- pull up patch to get the client libraries to correctly perform password
changes over IPv6 (Sumit Bose, RT#6661)
This commit is contained in:
parent
70840ba4e4
commit
516763ea91
75
krb5-trunk-kpasswd_ipv6.patch
Normal file
75
krb5-trunk-kpasswd_ipv6.patch
Normal file
@ -0,0 +1,75 @@
|
||||
Get the client libraries to correctly attempt password changes when using
|
||||
IPv6. Sumit Bose, RT#6661
|
||||
|
||||
Index: src/lib/krb5/os/changepw.c
|
||||
===================================================================
|
||||
--- src/lib/krb5/os/changepw.c (revision 23766)
|
||||
+++ src/lib/krb5/os/changepw.c (revision 23767)
|
||||
@@ -65,20 +65,23 @@
|
||||
int sockType = (useTcp ? SOCK_STREAM : SOCK_DGRAM);
|
||||
|
||||
code = krb5int_locate_server (context, realm, addrlist,
|
||||
- locate_service_kpasswd, sockType, AF_INET);
|
||||
+ locate_service_kpasswd, sockType, AF_UNSPEC);
|
||||
|
||||
if (code == KRB5_REALM_CANT_RESOLVE || code == KRB5_REALM_UNKNOWN) {
|
||||
code = krb5int_locate_server (context, realm, addrlist,
|
||||
locate_service_kadmin, SOCK_STREAM,
|
||||
- AF_INET);
|
||||
+ AF_UNSPEC);
|
||||
if (!code) {
|
||||
/* Success with admin_server but now we need to change the
|
||||
port number to use DEFAULT_KPASSWD_PORT and the socktype. */
|
||||
size_t i;
|
||||
for (i=0; i<addrlist->naddrs; i++) {
|
||||
struct addrinfo *a = addrlist->addrs[i].ai;
|
||||
+ krb5_ui_2 kpasswd_port = htons(DEFAULT_KPASSWD_PORT);
|
||||
if (a->ai_family == AF_INET)
|
||||
- sa2sin (a->ai_addr)->sin_port = htons(DEFAULT_KPASSWD_PORT);
|
||||
+ sa2sin (a->ai_addr)->sin_port = kpasswd_port;
|
||||
+ if (a->ai_family == AF_INET6)
|
||||
+ sa2sin6 (a->ai_addr)->sin6_port = kpasswd_port;
|
||||
if (sockType != SOCK_STREAM)
|
||||
a->ai_socktype = sockType;
|
||||
}
|
||||
@@ -131,10 +134,16 @@
|
||||
/* some brain-dead OS's don't return useful information from
|
||||
* the getsockname call. Namely, windows and solaris. */
|
||||
|
||||
- if (ss2sin(&local_addr)->sin_addr.s_addr != 0) {
|
||||
+ if (local_addr.ss_family == AF_INET &&
|
||||
+ ss2sin(&local_addr)->sin_addr.s_addr != 0) {
|
||||
local_kaddr.addrtype = ADDRTYPE_INET;
|
||||
local_kaddr.length = sizeof(ss2sin(&local_addr)->sin_addr);
|
||||
local_kaddr.contents = (krb5_octet *) &ss2sin(&local_addr)->sin_addr;
|
||||
+ } else if (local_addr.ss_family == AF_INET6 &&
|
||||
+ ss2sin6(&local_addr)->sin6_addr.s6_addr != 0) {
|
||||
+ local_kaddr.addrtype = ADDRTYPE_INET6;
|
||||
+ local_kaddr.length = sizeof(ss2sin6(&local_addr)->sin6_addr);
|
||||
+ local_kaddr.contents = (krb5_octet *) &ss2sin6(&local_addr)->sin6_addr;
|
||||
} else {
|
||||
krb5_address **addrs;
|
||||
|
||||
@@ -278,9 +287,19 @@
|
||||
break;
|
||||
}
|
||||
|
||||
- remote_kaddr.addrtype = ADDRTYPE_INET;
|
||||
- remote_kaddr.length = sizeof(ss2sin(&remote_addr)->sin_addr);
|
||||
- remote_kaddr.contents = (krb5_octet *) &ss2sin(&remote_addr)->sin_addr;
|
||||
+ if (remote_addr.ss_family == AF_INET) {
|
||||
+ remote_kaddr.addrtype = ADDRTYPE_INET;
|
||||
+ remote_kaddr.length = sizeof(ss2sin(&remote_addr)->sin_addr);
|
||||
+ remote_kaddr.contents =
|
||||
+ (krb5_octet *) &ss2sin(&remote_addr)->sin_addr;
|
||||
+ } else if (remote_addr.ss_family == AF_INET6) {
|
||||
+ remote_kaddr.addrtype = ADDRTYPE_INET6;
|
||||
+ remote_kaddr.length = sizeof(ss2sin6(&remote_addr)->sin6_addr);
|
||||
+ remote_kaddr.contents =
|
||||
+ (krb5_octet *) &ss2sin6(&remote_addr)->sin6_addr;
|
||||
+ } else {
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
if ((code = krb5_auth_con_setaddrs(callback_ctx.context,
|
||||
callback_ctx.auth_context,
|
@ -93,6 +93,7 @@ Patch93: krb5-1.7-create_on_load.patch
|
||||
Patch95: krb5-1.8-opte.patch
|
||||
Patch96: krb5-1.8-exp_warn.patch
|
||||
Patch98: krb5-1.8-kpasswd_ccache.patch
|
||||
Patch99: krb5-trunk-kpasswd_ipv6.patch
|
||||
|
||||
License: MIT
|
||||
URL: http://web.mit.edu/kerberos/www/
|
||||
@ -294,6 +295,7 @@ popd
|
||||
%patch95 -p1 -b .opte
|
||||
%patch96 -p1 -b .exp_warn
|
||||
%patch98 -p1 -b .kpasswd-ccache
|
||||
%patch99 -p0 -b .kpasswd-ipv6
|
||||
gzip doc/*.ps
|
||||
|
||||
sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex
|
||||
@ -867,6 +869,10 @@ exit 0
|
||||
%{_sbindir}/uuserver
|
||||
|
||||
%changelog
|
||||
* Mon Mar 8 2010 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- pull up patch to get the client libraries to correctly perform password
|
||||
changes over IPv6 (Sumit Bose, RT#6661)
|
||||
|
||||
* Fri Mar 5 2010 Nalin Dahyabhai <nalin@redhat.com> - 1.8-1
|
||||
- update to 1.8
|
||||
- temporarily bundling the krb5-appl package (split upstream as of 1.8)
|
||||
|
Loading…
Reference in New Issue
Block a user