rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Drop obsolete patches to skip GSSRPC-over-UDP test

Browse Source 
- drop patches from master to not test GSSRPC-over-UDP and to not
  depend on the portmapper, which are areas where our build systems
  often give us trouble, too; obsolete
This commit is contained in:
Nalin Dahyabhai 2013-10-15 17:25:51 -04:00
parent 25fe69d885
commit 0b296b8b04
3 changed files with 3 additions and 289 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
krb5-master-test_gss_no_udp.patch
View File

@ -1,41 +0,0 @@
commit 11bd102c0e3793204111f712e5bd4bf54f2d9573
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed May 1 14:40:31 2013 -0400
Disable UDP pass of gssrpc tests on all platforms
The AUTH_GSSAPI flavor of rpc authentication uses IP address channel
bindings. These are broken over UDP, because svcudp_recv() fails to
get the destination address of incoming packets (it tries to use the
recvmsg() msg_name field to get the destination IP address, which
instead gets the source address; see ticket #5540).
There is no simple or comprehensive way to fix this; using IP_PKTINFO
is a fair amount of code and only works on some platforms. It's also
not very important--nobody should be using AUTH_GSSAPI except perhaps
for compatibility with really old kadmin, and kadmin only runs over
TCP. Since the gssrpc tests are closely wedded to AUTH_GSSAPI, the
simplest fix is to only run the TCP pass.
diff --git a/src/configure.in b/src/configure.in
index 0c8111b..42a5fd5 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -984,16 +984,7 @@ extern void endrpcent();],
AC_MSG_RESULT($k5_cv_type_endrpcent)
AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent])
K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin)
-changequote(<<, >>)
-case "$krb5_cv_host" in
-*-*-solaris2.[012345]*)
- PASS=tcp
- ;;
-*)
- PASS="tcp udp"
- ;;
-esac
-changequote([, ])
+PASS=tcp
AC_SUBST(PASS)
# for pkinit

244
krb5-master-test_no_pmap.patch
View File

@ -1,244 +0,0 @@
commit 5454da3bcaa383f5b47984283f11f010d3d2b73e
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed May 1 13:07:36 2013 -0400
Don't use portmapper in RPC tests
On many Linux systems, due to what is arguably a bug in rpcbind, the
portmapper doesn't allow service registration from non-root processes.
This causes the RPC tests to be frequently skipped. Modify the tests
so that they don't need the portmapper, by grabbing the port number
from the server process and passing it to the client.
diff --git a/doc/build/doing_build.rst b/doc/build/doing_build.rst
index bc438c8..3c686cc 100644
--- a/doc/build/doing_build.rst
+++ b/doc/build/doing_build.rst
@@ -149,9 +149,6 @@ However, there are several prerequisites that must be satisfied first:
**-**\ **-disable-rpath**, which renders the build tree less suitable for
installation, but allows testing without interference from
previously installed libraries.
-* In order to test the RPC layer, the local system has to be running
- the portmap daemon and it has to be listening to the regular network
- interface (not just localhost).
There are additional regression tests available, which are not run
by ``make check``. These tests require manual setup and teardown of
diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c
index a70cf38..6ab4534 100644
--- a/src/lib/rpc/unit-test/client.c
+++ b/src/lib/rpc/unit-test/client.c
@@ -7,12 +7,15 @@
#include <stdio.h>
#include <string.h>
+#include <netdb.h>
+#include <sys/socket.h>
#include "autoconf.h"
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <gssrpc/rpc.h>
#include <gssapi/gssapi.h>
+#include <gssapi/gssapi_krb5.h>
#include <gssrpc/rpc.h>
#include <gssrpc/auth_gssapi.h>
#include "rpc_test.h"
@@ -51,17 +54,19 @@ main(argc, argv)
int argc;
char **argv;
{
- char *host, *target, *echo_arg, **echo_resp, buf[BIG_BUF];
- char *prot;
+ char *host, *port, *target, *echo_arg, **echo_resp, buf[BIG_BUF];
CLIENT *clnt;
AUTH *tmp_auth;
struct rpc_err e;
- int i, auth_once;
+ int i, auth_once, sock, use_tcp;
unsigned int count;
extern int optind;
extern char *optarg;
extern int svc_debug_gssapi, misc_debug_gssapi, auth_debug_gssapi;
int c;
+ struct sockaddr_in sin;
+ struct hostent *h;
+ struct timeval tv;
extern int krb5_gss_dbg_client_expcreds;
krb5_gss_dbg_client_expcreds = 1;
@@ -69,7 +74,7 @@ main(argc, argv)
whoami = argv[0];
count = 1026;
auth_once = 0;
- prot = NULL;
+ use_tcp = -1;
while ((c = getopt(argc, argv, "a:m:os:tu")) != -1) {
switch (c) {
@@ -86,39 +91,60 @@ main(argc, argv)
svc_debug_gssapi = atoi(optarg);
break;
case 't':
- prot = "tcp";
+ use_tcp = 1;
break;
case 'u':
- prot = "udp";
+ use_tcp = 0;
break;
case '?':
usage();
break;
}
}
- if (prot == NULL)
+ if (use_tcp == -1)
usage();
argv += optind;
argc -= optind;
switch (argc) {
- case 3:
- count = atoi(argv[2]);
+ case 4:
+ count = atoi(argv[3]);
if (count > BIG_BUF-1) {
fprintf(stderr, "Test count cannot exceed %d.\n", BIG_BUF-1);
usage();
}
- case 2:
+ case 3:
host = argv[0];
- target = argv[1];
+ port = argv[1];
+ target = argv[2];
break;
default:
usage();
}
+ /* get server address */
+ h = gethostbyname(host);
+ if (h == NULL) {
+ fprintf(stderr, "Can't resolve hostname %s\n", host);
+ exit(1);
+ }
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = h->h_addrtype;
+ sin.sin_port = ntohs(atoi(port));
+ memmove(&sin.sin_addr, h->h_addr, sizeof(sin.sin_addr));
+
/* client handle to rstat */
- clnt = clnt_create(host, RPC_TEST_PROG, RPC_TEST_VERS_1, prot);
+ sock = RPC_ANYSOCK;
+ if (use_tcp) {
+ clnt = clnttcp_create(&sin, RPC_TEST_PROG, RPC_TEST_VERS_1, &sock, 0,
+ 0);
+ } else {
+ tv.tv_sec = 5;
+ tv.tv_usec = 0;
+ clnt = clntudp_create(&sin, RPC_TEST_PROG, RPC_TEST_VERS_1, tv,
+ &sock);
+ }
if (clnt == NULL) {
clnt_pcreateerror(whoami);
exit(1);
diff --git a/src/lib/rpc/unit-test/config/unix.exp b/src/lib/rpc/unit-test/config/unix.exp
index f02116e..ba57b70 100644
--- a/src/lib/rpc/unit-test/config/unix.exp
+++ b/src/lib/rpc/unit-test/config/unix.exp
@@ -112,10 +112,6 @@ proc rpc_test_exit {} {
global server_started
global kill
- if { [info exists server_started] && $server_started == 0 } {
- return
- }
-
if {[catch {
expect {
-i $server_id
@@ -138,6 +134,7 @@ proc rpc_test_start { } {
global server_id
global server_pid
global server_started
+ global server_port
global env
if [info exists server_pid] { rpc_test_exit }
@@ -148,25 +145,17 @@ proc rpc_test_start { } {
set server_pid [spawn $SERVER $PROT]
set server_id $spawn_id
set server_started 1
+ set server_port -1
unset env(KRB5_KTNAME)
set timeout 30
expect {
+ -re "port: (\[0-9\]*)\r\n" {
+ set server_port $expect_out(1,string)
+ }
"running" { }
- "Cannot register service" {
- send_error "Server cannot register with portmap/rpcbind!!\n"
- note "+++"
- note "+++ These tests require the ability to register with portmap/rpcbind"
- note "+++ Either the server is not running or it does not"
- note "+++ allow registration using a loopback connection"
- note "+++"
- verbose $expect_out(buffer) 1
- set server_started 0
- unsupported "Server registration"
- return
- }
eof {
send_error "server exited!"
verbose $expect_out(buffer) 1
diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp
index 963fff4..a1b0783 100644
--- a/src/lib/rpc/unit-test/lib/helpers.exp
+++ b/src/lib/rpc/unit-test/lib/helpers.exp
@@ -170,7 +170,7 @@ proc flush_server {} {
proc start_client {testname ccname user password lifetime count
{target ""}} {
- global env CLIENT PROT hostname spawn_id verbose
+ global env CLIENT PROT hostname server_port spawn_id verbose
if {$target == ""} {
set target "server@$hostname"
@@ -180,9 +180,9 @@ proc start_client {testname ccname user password lifetime count
kinit $user $password $lifetime
if {$verbose > 0} {
- spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $target $count
+ spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $server_port $target $count
} else {
- spawn $CLIENT $PROT $hostname $target $count
+ spawn $CLIENT $PROT $hostname $server_port $target $count
}
verbose "$testname: client $ccname started"
diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c
index c2cb30c..7451558 100644
--- a/src/lib/rpc/unit-test/server.c
+++ b/src/lib/rpc/unit-test/server.c
@@ -114,12 +114,13 @@ main(int argc, char **argv)
exit(1);
}
if (!svc_register(transp, RPC_TEST_PROG, RPC_TEST_VERS_1,
- rpc_test_prog_1_svc, prot)) {
+ rpc_test_prog_1_svc, 0)) {
fprintf(stderr,
"unable to register (RPC_TEST_PROG, RPC_TEST_VERS_1, %s).",
prot == IPPROTO_TCP ? "tcp" : "udp");
exit(1);
}
+ printf("port: %d\n", (int)transp->xp_port);
if (svcauth_gssapi_set_names(names, 0) == FALSE) {
fprintf(stderr, "unable to set gssapi names\n");

7
krb5.spec
View File

@ -90,8 +90,6 @@ Patch86: krb5-1.9-debuginfo.patch
Patch105: krb5-kvno-230379.patch
Patch125: krb5-1.11.2-skew1.patch
Patch126: krb5-1.11.2-skew2.patch
Patch127: krb5-master-test_gss_no_udp.patch
Patch128: krb5-master-test_no_pmap.patch
Patch129: krb5-1.11-run_user_0.patch
Patch131: krb5-1.11.3-skew3.patch
Patch132: krb5-1.11-gss-methods1.patch
@ -318,8 +316,6 @@ ln -s NOTICE LICENSE
%patch105 -p1 -b .kvno
%patch125 -p1 -b .skew1
%patch126 -p1 -b .skew2
%patch127 -p1 -b .test_gss_no_udp
%patch128 -p1 -b .test_no_pmap
# Apply when the hard-wired or configured default location is
# DIR:/run/user/%%{uid}/krb5cc.
@ -1028,6 +1024,9 @@ exit 0
- drop backport for RT#7172
- drop backport for RT#7642
- drop backport for RT#7643
- drop patches from master to not test GSSRPC-over-UDP and to not
depend on the portmapper, which are areas where our build systems
often give us trouble, too; obsolete
* Wed Oct 16 2013 Nalin Dahyabhai <nalin@redhat.com> - 1.11.3-26
- create and own /etc/gss (#1019937)