-f $dir/lib64/libgssapi_krb5.so -o \
-f $dir/lib/x86_64-linux-gnu/libgssapi_krb5.so -o \
-f $dir/lib/libgssapi_krb5.so \) ; then
- AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries])
KRBDIR="$dir"
dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the
dnl private function (gss_krb5_ccache_name) to get correct
AC_CHECK_LIB($gssapi_lib, krb5int_derive_key,
AC_DEFINE(HAVE_KRB5INT_DERIVE_KEY, 1, [Define this if the function krb5int_derive_key is available]), ,$KRBLIBS)
+ dnl Check for krb5_derive_key
+ AC_CHECK_LIB($gssapi_lib, krb5_derive_key,
+ AC_DEFINE(HAVE_KRB5_DERIVE_KEY, 1, [Define this if the function krb5_derive_key is available]), ,$KRBLIBS)
+
+ AS_IF([test "x$HAVE_KRB5INT_DERIVE_KEY" = "x1" -o "x$HAVE_KRB5_DERIVE_KEY" = "x1"],
+ [AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries])],
+ [KRBDIR=""; AC_MSG_WARN(Disable gss/krb5 due to missing both krb5int_derive_key and krb5_derive_key functions!)])
+
dnl If they specified a directory and it didn't work, give them a warning
if test "x$krb5_with" != "x" -a "$krb5_with" != "$KRBDIR"; then
AC_MSG_WARN(Using $KRBDIR instead of requested value of $krb5_with for Kerberos!)
])
#
-# LC_CONFIG_GSS_KEYRING (default enabled, if gss is enabled)
+# LC_CONFIG_GSS_KEYRING (default 'auto', tests for dependencies, if found, enables; only called if gss is enabled)
#
AC_DEFUN([LC_CONFIG_GSS_KEYRING],
[AC_MSG_CHECKING([whether to enable gss keyring backend])
AC_ARG_ENABLE([gss_keyring],
[AC_HELP_STRING([--disable-gss-keyring],
[disable gss keyring backend])],
- [],[enable_gss_keyring='yes'])
+ [],[enable_gss_keyring='auto'])
AC_MSG_RESULT([$enable_gss_keyring])
if test x$enable_gss_keyring != xno; then
- LB_LINUX_CONFIG_IM([KEYS],[],
- [AC_MSG_ERROR([GSS keyring backend require that CONFIG_KEYS be enabled in your kernel.])])
+ LB_LINUX_CONFIG_IM([KEYS],[],
+ [gss_keyring_conf_test='fail';
+ AC_MSG_WARN([GSS keyring backend require that CONFIG_KEYS be enabled in your kernel.])])
- AC_CHECK_LIB([keyutils], [keyctl_search], [],
- [AC_MSG_ERROR([libkeyutils is not found, which is required by gss keyring backend])],)
+ AC_CHECK_LIB([keyutils], [keyctl_search], [],
+ [gss_keyring_conf_test='fail';
+ AC_MSG_WARN([libkeyutils is not found, which is required by gss keyring backend])],)
- AC_DEFINE([HAVE_GSS_KEYRING], [1],
- [Define this if you enable gss keyring backend])
+ if test x$gss_keyring_conf_test != xfail; then
+ AC_DEFINE([HAVE_GSS_KEYRING], [1], [Define this if you enable gss keyring backend])
+ enable_gss_keyring='yes'
+ else
+ if test x$enable_gss_keyring == xyes; then
+ AC_MSG_ERROR([Cannot enable gss_keyring. See above for details.])
+ else
+ AC_MSG_WARN([Cannot enable gss keyring. See above for details.])
+ fi
+ fi
fi
])
])
#
-# LC_CONFIG_GSS (default disabled)
+# LC_CONFIG_GSS (default 'auto' (tests for dependencies, if found, enables))
#
# Build gss and related tools of Lustre. Currently both kernel and user space
# parts are depend on linux platform.
if test x$enable_gss != xno; then
LC_CONFIG_GSS_KEYRING
- sunrpc_required=$enable_gss
- LC_CONFIG_SUNRPC
+ sunrpc_required=$enable_gss
+ LC_CONFIG_SUNRPC
sunrpc_required=no
- AC_DEFINE([HAVE_GSS], [1], [Define this if you enable gss])
-
- LB_LINUX_CONFIG_IM([CRYPTO_MD5],[],
- [AC_MSG_WARN([kernel MD5 support is recommended by using GSS.])])
- LB_LINUX_CONFIG_IM([CRYPTO_SHA1],[],
- [AC_MSG_WARN([kernel SHA1 support is recommended by using GSS.])])
- LB_LINUX_CONFIG_IM([CRYPTO_SHA256],[],
- [AC_MSG_WARN([kernel SHA256 support is recommended by using GSS.])])
- LB_LINUX_CONFIG_IM([CRYPTO_SHA512],[],
- [AC_MSG_WARN([kernel SHA512 support is recommended by using GSS.])])
-
- require_krb5=$enable_gss
- AC_KERBEROS_V5
- require_krb5=no
-
- if test x$KRBDIR != x; then
- AC_CHECK_LIB([gssapi], [gss_export_lucid_sec_context],
- [GSSAPI_LIBS="$GSSAPI_LDFLAGS -lgssapi"],
- [AC_CHECK_LIB([gssglue], [gss_export_lucid_sec_context],
- [GSSAPI_LIBS="$GSSAPI_LDFLAGS -lgssglue"],
- [if test x$enable_gss == xyes; then
- AC_MSG_ERROR([libgssapi or libgssglue is not found, which is required by GSS.])
- fi])],)
- AC_SUBST(GSSAPI_LIBS)
- fi
+ LB_LINUX_CONFIG_IM([CRYPTO_MD5],[],
+ [AC_MSG_WARN([kernel MD5 support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_SHA1],[],
+ [AC_MSG_WARN([kernel SHA1 support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_SHA256],[],
+ [AC_MSG_WARN([kernel SHA256 support is recommended by using GSS.])])
+ LB_LINUX_CONFIG_IM([CRYPTO_SHA512],[],
+ [AC_MSG_WARN([kernel SHA512 support is recommended by using GSS.])])
+
+ require_krb5=$enable_gss
+ AC_KERBEROS_V5
+ require_krb5=no
+
+ if test x$KRBDIR != x; then
+ AC_CHECK_LIB([gssapi], [gss_export_lucid_sec_context],
+ [GSSAPI_LIBS="$GSSAPI_LDFLAGS -lgssapi";
+ gss_conf_test='success'],
+ [AC_CHECK_LIB([gssglue], [gss_export_lucid_sec_context],
+ [GSSAPI_LIBS="$GSSAPI_LDFLAGS -lgssglue";
+ gss_conf_test='success'],
+ [if test x$enable_gss == xyes; then
+ AC_MSG_ERROR([libgssapi or libgssglue is not found, which is required by GSS.])
+ else
+ AC_MSG_WARN([libgssapi or libgssglue is not found, which is required by GSS.])
+ fi])],)
+ AC_SUBST(GSSAPI_LIBS)
+ fi
+
+ if test x$gss_conf_test == xsuccess; then
+ AC_DEFINE([HAVE_GSS], [1], [Define this is if you enable gss])
+ enable_gss='yes'
+ fi
+
fi
])