DES is not good for encryption anymore and some C libraries does not
even implement it. We add a --disable-authdes to optionally disable
it, but let it be enabled by default for compatibility.
This is needed for musl libc.
Signed-off-by: Natanael Copa <ncopa@xxxxxxxxxxxxxxx>
---
configure.ac | 6 ++++++
src/Makefile.am | 12 ++++++++++--
src/rpc_soc.c | 2 ++
3 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 0180801..e6d3df5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -15,6 +15,12 @@ if test x$enable_gssapi = xyes; then
AC_SUBST([GSSAPI_CFLAGS])
AC_SUBST([GSSAPI_LIBS])
fi
+
+AC_ARG_ENABLE(authdes,
+ [AC_HELP_STRING([--disable-authdes], [Disable DES authentication @<:@default=no@:>@])],
+ [],[enable_authdes=yes])
+AM_CONDITIONAL(AUTHDES, test x$enable_authdes = xyes)
+
AC_ARG_ENABLE(ipv6,
[AC_HELP_STRING([--disable-ipv6], [Disable IPv6 support @<:@default=no@:>@])],
[],[enable_ipv6=yes])
diff --git a/src/Makefile.am b/src/Makefile.am
index de57c8f..26ccbdf 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -42,6 +42,7 @@ lib_LTLIBRARIES = libtirpc.la
# misunderstanding of the purpose of library versions."
#
libtirpc_la_LDFLAGS = -lpthread -version-info 1:10:0
+libtirpc_la_CFLAGS =
libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c clnt_bcast.c \
clnt_dg.c clnt_generic.c clnt_perror.c clnt_raw.c clnt_simple.c \
@@ -51,7 +52,7 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln
rpc_callmsg.c rpc_generic.c rpc_soc.c rpcb_clnt.c rpcb_prot.c \
rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \
svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
- auth_time.c auth_des.c authdes_prot.c debug.c
+ auth_time.c debug.c
## XDR
libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c
@@ -60,9 +61,16 @@ libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_ref
if GSS
libtirpc_la_SOURCES += auth_gss.c authgss_prot.c svc_auth_gss.c
libtirpc_la_LDFLAGS += $(GSSAPI_LIBS)
- libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSAPI_CFLAGS)
+ libtirpc_la_CFLAGS += -DHAVE_RPCSEC_GSS $(GSSAPI_CFLAGS)
endif
+## DES authentication
+if AUTHDES
+ libtirpc_la_SOURCES += auth_des.c authdes_prot.c
+ libtirpc_la_CFLAGS += -DHAVE_AUTHDES
+endif
+
+
## libtirpc_a_SOURCES += key_call.c key_prot_xdr.c getpublickey.c
## libtirpc_a_SOURCES += netname.c netnamer.c rpcdname.c \
## libtirpc_a_SOURCES += rtime.c \
diff --git a/src/rpc_soc.c b/src/rpc_soc.c
index 338edbb..b12b116 100644
--- a/src/rpc_soc.c
+++ b/src/rpc_soc.c
@@ -520,6 +520,7 @@ clnt_broadcast(prog, vers, proc, xargs, argsp, xresults, resultsp, eachresult)
(resultproc_t) rpc_wrap_bcast, "udp");
}
+#if HAVE_AUTHDES
/*
* Create the client des authentication object. Obsoleted by
* authdes_seccreate().
@@ -551,6 +552,7 @@ fallback:
dummy = authdes_seccreate(servername, window, NULL, ckey);
return (dummy);
}
+#endif
/*
* Create a client handle for a unix connection. Obsoleted by clnt_vc_create()
--
2.2.0
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
