diff options
| author | W. Michael Petullo <mike@flyn.org> | 2008-05-01 09:57:32 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2008-05-01 09:59:43 -0400 |
| commit | 29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203 (patch) | |
| tree | 39e068a8915beb83b88baa8bb652c0d6cfe02f95 /ipa-server/configure.ac | |
| parent | 274eb708c28abf25087c3656ec93370c2000efd3 (diff) | |
| download | freeipa-29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203.tar.gz freeipa-29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203.tar.xz freeipa-29ddbc610ccc14eb70dcb7ffde7c1f5cc2b95203.zip | |
This patch begins the process of replacing OpenLDAP with mozldap.
FreeIPA relies on RedHat's Directory Server, which uses mozldap.
A FreeIPA build using mozldap would reduce the project's dependencies and
redundant code. In addition, mozldap uses NSS instead of OpenSSL.
This is beneficial for the reasons listed in [1].
[1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
Diffstat (limited to 'ipa-server/configure.ac')
| -rw-r--r-- | ipa-server/configure.ac | 81 |
1 files changed, 44 insertions, 37 deletions
diff --git a/ipa-server/configure.ac b/ipa-server/configure.ac index 8c610a86..a749098d 100644 --- a/ipa-server/configure.ac +++ b/ipa-server/configure.ac @@ -87,48 +87,55 @@ fi AC_SUBST(KRB5_LIBS) dnl --------------------------------------------------------------------------- -dnl - Check for LDAP +dnl - Check for Mozilla LDAP or OpenLDAP SDK dnl --------------------------------------------------------------------------- -LDAP_LIBS= -AC_CHECK_HEADER(ldap.h) -AC_CHECK_HEADER(lber.h) - -AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes) -dnl Check for other libraries we need to link with to get the main routines. -test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) } -test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) } -test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) } -dnl Recently, we need -lber even though the main routines are elsewhere, -dnl because otherwise be get link errors w.r.t. ber_pvt_opt_on. So just -dnl check for that (it's a variable not a fun but that doesn't seem to -dnl matter in these checks) and stick in -lber if so. Can't hurt (even to -dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who -dnl #### understands LDAP needs to fix this properly. -test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) } - -if test "$with_ldap" = "yes"; then - if test "$with_ldap_des" = "yes" ; then - LDAP_LIBS="${LDAP_LIBS} -ldes" - fi - if test "$with_ldap_krb" = "yes" ; then - LDAP_LIBS="${LDAP_LIBS} -lkrb" - fi - if test "$with_ldap_lber" = "yes" ; then - LDAP_LIBS="${LDAP_LIBS} -llber" - fi - LDAP_LIBS="${LDAP_LIBS} -lldap" -else - AC_MSG_ERROR([LDAP not found]) -fi +AC_ARG_WITH(openldap, [ --with-openldap Use OpenLDAP]) -AC_SUBST(LDAP_LIBS) +dnl The mozldap libraries are always needed because ipa-slapi-plugins/dna/ +dnl will not build against OpenLDAP. +PKG_CHECK_MODULES(MOZLDAP, mozldap > 6) -dnl --------------------------------------------------------------------------- -dnl - Check for Mozilla LDAP SDK -dnl --------------------------------------------------------------------------- +if test x$with_openldap = xyes; then + AC_CHECK_LIB(ldap, ldap_search, with_ldap=yes) + dnl Check for other libraries we need to link with to get the main routines. + test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) } + test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) } + test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) } + dnl Recently, we need -lber even though the main routines are elsewhere, + dnl because otherwise be get link errors w.r.t. ber_pvt_opt_on. So just + dnl check for that (it's a variable not a fun but that doesn't seem to + dnl matter in these checks) and stick in -lber if so. Can't hurt (even to + dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who + dnl #### understands LDAP needs to fix this properly. + test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) } + + if test "$with_ldap" = "yes"; then + if test "$with_ldap_des" = "yes" ; then + LDAP_LIBS="${LDAP_LIBS} -ldes" + fi + if test "$with_ldap_krb" = "yes" ; then + LDAP_LIBS="${LDAP_LIBS} -lkrb" + fi + if test "$with_ldap_lber" = "yes" ; then + LDAP_LIBS="${LDAP_LIBS} -llber" + fi + LDAP_LIBS="${LDAP_LIBS} -lldap" + else + AC_MSG_ERROR([OpenLDAP not found]) + fi + + AC_SUBST(LDAP_LIBS) + + LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_OPENLDAP" + AC_SUBST(LDAP_CFLAGS) +else + LDAP_LIBS="${MOZLDAP_LIBS}" + AC_SUBST(LDAP_LIBS) -PKG_CHECK_MODULES(MOZLDAP, mozldap > 6) + LDAP_CFLAGS="${LDAP_CFLAGS} -DWITH_MOZLDAP" + AC_SUBST(LDAP_CFLAGS) +fi dnl --------------------------------------------------------------------------- dnl - Check for OpenSSL Crypto library |