On Tue, Jun 07, 2011 at 12:55:02PM -0400, Sam Hartman wrote:
>
>package: libgssglue-dev
>severity: serious
>justification: package breaks nfs-utils build
>version: 0.2-2
>
>Hi, Kevin and Debian maintainers:
>
>In an upcoming release, MIT has started adopting the new GSS-API type
>names at the top of page 12 of RFC 5587.
>
>
>For a variety of reasons, I pulled this change into Debian unstable.
>Unfortunately, some applications such as nfs-utilsappear to pull in
>gssapi.h from libgssglue, but pull in gssapi_ext.h from krb5.
>
>This does not work unless the gssapi.h from libgssglue includes the new
>constant type names.
>
>--Sam
Kevin,
The original bug report #629553 is available at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629553
and bug report #629692 (which has build logs) is available at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629692
Sam,
Could you please post the unified diff of gssapi.h from libgssglue that
makes it work?
Cheers,
An?bal
Here's the MIT diff that introduces the types:
commit 21479bb4df589793a4fc25aedb59d599043eb95b
Author: lhoward <lhoward@dc483132-0cff-0310-8789-dd5450dbe970>
Date: Sun Apr 3 08:02:53 2011 +0000
Use RFC 5587 const types for draft-josefsson-gss-capsulate APIs
git-svn-id: svn://anonsvn.mit.edu/svn/krb5/trunk@24821 dc483132-0cff-0310-8789-dd5450dbe970
(cherry picked from commit 4a46936a36f47e54134b24d7083cfd45a2d009bc)
diff --git a/src/lib/gssapi/generic/gssapi_ext.h b/src/lib/gssapi/generic/gssapi_ext.h
index a2a8bcd..31d972b 100644
--- a/src/lib/gssapi/generic/gssapi_ext.h
+++ b/src/lib/gssapi/generic/gssapi_ext.h
@@ -387,22 +387,22 @@ OM_uint32 KRB5_CALLCONV gss_release_any_name_mapping
/* draft-josefsson-gss-capsulate */
OM_uint32 KRB5_CALLCONV gss_encapsulate_token
(
- const gss_buffer_t, /* input_token */
- const gss_OID, /* token_oid */
- const gss_buffer_t /* output_token */
+ gss_const_buffer_t, /* input_token */
+ gss_const_OID, /* token_oid */
+ gss_buffer_t /* output_token */
);
OM_uint32 KRB5_CALLCONV gss_decapsulate_token
(
- const gss_buffer_t, /* input_token */
- const gss_OID, /* token_oid */
+ gss_const_buffer_t, /* input_token */
+ gss_const_OID, /* token_oid */
gss_buffer_t /* output_token */
);
int KRB5_CALLCONV gss_oid_equal
(
- const gss_OID, /* first_oid */
- const gss_OID /* second_oid */
+ gss_const_OID, /* first_oid */
+ gss_const_OID /* second_oid */
);
#ifdef __cplusplus
diff --git a/src/lib/gssapi/mechglue/g_decapsulate_token.c b/src/lib/gssapi/mechglue/g_decapsulate_token.c
index a12d8f7..42b9e07 100644
--- a/src/lib/gssapi/mechglue/g_decapsulate_token.c
+++ b/src/lib/gssapi/mechglue/g_decapsulate_token.c
@@ -33,8 +33,8 @@
#include "mglueP.h"
OM_uint32
-gss_decapsulate_token(const gss_buffer_t input_token,
- const gss_OID token_oid,
+gss_decapsulate_token(gss_const_buffer_t input_token,
+ gss_const_OID token_oid,
gss_buffer_t output_token)
{
OM_uint32 minor;
diff --git a/src/lib/gssapi/mechglue/g_encapsulate_token.c b/src/lib/gssapi/mechglue/g_encapsulate_token.c
index a60c796..b26e147 100644
--- a/src/lib/gssapi/mechglue/g_encapsulate_token.c
+++ b/src/lib/gssapi/mechglue/g_encapsulate_token.c
@@ -33,8 +33,8 @@
#include "mglueP.h"
OM_uint32
-gss_encapsulate_token(const gss_buffer_t input_token,
- const gss_OID token_oid,
+gss_encapsulate_token(gss_const_buffer_t input_token,
+ gss_const_OID token_oid,
gss_buffer_t output_token)
{
unsigned int tokenSize;
diff --git a/src/lib/gssapi/mechglue/g_oid_ops.c b/src/lib/gssapi/mechglue/g_oid_ops.c
index aa6d807..db3cd78 100644
--- a/src/lib/gssapi/mechglue/g_oid_ops.c
+++ b/src/lib/gssapi/mechglue/g_oid_ops.c
@@ -111,8 +111,8 @@ gssint_copy_oid_set(
int
gss_oid_equal(
- const gss_OID first_oid,
- const gss_OID second_oid)
+ gss_const_OID first_oid,
+ gss_const_OID second_oid)
{
return g_OID_equal(first_oid, second_oid);
}
2011/6/8 An?bal Monsalve Salazar <[email protected]>:
> On Tue, Jun 07, 2011 at 12:55:02PM -0400, Sam Hartman wrote:
>>
>>package: libgssglue-dev
>>severity: serious
>>justification: package breaks nfs-utils build
>>version: 0.2-2
>>
>>Hi, Kevin and Debian maintainers:
>>
>>In an upcoming release, MIT has started adopting the new GSS-API type
>>names at the top of page 12 of RFC 5587.
>>
>>
>>For a variety of reasons, I pulled this change into Debian unstable.
>>Unfortunately, some applications such as nfs-utilsappear to pull in
>>gssapi.h from libgssglue, but pull in gssapi_ext.h from krb5.
>>
>>This does not work unless the gssapi.h from libgssglue includes the new
>>constant type names.
>>
>>--Sam
>
> Kevin,
>
> The original bug report #629553 is available at
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629553
>
> and bug report #629692 (which has build logs) is available at
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629692
>
> Sam,
>
> Could you please post the unified diff of gssapi.h from libgssglue that
> makes it work?
>
> Cheers,
>
> An?bal
Sam's original message went to my spam folder. I will attempt to look
at this in the next couple of days, but I can't make any promises.
K.C.
Hi,
Here is a patch that fixed the compile and seems to run fine. I'll be
putting out a new version of libgssglue, but it may take a few days
for me to get around to that. Meanwhile, hopefully this fixes your
immediate issue.
K.C.
diff --git a/src/gssglue/gssapi/gssapi.h.in b/src/gssglue/gssapi/gssapi.h.in
index 8d3fe99..81df675 100644
--- a/src/gssglue/gssapi/gssapi.h.in
+++ b/src/gssglue/gssapi/gssapi.h.in
@@ -850,4 +850,15 @@ PROTOTYPE( (OM_uint32 *, /* minor_status */
/* XXXX This is a necessary evil until the spec is fixed */
#define GSS_S_CRED_UNAVAIL GSS_S_FAILURE
+/*
+ * RFC 5587
+ */
+typedef const gss_buffer_desc *gss_const_buffer_t;
+typedef const struct gss_channel_bindings_struct *gss_const_channel_bindings_t;
+typedef const struct gss_ctx_id_struct gss_const_ctx_id_t;
+typedef const struct gss_cred_id_struct gss_const_cred_id_t;
+typedef const struct gss_name_struct gss_const_name_t;
+typedef const gss_OID_desc *gss_const_OID;
+typedef const gss_OID_set_desc *gss_const_OID_set;
+
#endif /* _GSSAPI_H_GLUE_ */
On Thu, Jun 9, 2011 at 10:29 AM, Sam Hartman <[email protected]> wrote:
> Here's the MIT diff that introduces the types:
> commit 21479bb4df589793a4fc25aedb59d599043eb95b
> Author: lhoward <lhoward@dc483132-0cff-0310-8789-dd5450dbe970>
> Date: ? Sun Apr 3 08:02:53 2011 +0000
>
> ? ?Use RFC 5587 const types for draft-josefsson-gss-capsulate APIs
>
> ? ?git-svn-id: svn://anonsvn.mit.edu/svn/krb5/trunk@24821 dc483132-0cff-0310-8789-dd5450dbe970
> ? ?(cherry picked from commit 4a46936a36f47e54134b24d7083cfd45a2d009bc)
>
> diff --git a/src/lib/gssapi/generic/gssapi_ext.h b/src/lib/gssapi/generic/gssapi_ext.h
> index a2a8bcd..31d972b 100644
> --- a/src/lib/gssapi/generic/gssapi_ext.h
> +++ b/src/lib/gssapi/generic/gssapi_ext.h
> @@ -387,22 +387,22 @@ OM_uint32 KRB5_CALLCONV gss_release_any_name_mapping
> ?/* draft-josefsson-gss-capsulate */
> ?OM_uint32 KRB5_CALLCONV gss_encapsulate_token
> ?(
> - ? ?const gss_buffer_t, /* input_token */
> - ? ?const gss_OID, ? ? ?/* token_oid */
> - ? ?const gss_buffer_t ?/* output_token */
> + ? ?gss_const_buffer_t, /* input_token */
> + ? ?gss_const_OID, ? ? ?/* token_oid */
> + ? ?gss_buffer_t ? ? ? ?/* output_token */
> ?);
>
> ?OM_uint32 KRB5_CALLCONV gss_decapsulate_token
> ?(
> - ? ?const gss_buffer_t, /* input_token */
> - ? ?const gss_OID, ? ? ?/* token_oid */
> + ? ?gss_const_buffer_t, /* input_token */
> + ? ?gss_const_OID, ? ? ?/* token_oid */
> ? ? gss_buffer_t ? ? ? ?/* output_token */
> ?);
>
> ?int KRB5_CALLCONV gss_oid_equal
> ?(
> - ? ?const gss_OID, ? ? ?/* first_oid */
> - ? ?const gss_OID ? ? ? /* second_oid */
> + ? ?gss_const_OID, ? ? ?/* first_oid */
> + ? ?gss_const_OID ? ? ? /* second_oid */
> ?);
>
> ?#ifdef __cplusplus
> diff --git a/src/lib/gssapi/mechglue/g_decapsulate_token.c b/src/lib/gssapi/mechglue/g_decapsulate_token.c
> index a12d8f7..42b9e07 100644
> --- a/src/lib/gssapi/mechglue/g_decapsulate_token.c
> +++ b/src/lib/gssapi/mechglue/g_decapsulate_token.c
> @@ -33,8 +33,8 @@
> ?#include "mglueP.h"
>
> ?OM_uint32
> -gss_decapsulate_token(const gss_buffer_t input_token,
> - ? ? ? ? ? ? ? ? ? ? ?const gss_OID token_oid,
> +gss_decapsulate_token(gss_const_buffer_t input_token,
> + ? ? ? ? ? ? ? ? ? ? ?gss_const_OID token_oid,
> ? ? ? ? ? ? ? ? ? ? ? gss_buffer_t output_token)
> ?{
> ? ? OM_uint32 minor;
> diff --git a/src/lib/gssapi/mechglue/g_encapsulate_token.c b/src/lib/gssapi/mechglue/g_encapsulate_token.c
> index a60c796..b26e147 100644
> --- a/src/lib/gssapi/mechglue/g_encapsulate_token.c
> +++ b/src/lib/gssapi/mechglue/g_encapsulate_token.c
> @@ -33,8 +33,8 @@
> ?#include "mglueP.h"
>
> ?OM_uint32
> -gss_encapsulate_token(const gss_buffer_t input_token,
> - ? ? ? ? ? ? ? ? ? ? ?const gss_OID token_oid,
> +gss_encapsulate_token(gss_const_buffer_t input_token,
> + ? ? ? ? ? ? ? ? ? ? ?gss_const_OID token_oid,
> ? ? ? ? ? ? ? ? ? ? ? gss_buffer_t output_token)
> ?{
> ? ? unsigned int tokenSize;
> diff --git a/src/lib/gssapi/mechglue/g_oid_ops.c b/src/lib/gssapi/mechglue/g_oid_ops.c
> index aa6d807..db3cd78 100644
> --- a/src/lib/gssapi/mechglue/g_oid_ops.c
> +++ b/src/lib/gssapi/mechglue/g_oid_ops.c
> @@ -111,8 +111,8 @@ gssint_copy_oid_set(
>
> ?int
> ?gss_oid_equal(
> - ? ?const gss_OID first_oid,
> - ? ?const gss_OID second_oid)
> + ? ?gss_const_OID first_oid,
> + ? ?gss_const_OID second_oid)
> ?{
> ? ? return g_OID_equal(first_oid, second_oid);
> ?}
>
>