mirror of
https://github.com/postgres/postgres.git
synced 2025-05-28 05:21:27 +03:00
The additional packaging footprint of the OAuth Curl dependency, as well as the existence of libcurl in the address space even if OAuth isn't ever used by a client, has raised some concerns. Split off this dependency into a separate loadable module called libpq-oauth. When configured using --with-libcurl, libpq.so searches for this new module via dlopen(). End users may choose not to install the libpq-oauth module, in which case the default flow is disabled. For static applications using libpq.a, the libpq-oauth staticlib is a mandatory link-time dependency for --with-libcurl builds. libpq.pc has been updated accordingly. The default flow relies on some libpq internals. Some of these can be safely duplicated (such as the SIGPIPE handlers), but others need to be shared between libpq and libpq-oauth for thread-safety. To avoid exporting these internals to all libpq clients forever, these dependencies are instead injected from the libpq side via an initialization function. This also lets libpq communicate the offsets of PGconn struct members to libpq-oauth, so that we can function without crashing if the module on the search path came from a different build of Postgres. (A minor-version upgrade could swap the libpq-oauth module out from under a long-running libpq client before it does its first load of the OAuth flow.) This ABI is considered "private". The module has no SONAME or version symlinks, and it's named libpq-oauth-<major>.so to avoid mixing and matching across Postgres versions. (Future improvements may promote this "OAuth flow plugin" to a first-class concept, at which point we would need a public API to replace this anyway.) Additionally, NLS support for error messages in b3f0be788a was incomplete, because the new error macros weren't being scanned by xgettext. Fix that now. Per request from Tom Lane and Bruce Momjian. Based on an initial patch by Daniel Gustafsson, who also contributed docs changes. The "bare" dlopen() concept came from Thomas Munro. Many people reviewed the design and implementation; thank you! Co-authored-by: Daniel Gustafsson <daniel@yesql.se> Reviewed-by: Andres Freund <andres@anarazel.de> Reviewed-by: Christoph Berg <myon@debian.org> Reviewed-by: Daniel Gustafsson <daniel@yesql.se> Reviewed-by: Jelte Fennema-Nio <postgres@jeltef.nl> Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Reviewed-by: Wolfgang Walther <walther@technowledgy.de> Discussion: https://postgr.es/m/641687.1742360249%40sss.pgh.pa.us
357 lines
11 KiB
Plaintext
357 lines
11 KiB
Plaintext
# config/programs.m4
|
|
|
|
|
|
# PGAC_PATH_PROGS
|
|
# ---------------
|
|
# This wrapper for AC_PATH_PROGS behaves like that macro except when
|
|
# VARIABLE is already set; in that case we just accept the value verbatim.
|
|
# (AC_PATH_PROGS would accept it only if it looks like an absolute path.)
|
|
# A desirable future improvement would be to convert a non-absolute-path
|
|
# input into absolute form.
|
|
AC_DEFUN([PGAC_PATH_PROGS],
|
|
[if test -z "$$1"; then
|
|
AC_PATH_PROGS($@)
|
|
else
|
|
# Report the value of $1 in configure's output in all cases.
|
|
AC_MSG_CHECKING([for $1])
|
|
AC_MSG_RESULT([$$1])
|
|
fi
|
|
])
|
|
|
|
|
|
# PGAC_PATH_BISON
|
|
# ---------------
|
|
# Look for Bison, set the output variable BISON to its path if found.
|
|
# Reject versions before 2.3 (the earliest version in the buildfarm
|
|
# as of 2022). Note we do not accept other implementations of yacc.
|
|
|
|
AC_DEFUN([PGAC_PATH_BISON],
|
|
[PGAC_PATH_PROGS(BISON, bison)
|
|
|
|
if test "$BISON"; then
|
|
pgac_bison_version=`$BISON --version 2>/dev/null | sed q`
|
|
AC_MSG_NOTICE([using $pgac_bison_version])
|
|
if echo "$pgac_bison_version" | $AWK '{ if ([$]4 < 2.3) exit 0; else exit 1;}'
|
|
then
|
|
AC_MSG_ERROR([
|
|
*** The installed version of Bison, $BISON, is too old to use with PostgreSQL.
|
|
*** Bison version 2.3 or later is required, but this is $pgac_bison_version.])
|
|
fi
|
|
# Bison >=3.0 issues warnings about %name-prefix="base_yy", instead
|
|
# of the now preferred %name-prefix "base_yy", but the latter
|
|
# doesn't work with Bison 2.3 or less. So for now we silence the
|
|
# deprecation warnings.
|
|
if echo "$pgac_bison_version" | $AWK '{ if ([$]4 >= 3) exit 0; else exit 1;}'
|
|
then
|
|
BISONFLAGS="$BISONFLAGS -Wno-deprecated"
|
|
fi
|
|
fi
|
|
|
|
if test -z "$BISON"; then
|
|
AC_MSG_ERROR([bison not found])
|
|
fi
|
|
dnl We don't need AC_SUBST(BISON) because PGAC_PATH_PROGS did it
|
|
AC_SUBST(BISONFLAGS)
|
|
])# PGAC_PATH_BISON
|
|
|
|
|
|
|
|
# PGAC_PATH_FLEX
|
|
# --------------
|
|
# Look for Flex, set the output variable FLEX to its path if found.
|
|
|
|
AC_DEFUN([PGAC_PATH_FLEX],
|
|
[PGAC_PATH_PROGS(FLEX, flex)
|
|
if test -z "$FLEX"; then
|
|
AC_MSG_ERROR([flex not found])
|
|
fi
|
|
|
|
pgac_flex_version=`$FLEX --version 2>/dev/null`
|
|
AC_MSG_NOTICE([using $pgac_flex_version])
|
|
|
|
AC_SUBST(FLEX)
|
|
AC_SUBST(FLEXFLAGS)
|
|
])# PGAC_PATH_FLEX
|
|
|
|
|
|
|
|
# PGAC_LDAP_SAFE
|
|
# --------------
|
|
# PostgreSQL sometimes loads libldap_r and plain libldap into the same
|
|
# process. Check for OpenLDAP versions known not to tolerate doing so; assume
|
|
# non-OpenLDAP implementations are safe. The dblink test suite exercises the
|
|
# hazardous interaction directly.
|
|
|
|
AC_DEFUN([PGAC_LDAP_SAFE],
|
|
[AC_CACHE_CHECK([for compatible LDAP implementation], [pgac_cv_ldap_safe],
|
|
[AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
|
|
[#include <ldap.h>
|
|
#if !defined(LDAP_VENDOR_VERSION) || \
|
|
(defined(LDAP_API_FEATURE_X_OPENLDAP) && \
|
|
LDAP_VENDOR_VERSION >= 20424 && LDAP_VENDOR_VERSION <= 20431)
|
|
choke me
|
|
#endif], [])],
|
|
[pgac_cv_ldap_safe=yes],
|
|
[pgac_cv_ldap_safe=no])])
|
|
|
|
if test "$pgac_cv_ldap_safe" != yes; then
|
|
AC_MSG_WARN([
|
|
*** With OpenLDAP versions 2.4.24 through 2.4.31, inclusive, each backend
|
|
*** process that loads libpq (via WAL receiver, dblink, or postgres_fdw) and
|
|
*** also uses LDAP will crash on exit.])
|
|
fi])
|
|
|
|
|
|
|
|
# PGAC_CHECK_READLINE
|
|
# -------------------
|
|
# Check for the readline library and dependent libraries, either
|
|
# termcap or curses. Also try libedit, since NetBSD's is compatible.
|
|
# Add the required flags to LIBS, define HAVE_LIBREADLINE.
|
|
|
|
AC_DEFUN([PGAC_CHECK_READLINE],
|
|
[AC_REQUIRE([AC_CANONICAL_HOST])
|
|
|
|
AC_CACHE_CHECK([for library containing readline], [pgac_cv_check_readline],
|
|
[pgac_cv_check_readline=no
|
|
pgac_save_LIBS=$LIBS
|
|
if test x"$with_libedit_preferred" != x"yes"
|
|
then READLINE_ORDER="-lreadline -ledit"
|
|
else READLINE_ORDER="-ledit -lreadline"
|
|
fi
|
|
for pgac_rllib in $READLINE_ORDER ; do
|
|
for pgac_lib in "" " -ltermcap" " -lncurses" " -lcurses" ; do
|
|
LIBS="${pgac_rllib}${pgac_lib} $pgac_save_LIBS"
|
|
AC_TRY_LINK_FUNC([readline], [[
|
|
# Older NetBSD and OpenBSD have a broken linker that does not
|
|
# recognize dependent libraries; assume curses is needed if we didn't
|
|
# find any dependency.
|
|
case $host_os in
|
|
netbsd* | openbsd*)
|
|
if test x"$pgac_lib" = x"" ; then
|
|
pgac_lib=" -lcurses"
|
|
fi ;;
|
|
esac
|
|
|
|
pgac_cv_check_readline="${pgac_rllib}${pgac_lib}"
|
|
break
|
|
]])
|
|
done
|
|
if test "$pgac_cv_check_readline" != no ; then
|
|
break
|
|
fi
|
|
done
|
|
LIBS=$pgac_save_LIBS
|
|
])[]dnl AC_CACHE_CHECK
|
|
|
|
if test "$pgac_cv_check_readline" != no ; then
|
|
LIBS="$pgac_cv_check_readline $LIBS"
|
|
AC_DEFINE(HAVE_LIBREADLINE, 1, [Define if you have a function readline library])
|
|
fi
|
|
|
|
])# PGAC_CHECK_READLINE
|
|
|
|
|
|
|
|
# PGAC_READLINE_VARIABLES
|
|
# -----------------------
|
|
# Some Readline versions lack rl_completion_suppress_quote.
|
|
# Libedit lacks rl_filename_quote_characters and rl_filename_quoting_function
|
|
|
|
AC_DEFUN([PGAC_READLINE_VARIABLES],
|
|
[AC_CACHE_CHECK([for rl_completion_suppress_quote], pgac_cv_var_rl_completion_suppress_quote,
|
|
[AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>
|
|
#if defined(HAVE_READLINE_READLINE_H)
|
|
#include <readline/readline.h>
|
|
#elif defined(HAVE_EDITLINE_READLINE_H)
|
|
#include <editline/readline.h>
|
|
#elif defined(HAVE_READLINE_H)
|
|
#include <readline.h>
|
|
#endif
|
|
],
|
|
[rl_completion_suppress_quote = 1;])],
|
|
[pgac_cv_var_rl_completion_suppress_quote=yes],
|
|
[pgac_cv_var_rl_completion_suppress_quote=no])])
|
|
if test x"$pgac_cv_var_rl_completion_suppress_quote" = x"yes"; then
|
|
AC_DEFINE(HAVE_RL_COMPLETION_SUPPRESS_QUOTE, 1,
|
|
[Define to 1 if you have the global variable 'rl_completion_suppress_quote'.])
|
|
fi
|
|
AC_CACHE_CHECK([for rl_filename_quote_characters], pgac_cv_var_rl_filename_quote_characters,
|
|
[AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>
|
|
#if defined(HAVE_READLINE_READLINE_H)
|
|
#include <readline/readline.h>
|
|
#elif defined(HAVE_EDITLINE_READLINE_H)
|
|
#include <editline/readline.h>
|
|
#elif defined(HAVE_READLINE_H)
|
|
#include <readline.h>
|
|
#endif
|
|
],
|
|
[rl_filename_quote_characters = "x";])],
|
|
[pgac_cv_var_rl_filename_quote_characters=yes],
|
|
[pgac_cv_var_rl_filename_quote_characters=no])])
|
|
if test x"$pgac_cv_var_rl_filename_quote_characters" = x"yes"; then
|
|
AC_DEFINE(HAVE_RL_FILENAME_QUOTE_CHARACTERS, 1,
|
|
[Define to 1 if you have the global variable 'rl_filename_quote_characters'.])
|
|
fi
|
|
AC_CACHE_CHECK([for rl_filename_quoting_function], pgac_cv_var_rl_filename_quoting_function,
|
|
[AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>
|
|
#if defined(HAVE_READLINE_READLINE_H)
|
|
#include <readline/readline.h>
|
|
#elif defined(HAVE_EDITLINE_READLINE_H)
|
|
#include <editline/readline.h>
|
|
#elif defined(HAVE_READLINE_H)
|
|
#include <readline.h>
|
|
#endif
|
|
],
|
|
[rl_filename_quoting_function = 0;])],
|
|
[pgac_cv_var_rl_filename_quoting_function=yes],
|
|
[pgac_cv_var_rl_filename_quoting_function=no])])
|
|
if test x"$pgac_cv_var_rl_filename_quoting_function" = x"yes"; then
|
|
AC_DEFINE(HAVE_RL_FILENAME_QUOTING_FUNCTION, 1,
|
|
[Define to 1 if you have the global variable 'rl_filename_quoting_function'.])
|
|
fi
|
|
])# PGAC_READLINE_VARIABLES
|
|
|
|
|
|
|
|
# PGAC_CHECK_GETTEXT
|
|
# ------------------
|
|
# We check for bind_textdomain_codeset() not just gettext(). GNU gettext
|
|
# before 0.10.36 does not have that function, and is generally too incomplete
|
|
# to be usable.
|
|
|
|
AC_DEFUN([PGAC_CHECK_GETTEXT],
|
|
[
|
|
AC_SEARCH_LIBS(bind_textdomain_codeset, intl, [],
|
|
[AC_MSG_ERROR([a gettext implementation is required for NLS])])
|
|
AC_CHECK_HEADER([libintl.h], [],
|
|
[AC_MSG_ERROR([header file <libintl.h> is required for NLS])])
|
|
PGAC_PATH_PROGS(MSGFMT, msgfmt)
|
|
AC_ARG_VAR(MSGFMT, [msgfmt program for NLS])dnl
|
|
if test -z "$MSGFMT"; then
|
|
AC_MSG_ERROR([msgfmt is required for NLS])
|
|
fi
|
|
AC_CACHE_CHECK([for msgfmt flags], pgac_cv_msgfmt_flags,
|
|
[if test x"$MSGFMT" != x"" && "$MSGFMT" --version 2>&1 | grep "GNU" >/dev/null; then
|
|
pgac_cv_msgfmt_flags=-c
|
|
fi])
|
|
AC_SUBST(MSGFMT_FLAGS, $pgac_cv_msgfmt_flags)
|
|
PGAC_PATH_PROGS(MSGMERGE, msgmerge)
|
|
PGAC_PATH_PROGS(XGETTEXT, xgettext)
|
|
])# PGAC_CHECK_GETTEXT
|
|
|
|
|
|
|
|
# PGAC_CHECK_STRIP
|
|
# ----------------
|
|
# Check for a 'strip' program, and figure out if that program can
|
|
# strip libraries.
|
|
|
|
AC_DEFUN([PGAC_CHECK_STRIP],
|
|
[
|
|
AC_CHECK_TOOL(STRIP, strip, :)
|
|
|
|
AC_MSG_CHECKING([whether it is possible to strip libraries])
|
|
if test x"$STRIP" != x"" && "$STRIP" -V 2>&1 | grep "GNU strip" >/dev/null; then
|
|
STRIP_STATIC_LIB="$STRIP --strip-unneeded"
|
|
STRIP_SHARED_LIB="$STRIP --strip-unneeded"
|
|
AC_MSG_RESULT(yes)
|
|
else
|
|
case $host_os in
|
|
darwin*)
|
|
STRIP="$STRIP -x"
|
|
STRIP_STATIC_LIB=$STRIP
|
|
STRIP_SHARED_LIB=$STRIP
|
|
AC_MSG_RESULT(yes)
|
|
;;
|
|
*)
|
|
STRIP_STATIC_LIB=:
|
|
STRIP_SHARED_LIB=:
|
|
AC_MSG_RESULT(no)
|
|
;;
|
|
esac
|
|
fi
|
|
AC_SUBST(STRIP_STATIC_LIB)
|
|
AC_SUBST(STRIP_SHARED_LIB)
|
|
])# PGAC_CHECK_STRIP
|
|
|
|
|
|
|
|
# PGAC_CHECK_LIBCURL
|
|
# ------------------
|
|
# Check for required libraries and headers, and test to see whether the current
|
|
# installation of libcurl is thread-safe.
|
|
|
|
AC_DEFUN([PGAC_CHECK_LIBCURL],
|
|
[
|
|
AC_CHECK_HEADER(curl/curl.h, [],
|
|
[AC_MSG_ERROR([header file <curl/curl.h> is required for --with-libcurl])])
|
|
AC_CHECK_LIB(curl, curl_multi_init, [
|
|
AC_DEFINE([HAVE_LIBCURL], [1], [Define to 1 if you have the `curl' library (-lcurl).])
|
|
AC_SUBST(LIBCURL_LDLIBS, -lcurl)
|
|
],
|
|
[AC_MSG_ERROR([library 'curl' does not provide curl_multi_init])])
|
|
|
|
pgac_save_CPPFLAGS=$CPPFLAGS
|
|
pgac_save_LDFLAGS=$LDFLAGS
|
|
pgac_save_LIBS=$LIBS
|
|
|
|
CPPFLAGS="$LIBCURL_CPPFLAGS $CPPFLAGS"
|
|
LDFLAGS="$LIBCURL_LDFLAGS $LDFLAGS"
|
|
LIBS="$LIBCURL_LDLIBS $LIBS"
|
|
|
|
# Check to see whether the current platform supports threadsafe Curl
|
|
# initialization.
|
|
AC_CACHE_CHECK([for curl_global_init thread safety], [pgac_cv__libcurl_threadsafe_init],
|
|
[AC_RUN_IFELSE([AC_LANG_PROGRAM([
|
|
#include <curl/curl.h>
|
|
],[
|
|
curl_version_info_data *info;
|
|
|
|
if (curl_global_init(CURL_GLOBAL_ALL))
|
|
return -1;
|
|
|
|
info = curl_version_info(CURLVERSION_NOW);
|
|
#ifdef CURL_VERSION_THREADSAFE
|
|
if (info->features & CURL_VERSION_THREADSAFE)
|
|
return 0;
|
|
#endif
|
|
|
|
return 1;
|
|
])],
|
|
[pgac_cv__libcurl_threadsafe_init=yes],
|
|
[pgac_cv__libcurl_threadsafe_init=no],
|
|
[pgac_cv__libcurl_threadsafe_init=unknown])])
|
|
if test x"$pgac_cv__libcurl_threadsafe_init" = xyes ; then
|
|
AC_DEFINE(HAVE_THREADSAFE_CURL_GLOBAL_INIT, 1,
|
|
[Define to 1 if curl_global_init() is guaranteed to be thread-safe.])
|
|
fi
|
|
|
|
# Fail if a thread-friendly DNS resolver isn't built.
|
|
AC_CACHE_CHECK([for curl support for asynchronous DNS], [pgac_cv__libcurl_async_dns],
|
|
[AC_RUN_IFELSE([AC_LANG_PROGRAM([
|
|
#include <curl/curl.h>
|
|
],[
|
|
curl_version_info_data *info;
|
|
|
|
if (curl_global_init(CURL_GLOBAL_ALL))
|
|
return -1;
|
|
|
|
info = curl_version_info(CURLVERSION_NOW);
|
|
return (info->features & CURL_VERSION_ASYNCHDNS) ? 0 : 1;
|
|
])],
|
|
[pgac_cv__libcurl_async_dns=yes],
|
|
[pgac_cv__libcurl_async_dns=no],
|
|
[pgac_cv__libcurl_async_dns=unknown])])
|
|
if test x"$pgac_cv__libcurl_async_dns" = xno ; then
|
|
AC_MSG_ERROR([
|
|
*** The installed version of libcurl does not support asynchronous DNS
|
|
*** lookups. Rebuild libcurl with the AsynchDNS feature enabled in order
|
|
*** to use it with libpq.])
|
|
fi
|
|
|
|
CPPFLAGS=$pgac_save_CPPFLAGS
|
|
LDFLAGS=$pgac_save_LDFLAGS
|
|
LIBS=$pgac_save_LIBS
|
|
])# PGAC_CHECK_LIBCURL
|