rpms/postgresql-jdbc
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed javadoc build problem + added missing dependencies

Browse Source 
Removed SSPIClient for windows API
This commit is contained in:
Ondrej Dubaj 2020-07-28 13:28:37 +02:00
parent 0a4486dc68
commit 4dd1cea4cc
3 changed files with 267 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
disable-ConnectTimeoutTest.patch
View File

@ -1,13 +0,0 @@
diff --git a/pgjdbc/src/test/java/org/postgresql/test/jdbc2/Jdbc2TestSuite.java b/pgjdbc/src/test/java/org/postgresql/test/jdbc2/Jdbc2TestSuite.java
index 01d9fbf..f0c956d 100644
--- a/pgjdbc/src/test/java/org/postgresql/test/jdbc2/Jdbc2TestSuite.java
+++ b/pgjdbc/src/test/java/org/postgresql/test/jdbc2/Jdbc2TestSuite.java
@@ -47,7 +47,7 @@ import org.junit.runners.Suite;
CommandCompleteParserTest.class,
ConcurrentStatementFetch.class,
ConnectionTest.class,
- ConnectTimeoutTest.class,
+ // ConnectTimeoutTest.class,
CopyLargeFileTest.class,
CopyTest.class,
CursorFetchTest.class,

23
postgresql-jdbc.spec
View File

@ -50,18 +50,20 @@
%global parent_poms_builddir ./pgjdbc-parent-poms %global parent_poms_builddir ./pgjdbc-parent-poms
%global pgjdbc_mvn_options -DwaffleEnabled=false -DosgiEnabled=false \\\ %global pgjdbc_mvn_options -DwaffleEnabled=false -DosgiEnabled=false \\\
-DexcludePackageNames=org.postgresql.osgi:org.postgresql.sspi -Dmaven.javadoc.skip=true -DexcludePackageNames=org.postgresql.osgi:org.postgresql.sspi
Summary: JDBC driver for PostgreSQL Summary: JDBC driver for PostgreSQL
Name: postgresql-jdbc Name: postgresql-jdbc
Version: 42.2.12 Version: 42.2.12
Release: 2%{?dist} Release: 3%{?dist}
License: BSD License: BSD
URL: http://jdbc.postgresql.org/ URL: http://jdbc.postgresql.org/
Source0: https://github.com/pgjdbc/pgjdbc/archive/REL%{version}/pgjdbc-REL%{version}.tar.gz Source0: https://github.com/pgjdbc/pgjdbc/archive/REL%{version}/pgjdbc-REL%{version}.tar.gz
Provides: pgjdbc = %version-%release Provides: pgjdbc = %version-%release
Patch0: remove-SSPIClient.patch
# Upstream moved parent pom.xml into separate project (even though there is only # Upstream moved parent pom.xml into separate project (even though there is only
# one dependant project on it?). Let's try to not complicate packaging by # one dependant project on it?). Let's try to not complicate packaging by
# having separate spec file for it, too. # having separate spec file for it, too.
@ -75,9 +77,12 @@ BuildRequires: maven-enforcer-plugin
BuildRequires: maven-plugin-bundle BuildRequires: maven-plugin-bundle
BuildRequires: maven-plugin-build-helper BuildRequires: maven-plugin-build-helper
BuildRequires: classloader-leak-test-framework BuildRequires: classloader-leak-test-framework
BuildRequires: jna
BuildRequires: mvn(com.ongres.scram:client) BuildRequires: mvn(com.ongres.scram:client)
BuildRequires: mvn(org.apache.maven.plugins:maven-clean-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-clean-plugin)
BuildRequires: mvn(org.osgi:osgi.cmpn)
BuildRequires: mvn(org.osgi:osgi.core)
%if %runselftest %if %runselftest
BuildRequires: postgresql-contrib BuildRequires: postgresql-contrib
@ -108,6 +113,8 @@ This package contains the API Documentation for %{name}.
mv pgjdbc-REL%version/* . mv pgjdbc-REL%version/* .
mv pgjdbc-parent-poms-REL%parent_ver pgjdbc-parent-poms mv pgjdbc-parent-poms-REL%parent_ver pgjdbc-parent-poms
%patch0 -p1
# remove any binary libs # remove any binary libs
find -name "*.jar" -or -name "*.class" | xargs rm -f find -name "*.jar" -or -name "*.class" | xargs rm -f
@ -121,6 +128,10 @@ find -name "*.jar" -or -name "*.class" | xargs rm -f
%pom_remove_plugin :properties-maven-plugin pgjdbc-parent-poms/pgjdbc-core-parent %pom_remove_plugin :properties-maven-plugin pgjdbc-parent-poms/pgjdbc-core-parent
%pom_remove_plugin :properties-maven-plugin pgjdbc-parent-poms/pgjdbc-versions %pom_remove_plugin :properties-maven-plugin pgjdbc-parent-poms/pgjdbc-versions
%pom_add_dep org.osgi:osgi.cmpn
%pom_add_dep org.osgi:osgi.core
%pom_add_dep net.java.dev.jna:jna
# compat symlink: requested by dtardon (libreoffice), reverts part of # compat symlink: requested by dtardon (libreoffice), reverts part of
# 0af97ce32de877 commit. # 0af97ce32de877 commit.
@ -171,7 +182,7 @@ EOF
opts="-f" opts="-f"
%endif %endif
%mvn_build $opts -- %pgjdbc_mvn_options %mvn_build $opts --xmvn-javadoc -- %pgjdbc_mvn_options
%install %install
@ -183,11 +194,15 @@ opts="-f"
%doc README.md %doc README.md
#%files javadoc -f .mfiles-javadoc %files javadoc -f .mfiles-javadoc
%license LICENSE %license LICENSE
%changelog %changelog
* Fri Jul 24 2020 Ondrej Dubaj <odubaj@redhat.com> - 42.2.12-3
- fixed javadoc build problem + added missing dependencies
- remove SSPIClient for windows API
* Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 42.2.12-2 * Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 42.2.12-2
- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11 - Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11

248
remove-SSPIClient.patch Normal file
View File

@ -0,0 +1,248 @@
diff --git a/pgjdbc/src/main/java/org/postgresql/sspi/SSPIClient.java b/pgjdbc/src/main/java/org/postgresql/sspi/SSPIClient.java
deleted file mode 100644
index b6c47b8..0000000
--- a/pgjdbc/src/main/java/org/postgresql/sspi/SSPIClient.java
+++ /dev/null
@@ -1,242 +0,0 @@
-/*
- * Copyright (c) 2003, PostgreSQL Global Development Group
- * See the LICENSE file in the project root for more information.
- */
-// Copyright (c) 2004, Open Cloud Limited.
-
-package org.postgresql.sspi;
-
-import org.postgresql.core.PGStream;
-import org.postgresql.util.HostSpec;
-import org.postgresql.util.PSQLException;
-import org.postgresql.util.PSQLState;
-
-import com.sun.jna.LastErrorException;
-import com.sun.jna.Platform;
-import com.sun.jna.platform.win32.Sspi;
-import com.sun.jna.platform.win32.Sspi.SecBufferDesc;
-import com.sun.jna.platform.win32.Win32Exception;
-import waffle.windows.auth.IWindowsCredentialsHandle;
-import waffle.windows.auth.impl.WindowsCredentialsHandleImpl;
-import waffle.windows.auth.impl.WindowsSecurityContextImpl;
-
-import java.io.IOException;
-import java.sql.SQLException;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-/**
- * <p>Use Waffle-JNI to support SSPI authentication when PgJDBC is running on a Windows client and
- * talking to a Windows server.</p>
- *
- * <p>SSPI is not supported on a non-Windows client.</p>
- *
- * @author craig
- */
-public class SSPIClient implements ISSPIClient {
-
- public static final String SSPI_DEFAULT_SPN_SERVICE_CLASS = "POSTGRES";
-
- private static final Logger LOGGER = Logger.getLogger(SSPIClient.class.getName());
- private final PGStream pgStream;
- private final String spnServiceClass;
- private final boolean enableNegotiate;
-
- private IWindowsCredentialsHandle clientCredentials;
- private WindowsSecurityContextImpl sspiContext;
- private String targetName;
-
- /**
- * <p>Instantiate an SSPIClient for authentication of a connection.</p>
- *
- * <p>SSPIClient is not re-usable across connections.</p>
- *
- * <p>It is safe to instantiate SSPIClient even if Waffle and JNA are missing or on non-Windows
- * platforms, however you may not call any methods other than isSSPISupported().</p>
- *
- * @param pgStream PostgreSQL connection stream
- * @param spnServiceClass SSPI SPN service class, defaults to POSTGRES if null
- * @param enableNegotiate enable negotiate
- */
- public SSPIClient(PGStream pgStream, String spnServiceClass, boolean enableNegotiate) {
- this.pgStream = pgStream;
-
- if (spnServiceClass == null || spnServiceClass.isEmpty()) {
- spnServiceClass = SSPI_DEFAULT_SPN_SERVICE_CLASS;
- }
- this.spnServiceClass = spnServiceClass;
-
- /* If we're forcing Kerberos (no spnego), disable SSPI negotiation */
- this.enableNegotiate = enableNegotiate;
- }
-
- /**
- * Test whether we can attempt SSPI authentication. If false, do not attempt to call any other
- * SSPIClient methods.
- *
- * @return true if it's safe to attempt SSPI authentication
- */
- @Override
- public boolean isSSPISupported() {
- try {
- /*
- * SSPI is windows-only. Attempt to use JNA to identify the platform. If Waffle is missing we
- * won't have JNA and this will throw a NoClassDefFoundError.
- */
- if (!Platform.isWindows()) {
- LOGGER.log(Level.FINE, "SSPI not supported: non-Windows host");
- return false;
- }
- /* Waffle must be on the CLASSPATH */
- Class.forName("waffle.windows.auth.impl.WindowsSecurityContextImpl");
- return true;
- } catch (NoClassDefFoundError ex) {
- LOGGER.log(Level.WARNING, "SSPI unavailable (no Waffle/JNA libraries?)", ex);
- return false;
- } catch (ClassNotFoundException ex) {
- LOGGER.log(Level.WARNING, "SSPI unavailable (no Waffle/JNA libraries?)", ex);
- return false;
- }
- }
-
- private String makeSPN() throws PSQLException {
- final HostSpec hs = pgStream.getHostSpec();
-
- try {
- /*
- The GSSAPI implementation does not use the port in the service name.
- Force the port number to 0
- Fixes issue 1482
- */
- return NTDSAPIWrapper.instance.DsMakeSpn(spnServiceClass, hs.getHost(), null,
- (short) 0, null);
- } catch (LastErrorException ex) {
- throw new PSQLException("SSPI setup failed to determine SPN",
- PSQLState.CONNECTION_UNABLE_TO_CONNECT, ex);
- }
- }
-
- /**
- * Respond to an authentication request from the back-end for SSPI authentication (AUTH_REQ_SSPI).
- *
- * @throws SQLException on SSPI authentication handshake failure
- * @throws IOException on network I/O issues
- */
- @Override
- public void startSSPI() throws SQLException, IOException {
-
- /*
- * We usually use SSPI negotiation (spnego), but it's disabled if the client asked for GSSPI and
- * usespngo isn't explicitly turned on.
- */
- final String securityPackage = enableNegotiate ? "negotiate" : "kerberos";
-
- LOGGER.log(Level.FINEST, "Beginning SSPI/Kerberos negotiation with SSPI package: {0}", securityPackage);
-
- try {
- /*
- * Acquire a handle for the local Windows login credentials for the current user
- *
- * See AcquireCredentialsHandle
- * (http://msdn.microsoft.com/en-us/library/windows/desktop/aa374712%28v=vs.85%29.aspx)
- *
- * This corresponds to pg_SSPI_startup in libpq/fe-auth.c .
- */
- try {
- clientCredentials = WindowsCredentialsHandleImpl.getCurrent(securityPackage);
- clientCredentials.initialize();
- } catch (Win32Exception ex) {
- throw new PSQLException("Could not obtain local Windows credentials for SSPI",
- PSQLState.CONNECTION_UNABLE_TO_CONNECT /* TODO: Should be authentication error */, ex);
- }
-
- try {
- targetName = makeSPN();
-
- LOGGER.log(Level.FINEST, "SSPI target name: {0}", targetName);
-
- sspiContext = new WindowsSecurityContextImpl();
- sspiContext.setPrincipalName(targetName);
- sspiContext.setCredentialsHandle(clientCredentials);
- sspiContext.setSecurityPackage(securityPackage);
- sspiContext.initialize(null, null, targetName);
- } catch (Win32Exception ex) {
- throw new PSQLException("Could not initialize SSPI security context",
- PSQLState.CONNECTION_UNABLE_TO_CONNECT /* TODO: Should be auth error */, ex);
- }
-
- sendSSPIResponse(sspiContext.getToken());
- LOGGER.log(Level.FINEST, "Sent first SSPI negotiation message");
- } catch (NoClassDefFoundError ex) {
- throw new PSQLException(
- "SSPI cannot be used, Waffle or its dependencies are missing from the classpath",
- PSQLState.NOT_IMPLEMENTED, ex);
- }
- }
-
- /**
- * Continue an existing authentication conversation with the back-end in resonse to an
- * authentication request of type AUTH_REQ_GSS_CONT.
- *
- * @param msgLength Length of message to read, excluding length word and message type word
- * @throws SQLException if something wrong happens
- * @throws IOException if something wrong happens
- */
- @Override
- public void continueSSPI(int msgLength) throws SQLException, IOException {
-
- if (sspiContext == null) {
- throw new IllegalStateException("Cannot continue SSPI authentication that we didn't begin");
- }
-
- LOGGER.log(Level.FINEST, "Continuing SSPI negotiation");
-
- /* Read the response token from the server */
- byte[] receivedToken = pgStream.receive(msgLength);
-
- SecBufferDesc continueToken = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, receivedToken);
-
- sspiContext.initialize(sspiContext.getHandle(), continueToken, targetName);
-
- /*
- * Now send the response token. If negotiation is complete there may be zero bytes to send, in
- * which case we shouldn't send a reply as the server is not expecting one; see fe-auth.c in
- * libpq for details.
- */
- byte[] responseToken = sspiContext.getToken();
- if (responseToken.length > 0) {
- sendSSPIResponse(responseToken);
- LOGGER.log(Level.FINEST, "Sent SSPI negotiation continuation message");
- } else {
- LOGGER.log(Level.FINEST, "SSPI authentication complete, no reply required");
- }
- }
-
- private void sendSSPIResponse(byte[] outToken) throws IOException {
- /*
- * The sspiContext now contains a token we can send to the server to start the handshake. Send a
- * 'password' message containing the required data; the server knows we're doing SSPI
- * negotiation and will deal with it appropriately.
- */
- pgStream.sendChar('p');
- pgStream.sendInteger4(4 + outToken.length);
- pgStream.send(outToken);
- pgStream.flush();
- }
-
- /**
- * Clean up native win32 resources after completion or failure of SSPI authentication. This
- * SSPIClient instance becomes unusable after disposal.
- */
- @Override
- public void dispose() {
- if (sspiContext != null) {
- sspiContext.dispose();
- sspiContext = null;
- }
- if (clientCredentials != null) {
- clientCredentials.dispose();
- clientCredentials = null;
- }
- }
-}