Disable UDP pass of gssrpc tests on all platforms

The AUTH_GSSAPI flavor of rpc authentication uses IP address channel
bindings.  These are broken over UDP, because svcudp_recv() fails to
get the destination address of incoming packets (it tries to use the
recvmsg() msg_name field to get the destination IP address, which
instead gets the source address; see ticket #5540).

There is no simple or comprehensive way to fix this; using IP_PKTINFO
is a fair amount of code and only works on some platforms.  It's also
not very important--nobody should be using AUTH_GSSAPI except perhaps
for compatibility with really old kadmin, and kadmin only runs over
TCP.  Since the gssrpc tests are closely wedded to AUTH_GSSAPI, the
simplest fix is to only run the TCP pass.

diff --git a/src/configure.in b/src/configure.in
index 0c8111b5a1c544673e88f02978c6c36c54e68f7a..42a5fd57145e0c094ccfa155f7e7f44dabbc0837 100644 (file)
--- a/src/configure.in
+++ b/src/configure.in
@@ -984,16 +984,7 @@ extern void endrpcent();],
 AC_MSG_RESULT($k5_cv_type_endrpcent)
 AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent])
 K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin)
-changequote(<<, >>)
-case "$krb5_cv_host" in
-*-*-solaris2.[012345]*)
-       PASS=tcp
-       ;;
-*)
-       PASS="tcp udp"
-       ;;
-esac
-changequote([, ])
+PASS=tcp
 AC_SUBST(PASS)
 
 # for pkinit