Ignore EINVAL for kerberos/ccache login to fix SMB mounting

Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>

.gvfs.metadata

@@ -0,0 +1 @@
+d49f1e5247ad09d07e9a9ec0a936959e9fbdb7f1 gvfs-1.48.1.tar.xz

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional}

gvfs.spec

@@ -1,14 +1,13 @@
 %global avahi_version 0.6
 %global fuse_version 3.0.0
-%global gettext_version 0.19.4
-%global glib2_version 2.57.2
+%global glib2_version 2.65.1
 %global gsettings_desktop_schemas_version 3.33.0
 %global goa_version 3.17.1
 %global gudev_version 147
 %global libarchive_version 3.0.22
 %global libcdio_paranoia_version 0.78.2
 %global libgcrypt_version 1.2.2
-%global libgdata_version 0.17.11
+%global libgdata_version 0.18.0
 %global libgphoto2_version 2.5.0
 %global libimobiledevice_version 1.2
 %global libmtp_version 1.1.15
@@ -22,17 +21,20 @@
 %global udisks2_version 1.97
 
 Name: gvfs
-Version: 1.46.2
-Release: 1%{?dist}
+Version: 1.48.1
+Release: 4%{?dist}
 Summary: Backends for the gio framework in GLib
 
 License: GPLv3 and LGPLv2+ and BSD and MPLv2.0
 URL: https://wiki.gnome.org/Projects/gvfs
-Source0: https://download.gnome.org/sources/gvfs/1.46/gvfs-%{version}.tar.xz
+Source0: https://download.gnome.org/sources/gvfs/1.48/gvfs-%{version}.tar.xz
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=2093861
+Patch0: smb-Ignore-EINVAL-for-kerberos-ccache-login.patch
+Patch1: smb-Rework-anonymous-handling-to-avoid-EINVAL.patch
 
 BuildRequires: meson
 BuildRequires: gcc
-BuildRequires: git
 BuildRequires: pkgconfig
 BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version}
 BuildRequires: pkgconfig(dbus-glib-1)
@@ -45,7 +47,7 @@ BuildRequires: pkgconfig(libsoup-2.4) >= %{libsoup_version}
 BuildRequires: pkgconfig(avahi-client) >= %{avahi_version}
 BuildRequires: pkgconfig(avahi-glib) >= %{avahi_version}
 BuildRequires: pkgconfig(libsecret-1)
-BuildRequires: gettext-devel >= %{gettext_version}
+BuildRequires: gettext-devel
 BuildRequires: pkgconfig(udisks2) >= %{udisks2_version}
 %if ! 0%{?rhel}
 BuildRequires: pkgconfig(libbluray)
@@ -221,7 +223,7 @@ The gvfs-tests package contains tests that can be used to verify
 the functionality of the installed gvfs package.
 
 %prep
-%autosetup -p1 -S git
+%autosetup -p1
 
 %build
 %meson -Dinstalled_tests=true \
@@ -237,6 +239,7 @@ the functionality of the installed gvfs package.
 %if 0%{?rhel} >= 9
        -Darchive=false \
        -Dafp=false \
+       -Dgcrypt=false \
 %endif
         %{nil}
 %meson_build
@@ -426,6 +429,34 @@ killall -USR1 gvfsd >&/dev/null || :
 %{_datadir}/installed-tests
 
 %changelog
+* Tue Jun 14 2022 Ondrej Holy <oholy@redhat.com> - 1.48.1-4
+- Ignore EINVAL for kerberos/ccache login to fix SMB mounting (#2093861)
+
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.48.1-3
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Tue Jul 13 2021 Ondrej Holy <oholy@redhat.com> - 1.48.1-2
+- Disable gcrypt to fix build
+
+* Wed May 05 2021 Kalev Lember <klember@redhat.com> - 1.48.1-1
+- Update to 1.48.1
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.48.0-2
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Mon Mar 22 2021 Kalev Lember <klember@redhat.com> - 1.48.0-1
+- Update to 1.48.0
+
+* Mon Mar 15 2021 Kalev Lember <klember@redhat.com> - 1.47.91-1
+- Update to 1.47.91
+
+* Wed Feb 17 2021 Kalev Lember <klember@redhat.com> - 1.47.90-1
+- Update to 1.47.90
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.46.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
 * Sat Jan 16 2021 Kalev Lember <klember@redhat.com> - 1.46.2-1
 - Update to 1.46.2
 

smb-Ignore-EINVAL-for-kerberos-ccache-login.patch

@@ -0,0 +1,58 @@
+From 747c7f6ea6c8b6a7ccd008bb47996ba7eb169bcc Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Mon, 11 Apr 2022 10:54:04 +0200
+Subject: [PATCH] smb: Ignore EINVAL for kerberos/ccache login
+
+With samba 4.16.0, mount operation fails with the "Invalid Argument" error
+when kerberos/ccache is misconfigured. Ignore this error, so user get a chance
+to login using the password...
+
+Fixes: https://gitlab.gnome.org/GNOME/gvfs/-/issues/611
+---
+ daemon/gvfsbackendsmb.c       |  8 +++++++-
+ daemon/gvfsbackendsmbbrowse.c | 10 ++++++++--
+ 2 files changed, 15 insertions(+), 3 deletions(-)
+
+diff --git a/daemon/gvfsbackendsmb.c b/daemon/gvfsbackendsmb.c
+index 33d1a209..776b67bc 100644
+--- a/daemon/gvfsbackendsmb.c
++++ b/daemon/gvfsbackendsmb.c
+@@ -513,7 +513,13 @@ do_mount (GVfsBackend *backend,
+       if (res == 0)
+         break;
+ 
+-      if (op_backend->mount_cancelled || (errsv != EACCES && errsv != EPERM))
++      if (errsv == EINVAL && op_backend->mount_try <= 1 && op_backend->user == NULL)
++        {
++          /* EINVAL is "expected" when kerberos/ccache is misconfigured, see:
++           * https://gitlab.gnome.org/GNOME/gvfs/-/issues/611
++           */
++        }
++      else if (op_backend->mount_cancelled || (errsv != EACCES && errsv != EPERM))
+         {
+           g_debug ("do_mount - (errno != EPERM && errno != EACCES), cancelled = %d, breaking\n", op_backend->mount_cancelled);
+           break;
+diff --git a/daemon/gvfsbackendsmbbrowse.c b/daemon/gvfsbackendsmbbrowse.c
+index 57bae9db..7e8facfb 100644
+--- a/daemon/gvfsbackendsmbbrowse.c
++++ b/daemon/gvfsbackendsmbbrowse.c
+@@ -967,8 +967,14 @@ do_mount (GVfsBackend *backend,
+              uri, op_backend->mount_try, dir, op_backend->mount_cancelled,
+              errsv, g_strerror (errsv));
+ 
+-      if (dir == NULL && 
+-          (op_backend->mount_cancelled || (errsv != EPERM && errsv != EACCES)))
++      if (errsv == EINVAL && op_backend->mount_try == 0 && op_backend->user == NULL)
++        {
++          /* EINVAL is "expected" when kerberos is misconfigured, see:
++           * https://gitlab.gnome.org/GNOME/gvfs/-/issues/611
++           */
++        }
++      else if (dir == NULL &&
++               (op_backend->mount_cancelled || (errsv != EPERM && errsv != EACCES)))
+         {
+           g_debug ("do_mount - (errno != EPERM && errno != EACCES), cancelled = %d, breaking\n", op_backend->mount_cancelled);
+ 	  break;
+-- 
+2.35.1
+

smb-Rework-anonymous-handling-to-avoid-EINVAL.patch

@@ -0,0 +1,74 @@
+From 8c7e79042d819304ea38408d0d90313eef7a3869 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Wed, 4 May 2022 13:20:46 +0200
+Subject: [PATCH] smb: Rework anonymous handling to avoid EINVAL
+
+After the recent samba change, the "Invalid Argument" error can be still
+returned when anonymous login is requested even after the commit 747c7f6.
+This is because `smbc_setOptionNoAutoAnonymousLogin` is called after returning
+from the `auth_callback` function (i.e. there is one redundant iteration).
+Let's rework the handling a bit and call that immediately, which bypasses
+the issue.
+
+Fixes: https://gitlab.gnome.org/GNOME/gvfs/-/issues/619
+---
+ daemon/gvfsbackendsmb.c | 19 ++++---------------
+ 1 file changed, 4 insertions(+), 15 deletions(-)
+
+diff --git a/daemon/gvfsbackendsmb.c b/daemon/gvfsbackendsmb.c
+index 776b67bc..a1e3eacd 100644
+--- a/daemon/gvfsbackendsmb.c
++++ b/daemon/gvfsbackendsmb.c
+@@ -80,7 +80,6 @@ struct _GVfsBackendSmb
+   int mount_try;
+   gboolean mount_try_again;
+   gboolean mount_cancelled;
+-  gboolean use_anonymous;
+ 	
+   gboolean password_in_keyring;
+   GPasswordSave password_save;
+@@ -215,13 +214,6 @@ auth_callback (SMBCCTX *context,
+       backend->mount_try_again = TRUE;
+       g_debug ("auth_callback - ccache pass\n");
+     }
+-  else if (backend->use_anonymous)
+-    {
+-      /* Try again if anonymous login fails */
+-      backend->use_anonymous = FALSE;
+-      backend->mount_try_again = TRUE;
+-      g_debug ("auth_callback - anonymous login pass\n");
+-    }
+   else
+     {
+       gboolean in_keyring = FALSE;
+@@ -304,10 +296,13 @@ auth_callback (SMBCCTX *context,
+       /* Try again if this fails */
+       backend->mount_try_again = TRUE;
+ 
++      smbc_setOptionNoAutoAnonymousLogin (backend->smb_context,
++                                          !anonymous);
++
+       if (anonymous)
+         {
+-          backend->use_anonymous = TRUE;
+           backend->password_save = FALSE;
++          g_debug ("auth_callback - anonymous enabled\n");
+         }
+       else
+         {
+@@ -535,12 +530,6 @@ do_mount (GVfsBackend *backend,
+           smbc_setOptionFallbackAfterKerberos (op_backend->smb_context, 1);
+         }
+ 
+-      /* If the AskPassword reply requested anonymous login, enable the
+-       * anonymous fallback and try again.
+-       */
+-      smbc_setOptionNoAutoAnonymousLogin (op_backend->smb_context,
+-                                          !op_backend->use_anonymous);
+-
+       op_backend->mount_try ++;
+     }
+   while (op_backend->mount_try_again);
+-- 
+2.36.0
+

sources

@@ -1 +1 @@
-SHA512 (gvfs-1.46.2.tar.xz) = 78e8efd23e4b8325ad793417333cf350c7bdcd141f29f246ddcc89b79b922193f1d33c722b1b34b734e0e06cbfdc107cc1c3a5df2777065f54e5001c646b7676
+SHA512 (gvfs-1.48.1.tar.xz) = 19a642bcfce37eaa0d2d9f509fed6c67abfea0f79f5be9a17074d20e9ba71252a13583a2e08de88718cb141c5e79e34c84c765c87160351fe21291a8f88abe8c