Disable UDP pass of gssrpc tests on all platforms

The AUTH_GSSAPI flavor of rpc authentication uses IP address channel
bindings.  These are broken over UDP, because svcudp_recv() fails to
get the destination address of incoming packets (it tries to use the
recvmsg() msg_name field to get the destination IP address, which
instead gets the source address; see ticket #5540).

There is no simple or comprehensive way to fix this; using IP_PKTINFO
is a fair amount of code and only works on some platforms.  It's also
not very important--nobody should be using AUTH_GSSAPI except perhaps
for compatibility with really old kadmin, and kadmin only runs over
TCP.  Since the gssrpc tests are closely wedded to AUTH_GSSAPI, the
simplest fix is to only run the TCP pass.

diff --git a/src/configure.in b/src/configure.in
index b84a6e41ce293d910b0fdebc16ef161921432118..d713d8be050c4fb2aa874dc9d6672586bb6ac374 100644 (file)
--- a/src/configure.in
+++ b/src/configure.in
@@ -930,16 +930,7 @@ extern void endrpcent();],
 AC_MSG_RESULT($k5_cv_type_endrpcent)
 AC_DEFINE_UNQUOTED(ENDRPCENT_TYPE, $k5_cv_type_endrpcent, [Define as return type of endrpcent])
 K5_GEN_FILE(include/gssrpc/types.h:include/gssrpc/types.hin)
-changequote(<<, >>)
-case "$krb5_cv_host" in
-*-*-solaris2.[012345]*)
-       PASS=tcp
-       ;;
-*)
-       PASS="tcp udp"
-       ;;
-esac
-changequote([, ])
+PASS=tcp
 AC_SUBST(PASS)
 
 # for pkinit