aboutsummaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2015-12-16 14:58:07 +0200
committerSergey Poznyakoff <gray@gnu.org.ua>2015-12-16 14:58:07 +0200
commit6bb908898b833ec69c66e918de732af5bad68934 (patch)
treedd715a052f67849d38aedaa25eafa93241e938df /configure.ac
parent9cb7455b12462a3679ed5208540793d802570481 (diff)
downloadpies-6bb908898b833ec69c66e918de732af5bad68934.tar.gz
pies-6bb908898b833ec69c66e918de732af5bad68934.tar.bz2
Implement authentication on control socket.
* Makefile.am (SUBDIRS): Add src. * configure.ac: Check for crypt.h and PAM Build ident/Makefile * grecs: Update. * ident/Makefile.am: New file. * ident/ident.c: New file. * ident/ident.h: New file. * ident/identity.h: New file. * ident/pam.c: New file. * ident/provider.c: New file. * ident/system.c: New file. * lib/Makefile.am: Add arraymember.c * lib/arraymember.c: New file. * lib/libpies.h (is_array_member): New proto. * src/Makefile.am (LDADD): Add libident.a and @PAM_LIBS@ * src/acl.c (acl_entry): Remove groups. Add new members: names and name_match. (pies_acl_create): Deep copy the locus. Set free_entry function for the list. (pies_acl_free): Free locus. (_parse_from): Set free_entry function for the list. (_parse_group): Parse the "user" construct. (parse_acl_line): Deep copy the locus. Allow for null value. (acl_keywords): Update docstrings. (_acl_check): Rewrite identity checks. * src/acl.h (acl_input)<user,groups>: Remove. <identity>: New member. (pies_acl_free): New proto. * src/ctl.c (identity): New global. (cmdtab): New command: auth (ctlio) <addr,addrlen>: New members. (ctlio_create): Start from authenticated state only if no identity_providers are configured. (cmd_auth): New function. (cmd_help): Print only commands that are available in the current state. (ctl_accept): Initialize io->addr and io->addrlen. * src/inetd-bi.c: Change call to check_acl * src/pies.c: Include identity.h (control_keywords): New statement "identity-acl" (pies_keywords): New statement "identity-provider" (config_init): Register identity mechanisms. (config_parse): New function. (config_help): Print help on identity-provider statements. (main): Use config_parse to parse grecs-style configurations. * src/pies.h: Include identity.h (check_acl): Change argument list. All callers changed. (control): Remove acl. Add conn_acl and id_acl instead. * src/progman.c (check_acl): Change argument list. Take identity as the 3rd argument.
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac43
1 files changed, 41 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac
index 92ffbbd..8fb1eac 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
1# This file is part of GNU Pies. -*- autoconf -*- 1# This file is part of GNU Pies. -*- autoconf -*-
2# Copyright (C) 2009-2014 Sergey Poznyakoff 2# Copyright (C) 2009-2015 Sergey Poznyakoff
3# 3#
4# GNU Pies is free software; you can redistribute it and/or modify 4# GNU Pies is free software; you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by 5# it under the terms of the GNU General Public License as published by
@@ -33,9 +33,12 @@ AC_PROG_YACC
33AC_PROG_LEX 33AC_PROG_LEX
34 34
35# Checks for libraries. 35# Checks for libraries.
36AC_CHECK_LIB(crypt, crypt)
36 37
37# Checks for header files. 38# Checks for header files.
38AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stdint.h stdlib.h string.h sys/socket.h sys/time.h syslog.h unistd.h utmp.h utmpx.h]) 39AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stdint.h stdlib.h\
40 string.h sys/socket.h sys/time.h syslog.h unistd.h utmp.h utmpx.h\
41 crypt.h shadow.h])
39 42
40# Checks for typedefs, structures, and compiler characteristics. 43# Checks for typedefs, structures, and compiler characteristics.
41AC_TYPE_UID_T 44AC_TYPE_UID_T
@@ -80,6 +83,41 @@ AM_ICONV
80AM_GNU_GETTEXT([external], [need-formatstring-macros]) 83AM_GNU_GETTEXT([external], [need-formatstring-macros])
81AM_GNU_GETTEXT_VERSION([0.18]) 84AM_GNU_GETTEXT_VERSION([0.18])
82 85
86# PAM
87status_pam=maybe
88AC_ARG_ENABLE([pam],
89 AC_HELP_STRING([--enable-pam],
90 [enable PAM]),
91 [
92case "${enableval}" in
93 yes) status_pam=yes ;;
94 no) status_pam=no ;;
95 *) AC_MSG_ERROR([bad value ${enableval} for --enable-pam]) ;;
96esac],[status_pam=maybe])
97
98AC_SUBST(PAM_LIBS,-lpam)
99if test "$status_pam" != "no"; then
100 pam=$status_pam
101 AC_CHECK_HEADERS(security/pam_appl.h)
102 if test "$ac_cv_header_security_pam_appl_h" = "yes"; then
103 AC_CHECK_LIB(dl, dlopen, [PAM_LIBS="$PAM_LIBS -ldl"])
104 AC_CHECK_LIB(pam, pam_start,
105 [status_pam=yes],
106 [status_pam=no], $PAM_LIBS)
107 else
108 status_pam=no
109 fi
110 if test $pam = yes && test $pam != $status_pam; then
111 AC_MSG_ERROR([required module PAM cannot be built because of missing prerequisites])
112 fi
113fi
114
115AM_CONDITIONAL([PAM_COND], [test $status_pam = yes])
116if test $status_pam = yes; then
117 AC_DEFINE_UNQUOTED(WITH_PAM, 1, [PAM support enabled])
118fi
119
120# Build inetd
83AC_ARG_ENABLE([inetd], 121AC_ARG_ENABLE([inetd],
84 AC_HELP_STRING([--enable-inetd], 122 AC_HELP_STRING([--enable-inetd],
85 [build and install a replacement for SBINDIR/inetd]), 123 [build and install a replacement for SBINDIR/inetd]),
@@ -100,6 +138,7 @@ AC_CONFIG_FILES([Makefile
100 gnu/Makefile 138 gnu/Makefile
101 lib/Makefile 139 lib/Makefile
102 src/Makefile 140 src/Makefile
141 ident/Makefile
103 doc/Makefile 142 doc/Makefile
104 po/Makefile.in]) 143 po/Makefile.in])
105AC_OUTPUT 144AC_OUTPUT

Return to:

Send suggestions and report system problems to the System administrator.