diff --git a/krb5-master-test_gss_no_udp.patch b/krb5-master-test_gss_no_udp.patch deleted file mode 100644 index 866647d..0000000 --- a/krb5-master-test_gss_no_udp.patch +++ /dev/null @@ -1,41 +0,0 @@ -commit 11bd102c0e3793204111f712e5bd4bf54f2d9573 -Author: Greg Hudson -Date: Wed May 1 14:40:31 2013 -0400 - - Disable UDP pass of gssrpc tests on all platforms - - The AUTH_GSSAPI flavor of rpc authentication uses IP address channel - bindings. These are broken over UDP, because svcudp_recv() fails to - get the destination address of incoming packets (it tries to use the - recvmsg() msg_name field to get the destination IP address, which - instead gets the source address; see ticket #5540). - - There is no simple or comprehensive way to fix this; using IP_PKTINFO - is a fair amount of code and only works on some platforms. It's also - not very important--nobody should be using AUTH_GSSAPI except perhaps - for compatibility with really old kadmin, and kadmin only runs over - TCP. Since the gssrpc tests are closely wedded to AUTH_GSSAPI, the - simplest fix is to only run the TCP pass. - -diff --git a/src/configure.in b/src/configure.in -index 0c8111b..42a5fd5 100644 ---- a/src/configure.in -+++ b/src/configure.in -@@ -984,16 +984,7 @@ extern void endrpcent();], - AC_MSG_RESULT($k5_cv_type_endrpcent) - AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent]) - K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin) --changequote(<<, >>) --case "$krb5_cv_host" in --*-*-solaris2.[012345]*) -- PASS=tcp -- ;; --*) -- PASS="tcp udp" -- ;; --esac --changequote([, ]) -+PASS=tcp - AC_SUBST(PASS) - - # for pkinit diff --git a/krb5-master-test_no_pmap.patch b/krb5-master-test_no_pmap.patch deleted file mode 100644 index bc6afed..0000000 --- a/krb5-master-test_no_pmap.patch +++ /dev/null @@ -1,244 +0,0 @@ -commit 5454da3bcaa383f5b47984283f11f010d3d2b73e -Author: Greg Hudson -Date: Wed May 1 13:07:36 2013 -0400 - - Don't use portmapper in RPC tests - - On many Linux systems, due to what is arguably a bug in rpcbind, the - portmapper doesn't allow service registration from non-root processes. - This causes the RPC tests to be frequently skipped. Modify the tests - so that they don't need the portmapper, by grabbing the port number - from the server process and passing it to the client. - -diff --git a/doc/build/doing_build.rst b/doc/build/doing_build.rst -index bc438c8..3c686cc 100644 ---- a/doc/build/doing_build.rst -+++ b/doc/build/doing_build.rst -@@ -149,9 +149,6 @@ However, there are several prerequisites that must be satisfied first: - **-**\ **-disable-rpath**, which renders the build tree less suitable for - installation, but allows testing without interference from - previously installed libraries. --* In order to test the RPC layer, the local system has to be running -- the portmap daemon and it has to be listening to the regular network -- interface (not just localhost). - - There are additional regression tests available, which are not run - by ``make check``. These tests require manual setup and teardown of -diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c -index a70cf38..6ab4534 100644 ---- a/src/lib/rpc/unit-test/client.c -+++ b/src/lib/rpc/unit-test/client.c -@@ -7,12 +7,15 @@ - - #include - #include -+#include -+#include - #include "autoconf.h" - #ifdef HAVE_UNISTD_H - #include - #endif - #include - #include -+#include - #include - #include - #include "rpc_test.h" -@@ -51,17 +54,19 @@ main(argc, argv) - int argc; - char **argv; - { -- char *host, *target, *echo_arg, **echo_resp, buf[BIG_BUF]; -- char *prot; -+ char *host, *port, *target, *echo_arg, **echo_resp, buf[BIG_BUF]; - CLIENT *clnt; - AUTH *tmp_auth; - struct rpc_err e; -- int i, auth_once; -+ int i, auth_once, sock, use_tcp; - unsigned int count; - extern int optind; - extern char *optarg; - extern int svc_debug_gssapi, misc_debug_gssapi, auth_debug_gssapi; - int c; -+ struct sockaddr_in sin; -+ struct hostent *h; -+ struct timeval tv; - - extern int krb5_gss_dbg_client_expcreds; - krb5_gss_dbg_client_expcreds = 1; -@@ -69,7 +74,7 @@ main(argc, argv) - whoami = argv[0]; - count = 1026; - auth_once = 0; -- prot = NULL; -+ use_tcp = -1; - - while ((c = getopt(argc, argv, "a:m:os:tu")) != -1) { - switch (c) { -@@ -86,39 +91,60 @@ main(argc, argv) - svc_debug_gssapi = atoi(optarg); - break; - case 't': -- prot = "tcp"; -+ use_tcp = 1; - break; - case 'u': -- prot = "udp"; -+ use_tcp = 0; - break; - case '?': - usage(); - break; - } - } -- if (prot == NULL) -+ if (use_tcp == -1) - usage(); - - argv += optind; - argc -= optind; - - switch (argc) { -- case 3: -- count = atoi(argv[2]); -+ case 4: -+ count = atoi(argv[3]); - if (count > BIG_BUF-1) { - fprintf(stderr, "Test count cannot exceed %d.\n", BIG_BUF-1); - usage(); - } -- case 2: -+ case 3: - host = argv[0]; -- target = argv[1]; -+ port = argv[1]; -+ target = argv[2]; - break; - default: - usage(); - } - -+ /* get server address */ -+ h = gethostbyname(host); -+ if (h == NULL) { -+ fprintf(stderr, "Can't resolve hostname %s\n", host); -+ exit(1); -+ } -+ memset(&sin, 0, sizeof(sin)); -+ sin.sin_family = h->h_addrtype; -+ sin.sin_port = ntohs(atoi(port)); -+ memmove(&sin.sin_addr, h->h_addr, sizeof(sin.sin_addr)); -+ - /* client handle to rstat */ -- clnt = clnt_create(host, RPC_TEST_PROG, RPC_TEST_VERS_1, prot); -+ sock = RPC_ANYSOCK; -+ if (use_tcp) { -+ clnt = clnttcp_create(&sin, RPC_TEST_PROG, RPC_TEST_VERS_1, &sock, 0, -+ 0); -+ } else { -+ tv.tv_sec = 5; -+ tv.tv_usec = 0; -+ clnt = clntudp_create(&sin, RPC_TEST_PROG, RPC_TEST_VERS_1, tv, -+ &sock); -+ } - if (clnt == NULL) { - clnt_pcreateerror(whoami); - exit(1); -diff --git a/src/lib/rpc/unit-test/config/unix.exp b/src/lib/rpc/unit-test/config/unix.exp -index f02116e..ba57b70 100644 ---- a/src/lib/rpc/unit-test/config/unix.exp -+++ b/src/lib/rpc/unit-test/config/unix.exp -@@ -112,10 +112,6 @@ proc rpc_test_exit {} { - global server_started - global kill - -- if { [info exists server_started] && $server_started == 0 } { -- return -- } -- - if {[catch { - expect { - -i $server_id -@@ -138,6 +134,7 @@ proc rpc_test_start { } { - global server_id - global server_pid - global server_started -+ global server_port - global env - - if [info exists server_pid] { rpc_test_exit } -@@ -148,25 +145,17 @@ proc rpc_test_start { } { - set server_pid [spawn $SERVER $PROT] - set server_id $spawn_id - set server_started 1 -+ set server_port -1 - - unset env(KRB5_KTNAME) - - set timeout 30 - - expect { -+ -re "port: (\[0-9\]*)\r\n" { -+ set server_port $expect_out(1,string) -+ } - "running" { } -- "Cannot register service" { -- send_error "Server cannot register with portmap/rpcbind!!\n" -- note "+++" -- note "+++ These tests require the ability to register with portmap/rpcbind" -- note "+++ Either the server is not running or it does not" -- note "+++ allow registration using a loopback connection" -- note "+++" -- verbose $expect_out(buffer) 1 -- set server_started 0 -- unsupported "Server registration" -- return -- } - eof { - send_error "server exited!" - verbose $expect_out(buffer) 1 -diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp -index 963fff4..a1b0783 100644 ---- a/src/lib/rpc/unit-test/lib/helpers.exp -+++ b/src/lib/rpc/unit-test/lib/helpers.exp -@@ -170,7 +170,7 @@ proc flush_server {} { - - proc start_client {testname ccname user password lifetime count - {target ""}} { -- global env CLIENT PROT hostname spawn_id verbose -+ global env CLIENT PROT hostname server_port spawn_id verbose - - if {$target == ""} { - set target "server@$hostname" -@@ -180,9 +180,9 @@ proc start_client {testname ccname user password lifetime count - kinit $user $password $lifetime - - if {$verbose > 0} { -- spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $target $count -+ spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $server_port $target $count - } else { -- spawn $CLIENT $PROT $hostname $target $count -+ spawn $CLIENT $PROT $hostname $server_port $target $count - } - - verbose "$testname: client $ccname started" -diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c -index c2cb30c..7451558 100644 ---- a/src/lib/rpc/unit-test/server.c -+++ b/src/lib/rpc/unit-test/server.c -@@ -114,12 +114,13 @@ main(int argc, char **argv) - exit(1); - } - if (!svc_register(transp, RPC_TEST_PROG, RPC_TEST_VERS_1, -- rpc_test_prog_1_svc, prot)) { -+ rpc_test_prog_1_svc, 0)) { - fprintf(stderr, - "unable to register (RPC_TEST_PROG, RPC_TEST_VERS_1, %s).", - prot == IPPROTO_TCP ? "tcp" : "udp"); - exit(1); - } -+ printf("port: %d\n", (int)transp->xp_port); - - if (svcauth_gssapi_set_names(names, 0) == FALSE) { - fprintf(stderr, "unable to set gssapi names\n"); diff --git a/krb5.spec b/krb5.spec index fdc860f..4a13b61 100644 --- a/krb5.spec +++ b/krb5.spec @@ -90,8 +90,6 @@ Patch86: krb5-1.9-debuginfo.patch Patch105: krb5-kvno-230379.patch Patch125: krb5-1.11.2-skew1.patch Patch126: krb5-1.11.2-skew2.patch -Patch127: krb5-master-test_gss_no_udp.patch -Patch128: krb5-master-test_no_pmap.patch Patch129: krb5-1.11-run_user_0.patch Patch131: krb5-1.11.3-skew3.patch Patch132: krb5-1.11-gss-methods1.patch @@ -318,8 +316,6 @@ ln -s NOTICE LICENSE %patch105 -p1 -b .kvno %patch125 -p1 -b .skew1 %patch126 -p1 -b .skew2 -%patch127 -p1 -b .test_gss_no_udp -%patch128 -p1 -b .test_no_pmap # Apply when the hard-wired or configured default location is # DIR:/run/user/%%{uid}/krb5cc. @@ -1028,6 +1024,9 @@ exit 0 - drop backport for RT#7172 - drop backport for RT#7642 - drop backport for RT#7643 + - drop patches from master to not test GSSRPC-over-UDP and to not + depend on the portmapper, which are areas where our build systems + often give us trouble, too; obsolete * Wed Oct 16 2013 Nalin Dahyabhai - 1.11.3-26 - create and own /etc/gss (#1019937)