Turn off some tests that master stopped doing
- pull in patches from master to not test GSSRPC-over-UDP and to not depend on the portmapper, which are areas where our build systems often give us trouble, too
This commit is contained in:
		
							parent
							
								
									bafcf02fa5
								
							
						
					
					
						commit
						11a4bca1fa
					
				| @ -1,14 +0,0 @@ | ||||
| We sort of sabotage the test here, changing the result when the local | ||||
| portmapper is running but won't allow us to register so that it's treated the | ||||
| same as a portmapper-not-running case. | ||||
| 
 | ||||
| --- krb5/src/lib/rpc/unit-test/server.c
 | ||||
| +++ krb5/src/lib/rpc/unit-test/server.c
 | ||||
| @@ -116,6 +116,7 @@ main(int argc, char **argv)
 | ||||
|       if (!svc_register(transp, RPC_TEST_PROG, RPC_TEST_VERS_1, | ||||
|  		       rpc_test_prog_1_svc, prot)) { | ||||
|  	  fprintf(stderr, | ||||
| +		  "Cannot register service: " /* don't bail fatally just because rpcbind isn't obliging us */
 | ||||
|  		  "unable to register (RPC_TEST_PROG, RPC_TEST_VERS_1, %s).", | ||||
|  		  prot == IPPROTO_TCP ? "tcp" : "udp"); | ||||
|  	  exit(1); | ||||
							
								
								
									
										41
									
								
								krb5-master-test_gss_no_udp.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										41
									
								
								krb5-master-test_gss_no_udp.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,41 @@ | ||||
| commit 11bd102c0e3793204111f712e5bd4bf54f2d9573 | ||||
| Author: Greg Hudson <ghudson@mit.edu> | ||||
| Date:   Wed May 1 14:40:31 2013 -0400 | ||||
| 
 | ||||
|     Disable UDP pass of gssrpc tests on all platforms | ||||
|      | ||||
|     The AUTH_GSSAPI flavor of rpc authentication uses IP address channel | ||||
|     bindings.  These are broken over UDP, because svcudp_recv() fails to | ||||
|     get the destination address of incoming packets (it tries to use the | ||||
|     recvmsg() msg_name field to get the destination IP address, which | ||||
|     instead gets the source address; see ticket #5540). | ||||
|      | ||||
|     There is no simple or comprehensive way to fix this; using IP_PKTINFO | ||||
|     is a fair amount of code and only works on some platforms.  It's also | ||||
|     not very important--nobody should be using AUTH_GSSAPI except perhaps | ||||
|     for compatibility with really old kadmin, and kadmin only runs over | ||||
|     TCP.  Since the gssrpc tests are closely wedded to AUTH_GSSAPI, the | ||||
|     simplest fix is to only run the TCP pass. | ||||
| 
 | ||||
| diff --git a/src/configure.in b/src/configure.in
 | ||||
| index 0c8111b..42a5fd5 100644
 | ||||
| --- a/src/configure.in
 | ||||
| +++ b/src/configure.in
 | ||||
| @@ -984,16 +984,7 @@ extern void endrpcent();],
 | ||||
|  AC_MSG_RESULT($k5_cv_type_endrpcent) | ||||
|  AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent]) | ||||
|  K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin) | ||||
| -changequote(<<, >>)
 | ||||
| -case "$krb5_cv_host" in
 | ||||
| -*-*-solaris2.[012345]*)
 | ||||
| -	PASS=tcp
 | ||||
| -	;;
 | ||||
| -*)
 | ||||
| -	PASS="tcp udp"
 | ||||
| -	;;
 | ||||
| -esac
 | ||||
| -changequote([, ])
 | ||||
| +PASS=tcp
 | ||||
|  AC_SUBST(PASS) | ||||
|   | ||||
|  # for pkinit | ||||
							
								
								
									
										244
									
								
								krb5-master-test_no_pmap.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										244
									
								
								krb5-master-test_no_pmap.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,244 @@ | ||||
| commit 5454da3bcaa383f5b47984283f11f010d3d2b73e | ||||
| Author: Greg Hudson <ghudson@mit.edu> | ||||
| Date:   Wed May 1 13:07:36 2013 -0400 | ||||
| 
 | ||||
|     Don't use portmapper in RPC tests | ||||
|      | ||||
|     On many Linux systems, due to what is arguably a bug in rpcbind, the | ||||
|     portmapper doesn't allow service registration from non-root processes. | ||||
|     This causes the RPC tests to be frequently skipped.  Modify the tests | ||||
|     so that they don't need the portmapper, by grabbing the port number | ||||
|     from the server process and passing it to the client. | ||||
| 
 | ||||
| diff --git a/doc/build/doing_build.rst b/doc/build/doing_build.rst
 | ||||
| index bc438c8..3c686cc 100644
 | ||||
| --- a/doc/build/doing_build.rst
 | ||||
| +++ b/doc/build/doing_build.rst
 | ||||
| @@ -149,9 +149,6 @@ However, there are several prerequisites that must be satisfied first:
 | ||||
|    **-**\ **-disable-rpath**, which renders the build tree less suitable for | ||||
|    installation, but allows testing without interference from | ||||
|    previously installed libraries. | ||||
| -* In order to test the RPC layer, the local system has to be running
 | ||||
| -  the portmap daemon and it has to be listening to the regular network
 | ||||
| -  interface (not just localhost).
 | ||||
|   | ||||
|  There are additional regression tests available, which are not run | ||||
|  by ``make check``.  These tests require manual setup and teardown of | ||||
| diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c
 | ||||
| index a70cf38..6ab4534 100644
 | ||||
| --- a/src/lib/rpc/unit-test/client.c
 | ||||
| +++ b/src/lib/rpc/unit-test/client.c
 | ||||
| @@ -7,12 +7,15 @@
 | ||||
|   | ||||
|  #include <stdio.h> | ||||
|  #include <string.h> | ||||
| +#include <netdb.h>
 | ||||
| +#include <sys/socket.h>
 | ||||
|  #include "autoconf.h" | ||||
|  #ifdef HAVE_UNISTD_H | ||||
|  #include <unistd.h> | ||||
|  #endif | ||||
|  #include <gssrpc/rpc.h> | ||||
|  #include <gssapi/gssapi.h> | ||||
| +#include <gssapi/gssapi_krb5.h>
 | ||||
|  #include <gssrpc/rpc.h> | ||||
|  #include <gssrpc/auth_gssapi.h> | ||||
|  #include "rpc_test.h" | ||||
| @@ -51,17 +54,19 @@ main(argc, argv)
 | ||||
|     int argc; | ||||
|     char **argv; | ||||
|  { | ||||
| -     char        *host, *target, *echo_arg, **echo_resp, buf[BIG_BUF];
 | ||||
| -     char	 *prot;
 | ||||
| +     char        *host, *port, *target, *echo_arg, **echo_resp, buf[BIG_BUF];
 | ||||
|       CLIENT      *clnt; | ||||
|       AUTH	 *tmp_auth; | ||||
|       struct rpc_err e; | ||||
| -     int i, auth_once;
 | ||||
| +     int i, auth_once, sock, use_tcp;
 | ||||
|       unsigned int count; | ||||
|       extern int optind; | ||||
|       extern char *optarg; | ||||
|       extern int svc_debug_gssapi, misc_debug_gssapi, auth_debug_gssapi; | ||||
|       int c; | ||||
| +     struct sockaddr_in sin;
 | ||||
| +     struct hostent *h;
 | ||||
| +     struct timeval tv;
 | ||||
|   | ||||
|       extern int krb5_gss_dbg_client_expcreds; | ||||
|       krb5_gss_dbg_client_expcreds = 1; | ||||
| @@ -69,7 +74,7 @@ main(argc, argv)
 | ||||
|       whoami = argv[0]; | ||||
|       count = 1026; | ||||
|       auth_once = 0; | ||||
| -     prot = NULL;
 | ||||
| +     use_tcp = -1;
 | ||||
|   | ||||
|       while ((c = getopt(argc, argv, "a:m:os:tu")) != -1) { | ||||
|  	  switch (c) { | ||||
| @@ -86,39 +91,60 @@ main(argc, argv)
 | ||||
|  	       svc_debug_gssapi = atoi(optarg); | ||||
|  	       break; | ||||
|  	  case 't': | ||||
| -	       prot = "tcp";
 | ||||
| +	       use_tcp = 1;
 | ||||
|  	       break; | ||||
|  	  case 'u': | ||||
| -	       prot = "udp";
 | ||||
| +	       use_tcp = 0;
 | ||||
|  	       break; | ||||
|  	  case '?': | ||||
|  	       usage(); | ||||
|  	       break; | ||||
|  	  } | ||||
|       } | ||||
| -     if (prot == NULL)
 | ||||
| +     if (use_tcp == -1)
 | ||||
|  	  usage(); | ||||
|   | ||||
|       argv += optind; | ||||
|       argc -= optind; | ||||
|   | ||||
|       switch (argc) { | ||||
| -     case 3:
 | ||||
| -	  count = atoi(argv[2]);
 | ||||
| +     case 4:
 | ||||
| +	  count = atoi(argv[3]);
 | ||||
|  	  if (count > BIG_BUF-1) { | ||||
|  	    fprintf(stderr, "Test count cannot exceed %d.\n", BIG_BUF-1); | ||||
|  	    usage(); | ||||
|  	  } | ||||
| -     case 2:
 | ||||
| +     case 3:
 | ||||
|  	  host = argv[0]; | ||||
| -	  target = argv[1];
 | ||||
| +	  port = argv[1];
 | ||||
| +	  target = argv[2];
 | ||||
|  	  break; | ||||
|       default: | ||||
|  	  usage(); | ||||
|       } | ||||
|   | ||||
| +     /* get server address */
 | ||||
| +     h = gethostbyname(host);
 | ||||
| +     if (h == NULL) {
 | ||||
| +	 fprintf(stderr, "Can't resolve hostname %s\n", host);
 | ||||
| +	 exit(1);
 | ||||
| +     }
 | ||||
| +     memset(&sin, 0, sizeof(sin));
 | ||||
| +     sin.sin_family = h->h_addrtype;
 | ||||
| +     sin.sin_port = ntohs(atoi(port));
 | ||||
| +     memmove(&sin.sin_addr, h->h_addr, sizeof(sin.sin_addr));
 | ||||
| +
 | ||||
|       /* client handle to rstat */ | ||||
| -     clnt = clnt_create(host, RPC_TEST_PROG, RPC_TEST_VERS_1, prot);
 | ||||
| +     sock = RPC_ANYSOCK;
 | ||||
| +     if (use_tcp) {
 | ||||
| +	 clnt = clnttcp_create(&sin, RPC_TEST_PROG, RPC_TEST_VERS_1, &sock, 0,
 | ||||
| +			       0);
 | ||||
| +     } else {
 | ||||
| +	 tv.tv_sec = 5;
 | ||||
| +	 tv.tv_usec = 0;
 | ||||
| +	 clnt = clntudp_create(&sin, RPC_TEST_PROG, RPC_TEST_VERS_1, tv,
 | ||||
| +			       &sock);
 | ||||
| +     }
 | ||||
|       if (clnt == NULL) { | ||||
|  	  clnt_pcreateerror(whoami); | ||||
|  	  exit(1); | ||||
| diff --git a/src/lib/rpc/unit-test/config/unix.exp b/src/lib/rpc/unit-test/config/unix.exp
 | ||||
| index f02116e..ba57b70 100644
 | ||||
| --- a/src/lib/rpc/unit-test/config/unix.exp
 | ||||
| +++ b/src/lib/rpc/unit-test/config/unix.exp
 | ||||
| @@ -112,10 +112,6 @@ proc rpc_test_exit {} {
 | ||||
|  	global server_started | ||||
|  	global kill | ||||
|   | ||||
| -        if { [info exists server_started] && $server_started == 0 } { 
 | ||||
| -	    return 
 | ||||
| -	}
 | ||||
| -
 | ||||
|   	if {[catch { | ||||
|  		expect { | ||||
|  			-i $server_id | ||||
| @@ -138,6 +134,7 @@ proc rpc_test_start { } {
 | ||||
|  	global server_id | ||||
|  	global server_pid | ||||
|  	global server_started | ||||
| +	global server_port
 | ||||
|  	global env | ||||
|   | ||||
|  	if [info exists server_pid] { rpc_test_exit } | ||||
| @@ -148,25 +145,17 @@ proc rpc_test_start { } {
 | ||||
|  	set server_pid [spawn $SERVER $PROT] | ||||
|  	set server_id $spawn_id | ||||
|          set server_started 1 | ||||
| +	set server_port -1
 | ||||
|   | ||||
|  	unset env(KRB5_KTNAME) | ||||
|   | ||||
|  	set timeout 30 | ||||
|   | ||||
|  	expect { | ||||
| +		-re "port: (\[0-9\]*)\r\n" {
 | ||||
| +			set server_port $expect_out(1,string)
 | ||||
| +		}
 | ||||
|  		"running" { } | ||||
| -	        "Cannot register service" {
 | ||||
| -		        send_error "Server cannot register with portmap/rpcbind!!\n"
 | ||||
| -		        note "+++"
 | ||||
| -		        note "+++ These tests require the ability to register with portmap/rpcbind"
 | ||||
| -		        note "+++ Either the server is not running or it does not"
 | ||||
| -		        note "+++  allow registration using a loopback connection"
 | ||||
| -		        note "+++"
 | ||||
| -		        verbose $expect_out(buffer) 1
 | ||||
| -		        set server_started 0
 | ||||
| -		        unsupported "Server registration"
 | ||||
| -		        return
 | ||||
| -	        }
 | ||||
|  		eof {  | ||||
|  			send_error "server exited!" | ||||
|  			verbose $expect_out(buffer) 1 | ||||
| diff --git a/src/lib/rpc/unit-test/lib/helpers.exp b/src/lib/rpc/unit-test/lib/helpers.exp
 | ||||
| index 963fff4..a1b0783 100644
 | ||||
| --- a/src/lib/rpc/unit-test/lib/helpers.exp
 | ||||
| +++ b/src/lib/rpc/unit-test/lib/helpers.exp
 | ||||
| @@ -170,7 +170,7 @@ proc flush_server {} {
 | ||||
|   | ||||
|  proc start_client {testname ccname user password lifetime count | ||||
|  		  {target ""}} { | ||||
| -	global env CLIENT PROT hostname spawn_id verbose
 | ||||
| +	global env CLIENT PROT hostname server_port spawn_id verbose
 | ||||
|   | ||||
|  	if {$target == ""} { | ||||
|  		set target "server@$hostname" | ||||
| @@ -180,9 +180,9 @@ proc start_client {testname ccname user password lifetime count
 | ||||
|  	kinit $user $password $lifetime | ||||
|   | ||||
|  	if {$verbose > 0} { | ||||
| -		spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $target $count
 | ||||
| +		spawn $CLIENT -a 1 -s 1 -m 1 $PROT $hostname $server_port $target $count
 | ||||
|  	} else { | ||||
| -		spawn $CLIENT $PROT $hostname $target $count
 | ||||
| +		spawn $CLIENT $PROT $hostname $server_port $target $count
 | ||||
|  	} | ||||
|   | ||||
|  	verbose "$testname: client $ccname started" | ||||
| diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c
 | ||||
| index c2cb30c..7451558 100644
 | ||||
| --- a/src/lib/rpc/unit-test/server.c
 | ||||
| +++ b/src/lib/rpc/unit-test/server.c
 | ||||
| @@ -114,12 +114,13 @@ main(int argc, char **argv)
 | ||||
|  	  exit(1); | ||||
|       } | ||||
|       if (!svc_register(transp, RPC_TEST_PROG, RPC_TEST_VERS_1, | ||||
| -		       rpc_test_prog_1_svc, prot)) {
 | ||||
| +		       rpc_test_prog_1_svc, 0)) {
 | ||||
|  	  fprintf(stderr, | ||||
|  		  "unable to register (RPC_TEST_PROG, RPC_TEST_VERS_1, %s).", | ||||
|  		  prot == IPPROTO_TCP ? "tcp" : "udp"); | ||||
|  	  exit(1); | ||||
|       } | ||||
| +     printf("port: %d\n", (int)transp->xp_port);
 | ||||
|   | ||||
|       if (svcauth_gssapi_set_names(names, 0) == FALSE) { | ||||
|  	  fprintf(stderr, "unable to set gssapi names\n"); | ||||
							
								
								
									
										13
									
								
								krb5.spec
									
									
									
									
									
								
							
							
						
						
									
										13
									
								
								krb5.spec
									
									
									
									
									
								
							| @ -30,7 +30,7 @@ | ||||
| Summary: The Kerberos network authentication system | ||||
| Name: krb5 | ||||
| Version: 1.11.2 | ||||
| Release: 7%{?dist} | ||||
| Release: 8%{?dist} | ||||
| # Maybe we should explode from the now-available-to-everybody tarball instead? | ||||
| # http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.2-signed.tar | ||||
| Source0: krb5-%{version}.tar.gz | ||||
| @ -75,7 +75,6 @@ Patch105: krb5-kvno-230379.patch | ||||
| Patch113: krb5-1.11-alpha1-init.patch | ||||
| Patch116: http://ausil.fedorapeople.org/aarch64/krb5/krb5-aarch64.patch | ||||
| Patch117: krb5-1.11-gss-client-keytab.patch | ||||
| Patch118: krb5-1.11.1-rpcbind.patch | ||||
| Patch119: krb5-fast-msg_type.patch | ||||
| Patch120: krb5-1.11.2-kpasswd_pingpong.patch | ||||
| Patch121: krb5-cccol-primary.patch | ||||
| @ -84,6 +83,8 @@ Patch123: krb5-1.11.2-empty_passwords.patch | ||||
| Patch124: krb5-1.11.2-arcfour_short.patch | ||||
| Patch125: krb5-1.11.2-skew1.patch | ||||
| Patch126: krb5-1.11.2-skew2.patch | ||||
| Patch127: krb5-master-test_gss_no_udp.patch | ||||
| Patch128: krb5-master-test_no_pmap.patch  | ||||
| 
 | ||||
| # Patches for otp plugin backport | ||||
| Patch201: krb5-1.11.2-keycheck.patch | ||||
| @ -301,7 +302,6 @@ ln -s NOTICE LICENSE | ||||
| %patch113 -p1 -b .init | ||||
| %patch116 -p1 -b .aarch64 | ||||
| %patch117 -p1 -b .gss-client-keytab | ||||
| %patch118 -p1 -b .rpcbind | ||||
| %patch119 -p1 -b .fast-msg_type | ||||
| %patch120 -p1 -b .kpasswd_pingpong | ||||
| %patch121 -p1 -b .cccol-primary | ||||
| @ -310,6 +310,8 @@ ln -s NOTICE LICENSE | ||||
| %patch124 -p1 -b .arcfour_short | ||||
| %patch125 -p1 -b .skew1 | ||||
| %patch126 -p1 -b .skew2 | ||||
| %patch127 -p1 -b .test_gss_no_udp | ||||
| %patch128 -p1 -b .test_no_pmap | ||||
| 
 | ||||
| %patch201 -p1 -b .keycheck | ||||
| %patch202 -p1 -b .otp | ||||
| @ -835,6 +837,11 @@ exit 0 | ||||
| %{_sbindir}/uuserver | ||||
| 
 | ||||
| %changelog | ||||
| * Thu May 30 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.2-8 | ||||
| - pull in patches from master to not test GSSRPC-over-UDP and to not | ||||
|   depend on the portmapper, which are areas where our build systems | ||||
|   often give us trouble, too | ||||
| 
 | ||||
| * Tue May 28 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.2-7 | ||||
| - backport fix for not being able to verify the list of transited realms | ||||
|   in GSS acceptors (RT#7639, #959685) | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user