$(TOPLIBD)/libk5crypto$(SHLIBEXT) \
$(SUPPORT_DEPLIB) \
$(TOPLIBD)/libkrb5$(SHLIBEXT)
-SHLIB_EXPLIBS= $(GSSRPC_LIBS) -lkrb5 -lk5crypto $(COM_ERR_LIB) $(SUPPORT_LIB) -lldap -llber $(LIBS)
+SHLIB_EXPLIBS= $(GSSRPC_LIBS) -lkrb5 -lk5crypto $(COM_ERR_LIB) $(SUPPORT_LIB) @LDAP_LIBS@ $(LIBS)
SHLIB_DIRS=-L$(TOPLIBD)
SHLIB_RDIRS=$(KRB5_LIBDIR)
AC_CHECK_FUNCS(srand48 srand srandom umask)
-OPENLDAP=1
-AC_CHECK_HEADERS([ldap.h], :, [OPENLDAP=0; AC_MSG_WARN([ldap.h not found])])
-AC_CHECK_HEADERS([lber.h], :, [OPENLDAP=0; AC_MSG_WARN([lber.h not found])])
-AC_CHECK_LIB(ldap, ldap_init, :, [OPENLDAP=0; AC_MSG_WARN([libldap not found])])
-AC_CHECK_LIB(lber, ber_init, :, [OPENLDAP=0; AC_MSG_WARN([liblber not found])])
-
-if test "$OPENLDAP" = "0"; then
- AC_ERROR("OPENLDAP libraries missing Skipping openldap database module")
+LDAP_OKAY=1
+AC_CHECK_HEADERS([ldap.h], :, [LDAP_OKAY=0; AC_MSG_WARN([ldap.h not found])])
+AC_CHECK_HEADERS([lber.h], :, [LDAP_OKAY=0; AC_MSG_WARN([lber.h not found])])
+AC_CHECK_LIB(ldap, ldap_init, :, [LDAP_OKAY=0; AC_MSG_WARN([libldap not found])])
+if test "$LDAP_OKAY" = "0"; then
+ AC_ERROR("LDAP libraries missing - skipping LDAP database module")
fi
-
+BER_OKAY=0
+AC_CHECK_LIB(ldap, ber_init, [BER_OKAY=1])
+if test "$BER_OKAY" = "1"; then
+ LDAP_LIBS='-lldap'
+else
+ AC_CHECK_LIB(lber, ber_init, [BER_OKAY=1], [AC_MSG_WARN([libber not found])])
+ if test "$BER_OKAY" = "1"; then
+ LDAP_LIBS='-lldap -llber'
+ else
+ AC_ERROR("BER library missing - skipping LDAP database module")
+ fi
+fi
+AC_SUBST(LDAP_LIBS)
KRB5_RUN_FLAGS
dnl The following is for check...
{
krb5_error_code st=0;
krb5_boolean sasl_mech_supported=TRUE;
- int cnt=0, version=LDAP_VERSION3, tlsoption=LDAP_OPT_X_TLS_HARD;
+ int cnt=0, version=LDAP_VERSION3;
struct timeval local_timelimit = {10,0};
+#ifdef LDAP_OPT_X_TLS_HARD
+ int tlsoption=LDAP_OPT_X_TLS_HARD;
+#endif
if ((st=krb5_validate_ldap_context(context, ldap_context)) != 0)
goto err_out;
ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &version);
+#ifdef LDAP_OPT_NETWORK_TIMEOUT
ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &local_timelimit);
+#elif defined LDAP_X_OPT_CONNECT_TIMEOUT
+ ldap_set_option(NULL, LDAP_X_OPT_CONNECT_TIMEOUT, &local_timelimit);
+#endif
+#ifdef LDAP_OPT_X_TLS_HARD
ldap_set_option(NULL, LDAP_OPT_X_TLS, &tlsoption);
+#endif
HNDL_LOCK(ldap_context);
while (ldap_context->server_info_list[cnt] != NULL) {
#define LDAP_X_ERROR(x) (0)
#endif
+#ifndef LDAP_NAME_ERROR
+#ifdef NAME_ERROR
+#define LDAP_NAME_ERROR NAME_ERROR
+#else
+#define LDAP_NAME_ERROR(x) (0)
+#endif
+#endif
+
+#ifndef LDAP_SECURITY_ERROR
+#define LDAP_SECURITY_ERROR(x) (0)
+#endif
+
+#ifndef LDAP_SERVICE_ERROR
+#define LDAP_SERVICE_ERROR(x) (0)
+#endif
+
+#ifndef LDAP_API_ERROR
+#define LDAP_API_ERROR(x) (0)
+#endif
+
+#ifndef LDAP_UPDATE_ERROR
+#define LDAP_UPDATE_ERROR(x) (0)
+#endif
/*
* The possible KDB errors are
case LDAP_ALIAS_DEREF_PROBLEM:
/* Either the client does not have access rights to read the aliased
* object's name or dereferencing is not allowed */
+#ifdef LDAP_PROXY_AUTHZ_FAILURE
case LDAP_PROXY_AUTHZ_FAILURE: // Is this correct ?
+#endif
case LDAP_INSUFFICIENT_ACCESS:
/* Caller does not have sufficient rights to perform the requested
* operation */