7 # Handle configuration for KRB4 security, implementing the --with-krb4-security
8 # option. If libraries are found, they are added to the relevant compiler flags.
10 # Defines and substitutes KRB4_SECURITY, and sets AM_CONDITIONAL WANT_KRB4_SECURITY,
11 # if the user has selected this mechanism. Also, the following parameters
12 # are taken from options, defined, and substituted:
14 # - SERVER_HOST_PRINCIPAL
15 # - SERVER_HOST_INSTANCE
16 # - SERVER_HOST_KEY_FILE
17 # - CLIENT_HOST_PRINCIPAL
18 # - CLIENT_HOST_INSTANCE
19 # - CLIENT_HOST_KEY_FILE
22 AC_DEFUN([AMANDA_KRB4_SECURITY],
24 # Specify --with-krb4-security if Kerberos software is in somewhere
25 # other than the listed KRB4_SPOTS. We only compile kerberos support in
26 # if the right files are there.
28 : ${KRB4_SPOTS="/usr/kerberos /usr/cygnus /usr /opt/kerberos"}
31 AC_ARG_WITH(krb4-security,
32 AS_HELP_STRING([--with-krb4-security=DIR],
33 [Location of Kerberos software @<:@/usr/kerberos /usr/cygnus /usr /opt/kerberos@:>@]),
37 y | ye | yes) KRB4_SECURITY="yes" ;;
38 *) KRB4_SPOTS="$KRB4_SECURITY"
45 # check the remaining, subsidiary options
47 AC_MSG_CHECKING([host principal])
48 AC_ARG_WITH(server-principal,
49 AS_HELP_STRING([ --with-server-principal=ARG],
50 [server host principal ("amanda")]),
53 "" | y | ye | yes | n | no)
54 AC_MSG_ERROR([*** You must supply an argument to the --with-server-principal option.])
56 *) SERVER_HOST_PRINCIPAL="$withval" ;;
59 [ : ${SERVER_HOST_PRINCIPAL="amanda"} ]
61 AC_MSG_RESULT($SERVER_HOST_PRINCIPAL)
63 AC_MSG_CHECKING([server host instance])
64 AC_ARG_WITH(server-instance,
65 AS_HELP_STRING([ --with-server-instance=ARG],
66 [server host instance ("amanda")]),
69 "" | y | ye | yes | n | no)
70 AC_MSG_ERROR([*** You must supply an argument to the --with-server-instance option.])
72 *) SERVER_HOST_INSTANCE="$withval" ;;
75 [ : ${SERVER_HOST_INSTANCE="amanda"} ]
77 AC_MSG_RESULT($SERVER_HOST_INSTANCE)
79 AC_MSG_CHECKING([server host key file])
80 AC_ARG_WITH(server-keyfile,
81 AS_HELP_STRING([ --with-server-keyfile=ARG],
82 [server host key file ("/.amanda")]),
85 "" | y | ye | yes | n | no)
86 AC_MSG_ERROR([*** You must supply an argument to the --with-server-keyfile option.])
88 *) SERVER_HOST_KEY_FILE="$withval" ;;
91 [ : ${SERVER_HOST_KEY_FILE="/.amanda"} ]
93 AC_MSG_RESULT($SERVER_HOST_KEY_FILE)
95 AC_MSG_CHECKING(client host principle)
96 AC_ARG_WITH(client-principal,
97 AS_HELP_STRING([ --with-client-principal=ARG],
98 [client host principle ("rcmd")]),
101 "" | y | ye | yes | n | no)
102 AC_MSG_ERROR([*** You must supply an argument to the --with-client-principal option.])
104 *) CLIENT_HOST_PRINCIPAL="$withval" ;;
107 [ : ${CLIENT_HOST_PRINCIPAL="rcmd"} ]
109 AC_MSG_RESULT($CLIENT_HOST_PRINCIPAL)
111 AC_MSG_CHECKING([client host instance])
112 AC_ARG_WITH(client-instance,
113 AS_HELP_STRING([ --with-client-instance=ARG],
114 [client host instance (HOSTNAME_INSTANCE)]),
117 "" | y | ye | yes | n | no)
118 AC_MSG_ERROR([*** You must supply an argument to the --with-client-instance option.])
120 *) CLIENT_HOST_INSTANCE="$withval" ;;
123 [ : ${CLIENT_HOST_INSTANCE=HOSTNAME_INSTANCE} ]
125 AC_MSG_RESULT($CLIENT_HOST_INSTANCE)
127 AC_MSG_CHECKING([client host key file])
128 AC_ARG_WITH(client-keyfile,
129 AS_HELP_STRING([ --with-client-keyfile=ARG],
130 [client host key file (KEYFILE)]),
133 "" | y | ye | yes | n | no)
134 AC_MSG_ERROR([*** You must supply an argument to the --with-client-keyfile option.])
136 *) CLIENT_HOST_KEY_FILE="$withval" ;;
139 [ : ${CLIENT_HOST_KEY_FILE=KEYFILE} ]
141 # Assume it's either KEYFILE (defined in krb.h), or a string filename...
142 if test "x$CLIENT_HOST_KEY_FILE" != "xKEYFILE"; then
144 CLIENT_HOST_KEY_FILE="\"$CLIENT_HOST_KEY_FILE\""
146 AC_MSG_RESULT($CLIENT_HOST_KEY_FILE)
148 AC_MSG_CHECKING([ticket lifetime])
149 AC_ARG_WITH(ticket-lifetime,
150 AS_HELP_STRING([ --ticket-lifetime],
151 [ticket lifetime (128)]),
154 "" | y | ye | yes | n | no)
155 AC_MSG_ERROR([*** You must supply an argument to the --with-ticket-lifetime option.])
157 *) TICKET_LIFETIME="$withval" ;;
160 [ : ${TICKET_LIFETIME=128} ]
162 AC_MSG_RESULT($TICKET_LIFETIME)
165 if test "x${KRB4_SECURITY}" = "xyes"; then
166 AC_MSG_CHECKING(for Kerberos and Amanda kerberos4 bits)
168 for dir in $KRB4_SPOTS; do
169 if test \( -f ${dir}/lib/libkrb.a -o -f ${dir}/lib/libkrb.so \) -a \( -f ${dir}/lib/libdes.a -o -f ${dir}/lib/libdes.so \) ; then
171 # This is the original Kerberos 4.
173 AC_MSG_RESULT(found in $dir)
177 # This handles BSD/OS.
179 if test -d $dir/include/kerberosIV ; then
180 AMANDA_ADD_CPPFLAGS([-I$dir/include/kerberosIV])
182 AMANDA_ADD_CPPFLAGS([-I$dir/include])
184 AMANDA_ADD_LDFLAGS([-L$dir/lib])
185 AMANDA_ADD_LIBS([-lkrb -ldes])
186 if test -f ${dir}/lib/libcom_err.a; then
187 AMANDA_ADD_LIBS([-lcom_err])
190 elif test \( -f ${dir}/lib/libkrb4.a -o -f ${dir}/lib/libkrb4.so \) &&
191 test \( -f ${dir}/lib/libcrypto.a -o -f ${dir}/lib/libcrypto.so \) &&
192 test \( -f ${dir}/lib/libdes425.a -o -f ${dir}/lib/libdes425.so \) ; then
194 # This is Kerberos 5 with Kerberos 4 back-support.
196 AC_MSG_RESULT(found in $dir)
198 AMANDA_ADD_CPPFLAGS([-I$dir/include -I$dir/include/kerberosIV])
199 AMANDA_ADD_LDFLAGS([-L$dir/lib])
200 if test \( -f ${dir}/lib/libkrb5.a -o -f ${dir}/lib/libkrb5.so \) &&
201 test \( -f ${dir}/lib/libcom_err.a -o -f ${dir}/lib/libcom_err.so \) ; then
202 AMANDA_ADD_LIBS([-lkrb4 -lkrb5 -lcrypto -ldes425 -lcom_err])
204 AMANDA_ADD_LIBS([-lkrb4 -lcrypto -ldes425])
210 if test "x$found" = "xno" ; then
211 AC_MSG_RESULT(no libraries found)
212 AMANDA_MSG_WARN([No Kerberos IV libraries were found on your system; disabling krb4-security])
215 AC_DEFINE(KRB4_SECURITY, 1,
216 [Enable Kerberos IV security.])
217 AC_DEFINE_UNQUOTED(SERVER_HOST_PRINCIPAL,"$SERVER_HOST_PRINCIPAL",
218 [The Kerberos server principal. ])
219 AC_DEFINE_UNQUOTED(SERVER_HOST_INSTANCE,"$SERVER_HOST_INSTANCE",
220 [The Kerberos server instance. ])
221 AC_DEFINE_UNQUOTED(SERVER_HOST_KEY_FILE,"$SERVER_HOST_KEY_FILE",
222 [The Kerberos server key file. ])
223 AC_DEFINE_UNQUOTED(CLIENT_HOST_PRINCIPAL,"$CLIENT_HOST_PRINCIPAL",
224 [The Kerberos client host principal. ])
225 AC_DEFINE_UNQUOTED(CLIENT_HOST_INSTANCE,$CLIENT_HOST_INSTANCE,
226 [The Kerberos client host instance. ])
227 AC_DEFINE_UNQUOTED(CLIENT_HOST_KEY_FILE,$CLIENT_HOST_KEY_FILE,
228 [The Kerberos client host key file. ])
229 AC_DEFINE_UNQUOTED(TICKET_LIFETIME,$TICKET_LIFETIME,
230 [The Kerberos ticket lifetime. ])
233 AM_CONDITIONAL(WANT_KRB4_SECURITY, test x"$KRB4_SECURITY" = x"yes")
235 AC_SUBST(KRB4_SECURITY)
237 AC_SUBST(SERVER_HOST_PRINCIPAL)
238 AC_SUBST(SERVER_HOST_INSTANCE)
239 AC_SUBST(SERVER_HOST_KEY_FILE)
240 AC_SUBST(CLIENT_HOST_PRINCIPAL)
241 AC_SUBST(CLIENT_HOST_INSTANCE)
242 AC_SUBST(CLIENT_HOST_KEY_FILE)
243 AC_SUBST(TICKET_LIFETIME)