From 0ac50211fefb0d398ecc958ebe725dc6b6285103 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Tue, 2 Apr 2013 15:04:37 -0400
Subject: [PATCH] gssd: Switch to use standard GSSAPI by default

Make libgssglue configurable still but disabled by default.
There is no reason to use libgssglue anymore, and modern gssapi
supports all needed features for nfs-utils.

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
 aclocal/kerberos5.m4   |  4 ++++
 aclocal/rpcsec_vers.m4 |  7 ++++++-
 configure.ac           |  9 +++++++++
 utils/gssd/Makefile.am | 12 ++++++------
 utils/gssd/gss_util.h  | 10 ++++++++++
 5 files changed, 35 insertions(+), 7 deletions(-)

diff --git a/aclocal/kerberos5.m4 b/aclocal/kerberos5.m4
index ef37e28..0bf35d3 100644
--- a/aclocal/kerberos5.m4
+++ b/aclocal/kerberos5.m4
@@ -32,6 +32,8 @@ AC_DEFUN([AC_KERBEROS_V5],[
     if test "$K5CONFIG" != ""; then
       KRBCFLAGS=`$K5CONFIG --cflags`
       KRBLIBS=`$K5CONFIG --libs`
+      GSSKRB_CFLAGS=`$K5CONFIG --cflags gssapi`
+      GSSKRB_LIBS=`$K5CONFIG --libs gssapi`
       K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'`
       AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
       if test -f $dir/include/gssapi/gssapi_krb5.h -a \
@@ -113,5 +115,7 @@ AC_DEFUN([AC_KERBEROS_V5],[
   AC_SUBST([KRBCFLAGS])
   AC_SUBST([KRBLDFLAGS])
   AC_SUBST([K5VERS])
+  AC_SUBST([GSSKRB_CFLAGS])
+  AC_SUBST([GSSKRB_LIBS])
 
 ])
diff --git a/aclocal/rpcsec_vers.m4 b/aclocal/rpcsec_vers.m4
index 8218372..11d2f18 100644
--- a/aclocal/rpcsec_vers.m4
+++ b/aclocal/rpcsec_vers.m4
@@ -1,7 +1,12 @@
 dnl Checks librpcsec version
 AC_DEFUN([AC_RPCSEC_VERSION], [
 
-  PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.3])
+  AC_ARG_WITH([gssglue],
+	[AC_HELP_STRING([--with-gssglue], [Use libgssglue for GSS support])])
+  if test x"$with_gssglue" = x"yes"; then
+    PKG_CHECK_MODULES([GSSGLUE], [libgssglue >= 0.3])
+    AC_CHECK_LIB([gssglue], [gss_set_allowable_enctypes])
+  fi
 
   dnl TI-RPC replaces librpcsecgss
   if test "$enable_tirpc" = no; then
diff --git a/configure.ac b/configure.ac
index cc7f3b4..3d7ab0a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -344,6 +344,15 @@ if test "$enable_gss" = yes; then
   dnl but we need to make sure we get the right version
   if test "$enable_gss" = yes; then
     AC_RPCSEC_VERSION
+    if test x"$GSSGLUE_LIBS" != x""; then
+      GSSAPI_CFLAGS=$GSSGLUE_CFLAGS
+      GSSAPI_LIBS=$GSSGLUE_LIBS
+    else
+      GSSAPI_CFLAGS=$GSSKRB_CFLAGS
+      GSSAPI_LIBS=$GSSKRB_LIBS
+    fi
+    AC_SUBST([GSSAPI_CFLAGS])
+    AC_SUBST([GSSAPI_LIBS])
   fi
 fi
 
diff --git a/utils/gssd/Makefile.am b/utils/gssd/Makefile.am
index 2365704..a300da2 100644
--- a/utils/gssd/Makefile.am
+++ b/utils/gssd/Makefile.am
@@ -38,11 +38,11 @@ gssd_SOURCES = \
 	write_bytes.h
 
 gssd_LDADD =	../../support/nfs/libnfs.a \
-		$(RPCSECGSS_LIBS) $(GSSGLUE_LIBS) $(KRBLIBS)
+		$(RPCSECGSS_LIBS) $(KRBLIBS) $(GSSAPI_LIBS)
 gssd_LDFLAGS = $(KRBLDFLAGS) $(LIBTIRPC)
 
 gssd_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \
-	      $(RPCSECGSS_CFLAGS) $(GSSGLUE_CFLAGS) $(KRBCFLAGS)
+	      $(RPCSECGSS_CFLAGS) $(KRBCFLAGS) $(GSSAPI_CFLAGS)
 
 svcgssd_SOURCES = \
 	$(COMMON_SRCS) \
@@ -57,18 +57,18 @@ svcgssd_SOURCES = \
 
 svcgssd_LDADD = \
 	../../support/nfs/libnfs.a \
-	$(RPCSECGSS_LIBS) $(GSSGLUE_LIBS) $(LIBNFSIDMAP) \
-	$(KRBLIBS) $(LIBTIRPC)
+	$(RPCSECGSS_LIBS) $(LIBNFSIDMAP) \
+	$(KRBLIBS) $(GSSAPI_LIBS) $(LIBTIRPC)
 
 svcgssd_LDFLAGS = $(KRBLDFLAGS)
 
 svcgssd_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \
-		 $(RPCSECGSS_CFLAGS) $(GSSGLUE_CFLAGS) $(KRBCFLAGS)
+		 $(RPCSECGSS_CFLAGS) $(KRBCFLAGS) $(GSSAPI_CFLAGS)
 
 gss_clnt_send_err_SOURCES = gss_clnt_send_err.c
 
 gss_clnt_send_err_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \
-		 $(RPCSECGSS_CFLAGS) $(GSSGLUE_CFLAGS) $(KRBCFLAGS)
+		 $(RPCSECGSS_CFLAGS) $(KRBCFLAGS) $(GSSAPI_CFLAGS)
 
 MAINTAINERCLEANFILES = Makefile.in
 
diff --git a/utils/gssd/gss_util.h b/utils/gssd/gss_util.h
index 67b3077..aa9f778 100644
--- a/utils/gssd/gss_util.h
+++ b/utils/gssd/gss_util.h
@@ -42,4 +42,14 @@ void pgsserr(char *msg, u_int32_t maj_stat, u_int32_t min_stat,
 	const gss_OID mech);
 int gssd_check_mechs(void);
 
+#ifndef HAVE_LIBGSSGLUE
+#include <gssapi/gssapi_krb5.h>
+#define gss_free_lucid_sec_context(min, ctx, ret) \
+		gss_krb5_free_lucid_sec_context(min, ret)
+
+#define gss_export_lucid_sec_context gss_krb5_export_lucid_sec_context
+#define gss_set_allowable_enctypes(min, cred, oid, num, types) \
+		gss_krb5_set_allowable_enctypes(min, cred, num, types)
+#endif
+
 #endif /* _GSS_UTIL_H_ */
-- 
2.39.2