])
])
+#
+# LC_CONFIG_GSS_KEYRING (default enabled, if gss is enabled)
+#
+AC_DEFUN([LC_CONFIG_GSS_KEYRING],
+[AC_MSG_CHECKING([whether to enable gss keyring backend])
+ AC_ARG_ENABLE([gss_keyring],
+ [AC_HELP_STRING([--disable-gss-keyring],
+ [disable gss keyring backend])],
+ [],[enable_gss_keyring='yes'])
+ AC_MSG_RESULT([$enable_gss_keyring])
+
+ if test x$enable_gss_keyring != xno; then
+ LB_LINUX_CONFIG_IM([KEYS],[],
+ [AC_MSG_ERROR([GSS keyring backend require that CONFIG_KEYS be enabled in your kernel.])])
+
+ AC_CHECK_LIB([keyutils], [keyctl_search], [],
+ [AC_MSG_ERROR([libkeyutils is not found, which is required by gss keyring backend])],)
+
+ AC_DEFINE([HAVE_GSS_KEYRING], [1],
+ [Define this if you enable gss keyring backend])
+ fi
+])
+
m4_pattern_allow(AC_KERBEROS_V5)
#
-# LC_CONFIG_GSS
+# LC_CONFIG_GSS (default disabled)
#
# Build gss and related tools of Lustre. Currently both kernel and user space
# parts are depend on linux platform.
#
AC_DEFUN([LC_CONFIG_GSS],
[AC_MSG_CHECKING([whether to enable gss/krb5 support])
-AC_ARG_ENABLE([gss],
- AC_HELP_STRING([--enable-gss], [enable gss/krb5 support]),
- [],[enable_gss='no'])
-AC_MSG_RESULT([$enable_gss])
-
-if test x$enable_gss == xyes; then
- LB_LINUX_CONFIG_IM([SUNRPC],[],[
- AC_MSG_ERROR([GSS require that CONFIG_SUNRPC is enabled in your kernel.])
- ])
- LB_LINUX_CONFIG_IM([CRYPTO_DES],[],[
- AC_MSG_WARN([DES support is recommended by using GSS.])
- ])
- LB_LINUX_CONFIG_IM([CRYPTO_MD5],[],[
- AC_MSG_WARN([MD5 support is recommended by using GSS.])
- ])
- LB_LINUX_CONFIG_IM([CRYPTO_SHA256],[],[
- AC_MSG_WARN([SHA256 support is recommended by using GSS.])
- ])
- LB_LINUX_CONFIG_IM([CRYPTO_SHA512],[],[
- AC_MSG_WARN([SHA512 support is recommended by using GSS.])
- ])
- LB_LINUX_CONFIG_IM([CRYPTO_ARC4],[],[
- AC_MSG_WARN([ARC4 support is recommended by using GSS.])
- ])
- #
- # AES symbol is uncertain (optimized & depend on arch)
- #
-
- AC_CHECK_LIB(gssapi, gss_init_sec_context, [
- GSSAPI_LIBS="$GSSAPI_LDFLAGS -lgssapi"
- ], [
- AC_MSG_ERROR([libgssapi is not found, consider --disable-gss.])
- ],
- )
+ AC_ARG_ENABLE([gss],
+ [AC_HELP_STRING([--enable-gss], [enable gss/krb5 support])],
+ [],[enable_gss='no'])
+ AC_MSG_RESULT([$enable_gss])
+
+ if test x$enable_gss == xyes; then
+ LC_CONFIG_GSS_KEYRING
+
+ LB_LINUX_CONFIG_IM([CRYPTO_DES],[],
+ [AC_MSG_WARN([kernel DES support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_MD5],[],
+ [AC_MSG_WARN([kernel MD5 support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_SHA256],[],
+ [AC_MSG_WARN([kernel SHA256 support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_SHA512],[],
+ [AC_MSG_WARN([kernel SHA512 support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_ARC4],[],
+ [AC_MSG_WARN([kernel ARC4 support is recommended by using GSS.])])
+
+ dnl FIXME
+ dnl the AES symbol usually tied with arch, e.g. CRYPTO_AES_586
+ dnl FIXME
+ LB_LINUX_CONFIG_IM([CRYPTO_AES],[],
+ [AC_MSG_WARN([kernel AES support is recommended by using GSS.])])
+
+ AC_CHECK_LIB([gssapi], [gss_init_sec_context],
+ [GSSAPI_LIBS="$GSSAPI_LDFLAGS -lgssapi"],
+ [AC_MSG_ERROR([libgssapi is not found, which is required by GSS.])],)
AC_SUBST(GSSAPI_LIBS)
+
AC_KERBEROS_V5
-fi
+ fi
])
# LC_FUNC_MS_FLOCK_LOCK
AM_CONDITIONAL(BLKID, test x$ac_cv_header_blkid_blkid_h = xyes)
AM_CONDITIONAL(EXT2FS_DEVEL, test x$ac_cv_header_ext2fs_ext2fs_h = xyes)
AM_CONDITIONAL(GSS, test x$enable_gss = xyes)
+AM_CONDITIONAL(GSS_KEYRING, test x$enable_gss_keyring = xyes)
+AM_CONDITIONAL(GSS_PIPEFS, test x$enable_gss_pipefs = xyes)
AM_CONDITIONAL(LIBPTHREAD, test x$enable_libpthread = xyes)
])