]>
Commit | Line | Data |
---|---|---|
7aa240b7 JR |
1 | --- nfs-utils-1.2.3.dist/aclocal/kerberos5.m4~ 2010-09-28 14:24:16.000000000 +0200 |
2 | +++ nfs-utils-1.2.3.dist/aclocal/kerberos5.m4 2010-10-03 14:13:17.274424855 +0200 | |
7aa240b7 JR |
3 | @@ -56,7 +56,11 @@ |
4 | dnl of Heimdal Kerberos on SuSe | |
5 | elif test \( -f $dir/include/heim_err.h -o\ | |
6 | -f $dir/include/heimdal/heim_err.h \) -a \ | |
7 | - -f $dir/lib/libroken.a; then | |
8 | + \( -f $dir/lib/libroken.a -o \ | |
9 | + -f $dir/lib64/libroken.a -o \ | |
10 | + -f $dir/lib64/libroken.so -o \ | |
11 | + -f $dir/lib/libroken.so \) ; then | |
12 | + K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(2),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` | |
13 | AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries]) | |
14 | KRBDIR="$dir" | |
15 | gssapi_lib=gssapi | |
21904062 JB |
16 | --- nfs-utils-2.5.1/utils/gssd/krb5_util.c.orig 2020-06-18 19:10:06.000000000 +0200 |
17 | +++ nfs-utils-2.5.1/utils/gssd/krb5_util.c 2020-08-22 18:47:27.393014417 +0200 | |
18 | @@ -484,7 +484,7 @@ | |
19 | if (ccache) | |
20 | krb5_cc_close(context, ccache); | |
21 | krb5_free_cred_contents(context, &my_creds); | |
22 | - krb5_free_string(context, k5err); | |
23 | + free(k5err); | |
24 | return (code); | |
25 | } | |
26 | ||
27 | @@ -723,7 +723,7 @@ | |
28 | "we failed to unparse principal name: %s\n", | |
29 | k5err); | |
30 | k5_free_kt_entry(context, kte); | |
31 | - krb5_free_string(context, k5err); | |
32 | + free(k5err); | |
33 | k5err = NULL; | |
34 | continue; | |
35 | } | |
36 | @@ -770,7 +770,7 @@ | |
37 | if (retval < 0) | |
38 | retval = 0; | |
39 | out: | |
40 | - krb5_free_string(context, k5err); | |
41 | + free(k5err); | |
42 | return retval; | |
43 | } | |
44 | ||
45 | @@ -836,7 +836,11 @@ | |
46 | myhostad[i+1] = 0; | |
47 | } | |
48 | if (adhostoverride) | |
49 | +#ifdef HAVE_HEIMDAL | |
50 | + free(adhostoverride); | |
51 | +#else | |
52 | krb5_free_string(context, adhostoverride); | |
53 | +#endif | |
54 | ||
55 | if (!srchost) { | |
56 | retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname)); | |
57 | @@ -927,7 +931,7 @@ | |
58 | k5err = gssd_k5_err_msg(context, code); | |
59 | printerr(1, "%s while building principal for '%s'\n", | |
60 | k5err, spn); | |
61 | - krb5_free_string(context, k5err); | |
62 | + free(k5err); | |
63 | k5err = NULL; | |
64 | continue; | |
65 | } | |
66 | @@ -937,7 +941,7 @@ | |
67 | k5err = gssd_k5_err_msg(context, code); | |
68 | printerr(3, "%s while getting keytab entry for '%s'\n", | |
69 | k5err, spn); | |
70 | - krb5_free_string(context, k5err); | |
71 | + free(k5err); | |
72 | k5err = NULL; | |
73 | /* | |
74 | * We tried the active directory machine account | |
75 | @@ -986,7 +990,7 @@ | |
76 | k5_free_default_realm(context, default_realm); | |
77 | if (realmnames) | |
78 | krb5_free_host_realm(context, realmnames); | |
79 | - krb5_free_string(context, k5err); | |
80 | + free(k5err); | |
81 | return retval; | |
82 | } | |
83 | ||
84 | @@ -1003,9 +1007,37 @@ | |
7aa240b7 JR |
85 | { |
86 | krb5_error_code ret; | |
87 | krb5_creds creds; | |
88 | - krb5_cc_cursor cur; | |
89 | int found = 0; | |
90 | ||
91 | +#ifdef HAVE_HEIMDAL | |
92 | + krb5_creds pattern; | |
93 | + krb5_const_realm client_realm; | |
94 | + | |
95 | + krb5_cc_clear_mcred(&pattern); | |
96 | + | |
97 | + client_realm = krb5_principal_get_realm (context, principal); | |
98 | + | |
99 | + ret = krb5_make_principal (context, &pattern.server, | |
100 | + client_realm, KRB5_TGS_NAME, client_realm, | |
101 | + NULL); | |
102 | + if (ret) | |
103 | + krb5_err (context, 1, ret, "krb5_make_principal"); | |
104 | + pattern.client = principal; | |
105 | + | |
106 | + ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds); | |
107 | + krb5_free_principal (context, pattern.server); | |
108 | + if (ret) { | |
109 | + if (ret == KRB5_CC_END) | |
110 | + return 1; | |
111 | + krb5_err (context, 1, ret, "krb5_cc_retrieve_cred"); | |
112 | + } | |
113 | + | |
114 | + found = creds.times.endtime > time(NULL); | |
115 | + | |
116 | + krb5_free_cred_contents (context, &creds); | |
117 | +#else | |
118 | + krb5_cc_cursor cur; | |
119 | + | |
120 | ret = krb5_cc_start_seq_get(context, ccache, &cur); | |
121 | if (ret) | |
122 | return 0; | |
21904062 | 123 | @@ -1025,6 +1057,7 @@ |
7aa240b7 JR |
124 | krb5_free_cred_contents(context, &creds); |
125 | } | |
126 | krb5_cc_end_seq_get(context, ccache, &cur); | |
127 | +#endif | |
128 | ||
129 | return found; | |
130 | } | |
21904062 | 131 | @@ -1071,6 +1104,9 @@ |
7aa240b7 JR |
132 | } |
133 | krb5_free_principal(context, principal); | |
134 | err_princ: | |
135 | +#ifdef HAVE_HEIMDAL | |
136 | +#define KRB5_TC_OPENCLOSE 0x00000001 | |
137 | +#endif | |
138 | krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE); | |
139 | krb5_cc_close(context, ccache); | |
140 | err_cache: | |
21904062 JB |
141 | @@ -1249,7 +1285,7 @@ |
142 | printerr(0, "WARNING: %s while resolving credential " | |
143 | "cache '%s' for destruction\n", k5err, | |
144 | ple->ccname); | |
145 | - krb5_free_string(context, k5err); | |
146 | + free(k5err); | |
147 | k5err = NULL; | |
148 | continue; | |
149 | } | |
150 | @@ -1258,13 +1294,13 @@ | |
151 | k5err = gssd_k5_err_msg(context, code); | |
152 | printerr(0, "WARNING: %s while destroying credential " | |
153 | "cache '%s'\n", k5err, ple->ccname); | |
154 | - krb5_free_string(context, k5err); | |
155 | + free(k5err); | |
156 | k5err = NULL; | |
157 | } | |
158 | } | |
159 | krb5_free_context(context); | |
160 | out: | |
161 | - krb5_free_string(context, k5err); | |
162 | + free(k5err); | |
163 | } | |
164 | ||
165 | /* | |
166 | @@ -1347,7 +1383,7 @@ | |
167 | out_free_context: | |
168 | krb5_free_context(context); | |
169 | out: | |
170 | - krb5_free_string(context, k5err); | |
171 | + free(k5err); | |
172 | return retval; | |
173 | } | |
174 | ||
175 | @@ -1369,7 +1405,7 @@ | |
c17b6001 JB |
176 | #endif |
177 | if (msg != NULL) | |
178 | return msg; | |
179 | -#if HAVE_KRB5 | |
180 | +#ifdef HAVE_KRB5 | |
181 | return strdup(error_message(code)); | |
182 | #else | |
183 | if (context != NULL) |