diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2011-04-24 16:32:12 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-04-27 11:47:24 -0400 |
commit | 9ea75b5ccc838b41edf157682854f9cd4b88b3e5 (patch) | |
tree | 5b2b8c357657129e57c68fe504bbe538742de736 | |
parent | 172c07013d1ea99447a780fd36f49d5c3a76981b (diff) | |
download | sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.tar.gz sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.tar.bz2 sssd-9ea75b5ccc838b41edf157682854f9cd4b88b3e5.zip |
Warn that some crypto features are implemented in NSS only
-rw-r--r-- | BUILD.txt | 7 | ||||
-rw-r--r-- | configure.ac | 2 |
2 files changed, 9 insertions, 0 deletions
@@ -33,6 +33,13 @@ ding-libs are available in Fedora 14 and later version: yum install libcollection-devel libdhash-devel libini_config-devel \ libpath_utils-devel libref_array-devel +Some features, notably password caching, require the presence of a crypto +library. The default, tested by SSSD upstream, is Mozilla NSS. An alternative +crypto library can be selected during configure time using the --with-crypto +switch. Please note that alternative crypto back ends may not provide all +features - as of this writing, password obfuscation is only supported with the +NSS back end. + How to build: ~~~~~~~~~~~~~ From the root of the source, run: diff --git a/configure.ac b/configure.ac index f8884664..d71578dd 100644 --- a/configure.ac +++ b/configure.ac @@ -181,6 +181,8 @@ if test x$cryptolib = xnss; then fi if test x$cryptolib = xlibcrypto; then AM_CHECK_LIBCRYPTO + AC_MSG_WARN([libcrypto back end does not implement all the crypto features, \ +notably password obfuscation. Using the NSS backend is recommended.]) fi AC_CHECK_HEADERS([sys/inotify.h]) |