mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-22 20:41:26 +00:00
- Unbreak rlm_krb5 (pull in fix from upstream)
- Unbreak UDP packet send when ipaddr is not INADDR_ANY (pull in fix from upstream) - Bump PORTREVISION
This commit is contained in:
parent
90f50c8b1e
commit
7ede8d9395
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=342483
@ -3,6 +3,7 @@
|
||||
|
||||
PORTNAME= freeradius
|
||||
DISTVERSION= 3.0.1
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= net
|
||||
MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
|
||||
ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \
|
||||
|
894
net/freeradius3/files/patch-rlm_krb5
Normal file
894
net/freeradius3/files/patch-rlm_krb5
Normal file
@ -0,0 +1,894 @@
|
||||
--- ./src/modules/rlm_krb5/configure.orig 2014-01-13 20:13:56.000000000 -0500
|
||||
+++ ./src/modules/rlm_krb5/configure 2014-02-03 14:45:22.000000000 -0500
|
||||
@@ -1468,6 +1468,73 @@
|
||||
|
||||
} # ac_fn_c_try_link
|
||||
|
||||
+# ac_fn_c_check_func LINENO FUNC VAR
|
||||
+# ----------------------------------
|
||||
+# Tests whether FUNC exists, setting the cache variable VAR accordingly
|
||||
+ac_fn_c_check_func ()
|
||||
+{
|
||||
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
|
||||
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
|
||||
+$as_echo_n "checking for $2... " >&6; }
|
||||
+if eval \${$3+:} false; then :
|
||||
+ $as_echo_n "(cached) " >&6
|
||||
+else
|
||||
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
+/* end confdefs.h. */
|
||||
+/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
|
||||
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
|
||||
+#define $2 innocuous_$2
|
||||
+
|
||||
+/* System header to define __stub macros and hopefully few prototypes,
|
||||
+ which can conflict with char $2 (); below.
|
||||
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
|
||||
+ <limits.h> exists even on freestanding compilers. */
|
||||
+
|
||||
+#ifdef __STDC__
|
||||
+# include <limits.h>
|
||||
+#else
|
||||
+# include <assert.h>
|
||||
+#endif
|
||||
+
|
||||
+#undef $2
|
||||
+
|
||||
+/* Override any GCC internal prototype to avoid an error.
|
||||
+ Use char because int might match the return type of a GCC
|
||||
+ builtin and then its argument prototype would still apply. */
|
||||
+#ifdef __cplusplus
|
||||
+extern "C"
|
||||
+#endif
|
||||
+char $2 ();
|
||||
+/* The GNU C library defines this for functions which it implements
|
||||
+ to always fail with ENOSYS. Some functions are actually named
|
||||
+ something starting with __ and the normal name is an alias. */
|
||||
+#if defined __stub_$2 || defined __stub___$2
|
||||
+choke me
|
||||
+#endif
|
||||
+
|
||||
+int
|
||||
+main ()
|
||||
+{
|
||||
+return $2 ();
|
||||
+ ;
|
||||
+ return 0;
|
||||
+}
|
||||
+_ACEOF
|
||||
+if ac_fn_c_try_link "$LINENO"; then :
|
||||
+ eval "$3=yes"
|
||||
+else
|
||||
+ eval "$3=no"
|
||||
+fi
|
||||
+rm -f core conftest.err conftest.$ac_objext \
|
||||
+ conftest$ac_exeext conftest.$ac_ext
|
||||
+fi
|
||||
+eval ac_res=\$$3
|
||||
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
|
||||
+$as_echo "$ac_res" >&6; }
|
||||
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
|
||||
+
|
||||
+} # ac_fn_c_check_func
|
||||
+
|
||||
# ac_fn_c_try_run LINENO
|
||||
# ----------------------
|
||||
# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
|
||||
@@ -2856,10 +2923,10 @@
|
||||
if test "$krb5_config" != 'not-found'; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking krb5-config CFLAGS" >&5
|
||||
$as_echo_n "checking krb5-config CFLAGS... " >&6; }
|
||||
- SMART_CFLAGS=$($krb5_config --cflags)
|
||||
- SMART_CFLAGS=$(echo "$SMART_CFLAGS" | sed 's/-I[ ]*/-isystem /g')
|
||||
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${SMART_CFLAGS}" >&5
|
||||
-$as_echo "${SMART_CFLAGS}" >&6; }
|
||||
+ SMART_CPPFLAGS=$($krb5_config --cflags)
|
||||
+ SMART_CPPFLAGS=$(echo "$SMART_CPPFLAGS" | sed 's/-I[ ]*/-isystem /g')
|
||||
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: \"$SMART_CPPFLAGS\"" >&5
|
||||
+$as_echo "\"$SMART_CPPFLAGS\"" >&6; }
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking krb5-config LDFLAGS" >&5
|
||||
$as_echo_n "checking krb5-config LDFLAGS... " >&6; }
|
||||
@@ -2900,7 +2967,7 @@
|
||||
|
||||
|
||||
ac_safe=`echo "krb5.h" | sed 'y%./+-%__pm%'`
|
||||
-old_CFLAGS="$CFLAGS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_include=
|
||||
smart_include_dir=
|
||||
|
||||
@@ -2908,7 +2975,7 @@
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5.h in $try" >&5
|
||||
$as_echo_n "checking for krb5.h in $try... " >&6; }
|
||||
- CFLAGS="$old_CFLAGS -isystem $try"
|
||||
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
@@ -2937,7 +3004,7 @@
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
done
|
||||
- CFLAGS="$old_CFLAGS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_include" = "x"; then
|
||||
@@ -3003,7 +3070,7 @@
|
||||
for try in $smart_include_dir /usr/local/include /opt/include; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5.h in $try" >&5
|
||||
$as_echo_n "checking for krb5.h in $try... " >&6; }
|
||||
- CFLAGS="$old_CFLAGS -isystem $try"
|
||||
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
@@ -3032,13 +3099,13 @@
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
done
|
||||
- CFLAGS="$old_CFLAGS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_include" != "x"; then
|
||||
eval "ac_cv_header_$ac_safe=yes"
|
||||
- CFLAGS="$old_CFLAGS $smart_include"
|
||||
- SMART_CFLAGS="$SMART_CFLAGS $smart_include"
|
||||
+ CPPFLAGS="$smart_include $old_CPPFLAGS"
|
||||
+ SMART_CPPFLAGS="$smart_include $SMART_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "$ac_cv_header_krb5_h" != "yes"; then
|
||||
@@ -3053,14 +3120,17 @@
|
||||
sm_func_safe=`echo "krb5_encrypt_data" | sed 'y%./+-%__p_%'`
|
||||
|
||||
old_LIBS="$LIBS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_lib=
|
||||
+smart_ldflags=
|
||||
smart_lib_dir=
|
||||
|
||||
if test "x$smart_try_dir" != "x"; then
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_encrypt_data in -lk5crypto in $try" >&5
|
||||
$as_echo_n "checking for krb5_encrypt_data in -lk5crypto in $try... " >&6; }
|
||||
- LIBS="-L$try -lk5crypto $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lk5crypto $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_encrypt_data();
|
||||
@@ -3074,7 +3144,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lk5crypto -Wl,-rpath,$try"
|
||||
+ smart_lib="-lk5crypto"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3087,6 +3158,7 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" = "x"; then
|
||||
@@ -3178,7 +3250,8 @@
|
||||
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_encrypt_data in -lk5crypto in $try" >&5
|
||||
$as_echo_n "checking for krb5_encrypt_data in -lk5crypto in $try... " >&6; }
|
||||
- LIBS="-L$try -lk5crypto $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lk5crypto $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_encrypt_data();
|
||||
@@ -3192,7 +3265,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lk5crypto -Wl,-rpath,$try"
|
||||
+ smart_lib="-lk5crypto"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3205,12 +3279,13 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" != "x"; then
|
||||
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
|
||||
- LIBS="$smart_lib $old_LIBS"
|
||||
- SMART_LIBS="$smart_lib $SMART_LIBS"
|
||||
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
|
||||
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_lib_k5crypto_krb5_encrypt_data" = xyes; then
|
||||
@@ -3224,14 +3299,17 @@
|
||||
sm_func_safe=`echo "DH_new" | sed 'y%./+-%__p_%'`
|
||||
|
||||
old_LIBS="$LIBS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_lib=
|
||||
+smart_ldflags=
|
||||
smart_lib_dir=
|
||||
|
||||
if test "x$smart_try_dir" != "x"; then
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for DH_new in -lcrypto in $try" >&5
|
||||
$as_echo_n "checking for DH_new in -lcrypto in $try... " >&6; }
|
||||
- LIBS="-L$try -lcrypto $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lcrypto $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char DH_new();
|
||||
@@ -3245,7 +3323,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lcrypto -Wl,-rpath,$try"
|
||||
+ smart_lib="-lcrypto"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3258,6 +3337,7 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" = "x"; then
|
||||
@@ -3349,7 +3429,8 @@
|
||||
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for DH_new in -lcrypto in $try" >&5
|
||||
$as_echo_n "checking for DH_new in -lcrypto in $try... " >&6; }
|
||||
- LIBS="-L$try -lcrypto $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lcrypto $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char DH_new();
|
||||
@@ -3363,7 +3444,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lcrypto -Wl,-rpath,$try"
|
||||
+ smart_lib="-lcrypto"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3376,12 +3458,13 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" != "x"; then
|
||||
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
|
||||
- LIBS="$smart_lib $old_LIBS"
|
||||
- SMART_LIBS="$smart_lib $SMART_LIBS"
|
||||
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
|
||||
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_lib_crypto_DH_new" = xyes; then
|
||||
@@ -3400,14 +3483,17 @@
|
||||
sm_func_safe=`echo "set_com_err_hook" | sed 'y%./+-%__p_%'`
|
||||
|
||||
old_LIBS="$LIBS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_lib=
|
||||
+smart_ldflags=
|
||||
smart_lib_dir=
|
||||
|
||||
if test "x$smart_try_dir" != "x"; then
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for set_com_err_hook in -lcom_err in $try" >&5
|
||||
$as_echo_n "checking for set_com_err_hook in -lcom_err in $try... " >&6; }
|
||||
- LIBS="-L$try -lcom_err $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lcom_err $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char set_com_err_hook();
|
||||
@@ -3421,7 +3507,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lcom_err -Wl,-rpath,$try"
|
||||
+ smart_lib="-lcom_err"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3434,6 +3521,7 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" = "x"; then
|
||||
@@ -3525,7 +3613,8 @@
|
||||
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for set_com_err_hook in -lcom_err in $try" >&5
|
||||
$as_echo_n "checking for set_com_err_hook in -lcom_err in $try... " >&6; }
|
||||
- LIBS="-L$try -lcom_err $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lcom_err $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char set_com_err_hook();
|
||||
@@ -3539,7 +3628,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lcom_err -Wl,-rpath,$try"
|
||||
+ smart_lib="-lcom_err"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3552,12 +3642,13 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" != "x"; then
|
||||
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
|
||||
- LIBS="$smart_lib $old_LIBS"
|
||||
- SMART_LIBS="$smart_lib $SMART_LIBS"
|
||||
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
|
||||
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_lib_com_err_set_com_err_hook" != xyes; then
|
||||
@@ -3571,14 +3662,17 @@
|
||||
sm_func_safe=`echo "krb5_verify_user_opt" | sed 'y%./+-%__p_%'`
|
||||
|
||||
old_LIBS="$LIBS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_lib=
|
||||
+smart_ldflags=
|
||||
smart_lib_dir=
|
||||
|
||||
if test "x$smart_try_dir" != "x"; then
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_verify_user_opt in -lkrb5 in $try" >&5
|
||||
$as_echo_n "checking for krb5_verify_user_opt in -lkrb5 in $try... " >&6; }
|
||||
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lkrb5 $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_verify_user_opt();
|
||||
@@ -3592,7 +3686,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
|
||||
+ smart_lib="-lkrb5"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3605,6 +3700,7 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" = "x"; then
|
||||
@@ -3696,7 +3792,8 @@
|
||||
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_verify_user_opt in -lkrb5 in $try" >&5
|
||||
$as_echo_n "checking for krb5_verify_user_opt in -lkrb5 in $try... " >&6; }
|
||||
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lkrb5 $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_verify_user_opt();
|
||||
@@ -3710,7 +3807,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
|
||||
+ smart_lib="-lkrb5"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3723,12 +3821,13 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" != "x"; then
|
||||
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
|
||||
- LIBS="$smart_lib $old_LIBS"
|
||||
- SMART_LIBS="$smart_lib $SMART_LIBS"
|
||||
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
|
||||
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_lib_krb5_krb5_verify_user_opt" == xyes; then
|
||||
@@ -3742,14 +3841,17 @@
|
||||
sm_func_safe=`echo "krb5_get_init_creds_password" | sed 'y%./+-%__p_%'`
|
||||
|
||||
old_LIBS="$LIBS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_lib=
|
||||
+smart_ldflags=
|
||||
smart_lib_dir=
|
||||
|
||||
if test "x$smart_try_dir" != "x"; then
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_get_init_creds_password in -lkrb5 in $try" >&5
|
||||
$as_echo_n "checking for krb5_get_init_creds_password in -lkrb5 in $try... " >&6; }
|
||||
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lkrb5 $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_get_init_creds_password();
|
||||
@@ -3763,7 +3865,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
|
||||
+ smart_lib="-lkrb5"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3776,6 +3879,7 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" = "x"; then
|
||||
@@ -3867,7 +3971,8 @@
|
||||
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_get_init_creds_password in -lkrb5 in $try" >&5
|
||||
$as_echo_n "checking for krb5_get_init_creds_password in -lkrb5 in $try... " >&6; }
|
||||
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lkrb5 $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_get_init_creds_password();
|
||||
@@ -3881,7 +3986,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
|
||||
+ smart_lib="-lkrb5"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3894,12 +4000,13 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" != "x"; then
|
||||
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
|
||||
- LIBS="$smart_lib $old_LIBS"
|
||||
- SMART_LIBS="$smart_lib $SMART_LIBS"
|
||||
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
|
||||
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_lib_krb5_krb5_get_init_creds_password" != xyes; then
|
||||
@@ -3910,7 +4017,29 @@
|
||||
fi
|
||||
|
||||
LDFLAGS="${LDFLAGS} ${SMART_LIBS}"
|
||||
- CFLAGS="${CFLAGS} ${SMART_CFLAGS}"
|
||||
+ CFLAGS="${CFLAGS} ${SMART_CPPFLAGS}"
|
||||
+
|
||||
+ for ac_func in krb5_get_error_message krb5_free_error_string krb5_free_error_message
|
||||
+do :
|
||||
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
||||
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
|
||||
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
|
||||
+ cat >>confdefs.h <<_ACEOF
|
||||
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
|
||||
+_ACEOF
|
||||
+
|
||||
+fi
|
||||
+done
|
||||
+
|
||||
+ if test "x$ac_cv_func_krb5_get_error_message" == xyes; then
|
||||
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_GET_ERROR_MESSAGE"
|
||||
+ fi
|
||||
+ if test "x$ac_cv_func_krb5_free_error_message" == xyes; then
|
||||
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_MESSAGE"
|
||||
+ fi
|
||||
+ if test "x$ac_cv_func_krb5_free_error_string" == xyes; then
|
||||
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_STRING"
|
||||
+ fi
|
||||
|
||||
if test "$krb5threadsafe" != "no"; then
|
||||
krb5threadsafe=
|
||||
@@ -3921,14 +4050,17 @@
|
||||
sm_func_safe=`echo "krb5_is_thread_safe" | sed 'y%./+-%__p_%'`
|
||||
|
||||
old_LIBS="$LIBS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_lib=
|
||||
+smart_ldflags=
|
||||
smart_lib_dir=
|
||||
|
||||
if test "x$smart_try_dir" != "x"; then
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_is_thread_safe in -lkrb5 in $try" >&5
|
||||
$as_echo_n "checking for krb5_is_thread_safe in -lkrb5 in $try... " >&6; }
|
||||
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lkrb5 $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_is_thread_safe();
|
||||
@@ -3942,7 +4074,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
|
||||
+ smart_lib="-lkrb5"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -3955,6 +4088,7 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" = "x"; then
|
||||
@@ -4046,7 +4180,8 @@
|
||||
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_is_thread_safe in -lkrb5 in $try" >&5
|
||||
$as_echo_n "checking for krb5_is_thread_safe in -lkrb5 in $try... " >&6; }
|
||||
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
|
||||
+ LIBS="-lkrb5 $old_LIBS"
|
||||
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
extern char krb5_is_thread_safe();
|
||||
@@ -4060,7 +4195,8 @@
|
||||
_ACEOF
|
||||
if ac_fn_c_try_link "$LINENO"; then :
|
||||
|
||||
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
|
||||
+ smart_lib="-lkrb5"
|
||||
+ smart_ldflags="-L$try -Wl,-rpath,$try"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
break
|
||||
@@ -4073,12 +4209,13 @@
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
done
|
||||
LIBS="$old_LIBS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_lib" != "x"; then
|
||||
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
|
||||
- LIBS="$smart_lib $old_LIBS"
|
||||
- SMART_LIBS="$smart_lib $SMART_LIBS"
|
||||
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
|
||||
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_lib_krb5_krb5_is_thread_safe" == xyes; then
|
||||
@@ -4118,7 +4255,7 @@
|
||||
|
||||
|
||||
ac_safe=`echo "com_err.h" | sed 'y%./+-%__pm%'`
|
||||
-old_CFLAGS="$CFLAGS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_include=
|
||||
smart_include_dir=
|
||||
|
||||
@@ -4126,7 +4263,7 @@
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for com_err.h in $try" >&5
|
||||
$as_echo_n "checking for com_err.h in $try... " >&6; }
|
||||
- CFLAGS="$old_CFLAGS -isystem $try"
|
||||
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
@@ -4155,7 +4292,7 @@
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
done
|
||||
- CFLAGS="$old_CFLAGS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_include" = "x"; then
|
||||
@@ -4221,7 +4358,7 @@
|
||||
for try in $smart_include_dir /usr/local/include /opt/include; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for com_err.h in $try" >&5
|
||||
$as_echo_n "checking for com_err.h in $try... " >&6; }
|
||||
- CFLAGS="$old_CFLAGS -isystem $try"
|
||||
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
@@ -4250,20 +4387,20 @@
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
done
|
||||
- CFLAGS="$old_CFLAGS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_include" != "x"; then
|
||||
eval "ac_cv_header_$ac_safe=yes"
|
||||
- CFLAGS="$old_CFLAGS $smart_include"
|
||||
- SMART_CFLAGS="$SMART_CFLAGS $smart_include"
|
||||
+ CPPFLAGS="$smart_include $old_CPPFLAGS"
|
||||
+ SMART_CPPFLAGS="$smart_include $SMART_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "$ac_cv_header_com_err_h" != "yes"; then
|
||||
|
||||
|
||||
ac_safe=`echo "et/com_err.h" | sed 'y%./+-%__pm%'`
|
||||
-old_CFLAGS="$CFLAGS"
|
||||
+old_CPPFLAGS="$CPPFLAGS"
|
||||
smart_include=
|
||||
smart_include_dir=
|
||||
|
||||
@@ -4271,7 +4408,7 @@
|
||||
for try in $smart_try_dir; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for et/com_err.h in $try" >&5
|
||||
$as_echo_n "checking for et/com_err.h in $try... " >&6; }
|
||||
- CFLAGS="$old_CFLAGS -isystem $try"
|
||||
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
@@ -4300,7 +4437,7 @@
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
done
|
||||
- CFLAGS="$old_CFLAGS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_include" = "x"; then
|
||||
@@ -4366,7 +4503,7 @@
|
||||
for try in $smart_include_dir /usr/local/include /opt/include; do
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for et/com_err.h in $try" >&5
|
||||
$as_echo_n "checking for et/com_err.h in $try... " >&6; }
|
||||
- CFLAGS="$old_CFLAGS -isystem $try"
|
||||
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
@@ -4395,13 +4532,13 @@
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
done
|
||||
- CFLAGS="$old_CFLAGS"
|
||||
+ CPPFLAGS="$old_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "x$smart_include" != "x"; then
|
||||
eval "ac_cv_header_$ac_safe=yes"
|
||||
- CFLAGS="$old_CFLAGS $smart_include"
|
||||
- SMART_CFLAGS="$SMART_CFLAGS $smart_include"
|
||||
+ CPPFLAGS="$smart_include $old_CPPFLAGS"
|
||||
+ SMART_CPPFLAGS="$smart_include $SMART_CPPFLAGS"
|
||||
fi
|
||||
|
||||
if test "$ac_cv_header_et_com_err_h" != "yes"; then
|
||||
@@ -4431,8 +4568,8 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
-mod_ldflags="${krb5mod_ldflags} ${krb5libcrypto} ${SMART_LIBS}"
|
||||
-mod_cflags="${krb5mod_cflags} ${krb5threadsafe} ${SMART_CFLAGS}"
|
||||
+mod_ldflags="$krb5mod_ldflags $krb5libcrypto $SMART_LIBS"
|
||||
+mod_cflags="$krb5mod_cflags $krb5threadsafe $SMART_CPPFLAGS"
|
||||
|
||||
|
||||
|
||||
--- ./src/modules/rlm_krb5/configure.ac.orig 2014-01-13 20:13:56.000000000 -0500
|
||||
+++ ./src/modules/rlm_krb5/configure.ac 2014-02-03 14:45:22.000000000 -0500
|
||||
@@ -31,9 +31,9 @@
|
||||
dnl #
|
||||
if test "$krb5_config" != 'not-found'; then
|
||||
AC_MSG_CHECKING([krb5-config CFLAGS])
|
||||
- SMART_CFLAGS=$($krb5_config --cflags)
|
||||
- SMART_CFLAGS=[$(echo "$SMART_CFLAGS" | sed 's/-I[ ]*/-isystem /g')]
|
||||
- AC_MSG_RESULT(${SMART_CFLAGS})
|
||||
+ SMART_CPPFLAGS=$($krb5_config --cflags)
|
||||
+ SMART_CPPFLAGS=[$(echo "$SMART_CPPFLAGS" | sed 's/-I[ ]*/-isystem /g')]
|
||||
+ AC_MSG_RESULT("$SMART_CPPFLAGS")
|
||||
|
||||
AC_MSG_CHECKING([krb5-config LDFLAGS])
|
||||
SMART_LIBS=$($krb5_config --libs)
|
||||
@@ -111,7 +111,21 @@
|
||||
dnl # Need to ensure the test program(s) link against the right library
|
||||
dnl #
|
||||
LDFLAGS="${LDFLAGS} ${SMART_LIBS}"
|
||||
- CFLAGS="${CFLAGS} ${SMART_CFLAGS}"
|
||||
+ CFLAGS="${CFLAGS} ${SMART_CPPFLAGS}"
|
||||
+
|
||||
+ dnl #
|
||||
+ dnl # Check how to free things returned by krb5_get_error_message
|
||||
+ dnl #
|
||||
+ AC_CHECK_FUNCS([krb5_get_error_message krb5_free_error_string krb5_free_error_message])
|
||||
+ if test "x$ac_cv_func_krb5_get_error_message" == xyes; then
|
||||
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_GET_ERROR_MESSAGE"
|
||||
+ fi
|
||||
+ if test "x$ac_cv_func_krb5_free_error_message" == xyes; then
|
||||
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_MESSAGE"
|
||||
+ fi
|
||||
+ if test "x$ac_cv_func_krb5_free_error_string" == xyes; then
|
||||
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_STRING"
|
||||
+ fi
|
||||
|
||||
dnl #
|
||||
dnl # Only check if version checks have not found kerberos to be thread unsafe
|
||||
@@ -160,8 +174,8 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
-mod_ldflags="${krb5mod_ldflags} ${krb5libcrypto} ${SMART_LIBS}"
|
||||
-mod_cflags="${krb5mod_cflags} ${krb5threadsafe} ${SMART_CFLAGS}"
|
||||
+mod_ldflags="$krb5mod_ldflags $krb5libcrypto $SMART_LIBS"
|
||||
+mod_cflags="$krb5mod_cflags $krb5threadsafe $SMART_CPPFLAGS"
|
||||
|
||||
AC_SUBST(mod_ldflags)
|
||||
AC_SUBST(mod_cflags)
|
||||
--- ./src/modules/rlm_krb5/krb5.c.orig 2014-01-13 20:13:56.000000000 -0500
|
||||
+++ ./src/modules/rlm_krb5/krb5.c 2014-02-03 14:47:32.000000000 -0500
|
||||
@@ -15,19 +15,19 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
- * $Id: 81ed1d4bd3c41b41042141caa8e862d51f1f75df $
|
||||
+ * $Id: c830bff1cbb89a9e3faf56a3275b9ba00c5b57d0 $
|
||||
* @file krb5.h
|
||||
* @brief Context management functions for rlm_krb5
|
||||
*
|
||||
* @copyright 2013 The FreeRADIUS server project
|
||||
* @copyright 2013 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
|
||||
*/
|
||||
-RCSID("$Id: 81ed1d4bd3c41b41042141caa8e862d51f1f75df $")
|
||||
+RCSID("$Id: c830bff1cbb89a9e3faf56a3275b9ba00c5b57d0 $")
|
||||
|
||||
#include <freeradius-devel/radiusd.h>
|
||||
#include "krb5.h"
|
||||
|
||||
-#ifdef HEIMDAL_KRB5
|
||||
+#ifdef HAVE_KRB5_GET_ERROR_MESSAGE
|
||||
# define KRB5_STRERROR_BUFSIZE (2048)
|
||||
|
||||
fr_thread_local_setup(char *, krb5_error_buffer) /* macro */
|
||||
@@ -60,7 +60,7 @@
|
||||
|
||||
ret = fr_thread_local_set(krb5_error_buffer, buffer);
|
||||
if (ret != 0) {
|
||||
- ERROR("Failed setting up TLS for krb5 error buffer: %s", fr_syserror(ret));
|
||||
+ ERROR("Failed setting up TLS for krb5 error buffer.");
|
||||
free(buffer);
|
||||
return NULL;
|
||||
}
|
||||
@@ -69,7 +69,13 @@
|
||||
msg = krb5_get_error_message(context, code);
|
||||
if (msg) {
|
||||
strlcpy(buffer, msg, KRB5_STRERROR_BUFSIZE);
|
||||
+#ifdef HAVE_KRB5_FREE_ERROR_MESSAGE
|
||||
krb5_free_error_message(context, msg);
|
||||
+#elif defined(HAVE_KRB5_FREE_ERROR_STRING)
|
||||
+ krb5_free_error_string(context, msg);
|
||||
+#else
|
||||
+# error "No way to free error strings, missing krb5_free_error_message() and krb5_free_error_string()"
|
||||
+#endif
|
||||
} else {
|
||||
strlcpy(buffer, "Unknown error", KRB5_STRERROR_BUFSIZE);
|
||||
}
|
||||
--- ./src/modules/rlm_krb5/krb5.h.orig 2014-01-13 20:13:56.000000000 -0500
|
||||
+++ ./src/modules/rlm_krb5/krb5.h 2014-02-03 14:45:22.000000000 -0500
|
||||
@@ -15,14 +15,14 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
- * $Id: 37805a2a2d917fd3ecea904afa6b15958c235509 $
|
||||
+ * $Id: 59b1f8526e121f9de1c88dcd9cba4386255b722a $
|
||||
* @file krb5.h
|
||||
* @brief types and function signatures for rlm_krb5.
|
||||
*
|
||||
* @copyright 2013 The FreeRADIUS server project
|
||||
* @copyright 2013 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
|
||||
*/
|
||||
-RCSIDH(krb5_h, "$Id: 37805a2a2d917fd3ecea904afa6b15958c235509 $")
|
||||
+RCSIDH(krb5_h, "$Id: 59b1f8526e121f9de1c88dcd9cba4386255b722a $")
|
||||
|
||||
#if defined(KRB5_IS_THREAD_SAFE) && !defined(HAVE_PTHREAD_H)
|
||||
# undef KRB5_IS_THREAD_SAFE
|
||||
@@ -79,7 +79,7 @@
|
||||
* MIT Kerberos uses comm_err, so the macro just expands to a call
|
||||
* to error_message.
|
||||
*/
|
||||
-#ifndef HEIMDAL_KRB5
|
||||
+#ifndef HAVE_KRB5_GET_ERROR_MESSAGE
|
||||
# ifdef ET_COMM_ERR
|
||||
# include <et/com_err.h>
|
||||
# else
|
||||
--- ./src/modules/rlm_krb5/rlm_krb5.c.orig 2014-01-13 20:13:56.000000000 -0500
|
||||
+++ ./src/modules/rlm_krb5/rlm_krb5.c 2014-02-03 14:45:22.000000000 -0500
|
||||
@@ -15,7 +15,7 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
- * $Id: 4c96eb58baaf37c8bc7701ba772c09752ee0505c $
|
||||
+ * $Id: caf186e694151905d607447151fa65e429fb95e3 $
|
||||
* @file rlm_krb5.c
|
||||
* @brief Authenticate users, retrieving their TGT from a Kerberos V5 TDC.
|
||||
*
|
||||
@@ -24,7 +24,7 @@
|
||||
* @copyright 2000 Nathan Neulinger <nneul@umr.edu>
|
||||
* @copyright 2000 Alan DeKok <aland@ox.org>
|
||||
*/
|
||||
-RCSID("$Id: 4c96eb58baaf37c8bc7701ba772c09752ee0505c $")
|
||||
+RCSID("$Id: caf186e694151905d607447151fa65e429fb95e3 $")
|
||||
|
||||
#include <freeradius-devel/radiusd.h>
|
||||
#include <freeradius-devel/modules.h>
|
||||
@@ -84,7 +84,7 @@
|
||||
|
||||
#ifndef KRB5_IS_THREAD_SAFE
|
||||
if (!krb5_is_thread_safe()) {
|
||||
- DEBUGI("libkrb5 is not threadsafe, recompile it, and the server with thread support enabled");
|
||||
+ WDEBUG("libkrb5 is not threadsafe, recompile it, and the server with thread support enabled");
|
||||
WDEBUG("rlm_krb5 will run in single threaded mode, performance may be degraded");
|
||||
} else {
|
||||
WDEBUG("Build time libkrb5 was not threadsafe, but run time library claims to be");
|
||||
@@ -331,8 +331,9 @@
|
||||
break;
|
||||
|
||||
case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN:
|
||||
- RDEBUG("User not found: %s (%i)", ret, rlm_krb5_error(conn->context, ret));
|
||||
+ RDEBUG("User not found (%i): %s", ret, rlm_krb5_error(conn->context, ret));
|
||||
rcode = RLM_MODULE_NOTFOUND;
|
||||
+ break;
|
||||
|
||||
default:
|
||||
REDEBUG("Error verifying credentials (%i): %s", ret, rlm_krb5_error(conn->context, ret));
|
61
net/freeradius3/files/patch-udpfromtofix
Normal file
61
net/freeradius3/files/patch-udpfromtofix
Normal file
@ -0,0 +1,61 @@
|
||||
From d51c75c1ce24dbbb1045b1e72a3c89729ca91016 Mon Sep 17 00:00:00 2001
|
||||
From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
|
||||
Date: Tue, 28 Jan 2014 14:25:19 +0000
|
||||
Subject: [PATCH] Don't use IP_SENDSRCADDR (in sendfromto) if on FreeBSD and
|
||||
the socket were using is bound to a specific IP
|
||||
|
||||
FreeBSD is extra pedantic about the use of IP_SENDSRCADDR, and sendmsg will fail with EINVAL if IP_SENDSRCADDR is used with a socket which is bound to something other than INADDR_ANY.
|
||||
---
|
||||
src/lib/udpfromto.c | 31 ++++++++++++++++++++++++++++++-
|
||||
1 file changed, 30 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lib/udpfromto.c b/src/lib/udpfromto.c
|
||||
index 680e354..b022136 100644
|
||||
--- src/lib/udpfromto.c
|
||||
+++ src/lib/udpfromto.c
|
||||
@@ -292,12 +292,41 @@ int sendfromto(int s, void *buf, size_t len, int flags,
|
||||
struct iovec iov;
|
||||
char cbuf[256];
|
||||
|
||||
-#if !defined(IP_PKTINFO) && !defined(IP_SENDSRCADDR) && !defined(IPV6_PKTINFO)
|
||||
+#ifdef __FreeBSD__
|
||||
+ /*
|
||||
+ * FreeBSD is extra pedantic about the use of IP_SENDSRCADDR,
|
||||
+ * and sendmsg will fail with EINVAL if IP_SENDSRCADDR is used
|
||||
+ * with a socket which is bound to something other than
|
||||
+ * INADDR_ANY
|
||||
+ */
|
||||
+ struct sockaddr bound;
|
||||
+ socklen_t bound_len = sizeof(bound);
|
||||
+
|
||||
+ if (getsockname(s, &bound, &bound_len) < 0) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ switch (bound.sa_family) {
|
||||
+ case AF_INET:
|
||||
+ if (((struct sockaddr_in *) &bound)->sin_addr.s_addr != INADDR_ANY) {
|
||||
+ from = NULL;
|
||||
+ }
|
||||
+ break;
|
||||
+
|
||||
+ case AF_INET6:
|
||||
+ if (!IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *) &bound)->sin6_addr)) {
|
||||
+ from = NULL;
|
||||
+ }
|
||||
+ break;
|
||||
+ }
|
||||
+#else
|
||||
+# if !defined(IP_PKTINFO) && !defined(IP_SENDSRCADDR) && !defined(IPV6_PKTINFO)
|
||||
/*
|
||||
* If the sendmsg() flags aren't defined, fall back to
|
||||
* using sendto().
|
||||
*/
|
||||
from = NULL;
|
||||
+# endif
|
||||
#endif
|
||||
|
||||
/*
|
||||
--
|
||||
1.8.5.1
|
||||
|
Loading…
Reference in New Issue
Block a user