[PATCH app-xdm 2/9] config: upgrade the checking for PAM support
Gaetan Nadon
memsize at videotron.ca
Mon Nov 22 07:32:12 PST 2010
Use AC_CHECK_FUNCS to get the consistent #define HAVE_xxx
Use "auto" rather than "try" for consistency with other modules.
Update help string to mention default value.
Unchanged: if configured --with-pam and -lpam is misisng,
abort the configuration.
Signed-off-by: Gaetan Nadon <memsize at videotron.ca>
---
configure.ac | 20 ++++++++++----------
dm.h | 4 ++--
greet.h | 6 +++---
greeter/Login.h | 2 +-
greeter/greet.c | 22 +++++++++++-----------
greeter/verify.c | 8 ++++----
session.c | 22 +++++++++++-----------
7 files changed, 42 insertions(+), 42 deletions(-)
diff --git a/configure.ac b/configure.ac
index e2e15f6..3e6bc01 100644
--- a/configure.ac
+++ b/configure.ac
@@ -119,17 +119,17 @@ AC_CHECK_DECL(key_setnet,
#include <rpc/key_prot.h>
])
-# Check for PAM support
-use_pam_default=try
-AC_ARG_WITH(pam, AC_HELP_STRING([--with-pam],[Use PAM for authentication]),
- [USE_PAM=$withval], [USE_PAM=$use_pam_default])
+# Check for pluggable authentication modules (PAM) support
+AC_ARG_WITH(pam, AS_HELP_STRING([--with-pam],
+ [Use PAM for authentication (default is autodected)]),
+ [USE_PAM=$withval], [USE_PAM=auto])
if test "x$USE_PAM" != "xno" ; then
- AC_SEARCH_LIBS(pam_open_session,[pam])
- AC_CHECK_FUNC(pam_open_session,
- [AC_DEFINE(USE_PAM,1,[Use PAM for authentication])],
- [if test "x$USE_PAM" != "xtry" ; then
- AC_MSG_ERROR([PAM support requested, but pam_open_session not found.])
- fi])
+ AC_SEARCH_LIBS([pam_open_session], [pam],
+ [AC_CHECK_FUNCS([pam_open_session])],
+ [AS_IF([test "x$USE_PAM" = "xyes"],
+ [AC_MSG_ERROR([PAM support requested, but pam_open_session not found.])]
+ )]
+ )
fi
use_selinux_default=no
diff --git a/dm.h b/dm.h
index 6633248..7c67906 100644
--- a/dm.h
+++ b/dm.h
@@ -104,7 +104,7 @@ typedef union wait waitType;
# endif
# endif /* X_NOT_POSIX */
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
# include <security/pam_appl.h>
# endif
@@ -421,7 +421,7 @@ extern void LoadSessionResources (struct display *d);
extern void ReinitResources (void);
/* in session.c */
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
extern pam_handle_t **thepamhp(void);
extern pam_handle_t *thepamh(void);
# endif
diff --git a/greet.h b/greet.h
index 6b6689e..e5dbb01 100644
--- a/greet.h
+++ b/greet.h
@@ -85,7 +85,7 @@ struct dlfuncs {
void (*_endpwent)(void);
#endif
char *(*_crypt)(CRYPT_ARGS);
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
pam_handle_t **(*_thepamhp)(void);
#endif
};
@@ -169,7 +169,7 @@ extern struct passwd *(*__xdm_getpwnam)(GETPWNAM_ARGS);
extern void (*__xdm_endpwent)(void);
# endif
extern char *(*__xdm_crypt)(CRYPT_ARGS);
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
extern pam_handle_t **(*__xdm_thepamhp)(void);
# endif
@@ -211,7 +211,7 @@ extern pam_handle_t **(*__xdm_thepamhp)(void);
# define endpwent (*__xdm_endpwent)
# endif
# define crypt (*__xdm_crypt)
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
# define thepamhp (*__xdm_thepamhp)
# endif
diff --git a/greeter/Login.h b/greeter/Login.h
index 22529a5..01e79cb 100644
--- a/greeter/Login.h
+++ b/greeter/Login.h
@@ -155,7 +155,7 @@ from The Open Group.
# include <pwd.h>
# include <limits.h>
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
# define NAME_LEN PAM_MAX_RESP_SIZE
# define PASSWORD_LEN PAM_MAX_RESP_SIZE
# endif
diff --git a/greeter/greet.c b/greeter/greet.c
index d8ebb41..8200417 100644
--- a/greeter/greet.c
+++ b/greeter/greet.c
@@ -130,7 +130,7 @@ struct passwd *(*__xdm_getpwnam)(GETPWNAM_ARGS) = NULL;
void (*__xdm_endpwent)(void) = NULL;
# endif
char *(*__xdm_crypt)(CRYPT_ARGS) = NULL;
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
pam_handle_t **(*__xdm_thepamhp)(void) = NULL;
# endif
@@ -146,7 +146,7 @@ pam_handle_t **(*__xdm_thepamhp)(void) = NULL;
extern Display *dpy;
static int done, code;
-#ifndef USE_PAM
+#ifndef HAVE_PAM_OPEN_SESSION
static char name[NAME_LEN], password[PASSWORD_LEN];
#endif
static Widget toplevel;
@@ -154,7 +154,7 @@ static Widget login;
static XtAppContext context;
static XtIntervalId pingTimeout;
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
static int pamconv(int num_msg,
# ifndef sun
const
@@ -200,7 +200,7 @@ GreetDone (
data->name, strlen (data->passwd));
switch (status) {
case NOTIFY_OK:
-#ifndef USE_PAM
+#ifndef HAVE_PAM_OPEN_SESSION
strncpy (name, data->name, sizeof(name));
name[sizeof(name)-1] = '\0';
strncpy (password, data->passwd, sizeof(password));
@@ -225,7 +225,7 @@ GreetDone (
done = 1;
break;
}
-#ifndef USE_PAM
+#ifndef HAVE_PAM_OPEN_SESSION
if (done) {
bzero (data->name, NAME_LEN);
bzero (data->passwd, PASSWORD_LEN);
@@ -375,7 +375,7 @@ Greet (struct display *d, struct greet_info *greet)
Debug ("Done dispatch %s\n", d->name);
if (code == 0)
{
-#ifndef USE_PAM
+#ifndef HAVE_PAM_OPEN_SESSION
char *ptr;
unsigned int c,state = WHITESPACE;
@@ -394,7 +394,7 @@ Greet (struct display *d, struct greet_info *greet)
greet->name = ptr;
greet->password = password;
-#endif /* USE_PAM */
+#endif /* HAVE_PAM_OPEN_SESSION */
XtSetArg (arglist[0], XtNsessionArgument, (char *) &(greet->string));
XtSetArg (arglist[1], XtNallowNullPasswd, (char *) &(greet->allow_null_passwd));
XtSetArg (arglist[2], XtNallowRootLogin, (char *) &(greet->allow_root_login));
@@ -419,7 +419,7 @@ FailedLogin (struct display *d, struct greet_info *greet)
d->name, username);
#endif
DrawFail (login);
-#ifndef USE_PAM
+#ifndef HAVE_PAM_OPEN_SESSION
bzero (greet->name, strlen(greet->name));
bzero (greet->password, strlen(greet->password));
#endif
@@ -471,7 +471,7 @@ greet_user_rtn GreetUser(
__xdm_endpwent = dlfuncs->_endpwent;
# endif
__xdm_crypt = dlfuncs->_crypt;
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
__xdm_thepamhp = dlfuncs->_thepamhp;
# endif
@@ -488,7 +488,7 @@ greet_user_rtn GreetUser(
}
for (;;) {
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
/* Run PAM conversation */
pam_handle_t **pamhp = thepamhp();
@@ -674,7 +674,7 @@ greet_user_rtn GreetUser(
}
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
static int pamconv(int num_msg,
# ifndef sun
const
diff --git a/greeter/verify.c b/greeter/verify.c
index dee035a..6fb9e86 100644
--- a/greeter/verify.c
+++ b/greeter/verify.c
@@ -40,7 +40,7 @@ from The Open Group.
#include <pwd.h>
-#if defined(USE_PAM)
+#if defined(HAVE_PAM_OPEN_SESSION)
# include <security/pam_appl.h>
# include <stdlib.h>
#elif defined(HAVE_GETSPNAM)
@@ -325,7 +325,7 @@ int
Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
{
struct passwd *p;
-# ifndef USE_PAM
+# ifndef HAVE_PAM_OPEN_SESSION
# ifdef HAVE_GETSPNAM
struct spwd *sp;
# endif
@@ -401,7 +401,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
}
# endif
-# ifndef USE_PAM /* PAM authentication happened in GreetUser already */
+# ifndef HAVE_PAM_OPEN_SESSION /* PAM authentication happened in GreetUser already */
# ifdef linux
if (!strcmp(p->pw_passwd, "!") || !strcmp(p->pw_passwd, "*")) {
Debug ("The account is locked, no login allowed.\n");
@@ -527,7 +527,7 @@ done:
# endif /* __OpenBSD__ */
bzero(user_pass, strlen(user_pass)); /* in case shadow password */
-# endif /* USE_PAM */
+# endif /* HAVE_PAM_OPEN_SESSION */
#endif /* USE_BSDAUTH */
Debug ("verify succeeded\n");
diff --git a/session.c b/session.c
index bdafd0b..b368b68 100644
--- a/session.c
+++ b/session.c
@@ -54,7 +54,7 @@ from The Open Group.
# include <usersec.h>
#endif
-#ifndef USE_PAM /* PAM modules should handle these */
+#ifndef HAVE_PAM_OPEN_SESSION /* PAM modules should handle these */
# ifdef SECURE_RPC
# include <rpc/rpc.h>
# include <rpc/key_prot.h>
@@ -65,7 +65,7 @@ extern int key_setnet(struct key_netstarg *arg);
# ifdef K5AUTH
# include <krb5/krb5.h>
# endif
-#endif /* USE_PAM */
+#endif /* HAVE_PAM_OPEN_SESSION */
#ifdef __SCO__
# include <prot.h>
@@ -148,7 +148,7 @@ extern void endpwent(void);
extern char *crypt(CRYPT_ARGS);
#endif
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
pam_handle_t **
thepamhp(void)
{
@@ -203,7 +203,7 @@ static struct dlfuncs dlfuncs = {
endpwent,
#endif
crypt,
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
thepamhp,
#endif
};
@@ -507,7 +507,7 @@ UnsecureDisplay (struct display *d, Display *dpy)
void
SessionExit (struct display *d, int status, int removeAuth)
{
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
pam_handle_t *pamh = thepamh();
if (pamh) {
@@ -533,7 +533,7 @@ SessionExit (struct display *d, int status, int removeAuth)
exit(status);
}
RemoveUserAuthorization (d, &verify);
-#if defined(K5AUTH) && !defined(USE_PAM) /* PAM modules should handle this */
+#if defined(K5AUTH) && !defined(HAVE_PAM_OPEN_SESSION) /* PAM modules should handle this */
/* do like "kdestroy" program */
{
krb5_error_code code;
@@ -576,7 +576,7 @@ StartClient (
#ifdef HAVE_SETUSERCONTEXT
struct passwd* pwd;
#endif
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
pam_handle_t *pamh = thepamh ();
int pam_error;
#endif
@@ -597,7 +597,7 @@ StartClient (
Debug ("%s ", *f);
Debug ("\n");
}
-#ifdef USE_PAM
+#ifdef HAVE_PAM_OPEN_SESSION
if (pamh) pam_open_session(pamh, 0);
#endif
switch (pid = fork ()) {
@@ -663,7 +663,7 @@ StartClient (
# endif /* QNX4 doesn't support multi-groups, no initgroups() */
# endif /* !HAVE_SETUSERCONTEXT */
-# ifdef USE_PAM
+# ifdef HAVE_PAM_OPEN_SESSION
if (pamh) {
long i;
char **pam_env;
@@ -721,7 +721,7 @@ StartClient (
}
#endif /* AIXV3 */
-#ifndef USE_PAM /* PAM modules should handle these */
+#ifndef HAVE_PAM_OPEN_SESSION /* PAM modules should handle these */
/*
* for user-based authorization schemes,
* use the password to get the user's credentials.
@@ -808,7 +808,7 @@ StartClient (
}
}
# endif /* K5AUTH */
-#endif /* !USE_PAM */
+#endif /* !HAVE_PAM_OPEN_SESSION */
if (d->windowPath)
verify->userEnviron = setEnv(verify->userEnviron, "WINDOWPATH", d->windowPath);
--
1.6.0.4
More information about the xorg-devel
mailing list