svn rev #24494: branches/krb5-1-9/src/ plugins/preauth/securid_sam2/
tlyu@MIT.EDU
tlyu at MIT.EDU
Mon Nov 1 15:49:44 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24494
Commit By: tlyu
Log Message:
ticket: 6807
version_fixed: 1.9
status: resolved
pull up r24467 from trunk
------------------------------------------------------------------------
r24467 | hartmans | 2010-10-19 15:50:48 -0400 (Tue, 19 Oct 2010) | 8 lines
ticket: 6807
subject: SecurID build support
target_version: 1.9
tags: pullup
Integrate SecurID into the build if libaceclnt is found.
Add a README file with an example of how to build it.
Changed Files:
U branches/krb5-1-9/src/Makefile.in
U branches/krb5-1-9/src/configure.in
U branches/krb5-1-9/src/plugins/preauth/securid_sam2/Makefile.in
A branches/krb5-1-9/src/plugins/preauth/securid_sam2/README
Modified: branches/krb5-1-9/src/Makefile.in
===================================================================
--- branches/krb5-1-9/src/Makefile.in 2010-11-01 19:49:40 UTC (rev 24493)
+++ branches/krb5-1-9/src/Makefile.in 2010-11-01 19:49:44 UTC (rev 24494)
@@ -9,6 +9,7 @@
# plugins/authdata/greet
SUBDIRS=util include lib \
@ldap_plugin_dir@ \
+ @sam2_plugin@ \
plugins/kadm5_hook/test \
plugins/kdb/db2 \
plugins/preauth/pkinit \
Modified: branches/krb5-1-9/src/configure.in
===================================================================
--- branches/krb5-1-9/src/configure.in 2010-11-01 19:49:40 UTC (rev 24493)
+++ branches/krb5-1-9/src/configure.in 2010-11-01 19:49:44 UTC (rev 24494)
@@ -1085,6 +1085,16 @@
fi
AC_SUBST(ldap_plugin_dir)
AC_SUBST(LDAP)
+# This check is for plugins/preauth/securid_sam2
+sam2_plugin=""
+old_CFLAGS=$CFLAGS
+CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+AC_CHECK_LIB(aceclnt, sd_init,[
+ AC_MSG_NOTICE([Enabling RSA securID support])
+ sam2_plugin=plugins/preauth/securid_sam2
+ ])
+AC_SUBST(sam2_plugin)
+CFLAGS=$old_CFLAGS
# This checks is for plugins/locate/python, which isn't built by
# default, so it's not a big deal that it isn't very good. We should
Modified: branches/krb5-1-9/src/plugins/preauth/securid_sam2/Makefile.in
===================================================================
--- branches/krb5-1-9/src/plugins/preauth/securid_sam2/Makefile.in 2010-11-01 19:49:40 UTC (rev 24493)
+++ branches/krb5-1-9/src/plugins/preauth/securid_sam2/Makefile.in 2010-11-01 19:49:44 UTC (rev 24494)
@@ -17,8 +17,8 @@
# Depends on libk5crypto and libkrb5
SHLIB_EXPDEPS = \
$(TOPLIBD)/libk5crypto$(SHLIBEXT) \
- $(TOPLIBD)/libkrb5$(SHLIBEXT)
-SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(LIBS)
+ $(TOPLIBD)/libkrb5$(SHLIBEXT) $(KADMSRV_DEPLIBS)
+SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(KADMSRV_LIBS) $(LIBS) -laceclnt
SHLIB_DIRS=-L$(TOPLIBD)
SHLIB_RDIRS=$(KRB5_LIBDIR)
Added: branches/krb5-1-9/src/plugins/preauth/securid_sam2/README
===================================================================
--- branches/krb5-1-9/src/plugins/preauth/securid_sam2/README (rev 0)
+++ branches/krb5-1-9/src/plugins/preauth/securid_sam2/README 2010-11-01 19:49:44 UTC (rev 24494)
@@ -0,0 +1,17 @@
+SecurID Preauth Support
+
+In order to build this library you will need the RSA 's ACE Agent
+SDK. Set the LDFLAGS and CPPFLAGS environment variables to include the
+appropriate paths for your SDK before running configure. If libaceclnt
+is found then the plugin will be enabled.
+For example:
+
+../src/configure CC='gcc -m32' CFLAGS=-g --prefix=/usr/local/krb5 \
+ --disable-rpath LDFLAGS=-L/home/developer/ace/ACEAgentSDK/lib/lnx \
+ CPPFLAGS=-I/home/developer/ace/ACEAgentSDK/inc
+
+
+Once the plugin is installed, set the requires_preauth and potentially
+requires_hwauth flags for a principal. Then create principal/SECURID
+as a new principal with a random key. That principal will now require
+SecurID authentication.
More information about the cvs-krb5
mailing list