From: Tom Yu Date: Mon, 1 Nov 2010 19:49:44 +0000 (+0000) Subject: pull up r24467 from trunk X-Git-Tag: krb5-1.9-beta1~9 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=ac6b4d8a6724f70f284ebf6e018ab360abcd1fed;p=krb5.git pull up r24467 from trunk ------------------------------------------------------------------------ r24467 | hartmans | 2010-10-19 15:50:48 -0400 (Tue, 19 Oct 2010) | 8 lines ticket: 6807 subject: SecurID build support target_version: 1.9 tags: pullup Integrate SecurID into the build if libaceclnt is found. Add a README file with an example of how to build it. ticket: 6807 version_fixed: 1.9 status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24494 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/Makefile.in b/src/Makefile.in index 64a5aad10..16d04e65c 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -9,6 +9,7 @@ mydir=. # plugins/authdata/greet SUBDIRS=util include lib \ @ldap_plugin_dir@ \ + @sam2_plugin@ \ plugins/kadm5_hook/test \ plugins/kdb/db2 \ plugins/preauth/pkinit \ diff --git a/src/configure.in b/src/configure.in index ab2c689b8..8d6bb8277 100644 --- a/src/configure.in +++ b/src/configure.in @@ -1085,6 +1085,16 @@ else fi AC_SUBST(ldap_plugin_dir) AC_SUBST(LDAP) +# This check is for plugins/preauth/securid_sam2 +sam2_plugin="" +old_CFLAGS=$CFLAGS +CFLAGS="$CFLAGS $PTHREAD_CFLAGS" +AC_CHECK_LIB(aceclnt, sd_init,[ + AC_MSG_NOTICE([Enabling RSA securID support]) + sam2_plugin=plugins/preauth/securid_sam2 + ]) +AC_SUBST(sam2_plugin) +CFLAGS=$old_CFLAGS # This checks is for plugins/locate/python, which isn't built by # default, so it's not a big deal that it isn't very good. We should diff --git a/src/plugins/preauth/securid_sam2/Makefile.in b/src/plugins/preauth/securid_sam2/Makefile.in index dd4441456..a32db4e26 100644 --- a/src/plugins/preauth/securid_sam2/Makefile.in +++ b/src/plugins/preauth/securid_sam2/Makefile.in @@ -17,8 +17,8 @@ RELDIR=../plugins/preauth/securid_sam2 # Depends on libk5crypto and libkrb5 SHLIB_EXPDEPS = \ $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ - $(TOPLIBD)/libkrb5$(SHLIBEXT) -SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(LIBS) + $(TOPLIBD)/libkrb5$(SHLIBEXT) $(KADMSRV_DEPLIBS) +SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(KADMSRV_LIBS) $(LIBS) -laceclnt SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) diff --git a/src/plugins/preauth/securid_sam2/README b/src/plugins/preauth/securid_sam2/README new file mode 100644 index 000000000..8fc10284e --- /dev/null +++ b/src/plugins/preauth/securid_sam2/README @@ -0,0 +1,17 @@ +SecurID Preauth Support + +In order to build this library you will need the RSA 's ACE Agent +SDK. Set the LDFLAGS and CPPFLAGS environment variables to include the +appropriate paths for your SDK before running configure. If libaceclnt +is found then the plugin will be enabled. +For example: + +../src/configure CC='gcc -m32' CFLAGS=-g --prefix=/usr/local/krb5 \ + --disable-rpath LDFLAGS=-L/home/developer/ace/ACEAgentSDK/lib/lnx \ + CPPFLAGS=-I/home/developer/ace/ACEAgentSDK/inc + + +Once the plugin is installed, set the requires_preauth and potentially +requires_hwauth flags for a principal. Then create principal/SECURID +as a new principal with a random key. That principal will now require +SecurID authentication.