Date: Tuesday, March 31, 2015 @ 21:09:15 Author: andyrtr Revision: 235310
upgpkg: gssproxy 0.4.1-1 upstream update 0.4.1 Modified: gssproxy/trunk/PKGBUILD Deleted: gssproxy/trunk/0001-Fix-error-in-compiling-without-SELinux.patch gssproxy/trunk/fix-build-with-automake1.15.patch gssproxy/trunk/gssproxy-0.3.1-deadlock_fix.patch gssproxy/trunk/gssproxy-0.3.1-flags_handling.patch gssproxy/trunk/gssproxy-0.3.1-gssi_inquire_context.patch gssproxy/trunk/gssproxy-0.3.1-nfsd_startup.patch ---------------------------------------------------+ 0001-Fix-error-in-compiling-without-SELinux.patch | 53 ---- PKGBUILD | 32 -- fix-build-with-automake1.15.patch | 47 --- gssproxy-0.3.1-deadlock_fix.patch | 37 --- gssproxy-0.3.1-flags_handling.patch | 32 -- gssproxy-0.3.1-gssi_inquire_context.patch | 40 --- gssproxy-0.3.1-nfsd_startup.patch | 241 -------------------- 7 files changed, 4 insertions(+), 478 deletions(-) Deleted: 0001-Fix-error-in-compiling-without-SELinux.patch =================================================================== --- 0001-Fix-error-in-compiling-without-SELinux.patch 2015-03-31 17:48:07 UTC (rev 235309) +++ 0001-Fix-error-in-compiling-without-SELinux.patch 2015-03-31 19:09:15 UTC (rev 235310) @@ -1,53 +0,0 @@ -From c30f02063e548c20d1021ec42cb958a7ef0c25af Mon Sep 17 00:00:00 2001 -From: Simo Sorce <[email protected]> -Date: Wed, 7 Jan 2015 15:59:53 -0500 -Subject: [PATCH] Fix error in compiling without SELinux - -Fixes: #131 - -Signed-off-by: Simo Sorce <[email protected]> ---- - proxy/src/gp_selinux.h | 19 +++++++++---------- - 1 file changed, 9 insertions(+), 10 deletions(-) - -diff --git a/proxy/src/gp_selinux.h b/proxy/src/gp_selinux.h -index 693a12421823e0e6808cf19b8835b68411c106c7..f53da5a7bc1c986278722c9da0a680cbec8b2ef4 100644 ---- a/src/gp_selinux.h -+++ b/src/gp_selinux.h -@@ -48,9 +48,9 @@ - #define SELINUX_CTX void * - #define SEC_CTX void * - --void *SELINUX_context_new(const char *str) { return NULL; } --#define SELINUX_context_free(x) (x) = NULL; --const char *SELINUX_context_dummy_get(void *) { return NULL; } -+#define SELINUX_context_new(x) NULL -+#define SELINUX_context_free(x) (x) = NULL -+#define SELINUX_context_dummy_get(x) "<SELinux not compiled in>" - #define SELINUX_context_str SELINUX_context_dummy_get - #define SELINUX_context_type_get SELINUX_context_dummy_get - #define SELINUX_context_user_get SELINUX_context_dummy_get -@@ -58,13 +58,12 @@ const char *SELINUX_context_dummy_get(void *) { return NULL; } - #define SELINUX_context_range_get SELINUX_context_dummy_get - - #include <errno.h> --int SELINUX_getpeercon(int fd, SEC_CTX *con) --{ -- *con = NULL; -- errno = ENOTSUP; -- return -1; --} --#define SELINUX_freecon(x) (x) = NULL; -+#define SELINUX_getpeercon(x, y) -1; do { \ -+ *(y) = NULL; \ -+ errno = ENOTSUP; \ -+} while(0) -+ -+#define SELINUX_freecon(x) (x) = NULL - - #endif /* done HAVE_SELINUX */ - --- -2.1.0 - - Modified: PKGBUILD =================================================================== --- PKGBUILD 2015-03-31 17:48:07 UTC (rev 235309) +++ PKGBUILD 2015-03-31 19:09:15 UTC (rev 235310) @@ -3,8 +3,8 @@ # Contributor: Mantas Mikulėnas <[email protected]> pkgname=gssproxy -pkgver=0.3.1 -pkgrel=3 +pkgver=0.4.1 +pkgrel=1 pkgdesc="GSSAPI Proxy" arch=(i686 x86_64) url="https://fedorahosted.org/gss-proxy/"; @@ -13,35 +13,11 @@ makedepends=('popt' 'libxslt' 'systemd' 'docbook-xsl' 'doxygen' ) options=('emptydirs') backup=('etc/gssproxy/gssproxy.conf' 'etc/gss/mech') -source=(https://fedorahosted.org/released/gss-proxy/$pkgname-$pkgver.tar.gz - 0001-Fix-error-in-compiling-without-SELinux.patch - gssproxy-0.3.1-deadlock_fix.patch - gssproxy-0.3.1-flags_handling.patch - gssproxy-0.3.1-gssi_inquire_context.patch - gssproxy-0.3.1-nfsd_startup.patch - fix-build-with-automake1.15.patch) -md5sums=('f455f4e483ecda8274d235942fa8e943' - '91cadad2cc7ae0d7c2353f2a1e6783d6' - '5f24413b213524feffb14d3710da9051' - '0e51c445f5fbadf94c914783267338e3' - '4462cbf85e39f50bbfef34cfb24fe061' - 'ee9a5f57b879f7b59e3b6aac7114369e' - 'a16f985cc74e67a4a97f97fafe157388') +source=(https://fedorahosted.org/released/gss-proxy/$pkgname-$pkgver.tar.gz) +sha512sums=('f536075601ec8936ca876d94c9212b8e80c7bd5ee3dff23d04ddcfb90b848a48022f226609d6cd3b6a92d6dbfcbd32b9dddcf45dc8380cb58e5d10e8ef1b7ec5') prepare() { cd "$srcdir/gssproxy-$pkgver" - # build broken without selinux https://fedorahosted.org/gss-proxy/ticket/131 - patch -Np1 -i $srcdir/0001-Fix-error-in-compiling-without-SELinux.patch - # patch from Fedora rpm - their maintainer is the upstream dev - patch -Np2 -i $srcdir/gssproxy-0.3.1-deadlock_fix.patch - patch -Np2 -i $srcdir/gssproxy-0.3.1-flags_handling.patch - patch -Np2 -i $srcdir/gssproxy-0.3.1-gssi_inquire_context.patch - patch -Np2 -i $srcdir/gssproxy-0.3.1-nfsd_startup.patch - # upstream patches - patch -Np2 -i $srcdir/fix-build-with-automake1.15.patch - - autoreconf -vfi - # delete unneeded service dependency sed -i "/# GSSPROXY will not be started until syslog is/d" systemd/gssproxy.service.in sed -i "/^After=syslog.target/d" systemd/gssproxy.service.in Deleted: fix-build-with-automake1.15.patch =================================================================== --- fix-build-with-automake1.15.patch 2015-03-31 17:48:07 UTC (rev 235309) +++ fix-build-with-automake1.15.patch 2015-03-31 19:09:15 UTC (rev 235310) @@ -1,47 +0,0 @@ -From 3349c5a75225649114173529de180bd6d46a9c6e Mon Sep 17 00:00:00 2001 -From: Lukas Slebodnik <[email protected]> -Date: Fri, 16 Jan 2015 16:45:21 +0100 -Subject: BUILD: Fix building with automake 1.15 - -The macro AC_BUILD_AUX_DIR was used too late. As a result of this automake 1.15 -generated configure script which ignored the directory build/ and was not able -to find missing files. - - configure: error: cannot find install-sh, install.sh, - or shtool in "." "./.." "./../..". - -After removing macro AC_BUILD_AUX_DIR, autoreconf will install auxiliary files -into $srcdir. - -Signed-off-by: Lukas Slebodnik <[email protected]> -Reviewed-by: Simo Sorce <[email protected]> - -diff --git a/proxy/Makefile.am b/proxy/Makefile.am -index b5ba2af..86b5933 100644 ---- a/proxy/Makefile.am -+++ b/proxy/Makefile.am -@@ -79,8 +79,6 @@ AM_CPPFLAGS = \ - -DSYSCONFDIR=\"$(sysconfdir)\" \ - -DLOCALEDIR=\"$(localedir)\" - --EXTRA_DIST = build/config.rpath -- - GSS_PROXY_LIBS = $(POPT_LIBS) $(KRB5_LIBS) $(VERTO_LIBS) $(INI_LIBS) $(GSSAPI_LIBS) $(GSSRPC_LIBS) - - if BUILD_SELINUX -diff --git a/proxy/configure.ac b/proxy/configure.ac -index a709d20..5e43c3b 100644 ---- a/proxy/configure.ac -+++ b/proxy/configure.ac -@@ -12,7 +12,6 @@ m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], - CFLAGS="$CFLAGS -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE" - - AC_CONFIG_SRCDIR([BUILD.txt]) --AC_CONFIG_AUX_DIR([build]) - - AM_INIT_AUTOMAKE([-Wall foreign subdir-objects tar-pax]) - AM_PROG_CC_C_O --- -cgit v0.10.2 - - Deleted: gssproxy-0.3.1-deadlock_fix.patch =================================================================== --- gssproxy-0.3.1-deadlock_fix.patch 2015-03-31 17:48:07 UTC (rev 235309) +++ gssproxy-0.3.1-deadlock_fix.patch 2015-03-31 19:09:15 UTC (rev 235310) @@ -1,37 +0,0 @@ -From f39b471f34b381784a1bd1906bf8335ac2c7ef5e Mon Sep 17 00:00:00 2001 -From: Simo Sorce <[email protected]> -Date: Tue, 11 Mar 2014 18:16:32 -0400 -Subject: [PATCH] Properly cleanup mutex on failure. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -If the call to create socket fails we leave a dangling lock and the client -enters into a deadlock on the next call. - -Fixes: https://fedorahosted.org/gss-proxy/ticket/121 - -Signed-off-by: Simo Sorce <[email protected]> -Reviewed-by: Günther Deschner <[email protected]> ---- - proxy/src/client/gpm_common.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/proxy/src/client/gpm_common.c b/proxy/src/client/gpm_common.c -index 74296da..4651194 100644 ---- a/proxy/src/client/gpm_common.c -+++ b/proxy/src/client/gpm_common.c -@@ -153,6 +153,9 @@ static int gpm_grab_sock(struct gpm_ctx *gpmctx) - ret = gpm_open_socket(gpmctx); - } - -+ if (ret) { -+ pthread_mutex_unlock(&gpmctx->lock); -+ } - return ret; - } - --- -1.8.5.3 - - Deleted: gssproxy-0.3.1-flags_handling.patch =================================================================== --- gssproxy-0.3.1-flags_handling.patch 2015-03-31 17:48:07 UTC (rev 235309) +++ gssproxy-0.3.1-flags_handling.patch 2015-03-31 19:09:15 UTC (rev 235310) @@ -1,32 +0,0 @@ -From 8b147c9196d9068d0fc5e5a8919b84e8cbb97ef4 Mon Sep 17 00:00:00 2001 -From: Simo Sorce <[email protected]> -Date: Fri, 6 Dec 2013 17:51:14 -0500 -Subject: [PATCH] Fix config token parsing. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Resolves: https://fedorahosted.org/gss-proxy/ticket/112 - -Signed-off-by: Simo Sorce <[email protected]> -Reviewed-by: Günther Deschner <[email protected]> ---- - proxy/src/gp_config.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c -index 2fc4a6f..ee96975 100644 ---- a/proxy/src/gp_config.c -+++ b/proxy/src/gp_config.c -@@ -153,7 +153,6 @@ static int parse_flags(const char *value, uint32_t *storage) - return ENOMEM; - } - -- token = strtok_r(str, ", ", &handle); - for (token = strtok_r(str, ", ", &handle); - token != NULL; - token = strtok_r(NULL, ", ", &handle)) { --- -1.8.3.1 - - Deleted: gssproxy-0.3.1-gssi_inquire_context.patch =================================================================== --- gssproxy-0.3.1-gssi_inquire_context.patch 2015-03-31 17:48:07 UTC (rev 235309) +++ gssproxy-0.3.1-gssi_inquire_context.patch 2015-03-31 19:09:15 UTC (rev 235310) @@ -1,40 +0,0 @@ -From c17f20b949d2e80e596ce21ecd944db80aaa80b1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <[email protected]> -Date: Wed, 29 Jan 2014 17:59:03 +0100 -Subject: [PATCH] Fix potential segfault in gssi_inquire_context(). -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Günther Deschner <[email protected]> -Reviewed-by: Simo Sorce <[email protected]> ---- - proxy/src/mechglue/gpp_context.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/proxy/src/mechglue/gpp_context.c b/proxy/src/mechglue/gpp_context.c -index 6010724..bb16a93 100644 ---- a/proxy/src/mechglue/gpp_context.c -+++ b/proxy/src/mechglue/gpp_context.c -@@ -223,7 +223,7 @@ OM_uint32 gssi_inquire_context(OM_uint32 *minor_status, - maj = gss_inquire_context(&min, - ctx_handle->local, - s_name ? &s_name->local : NULL, -- s_name ? &t_name->local : NULL, -+ t_name ? &t_name->local : NULL, - lifetime_rec, - &mech_oid, - ctx_flags, -@@ -233,7 +233,7 @@ OM_uint32 gssi_inquire_context(OM_uint32 *minor_status, - maj = gpm_inquire_context(&min, - ctx_handle->remote, - s_name ? &s_name->remote : NULL, -- s_name ? &t_name->remote : NULL, -+ t_name ? &t_name->remote : NULL, - lifetime_rec, - &mech_oid, - ctx_flags, --- -1.8.5.3 - - Deleted: gssproxy-0.3.1-nfsd_startup.patch =================================================================== --- gssproxy-0.3.1-nfsd_startup.patch 2015-03-31 17:48:07 UTC (rev 235309) +++ gssproxy-0.3.1-nfsd_startup.patch 2015-03-31 19:09:15 UTC (rev 235310) @@ -1,241 +0,0 @@ -From 58a39677c961c72b052eae0b9d94b992254d6e10 Mon Sep 17 00:00:00 2001 -From: Simo Sorce <[email protected]> -Date: Fri, 3 Jan 2014 16:45:35 -0500 -Subject: [PATCH 1/2] Add utility functions to read()/write() safely -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Automatically handle short reads due to singals interrupting the process. - -Signed-off-by: Simo Sorce <[email protected]> -Reviewed-by: Günther Deschner <[email protected]> ---- - proxy/src/gp_common.h | 2 ++ - proxy/src/gp_util.c | 39 +++++++++++++++++++++++++++++++++++++++ - 2 files changed, 41 insertions(+) - -diff --git a/proxy/src/gp_common.h b/proxy/src/gp_common.h -index f2b8c3e..3a1b7be 100644 ---- a/proxy/src/gp_common.h -+++ b/proxy/src/gp_common.h -@@ -69,6 +69,8 @@ bool gp_same(const char *a, const char *b); - bool gp_boolean_is_true(const char *s); - char *gp_getenv(const char *name); - -+ssize_t gp_safe_read(int fd, void *buf, size_t count); -+ssize_t gp_safe_write(int fd, const void *buf, size_t count); - /* NOTE: read the note in gp_util.c before using gp_strerror() */ - char *gp_strerror(int errnum); - -diff --git a/proxy/src/gp_util.c b/proxy/src/gp_util.c -index 4fbac4e..34f3024 100644 ---- a/proxy/src/gp_util.c -+++ b/proxy/src/gp_util.c -@@ -29,6 +29,7 @@ - #include <stdlib.h> - #include <stdio.h> - #include <errno.h> -+#include <unistd.h> - - bool gp_same(const char *a, const char *b) - { -@@ -125,3 +126,41 @@ char *gp_strerror(int errnum) - errno = saved_errno; - return buf; - } -+ -+ssize_t gp_safe_read(int fd, void *buf, size_t count) -+{ -+ char *b = (char *)buf; -+ ssize_t len = 0; -+ ssize_t ret; -+ -+ do { -+ ret = read(fd, &b[len], count - len); -+ if (ret == -1) { -+ if (errno == EINTR) continue; -+ return ret; -+ } -+ if (ret == 0) break; /* EOF */ -+ len += ret; -+ } while (count > len); -+ -+ return len; -+} -+ -+ssize_t gp_safe_write(int fd, const void *buf, size_t count) -+{ -+ const char *b = (const char *)buf; -+ ssize_t len = 0; -+ ssize_t ret; -+ -+ do { -+ ret = write(fd, &b[len], count - len); -+ if (ret == -1) { -+ if (errno == EINTR) continue; -+ return ret; -+ } -+ if (ret == 0) break; /* EOF */ -+ len += ret; -+ } while (count > len); -+ -+ return len; -+} --- -1.8.4.2 - - -From bd8ffcf67be8fdbe14bc49a65a8eafe904119d88 Mon Sep 17 00:00:00 2001 -From: Simo Sorce <[email protected]> -Date: Fri, 3 Jan 2014 12:10:36 -0500 -Subject: [PATCH 2/2] Block parent process until child is initialized. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This way the init system will not proceed starting dependencies until gssproxy -is actually ready to serve requests. -In particular this is used to make sure the nfsd proc file has been touched -before the nfsd server is started. - -Resolves: https://fedorahosted.org/gss-proxy/ticket/114 - -Signed-off-by: Simo Sorce <[email protected]> -Reviewed-by: Günther Deschner <[email protected]> ---- - proxy/src/gp_init.c | 42 +++++++++++++++++++++++++++++++++++++++--- - proxy/src/gp_proxy.h | 3 ++- - proxy/src/gssproxy.c | 11 +++++++++-- - 3 files changed, 50 insertions(+), 6 deletions(-) - -diff --git a/proxy/src/gp_init.c b/proxy/src/gp_init.c -index 830ae16..6207a78 100644 ---- a/proxy/src/gp_init.c -+++ b/proxy/src/gp_init.c -@@ -37,12 +37,22 @@ - #include <stdio.h> - #include "gp_proxy.h" - --void init_server(bool daemonize) -+void init_server(bool daemonize, int *wait_fd) - { - pid_t pid, sid; - int ret; - -+ *wait_fd = -1; -+ - if (daemonize) { -+ int pipefd[2]; -+ char buf[1]; -+ -+ /* create parent-child pipe */ -+ ret = pipe(pipefd); -+ if (ret == -1) { -+ exit(EXIT_FAILURE); -+ } - - pid = fork(); - if (pid == -1) { -@@ -50,10 +60,22 @@ void init_server(bool daemonize) - exit(EXIT_FAILURE); - } - if (pid != 0) { -- /* ok kill the parent */ -- exit(EXIT_SUCCESS); -+ /* wait for child to signal it is ready */ -+ close(pipefd[1]); -+ ret = gp_safe_read(pipefd[0], buf, 1); -+ if (ret == 1) { -+ /* child signaled all ok */ -+ exit(EXIT_SUCCESS); -+ } else { -+ /* lost child, something went wrong */ -+ exit(EXIT_FAILURE); -+ } - } - -+ /* child */ -+ close(pipefd[0]); -+ *wait_fd = pipefd[1]; -+ - sid = setsid(); - if (sid == -1) { - /* setsid error ? abort */ -@@ -78,6 +100,20 @@ void init_server(bool daemonize) - gp_logging_init(); - } - -+void init_done(int wait_fd) -+{ -+ char buf = 0; -+ int ret; -+ -+ if (wait_fd != -1) { -+ ret = gp_safe_write(wait_fd, &buf, 1); -+ if (ret != 1) { -+ exit(EXIT_FAILURE); -+ } -+ close(wait_fd); -+ } -+} -+ - void fini_server(void) - { - closelog(); -diff --git a/proxy/src/gp_proxy.h b/proxy/src/gp_proxy.h -index 733fec5..79bebb8 100644 ---- a/proxy/src/gp_proxy.h -+++ b/proxy/src/gp_proxy.h -@@ -106,7 +106,8 @@ struct gp_creds_handle *gp_service_get_creds_handle(struct gp_service *svc); - void free_config(struct gp_config **config); - - /* from gp_init.c */ --void init_server(bool daemonize); -+void init_server(bool daemonize, int *wait_fd); -+void init_done(int wait_fd); - void fini_server(void); - verto_ctx *init_event_loop(void); - void init_proc_nfsd(struct gp_config *cfg); -diff --git a/proxy/src/gssproxy.c b/proxy/src/gssproxy.c -index 1bf0a0b..80430d6 100644 ---- a/proxy/src/gssproxy.c -+++ b/proxy/src/gssproxy.c -@@ -42,6 +42,7 @@ int main(int argc, const char *argv[]) - int vflags; - struct gssproxy_ctx *gpctx; - struct gp_sock_ctx *sock_ctx; -+ int wait_fd; - int ret; - int i; - -@@ -97,7 +98,7 @@ int main(int argc, const char *argv[]) - exit(EXIT_FAILURE); - } - -- init_server(gpctx->config->daemonize); -+ init_server(gpctx->config->daemonize, &wait_fd); - - write_pid(); - -@@ -139,9 +140,15 @@ int main(int argc, const char *argv[]) - } - } - -- /* special call to tell the Linux kernel gss-proxy is available */ -+ /* We need to tell nfsd that GSS-Proxy is available before it starts, -+ * as nfsd needs to know GSS-Proxy is in use before the first time it -+ * needs to call accept_sec_context. */ - init_proc_nfsd(gpctx->config); - -+ /* Now it is safe to tell the init system that we're done starting up, -+ * so it can continue with dependencies and start nfsd */ -+ init_done(wait_fd); -+ - ret = gp_workers_init(gpctx); - if (ret) { - exit(EXIT_FAILURE); --- -1.8.4.2 - -
