From cfba7c56dbaca141353f3aa9be6062d8d4a85c48 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sun, 23 Mar 2014 21:22:34 +0100 Subject: [PATCH] krb5: New package. --- config/rootfiles/packages/krb5 | 165 ++++++++++++++++++++ lfs/krb5 | 105 +++++++++++++ make.sh | 1 + src/patches/mitkrb-1.12.1-db2_fix-1.patch | 175 ++++++++++++++++++++++ 4 files changed, 446 insertions(+) create mode 100644 config/rootfiles/packages/krb5 create mode 100644 lfs/krb5 create mode 100644 src/patches/mitkrb-1.12.1-db2_fix-1.patch diff --git a/config/rootfiles/packages/krb5 b/config/rootfiles/packages/krb5 new file mode 100644 index 0000000000..e1e7d64f16 --- /dev/null +++ b/config/rootfiles/packages/krb5 @@ -0,0 +1,165 @@ +#usr/bin/gss-client +#usr/bin/k5srvutil +usr/bin/kadmin +usr/bin/kdestroy +usr/bin/kinit +usr/bin/klist +usr/bin/kpasswd +#usr/bin/krb5-config +#usr/bin/ksu +#usr/bin/kswitch +#usr/bin/ktutil +#usr/bin/kvno +#usr/bin/sclient +#usr/bin/sim_client +#usr/bin/uuclient +#usr/include/gssapi +#usr/include/gssapi.h +#usr/include/gssapi/gssapi.h +#usr/include/gssapi/gssapi_ext.h +#usr/include/gssapi/gssapi_generic.h +#usr/include/gssapi/gssapi_krb5.h +#usr/include/gssapi/mechglue.h +#usr/include/gssrpc +#usr/include/gssrpc/auth.h +#usr/include/gssrpc/auth_gss.h +#usr/include/gssrpc/auth_gssapi.h +#usr/include/gssrpc/auth_unix.h +#usr/include/gssrpc/clnt.h +#usr/include/gssrpc/netdb.h +#usr/include/gssrpc/pmap_clnt.h +#usr/include/gssrpc/pmap_prot.h +#usr/include/gssrpc/pmap_rmt.h +#usr/include/gssrpc/rename.h +#usr/include/gssrpc/rpc.h +#usr/include/gssrpc/rpc_msg.h +#usr/include/gssrpc/svc.h +#usr/include/gssrpc/svc_auth.h +#usr/include/gssrpc/types.h +#usr/include/gssrpc/xdr.h +#usr/include/kadm5 +#usr/include/kadm5/admin.h +#usr/include/kadm5/chpass_util_strings.h +#usr/include/kadm5/kadm_err.h +#usr/include/kdb.h +#usr/include/krad.h +#usr/include/krb5 +#usr/include/krb5.h +#usr/include/krb5/ccselect_plugin.h +#usr/include/krb5/clpreauth_plugin.h +#usr/include/krb5/hostrealm_plugin.h +#usr/include/krb5/kadm5_hook_plugin.h +#usr/include/krb5/kdcpreauth_plugin.h +#usr/include/krb5/krb5.h +#usr/include/krb5/localauth_plugin.h +#usr/include/krb5/locate_plugin.h +#usr/include/krb5/plugin.h +#usr/include/krb5/preauth_plugin.h +#usr/include/krb5/pwqual_plugin.h +#usr/include/profile.h +#usr/include/verto-module.h +#usr/include/verto.h +usr/lib/krb5 +usr/lib/krb5/plugins +usr/lib/krb5/plugins/authdata +usr/lib/krb5/plugins/kdb +usr/lib/krb5/plugins/kdb/db2.so +usr/lib/krb5/plugins/libkrb5 +usr/lib/krb5/plugins/preauth +usr/lib/krb5/plugins/preauth/otp.so +usr/lib/krb5/plugins/preauth/pkinit.so +#usr/lib/libgssapi_krb5.so +usr/lib/libgssapi_krb5.so.2 +usr/lib/libgssapi_krb5.so.2.2 +#usr/lib/libgssrpc.so +usr/lib/libgssrpc.so.4 +usr/lib/libgssrpc.so.4.2 +#usr/lib/libk5crypto.so +usr/lib/libk5crypto.so.3 +usr/lib/libk5crypto.so.3.1 +#usr/lib/libkadm5clnt.so +#usr/lib/libkadm5clnt_mit.so +usr/lib/libkadm5clnt_mit.so.9 +usr/lib/libkadm5clnt_mit.so.9.0 +#usr/lib/libkadm5srv.so +#usr/lib/libkadm5srv_mit.so +usr/lib/libkadm5srv_mit.so.9 +usr/lib/libkadm5srv_mit.so.9.0 +#usr/lib/libkdb5.so +usr/lib/libkdb5.so.7 +usr/lib/libkdb5.so.7.0 +#usr/lib/libkrad.so +usr/lib/libkrad.so.0 +usr/lib/libkrad.so.0.0 +#usr/lib/libkrb5.so +usr/lib/libkrb5.so.3 +usr/lib/libkrb5.so.3.3 +#usr/lib/libkrb5support.so +usr/lib/libkrb5support.so.0 +usr/lib/libkrb5support.so.0.1 +#usr/lib/libverto.so +usr/lib/libverto.so.0 +usr/lib/libverto.so.0.0 +#usr/lib/pkgconfig/gssrpc.pc +#usr/lib/pkgconfig/kadm-client.pc +#usr/lib/pkgconfig/kadm-server.pc +#usr/lib/pkgconfig/kdb.pc +#usr/lib/pkgconfig/krb5-gssapi.pc +#usr/lib/pkgconfig/krb5.pc +#usr/lib/pkgconfig/mit-krb5-gssapi.pc +#usr/lib/pkgconfig/mit-krb5.pc +#usr/sbin/gss-server +#usr/sbin/kadmin.local +#usr/sbin/kadmind +#usr/sbin/kdb5_util +#usr/sbin/kprop +#usr/sbin/kpropd +#usr/sbin/kproplog +#usr/sbin/krb5-send-pr +#usr/sbin/krb5kdc +#usr/sbin/sim_server +#usr/sbin/sserver +#usr/sbin/uuserver +#usr/share/examples +#usr/share/examples/krb5 +#usr/share/examples/krb5/kdc.conf +#usr/share/examples/krb5/krb5.conf +#usr/share/examples/krb5/services.append +#usr/share/gnats +#usr/share/gnats/mit +#usr/share/locale/en_US +#usr/share/locale/en_US/LC_MESSAGES +#usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo +#usr/share/man/cat1 +#usr/share/man/cat5 +#usr/share/man/cat8 +#usr/share/man/man1/k5srvutil.1 +#usr/share/man/man1/kadmin.1 +#usr/share/man/man1/kdestroy.1 +#usr/share/man/man1/kinit.1 +#usr/share/man/man1/klist.1 +#usr/share/man/man1/kpasswd.1 +#usr/share/man/man1/krb5-config.1 +#usr/share/man/man1/krb5-send-pr.1 +#usr/share/man/man1/ksu.1 +#usr/share/man/man1/kswitch.1 +#usr/share/man/man1/ktutil.1 +#usr/share/man/man1/kvno.1 +#usr/share/man/man1/sclient.1 +#usr/share/man/man5/.k5identity.5 +#usr/share/man/man5/.k5login.5 +#usr/share/man/man5/k5identity.5 +#usr/share/man/man5/k5login.5 +#usr/share/man/man5/kadm5.acl.5 +#usr/share/man/man5/kdc.conf.5 +#usr/share/man/man5/krb5.conf.5 +#usr/share/man/man8/kadmin.local.8 +#usr/share/man/man8/kadmind.8 +#usr/share/man/man8/kdb5_ldap_util.8 +#usr/share/man/man8/kdb5_util.8 +#usr/share/man/man8/kprop.8 +#usr/share/man/man8/kpropd.8 +#usr/share/man/man8/kproplog.8 +#usr/share/man/man8/krb5kdc.8 +#usr/share/man/man8/sserver.8 +var/lib/krb5kdc diff --git a/lfs/krb5 b/lfs/krb5 new file mode 100644 index 0000000000..64eb670bda --- /dev/null +++ b/lfs/krb5 @@ -0,0 +1,105 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.12.1 + +THISAPP = krb5-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP)/src +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = krb5 +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 4a631b3474d3e44773f1ecda96f04400 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/mitkrb-1.12.1-db2_fix-1.patch + + cd $(DIR_APP) && sed -e "s@python2.5/Python.h@& python2.7/Python.h@g" \ + -e "s@-lpython2.5]@&,\n AC_CHECK_LIB(python2.7,main,[PYTHON_LIB=-lpython2.7])@g" \ + -i configure.in + cd $(DIR_APP) && autoconf + + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var/lib \ + --with-system-et \ + --with-system-ss \ + --enable-dns-for-realm \ + CPPFLAGS="-I/usr/include/et" + + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make $(EXTRA_INSTALL) install + + for LIB in gssapi_krb5 gssrpc k5crypto kadm5clnt kadm5srv \ + kdb5 kdb_ldap krad krb5 krb5support verto; do \ + chmod -f -v 755 "/usr/lib/lib$$LIB.so"; \ + done + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index 1c10f32348..8bbadb7e34 100755 --- a/make.sh +++ b/make.sh @@ -611,6 +611,7 @@ buildipfire() { ipfiremake foomatic ipfiremake hplip ipfiremake cifs-utils + ipfiremake krb5 ipfiremake samba ipfiremake sudo ipfiremake mc diff --git a/src/patches/mitkrb-1.12.1-db2_fix-1.patch b/src/patches/mitkrb-1.12.1-db2_fix-1.patch new file mode 100644 index 0000000000..f27304c385 --- /dev/null +++ b/src/patches/mitkrb-1.12.1-db2_fix-1.patch @@ -0,0 +1,175 @@ +Submitted By: Pierre Labastie +Date: 2014-03-04 +Initial Package Version: 1.12.1 +Upstream Status: In upstream GIT +Origin: Upstream +Description: Fixes http://krbdev.mit.edu/rt/Ticket/Display.html?id=7860 + +--- a/src/plugins/kdb/db2/libdb2/mpool/mpool.c ++++ b/src/plugins/kdb/db2/libdb2/mpool/mpool.c +@@ -81,9 +81,9 @@ mpool_open(key, fd, pagesize, maxcache) + /* Allocate and initialize the MPOOL cookie. */ + if ((mp = (MPOOL *)calloc(1, sizeof(MPOOL))) == NULL) + return (NULL); +- CIRCLEQ_INIT(&mp->lqh); ++ TAILQ_INIT(&mp->lqh); + for (entry = 0; entry < HASHSIZE; ++entry) +- CIRCLEQ_INIT(&mp->hqh[entry]); ++ TAILQ_INIT(&mp->hqh[entry]); + mp->maxcache = maxcache; + mp->npages = sb.st_size / pagesize; + mp->pagesize = pagesize; +@@ -143,8 +143,8 @@ mpool_new(mp, pgnoaddr, flags) + bp->flags = MPOOL_PINNED | MPOOL_INUSE; + + head = &mp->hqh[HASHKEY(bp->pgno)]; +- CIRCLEQ_INSERT_HEAD(head, bp, hq); +- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q); ++ TAILQ_INSERT_HEAD(head, bp, hq); ++ TAILQ_INSERT_TAIL(&mp->lqh, bp, q); + return (bp->page); + } + +@@ -168,8 +168,8 @@ mpool_delete(mp, page) + + /* Remove from the hash and lru queues. */ + head = &mp->hqh[HASHKEY(bp->pgno)]; +- CIRCLEQ_REMOVE(head, bp, hq); +- CIRCLEQ_REMOVE(&mp->lqh, bp, q); ++ TAILQ_REMOVE(head, bp, hq); ++ TAILQ_REMOVE(&mp->lqh, bp, q); + + free(bp); + return (RET_SUCCESS); +@@ -208,10 +208,10 @@ mpool_get(mp, pgno, flags) + * of the lru chain. + */ + head = &mp->hqh[HASHKEY(bp->pgno)]; +- CIRCLEQ_REMOVE(head, bp, hq); +- CIRCLEQ_INSERT_HEAD(head, bp, hq); +- CIRCLEQ_REMOVE(&mp->lqh, bp, q); +- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q); ++ TAILQ_REMOVE(head, bp, hq); ++ TAILQ_INSERT_HEAD(head, bp, hq); ++ TAILQ_REMOVE(&mp->lqh, bp, q); ++ TAILQ_INSERT_TAIL(&mp->lqh, bp, q); + + /* Return a pinned page. */ + bp->flags |= MPOOL_PINNED; +@@ -261,8 +261,8 @@ mpool_get(mp, pgno, flags) + * of the lru chain. + */ + head = &mp->hqh[HASHKEY(bp->pgno)]; +- CIRCLEQ_INSERT_HEAD(head, bp, hq); +- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q); ++ TAILQ_INSERT_HEAD(head, bp, hq); ++ TAILQ_INSERT_TAIL(&mp->lqh, bp, q); + + /* Run through the user's filter. */ + if (mp->pgin != NULL) +@@ -311,8 +311,8 @@ mpool_close(mp) + BKT *bp; + + /* Free up any space allocated to the lru pages. */ +- while ((bp = mp->lqh.cqh_first) != (void *)&mp->lqh) { +- CIRCLEQ_REMOVE(&mp->lqh, mp->lqh.cqh_first, q); ++ while ((bp = mp->lqh.tqh_first) != NULL) { ++ TAILQ_REMOVE(&mp->lqh, mp->lqh.tqh_first, q); + free(bp); + } + +@@ -332,8 +332,7 @@ mpool_sync(mp) + BKT *bp; + + /* Walk the lru chain, flushing any dirty pages to disk. */ +- for (bp = mp->lqh.cqh_first; +- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) ++ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) + if (bp->flags & MPOOL_DIRTY && + mpool_write(mp, bp) == RET_ERROR) + return (RET_ERROR); +@@ -363,8 +362,7 @@ mpool_bkt(mp) + * off any lists. If we don't find anything we grow the cache anyway. + * The cache never shrinks. + */ +- for (bp = mp->lqh.cqh_first; +- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) ++ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) + if (!(bp->flags & MPOOL_PINNED)) { + /* Flush if dirty. */ + if (bp->flags & MPOOL_DIRTY && +@@ -375,8 +373,8 @@ mpool_bkt(mp) + #endif + /* Remove from the hash and lru queues. */ + head = &mp->hqh[HASHKEY(bp->pgno)]; +- CIRCLEQ_REMOVE(head, bp, hq); +- CIRCLEQ_REMOVE(&mp->lqh, bp, q); ++ TAILQ_REMOVE(head, bp, hq); ++ TAILQ_REMOVE(&mp->lqh, bp, q); + #if defined(DEBUG) && !defined(DEBUG_IDX0SPLIT) + { void *spage; + spage = bp->page; +@@ -450,7 +448,7 @@ mpool_look(mp, pgno) + BKT *bp; + + head = &mp->hqh[HASHKEY(pgno)]; +- for (bp = head->cqh_first; bp != (void *)head; bp = bp->hq.cqe_next) ++ for (bp = head->tqh_first; bp != NULL; bp = bp->hq.tqe_next) + if ((bp->pgno == pgno) && (bp->flags & MPOOL_INUSE)) { + #ifdef STATISTICS + ++mp->cachehit; +@@ -494,8 +492,7 @@ mpool_stat(mp) + + sep = ""; + cnt = 0; +- for (bp = mp->lqh.cqh_first; +- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) { ++ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) { + (void)fprintf(stderr, "%s%d", sep, bp->pgno); + if (bp->flags & MPOOL_DIRTY) + (void)fprintf(stderr, "d"); + +--- a/src/plugins/kdb/db2/libdb2/mpool/mpool.h ++++ b/src/plugins/kdb/db2/libdb2/mpool/mpool.h +@@ -47,8 +47,8 @@ + + /* The BKT structures are the elements of the queues. */ + typedef struct _bkt { +- CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */ +- CIRCLEQ_ENTRY(_bkt) q; /* lru queue */ ++ TAILQ_ENTRY(_bkt) hq; /* hash queue */ ++ TAILQ_ENTRY(_bkt) q; /* lru queue */ + void *page; /* page */ + db_pgno_t pgno; /* page number */ + +@@ -59,9 +59,9 @@ typedef struct _bkt { + } BKT; + + typedef struct MPOOL { +- CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */ ++ TAILQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */ + /* hash queue array */ +- CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE]; ++ TAILQ_HEAD(_hqh, _bkt) hqh[HASHSIZE]; + db_pgno_t curcache; /* current number of cached pages */ + db_pgno_t maxcache; /* max number of cached pages */ + db_pgno_t npages; /* number of pages in the file */ + +--- a/src/plugins/kdb/db2/libdb2/test/run.test ++++ b/src/plugins/kdb/db2/libdb2/test/run.test +@@ -71,10 +71,11 @@ main() + } + + getnwords() { +- # Delete blank lines because the db code appears not to +- # like empty keys. On Debian Linux, $DICT appears to contain +- # some non-ASCII characters, and "rev" chokes on them. +- sed -e '/^$/d' < $DICT | cat -v | sed -e ${1}q ++ # Delete blank lines because the db code appears not to like ++ # empty keys. Omit lines with non-alphanumeric characters to ++ # avoid shell metacharacters and non-ASCII characters which ++ # could cause 'rev' to choke. ++ LC_ALL=C sed -e '/^$/d' -e '/[^A-Za-z]/d' < $DICT | sed -e ${1}q + } + + # Take the first hundred entries in the dictionary, and make them -- 2.39.2