summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2014-07-16 21:43:30 +0200
committerJakub Hrozek <jhrozek@redhat.com>2014-09-02 10:39:24 +0200
commit8a5e793a0576250da80371e53aa3e7eba15cdb63 (patch)
tree5e0533d309ba63b9f317c57671430e4a79ca7953
parent8cfd1e0d696a573a92ef011a64317b9054f5c45f (diff)
downloadsssd-8a5e793a0576250da80371e53aa3e7eba15cdb63.tar.gz
sssd-8a5e793a0576250da80371e53aa3e7eba15cdb63.tar.xz
sssd-8a5e793a0576250da80371e53aa3e7eba15cdb63.zip
Add conditional build for MIT Kerberos localauth plugin
This patch adds everything what is needed to build the MIT Kerberos localauth plugin if the used version of MIT Kerberos supports it. It does not implement the plugin. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r--Makefile.am19
-rw-r--r--contrib/sssd.spec.in12
-rw-r--r--src/external/krb5.m415
-rw-r--r--src/krb5_plugin/sssd_krb5_localauth_plugin.c28
-rw-r--r--src/tests/dlopen-tests.c4
5 files changed, 78 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am
index 4c3dc35d2..64c017ea0 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -35,6 +35,9 @@ ldblibdir = @ldblibdir@
if BUILD_KRB5_LOCATOR_PLUGIN
krb5plugindir = @krb5pluginpath@
endif
+if BUILD_KRB5_LOCALAUTH_PLUGIN
+krb5localauth_plugindir = @appmodpath@
+endif
if BUILD_PAC_RESPONDER
krb5authdata_plugindir = @krb5authdatapluginpath@
endif
@@ -250,6 +253,11 @@ krb5plugin_LTLIBRARIES = \
sssd_krb5_locator_plugin.la
endif
+if BUILD_KRB5_LOCALAUTH_PLUGIN
+krb5localauth_plugin_LTLIBRARIES = \
+ sssd_krb5_localauth_plugin.la
+endif
+
if BUILD_PAC_RESPONDER
krb5authdata_plugin_LTLIBRARIES = \
sssd_pac_plugin.la
@@ -2475,6 +2483,17 @@ sssd_krb5_locator_plugin_la_LDFLAGS = \
-module
endif
+if BUILD_KRB5_LOCALAUTH_PLUGIN
+sssd_krb5_localauth_plugin_la_SOURCES = \
+ src/krb5_plugin/sssd_krb5_localauth_plugin.c
+sssd_krb5_localauth_plugin_la_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(KRB5_CFLAGS)
+sssd_krb5_localauth_plugin_la_LDFLAGS = \
+ -avoid-version \
+ -module
+endif
+
sssd_pac_plugin_la_SOURCES = \
src/sss_client/sssd_pac.c \
src/sss_client/common.c \
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 770a0c7d6..a566a5550 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -5,6 +5,7 @@
%global is_rhel5 %(%{__grep} -c "release 5" /etc/redhat-release)
%global rhel5_minor %(%{__grep} -o "5.[0-9]*" /etc/redhat-release |%{__sed} -s 's/5.//')
+%global rhel7_minor %(%{__grep} -o "7.[0-9]*" /etc/redhat-release |%{__sed} -s 's/7.//')
%if 0%{?is_rhel5} > 0
# we don't want to provide private python extension libs
@@ -48,6 +49,10 @@
%global with_cifs_utils_plugin_option --disable-cifs-idmap-plugin
%endif
+%if (0%{?fedora} >= 21 || (0%{?rhel} == 7 && 0%{?rhel7_minor} >= 1))
+ %global with_krb5_localauth_plugin 1
+%endif
+
Name: @PACKAGE_NAME@
Version: @PACKAGE_VERSION@
Release: 0@PRERELEASE_VERSION@%{?dist}
@@ -113,7 +118,11 @@ BuildRequires: pcre-devel
BuildRequires: libxslt
BuildRequires: libxml2
BuildRequires: docbook-style-xsl
+%if (0%{?with_krb5_localauth_plugin} == 1)
+BuildRequires: krb5-devel >= 1.12
+%else
BuildRequires: krb5-devel
+%endif
BuildRequires: c-ares-devel
BuildRequires: python-devel
BuildRequires: check-devel
@@ -746,6 +755,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/cifs-utils/cifs_idmap_sss.so
%ghost %{_sysconfdir}/cifs-utils/idmap-plugin
%endif
+%if (0%{?with_krb5_localauth_plugin} == 1)
+%{_libdir}/%{name}/modules/sssd_krb5_localauth_plugin.so
+%endif
%{_mandir}/man8/pam_sss.8*
%{_mandir}/man8/sssd_krb5_locator_plugin.8*
diff --git a/src/external/krb5.m4 b/src/external/krb5.m4
index 861c8c9fd..90b4a2583 100644
--- a/src/external/krb5.m4
+++ b/src/external/krb5.m4
@@ -96,5 +96,20 @@ AM_CONDITIONAL([BUILD_KRB5_LOCATOR_PLUGIN],
AM_COND_IF([BUILD_KRB5_LOCATOR_PLUGIN],
[AC_DEFINE_UNQUOTED(HAVE_KRB5_LOCATOR_PLUGIN, 1, [Build with krb5 locator plugin])])
+AC_CHECK_HEADER([krb5/localauth_plugin.h],
+ [have_localauth_plugin=yes],
+ [have_localauth_plugin=no]
+ [AC_MSG_NOTICE([Kerberos localauth plugin cannot be built])],
+ [ #ifdef HAVE_KRB5_KRB5_H
+ #include <krb5/krb5.h>
+ #else
+ #include <krb5.h>
+ #endif
+ ])
+AM_CONDITIONAL([BUILD_KRB5_LOCALAUTH_PLUGIN],
+ [test x$have_localauth_plugin = xyes])
+AM_COND_IF([BUILD_KRB5_LOCALAUTH_PLUGIN],
+ [AC_DEFINE_UNQUOTED(HAVE_KRB5_LOCALAUTH_PLUGIN, 1, [Build with krb5 localauth plugin])])
+
CFLAGS=$SAVE_CFLAGS
LIBS=$SAVE_LIBS
diff --git a/src/krb5_plugin/sssd_krb5_localauth_plugin.c b/src/krb5_plugin/sssd_krb5_localauth_plugin.c
new file mode 100644
index 000000000..93fbbc295
--- /dev/null
+++ b/src/krb5_plugin/sssd_krb5_localauth_plugin.c
@@ -0,0 +1,28 @@
+/*
+ Authors:
+ Sumit Bose <sbose@redhat.com>
+
+ Copyright (C) 2014 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <krb5/localauth_plugin.h>
+
+krb5_error_code
+localauth_sssd_initvt(krb5_context context, int maj_ver, int min_ver,
+ krb5_plugin_vtable vtable)
+{
+ return KRB5_PLUGIN_VER_NOTSUPP;
+}
diff --git a/src/tests/dlopen-tests.c b/src/tests/dlopen-tests.c
index 52d9c02e1..5eb1ed685 100644
--- a/src/tests/dlopen-tests.c
+++ b/src/tests/dlopen-tests.c
@@ -57,6 +57,10 @@ struct so {
{ "sssd_krb5_locator_plugin.so", { LIBPFX"sssd_krb5_locator_plugin.so",
NULL } },
#endif
+#ifdef HAVE_KRB5_LOCALAUTH_PLUGIN
+ { "sssd_krb5_localauth_plugin.so", { LIBPFX"sssd_krb5_localauth_plugin.so",
+ NULL } },
+#endif
#ifdef HAVE_PAC_RESPONDER
{ "sssd_pac_plugin.so", { LIBPFX"sssd_pac_plugin.so", NULL } },
#endif