From 996759c7542bab733228bc31de725a12bde385ba Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Thu, 31 Aug 2006 21:17:34 +0000 Subject: [PATCH] Patches from Will Fiveash to allow for configuration and building on Solaris. Tested (configured & built) on RHEL 4 and Solaris 10. One minor bugfix added. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18554 dc483132-0cff-0310-8789-dd5450dbe970 --- src/plugins/kdb/ldap/libkdb_ldap/Makefile.in | 2 +- src/plugins/kdb/ldap/libkdb_ldap/configure.in | 28 +++++++++++++------ .../kdb/ldap/libkdb_ldap/kdb_ldap_conn.c | 11 +++++++- src/plugins/kdb/ldap/libkdb_ldap/ldap_err.c | 25 +++++++++++++++++ 4 files changed, 55 insertions(+), 11 deletions(-) diff --git a/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in b/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in index c6cec5752..201083535 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in +++ b/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in @@ -31,7 +31,7 @@ SHLIB_EXPDEPS = \ $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ $(SUPPORT_DEPLIB) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) -SHLIB_EXPLIBS= $(GSSRPC_LIBS) -lkrb5 -lk5crypto $(COM_ERR_LIB) $(SUPPORT_LIB) -lldap -llber $(LIBS) +SHLIB_EXPLIBS= $(GSSRPC_LIBS) -lkrb5 -lk5crypto $(COM_ERR_LIB) $(SUPPORT_LIB) @LDAP_LIBS@ $(LIBS) SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) diff --git a/src/plugins/kdb/ldap/libkdb_ldap/configure.in b/src/plugins/kdb/ldap/libkdb_ldap/configure.in index 6e280232e..aee691607 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/configure.in +++ b/src/plugins/kdb/ldap/libkdb_ldap/configure.in @@ -6,16 +6,26 @@ AC_TYPE_OFF_T AC_CHECK_FUNCS(srand48 srand srandom umask) -OPENLDAP=1 -AC_CHECK_HEADERS([ldap.h], :, [OPENLDAP=0; AC_MSG_WARN([ldap.h not found])]) -AC_CHECK_HEADERS([lber.h], :, [OPENLDAP=0; AC_MSG_WARN([lber.h not found])]) -AC_CHECK_LIB(ldap, ldap_init, :, [OPENLDAP=0; AC_MSG_WARN([libldap not found])]) -AC_CHECK_LIB(lber, ber_init, :, [OPENLDAP=0; AC_MSG_WARN([liblber not found])]) - -if test "$OPENLDAP" = "0"; then - AC_ERROR("OPENLDAP libraries missing Skipping openldap database module") +LDAP_OKAY=1 +AC_CHECK_HEADERS([ldap.h], :, [LDAP_OKAY=0; AC_MSG_WARN([ldap.h not found])]) +AC_CHECK_HEADERS([lber.h], :, [LDAP_OKAY=0; AC_MSG_WARN([lber.h not found])]) +AC_CHECK_LIB(ldap, ldap_init, :, [LDAP_OKAY=0; AC_MSG_WARN([libldap not found])]) +if test "$LDAP_OKAY" = "0"; then + AC_ERROR("LDAP libraries missing - skipping LDAP database module") fi - +BER_OKAY=0 +AC_CHECK_LIB(ldap, ber_init, [BER_OKAY=1]) +if test "$BER_OKAY" = "1"; then + LDAP_LIBS='-lldap' +else + AC_CHECK_LIB(lber, ber_init, [BER_OKAY=1], [AC_MSG_WARN([libber not found])]) + if test "$BER_OKAY" = "1"; then + LDAP_LIBS='-lldap -llber' + else + AC_ERROR("BER library missing - skipping LDAP database module") + fi +fi +AC_SUBST(LDAP_LIBS) KRB5_RUN_FLAGS dnl The following is for check... diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c index 3b1dd996f..fe9e6a027 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c @@ -196,15 +196,24 @@ krb5_ldap_db_init(krb5_context context, krb5_ldap_context *ldap_context) { krb5_error_code st=0; krb5_boolean sasl_mech_supported=TRUE; - int cnt=0, version=LDAP_VERSION3, tlsoption=LDAP_OPT_X_TLS_HARD; + int cnt=0, version=LDAP_VERSION3; struct timeval local_timelimit = {10,0}; +#ifdef LDAP_OPT_X_TLS_HARD + int tlsoption=LDAP_OPT_X_TLS_HARD; +#endif if ((st=krb5_validate_ldap_context(context, ldap_context)) != 0) goto err_out; ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &version); +#ifdef LDAP_OPT_NETWORK_TIMEOUT ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &local_timelimit); +#elif defined LDAP_X_OPT_CONNECT_TIMEOUT + ldap_set_option(NULL, LDAP_X_OPT_CONNECT_TIMEOUT, &local_timelimit); +#endif +#ifdef LDAP_OPT_X_TLS_HARD ldap_set_option(NULL, LDAP_OPT_X_TLS, &tlsoption); +#endif HNDL_LOCK(ldap_context); while (ldap_context->server_info_list[cnt] != NULL) { diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_err.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_err.c index d925c5f1a..d14bc8e8e 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_err.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_err.c @@ -6,6 +6,29 @@ #define LDAP_X_ERROR(x) (0) #endif +#ifndef LDAP_NAME_ERROR +#ifdef NAME_ERROR +#define LDAP_NAME_ERROR NAME_ERROR +#else +#define LDAP_NAME_ERROR(x) (0) +#endif +#endif + +#ifndef LDAP_SECURITY_ERROR +#define LDAP_SECURITY_ERROR(x) (0) +#endif + +#ifndef LDAP_SERVICE_ERROR +#define LDAP_SERVICE_ERROR(x) (0) +#endif + +#ifndef LDAP_API_ERROR +#define LDAP_API_ERROR(x) (0) +#endif + +#ifndef LDAP_UPDATE_ERROR +#define LDAP_UPDATE_ERROR(x) (0) +#endif /* * The possible KDB errors are @@ -138,7 +161,9 @@ int translate_ldap_error(int err, int op) { case LDAP_ALIAS_DEREF_PROBLEM: /* Either the client does not have access rights to read the aliased * object's name or dereferencing is not allowed */ +#ifdef LDAP_PROXY_AUTHZ_FAILURE case LDAP_PROXY_AUTHZ_FAILURE: // Is this correct ? +#endif case LDAP_INSUFFICIENT_ACCESS: /* Caller does not have sufficient rights to perform the requested * operation */ -- 2.26.2