mirror of
https://github.com/postgres/postgres.git
synced 2025-07-27 12:41:57 +03:00
Add support for GSSAPI authentication.
Documentation still being written, will be committed later. Henry B. Hotz and Magnus Hagander
This commit is contained in:
Magnus Hagander
334
configure
vendored
334
configure
vendored
@ -314,7 +314,7 @@ ac_includes_default="\
|
||||
# include <unistd.h>
|
||||
#endif"
|
||||
|
||||
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configure_args build build_cpu build_vendor build_os host host_cpu host_vendor host_os PORTNAME docdir enable_nls WANTED_LANGUAGES default_port enable_shared enable_rpath enable_debug enable_profiling DTRACE DTRACEFLAGS enable_dtrace CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP GCC TAS autodepend INCLUDES enable_thread_safety with_tcl with_perl with_python with_krb5 krb_srvtab with_pam with_ldap with_bonjour with_openssl with_ossp_uuid XML2_CONFIG with_libxml with_libxslt with_zlib EGREP ELF_SYS LDFLAGS_SL AWK FLEX FLEXFLAGS LN_S LD with_gnu_ld ld_R_works RANLIB ac_ct_RANLIB TAR STRIP ac_ct_STRIP STRIP_STATIC_LIB STRIP_SHARED_LIB YACC YFLAGS PERL perl_archlibexp perl_privlibexp perl_useshrplib perl_embed_ldflags PYTHON python_version python_configdir python_includespec python_libdir python_libspec python_additional_libs HAVE_IPV6 LIBOBJS acx_pthread_config PTHREAD_CC PTHREAD_LIBS PTHREAD_CFLAGS LDAP_LIBS_FE LDAP_LIBS_BE HAVE_POSIX_SIGNALS MSGFMT MSGMERGE XGETTEXT localedir TCLSH TCL_CONFIG_SH TCL_INCLUDE_SPEC TCL_LIB_FILE TCL_LIBS TCL_LIB_SPEC TCL_SHARED_BUILD TCL_SHLIB_LD_LIBS NSGMLS JADE have_docbook DOCBOOKSTYLE COLLATEINDEX SGMLSPL vpath_build LTLIBOBJS'
|
||||
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configure_args build build_cpu build_vendor build_os host host_cpu host_vendor host_os PORTNAME docdir enable_nls WANTED_LANGUAGES default_port enable_shared enable_rpath enable_debug enable_profiling DTRACE DTRACEFLAGS enable_dtrace CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP GCC TAS autodepend INCLUDES enable_thread_safety with_tcl with_perl with_python with_gssapi with_krb5 krb_srvtab with_pam with_ldap with_bonjour with_openssl with_ossp_uuid XML2_CONFIG with_libxml with_libxslt with_zlib EGREP ELF_SYS LDFLAGS_SL AWK FLEX FLEXFLAGS LN_S LD with_gnu_ld ld_R_works RANLIB ac_ct_RANLIB TAR STRIP ac_ct_STRIP STRIP_STATIC_LIB STRIP_SHARED_LIB YACC YFLAGS PERL perl_archlibexp perl_privlibexp perl_useshrplib perl_embed_ldflags PYTHON python_version python_configdir python_includespec python_libdir python_libspec python_additional_libs HAVE_IPV6 LIBOBJS acx_pthread_config PTHREAD_CC PTHREAD_LIBS PTHREAD_CFLAGS LDAP_LIBS_FE LDAP_LIBS_BE HAVE_POSIX_SIGNALS MSGFMT MSGMERGE XGETTEXT localedir TCLSH TCL_CONFIG_SH TCL_INCLUDE_SPEC TCL_LIB_FILE TCL_LIBS TCL_LIB_SPEC TCL_SHARED_BUILD TCL_SHLIB_LD_LIBS NSGMLS JADE have_docbook DOCBOOKSTYLE COLLATEINDEX SGMLSPL vpath_build LTLIBOBJS'
|
||||
ac_subst_files=''
|
||||
|
||||
# Initialize some variables set by options.
|
||||
@ -887,6 +887,7 @@ Optional Packages:
|
||||
--with-tclconfig=DIR tclConfig.sh is in DIR
|
||||
--with-perl build Perl modules (PL/Perl)
|
||||
--with-python build Python modules (PL/Python)
|
||||
--with-gssapi build with GSSAPI support
|
||||
--with-krb5 build with Kerberos 5 support
|
||||
--with-krb-srvnam=NAME default service principal name in Kerberos [postgres]
|
||||
--with-pam build with PAM support
|
||||
@ -3919,6 +3920,50 @@ echo "$as_me:$LINENO: result: $with_python" >&5
|
||||
echo "${ECHO_T}$with_python" >&6
|
||||
|
||||
|
||||
#
|
||||
# GSSAPI
|
||||
#
|
||||
echo "$as_me:$LINENO: checking wether to build with GSSAPI support" >&5
|
||||
echo $ECHO_N "checking wether to build with GSSAPI support... $ECHO_C" >&6
|
||||
|
||||
pgac_args="$pgac_args with_gssapi"
|
||||
|
||||
|
||||
# Check whether --with-gssapi or --without-gssapi was given.
|
||||
if test "${with_gssapi+set}" = set; then
|
||||
withval="$with_gssapi"
|
||||
|
||||
case $withval in
|
||||
yes)
|
||||
|
||||
|
||||
cat >>confdefs.h <<\_ACEOF
|
||||
#define ENABLE_GSS 1
|
||||
_ACEOF
|
||||
|
||||
krb_srvtab="FILE:\$(sysconfdir)/krb5.keytab"
|
||||
|
||||
;;
|
||||
no)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
{ { echo "$as_me:$LINENO: error: no argument expected for --with-gssapi option" >&5
|
||||
echo "$as_me: error: no argument expected for --with-gssapi option" >&2;}
|
||||
{ (exit 1); exit 1; }; }
|
||||
;;
|
||||
esac
|
||||
|
||||
else
|
||||
with_gssapi=no
|
||||
|
||||
fi;
|
||||
|
||||
echo "$as_me:$LINENO: result: $with_gssapi" >&5
|
||||
echo "${ECHO_T}$with_gssapi" >&6
|
||||
|
||||
|
||||
|
||||
#
|
||||
# Kerberos 5
|
||||
#
|
||||
@ -6718,6 +6763,143 @@ echo "$as_me: WARNING:
|
||||
*** Not using spinlocks will cause poor performance." >&2;}
|
||||
fi
|
||||
|
||||
if test "$with_gssapi" = yes ; then
|
||||
if test "$PORTNAME" != "win32"; then
|
||||
echo "$as_me:$LINENO: checking for library containing gss_init_sec_context" >&5
|
||||
echo $ECHO_N "checking for library containing gss_init_sec_context... $ECHO_C" >&6
|
||||
if test "${ac_cv_search_gss_init_sec_context+set}" = set; then
|
||||
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||
else
|
||||
ac_func_search_save_LIBS=$LIBS
|
||||
ac_cv_search_gss_init_sec_context=no
|
||||
cat >conftest.$ac_ext <<_ACEOF
|
||||
/* confdefs.h. */
|
||||
_ACEOF
|
||||
cat confdefs.h >>conftest.$ac_ext
|
||||
cat >>conftest.$ac_ext <<_ACEOF
|
||||
/* end confdefs.h. */
|
||||
|
||||
/* Override any gcc2 internal prototype to avoid an error. */
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
#endif
|
||||
/* We use char because int might match the return type of a gcc2
|
||||
builtin and then its argument prototype would still apply. */
|
||||
char gss_init_sec_context ();
|
||||
int
|
||||
main ()
|
||||
{
|
||||
gss_init_sec_context ();
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
||||
(eval $ac_link) 2>conftest.er1
|
||||
ac_status=$?
|
||||
grep -v '^ *+' conftest.er1 >conftest.err
|
||||
rm -f conftest.er1
|
||||
cat conftest.err >&5
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); } &&
|
||||
{ ac_try='test -z "$ac_c_werror_flag"
|
||||
|| test ! -s conftest.err'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; } &&
|
||||
{ ac_try='test -s conftest$ac_exeext'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; }; then
|
||||
ac_cv_search_gss_init_sec_context="none required"
|
||||
else
|
||||
echo "$as_me: failed program was:" >&5
|
||||
sed 's/^/| /' conftest.$ac_ext >&5
|
||||
|
||||
fi
|
||||
rm -f conftest.err conftest.$ac_objext \
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
if test "$ac_cv_search_gss_init_sec_context" = no; then
|
||||
for ac_lib in gssapi_krb5; do
|
||||
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
|
||||
cat >conftest.$ac_ext <<_ACEOF
|
||||
/* confdefs.h. */
|
||||
_ACEOF
|
||||
cat confdefs.h >>conftest.$ac_ext
|
||||
cat >>conftest.$ac_ext <<_ACEOF
|
||||
/* end confdefs.h. */
|
||||
|
||||
/* Override any gcc2 internal prototype to avoid an error. */
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
#endif
|
||||
/* We use char because int might match the return type of a gcc2
|
||||
builtin and then its argument prototype would still apply. */
|
||||
char gss_init_sec_context ();
|
||||
int
|
||||
main ()
|
||||
{
|
||||
gss_init_sec_context ();
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
||||
(eval $ac_link) 2>conftest.er1
|
||||
ac_status=$?
|
||||
grep -v '^ *+' conftest.er1 >conftest.err
|
||||
rm -f conftest.er1
|
||||
cat conftest.err >&5
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); } &&
|
||||
{ ac_try='test -z "$ac_c_werror_flag"
|
||||
|| test ! -s conftest.err'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; } &&
|
||||
{ ac_try='test -s conftest$ac_exeext'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; }; then
|
||||
ac_cv_search_gss_init_sec_context="-l$ac_lib"
|
||||
break
|
||||
else
|
||||
echo "$as_me: failed program was:" >&5
|
||||
sed 's/^/| /' conftest.$ac_ext >&5
|
||||
|
||||
fi
|
||||
rm -f conftest.err conftest.$ac_objext \
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
fi
|
||||
LIBS=$ac_func_search_save_LIBS
|
||||
fi
|
||||
echo "$as_me:$LINENO: result: $ac_cv_search_gss_init_sec_context" >&5
|
||||
echo "${ECHO_T}$ac_cv_search_gss_init_sec_context" >&6
|
||||
if test "$ac_cv_search_gss_init_sec_context" != no; then
|
||||
test "$ac_cv_search_gss_init_sec_context" = "none required" || LIBS="$ac_cv_search_gss_init_sec_context $LIBS"
|
||||
|
||||
else
|
||||
{ { echo "$as_me:$LINENO: error: could not find function 'gss_init_sec_context' required for GSSAPI" >&5
|
||||
echo "$as_me: error: could not find function 'gss_init_sec_context' required for GSSAPI" >&2;}
|
||||
{ (exit 1); exit 1; }; }
|
||||
fi
|
||||
|
||||
else
|
||||
LIBS="$LIBS -lgssapi32"
|
||||
fi
|
||||
fi
|
||||
|
||||
if test "$with_krb5" = yes ; then
|
||||
if test "$PORTNAME" != "win32"; then
|
||||
echo "$as_me:$LINENO: checking for library containing com_err" >&5
|
||||
@ -10014,6 +10196,155 @@ Use --without-zlib to disable zlib support." >&2;}
|
||||
fi
|
||||
|
||||
|
||||
fi
|
||||
|
||||
if test "$with_gssapi" = yes ; then
|
||||
if test "${ac_cv_header_gssapi_gssapi_h+set}" = set; then
|
||||
echo "$as_me:$LINENO: checking for gssapi/gssapi.h" >&5
|
||||
echo $ECHO_N "checking for gssapi/gssapi.h... $ECHO_C" >&6
|
||||
if test "${ac_cv_header_gssapi_gssapi_h+set}" = set; then
|
||||
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||
fi
|
||||
echo "$as_me:$LINENO: result: $ac_cv_header_gssapi_gssapi_h" >&5
|
||||
echo "${ECHO_T}$ac_cv_header_gssapi_gssapi_h" >&6
|
||||
else
|
||||
# Is the header compilable?
|
||||
echo "$as_me:$LINENO: checking gssapi/gssapi.h usability" >&5
|
||||
echo $ECHO_N "checking gssapi/gssapi.h usability... $ECHO_C" >&6
|
||||
cat >conftest.$ac_ext <<_ACEOF
|
||||
/* confdefs.h. */
|
||||
_ACEOF
|
||||
cat confdefs.h >>conftest.$ac_ext
|
||||
cat >>conftest.$ac_ext <<_ACEOF
|
||||
/* end confdefs.h. */
|
||||
$ac_includes_default
|
||||
#include <gssapi/gssapi.h>
|
||||
_ACEOF
|
||||
rm -f conftest.$ac_objext
|
||||
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
|
||||
(eval $ac_compile) 2>conftest.er1
|
||||
ac_status=$?
|
||||
grep -v '^ *+' conftest.er1 >conftest.err
|
||||
rm -f conftest.er1
|
||||
cat conftest.err >&5
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); } &&
|
||||
{ ac_try='test -z "$ac_c_werror_flag"
|
||||
|| test ! -s conftest.err'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; } &&
|
||||
{ ac_try='test -s conftest.$ac_objext'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; }; then
|
||||
ac_header_compiler=yes
|
||||
else
|
||||
echo "$as_me: failed program was:" >&5
|
||||
sed 's/^/| /' conftest.$ac_ext >&5
|
||||
|
||||
ac_header_compiler=no
|
||||
fi
|
||||
rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
|
||||
echo "${ECHO_T}$ac_header_compiler" >&6
|
||||
|
||||
# Is the header present?
|
||||
echo "$as_me:$LINENO: checking gssapi/gssapi.h presence" >&5
|
||||
echo $ECHO_N "checking gssapi/gssapi.h presence... $ECHO_C" >&6
|
||||
cat >conftest.$ac_ext <<_ACEOF
|
||||
/* confdefs.h. */
|
||||
_ACEOF
|
||||
cat confdefs.h >>conftest.$ac_ext
|
||||
cat >>conftest.$ac_ext <<_ACEOF
|
||||
/* end confdefs.h. */
|
||||
#include <gssapi/gssapi.h>
|
||||
_ACEOF
|
||||
if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
|
||||
(eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
|
||||
ac_status=$?
|
||||
grep -v '^ *+' conftest.er1 >conftest.err
|
||||
rm -f conftest.er1
|
||||
cat conftest.err >&5
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); } >/dev/null; then
|
||||
if test -s conftest.err; then
|
||||
ac_cpp_err=$ac_c_preproc_warn_flag
|
||||
ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
|
||||
else
|
||||
ac_cpp_err=
|
||||
fi
|
||||
else
|
||||
ac_cpp_err=yes
|
||||
fi
|
||||
if test -z "$ac_cpp_err"; then
|
||||
ac_header_preproc=yes
|
||||
else
|
||||
echo "$as_me: failed program was:" >&5
|
||||
sed 's/^/| /' conftest.$ac_ext >&5
|
||||
|
||||
ac_header_preproc=no
|
||||
fi
|
||||
rm -f conftest.err conftest.$ac_ext
|
||||
echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
|
||||
echo "${ECHO_T}$ac_header_preproc" >&6
|
||||
|
||||
# So? What about this header?
|
||||
case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
|
||||
yes:no: )
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: accepted by the compiler, rejected by the preprocessor!" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: proceeding with the compiler's result" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: proceeding with the compiler's result" >&2;}
|
||||
ac_header_preproc=yes
|
||||
;;
|
||||
no:yes:* )
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: present but cannot be compiled" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: present but cannot be compiled" >&2;}
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: check for missing prerequisite headers?" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: check for missing prerequisite headers?" >&2;}
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: see the Autoconf documentation" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: see the Autoconf documentation" >&2;}
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: section \"Present But Cannot Be Compiled\"" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: section \"Present But Cannot Be Compiled\"" >&2;}
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: proceeding with the preprocessor's result" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: proceeding with the preprocessor's result" >&2;}
|
||||
{ echo "$as_me:$LINENO: WARNING: gssapi/gssapi.h: in the future, the compiler will take precedence" >&5
|
||||
echo "$as_me: WARNING: gssapi/gssapi.h: in the future, the compiler will take precedence" >&2;}
|
||||
(
|
||||
cat <<\_ASBOX
|
||||
## ---------------------------------------- ##
|
||||
## Report this to pgsql-bugs@postgresql.org ##
|
||||
## ---------------------------------------- ##
|
||||
_ASBOX
|
||||
) |
|
||||
sed "s/^/$as_me: WARNING: /" >&2
|
||||
;;
|
||||
esac
|
||||
echo "$as_me:$LINENO: checking for gssapi/gssapi.h" >&5
|
||||
echo $ECHO_N "checking for gssapi/gssapi.h... $ECHO_C" >&6
|
||||
if test "${ac_cv_header_gssapi_gssapi_h+set}" = set; then
|
||||
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||
else
|
||||
ac_cv_header_gssapi_gssapi_h=$ac_header_preproc
|
||||
fi
|
||||
echo "$as_me:$LINENO: result: $ac_cv_header_gssapi_gssapi_h" >&5
|
||||
echo "${ECHO_T}$ac_cv_header_gssapi_gssapi_h" >&6
|
||||
|
||||
fi
|
||||
if test $ac_cv_header_gssapi_gssapi_h = yes; then
|
||||
:
|
||||
else
|
||||
{ { echo "$as_me:$LINENO: error: header file <gssapi/gssapi.h> is required for GSSAPI" >&5
|
||||
echo "$as_me: error: header file <gssapi/gssapi.h> is required for GSSAPI" >&2;}
|
||||
{ (exit 1); exit 1; }; }
|
||||
fi
|
||||
|
||||
|
||||
fi
|
||||
|
||||
if test "$with_krb5" = yes ; then
|
||||
@ -24618,6 +24949,7 @@ s,@enable_thread_safety@,$enable_thread_safety,;t t
|
||||
s,@with_tcl@,$with_tcl,;t t
|
||||
s,@with_perl@,$with_perl,;t t
|
||||
s,@with_python@,$with_python,;t t
|
||||
s,@with_gssapi@,$with_gssapi,;t t
|
||||
s,@with_krb5@,$with_krb5,;t t
|
||||
s,@krb_srvtab@,$krb_srvtab,;t t
|
||||
s,@with_pam@,$with_pam,;t t
|
||||
|
||||
Reference in New Issue
Block a user