krb5/krb5-master-test_gss_no_udp.patch

42 lines
1.5 KiB
Diff
Raw Normal View History

commit 11bd102c0e3793204111f712e5bd4bf54f2d9573
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed May 1 14:40:31 2013 -0400
Disable UDP pass of gssrpc tests on all platforms
The AUTH_GSSAPI flavor of rpc authentication uses IP address channel
bindings. These are broken over UDP, because svcudp_recv() fails to
get the destination address of incoming packets (it tries to use the
recvmsg() msg_name field to get the destination IP address, which
instead gets the source address; see ticket #5540).
There is no simple or comprehensive way to fix this; using IP_PKTINFO
is a fair amount of code and only works on some platforms. It's also
not very important--nobody should be using AUTH_GSSAPI except perhaps
for compatibility with really old kadmin, and kadmin only runs over
TCP. Since the gssrpc tests are closely wedded to AUTH_GSSAPI, the
simplest fix is to only run the TCP pass.
diff --git a/src/configure.in b/src/configure.in
index 0c8111b..42a5fd5 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -984,16 +984,7 @@ extern void endrpcent();],
AC_MSG_RESULT($k5_cv_type_endrpcent)
AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent])
K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin)
-changequote(<<, >>)
-case "$krb5_cv_host" in
-*-*-solaris2.[012345]*)
- PASS=tcp
- ;;
-*)
- PASS="tcp udp"
- ;;
-esac
-changequote([, ])
+PASS=tcp
AC_SUBST(PASS)
# for pkinit