From 0444732823cd55caa8631a52f7474192235d6f02 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Jan=20R=C4=99korajski?= <baggins@pld-linux.org>
Date: Sun, 3 Oct 2010 18:33:01 +0000
Subject: [PATCH] - replaced by much cleaner and universal
 nfs-utils-heimdal.patch

Changed files:
    nfs-utils-heimdal_functions.patch -> 1.9
    nfs-utils-kerberos-ac.patch -> 1.5
    nfs-utils-no_libgssapi.patch -> 1.8
    nfs-utils-pkgconfig_ac.patch -> 1.7
---
 nfs-utils-heimdal_functions.patch |  69 ---------------
 nfs-utils-kerberos-ac.patch       | 138 ------------------------------
 nfs-utils-no_libgssapi.patch      |  64 --------------
 nfs-utils-pkgconfig_ac.patch      |  11 ---
 4 files changed, 282 deletions(-)
 delete mode 100644 nfs-utils-heimdal_functions.patch
 delete mode 100644 nfs-utils-kerberos-ac.patch
 delete mode 100644 nfs-utils-no_libgssapi.patch
 delete mode 100644 nfs-utils-pkgconfig_ac.patch

diff --git a/nfs-utils-heimdal_functions.patch b/nfs-utils-heimdal_functions.patch
deleted file mode 100644
index 595c358..0000000
--- a/nfs-utils-heimdal_functions.patch
+++ /dev/null
@@ -1,69 +0,0 @@
---- utils/gssd/krb5_util.c	2008-10-17 14:20:09.000000000 +0000
-+++ utils/gssd/krb5_util.c	2008-11-22 13:52:42.000000000 +0000
-@@ -115,9 +115,7 @@
- #include <errno.h>
- #include <time.h>
- #include <gssapi/gssapi.h>
--#ifdef USE_PRIVATE_KRB5_FUNCTIONS
- #include <gssapi/gssapi_krb5.h>
--#endif
- #include <krb5.h>
- #include <rpc/auth_gss.h>
- 
-@@ -927,9 +927,37 @@ 
- {
- 	krb5_error_code ret;
- 	krb5_creds creds;
--	krb5_cc_cursor cur;
- 	int found = 0;
- 
-+#ifdef HAVE_HEIMDAL
-+	krb5_creds pattern;
-+	krb5_const_realm client_realm;
-+
-+	krb5_cc_clear_mcred(&pattern);
-+
-+	client_realm = krb5_principal_get_realm (context, principal);
-+
-+	ret = krb5_make_principal (context, &pattern.server,
-+				   client_realm, KRB5_TGS_NAME, client_realm,
-+				   NULL);
-+	if (ret)
-+	  krb5_err (context, 1, ret, "krb5_make_principal");
-+	pattern.client = principal;
-+
-+	ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds);
-+	krb5_free_principal (context, pattern.server);
-+	if (ret) {
-+	  if (ret == KRB5_CC_END)
-+            return 1;
-+	  krb5_err (context, 1, ret, "krb5_cc_retrieve_cred");
-+	}
-+
-+	found = creds.times.endtime > time(NULL);
-+
-+	krb5_free_cred_contents (context, &creds);
-+#else
-+	krb5_cc_cursor cur;
-+
- 	ret = krb5_cc_start_seq_get(context, ccache, &cur);
- 	if (ret) 
- 		return 0;
-@@ -949,6 +977,7 @@ 
- 		krb5_free_cred_contents(context, &creds);
- 	}
- 	krb5_cc_end_seq_get(context, ccache, &cur);
-+#endif
- 
- 	return found;
- }
-@@ -995,6 +1024,9 @@ 
- 	}
- 	krb5_free_principal(context, principal);
- err_princ:
-+#ifdef HAVE_HEIMDAL
-+#define KRB5_TC_OPENCLOSE              0x00000001
-+#endif
- 	krb5_cc_set_flags(context, ccache,  KRB5_TC_OPENCLOSE);
- 	krb5_cc_close(context, ccache);
- err_cache:
diff --git a/nfs-utils-kerberos-ac.patch b/nfs-utils-kerberos-ac.patch
deleted file mode 100644
index 3e5109f..0000000
--- a/nfs-utils-kerberos-ac.patch
+++ /dev/null
@@ -1,138 +0,0 @@
-diff -NaurwB nfs-utils-1.1.2.orig/aclocal/kerberos5.m4 nfs-utils-1.1.2/aclocal/kerberos5.m4
---- nfs-utils-1.1.2.orig/aclocal/kerberos5.m4	2008-03-14 16:46:29.000000000 +0100
-+++ nfs-utils-1.1.2/aclocal/kerberos5.m4	2008-06-12 17:13:51.000000000 +0200
-@@ -1,112 +1,48 @@
--dnl Checks for Kerberos
--dnl NOTE: while we intend to do generic gss-api, currently we
--dnl have a requirement to get an initial Kerberos machine
--dnl credential.  Thus, the requirement for Kerberos.
--dnl The Kerberos gssapi library will be dynamically loaded?
- AC_DEFUN([AC_KERBEROS_V5],[
-+  K5CONFIG="krb5-config"
-   AC_MSG_CHECKING(for Kerberos v5)
--  AC_ARG_WITH(krb5,
--  [AC_HELP_STRING([--with-krb5=DIR], [use Kerberos v5 installation in DIR])],
-+  AC_ARG_WITH(krb5-config,
-+  [AC_HELP_STRING([--with-krb5-config=PATH], [Full Path to krb5-config.])],
-   [ case "$withval" in
-     yes|no)
--       krb5_with=""
-+       K5CONFIG="krb5-config"
-        ;;
-     *)
--       krb5_with="$withval"
-+       K5CONFIG="$withval"
-        ;;
-     esac ]
-   )
- 
--  for dir in $krb5_with /usr /usr/kerberos /usr/local /usr/local/krb5 \
--  	     /usr/krb5 /usr/heimdal /usr/local/heimdal /usr/athena ; do
--    dnl This ugly hack brought on by the split installation of
--    dnl MIT Kerberos on Fedora Core 1
--    K5CONFIG=""
--    if test -f $dir/bin/krb5-config; then
--      K5CONFIG=$dir/bin/krb5-config
--    elif test -f "/usr/kerberos/bin/krb5-config"; then
--      K5CONFIG="/usr/kerberos/bin/krb5-config"
--    elif test -f "/usr/lib/mit/bin/krb5-config"; then
--      K5CONFIG="/usr/lib/mit/bin/krb5-config"
--    fi
-     if test "$K5CONFIG" != ""; then
-       KRBCFLAGS=`$K5CONFIG --cflags`
-       KRBLIBS=`$K5CONFIG --libs gssapi`
--      K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'`
--      AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
--      if test -f $dir/include/gssapi/gssapi_krb5.h -a \
--                \( -f $dir/lib/libgssapi_krb5.a -o \
--                   -f $dir/lib64/libgssapi_krb5.a -o \
--                   -f $dir/lib64/libgssapi_krb5.so -o \
--                   -f $dir/lib/libgssapi_krb5.so \) ; then
-+    if $K5CONFIG --version | grep -q -e heimdal; then
-+      K5VERS=`$K5CONFIG --version | head -n 1 | cut -f2 -d ' ' | tr -d '.'`
-+      AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries])
-+      gssapi_lib=gssapi
-+      KRBIMPL="heimdal"
-+    elif $K5CONFIG --vendor | grep -q -e Massachusetts; then
-+      K5VERS=`$K5CONFIG --version | head -n 1 | cut -f4 -d ' ' | tr -d '.'`
-          AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries])
--         KRBDIR="$dir"
--  dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the
--  dnl private function (gss_krb5_ccache_name) to get correct
--  dnl behavior of changing the ccache used by gssapi.
--  dnl Starting in 1.3.2, we *DO NOT* want to use
--  dnl gss_krb5_ccache_name, instead we want to set KRB5CCNAME
--  dnl to get gssapi to use a different ccache
-          if test $K5VERS -le 131; then
-            AC_DEFINE(USE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the private function, gss_krb5_cache_name, must be used to tell the Kerberos library which credentials cache to use. Otherwise, this is done by setting the KRB5CCNAME environment variable])
-          fi
-          gssapi_lib=gssapi_krb5
--         break
--      dnl The following ugly hack brought on by the split installation
--      dnl of Heimdal Kerberos on SuSe
--      elif test \( -f $dir/include/heim_err.h -o\
--      		 -f $dir/include/heimdal/heim_err.h \) -a \
--                -f $dir/lib/libroken.a; then
--         AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries])
--         KRBDIR="$dir"
--         gssapi_lib=gssapi
--        break
--      fi
--    fi
--  done
--  dnl We didn't find a usable Kerberos environment
--  if test "x$KRBDIR" = "x"; then
--    if test "x$krb5_with" = "x"; then
--      AC_MSG_ERROR(Kerberos v5 with GSS support not found: consider --disable-gss or --with-krb5=)
-+      KRBIMPL="mit-krb5"
-     else
--      AC_MSG_ERROR(Kerberos v5 with GSS support not found at $krb5_with)
--    fi
-+      AC_MSG_ERROR(Unknown Kerberos 5 Implementation. Is neither heimdal or mit-krb5.)
-+      KRBIMPL="unknown"
-   fi
--  AC_MSG_RESULT($KRBDIR)
--
--  dnl Check if -rpath=$(KRBDIR)/lib is needed
--  echo "The current KRBDIR is $KRBDIR"
--  if test "$KRBDIR/lib" = "/lib" -o "$KRBDIR/lib" = "/usr/lib" \
--       -o "$KRBDIR/lib" = "//lib" -o "$KRBDIR/lib" = "/usr//lib" ; then
--    KRBLDFLAGS="";
--  elif /sbin/ldconfig -p | grep > /dev/null "=> $KRBDIR/lib/"; then
--    KRBLDFLAGS="";
--  else
--    KRBLDFLAGS="-Wl,-rpath=$KRBDIR/lib"
-+    AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
-   fi
-+  AC_MSG_RESULT($KRBIMPL)
- 
--  dnl Now check for functions within gssapi library
--  AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context,
--    AC_DEFINE(HAVE_LUCID_CONTEXT_SUPPORT, 1, [Define this if the Kerberos GSS library supports gss_krb5_export_lucid_sec_context]), ,$KRBLIBS)
--  AC_CHECK_LIB($gssapi_lib, gss_krb5_set_allowable_enctypes,
--    AC_DEFINE(HAVE_SET_ALLOWABLE_ENCTYPES, 1, [Define this if the Kerberos GSS library supports gss_krb5_set_allowable_enctypes]), ,$KRBLIBS)
--  AC_CHECK_LIB($gssapi_lib, gss_krb5_ccache_name,
--    AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the Kerberos GSS library supports gss_krb5_ccache_name]), ,$KRBLIBS)
--
--  dnl Check for newer error message facility
--  AC_CHECK_LIB($gssapi_lib, krb5_get_error_message,
--    AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE, 1, [Define this if the function krb5_get_error_message is available]), ,$KRBLIBS)
-+  AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context, AC_DEFINE(HAVE_LUCID_CONTEXT_SUPPORT, 1, [Define this if the Kerberos GSS library supports gss_krb5_export_lucid_sec_context]), ,$KRBLIBS)
-+  AC_CHECK_LIB($gssapi_lib, gss_krb5_set_allowable_enctypes, AC_DEFINE(HAVE_SET_ALLOWABLE_ENCTYPES, 1, [Define this if the Kerberos GSS library supports gss_krb5_set_allowable_enctypes]), ,$KRBLIBS)
-+  AC_CHECK_LIB($gssapi_lib, gss_krb5_ccache_name, AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the Kerberos GSS library supports gss_krb5_ccache_name]), ,$KRBLIBS)
-+  AC_CHECK_LIB($gssapi_lib, krb5_get_error_message, AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE, 1, [Define this if the function krb5_get_error_message is available]), ,$KRBLIBS)
-+  AC_CHECK_LIB($gssapi_lib, krb5_get_init_creds_opt_set_addressless, AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS, 1, [Define this if the function krb5_get_init_creds_opt_set_addressless is available]), ,$KRBLIBS)
- 
--  dnl Check for function to specify addressless tickets
--  AC_CHECK_LIB($gssapi_lib, krb5_get_init_creds_opt_set_addressless,
--    AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS, 1, [Define this if the function krb5_get_init_creds_opt_set_addressless is available]), ,$KRBLIBS)
--
--  dnl If they specified a directory and it didn't work, give them a warning
--  if test "x$krb5_with" != "x" -a "$krb5_with" != "$KRBDIR"; then
--    AC_MSG_WARN(Using $KRBDIR instead of requested value of $krb5_with for Kerberos!)
--  fi
--
--  AC_SUBST([KRBDIR])
-   AC_SUBST([KRBLIBS])
-   AC_SUBST([KRBCFLAGS])
-   AC_SUBST([KRBLDFLAGS])
diff --git a/nfs-utils-no_libgssapi.patch b/nfs-utils-no_libgssapi.patch
deleted file mode 100644
index 68a2b0e..0000000
--- a/nfs-utils-no_libgssapi.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-Index: nfs-utils-1.1.0/utils/gssd/context_lucid.c
-===================================================================
---- nfs-utils-1.1.0.orig/utils/gssd/context_lucid.c
-+++ nfs-utils-1.1.0/utils/gssd/context_lucid.c
-@@ -48,8 +48,10 @@
- #include "context.h"
- 
- #ifndef OM_uint64
-+#ifndef GSSAPI_GSSAPI_H_
- typedef uint64_t OM_uint64;
- #endif
-+#endif
- 
- static int
- write_lucid_keyblock(char **p, char *end, gss_krb5_lucid_key_t *key)
-@@ -171,10 +173,10 @@ serialize_krb5_ctx(gss_ctx_id_t ctx, gss
- 	int retcode = 0;
- 
- 	printerr(2, "DEBUG: %s: lucid version!\n", __FUNCTION__);
--	maj_stat = gss_export_lucid_sec_context(&min_stat, &ctx,
-+	maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, &ctx,
- 						1, &return_ctx);
- 	if (maj_stat != GSS_S_COMPLETE) {
--		pgsserr("gss_export_lucid_sec_context",
-+		pgsserr("gss_krb5_export_lucid_sec_context",
- 			maj_stat, min_stat, &krb5oid);
- 		goto out_err;
- 	}
-@@ -198,9 +200,9 @@ serialize_krb5_ctx(gss_ctx_id_t ctx, gss
- 	else
- 		retcode = prepare_krb5_rfc_cfx_buffer(lctx, buf);
- 
--	maj_stat = gss_free_lucid_sec_context(&min_stat, ctx, return_ctx);
-+	maj_stat = gss_krb5_free_lucid_sec_context(&min_stat, return_ctx);
- 	if (maj_stat != GSS_S_COMPLETE) {
--		pgsserr("gss_export_lucid_sec_context",
-+		pgsserr("gss_krb5_free_lucid_sec_context",
- 			maj_stat, min_stat, &krb5oid);
- 		printerr(0, "WARN: failed to free lucid sec context\n");
- 	}
-Index: nfs-utils-1.1.0/utils/gssd/krb5_util.c
-===================================================================
---- nfs-utils-1.1.0.orig/utils/gssd/krb5_util.c
-+++ nfs-utils-1.1.0/utils/gssd/krb5_util.c
-@@ -1317,13 +1317,13 @@ limit_krb5_enctypes(struct rpc_gss_sec *
- 	 * list of supported enctypes, use local default here.
- 	 */
- 	if (krb5_enctypes == NULL)
--		maj_stat = gss_set_allowable_enctypes(&min_stat, credh,
--					&krb5oid, num_enctypes, enctypes);
-+		maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh,
-+					num_enctypes, enctypes);
- 	else
--		maj_stat = gss_set_allowable_enctypes(&min_stat, credh,
--					&krb5oid, num_krb5_enctypes, krb5_enctypes);
-+		maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh,
-+					num_krb5_enctypes, krb5_enctypes);
- 
- 	if (maj_stat != GSS_S_COMPLETE) {
--		pgsserr("gss_set_allowable_enctypes",
-+		pgsserr("gss_krb5_set_allowable_enctypes",
- 			maj_stat, min_stat, &krb5oid);
- 		gss_release_cred(&min_stat, &credh);
- 		return -1;
diff --git a/nfs-utils-pkgconfig_ac.patch b/nfs-utils-pkgconfig_ac.patch
deleted file mode 100644
index cfc0538..0000000
--- a/nfs-utils-pkgconfig_ac.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -ur nfs-utils-1.2.0/aclocal/rpcsec_vers.m4 nfs-utils-1.2.0-pkg/aclocal/rpcsec_vers.m4
---- nfs-utils-1.2.0/aclocal/rpcsec_vers.m4	2009-06-02 16:43:05.000000000 +0200
-+++ nfs-utils-1.2.0-pkg/aclocal/rpcsec_vers.m4	2009-06-30 15:48:36.603210573 +0200
-@@ -1,7 +1,6 @@
- dnl Checks librpcsec version
- AC_DEFUN([AC_RPCSEC_VERSION], [
- 
--  PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.1])
- 
-   dnl TI-RPC replaces librpcsecgss
-   if test "$enable_tirpc" = no; then
-- 
2.44.0