Chakra_Linux/core
1
0
Fork 0
mirror of https://gitdl.cn/https://github.com/chakralinux/core.git synced 2025-01-24 02:22:15 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix FS#329

Browse Source 
* krb5: rebuild
* libgssglue: bump to 0.3
* libtirpc: bump to 0.2.2
* nfs-utils: bump to 1.2.4
This commit is contained in:
Phil 2011-08-17 20:39:55 +00:00
parent 5084f36861
commit 59fc7b156d
15 changed files with 974 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
krb5/PKGBUILD
View File

@ -4,12 +4,9 @@
# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
# include global config
source ../_buildscripts/${current_repo}-${_arch}-cfg.conf
pkgname=krb5
pkgver=1.9.1
pkgrel=2
pkgrel=3
pkgdesc="The Kerberos network authentication system"
arch=('i686' 'x86_64')
url="http://web.mit.edu/kerberos/"
@ -18,23 +15,35 @@ depends=('e2fsprogs' 'libldap' 'keyutils')
makedepends=('perl')
provides=('heimdal')
replaces=('heimdal')
backup=('etc/krb5/krb5.conf' 'etc/krb5/kdc.conf')
conflicts=('heimdal')
backup=('etc/krb5.conf' 'var/lib/krb5kdc/kdc.conf')
source=(http://web.mit.edu/kerberos/dist/${pkgname}/1.9/${pkgname}-${pkgver}-signed.tar
kadmind.rc
krb5-kdc.rc)
krb5-kadmind
krb5-kdc
krb5-1.9.1-config-script.patch)
sha1sums=('e23a1795a237521493da9cf3443ac8b98a90c066'
'640e3046c6558313d2be81cf2252afc8622892b0'
'77d2312ecd8bf12a6e72cc8fd871a8ac93b23393')
'2aa229369079ed1bbb201a1ef72c47bf143f4dbe'
'77d2312ecd8bf12a6e72cc8fd871a8ac93b23393'
'8d1ec8bdb39fec230caace112d1a41ad792f7d97')
options=('!emptydirs')
build() {
tar zxvf ${pkgname}-${pkgver}.tar.gz
cd "${srcdir}/${pkgname}-${pkgver}/src"
# - Make krb5-config suppress CFLAGS output when called with --libs
# cf https://bugzilla.redhat.com/show_bug.cgi?id=544391
# http://pkgs.fedoraproject.org/gitweb/?p=krb5.git;a=blob;f=krb5-1.7-buildconf.patch
#
# - Omit extra libraries because their interfaces are not exposed to applications
# by libkrb5, unless do_deps is set to 1, which indicates that the caller
# wants the whole list.
# cf http://pkgs.fedoraproject.org/gitweb/?p=krb5.git;a=blob;f=krb5-1.7-nodeplibs.patch
patch -Np2 -i ${srcdir}/krb5-1.9.1-config-script.patch
export CFLAGS+=" -fPIC -fno-strict-aliasing -fstack-protector-all"
export CPPFLAGS+=" -I/usr/include/et"
./configure --prefix=/usr \
--sysconfdir=/etc/krb5 \
--mandir=/usr/share/man \
--localstatedir=/var/lib \
--enable-shared \
@ -44,26 +53,24 @@ build() {
--without-tcl \
--enable-dns-for-realm \
--with-ldap
make
}
check() {
# We can't do this in the build directory.
cd "${srcdir}/${pkgname}-${pkgver}"
make -C src check
}
package() {
cd "${srcdir}/${pkgname}-${pkgver}/src"
make DESTDIR="${pkgdir}" EXAMPLEDIR="/usr/share/doc/${pkgname}/examples" install
install -D -m 644 config-files/kdc.conf "${pkgdir}"/etc/krb5/kdc.conf
install -D -m 644 config-files/krb5.conf "${pkgdir}"/etc/krb5/krb5.conf
# Sample KDC config file
install -dm 755 "${pkgdir}"/var/lib/krb5kdc
install -pm 644 config-files/kdc.conf "${pkgdir}"/var/lib/krb5kdc/kdc.conf
install -d -m 755 "${pkgdir}"/etc/rc.d
install -m 755 ../../krb5-kdc.rc "${pkgdir}"/etc/rc.d
install -m 755 ../../kadmind.rc "${pkgdir}"/etc/rc.d
# Default configuration file
install -dm 755 "${pkgdir}"/etc
install -pm 644 config-files/krb5.conf "${pkgdir}"/etc/krb5.conf
install -dm 755 "${pkgdir}"/etc/rc.d
install -m 755 ../../krb5-kdc "${pkgdir}"/etc/rc.d
install -m 755 ../../krb5-kadmind "${pkgdir}"/etc/rc.d
install -Dm644 "${srcdir}"/${pkgname}-${pkgver}/NOTICE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
}

25
krb5/krb5-1.9.1-config-script.patch Normal file
View File

@ -0,0 +1,25 @@
diff -Naur krb5-1.9.1.ori/src/krb5-config.in krb5-1.9.1/src/krb5-config.in
--- krb5-1.9.1.ori/src/krb5-config.in 2010-01-19 13:44:57.000000000 -0500
+++ krb5-1.9.1/src/krb5-config.in 2011-07-28 14:32:00.546990621 -0400
@@ -186,7 +186,7 @@
-e 's#\$(RPATH_FLAG)#'"$RPATH_FLAG"'#' \
-e 's#\$(LDFLAGS)#'"$LDFLAGS"'#' \
-e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \
- -e 's#\$(CFLAGS)#'"$CFLAGS"'#'`
+ -e 's#\$(CFLAGS)##'`
if test $library = 'kdb'; then
lib_flags="$lib_flags -lkdb5 $KDB5_DB_LIB"
@@ -214,7 +214,11 @@
fi
if test $library = 'krb5'; then
- lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err $GEN_LIB $LIBS $DL_LIB"
+ if test 0$do_deps -eq 1 ; then
+ lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err $GEN_LIB $LIBS $DL_LIB"
+ else
+ lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err"
+ fi
fi
echo $lib_flags

40
krb5/krb5-kadmind Normal file
View File

@ -0,0 +1,40 @@
#!/bin/bash
# general config
. /etc/rc.conf
. /etc/rc.d/functions
PID=`pidof -o %PPID /usr/sbin/kadmind`
case "$1" in
start)
stat_busy "Starting Kerberos Admin Daemon"
if [ -z "$PID" ]; then
/usr/sbin/kadmind
fi
if [ ! -z "$PID" -o $? -gt 0 ]; then
stat_fail
else
add_daemon krb5-kadmind
stat_done
fi
;;
stop)
stat_busy "Stopping Kerberos Admin Daemon"
[ ! -z "$PID" ] && kill $PID &> /dev/null
if [ $? -gt 0 ]; then
stat_fail
else
rm_daemon krb5-kadmind
stat_done
fi
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
echo "usage: $0 {start|stop|restart}"
;;
esac
exit 0

40
krb5/krb5-kdc Normal file
View File

@ -0,0 +1,40 @@
#!/bin/bash
# general config
. /etc/rc.conf
. /etc/rc.d/functions
PID=`pidof -o %PPID /usr/sbin/krb5kdc`
case "$1" in
start)
stat_busy "Starting Kerberos Authentication"
if [ -z "$PID" ]; then
/usr/sbin/krb5kdc
fi
if [ ! -z "$PID" -o $? -gt 0 ]; then
stat_fail
else
add_daemon krb5-kdc
stat_done
fi
;;
stop)
stat_busy "Stopping Kerberos Authentication"
[ ! -z "$PID" ] && kill $PID &> /dev/null
if [ $? -gt 0 ]; then
stat_fail
else
rm_daemon krb5-kdc
stat_done
fi
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
echo "usage: $0 {start|stop|restart}"
;;
esac
exit 0

36
libgssglue/PKGBUILD
View File

@ -1,10 +1,13 @@
# $Id: PKGBUILD 62214 2010-01-04 09:19:11Z tpowa $
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
#
# Chakra Packages for Chakra, part of chakra-project.org
#
# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
pkgname=libgssglue
pkgver=0.1
pkgrel=3
pkgdesc="exports a gssapi interface which calls other random gssapi libraries"
pkgver=0.3
pkgrel=1
pkgdesc="Exports a gssapi interface which calls other random gssapi libraries"
arch=('i686' 'x86_64')
url="http://www.citi.umich.edu/projects/nfsv4/linux/"
license=('BSD')
@ -14,16 +17,21 @@ backup=(etc/gssapi_mech.conf)
options=('!libtool')
source=(http://www.citi.umich.edu/projects/nfsv4/linux/$pkgname/$pkgname-$pkgver.tar.gz
gssapi_mech.conf)
md5sums=('ce1b4c758e6de01b712d154c5c97e540'
'234b9cca75a33af98eda3f1683756879')
md5sums=('48aaad11b7371ba3270faa322202c038'
'080be866717e4e06fa6f7d6f43cb395a')
build() {
cd "$srcdir/$pkgname-$pkgver"
cd "$srcdir"/$pkgname-$pkgver
./configure --prefix=/usr
make || return 1
make DESTDIR="$pkgdir/" install || return 1
# Configuration
install -D -m 644 ../gssapi_mech.conf "$pkgdir/"etc/gssapi_mech.conf
# install license
install -D -m644 COPYING $pkgdir/usr/share/licenses/libgssglue/COPYING
make
}
package() {
cd "$srcdir"/$pkgname-$pkgver
make DESTDIR="$pkgdir/" install
# Configuration
install -Dm644 "$srcdir"/gssapi_mech.conf "$pkgdir/"etc/gssapi_mech.conf
# install license
install -Dm644 COPYING "$pkgdir"/usr/share/licenses/libgssglue/COPYING
}

4
libgssglue/gssapi_mech.conf
View File

@ -15,8 +15,8 @@
# library initialization function
# ================================ ==========================
# The MIT K5 gssapi library, use special function for initialization.
#/usr/lib/libgssapi_krb5.so mechglue_internal_krb5_init
/usr/lib/libgssapi.so mechglue_internal_krb5_init
/usr/lib/libgssapi_krb5.so mechglue_internal_krb5_init
#/usr/lib/libgssapi.so mechglue_internal_krb5_init
#
# The SPKM3 gssapi library function. Use the function spkm3_gss_initialize.
# /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so spkm3_gss_initialize

37
librpcsecgss/PKGBUILD
View File

@ -1,38 +1,29 @@
# $Id: PKGBUILD 75199 2010-04-01 02:12:58Z pierre $
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Andrew Krawchyk <krawch_a@denison.edu>, Marco Lima <cipparello gmail com>
#
# Chakra Packages for Chakra, part of chakra-project.org
#
# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
pkgname=librpcsecgss
pkgver=0.19
pkgrel=4
pkgrel=5
pkgdesc="Library for RPCSECGSS support"
arch=('i686' 'x86_64')
url="http://www.citi.umich.edu/projects/nfsv4/linux/"
license=('GPL')
depends=('glibc' 'heimdal')
makedepends=('pkgconfig' 'autoconf')
depends=('glibc' 'krb5' 'libgssglue')
makedepends=('pkg-config' 'autoconf')
options=('!libtool')
source=("http://www.citi.umich.edu/projects/nfsv4/linux/$pkgname/$pkgname-$pkgver.tar.gz"
librpcsecgss-0.18-heimdal.patch)
md5sums=('b45ed565bdc3099023aa35830ec92997'
'0cfe088551d5776f5bc08c1741a34346')
source=("http://www.citi.umich.edu/projects/nfsv4/linux/${pkgname}/${pkgname}-${pkgver}.tar.gz")
md5sums=('b45ed565bdc3099023aa35830ec92997')
build() {
cd "$srcdir/$pkgname-$pkgver"
# Patch from gentoo for heimdal compatibility Bug #231395
# http://bugs.gentoo.org/show_bug.cgi?id=231395
patch -Np1 -i $srcdir/librpcsecgss-0.18-heimdal.patch || return 1
rm -f config.guess config.sub ltmain.sh
autoreconf -i
GSSAPI_CFLAGS='-I/usr/include/gssapi' \
cd "${srcdir}/${pkgname}-${pkgver}"
./configure --prefix=/usr
make || return 1
make
}
package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir/" install || return 1
cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="$pkgdir/" install
}

50
libtirpc/PKGBUILD
View File

@ -1,23 +1,45 @@
# $Id: PKGBUILD 62190 2010-01-04 08:39:59Z tpowa $
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
#
# Chakra Packages for Chakra, part of chakra-project.org
#
# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
pkgname=libtirpc
pkgver=0.2.1
pkgver=0.2.2
pkgrel=2
pkgdesc="Transport Independent RPC library (SunRPC replacement)"
arch=(i686 x86_64)
depends=('glibc' 'libgssglue' 'heimdal')
arch=('i686' 'x86_64')
url="http://libtirpc.sourceforge.net/"
license=('GPL2')
source=(http://downloads.sourceforge.net/sourceforge/libtirpc/$pkgname-$pkgver.tar.bz2)
license=('BSD')
depends=('libgssglue')
backup=('etc/netconfig')
options=(!libtool)
options=('!libtool')
source=(http://downloads.sourceforge.net/sourceforge/libtirpc/${pkgname}-${pkgver}.tar.bz2
libtirpc-0.2.1-fortify.patch
libtirpc-0.2.3rc1.patch
libtirpc-fix-segfault-0.2.2.patch)
md5sums=('74c41c15c2909f7d11d9c7bfa7db6273'
'2e5c067f1651469dfbbdc91d3c9c60e8'
'ac2a1657b44f4a99c37d8265b05b9133'
'5a3ab55934cad4e8b38fc90c54756472')
build() {
cd $srcdir/$pkgname-$pkgver
cd "${srcdir}/${pkgname}-${pkgver}"
# fix http://bugs.gentoo.org/293593
# https://bugs.archlinux.org/task/20082
patch -Np1 -i ../libtirpc-0.2.1-fortify.patch
# add patches from fedora git to make nfs-utils compile again
patch -Np1 -i ../libtirpc-0.2.3rc1.patch
patch -Np1 -i ../libtirpc-fix-segfault-0.2.2.patch
sh autogen.sh
autoreconf -fisv
./configure --prefix=/usr --enable-gss
make || return 1
make DESTDIR=$pkgdir install || return 1
# install netconfig
install -D -m644 doc/etc_netconfig $pkgdir/etc/netconfig
make
}
package() {
cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
install -D -m644 doc/etc_netconfig "${pkgdir}"/etc/netconfig
install -D -m644 COPYING "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
}
md5sums=('d77eb15f464bf9d6e66259eaf78b2a4e')

18
libtirpc/libtirpc-0.2.1-fortify.patch Normal file
View File

@ -0,0 +1,18 @@
Index: libtirpc-0.2.1/src/getrpcport.c
===================================================================
--- libtirpc-0.2.1.orig/src/getrpcport.c
+++ libtirpc-0.2.1/src/getrpcport.c
@@ -54,11 +54,11 @@ getrpcport(host, prognum, versnum, proto
if ((hp = gethostbyname(host)) == NULL)
return (0);
+ if (hp->h_length != sizeof(addr.sin_addr.s_addr))
+ return (0);
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = 0;
- if (hp->h_length > sizeof(addr))
- hp->h_length = sizeof(addr);
memcpy(&addr.sin_addr.s_addr, hp->h_addr, (size_t)hp->h_length);
/* Inconsistent interfaces need casts! :-( */
return (pmap_getport(&addr, (u_long)prognum, (u_long)versnum,

637
libtirpc/libtirpc-0.2.3rc1.patch Normal file
View File

@ -0,0 +1,637 @@
diff --git a/src/Makefile.am b/src/Makefile.am
index 7ee8cbc..6731ff9 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -50,7 +50,7 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln
rpc_callmsg.c rpc_generic.c rpc_soc.c rpcb_clnt.c rpcb_prot.c \
rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_generic.c \
svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
- auth_time.c auth_des.c authdes_prot.c des_crypt.c
+ auth_time.c auth_des.c authdes_prot.c
## XDR
libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c
diff --git a/src/auth_des.c b/src/auth_des.c
index 37e7667..f0c8b8c 100644
--- a/src/auth_des.c
+++ b/src/auth_des.c
@@ -223,6 +223,7 @@ authdes_pk_seccreate(const char *servername, netobj *pkey, u_int window,
goto failed;
}
ad->ad_nis_srvr = NULL; /* not needed any longer */
+ auth_get(auth); /* Reference for caller */
return (auth);
failed:
@@ -472,6 +473,12 @@ authdes_destroy(AUTH *auth)
FREE(auth, sizeof(AUTH));
}
+static bool_t
+authdes_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xfunc, caddr_t xwhere)
+{
+ return ((*xfunc)(xdrs, xwhere));
+}
+
static struct auth_ops *
authdes_ops(void)
{
@@ -487,6 +494,8 @@ authdes_ops(void)
ops.ah_validate = authdes_validate;
ops.ah_refresh = authdes_refresh;
ops.ah_destroy = authdes_destroy;
+ ops.ah_wrap = authdes_wrap;
+ ops.ah_unwrap = authdes_wrap;
}
mutex_unlock(&authdes_ops_lock);
return (&ops);
diff --git a/src/auth_gss.c b/src/auth_gss.c
index df3017a..a992049 100644
--- a/src/auth_gss.c
+++ b/src/auth_gss.c
@@ -200,6 +200,8 @@ authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec)
if (!authgss_refresh(auth))
auth = NULL;
+ else
+ auth_get(auth); /* Reference for caller */
clnt->cl_auth = save_auth;
@@ -555,9 +557,20 @@ authgss_destroy_context(AUTH *auth)
if (gd->gc.gc_ctx.length != 0) {
if (gd->established) {
+ AUTH *save_auth = NULL;
+
+ /* Make sure we use the right auth_ops */
+ if (gd->clnt->cl_auth != auth) {
+ save_auth = gd->clnt->cl_auth;
+ gd->clnt->cl_auth = auth;
+ }
+
gd->gc.gc_proc = RPCSEC_GSS_DESTROY;
clnt_call(gd->clnt, NULLPROC, (xdrproc_t)xdr_void, NULL,
(xdrproc_t)xdr_void, NULL, AUTH_TIMEOUT);
+
+ if (save_auth != NULL)
+ gd->clnt->cl_auth = save_auth;
}
gss_release_buffer(&min_stat, &gd->gc.gc_ctx);
/* XXX ANDROS check size of context - should be 8 */
diff --git a/src/auth_none.c b/src/auth_none.c
index a439ec6..008c589 100644
--- a/src/auth_none.c
+++ b/src/auth_none.c
@@ -155,6 +155,12 @@ authnone_destroy(AUTH *client)
{
}
+static bool_t
+authnone_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xfunc, caddr_t xwhere)
+{
+ return ((*xfunc)(xdrs, xwhere));
+}
+
static struct auth_ops *
authnone_ops()
{
@@ -170,6 +176,8 @@ authnone_ops()
ops.ah_validate = authnone_validate;
ops.ah_refresh = authnone_refresh;
ops.ah_destroy = authnone_destroy;
+ ops.ah_wrap = authnone_wrap;
+ ops.ah_unwrap = authnone_wrap;
}
mutex_unlock(&ops_lock);
return (&ops);
diff --git a/src/auth_unix.c b/src/auth_unix.c
index c2469da..4b9b13f 100644
--- a/src/auth_unix.c
+++ b/src/auth_unix.c
@@ -162,6 +162,7 @@ authunix_create(machname, uid, gid, len, aup_gids)
*/
auth->ah_cred = au->au_origcred;
marshal_new_auth(auth);
+ auth_get(auth); /* Reference for caller */
return (auth);
#ifndef _KERNEL
cleanup_authunix_create:
@@ -396,6 +397,12 @@ marshal_new_auth(auth)
XDR_DESTROY(xdrs);
}
+static bool_t
+authunix_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xfunc, caddr_t xwhere)
+{
+ return ((*xfunc)(xdrs, xwhere));
+}
+
static struct auth_ops *
authunix_ops()
{
@@ -411,6 +418,8 @@ authunix_ops()
ops.ah_validate = authunix_validate;
ops.ah_refresh = authunix_refresh;
ops.ah_destroy = authunix_destroy;
+ ops.ah_wrap = authunix_wrap;
+ ops.ah_unwrap = authunix_wrap;
}
mutex_unlock(&ops_lock);
return (&ops);
diff --git a/src/authgss_prot.c b/src/authgss_prot.c
index 9d7fa09..0168318 100644
--- a/src/authgss_prot.c
+++ b/src/authgss_prot.c
@@ -161,6 +161,7 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr,
databuflen = end - start - 4;
XDR_SETPOS(xdrs, start + 4);
databuf.value = XDR_INLINE(xdrs, databuflen);
+ databuf.length = databuflen;
xdr_stat = FALSE;
@@ -169,7 +170,6 @@ xdr_rpc_gss_wrap_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr,
XDR_SETPOS(xdrs, start);
if (!xdr_u_int(xdrs, (u_int *)&databuflen))
return (FALSE);
- databuf.length = databuflen;
/* Checksum rpc_gss_data_t. */
maj_stat = gss_get_mic(&min_stat, ctx, qop,
diff --git a/src/clnt_dg.c b/src/clnt_dg.c
index 79fed5d..4a1f60a 100644
--- a/src/clnt_dg.c
+++ b/src/clnt_dg.c
@@ -366,7 +366,7 @@ call_again:
if ((! XDR_PUTINT32(xdrs, (int32_t *)&proc)) ||
(! AUTH_MARSHALL(cl->cl_auth, xdrs)) ||
- (! (*xargs)(xdrs, argsp))) {
+ (! AUTH_WRAP(cl->cl_auth, xdrs, xargs, argsp))) {
cu->cu_error.re_status = RPC_CANTENCODEARGS;
goto out;
}
@@ -400,8 +400,8 @@ get_reply:
* (We assume that this is actually only executed once.)
*/
reply_msg.acpted_rply.ar_verf = _null_auth;
- reply_msg.acpted_rply.ar_results.where = resultsp;
- reply_msg.acpted_rply.ar_results.proc = xresults;
+ reply_msg.acpted_rply.ar_results.where = NULL;
+ reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
fd.fd = cu->cu_fd;
fd.events = POLLIN;
@@ -512,6 +512,10 @@ get_reply:
&reply_msg.acpted_rply.ar_verf)) {
cu->cu_error.re_status = RPC_AUTHERROR;
cu->cu_error.re_why = AUTH_INVALIDRESP;
+ } else if (! AUTH_UNWRAP(cl->cl_auth, &reply_xdrs,
+ xresults, resultsp)) {
+ if (cu->cu_error.re_status == RPC_SUCCESS)
+ cu->cu_error.re_status = RPC_CANTDECODERES;
}
if (reply_msg.acpted_rply.ar_verf.oa_base != NULL) {
xdrs->x_op = XDR_FREE;
diff --git a/src/clnt_vc.c b/src/clnt_vc.c
index 359063c..097cae8 100644
--- a/src/clnt_vc.c
+++ b/src/clnt_vc.c
@@ -364,7 +364,7 @@ call_again:
if ((! XDR_PUTBYTES(xdrs, ct->ct_u.ct_mcallc, ct->ct_mpos)) ||
(! XDR_PUTINT32(xdrs, (int32_t *)&proc)) ||
(! AUTH_MARSHALL(cl->cl_auth, xdrs)) ||
- (! (*xdr_args)(xdrs, args_ptr))) {
+ (! AUTH_WRAP(cl->cl_auth, xdrs, xdr_args, args_ptr))) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTENCODEARGS;
(void)xdrrec_endofrecord(xdrs, TRUE);
@@ -420,7 +420,8 @@ call_again:
&reply_msg.acpted_rply.ar_verf)) {
ct->ct_error.re_status = RPC_AUTHERROR;
ct->ct_error.re_why = AUTH_INVALIDRESP;
- } else if (! (*xdr_results)(xdrs, results_ptr)) {
+ } else if (! AUTH_UNWRAP(cl->cl_auth, xdrs,
+ xdr_results, results_ptr)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTDECODERES;
}
diff --git a/src/svc.c b/src/svc.c
index b4a63d0..08cd6c9 100644
--- a/src/svc.c
+++ b/src/svc.c
@@ -77,9 +77,6 @@ static struct svc_callout
extern rwlock_t svc_lock;
extern rwlock_t svc_fd_lock;
-#ifdef HAVE_LIBGSSAPI
-extern struct svc_auth_ops svc_auth_gss_ops;
-#endif
static struct svc_callout *svc_find (rpcprog_t, rpcvers_t,
struct svc_callout **, char *);
@@ -717,11 +714,9 @@ svc_getreq_common (fd)
SVC_DESTROY (xprt);
break;
}
- else if ((xprt->xp_auth != NULL)
-#ifdef HAVE_LIBGSSAPI
- && (xprt->xp_auth->svc_ah_ops != &svc_auth_gss_ops)
-#endif
- ) {
+ else if ((xprt->xp_auth != NULL) &&
+ (xprt->xp_auth->svc_ah_private == NULL))
+ {
xprt->xp_auth = NULL;
}
}
diff --git a/src/svc_auth.c b/src/svc_auth.c
index c6b3a0b..e80d5f9 100644
--- a/src/svc_auth.c
+++ b/src/svc_auth.c
@@ -98,8 +98,8 @@ _authenticate(rqst, msg)
rqst->rq_xprt->xp_verf.oa_length = 0;
cred_flavor = rqst->rq_cred.oa_flavor;
switch (cred_flavor) {
- case AUTH_NULL:
- dummy = _svcauth_null(rqst, msg);
+ case AUTH_NONE:
+ dummy = _svcauth_none(rqst, msg);
return (dummy);
case AUTH_SYS:
dummy = _svcauth_unix(rqst, msg);
@@ -132,15 +132,6 @@ _authenticate(rqst, msg)
return (AUTH_REJECTEDCRED);
}
-/*ARGSUSED*/
-enum auth_stat
-_svcauth_null(rqst, msg)
- struct svc_req *rqst;
- struct rpc_msg *msg;
-{
- return (AUTH_OK);
-}
-
/*
* Allow the rpc service to register new authentication types that it is
* prepared to handle. When an authentication flavor is registered,
diff --git a/src/svc_auth_unix.c b/src/svc_auth_unix.c
index ce83859..9585069 100644
--- a/src/svc_auth_unix.c
+++ b/src/svc_auth_unix.c
@@ -43,6 +43,8 @@
#include <rpc/rpc.h>
+extern SVCAUTH svc_auth_none;
+
/*
* Unix longhand authenticator
*/
@@ -67,6 +69,8 @@ _svcauth_unix(rqst, msg)
assert(rqst != NULL);
assert(msg != NULL);
+ rqst->rq_xprt->xp_auth = &svc_auth_none;
+
area = (struct area *) rqst->rq_clntcred;
aup = &area->area_aup;
aup->aup_machname = area->area_machname;
@@ -142,5 +146,6 @@ _svcauth_short(rqst, msg)
struct svc_req *rqst;
struct rpc_msg *msg;
{
+ rqst->rq_xprt->xp_auth = &svc_auth_none;
return (AUTH_REJECTEDCRED);
}
diff --git a/src/svc_dg.c b/src/svc_dg.c
index 66a56ee..5ef9df2 100644
--- a/src/svc_dg.c
+++ b/src/svc_dg.c
@@ -134,6 +134,7 @@ svc_dg_create(fd, sendsize, recvsize)
su->su_cache = NULL;
xprt->xp_fd = fd;
xprt->xp_p2 = su;
+ xprt->xp_auth = NULL;
xprt->xp_verf.oa_base = su->su_verfbody;
svc_dg_ops(xprt);
xprt->xp_rtaddr.maxlen = sizeof (struct sockaddr_storage);
@@ -234,10 +235,27 @@ svc_dg_reply(xprt, msg)
bool_t stat = FALSE;
size_t slen;
+ xdrproc_t xdr_results;
+ caddr_t xdr_location;
+ bool_t has_args;
+
+ if (msg->rm_reply.rp_stat == MSG_ACCEPTED &&
+ msg->rm_reply.rp_acpt.ar_stat == SUCCESS) {
+ has_args = TRUE;
+ xdr_results = msg->acpted_rply.ar_results.proc;
+ xdr_location = msg->acpted_rply.ar_results.where;
+
+ msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
+ msg->acpted_rply.ar_results.where = NULL;
+ } else
+ has_args = FALSE;
+
xdrs->x_op = XDR_ENCODE;
XDR_SETPOS(xdrs, 0);
msg->rm_xid = su->su_xid;
- if (xdr_replymsg(xdrs, msg)) {
+ if (xdr_replymsg(xdrs, msg) &&
+ (!has_args ||
+ (SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
struct msghdr *msg = &su->su_msghdr;
struct iovec iov;
@@ -264,7 +282,12 @@ svc_dg_getargs(xprt, xdr_args, args_ptr)
xdrproc_t xdr_args;
void *args_ptr;
{
- return (*xdr_args)(&(su_data(xprt)->su_xdrs), args_ptr);
+ if (! SVCAUTH_UNWRAP(xprt->xp_auth, &(su_data(xprt)->su_xdrs),
+ xdr_args, args_ptr)) {
+ (void)svc_freeargs(xprt, xdr_args, args_ptr);
+ return FALSE;
+ }
+ return TRUE;
}
static bool_t
@@ -288,6 +311,10 @@ svc_dg_destroy(xprt)
xprt_unregister(xprt);
if (xprt->xp_fd != -1)
(void)close(xprt->xp_fd);
+ if (xprt->xp_auth != NULL) {
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
+ }
XDR_DESTROY(&(su->su_xdrs));
(void) mem_free(rpc_buffer(xprt), su->su_iosz);
(void) mem_free(su, sizeof (*su));
diff --git a/src/svc_vc.c b/src/svc_vc.c
index aaaf2d7..74632e2 100644
--- a/src/svc_vc.c
+++ b/src/svc_vc.c
@@ -172,6 +172,7 @@ svc_vc_create(fd, sendsize, recvsize)
xprt->xp_p1 = r;
xprt->xp_p2 = NULL;
xprt->xp_p3 = NULL;
+ xprt->xp_auth = NULL;
xprt->xp_verf = _null_auth;
svc_vc_rendezvous_ops(xprt);
xprt->xp_port = (u_short)-1; /* It is the rendezvouser */
@@ -283,6 +284,7 @@ makefd_xprt(fd, sendsize, recvsize)
xdrrec_create(&(cd->xdrs), sendsize, recvsize,
xprt, read_vc, write_vc);
xprt->xp_p1 = cd;
+ xprt->xp_auth = NULL;
xprt->xp_verf.oa_base = cd->verf_body;
svc_vc_ops(xprt); /* truely deals with calls */
xprt->xp_port = 0; /* this is a connection, not a rendezvouser */
@@ -412,6 +414,10 @@ __svc_vc_dodestroy(xprt)
XDR_DESTROY(&(cd->xdrs));
mem_free(cd, sizeof(struct cf_conn));
}
+ if (xprt->xp_auth != NULL) {
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
+ }
if (xprt->xp_rtaddr.buf)
mem_free(xprt->xp_rtaddr.buf, xprt->xp_rtaddr.maxlen);
if (xprt->xp_ltaddr.buf)
@@ -610,7 +616,11 @@ svc_vc_recv(xprt, msg)
}
xdrs->x_op = XDR_DECODE;
- (void)xdrrec_skiprecord(xdrs);
+ /*
+ * No need skip records with nonblocking connections
+ */
+ if (cd->nonblock == FALSE)
+ (void)xdrrec_skiprecord(xdrs);
if (xdr_callmsg(xdrs, msg)) {
cd->x_id = msg->rm_xid;
return (TRUE);
@@ -628,8 +638,13 @@ svc_vc_getargs(xprt, xdr_args, args_ptr)
assert(xprt != NULL);
/* args_ptr may be NULL */
- return ((*xdr_args)(&(((struct cf_conn *)(xprt->xp_p1))->xdrs),
- args_ptr));
+
+ if (! SVCAUTH_UNWRAP(xprt->xp_auth,
+ &(((struct cf_conn *)(xprt->xp_p1))->xdrs),
+ xdr_args, args_ptr)) {
+ return FALSE;
+ }
+ return TRUE;
}
static bool_t
@@ -658,15 +673,35 @@ svc_vc_reply(xprt, msg)
XDR *xdrs;
bool_t rstat;
+ xdrproc_t xdr_results;
+ caddr_t xdr_location;
+ bool_t has_args;
+
assert(xprt != NULL);
assert(msg != NULL);
cd = (struct cf_conn *)(xprt->xp_p1);
xdrs = &(cd->xdrs);
+ if (msg->rm_reply.rp_stat == MSG_ACCEPTED &&
+ msg->rm_reply.rp_acpt.ar_stat == SUCCESS) {
+ has_args = TRUE;
+ xdr_results = msg->acpted_rply.ar_results.proc;
+ xdr_location = msg->acpted_rply.ar_results.where;
+
+ msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
+ msg->acpted_rply.ar_results.where = NULL;
+ } else
+ has_args = FALSE;
+
xdrs->x_op = XDR_ENCODE;
msg->rm_xid = cd->x_id;
- rstat = xdr_replymsg(xdrs, msg);
+ rstat = FALSE;
+ if (xdr_replymsg(xdrs, msg) &&
+ (!has_args ||
+ (SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
+ rstat = TRUE;
+ }
(void)xdrrec_endofrecord(xdrs, TRUE);
return (rstat);
}
diff --git a/src/xdr_rec.c b/src/xdr_rec.c
index 4e815d7..2aca623 100644
--- a/src/xdr_rec.c
+++ b/src/xdr_rec.c
@@ -64,7 +64,6 @@
#include <rpc/clnt.h>
#include <stddef.h>
#include "rpc_com.h"
-#include <unistd.h>
static bool_t xdrrec_getlong(XDR *, long *);
static bool_t xdrrec_putlong(XDR *, const long *);
static bool_t xdrrec_getbytes(XDR *, char *, u_int);
@@ -330,22 +329,22 @@ xdrrec_getpos(xdrs)
RECSTREAM *rstrm = (RECSTREAM *)xdrs->x_private;
off_t pos;
- pos = lseek((int)(u_long)rstrm->tcp_handle, (off_t)0, 1);
- if (pos != -1)
- switch (xdrs->x_op) {
+ switch (xdrs->x_op) {
- case XDR_ENCODE:
- pos += rstrm->out_finger - rstrm->out_base;
- break;
+ case XDR_ENCODE:
+ pos = rstrm->out_finger - rstrm->out_base
+ - BYTES_PER_XDR_UNIT;
+ break;
- case XDR_DECODE:
- pos -= rstrm->in_boundry - rstrm->in_finger;
- break;
+ case XDR_DECODE:
+ pos = rstrm->in_boundry - rstrm->in_finger
+ - BYTES_PER_XDR_UNIT;
+ break;
- default:
- pos = (off_t) -1;
- break;
- }
+ default:
+ pos = (off_t) -1;
+ break;
+ }
return ((u_int) pos);
}
diff --git a/tirpc/rpc/auth.h b/tirpc/rpc/auth.h
index 734e6b9..5f66e67 100644
--- a/tirpc/rpc/auth.h
+++ b/tirpc/rpc/auth.h
@@ -203,8 +203,22 @@ typedef struct __auth {
} *ah_ops;
void *ah_private;
+ int ah_refcnt;
} AUTH;
+static __inline int
+auth_get(AUTH *auth)
+{
+ return __sync_add_and_fetch(&auth->ah_refcnt, 1);
+}
+
+static __inline int
+auth_put(AUTH *auth)
+{
+ return __sync_sub_and_fetch(&auth->ah_refcnt, 1);
+}
+
+
/*
* Authentication ops.
@@ -234,10 +248,23 @@ typedef struct __auth {
#define auth_refresh(auth, msg) \
((*((auth)->ah_ops->ah_refresh))(auth, msg))
-#define AUTH_DESTROY(auth) \
- ((*((auth)->ah_ops->ah_destroy))(auth))
-#define auth_destroy(auth) \
- ((*((auth)->ah_ops->ah_destroy))(auth))
+#define AUTH_DESTROY(auth) \
+ do { \
+ int refs; \
+ if ((refs = auth_put((auth))) == 0) \
+ ((*((auth)->ah_ops->ah_destroy))(auth));\
+ log_debug("%s: auth_put(), refs %d\n", \
+ __func__, refs); \
+ } while (0)
+
+#define auth_destroy(auth) \
+ do { \
+ int refs; \
+ if ((refs = auth_put((auth))) == 0) \
+ ((*((auth)->ah_ops->ah_destroy))(auth));\
+ log_debug("%s: auth_put(), refs %d\n", \
+ __func__, refs); \
+ } while (0)
#define AUTH_WRAP(auth, xdrs, xfunc, xwhere) \
((*((auth)->ah_ops->ah_wrap))(auth, xdrs, \
@@ -373,7 +400,7 @@ __END_DECLS
__BEGIN_DECLS
struct svc_req;
struct rpc_msg;
-enum auth_stat _svcauth_null (struct svc_req *, struct rpc_msg *);
+enum auth_stat _svcauth_none (struct svc_req *, struct rpc_msg *);
enum auth_stat _svcauth_short (struct svc_req *, struct rpc_msg *);
enum auth_stat _svcauth_unix (struct svc_req *, struct rpc_msg *);
__END_DECLS
diff --git a/tirpc/rpc/des.h b/tirpc/rpc/des.h
index e3d6897..d2881ad 100644
--- a/tirpc/rpc/des.h
+++ b/tirpc/rpc/des.h
@@ -33,6 +33,9 @@
* Copyright (c) 1986 by Sun Microsystems, Inc.
*/
+#ifndef _RPC_DES_H_
+#define _RPC_DES_H_
+
#define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */
#define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */
@@ -80,3 +83,5 @@ struct desparams {
* Software DES.
*/
extern int _des_crypt( char *, int, struct desparams * );
+
+#endif
diff --git a/tirpc/rpc/svc_auth.h b/tirpc/rpc/svc_auth.h
index 659e90c..14269d1 100644
--- a/tirpc/rpc/svc_auth.h
+++ b/tirpc/rpc/svc_auth.h
@@ -44,17 +44,23 @@
/*
* Interface to server-side authentication flavors.
*/
-typedef struct {
+typedef struct SVCAUTH {
struct svc_auth_ops {
- int (*svc_ah_wrap)(void);
- int (*svc_ah_unwrap)(void);
- int (*svc_ah_destroy)(void);
+ int (*svc_ah_wrap)(struct SVCAUTH *, XDR *, xdrproc_t,
+ caddr_t);
+ int (*svc_ah_unwrap)(struct SVCAUTH *, XDR *, xdrproc_t,
+ caddr_t);
+ int (*svc_ah_destroy)(struct SVCAUTH *);
} *svc_ah_ops;
caddr_t svc_ah_private;
} SVCAUTH;
-#define SVCAUTH_DESTROY(cred) ((*(cred)->svc_ah_ops->svc_ah_destroy)())
-#define svcauth_destroy(cred) ((*(cred)->svc_ah_ops->svc_ah_destroy)())
+#define SVCAUTH_WRAP(auth, xdrs, xfunc, xwhere) \
+ ((*((auth)->svc_ah_ops->svc_ah_wrap))(auth, xdrs, xfunc, xwhere))
+#define SVCAUTH_UNWRAP(auth, xdrs, xfunc, xwhere) \
+ ((*((auth)->svc_ah_ops->svc_ah_unwrap))(auth, xdrs, xfunc, xwhere))
+#define SVCAUTH_DESTROY(auth) \
+ ((*((auth)->svc_ah_ops->svc_ah_destroy))(auth))
/*
* Server side authenticator

28
libtirpc/libtirpc-fix-segfault-0.2.2.patch Normal file
View File

@ -0,0 +1,28 @@
diff -up libtirpc-0.2.2/src/svc_dg.c.orig libtirpc-0.2.2/src/svc_dg.c
--- libtirpc-0.2.2/src/svc_dg.c.orig 2011-07-19 15:02:41.087631000 -0400
+++ libtirpc-0.2.2/src/svc_dg.c 2011-07-19 15:04:43.154243000 -0400
@@ -254,8 +254,8 @@ svc_dg_reply(xprt, msg)
XDR_SETPOS(xdrs, 0);
msg->rm_xid = su->su_xid;
if (xdr_replymsg(xdrs, msg) &&
- (!has_args ||
- (SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
+ (!has_args || (xprt->xp_auth &&
+ SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
struct msghdr *msg = &su->su_msghdr;
struct iovec iov;
diff -up libtirpc-0.2.2/src/svc_vc.c.orig libtirpc-0.2.2/src/svc_vc.c
--- libtirpc-0.2.2/src/svc_vc.c.orig 2011-07-19 15:05:28.577588000 -0400
+++ libtirpc-0.2.2/src/svc_vc.c 2011-07-19 15:05:40.058928000 -0400
@@ -698,8 +698,8 @@ svc_vc_reply(xprt, msg)
msg->rm_xid = cd->x_id;
rstat = FALSE;
if (xdr_replymsg(xdrs, msg) &&
- (!has_args ||
- (SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
+ (!has_args || (xprt->xp_auth &&
+ SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
rstat = TRUE;
}
(void)xdrrec_endofrecord(xdrs, TRUE);

65
nfs-utils/PKGBUILD
View File

@ -1,23 +1,20 @@
# $Id: PKGBUILD 75208 2010-04-01 02:24:20Z pierre $
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: John Proctor <jproctor@prium.net>
#
# Packages for Chakra, part of chakra-project.org
# Core Packages for Chakra, part of chakra-project.org
#
# maintainer (i686): Phil Miller <philm[at]chakra-project[dog]org>
# maintainer (x86_64): Manuel Tortosa <manutortosa[at]chakra-project[dot]org>
pkgname=nfs-utils
pkgver=1.2.2
pkgrel=4
pkgver=1.2.4
pkgrel=2
pkgdesc="Support programs for Network File Systems"
arch=('i686' 'x86_64')
url='http://nfs.sourceforge.net'
license=('GPL')
backup=(etc/{exports,idmapd.conf} etc/conf.d/{nfs-common.conf,nfs-server.conf})
depends=('glibc' 'tcp_wrappers' 'e2fsprogs' 'rpcbind' 'libtirpc>=0.2.1' 'librpcsecgss>=0.19-2' 'nfsidmap' 'libevent>=2.0.10' 'libgssglue')
makedepends=('pkgconfig' 'autoconf')
source=(http://downloads.sourceforge.net/nfs/${pkgname}-${pkgver}.tar.bz2
depends=('glibc' 'e2fsprogs' 'rpcbind' 'libtirpc>=0.2.1' 'librpcsecgss>=0.19-2' 'nfsidmap' 'libevent>=2.0.10' 'libgssglue')
makedepends=('pkgconfig' 'autoconf' 'automake')
source=(http://downloads.sourceforge.net/project/nfs/${pkgname}/${pkgver}/${pkgname}-${pkgver}.tar.bz2
nfs-common
nfs-common.conf
nfs-server
@ -25,55 +22,42 @@ source=(http://downloads.sourceforge.net/nfs/${pkgname}-${pkgver}.tar.bz2
exports
idmapd.conf
start-statd.patch
nfs-utils-1.1.2-kerberos-ac.patch
nfs-utils-1.1.6-no_libgssapi.patch
nfs-utils-1.1.6-heimdal_functions.patch
nfs-utils-1.1.4-mtab-sym.patch
nfs-utils-1.1.4-no-exec.patch)
nfs-utils-1.1.4-no-exec.patch
kernel-3.0-segfault.patch)
install=nfs-utils.install
md5sums=('dad92f64db3266c7757f71bb53ee8f35'
'990a07943fa958d4abb1cb7bd52c9a7b'
md5sums=('938dc0574f3eb9891a8ed4746f806277'
'fc508e10cdf5e8ddd80373b1b2bc99a1'
'f73f197a16b02c3e248488ec35c4cf43'
'5ae080f6117cef3140f02bc162bdc755'
'b9b334414baec31b97f0431d9ecdcfb9'
'2bf71def3263325643a09458635520f0'
'ff585faf410a62c4333a027c50b56bae'
'eb4f4027fab6fc1201f1ca04f5954c76'
'e24f81a8c8657672e262c61235d34b4a'
'f3be115d392d9f9bb0f056e8d4341a14'
'20c6fae1c771b9d8e91c4973f16372e3'
'e6fd3a8acfe97970a53db1b902c34f45'
'7674106eaaa4c149bccd4f05fe3604e9'
'4f4827dfc93008dfadd0a530ad0872b2')
'4f4827dfc93008dfadd0a530ad0872b2'
'ab92e67f3d0ee2935faab9cdabef8003')
build() {
cd $srcdir/${pkgname}-${pkgver}
# Patches from gentoo for heimdal compatibility Bug 231396
# http://bugs.gentoo.org/show_bug.cgi?id=231396
patch -Np1 -i ../nfs-utils-1.1.2-kerberos-ac.patch || return 1
patch -Np1 -i ../nfs-utils-1.1.6-no_libgssapi.patch || return 1
patch -Np0 -i ../nfs-utils-1.1.6-heimdal_functions.patch || return 1
patch -Np1 -i ../nfs-utils-1.1.4-mtab-sym.patch || return 1
patch -Np1 -i ../nfs-utils-1.1.4-no-exec.patch || return 1
# arch specific patch
patch -Np0 -i $srcdir/start-statd.patch || return 1
rm -f config.guess config.sub ltmain.sh
autoreconf -i
export GSSGLUE_CFLAGS='-I/usr/include/gssapi'
export GSSGLUE_LIBS='-lgssapi -ldl'
patch -Np1 -i ../nfs-utils-1.1.4-mtab-sym.patch
#patch -Np1 -i ../nfs-utils-1.1.4-no-exec.patch
patch -Np1 -i ../kernel-3.0-segfault.patch
# chakra specific patch
patch -Np0 -i $srcdir/start-statd.patch
./configure --prefix=/usr --enable-nfsv3 --enable-nfsv4 --enable-gss \
--with-tcp-wrappers --with-statedir=/var/lib/nfs --sysconfdir=/etc
--without-tcp-wrappers --with-statedir=/var/lib/nfs --enable-ipv6 --sysconfdir=/etc
unset LDFLAGS
make || return 1
make
}
package() {
cd $srcdir/${pkgname}-${pkgver}
make DESTDIR=$pkgdir install || return 1
make DESTDIR=$pkgdir install
# support python2 (FS#25120)
sed -i '1s/python$/python2/' "$pkgdir"/usr/sbin/{nfsiostat,mountstats}
# NFS & NFSv4 init scripts
install -D -m 755 ../nfs-common "$pkgdir/"etc/rc.d/nfs-common
@ -84,6 +68,7 @@ package() {
install -D -m 644 ../nfs-common.conf "$pkgdir/"etc/conf.d/nfs-common.conf
install -D -m 644 ../nfs-server.conf "$pkgdir/"etc/conf.d/nfs-server.conf
# directories
mkdir "$pkgdir/"etc/exports.d
mkdir "$pkgdir/"var/lib/nfs/rpc_pipefs
mkdir "$pkgdir/"var/lib/nfs/v4recovery
}

53
nfs-utils/kernel-3.0-segfault.patch Normal file
View File

@ -0,0 +1,53 @@
mount.nfs segfaults if kernel version number does not contain
at least 3 components delimited with a dot.
Avoid this by matching up to three unsigned integers inialised
to zero, separated by dots.
A version that does not start with an integer is probably a future
version where the versioning evolved to another scheme.
Return UINT_MAX which is guaranteed to be higher than existing
versions. This would also make it possible to easily identify
versions that do not start with an integer.
Signed-off-by: Luk Claes <luk@...>
---
utils/mount/version.h | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/utils/mount/version.h b/utils/mount/version.h
index af61a6f..531cf68 100644
--- a/utils/mount/version.h
+++ b/utils/mount/version.h
@@ -23,8 +23,8 @@
#ifndef _NFS_UTILS_MOUNT_VERSION_H
#define _NFS_UTILS_MOUNT_VERSION_H
-#include <stdlib.h>
-#include <string.h>
+#include <stdio.h>
+#include <limits.h>
#include <sys/utsname.h>
@@ -37,14 +37,16 @@ static inline unsigned int MAKE_VERSION(unsigned int p, unsigned int q,
static inline unsigned int linux_version_code(void)
{
struct utsname my_utsname;
- unsigned int p, q, r;
+ unsigned int p, q = 0, r = 0;
+ /* UINT_MAX as backward compatibility code should not be run */
if (uname(&my_utsname))
- return 0;
+ return UINT_MAX;
- p = (unsigned int)atoi(strtok(my_utsname.release, "."));
- q = (unsigned int)atoi(strtok(NULL, "."));
- r = (unsigned int)atoi(strtok(NULL, "."));
+ /* UINT_MAX as future versions might not start with an integer */
+ if (sscanf(my_utsname.release, "%u.%u.%u", &p, &q, &r) < 1)
+ return UINT_MAX;
+
return MAKE_VERSION(p, q, r);
}

3
nfs-utils/nfs-common
View File

@ -155,11 +155,14 @@ case "$1" in
stat_busy "Mounting pipefs filesystem"
do_modprobe sunrpc
do_modprobe nfs
do_modprobe nfsd
do_mount rpc_pipefs "$PIPEFS_MOUNTPOINT" "$PIPEFS_MOUNTOPTS"
rc=$(($rc+$?))
if [ $rc -gt 0 ]; then
stat_fail
exit $rc
else
stat_done
fi
if [ "$NEED_IDMAPD" = yes ]; then

2
nfs-utils/nfs-server.conf
View File

@ -18,7 +18,7 @@ PROCNFSD_MOUNTOPTS=""
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option.
# See rpc.mountd(8) for more details.
MOUNTD_OPTS="--no-nfs-version 1 --no-nfs-version 2"
MOUNTD_OPTS="--no-nfs-version 2"
# Do you want to start the svcgssd daemon? It is only required for Kerberos
# exports. Valid alternatives are "yes" and "no"; the default is "no".