librpcsecgss provides authgss_free_private_data() as a pair to
authgss_get_private_data(). libtirpc does not - until recently.
This ommision results in authgss_destroy_context() sending an
incorrect RPCSEC_GSS_DESTROY request when gssd calls AUTH_DESTROY().
The call has been added to libtirpc, so this patch updates nfs-utils
to check for the presense of the function in libtirpc and to set
HAVE_AUTHGSS_FREE_PRIVATE_DATA if it is present.
This is also set unconditionally if librpcsecgss is used.
gssd is changed to test this value rather than HAVE_LIBTIRPC when
chosing whether to call authgss_free_private_data().
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
[AC_DEFINE([HAVE_AUTHGSS_SET_DEBUG_LEVEL], 1,
[Define to 1 if you have the `authgss_set_debug_level' function.])])
[AC_DEFINE([HAVE_AUTHGSS_SET_DEBUG_LEVEL], 1,
[Define to 1 if you have the `authgss_set_debug_level' function.])])
+ AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+ [Define to 1 if your rpcsec library provides authgss_free_private_data,])
+ if test "$enable_tirpc" != "no"; then
+
+ dnl Check if library contains authgss_free_private_data
+ AC_CHECK_LIB([tirpc], [authgss_free_private_data], [have_free_private_data=yes],
+ [have_free_private_data=no])
+ fi
+
if test "$enable_tirpc" != "no"; then
dnl also must have the headers installed where we expect
dnl look for headers; add -I compiler option if found
if test "$enable_tirpc" != "no"; then
dnl also must have the headers installed where we expect
dnl look for headers; add -I compiler option if found
AC_DEFINE([HAVE_LIBTIRPC], 1,
[Define to 1 if you have and wish to use libtirpc.])
LIBTIRPC="-ltirpc"
AC_DEFINE([HAVE_LIBTIRPC], 1,
[Define to 1 if you have and wish to use libtirpc.])
LIBTIRPC="-ltirpc"
+ if test "$have_free_private_data" = "yes"; then
+ AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+ [Define to 1 if your rpcsec library provides authgss_free_private_data,])
+ fi
out:
if (token.value)
free(token.value);
out:
if (token.value)
free(token.value);
+#ifdef HAVE_AUTHGSS_FREE_PRIVATE_DATA
if (pd.pd_ctx_hndl.length != 0)
authgss_free_private_data(&pd);
#endif
if (pd.pd_ctx_hndl.length != 0)
authgss_free_private_data(&pd);
#endif