mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-10-22 20:41:26 +00:00
Code Issues Releases Activity

- Unbreak rlm_krb5 (pull in fix from upstream)

Browse Source 
- Unbreak UDP packet send when ipaddr is not INADDR_ANY (pull in fix from upstream)
- Bump PORTREVISION
This commit is contained in:
Ryan Steinmetz 2014-02-04 03:17:29 +00:00
parent 90f50c8b1e
commit 7ede8d9395
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=342483
3 changed files with 956 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
net/freeradius3/Makefile
View File

@ -3,6 +3,7 @@
PORTNAME= freeradius
DISTVERSION= 3.0.1
PORTREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \

894
net/freeradius3/files/patch-rlm_krb5 Normal file
View File

@ -0,0 +1,894 @@
--- ./src/modules/rlm_krb5/configure.orig 2014-01-13 20:13:56.000000000 -0500
+++ ./src/modules/rlm_krb5/configure 2014-02-03 14:45:22.000000000 -0500
@@ -1468,6 +1468,73 @@
} # ac_fn_c_try_link
+# ac_fn_c_check_func LINENO FUNC VAR
+# ----------------------------------
+# Tests whether FUNC exists, setting the cache variable VAR accordingly
+ac_fn_c_check_func ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $2 innocuous_$2
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $2 (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $2
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $2 ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$2 || defined __stub___$2
+choke me
+#endif
+
+int
+main ()
+{
+return $2 ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ eval "$3=yes"
+else
+ eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_func
+
# ac_fn_c_try_run LINENO
# ----------------------
# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
@@ -2856,10 +2923,10 @@
if test "$krb5_config" != 'not-found'; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking krb5-config CFLAGS" >&5
$as_echo_n "checking krb5-config CFLAGS... " >&6; }
- SMART_CFLAGS=$($krb5_config --cflags)
- SMART_CFLAGS=$(echo "$SMART_CFLAGS" | sed 's/-I[ ]*/-isystem /g')
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${SMART_CFLAGS}" >&5
-$as_echo "${SMART_CFLAGS}" >&6; }
+ SMART_CPPFLAGS=$($krb5_config --cflags)
+ SMART_CPPFLAGS=$(echo "$SMART_CPPFLAGS" | sed 's/-I[ ]*/-isystem /g')
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: \"$SMART_CPPFLAGS\"" >&5
+$as_echo "\"$SMART_CPPFLAGS\"" >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking krb5-config LDFLAGS" >&5
$as_echo_n "checking krb5-config LDFLAGS... " >&6; }
@@ -2900,7 +2967,7 @@
ac_safe=`echo "krb5.h" | sed 'y%./+-%__pm%'`
-old_CFLAGS="$CFLAGS"
+old_CPPFLAGS="$CPPFLAGS"
smart_include=
smart_include_dir=
@@ -2908,7 +2975,7 @@
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5.h in $try" >&5
$as_echo_n "checking for krb5.h in $try... " >&6; }
- CFLAGS="$old_CFLAGS -isystem $try"
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
@@ -2937,7 +3004,7 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
done
- CFLAGS="$old_CFLAGS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_include" = "x"; then
@@ -3003,7 +3070,7 @@
for try in $smart_include_dir /usr/local/include /opt/include; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5.h in $try" >&5
$as_echo_n "checking for krb5.h in $try... " >&6; }
- CFLAGS="$old_CFLAGS -isystem $try"
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
@@ -3032,13 +3099,13 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
done
- CFLAGS="$old_CFLAGS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_include" != "x"; then
eval "ac_cv_header_$ac_safe=yes"
- CFLAGS="$old_CFLAGS $smart_include"
- SMART_CFLAGS="$SMART_CFLAGS $smart_include"
+ CPPFLAGS="$smart_include $old_CPPFLAGS"
+ SMART_CPPFLAGS="$smart_include $SMART_CPPFLAGS"
fi
if test "$ac_cv_header_krb5_h" != "yes"; then
@@ -3053,14 +3120,17 @@
sm_func_safe=`echo "krb5_encrypt_data" | sed 'y%./+-%__p_%'`
old_LIBS="$LIBS"
+old_CPPFLAGS="$CPPFLAGS"
smart_lib=
+smart_ldflags=
smart_lib_dir=
if test "x$smart_try_dir" != "x"; then
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_encrypt_data in -lk5crypto in $try" >&5
$as_echo_n "checking for krb5_encrypt_data in -lk5crypto in $try... " >&6; }
- LIBS="-L$try -lk5crypto $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lk5crypto $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_encrypt_data();
@@ -3074,7 +3144,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lk5crypto -Wl,-rpath,$try"
+ smart_lib="-lk5crypto"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3087,6 +3158,7 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" = "x"; then
@@ -3178,7 +3250,8 @@
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_encrypt_data in -lk5crypto in $try" >&5
$as_echo_n "checking for krb5_encrypt_data in -lk5crypto in $try... " >&6; }
- LIBS="-L$try -lk5crypto $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lk5crypto $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_encrypt_data();
@@ -3192,7 +3265,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lk5crypto -Wl,-rpath,$try"
+ smart_lib="-lk5crypto"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3205,12 +3279,13 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" != "x"; then
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
- LIBS="$smart_lib $old_LIBS"
- SMART_LIBS="$smart_lib $SMART_LIBS"
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
fi
if test "x$ac_cv_lib_k5crypto_krb5_encrypt_data" = xyes; then
@@ -3224,14 +3299,17 @@
sm_func_safe=`echo "DH_new" | sed 'y%./+-%__p_%'`
old_LIBS="$LIBS"
+old_CPPFLAGS="$CPPFLAGS"
smart_lib=
+smart_ldflags=
smart_lib_dir=
if test "x$smart_try_dir" != "x"; then
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for DH_new in -lcrypto in $try" >&5
$as_echo_n "checking for DH_new in -lcrypto in $try... " >&6; }
- LIBS="-L$try -lcrypto $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lcrypto $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char DH_new();
@@ -3245,7 +3323,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lcrypto -Wl,-rpath,$try"
+ smart_lib="-lcrypto"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3258,6 +3337,7 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" = "x"; then
@@ -3349,7 +3429,8 @@
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for DH_new in -lcrypto in $try" >&5
$as_echo_n "checking for DH_new in -lcrypto in $try... " >&6; }
- LIBS="-L$try -lcrypto $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lcrypto $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char DH_new();
@@ -3363,7 +3444,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lcrypto -Wl,-rpath,$try"
+ smart_lib="-lcrypto"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3376,12 +3458,13 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" != "x"; then
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
- LIBS="$smart_lib $old_LIBS"
- SMART_LIBS="$smart_lib $SMART_LIBS"
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
fi
if test "x$ac_cv_lib_crypto_DH_new" = xyes; then
@@ -3400,14 +3483,17 @@
sm_func_safe=`echo "set_com_err_hook" | sed 'y%./+-%__p_%'`
old_LIBS="$LIBS"
+old_CPPFLAGS="$CPPFLAGS"
smart_lib=
+smart_ldflags=
smart_lib_dir=
if test "x$smart_try_dir" != "x"; then
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for set_com_err_hook in -lcom_err in $try" >&5
$as_echo_n "checking for set_com_err_hook in -lcom_err in $try... " >&6; }
- LIBS="-L$try -lcom_err $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lcom_err $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char set_com_err_hook();
@@ -3421,7 +3507,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lcom_err -Wl,-rpath,$try"
+ smart_lib="-lcom_err"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3434,6 +3521,7 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" = "x"; then
@@ -3525,7 +3613,8 @@
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for set_com_err_hook in -lcom_err in $try" >&5
$as_echo_n "checking for set_com_err_hook in -lcom_err in $try... " >&6; }
- LIBS="-L$try -lcom_err $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lcom_err $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char set_com_err_hook();
@@ -3539,7 +3628,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lcom_err -Wl,-rpath,$try"
+ smart_lib="-lcom_err"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3552,12 +3642,13 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" != "x"; then
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
- LIBS="$smart_lib $old_LIBS"
- SMART_LIBS="$smart_lib $SMART_LIBS"
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
fi
if test "x$ac_cv_lib_com_err_set_com_err_hook" != xyes; then
@@ -3571,14 +3662,17 @@
sm_func_safe=`echo "krb5_verify_user_opt" | sed 'y%./+-%__p_%'`
old_LIBS="$LIBS"
+old_CPPFLAGS="$CPPFLAGS"
smart_lib=
+smart_ldflags=
smart_lib_dir=
if test "x$smart_try_dir" != "x"; then
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_verify_user_opt in -lkrb5 in $try" >&5
$as_echo_n "checking for krb5_verify_user_opt in -lkrb5 in $try... " >&6; }
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lkrb5 $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_verify_user_opt();
@@ -3592,7 +3686,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
+ smart_lib="-lkrb5"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3605,6 +3700,7 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" = "x"; then
@@ -3696,7 +3792,8 @@
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_verify_user_opt in -lkrb5 in $try" >&5
$as_echo_n "checking for krb5_verify_user_opt in -lkrb5 in $try... " >&6; }
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lkrb5 $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_verify_user_opt();
@@ -3710,7 +3807,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
+ smart_lib="-lkrb5"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3723,12 +3821,13 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" != "x"; then
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
- LIBS="$smart_lib $old_LIBS"
- SMART_LIBS="$smart_lib $SMART_LIBS"
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
fi
if test "x$ac_cv_lib_krb5_krb5_verify_user_opt" == xyes; then
@@ -3742,14 +3841,17 @@
sm_func_safe=`echo "krb5_get_init_creds_password" | sed 'y%./+-%__p_%'`
old_LIBS="$LIBS"
+old_CPPFLAGS="$CPPFLAGS"
smart_lib=
+smart_ldflags=
smart_lib_dir=
if test "x$smart_try_dir" != "x"; then
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_get_init_creds_password in -lkrb5 in $try" >&5
$as_echo_n "checking for krb5_get_init_creds_password in -lkrb5 in $try... " >&6; }
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lkrb5 $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_get_init_creds_password();
@@ -3763,7 +3865,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
+ smart_lib="-lkrb5"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3776,6 +3879,7 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" = "x"; then
@@ -3867,7 +3971,8 @@
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_get_init_creds_password in -lkrb5 in $try" >&5
$as_echo_n "checking for krb5_get_init_creds_password in -lkrb5 in $try... " >&6; }
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lkrb5 $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_get_init_creds_password();
@@ -3881,7 +3986,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
+ smart_lib="-lkrb5"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3894,12 +4000,13 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" != "x"; then
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
- LIBS="$smart_lib $old_LIBS"
- SMART_LIBS="$smart_lib $SMART_LIBS"
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
fi
if test "x$ac_cv_lib_krb5_krb5_get_init_creds_password" != xyes; then
@@ -3910,7 +4017,29 @@
fi
LDFLAGS="${LDFLAGS} ${SMART_LIBS}"
- CFLAGS="${CFLAGS} ${SMART_CFLAGS}"
+ CFLAGS="${CFLAGS} ${SMART_CPPFLAGS}"
+
+ for ac_func in krb5_get_error_message krb5_free_error_string krb5_free_error_message
+do :
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+ if test "x$ac_cv_func_krb5_get_error_message" == xyes; then
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_GET_ERROR_MESSAGE"
+ fi
+ if test "x$ac_cv_func_krb5_free_error_message" == xyes; then
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_MESSAGE"
+ fi
+ if test "x$ac_cv_func_krb5_free_error_string" == xyes; then
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_STRING"
+ fi
if test "$krb5threadsafe" != "no"; then
krb5threadsafe=
@@ -3921,14 +4050,17 @@
sm_func_safe=`echo "krb5_is_thread_safe" | sed 'y%./+-%__p_%'`
old_LIBS="$LIBS"
+old_CPPFLAGS="$CPPFLAGS"
smart_lib=
+smart_ldflags=
smart_lib_dir=
if test "x$smart_try_dir" != "x"; then
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_is_thread_safe in -lkrb5 in $try" >&5
$as_echo_n "checking for krb5_is_thread_safe in -lkrb5 in $try... " >&6; }
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lkrb5 $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_is_thread_safe();
@@ -3942,7 +4074,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
+ smart_lib="-lkrb5"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -3955,6 +4088,7 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" = "x"; then
@@ -4046,7 +4180,8 @@
for try in $smart_lib_dir /usr/local/lib /opt/lib; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for krb5_is_thread_safe in -lkrb5 in $try" >&5
$as_echo_n "checking for krb5_is_thread_safe in -lkrb5 in $try... " >&6; }
- LIBS="-L$try -lkrb5 $old_LIBS -Wl,-rpath,$try"
+ LIBS="-lkrb5 $old_LIBS"
+ CPPFLAGS="-L$try -Wl,-rpath,$try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
extern char krb5_is_thread_safe();
@@ -4060,7 +4195,8 @@
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- smart_lib="-L$try -lkrb5 -Wl,-rpath,$try"
+ smart_lib="-lkrb5"
+ smart_ldflags="-L$try -Wl,-rpath,$try"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
break
@@ -4073,12 +4209,13 @@
conftest$ac_exeext conftest.$ac_ext
done
LIBS="$old_LIBS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_lib" != "x"; then
eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
- LIBS="$smart_lib $old_LIBS"
- SMART_LIBS="$smart_lib $SMART_LIBS"
+ LIBS="$smart_ldflags $smart_lib $old_LIBS"
+ SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
fi
if test "x$ac_cv_lib_krb5_krb5_is_thread_safe" == xyes; then
@@ -4118,7 +4255,7 @@
ac_safe=`echo "com_err.h" | sed 'y%./+-%__pm%'`
-old_CFLAGS="$CFLAGS"
+old_CPPFLAGS="$CPPFLAGS"
smart_include=
smart_include_dir=
@@ -4126,7 +4263,7 @@
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for com_err.h in $try" >&5
$as_echo_n "checking for com_err.h in $try... " >&6; }
- CFLAGS="$old_CFLAGS -isystem $try"
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
@@ -4155,7 +4292,7 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
done
- CFLAGS="$old_CFLAGS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_include" = "x"; then
@@ -4221,7 +4358,7 @@
for try in $smart_include_dir /usr/local/include /opt/include; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for com_err.h in $try" >&5
$as_echo_n "checking for com_err.h in $try... " >&6; }
- CFLAGS="$old_CFLAGS -isystem $try"
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
@@ -4250,20 +4387,20 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
done
- CFLAGS="$old_CFLAGS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_include" != "x"; then
eval "ac_cv_header_$ac_safe=yes"
- CFLAGS="$old_CFLAGS $smart_include"
- SMART_CFLAGS="$SMART_CFLAGS $smart_include"
+ CPPFLAGS="$smart_include $old_CPPFLAGS"
+ SMART_CPPFLAGS="$smart_include $SMART_CPPFLAGS"
fi
if test "$ac_cv_header_com_err_h" != "yes"; then
ac_safe=`echo "et/com_err.h" | sed 'y%./+-%__pm%'`
-old_CFLAGS="$CFLAGS"
+old_CPPFLAGS="$CPPFLAGS"
smart_include=
smart_include_dir=
@@ -4271,7 +4408,7 @@
for try in $smart_try_dir; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for et/com_err.h in $try" >&5
$as_echo_n "checking for et/com_err.h in $try... " >&6; }
- CFLAGS="$old_CFLAGS -isystem $try"
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
@@ -4300,7 +4437,7 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
done
- CFLAGS="$old_CFLAGS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_include" = "x"; then
@@ -4366,7 +4503,7 @@
for try in $smart_include_dir /usr/local/include /opt/include; do
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for et/com_err.h in $try" >&5
$as_echo_n "checking for et/com_err.h in $try... " >&6; }
- CFLAGS="$old_CFLAGS -isystem $try"
+ CPPFLAGS="-isystem $try $old_CPPFLAGS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
@@ -4395,13 +4532,13 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
done
- CFLAGS="$old_CFLAGS"
+ CPPFLAGS="$old_CPPFLAGS"
fi
if test "x$smart_include" != "x"; then
eval "ac_cv_header_$ac_safe=yes"
- CFLAGS="$old_CFLAGS $smart_include"
- SMART_CFLAGS="$SMART_CFLAGS $smart_include"
+ CPPFLAGS="$smart_include $old_CPPFLAGS"
+ SMART_CPPFLAGS="$smart_include $SMART_CPPFLAGS"
fi
if test "$ac_cv_header_et_com_err_h" != "yes"; then
@@ -4431,8 +4568,8 @@
fi
fi
-mod_ldflags="${krb5mod_ldflags} ${krb5libcrypto} ${SMART_LIBS}"
-mod_cflags="${krb5mod_cflags} ${krb5threadsafe} ${SMART_CFLAGS}"
+mod_ldflags="$krb5mod_ldflags $krb5libcrypto $SMART_LIBS"
+mod_cflags="$krb5mod_cflags $krb5threadsafe $SMART_CPPFLAGS"
--- ./src/modules/rlm_krb5/configure.ac.orig 2014-01-13 20:13:56.000000000 -0500
+++ ./src/modules/rlm_krb5/configure.ac 2014-02-03 14:45:22.000000000 -0500
@@ -31,9 +31,9 @@
dnl #
if test "$krb5_config" != 'not-found'; then
AC_MSG_CHECKING([krb5-config CFLAGS])
- SMART_CFLAGS=$($krb5_config --cflags)
- SMART_CFLAGS=[$(echo "$SMART_CFLAGS" | sed 's/-I[ ]*/-isystem /g')]
- AC_MSG_RESULT(${SMART_CFLAGS})
+ SMART_CPPFLAGS=$($krb5_config --cflags)
+ SMART_CPPFLAGS=[$(echo "$SMART_CPPFLAGS" | sed 's/-I[ ]*/-isystem /g')]
+ AC_MSG_RESULT("$SMART_CPPFLAGS")
AC_MSG_CHECKING([krb5-config LDFLAGS])
SMART_LIBS=$($krb5_config --libs)
@@ -111,7 +111,21 @@
dnl # Need to ensure the test program(s) link against the right library
dnl #
LDFLAGS="${LDFLAGS} ${SMART_LIBS}"
- CFLAGS="${CFLAGS} ${SMART_CFLAGS}"
+ CFLAGS="${CFLAGS} ${SMART_CPPFLAGS}"
+
+ dnl #
+ dnl # Check how to free things returned by krb5_get_error_message
+ dnl #
+ AC_CHECK_FUNCS([krb5_get_error_message krb5_free_error_string krb5_free_error_message])
+ if test "x$ac_cv_func_krb5_get_error_message" == xyes; then
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_GET_ERROR_MESSAGE"
+ fi
+ if test "x$ac_cv_func_krb5_free_error_message" == xyes; then
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_MESSAGE"
+ fi
+ if test "x$ac_cv_func_krb5_free_error_string" == xyes; then
+ krb5mod_cflags="${krb5mod_cflags} -D HAVE_KRB5_FREE_ERROR_STRING"
+ fi
dnl #
dnl # Only check if version checks have not found kerberos to be thread unsafe
@@ -160,8 +174,8 @@
fi
fi
-mod_ldflags="${krb5mod_ldflags} ${krb5libcrypto} ${SMART_LIBS}"
-mod_cflags="${krb5mod_cflags} ${krb5threadsafe} ${SMART_CFLAGS}"
+mod_ldflags="$krb5mod_ldflags $krb5libcrypto $SMART_LIBS"
+mod_cflags="$krb5mod_cflags $krb5threadsafe $SMART_CPPFLAGS"
AC_SUBST(mod_ldflags)
AC_SUBST(mod_cflags)
--- ./src/modules/rlm_krb5/krb5.c.orig 2014-01-13 20:13:56.000000000 -0500
+++ ./src/modules/rlm_krb5/krb5.c 2014-02-03 14:47:32.000000000 -0500
@@ -15,19 +15,19 @@
*/
/**
- * $Id: 81ed1d4bd3c41b41042141caa8e862d51f1f75df $
+ * $Id: c830bff1cbb89a9e3faf56a3275b9ba00c5b57d0 $
* @file krb5.h
* @brief Context management functions for rlm_krb5
*
* @copyright 2013 The FreeRADIUS server project
* @copyright 2013 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
*/
-RCSID("$Id: 81ed1d4bd3c41b41042141caa8e862d51f1f75df $")
+RCSID("$Id: c830bff1cbb89a9e3faf56a3275b9ba00c5b57d0 $")
#include <freeradius-devel/radiusd.h>
#include "krb5.h"
-#ifdef HEIMDAL_KRB5
+#ifdef HAVE_KRB5_GET_ERROR_MESSAGE
# define KRB5_STRERROR_BUFSIZE (2048)
fr_thread_local_setup(char *, krb5_error_buffer) /* macro */
@@ -60,7 +60,7 @@
ret = fr_thread_local_set(krb5_error_buffer, buffer);
if (ret != 0) {
- ERROR("Failed setting up TLS for krb5 error buffer: %s", fr_syserror(ret));
+ ERROR("Failed setting up TLS for krb5 error buffer.");
free(buffer);
return NULL;
}
@@ -69,7 +69,13 @@
msg = krb5_get_error_message(context, code);
if (msg) {
strlcpy(buffer, msg, KRB5_STRERROR_BUFSIZE);
+#ifdef HAVE_KRB5_FREE_ERROR_MESSAGE
krb5_free_error_message(context, msg);
+#elif defined(HAVE_KRB5_FREE_ERROR_STRING)
+ krb5_free_error_string(context, msg);
+#else
+# error "No way to free error strings, missing krb5_free_error_message() and krb5_free_error_string()"
+#endif
} else {
strlcpy(buffer, "Unknown error", KRB5_STRERROR_BUFSIZE);
}
--- ./src/modules/rlm_krb5/krb5.h.orig 2014-01-13 20:13:56.000000000 -0500
+++ ./src/modules/rlm_krb5/krb5.h 2014-02-03 14:45:22.000000000 -0500
@@ -15,14 +15,14 @@
*/
/**
- * $Id: 37805a2a2d917fd3ecea904afa6b15958c235509 $
+ * $Id: 59b1f8526e121f9de1c88dcd9cba4386255b722a $
* @file krb5.h
* @brief types and function signatures for rlm_krb5.
*
* @copyright 2013 The FreeRADIUS server project
* @copyright 2013 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
*/
-RCSIDH(krb5_h, "$Id: 37805a2a2d917fd3ecea904afa6b15958c235509 $")
+RCSIDH(krb5_h, "$Id: 59b1f8526e121f9de1c88dcd9cba4386255b722a $")
#if defined(KRB5_IS_THREAD_SAFE) && !defined(HAVE_PTHREAD_H)
# undef KRB5_IS_THREAD_SAFE
@@ -79,7 +79,7 @@
* MIT Kerberos uses comm_err, so the macro just expands to a call
* to error_message.
*/
-#ifndef HEIMDAL_KRB5
+#ifndef HAVE_KRB5_GET_ERROR_MESSAGE
# ifdef ET_COMM_ERR
# include <et/com_err.h>
# else
--- ./src/modules/rlm_krb5/rlm_krb5.c.orig 2014-01-13 20:13:56.000000000 -0500
+++ ./src/modules/rlm_krb5/rlm_krb5.c 2014-02-03 14:45:22.000000000 -0500
@@ -15,7 +15,7 @@
*/
/**
- * $Id: 4c96eb58baaf37c8bc7701ba772c09752ee0505c $
+ * $Id: caf186e694151905d607447151fa65e429fb95e3 $
* @file rlm_krb5.c
* @brief Authenticate users, retrieving their TGT from a Kerberos V5 TDC.
*
@@ -24,7 +24,7 @@
* @copyright 2000 Nathan Neulinger <nneul@umr.edu>
* @copyright 2000 Alan DeKok <aland@ox.org>
*/
-RCSID("$Id: 4c96eb58baaf37c8bc7701ba772c09752ee0505c $")
+RCSID("$Id: caf186e694151905d607447151fa65e429fb95e3 $")
#include <freeradius-devel/radiusd.h>
#include <freeradius-devel/modules.h>
@@ -84,7 +84,7 @@
#ifndef KRB5_IS_THREAD_SAFE
if (!krb5_is_thread_safe()) {
- DEBUGI("libkrb5 is not threadsafe, recompile it, and the server with thread support enabled");
+ WDEBUG("libkrb5 is not threadsafe, recompile it, and the server with thread support enabled");
WDEBUG("rlm_krb5 will run in single threaded mode, performance may be degraded");
} else {
WDEBUG("Build time libkrb5 was not threadsafe, but run time library claims to be");
@@ -331,8 +331,9 @@
break;
case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN:
- RDEBUG("User not found: %s (%i)", ret, rlm_krb5_error(conn->context, ret));
+ RDEBUG("User not found (%i): %s", ret, rlm_krb5_error(conn->context, ret));
rcode = RLM_MODULE_NOTFOUND;
+ break;
default:
REDEBUG("Error verifying credentials (%i): %s", ret, rlm_krb5_error(conn->context, ret));

61
net/freeradius3/files/patch-udpfromtofix Normal file
View File

@ -0,0 +1,61 @@
From d51c75c1ce24dbbb1045b1e72a3c89729ca91016 Mon Sep 17 00:00:00 2001
From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Tue, 28 Jan 2014 14:25:19 +0000
Subject: [PATCH] Don't use IP_SENDSRCADDR (in sendfromto) if on FreeBSD and
the socket were using is bound to a specific IP
FreeBSD is extra pedantic about the use of IP_SENDSRCADDR, and sendmsg will fail with EINVAL if IP_SENDSRCADDR is used with a socket which is bound to something other than INADDR_ANY.
---
src/lib/udpfromto.c | 31 ++++++++++++++++++++++++++++++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/src/lib/udpfromto.c b/src/lib/udpfromto.c
index 680e354..b022136 100644
--- src/lib/udpfromto.c
+++ src/lib/udpfromto.c
@@ -292,12 +292,41 @@ int sendfromto(int s, void *buf, size_t len, int flags,
struct iovec iov;
char cbuf[256];
-#if !defined(IP_PKTINFO) && !defined(IP_SENDSRCADDR) && !defined(IPV6_PKTINFO)
+#ifdef __FreeBSD__
+ /*
+ * FreeBSD is extra pedantic about the use of IP_SENDSRCADDR,
+ * and sendmsg will fail with EINVAL if IP_SENDSRCADDR is used
+ * with a socket which is bound to something other than
+ * INADDR_ANY
+ */
+ struct sockaddr bound;
+ socklen_t bound_len = sizeof(bound);
+
+ if (getsockname(s, &bound, &bound_len) < 0) {
+ return -1;
+ }
+
+ switch (bound.sa_family) {
+ case AF_INET:
+ if (((struct sockaddr_in *) &bound)->sin_addr.s_addr != INADDR_ANY) {
+ from = NULL;
+ }
+ break;
+
+ case AF_INET6:
+ if (!IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *) &bound)->sin6_addr)) {
+ from = NULL;
+ }
+ break;
+ }
+#else
+# if !defined(IP_PKTINFO) && !defined(IP_SENDSRCADDR) && !defined(IPV6_PKTINFO)
/*
* If the sendmsg() flags aren't defined, fall back to
* using sendto().
*/
from = NULL;
+# endif
#endif
/*
--
1.8.5.1