2 dnl AUTHOR: Squid Web Cache team
4 dnl SQUID Web Proxy Cache http://www.squid-cache.org/
5 dnl ----------------------------------------------------------
6 dnl Squid is the result of efforts by numerous individuals from
7 dnl the Internet community; see the CONTRIBUTORS file for full
8 dnl details. Many organizations have provided support for Squid's
9 dnl development; see the SPONSORS file for full details. Squid is
10 dnl Copyrighted (C) 2001 by the Regents of the University of
11 dnl California; see the COPYRIGHT file for full details. Squid
12 dnl incorporates software developed and/or copyrighted by other
13 dnl sources; see the CREDITS file for full details.
15 dnl This program is free software; you can redistribute it and/or modify
16 dnl it under the terms of the GNU General Public License as published by
17 dnl the Free Software Foundation; either version 2 of the License, or
18 dnl (at your option) any later version.
20 dnl This program is distributed in the hope that it will be useful,
21 dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
22 dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 dnl GNU General Public License for more details.
25 dnl You should have received a copy of the GNU General Public License
26 dnl along with this program; if not, write to the Free Software
27 dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
29 dnl these checks must be performed in the same order as here defined,
30 dnl and have mostly been lifted out of an inlined configure.ac.
32 dnl checks for a broken solaris header file, and sets squid_cv_broken_krb5_h
33 dnl to yes if that's the case
34 AC_DEFUN([SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H], [
35 AC_CACHE_CHECK([for broken Solaris krb5.h],squid_cv_broken_krb5_h, [
36 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
39 ]])], [ squid_cv_broken_krb5_h=no ], [
40 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
41 #if defined(__cplusplus)
42 #define KRB5INT_BEGIN_DECLS extern "C" {
43 #define KRB5INT_END_DECLS
48 ]])], [ squid_cv_broken_krb5_h=yes ], [ squid_cv_broken_krb5_h=no ])
51 ]) dnl SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H
54 AC_DEFUN([SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H], [
55 AC_CACHE_CHECK([for broken Heimdal krb5.h],squid_cv_broken_heimdal_krb5_h, [
56 AC_RUN_IFELSE([AC_LANG_SOURCE([[
63 krb5_init_context(&context);
67 ]])], [ squid_cv_broken_heimdal_krb5_h=no ], [
68 AC_RUN_IFELSE([AC_LANG_SOURCE([[
69 #if defined(__cplusplus)
73 #if defined(__cplusplus)
81 krb5_init_context(&context);
85 ]])], [ squid_cv_broken_heimdal_krb5_h=yes ], [ squid_cv_broken_heimdal_krb5_h=no ])
88 ]) dnl SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H
90 dnl check the max skew in the krb5 context, and sets squid_cv_max_skew_context
91 AC_DEFUN([SQUID_CHECK_MAX_SKEW_IN_KRB5_CONTEXT],[
92 AC_CACHE_CHECK([for max_skew in struct krb5_context],
93 squid_cv_max_skew_context, [
96 #if HAVE_BROKEN_SOLARIS_KRB5_H
97 #if defined(__cplusplus)
98 #define KRB5INT_BEGIN_DECLS extern "C" {
99 #define KRB5INT_END_DECLS
104 krb5_context kc; kc->max_skew = 1;
106 ],[ squid_cv_max_skew_context=yes ],
107 [ squid_cv_max_skew_context=no ])
111 dnl check whether the kerberos context has a memory cache. Sets
112 dnl squid_cv_memory_cache if that's the case.
113 AC_DEFUN([SQUID_CHECK_KRB5_CONTEXT_MEMORY_CACHE],[
114 AC_CACHE_CHECK([for memory cache], squid_cv_memory_cache, [
117 #if HAVE_BROKEN_SOLARIS_KRB5_H
118 #if defined(__cplusplus)
119 #define KRB5INT_BEGIN_DECLS extern "C" {
120 #define KRB5INT_END_DECLS
125 int main(int argc, char *argv[])
127 krb5_context context;
130 krb5_init_context(&context);
131 return krb5_cc_resolve(context, "MEMORY:test_cache", &cc);
134 ], [ squid_cv_memory_cache=yes ], [ squid_cv_memory_cache=no ], [:])
139 dnl checks that gssapi is ok, and sets squid_cv_working_gssapi accordingly
140 AC_DEFUN([SQUID_CHECK_WORKING_GSSAPI], [
141 AC_CACHE_CHECK([for working gssapi], squid_cv_working_gssapi, [
142 AC_RUN_IFELSE([AC_LANG_SOURCE([[
144 #if HAVE_GSSAPI_GSSAPI_H
145 #include <gssapi/gssapi.h>
154 #if HAVE_GSSAPI_GSSAPI_H
155 #include <gssapi/gssapi.h>
159 #if HAVE_GSSAPI_GSSAPI_KRB5_H
160 #include <gssapi/gssapi_krb5.h>
162 #if HAVE_GSSAPI_GSSAPI_GENERIC_H
163 #include <gssapi/gssapi_generic.h>
172 gss_create_empty_oid_set(&val, &set);
176 ]])], [ squid_cv_working_gssapi=yes ], [ squid_cv_working_gssapi=no ], [:])])
177 if test "x$squid_cv_working_gssapi" = "xno" -a `echo $LIBS | grep -i -c "\-L"` -gt 0; then
178 AC_MSG_NOTICE([Check Runtime library path !])
182 dnl check for a working spnego, and set squid_cv_have_spnego
183 AC_DEFUN([SQUID_CHECK_SPNEGO_SUPPORT], [
184 AC_CACHE_CHECK([for spnego support], squid_cv_have_spnego, [
185 AC_RUN_IFELSE([AC_LANG_SOURCE([[
187 #if HAVE_GSSAPI_GSSAPI_H
188 #include <gssapi/gssapi.h>
197 #if HAVE_GSSAPI_GSSAPI_H
198 #include <gssapi/gssapi.h>
202 #if HAVE_GSSAPI_GSSAPI_KRB5_H
203 #include <gssapi/gssapi_krb5.h>
205 #if HAVE_GSSAPI_GSSAPI_GENERIC_H
206 #include <gssapi/gssapi_generic.h>
210 int main(int argc, char *argv[]) {
211 OM_uint32 major_status,minor_status;
212 gss_OID_set gss_mech_set;
215 static gss_OID_desc _gss_mech_spnego = {6, (void *)"\x2b\x06\x01\x05\x05\x02"};
216 gss_OID gss_mech_spnego = &_gss_mech_spnego;
218 major_status = gss_indicate_mechs( &minor_status, &gss_mech_set);
220 for (i=0;i<gss_mech_set->count;i++) {
221 if (!memcmp(gss_mech_set->elements[i].elements,gss_mech_spnego->elements,gss_mech_set->elements[i].length)) {
229 [ squid_cv_have_spnego=yes ], [ squid_cv_have_spnego=no ],[:])])
232 dnl checks that krb5 is functional. Sets squid_cv_working_krb5
233 AC_DEFUN([SQUID_CHECK_WORKING_KRB5],[
234 AC_CACHE_CHECK([for working krb5], squid_cv_working_krb5, [
235 AC_RUN_IFELSE([AC_LANG_SOURCE([[
237 #if HAVE_BROKEN_SOLARIS_KRB5_H
238 #if defined(__cplusplus)
239 #define KRB5INT_BEGIN_DECLS extern "C" {
240 #define KRB5INT_END_DECLS
244 #if HAVE_BROKEN_HEIMDAL_KRB5_H
256 krb5_context context;
258 krb5_init_context(&context);
262 ]])], [ squid_cv_working_krb5=yes ], [ squid_cv_working_krb5=no ],[:])])
263 if test "x$squid_cv_working_krb5" = "xno" -a `echo $LIBS | grep -i -c "\-L"` -gt 0; then
264 AC_MSG_NOTICE([Check Runtime library path !])
269 dnl checks for existence of krb5 functions
270 AC_DEFUN([SQUID_CHECK_KRB5_FUNCS],[
272 AC_CHECK_LIB(krb5,krb5_get_err_text,
273 AC_DEFINE(HAVE_KRB5_GET_ERR_TEXT,1,
274 [Define to 1 if you have krb5_get_err_text]),)
275 AC_CHECK_LIB(krb5,krb5_get_error_message,
276 AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE,1,
277 [Define to 1 if you have krb5_get_error_message]),)
278 AC_CHECK_DECLS(krb5_kt_free_entry,,,[#include <krb5.h>])
279 AC_CHECK_TYPE(krb5_pac,
280 AC_DEFINE(HAVE_KRB5_PAC,1,
281 [Define to 1 if you have krb5_pac]),,
283 AC_CHECK_LIB(krb5,krb5_kt_free_entry,
284 AC_DEFINE(HAVE_KRB5_KT_FREE_ENTRY,1,
285 [Define to 1 if you have krb5_kt_free_entry]),)
286 AC_CHECK_LIB(krb5,krb5_get_init_creds_keytab,
287 AC_DEFINE(HAVE_GET_INIT_CREDS_KEYTAB,1,
288 [Define to 1 if you have krb5_get_init_creds_keytab]),)
289 AC_CHECK_LIB(krb5,krb5_get_max_time_skew,
290 AC_DEFINE(HAVE_KRB5_GET_MAX_TIME_SKEW,1,
291 [Define to 1 if you have krb5_get_max_time_skew]),)
292 AC_CHECK_LIB(krb5,krb5_get_profile,
293 AC_DEFINE(HAVE_KRB5_GET_PROFILE,1,
294 [Define to 1 if you have krb5_get_profile]),)
295 AC_CHECK_LIB(krb5,profile_get_integer,
296 AC_DEFINE(HAVE_PROFILE_GET_INTEGER,1,
297 [Define to 1 if you have profile_get_integer]),)
298 AC_CHECK_LIB(krb5,profile_release,
299 AC_DEFINE(HAVE_PROFILE_RELEASE,1,
300 [Define to 1 if you have profile_release]),)
301 AC_CHECK_LIB(krb5,krb5_get_renewed_creds,
302 AC_DEFINE(HAVE_KRB5_GET_RENEWED_CREDS,1,
303 [Define to 1 if you have krb5_get_renewed_creds]),)
304 AC_CHECK_LIB(krb5,krb5_principal_get_realm,
305 AC_DEFINE(HAVE_KRB5_PRINCIPAL_GET_REALM,1,
306 [Define to 1 if you have krb5_principal_get_realm]),)
307 AC_CHECK_LIB(krb5, krb5_get_init_creds_opt_alloc,
308 AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC,1,
309 [Define to 1 if you have krb5_get_init_creds_opt_alloc]),)
310 AC_MSG_CHECKING([for krb5_get_init_creds_free requires krb5_context])
311 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
313 ]],[[krb5_context context;
314 krb5_get_init_creds_opt *options;
315 krb5_get_init_creds_opt_free(context, options)]])],[
316 AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_FREE_CONTEXT,1,
317 [Define to 1 if you krb5_get_init_creds_free requires krb5_context])
319 ],[AC_MSG_RESULT(no)],[AC_MSG_RESULT(no)])
322 AC_CHECK_FUNCS(gss_map_name_to_any,
323 AC_DEFINE(HAVE_GSS_MAP_ANY_TO_ANY,1,
324 [Define to 1 if you have gss_map_name_to_any]),)
325 AC_CHECK_FUNCS(gsskrb5_extract_authz_data_from_sec_context,
326 AC_DEFINE(HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT,1,
327 [Define to 1 if you have gsskrb5_extract_authz_data_from_sec_context]),)
329 SQUID_CHECK_KRB5_CONTEXT_MEMORY_CACHE
330 SQUID_DEFINE_BOOL(HAVE_KRB5_MEMORY_CACHE,$squid_cv_memory_cache,
331 [Define if kerberos has MEMORY: cache support])
333 SQUID_CHECK_WORKING_GSSAPI
334 SQUID_DEFINE_BOOL(HAVE_GSSAPI,$squid_cv_working_gssapi,[GSSAPI support])
336 SQUID_CHECK_SPNEGO_SUPPORT
337 SQUID_DEFINE_BOOL(HAVE_SPNEGO,$squid_cv_have_spnego,[SPNEGO support])
339 SQUID_CHECK_WORKING_KRB5
340 SQUID_DEFINE_BOOL(HAVE_KRB5,$squid_cv_working_krb5,[KRB5 support])