From: Pierre Ossman Date: Wed, 11 Jul 2018 13:49:46 +0000 (+0200) Subject: Make PAM mandatory X-Git-Tag: v1.10.90~40^2~5 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=d80817f101d1b3f1a9b1c5ec268f28fffa2d75f9;p=tigervnc.git Make PAM mandatory It is present on all UNIX systems anyway, so let's simplify things. We will need it for more proper session startup anyway. --- diff --git a/BUILDING.txt b/BUILDING.txt index 72aea765..4f315072 100644 --- a/BUILDING.txt +++ b/BUILDING.txt @@ -32,6 +32,7 @@ Build Requirements (Unix) -- Non-Mac platforms: * X11 development kit + * PAM -- If building Xvnc/libvnc.so: * Xorg server source code, 1.7 or never diff --git a/CMakeLists.txt b/CMakeLists.txt index f6742e7b..5776a9fb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -263,8 +263,7 @@ if(ENABLE_GNUTLS) endif() # Check for PAM library -option(ENABLE_PAM "Enable PAM authentication support" ON) -if(ENABLE_PAM) +if(UNIX AND NOT APPLE) check_include_files(security/pam_appl.h HAVE_PAM_H) set(CMAKE_REQUIRED_LIBRARIES -lpam) check_function_exists(pam_start HAVE_PAM_START) @@ -272,10 +271,9 @@ if(ENABLE_PAM) if(HAVE_PAM_H AND HAVE_PAM_START) set(PAM_LIBS pam) else() - set(ENABLE_PAM 0) + message(FATAL_ERROR "Could not find PAM development files") endif() endif() -set(HAVE_PAM ${ENABLE_PAM}) # Generate config.h and make sure the source finds it configure_file(config.h.in config.h) diff --git a/common/rfb/CMakeLists.txt b/common/rfb/CMakeLists.txt index 8e532a28..689cdccd 100644 --- a/common/rfb/CMakeLists.txt +++ b/common/rfb/CMakeLists.txt @@ -75,7 +75,7 @@ endif(WIN32) set(RFB_LIBRARIES ${JPEG_LIBRARIES} os rdr Xregion) -if(HAVE_PAM) +if(UNIX AND NOT APPLE) set(RFB_SOURCES ${RFB_SOURCES} UnixPasswordValidator.cxx UnixPasswordValidator.h pam.c pam.h) set(RFB_LIBRARIES ${RFB_LIBRARIES} ${PAM_LIBS}) diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx index 6f72432a..f577c0d6 100644 --- a/common/rfb/SSecurityPlain.cxx +++ b/common/rfb/SSecurityPlain.cxx @@ -25,10 +25,10 @@ #include #include #include -#ifdef HAVE_PAM +#if !defined(WIN32) && !defined(__APPLE__) #include #endif -#ifdef BUILD_WIN +#ifdef WIN32 #include #endif @@ -62,10 +62,10 @@ bool PasswordValidator::validUser(const char* username) SSecurityPlain::SSecurityPlain(SConnection* sc) : SSecurity(sc) { -#ifdef HAVE_PAM - valid = new UnixPasswordValidator(); -#elif BUILD_WIN +#ifdef WIN32 valid = new WinPasswdValidator(); +#elif !defined(__APPLE__) + valid = new UnixPasswordValidator(); #else valid = NULL; #endif diff --git a/common/rfb/UnixPasswordValidator.cxx b/common/rfb/UnixPasswordValidator.cxx index d0960794..ee7bc0da 100644 --- a/common/rfb/UnixPasswordValidator.cxx +++ b/common/rfb/UnixPasswordValidator.cxx @@ -25,9 +25,7 @@ #include #include #include -#ifdef HAVE_PAM #include -#endif using namespace rfb; @@ -43,10 +41,6 @@ bool UnixPasswordValidator::validateInternal(SConnection * sc, const char *username, const char *password) { -#ifdef HAVE_PAM CharArray service(strDup(pamService.getData())); return do_pam_auth(service.buf, username, password); -#else - throw AuthFailureException("PAM not supported"); -#endif } diff --git a/common/rfb/pam.c b/common/rfb/pam.c index cb067fda..f9e5ce74 100644 --- a/common/rfb/pam.c +++ b/common/rfb/pam.c @@ -22,10 +22,6 @@ #include #endif -#ifndef HAVE_PAM -#error "This source should not be compiled when PAM is unsupported" -#endif - #include #include #include diff --git a/common/rfb/pam.h b/common/rfb/pam.h index 2688f21c..d378d19c 100644 --- a/common/rfb/pam.h +++ b/common/rfb/pam.h @@ -21,14 +21,6 @@ #ifndef __RFB_PAM_H__ #define __RFB_PAM_H__ -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifndef HAVE_PAM -#error "This header should not be included when PAM is unsupported" -#endif - #ifdef __cplusplus extern "C" { #endif diff --git a/config.h.in b/config.h.in index 2d6db9c6..b6a9fdff 100644 --- a/config.h.in +++ b/config.h.in @@ -4,7 +4,6 @@ #cmakedefine HAVE_ACTIVE_DESKTOP_H #cmakedefine HAVE_ACTIVE_DESKTOP_L #cmakedefine ENABLE_NLS 1 -#cmakedefine HAVE_PAM #cmakedefine DATA_DIR "@DATA_DIR@" #cmakedefine LOCALE_DIR "@LOCALE_DIR@"