summaryrefslogtreecommitdiffstats
path: root/ipa-server/configure.ac
diff options
context:
space:
mode:
authorW. Michael Petullo <mike@flyn.org>2008-05-01 09:57:32 -0400
committerSimo Sorce <ssorce@redhat.com>2008-05-01 09:59:43 -0400
commit29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203 (patch)
tree39e068a8915beb83b88baa8bb652c0d6cfe02f95 /ipa-server/configure.ac
parent274eb708c28abf25087c3656ec93370c2000efd3 (diff)
downloadfreeipa-29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203.tar.gz
freeipa-29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203.tar.xz
freeipa-29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203.zip
This patch begins the process of replacing OpenLDAP with mozldap.
FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
Diffstat (limited to 'ipa-server/configure.ac')
-rw-r--r--ipa-server/configure.ac81
1 files changed, 44 insertions, 37 deletions
diff --git a/ipa-server/configure.ac b/ipa-server/configure.ac
index 8c610a86..a749098d 100644
--- a/ipa-server/configure.ac
+++ b/ipa-server/configure.ac
@@ -87,48 +87,55 @@ fi
AC_SUBST(KRB5_LIBS)
dnl ---------------------------------------------------------------------------
-dnl - Check for LDAP
+dnl - Check for Mozilla LDAP or OpenLDAP SDK
dnl ---------------------------------------------------------------------------
-LDAP_LIBS=
-AC_CHECK_HEADER(ldap.h)
-AC_CHECK_HEADER(lber.h)
-
-AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes)
-dnl Check for other libraries we need to link with to get the main routines.
-test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) }
-test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) }
-test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) }
-dnl Recently, we need -lber even though the main routines are elsewhere,
-dnl because otherwise be get link errors w.r.t. ber_pvt_opt_on. So just
-dnl check for that (it's a variable not a fun but that doesn't seem to
-dnl matter in these checks) and stick in -lber if so. Can't hurt (even to
-dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who
-dnl #### understands LDAP needs to fix this properly.
-test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) }
-
-if test "$with_ldap" = "yes"; then
- if test "$with_ldap_des" = "yes" ; then
- LDAP_LIBS="${LDAP_LIBS} -ldes"
- fi
- if test "$with_ldap_krb" = "yes" ; then
- LDAP_LIBS="${LDAP_LIBS} -lkrb"
- fi
- if test "$with_ldap_lber" = "yes" ; then
- LDAP_LIBS="${LDAP_LIBS} -llber"
- fi
- LDAP_LIBS="${LDAP_LIBS} -lldap"
-else
- AC_MSG_ERROR([LDAP not found])
-fi
+AC_ARG_WITH(openldap, [ --with-openldap Use OpenLDAP])
-AC_SUBST(LDAP_LIBS)
+dnl The mozldap libraries are always needed because ipa-slapi-plugins/dna/
+dnl will not build against OpenLDAP.
+PKG_CHECK_MODULES(MOZLDAP, mozldap > 6)
-dnl ---------------------------------------------------------------------------
-dnl - Check for Mozilla LDAP SDK
-dnl ---------------------------------------------------------------------------
+if test x$with_openldap = xyes; then
+ AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes)
+ dnl Check for other libraries we need to link with to get the main routines.
+ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) }
+ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) }
+ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) }
+ dnl Recently, we need -lber even though the main routines are elsewhere,
+ dnl because otherwise be get link errors w.r.t. ber_pvt_opt_on. So just
+ dnl check for that (it's a variable not a fun but that doesn't seem to
+ dnl matter in these checks) and stick in -lber if so. Can't hurt (even to
+ dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who
+ dnl #### understands LDAP needs to fix this properly.
+ test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) }
+
+ if test "$with_ldap" = "yes"; then
+ if test "$with_ldap_des" = "yes" ; then
+ LDAP_LIBS="${LDAP_LIBS} -ldes"
+ fi
+ if test "$with_ldap_krb" = "yes" ; then
+ LDAP_LIBS="${LDAP_LIBS} -lkrb"
+ fi
+ if test "$with_ldap_lber" = "yes" ; then
+ LDAP_LIBS="${LDAP_LIBS} -llber"
+ fi
+ LDAP_LIBS="${LDAP_LIBS} -lldap"
+ else
+ AC_MSG_ERROR([OpenLDAP not found])
+ fi
+
+ AC_SUBST(LDAP_LIBS)
+
+ LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_OPENLDAP"
+ AC_SUBST(LDAP_CFLAGS)
+else
+ LDAP_LIBS="${MOZLDAP_LIBS}"
+ AC_SUBST(LDAP_LIBS)
-PKG_CHECK_MODULES(MOZLDAP, mozldap > 6)
+ LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_MOZLDAP"
+ AC_SUBST(LDAP_CFLAGS)
+fi
dnl ---------------------------------------------------------------------------
dnl - Check for OpenSSL Crypto library