From: jadestorm Date: Wed, 1 May 2002 19:03:59 +0000 (+0000) Subject: Initial revision X-Git-Tag: main~1 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mod_auth_kerb.git;a=commitdiff_plain;h=6b40087d9a92c1f02397e4498098489303a6f8b4 Initial revision --- 6b40087d9a92c1f02397e4498098489303a6f8b4 diff --git a/Makefile.in b/Makefile.in new file mode 100644 index 0000000..d6c79cd --- /dev/null +++ b/Makefile.in @@ -0,0 +1,23 @@ +### +# Makefile.in for mod_auth_kerb +### + +APXS = @APXS@ +CFLAGS = -I. @CFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +INSTALL = @INSTALL@ + +all: mod_auth_kerb + +mod_auth_kerb: mod_auth_kerb.c + $(APXS) -c ${CFLAGS} ${LDFLAGS} ${LIBS} mod_auth_kerb.c + +install: + $(APXS) -c -i ${CFLAGS} ${LDFLAGS} ${LIBS} mod_auth_kerb.c + +clean: + /bin/rm -rf core *.o *.la *.lo *.slo .libs + +distclean: clean + /bin/rm -f Makefile config.h config.status config.cache config.log mod_auth_kerb.c diff --git a/README b/README new file mode 100644 index 0000000..87452a8 --- /dev/null +++ b/README @@ -0,0 +1 @@ +This README is temporary. I'll make it say something good soon. diff --git a/README.static b/README.static new file mode 100644 index 0000000..c3605c0 --- /dev/null +++ b/README.static @@ -0,0 +1 @@ +This is where the docs for building it statically into apache will go. diff --git a/apache1/api_inc.h b/apache1/api_inc.h new file mode 100644 index 0000000..e46d662 --- /dev/null +++ b/apache1/api_inc.h @@ -0,0 +1,8 @@ +#include "httpd.h" +#include "http_config.h" +#include "http_core.h" +#include "http_log.h" +#include "http_protocol.h" +#include "http_request.h" + +module kerb_auth_module; diff --git a/apache1/auth_user.c b/apache1/auth_user.c new file mode 100644 index 0000000..db75a2a --- /dev/null +++ b/apache1/auth_user.c @@ -0,0 +1,95 @@ +int kerb_authenticate_user(request_rec *r) { + const char *type; /* AuthType specified */ + int KerberosV5 = 0; /* Kerberos V5 check enabled */ + int KerberosV4 = 0; /* Kerberos V4 check enabled */ + const char *sent_pw; /* Password sent by browser */ + int res; /* Response holder */ + const char *auth_line = apr_table_get(r->headers_in, + (PROXYREQ_PROXY == r->proxyreq) + ? "Proxy-Authorization" + : "Authorization"); + + type = ap_auth_type(r); + + if (type != NULL) { +#ifdef KRB5 + if (strncasecmp(type, "KerberosV5", 10) == 0) { + KerberosV5 = 1; + } +#endif /* KRB5 */ + +#ifdef KRB4 + if (strncasecmp(type, "KerberosV4", 10) == 0) { + KerberosV4 = 1; + } +#endif /* KRB4 */ + } + + if (!KerberosV4 && !KerberosV5) { + return DECLINED; + } + + const char *t; + + if (!(t = ap_auth_type(r)) || strcasecmp(t, "Basic")) + return DECLINED; + + if (!ap_auth_name(r)) { + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, + 0, r, "need AuthName: %s", r->uri); + return HTTP_INTERNAL_SERVER_ERROR; + } + + if (!auth_line) { + ap_note_basic_auth_failure(r); + return HTTP_UNAUTHORIZED; + } + + if (strcasecmp(ap_getword(r->pool, &auth_line, ' '), "Basic")) { + /* Client tried to authenticate using wrong auth scheme */ + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r, + "client used wrong authentication scheme: %s", r->uri); + ap_note_basic_auth_failure(r); + return HTTP_UNAUTHORIZED; + } + + while (*auth_line == ' ' || *auth_line == '\t') { + auth_line++; + } + + t = ap_pbase64decode(r->pool, auth_line); + /* Note that this allocation has to be made from r->connection->pool + * because it has the lifetime of the connection. The other allocations + * are temporary and can be tossed away any time. + */ + r->user = ap_getword_nulls (r->pool, &t, ':'); + r->ap_auth_type = "Basic"; + + *pw = t; + + return OK; +} + +#ifdef KRB5 + if (KerberosV5) { + if (kerb5_password_validate(r->connection->user, sent_pw)) { + return OK; + } + else { + return HTTP_UNAUTHORIZED; + } + } +#endif /* KRB5 */ +#ifdef KRB4 + if (KerberosV4) { + if (kerb4_password_validate(r->connection->user, sent_pw)) { + return OK; + } + else { + return HTTP_UNAUTHORIZED; + } + } +#endif /* KRB4 */ + + return DECLINED; +} diff --git a/apache1/module.c b/apache1/module.c new file mode 100644 index 0000000..327200e --- /dev/null +++ b/apache1/module.c @@ -0,0 +1,17 @@ +module kerb_auth_module = { + STANDARD_MODULE_STUFF, + NULL, /* initializer */ + NULL, /* dir config creater */ + NULL, /* dir merger */ + NULL, /* server config */ + NULL, /* merge server config */ + NULL, /* command table */ + NULL, /* handlers */ + NULL, /* filename translation */ + kerb_authenticate_user, /* check_user_id */ + NULL, /* check auth */ + NULL, /* check access */ + NULL, /* type_checker */ + NULL, /* fixups */ + NULL /* logger */ +}; diff --git a/apache2/api_inc.h b/apache2/api_inc.h new file mode 100644 index 0000000..6680f4b --- /dev/null +++ b/apache2/api_inc.h @@ -0,0 +1,11 @@ +#include "apr_strings.h" +#include "apr_lib.h" +#include "ap_config.h" +#include "httpd.h" +#include "http_config.h" +#include "http_core.h" +#include "http_log.h" +#include "http_protocol.h" +#include "http_request.h" + +module AP_MODULE_DECLARE_DATA kerb_auth_module; diff --git a/apache2/auth_user.c b/apache2/auth_user.c new file mode 100644 index 0000000..39dc047 --- /dev/null +++ b/apache2/auth_user.c @@ -0,0 +1,85 @@ +int kerb_authenticate_user(request_rec *r) { + const char *type; /* AuthType specified */ + int KerberosV5 = 0; /* Kerberos V5 check enabled */ + int KerberosV4 = 0; /* Kerberos V4 check enabled */ + const char *sent_pw; /* Password sent by browser */ + const char *t; /* Return value holder */ + int res; /* Response holder */ + + const char *auth_line = apr_table_get(r->headers_in, + (PROXYREQ_PROXY == r->proxyreq) + ? "Proxy-Authorization" + : "Authorization"); + + type = ap_auth_type(r); + + if (type != NULL) { +#ifdef KRB5 + if (strncasecmp(type, "KerberosV5", 10) == 0) { + KerberosV5 = 1; + } +#endif /* KRB5 */ + +#ifdef KRB4 + if (strncasecmp(type, "KerberosV4", 10) == 0) { + KerberosV4 = 1; + } +#endif /* KRB4 */ + } + + if (!KerberosV4 && !KerberosV5) { + return DECLINED; + } + + if (!ap_auth_name(r)) { + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, + 0, r, "need AuthName: %s", r->uri); + return HTTP_INTERNAL_SERVER_ERROR; + } + + if (!auth_line) { + ap_note_basic_auth_failure(r); + return HTTP_UNAUTHORIZED; + } + + if (strcasecmp(ap_getword(r->pool, &auth_line, ' '), "Basic")) { + /* Client tried to authenticate using wrong auth scheme */ + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r, + "client used wrong authentication scheme: %s", r->uri); + ap_note_basic_auth_failure(r); + return HTTP_UNAUTHORIZED; + } + + while (*auth_line == ' ' || *auth_line == '\t') { + auth_line++; + } + + t = ap_pbase64decode(r->pool, auth_line); + r->user = ap_getword_nulls(r->pool, &t, ':'); + sent_pw = t; + +#ifdef KRB5 + if (KerberosV5) { + r->ap_auth_type = "KerberosV5"; + if (kerb5_password_validate(r->user, sent_pw)) { + return OK; + } + else { + return HTTP_UNAUTHORIZED; + } + } +#endif /* KRB5 */ +#ifdef KRB4 + if (KerberosV4) { + r->ap_auth_type = "KerberosV4"; + if (kerb4_password_validate(r->user, sent_pw)) { + return OK; + } + else { + return HTTP_UNAUTHORIZED; + } + } +#endif /* KRB4 */ + + return DECLINED; +} diff --git a/apache2/hooks.c b/apache2/hooks.c new file mode 100644 index 0000000..9e0c9bb --- /dev/null +++ b/apache2/hooks.c @@ -0,0 +1,4 @@ +void kerb_register_hooks(apr_pool_t *p) +{ + ap_hook_check_user_id(kerb_authenticate_user, NULL, NULL, APR_HOOK_MIDDLE); +} diff --git a/apache2/module.c b/apache2/module.c new file mode 100644 index 0000000..367f1f7 --- /dev/null +++ b/apache2/module.c @@ -0,0 +1,10 @@ +module AP_MODULE_DECLARE_DATA kerb_auth_module = +{ + STANDARD20_MODULE_STUFF, + NULL, /* dir config creater */ + NULL, /* dir merger */ + NULL, /* server config */ + NULL, /* merge server config */ + NULL, /* command apr_table_t */ + kerb_register_hooks /* register hooks */ +}; diff --git a/configure b/configure new file mode 100755 index 0000000..26bfb6e --- /dev/null +++ b/configure @@ -0,0 +1,1748 @@ +#! /bin/sh + +# Guess values for system-dependent variables and create Makefiles. +# Generated automatically using autoconf version 2.13 +# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. + +# Defaults: +ac_help= +ac_default_prefix=/usr/local +# Any additions from configure.in: +ac_help="$ac_help + --with-api=API api to use (apache1, apache2)" +ac_help="$ac_help + --with-apxs=PATH path to apxs" +ac_help="$ac_help + --with-static module is to be statically linked" +ac_help="$ac_help + --with-krb5=DIR path to Kerberos 5 install" +ac_help="$ac_help + --with-krb5-include=DIR include path to Kerberos 5 install" +ac_help="$ac_help + --with-krb5-lib=DIR lib path to Kerberos 5 install" +ac_help="$ac_help + --disable-krb5 force disabling of krb5 support" +ac_help="$ac_help + --with-krb4=DIR path to Kerberos 4 install" +ac_help="$ac_help + --with-krb4-include=DIR include path to Kerberos 4 install" +ac_help="$ac_help + --with-krb4-lib=DIR lib path to Kerberos 4 install" +ac_help="$ac_help + --disable-krb4 force disabling of krb4 support" + +# Initialize some variables set by options. +# The variables have the same names as the options, with +# dashes changed to underlines. +build=NONE +cache_file=./config.cache +exec_prefix=NONE +host=NONE +no_create= +nonopt=NONE +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +target=NONE +verbose= +x_includes=NONE +x_libraries=NONE +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datadir='${prefix}/share' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +libdir='${exec_prefix}/lib' +includedir='${prefix}/include' +oldincludedir='/usr/include' +infodir='${prefix}/info' +mandir='${prefix}/man' + +# Initialize some other variables. +subdirs= +MFLAGS= MAKEFLAGS= +SHELL=${CONFIG_SHELL-/bin/sh} +# Maximum number of lines to put in a shell here document. +ac_max_here_lines=12 + +ac_prev= +for ac_option +do + + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval "$ac_prev=\$ac_option" + ac_prev= + continue + fi + + case "$ac_option" in + -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; + *) ac_optarg= ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case "$ac_option" in + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir="$ac_optarg" ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build="$ac_optarg" ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file="$ac_optarg" ;; + + -datadir | --datadir | --datadi | --datad | --data | --dat | --da) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ + | --da=*) + datadir="$ac_optarg" ;; + + -disable-* | --disable-*) + ac_feature=`echo $ac_option|sed -e 's/-*disable-//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then + { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } + fi + ac_feature=`echo $ac_feature| sed 's/-/_/g'` + eval "enable_${ac_feature}=no" ;; + + -enable-* | --enable-*) + ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then + { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } + fi + ac_feature=`echo $ac_feature| sed 's/-/_/g'` + case "$ac_option" in + *=*) ;; + *) ac_optarg=yes ;; + esac + eval "enable_${ac_feature}='$ac_optarg'" ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix="$ac_optarg" ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he) + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat << EOF +Usage: configure [options] [host] +Options: [defaults in brackets after descriptions] +Configuration: + --cache-file=FILE cache test results in FILE + --help print this message + --no-create do not create output files + --quiet, --silent do not print \`checking...' messages + --version print the version of autoconf that created configure +Directory and file names: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [same as prefix] + --bindir=DIR user executables in DIR [EPREFIX/bin] + --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] + --libexecdir=DIR program executables in DIR [EPREFIX/libexec] + --datadir=DIR read-only architecture-independent data in DIR + [PREFIX/share] + --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data in DIR + [PREFIX/com] + --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var] + --libdir=DIR object code libraries in DIR [EPREFIX/lib] + --includedir=DIR C header files in DIR [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include] + --infodir=DIR info documentation in DIR [PREFIX/info] + --mandir=DIR man documentation in DIR [PREFIX/man] + --srcdir=DIR find the sources in DIR [configure dir or ..] + --program-prefix=PREFIX prepend PREFIX to installed program names + --program-suffix=SUFFIX append SUFFIX to installed program names + --program-transform-name=PROGRAM + run sed PROGRAM on installed program names +EOF + cat << EOF +Host type: + --build=BUILD configure for building on BUILD [BUILD=HOST] + --host=HOST configure for HOST [guessed] + --target=TARGET configure for TARGET [TARGET=HOST] +Features and packages: + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --x-includes=DIR X include files are in DIR + --x-libraries=DIR X library files are in DIR +EOF + if test -n "$ac_help"; then + echo "--enable and --with options recognized:$ac_help" + fi + exit 0 ;; + + -host | --host | --hos | --ho) + ac_prev=host ;; + -host=* | --host=* | --hos=* | --ho=*) + host="$ac_optarg" ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir="$ac_optarg" ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir="$ac_optarg" ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir="$ac_optarg" ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir="$ac_optarg" ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst \ + | --locals | --local | --loca | --loc | --lo) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* \ + | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) + localstatedir="$ac_optarg" ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir="$ac_optarg" ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir="$ac_optarg" ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix="$ac_optarg" ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix="$ac_optarg" ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix="$ac_optarg" ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name="$ac_optarg" ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir="$ac_optarg" ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir="$ac_optarg" ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site="$ac_optarg" ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir="$ac_optarg" ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir="$ac_optarg" ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target="$ac_optarg" ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers) + echo "configure generated by autoconf version 2.13" + exit 0 ;; + + -with-* | --with-*) + ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then + { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } + fi + ac_package=`echo $ac_package| sed 's/-/_/g'` + case "$ac_option" in + *=*) ;; + *) ac_optarg=yes ;; + esac + eval "with_${ac_package}='$ac_optarg'" ;; + + -without-* | --without-*) + ac_package=`echo $ac_option|sed -e 's/-*without-//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then + { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } + fi + ac_package=`echo $ac_package| sed 's/-/_/g'` + eval "with_${ac_package}=no" ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes="$ac_optarg" ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries="$ac_optarg" ;; + + -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; } + ;; + + *) + if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then + echo "configure: warning: $ac_option: invalid host type" 1>&2 + fi + if test "x$nonopt" != xNONE; then + { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } + fi + nonopt="$ac_option" + ;; + + esac +done + +if test -n "$ac_prev"; then + { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; } +fi + +trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 + +# File descriptor usage: +# 0 standard input +# 1 file creation +# 2 errors and warnings +# 3 some systems may open it to /dev/tty +# 4 used on the Kubota Titan +# 6 checking for... messages and results +# 5 compiler messages saved in config.log +if test "$silent" = yes; then + exec 6>/dev/null +else + exec 6>&1 +fi +exec 5>./config.log + +echo "\ +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. +" 1>&5 + +# Strip out --no-create and --no-recursion so they do not pile up. +# Also quote any args containing shell metacharacters. +ac_configure_args= +for ac_arg +do + case "$ac_arg" in + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c) ;; + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; + *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) + ac_configure_args="$ac_configure_args '$ac_arg'" ;; + *) ac_configure_args="$ac_configure_args $ac_arg" ;; + esac +done + +# NLS nuisances. +# Only set these to C if already set. These must not be set unconditionally +# because not all systems understand e.g. LANG=C (notably SCO). +# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'! +# Non-C LC_CTYPE values break the ctype check. +if test "${LANG+set}" = set; then LANG=C; export LANG; fi +if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi +if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi +if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -rf conftest* confdefs.h +# AIX cpp loses on an empty file, so make sure it contains at least a newline. +echo > confdefs.h + +# A filename unique to this package, relative to the directory that +# configure is in, which we can look for to find out if srcdir is correct. +ac_unique_file=README + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then its parent. + ac_prog=$0 + ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'` + test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. + srcdir=$ac_confdir + if test ! -r $srcdir/$ac_unique_file; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r $srcdir/$ac_unique_file; then + if test "$ac_srcdir_defaulted" = yes; then + { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; } + else + { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; } + fi +fi +srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'` + +# Prefer explicitly selected file to automatically selected ones. +if test -z "$CONFIG_SITE"; then + if test "x$prefix" != xNONE; then + CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" + else + CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" + fi +fi +for ac_site_file in $CONFIG_SITE; do + if test -r "$ac_site_file"; then + echo "loading site script $ac_site_file" + . "$ac_site_file" + fi +done + +if test -r "$cache_file"; then + echo "loading cache $cache_file" + . $cache_file +else + echo "creating cache $cache_file" + > $cache_file +fi + +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross + +ac_exeext= +ac_objext=o +if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then + # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. + if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then + ac_n= ac_c=' +' ac_t=' ' + else + ac_n=-n ac_c= ac_t= + fi +else + ac_n= ac_c='\c' ac_t= +fi + + + + +# Check whether --with-api or --without-api was given. +if test "${with_api+set}" = set; then + withval="$with_api" + + case $withval in + 'apache1') + ac_api=apache1 + ;; + 'apache2') + ac_api=apache2 + ;; + *) + { echo "configure: error: You can only specify apache1 or apache2." 1>&2; exit 1; } + ;; + esac + + +fi + + +# Check whether --with-apxs or --without-apxs was given. +if test "${with_apxs+set}" = set; then + withval="$with_apxs" + + if test -e $withval ; then + APXS="$withval" + else + { echo "configure: error: Specified apxs path does not exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --with-static or --without-static was given. +if test "${with_static+set}" = set; then + withval="$with_static" + + ac_static="yes" + + +fi + + +# Check whether --with-krb5 or --without-krb5 was given. +if test "${with_krb5+set}" = set; then + withval="$with_krb5" + + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval/include" + CPPFLAGS="$CPPFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval/lib" + ;; + esac + else + { echo "configure: error: Specified Kerberos 5 directory doesn't exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --with-krb5-include or --without-krb5-include was given. +if test "${with_krb5_include+set}" = set; then + withval="$with_krb5_include" + + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval" + CPPFLAGS="$CPPFLAGS -I$withval" + else + { echo "configure: error: Specified Kerberos 5 directory doesn't exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --with-krb5-lib or --without-krb5-lib was given. +if test "${with_krb5_lib+set}" = set; then + withval="$with_krb5_lib" + + if test -d $withval ; then + LDFLAGS="$LDFLAGS -L$withval" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval" + ;; + esac + else + { echo "configure: error: Specified Kerberos 5 directory doesn't exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --enable-krb5 or --disable-krb5 was given. +if test "${enable_krb5+set}" = set; then + enableval="$enable_krb5" + + if test "$enable_krb5" = "no" ; then + ac_krb5_disable="yes" + fi + +fi + + +# Check whether --with-krb4 or --without-krb4 was given. +if test "${with_krb4+set}" = set; then + withval="$with_krb4" + + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval/include" + CPPFLAGS="$CPPFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval/lib" + ;; + esac + else + { echo "configure: error: Specified Kerberos 4 directory doesn't exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --with-krb4-include or --without-krb4-include was given. +if test "${with_krb4_include+set}" = set; then + withval="$with_krb4_include" + + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval" + CPPFLAGS="$CPPFLAGS -I$withval" + else + { echo "configure: error: Specified Kerberos 4 directory doesn't exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --with-krb4-lib or --without-krb4-lib was given. +if test "${with_krb4_lib+set}" = set; then + withval="$with_krb4_lib" + + if test -d $withval ; then + LDFLAGS="$LDFLAGS -L$withval" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval" + ;; + esac + else + { echo "configure: error: Specified Kerberos 4 directory doesn't exist." 1>&2; exit 1; } + fi + + +fi + + +# Check whether --enable-krb4 or --disable-krb4 was given. +if test "${enable_krb4+set}" = set; then + enableval="$enable_krb4" + + if test "$enable_krb4" = "no" ; then + ac_krb4_disable="yes" + fi + +fi + + + +# Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:733: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_CC="gcc" + break + fi + done + IFS="$ac_save_ifs" +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:763: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_prog_rejected=no + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + break + fi + done + IFS="$ac_save_ifs" +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# -gt 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + set dummy "$ac_dir/$ac_word" "$@" + shift + ac_cv_prog_CC="$@" + fi +fi +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + + if test -z "$CC"; then + case "`uname -s`" in + *win32* | *WIN32*) + # Extract the first word of "cl", so it can be a program name with args. +set dummy cl; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:814: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_CC="cl" + break + fi + done + IFS="$ac_save_ifs" +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + ;; + esac + fi + test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; } +fi + +echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 +echo "configure:846: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 + +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross + +cat > conftest.$ac_ext << EOF + +#line 857 "configure" +#include "confdefs.h" + +main(){return(0);} +EOF +if { (eval echo configure:862: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + ac_cv_prog_cc_works=yes + # If we can't run a trivial program, we are probably using a cross compiler. + if (./conftest; exit) 2>/dev/null; then + ac_cv_prog_cc_cross=no + else + ac_cv_prog_cc_cross=yes + fi +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + ac_cv_prog_cc_works=no +fi +rm -fr conftest* +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross + +echo "$ac_t""$ac_cv_prog_cc_works" 1>&6 +if test $ac_cv_prog_cc_works = no; then + { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } +fi +echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 +echo "configure:888: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 +cross_compiling=$ac_cv_prog_cc_cross + +echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 +echo "configure:893: checking whether we are using GNU C" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.c <&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then + ac_cv_prog_gcc=yes +else + ac_cv_prog_gcc=no +fi +fi + +echo "$ac_t""$ac_cv_prog_gcc" 1>&6 + +if test $ac_cv_prog_gcc = yes; then + GCC=yes +else + GCC= +fi + +ac_test_CFLAGS="${CFLAGS+set}" +ac_save_CFLAGS="$CFLAGS" +CFLAGS= +echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 +echo "configure:921: checking whether ${CC-cc} accepts -g" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + echo 'void f(){}' > conftest.c +if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then + ac_cv_prog_cc_g=yes +else + ac_cv_prog_cc_g=no +fi +rm -f conftest* + +fi + +echo "$ac_t""$ac_cv_prog_cc_g" 1>&6 +if test "$ac_test_CFLAGS" = set; then + CFLAGS="$ac_save_CFLAGS" +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi + +if test -z "$ac_static" ; then + # Extract the first word of "apxs", so it can be a program name with args. +set dummy apxs; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:956: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_path_APXS'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + case "$APXS" in + /*) + ac_cv_path_APXS="$APXS" # Let the user override the test with a path. + ;; + ?:/*) + ac_cv_path_APXS="$APXS" # Let the user override the test with a dos path. + ;; + *) + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_path_APXS="$ac_dir/$ac_word" + break + fi + done + IFS="$ac_save_ifs" + ;; +esac +fi +APXS="$ac_cv_path_APXS" +if test -n "$APXS"; then + echo "$ac_t""$APXS" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + + if test -z "$APXS" ; then + echo "No apxs found. Defaulting to static module generation." + ac_static="yes" + fi +fi + + +if test -z "$ac_krb5_disable" ; then + echo $ac_n "checking for krb5_get_in_tkt_with_password in -lkrb5""... $ac_c" 1>&6 +echo "configure:997: checking for krb5_get_in_tkt_with_password in -lkrb5" >&5 +ac_lib_var=`echo krb5'_'krb5_get_in_tkt_with_password | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lkrb5 "-lcom_err" $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + + ac_krb5="yes" + ac_krbdefs="-DKRB5" + ac_krblibs="-lkrb5" + echo $ac_n "checking for krb5_string_to_key in -lk5crypto""... $ac_c" 1>&6 +echo "configure:1036: checking for krb5_string_to_key in -lk5crypto" >&5 +ac_lib_var=`echo k5crypto'_'krb5_string_to_key | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lk5crypto "-lcom_err" $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + + ac_krblibs="$ac_krblibs -lk5crypto" + +else + echo "$ac_t""no" 1>&6 + + echo $ac_n "checking for krb5_string_to_key in -lcrypto""... $ac_c" 1>&6 +echo "configure:1077: checking for krb5_string_to_key in -lcrypto" >&5 +ac_lib_var=`echo crypto'_'krb5_string_to_key | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lcrypto "-lcom_err" $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + + ac_krblibs="$ac_krblibs -lcrypto" + +else + echo "$ac_t""no" 1>&6 + + ac_krblibs="" + +fi + + +fi + + ac_krblibs="$ac_krblibs -lcom_err" + + if test -z "$ac_krb4_disable" ; then + if test -n "$ac_krblibs" ; then + echo $ac_n "checking for krb_get_pw_in_tkt in -lkrb4""... $ac_c" 1>&6 +echo "configure:1129: checking for krb_get_pw_in_tkt in -lkrb4" >&5 +ac_lib_var=`echo krb4'_'krb_get_pw_in_tkt | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lkrb4 $ac_krblibs $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + + ac_krb4="yes" + ac_krbdefs="-DKRB4" + ac_krblibs="-lkrb4 $ac_krblibs" + +else + echo "$ac_t""no" 1>&6 +fi + + fi + fi + +else + echo "$ac_t""no" 1>&6 +fi + +fi + +if test -z "$ac_krb4_disable" -a -z "$ac_krb4" ; then + echo $ac_n "checking for krb_get_pw_in_tkt in -lkrb""... $ac_c" 1>&6 +echo "configure:1183: checking for krb_get_pw_in_tkt in -lkrb" >&5 +ac_lib_var=`echo krb'_'krb_get_pw_in_tkt | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lkrb "-lcom_err" $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + + ac_krb4="yes" + ac_krbdefs="-DKRB4" + ac_krblibs="$ac_krblibs -lkrb -lcom_err" + +else + echo "$ac_t""no" 1>&6 +fi + +fi + +if test -z "$ac_krb4" -a -z "$ac_krb5" ; then + { echo "configure: error: Neither Kerberos 5 nor 4 support available." 1>&2; exit 1; } +fi + + +if test -n "$ac_krb5" ; then + echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 +echo "configure:1235: checking how to run the C preprocessor" >&5 +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then +if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + # This must be in double quotes, not single quotes, because CPP may get + # substituted into the Makefile and "${CC-cc}" will confuse make. + CPP="${CC-cc} -E" + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1256: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP="${CC-cc} -E -traditional-cpp" + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1273: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP="${CC-cc} -nologo -E" + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1290: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP=/lib/cpp +fi +rm -f conftest* +fi +rm -f conftest* +fi +rm -f conftest* + ac_cv_prog_CPP="$CPP" +fi + CPP="$ac_cv_prog_CPP" +else + ac_cv_prog_CPP="$CPP" +fi +echo "$ac_t""$CPP" 1>&6 + +for ac_hdr in krb5.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:1318: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1328: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + + + if test -z "$ac_foundkrb5" ; then + echo "$ac_t""krb5.h not found... removing krb5 support." 1>&6 + ac_krb5="" + fi +fi + +if test -n "$ac_krb4" ; then + for ac_hdr in kerberosIV/krb.h krb.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:1369: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1379: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + + + if test -z "$ac_foundkrb4" ; then + echo "$ac_t""krb.h not found... removing krb4 support." 1>&6 + ac_krb4="" + fi +fi + +if test -z "$ac_krb4" -a -z "$ac_krb5" ; then + { echo "configure: error: Neither Kerberos 5 nor 4 support available." 1>&2; exit 1; } +fi + + + + + + +if test -z "$ac_api" ; then + if test -n "`$APXS -q bindir 2> /dev/null`" ; then + echo "API autodetected to be Apache 2.*" + ac_api=apache2 + else + echo "API autodetected to be Apache 1.*" + ac_api=apache1 + fi +fi + + + + + + +LIBS="$LIBS $ac_krblibs" +DEFS="$DEFS $ac_krbdefs" +GENHEADERS="" +GENSOURCES="" +case $ac_api in + 'apache1') + GENHEADERS="$GENHEADERS apache1/api_inc.h" + GENSOURCES="$GENSOURCES apache1/auth_user.c" + GENSOURCES="$GENSOURCES apache1/module.c" + ;; + 'apache2') + GENHEADERS="$GENHEADERS apache2/api_inc.h" + GENSOURCES="$GENSOURCES apache2/auth_user.c" + GENSOURCES="$GENSOURCES apache2/hooks.c" + GENSOURCES="$GENSOURCES apache2/module.c" + ;; +esac + +if test "$ac_krb5" = "yes" ; then + GENHEADERS="$GENHEADERS krb5/krb5_inc.h" + GENSOURCES="krb5/validate.c $GENSOURCES" +fi + +if test "$ac_krb4" = "yes" ; then + GENHEADERS="$GENHEADERS krb4/krb4_inc.h" + GENSOURCES="krb4/validate.c $GENSOURCES" +fi + + +echo "Generating mod_auth_kerb.c ..." +echo "/* Automatically generated by configure. */" > mod_auth_kerb.c +if test "$ac_krb5" = "yes" ; then + echo "#define KRB5 1" >> mod_auth_kerb.c +fi +if test "$ac_krb4" = "yes" ; then + echo "#define KRB4 1" >> mod_auth_kerb.c +fi +for f in $GENHEADERS $GENSOURCES ; do + echo " Adding $f" + echo "" >> mod_auth_kerb.c + cat $f >> mod_auth_kerb.c +done + +if test "$ac_static" = "yes" ; then + echo "" + echo "" + echo "This module is to be built statically into Apache. You will need" + echo "to place it into the appropriate location in the source tree and" + echo "compile Apache accordingly. You can look at the online docs at" + echo "http://modauthkerb.sourceforge.net/ or README.static for more" + echo "information." + echo "" + echo "" +else + trap '' 1 2 15 +cat > confcache <<\EOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs. It is not useful on other systems. +# If it contains results you don't want to keep, you may remove or edit it. +# +# By default, configure uses ./config.cache as the cache file, +# creating it if it does not exist already. You can give configure +# the --cache-file=FILE option to use a different cache file; that is +# what configure does when it calls configure scripts in +# subdirectories, so they share the cache. +# Giving --cache-file=/dev/null disables caching, for debugging configure. +# config.status only pays attention to the cache file if you give it the +# --recheck option to rerun configure. +# +EOF +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, don't put newlines in cache variables' values. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +(set) 2>&1 | + case `(ac_space=' '; set | grep ac_space) 2>&1` in + *ac_space=\ *) + # `set' does not quote correctly, so add quotes (double-quote substitution + # turns \\\\ into \\, and sed turns \\ into \). + sed -n \ + -e "s/'/'\\\\''/g" \ + -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" + ;; + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' + ;; + esac >> confcache +if cmp -s $cache_file confcache; then + : +else + if test -w $cache_file; then + echo "updating cache $cache_file" + cat confcache > $cache_file + else + echo "not updating unwritable cache $cache_file" + fi +fi +rm -f confcache + +trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# Any assignment to VPATH causes Sun make to only execute +# the first set of double-colon rules, so remove it if not needed. +# If there is a colon in the path, we need to keep it. +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d' +fi + +trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15 + +# Transform confdefs.h into DEFS. +# Protect against shell expansion while executing Makefile rules. +# Protect against Makefile macro expansion. +cat > conftest.defs <<\EOF +s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%-D\1=\2%g +s%[ `~#$^&*(){}\\|;'"<>?]%\\&%g +s%\[%\\&%g +s%\]%\\&%g +s%\$%$$%g +EOF +DEFS=`sed -f conftest.defs confdefs.h | tr '\012' ' '` +rm -f conftest.defs + + +# Without the "./", some shells look in PATH for config.status. +: ${CONFIG_STATUS=./config.status} + +echo creating $CONFIG_STATUS +rm -f $CONFIG_STATUS +cat > $CONFIG_STATUS </dev/null | sed 1q`: +# +# $0 $ac_configure_args +# +# Compiler output produced by configure, useful for debugging +# configure, is in ./config.log if it exists. + +ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]" +for ac_option +do + case "\$ac_option" in + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" + exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; + -version | --version | --versio | --versi | --vers | --ver | --ve | --v) + echo "$CONFIG_STATUS generated by autoconf version 2.13" + exit 0 ;; + -help | --help | --hel | --he | --h) + echo "\$ac_cs_usage"; exit 0 ;; + *) echo "\$ac_cs_usage"; exit 1 ;; + esac +done + +ac_given_srcdir=$srcdir + +trap 'rm -fr `echo "Makefile" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 +EOF +cat >> $CONFIG_STATUS < conftest.subs <<\\CEOF +$ac_vpsub +$extrasub +s%@SHELL@%$SHELL%g +s%@CFLAGS@%$CFLAGS%g +s%@CPPFLAGS@%$CPPFLAGS%g +s%@CXXFLAGS@%$CXXFLAGS%g +s%@FFLAGS@%$FFLAGS%g +s%@DEFS@%$DEFS%g +s%@LDFLAGS@%$LDFLAGS%g +s%@LIBS@%$LIBS%g +s%@exec_prefix@%$exec_prefix%g +s%@prefix@%$prefix%g +s%@program_transform_name@%$program_transform_name%g +s%@bindir@%$bindir%g +s%@sbindir@%$sbindir%g +s%@libexecdir@%$libexecdir%g +s%@datadir@%$datadir%g +s%@sysconfdir@%$sysconfdir%g +s%@sharedstatedir@%$sharedstatedir%g +s%@localstatedir@%$localstatedir%g +s%@libdir@%$libdir%g +s%@includedir@%$includedir%g +s%@oldincludedir@%$oldincludedir%g +s%@infodir@%$infodir%g +s%@mandir@%$mandir%g +s%@CC@%$CC%g +s%@APXS@%$APXS%g +s%@CPP@%$CPP%g + +CEOF +EOF + +cat >> $CONFIG_STATUS <<\EOF + +# Split the substitutions into bite-sized pieces for seds with +# small command number limits, like on Digital OSF/1 and HP-UX. +ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. +ac_file=1 # Number of current file. +ac_beg=1 # First line for current file. +ac_end=$ac_max_sed_cmds # Line after last line for current file. +ac_more_lines=: +ac_sed_cmds="" +while $ac_more_lines; do + if test $ac_beg -gt 1; then + sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file + else + sed "${ac_end}q" conftest.subs > conftest.s$ac_file + fi + if test ! -s conftest.s$ac_file; then + ac_more_lines=false + rm -f conftest.s$ac_file + else + if test -z "$ac_sed_cmds"; then + ac_sed_cmds="sed -f conftest.s$ac_file" + else + ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" + fi + ac_file=`expr $ac_file + 1` + ac_beg=$ac_end + ac_end=`expr $ac_end + $ac_max_sed_cmds` + fi +done +if test -z "$ac_sed_cmds"; then + ac_sed_cmds=cat +fi +EOF + +cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF +for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case "$ac_file" in + *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` + ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; + *) ac_file_in="${ac_file}.in" ;; + esac + + # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. + + # Remove last slash and all that follows it. Not all systems have dirname. + ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` + if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then + # The file is in a subdirectory. + test ! -d "$ac_dir" && mkdir "$ac_dir" + ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" + # A "../" for each directory in $ac_dir_suffix. + ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` + else + ac_dir_suffix= ac_dots= + fi + + case "$ac_given_srcdir" in + .) srcdir=. + if test -z "$ac_dots"; then top_srcdir=. + else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; + /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; + *) # Relative path. + srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" + top_srcdir="$ac_dots$ac_given_srcdir" ;; + esac + + + echo creating "$ac_file" + rm -f "$ac_file" + configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." + case "$ac_file" in + *Makefile*) ac_comsub="1i\\ +# $configure_input" ;; + *) ac_comsub= ;; + esac + + ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` + sed -e "$ac_comsub +s%@configure_input@%$configure_input%g +s%@srcdir@%$srcdir%g +s%@top_srcdir@%$top_srcdir%g +" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file +fi; done +rm -f conftest.s* + +EOF +cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF + +exit 0 +EOF +chmod +x $CONFIG_STATUS +rm -fr confdefs* $ac_clean_files +test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1 + +fi + +exit 0 diff --git a/configure.in b/configure.in new file mode 100644 index 0000000..3b0f9fc --- /dev/null +++ b/configure.in @@ -0,0 +1,346 @@ +dnl #################### +dnl ## Initialization ## +dnl #################### +AC_INIT(README) + + +dnl #################### +dnl ## Config Options ## +dnl #################### +AC_ARG_WITH(api, +[ --with-api=API api to use (apache1, apache2)], +[ + case $withval in + 'apache1') + ac_api=apache1 + ;; + 'apache2') + ac_api=apache2 + ;; + *) + AC_ERROR(You can only specify apache1 or apache2.) + ;; + esac +] +) + +AC_ARG_WITH(apxs, +[ --with-apxs=PATH path to apxs], +[ + if test -e $withval ; then + APXS="$withval" + else + AC_ERROR(Specified apxs path does not exist.) + fi +] +) + +AC_ARG_WITH(static, +[ --with-static module is to be statically linked], +[ + ac_static="yes" +] +) + +AC_ARG_WITH(krb5, +[ --with-krb5=DIR path to Kerberos 5 install], +[ + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval/include" + CPPFLAGS="$CPPFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval/lib" + ;; + esac + else + AC_ERROR(Specified Kerberos 5 directory doesn't exist.) + fi +] +) + +AC_ARG_WITH(krb5-include, +[ --with-krb5-include=DIR include path to Kerberos 5 install], +[ + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval" + CPPFLAGS="$CPPFLAGS -I$withval" + else + AC_ERROR(Specified Kerberos 5 directory doesn't exist.) + fi +] +) + +AC_ARG_WITH(krb5-lib, +[ --with-krb5-lib=DIR lib path to Kerberos 5 install], +[ + if test -d $withval ; then + LDFLAGS="$LDFLAGS -L$withval" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval" + ;; + esac + else + AC_ERROR(Specified Kerberos 5 directory doesn't exist.) + fi +] +) + +AC_ARG_ENABLE(krb5, +[ --disable-krb5 force disabling of krb5 support], +[ + if test "$enable_krb5" = "no" ; then + ac_krb5_disable="yes" + fi +], +) + +AC_ARG_WITH(krb4, +[ --with-krb4=DIR path to Kerberos 4 install], +[ + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval/include" + CPPFLAGS="$CPPFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval/lib" + ;; + esac + else + AC_ERROR(Specified Kerberos 4 directory doesn't exist.) + fi +] +) + +AC_ARG_WITH(krb4-include, +[ --with-krb4-include=DIR include path to Kerberos 4 install], +[ + if test -d $withval ; then + CFLAGS="$CFLAGS -I$withval" + CPPFLAGS="$CPPFLAGS -I$withval" + else + AC_ERROR(Specified Kerberos 4 directory doesn't exist.) + fi +] +) + +AC_ARG_WITH(krb4-lib, +[ --with-krb4-lib=DIR lib path to Kerberos 4 install], +[ + if test -d $withval ; then + LDFLAGS="$LDFLAGS -L$withval" + + case "$host" in + *-solaris*) + LDFLAGS="$LDFLAGS -R$withval" + ;; + esac + else + AC_ERROR(Specified Kerberos 4 directory doesn't exist.) + fi +] +) + +AC_ARG_ENABLE(krb4, +[ --disable-krb4 force disabling of krb4 support], +[ + if test "$enable_krb4" = "no" ; then + ac_krb4_disable="yes" + fi +], +) + + +dnl #################### +dnl ## Program Checks ## +dnl #################### +AC_PROG_CC +if test -z "$ac_static" ; then + AC_PATH_PROG(APXS, apxs) + if test -z "$APXS" ; then + echo "No apxs found. Defaulting to static module generation." + ac_static="yes" + fi +fi + + +dnl ############### +dnl ## Libraries ## +dnl ############### +if test -z "$ac_krb5_disable" ; then + AC_CHECK_LIB(krb5, krb5_get_in_tkt_with_password, [ + ac_krb5="yes" + ac_krbdefs="-DKRB5" + ac_krblibs="-lkrb5" + AC_CHECK_LIB(k5crypto, krb5_string_to_key, [ + ac_krblibs="$ac_krblibs -lk5crypto" + ], [ + AC_CHECK_LIB(crypto, krb5_string_to_key, [ + ac_krblibs="$ac_krblibs -lcrypto" + ], [ + ac_krblibs="" + ], "-lcom_err") + ], "-lcom_err") + ac_krblibs="$ac_krblibs -lcom_err" + + if test -z "$ac_krb4_disable" ; then + if test -n "$ac_krblibs" ; then + AC_CHECK_LIB(krb4, krb_get_pw_in_tkt, [ + ac_krb4="yes" + ac_krbdefs="-DKRB4" + ac_krblibs="-lkrb4 $ac_krblibs" + ],, $ac_krblibs) + fi + fi + ],, "-lcom_err") +fi + +if test -z "$ac_krb4_disable" -a -z "$ac_krb4" ; then + AC_CHECK_LIB(krb, krb_get_pw_in_tkt, [ + ac_krb4="yes" + ac_krbdefs="-DKRB4" + ac_krblibs="$ac_krblibs -lkrb -lcom_err" + ],, "-lcom_err") +fi + +if test -z "$ac_krb4" -a -z "$ac_krb5" ; then + AC_ERROR(Neither Kerberos 5 nor 4 support available.) +fi + + +dnl ############# +dnl ## Headers ## +dnl ############# +if test -n "$ac_krb5" ; then + AC_CHECK_HEADERS(krb5.h, [ + ac_foundkrb5="yes" + break + ]) + + if test -z "$ac_foundkrb5" ; then + AC_MSG_RESULT(krb5.h not found... removing krb5 support.) + ac_krb5="" + fi +fi + +if test -n "$ac_krb4" ; then + AC_CHECK_HEADERS(kerberosIV/krb.h krb.h, [ + ac_foundkrb4="yes" + break + ]) + + if test -z "$ac_foundkrb4" ; then + AC_MSG_RESULT(krb.h not found... removing krb4 support.) + ac_krb4="" + fi +fi + +if test -z "$ac_krb4" -a -z "$ac_krb5" ; then + AC_ERROR(Neither Kerberos 5 nor 4 support available.) +fi + + +dnl ############## +dnl ## Typedefs ## +dnl ############## + + +dnl ################ +dnl ## Structures ## +dnl ################ + + +dnl ############################## +dnl ## Compiler Characteristics ## +dnl ############################## +if test -z "$ac_api" ; then + if test -n "`$APXS -q bindir 2> /dev/null`" ; then + echo "API autodetected to be Apache 2.*" + ac_api=apache2 + else + echo "API autodetected to be Apache 1.*" + ac_api=apache1 + fi +fi + + +dnl ####################### +dnl ## Library Functions ## +dnl ####################### + + +dnl ##################### +dnl ## System Services ## +dnl ##################### + + +dnl ########################## +dnl ## Last Minute Settings ## +dnl ########################## +LIBS="$LIBS $ac_krblibs" +DEFS="$DEFS $ac_krbdefs" +GENHEADERS="" +GENSOURCES="" +case $ac_api in + 'apache1') + GENHEADERS="$GENHEADERS apache1/api_inc.h" + GENSOURCES="$GENSOURCES apache1/auth_user.c" + GENSOURCES="$GENSOURCES apache1/module.c" + ;; + 'apache2') + GENHEADERS="$GENHEADERS apache2/api_inc.h" + GENSOURCES="$GENSOURCES apache2/auth_user.c" + GENSOURCES="$GENSOURCES apache2/hooks.c" + GENSOURCES="$GENSOURCES apache2/module.c" + ;; +esac + +if test "$ac_krb5" = "yes" ; then + GENHEADERS="$GENHEADERS krb5/krb5_inc.h" + GENSOURCES="krb5/validate.c $GENSOURCES" +fi + +if test "$ac_krb4" = "yes" ; then + GENHEADERS="$GENHEADERS krb4/krb4_inc.h" + GENSOURCES="krb4/validate.c $GENSOURCES" +fi + + +dnl ######################### +dnl ## Create Output Files ## +dnl ######################### +echo "Generating mod_auth_kerb.c ..." +echo "/* Automatically generated by configure. */" > mod_auth_kerb.c +if test "$ac_krb5" = "yes" ; then + echo "#define KRB5 1" >> mod_auth_kerb.c +fi +if test "$ac_krb4" = "yes" ; then + echo "#define KRB4 1" >> mod_auth_kerb.c +fi +for f in $GENHEADERS $GENSOURCES ; do + echo " Adding $f" + echo "" >> mod_auth_kerb.c + cat $f >> mod_auth_kerb.c +done + +if test "$ac_static" = "yes" ; then + echo "" + echo "" + echo "This module is to be built statically into Apache. You will need" + echo "to place it into the appropriate location in the source tree and" + echo "compile Apache accordingly. You can look at the online docs at" + echo "http://modauthkerb.sourceforge.net/ or README.static for more" + echo "information." + echo "" + echo "" +else + AC_OUTPUT(Makefile) +fi + +exit 0 diff --git a/krb4/krb4_inc.h b/krb4/krb4_inc.h new file mode 100644 index 0000000..1d3c7ec --- /dev/null +++ b/krb4/krb4_inc.h @@ -0,0 +1,3 @@ +#include + +#define KRB4_OK 1 diff --git a/krb4/validate.c b/krb4/validate.c new file mode 100644 index 0000000..86665c4 --- /dev/null +++ b/krb4/validate.c @@ -0,0 +1,21 @@ +int kerb4_password_validate(const char *user, const char *pass) { + int ret; + char realm[REALM_SZ]; + + ret = krb_get_lrealm(realm, 1); + if (ret != KSUCCESS) + return !KRB4_OK; + + ret = krb_get_pw_in_tkt(user, "", realm, "krbtgt", realm, + DEFAULT_TKT_LIFE, (char *)pass); + switch (ret) { + case INTK_OK: + case INTK_W_NOTALL: + return KRB4_OK; + break; + + default: + return !KRB4_OK; + break; + } +} diff --git a/krb5/krb5_inc.h b/krb5/krb5_inc.h new file mode 100644 index 0000000..9dbff67 --- /dev/null +++ b/krb5/krb5_inc.h @@ -0,0 +1,3 @@ +#include + +#define KRB5_OK 1 diff --git a/krb5/validate.c b/krb5/validate.c new file mode 100644 index 0000000..205712e --- /dev/null +++ b/krb5/validate.c @@ -0,0 +1,47 @@ +int kerb5_password_validate(const char *user, const char *pass) { + int ret; + krb5_context kcontext; + krb5_principal server, me; + krb5_creds my_creds; + krb5_timestamp now; + krb5_deltat lifetime = 0; + krb5_data tgtname = { + 0, + KRB5_TGS_NAME_SIZE, + KRB5_TGS_NAME + }; + + if (krb5_init_context(&kcontext)) + return !KRB5_OK; + + memset((char *)&my_creds, 0, sizeof(my_creds)); + if(krb5_parse_name(kcontext, user, &me)) + return !KRB5_OK; + my_creds.client = me; + + if (krb5_build_principal_ext(kcontext, &server, + krb5_princ_realm(kcontext, me)->length, + krb5_princ_realm(kcontext, me)->data, + tgtname.length, tgtname.data, + krb5_princ_realm(kcontext, me)->length, + krb5_princ_realm(kcontext, me)->data, + 0)) { + return !KRB5_OK; + } + my_creds.server = server; + if (krb5_timeofday(kcontext, &now)) + return !KRB5_OK; + my_creds.times.starttime = 0; + my_creds.times.endtime = now + lifetime; + my_creds.times.renew_till = 0; + + ret = krb5_get_in_tkt_with_password(kcontext, 0, 0, NULL, 0, + pass, NULL, &my_creds, 0); + if (ret) { + return !KRB5_OK; + } + + krb5_free_cred_contents(kcontext, &my_creds); + + return KRB5_OK; +}