From: Fredrik Tolf Date: Sun, 12 Aug 2007 20:49:27 +0000 (+0200) Subject: Make PAM module optional X-Git-Tag: 1.0~78 X-Git-Url: http://git.dolda2000.com/gitweb/?a=commitdiff_plain;h=ded209d3974f3f381e718b62acf4f430dc641562;p=doldaconnect.git Make PAM module optional --- diff --git a/configure.in b/configure.in index 6e4d737..7160668 100644 --- a/configure.in +++ b/configure.in @@ -23,7 +23,6 @@ AC_PROG_LIBTOOL DOLDA_AC_GROUP([Checking required libraries]) -AC_CHECK_LIB(pam, pam_start, , AC_MSG_ERROR([*** must have PAM])) AC_CHECK_LIB(z, deflate, , AC_MSG_ERROR([*** must have zlib])) AC_CHECK_LIB(bz2, BZ2_bzWriteOpen, , AC_MSG_ERROR([*** must have bzlib])) AC_CHECK_LIB(gdbm, gdbm_open, , AC_MSG_ERROR([*** must have gdbm])) @@ -33,6 +32,20 @@ experimental=no DOLDA_AC_GROUP([Checking optional libraries]) +# PAM check +pam_msg=no +AH_TEMPLATE(HAVE_PAM, [define to compile support for PAM authentication]) +AC_ARG_WITH(pam, [ --with-pam Enable PAM support]) +DOLDA_PKG([HAS_PAM], [test "$with_pam" = no && HAS_PAM=no], + [AC_CHECK_LIB(pam, pam_start, , [HAS_PAM=no])]) +if test "$with_pam" = yes -a "$HAS_PAM" = no; then + AC_MSG_ERROR([*** cannot find PAM on this system]) +fi +if test "$with_pam" != no -a "$HAS_PAM" = yes; then + AC_DEFINE(HAVE_PAM) + pam_msg=yes +fi + # Gtk 2.0 check AC_ARG_WITH(gtk2, [ --with-gtk2 Enable GTK2 support]) DOLDA_PKG([HAS_GTK2], [test "$with_gtk2" = no && HAS_GTK2=no], @@ -235,6 +248,7 @@ autopackage/dcguile.apspec echo echo "Dolda Connect has been configured with the following settings:" echo +echo " PAM support: $pam_msg" echo " Kerberos 5 support: $krb_msg" echo " GTK2 user interface: $enable_gtk2ui" echo " GTK2 progress bars: $enable_gtk2pbar" diff --git a/daemon/auth-pam.c b/daemon/auth-pam.c index 54b18c5..7e51383 100644 --- a/daemon/auth-pam.c +++ b/daemon/auth-pam.c @@ -34,8 +34,6 @@ #include #include #include -#include -#include #include #ifdef HAVE_CONFIG_H @@ -45,6 +43,11 @@ #include "utils.h" #include "conf.h" #include "log.h" +#include "module.h" + +#ifdef HAVE_PAM +#include +#include struct pamdata { @@ -321,7 +324,7 @@ static int closesess(struct authhandle *auth) return(rc); } -struct authmech authmech_pam = +static struct authmech authmech_pam = { .inithandle = inithandle, .release = release, @@ -332,3 +335,31 @@ struct authmech authmech_pam = .name = L"pam", .enabled = 1 }; + +static int init(int hup) +{ + if(!hup) + regmech(&authmech_pam); + return(0); +} + +static struct configvar myvars[] = +{ + /** The name of the PAM service file to use. */ + {CONF_VAR_STRING, "pamserv", {.str = L"doldacond"}}, + {CONF_VAR_END} +}; + +static struct module me = +{ + .conf = + { + .vars = myvars + }, + .init = init, + .name = "auth-pam" +}; + +MODULE(me); + +#endif /* HAVE_PAM */ diff --git a/daemon/auth.c b/daemon/auth.c index a407886..470c985 100644 --- a/daemon/auth.c +++ b/daemon/auth.c @@ -155,12 +155,9 @@ void regmech(struct authmech *mech) static void preinit(int hup) { - extern struct authmech authmech_pam; - if(hup) return; regmech(&authless); - regmech(&authmech_pam); } static int init(int hup) @@ -171,8 +168,6 @@ static int init(int hup) static struct configvar myvars[] = { - /** The name of the PAM service file to use. */ - {CONF_VAR_STRING, "pamserv", {.str = L"doldacond"}}, /** Specifies whether insecure authentication is to be allowed. If * you are not completely sure what you are doing, never turn this * on without also turning on net.onlylocal. */