URL: https://github.com/freeipa/freeipa/pull/5275 Author: abbra Title: #5275: [Backport][ipa-4-8] util: Fix client-only build Action: opened
PR body: """ This PR was opened automatically because PR #5273 was pushed to master and backport to ipa-4-8 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5275/head:pr5275 git checkout pr5275
From c0bcfcff08f52ebb35ac45b5159e8b89f43a761f Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy <aboko...@redhat.com> Date: Wed, 18 Nov 2020 12:35:38 +0200 Subject: [PATCH] util: Fix client-only build Commit 26b9a697844c3bb66bdf83dad3a9738b3cb65361 did not fully fix the client-only build as util/ipa_pwd.c unconditionally includes pwquality.h. Make sure we define USE_PWQUALITY in the full server configuration and if that one is defined, include libpwquality use. Fixes: https://pagure.io/freeipa/issue/8587 Signed-off-by: Alexander Bokovoy <aboko...@redhat.com> --- configure.ac | 4 +++- util/Makefile.am | 10 +++++++--- util/ipa_pwd.c | 9 ++++++++- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index 490c52adc93..70923417ee7 100644 --- a/configure.ac +++ b/configure.ac @@ -109,7 +109,9 @@ dnl --------------------------------------------------------------------------- dnl - Check for pwquality library dnl --------------------------------------------------------------------------- AM_COND_IF([ENABLE_SERVER], [ - PKG_CHECK_MODULES([PWQUALITY], [pwquality]) + PKG_CHECK_MODULES([PWQUALITY], [pwquality], + [AC_DEFINE(USE_PWQUALITY,1,[Use password quality checks])] + ) ]) dnl --------------------------------------------------------------------------- diff --git a/util/Makefile.am b/util/Makefile.am index 319809ba3c5..8e7dec2eb14 100644 --- a/util/Makefile.am +++ b/util/Makefile.am @@ -15,7 +15,11 @@ libutil_la_SOURCES = ipa_krb5.c \ libutil_la_LIBADD = $(CRYPTO_LIBS) $(KRB5_LIBS) $(LDAP_LIBS) $(PWQUALITY_LIBS) -check_PROGRAMS = t_pwd t_policy -TESTS = $(check_PROGRAMS) +check_PROGRAMS = t_pwd t_pwd_LDADD = libutil.la -t_policy_LDADD = libutil.la +if ENABLE_SERVER +check_PROGRAMS += t_policy +t_policy_LDADD = libutil.la +endif + +TESTS = $(check_PROGRAMS) diff --git a/util/ipa_pwd.c b/util/ipa_pwd.c index dbff5ef1cba..8fa413c69cf 100644 --- a/util/ipa_pwd.c +++ b/util/ipa_pwd.c @@ -23,6 +23,7 @@ #ifndef _GNU_SOURCE #define _GNU_SOURCE #endif +#include "config.h" #include <stdio.h> #include <string.h> #include <time.h> @@ -31,7 +32,9 @@ #include <syslog.h> #include <unistd.h> #include <errno.h> +#if defined(USE_PWQUALITY) #include <pwquality.h> +#endif #include <openssl/evp.h> #include <openssl/rand.h> #include <openssl/sha.h> @@ -417,11 +420,13 @@ int ipapwd_check_policy(struct ipapwd_policy *policy, { int pwdlen, blen; int ret; +#if defined(USE_PWQUALITY) pwquality_settings_t *pwq; int check_pwquality = 0; - int entropy; + int entropy = 0; char buf[PWQ_MAX_ERROR_MESSAGE_LEN]; void *auxerror; +#endif if (!policy || !password) { return IPAPWD_POLICY_ERROR; @@ -534,6 +539,7 @@ int ipapwd_check_policy(struct ipapwd_policy *policy, } } +#if defined(USE_PWQUALITY) /* Only call into libpwquality if at least one setting is made * because there are a number of checks that don't have knobs * so preserve the previous behavior. @@ -601,6 +607,7 @@ int ipapwd_check_policy(struct ipapwd_policy *policy, #endif } } +#endif /* USE_PWQUALITY */ if (pwd_history) { char *hash;
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
