Updated to latest upstream release: 1.1.6

This commit is contained in:
Steve Dickson 2009-04-20 18:20:40 +00:00
parent 27d9ad3f5a
commit 43fc3de6b9
7 changed files with 7 additions and 1676 deletions

View File

@ -1,17 +1,2 @@
nfs-utils-1.0.8-rc2.tar.gz
librpcsecgss-0.7.tar.gz
libgssapi-0.7.tar.gz
libnfsidmap-0.12.tar.gz
nfs.doc.tar.gz
nfs-utils-1.0.8-rc4.tar.gz
nfs-utils-1.0.8.tar.gz
nfs-utils-1.0.9.tar.bz2
nfs-utils-1.0.10.tar.bz2
nfs-utils-1.0.11.tar.bz2
nfs-utils-1.0.12.tar.bz2
nfs-utils-1.1.0.tar.bz2
nfs-utils-1.1.1.tar.bz2
nfs-utils-1.1.2.tar.bz2
nfs-utils-1.1.3.tar.bz2
nfs-utils-1.1.4.tar.bz2
nfs-utils-1.1.5.tar.bz2
nfs-utils-1.1.6.tar.bz2

View File

@ -1,756 +0,0 @@
diff --git a/Makefile.am b/Makefile.am
index 88ae210..b3a6e91 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -40,7 +40,12 @@ EXTRA_DIST = \
aclocal/bsdsignals.m4 \
aclocal/nfs-utils.m4 \
aclocal/kerberos5.m4 \
- aclocal/tcp-wrappers.m4
+ aclocal/tcp-wrappers.m4 \
+ aclocal/libtirpc.m4 \
+ aclocal/libevent.m4 \
+ aclocal/libnfsidmap.m4 \
+ aclocal/rpcsec_vers.m4 \
+ aclocal/ipv6.m4
ACLOCAL_AMFLAGS = -I aclocal
diff --git a/aclocal/ipv6.m4 b/aclocal/ipv6.m4
new file mode 100644
index 0000000..0564b3e
--- /dev/null
+++ b/aclocal/ipv6.m4
@@ -0,0 +1,29 @@
+dnl Checks for IPv6 support
+dnl
+AC_DEFUN([AC_IPV6], [
+
+ AC_CHECK_DECL([AI_ADDRCONFIG],
+ [AC_DEFINE([HAVE_DECL_AI_ADDRCONFIG], 1,
+ [Define this to 1 if AI_ADDRCONFIG macro is defined])], ,
+ [ #include <netdb.h> ])
+
+ if test "$enable_ipv6" = yes; then
+
+ dnl TI-RPC required for IPv6
+ if test "$enable_tirpc" = no; then
+ AC_MSG_ERROR(['--enable-ipv6' requires '--enable-tirpc'.])
+ fi
+
+ dnl IPv6-enabled networking functions required for IPv6
+ AC_CHECK_FUNCS([getnameinfo bindresvport_sa], , ,
+ [AC_MSG_ERROR([Missing functions needed for IPv6.])])
+
+ dnl Need to detect presence of IPv6 networking at run time via
+ dnl getaddrinfo(3); old versions of glibc do not support ADDRCONFIG
+ AC_CHECK_DECL([AI_ADDRCONFIG], ,
+ [AC_MSG_ERROR([full getaddrinfo(3) implementation needed for IPv6 support])],
+ [ #include <netdb.h> ])
+
+ fi
+
+])dnl
diff --git a/aclocal/libevent.m4 b/aclocal/libevent.m4
new file mode 100644
index 0000000..3c962b3
--- /dev/null
+++ b/aclocal/libevent.m4
@@ -0,0 +1,11 @@
+dnl Checks for libevent
+AC_DEFUN([AC_LIBEVENT], [
+
+ dnl Check for libevent, but do not add -levent to LIBS
+ AC_CHECK_LIB([event], [event_dispatch], [libevent=1],
+ [AC_MSG_ERROR([libevent not found.])])
+
+ AC_CHECK_HEADERS([event.h], ,
+ [AC_MSG_ERROR([libevent headers not found.])])
+
+])dnl
diff --git a/aclocal/libnfsidmap.m4 b/aclocal/libnfsidmap.m4
new file mode 100644
index 0000000..cfcde2f
--- /dev/null
+++ b/aclocal/libnfsidmap.m4
@@ -0,0 +1,17 @@
+dnl Checks for libnfsidmap
+dnl
+AC_DEFUN([AC_LIBNFSIDMAP], [
+
+ dnl Check for libnfsidmap, but do not add -lnfsidmap to LIBS
+ AC_CHECK_LIB([nfsidmap], [nfs4_init_name_mapping], [libnfsidmap=1],
+ [AC_MSG_ERROR([libnfsidmap not found.])])
+
+ AC_CHECK_HEADERS([nfsidmap.h], ,
+ [AC_MSG_ERROR([libnfsidmap headers not found.])])
+
+ dnl nfs4_set_debug() doesn't appear in all versions of libnfsidmap
+ AC_CHECK_LIB([nfsidmap], [nfs4_set_debug],
+ [AC_DEFINE([HAVE_NFS4_SET_DEBUG], 1,
+ [Define to 1 if you have the `nfs4_set_debug' function.])])
+
+])dnl
diff --git a/aclocal/librpcsecgss.m4 b/aclocal/librpcsecgss.m4
new file mode 100644
index 0000000..d1dd25e
--- /dev/null
+++ b/aclocal/librpcsecgss.m4
@@ -0,0 +1,19 @@
+dnl Checks for rpcsecgss library and headers
+dnl KRB5LIBS must be set before this function is invoked.
+dnl
+AC_DEFUN([AC_LIBRPCSECGSS], [
+
+ dnl libtirpc provides an rpcsecgss API
+ if test "$enable_tirpc" = no; then
+
+ dnl Check for library, but do not add -lrpcsecgss to LIBS
+ AC_CHECK_LIB([rpcsecgss], [authgss_create_default], [librpcsecgss=1],
+ [AC_MSG_ERROR([librpcsecgss not found.])])
+
+ AC_CHECK_LIB([rpcsecgss], [authgss_set_debug_level],
+ [AC_DEFINE([HAVE_AUTHGSS_SET_DEBUG_LEVEL], 1,
+ [Define to 1 if you have the `authgss_set_debug_level' function.])])
+
+ fi
+
+])dnl
diff --git a/aclocal/libtirpc.m4 b/aclocal/libtirpc.m4
new file mode 100644
index 0000000..af4c7d3
--- /dev/null
+++ b/aclocal/libtirpc.m4
@@ -0,0 +1,28 @@
+dnl Checks for TI-RPC library and headers
+dnl
+AC_DEFUN([AC_LIBTIRPC], [
+
+ AC_ARG_WITH([tirpcinclude],
+ [AC_HELP_STRING([--with-tirpcinclude=DIR],
+ [use TI-RPC headers in DIR])],
+ [tirpc_header_dir=$withval],
+ [tirpc_header_dir=/usr/include/tirpc])
+
+ dnl if --enable-tirpc was specifed, the following components
+ dnl must be present, and we set up HAVE_ macros for them.
+
+ if test "$enable_tirpc" = yes; then
+
+ dnl look for the library; add to LIBS if found
+ AC_CHECK_LIB([tirpc], [clnt_tli_create], ,
+ [AC_MSG_ERROR([libtirpc not found.])])
+
+ dnl also must have the headers installed where we expect
+ dnl look for headers; add -I compiler option if found
+ AC_CHECK_HEADERS([${tirpc_header_dir}/netconfig.h], ,
+ [AC_MSG_ERROR([libtirpc headers not found.])])
+ AC_SUBST([AM_CPPFLAGS], ["-I${tirpc_header_dir}"])
+
+ fi
+
+])dnl
diff --git a/aclocal/rpcsec_vers.m4 b/aclocal/rpcsec_vers.m4
new file mode 100644
index 0000000..e59c0aa
--- /dev/null
+++ b/aclocal/rpcsec_vers.m4
@@ -0,0 +1,12 @@
+dnl Checks librpcsec version
+AC_DEFUN([AC_RPCSEC_VERSION], [
+
+ dnl TI-RPC replaces librpcsecgss, but we still need libgssglue
+ if test "$enable_tirpc" = no; then
+ PKG_CHECK_MODULES([RPCSECGSS], [librpcsecgss >= 0.16], ,
+ [AC_MSG_ERROR([Unable to locate information required to use librpcsecgss. If you have pkgconfig installed, you might try setting environment variable PKG_CONFIG_PATH to /usr/local/lib/pkgconfig])])
+ else
+ PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.1])
+ fi
+
+])dnl
diff --git a/configure.ac b/configure.ac
index 5db4417..e34b7e2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -118,6 +118,11 @@ AC_ARG_ENABLE(mount,
enable_mount=$enableval,
enable_mount=yes)
AM_CONDITIONAL(CONFIG_MOUNT, [test "$enable_mount" = "yes"])
+AC_ARG_ENABLE(tirpc,
+ [AC_HELP_STRING([--enable-tirpc],
+ [enable use of TI-RPC @<:@default=no@:>@])],
+ enable_tirpc=$enableval,
+ enable_tirpc=no)
AC_ARG_ENABLE(ipv6,
[AC_HELP_STRING([--enable-ipv6],
[enable support for IPv6 @<:@default=no@:>@])],
@@ -131,13 +136,8 @@ AC_ARG_ENABLE(ipv6,
AC_SUBST(enable_ipv6)
AM_CONDITIONAL(CONFIG_IPV6, [test "$enable_ipv6" = "yes"])
-AC_ARG_ENABLE(tirpc,
- [AC_HELP_STRING([--enable-tirpc],
- [enable use of TI-RPC @<:@default=no@:>@])],
- enable_tirpc=$enableval,
- enable_tirpc=no)
- AC_SUBST(enable_tirpc)
- AM_CONDITIONAL(CONFIG_TIRPC, [test "$enable_tirpc" = "yes"])
+dnl Check for TI-RPC library and headers
+AC_LIBTIRPC
# Check whether user wants TCP wrappers support
AC_TCP_WRAPPERS
@@ -176,39 +176,40 @@ AC_BSD_SIGNALS
dnl *************************************************************
dnl * Check for required libraries
dnl *************************************************************
-AC_CHECK_FUNC(gethostbyname, , [AC_CHECK_LIB(nsl, gethostbyname, [LIBNSL="-lnsl"])])
+
+AC_CHECK_FUNC([gethostbyname], ,
+ [AC_CHECK_LIB([nsl], [gethostbyname], [LIBNSL="-lnsl"])])
AC_SUBST(LIBNSL)
-AC_CHECK_FUNC(connect, ,
- AC_CHECK_LIB(socket, connect, [LIBSOCKET="-lsocket"],
- AC_MSG_ERROR(Function 'socket' not found.), $LIBNSL))
+AC_CHECK_FUNC([connect], ,
+ [AC_CHECK_LIB([socket], [connect], [LIBSOCKET="-lsocket"],
+ [AC_MSG_ERROR([Function 'socket' not found.])], [$LIBNSL])])
+
+AC_CHECK_FUNC([getaddrinfo], , ,
+ [AC_MSG_ERROR([Function 'getaddrinfo' not found.])])
-AC_CHECK_FUNC(getaddrinfo, , ,
- AC_MSG_ERROR(Function 'getaddrinfo' not found.))
+AC_CHECK_FUNC([getrpcbynumber], , ,
+ [AC_MSG_ERROR([Function 'getrpcbynumber' not found.])])
-AC_CHECK_FUNC(getrpcbynumber, , ,
- AC_MSG_ERROR(Function 'getrpcbynumber' not found.))
+AC_CHECK_FUNC([getservbyname], , ,
+ [AC_MSG_ERROR([Function 'getservbyname' not found.])])
-AC_CHECK_FUNC(getservbyname, , ,
- AC_MSG_ERROR(Function 'getservbyname' not found.))
+AC_CHECK_LIB([crypt], [crypt], [LIBCRYPT="-lcrypt"])
-AC_CHECK_LIB(crypt, crypt, [LIBCRYPT="-lcrypt"])
if test "$enable_nfsv4" = yes; then
- AC_CHECK_LIB(event, event_dispatch, [libevent=1], AC_MSG_ERROR([libevent needed for nfsv4 support]))
- AC_CHECK_LIB(nfsidmap, nfs4_init_name_mapping, [libnfsidmap=1], AC_MSG_ERROR([libnfsidmap needed for nfsv4 support]))
- AC_CHECK_HEADERS(event.h, ,AC_MSG_ERROR([libevent needed for nfsv4 support]))
- AC_CHECK_HEADERS(nfsidmap.h, ,AC_MSG_ERROR([libnfsidmap needed for nfsv4 support]))
- dnl librpcsecgss already has a dependency on libgssapi,
- dnl but we need to make sure we get the right version
- if test "$enable_gss" = yes; then
- PKG_CHECK_MODULES(RPCSECGSS, librpcsecgss >= 0.16, ,
- [AC_MSG_ERROR([Unable to locate information required to use librpcsecgss. If you have pkgconfig installed, you might try setting environment variable PKG_CONFIG_PATH to /usr/local/lib/pkgconfig])
- ]
- )
- PKG_CHECK_MODULES(GSSGLUE, libgssglue >= 0.1)
- fi
+ dnl check for libevent libraries and headers
+ AC_LIBEVENT
+
+ dnl check for nfsidmap libraries and headers
+ AC_LIBNFSIDMAP
+ dnl librpcsecgss already has a dependency on libgssapi,
+ dnl but we need to make sure we get the right version
+ if test "$enable_gss" = yes; then
+ AC_RPCSEC_VERSION
+ fi
fi
+
if test "$knfsd_cv_glibc2" = no; then
AC_CHECK_LIB(bsd, daemon, [LIBBSD="-lbsd"])
fi
@@ -236,49 +237,21 @@ AC_SUBST(LIBBLKID)
if test "$enable_gss" = yes; then
dnl 'gss' also depends on nfsidmap.h - at least for svcgssd_proc.c
- AC_CHECK_HEADERS(nfsidmap.h, ,AC_MSG_ERROR([libnfsidmap needed for gss support]))
- AC_CHECK_HEADERS(spkm3.h, ,AC_MSG_WARN([could not locate SPKM3 header; will not have SPKM3 support]))
- dnl the nfs4_set_debug function doesn't appear in all version of the library
- AC_CHECK_LIB(nfsidmap, nfs4_set_debug,
- AC_DEFINE(HAVE_NFS4_SET_DEBUG,1,
- [Whether nfs4_set_debug() is present in libnfsidmap]),)
+ AC_LIBNFSIDMAP
+
+ AC_CHECK_HEADERS([spkm3.h], ,
+ [AC_MSG_WARN([Could not locate SPKM3 header; will not have SPKM3 support])])
dnl Check for Kerberos V5
AC_KERBEROS_V5
- dnl This is not done until here because we need to have KRBLIBS set
- dnl ("librpcsecgss=1" is so that it doesn't get added to LIBS)
- AC_CHECK_LIB(rpcsecgss, authgss_create_default, [librpcsecgss=1], AC_MSG_ERROR([librpcsecgss needed for nfsv4 support]), -lgssglue -ldl)
- AC_CHECK_LIB(rpcsecgss, authgss_set_debug_level,
- AC_DEFINE(HAVE_AUTHGSS_SET_DEBUG_LEVEL, 1, [Define this if the rpcsec_gss library has the function authgss_set_debug_level]),, -lgssglue -ldl)
+ dnl Invoked after AC_KERBEROS_V5; AC_LIBRPCSECGSS needs to have KRBLIBS set
+ AC_LIBRPCSECGSS
fi
-AC_CHECK_DECL([AI_ADDRCONFIG],
- AC_DEFINE([HAVE_DECL_AI_ADDRCONFIG], 1,
- [Define this to 1 if AI_ADDRCONFIG macro is defined]), ,
- [ #include <netdb.h> ] )
-
-if test "$enable_tirpc" = yes; then
- AC_CHECK_LIB(tirpc, clnt_tli_create, ,
- AC_MSG_ERROR([libtirpc not found.]))
- AC_CHECK_HEADERS(tirpc/netconfig.h, ,
- AC_MSG_ERROR([libtirpc headers not found.]))
- AC_CHECK_FUNCS([bindresvport_sa getnetconfig \
- clnt_create clnt_create_timed \
- clnt_vc_create clnt_dg_create xdr_rpcb])
-fi
-
-if test "$enable_ipv6" = yes; then
- if test "$enable_tirpc" = no; then
- AC_MSG_ERROR('--enable-ipv6' requires '--enable-tirpc'.)
- fi
- AC_CHECK_FUNC(getnameinfo, , ,
- AC_MSG_ERROR(Function 'getnameinfo' not found.))
- AC_CHECK_DECL([AI_ADDRCONFIG], ,
- AC_MSG_ERROR([full getaddrinfo(3) implementation needed for IPv6 support]),
- [ #include <netdb.h> ] )
-fi
+dnl Check for IPv6 support
+AC_IPV6
dnl *************************************************************
dnl Check for headers
diff --git a/support/nfs/getport.c b/support/nfs/getport.c
index 5da1749..734d21a 100644
--- a/support/nfs/getport.c
+++ b/support/nfs/getport.c
@@ -40,9 +40,9 @@
#include <rpc/rpc.h>
#include <rpc/pmap_prot.h>
-#ifdef HAVE_TIRPC_NETCONFIG_H
-#include <tirpc/netconfig.h>
-#include <tirpc/rpc/rpcb_prot.h>
+#ifdef HAVE_LIBTIRPC
+#include <netconfig.h>
+#include <rpc/rpcb_prot.h>
#endif
#include "nfsrpc.h"
@@ -53,17 +53,17 @@
* Rpcbind's local socket service does not seem to be working.
* Disable this logic for now.
*/
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
#undef NFS_GP_LOCAL
-#else /* HAVE_XDR_RPCB */
+#else /* !HAVE_LIBTIRPC */
#undef NFS_GP_LOCAL
-#endif /* HAVE_XDR_RPCB */
+#endif /* !HAVE_LIBTIRPC */
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
const static rpcvers_t default_rpcb_version = RPCBVERS_4;
-#else
+#else /* !HAVE_LIBTIRPC */
const static rpcvers_t default_rpcb_version = PMAPVERS;
-#endif
+#endif /* !HAVE_LIBTIRPC */
#ifdef HAVE_DECL_AI_ADDRCONFIG
/*
@@ -242,7 +242,7 @@ static CLIENT *nfs_gp_get_rpcbclient(const struct sockaddr *sap,
* Returns a '\0'-terminated string if successful; otherwise NULL.
* rpc_createerr.cf_stat is set to reflect the error.
*/
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
static char *nfs_gp_get_netid(const sa_family_t family,
const unsigned short protocol)
@@ -290,7 +290,7 @@ out:
return NULL;
}
-#endif /* HAVE_XDR_RPCB */
+#endif /* HAVE_LIBTIRPC */
/*
* Extract a port number from a universal address, and terminate the
@@ -453,7 +453,7 @@ static int nfs_gp_ping(CLIENT *client, struct timeval timeout)
return (int)(status == RPC_SUCCESS);
}
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
/*
* Initialize the rpcb argument for a GETADDR request.
@@ -565,7 +565,7 @@ static unsigned short nfs_gp_rpcb_getaddr(CLIENT *client,
return port;
}
-#endif /* HAVE_XDR_RPCB */
+#endif /* HAVE_LIBTIRPC */
/*
* Try GETPORT request via rpcbind version 2.
@@ -595,7 +595,7 @@ static unsigned long nfs_gp_pmap_getport(CLIENT *client,
return port;
}
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
static unsigned short nfs_gp_getport_rpcb(CLIENT *client,
const struct sockaddr *sap,
@@ -617,7 +617,7 @@ static unsigned short nfs_gp_getport_rpcb(CLIENT *client,
return port;
}
-#endif /* HAVE_XDR_RPCB */
+#endif /* HAVE_LIBTIRPC */
static unsigned long nfs_gp_getport_pmap(CLIENT *client,
const rpcprog_t program,
@@ -652,11 +652,11 @@ static unsigned short nfs_gp_getport(CLIENT *client,
struct timeval timeout)
{
switch (sap->sa_family) {
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
case AF_INET6:
return nfs_gp_getport_rpcb(client, sap, salen, program,
version, protocol, timeout);
-#endif /* HAVE_XDR_RPCB */
+#endif /* HAVE_LIBTIRPC */
case AF_INET:
return nfs_gp_getport_pmap(client, program, version,
protocol, timeout);
@@ -922,7 +922,7 @@ unsigned short nfs_getlocalport(const rpcprot_t program,
* address of the same address family. In this way an RPC server can
* advertise via rpcbind that it does not support AF_INET6.
*/
-#ifdef HAVE_XDR_RPCB
+#ifdef HAVE_LIBTIRPC
unsigned short nfs_rpcb_getaddr(const struct sockaddr *sap,
const socklen_t salen,
@@ -955,7 +955,7 @@ unsigned short nfs_rpcb_getaddr(const struct sockaddr *sap,
return port;
}
-#else /* HAVE_XDR_RPCB */
+#else /* !HAVE_LIBTIRPC */
unsigned short nfs_rpcb_getaddr(const struct sockaddr *sap,
const socklen_t salen,
@@ -971,7 +971,7 @@ unsigned short nfs_rpcb_getaddr(const struct sockaddr *sap,
return 0;
}
-#endif /* HAVE_XDR_RPCB */
+#endif /* !HAVE_LIBTIRPC */
/**
* nfs_pmap_getport - query rpcbind via the portmap protocol (rpcbindv2)
diff --git a/support/nfs/rpc_socket.c b/support/nfs/rpc_socket.c
index b7420d1..2b11e35 100644
--- a/support/nfs/rpc_socket.c
+++ b/support/nfs/rpc_socket.c
@@ -40,51 +40,10 @@
#include "nfsrpc.h"
-#ifdef HAVE_TIRPC_NETCONFIG_H
-
-/*
- * Most of the headers under /usr/include/tirpc are currently
- * unusable for various reasons. We statically define the bits
- * we need here until the official headers are fixed.
- *
- * The commonly used RPC calls such as CLNT_CALL and CLNT_DESTROY
- * are actually virtual functions in both the legacy and TI-RPC
- * implementations. The proper _CALL or _DESTROY will be invoked
- * no matter if we used a legacy clnt_create() or clnt_tli_create()
- * from libtirpc.
- */
-
-#include <tirpc/netconfig.h>
-#include <tirpc/rpc/rpcb_prot.h>
-
-/* definitions from tirpc/rpc/types.h */
-
-/*
- * The netbuf structure is used for transport-independent address storage.
- */
-struct netbuf {
- unsigned int maxlen;
- unsigned int len;
- void *buf;
-};
-
-/* definitions from tirpc/rpc/clnt.h */
-
-/*
- * Low level clnt create routine for connectionless transports, e.g. udp.
- */
-extern CLIENT *clnt_dg_create(const int, const struct netbuf *,
- const rpcprog_t, const rpcvers_t,
- const u_int, const u_int);
-
-/*
- * Low level clnt create routine for connectionful transports, e.g. tcp.
- */
-extern CLIENT *clnt_vc_create(const int, const struct netbuf *,
- const rpcprog_t, const rpcvers_t,
- u_int, u_int);
-
-#endif /* HAVE_TIRPC_NETCONFIG_H */
+#ifdef HAVE_LIBTIRPC
+#include <netconfig.h>
+#include <rpc/rpcb_prot.h>
+#endif /* HAVE_LIBTIRPC */
/*
* If "-1" is specified in the tv_sec field, use these defaults instead.
@@ -107,14 +66,14 @@ static CLIENT *nfs_get_localclient(const struct sockaddr *sap,
const rpcvers_t version,
struct timeval *timeout)
{
-#ifdef HAVE_CLNT_VC_CREATE
+#ifdef HAVE_LIBTIRPC
struct sockaddr_storage address;
const struct netbuf nbuf = {
.maxlen = sizeof(struct sockaddr_un),
.len = (size_t)salen,
.buf = &address,
};
-#endif /* HAVE_CLNT_VC_CREATE */
+#endif /* HAVE_LIBTIRPC */
CLIENT *client;
int sock;
@@ -128,13 +87,13 @@ static CLIENT *nfs_get_localclient(const struct sockaddr *sap,
if (timeout->tv_sec == -1)
timeout->tv_sec = NFSRPC_TIMEOUT_TCP;
-#ifdef HAVE_CLNT_VC_CREATE
+#ifdef HAVE_LIBTIRPC
memcpy(nbuf.buf, sap, (size_t)salen);
client = clnt_vc_create(sock, &nbuf, program, version, 0, 0);
-#else /* HAVE_CLNT_VC_CREATE */
+#else /* !HAVE_LIBTIRPC */
client = clntunix_create((struct sockaddr_un *)sap,
program, version, &sock, 0, 0);
-#endif /* HAVE_CLNT_VC_CREATE */
+#endif /* !HAVE_LIBTIRPC */
if (client != NULL)
CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL);
else
@@ -261,23 +220,23 @@ static CLIENT *nfs_get_udpclient(const struct sockaddr *sap,
const rpcvers_t version,
struct timeval *timeout)
{
-#ifdef HAVE_CLNT_DG_CREATE
+ CLIENT *client;
+ int ret, sock;
+#ifdef HAVE_LIBTIRPC
struct sockaddr_storage address;
const struct netbuf nbuf = {
.maxlen = salen,
.len = salen,
.buf = &address,
};
-#endif /* HAVE_CLNT_DG_CREATE */
- CLIENT *client;
- int ret, sock;
-#ifndef HAVE_CLNT_DG_CREATE
+#else /* !HAVE_LIBTIRPC */
+
if (sap->sa_family != AF_INET) {
rpc_createerr.cf_stat = RPC_UNKNOWNPROTO;
return NULL;
}
-#endif /* !HAVE_CLNT_DG_CREATE */
+#endif /* !HAVE_LIBTIRPC */
sock = socket((int)sap->sa_family, SOCK_DGRAM, IPPROTO_UDP);
if (sock == -1) {
@@ -305,13 +264,13 @@ static CLIENT *nfs_get_udpclient(const struct sockaddr *sap,
return NULL;
}
-#ifdef HAVE_CLNT_DG_CREATE
+#ifdef HAVE_LIBTIRPC
memcpy(nbuf.buf, sap, (size_t)salen);
client = clnt_dg_create(sock, &nbuf, program, version, 0, 0);
-#else /* HAVE_CLNT_DG_CREATE */
+#else /* !HAVE_LIBTIRPC */
client = clntudp_create((struct sockaddr_in *)sap, program,
version, *timeout, &sock);
-#endif /* HAVE_CLNT_DG_CREATE */
+#endif /* !HAVE_LIBTIRPC */
if (client != NULL) {
CLNT_CONTROL(client, CLSET_RETRY_TIMEOUT, (char *)timeout);
CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL);
@@ -337,23 +296,23 @@ static CLIENT *nfs_get_tcpclient(const struct sockaddr *sap,
const rpcvers_t version,
struct timeval *timeout)
{
-#ifdef HAVE_CLNT_VC_CREATE
+ CLIENT *client;
+ int ret, sock;
+#ifdef HAVE_LIBTIRPC
struct sockaddr_storage address;
const struct netbuf nbuf = {
.maxlen = salen,
.len = salen,
.buf = &address,
};
-#endif /* HAVE_CLNT_VC_CREATE */
- CLIENT *client;
- int ret, sock;
-#ifndef HAVE_CLNT_VC_CREATE
+#else /* !HAVE_LIBTIRPC */
+
if (sap->sa_family != AF_INET) {
rpc_createerr.cf_stat = RPC_UNKNOWNPROTO;
return NULL;
}
-#endif /* !HAVE_CLNT_VC_CREATE */
+#endif /* !HAVE_LIBTIRPC */
sock = socket((int)sap->sa_family, SOCK_STREAM, IPPROTO_TCP);
if (sock == -1) {
@@ -381,13 +340,13 @@ static CLIENT *nfs_get_tcpclient(const struct sockaddr *sap,
return NULL;
}
-#ifdef HAVE_CLNT_VC_CREATE
+#ifdef HAVE_LIBTIRPC
memcpy(nbuf.buf, sap, (size_t)salen);
client = clnt_vc_create(sock, &nbuf, program, version, 0, 0);
-#else /* HAVE_CLNT_VC_CREATE */
+#else /* !HAVE_LIBTIRPC */
client = clnttcp_create((struct sockaddr_in *)sap,
program, version, &sock, 0, 0);
-#endif /* HAVE_CLNT_VC_CREATE */
+#endif /* !HAVE_LIBTIRPC */
if (client != NULL)
CLNT_CONTROL(client, CLSET_FD_CLOSE, NULL);
else
diff --git a/utils/gssd/Makefile.am b/utils/gssd/Makefile.am
index e42b339..95a2bd0 100644
--- a/utils/gssd/Makefile.am
+++ b/utils/gssd/Makefile.am
@@ -39,11 +39,11 @@ gssd_SOURCES = \
write_bytes.h
gssd_LDADD = ../../support/nfs/libnfs.a \
- $(RPCSECGSS_LIBS) $(KRBLIBS)
+ $(RPCSECGSS_LIBS) $(GSSGLUE_LIBS) $(KRBLIBS)
gssd_LDFLAGS = $(KRBLDFLAGS)
gssd_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \
- $(RPCSECGSS_CFLAGS) $(KRBCFLAGS)
+ $(RPCSECGSS_CFLAGS) $(GSSGLUE_CFLAGS) $(KRBCFLAGS)
svcgssd_SOURCES = \
$(COMMON_SRCS) \
@@ -56,18 +56,18 @@ svcgssd_SOURCES = \
svcgssd_LDADD = \
../../support/nfs/libnfs.a \
- $(RPCSECGSS_LIBS) -lnfsidmap \
+ $(RPCSECGSS_LIBS) $(GSSGLUE_LIBS) -lnfsidmap \
$(KRBLIBS)
svcgssd_LDFLAGS = $(KRBLDFLAGS)
svcgssd_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \
- $(RPCSECGSS_CFLAGS) $(KRBCFLAGS)
+ $(RPCSECGSS_CFLAGS) $(GSSGLUE_CFLAGS) $(KRBCFLAGS)
gss_clnt_send_err_SOURCES = gss_clnt_send_err.c
gss_clnt_send_err_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \
- $(RPCSECGSS_CFLAGS) $(KRBCFLAGS)
+ $(RPCSECGSS_CFLAGS) $(GSSGLUE_CFLAGS) $(KRBCFLAGS)
MAINTAINERCLEANFILES = Makefile.in
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index d0d3f7f..295c37d 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -70,7 +70,6 @@
#include "gssd.h"
#include "err_util.h"
#include "gss_util.h"
-#include "gss_oids.h"
#include "krb5_util.h"
#include "context.h"
@@ -778,8 +777,10 @@ handle_krb5_upcall(struct clnt_info *clp)
out:
if (token.value)
free(token.value);
+#ifndef HAVE_LIBTIRPC
if (pd.pd_ctx_hndl.length != 0)
authgss_free_private_data(&pd);
+#endif
if (auth)
AUTH_DESTROY(auth);
if (rpc_clnt)
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 8923b3b..e3c6f5e 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -124,7 +124,6 @@
#include "gssd.h"
#include "err_util.h"
#include "gss_util.h"
-#include "gss_oids.h"
#include "krb5_util.h"
/* Global list of principals/cache file names for machine credentials */
diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
index 4b2da6b..7d808f5 100644
--- a/utils/gssd/krb5_util.h
+++ b/utils/gssd/krb5_util.h
@@ -3,6 +3,12 @@
#include <krb5.h>
+#ifdef HAVE_LIBTIRPC
+#include <rpc/auth_gss.h>
+#else
+#include "gss_oids.h"
+#endif
+
/*
* List of principals from our keytab that we
* will try to use to obtain credentials
diff --git a/utils/mountd/svc_run.c b/utils/mountd/svc_run.c
index 422e839..5ba5af6 100644
--- a/utils/mountd/svc_run.c
+++ b/utils/mountd/svc_run.c
@@ -54,6 +54,10 @@
#include <errno.h>
#include <time.h>
+#ifdef HAVE_LIBTIRPC
+#include <rpc/rpc_com.h>
+#endif
+
void cache_set_fds(fd_set *fdset);
int cache_process_req(fd_set *readfds);

View File

@ -1,751 +0,0 @@
diff --git a/support/nfs/cacheio.c b/support/nfs/cacheio.c
index 48292f8..f303734 100644
--- a/support/nfs/cacheio.c
+++ b/support/nfs/cacheio.c
@@ -24,6 +24,7 @@
#include <sys/stat.h>
#include <fcntl.h>
#include <time.h>
+#include <errno.h>
void qword_add(char **bpp, int *lp, char *str)
{
@@ -125,7 +126,10 @@ void qword_print(FILE *f, char *str)
char *bp = qword_buf;
int len = sizeof(qword_buf);
qword_add(&bp, &len, str);
- fwrite(qword_buf, bp-qword_buf, 1, f);
+ if (fwrite(qword_buf, bp-qword_buf, 1, f) != 1) {
+ xlog_warn("qword_print: fwrite failed: errno %d (%s)",
+ errno, strerror(errno));
+ }
}
void qword_printhex(FILE *f, char *str, int slen)
@@ -133,7 +137,10 @@ void qword_printhex(FILE *f, char *str, int slen)
char *bp = qword_buf;
int len = sizeof(qword_buf);
qword_addhex(&bp, &len, str, slen);
- fwrite(qword_buf, bp-qword_buf, 1, f);
+ if (fwrite(qword_buf, bp-qword_buf, 1, f) != 1) {
+ xlog_warn("qword_printhex: fwrite failed: errno %d (%s)",
+ errno, strerror(errno));
+ }
}
void qword_printint(FILE *f, int num)
@@ -318,7 +325,10 @@ cache_flush(int force)
sprintf(path, "/proc/net/rpc/%s/flush", cachelist[c]);
fd = open(path, O_RDWR);
if (fd >= 0) {
- write(fd, stime, strlen(stime));
+ if (write(fd, stime, strlen(stime)) != strlen(stime)) {
+ xlog_warn("Writing to '%s' failed: errno %d (%s)",
+ path, errno, strerror(errno));
+ }
close(fd);
}
}
diff --git a/tools/locktest/testlk.c b/tools/locktest/testlk.c
index b392f71..82ed765 100644
--- a/tools/locktest/testlk.c
+++ b/tools/locktest/testlk.c
@@ -81,7 +81,7 @@ main(int argc, char **argv)
if (fl.l_type == F_UNLCK) {
printf("%s: no conflicting lock\n", fname);
} else {
- printf("%s: conflicting lock by %d on (%ld;%ld)\n",
+ printf("%s: conflicting lock by %d on (%lld;%lld)\n",
fname, fl.l_pid, fl.l_start, fl.l_len);
}
return 0;
diff --git a/utils/gssd/context_heimdal.c b/utils/gssd/context_heimdal.c
index ddf064d..6f3b8fd 100644
--- a/utils/gssd/context_heimdal.c
+++ b/utils/gssd/context_heimdal.c
@@ -69,19 +69,19 @@ int write_heimdal_enc_key(char **p, char *end, gss_ctx_id_t ctx)
krb5_context context;
krb5_error_code ret;
int i;
- char *skd, *dkd;
+ char *skd, *dkd, *k5err = NULL;
int code = -1;
if ((ret = krb5_init_context(&context))) {
- printerr(0, "ERROR: initializing krb5_context: %s\n",
- gssd_k5_err_msg(NULL, ret));
+ k5err = gssd_k5_err_msg(NULL, ret);
+ printerr(0, "ERROR: initializing krb5_context: %s\n", k5err);
goto out_err;
}
if ((ret = krb5_auth_con_getlocalsubkey(context,
ctx->auth_context, &key))){
- printerr(0, "ERROR: getting auth_context key: %s\n",
- gssd_k5_err_msg(context, ret));
+ k5err = gssd_k5_err_msg(context, ret);
+ printerr(0, "ERROR: getting auth_context key: %s\n", k5err);
goto out_err_free_context;
}
@@ -97,9 +97,9 @@ int write_heimdal_enc_key(char **p, char *end, gss_ctx_id_t ctx)
enc_key.keyvalue.length = key->keyvalue.length;
if ((enc_key.keyvalue.data =
calloc(1, enc_key.keyvalue.length)) == NULL) {
-
+ k5err = gssd_k5_err_msg(context, ENOMEM);
printerr(0, "ERROR: allocating memory for enc key: %s\n",
- gssd_k5_err_msg(context, ENOMEM));
+ k5err);
goto out_err_free_key;
}
skd = (char *) key->keyvalue.data;
@@ -119,6 +119,7 @@ int write_heimdal_enc_key(char **p, char *end, gss_ctx_id_t ctx)
out_err_free_context:
krb5_free_context(context);
out_err:
+ free(k5err);
printerr(2, "write_heimdal_enc_key: %s\n", code ? "FAILED" : "SUCCESS");
return(code);
}
@@ -128,18 +129,19 @@ int write_heimdal_seq_key(char **p, char *end, gss_ctx_id_t ctx)
krb5_keyblock *key;
krb5_context context;
krb5_error_code ret;
+ char *k5err = NULL;
int code = -1;
if ((ret = krb5_init_context(&context))) {
- printerr(0, "ERROR: initializing krb5_context: %s\n",
- gssd_k5_err_msg(NULL, ret));
+ k5err = gssd_k5_err_msg(NULL, ret);
+ printerr(0, "ERROR: initializing krb5_context: %s\n", k5err);
goto out_err;
}
if ((ret = krb5_auth_con_getlocalsubkey(context,
ctx->auth_context, &key))){
- printerr(0, "ERROR: getting auth_context key: %s\n",
- gssd_k5_err_msg(context, ret));
+ k5err = gssd_k5_err_msg(context, ret);
+ printerr(0, "ERROR: getting auth_context key: %s\n", k5err);
goto out_err_free_context;
}
@@ -162,6 +164,7 @@ int write_heimdal_seq_key(char **p, char *end, gss_ctx_id_t ctx)
out_err_free_context:
krb5_free_context(context);
out_err:
+ free(k5err);
printerr(2, "write_heimdal_seq_key: %s\n", code ? "FAILED" : "SUCCESS");
return(code);
}
diff --git a/utils/gssd/context_lucid.c b/utils/gssd/context_lucid.c
index af7de58..4a682ae 100644
--- a/utils/gssd/context_lucid.c
+++ b/utils/gssd/context_lucid.c
@@ -70,9 +70,10 @@ static int
prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
gss_buffer_desc *buf, int32_t *endtime)
{
+#define FAKESEED_SIZE 16
char *p, *end;
static int constant_zero = 0;
- unsigned char fakeseed[16];
+ unsigned char fakeseed[FAKESEED_SIZE];
uint32_t word_send_seq;
gss_krb5_lucid_key_t enc_key;
int i;
@@ -88,6 +89,7 @@ prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
*/
memset(&enc_key, 0, sizeof(enc_key));
memset(&fakeoid, 0, sizeof(fakeoid));
+ memset(fakeseed, 0, FAKESEED_SIZE);
if (!(buf->value = calloc(1, MAX_CTX_LEN)))
goto out_err;
@@ -98,7 +100,7 @@ prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
/* seed_init and seed not used by kernel anyway */
if (WRITE_BYTES(&p, end, constant_zero)) goto out_err;
- if (write_bytes(&p, end, &fakeseed, 16)) goto out_err;
+ if (write_bytes(&p, end, &fakeseed, FAKESEED_SIZE)) goto out_err;
if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.sign_alg)) goto out_err;
if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.seal_alg)) goto out_err;
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index 295c37d..509946e 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -107,7 +107,7 @@ static int
read_service_info(char *info_file_name, char **servicename, char **servername,
int *prog, int *vers, char **protocol, int *port) {
#define INFOBUFLEN 256
- char buf[INFOBUFLEN];
+ char buf[INFOBUFLEN + 1];
static char dummy[128];
int nbytes;
static char service[128];
@@ -132,6 +132,7 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
if ((nbytes = read(fd, buf, INFOBUFLEN)) == -1)
goto fail;
close(fd);
+ buf[nbytes] = '\0';
numfields = sscanf(buf,"RPC server: %127s\n"
"service: %127s %15s version %15s\n"
@@ -181,9 +182,10 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
fail:
printerr(0, "ERROR: failed to read service info\n");
if (fd != -1) close(fd);
- if (*servername) free(*servername);
- if (*servicename) free(*servicename);
- if (*protocol) free(*protocol);
+ free(*servername);
+ free(*servicename);
+ free(*protocol);
+ *servicename = *servername = *protocol = NULL;
return -1;
}
@@ -199,10 +201,10 @@ destroy_client(struct clnt_info *clp)
if (clp->dir_fd != -1) close(clp->dir_fd);
if (clp->krb5_fd != -1) close(clp->krb5_fd);
if (clp->spkm3_fd != -1) close(clp->spkm3_fd);
- if (clp->dirname) free(clp->dirname);
- if (clp->servicename) free(clp->servicename);
- if (clp->servername) free(clp->servername);
- if (clp->protocol) free(clp->protocol);
+ free(clp->dirname);
+ free(clp->servicename);
+ free(clp->servername);
+ free(clp->protocol);
free(clp);
}
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index e3c6f5e..3009cc5 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -375,6 +375,7 @@ gssd_get_single_krb5_cred(krb5_context context,
time_t now = time(0);
char *cache_type;
char *pname = NULL;
+ char *k5err = NULL;
memset(&my_creds, 0, sizeof(my_creds));
@@ -397,8 +398,8 @@ gssd_get_single_krb5_cred(krb5_context context,
#if HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS
code = krb5_get_init_creds_opt_alloc(context, &init_opts);
if (code) {
- printerr(0, "ERROR: %s allocating gic options\n",
- gssd_k5_err_msg(context, code));
+ k5err = gssd_k5_err_msg(context, code);
+ printerr(0, "ERROR: %s allocating gic options\n", k5err);
goto out;
}
if (krb5_get_init_creds_opt_set_addressless(context, init_opts, 1))
@@ -425,9 +426,9 @@ gssd_get_single_krb5_cred(krb5_context context,
if ((code = krb5_get_init_creds_keytab(context, &my_creds, ple->princ,
kt, 0, NULL, opts))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(1, "WARNING: %s while getting initial ticket for "
- "principal '%s' using keytab '%s'\n",
- gssd_k5_err_msg(context, code),
+ "principal '%s' using keytab '%s'\n", k5err,
pname ? pname : "<unparsable>", kt_name);
goto out;
}
@@ -455,19 +456,21 @@ gssd_get_single_krb5_cred(krb5_context context,
goto out;
}
if ((code = krb5_cc_resolve(context, cc_name, &ccache))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s while opening credential cache '%s'\n",
- gssd_k5_err_msg(context, code), cc_name);
+ k5err, cc_name);
goto out;
}
if ((code = krb5_cc_initialize(context, ccache, ple->princ))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s while initializing credential "
- "cache '%s'\n", gssd_k5_err_msg(context, code),
- cc_name);
+ "cache '%s'\n", k5err, cc_name);
goto out;
}
if ((code = krb5_cc_store_cred(context, ccache, &my_creds))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s while storing credentials in '%s'\n",
- gssd_k5_err_msg(context, code), cc_name);
+ k5err, cc_name);
goto out;
}
@@ -484,6 +487,7 @@ gssd_get_single_krb5_cred(krb5_context context,
if (ccache)
krb5_cc_close(context, ccache);
krb5_free_cred_contents(context, &my_creds);
+ free(k5err);
return (code);
}
@@ -707,6 +711,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
int retval = -1;
char kt_name[BUFSIZ];
char *pname;
+ char *k5err = NULL;
if (found == NULL) {
retval = EINVAL;
@@ -720,15 +725,15 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
* save info in the global principal list (gssd_k5_kt_princ_list).
*/
if ((code = krb5_kt_get_name(context, kt, kt_name, BUFSIZ))) {
- printerr(0, "ERROR: %s attempting to get keytab name\n",
- gssd_k5_err_msg(context, code));
+ k5err = gssd_k5_err_msg(context, code);
+ printerr(0, "ERROR: %s attempting to get keytab name\n", k5err);
retval = code;
goto out;
}
if ((code = krb5_kt_start_seq_get(context, kt, &cursor))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s while beginning keytab scan "
- "for keytab '%s'\n",
- gssd_k5_err_msg(context, code), kt_name);
+ "for keytab '%s'\n", k5err, kt_name);
retval = code;
goto out;
}
@@ -736,9 +741,10 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
while ((code = krb5_kt_next_entry(context, kt, kte, &cursor)) == 0) {
if ((code = krb5_unparse_name(context, kte->principal,
&pname))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "WARNING: Skipping keytab entry because "
"we failed to unparse principal name: %s\n",
- gssd_k5_err_msg(context, code));
+ k5err);
k5_free_kt_entry(context, kte);
continue;
}
@@ -772,13 +778,14 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
}
if ((code = krb5_kt_end_seq_get(context, kt, &cursor))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "WARNING: %s while ending keytab scan for "
- "keytab '%s'\n",
- gssd_k5_err_msg(context, code), kt_name);
+ "keytab '%s'\n", k5err, kt_name);
}
retval = 0;
out:
+ free(k5err);
return retval;
}
@@ -798,6 +805,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
int i, j, retval;
char *default_realm = NULL;
char *realm;
+ char *k5err = NULL;
int tried_all = 0, tried_default = 0;
krb5_principal princ;
@@ -811,8 +819,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
/* Get full local hostname */
retval = gethostname(myhostname, sizeof(myhostname));
if (retval) {
- printerr(1, "%s while getting local hostname\n",
- gssd_k5_err_msg(context, retval));
+ k5err = gssd_k5_err_msg(context, retval);
+ printerr(1, "%s while getting local hostname\n", k5err);
goto out;
}
retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
@@ -822,8 +830,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
code = krb5_get_default_realm(context, &default_realm);
if (code) {
retval = code;
- printerr(1, "%s while getting default realm name\n",
- gssd_k5_err_msg(context, code));
+ k5err = gssd_k5_err_msg(context, code);
+ printerr(1, "%s while getting default realm name\n", k5err);
goto out;
}
@@ -835,8 +843,9 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
*/
code = krb5_get_host_realm(context, targethostname, &realmnames);
if (code) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s while getting realm(s) for host '%s'\n",
- gssd_k5_err_msg(context, code), targethostname);
+ k5err, targethostname);
retval = code;
goto out;
}
@@ -867,19 +876,19 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *hostname,
myhostname,
NULL);
if (code) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(1, "%s while building principal for "
- "'%s/%s@%s'\n",
- gssd_k5_err_msg(context, code),
- svcnames[j], myhostname, realm);
+ "'%s/%s@%s'\n", k5err, svcnames[j],
+ myhostname, realm);
continue;
}
code = krb5_kt_get_entry(context, kt, princ, 0, 0, kte);
krb5_free_principal(context, princ);
if (code) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(3, "%s while getting keytab entry for "
- "'%s/%s@%s'\n",
- gssd_k5_err_msg(context, code),
- svcnames[j], myhostname, realm);
+ "'%s/%s@%s'\n", k5err, svcnames[j],
+ myhostname, realm);
} else {
printerr(3, "Success getting keytab entry for "
"'%s/%s@%s'\n",
@@ -914,6 +923,7 @@ out:
k5_free_default_realm(context, default_realm);
if (realmnames)
krb5_free_host_realm(context, realmnames);
+ free(k5err);
return retval;
}
@@ -1139,11 +1149,12 @@ gssd_destroy_krb5_machine_creds(void)
krb5_error_code code = 0;
krb5_ccache ccache;
struct gssd_k5_kt_princ *ple;
+ char *k5err = NULL;
code = krb5_init_context(&context);
if (code) {
- printerr(0, "ERROR: %s while initializing krb5\n",
- gssd_k5_err_msg(NULL, code));
+ k5err = gssd_k5_err_msg(NULL, code);
+ printerr(0, "ERROR: %s while initializing krb5\n", k5err);
goto out;
}
@@ -1151,19 +1162,21 @@ gssd_destroy_krb5_machine_creds(void)
if (!ple->ccname)
continue;
if ((code = krb5_cc_resolve(context, ple->ccname, &ccache))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "WARNING: %s while resolving credential "
- "cache '%s' for destruction\n",
- gssd_k5_err_msg(context, code), ple->ccname);
+ "cache '%s' for destruction\n", k5err,
+ ple->ccname);
continue;
}
if ((code = krb5_cc_destroy(context, ccache))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "WARNING: %s while destroying credential "
- "cache '%s'\n",
- gssd_k5_err_msg(context, code), ple->ccname);
+ "cache '%s'\n", k5err, ple->ccname);
}
}
out:
+ free(k5err);
krb5_free_context(context);
}
@@ -1178,22 +1191,24 @@ gssd_refresh_krb5_machine_credential(char *hostname,
krb5_context context;
krb5_keytab kt = NULL;;
int retval = 0;
+ char *k5err = NULL;
if (hostname == NULL && ple == NULL)
return EINVAL;
code = krb5_init_context(&context);
if (code) {
+ k5err = gssd_k5_err_msg(NULL, code);
printerr(0, "ERROR: %s: %s while initializing krb5 context\n",
- __FUNCTION__, gssd_k5_err_msg(NULL, code));
+ __func__, k5err);
retval = code;
goto out;
}
if ((code = krb5_kt_resolve(context, keytabfile, &kt))) {
+ k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s: %s while resolving keytab '%s'\n",
- __FUNCTION__, gssd_k5_err_msg(context, code),
- keytabfile);
+ __func__, k5err, keytabfile);
goto out;
}
@@ -1230,29 +1245,35 @@ out:
if (kt)
krb5_kt_close(context, kt);
krb5_free_context(context);
+ free(k5err);
return retval;
}
/*
* A common routine for getting the Kerberos error message
*/
-const char *
+char *
gssd_k5_err_msg(krb5_context context, krb5_error_code code)
{
- const char *msg = NULL;
+ const char *origmsg;
+ char *msg = NULL;
+
#if HAVE_KRB5_GET_ERROR_MESSAGE
- if (context != NULL)
- msg = krb5_get_error_message(context, code);
+ if (context != NULL) {
+ origmsg = krb5_get_error_message(context, code);
+ msg = strdup(origmsg);
+ krb5_free_error_message(context, origmsg);
+ }
#endif
if (msg != NULL)
return msg;
#if HAVE_KRB5
- return error_message(code);
+ return strdup(error_message(code));
#else
if (context != NULL)
- return krb5_get_err_text(context, code);
+ return strdup(krb5_get_err_text(context, code));
else
- return error_message(code);
+ return strdup(error_message(code));
#endif
}
diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
index 7d808f5..3d39300 100644
--- a/utils/gssd/krb5_util.h
+++ b/utils/gssd/krb5_util.h
@@ -31,8 +31,7 @@ void gssd_setup_krb5_machine_gss_ccache(char *servername);
void gssd_destroy_krb5_machine_creds(void);
int gssd_refresh_krb5_machine_credential(char *hostname,
struct gssd_k5_kt_princ *ple);
-const char *
-gssd_k5_err_msg(krb5_context context, krb5_error_code code);
+char *gssd_k5_err_msg(krb5_context context, krb5_error_code code);
void gssd_k5_get_default_realm(char **def_realm);
#ifdef HAVE_SET_ALLOWABLE_ENCTYPES
diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c
index f97dcd3..6ca0e8d 100644
--- a/utils/gssd/svcgssd.c
+++ b/utils/gssd/svcgssd.c
@@ -132,7 +132,11 @@ release_parent(void)
int status;
if (pipefds[1] > 0) {
- write(pipefds[1], &status, 1);
+ if (write(pipefds[1], &status, 1) != 1) {
+ printerr(1,
+ "WARN: writing to parent pipe failed: errno %d (%s)\n",
+ errno, strerror(errno));
+ }
close(pipefds[1]);
pipefds[1] = -1;
}
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
index c1cf4eb..b690e21 100644
--- a/utils/idmapd/idmapd.c
+++ b/utils/idmapd/idmapd.c
@@ -169,7 +169,10 @@ flush_nfsd_cache(char *path, time_t now)
fd = open(path, O_RDWR);
if (fd == -1)
return -1;
- write(fd, stime, strlen(stime));
+ if (write(fd, stime, strlen(stime)) != strlen(stime)) {
+ errx(1, "Flushing nfsd cache failed: errno %d (%s)",
+ errno, strerror(errno));
+ }
close(fd);
return 0;
}
@@ -988,7 +991,10 @@ release_parent(void)
int status;
if (pipefds[1] > 0) {
- write(pipefds[1], &status, 1);
+ if (write(pipefds[1], &status, 1) != 1) {
+ err(1, "Writing to parent pipe failed: errno %d (%s)\n",
+ errno, strerror(errno));
+ }
close(pipefds[1]);
pipefds[1] = -1;
}
diff --git a/utils/mount/fstab.c b/utils/mount/fstab.c
index e19e58b..7668167 100644
--- a/utils/mount/fstab.c
+++ b/utils/mount/fstab.c
@@ -546,8 +546,12 @@ update_mtab (const char *dir, struct mntent *instead)
* from the present mtab before renaming.
*/
struct stat sbuf;
- if (stat (MOUNTED, &sbuf) == 0)
- chown (MOUNTED_TEMP, sbuf.st_uid, sbuf.st_gid);
+ if (stat (MOUNTED, &sbuf) == 0) {
+ if (chown (MOUNTED_TEMP, sbuf.st_uid, sbuf.st_gid) < 0) {
+ nfs_error(_("%s: error changing owner of %s: %s"),
+ progname, MOUNTED_TEMP, strerror (errno));
+ }
+ }
}
/* rename mtemp to mtab */
diff --git a/utils/statd/monitor.c b/utils/statd/monitor.c
index 169cd78..a2c9e2b 100644
--- a/utils/statd/monitor.c
+++ b/utils/statd/monitor.c
@@ -204,7 +204,10 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp)
e += sprintf(e, "%02x", 0xff & (argp->priv[i]));
if (e+1-buf != LINELEN) abort();
e += sprintf(e, " %s %s\n", mon_name, my_name);
- write(fd, buf, e-buf);
+ if (write(fd, buf, e-buf) != (e-buf)) {
+ note(N_WARNING, "writing to %s failed: errno %d (%s)",
+ path, errno, strerror(errno));
+ }
}
free(path);
diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c
index d58e0be..f1fc619 100644
--- a/utils/statd/sm-notify.c
+++ b/utils/statd/sm-notify.c
@@ -782,7 +782,10 @@ static int record_pid(void)
fd = open("/var/run/sm-notify.pid", O_CREAT|O_EXCL|O_WRONLY, 0600);
if (fd < 0)
return 0;
- write(fd, pid, strlen(pid));
+ if (write(fd, pid, strlen(pid)) != strlen(pid)) {
+ nsm_log(LOG_WARNING, "Writing to pid file failed: errno %d(%s)",
+ errno, strerror(errno));
+ }
close(fd);
return 1;
}
@@ -818,12 +821,16 @@ static void drop_privs(void)
static void set_kernel_nsm_state(int state)
{
int fd;
+ const char *file = "/proc/sys/fs/nfs/nsm_local_state";
- fd = open("/proc/sys/fs/nfs/nsm_local_state",O_WRONLY);
+ fd = open(file ,O_WRONLY);
if (fd >= 0) {
char buf[20];
snprintf(buf, sizeof(buf), "%d", state);
- write(fd, buf, strlen(buf));
+ if (write(fd, buf, strlen(buf)) != strlen(buf)) {
+ nsm_log(LOG_WARNING, "Writing to '%s' failed: errno %d (%s)",
+ file, errno, strerror(errno));
+ }
close(fd);
}
}
diff --git a/utils/statd/statd.c b/utils/statd/statd.c
index 6da2ab2..1c5247e 100644
--- a/utils/statd/statd.c
+++ b/utils/statd/statd.c
@@ -179,14 +179,20 @@ static void create_pidfile(void)
pidfile, strerror(errno));
fprintf(fp, "%d\n", getpid());
pidfd = dup(fileno(fp));
- if (fclose(fp) < 0)
- note(N_WARNING, "Flushing pid file failed.\n");
+ if (fclose(fp) < 0) {
+ note(N_WARNING, "Flushing pid file failed: errno %d (%s)\n",
+ errno, strerror(errno));
+ }
}
static void truncate_pidfile(void)
{
- if (pidfd >= 0)
- ftruncate(pidfd, 0);
+ if (pidfd >= 0) {
+ if (ftruncate(pidfd, 0) < 0) {
+ note(N_WARNING, "truncating pid file failed: errno %d (%s)\n",
+ errno, strerror(errno));
+ }
+ }
}
static void drop_privs(void)
@@ -207,9 +213,12 @@ static void drop_privs(void)
/* better chown the pid file before dropping, as if it
* if over nfs we might loose access
*/
- if (pidfd >= 0)
- fchown(pidfd, st.st_uid, st.st_gid);
-
+ if (pidfd >= 0) {
+ if (fchown(pidfd, st.st_uid, st.st_gid) < 0) {
+ note(N_ERROR, "Unable to change owner of %s: %d (%s)",
+ SM_DIR, strerror (errno));
+ }
+ }
setgroups(0, NULL);
if (setgid(st.st_gid) == -1
|| setuid(st.st_uid) == -1) {
@@ -495,7 +504,10 @@ int main (int argc, char **argv)
/* If we got this far, we have successfully started, so notify parent */
if (pipefds[1] > 0) {
status = 0;
- write(pipefds[1], &status, 1);
+ if (write(pipefds[1], &status, 1) != 1) {
+ note(N_WARNING, "writing to parent pipe failed: errno %d (%s)\n",
+ errno, strerror(errno));
+ }
close(pipefds[1]);
pipefds[1] = -1;
}
@@ -534,17 +546,23 @@ static void
load_state_number(void)
{
int fd;
+ const char *file = "/proc/sys/fs/nfs/nsm_local_state";
if ((fd = open(SM_STAT_PATH, O_RDONLY)) == -1)
return;
- read(fd, &MY_STATE, sizeof(MY_STATE));
+ if (read(fd, &MY_STATE, sizeof(MY_STATE)) != sizeof(MY_STATE)) {
+ note(N_WARNING, "Unable to read state from '%s': errno %d (%s)",
+ SM_STAT_PATH, errno, strerror(errno));
+ }
close(fd);
- fd = open("/proc/sys/fs/nfs/nsm_local_state",O_WRONLY);
+ fd = open(file, O_WRONLY);
if (fd >= 0) {
char buf[20];
snprintf(buf, sizeof(buf), "%d", MY_STATE);
- write(fd, buf, strlen(buf));
+ if (write(fd, buf, strlen(buf)) != strlen(buf))
+ note(N_WARNING, "Writing to '%s' failed: errno %d (%s)",
+ file, errno, strerror(errno));
close(fd);
}

View File

@ -1,97 +0,0 @@
--- nfs-utils-1.1.0/utils/mount/nfsmount.c.orig 2007-05-10 23:40:57.000000000 -0400
+++ nfs-utils-1.1.0/utils/mount/nfsmount.c 2007-07-25 11:25:33.000000000 -0400
@@ -733,6 +733,10 @@ parse_options(char *old_opts, struct nfs
data->flags &= ~NFS_MOUNT_SOFT;
if (val)
data->flags |= NFS_MOUNT_SOFT;
+ } else if (!strcmp(opt, "fsc")) {
+ data->flags &= ~NFS_MOUNT_FSCACHE;
+ if (val)
+ data->flags |= NFS_MOUNT_FSCACHE;
} else if (!strcmp(opt, "hard")) {
data->flags &= ~NFS_MOUNT_SOFT;
if (!val)
--- nfs-utils-1.1.0/utils/mount/nfs.man.orig 2007-05-10 23:40:57.000000000 -0400
+++ nfs-utils-1.1.0/utils/mount/nfs.man 2007-07-25 11:27:55.000000000 -0400
@@ -288,6 +288,10 @@ Mount the NFS filesystem using the UDP p
Disables NFSv3 READDIRPLUS RPCs. Use this option when
mounting servers that don't support or have broken
READDIRPLUS implementations.
+.TP 1.5i
+.I fsc
+Enable the use of persistent caching to the local disk using
+the FS-Cache facility for the given mount point.
.P
All of the non-value options have corresponding nooption forms.
For example, nointr means don't allow file operations to be
@@ -444,6 +448,10 @@ This extracts a
server performance penalty but it allows two different NFS clients
to get reasonable good results when both clients are actively
writing to common filesystem on the server.
+.TP 1.5i
+.I fsc
+Enable the use of persistent caching to the local disk using
+the FS-Cache facility for the given mount point.
.P
All of the non-value options have corresponding nooption forms.
For example, nointr means don't allow file operations to be
--- nfs-utils-1.1.0/utils/mount/nfs4mount.c.orig 2007-05-10 23:40:57.000000000 -0400
+++ nfs-utils-1.1.0/utils/mount/nfs4mount.c 2007-07-25 11:25:33.000000000 -0400
@@ -201,7 +201,7 @@ int nfs4mount(const char *spec, const ch
char *s;
int val;
int bg, soft, intr;
- int nocto, noac;
+ int nocto, noac, fscache;
int retry;
int retval;
time_t timeout, t;
@@ -252,6 +252,7 @@ int nfs4mount(const char *spec, const ch
intr = NFS4_MOUNT_INTR;
nocto = 0;
noac = 0;
+ fscache = 0;
retry = 10000; /* 10000 minutes ~ 1 week */
/*
@@ -332,6 +333,8 @@ int nfs4mount(const char *spec, const ch
soft = !val;
else if (!strcmp(opt, "intr"))
intr = val;
+ else if (!strcmp(opt, "fsc"))
+ fscache = val;
else if (!strcmp(opt, "cto"))
nocto = !val;
else if (!strcmp(opt, "ac"))
@@ -347,7 +350,8 @@ int nfs4mount(const char *spec, const ch
data.flags = (soft ? NFS4_MOUNT_SOFT : 0)
| (intr ? NFS4_MOUNT_INTR : 0)
| (nocto ? NFS4_MOUNT_NOCTO : 0)
- | (noac ? NFS4_MOUNT_NOAC : 0);
+ | (noac ? NFS4_MOUNT_NOAC : 0)
+ | (fscache ? NFS4_MOUNT_FSCACHE : 0);
/*
* Give a warning if the rpc.idmapd daemon is not running
--- nfs-utils-1.1.0/utils/mount/nfs4_mount.h.orig 2007-05-10 23:40:57.000000000 -0400
+++ nfs-utils-1.1.0/utils/mount/nfs4_mount.h 2007-07-25 11:27:07.000000000 -0400
@@ -65,7 +65,8 @@ struct nfs4_mount_data {
#define NFS4_MOUNT_NOCTO 0x0010 /* 1 */
#define NFS4_MOUNT_NOAC 0x0020 /* 1 */
#define NFS4_MOUNT_STRICTLOCK 0x1000 /* 1 */
-#define NFS4_MOUNT_FLAGMASK 0xFFFF
+#define NFS4_MOUNT_FSCACHE 0x10000 /* 1 */
+#define NFS4_MOUNT_FLAGMASK 0x1FFFF
/* pseudoflavors: */
--- nfs-utils-1.1.0/utils/mount/nfs_mount.h.orig 2007-05-10 23:40:57.000000000 -0400
+++ nfs-utils-1.1.0/utils/mount/nfs_mount.h 2007-07-25 11:26:39.000000000 -0400
@@ -64,6 +64,7 @@ struct nfs_mount_data {
#define NFS_MOUNT_NOACL 0x0800 /* 4 */
#define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */
#define NFS_MOUNT_NORDIRPLUS 0x4000 /* 5 */
+#define NFS_MOUNT_FSCACHE 0x10000 /* 5 */
/* security pseudoflavors */

View File

@ -1,34 +0,0 @@
commit 06da4cfd46942acaaa5bd2e7933fd290701d186d
Author: Steve Dickson <steved@redhat.com>
Date: Sun Mar 8 10:10:25 2009 -0400
Added back the some logging variables which are no
longer used but, unfortunately, they are extern-ed by
public headers files which are not under the control
of this package.
Spotted-by: Juergen Daubert <jue@jue.li>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/support/misc/tcpwrapper.c b/support/misc/tcpwrapper.c
index a361496..1da6020 100644
--- a/support/misc/tcpwrapper.c
+++ b/support/misc/tcpwrapper.c
@@ -60,8 +60,16 @@ static void logit(int severity, struct sockaddr_in *addr,
u_long procnum, u_long prognum, char *text);
static int check_files(void);
+/*
+ * These need to exist since they are externed
+ * in public header files.
+ */
+int verboselog = 0;
+int allow_severity = LOG_INFO;
+int deny_severity = LOG_WARNING;
+
#define log_bad_host(addr, proc, prog) \
- logit(LOG_WARNING, addr, proc, prog, "request from unauthorized host")
+ logit(deny_severity, addr, proc, prog, "request from unauthorized host")
#define ALLOW 1
#define DENY 0

View File

@ -1,17 +1,13 @@
Summary: NFS utilities and supporting clients and daemons for the kernel NFS server
Name: nfs-utils
URL: http://sourceforge.net/projects/nfs
Version: 1.1.5
Release: 4%{?dist}
Version: 1.1.6
Release: 1%{?dist}
Epoch: 1
# group all 32bit related archs
%define all_32bit_archs i386 i686 athlon ppc sparcv9
# Enable the ability to set the 'fsc' mount flag which
# will allow NFS to use FS-Cache.
%define enablefscache 0
Source0: http://www.kernel.org/pub/linux/utils/nfs/%{name}-%{version}.tar.bz2
Source1: ftp://nfs.sourceforge.net/pub/nfs/nfs.doc.tar.gz
@ -26,14 +22,6 @@ Patch00: nfs-utils-1.0.5-statdpath.patch
Patch01: nfs-utils-1.1.0-smnotify-path.patch
Patch02: nfs-utils-1.1.0-exp-subtree-warn-off.patch
Patch100: nfs-utils-1.1.5-tcpwrap-externs.patch
Patch101: nfs-utils-1-1-6-rc2.patch
Patch102: nfs-utils-1-1-6-rc3.patch
%if %{enablefscache}
Patch90: nfs-utils-1.1.0-mount-fsc.patch
%endif
Group: System Environment/Daemons
Provides: exportfs = %{epoch}:%{version}-%{release}
Provides: nfsstat = %{epoch}:%{version}-%{release}
@ -83,14 +71,6 @@ This package also contains the mount.nfs and umount.nfs program.
%patch01 -p1
%patch02 -p1
%patch100 -p1
%patch101 -p1
%patch102 -p1
%if %{enablefscache}
%patch90 -p1
%endif
# Remove .orig files
find . -name "*.orig" | xargs rm -f
@ -249,6 +229,9 @@ fi
%attr(4755,root,root) /sbin/umount.nfs4
%changelog
* Mon Apr 20 2009 Steve Dickson <steved@redhat.com> 1.1.6-1
- Updated to latest upstream release: 1.1.6
* Mon Mar 23 2009 Steve Dickson <steved@redhat.com> 1.1.5-4
- Added upstream rc3 patch
- gssd: initialize fakeseed in prepare_krb5_rfc1964_buffer

View File

@ -1,2 +1,3 @@
ae7db9c61c5ad04f83bb99e5caed73da nfs.doc.tar.gz
2848072a5e53840b9bc520fbb6782b57 nfs-utils-1.1.5.tar.bz2
b0d1b8ec5c8c081a340cfc77bb8670cd nfs-utils-1.1.6.tar.bz2