirsrv/slapi-plugin.h)
if test "x$ac_cv_header_dirsrv_slapi-plugin_h" = "xno" ; then
AC_MSG_ERROR([Required 389-ds header not available (389-ds-base-devel)])
fi
AC_CHECK_HEADER(dirsrv/repl-session-plugin.h)
if test "x$ac_cv_header_dirsrv_repl_session_plugin_h" = "xno" ; then
AC_MSG_ERROR([Required 389-ds header not available (389-ds-base-devel)])
fi
CPPFLAGS=$SAVE_CPPFLAGS
if test "x$ac_cv_header_dirsrv_slapi_plugin_h" = "xno" ; then
AC_MSG_ERROR([Required DS slapi plugin header not available (fedora-ds-base-devel)])
fi
dnl ---------------------------------------------------------------------------
dnl - Check for KRB5
dnl ---------------------------------------------------------------------------
KRB5_LIBS=
AC_CHECK_HEADER(krb5.h, [], [AC_MSG_ERROR([krb5.h not found])])
krb5_impl=mit
if test "x$ac_cv_header_krb5_h" = "xyes" ; then
dnl lazy check for Heimdal Kerberos
AC_CHECK_HEADERS(heim_err.h)
if test $ac_cv_header_heim_err_h = yes ; then
krb5_impl=heimdal
else
krb5_impl=mit
fi
if test "x$krb5_impl" = "xmit"; then
AC_CHECK_LIB(k5crypto, main,
[krb5crypto=k5crypto],
[krb5crypto=crypto])
AC_CHECK_LIB(krb5, main,
[have_krb5=yes
KRB5_LIBS="-lkrb5 -l$krb5crypto -lcom_err"],
[have_krb5=no],
[-l$krb5crypto -lcom_err])
elif test "x$krb5_impl" = "xheimdal"; then
AC_CHECK_LIB(des, main,
[krb5crypto=des],
[krb5crypto=crypto])
AC_CHECK_LIB(krb5, main,
[have_krb5=yes
KRB5_LIBS="-lkrb5 -l$krb5crypto -lasn1 -lroken -lcom_err"],
[have_krb5=no],
[-l$krb5crypto -lasn1 -lroken -lcom_err])
AC_DEFINE(HAVE_HEIMDAL_KERBEROS, 1,
[define if you have HEIMDAL Kerberos])
else
have_krb5=no
AC_MSG_WARN([Unrecognized Kerberos5 Implementation])
fi
if test "x$have_krb5" = "xyes" ; then
ol_link_krb5=yes
AC_DEFINE(HAVE_KRB5, 1,
[define if you have Kerberos V])
else
AC_MSG_ERROR([Required Kerberos 5 support not available])
fi
fi
AC_SUBST(KRB5_LIBS)
dnl ---------------------------------------------------------------------------
dnl - Check for Mozilla LDAP and OpenLDAP SDK
dnl ---------------------------------------------------------------------------
SAVE_CPPFLAGS=$CPPFLAGS
CPPFLAGS="$NSPR4 $NSS3"
AC_CHECK_HEADER(svrcore.h)
AC_CHECK_HEADER(svrcore/svrcore.h)
if test "x$ac_cv_header_svrcore_h" = "xno" && test "x$ac_cv_header_svrcore_svrcore_h" = "xno" ; then
AC_MSG_ERROR([Required svrcore header not available (svrcore-devel)])
fi
if test "x$ac_cv_header_svrcore_svrcore_h" = "yes" ; then
CPPFLAGS="$CPPFLAGS -I/usr/include/svrcore"
fi
AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes)
dnl Check for other libraries we need to link with to get the main routines.
test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) }
test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) }
test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) }
dnl Recently, we need -lber even though the main routines are elsewhere,
dnl because otherwise be get link errors w.r.t. ber_pvt_opt_on. So just
dnl check for that (it's a variable not a fun but that doesn't seem to
dnl matter in these checks) and stick in -lber if so. Can't hurt (even to
dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who
dnl #### understands LDAP needs to fix this properly.
test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) }
if test "$with_ldap" = "yes"; then
if test "$with_ldap_des" = "yes" ; then
OPENLDAP_LIBS="${OPENLDAP_LIBS} -ldes"
fi
if test "$with_ldap_krb" = "yes" ; then
OPENLDAP_LIBS="${OPENLDAP_LIBS} -lkrb"
fi
if test "$with_ldap_lber" = "yes" ; then
OPENLDAP_LIBS="${OPENLDAP_LIBS} -llber"
fi
OPENLDAP_LIBS="${OPENLDAP_LIBS} -lldap_r"
else
AC_MSG_ERROR([OpenLDAP not found])
fi
AC_SUBST(OPENLDAP_LIBS)
OPENLDAP_CFLAGS="${OPENLDAP_CFLAGS} -DWITH_OPENLDAP"
AC_SUBST(OPENLDAP_CFLAGS)
AC_ARG_WITH([openldap],
[AS_HELP_STRING([--with-openldap],
[compile plugins with openldap instead of mozldap])],
[], [])
LDAP_CFLAGS="${OPENLDAP_CFLAGS} $NSPR4 $NSS3 -DUSE_OPENLDAP"
LDAP_LIBS="${OPENLDAP_LIBS}"
AC_DEFINE_UNQUOTED(WITH_OPENLDAP, 1, [Use OpenLDAP libraries])
AC_SUBST(LDAP_CFLAGS)
AC_SUBST(LDAP_LIBS)
dnl ---------------------------------------------------------------------------
dnl - Check for OpenSSL Crypto library
dnl ---------------------------------------------------------------------------
dnl This is a very simple check, we should probably check also for MD4_Init and
dnl probably also the version we are using is recent enough
SSL_LIBS=
AC_CHECK_HEADER(openssl/des.h, [], [AC_MSG_ERROR([openssl/des.h not found])])
AC_CHECK_LIB(crypto, DES_set_key_unchecked, [SSL_LIBS="-lcrypto"])
AC_SUBST(SSL_LIBS)
dnl ---------------------------------------------------------------------------
dnl - Check for UUID library
dnl ---------------------------------------------------------------------------
AC_CHECK_HEADERS(uuid/uuid.h,,[AC_MSG_ERROR([uuid/uuid.h not found])])
AC_CHECK_LIB(uuid, uuid_generate_time, [UUID_LIBS="-luuid"])
AC_SUBST(UUID_LIBS)
dnl ---------------------------------------------------------------------------
dnl - Check for Python
dnl ---------------------------------------------------------------------------
AC_MSG_NOTICE([Checking for Python])
have_python=no
AM_PATH_PYTHON(2.3)
if test "x$PYTHON" = "x" ; then
AC_MSG_ERROR([Python not found])
fi
dnl ---------------------------------------------------------------------------
dnl Check for ndr_krb5pac and other samba libraries
dnl ---------------------------------------------------------------------------
PKG_PROG_PKG_CONFIG()
PKG_CHECK_MODULES([TALLOC], [talloc])
PKG_CHECK_MODULES([TEVENT], [tevent])
PKG_CHECK_MODULES([NDRPAC], [ndr_krb5pac])
PKG_CHECK_MODULES([NDRNBT], [ndr_nbt])
PKG_CHECK_MODULES([NDR], [ndr])
PKG_CHECK_MODULES([SAMBAUTIL], [samba-util])
SAMBA40EXTRA_LIBPATH="-L`$PKG_CONFIG --variable=libdir samba-util`/samba -Wl,-rpath=`$PKG_CONFIG --variable=libdir samba-util`/samba"
AC_SUBST(SAMBA40EXTRA_LIBPATH)
AC_CHECK_HEADERS([samba-4.0/wbclient.h],
,
[AC_MSG_ERROR([samba-4.0/wbclient.h not found])],
[#include <stdbool.h>
#include <stdint.h>])
AC_CHECK_LIB([wbclient],
[wbcLookupSid],
[WBCLIENT_LIBS="$SAMBA40EXTRA_LIBPATH -lwbclient"],
[AC_MSG_ERROR([libwbclient does not have wbcLookupSid])],
[$SAMBA40EXTRA_LIBPATH])
AC_SUBST(WBCLIENT_LIBS)
AC_CHECK_LIB([pdb],
[make_pdb_method],
[HAVE_LIBPDB=1],
[AC_MSG_ERROR([libpdb does not have make_pdb_method])],
[$SAMBA40EXTRA_LIBPATH])
AC_CHECK_LIB([pdb],[pdb_enum_upn_suffixes],
[AC_DEFINE([HAVE_PDB_ENUM_UPN_SUFFIXES], [1], [Ability to enumerate UPN suffixes])],
[AC_MSG_WARN([libpdb does not have pdb_enum_upn_suffixes, no support for realm domains in ipasam])],
[$SAMBA40EXTRA_LIBPATH])
dnl ---------------------------------------------------------------------------
dnl - Check for check unit test framework http://check.sourceforge.net/
dnl ---------------------------------------------------------------------------
PKG_CHECK_MODULES([CHECK], [check >= 0.9.5], [have_check=1], [have_check=])
if test x$have_check = x; then
AC_MSG_WARN([Without the 'CHECK' library, you will be unable to run all tests in the 'make check' suite])
else
AC_CHECK_HEADERS([check.h],,AC_MSG_ERROR([Could not find CHECK headers]))
fi
AM_CONDITIONAL([HAVE_CHECK], [test x$have_check != x])
dnl ---------------------------------------------------------------------------
dnl - Check for cmocka unit test framework http://cmocka.cryptomilk.org/
dnl This will be simplified when cmocka carries a .pc file.
dnl ---------------------------------------------------------------------------
AC_SUBST(CMOCKA_LIBS)
AC_SUBST(CMOCKA_CFLAGS)
AC_CHECK_HEADERS(
[setjmp.h cmocka.h],,,
[[ #include <stdarg.h>
# include <stddef.h>
#ifdef HAVE_SETJMP_H
# include <setjmp.h>
#endif
]]
)
if test "x$ac_cv_header_setjmp_h" = "xyes" && test "x$ac_cv_header_cmocka_h" = "xyes" ; then
AC_CHECK_LIB([cmocka], [_will_return],
[ CMOCKA_LIBS="-lcmocka"
AC_MSG_RESULT([libcmocka available, cmocka tests will be build])
have_cmocka="yes" ],
[AC_MSG_WARN([No libcmocka library found, cmocka tests will not be build])
have_cmocka="no" ])
else
AC_MSG_WARN([Required header files for libcmocka are missing, cmocka tests will not be build])
have_cmocka="no"
fi
AM_CONDITIONAL([HAVE_CMOCKA], [test x$have_cmocka = xyes])
dnl -- dirsrv is needed for the extdom unit tests --
PKG_CHECK_MODULES([DIRSRV], [dirsrv >= 1.3.0])
dnl -- sss_idmap is needed by the extdom exop --
PKG_CHECK_MODULES([SSSIDMAP], [sss_idmap])
dnl ---------------------------------------------------------------------------
dnl - Set the data install directory since we don't use pkgdatadir
dnl ---------------------------------------------------------------------------
IPA_DATA_DIR="$datadir/ipa"
AC_SUBST(IPA_DATA_DIR)
dnl ---------------------------------------------------------------------------
dnl Finish
dnl ---------------------------------------------------------------------------
# Turn on the additional warnings last, so -Werror doesn't affect other tests.
AC_ARG_ENABLE(more-warnings,
[AC_HELP_STRING([--enable-more-warnings],
[Maximum compiler warnings])],
set_more_warnings="$enableval",[
if test -d $srcdir/../.hg; then
set_more_warnings=yes
else
set_more_warnings=no
fi
])
AC_MSG_CHECKING(for more warnings)
if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then
AC_MSG_RESULT(yes)
CFLAGS="\
-Wall \
-Wchar-subscripts -Wmissing-declarations -Wmissing-prototypes \
-Wnested-externs -Wpointer-arith \
-Wcast-align -Wsign-compare \
$CFLAGS"
for option in -Wno-strict-aliasing -Wno-sign-compare; do
SAVE_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS $option"
AC_MSG_CHECKING([whether gcc understands $option])
AC_TRY_COMPILE([], [],
has_option=yes,
has_option=no,)
if test $has_option = no; then
CFLAGS="$SAVE_CFLAGS"
fi
AC_MSG_RESULT($has_option)
unset has_option
unset SAVE_CFLAGS
done
unset option
else
AC_MSG_RESULT(no)
fi
# Flags
AC_SUBST(CFLAGS)
AC_SUBST(CPPFLAGS)
AC_SUBST(LDFLAGS)
# Files
AC_CONFIG_FILES([
Makefile
ipa-kdb/Makefile
ipa-sam/Makefile
ipa-slapi-plugins/Makefile
ipa-slapi-plugins/ipa-cldap/Makefile
ipa-slapi-plugins/ipa-dns/Makefile
ipa-slapi-plugins/ipa-enrollment/Makefile
ipa-slapi-plugins/ipa-lockout/Makefile
ipa-slapi-plugins/ipa-pwd-extop/Makefile
ipa-slapi-plugins/ipa-extdom-extop/Makefile
ipa-slapi-plugins/ipa-winsync/Makefile
ipa-slapi-plugins/ipa-version/Makefile
ipa-slapi-plugins/ipa-uuid/Makefile
ipa-slapi-plugins/ipa-modrdn/Makefile
ipa-slapi-plugins/ipa-sidgen/Makefile
ipa-slapi-plugins/ipa-range-check/Makefile
])
AC_OUTPUT
echo "
IPA Server $VERSION
========================
prefix: ${prefix}
exec_prefix: ${exec_prefix}
libdir: ${libdir}
bindir: ${bindir}
sbindir: ${sbindir}
sysconfdir: ${sysconfdir}
localstatedir: ${localstatedir}
datadir: ${datadir}
source code location: ${srcdir}
compiler: ${CC}
cflags: ${CFLAGS}
LDAP libs: ${LDAP_LIBS}
KRB5 libs: ${KRB5_LIBS}
OpenSSL libs: ${SSL_LIBS}
Maintainer mode: ${USE_MAINTAINER_MODE}
"
Reference in New Issue View Git Blame Copy Permalink