summaryrefslogtreecommitdiffstats
path: root/Makefile.am
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2017-02-02 11:24:02 +0100
committerJakub Hrozek <jhrozek@redhat.com>2017-03-23 17:18:35 +0100
commitdb36dca3d45e6eefbb30042ee65876566f1a6014 (patch)
tree49d8aa07be577934fe557c091d45feb04d1c6e39 /Makefile.am
parent8b7548f65a0d812a47d26895671ec6f01b6813c1 (diff)
downloadsssd-db36dca3d45e6eefbb30042ee65876566f1a6014.tar.gz
sssd-db36dca3d45e6eefbb30042ee65876566f1a6014.tar.xz
sssd-db36dca3d45e6eefbb30042ee65876566f1a6014.zip
certmap: add new library libsss_certmap
With this library it would be possible to map certificates and users not only by adding the full certificate to the user's LDAP object but by adding e.g. only parts like the issuer and subject name. Additionally the library is also able to flexible select/match certificates based on values in the certificate. Details about mapping and matching rules can be found in the included man page. Related to https://pagure.io/SSSD/sssd/issue/3050 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'Makefile.am')
-rw-r--r--Makefile.am55
1 files changed, 55 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am
index 6dae4f2dd..8ca12c10d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -278,6 +278,7 @@ if HAVE_CMOCKA
simple-access-tests \
krb5_common_test \
test_iobuf \
+ sss_certmap_test \
$(NULL)
if HAVE_LIBRESOLV
@@ -1074,6 +1075,7 @@ SSSD_INTERNAL_LTLIBS = \
lib_LTLIBRARIES = libipa_hbac.la \
libsss_idmap.la \
libsss_nss_idmap.la \
+ libsss_certmap.la \
$(NULL)
pkgconfig_DATA += src/lib/ipa_hbac/ipa_hbac.pc
@@ -1128,6 +1130,7 @@ include_HEADERS = \
src/lib/ipa_hbac/ipa_hbac.h \
src/lib/idmap/sss_idmap.h \
src/sss_client/idmap/sss_nss_idmap.h \
+ src/lib/certmap/sss_certmap.h \
$(NULL)
if BUILD_LIBWBCLIENT
@@ -1712,6 +1715,38 @@ sssd_check_socket_activated_responders_LDADD = \
$(NULL)
endif
+if HAVE_NSS
+pkgconfig_DATA += src/lib/certmap/sss_certmap.pc
+libsss_certmap_la_DEPENDENCIES = src/lib/certmap/sss_certmap.exports
+libsss_certmap_la_SOURCES = \
+ src/lib/certmap/sss_certmap.c \
+ src/lib/certmap/sss_certmap_attr_names.c \
+ src/lib/certmap/sss_cert_content_nss.c \
+ src/lib/certmap/sss_certmap_krb5_match.c \
+ src/lib/certmap/sss_certmap_ldap_mapping.c \
+ src/util/util_ext.c \
+ src/util/cert/cert_common.c \
+ src/util/crypto/nss/nss_base64.c \
+ src/util/cert/nss/cert.c \
+ src/util/crypto/nss/nss_util.c \
+ $(NULL)
+libsss_certmap_la_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(TALLOC_CFLAGS) \
+ $(NSS_CFLAGS) \
+ $(NULL)
+libsss_certmap_la_LIBADD = \
+ $(TALLOC_LIBS) \
+ $(NSS_LIBS) \
+ $(NULL)
+libsss_certmap_la_LDFLAGS = \
+ -Wl,--version-script,$(srcdir)/src/lib/certmap/sss_certmap.exports \
+ -version-info 0:0:0
+
+dist_noinst_DATA += src/lib/certmap/sss_certmap.exports
+dist_noinst_HEADERS += src/lib/certmap/sss_certmap_int.h
+endif
+
#################
# Feature Tests #
#################
@@ -3245,6 +3280,25 @@ test_inotify_LDADD = \
libsss_test_common.la \
$(NULL)
+if HAVE_NSS
+sss_certmap_test_SOURCES = \
+ src/tests/cmocka/test_certmap.c \
+ src/lib/certmap/sss_certmap_attr_names.c \
+ $(NULL)
+sss_certmap_test_CFLAGS = \
+ $(AM_CFLAGS) \
+ $(NSS_CFLAGS) \
+ $(NULL)
+sss_certmap_test_LDADD = \
+ $(CMOCKA_LIBS) \
+ $(POPT_LIBS) \
+ $(TALLOC_LIBS) \
+ $(NSS_LIBS) \
+ $(SSSD_INTERNAL_LTLIBS) \
+ libsss_test_common.la \
+ libsss_certmap.la \
+ $(NULL)
+endif
endif # HAVE_CMOCKA
noinst_PROGRAMS = pam_test_client
@@ -4404,6 +4458,7 @@ docs:
$(DOXYGEN) src/lib/ipa_hbac/ipa_hbac.doxy
$(DOXYGEN) src/lib/idmap/sss_idmap.doxy
$(DOXYGEN) src/sss_client/idmap/sss_nss_idmap.doxy
+ $(DOXYGEN) src/lib/certmap/sss_certmap.doxy
if BUILD_IFP
$(DOXYGEN) src/lib/sifp/sss_simpleifp.doxy
endif
generated by cgit (git 2.34.1) at 2024-05-03 12:04:23 +0000