AC_INIT(main.c)
CONFIG_RULES
AC_PROG_INSTALL
AC_CHECK_HEADERS(syslog.h stdarg.h sys/select.h sys/sockio.h ifaddrs.h unistd.h)
AC_CHECK_FUNCS(openlog syslog closelog strftime vsprintf)
KRB5_NEED_PROTO([#include <string.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
/* Solaris 8 declares swab in stdlib.h.  */
#include <stdlib.h>
],swab,1)
dnl
KRB5_NEED_PROTO([#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif],daemon,1)
dnl
AC_PROG_AWK
KRB5_AC_INET6
KRB5_SOCKADDR_SA_LEN
CHECK_SIGNALS
dnl
dnl --with-vague-errors disables useful error messages.
dnl
AC_ARG_WITH([vague-errors],
[  --with-vague-errors		Do not supply helpful error messages to clients
  --without-vague-errors	Supply helpful error messages to clients (default)],
,
withval=no)dnl
if test "$withval" = yes; then
	AC_MSG_RESULT(Supplying vague error messages to KDC clients)
	AC_DEFINE(KRBCONF_VAGUE_ERRORS)
fi
dnl
dnl --with-kdc-kdb-update makes the KDC update the database with last request
dnl information and failure information.
dnl
AC_ARG_WITH([kdc-kdb-update],
[  --with-kdc-kdb-update	Update the database
  --without-kdc-kdb-update	Do not update the database (default)],
,
withval=no)dnl
if test "$withval" = yes; then
	AC_MSG_RESULT(Updating KDC database with each request)
	AC_DEFINE(KRBCONF_KDC_MODIFIES_KDB)
fi
dnl XXX This will go away soon. -- tlyu
AC_ARG_ENABLE([athena],
[  --enable-athena         build with MIT Project Athena configuration
                           -- here meaning use temporary DES3 etype that
                              includes 32-bit length codings],
[AC_DEFINE(ATHENA_DES3_KLUDGE)],)
dnl
dnl Needed for hw-preauth replay detection on KDC.
dnl
dnl USE_RCACHE enables the replay cache
dnl NOCACHE disables the lookaside cache
dnl
dnl The lookaside cache is checked first; if *exactly* the same message
dnl comes in twice, e.g., because the (legitimate) client resent it,
dnl the previous response will be resent.  Otherwise, the replay cache
dnl is used to check for attempts to fake out the KDC.  Some hardware
dnl preauth methods are weak enough that we *really* want to have this
dnl checking turned on.
dnl
AC_ARG_ENABLE([kdc-replay-cache],
[  --enable-kdc-replay-cache	check for replayed/retransmitted KDC requests
				(recommended for replay attack detection
				 when hardware preauthentication is in use)
  --disable-kdc-replay-cache	omit replay detection], , enableval=yes)dnl
if test "$enableval" = yes ; then
	AC_DEFINE(USE_RCACHE)
else
	AC_DEFINE(NOCACHE)
fi
AC_ARG_ENABLE([fakeka],
[  --enable-fakeka              Enable the build of the Fake KA server
			       (emulates an AFS (kaserver)
  --disable-fakeka             Do not build the fakeka server (default)], , enableval=no)dnl
if test "$enableval" = yes; then
	FAKEKA=fakeka
else
	FAKEKA=
fi
AC_SUBST(FAKEKA)
dnl
dnl
KRB5_RUN_FLAGS
KRB5_BUILD_PROGRAM
V5_AC_OUTPUT_MAKEFILE