squid-cache · yadij · Feb 27, 2024 · rousskov · Mar 5, 2024 · yadij
diff --git a/acinclude/ldap.m4 b/acinclude/ldap.m4
@@ -12,11 +12,9 @@ AC_DEFUN([SQUID_LDAP_TEST],[
     LIBS="$LIBLDAP_PATH $LIBLDAP_LIBS $LIBPTHREADS"
     CPPFLAGS="-DLDAP_DEPRECATED=1 -DLDAP_REFERRALS $CPPFLAGS"
     AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#       if HAVE_LDAP_H
-#       include <ldap.h>
-#       elif HAVE_MOZLDAP_LDAP_H
-#       include <mozldap/ldap.h>
-#       endif
+#if HAVE_LDAP_H
+#include <ldap.h>
+#endif
       ]],[[$2]])
     ],[
       squid_cv_$1=1
@@ -37,12 +35,12 @@ AC_DEFUN([SQUID_LDAP_TEST_RUN],[
     LIBS="$LIBLDAP_PATH $LIBLDAP_LIBS $LIBPTHREADS"
     CPPFLAGS="-DLDAP_DEPRECATED=1 -DLDAP_REFERRALS $CPPFLAGS"
     AC_RUN_IFELSE([AC_LANG_PROGRAM([[
-#       if HAVE_LDAP_H
-#       include <ldap.h>
-#       elif HAVE_MOZLDAP_LDAP_H
-#       include <mozldap/ldap.h>
-#       endif
-#       include <string.h>
+#if HAVE_LDAP_H
+#include <ldap.h>
+#endif
+#if HAVE_STRING_H
+#include <string.h>
+#endif
       ]],[[$2]])
     ],[
       m4_translit([squid_cv_$1],[-+. ],[____])=1
@@ -61,7 +59,6 @@ dnl find the LDAP library vendor and define relevant HAVE_(vendor name) macro
 AC_DEFUN([SQUID_LDAP_CHECK_VENDOR],[
   SQUID_LDAP_TEST_RUN([OpenLDAP],[return strcmp(LDAP_VENDOR_NAME,"OpenLDAP")])
   SQUID_LDAP_TEST_RUN([Sun LDAP SDK],[return strcmp(LDAP_VENDOR_NAME,"Sun Microsystems Inc.")])
-  SQUID_LDAP_TEST_RUN([Mozilla LDAP SDK],[return strcmp(LDAP_VENDOR_NAME,"mozilla.org")])
 ])
 
 dnl check whether the LDAP library(s) provide the needed API and types
@@ -99,5 +96,4 @@ AC_DEFUN([SQUID_CHECK_LDAP_API],[
   AC_SEARCH_LIBS([ldap_start_tls_s],[$LIBLDAP_NAMES],[
     AC_DEFINE(HAVE_LDAP_START_TLS_S,1,[Define to 1 if you have ldap_start_tls_s])
   ])
-  SQUID_STATE_ROLLBACK(squid_ldap_state)
 ])
diff --git a/configure.ac b/configure.ac
@@ -1219,33 +1219,19 @@ SQUID_CHECK_LIB_WORKS(gss,[
 ])
 
 SQUID_AUTO_LIB(ldap,[LDAP],[LIBLDAP])
+dnl On MinGW set Windows LDAP libraries using -lwldap32
+AS_IF([test "x$with_ldap" != "xno" -a "$squid_host_os" = "mingw"],[
+  LIBLDAP_LIBS="$LIBLDAP_LIBS -lwldap32"
+])
 SQUID_CHECK_LIB_WORKS(ldap,[
-  dnl On MinGW OpenLDAP is not available, so LDAP helpers can be linked
-  dnl only with Windows LDAP libraries using -lwldap32
-  AS_IF([test "$squid_host_os" = "mingw"],[
-    LIBLDAP_LIBS="-lwldap32"
-  ],[
-    SQUID_STATE_SAVE(squid_ldap_state)
-    LIBS="$LIBLDAP_PATH $LIBPTHREADS $LIBS"
-    PKG_CHECK_MODULES([LIBLDAP],[ldap],[],[
-      AC_CHECK_LIB(lber, ber_init, [LIBLBER="-llber"])
-      AC_CHECK_LIB(ldap, ldap_init, [LIBLDAP_LIBS="-lldap $LIBLBER"])
-      dnl if no ldap lib found check for mozilla version
-      AS_IF([test "x$ac_cv_lib_ldap_ldap_init" != "xyes"],[
-        SQUID_STATE_SAVE(squid_ldap_mozilla)
-        LIBS="$LIBLDAP_PATH $LIBPTHREADS"
-        AC_CHECK_LIB(ldap60, ldap_init, [LIBLDAP_LIBS="-lldap60 $LIBLBER"])
-        LIBS="$LIBLDAP_PATH $LIBLDAP_LIBS $LIBPTHREADS"
-        AC_CHECK_LIB(prldap60, prldap_init, [LIBLDAP_LIBS="-lprldap60 $LIBLDAP_LIBS"])
-        LIBS="$LIBLDAP_PATH $LIBLDAP_LIBS $LIBPTHREADS"
-        AC_CHECK_LIB(ssldap60, ldapssl_init, [LIBLDAP_LIBS="-lssldap60 $LIBLDAP_LIBS"])
-        SQUID_STATE_ROLLBACK(squid_ldap_mozilla)
-      ])
-    ])
-    AC_CHECK_HEADERS(ldap.h lber.h)
-    AC_CHECK_HEADERS(mozldap/ldap.h)
+  SQUID_STATE_SAVE(squid_ldap_state)
+  LIBS="$LIBLDAP_PATH $LIBPTHREADS $LIBS"
+  PKG_CHECK_MODULES([LIBLDAP],[ldap],[:],[:])
+  AS_IF([test "x$LIBLDAP_LIBS" != "x"],[
+    AC_CHECK_HEADERS(ldap.h lber.h winldap.h)
     SQUID_CHECK_LDAP_API
   ])
+  SQUID_STATE_ROLLBACK(squid_ldap_state)
 ])
 
 SQUID_AUTO_LIB(systemd,[systemd API for start-up notification],[LIBSYSTEMD])

diff --git a/doc/manuals/manuals.pot b/doc/manuals/manuals.pot
@@ -772,7 +772,7 @@ msgstr ""
 #: src/acl/external/kerberos_ldap_group/ext_kerberos_ldap_group_acl.8:80
 msgid ""
 "The SSL certificate database can be set via the environment variable "
-"SSL_CERTDBPATH (default /etc/certs) (Sun and Mozilla LDAP SDK)."
+"SSL_CERTDBPATH (default /etc/certs) (Sun LDAP SDK)."
 msgstr ""
 
 #. type: Plain text

diff --git a/doc/release-notes/release-7.sgml.in b/doc/release-notes/release-7.sgml.in
@@ -209,6 +209,9 @@ This section gives an account of those changes in three categories:
 	<p>The ESI feature is now disabled by default.
 	   Use <em>--enable-esi</em> if needed.
 
+	<tag>--with-ldap</tag>
+	<p>No longer builds with Mozilla LDAP SDK.
+
 </descrip>
 </p>
 

diff --git a/src/acl/external/LDAP_group/required.m4 b/src/acl/external/LDAP_group/required.m4
@@ -5,4 +5,4 @@
 ## Please see the COPYING and CONTRIBUTORS files for details.
 ##
 
-AC_CHECK_HEADERS([ldap.h winldap.h],[BUILD_HELPER="LDAP_group"])
+AS_IF([test "x$LIBLDAP_LIBS" != "x"],[BUILD_HELPER="LDAP_group"])
diff --git a/src/acl/external/eDirectory_userip/required.m4 b/src/acl/external/eDirectory_userip/required.m4
@@ -5,4 +5,4 @@
 ## Please see the COPYING and CONTRIBUTORS files for details.
 ##
 
-AC_CHECK_HEADERS([ldap.h winldap.h],[BUILD_HELPER="eDirectory_userip"])
+AS_IF([test "x$LIBLDAP_LIBS" != "x"],[BUILD_HELPER="eDirectory_userip"])
diff --git a/src/acl/external/kerberos_ldap_group/ext_kerberos_ldap_group_acl.8 b/src/acl/external/kerberos_ldap_group/ext_kerberos_ldap_group_acl.8
@@ -76,7 +76,7 @@ Use SSL for the LDAP connection.
 .IP
 The CA certificate file can be set via the environment variable TLS_CACERTFILE (default /etc/ssl/certs/cert.pem) (OpenLDAP).
 .IP
-The SSL certificate database can be set via the environment variable SSL_CERTDBPATH (default /etc/certs) (Sun and Mozilla LDAP SDK).
+The SSL certificate database can be set via the environment variable SSL_CERTDBPATH (default /etc/certs) (Sun LDAP SDK).
 .if !'po4a'hide' .TP 12
 .if !'po4a'hide' .B \-a
 Allow SSL without certificate verification.

diff --git a/src/acl/external/kerberos_ldap_group/support.h b/src/acl/external/kerberos_ldap_group/support.h
@@ -51,9 +51,6 @@
 #if HAVE_LDAP_H
 #include <ldap.h>
 #endif
-#if HAVE_MOZLDAP_LDAP_H
-#include <mozldap/ldap.h>
-#endif
 
 struct gdstruct {
     char *group;

diff --git a/src/acl/external/kerberos_ldap_group/support_ldap.cc b/src/acl/external/kerberos_ldap_group/support_ldap.cc
@@ -82,7 +82,8 @@ size_t get_bin_attributes(LDAP * ld, LDAPMessage * res,
 int search_group_tree(struct main_args *margs, LDAP * ld, char *bindp,
                       char *ldap_group, char *group, int depth);
 
-#if HAVE_SUN_LDAP_SDK || HAVE_MOZILLA_LDAP_SDK
+#if HAVE_SUN_LDAP_SDK
+
 #if HAVE_LDAP_REBINDPROC_CALLBACK
 
 #if HAVE_SASL_H || HAVE_SASL_SASL_H || HAVE_SASL_DARWIN

diff --git a/src/auth/basic/LDAP/required.m4 b/src/auth/basic/LDAP/required.m4
@@ -5,4 +5,4 @@
 ## Please see the COPYING and CONTRIBUTORS files for details.
 ##
 
-AC_CHECK_HEADERS([ldap.h winldap.h],[BUILD_HELPER="LDAP"])
+AS_IF([test "x$LIBLDAP_LIBS" != "x"],[BUILD_HELPER="LDAP"])
diff --git a/src/auth/digest/eDirectory/required.m4 b/src/auth/digest/eDirectory/required.m4
@@ -5,4 +5,4 @@
 ## Please see the COPYING and CONTRIBUTORS files for details.
 ##
 
-AC_CHECK_HEADERS([ldap.h winldap.h],[BUILD_HELPER="eDirectory"])
+AS_IF([test "x$LIBLDAP_LIBS" != "x"],[BUILD_HELPER="eDirectory"])