summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.de>2013-02-13 15:11:05 -0500
committerSteve Dickson <steved@redhat.com>2013-02-13 15:11:47 -0500
commit95894ff4467995659c4ce5e2523f3c8058d9c676 (patch)
tree3261eaeb9e440c3fea9b73460031c805ac211a19
parenteb8229338f060f3974fd5557c8bc86fdb9005a81 (diff)
downloadnfs-utils-95894ff4467995659c4ce5e2523f3c8058d9c676.zip
nfs-utils-95894ff4467995659c4ce5e2523f3c8058d9c676.tar.gz
nfs-utils-95894ff4467995659c4ce5e2523f3c8058d9c676.tar.xz
gssd: Call authgss_free_private_data() if library provides it.
librpcsecgss provides authgss_free_private_data() as a pair to authgss_get_private_data(). libtirpc does not - until recently. This ommision results in authgss_destroy_context() sending an incorrect RPCSEC_GSS_DESTROY request when gssd calls AUTH_DESTROY(). The call has been added to libtirpc, so this patch updates nfs-utils to check for the presense of the function in libtirpc and to set HAVE_AUTHGSS_FREE_PRIVATE_DATA if it is present. This is also set unconditionally if librpcsecgss is used. gssd is changed to test this value rather than HAVE_LIBTIRPC when chosing whether to call authgss_free_private_data(). Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Steve Dickson <steved@redhat.com>
-rw-r--r--aclocal/librpcsecgss.m42
-rw-r--r--aclocal/libtirpc.m411
-rw-r--r--utils/gssd/gssd_proc.c2
3 files changed, 14 insertions, 1 deletions
diff --git a/aclocal/librpcsecgss.m4 b/aclocal/librpcsecgss.m4
index d1dd25e..e833141 100644
--- a/aclocal/librpcsecgss.m4
+++ b/aclocal/librpcsecgss.m4
@@ -14,6 +14,8 @@ AC_DEFUN([AC_LIBRPCSECGSS], [
[AC_DEFINE([HAVE_AUTHGSS_SET_DEBUG_LEVEL], 1,
[Define to 1 if you have the `authgss_set_debug_level' function.])])
+ AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+ [Define to 1 if your rpcsec library provides authgss_free_private_data,])
fi
])dnl
diff --git a/aclocal/libtirpc.m4 b/aclocal/libtirpc.m4
index 19b8361..b823364 100644
--- a/aclocal/libtirpc.m4
+++ b/aclocal/libtirpc.m4
@@ -24,6 +24,13 @@ AC_DEFUN([AC_LIBTIRPC], [
fi
if test "$enable_tirpc" != "no"; then
+
+ dnl Check if library contains authgss_free_private_data
+ AC_CHECK_LIB([tirpc], [authgss_free_private_data], [have_free_private_data=yes],
+ [have_free_private_data=no])
+ fi
+
+ if test "$enable_tirpc" != "no"; then
dnl also must have the headers installed where we expect
dnl look for headers; add -I compiler option if found
AC_CHECK_HEADERS([${tirpc_header_dir}/netconfig.h],
@@ -42,6 +49,10 @@ AC_DEFUN([AC_LIBTIRPC], [
AC_DEFINE([HAVE_LIBTIRPC], 1,
[Define to 1 if you have and wish to use libtirpc.])
LIBTIRPC="-ltirpc"
+ if test "$have_free_private_data" = "yes"; then
+ AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+ [Define to 1 if your rpcsec library provides authgss_free_private_data,])
+ fi
else
LIBTIRPC=""
fi
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index d01ba2f..c17ab3b 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -1078,7 +1078,7 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
out:
if (token.value)
free(token.value);
-#ifndef HAVE_LIBTIRPC
+#ifdef HAVE_AUTHGSS_FREE_PRIVATE_DATA
if (pd.pd_ctx_hndl.length != 0)
authgss_free_private_data(&pd);
#endif