summaryrefslogtreecommitdiffstats
path: root/m4/ldap.m4
blob: 78c21e0bc0a1f65f22bf137d9683bab4d088afe7 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

AC_DEFUN([SUDO_CHECK_LDAP], [
    if test ${with_ldap-'no'} != "no"; then
	O_LDFLAGS="$LDFLAGS"
	if test "$with_ldap" != "yes"; then
	    SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_ldap}/lib])
	    LDFLAGS="$LDFLAGS -L${with_ldap}/lib"
	    if test -d "${with_ldap}/lib64"; then
		SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${with_ldap}/lib64])
		LDFLAGS="$LDFLAGS -L${with_ldap}/lib64"
	    fi
	    AX_APPEND_FLAG([-I${with_ldap}/include], [CPPFLAGS])
	    with_ldap=yes
	fi
	SUDOERS_OBJS="${SUDOERS_OBJS} ldap.lo ldap_conf.lo"
	case "$SUDOERS_OBJS" in
	    *ldap_util.lo*) ;;
	    *) SUDOERS_OBJS="${SUDOERS_OBJS} ldap_util.lo";;
	esac
	LDAP=""

	_LIBS="$LIBS"
	LDAP_LIBS=""
	IBMLDAP_EXTRA=""
	found=no
	# On HP-UX, libibmldap has a hidden dependency on libCsup
	case "$host_os" in
	    hpux*) AC_CHECK_LIB([Csup], [main], [IBMLDAP_EXTRA=" -lCsup"]);;
	esac
	AC_SEARCH_LIBS([ldap_init], ["ibmldap${IBMLDAP_EXTRA}" "ibmldap -lidsldif${IBMLDAP_EXTRA}" "ldap" "ldap -llber" "ldap -llber -lssl -lcrypto" "ibmldap${IBMLDAP_EXTRA}]", [
	    test "${ac_cv_search_ldap_init}" != "none required" && LDAP_LIBS="${ac_cv_search_ldap_init}"
	    found=yes
	])
	# If nothing linked, try -lldap and hope for the best
	if test "$found" = "no"; then
	    LDAP_LIBS="-lldap"
	fi
	LIBS="${_LIBS} ${LDAP_LIBS}"

	AC_CHECK_DECL([LBER_OPT_DEBUG_LEVEL], [
	    case "$LDAP_LIBS" in
	    *-llber*)
		# Already linking with -llber
		;;
	    *)	# Link with -llber for ber_set_option() if it exists
		AC_CHECK_LIB([lber], [ber_set_option], [found=yes], [found=no])
		if test X"$found" = X"yes"; then
		    LDAP_LIBS="$LDAP_LIBS -llber"
		fi
		;;
	    esac
	], [], [AC_INCLUDES_DEFAULT
#include <lber.h>])
	AC_CACHE_CHECK([whether lber.h is needed when including ldap.h], [sudo_cv_header_lber_h], [
	    AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
#include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [
		# No need to explicitly include lber.h when including ldap.h.
		sudo_cv_header_lber_h=no
	    ], [
		sudo_cv_header_lber_h=yes
	    ])
	])
	if test X"$sudo_cv_header_lber_h" = X"yes"; then
	    AC_DEFINE(HAVE_LBER_H)
	fi

	if test ${enable_sasl-'yes'} = "yes"; then
	    found_sasl_h=no
	    AC_CHECK_HEADERS([sasl/sasl.h] [sasl.h], [
		found_sasl_h=yes
		AC_CHECK_FUNCS([ldap_sasl_interactive_bind_s])
		break
	    ])
	    if test X${enable_sasl} = X"yes"; then
		if test X"$found_sasl_h" != X"yes"; then
		    AC_MSG_ERROR([--enable-sasl specified but unable to locate SASL development headers.])
		fi
		if test X"$ac_cv_func_ldap_sasl_interactive_bind_s" != X"yes"; then :
		    AC_MSG_ERROR([--enable-sasl specified but SASL support is missing in your LDAP library])
		fi
	    fi
	fi
	AC_CHECK_HEADERS([ldapssl.h] [ldap_ssl.h] [mps/ldap_ssl.h], [break], [], [#include <ldap.h>])
	AC_CHECK_FUNCS([ldap_initialize ldap_start_tls_s ldapssl_init ldapssl_set_strength ldap_unbind_ext_s ldap_str2dn ldap_create ldap_sasl_bind_s ldap_ssl_init ldap_ssl_client_init ldap_start_tls_s_np])
	AC_CHECK_FUNCS([ldap_search_ext_s ldap_search_st], [break])

	if test X"$check_gss_krb5_ccache_name" = X"yes"; then
	    AC_CHECK_LIB([gssapi], [gss_krb5_ccache_name], [
		AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
		LDAP_LIBS="${LDAP_LIBS} -lgssapi"
	    ], [
		AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name, [
		    AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME)
		    LDAP_LIBS="${LDAP_LIBS} -lgssapi_krb5"
		])
	    ])

	    # gssapi headers may be separate or part of Kerberos V
	    found=no
	    O_CPPFLAGS="$CPPFLAGS"
	    for dir in "" "kerberosV" "krb5" "kerberos5" "kerberosv5"; do
		test X"$dir" != X"" && CPPFLAGS="$O_CPPFLAGS -I/usr/include/${dir}"
		# Use AC_PREPROC_IFELSE to check existence to avoid caching
		# since we test with multiple values of CPPFLAGS
		AC_PREPROC_IFELSE([
		    AC_LANG_PROGRAM([[#include <gssapi/gssapi.h>]])
		], [
		    AC_CHECK_HEADERS([gssapi/gssapi.h])
		    break
		], [
		    AC_PREPROC_IFELSE([
			AC_LANG_PROGRAM([[#include <gssapi.h>]])
		    ], [
			AC_CHECK_HEADERS([gssapi.h])
			break
		    ])
		])
	    done
	    if test X"$ac_cv_header_gssapi_gssapi_h" != X"no"; then
		AC_CHECK_HEADERS([gssapi/gssapi_krb5.h])
	    elif test X"$ac_cv_header_gssapi_h" = X"no"; then
		CPPFLAGS="$O_CPPFLAGS"
		AC_MSG_WARN([unable to locate gssapi.h, you will have to edit the Makefile and add -I/path/to/gssapi/includes to CPPFLAGS])
	    fi
	fi

	SUDOERS_LIBS="${SUDOERS_LIBS} ${LDAP_LIBS}"
	LIBS="$_LIBS"
	LDFLAGS="$O_LDFLAGS"
    fi
])
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 06:19:59 +0000