diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2011-04-24 16:32:12 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-04-27 11:47:24 -0400 |
| commit | 9ea75b5ccc838b41edf157682854f9cd4b88b3e5 (patch) | |
| tree | 5b2b8c357657129e57c68fe504bbe538742de736 | |
| parent | 172c07013d1ea99447a780fd36f49d5c3a76981b (diff) | |
| download | sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.tar.gz sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.tar.xz sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.zip | |
Warn that some crypto features are implemented in NSS only
| -rw-r--r-- | BUILD.txt | 7 | ||||
| -rw-r--r-- | configure.ac | 2 |
2 files changed, 9 insertions, 0 deletions
@@ -33,6 +33,13 @@ ding-libs are available in Fedora 14 and later version: yum install libcollection-devel libdhash-devel libini_config-devel \ libpath_utils-devel libref_array-devel +Some features, notably password caching, require the presence of a crypto +library. The default, tested by SSSD upstream, is Mozilla NSS. An alternative +crypto library can be selected during configure time using the --with-crypto +switch. Please note that alternative crypto back ends may not provide all +features - as of this writing, password obfuscation is only supported with the +NSS back end. + How to build: ~~~~~~~~~~~~~ From the root of the source, run: diff --git a/configure.ac b/configure.ac index f88846648..d71578ddb 100644 --- a/configure.ac +++ b/configure.ac @@ -181,6 +181,8 @@ if test x$cryptolib = xnss; then fi if test x$cryptolib = xlibcrypto; then AM_CHECK_LIBCRYPTO + AC_MSG_WARN([libcrypto back end does not implement all the crypto features, \ +notably password obfuscation. Using the NSS backend is recommended.]) fi AC_CHECK_HEADERS([sys/inotify.h]) |