IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

util: Fix client-only build

Browse Source 
Commit 26b9a69784 did not fully fix the
client-only build as util/ipa_pwd.c unconditionally includes
pwquality.h.

Make sure we define USE_PWQUALITY in the full server configuration and
if that one is defined, include libpwquality use.

Fixes: https://pagure.io/freeipa/issue/8587
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Alexander Bokovoy
2020-11-18 12:35:38 +02:00
committed by Rob Crittenden
parent 4941d3d4b1
commit 244704cc15
3 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
configure.ac
View File

@@ -117,7 +117,9 @@ dnl ---------------------------------------------------------------------------
dnl - Check for pwquality library
dnl ---------------------------------------------------------------------------
AM_COND_IF([ENABLE_SERVER], [
PKG_CHECK_MODULES([PWQUALITY], [pwquality])
PKG_CHECK_MODULES([PWQUALITY], [pwquality],
[AC_DEFINE(USE_PWQUALITY,1,[Use password quality checks])]
)
])
dnl ---------------------------------------------------------------------------

10
util/Makefile.am
View File

@@ -21,7 +21,11 @@ libutil_la_SOURCES = \
libutil_la_LIBADD = $(CRYPTO_LIBS) $(KRB5_LIBS) $(LDAP_LIBS) $(PWQUALITY_LIBS)
check_PROGRAMS = t_pwd t_policy
TESTS = $(check_PROGRAMS)
check_PROGRAMS = t_pwd
t_pwd_LDADD = libutil.la
t_policy_LDADD = libutil.la
if ENABLE_SERVER
check_PROGRAMS += t_policy
t_policy_LDADD = libutil.la
endif
TESTS = $(check_PROGRAMS)

9
util/ipa_pwd.c
View File

@@ -23,6 +23,7 @@
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
#endif
#include "config.h"
#include <stdio.h>
#include <string.h>
#include <time.h>
@@ -31,7 +32,9 @@
#include <syslog.h>
#include <unistd.h>
#include <errno.h>
#if defined(USE_PWQUALITY)
#include <pwquality.h>
#endif
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
@@ -417,11 +420,13 @@ int ipapwd_check_policy(struct ipapwd_policy *policy,
{
int pwdlen, blen;
int ret;
#if defined(USE_PWQUALITY)
pwquality_settings_t *pwq;
int check_pwquality = 0;
int entropy;
int entropy = 0;
char buf[PWQ_MAX_ERROR_MESSAGE_LEN];
void *auxerror;
#endif
if (!policy || !password) {
return IPAPWD_POLICY_ERROR;
@@ -534,6 +539,7 @@ int ipapwd_check_policy(struct ipapwd_policy *policy,
}
}
#if defined(USE_PWQUALITY)
/* Only call into libpwquality if at least one setting is made
* because there are a number of checks that don't have knobs
* so preserve the previous behavior.
@@ -601,6 +607,7 @@ int ipapwd_check_policy(struct ipapwd_policy *policy,
#endif
}
}
#endif /* USE_PWQUALITY */
if (pwd_history) {
char *hash;