rpms/mod_auth_kerb/devel mod_auth_kerb-5.4-fixes.patch, NONE, 1.1 mod_auth_kerb-5.4-rcopshack.patch, NONE, 1.1 mod_auth_kerb.spec, 1.21, 1.22 mod_auth_kerb-5.0-exports.patch, 1.3, NONE mod_auth_kerb-5.1-fixes.patch, 1.2, NONE mod_auth_kerb-5.3-cache.patch, 1.1, NONE
Joe Orton
jorton at fedoraproject.org
Thu Dec 11 12:34:19 UTC 2008
Author: jorton
Update of /cvs/extras/rpms/mod_auth_kerb/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10655
Modified Files:
mod_auth_kerb.spec
Added Files:
mod_auth_kerb-5.4-fixes.patch
mod_auth_kerb-5.4-rcopshack.patch
Removed Files:
mod_auth_kerb-5.0-exports.patch mod_auth_kerb-5.1-fixes.patch
mod_auth_kerb-5.3-cache.patch
Log Message:
* Thu Dec 11 2008 Joe Orton <jorton at redhat.com> 5.4-2
- update to 5.4
mod_auth_kerb-5.4-fixes.patch:
--- NEW FILE mod_auth_kerb-5.4-fixes.patch ---
--- mod_auth_kerb-5.4/src/mod_auth_kerb.c.fixes
+++ mod_auth_kerb-5.4/src/mod_auth_kerb.c
@@ -677,7 +677,8 @@ end:
static krb5_error_code
verify_krb5_user(request_rec *r, krb5_context context, krb5_principal principal,
const char *password, krb5_principal server,
- krb5_keytab keytab, int krb_verify_kdc, char *krb_service_name, krb5_ccache *ccache)
+ krb5_keytab keytab, int krb_verify_kdc,
+ const char *krb_service_name, krb5_ccache *ccache)
{
krb5_creds creds;
krb5_get_init_creds_opt options;
@@ -1280,6 +1281,7 @@ get_gss_creds(request_rec *r,
return 0;
}
+#ifndef GSSAPI_SUPPORTS_SPNEGO
static int
cmp_gss_type(gss_buffer_t token, gss_OID oid)
{
@@ -1306,6 +1308,7 @@ cmp_gss_type(gss_buffer_t token, gss_OID
return memcmp(p, oid->elements, oid->length);
}
+#endif
static int
authenticate_user_gss(request_rec *r, kerb_auth_config *conf,
@@ -1722,7 +1725,7 @@ kerb_authenticate_user(request_rec *r)
return ret;
}
-int
+static int
have_rcache_type(const char *type)
{
krb5_error_code ret;
mod_auth_kerb-5.4-rcopshack.patch:
--- NEW FILE mod_auth_kerb-5.4-rcopshack.patch ---
Remove the Krb5 1.3.x-specific hack which mucks about with
libkrb5 internals, and shouldn't.
--- mod_auth_kerb-5.4/src/mod_auth_kerb.c.rcopshack
+++ mod_auth_kerb-5.4/src/mod_auth_kerb.c
@@ -285,34 +285,6 @@ mkstemp(char *template)
}
#endif
-#if defined(KRB5) && !defined(HEIMDAL)
-/* Needed to work around problems with replay caches */
-#include "mit-internals.h"
-
-/* This is our replacement krb5_rc_store function */
-static krb5_error_code KRB5_LIB_FUNCTION
-mod_auth_kerb_rc_store(krb5_context context, krb5_rcache rcache,
- krb5_donot_replay_internal *donot_replay)
-{
- return 0;
-}
-
-/* And this is the operations vector for our replay cache */
-const krb5_rc_ops_internal mod_auth_kerb_rc_ops = {
- 0,
- "dfl",
- krb5_rc_dfl_init,
- krb5_rc_dfl_recover,
- krb5_rc_dfl_destroy,
- krb5_rc_dfl_close,
- mod_auth_kerb_rc_store,
- krb5_rc_dfl_expunge,
- krb5_rc_dfl_get_span,
- krb5_rc_dfl_get_name,
- krb5_rc_dfl_resolve
-};
-#endif
-
/***************************************************************************
Auth Configuration Initialization
***************************************************************************/
@@ -1252,31 +1224,6 @@ get_gss_creds(request_rec *r,
return HTTP_INTERNAL_SERVER_ERROR;
}
-#ifndef HEIMDAL
- /*
- * With MIT Kerberos 5 1.3.x the gss_cred_id_t is the same as
- * krb5_gss_cred_id_t and krb5_gss_cred_id_rec contains a pointer to
- * the replay cache.
- * This allows us to override the replay cache function vector with
- * our own one.
- * Note that this is a dirty hack to get things working and there may
- * well be unknown side-effects.
- */
- {
- krb5_gss_cred_id_t gss_creds = (krb5_gss_cred_id_t) *server_creds;
-
- /* First we try to verify we are linked with 1.3.x to prevent from
- crashing when linked with 1.4.x */
- if (gss_creds && (gss_creds->usage == GSS_C_ACCEPT)) {
- if (gss_creds->rcache && gss_creds->rcache->ops &&
- gss_creds->rcache->ops->type &&
- memcmp(gss_creds->rcache->ops->type, "dfl", 3) == 0)
- /* Override the rcache operations */
- gss_creds->rcache->ops = &mod_auth_kerb_rc_ops;
- }
- }
-#endif
-
return 0;
}
Index: mod_auth_kerb.spec
===================================================================
RCS file: /cvs/extras/rpms/mod_auth_kerb/devel/mod_auth_kerb.spec,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- mod_auth_kerb.spec 19 Feb 2008 07:06:35 -0000 1.21
+++ mod_auth_kerb.spec 11 Dec 2008 12:33:49 -0000 1.22
@@ -1,17 +1,15 @@
Summary: Kerberos authentication module for HTTP
Name: mod_auth_kerb
-Version: 5.3
-Release: 7
+Version: 5.4
+Release: 2
License: BSD and MIT
Group: System Environment/Daemons
URL: http://modauthkerb.sourceforge.net/
Source0: %{name}-%{version}.tar.gz
Source1: auth_kerb.conf
-Patch2: mod_auth_kerb-5.3-cache.patch
-Patch5: mod_auth_kerb-5.0-exports.patch
-Patch7: mod_auth_kerb-5.1-krb15.patch
-Patch8: mod_auth_kerb-5.1-fixes.patch
+Patch1: mod_auth_kerb-5.4-rcopshack.patch
+Patch2: mod_auth_kerb-5.4-fixes.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
BuildRequires: httpd-devel, krb5-devel
Requires: httpd-mmn = %(cat %{_includedir}/httpd/.mmn || echo missing)
@@ -24,10 +22,8 @@
%prep
%setup -q -n %{name}-%{version}
-%patch2 -p1 -b .cache
-%patch5 -p1 -b .exports
-%patch7 -p1 -b .krb15
-%patch8 -p1 -b .fixes
+%patch1 -p1 -b .rcopshack
+%patch2 -p1 -b .fixes
%build
%configure --without-krb4 --with-krb5=/usr/kerberos \
@@ -53,6 +49,9 @@
%{_libdir}/httpd/modules/*.so
%changelog
+* Thu Dec 11 2008 Joe Orton <jorton at redhat.com> 5.4-2
+- update to 5.4
+
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 5.3-7
- Autorebuild for GCC 4.3
--- mod_auth_kerb-5.0-exports.patch DELETED ---
--- mod_auth_kerb-5.1-fixes.patch DELETED ---
--- mod_auth_kerb-5.3-cache.patch DELETED ---
More information about the fedora-extras-commits
mailing list