- (djm) Make PAM support optional, enable with --with-pam

- (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
   provides a crypt() of its own)
 - (djm) Avoid a warning in bsd-bindresvport.c
 - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
   can cause weird segfaults errors on Solaris
This commit is contained in:
Damien Miller 2001-01-17 10:44:13 +11:00
parent 21de450853
commit a64b57a157
5 changed files with 47 additions and 31 deletions

View File

@ -1,5 +1,11 @@
20010117
- (djm) Only write random seed file at exit
- (djm) Make PAM support optional, enable with --with-pam
- (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
provides a crypt() of its own)
- (djm) Avoid a warning in bsd-bindresvport.c
- (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
can cause weird segfaults errors on Solaris
20010115
- (bal) sftp-server.c change to use chmod() if fchmod() does not exist.

View File

@ -66,8 +66,8 @@
/* Define if you are on NEWS-OS */
#undef HAVE_NEWS4
/* Define if you want to disable PAM support */
#undef DISABLE_PAM
/* Define if you want to enable PAM support */
#undef USE_PAM
/* Define if you want to enable AIX4's authenticate function */
#undef WITH_AIXAUTHENTICATE

View File

@ -88,6 +88,9 @@ bindresvport_af(sd, sa, af)
if (port == 0)
port = (arc4random() % NPORTS) + STARTPORT;
/* Avoid warning */
error = -1;
for(i = 0; i < NPORTS; i++) {
*portp = htons(port);

View File

@ -62,12 +62,10 @@ case "$host" in
*-*-cygwin*)
LIBS="$LIBS -lregex /usr/lib/textmode.o"
AC_DEFINE(HAVE_CYGWIN)
AC_DEFINE(DISABLE_PAM)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(IPV4_DEFAULT)
AC_DEFINE(IP_TOS_IS_BROKEN)
AC_DEFINE(BROKEN_VHANGUP)
no_pam=1
no_libsocket=1
no_libnsl=1
;;
@ -122,6 +120,7 @@ case "$host" in
;;
*-*-linux*)
no_dev_ptmx=1
check_for_libcrypt_later=1
AC_DEFINE(DONT_TRY_OTHER_AF)
AC_DEFINE(PAM_TTY_KLUDGE)
inet6_default_4in6=yes
@ -368,27 +367,30 @@ fi
AC_FUNC_GETPGRP
# Check for PAM libs
PAM_MSG="no"
AC_ARG_WITH(pam,
[ --without-pam Disable PAM support ],
[ --with-pam Enable PAM support ],
[
if test "x$withval" = "xno" ; then
no_pam=1
AC_DEFINE(DISABLE_PAM)
PAM_MSG="disabled"
if test "x$withval" != "xno" ; then
if test "x$ac_cv_header_security_pam_appl_h" != "xyes" ; then
AC_MSG_ERROR([PAM headers not found])
fi
AC_CHECK_LIB(dl, dlopen, , )
AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
AC_CHECK_FUNCS(pam_getenvlist)
disable_shadow=yes
PAM_MSG="yes"
AC_DEFINE(USE_PAM)
fi
]
)
if (test -z "$no_pam" && test "x$ac_cv_header_security_pam_appl_h" = "xyes") ; then
AC_CHECK_LIB(dl, dlopen, , )
LIBS="$LIBS -lpam"
AC_CHECK_FUNCS(pam_getenvlist)
disable_shadow=yes
PAM_MSG="yes"
# Check for older PAM
if test "x$PAM_MSG" = "xyes" ; then
# Check PAM strerror arguments (old PAM)
AC_MSG_CHECKING([whether pam_strerror takes only one argument])
AC_TRY_COMPILE(
@ -403,7 +405,7 @@ if (test -z "$no_pam" && test "x$ac_cv_header_security_pam_appl_h" = "xyes") ; t
AC_MSG_RESULT(yes)
PAM_MSG="yes (old library)"
]
)
)
fi
# The big search for OpenSSL
@ -425,7 +427,7 @@ fi
AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
if test ! -z "$ssldir" ; then
if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include"
if test ! -z "$need_dash_r" ; then
@ -476,13 +478,16 @@ if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ;
AC_DEFINE(HAVE_OPENSSL)
dnl Need to recover ssldir - test above runs in subshell
ssldir=$ac_cv_openssldir
CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include"
LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
if test ! -z "$need_dash_r" ; then
LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
fi
if test ! -z "$blibpath" ; then
blibpath="$blibpath:$ssldir:$ssldir/lib"
if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include"
LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
if test ! -z "$need_dash_r" ; then
LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
fi
if test ! -z "$blibpath" ; then
blibpath="$blibpath:$ssldir:$ssldir/lib"
fi
fi
fi
LIBS="$saved_LIBS -lcrypto"
@ -537,6 +542,12 @@ else
fi
fi
# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
# version in OpenSSL. Skip this for PAM
if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then
AC_CHECK_LIB(crypt, crypt, , )
fi
# Cheap hack to ensure NEWS-OS libraries are arranged right.
if test ! -z "$SONY" ; then
LIBS="$LIBS -liberty";

View File

@ -332,10 +332,6 @@ struct winsize {
# define __attribute__(x)
#endif /* !defined(__GNUC__) || (__GNUC__ < 2) */
#if defined(HAVE_SECURITY_PAM_APPL_H) && !defined(DISABLE_PAM)
# define USE_PAM
#endif /* defined(HAVE_SECURITY_PAM_APPL_H) && !defined(DISABLE_PAM) */
#ifndef SUN_LEN
#define SUN_LEN(su) \
(sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))