Update Cyrus SASL detection to always look for <sasl.h> regardless

of version and then try -lsasl2 and -lsasl.  Make SASL code
conditional on SASL_VERSION_MAJOR, not HAVE_CYRUS_SASL.

aclocal.m4

@@ -25,44 +25,6 @@ dnl
 divert(-1)
 builtin(include, build/openldap.m4)dnl
 
-
-AC_DEFUN(AC_PROG_SHTOOL,[dnl
-AC_PREREQ(2.13)dnl
-AC_MSG_CHECKING([for GNU shtool])
-AC_CACHE_VAL(ac_cv_shtool,[dnl
-#   canonicalize and split path string
-ac_paths="`echo .:$ac_aux_dir:$PATH |\
-           sed -e 's%/*:%:%g' -e 's%/*$%%' \
-               -e 's/^:/.:/' -e 's/::/:.:/g' -e 's/:$/:./' \
-               -e 's/:/ /g'`"
-#   iterate over $PATH but prefer CWD
-ac_cv_shtool=""
-for ac_path in $ac_paths; do
-    if test -f "$ac_path/shtool" && test ! -d "$ac_path/shtool"; then
-        ac_cv_shtool="$ac_path/shtool"
-        break
-    fi
-done
-#   check for existance
-if test ".$ac_cv_shtool" = .; then
-    AC_MSG_ERROR([no shtool found in .:$PATH])
-fi
-#   check deeper
-ac_rc=`($ac_cv_shtool --version) </dev/null 2>/dev/null | grep 'GNU shtool'`
-if test ".$ac_rc" = .; then
-    ac_cv_shtool="${CONFIG_SHELL-/bin/sh} $ac_cv_shtool"
-    ac_rc=`($ac_cv_shtool --version) </dev/null 2>/dev/null | grep 'GNU shtool'`
-    if test ".$ac_rc" = .; then
-        AC_MSG_ERROR([$ac_cv_shtool seems not to be GNU shtool])
-    fi
-fi
-])dnl
-AC_MSG_RESULT([$ac_cv_shtool])
-SHTOOL="$ac_cv_shtool"
-AC_SUBST(SHTOOL)
-])
-
-
 # Do all the work for Automake.  This macro actually does too much --
 # some checks are only needed if your package does certain things.
 # But this isn't really a big deal.

configure.in

@@ -616,12 +616,6 @@ AC_LIBTOOL_DLOPEN
 AC_PROG_LIBTOOL
 
 AC_PROG_AWK
-OL_PROG_LN_H
-AC_PROG_LN_S
-
-if test "$LN_H" = "cp" -a "$LN_S" = "ln"; then
-	LN_S="$LN_H"
-fi
 
 AC_PATH_PROG(SENDMAIL, sendmail, /usr/lib/sendmail,
 	$PATH:/usr/libexec:/usr/lib:/usr/sbin:/usr/etc:/etc)
@@ -2114,33 +2108,16 @@ dnl ----------------------------------------------------------------
 dnl
 dnl Check for Cyrus SASL
 dnl
-dnl HAVE_CYRUS_SASL2 implicitly defines HAVE_CYRUS_SASL
 ol_link_sasl=no
 ol_link_spasswd=no
 if test $ol_with_cyrus_sasl != no ; then
-	AC_CHECK_HEADERS(sasl/sasl.h)
+	AC_CHECK_HEADERS(sasl.h)
 
-	if test $ac_cv_header_sasl_sasl_h = yes ; then
+	if test $ac_cv_header_sasl_h ; then
 		AC_CHECK_LIB(sasl2, sasl_client_init,
-			[have_cyrus_sasl2=yes], [have_cyrus_sasl2=no])
-
-		if test $have_cyrus_sasl2 != no ; then
-			SASL_LIBS="-lsasl2"
-			AC_DEFINE(HAVE_CYRUS_SASL2,1,[define if you have Cyrus SASL v2])
-			ol_link_sasl=yes
-		fi
-	else
-		AC_CHECK_HEADERS(sasl.h)
-
-		if test $ac_cv_header_sasl_h = yes ; then
-			AC_CHECK_LIB(sasl, sasl_client_init,
-				[have_cyrus_sasl=yes], [have_cyrus_sasl=no])
-
-			if test $have_cyrus_sasl != no ; then
-				SASL_LIBS="-lsasl"
-				ol_link_sasl=yes
-			fi
-		fi
+			[ol_link_sasl="-lsasl2"],
+			[AC_CHECK_LIB(sasl, sasl_client_init,
+				[ol_link_sasl="-lsasl"])])
 	fi
 
 	if test $ol_link_sasl = no ; then
@@ -2155,6 +2132,7 @@ if test $ol_with_cyrus_sasl != no ; then
 		fi
 	else
 		AC_DEFINE(HAVE_CYRUS_SASL,1,[define if you have Cyrus SASL])
+		SASL_LIBS="$ol_link_sasl"
 		if test $ol_enable_spasswd != no ; then
 			ol_link_spasswd=yes
 		fi

libraries/libldap/cyrus.c

@@ -23,11 +23,11 @@
 ldap_pvt_thread_mutex_t ldap_int_sasl_mutex;
 #endif
 
-#ifdef HAVE_CYRUS_SASL2
-#include <sasl/sasl.h>
+#include <sasl.h>
+
+#if SASL_VERSION_MAJOR >= 2
 #define SASL_CONST const
 #else
-#include <sasl.h>
 #define SASL_CONST
 #endif
 
@@ -125,7 +125,7 @@ sb_sasl_remove( Sockbuf_IO_Desc *sbiod )
 	assert( sbiod != NULL );
 	
 	p = (struct sb_sasl_data *)sbiod->sbiod_pvt;
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	/*
 	 * SASLv2 encode/decode buffers are managed by
 	 * libsasl2. Ensure they are not freed by liblber.
@@ -207,7 +207,7 @@ sb_sasl_read( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 	if ( len == 0 )
 		return bufptr;
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	ber_pvt_sb_buf_init( &p->buf_in );
 #else
 	ber_pvt_sb_buf_destroy( &p->buf_in );
@@ -301,7 +301,7 @@ sb_sasl_write( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 	}
 
 	/* now encode the next packet. */
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	ber_pvt_sb_buf_init( &p->buf_out );
 #else
 	ber_pvt_sb_buf_destroy( &p->buf_out );
@@ -441,7 +441,7 @@ ldap_int_sasl_open(
 		return ld->ld_errno;
 	}
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	rc = sasl_client_new( "ldap", host, NULL, NULL,
 		session_callbacks, 0, &ctx );
 #else
@@ -461,7 +461,7 @@ ldap_int_sasl_open(
 	lc->lconn_sasl_ctx = ctx;
 
 	if( ssf ) {
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 		(void) sasl_setprop( ctx, SASL_SSF_EXTERNAL,
 			(void *) &ssf );
 #else
@@ -556,7 +556,7 @@ ldap_int_sasl_bind(
 	do {
 		saslrc = sasl_client_start( ctx,
 			mechs,
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
 			NULL,
 #endif
 			&prompts,
@@ -574,7 +574,7 @@ ldap_int_sasl_bind(
 			}
 		}
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 		/* XXX the application should free interact results. */
 		if ( prompts != NULL && prompts->result != NULL ) {
 			LDAP_FREE( (void *)prompts->result );
@@ -608,7 +608,7 @@ ldap_int_sasl_bind(
 		rc = ldap_sasl_bind_s( ld, dn, mech, &ccred, sctrls, cctrls, &scred );
 
 		if ( ccred.bv_val != NULL ) {
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
 			LDAP_FREE( ccred.bv_val );
 #endif
 			ccred.bv_val = NULL;
@@ -649,7 +649,7 @@ ldap_int_sasl_bind(
 			Debug( LDAP_DEBUG_TRACE, "sasl_client_start: %d\n",
 				saslrc, 0, 0 );
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 			/* XXX the application should free interact results. */
 			if ( prompts != NULL && prompts->result != NULL ) {
 				LDAP_FREE( (void *)prompts->result );
@@ -690,7 +690,7 @@ ldap_int_sasl_bind(
 			fprintf( stderr, "SASL username: %s\n", data );
 		}
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 		saslrc = sasl_getprop( ctx, SASL_DEFUSERREALM, (SASL_CONST void **) &data );
 #else
 		saslrc = sasl_getprop( ctx, SASL_REALM, (SASL_CONST void **) &data );
@@ -727,7 +727,7 @@ ldap_int_sasl_external(
 {
 	int sc;
 	sasl_conn_t *ctx;
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
 	sasl_external_properties_t extprops;
 #endif
 
@@ -737,7 +737,7 @@ ldap_int_sasl_external(
 		return LDAP_LOCAL_ERROR;
 	}
    
-#ifdef HAVE_CYRUS_SASL2 
+#if SASL_VERSION_MAJOR >= 2
 	sc = sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
 #else
 	memset( &extprops, '\0', sizeof(extprops) );
@@ -962,7 +962,7 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
 
 	case LDAP_OPT_X_SASL_SSF_EXTERNAL: {
 		int sc;
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
 		sasl_external_properties_t extprops;
 #endif
 		sasl_conn_t *ctx;
@@ -977,7 +977,7 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
 			return -1;
 		}
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 		sc = sasl_setprop( ctx, SASL_SSF_EXTERNAL, arg);
 #else
 		memset(&extprops, 0L, sizeof(extprops));

libraries/libldap/ldap-int.h

@@ -24,11 +24,7 @@
 
 #ifdef HAVE_CYRUS_SASL
 	/* the need for this should be removed */
-#ifdef HAVE_CYRUS_SASL2
-#include <sasl/sasl.h>
-#else
 #include <sasl.h>
-#endif
 
 #define SASL_MAX_BUFF_SIZE	65536
 #define SASL_MIN_BUFF_SIZE	4096

libraries/liblutil/sasl.c

@@ -13,11 +13,7 @@
 #include <ac/string.h>
 #include <ac/unistd.h>
 
-#ifdef HAVE_CYRUS_SASL2
-#include <sasl/sasl.h>
-#else
 #include <sasl.h>
-#endif
 
 #include <ldap.h>
 #include "lutil_ldap.h"

servers/slapd/sasl.c

@@ -17,12 +17,13 @@
 
 #ifdef HAVE_CYRUS_SASL
 #include <limits.h>
-#ifdef HAVE_CYRUS_SASL2
-#include <sasl/sasl.h>
+
+#include <sasl.h>
+
+#if SASL_VERSION_MAJOR >= 2
 #include <lutil.h>
 #define	SASL_CONST const
 #else
-#include <sasl.h>
 #define	SASL_CONST
 #endif
 
@@ -54,7 +55,7 @@ slap_sasl_log(
 	}
 
 	switch (priority) {
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	case SASL_LOG_NONE:
 		level = LDAP_DEBUG_NONE;
 		label = "None";
@@ -282,7 +283,7 @@ int slap_sasl_getdn( Connection *conn, char *id, char *user_realm, struct berval
 	return( LDAP_SUCCESS );
 }
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 static int
 slap_sasl_checkpass(
 	sasl_conn_t *sconn,
@@ -503,20 +504,6 @@ slap_sasl_authorize(
 		authzid ? authzid : "<empty>" );
 #endif
 
-	/* Figure out how much data we have for the dn */
-	rc = sasl_getprop( ctx, SASL_REALM, (void **)&realm );
-	if( rc != SASL_OK && rc != SASL_NOTDONE ) {
-#ifdef NEW_LOGGING
-		LDAP_LOG(( "sasl", LDAP_LEVEL_ERR,
-			"slap_sasl_authorize: getprop(REALM) failed.\n" ));
-#else
-		Debug(LDAP_DEBUG_TRACE,
-			"authorize: getprop(REALM) failed!\n", 0,0,0);
-#endif
-		*errstr = "Could not extract realm";
-		return SASL_NOAUTHZ;
-	}
-
 	/* Convert the identities to DN's. If no authzid was given, client will
 	   be bound as the DN matching their username */
 	rc = slap_sasl_getdn( conn, (char *)authcid, realm, &authcDN, FLAG_GETDN_AUTHCID );
@@ -579,7 +566,7 @@ slap_sasl_authorize(
 	*errstr = NULL;
 	return SASL_OK;
 }
-#endif /* HAVE_CYRUS_SASL2 */
+#endif /* SASL_VERSION_MAJOR >= 2 */
 
 static int
 slap_sasl_err2ldap( int saslerr )
@@ -689,7 +676,7 @@ int slap_sasl_destroy( void )
 int slap_sasl_open( Connection *conn )
 {
 	int sc = LDAP_SUCCESS;
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	char *ipremoteport = NULL, *iplocalport = NULL;
 #endif
 
@@ -703,7 +690,7 @@ int slap_sasl_open( Connection *conn )
 	conn->c_sasl_layers = 0;
 
 	session_callbacks =
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 		ch_calloc( 5, sizeof(sasl_callback_t));
 #else
 		ch_calloc( 3, sizeof(sasl_callback_t));
@@ -718,7 +705,7 @@ int slap_sasl_open( Connection *conn )
 	session_callbacks[1].proc = &slap_sasl_authorize;
 	session_callbacks[1].context = conn;
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	session_callbacks[2].id = SASL_CB_CANON_USER;
 	session_callbacks[2].proc = &slap_sasl_canonicalize;
 	session_callbacks[2].context = conn;
@@ -741,7 +728,7 @@ int slap_sasl_open( Connection *conn )
 	}
 
 	/* create new SASL context */
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 	if ( conn->c_sock_name.bv_len != 0 &&
 	     strncmp( conn->c_sock_name.bv_val, "IP=", 3 ) == 0) {
 		char *p;
@@ -819,7 +806,7 @@ int slap_sasl_external(
 	slap_ssf_t ssf,
 	const char *auth_id )
 {
-#if defined(HAVE_CYRUS_SASL2)
+#if SASL_VERSION_MAJOR >= 2
 	int sc;
 	sasl_conn_t *ctx = conn->c_sasl_context;
 
@@ -903,7 +890,7 @@ char ** slap_sasl_mechs( Connection *conn )
 
 		mechs = str2charray( mechstr, "," );
 
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
 		ch_free( mechstr );
 #endif
 	}
@@ -970,7 +957,7 @@ int slap_sasl_bind(
 		return rc;
 	}
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 #define	START( ctx, mech, cred, clen, resp, rlen, err ) \
 	sasl_server_start( ctx, mech, cred, clen, resp, rlen )
 #define	STEP( ctx, cred, clen, resp, rlen, err ) \
@@ -1001,7 +988,7 @@ int slap_sasl_bind(
 		char *username = NULL;
 		char *realm = NULL;
 
-#ifdef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR >= 2
 		sc = sasl_getprop( ctx, SASL_DEFUSERREALM, (const void **)&realm );
 #else
 		sc = sasl_getprop( ctx, SASL_REALM, (void **)&realm );
@@ -1056,7 +1043,7 @@ int slap_sasl_bind(
 			NULL, errstr, NULL, NULL );
 	}
 
-#ifndef HAVE_CYRUS_SASL2
+#if SASL_VERSION_MAJOR < 2
 	if( response.bv_len ) {
 		ch_free( response.bv_val );
 	}

servers/slapd/saslauthz.c

@@ -21,11 +21,7 @@
 
 #ifdef HAVE_CYRUS_SASL
 #include <limits.h>
-#ifdef HAVE_CYRUS_SASL2
-#include <sasl/sasl.h>
-#else
 #include <sasl.h>
-#endif
 #include <ldap_pvt.h>
 #endif