From 6a0492dd00a3ca23503e3aeafdb686c937adecb9 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Wed, 13 Jun 2012 18:43:31 +0200
Subject: reorg repo

---
 mod_auth_kerb-5.4-rcopshack.patch | 73 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 mod_auth_kerb-5.4-rcopshack.patch

(limited to 'mod_auth_kerb-5.4-rcopshack.patch')

diff --git a/mod_auth_kerb-5.4-rcopshack.patch b/mod_auth_kerb-5.4-rcopshack.patch
new file mode 100644
index 0000000..abbf4db
--- /dev/null
+++ b/mod_auth_kerb-5.4-rcopshack.patch
@@ -0,0 +1,73 @@
+
+Remove the Krb5 1.3.x-specific hack which mucks about with
+libkrb5 internals, and shouldn't.
+
+--- mod_auth_kerb-5.4/src/mod_auth_kerb.c.rcopshack
++++ mod_auth_kerb-5.4/src/mod_auth_kerb.c
+@@ -285,34 +285,6 @@ mkstemp(char *template)
+ }
+ #endif
+ 
+-#if defined(KRB5) && !defined(HEIMDAL)
+-/* Needed to work around problems with replay caches */
+-#include "mit-internals.h"
+-
+-/* This is our replacement krb5_rc_store function */
+-static krb5_error_code KRB5_LIB_FUNCTION
+-mod_auth_kerb_rc_store(krb5_context context, krb5_rcache rcache,
+-                       krb5_donot_replay_internal *donot_replay)
+-{
+-   return 0;
+-}
+-
+-/* And this is the operations vector for our replay cache */
+-const krb5_rc_ops_internal mod_auth_kerb_rc_ops = {
+-  0,
+-  "dfl",
+-  krb5_rc_dfl_init,
+-  krb5_rc_dfl_recover,
+-  krb5_rc_dfl_destroy,
+-  krb5_rc_dfl_close,
+-  mod_auth_kerb_rc_store,
+-  krb5_rc_dfl_expunge,
+-  krb5_rc_dfl_get_span,
+-  krb5_rc_dfl_get_name,
+-  krb5_rc_dfl_resolve
+-};
+-#endif
+-
+ /*************************************************************************** 
+  Auth Configuration Initialization
+  ***************************************************************************/
+@@ -1252,31 +1224,6 @@ get_gss_creds(request_rec *r,
+       return HTTP_INTERNAL_SERVER_ERROR;
+    }
+ 
+-#ifndef HEIMDAL
+-   /*
+-    * With MIT Kerberos 5 1.3.x the gss_cred_id_t is the same as
+-    * krb5_gss_cred_id_t and krb5_gss_cred_id_rec contains a pointer to
+-    * the replay cache.
+-    * This allows us to override the replay cache function vector with
+-    * our own one.
+-    * Note that this is a dirty hack to get things working and there may
+-    * well be unknown side-effects.
+-    */
+-   {
+-      krb5_gss_cred_id_t gss_creds = (krb5_gss_cred_id_t) *server_creds;
+-
+-      /* First we try to verify we are linked with 1.3.x to prevent from
+-         crashing when linked with 1.4.x */
+-      if (gss_creds && (gss_creds->usage == GSS_C_ACCEPT)) {
+-	 if (gss_creds->rcache && gss_creds->rcache->ops &&
+-	     gss_creds->rcache->ops->type &&  
+-	     memcmp(gss_creds->rcache->ops->type, "dfl", 3) == 0)
+-          /* Override the rcache operations */
+-	 gss_creds->rcache->ops = &mod_auth_kerb_rc_ops;
+-      }
+-   }
+-#endif
+-   
+    return 0;
+ }
+ 
-- 
cgit