Linux: control usage of Kerberos via use_kerberos gyp flag

net/net.gyp

Index: net/net.gyp
diff --git a/net/net.gyp b/net/net.gyp
index 9a65bf70dbe46f4af65c4452f23a5b43c69a0965..b22a5f9e08e3595458651d6f911d481c211a4f2b 100644
--- a/net/net.gyp
+++ b/net/net.gyp
@@ -5,6 +5,8 @@
 {
   'variables': {
     'chromium_code': 1,
+
+    'use_kerberos%': 1,

[wtc, 2011/08/12 17:21:51]

Should we remove the blank line?

What does the '%' character mean?

[Paweł Hajdan Jr., 2011/08/12 18:14:42]

Not sure, use_kerberos is quite different from chromium_code, so I wanted the
layout to indicate another "group". If you prefer, I can remove that empty line
of course.
% means default value. use_kerberos is meant to be overridden from command line,
chromium_code isn't.

   },
   'targets': [
     {
@@ -700,6 +702,23 @@
              'proxy/proxy_config_service_linux.h',
           ],
         }],
+        ['use_kerberos==1', {
+          'defines': [
+            'USE_KERBEROS',
+          ],
+          'direct_dependent_settings': {
+            'defines': [
+              'USE_KERBEROS',
+            ],
+          },

[wtc, 2011/08/12 17:21:51]

It seems that a direct dependent should not need to know
whether the net module is compiled with -DUSE_KERBEROS or
not.

[cbentzel, 2011/08/12 17:59:06]

Is this for net_unittests? 

[Paweł Hajdan Jr., 2011/08/12 18:14:42]

Yes, it's for net_unittests. Of course I could duplicate the define[] logic in
net_unittests target, but I'm not sure if that's the best idea.

Actually it makes sens for clients of net/ to know whether it supports Kerberos.

[cbentzel, 2011/08/12 18:20:13]

Beyond net_unittests I do not agree. I suppose some could try to create an
HttpAuthHandlerNegotiate, but I believe that the external API is
HttpAuthHandlerFactory::CreateDefault which is most used.

[Paweł Hajdan Jr., 2011/08/12 18:24:15]

Do you want me to duplicate define: ['USE_KERBEROS'] for net_unittests? I can do
that, just note that _every_ other case I know about uses
direct_dependent_settings.

[cbentzel, 2011/08/14 13:04:57]

I'd prefer to duplicate it in net_unittests. If other dependents end up needing
it, then keep it as direct_dependent_settings.

[Paweł Hajdan Jr., 2011/08/15 17:07:53]

Done.

+        }, { # use_kerberos == 0
+          'sources!': [
+            'http/http_auth_gssapi_posix.cc',
+            'http/http_auth_gssapi_posix.h',
+            'http/http_auth_handler_negotiate.h',
+            'http/http_auth_handler_negotiate.cc',
+          ],
+        }],
         ['use_openssl==1', {
             'sources!': [
               'base/cert_database_nss.cc',
@@ -1069,6 +1088,14 @@
             }],
           ],
         }],
+        [ 'use_kerberos==0', {
+          'sources!': [
+            'http/http_auth_gssapi_posix_unittest.cc',
+            'http/http_auth_handler_negotiate_unittest.cc',
+            'http/mock_gssapi_library_posix.cc',
+            'http/mock_gssapi_library_posix.h',

[cbentzel, 2011/08/12 17:59:06]

There are a number of Negotiate-oriented tests in
http/http_auth_sspi_win_unittest.cc

If there is a way to restrict use_kerberos==0 to only be valid for Linux via
GYP, that seems completely fine. 

+          ],
+        }],
         [ 'use_openssl==1', {
             # When building for OpenSSL, we need to exclude NSS specific tests.
             # TODO(bulach): Add equivalent tests when the underlying