]> git.ipfire.org Git - thirdparty/squid.git/blob - acinclude/krb5.m4
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
merge from trunk
[thirdparty/squid.git] / acinclude / krb5.m4
1 ## Copyright (C) 1996-2014 The Squid Software Foundation and contributors
2 ##
3 ## Squid software is distributed under GPLv2+ license and includes
4 ## contributions from numerous individuals and organizations.
5 ## Please see the COPYING and CONTRIBUTORS files for details.
6 ##
7
8 dnl these checks must be performed in the same order as here defined,
9 dnl and have mostly been lifted out of an inlined configure.ac.
10
11 dnl checks for a broken solaris header file, and sets squid_cv_broken_krb5_h
12 dnl to yes if that's the case
13 AC_DEFUN([SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H], [
14 AC_CACHE_CHECK([for broken Solaris krb5.h],squid_cv_broken_krb5_h, [
15 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
16 #include <krb5.h>
17 int i;
18 ]])], [ squid_cv_broken_krb5_h=no ], [
19 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
20 #if defined(__cplusplus)
21 #define KRB5INT_BEGIN_DECLS extern "C" {
22 #define KRB5INT_END_DECLS
23 KRB5INT_BEGIN_DECLS
24 #endif
25 #include <krb5.h>
26 int i;
27 ]])], [ squid_cv_broken_krb5_h=yes ], [ squid_cv_broken_krb5_h=no ])
28 ])
29 ])
30 ]) dnl SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H
31
32
33 AC_DEFUN([SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H], [
34 AC_CACHE_CHECK([for broken Heimdal krb5.h],squid_cv_broken_heimdal_krb5_h, [
35 AC_RUN_IFELSE([AC_LANG_SOURCE([[
36 #include <krb5.h>
37 int
38 main(void)
39 {
40 krb5_context context;
41
42 krb5_init_context(&context);
43
44 return 0;
45 }
46 ]])], [ squid_cv_broken_heimdal_krb5_h=no ], [
47 AC_RUN_IFELSE([AC_LANG_SOURCE([[
48 #if defined(__cplusplus)
49 extern "C" {
50 #endif
51 #include <krb5.h>
52 #if defined(__cplusplus)
53 }
54 #endif
55 int
56 main(void)
57 {
58 krb5_context context;
59
60 krb5_init_context(&context);
61
62 return 0;
63 }
64 ]])], [ squid_cv_broken_heimdal_krb5_h=yes ], [ squid_cv_broken_heimdal_krb5_h=no ])
65 ])
66 ])
67 ]) dnl SQUID_CHECK_KRB5_HEIMDAL_BROKEN_KRB5_H
68
69 dnl check the max skew in the krb5 context, and sets squid_cv_max_skew_context
70 AC_DEFUN([SQUID_CHECK_MAX_SKEW_IN_KRB5_CONTEXT],[
71 AC_CACHE_CHECK([for max_skew in struct krb5_context],
72 squid_cv_max_skew_context, [
73 AC_COMPILE_IFELSE([
74 AC_LANG_PROGRAM([[
75 #if HAVE_BROKEN_SOLARIS_KRB5_H
76 #if defined(__cplusplus)
77 #define KRB5INT_BEGIN_DECLS extern "C" {
78 #define KRB5INT_END_DECLS
79 KRB5INT_BEGIN_DECLS
80 #endif
81 #endif
82 #include <krb5.h>
83 krb5_context kc; kc->max_skew = 1;
84 ]])
85 ],[ squid_cv_max_skew_context=yes ],
86 [ squid_cv_max_skew_context=no ])
87 ])
88 ])
89
90 dnl check whether the kerberos context has a memory cache. Sets
91 dnl squid_cv_memory_cache if that's the case.
92 AC_DEFUN([SQUID_CHECK_KRB5_CONTEXT_MEMORY_CACHE],[
93 AC_CACHE_CHECK([for memory cache], squid_cv_memory_cache, [
94 AC_RUN_IFELSE([
95 AC_LANG_SOURCE([[
96 #if HAVE_BROKEN_SOLARIS_KRB5_H
97 #if defined(__cplusplus)
98 #define KRB5INT_BEGIN_DECLS extern "C" {
99 #define KRB5INT_END_DECLS
100 KRB5INT_BEGIN_DECLS
101 #endif
102 #endif
103 #include <krb5.h>
104 int main(int argc, char *argv[])
105 {
106 krb5_context context;
107 krb5_ccache cc;
108
109 krb5_init_context(&context);
110 return krb5_cc_resolve(context, "MEMORY:test_cache", &cc);
111 }
112 ]])
113 ], [ squid_cv_memory_cache=yes ], [ squid_cv_memory_cache=no ], [:])
114 ])
115 ])
116
117
118 dnl checks that gssapi is ok, and sets squid_cv_working_gssapi accordingly
119 AC_DEFUN([SQUID_CHECK_WORKING_GSSAPI], [
120 AC_CACHE_CHECK([for working gssapi], squid_cv_working_gssapi, [
121 AC_RUN_IFELSE([AC_LANG_SOURCE([[
122 #if USE_HEIMDAL_KRB5
123 #if HAVE_GSSAPI_GSSAPI_H
124 #include <gssapi/gssapi.h>
125 #elif HAVE_GSSAPI_H
126 #include <gssapi.h>
127 #endif
128 #elif USE_GNUGSS
129 #if HAVE_GSS_H
130 #include <gss.h>
131 #endif
132 #else
133 #if HAVE_GSSAPI_GSSAPI_H
134 #include <gssapi/gssapi.h>
135 #elif HAVE_GSSAPI_H
136 #include <gssapi.h>
137 #endif
138 #if HAVE_GSSAPI_GSSAPI_KRB5_H
139 #include <gssapi/gssapi_krb5.h>
140 #endif
141 #if HAVE_GSSAPI_GSSAPI_GENERIC_H
142 #include <gssapi/gssapi_generic.h>
143 #endif
144 #endif
145 int
146 main(void)
147 {
148 OM_uint32 val;
149 gss_OID_set set;
150
151 gss_create_empty_oid_set(&val, &set);
152
153 return 0;
154 }
155 ]])], [ squid_cv_working_gssapi=yes ], [ squid_cv_working_gssapi=no ], [:])])
156 if test "x$squid_cv_working_gssapi" = "xno" -a `echo $LIBS | grep -i -c "\-L"` -gt 0; then
157 AC_MSG_NOTICE([Check Runtime library path !])
158 fi
159 ])
160
161 dnl check for a working spnego, and set squid_cv_have_spnego
162 AC_DEFUN([SQUID_CHECK_SPNEGO_SUPPORT], [
163 AC_CACHE_CHECK([for spnego support], squid_cv_have_spnego, [
164 AC_RUN_IFELSE([AC_LANG_SOURCE([[
165 #if USE_HEIMDAL_KRB5
166 #if HAVE_GSSAPI_GSSAPI_H
167 #include <gssapi/gssapi.h>
168 #elif HAVE_GSSAPI_H
169 #include <gssapi.h>
170 #endif
171 #elif USE_GNUGSS
172 #if HAVE_GSS_H
173 #include <gss.h>
174 #endif
175 #else
176 #if HAVE_GSSAPI_GSSAPI_H
177 #include <gssapi/gssapi.h>
178 #elif HAVE_GSSAPI_H
179 #include <gssapi.h>
180 #endif
181 #if HAVE_GSSAPI_GSSAPI_KRB5_H
182 #include <gssapi/gssapi_krb5.h>
183 #endif
184 #if HAVE_GSSAPI_GSSAPI_GENERIC_H
185 #include <gssapi/gssapi_generic.h>
186 #endif
187 #endif
188 #include <string.h>
189 int main(int argc, char *argv[]) {
190 OM_uint32 major_status,minor_status;
191 gss_OID_set gss_mech_set;
192 int i;
193
194 static gss_OID_desc _gss_mech_spnego = {6, (void *)"\x2b\x06\x01\x05\x05\x02"};
195 gss_OID gss_mech_spnego = &_gss_mech_spnego;
196
197 major_status = gss_indicate_mechs( &minor_status, &gss_mech_set);
198
199 for (i=0;i<gss_mech_set->count;i++) {
200 if (!memcmp(gss_mech_set->elements[i].elements,gss_mech_spnego->elements,gss_mech_set->elements[i].length)) {
201 return 0;
202 }
203 }
204
205 return 1;
206 }
207 ]])],
208 [ squid_cv_have_spnego=yes ], [ squid_cv_have_spnego=no ],[:])])
209 ])
210
211 dnl checks that krb5 is functional. Sets squid_cv_working_krb5
212 AC_DEFUN([SQUID_CHECK_WORKING_KRB5],[
213 AC_CACHE_CHECK([for working krb5], squid_cv_working_krb5, [
214 AC_RUN_IFELSE([AC_LANG_SOURCE([[
215 #if HAVE_KRB5_H
216 #if HAVE_BROKEN_SOLARIS_KRB5_H
217 #if defined(__cplusplus)
218 #define KRB5INT_BEGIN_DECLS extern "C" {
219 #define KRB5INT_END_DECLS
220 KRB5INT_BEGIN_DECLS
221 #endif
222 #endif
223 #if HAVE_BROKEN_HEIMDAL_KRB5_H
224 extern "C" {
225 #include <krb5.h>
226 }
227 #else
228 #include <krb5.h>
229 #endif
230 #endif
231
232 int
233 main(void)
234 {
235 krb5_context context;
236
237 krb5_init_context(&context);
238
239 return 0;
240 }
241 ]])], [ squid_cv_working_krb5=yes ], [ squid_cv_working_krb5=no ],[:])])
242 if test "x$squid_cv_working_krb5" = "xno" -a `echo $LIBS | grep -i -c "\-L"` -gt 0; then
243 AC_MSG_NOTICE([Check Runtime library path !])
244 fi
245 ])
246
247
248 dnl checks for existence of krb5 functions
249 AC_DEFUN([SQUID_CHECK_KRB5_FUNCS],[
250
251 AC_CHECK_LIB(krb5,krb5_get_err_text,
252 AC_DEFINE(HAVE_KRB5_GET_ERR_TEXT,1,
253 [Define to 1 if you have krb5_get_err_text]),)
254 AC_CHECK_LIB(krb5,krb5_get_error_message,
255 AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE,1,
256 [Define to 1 if you have krb5_get_error_message]),)
257 AC_CHECK_DECLS(krb5_kt_free_entry,,,[#include <krb5.h>])
258 AC_CHECK_TYPE(krb5_pac,
259 AC_DEFINE(HAVE_KRB5_PAC,1,
260 [Define to 1 if you have krb5_pac]),,
261 [#include <krb5.h>])
262 AC_CHECK_LIB(krb5,krb5_kt_free_entry,
263 AC_DEFINE(HAVE_KRB5_KT_FREE_ENTRY,1,
264 [Define to 1 if you have krb5_kt_free_entry]),)
265 AC_CHECK_LIB(krb5,krb5_get_init_creds_keytab,
266 AC_DEFINE(HAVE_GET_INIT_CREDS_KEYTAB,1,
267 [Define to 1 if you have krb5_get_init_creds_keytab]),)
268 AC_CHECK_LIB(krb5,krb5_get_max_time_skew,
269 AC_DEFINE(HAVE_KRB5_GET_MAX_TIME_SKEW,1,
270 [Define to 1 if you have krb5_get_max_time_skew]),)
271 AC_CHECK_LIB(krb5,krb5_get_profile,
272 AC_DEFINE(HAVE_KRB5_GET_PROFILE,1,
273 [Define to 1 if you have krb5_get_profile]),)
274 AC_CHECK_LIB(krb5,profile_get_integer,
275 AC_DEFINE(HAVE_PROFILE_GET_INTEGER,1,
276 [Define to 1 if you have profile_get_integer]),)
277 AC_CHECK_LIB(krb5,profile_release,
278 AC_DEFINE(HAVE_PROFILE_RELEASE,1,
279 [Define to 1 if you have profile_release]),)
280 AC_CHECK_LIB(krb5,krb5_get_renewed_creds,
281 AC_DEFINE(HAVE_KRB5_GET_RENEWED_CREDS,1,
282 [Define to 1 if you have krb5_get_renewed_creds]),)
283 AC_CHECK_LIB(krb5,krb5_principal_get_realm,
284 AC_DEFINE(HAVE_KRB5_PRINCIPAL_GET_REALM,1,
285 [Define to 1 if you have krb5_principal_get_realm]),)
286 AC_CHECK_LIB(krb5, krb5_get_init_creds_opt_alloc,
287 AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC,1,
288 [Define to 1 if you have krb5_get_init_creds_opt_alloc]),)
289 AC_MSG_CHECKING([for krb5_get_init_creds_free requires krb5_context])
290 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
291 #include <krb5.h>
292 ]],[[krb5_context context;
293 krb5_get_init_creds_opt *options;
294 krb5_get_init_creds_opt_free(context, options)]])],[
295 AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_FREE_CONTEXT,1,
296 [Define to 1 if you krb5_get_init_creds_free requires krb5_context])
297 AC_MSG_RESULT(yes)
298 ],[AC_MSG_RESULT(no)],[AC_MSG_RESULT(no)])
299
300
301 AC_CHECK_FUNCS(gss_map_name_to_any,
302 AC_DEFINE(HAVE_GSS_MAP_ANY_TO_ANY,1,
303 [Define to 1 if you have gss_map_name_to_any]),)
304 AC_CHECK_FUNCS(gsskrb5_extract_authz_data_from_sec_context,
305 AC_DEFINE(HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT,1,
306 [Define to 1 if you have gsskrb5_extract_authz_data_from_sec_context]),)
307
308 SQUID_CHECK_KRB5_CONTEXT_MEMORY_CACHE
309 SQUID_DEFINE_BOOL(HAVE_KRB5_MEMORY_CACHE,$squid_cv_memory_cache,
310 [Define if kerberos has MEMORY: cache support])
311
312 SQUID_CHECK_WORKING_GSSAPI
313 SQUID_DEFINE_BOOL(HAVE_GSSAPI,$squid_cv_working_gssapi,[GSSAPI support])
314
315 SQUID_CHECK_SPNEGO_SUPPORT
316 SQUID_DEFINE_BOOL(HAVE_SPNEGO,$squid_cv_have_spnego,[SPNEGO support])
317
318 SQUID_CHECK_WORKING_KRB5
319 SQUID_DEFINE_BOOL(HAVE_KRB5,$squid_cv_working_krb5,[KRB5 support])
320 ])
321
Mirror of https://github.com/squid-cache/squid.git