kdc: Return NEVER_VALID error code if ticket will never be valid

[lorikeet-heimdal.git] / configure.ac
diff --git a/configure.ac b/configure.ac

index f1e8d7b15e5328cb46a9a4a87437591fae0c95cc..e8eea4e6d3ae1832759202dab0a832909a39ec3f 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -18,6 +18,9 @@ dnl Checks for programs.
  AC_PROG_CC
  AM_PROG_CC_C_O
  AC_PROG_CPP
+AM_PATH_PYTHON
+AC_CHECK_PROG(CLANG_FORMAT, clang-format, [clang-format], [no])
+test "$CLANG_FORMAT" = no && CLANG_FORMAT=true
  
  m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
  
@@ -56,8 +59,8 @@ if ! test -f "$srcdir/lib/asn1/der-protos.h" ||
      AC_KRB_PERL_MOD(JSON)
  fi
  
-dnl AC_KRB_PROG_YACC
-AC_PROG_YACC
+AC_KRB_PROG_YACC
+dnl AC_PROG_YACC
  AM_PROG_LEX
  AS_IF([$LEX --nounput -V > /dev/null 2>&1 && test $? -eq 0],
        [AC_SUBST([FLEXNOUNPUTARGS], ["--nounput"])],
@@ -85,8 +88,6 @@ dnl
  dnl Helper bits for cross compiling
  dnl
  
-
-
  AM_CONDITIONAL(CROSS_COMPILE, test "${cross_compiling}" = yes)
  
  AC_ARG_WITH(cross-tools,
@@ -115,6 +116,14 @@ else
  
  fi
  
+AX_CHECK_COMPILE_FLAG([-Wno-error=enum-conversion],
+                      [WFLAGS_ENUM_CONV=-Wno-error=enum-conversion],
+                      [WFLAGS_ENUM_CONV=], [-Werror])
+AX_CHECK_COMPILE_FLAG([-Wno-unused-but-set-variable],
+                      [WFLAGS_UNUSED_BUT_SET_VAR=-Wno-unused-but-set-variable],
+                      [WFLAGS_UNUSED_BUT_SET_VAR=], [-Werror])
+
+AC_SUBST([WFLAGS_ENUM_CONV])
  AC_SUBST([ASN1_COMPILE])
  AC_SUBST([ASN1_COMPILE_DEP])
  AC_SUBST([SLC])
@@ -128,6 +137,7 @@ rk_TEST_PACKAGE(openldap,
  [#include <lber.h>
  #include <ldap.h>],
  [-lldap -llber],,,OPENLDAP)
+AM_CONDITIONAL(OPENLDAP, test "$with_openldap" != "no")
  
  AC_ARG_ENABLE(hdb-openldap-module, 
         AS_HELP_STRING([--enable-hdb-openldap-module],
@@ -137,6 +147,11 @@ if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then
  fi
  AM_CONDITIONAL(OPENLDAP_MODULE, test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes)
  
+AC_ARG_ENABLE(asn1-templating, 
+       AS_HELP_STRING([--disable-asn1-templating],
+               [if you want disable to use of the ASN.1 templating compiler]))
+AM_CONDITIONAL(ASN1_TEMPLATING, test "x$enable_asn1_templating" != xno)
+
  dnl
  dnl Optional modules, pk-init, digest, kx509
  dnl
@@ -182,6 +197,61 @@ AM_CONDITIONAL([HAVE_CAPNG], [test "$with_capng" != "no"])
  AC_SUBST([CAPNG_CFLAGS])
  AC_SUBST([CAPNG_LIBS])
  
+dnl libmicrohttpd
+AC_ARG_WITH([microhttpd],
+  AC_HELP_STRING([--with-microhttpd], [use microhttpd to serve KDC REST API @<:@default=check@:>@]),
+  [],
+  [with_microhttpd=check])
+if test "$with_microhttpd" != "no"; then
+  PKG_CHECK_MODULES([MICROHTTPD], [libmicrohttpd >= 0.9.37],
+                   [with_microhttpd=yes],[with_microhttpd=no])
+fi
+if test "$with_microhttpd" = "yes"; then
+  AC_DEFINE_UNQUOTED([HAVE_MICROHTTPD], 1, [whether libmicrohttpd is available for KDC REST API])
+fi
+AM_CONDITIONAL([HAVE_MICROHTTPD], [test "$with_microhttpd" != "no"])
+AC_SUBST([MICROHTTPD_CFLAGS])
+AC_SUBST([MICROHTTPD_LIBS])
+
+dnl libcjwt
+AC_ARG_WITH([cjwt],
+  AC_HELP_STRING([--with-cjwt], [(Experimental) use cjwt to validate JWT tokens @<:@default=check@:>@]),
+  [],
+  [with_cjwt=check])
+if test "$with_cjwt" != "no"; then
+  PKG_CHECK_MODULES([CJWT], [libcjwt >= 1.0.0],
+                   [with_cjwt=yes],[with_cjwt=no])
+fi
+if test "$with_cjwt" = "yes"; then
+  AC_DEFINE_UNQUOTED([HAVE_CJWT], 1, [whether libcjwt is available for KDC REST API])
+fi
+AM_CONDITIONAL([HAVE_CJWT], [test "$with_cjwt" != "no"])
+AC_SUBST([CJWT_CFLAGS])
+AC_SUBST([CJWT_LIBS])
+
+dnl libcjson
+AC_ARG_WITH([cjson],
+  AC_HELP_STRING([--with-cjson], [(Experimental) use cJSON to extract private claims from JWT tokens @<:@default=check@:>@]),
+  [],
+  [with_cjson=check])
+if test "$with_cjson" != "no"; then
+  PKG_CHECK_MODULES([CJSON], [libcjson >= 1.0.0],
+                   [with_cjson=yes],[with_cjson=no])
+fi
+if test "$with_cjson" = "yes"; then
+  AC_DEFINE_UNQUOTED([HAVE_CJSON], 1, [whether libcjson is available for KDC REST API])
+fi
+AM_CONDITIONAL([HAVE_CJSON], [test "$with_cjson" != "no"])
+AC_SUBST([CJSON_CFLAGS])
+AC_SUBST([CJSON_LIBS])
+
+dnl mitkrb5
+AC_ARG_WITH([mitkrb5],
+  AC_HELP_STRING([--with-mitkrb5], [Path to MIT Kerberos for interop testing @<:@default=check@:>@]),
+  [],
+  [with_mikrb5=check])
+AM_CONDITIONAL([MITKRB5], [test "$with_mitkrb5" != "no"])
+
  dnl Check for sqlite
  rk_TEST_PACKAGE(sqlite3,
  [#include <sqlite3.h>
@@ -349,11 +419,13 @@ AC_CHECK_HEADERS([\
         fnmatch.h                               \
         inttypes.h                              \
         io.h                                    \
+       keyutils.h                              \
         libutil.h                               \
         limits.h                                \
         maillock.h                              \
         netgroup.h                              \
         netinet/in6_machtypes.h                 \
+       netinet/tcp.h                           \
         pthread.h                               \
         pty.h                                   \
         sac.h                                   \
@@ -362,6 +434,7 @@ AC_CHECK_HEADERS([\
         signal.h                                \
         strings.h                               \
         stropts.h                               \
+       stdatomic.h                             \
         sys/bitypes.h                           \
         sys/category.h                          \
         sys/file.h                              \
@@ -437,26 +510,34 @@ dnl export symbols
  rk_WIN32_EXPORT(BUILD_KRB5_LIB, KRB5_LIB)
  rk_WIN32_EXPORT(BUILD_ROKEN_LIB, ROKEN_LIB)
  rk_WIN32_EXPORT(BUILD_GSSAPI_LIB, GSSAPI_LIB)
+rk_WIN32_EXPORT(BUILD_KDC_LIB, KDC_LIB)
+
+dnl Deal with switch fallthrough warnings
+AH_TOP([
+#if defined(DISPATCH_FALLTHROUGH)
+# define HEIM_FALLTHROUGH DISPATCH_FALLTHROUGH
+#else
+# if defined(__GNUC__)
+#  if __GNUC__ >= 7
+#   define HEIM_FALLTHROUGH __attribute__((fallthrough))
+#  else
+#   define HEIM_FALLTHROUGH do {} while (0) /* fallthrough */
+#  endif
+# else
+#  define HEIM_FALLTHROUGH do {} while (0) /* fallthrough */
+# endif
+#endif
+])
  
  dnl Checks for libraries.
  
-AC_FIND_FUNC_NO_LIBS(logwtmp, util,[
-#ifdef HAVE_UTIL_H
-#include <util.h>
-#endif
-],[0,0,0])
-AC_FIND_FUNC_NO_LIBS(logout, util,[
-#ifdef HAVE_UTIL_H
-#include <util.h>
-#endif
-],[0])
  AC_FIND_FUNC_NO_LIBS(openpty, util,[
  #ifdef HAVE_UTIL_H
  #include <util.h>
  #endif
  ],[0,0,0,0,0])
  
-AC_FIND_FUNC_NO_LIBS(tgetent, termcap ncurses curses,[
+AC_FIND_FUNC_NO_LIBS(tgetent, termcap ncurses curses tinfo,[
  #ifdef HAVE_TERMCAP_H
  #include <termcap.h>
  #endif
@@ -468,7 +549,6 @@ AC_FIND_FUNC_NO_LIBS(tgetent, termcap ncurses curses,[
  dnl Checks for library functions.
  
  AC_CHECK_FUNCS([                               \
-       _getpty                                 \
         _scrsize                                \
         arc4random                              \
         backtrace                               \
@@ -481,31 +561,17 @@ AC_CHECK_FUNCS([                          \
         getresgid                               \
         getresuid                               \
         grantpt                                 \
-       kill                                    \
-       mktime                                  \
-       ptsname                                 \
+       ptsname_r                               \
         rand                                    \
-       revoke                                  \
-       select                                  \
         setitimer                               \
-       setpcred                                \
-       setpgid                                 \
-       setproctitle                            \
         setregid                                \
         setresgid                               \
         setresuid                               \
         setreuid                                \
         setsid                                  \
-       setutent                                \
         sigaction                               \
-       strstr                                  \
-       ttyname                                 \
-       ttyslot                                 \
-       umask                                   \
         unlockpt                                \
-       vhangup                                 \
         waitpid                                 \
-       yp_get_default_domain                   \
  ])
  
  AC_MSG_CHECKING([checking for __sync_add_and_fetch])
@@ -519,10 +585,10 @@ AC_MSG_RESULT($ac_rk_have___sync_add_and_fetch)
  
  AC_FUNC_MMAP
  
-KRB_CAPABILITIES
  rk_DLADDR
  
  AC_CHECK_GETPWNAM_R_POSIX
+AC_CHECK_GETPWUID_R_POSIX
  
  dnl detect doors on solaris
  if test "$enable_pthread_support" != no; then
@@ -547,12 +613,38 @@ if test "$enable_kcm" = yes; then
  fi
  AM_CONDITIONAL(KCM, test "$enable_kcm" = yes)
  
+dnl detect keyring on Linux
+if test "$ac_cv_header_keyutils_h" = yes; then
+    AC_CHECK_SIZEOF([key_serial_t],,[
+       #ifdef HAVE_INTTYPES_H
+       #include <inttypes.h>
+       #endif
+       #ifdef HAVE_SYS_TYPES_H
+       #include <sys/types.h>
+       #endif
+       #include <keyutils.h>
+    ])
+fi
  
+AC_FIND_FUNC_NO_LIBS(add_key, keyutils)
+if test -n "$LIB_add_key"; then
+    saved_LIBS="$LIBS"
+    LIBS="$LIBS $LIB_add_key"
+    AC_CHECK_FUNCS(keyctl_get_persistent)
+    LIBS="$saved_LIBS"
+fi
+AM_CONDITIONAL(HAVE_KEYUTILS, test "$ac_cv_func_keyctl_get_persistent" = yes)
  
-dnl Cray stuff
-AC_CHECK_FUNCS(getudbnam setlim)
+AC_CHECK_SIZEOF([time_t])
+
+AX_CHECK_SIGN([time_t],
+  [ AC_DEFINE(TIME_T_SIGNED, 1, [Define if time_t is signed]) ],
+  [ AC_DEFINE(TIME_T_UNSIGNED, 1, [Define if time_t is unsigned]) ], [
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+])
  
-dnl AC_KRB_FUNC_GETCWD_BROKEN
  
  AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t, 
         u_int8_t, u_int16_t, u_int32_t, u_int64_t,
@@ -630,6 +722,7 @@ AC_CONFIG_FILES(Makefile            \
         lib/sqlite/Makefile             \
         lib/vers/Makefile               \
         lib/wind/Makefile               \
+       lib/gss_preauth/Makefile        \
         po/Makefile                     \
         kuser/Makefile                  \
         kpasswd/Makefile                \
@@ -642,7 +735,6 @@ AC_CONFIG_FILES(Makefile            \
         appl/dbutils/Makefile           \
         appl/gssmask/Makefile           \
         appl/otp/Makefile               \
-       appl/su/Makefile                \
         appl/test/Makefile              \
         appl/kf/Makefile                \
         appl/dceutils/Makefile          \
@@ -713,12 +805,13 @@ else
              User=${USER:-${LOGNAME:-`id -nu`}}
          fi
          if test -d "$srcdir/.git"; then
-            GitCommit=`git rev-parse HEAD`
-            GitBranch=`git rev-parse --abbrev-ref HEAD`
+            GitCommit=`cd $srcdir && git rev-parse HEAD`
+            GitBranch=`cd $srcdir && git rev-parse --abbrev-ref HEAD`
              if test "x$GitBranch" = master; then
-                GitDesc=`git describe --all --dirty`
+                GitDesc=`cd $srcdir && git describe --all --dirty`
              else
-                GitDesc=`git describe --tags --match 'heimdal-*' --dirty`
+                GitDesc=`cd $srcdir && \
+                        git describe --tags --match 'heimdal-*' --dirty`
              fi
          else
              GitCommit='<commit-unknown>'