diff --git a/003-fix-gssapi.patch b/003-fix-gssapi.patch index ec60e1e..a505d33 100644 --- a/003-fix-gssapi.patch +++ b/003-fix-gssapi.patch @@ -1,194 +1,31 @@ -diff --git a/configure.ac b/configure.ac -index 290c635..5d11a69 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -10,7 +10,7 @@ AC_ARG_ENABLE(gssapi, - AM_CONDITIONAL(GSS, test "x$enable_gssapi" = xyes) +--- src/svc_auth_gss.c ++++ src/svc_auth_gss.c 2015/05/12 08:58:54 +@@ -919,13 +919,8 @@ + auth = rqst->rq_xprt->xp_auth; + gd = SVCAUTH_PRIVATE(auth); - if test "x$enable_gssapi" = xyes; then -- AC_DEFINE([HAVE_GSSAPI], [1], [Define to 1 if GSSAPI is enabled]) -+ AC_DEFINE([TIRPC_GSSAPI], [1], [Define to 1 if GSSAPI is enabled]) - GSSAPI_CFLAGS=`krb5-config --cflags gssapi` - GSSAPI_LIBS=`krb5-config --libs gssapi` - AC_SUBST([GSSAPI_CFLAGS]) -@@ -22,7 +22,7 @@ AC_ARG_ENABLE(authdes, - [],[enable_authdes=no]) - AM_CONDITIONAL(AUTHDES, test "x$enable_authdes" = xyes) - if test "x$enable_authdes" = xyes; then -- AC_DEFINE([HAVE_AUTHDES], [1], -+ AC_DEFINE([TIRPC_AUTHDES], [1], - [Define to 1 if DES authentication is enabled]) - CFLAG_AUTHDES="-DHAVE_AUTHDES=1" - AC_SUBST([CFLAG_AUTHDES]) -diff --git a/tirpc/rpc/auth.h b/tirpc/rpc/auth.h -index f7fa16c..6cf512a 100644 ---- a/tirpc/rpc/auth.h -+++ b/tirpc/rpc/auth.h -@@ -164,7 +164,7 @@ union des_block { - }; - typedef union des_block des_block; +- if (rcred != NULL) { +- auth->raw_cred = gd->rcred; +- auth->raw_cred.service = _rpc_gss_svc_to_service(gd->sec.svc); +- (void)rpc_gss_num_to_qop(auth->raw_cred.mechanism, gd->sec.qop, +- &auth->raw_cred.qop); +- *rcred = &auth->raw_cred; +- } ++ if (rcred != NULL) ++ *rcred = &gd->rcred; --#ifdef HAVE_AUTHDES -+#ifdef TIRPC_AUTHDES - #ifdef __cplusplus - extern "C" { - #endif -@@ -172,7 +172,7 @@ extern bool_t xdr_des_block(XDR *, des_block *); - #ifdef __cplusplus - } - #endif --#endif /* HAVE_AUTHDES */ -+#endif /* TIRPC_AUTHDES */ - - /* - * Authentication info. Opaque to client. -@@ -320,7 +320,7 @@ extern AUTH *authnone_create(void); /* takes no parameters */ - } - #endif - --#ifdef HAVE_AUTHDES -+#ifdef TIRPC_AUTHDES - /* - * DES style authentication - * AUTH *authsecdes_create(servername, window, timehost, ckey) -@@ -338,7 +338,7 @@ extern AUTH *authdes_seccreate (const char *, const u_int, const char *, - #ifdef __cplusplus - } - #endif --#endif /* HAVE_AUTHDES */ -+#endif /* TIRPC_AUTHDES */ - - #ifdef __cplusplus - extern "C" { -@@ -362,9 +362,9 @@ extern int host2netname(char *, const char *, const char *); - extern int user2netname(char *, const uid_t, const char *); - extern int netname2user(char *, uid_t *, gid_t *, int *, gid_t *); - extern int netname2host(char *, char *, const int); --#ifdef HAVE_AUTHDES -+#ifdef TIRPC_AUTHDES - extern void passwd2des ( char *, char * ); --#endif /* HAVE_AUTHDES */ -+#endif /* TIRPC_AUTHDES */ - #ifdef __cplusplus - } - #endif -diff --git a/tirpc/rpc/rpc.h b/tirpc/rpc/rpc.h -index 8f37454..942959a 100644 ---- a/tirpc/rpc/rpc.h -+++ b/tirpc/rpc/rpc.h -@@ -54,15 +54,15 @@ - #include /* protocol for rpc messages */ - #include /* protocol for unix style cred */ - --#ifdef HAVE_AUTHDES -+#ifdef TIRPC_AUTHDES - /* - * Uncomment-out the next line if you are building the rpc library with - * DES Authentication (see the README file in the secure_rpc/ directory). - */ - #include /* protocol for des style cred */ --#endif /* HAVE_AUTHDES */ -+#endif /* TIRPC_AUTHDES */ - --#ifdef HAVE_GSSAPI -+#ifdef TIRPC_GSSAPI - #include /* RPCSEC_GSS */ - #endif - -diff --git a/tirpc/rpc/rpcsec_gss.h b/tirpc/rpc/rpcsec_gss.h -index 217fc0d..767988c 100644 ---- a/tirpc/rpc/rpcsec_gss.h -+++ b/tirpc/rpc/rpcsec_gss.h -@@ -50,6 +50,19 @@ typedef struct { - } *rpc_gss_principal_t; - - typedef struct { -+ u_int version; -+ char *mechanism; -+ char *qop; -+ rpc_gss_principal_t client_principal; -+ char *svc_principal; -+ rpc_gss_service_t service; -+} rpc_gss_rawcred_t; -+ -+#ifdef TIRPC_GSSAPI -+ -+#include -+ -+typedef struct { - int req_flags; - int time_req; - gss_cred_id_t my_cred; -@@ -68,15 +81,6 @@ typedef struct { - } rpc_gss_options_ret_t; - - typedef struct { -- u_int version; -- char *mechanism; -- char *qop; -- rpc_gss_principal_t client_principal; -- char *svc_principal; -- rpc_gss_service_t service; --} rpc_gss_rawcred_t; -- --typedef struct { - uid_t uid; - gid_t gid; - short gidlen; -@@ -129,4 +133,6 @@ bool_t rpc_gss_mech_to_oid(char *, rpc_gss_OID *); - bool_t rpc_gss_qop_to_num(char *, char *, u_int *); - __END_DECLS - -+#endif /* TIRPC_GSSAPI */ -+ - #endif /* !_TIRPC_RPCSEC_GSS_H */ -diff --git a/tirpc/rpc/svc_auth.h b/tirpc/rpc/svc_auth.h -index dbd8cc9..f91bf01 100644 ---- a/tirpc/rpc/svc_auth.h -+++ b/tirpc/rpc/svc_auth.h -@@ -42,9 +42,6 @@ - #define _RPC_SVC_AUTH_H - - #include -- --#ifdef HAVE_GSSAPI -- - #include - - typedef struct { -@@ -55,8 +52,6 @@ typedef struct { - u_int seq_num; - } svc_rpc_gss_parms_t; - --#endif /* HAVE_GSSAPI */ -- - /* - * Interface to server-side authentication flavors. - */ -@@ -69,10 +64,8 @@ typedef struct SVCAUTH { + if (ucred != NULL) { + _rpc_gss_fill_in_ucreds(gd); +--- tirpc/rpc/svc_auth.h ++++ tirpc/rpc/svc_auth.h 2015/05/12 08:59:06 +@@ -69,10 +69,6 @@ int (*svc_ah_destroy)(struct SVCAUTH *); } *svc_ah_ops; caddr_t svc_ah_private; -#ifdef HAVE_GSSAPI - svc_rpc_gss_parms_t svc_gss_params; - rpc_gss_rawcred_t raw_cred; +- svc_rpc_gss_parms_t svc_gss_params; +- rpc_gss_rawcred_t raw_cred; -#endif } SVCAUTH; #define SVCAUTH_WRAP(auth, xdrs, xfunc, xwhere) \ -diff --git a/tirpc/tirpc-features.h.in b/tirpc/tirpc-features.h.in -index 72e18bc..39fa64e 100644 ---- a/tirpc/tirpc-features.h.in -+++ b/tirpc/tirpc-features.h.in -@@ -2,9 +2,9 @@ - #define _TIRPC_FEATURES_H - - /* Define to 1 if DES authentication is enabled */ --#undef HAVE_AUTHDES -+#undef TIRPC_AUTHDES - - /* Define to 1 if GSSAPI is enabled */ --#undef HAVE_GSSAPI -+#undef TIRPC_GSSAPI - - #endif /* _TIRPC_FEATURES_H */ diff --git a/006-rework-features.diff b/006-rework-features.diff new file mode 100644 index 0000000..0149596 --- /dev/null +++ b/006-rework-features.diff @@ -0,0 +1,169 @@ +diff --git a/configure.ac b/configure.ac +index 290c635..5d11a69 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -10,7 +10,7 @@ AC_ARG_ENABLE(gssapi, + AM_CONDITIONAL(GSS, test "x$enable_gssapi" = xyes) + + if test "x$enable_gssapi" = xyes; then +- AC_DEFINE([HAVE_GSSAPI], [1], [Define to 1 if GSSAPI is enabled]) ++ AC_DEFINE([TIRPC_GSSAPI], [1], [Define to 1 if GSSAPI is enabled]) + GSSAPI_CFLAGS=`krb5-config --cflags gssapi` + GSSAPI_LIBS=`krb5-config --libs gssapi` + AC_SUBST([GSSAPI_CFLAGS]) +@@ -22,7 +22,7 @@ AC_ARG_ENABLE(authdes, + [],[enable_authdes=no]) + AM_CONDITIONAL(AUTHDES, test "x$enable_authdes" = xyes) + if test "x$enable_authdes" = xyes; then +- AC_DEFINE([HAVE_AUTHDES], [1], ++ AC_DEFINE([TIRPC_AUTHDES], [1], + [Define to 1 if DES authentication is enabled]) + CFLAG_AUTHDES="-DHAVE_AUTHDES=1" + AC_SUBST([CFLAG_AUTHDES]) +diff --git a/tirpc/rpc/auth.h b/tirpc/rpc/auth.h +index f7fa16c..6cf512a 100644 +--- a/tirpc/rpc/auth.h ++++ b/tirpc/rpc/auth.h +@@ -164,7 +164,7 @@ union des_block { + }; + typedef union des_block des_block; + +-#ifdef HAVE_AUTHDES ++#ifdef TIRPC_AUTHDES + #ifdef __cplusplus + extern "C" { + #endif +@@ -172,7 +172,7 @@ extern bool_t xdr_des_block(XDR *, des_block *); + #ifdef __cplusplus + } + #endif +-#endif /* HAVE_AUTHDES */ ++#endif /* TIRPC_AUTHDES */ + + /* + * Authentication info. Opaque to client. +@@ -320,7 +320,7 @@ extern AUTH *authnone_create(void); /* takes no parameters */ + } + #endif + +-#ifdef HAVE_AUTHDES ++#ifdef TIRPC_AUTHDES + /* + * DES style authentication + * AUTH *authsecdes_create(servername, window, timehost, ckey) +@@ -338,7 +338,7 @@ extern AUTH *authdes_seccreate (const char *, const u_int, const char *, + #ifdef __cplusplus + } + #endif +-#endif /* HAVE_AUTHDES */ ++#endif /* TIRPC_AUTHDES */ + + #ifdef __cplusplus + extern "C" { +@@ -362,9 +362,9 @@ extern int host2netname(char *, const char *, const char *); + extern int user2netname(char *, const uid_t, const char *); + extern int netname2user(char *, uid_t *, gid_t *, int *, gid_t *); + extern int netname2host(char *, char *, const int); +-#ifdef HAVE_AUTHDES ++#ifdef TIRPC_AUTHDES + extern void passwd2des ( char *, char * ); +-#endif /* HAVE_AUTHDES */ ++#endif /* TIRPC_AUTHDES */ + #ifdef __cplusplus + } + #endif +diff --git a/tirpc/rpc/rpc.h b/tirpc/rpc/rpc.h +index 8f37454..942959a 100644 +--- a/tirpc/rpc/rpc.h ++++ b/tirpc/rpc/rpc.h +@@ -54,15 +54,15 @@ + #include /* protocol for rpc messages */ + #include /* protocol for unix style cred */ + +-#ifdef HAVE_AUTHDES ++#ifdef TIRPC_AUTHDES + /* + * Uncomment-out the next line if you are building the rpc library with + * DES Authentication (see the README file in the secure_rpc/ directory). + */ + #include /* protocol for des style cred */ +-#endif /* HAVE_AUTHDES */ ++#endif /* TIRPC_AUTHDES */ + +-#ifdef HAVE_GSSAPI ++#ifdef TIRPC_GSSAPI + #include /* RPCSEC_GSS */ + #endif + +diff --git a/tirpc/rpc/rpcsec_gss.h b/tirpc/rpc/rpcsec_gss.h +index 217fc0d..da343ea 100644 +--- a/tirpc/rpc/rpcsec_gss.h ++++ b/tirpc/rpc/rpcsec_gss.h +@@ -35,8 +35,6 @@ + #include + #include + +-#include +- + typedef enum { + rpcsec_gss_svc_default = 0, + rpcsec_gss_svc_none = 1, +@@ -44,6 +42,11 @@ typedef enum { + rpcsec_gss_svc_privacy = 3 + } rpc_gss_service_t; + ++#include ++ ++#ifdef TIRPC_GSSAPI ++#include ++ + typedef struct { + int len; + char name[1]; +@@ -129,4 +132,6 @@ bool_t rpc_gss_mech_to_oid(char *, rpc_gss_OID *); + bool_t rpc_gss_qop_to_num(char *, char *, u_int *); + __END_DECLS + ++#endif /* TIRPC_GSSAPI */ ++ + #endif /* !_TIRPC_RPCSEC_GSS_H */ +diff --git a/tirpc/rpc/svc_auth.h b/tirpc/rpc/svc_auth.h +index dbd8cc9..0fbee5d 100644 +--- a/tirpc/rpc/svc_auth.h ++++ b/tirpc/rpc/svc_auth.h +@@ -41,10 +41,6 @@ + #ifndef _RPC_SVC_AUTH_H + #define _RPC_SVC_AUTH_H + +-#include +- +-#ifdef HAVE_GSSAPI +- + #include + + typedef struct { +@@ -55,8 +52,6 @@ typedef struct { + u_int seq_num; + } svc_rpc_gss_parms_t; + +-#endif /* HAVE_GSSAPI */ +- + /* + * Interface to server-side authentication flavors. + */ +diff --git a/tirpc/tirpc-features.h.in b/tirpc/tirpc-features.h.in +index 72e18bc..39fa64e 100644 +--- a/tirpc/tirpc-features.h.in ++++ b/tirpc/tirpc-features.h.in +@@ -2,9 +2,9 @@ + #define _TIRPC_FEATURES_H + + /* Define to 1 if DES authentication is enabled */ +-#undef HAVE_AUTHDES ++#undef TIRPC_AUTHDES + + /* Define to 1 if GSSAPI is enabled */ +-#undef HAVE_GSSAPI ++#undef TIRPC_GSSAPI + + #endif /* _TIRPC_FEATURES_H */ diff --git a/libtirpc.changes b/libtirpc.changes index a39d827..0670175 100644 --- a/libtirpc.changes +++ b/libtirpc.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Tue May 12 12:48:37 CEST 2015 - kukuk@suse.de + +- 003-fix-gssapi.patch: Correct fix for GSS ABI breakage +- 006-rework-features.diff: Rework tirpc-features.h + +------------------------------------------------------------------- +Sat May 9 01:00:12 CEST 2015 - kukuk@suse.de + +- 003-fix-gssapi.patch: Update, one chunk did go lost + ------------------------------------------------------------------- Fri May 8 10:07:42 CEST 2015 - kukuk@suse.de diff --git a/libtirpc.spec b/libtirpc.spec index 374fd03..5ac4e35 100644 --- a/libtirpc.spec +++ b/libtirpc.spec @@ -45,6 +45,7 @@ Patch2: 002-old-automake.patch Patch3: 003-fix-gssapi.patch Patch4: 004-netconfig-prefer-IPv6.patch Patch5: 005-no_IPv6_for_old_code.patch +Patch6: 006-rework-features.diff Patch25: patch6_7.diff # Patch37 is only needed on openSUSE >= 13.1, SLE >= 12 Patch37: libtirpc-new-path-rpcbindsock.patch @@ -87,9 +88,10 @@ TCP over IPv4 %patch0 -p0 %patch1 -p1 %patch2 -p1 -%patch3 -p1 +%patch3 -p0 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %patch25 -p1 %if 0%{suse_version} >= 1310 %patch37 -p1