gssd: Call authgss_free_private_data() if library provides it.

librpcsecgss provides authgss_free_private_data() as a pair to
authgss_get_private_data().  libtirpc does not - until recently.

This ommision results in authgss_destroy_context() sending an
incorrect RPCSEC_GSS_DESTROY request when gssd calls AUTH_DESTROY().

The call has been added to libtirpc, so this patch updates nfs-utils
to check for the presense of the function in libtirpc and to set
HAVE_AUTHGSS_FREE_PRIVATE_DATA if it is present.
This is also set unconditionally if librpcsecgss is used.

gssd is changed to test this value rather than HAVE_LIBTIRPC when
chosing whether to call authgss_free_private_data().

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>

diff --git a/aclocal/librpcsecgss.m4 b/aclocal/librpcsecgss.m4
index d1dd25e2f0f63ead394e47008c31c59ce6970cf9..e8331413870183e1540554f7feefbbf1ae035398 100644 (file)
--- a/aclocal/librpcsecgss.m4
+++ b/aclocal/librpcsecgss.m4
@@ -14,6 +14,8 @@ AC_DEFUN([AC_LIBRPCSECGSS], [
                  [AC_DEFINE([HAVE_AUTHGSS_SET_DEBUG_LEVEL], 1,
                  [Define to 1 if you have the `authgss_set_debug_level' function.])])
 
+    AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+             [Define to 1 if your rpcsec library provides authgss_free_private_data,])
   fi
 
 ])dnl

diff --git a/aclocal/libtirpc.m4 b/aclocal/libtirpc.m4
index 19b8361794854d0b616db61891e68aa1074cc7d3..b8233640837676d5b09db16d9910e54e4e1ab6ee 100644 (file)
--- a/aclocal/libtirpc.m4
+++ b/aclocal/libtirpc.m4
@@ -23,6 +23,13 @@ AC_DEFUN([AC_LIBTIRPC], [
                  fi])
   fi
 
+  if test "$enable_tirpc" != "no"; then
+
+    dnl Check if library contains authgss_free_private_data
+    AC_CHECK_LIB([tirpc], [authgss_free_private_data], [have_free_private_data=yes],
+                       [have_free_private_data=no])
+  fi
+
   if test "$enable_tirpc" != "no"; then
     dnl also must have the headers installed where we expect
     dnl look for headers; add -I compiler option if found
@@ -42,6 +49,10 @@ AC_DEFUN([AC_LIBTIRPC], [
     AC_DEFINE([HAVE_LIBTIRPC], 1,
               [Define to 1 if you have and wish to use libtirpc.])
     LIBTIRPC="-ltirpc"
+    if test "$have_free_private_data" = "yes"; then
+      AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+             [Define to 1 if your rpcsec library provides authgss_free_private_data,])
+    fi
   else
     LIBTIRPC=""
   fi

diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index d01ba2fe6778439d7db22c3d993b7ed215c57363..c17ab3bf914526f433fb6c76ace1daa63c10d921 100644 (file)
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -1078,7 +1078,7 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
 out:
        if (token.value)
                free(token.value);
-#ifndef HAVE_LIBTIRPC
+#ifdef HAVE_AUTHGSS_FREE_PRIVATE_DATA
        if (pd.pd_ctx_hndl.length != 0)
                authgss_free_private_data(&pd);
 #endif