Commit b8fda33b authored by Natanael Copa's avatar Natanael Copa

main/libtirpc: upgrade to 0.2.3 and switch to MIT krb

ref #1609
parent cffeac94
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libtirpc
pkgver=0.2.2
pkgrel=3
pkgver=0.2.3
pkgrel=0
pkgdesc="Transport Independent RPC library (SunRPC replacement)"
url="http://libtirpc.sourceforge.net/"
arch="all"
license="GPL2"
depends=
makedepends="libgssglue-dev heimdal-dev autoconf automake libtool"
depends_dev="krb5-dev"
makedepends="$depends_dev autoconf automake libtool"
subpackages="$pkgname-dev $pkgname-doc"
source="http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.bz2
nis.h
gssglue.patch
libtirpc-no-des.patch
automake.patch"
depends_dev="libgssglue-dev heimdal-dev"
prepare() {
cd "$srcdir"/$pkgname-$pkgver
for i in $source; do
case $i in
*.patch)
msg "Applying $i"
patch -p1 -i "$srcdir"/$i || return 1
patch -N -p1 -i "$srcdir"/$i || return 1
;;
esac
done
......@@ -36,7 +37,8 @@ prepare() {
build() {
cd "$srcdir"/$pkgname-$pkgver
./configure --prefix=/usr \
--enable-gss
--enable-gss \
|| return 1
make || return 1
}
......@@ -46,7 +48,18 @@ package() {
rm "$pkgdir"/usr/lib/*.la || return 1
install -D -m644 doc/etc_netconfig "$pkgdir"/etc/netconfig
}
md5sums="74c41c15c2909f7d11d9c7bfa7db6273 libtirpc-0.2.2.tar.bz2
md5sums="b70e6c12a369a91e69fcc3b9feb23d61 libtirpc-0.2.3.tar.bz2
082dff1bc78bdcbac6d305c1534fe3c0 nis.h
1f1afd528c327975e40ffe77b2d9e13d libtirpc-no-des.patch
7c50e2381f103cc9b84a86fad9b8eac5 gssglue.patch
80e8f54aab0f5bed37e58ad79fe4ff2b libtirpc-no-des.patch
5cac96c765922f33de61a215aa264a7f automake.patch"
sha256sums="4f29ea0491b4ca4c29f95f3c34191b857757873bbbf4b069f9dd4da01a6a923c libtirpc-0.2.3.tar.bz2
7149d53da167168cbad9e75cbab302768f659e59e208763b1bf5df2a6ff3bfdb nis.h
02658756777563dccb3904a00e87fa562eddeab0fe15ef0c6c21893b2d8619aa gssglue.patch
5b7c8f6d19f17541902dfd1b1132f2b07e4cc0987152d4e8007243e776d4d47f libtirpc-no-des.patch
6188b7236b1f9088ad09749eed6407bd7b75fe37d1569a19977f44d15ec6a10c automake.patch"
sha512sums="dd480fcb6feda4a2bba7e5a5dc9b1f523697a39ddaa44a5742405f66d202996d99a562a31dbf6daf06e9b7ce5d82dfd1cce7b76a34466b92f84176e77498163d libtirpc-0.2.3.tar.bz2
15edac1e30cc1aa65ca495bae14c6c7455d65ca539b7e5c865c3fbd5a51c76966b37dd34e9a6483aadcaea3602aefb0b48cdb46f877dae1c65dfa6840dfd8c54 nis.h
3dd3d4a082b1b9bb82c358a5b74e6c5f23fdd522ea2875fc27a7b1035e04b14aeec30db08aa3ce5c0168df325e540799bf6f55c3a67226e05cf52de11968ad86 gssglue.patch
9a984a7741deb943f92cd8a9f23d1a0e09a01e91aa88268456ccbb7998b24f50ad431e26400def3a8ba9d6cd345e5abccf5acf9c59708ce8f0653275c2ea5d61 libtirpc-no-des.patch
dcbc55ed5551703799e6a690e65dbdbd9cc0293c0392a1a3c2d52bc9e91e8b0e18b89fa146f78fea8476c04409b766b6cdbde38a5f226d32043987ca1471634c automake.patch"
From 9151a39539145e1f62f8b30168d1cdeb19299dac Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Tue, 26 Mar 2013 11:13:05 -0400
Subject: [PATCH 1/2] Switch to use standard GSSAPI by default
Make libgssglue configurable still but disabled by default.
There is no reason to use libgssglue anymore, and modern gssapi
supports all needed features for libtirpc and its dependencies.
Signed-off-by: Steve Dickson <steved@redhat.com>
---
configure.ac | 23 +++++++++++++++++++----
src/Makefile.am | 4 ++--
2 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/configure.ac b/configure.ac
index 40dce96..4a4adba 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5,15 +5,30 @@ AC_CONFIG_SRCDIR([src/auth_des.c])
AC_CONFIG_MACRO_DIR([m4])
AC_ARG_ENABLE(gss,[ --enable-gss Turn on gss api], [case "${enableval}" in
- yes) gss=true ; AC_CHECK_LIB([gssapi],[gss_init_sec_context]) ;;
+ yes) gss=true ;;
no) gss=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-gss) ;;
esac],[gss=false])
AM_CONDITIONAL(GSS, test x$gss = xtrue)
+AC_ARG_WITH(gssglue,
+ [ --with-gssglue Use libgssglue],
+ [case "${enableval}" in
+ yes) gssglue=true ;;
+ no) gssglue=false ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --with-gssglue) ;;
+ esac],
+ [gssglue=false])
+AM_CONDITIONAL(USEGSSGLUE, test x$gssglue = xtrue)
if test x$gss = xtrue; then
- AC_DEFINE(HAVE_LIBGSSAPI, 1, [])
- PKG_CHECK_MODULES(GSSGLUE, libgssglue, [],
- AC_MSG_ERROR([Unable to locate information required to use libgssglue.]))
+ if test x$gssglue = xtrue; then
+ PKG_CHECK_MODULES(GSSAPI, libgssglue, [],
+ AC_MSG_ERROR([Unable to locate information required to use libgssglue.]))
+ else
+ GSSAPI_CFLAGS=`krb5-config --cflags gssapi`
+ GSSAPI_LIBS=`krb5-config --libs gssapi`
+ AC_SUBST([GSSAPI_CFLAGS])
+ AC_SUBST([GSSAPI_LIBS])
+ fi
fi
AC_ARG_ENABLE(ipv6,
[AC_HELP_STRING([--disable-ipv6], [Disable IPv6 support @<:@default=no@:>@])],
diff --git a/src/Makefile.am b/src/Makefile.am
index 66350f5..2dd7768 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -58,8 +58,8 @@ libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_ref
## Secure-RPC
if GSS
libtirpc_la_SOURCES += auth_gss.c authgss_prot.c svc_auth_gss.c
- libtirpc_la_LDFLAGS += $(GSSGLUE_LIBS)
- libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSGLUE_CFLAGS)
+ libtirpc_la_LDFLAGS += $(GSSAPI_LIBS)
+ libtirpc_la_CFLAGS = -DHAVE_RPCSEC_GSS $(GSSAPI_CFLAGS)
endif
## libtirpc_a_SOURCES += key_call.c key_prot_xdr.c getpublickey.c
--
1.8.1.4
From 4072a0bb8b619cab027bb3833785768681da4ed5 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 10 Apr 2013 11:38:14 -0400
Subject: [PATCH 2/2] gss: Fix private data giveaway
When the private data is given away the gss context also needs to go,
because the caller may destroy it, such as when the context is exported
into a lucid context to hand it to the kernel.
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
src/auth_gss.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/auth_gss.c b/src/auth_gss.c
index 81ae8ae..703bc3f 100644
--- a/src/auth_gss.c
+++ b/src/auth_gss.c
@@ -269,6 +269,7 @@ authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd)
* send an RPCSEC_GSS_DESTROY request which might inappropriately
* destroy the context.
*/
+ gd->ctx = GSS_C_NO_CONTEXT;
gd->gc.gc_ctx.length = 0;
gd->gc.gc_ctx.value = NULL;
@@ -284,7 +285,8 @@ authgss_free_private_data(struct authgss_private_data *pd)
if (!pd)
return (FALSE);
- pd->pd_ctx = NULL;
+ if (pd->pd_ctx != GSS_C_NO_CONTEXT)
+ gss_delete_sec_context(&min_stat, &pd->pd_ctx, NULL);
gss_release_buffer(&min_stat, &pd->pd_ctx_hndl);
memset(&pd->pd_ctx_hndl, 0, sizeof(pd->pd_ctx_hndl));
pd->pd_seq_win = 0;
--
1.8.1.4
--- libtirpc-0.2.2.orig/src/Makefile.am
+++ libtirpc-0.2.2/src/Makefile.am
@@ -40,7 +40,7 @@
# release number of your package. This is an abuse that only fosters
# misunderstanding of the purpose of library versions."
#
-libtirpc_la_LDFLAGS = -lnsl -lpthread -version-info 1:10:0
+libtirpc_la_LDFLAGS = -lpthread -version-info 1:10:0
libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c clnt_bcast.c \
clnt_dg.c clnt_generic.c clnt_perror.c clnt_raw.c clnt_simple.c \
@@ -50,7 +50,7 @@
rpc_callmsg.c rpc_generic.c rpc_soc.c rpcb_clnt.c rpcb_prot.c \
rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_generic.c \
svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
- auth_time.c auth_des.c authdes_prot.c des_crypt.c
+ auth_time.c
## XDR
libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c
--- libtirpc-0.2.2.orig/src/rpc_soc.c
+++ libtirpc-0.2.2/src/rpc_soc.c
@@ -515,6 +515,7 @@
......@@ -36,3 +16,14 @@
/*
* Create a client handle for a unix connection. Obsoleted by clnt_vc_create()
--- ./src/Makefile.am.orig 2013-04-30 13:04:37.238373230 +0000
+++ ./src/Makefile.am 2013-04-30 13:04:52.498522653 +0000
@@ -50,7 +50,7 @@
rpc_callmsg.c rpc_generic.c rpc_soc.c rpcb_clnt.c rpcb_prot.c \
rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \
svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
- auth_time.c auth_des.c authdes_prot.c
+ auth_time.c
## XDR
libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment