From 8cb101258a8239a529f6bafbbc280028d7c21afc Mon Sep 17 00:00:00 2001 From: Mario Fetka Date: Thu, 21 Nov 2013 11:12:25 +0100 Subject: [PATCH] Bump heimdal patch Package-Manager: portage-2.2.0_alpha188 RepoMan-Options: --force --- net-fs/nfs-utils/ChangeLog | 5 + net-fs/nfs-utils/Manifest | 6 +- .../files/nfs-utils-1.2.7-heimdal.patch | 180 ++++++++++++++++ .../files/nfs-utils-1.2.9-heimdal-1.patch | 197 ++++++++++++++++++ net-fs/nfs-utils/nfs-utils-1.2.9.ebuild | 2 +- 5 files changed, 387 insertions(+), 3 deletions(-) create mode 100644 net-fs/nfs-utils/files/nfs-utils-1.2.7-heimdal.patch create mode 100644 net-fs/nfs-utils/files/nfs-utils-1.2.9-heimdal-1.patch diff --git a/net-fs/nfs-utils/ChangeLog b/net-fs/nfs-utils/ChangeLog index b09d0646..e43322b0 100644 --- a/net-fs/nfs-utils/ChangeLog +++ b/net-fs/nfs-utils/ChangeLog @@ -2,6 +2,11 @@ # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/net-fs/nfs-utils/ChangeLog,v 1.215 2013/04/13 20:02:02 vapier Exp $ + 21 Nov 2013; Mario Fetka + +files/nfs-utils-1.2.7-heimdal.patch, +files/nfs-utils-1.2.9-heimdal-1.patch, + nfs-utils-1.2.9.ebuild: + Bump heimdal patch + 21 Nov 2013; Mario Fetka +files/nfs-utils-1.2.8-heimdal.patch, -files/nfs-utils-1.2.7-heimdal.patch, nfs-utils-1.2.8-r1.ebuild, nfs-utils-1.2.9.ebuild: diff --git a/net-fs/nfs-utils/Manifest b/net-fs/nfs-utils/Manifest index a4ec2872..64feaa41 100644 --- a/net-fs/nfs-utils/Manifest +++ b/net-fs/nfs-utils/Manifest @@ -1,7 +1,9 @@ AUX exports 66 SHA256 5d6356df546682e2f1a87131d1bb67de9b1f9a34d3a5742343dc64e890cf71d5 SHA512 fd8052dc8e17eccb0bb1443f341c97ec7c9dac5824294cadf486d91475bc728d4bb69300034b528a690707520590f6675ee371f92e9838afc8ed88092ee0f220 WHIRLPOOL 7cc6b59c1f7013a0ad98518623b03d1cba784ecaf6d6a085b85282192c6f41ac1c649a39dc6e1b42ff38a571c00a85aed6e04ea57d6339a072cc4f2c41d5d74e AUX nfs-utils-1.1.4-mtab-sym.patch 1020 SHA256 0232799d085151649a1eb1f31644105de7e5cfba888794354005499a0db277c3 SHA512 1cd916028a8515772f05ef63832d73a09e9720055aedc9e2e4ce3a08ce1820948700a4f00ca9c4ee684880f18e67aca888dd857fc7931d923021ba50964be998 WHIRLPOOL c16ecee3228ad4522cf4ede1d05ca50cece3910955314c96eb88a61cfe07b7f6a95c42bb15a7f7f9fd211fa62cdcbb02925e68702d5066338b4543baf56fb2df +AUX nfs-utils-1.2.7-heimdal.patch 6643 SHA256 f8845cb5471313516ebd389a1fb692b984f5f9f663923488a539d8adec8de247 SHA512 dea96554579dcb1b2404724ddcf68a27034cef7f5a0c3d4b6838e46abfcd9a05af3cd56c28f0878f1ec777ea0a2c43fb7c795adf74aa2080c8feb26e7e83d938 WHIRLPOOL cd783ee2b91332753abbf8de8125f6cebd36dd4852ce804d8822fd5cfc28d6d4f608634fcd00b4a30be5aeba9be97c2c122e3beb1d2961182f1bfce8c652e7d2 AUX nfs-utils-1.2.8-cross-build.patch 1323 SHA256 281ae4f2af4d28adc936be961c2ab4aa4f77c4fb74ba08f2cef1038c6e03b30e SHA512 42a41411d0de384b66a2875fa9ea15e4b854150b5f75ba2db54ad7785fd147ee329eb8867d24a26b2b1d9ef89bd887caeaf0b5a59cdda15f5a11c47888882b9a WHIRLPOOL 52f5704ec8b88eeb3fab37e4aa9a7ca64ca76f0665c66347ab663624cb3b70309a262d86b21882dc5f687741c73974dc6efbc01d6c386e3ea607bbdb89619edb AUX nfs-utils-1.2.8-heimdal.patch 2424 SHA256 a41cc8771cae79fd9c7689cb7d32ebe83fbd008d8d0a429411f758671c7b8c09 SHA512 e23e280292fecd4ba52f4e4f050fe7f547f7c0b8df564a1b9fac0eda5bf22bd313c0b76dea7ef95e849751fe0c4bdafd1b9500d3d9c57fdd1c42c913e14d0284 WHIRLPOOL 8406b2273da365bc88eab7cc4efcaacb9ce520d9380a2230cfc955c5af79e1c3da81cfa61c8208aa8e3c4f440bc92b0f4a5690a6e173a0f2fc063d07ded430c2 +AUX nfs-utils-1.2.9-heimdal-1.patch 7989 SHA256 00d4428e3b1ab404a543c9703b795734a26492327bdfc93c318efa33e3d5943f SHA512 ef388e9582c247bad816146e4f83353fab0674396124eadb772f0bd77597bde23164385f69c9abe0b038303ff1436233bc66110ad8f92d45a9101957acf665f1 WHIRLPOOL 48f5bf9fbe929b9d1e099136705dbd0a62e20840ac96515f80ddbd5a7047d4c58b05a8ef16db49e516d24ffe4ca6215f0e85478c0e07e9221115b56b11998d85 AUX nfs.confd 948 SHA256 22bba4ee5d58bae422650875c7c8a797a52fc121ddd02d48297c075b8a35401e SHA512 0981f9ea34d5aaf25b558aa1f4c32f6750b657b450d5d22b999e1556b583207c8d88b83f6f803747c56cc70531556f5a8741589125429f93d0bbc73ae31c137e WHIRLPOOL ff6db7d613126c4fd76a6b99dc432a44f086ea22c78a42e3bcb2df04b95c31e9552cb2c080345b71027c71f97b0b7470fd53ffb81502b3f77bc9bb80a38fe9cc AUX nfs.initd 4378 SHA256 8df22f253770a24c6a53ce332d821ab680d0ede18d0e968c1c5d8b3796cb74be SHA512 1577a43b47ebf12261504dd1c9ae564e19d80edc424c4b1e308ac46b12907f6684242284f18a6cd2edafec88c815debf895b6c29d13b9bca59d6d7c883bc1f38 WHIRLPOOL da3762c3467af7d46aef1890aa9c95a85e759c6cab09a5590a00c8f6a37b600a6cf3d4c17b1593a3bc7556ad25bfe001ccabcad70bdc1a2848aa9f842e349d48 AUX nfsd.service 339 SHA256 fada3d017779466e28a6b84c5adda1d9ef7c9b9e9458884f4456efc7e85a87c7 SHA512 4accd4aa77b3f91b1472b24ba5303cb5442aee1ecc1b813605bb4815320144cfe6505265659f8ec79ba6259c8e41ee968462d67b71981cc46dd830764fe786eb WHIRLPOOL 3fca5f83bf62f4d06854066940592cad2a3d636adf6a20e103c6344f8f3abdedfc94aeed280fa285b195b461f78674a07a334215048f83655c1f1bd17bbfc55a @@ -17,6 +19,6 @@ AUX rpc.svcgssd.initd 584 SHA256 f1c460d8b0e91e54a551397d755135d05a3728d81de5965 DIST nfs-utils-1.2.8.tar.bz2 2747577 SHA256 1cc8f02a633eddbf0a1d93421f331479c4cdab4c5ab33b8bf8c7c369f9156ac6 SHA512 abe13f37dccb40258ac2f654143e540b9ac8c41ca10fe88f104ebb558334d41c0e31220dbae0122836e43236cac763fbcfc1d5bd708aca3b282152ac3ac7213b WHIRLPOOL 95bc97e572aebae4b99d20b67845e081d75f4126fc74e9f081a6bc1a913796f5370befb5a21c7626668bd430b8671c4732ddfbf319e6a2ef8df8e15f4ef213a1 DIST nfs-utils-1.2.9.tar.bz2 774112 SHA256 90b76d5692a520b74273e607a4fd69df4cc35f65e242e22e2bc61b58759722f3 SHA512 c71f986a7e8f38492f8411540b32fef904f689b45b831e0e3c193628085d09742c6352dc42d6d374b8ded12e2b54f8fb3c8de66695a36cf038fc4afa5c29879e WHIRLPOOL 22e86859e9bf7a9a298c91f73a8afea63aa1e39753062ff664a17601d311d62f8f0efed8a0c5271751b53bb46cfc91bf721ca852dc1e744e4bb51f321a34c119 EBUILD nfs-utils-1.2.8-r1.ebuild 4073 SHA256 66b43a9e7ab5dd415eb5df366545a19c2ac13f4ca49ef1f59badab648a6184a7 SHA512 aaf943197b92f139bdbcbc9aae9add93a35a7e90d3fb91f8e1c34310eb587fbad834e69e2d112bdbaf396275f8331e07e29bb92069dfb75b032a78e0c3fb607a WHIRLPOOL 216592fa93e973c876955b82620a899563bff5207d61f2a5bdbf30e8c48fc3e7e15b2a70505b9c5cf2e09ec10e57882133c05f08b7a33288d7f70752bdab0a1d -EBUILD nfs-utils-1.2.9.ebuild 4081 SHA256 c9d889d48837f1ac1d4c4c96690641d3239da910508941dc88f3f5b1f803766f SHA512 c5ab15ef07e874c681f13449f0040e7daf233d021dce4fd5fcf5e4f4187d2bd3bd1a7dda1553e532ad74a4abe280b18c419be3ecad892c1efa4f5172f838a3d8 WHIRLPOOL b8961cb81807c4edfc9347532a128bfea94c198782588a464b7d00cea9123c96b650bb1371e7057c21ca574017c73d744b5c0e0306d0691f6f0d479f659f86e6 -MISC ChangeLog 34981 SHA256 4aa915a2ee0b181c4ac10e23de6118d576ecd72b2a5196ec9877036168ccd41e SHA512 39f213044f8407c8c474a0938c9f4337f3c9fbfac9dc1d7e358c977cabcbb830daad62362e8d58cbb473b5a8bbec713e2e0048171d931e02611951ab04830662 WHIRLPOOL e8ab96f422bd16ae53720a83e179160f6f8919938817f6b6104c7e81802b1265db6f110c3f7751a86582ca3c2417c0b70ab9154dab4ee0b0e0ca27daf6c6ee83 +EBUILD nfs-utils-1.2.9.ebuild 4083 SHA256 e38883a93aea4a3b6b043dc31637f02382100d8a00839f9b41ed6b80b82528bb SHA512 bcdfcb498e97330273dd863abc70404cbe78083a9265175b7fa58c0129ae4cd4a21a0b3298cb6f100798e0d7624737eed57c9b7f51ec142a11435fd3d90503b0 WHIRLPOOL 573f147040e7ed89bf00c8a6f28b7e1279df33cc27e71287ae31e4cce62a03e704a37d680299b84347ba0897c83685adc52cab45fc691aa0d00c0e82374224c9 +MISC ChangeLog 35160 SHA256 fc010e4bdb8b34d31b08829b0991c35d3ce0f4396ed7c89ce8ceac5b46c6af0f SHA512 b5d395c100bb9adca7c0d95ac53b8fe9eb22e9d9c29891b8ba2d31e2b4f4ffdd54e4ab9be2e379264c7d08bba93d7888091574f5875e95c03ab02dab8ed5fa12 WHIRLPOOL 07f730889f956cb73964af03895e28f175ab0c71e5bb128b263f5f564fdaf31a80b72a7a88edb5b95c5bad770a71f996d975c800f38ac2d90c68b2b6dbdbb061 MISC metadata.xml 668 SHA256 d9ecc29c31ebf779ec222513db190cc0e9d0737f806aea26913d097b09bbfa47 SHA512 2b269153829d1d8df6e97871814479af8fbe18a48cf0b6a33947212264875a4002feda4163b465b4a67e253e5f27e47badc53d414ebb9f3281253f813fa1dacd WHIRLPOOL a53c14f8e6f7cce4f75a7fda60d8b9f96a57eb3a877470906fa1c40befcd9791411934e7ab610ce612f6d42d4d953e0a2a78ffc9e21e9b98328a395c4de7daa8 diff --git a/net-fs/nfs-utils/files/nfs-utils-1.2.7-heimdal.patch b/net-fs/nfs-utils/files/nfs-utils-1.2.7-heimdal.patch new file mode 100644 index 00000000..3df950a1 --- /dev/null +++ b/net-fs/nfs-utils/files/nfs-utils-1.2.7-heimdal.patch @@ -0,0 +1,180 @@ +--- nfs-utils-1.2.3.dist/aclocal/rpcsec_vers.m4.orig 2010-09-28 14:24:16.000000000 +0200 ++++ nfs-utils-1.2.3.dist/aclocal/rpcsec_vers.m4 2010-10-03 14:53:06.379424854 +0200 +@@ -1,7 +1,10 @@ + dnl Checks librpcsec version + AC_DEFUN([AC_RPCSEC_VERSION], [ + +- PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.3]) ++ dnl libgssglue is needed only for MIT Kerberos ++ if test "$gssapi_lib" = gssapi_krb5; then ++ PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.3]) ++ fi + + dnl TI-RPC replaces librpcsecgss + if test "$enable_tirpc" = no; then +--- nfs-utils-1.2.3.dist/aclocal/kerberos5.m4~ 2010-09-28 14:24:16.000000000 +0200 ++++ nfs-utils-1.2.3.dist/aclocal/kerberos5.m4 2010-10-03 14:13:17.274424855 +0200 +@@ -32,14 +32,14 @@ + fi + if test "$K5CONFIG" != ""; then + KRBCFLAGS=`$K5CONFIG --cflags` +- KRBLIBS=`$K5CONFIG --libs` +- K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` ++ KRBLIBS=`$K5CONFIG --libs gssapi` + AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number]) + if test -f $dir/include/gssapi/gssapi_krb5.h -a \ + \( -f $dir/lib/libgssapi_krb5.a -o \ + -f $dir/lib64/libgssapi_krb5.a -o \ + -f $dir/lib64/libgssapi_krb5.so -o \ + -f $dir/lib/libgssapi_krb5.so \) ; then ++ K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` + AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries]) + KRBDIR="$dir" + dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the +@@ -56,7 +56,11 @@ + dnl of Heimdal Kerberos on SuSe + elif test \( -f $dir/include/heim_err.h -o\ + -f $dir/include/heimdal/heim_err.h \) -a \ +- -f $dir/lib/libroken.a; then ++ \( -f $dir/lib/libroken.a -o \ ++ -f $dir/lib64/libroken.a -o \ ++ -f $dir/lib64/libroken.so -o \ ++ -f $dir/lib/libroken.so \) ; then ++ K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(2),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` + AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries]) + KRBDIR="$dir" + gssapi_lib=gssapi +--- nfs-utils-1.2.3.dist/utils/gssd/context_lucid.c.orig 2010-09-28 14:24:16.000000000 +0200 ++++ nfs-utils-1.2.3.dist/utils/gssd/context_lucid.c 2010-10-03 14:31:31.150424854 +0200 +@@ -267,8 +267,13 @@ + int retcode = 0; + + printerr(2, "DEBUG: %s: lucid version!\n", __FUNCTION__); ++#ifdef HAVE_HEIMDAL ++ maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, &ctx, ++ 1, &return_ctx); ++#else + maj_stat = gss_export_lucid_sec_context(&min_stat, &ctx, + 1, &return_ctx); ++#endif + if (maj_stat != GSS_S_COMPLETE) { + pgsserr("gss_export_lucid_sec_context", + maj_stat, min_stat, &krb5oid); +@@ -303,7 +308,11 @@ + else + retcode = prepare_krb5_rfc4121_buffer(lctx, buf, endtime); + ++#ifdef HAVE_HEIMDAL ++ maj_stat = gss_krb5_free_lucid_sec_context(&min_stat, return_ctx); ++#else + maj_stat = gss_free_lucid_sec_context(&min_stat, ctx, return_ctx); ++#endif + if (maj_stat != GSS_S_COMPLETE) { + pgsserr("gss_export_lucid_sec_context", + maj_stat, min_stat, &krb5oid); +--- nfs-utils-1.2.3.dist/utils/gssd/krb5_util.c.orig 2010-09-28 14:24:16.000000000 +0200 ++++ nfs-utils-1.2.3.dist/utils/gssd/krb5_util.c 2010-10-03 14:33:07.992424854 +0200 +@@ -115,7 +115,7 @@ + #include + #include + #include +-#ifdef USE_PRIVATE_KRB5_FUNCTIONS ++#ifdef HAVE_HEIMDAL + #include + #endif + #include +@@ -927,9 +927,37 @@ + { + krb5_error_code ret; + krb5_creds creds; +- krb5_cc_cursor cur; + int found = 0; + ++#ifdef HAVE_HEIMDAL ++ krb5_creds pattern; ++ krb5_const_realm client_realm; ++ ++ krb5_cc_clear_mcred(&pattern); ++ ++ client_realm = krb5_principal_get_realm (context, principal); ++ ++ ret = krb5_make_principal (context, &pattern.server, ++ client_realm, KRB5_TGS_NAME, client_realm, ++ NULL); ++ if (ret) ++ krb5_err (context, 1, ret, "krb5_make_principal"); ++ pattern.client = principal; ++ ++ ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds); ++ krb5_free_principal (context, pattern.server); ++ if (ret) { ++ if (ret == KRB5_CC_END) ++ return 1; ++ krb5_err (context, 1, ret, "krb5_cc_retrieve_cred"); ++ } ++ ++ found = creds.times.endtime > time(NULL); ++ ++ krb5_free_cred_contents (context, &creds); ++#else ++ krb5_cc_cursor cur; ++ + ret = krb5_cc_start_seq_get(context, ccache, &cur); + if (ret) + return 0; +@@ -949,6 +977,7 @@ + krb5_free_cred_contents(context, &creds); + } + krb5_cc_end_seq_get(context, ccache, &cur); ++#endif + + return found; + } +@@ -995,6 +1024,9 @@ + } + krb5_free_principal(context, principal); + err_princ: ++#ifdef HAVE_HEIMDAL ++#define KRB5_TC_OPENCLOSE 0x00000001 ++#endif + krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE); + krb5_cc_close(context, ccache); + err_cache: +@@ -1316,12 +1316,21 @@ + * If we failed for any reason to produce global + * list of supported enctypes, use local default here. + */ ++#ifdef HAVE_HEIMDAL ++ if (krb5_enctypes == NULL || limit_to_legacy_enctypes) ++ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh, ++ num_enctypes, enctypes); ++ else ++ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh, ++ num_krb5_enctypes, krb5_enctypes); ++#else + if (krb5_enctypes == NULL || limit_to_legacy_enctypes) + maj_stat = gss_set_allowable_enctypes(&min_stat, credh, + &krb5oid, num_enctypes, enctypes); + else + maj_stat = gss_set_allowable_enctypes(&min_stat, credh, + &krb5oid, num_krb5_enctypes, krb5_enctypes); ++#endif + + if (maj_stat != GSS_S_COMPLETE) { + pgsserr("gss_set_allowable_enctypes", +--- nfs-utils-1.2.4/utils/gssd/svcgssd_krb5.c~ 2011-06-30 15:00:42.000000000 +0200 ++++ nfs-utils-1.2.4/utils/gssd/svcgssd_krb5.c 2011-08-03 12:40:53.865782009 +0200 +@@ -186,8 +186,13 @@ + num_enctypes = default_num_enctypes; + } + ++#ifdef HAVE_HEIMDAL ++ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, gssd_creds, ++ num_enctypes, enctypes); ++#else + maj_stat = gss_set_allowable_enctypes(&min_stat, gssd_creds, + &krb5oid, num_enctypes, enctypes); ++#endif + if (maj_stat != GSS_S_COMPLETE) { + printerr(1, "WARNING: gss_set_allowable_enctypes failed\n"); + pgsserr("svcgssd_limit_krb5_enctypes: gss_set_allowable_enctypes", diff --git a/net-fs/nfs-utils/files/nfs-utils-1.2.9-heimdal-1.patch b/net-fs/nfs-utils/files/nfs-utils-1.2.9-heimdal-1.patch new file mode 100644 index 00000000..4aaeaf89 --- /dev/null +++ b/net-fs/nfs-utils/files/nfs-utils-1.2.9-heimdal-1.patch @@ -0,0 +1,197 @@ +Submitted By: Mario Fetka (mario dot fetka at gmail dot com) +Date: 2013-11-21 +Initial Package Version: 1.2.4 +Origin: http://cvs.pld-linux.org/cgi-bin/viewvc.cgi/cvs/packages/nfs-utils/nfs-utils-heimdal.patch?view=log +Upstream Status: unknown +Description: Add proper Heimdal support + +diff -Naur nfs-utils-1.2.9.orig/aclocal/kerberos5.m4 nfs-utils-1.2.9/aclocal/kerberos5.m4 +--- nfs-utils-1.2.9.orig/aclocal/kerberos5.m4 2013-11-21 09:15:13.833824277 +0000 ++++ nfs-utils-1.2.9/aclocal/kerberos5.m4 2013-11-21 09:46:48.325139877 +0000 +@@ -31,16 +31,16 @@ + fi + if test "$K5CONFIG" != ""; then + KRBCFLAGS=`$K5CONFIG --cflags` +- KRBLIBS=`$K5CONFIG --libs` ++ KRBLIBS=`$K5CONFIG --libs gssapi` + GSSKRB_CFLAGS=`$K5CONFIG --cflags gssapi` + GSSKRB_LIBS=`$K5CONFIG --libs gssapi` +- K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` + AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number]) + if test -f $dir/include/gssapi/gssapi_krb5.h -a \ + \( -f $dir/lib/libgssapi_krb5.a -o \ + -f $dir/lib64/libgssapi_krb5.a -o \ + -f $dir/lib64/libgssapi_krb5.so -o \ + -f $dir/lib/libgssapi_krb5.so \) ; then ++ K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` + AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries]) + KRBDIR="$dir" + dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the +@@ -58,7 +58,11 @@ + dnl of Heimdal Kerberos on SuSe + elif test \( -f $dir/include/heim_err.h -o\ + -f $dir/include/heimdal/heim_err.h \) -a \ +- -f $dir/lib/libroken.a; then ++ \( -f $dir/lib/libroken.a -o \ ++ -f $dir/lib64/libroken.a -o \ ++ -f $dir/lib64/libroken.so -o \ ++ -f $dir/lib/libroken.so \) ; then ++ K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(2),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` + AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries]) + KRBDIR="$dir" + gssapi_lib=gssapi +diff -Naur nfs-utils-1.2.9.orig/aclocal/rpcsec_vers.m4 nfs-utils-1.2.9/aclocal/rpcsec_vers.m4 +--- nfs-utils-1.2.9.orig/aclocal/rpcsec_vers.m4 2013-11-21 09:15:13.833824277 +0000 ++++ nfs-utils-1.2.9/aclocal/rpcsec_vers.m4 2013-11-21 09:22:55.731049767 +0000 +@@ -4,8 +4,11 @@ + AC_ARG_WITH([gssglue], + [AC_HELP_STRING([--with-gssglue], [Use libgssglue for GSS support])]) + if test x"$with_gssglue" = x"yes"; then +- PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.3]) +- AC_CHECK_LIB([gssglue], [gss_set_allowable_enctypes]) ++ dnl libgssglue is needed only for MIT Kerberos ++ if test "$gssapi_lib" = gssapi_krb5; then ++ PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.3]) ++ AC_CHECK_LIB([gssglue], [gss_set_allowable_enctypes]) ++ fi + fi + + dnl TI-RPC replaces librpcsecgss +diff -Naur nfs-utils-1.2.9.orig/utils/gssd/context_lucid.c nfs-utils-1.2.9/utils/gssd/context_lucid.c +--- nfs-utils-1.2.9.orig/utils/gssd/context_lucid.c 2013-11-21 09:15:13.830824315 +0000 ++++ nfs-utils-1.2.9/utils/gssd/context_lucid.c 2013-11-21 09:51:19.942744189 +0000 +@@ -266,8 +266,13 @@ + int retcode = 0; + + printerr(2, "DEBUG: %s: lucid version!\n", __FUNCTION__); ++#ifdef HAVE_HEIMDAL ++ maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, &ctx, ++ 1, &return_ctx); ++#else + maj_stat = gss_export_lucid_sec_context(&min_stat, ctx, + 1, &return_ctx); ++#endif + if (maj_stat != GSS_S_COMPLETE) { + pgsserr("gss_export_lucid_sec_context", + maj_stat, min_stat, &krb5oid); +@@ -302,7 +307,11 @@ + else + retcode = prepare_krb5_rfc4121_buffer(lctx, buf, endtime); + ++#ifdef HAVE_HEIMDAL ++ maj_stat = gss_krb5_free_lucid_sec_context(&min_stat, return_ctx); ++#else + maj_stat = gss_free_lucid_sec_context(&min_stat, ctx, return_ctx); ++#endif + if (maj_stat != GSS_S_COMPLETE) { + pgsserr("gss_free_lucid_sec_context", + maj_stat, min_stat, &krb5oid); +diff -Naur nfs-utils-1.2.9.orig/utils/gssd/krb5_util.c nfs-utils-1.2.9/utils/gssd/krb5_util.c +--- nfs-utils-1.2.9.orig/utils/gssd/krb5_util.c 2013-11-21 09:15:13.829824327 +0000 ++++ nfs-utils-1.2.9/utils/gssd/krb5_util.c 2013-11-21 09:58:13.211577618 +0000 +@@ -115,7 +115,7 @@ + #include + #include + #include +-#ifdef USE_PRIVATE_KRB5_FUNCTIONS ++#ifdef HAVE_HEIMDAL + #include + #endif + #include +@@ -970,9 +970,37 @@ + { + krb5_error_code ret; + krb5_creds creds; +- krb5_cc_cursor cur; + int found = 0; + ++#ifdef HAVE_HEIMDAL ++ krb5_creds pattern; ++ krb5_const_realm client_realm; ++ ++ krb5_cc_clear_mcred(&pattern); ++ ++ client_realm = krb5_principal_get_realm (context, principal); ++ ++ ret = krb5_make_principal (context, &pattern.server, ++ client_realm, KRB5_TGS_NAME, client_realm, ++ NULL); ++ if (ret) ++ krb5_err (context, 1, ret, "krb5_make_principal"); ++ pattern.client = principal; ++ ++ ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds); ++ krb5_free_principal (context, pattern.server); ++ if (ret) { ++ if (ret == KRB5_CC_END) ++ return 1; ++ krb5_err (context, 1, ret, "krb5_cc_retrieve_cred"); ++ } ++ ++ found = creds.times.endtime > time(NULL); ++ ++ krb5_free_cred_contents (context, &creds); ++#else ++ krb5_cc_cursor cur; ++ + ret = krb5_cc_start_seq_get(context, ccache, &cur); + if (ret) + return 0; +@@ -992,7 +1020,7 @@ + krb5_free_cred_contents(context, &creds); + } + krb5_cc_end_seq_get(context, ccache, &cur); +- ++#endif + return found; + } + +@@ -1038,6 +1066,9 @@ + } + krb5_free_principal(context, principal); + err_princ: ++#ifdef HAVE_HEIMDAL ++#define KRB5_TC_OPENCLOSE 0x00000001 ++#endif + krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE); + krb5_cc_close(context, ccache); + err_cache: +@@ -1452,12 +1483,21 @@ + * If we failed for any reason to produce global + * list of supported enctypes, use local default here. + */ ++#ifdef HAVE_HEIMDAL ++ if (krb5_enctypes == NULL || limit_to_legacy_enctypes) ++ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh, ++ num_enctypes, enctypes); ++ else ++ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh, ++ num_krb5_enctypes, krb5_enctypes); ++#else + if (krb5_enctypes == NULL || limit_to_legacy_enctypes) + maj_stat = gss_set_allowable_enctypes(&min_stat, sec->cred, + &krb5oid, num_enctypes, enctypes); + else + maj_stat = gss_set_allowable_enctypes(&min_stat, sec->cred, + &krb5oid, num_krb5_enctypes, krb5_enctypes); ++#endif + + if (maj_stat != GSS_S_COMPLETE) { + pgsserr("gss_set_allowable_enctypes", +diff -Naur nfs-utils-1.2.9.orig/utils/gssd/svcgssd_krb5.c nfs-utils-1.2.9/utils/gssd/svcgssd_krb5.c +--- nfs-utils-1.2.9.orig/utils/gssd/svcgssd_krb5.c 2013-11-21 09:15:13.830824315 +0000 ++++ nfs-utils-1.2.9/utils/gssd/svcgssd_krb5.c 2013-11-21 09:59:25.854669454 +0000 +@@ -217,8 +217,13 @@ + "enctypes from defaults\n", __func__, num_enctypes); + } + ++#ifdef HAVE_HEIMDAL ++ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, gssd_creds, ++ num_enctypes, enctypes); ++#else + maj_stat = gss_set_allowable_enctypes(&min_stat, gssd_creds, + &krb5oid, num_enctypes, enctypes); ++#endif + if (maj_stat != GSS_S_COMPLETE) { + printerr(1, "WARNING: gss_set_allowable_enctypes failed\n"); + pgsserr("svcgssd_limit_krb5_enctypes: gss_set_allowable_enctypes", diff --git a/net-fs/nfs-utils/nfs-utils-1.2.9.ebuild b/net-fs/nfs-utils/nfs-utils-1.2.9.ebuild index 7679238c..f5eebb90 100644 --- a/net-fs/nfs-utils/nfs-utils-1.2.9.ebuild +++ b/net-fs/nfs-utils/nfs-utils-1.2.9.ebuild @@ -56,7 +56,7 @@ DEPEND="${DEPEND_COMMON} src_prepare() { epatch "${FILESDIR}"/${PN}-1.1.4-mtab-sym.patch epatch "${FILESDIR}"/${PN}-1.2.8-cross-build.patch - epatch "${FILESDIR}"/${PN}-1.2.8-heimdal.patch + epatch "${FILESDIR}"/${PN}-1.2.9-heimdal-1.patch eautoreconf }