From 95894ff4467995659c4ce5e2523f3c8058d9c676 Mon Sep 17 00:00:00 2001
From: NeilBrown <neilb@suse.de>
Date: Wed, 13 Feb 2013 15:11:05 -0500
Subject: [PATCH] gssd: Call authgss_free_private_data() if library provides
 it.

librpcsecgss provides authgss_free_private_data() as a pair to
authgss_get_private_data().  libtirpc does not - until recently.

This ommision results in authgss_destroy_context() sending an
incorrect RPCSEC_GSS_DESTROY request when gssd calls AUTH_DESTROY().

The call has been added to libtirpc, so this patch updates nfs-utils
to check for the presense of the function in libtirpc and to set
HAVE_AUTHGSS_FREE_PRIVATE_DATA if it is present.
This is also set unconditionally if librpcsecgss is used.

gssd is changed to test this value rather than HAVE_LIBTIRPC when
chosing whether to call authgss_free_private_data().

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
 aclocal/librpcsecgss.m4 |  2 ++
 aclocal/libtirpc.m4     | 11 +++++++++++
 utils/gssd/gssd_proc.c  |  2 +-
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/aclocal/librpcsecgss.m4 b/aclocal/librpcsecgss.m4
index d1dd25e..e833141 100644
--- a/aclocal/librpcsecgss.m4
+++ b/aclocal/librpcsecgss.m4
@@ -14,6 +14,8 @@ AC_DEFUN([AC_LIBRPCSECGSS], [
                  [AC_DEFINE([HAVE_AUTHGSS_SET_DEBUG_LEVEL], 1,
                  [Define to 1 if you have the `authgss_set_debug_level' function.])])
 
+    AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+	      [Define to 1 if your rpcsec library provides authgss_free_private_data,])
   fi
 
 ])dnl
diff --git a/aclocal/libtirpc.m4 b/aclocal/libtirpc.m4
index 19b8361..b823364 100644
--- a/aclocal/libtirpc.m4
+++ b/aclocal/libtirpc.m4
@@ -23,6 +23,13 @@ AC_DEFUN([AC_LIBTIRPC], [
 		  fi])
   fi
 
+  if test "$enable_tirpc" != "no"; then
+
+    dnl Check if library contains authgss_free_private_data
+    AC_CHECK_LIB([tirpc], [authgss_free_private_data], [have_free_private_data=yes],
+			[have_free_private_data=no])
+  fi
+
   if test "$enable_tirpc" != "no"; then
     dnl also must have the headers installed where we expect
     dnl look for headers; add -I compiler option if found
@@ -42,6 +49,10 @@ AC_DEFUN([AC_LIBTIRPC], [
     AC_DEFINE([HAVE_LIBTIRPC], 1,
               [Define to 1 if you have and wish to use libtirpc.])
     LIBTIRPC="-ltirpc"
+    if test "$have_free_private_data" = "yes"; then
+      AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,
+	      [Define to 1 if your rpcsec library provides authgss_free_private_data,])
+    fi
   else
     LIBTIRPC=""
   fi
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index d01ba2f..c17ab3b 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -1078,7 +1078,7 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
 out:
 	if (token.value)
 		free(token.value);
-#ifndef HAVE_LIBTIRPC
+#ifdef HAVE_AUTHGSS_FREE_PRIVATE_DATA
 	if (pd.pd_ctx_hndl.length != 0)
 		authgss_free_private_data(&pd);
 #endif
-- 
2.39.2