- fix included map read fail handling.

- refactor ldap sasl authentication bind to eliminate extra connect causing
    some servers to reject the request.
- add mount wait parameter to allow timeout of mount requests to
    unresponsive servers.
- special case cifs escape handling.
- fix libxml2 workaround configure.
- more code analysis corrections (and fix a typo in an init script).
- fix backwards #ifndef INET6.

autofs-5.0.4-add-mount-wait-parameter.patch

@@ -0,0 +1,172 @@
+autofs-5.0.4 - add mount wait parameter
+
+From: Ian Kent <raven@themaw.net>
+
+Often delays when trying to mount from a server that is not reponding
+for some reason are undesirable. To try and prevent these delays we
+provide a configuration setting to limit the time that we wait for
+our spawned mount(8) process to complete before sending it a SIGTERM
+signal. This patch adds a configuration parameter to allow us to
+request we limit the time we wait for mount(8) to complete before
+send it a TERM signal.
+---
+
+ CHANGELOG                      |    1 +
+ daemon/spawn.c                 |    3 ++-
+ include/defaults.h             |    2 ++
+ lib/defaults.c                 |   13 +++++++++++++
+ man/auto.master.5.in           |    7 +++++++
+ redhat/autofs.sysconfig.in     |    9 +++++++++
+ samples/autofs.conf.default.in |    9 +++++++++
+ 7 files changed, 43 insertions(+), 1 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 5adcca5..fadb229 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -2,6 +2,7 @@
+ -----------------------
+ - fix included map read fail handling.
+ - refactor ldap sasl bind handling.
++- add mount wait timeout parameter.
+ 
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+diff --git a/daemon/spawn.c b/daemon/spawn.c
+index e02d926..db356d4 100644
+--- a/daemon/spawn.c
++++ b/daemon/spawn.c
+@@ -305,6 +305,7 @@ int spawn_mount(unsigned logopt, ...)
+ 	unsigned int options;
+ 	unsigned int retries = MTAB_LOCK_RETRIES;
+ 	int update_mtab = 1, ret, printed = 0;
++	unsigned int wait = defaults_get_mount_wait();
+ 	char buf[PATH_MAX];
+ 
+ 	/* If we use mount locking we can't validate the location */
+@@ -355,7 +356,7 @@ int spawn_mount(unsigned logopt, ...)
+ 	va_end(arg);
+ 
+ 	while (retries--) {
+-		ret = do_spawn(logopt, -1, options, prog, (const char **) argv);
++		ret = do_spawn(logopt, wait, options, prog, (const char **) argv);
+ 		if (ret & MTAB_NOTUPDATED) {
+ 			struct timespec tm = {3, 0};
+ 
+diff --git a/include/defaults.h b/include/defaults.h
+index 9bf16e5..cda2174 100644
+--- a/include/defaults.h
++++ b/include/defaults.h
+@@ -24,6 +24,7 @@
+ 
+ #define DEFAULT_TIMEOUT			600
+ #define DEFAULT_NEGATIVE_TIMEOUT	60
++#define DEFAULT_MOUNT_WAIT		-1
+ #define DEFAULT_UMOUNT_WAIT		12
+ #define DEFAULT_BROWSE_MODE		1
+ #define DEFAULT_LOGGING			0
+@@ -64,6 +65,7 @@ struct ldap_searchdn *defaults_get_searchdns(void);
+ void defaults_free_searchdns(struct ldap_searchdn *);
+ unsigned int defaults_get_mount_nfs_default_proto(void);
+ unsigned int defaults_get_append_options(void);
++unsigned int defaults_get_mount_wait(void);
+ unsigned int defaults_get_umount_wait(void);
+ const char *defaults_get_auth_conf_file(void);
+ unsigned int defaults_get_map_hash_table_size(void);
+diff --git a/lib/defaults.c b/lib/defaults.c
+index 17164bd..2204b18 100644
+--- a/lib/defaults.c
++++ b/lib/defaults.c
+@@ -47,6 +47,7 @@
+ 
+ #define ENV_MOUNT_NFS_DEFAULT_PROTOCOL	"MOUNT_NFS_DEFAULT_PROTOCOL"
+ #define ENV_APPEND_OPTIONS		"APPEND_OPTIONS"
++#define ENV_MOUNT_WAIT			"MOUNT_WAIT"
+ #define ENV_UMOUNT_WAIT			"UMOUNT_WAIT"
+ #define ENV_AUTH_CONF_FILE		"AUTH_CONF_FILE"
+ 
+@@ -325,6 +326,7 @@ unsigned int defaults_read_config(unsigned int to_syslog)
+ 		    check_set_config_value(key, ENV_NAME_ENTRY_ATTR, value, to_syslog) ||
+ 		    check_set_config_value(key, ENV_NAME_VALUE_ATTR, value, to_syslog) ||
+ 		    check_set_config_value(key, ENV_APPEND_OPTIONS, value, to_syslog) ||
++		    check_set_config_value(key, ENV_MOUNT_WAIT, value, to_syslog) ||
+ 		    check_set_config_value(key, ENV_UMOUNT_WAIT, value, to_syslog) ||
+ 		    check_set_config_value(key, ENV_AUTH_CONF_FILE, value, to_syslog) ||
+ 		    check_set_config_value(key, ENV_MAP_HASH_TABLE_SIZE, value, to_syslog) ||
+@@ -667,6 +669,17 @@ unsigned int defaults_get_append_options(void)
+ 	return res;
+ }
+ 
++unsigned int defaults_get_mount_wait(void)
++{
++	long wait;
++
++	wait = get_env_number(ENV_MOUNT_WAIT);
++	if (wait < 0)
++		wait = DEFAULT_MOUNT_WAIT;
++
++	return (unsigned int) wait;
++}
++
+ unsigned int defaults_get_umount_wait(void)
+ {
+ 	long wait;
+diff --git a/man/auto.master.5.in b/man/auto.master.5.in
+index 71c4402..792035f 100644
+--- a/man/auto.master.5.in
++++ b/man/auto.master.5.in
+@@ -174,6 +174,13 @@ Set the default timeout for caching failed key lookups (program default
+ 60). If the equivalent command line option is given it will override this
+ setting.
+ .TP
++.B MOUNT_WAIT
++Set the default time to wait for a response from a spawned mount(8)
++before sending it a SIGTERM. Note that we still need to wait for the
++RPC layer to timeout before the sub-process exits so this isn't ideal
++but it is the best we can do. The default is to wait until mount(8)
++returns without intervention.
++.TP
+ .B UMOUNT_WAIT
+ Set the default time to wait for a response from a spawned umount(8)
+ before sending it a SIGTERM. Note that we still need to wait for the
+diff --git a/redhat/autofs.sysconfig.in b/redhat/autofs.sysconfig.in
+index 37448ea..c72cd2b 100644
+--- a/redhat/autofs.sysconfig.in
++++ b/redhat/autofs.sysconfig.in
+@@ -14,6 +14,15 @@ TIMEOUT=300
+ #
+ #NEGATIVE_TIMEOUT=60
+ #
++# MOUNT_WAIT - time to wait for a response from umount(8).
++# 	       Setting this timeout can cause problems when
++# 	       mount would otherwise wait for a server that
++# 	       is temporarily unavailable, such as when it's
++# 	       restarting. The defailt of waiting for mount(8)
++# 	       usually results in a wait of around 3 minutes.
++#
++#MOUNT_WAIT=-1
++#
+ # UMOUNT_WAIT - time to wait for a response from umount(8).
+ #
+ #UMOUNT_WAIT=12
+diff --git a/samples/autofs.conf.default.in b/samples/autofs.conf.default.in
+index 7dee5fd..b87c4d0 100644
+--- a/samples/autofs.conf.default.in
++++ b/samples/autofs.conf.default.in
+@@ -14,6 +14,15 @@ TIMEOUT=300
+ #
+ #NEGATIVE_TIMEOUT=60
+ #
++# MOUNT_WAIT - time to wait for a response from umount(8).
++# 	       Setting this timeout can cause problems when
++# 	       mount would otherwise wait for a server that
++# 	       is temporarily unavailable, such as when it's
++# 	       restarting. The defailt of waiting for mount(8)
++# 	       usually results in a wait of around 3 minutes.
++#
++#MOUNT_WAIT=-1
++#
+ # UMOUNT_WAIT - time to wait for a response from umount(8).
+ #
+ #UMOUNT_WAIT=12

autofs-5.0.5-fix-backwards-ifndef-INET6.patch

@@ -0,0 +1,48 @@
+autofs-5.0.5 - fix backwards #ifndef INET6
+
+From: Jeff Moyer <jmoyer@redhat.com>
+
+Fix reversed macro checks for INET6 in get_proximity().
+
+Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
+---
+
+ CHANGELOG            |    1 +
+ modules/replicated.c |    4 ++--
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index b9b1602..7997d1d 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -6,6 +6,7 @@
+ - special case cifs escapes.
+ - fix compile fail with when LDAP is excluded.
+ - more code analysis corrections (and fix a typo in an init script).
++- fix backwards #ifndef INET6.
+ 
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+diff --git a/modules/replicated.c b/modules/replicated.c
+index a66de9f..4cd3eb4 100644
+--- a/modules/replicated.c
++++ b/modules/replicated.c
+@@ -231,7 +231,7 @@ static unsigned int get_proximity(struct sockaddr *host_addr)
+ 			break;
+ 
+ 		case AF_INET6:
+-#ifndef INET6
++#ifdef INET6
+ 			if (host_addr->sa_family == AF_INET)
+ 				break;
+ 
+@@ -313,7 +313,7 @@ static unsigned int get_proximity(struct sockaddr *host_addr)
+ 			break;
+ 
+ 		case AF_INET6:
+-#ifndef INET6
++#ifdef INET6
+ 			if (host_addr->sa_family == AF_INET)
+ 				break;
+ 

autofs-5.0.5-fix-included-map-read-fail-handling.patch

@@ -0,0 +1,44 @@
+autofs-5.0.5 - fix included map read fail handling
+
+From: Ian Kent <raven@themaw.net>
+
+If an included map read fails an error is returned and subsequent
+master map entries are not read. We should report the failure but
+we shouldn't stop reading the master map.
+---
+
+ CHANGELOG             |    4 ++++
+ modules/lookup_file.c |    7 -------
+ 2 files changed, 4 insertions(+), 7 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index e734cb3..674a48b 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -1,3 +1,7 @@
++??/??/20?? autofs-5.0.6
++-----------------------
++- fix included map read fail handling.
++
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+ - fix dumb libxml2 check
+diff --git a/modules/lookup_file.c b/modules/lookup_file.c
+index a4ca39d..e43ab2f 100644
+--- a/modules/lookup_file.c
++++ b/modules/lookup_file.c
+@@ -438,13 +438,6 @@ int lookup_read_master(struct master *master, time_t age, void *context)
+ 				     MODPREFIX
+ 				     "failed to read included master map %s",
+ 				     master->name);
+-				if (!master->recurse) {
+-					master->name = save_name;
+-					master->depth--;
+-					master->recurse = 0;
+-					fclose(f);
+-					return NSS_STATUS_UNAVAIL;
+-				}
+ 			}
+ 			master->depth--;
+ 			master->recurse = 0;

autofs-5.0.5-fix-libxml2-workaround-configure.patch

@@ -0,0 +1,79 @@
+autofs-5.0.5 - fix libxml2 workaround configure
+
+From: Ian Kent <raven@themaw.net>
+
+The configure logic related to work around the libxml2 library
+reload issues is not quite right. The xml code is needed if
+ldap is used so it is sufficient to require inclusion of the
+workaround code if autofs is being built with LDAP support.
+---
+
+ CHANGELOG          |    1 +
+ daemon/Makefile    |    2 --
+ daemon/automount.c |    8 +++++---
+ 3 files changed, 6 insertions(+), 5 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 671c979..23351c8 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -4,6 +4,7 @@
+ - refactor ldap sasl bind handling.
+ - add mount wait timeout parameter.
+ - special case cifs escapes.
++- fix compile fail with when LDAP is excluded.
+ 
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+diff --git a/daemon/Makefile b/daemon/Makefile
+index 371ec72..9e9d635 100644
+--- a/daemon/Makefile
++++ b/daemon/Makefile
+@@ -23,10 +23,8 @@ LDFLAGS += -rdynamic
+ LIBS = -ldl
+ 
+ ifeq ($(LDAP), 1)
+-  ifeq ($(SASL), 1)
+     CFLAGS += $(XML_FLAGS)
+     LIBS += $(XML_LIBS)
+-  endif
+ endif
+ 
+ all: automount
+diff --git a/daemon/automount.c b/daemon/automount.c
+index 979ecd6..7c44d4b 100644
+--- a/daemon/automount.c
++++ b/daemon/automount.c
+@@ -38,10 +38,12 @@
+ #include <sys/utsname.h>
+ 
+ #include "automount.h"
+-#ifdef LIBXML2_WORKAROUND
++#if defined(LIBXML2_WORKAROUND) || defined(TIRPC_WORKAROUND)
+ #include <dlfcn.h>
++#ifdef WITH_LDAP
+ #include <libxml/parser.h>
+ #endif
++#endif
+ 
+ const char *program;		/* Initialized with argv[0] */
+ const char *version = VERSION_STRING;	/* Program version */
+@@ -2110,7 +2112,7 @@ int main(int argc, char *argv[])
+ 		exit(1);
+ 	}
+ 
+-#ifdef LIBXML2_WORKAROUND
++#if defined(WITH_LDAP) && defined(LIBXML2_WORKAROUND)
+ 	void *dh_xml2 = dlopen("libxml2.so", RTLD_NOW);
+ 	if (!dh_xml2)
+ 		dh_xml2 = dlopen("libxml2.so.2", RTLD_NOW);
+@@ -2158,7 +2160,7 @@ int main(int argc, char *argv[])
+ 	if (dh_tirpc)
+ 		dlclose(dh_tirpc);
+ #endif
+-#ifdef LIBXML2_WORKAROUND
++#if defined(WITH_LDAP) && defined( LIBXML2_WORKAROUND)
+ 	if (dh_xml2) {
+ 		xmlCleanupParser();
+ 		dlclose(dh_xml2);

autofs-5.0.5-more-code-analysis-corrections.patch

@@ -0,0 +1,241 @@
+autofs-5.0.5 - more code analysis corrections (and fix a typo in an init script)
+
+From: Jeff Moyer <jmoyer@redhat.com>
+
+- fix an obvious type in Redhat init script.
+- don't call ldap_msgfree when result pointer is null.
+- check return of ldap_parse_result as pointers will be invalid on fail.
+- get rid of a bogus assignment in defaults_free_searchdns.
+- get rid of unused optlen variable in parse_sun.c.
+- check return status of stat(2) in do_mount_direct().
+- get rid of unused name variable in master_add_map_source().
+- check return from ops->askumount() in expire_cleanup().
+- in mount_autofs.c:mount_mount(), don't increment val since we never
+  look at it again.
+- in autofs_sasl_dispose() ctxt must always be valid or we would have
+  a much bigger problem.
+- in st_start_handler() and alarm_start_handler() it is possible for
+  pthread_attr_destroy() to be called with a NULL pointer.
+- we could end up with a non-null result pointer after a failed call to
+  ldap_search_s(), well maybe, so check for it anyway.
+
+Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
+---
+
+ CHANGELOG              |    1 +
+ daemon/direct.c        |    2 +-
+ daemon/state.c         |    5 +++--
+ lib/alarm.c            |    3 ++-
+ lib/defaults.c         |    1 -
+ lib/master.c           |    6 +-----
+ modules/cyrus-sasl.c   |    2 +-
+ modules/lookup_ldap.c  |   13 +++++++++++--
+ modules/mount_autofs.c |    2 +-
+ modules/parse_sun.c    |    3 +--
+ redhat/autofs.init.in  |    2 +-
+ 11 files changed, 23 insertions(+), 17 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 23351c8..b9b1602 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -5,6 +5,7 @@
+ - add mount wait timeout parameter.
+ - special case cifs escapes.
+ - fix compile fail with when LDAP is excluded.
++- more code analysis corrections (and fix a typo in an init script).
+ 
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+diff --git a/daemon/direct.c b/daemon/direct.c
+index 0c78627..9b4e57b 100644
+--- a/daemon/direct.c
++++ b/daemon/direct.c
+@@ -1245,7 +1245,7 @@ static void *do_mount_direct(void *arg)
+ 	}
+ 
+ 	status = stat(mt.name, &st);
+-	if (!S_ISDIR(st.st_mode) || st.st_dev != mt.dev) {
++	if (status != 0 || !S_ISDIR(st.st_mode) || st.st_dev != mt.dev) {
+ 		error(ap->logopt,
+ 		     "direct trigger not valid or already mounted %s",
+ 		     mt.name);
+diff --git a/daemon/state.c b/daemon/state.c
+index 71af46a..27bc6de 100644
+--- a/daemon/state.c
++++ b/daemon/state.c
+@@ -160,7 +160,7 @@ void expire_cleanup(void *arg)
+ 			 * been signaled to shutdown.
+ 			 */
+ 			rv = ops->askumount(ap->logopt, ap->ioctlfd, &idle);
+-			if (!idle && !ap->shutdown) {
++			if (!rv && !idle && !ap->shutdown) {
+ 				next = ST_READY;
+ 				if (!ap->submount)
+ 					alarm_add(ap, ap->exp_runfreq);
+@@ -1198,7 +1198,8 @@ int st_start_handler(void)
+ 
+ 	status = pthread_create(&thid, pattrs, st_queue_handler, NULL);
+ 
+-	pthread_attr_destroy(pattrs);
++	if (pattrs)
++		pthread_attr_destroy(pattrs);
+ 
+ 	return !status;
+ }
+diff --git a/lib/alarm.c b/lib/alarm.c
+index 46df38a..f403d8f 100755
+--- a/lib/alarm.c
++++ b/lib/alarm.c
+@@ -239,7 +239,8 @@ int alarm_start_handler(void)
+ 
+ 	status = pthread_create(&thid, pattrs, alarm_handler, NULL);
+ 
+-	pthread_attr_destroy(pattrs);
++	if (pattrs)
++		pthread_attr_destroy(pattrs);
+ 
+ 	return !status;
+ }
+diff --git a/lib/defaults.c b/lib/defaults.c
+index 2204b18..cb8354d 100644
+--- a/lib/defaults.c
++++ b/lib/defaults.c
+@@ -534,7 +534,6 @@ void defaults_free_searchdns(struct ldap_searchdn *sdn)
+ 	struct ldap_searchdn *this = sdn;
+ 	struct ldap_searchdn *next;
+ 
+-	next = this;
+ 	while (this) {
+ 		next = this->next;
+ 		free(this->basedn);
+diff --git a/lib/master.c b/lib/master.c
+index e43f835..8455f40 100644
+--- a/lib/master.c
++++ b/lib/master.c
+@@ -152,7 +152,7 @@ master_add_map_source(struct master_mapent *entry,
+ {
+ 	struct map_source *source;
+ 	char *ntype, *nformat;
+-	const char **tmpargv, *name = NULL;
++	const char **tmpargv;
+ 
+ 	source = malloc(sizeof(struct map_source));
+ 	if (!source)
+@@ -188,10 +188,6 @@ master_add_map_source(struct master_mapent *entry,
+ 	source->argc = argc;
+ 	source->argv = tmpargv;
+ 
+-	/* Can be NULL for "hosts" map */
+-	if (argv)
+-		name = argv[0];
+-
+ 	master_source_writelock(entry);
+ 
+ 	if (!entry->maps)
+diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c
+index 828143e..92e2226 100644
+--- a/modules/cyrus-sasl.c
++++ b/modules/cyrus-sasl.c
+@@ -911,7 +911,7 @@ void autofs_sasl_dispose(struct lookup_context *ctxt)
+ {
+ 	int status, ret;
+ 
+-	if (ctxt && ctxt->sasl_conn) {
++	if (ctxt->sasl_conn) {
+ 		sasl_dispose(&ctxt->sasl_conn);
+ 		ctxt->sasl_conn = NULL;
+ 	}
+diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
+index f1fb9ce..d8bd169 100644
+--- a/modules/lookup_ldap.c
++++ b/modules/lookup_ldap.c
+@@ -389,13 +389,16 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt
+ 				error(logopt,
+ 				      MODPREFIX "query failed for search dn %s: %s",
+ 				      this->basedn, ldap_err2string(rv));
++				if (result) {
++					ldap_msgfree(result);
++					result = NULL;
++				}
+ 			}
+ 
+ 			this = this->next;
+ 		}
+ 
+ 		if (!result) {
+-			ldap_msgfree(result);
+ 			error(logopt,
+ 			      MODPREFIX "failed to find query dn under search base dns");
+ 			free(query);
+@@ -1954,6 +1957,12 @@ do_paged:
+ 		sp->cookie = NULL;
+ 	}
+ 
++	if (rv != LDAP_SUCCESS) {
++		debug(ap->logopt,
++		      MODPREFIX "ldap_parse_result failed with %d", rv);
++		goto out_free;
++	}
++
+ 	/*
+ 	 * Parse the page control returned to get the cookie and
+ 	 * determine whether there are more pages.
+@@ -1970,8 +1979,8 @@ do_paged:
+ 	if (returnedControls)
+ 		ldap_controls_free(returnedControls);
+ 
++out_free:
+ 	ldap_control_free(pageControl);
+-
+ 	return rv;
+ }
+ 
+diff --git a/modules/mount_autofs.c b/modules/mount_autofs.c
+index afb1859..2a5d860 100644
+--- a/modules/mount_autofs.c
++++ b/modules/mount_autofs.c
+@@ -119,7 +119,7 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name,
+ 			else if (strncmp(cp, "timeout=", 8) == 0) {
+ 				char *val = strchr(cp, '=');
+ 				unsigned tout;
+-				if (val++) {
++				if (val) {
+ 					int ret = sscanf(cp, "timeout=%u", &tout);
+ 					if (ret)
+ 						timeout = tout;
+diff --git a/modules/parse_sun.c b/modules/parse_sun.c
+index db36ae2..921daf4 100644
+--- a/modules/parse_sun.c
++++ b/modules/parse_sun.c
+@@ -1334,7 +1334,7 @@ int parse_mount(struct autofs_point *ap, const char *name,
+ 	char *pmapent, *options;
+ 	const char *p;
+ 	int mapent_len, rv = 0;
+-	int optlen, cur_state;
++	int cur_state;
+ 	int slashify = ctxt->slashify_colons;
+ 	unsigned int append_options;
+ 
+@@ -1389,7 +1389,6 @@ int parse_mount(struct autofs_point *ap, const char *name,
+ 		logerr(MODPREFIX "strdup: %s", estr);
+ 		return 1;
+ 	}
+-	optlen = strlen(options);
+ 
+ 	p = skipspace(pmapent);
+ 
+diff --git a/redhat/autofs.init.in b/redhat/autofs.init.in
+index fded1d8..806302b 100644
+--- a/redhat/autofs.init.in
++++ b/redhat/autofs.init.in
+@@ -172,7 +172,7 @@ case "$1" in
+ 		fi
+ 		;;
+ 	*)
+-		echo $"Usage: $0 {start|forcestart|stop|status|restart|orcerestart|reload|condrestart}"
++		echo $"Usage: $0 {start|forcestart|stop|status|restart|forcerestart|reload|condrestart}"
+ 		exit 1;
+ 		;;
+ esac

autofs-5.0.5-refactor-ldap-sasl-bind.patch

@@ -0,0 +1,223 @@
+autofs-5.0.5 - refactor ldap sasl bind
+
+From: Ian Kent <raven@themaw.net>
+
+During the sasl authentication (and possible authentication method
+selection) we establish a connection and then dispose of it and then
+authenticate again. This is a little inefficient but some servers
+don't like a second authentication using the same LDAP handle and
+authentication fails when it should succeed. We should use the
+authentication connection once we get it and not perform another
+later.
+
+Also fixed with this patch. If a server returns a set of
+authentication mechanisms that all require authentication, then the
+connection pointer is returned to the caller uninitialized (reported
+and fix provided by Jeff Moyer).
+---
+
+ CHANGELOG             |    1 +
+ modules/cyrus-sasl.c  |   55 ++++++++++++++++++---------------------------
+ modules/lookup_ldap.c |   60 -------------------------------------------------
+ 3 files changed, 23 insertions(+), 93 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 674a48b..5adcca5 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -1,6 +1,7 @@
+ ??/??/20?? autofs-5.0.6
+ -----------------------
+ - fix included map read fail handling.
++- refactor ldap sasl bind handling.
+ 
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c
+index 04001d0..828143e 100644
+--- a/modules/cyrus-sasl.c
++++ b/modules/cyrus-sasl.c
+@@ -87,8 +87,8 @@ static sasl_callback_t callbacks[] = {
+ 	{ SASL_CB_LIST_END, NULL, NULL },
+ };
+ 
+-static char *sasl_auth_id, *sasl_auth_secret;
+-sasl_secret_t *sasl_secret;
++static char *sasl_auth_id = NULL;
++static char *sasl_auth_secret = NULL;
+ 
+ static int
+ sasl_log_func(void *context, int level, const char *message)
+@@ -798,7 +798,7 @@ sasl_bind_mech(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt, const c
+ sasl_conn_t *
+ sasl_choose_mech(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
+ {
+-	sasl_conn_t *conn;
++	sasl_conn_t *conn = NULL;
+ 	int authenticated;
+ 	int i;
+ 	char **mechanisms;
+@@ -845,22 +845,6 @@ sasl_choose_mech(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
+ 	return conn;
+ }
+ 
+-int
+-autofs_sasl_bind(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
+-{
+-	sasl_conn_t *conn;
+-
+-	if (!ctxt->sasl_mech)
+-		return -1;
+-
+-	conn = sasl_bind_mech(logopt, ldap, ctxt, ctxt->sasl_mech);
+-	if (!conn)
+-		return -1;
+-
+-	ctxt->sasl_conn = conn;
+-	return 0;
+-}
+-
+ /*
+  *  Routine called when unbinding an ldap connection.
+  */
+@@ -883,35 +867,40 @@ autofs_sasl_unbind(struct lookup_context *ctxt)
+  * -1  -  Failure
+  */
+ int
+-autofs_sasl_init(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
++autofs_sasl_bind(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
+ {
+-	sasl_conn_t *conn;
++	sasl_conn_t *conn = NULL;
++
++	/* If we already have a connection use it */
++	if (ctxt->sasl_conn)
++		return 0;
+ 
+ 	sasl_auth_id = ctxt->user;
+ 	sasl_auth_secret = ctxt->secret;
+ 
++	if (ctxt->auth_required & LDAP_AUTH_AUTODETECT) {
++		if (ctxt->sasl_mech) {
++			free(ctxt->sasl_mech);
++			ctxt->sasl_mech = NULL;
++		}
++	}
++
+ 	/*
+ 	 *  If LDAP_AUTH_AUTODETECT is set, it means that there was no
+ 	 *  mechanism specified in the configuration file or auto
+ 	 *  selection has been requested, so try to auto-select an
+ 	 *  auth mechanism.
+ 	 */
+-	if (!(ctxt->auth_required & LDAP_AUTH_AUTODETECT))
++	if (ctxt->sasl_mech)
+ 		conn = sasl_bind_mech(logopt, ldap, ctxt, ctxt->sasl_mech);
+-	else {
+-		if (ctxt->sasl_mech) {
+-			free(ctxt->sasl_mech);
+-			ctxt->sasl_mech = NULL;
+-		}
++	else
+ 		conn = sasl_choose_mech(logopt, ldap, ctxt);
+-	}
+ 
+-	if (conn) {
+-		sasl_dispose(&conn);
+-		return 0;
+-	}
++	if (!conn)
++		return -1;
+ 
+-	return -1;
++	ctxt->sasl_conn = conn;
++	return 0;
+ }
+ 
+ /*
+diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
+index 2ecf5fe..f1fb9ce 100644
+--- a/modules/lookup_ldap.c
++++ b/modules/lookup_ldap.c
+@@ -59,7 +59,6 @@ struct ldap_search_params {
+ 	time_t age;
+ };
+ 
+-static LDAP *auth_init(unsigned logopt, const char *, struct lookup_context *);
+ static int decode_percent_hack(const char *, char **);
+ 
+ #ifndef HAVE_LDAP_CREATE_PAGE_CONTROL
+@@ -600,33 +599,6 @@ static LDAP *connect_to_server(unsigned logopt, const char *uri, struct lookup_c
+ {
+ 	LDAP *ldap;
+ 
+-#ifdef WITH_SASL
+-	/*
+-	 * Determine which authentication mechanism to use if we require
+-	 * authentication.
+-	 */
+-	if (ctxt->auth_required & (LDAP_AUTH_REQUIRED|LDAP_AUTH_AUTODETECT)) {
+-		ldap = auth_init(logopt, uri, ctxt);
+-		if (!ldap && ctxt->auth_required & LDAP_AUTH_AUTODETECT)
+-			info(logopt,
+-			     "no authentication mechanisms auto detected.");
+-		if (!ldap) {
+-			error(logopt, MODPREFIX
+-			      "cannot initialize authentication setup");
+-			return NULL;
+-		}
+-
+-		if (!do_bind(logopt, ldap, uri, ctxt)) {
+-			unbind_ldap_connection(logopt, ldap, ctxt);
+-			autofs_sasl_dispose(ctxt);
+-			error(logopt, MODPREFIX "cannot bind to server");
+-			return NULL;
+-		}
+-
+-		return ldap;
+-	}
+-#endif
+-
+ 	ldap = do_connect(logopt, uri, ctxt);
+ 	if (!ldap) {
+ 		warn(logopt,
+@@ -1074,38 +1046,6 @@ out:
+ 
+ 	return ret;
+ }
+-
+-/*
+- *  Reads in the xml configuration file and parses out the relevant
+- *  information.  If there is no configuration file, then we fall back to
+- *  trying all supported authentication mechanisms until one works.
+- *
+- *  Returns ldap connection on success, with authtype, user and secret
+- *  filled in as appropriate.  Returns NULL on failre.
+- */
+-static LDAP *auth_init(unsigned logopt, const char *uri, struct lookup_context *ctxt)
+-{
+-	int ret;
+-	LDAP *ldap;
+-
+-	ldap = init_ldap_connection(logopt, uri, ctxt);
+-	if (!ldap)
+-		return NULL;
+-
+-	/*
+-	 *  Initialize the sasl library.  It is okay if user and secret
+-	 *  are NULL, here.
+-	 *
+-	 *  The autofs_sasl_init routine will figure out which mechamism
+-	 *  to use. If kerberos is used, it will also take care to initialize
+-	 *  the credential cache and the client and service principals.
+-	 */
+-	ret = autofs_sasl_init(logopt, ldap, ctxt);
+-	if (ret)
+-		return NULL;
+-
+-	return ldap;
+-}
+ #endif
+ 
+ /*

autofs-5.0.5-special-case-cifs-escapes.patch

@@ -0,0 +1,99 @@
+autofs-5.0.5 - special case cifs escapes
+
+From: Ian Kent <raven@themaw.net>
+
+Since "\" is a valid seperator for cifs shares it can't be used to escape
+characters in the share name passed to mount.cifs. So we have no choice
+but to require that the seperator we use is "/" and de-quote the string
+before sending it to mount.cifs.
+---
+
+ CHANGELOG               |    1 +
+ modules/mount_generic.c |   36 ++++++++++++++++++++++++++++++------
+ 2 files changed, 31 insertions(+), 6 deletions(-)
+
+
+diff --git a/CHANGELOG b/CHANGELOG
+index fadb229..671c979 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -3,6 +3,7 @@
+ - fix included map read fail handling.
+ - refactor ldap sasl bind handling.
+ - add mount wait timeout parameter.
++- special case cifs escapes.
+ 
+ 03/09/2009 autofs-5.0.5
+ -----------------------
+diff --git a/modules/mount_generic.c b/modules/mount_generic.c
+index 8edad8b..da85d1a 100644
+--- a/modules/mount_generic.c
++++ b/modules/mount_generic.c
+@@ -39,6 +39,7 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int
+ {
+ 	char fullpath[PATH_MAX];
+ 	char buf[MAX_ERR_BUF];
++	char *loc;
+ 	int err;
+ 	int len, status, existed = 1;
+ 
+@@ -74,22 +75,44 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int
+ 	if (!status)
+ 		existed = 0;
+ 
++	/*
++	 * Special case quoting for cifs share names.
++	 *
++	 * Since "\" is a valid seperator for cifs shares it can't be
++	 * used to escape characters in the share name passed to
++	 * mount.cifs. So we have no choice but to require that the
++	 * seperator we use is "/" and de-quote the string before
++	 * sending it to mount.cifs.
++	 */
++	loc = NULL;
++	if (strcmp(fstype, "cifs"))
++		loc = strdup(what);
++	else
++		loc = dequote(what, strlen(what), ap->logopt);
++	if (!loc) {
++		error(ap->logopt,
++		      MODPREFIX "failed to alloc buffer for mount location");
++		return 1;
++	}
++
+ 	if (options && options[0]) {
+ 		debug(ap->logopt,
+ 		      MODPREFIX "calling mount -t %s " SLOPPY "-o %s %s %s",
+-		      fstype, options, what, fullpath);
++		      fstype, options, loc, fullpath);
+ 
+ 		err = spawn_mount(ap->logopt, "-t", fstype,
+-			     SLOPPYOPT "-o", options, what, fullpath, NULL);
++			     SLOPPYOPT "-o", options, loc, fullpath, NULL);
+ 	} else {
+ 		debug(ap->logopt, MODPREFIX "calling mount -t %s %s %s",
+-		      fstype, what, fullpath);
+-		err = spawn_mount(ap->logopt, "-t", fstype, what, fullpath, NULL);
++		      fstype, loc, fullpath);
++		err = spawn_mount(ap->logopt, "-t", fstype, loc, fullpath, NULL);
+ 	}
+ 
+ 	if (err) {
+ 		info(ap->logopt, MODPREFIX "failed to mount %s (type %s) on %s",
+-		     what, fstype, fullpath);
++		     loc, fstype, fullpath);
++
++		free(loc);
+ 
+ 		if (ap->type != LKP_INDIRECT)
+ 			return 1;
+@@ -100,7 +123,8 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int
+ 		return 1;
+ 	} else {
+ 		info(ap->logopt, MODPREFIX "mounted %s type %s on %s",
+-		    what, fstype, fullpath);
++		     loc, fstype, fullpath);
++		free(loc);
+ 		return 0;
+ 	}
+ }

autofs.spec

@@ -4,12 +4,19 @@
 Summary: A tool for automatically mounting and unmounting filesystems
 Name: autofs
 Version: 5.0.5
-Release: 1%{?dist}
+Release: 2%{?dist}
 Epoch: 1
 License: GPLv2+
 Group: System Environment/Daemons
 URL: http://wiki.autofs.net/
 Source: ftp://ftp.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}.tar.bz2
+Patch1: autofs-5.0.5-fix-included-map-read-fail-handling.patch
+Patch2: autofs-5.0.5-refactor-ldap-sasl-bind.patch
+Patch3: autofs-5.0.4-add-mount-wait-parameter.patch
+Patch4: autofs-5.0.5-special-case-cifs-escapes.patch
+Patch5: autofs-5.0.5-fix-libxml2-workaround-configure.patch
+Patch6: autofs-5.0.5-more-code-analysis-corrections.patch
+Patch7: autofs-5.0.5-fix-backwards-ifndef-INET6.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: autoconf, hesiod-devel, openldap-devel, bison, flex, libxml2-devel, cyrus-sasl-devel, openssl-devel module-init-tools util-linux nfs-utils e2fsprogs libtirpc-devel
 Requires: kernel >= 2.6.17
@@ -51,6 +58,13 @@ inkludera nätfilsystem, CD-ROM, floppydiskar, och så vidare.
 %prep
 %setup -q
 echo %{version}-%{release} > .version
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
 
 %build
 #CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%{_libdir}
@@ -103,6 +117,17 @@ fi
 %{_libdir}/autofs/
 
 %changelog
+* Tue Oct 6 2009 Ian Kent <kent@redhat.com> - 1:5.0.5-2
+- fix included map read fail handling.
+- refactor ldap sasl authentication bind to eliminate extra connect
+  causing some servers to reject the request. 
+- add mount wait parameter to allow timeout of mount requests to
+  unresponsive servers.
+- special case cifs escape handling.
+- fix libxml2 workaround configure.
+- more code analysis corrections (and fix a typo in an init script).
+- fix backwards #ifndef INET6.
+
 * Fri Sep 4 2009 Ian Kent <ikent@redhat.com> - 1:5.0.5-1
 - update source to latest upstream version.
   - this is essentially a consolidation of the patches already in this rpm.