- (djm) Make PAM support optional, enable with --with-pam
- (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which provides a crypt() of its own) - (djm) Avoid a warning in bsd-bindresvport.c - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This can cause weird segfaults errors on Solaris
This commit is contained in:
parent
21de450853
commit
a64b57a157
|
@ -1,5 +1,11 @@
|
|||
20010117
|
||||
- (djm) Only write random seed file at exit
|
||||
- (djm) Make PAM support optional, enable with --with-pam
|
||||
- (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
|
||||
provides a crypt() of its own)
|
||||
- (djm) Avoid a warning in bsd-bindresvport.c
|
||||
- (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
|
||||
can cause weird segfaults errors on Solaris
|
||||
|
||||
20010115
|
||||
- (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
|
||||
|
|
|
@ -66,8 +66,8 @@
|
|||
/* Define if you are on NEWS-OS */
|
||||
#undef HAVE_NEWS4
|
||||
|
||||
/* Define if you want to disable PAM support */
|
||||
#undef DISABLE_PAM
|
||||
/* Define if you want to enable PAM support */
|
||||
#undef USE_PAM
|
||||
|
||||
/* Define if you want to enable AIX4's authenticate function */
|
||||
#undef WITH_AIXAUTHENTICATE
|
||||
|
|
|
@ -88,6 +88,9 @@ bindresvport_af(sd, sa, af)
|
|||
if (port == 0)
|
||||
port = (arc4random() % NPORTS) + STARTPORT;
|
||||
|
||||
/* Avoid warning */
|
||||
error = -1;
|
||||
|
||||
for(i = 0; i < NPORTS; i++) {
|
||||
*portp = htons(port);
|
||||
|
||||
|
|
61
configure.in
61
configure.in
|
@ -62,12 +62,10 @@ case "$host" in
|
|||
*-*-cygwin*)
|
||||
LIBS="$LIBS -lregex /usr/lib/textmode.o"
|
||||
AC_DEFINE(HAVE_CYGWIN)
|
||||
AC_DEFINE(DISABLE_PAM)
|
||||
AC_DEFINE(DISABLE_SHADOW)
|
||||
AC_DEFINE(IPV4_DEFAULT)
|
||||
AC_DEFINE(IP_TOS_IS_BROKEN)
|
||||
AC_DEFINE(BROKEN_VHANGUP)
|
||||
no_pam=1
|
||||
no_libsocket=1
|
||||
no_libnsl=1
|
||||
;;
|
||||
|
@ -122,6 +120,7 @@ case "$host" in
|
|||
;;
|
||||
*-*-linux*)
|
||||
no_dev_ptmx=1
|
||||
check_for_libcrypt_later=1
|
||||
AC_DEFINE(DONT_TRY_OTHER_AF)
|
||||
AC_DEFINE(PAM_TTY_KLUDGE)
|
||||
inet6_default_4in6=yes
|
||||
|
@ -368,27 +367,30 @@ fi
|
|||
|
||||
AC_FUNC_GETPGRP
|
||||
|
||||
# Check for PAM libs
|
||||
PAM_MSG="no"
|
||||
AC_ARG_WITH(pam,
|
||||
[ --without-pam Disable PAM support ],
|
||||
[ --with-pam Enable PAM support ],
|
||||
[
|
||||
if test "x$withval" = "xno" ; then
|
||||
no_pam=1
|
||||
AC_DEFINE(DISABLE_PAM)
|
||||
PAM_MSG="disabled"
|
||||
if test "x$withval" != "xno" ; then
|
||||
if test "x$ac_cv_header_security_pam_appl_h" != "xyes" ; then
|
||||
AC_MSG_ERROR([PAM headers not found])
|
||||
fi
|
||||
|
||||
AC_CHECK_LIB(dl, dlopen, , )
|
||||
AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
|
||||
AC_CHECK_FUNCS(pam_getenvlist)
|
||||
|
||||
disable_shadow=yes
|
||||
PAM_MSG="yes"
|
||||
|
||||
AC_DEFINE(USE_PAM)
|
||||
fi
|
||||
]
|
||||
)
|
||||
if (test -z "$no_pam" && test "x$ac_cv_header_security_pam_appl_h" = "xyes") ; then
|
||||
AC_CHECK_LIB(dl, dlopen, , )
|
||||
LIBS="$LIBS -lpam"
|
||||
|
||||
AC_CHECK_FUNCS(pam_getenvlist)
|
||||
|
||||
disable_shadow=yes
|
||||
|
||||
PAM_MSG="yes"
|
||||
|
||||
# Check for older PAM
|
||||
if test "x$PAM_MSG" = "xyes" ; then
|
||||
# Check PAM strerror arguments (old PAM)
|
||||
AC_MSG_CHECKING([whether pam_strerror takes only one argument])
|
||||
AC_TRY_COMPILE(
|
||||
|
@ -403,7 +405,7 @@ if (test -z "$no_pam" && test "x$ac_cv_header_security_pam_appl_h" = "xyes") ; t
|
|||
AC_MSG_RESULT(yes)
|
||||
PAM_MSG="yes (old library)"
|
||||
]
|
||||
)
|
||||
)
|
||||
fi
|
||||
|
||||
# The big search for OpenSSL
|
||||
|
@ -425,7 +427,7 @@ fi
|
|||
AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
|
||||
|
||||
for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
|
||||
if test ! -z "$ssldir" ; then
|
||||
if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
|
||||
LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
|
||||
CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include"
|
||||
if test ! -z "$need_dash_r" ; then
|
||||
|
@ -476,13 +478,16 @@ if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ;
|
|||
AC_DEFINE(HAVE_OPENSSL)
|
||||
dnl Need to recover ssldir - test above runs in subshell
|
||||
ssldir=$ac_cv_openssldir
|
||||
CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include"
|
||||
LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
|
||||
if test ! -z "$need_dash_r" ; then
|
||||
LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
|
||||
fi
|
||||
if test ! -z "$blibpath" ; then
|
||||
blibpath="$blibpath:$ssldir:$ssldir/lib"
|
||||
|
||||
if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
|
||||
CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include"
|
||||
LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
|
||||
if test ! -z "$need_dash_r" ; then
|
||||
LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
|
||||
fi
|
||||
if test ! -z "$blibpath" ; then
|
||||
blibpath="$blibpath:$ssldir:$ssldir/lib"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
LIBS="$saved_LIBS -lcrypto"
|
||||
|
@ -537,6 +542,12 @@ else
|
|||
fi
|
||||
fi
|
||||
|
||||
# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
|
||||
# version in OpenSSL. Skip this for PAM
|
||||
if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then
|
||||
AC_CHECK_LIB(crypt, crypt, , )
|
||||
fi
|
||||
|
||||
# Cheap hack to ensure NEWS-OS libraries are arranged right.
|
||||
if test ! -z "$SONY" ; then
|
||||
LIBS="$LIBS -liberty";
|
||||
|
|
|
@ -332,10 +332,6 @@ struct winsize {
|
|||
# define __attribute__(x)
|
||||
#endif /* !defined(__GNUC__) || (__GNUC__ < 2) */
|
||||
|
||||
#if defined(HAVE_SECURITY_PAM_APPL_H) && !defined(DISABLE_PAM)
|
||||
# define USE_PAM
|
||||
#endif /* defined(HAVE_SECURITY_PAM_APPL_H) && !defined(DISABLE_PAM) */
|
||||
|
||||
#ifndef SUN_LEN
|
||||
#define SUN_LEN(su) \
|
||||
(sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
|
||||
|
|
Loading…
Reference in New Issue