summaryrefslogtreecommitdiffstats
path: root/daemons/configure.ac
Commit message (Collapse)AuthorAgeFilesLines
* Build: promote daemons/configure.ac to top-level configure.acPetr Spacek2016-10-241-333/+0
| | | | | | | | | | | | | Top-level Makefile is still not managed by Automake (e.g. hand-made). This is preparatory work. Other configure.ac files will be gradually merged into the top-level one. After that we will be able to throw-away the hand-made top-level Makefile and use Automake for everything. https://fedorahosted.org/freeipa/ticket/6418 Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com>
* Build: remove deprecated AC_STDC_HEADERS macroPetr Spacek2016-10-181-1/+0
| | | | | | | Interestingly, the new macro AC_HEADER_STDC is alredy present. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Build: require Python >= 2.7Petr Spacek2016-10-181-1/+1
| | | | | | | | | The Python detection logic will be improved later when we start to use top-level configure.ac to manage build completely. For now simple bump is enough. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Build: remove traces of mozldap libraryPetr Spacek2016-10-181-53/+6
| | | | | | | | | | | | | | Mozldap is not used for some time now. We can remove all traces of it. AFAIK the complex logic for OpenLDAP detection should not be necessary and -lldap_r -llber options should suffice. Unfortunatelly OpenLDAP package does not ship package config files so we have to hardcode flags. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Build: modernize crypto library detectionPetr Spacek2016-10-181-7/+2
| | | | | | | | | | Use package config instead of checking headers. Package config is faster because it does not invoke compiler and guarantees proper linking flags because these are provided by package maintainer instead of hardcoded into build system. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Build: modernize UUID library detectionPetr Spacek2016-10-181-4/+1
| | | | | | | | | | Use package config instead of checking headers. Package config is faster because it does not invoke compiler and guarantees proper linking flags because these are provided by package maintainer instead of hardcoded into build system. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Build: modernize Kerberos library detectionPetr Spacek2016-10-181-5/+1
| | | | | | | | | | | | Use package config instead of checking headers. Package config is faster because it does not invoke compiler and guarantees proper linking flags because these are provided by package maintainer instead of hardcoded into build system. libkrad does not have package config file so we keep the old way here. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipa-kdb: Allow to build with samba 4.5Lukas Slebodnik2016-08-091-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | daemons/ipa-kdb/ipa_kdb_mspac.c: In function 'filter_logon_info': daemons/ipa-kdb/ipa_kdb_mspac.c:1536:19: error: 'struct PAC_LOGON_INFO' has no member named 'res_group_dom_sid' if (info->info->res_group_dom_sid != NULL && ^~ daemons/ipa-kdb/ipa_kdb_mspac.c:1537:19: error: 'struct PAC_LOGON_INFO' has no member named 'res_groups'; did you mean 'resource_groups'? info->info->res_groups.count != 0) { ^~ mv -f .deps/ipa_kdb_delegation.Tpo .deps/ipa_kdb_delegation.Plo Makefile:806: recipe for target 'ipa_kdb_mspac.lo' failed make[3]: *** [ipa_kdb_mspac.lo] Error 1 make[3]: *** Waiting for unfinished jobs.... Related change in samba https://github.com/samba-team/samba/commit/4406cf792a599724f55777a45efb6367a9bd92b2 Resolves: https://fedorahosted.org/freeipa/ticket/6173 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Bump SSSD version in requiresMartin Basti2016-07-011-1/+1
| | | | | | | | | This is required by commit aa734da49440c5d12c0f8d4566505adaeef254e8 for function sss_nss_getnamebycert() https://fedorahosted.org/freeipa/ticket/4955 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* BUILD: Remove detection of libcheckLukas Slebodnik2016-04-221-11/+0
| | | | | | | | | | The unit test framework check has not been used in freeipa for long time (if ever) but there was still conditional check for this framework. It just produced confusing warning: Without the 'CHECK' library, you will be unable to run all tests in the 'make check' suite Reviewed-By: Petr Spacek <pspacek@redhat.com>
* CONFIGURE: Replace obsolete macrosLukas Slebodnik2016-03-081-1/+1
| | | | | | | | | The AC_PROG_LIBTOOL macro is obsoleted by since libtool-2.0 which is already in rhel6+ https://fedorahosted.org/FedoraReview/wiki/AutoTools Reviewed-By: Martin Basti <mbasti@redhat.com>
* ds plugin - manage replication topology in the shared treeLudwig Krispenz2015-05-261-0/+1
| | | | | | | Implementation of ticket: https://fedorahosted.org/freeipa/ticket/4302 Design page: http://www.freeipa.org/page/V4/Manage_replication_topology Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
* Add configure check for cwrap librariesSumit Bose2015-03-091-0/+24
| | | | | | | | | Currently only nss-wrapper is checked, checks for other crwap libraries can be added e.g. as AM_CHECK_WRAPPER(uid_wrapper, HAVE_UID_WRAPPER) Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Stop including the DES algorythm from openssl.Simo Sorce2015-02-231-2/+2
| | | | | | | | | Since we dropped support for LANMAN hashes we do not need DES from OpenSSL anymore. Stop including an testing for it. Test for the MD4 algorythm instead whichis still used for the NT Hashes. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* Support Samba PASSDB 0.2.0 aka interface version 24Alexander Bokovoy2015-01-191-4/+16
| | | | | | | | | | | | | | | 1. Samba project renamed libpdb to libsamba-passdb https://bugzilla.samba.org/show_bug.cgi?id=10355 2. With interface version 24, Samba removed uid_to_sid()/gid_to_sid() from the PASSDB interface and united them as id_to_sid(). Make sure FreeIPA ipa_sam code supports new and old versions of the PASSDB API. https://fedorahosted.org/freeipa/ticket/4778 Reviewed-By: Sumit Bose <sbose@redhat.com>
* Use asn1c helpers to encode/decode the getkeytab controlSimo Sorce2014-11-201-0/+2
| | | | | | | | | | | Replaces manual encoding with automatically generated code. Fixes: https://fedorahosted.org/freeipa/ticket/4718 https://fedorahosted.org/freeipa/ticket/4728 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* Create ipa-otp-counter 389DS pluginNathaniel McCallum2014-10-201-0/+1
| | | | | | | | | | | | | | | This plugin ensures that all counter/watermark operations are atomic and never decrement. Also, deletion is not permitted. Because this plugin also ensures internal operations behave properly, this also gives ipa-pwd-extop the appropriate behavior for OTP authentication. https://fedorahosted.org/freeipa/ticket/4493 https://fedorahosted.org/freeipa/ticket/4494 Reviewed-By: Thierry Bordaz <tbordaz@redhat.com> Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Add OTP last token pluginNathaniel McCallum2014-02-211-0/+1
| | | | | | | | | | This plugin prevents the deletion or deactivation of the last valid token for a user. This prevents the user from migrating back to single factor authentication once OTP has been enabled. Thanks to Mark Reynolds for helping me with this patch. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Add libotp internal library for slapi pluginsNathaniel McCallum2014-02-141-0/+1
| | | | Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Enable building in C99 modeNathaniel McCallum2014-02-141-1/+1
| | | | | | | | | | | | | C99 is supported on all compilers we target and provides some useful features, including: * Standard struct initializers * Compound literals * For-loop declarations * Standard bool type * Variable arrays (use with caution) * Too many others to mention... Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Move ipa-otpd socket directoryNathaniel McCallum2014-02-111-3/+3
| | | | | https://fedorahosted.org/freeipa/ticket/4167 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Prevent *.pyo and *.pyc multilib problemsMartin Kosek2013-08-131-0/+1
| | | | | | | | | | | | | Differences in the python byte code fails in a build validation (rpmdiff) done on difference architecture of the same package. This patch: 1) Ensures that timestamps of generated *.pyo and *.pyc files match 2) Python integer literals greater or equal 2^32 and lower than 2^64 are converted to long right away to prevent different type of the integer on architectures with different size of int https://fedorahosted.org/freeipa/ticket/3858
* Use libunistring ulc_casecmp() on unicode stringsNathaniel McCallum2013-07-181-0/+10
| | | | https://fedorahosted.org/freeipa/ticket/3772
* Use pkg-config to detect cmockaLukas Slebodnik2013-07-151-25/+12
| | | | https://fedorahosted.org/freeipa/ticket/3434
* Remove winbind client configure checkSumit Bose2013-07-111-11/+0
| | | | | With the replacement of the winbind calls in the extdom plugin none of the plugins is using the winbind client libraries anymore.
* extdom: replace winbind calls with POSIX/SSSD callsSumit Bose2013-07-111-0/+1
| | | | | | | | | | | | | | | With the new ipa_server_mode SSSD is able to read user and group data from trusted AD domains directly and makes this data available via the NSS responder. With this mode enabled winbind is not needed anymore to lookup users and groups of trusted domains. This patch removed the calls to winbind from the extdom plugin and replaces them with standard POSIX calls like getpwnam() and calls from libsss_nss_idmap to lookup SIDs. Fixes https://fedorahosted.org/freeipa/ticket/3637 because now the extdom plugin does not need to handle idranges anymore, but everything is done inside SSSD.
* Add OTP support to ipa-pwd-extopNathaniel McCallum2013-05-171-33/+6
| | | | | | | | | During LDAP bind, this now plugin determines if a user is enabled for OTP authentication. If so, then the OTP is validated in addition to the password. This allows 2FA during user binds. https://fedorahosted.org/freeipa/ticket/3367 http://freeipa.org/page/V3/OTP
* Add the krb5/FreeIPA RADIUS companion daemonNathaniel McCallum2013-05-171-60/+37
| | | | | | | | | | | This daemon listens for RADIUS packets on a well known UNIX domain socket. When a packet is received, it queries LDAP to see if the user is configured for RADIUS authentication. If so, then the packet is forwarded to the 3rd party RADIUS server. Otherwise, a bind is attempted against the LDAP server. https://fedorahosted.org/freeipa/ticket/3366 http://freeipa.org/page/V3/OTP
* ipasam: add enumeration of UPN suffixes based on the realm domainsAlexander Bokovoy2013-03-291-0/+10
| | | | | | | | | | | | | | | | PASSDB API in Samba adds support for specifying UPN suffixes. The change in ipasam will allow to pass through list of realm domains as UPN suffixes so that Active Directory domain controller will be able to recognize non-primary UPN suffixes as belonging to IPA and properly find our KDC for cross-realm TGT. Since Samba already returns primary DNS domain separately, filter it out from list of UPN suffixes. Also enclose provider of UPN suffixes into #ifdef to support both Samba with and without pdb_enum_upn_suffixes(). Part of https://fedorahosted.org/freeipa/ticket/2848
* Add support for cmocka C-Unit Test frameworkSumit Bose2013-03-281-0/+31
| | | | | | | | cmocka is a more advanced unit test framework for C-code than the currently used check framework. This patch adds configure checks and makefile variables so that new unit tests can use cmocka. Fixes https://fedorahosted.org/freeipa/ticket/3434
* Add 389 DS plugin for special idnsSOASerial attribute handlingPetr Spacek2013-03-221-0/+1
| | | | | | | | | Default value "1" is added to replicated idnsZone objects if idnsSOASerial attribute is missing. https://fedorahosted.org/freeipa/ticket/3347 Signed-off-by: Petr Spacek <pspacek@redhat.com>
* Bump 389-ds-base minimum in our spec fileMartin Kosek2012-12-071-1/+1
| | | | | Our code needs both Requires and BuildRequires set to 389-ds-base which supports transactions. Also add the requires to configure.ac.
* Allow silent build if availableSumit Bose2012-07-061-0/+1
|
* Add range check preop pluginSumit Bose2012-06-291-0/+1
| | | | | | | To make sure that ID ranges do not overlap this plugin checks new additions and changes for conflicts with existing ranges. https://fedorahosted.org/freeipa/ticket/2185
* Add external domain extop DS pluginSumit Bose2012-06-281-1/+18
| | | | | | This extop can be used by clients of the IPA domain, e.g. sssd, to retrieve data from trusted external domains. It can be used e.g. to map Windows SIDs to user or groups names and back.
* Add configure check for C Unit-Test framework checkSumit Bose2012-06-281-0/+10
| | | | The framework can be found at http://check.sourceforge.net.
* Add sidgen postop and taskSumit Bose2012-06-281-0/+1
| | | | | | | | A postop plugin is added to create the SID for new created users and groups. A directory server task allows to set the SID for existing users and groups. Fixes https://fedorahosted.org/freeipa/ticket/2825
* slapi-plugins: use thread-safe ldap librarySimo Sorce2012-01-131-1/+1
|
* Add ipasam samba passdb backendSumit Bose2011-12-061-1/+6
| | | | https://fedorahosted.org/freeipa/ticket/1874
* Create skeleton CLDAP server as a DS pluginSimo Sorce2011-11-211-0/+2
|
* Add support for generating PAC for AS requests for user principalsSimo Sorce2011-11-071-0/+10
|
* daemons: Remove ipa_kpasswdSimo Sorce2011-08-261-1/+0
| | | | | | Now that we have our own database we can properly enforce stricter constraints on how the db can be changed. Stop shipping our own kpasswd daemon and instead use the regular kadmin daemon.
* ipa-kdb: Initial plugin skeletonSimo Sorce2011-08-261-0/+1
|
* Update kerberos password policy values on LDAP binds.Rob Crittenden2011-01-211-0/+1
| | | | | | | | | | | | | | | On a failed bind this will update krbLoginFailedCount and krbLastFailedAuth and will potentially fail the bind altogether. On a successful bind it will zero krbLoginFailedCount and set krbLastSuccessfulAuth. This will also enforce locked-out accounts. See http://k5wiki.kerberos.org/wiki/Projects/Lockout for details on kerberos lockout. ticket 343
* Mozldap-specific code removedMartin Kosek2011-01-141-9/+4
| | | | | | | | Mozldap code removed from all sources and configure source script. Now, IPA will compile even when package mozldap-devel is not installed on the system. https://fedorahosted.org/freeipa/ticket/756
* Drop dependency on mozldapRob Crittenden2011-01-121-7/+0
|
* Do not use LDAP_DEPRECATED in pluginsJakub Hrozek2011-01-071-0/+2
| | | | | | | | | Remove the LDAP_DEPRECATED constant and do not use functions that are marked as deprecated in recent OpenLDAP releases. Also always define WITH_{MOZLDAP,OPENLDAP} since there are conditional header includes that depend on that constant. https://fedorahosted.org/freeipa/ticket/576
* Make use of mozldap vs openldap for plugins selectableSimo Sorce2010-12-061-4/+17
|
* build tweaks - use automake's foreign mode, avoid creating empty files to ↵Nalin Dahyabhai2010-11-291-1/+1
| | | | satisfy gnu mode - run autoreconf -f to ensure that everything matches
* Stricter compilation flagsJakub Hrozek2010-11-221-0/+2
| | | | | | | Use a little stricter compilation flags, in particular -Wall and treat implicit function declarations as errors. Signed-off-by: Simo Sorce <ssorce@redhat.com>
generated by cgit (git 2.34.1) at 2026-01-28 02:24:55 +0000