summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2011-04-24 16:32:12 +0200
committerStephen Gallagher <sgallagh@redhat.com>2011-04-27 11:47:24 -0400
commit9ea75b5ccc838b41edf157682854f9cd4b88b3e5 (patch)
tree5b2b8c357657129e57c68fe504bbe538742de736
parent172c07013d1ea99447a780fd36f49d5c3a76981b (diff)
downloadsssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.tar.gz
sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.tar.bz2
sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.zip
Warn that some crypto features are implemented in NSS only
-rw-r--r--BUILD.txt7
-rw-r--r--configure.ac2
2 files changed, 9 insertions, 0 deletions
diff --git a/BUILD.txt b/BUILD.txt
index 8dd36944..5e269c52 100644
--- a/BUILD.txt
+++ b/BUILD.txt
@@ -33,6 +33,13 @@ ding-libs are available in Fedora 14 and later version:
yum install libcollection-devel libdhash-devel libini_config-devel \
libpath_utils-devel libref_array-devel
+Some features, notably password caching, require the presence of a crypto
+library. The default, tested by SSSD upstream, is Mozilla NSS. An alternative
+crypto library can be selected during configure time using the --with-crypto
+switch. Please note that alternative crypto back ends may not provide all
+features - as of this writing, password obfuscation is only supported with the
+NSS back end.
+
How to build:
~~~~~~~~~~~~~
From the root of the source, run:
diff --git a/configure.ac b/configure.ac
index f8884664..d71578dd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -181,6 +181,8 @@ if test x$cryptolib = xnss; then
fi
if test x$cryptolib = xlibcrypto; then
AM_CHECK_LIBCRYPTO
+ AC_MSG_WARN([libcrypto back end does not implement all the crypto features, \
+notably password obfuscation. Using the NSS backend is recommended.])
fi
AC_CHECK_HEADERS([sys/inotify.h])