--- /dev/null
+dnl Checks for Kerberos
+dnl NOTE: while we intend to do generic gss-api, currently we
+dnl have a requirement to get an initial Kerberos machine
+dnl credential. Thus, the requirement for Kerberos.
+dnl The Kerberos gssapi library will be dynamically loaded?
+AC_DEFUN([AC_KERBEROS_V5],[
+ AC_MSG_CHECKING(for Kerberos v5)
+ AC_ARG_WITH(krb5,
+ [AC_HELP_STRING([--with-krb5=DIR], [use Kerberos v5 installation in DIR])],
+ [ case "$withval" in
+ yes|no)
+ krb5_with=""
+ ;;
+ *)
+ krb5_with="$withval"
+ ;;
+ esac ]
+ )
+
+ for dir in $krb5_with /usr /usr/kerberos /usr/local /usr/local/krb5 \
+ /usr/krb5 /usr/heimdal /usr/local/heimdal /usr/athena ; do
+ dnl This ugly hack brought on by the split installation of
+ dnl MIT Kerberos on Fedora Core 1
+ K5CONFIG=""
+ if test -f $dir/bin/krb5-config; then
+ K5CONFIG=$dir/bin/krb5-config
+ elif test -f "/usr/kerberos/bin/krb5-config"; then
+ K5CONFIG="/usr/kerberos/bin/krb5-config"
+ fi
+ if test "$K5CONFIG" != ""; then
+ KRBCFLAGS=`$K5CONFIG --cflags`
+ KRBLIBS=`$K5CONFIG --libs gssapi`
+ K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'`
+ AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
+ if test -f $dir/include/gssapi/gssapi_krb5.h -a \
+ \( -f $dir/lib/libgssapi_krb5.a -o \
+ -f $dir/lib/libgssapi_krb5.so \) ; then
+ AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries])
+ KRBDIR="$dir"
+ dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the
+ dnl private function (gss_krb5_ccache_name) to get correct
+ dnl behavior of changing the ccache used by gssapi.
+ dnl Starting in 1.3.2, we *DO NOT* want to use
+ dnl gss_krb5_ccache_name, instead we want to set KRB5CCNAME
+ dnl to get gssapi to use a different ccache
+ if test $K5VERS -le 131; then
+ AC_DEFINE(USE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the private function, gss_krb5_cache_name, must be used to tell the Kerberos library which credentials cache to use. Otherwise, this is done by setting the KRB5CCNAME environment variable])
+ fi
+ gssapi_lib=gssapi_krb5
+ break
+ dnl The following ugly hack brought on by the split installation
+ dnl of Heimdal Kerberos on SuSe
+ elif test \( -f $dir/include/heim_err.h -o\
+ -f $dir/include/heimdal/heim_err.h \) -a \
+ -f $dir/lib/libroken.a; then
+ AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries])
+ KRBDIR="$dir"
+ gssapi_lib=gssapi
+ break
+ fi
+ fi
+ done
+ dnl We didn't find a usable Kerberos environment
+ if test "x$KRBDIR" = "x"; then
+ if test "x$krb5_with" = "x"; then
+ AC_MSG_ERROR(Kerberos v5 with GSS support not found: consider --disable-gss or --with-krb5=)
+ else
+ AC_MSG_ERROR(Kerberos v5 with GSS support not found at $krb5_with)
+ fi
+ fi
+ AC_MSG_RESULT($KRBDIR)
+
+ dnl Now check for functions within gssapi library
+ AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context,
+ AC_DEFINE(HAVE_LUCID_CONTEXT_SUPPORT, 1, [Define this if the Kerberos GSS library supports gss_krb5_export_lucid_sec_context]), ,$KRBLIBS)
+ AC_CHECK_LIB($gssapi_lib, gss_krb5_set_allowable_enctypes,
+ AC_DEFINE(HAVE_SET_ALLOWABLE_ENCTYPES, 1, [Define this if the Kerberos GSS library supports gss_krb5_set_allowable_enctypes]), ,$KRBLIBS)
+ AC_CHECK_LIB($gssapi_lib, gss_krb5_ccache_name,
+ AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the Kerberos GSS library supports gss_krb5_ccache_name]), ,$KRBLIBS)
+
+ dnl If they specified a directory and it didn't work, give them a warning
+ if test "x$krb5_with" != "x" -a "$krb5_with" != "$KRBDIR"; then
+ AC_MSG_WARN(Using $KRBDIR instead of requested value of $krb5_with for Kerberos!)
+ fi
+
+ AC_SUBST([KRBDIR])
+ AC_SUBST([KRBLIBS])
+ AC_SUBST([KRBCFLAGS])
+ AC_SUBST([K5VERS])
+
+])
projects / nfs-utils.git / blobdiff