1 files changed, 138 insertions, 0 deletions

diff --git a/package/nfs-utils/patches/patch-aclocal_kerberos5_m4 b/package/nfs-utils/patches/patch-aclocal_kerberos5_m4
new file mode 100644
index 000000000..1a5ca00ba
--- /dev/null
+++ b/package/nfs-utils/patches/patch-aclocal_kerberos5_m4
@@ -0,0 +1,138 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- nfs-utils-1.1.4.orig/aclocal/kerberos5.m4	2008-10-17 16:20:09.000000000 +0200
++++ nfs-utils-1.1.4/aclocal/kerberos5.m4	2009-01-30 16:24:45.000000000 +0100
+@@ -1,112 +1,48 @@
+-dnl Checks for Kerberos
+-dnl NOTE: while we intend to do generic gss-api, currently we
+-dnl have a requirement to get an initial Kerberos machine
+-dnl credential.  Thus, the requirement for Kerberos.
+-dnl The Kerberos gssapi library will be dynamically loaded?
+ AC_DEFUN([AC_KERBEROS_V5],[
++  K5CONFIG="krb5-config"
+   AC_MSG_CHECKING(for Kerberos v5)
+-  AC_ARG_WITH(krb5,
+-  [AC_HELP_STRING([--with-krb5=DIR], [use Kerberos v5 installation in DIR])],
++  AC_ARG_WITH(krb5-config,
++  [AC_HELP_STRING([--with-krb5-config=PATH], [Full Path to krb5-config.])],
+   [ case "$withval" in
+     yes|no)
+-       krb5_with=""
++       K5CONFIG="krb5-config"
+        ;;
+     *)
+-       krb5_with="$withval"
++       K5CONFIG="$withval"
+        ;;
+     esac ]
+   )
+ 
+-  for dir in $krb5_with /usr /usr/kerberos /usr/local /usr/local/krb5 \
+-  	     /usr/krb5 /usr/heimdal /usr/local/heimdal /usr/athena ; do
+-    dnl This ugly hack brought on by the split installation of
+-    dnl MIT Kerberos on Fedora Core 1
+-    K5CONFIG=""
+-    if test -f $dir/bin/krb5-config; then
+-      K5CONFIG=$dir/bin/krb5-config
+-    elif test -f "/usr/kerberos/bin/krb5-config"; then
+-      K5CONFIG="/usr/kerberos/bin/krb5-config"
+-    elif test -f "/usr/lib/mit/bin/krb5-config"; then
+-      K5CONFIG="/usr/lib/mit/bin/krb5-config"
+-    fi
+     if test "$K5CONFIG" != ""; then
+       KRBCFLAGS=`$K5CONFIG --cflags`
+       KRBLIBS=`$K5CONFIG --libs gssapi`
+-      K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'`
+-      AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
+-      if test -f $dir/include/gssapi/gssapi_krb5.h -a \
+-                \( -f $dir/lib/libgssapi_krb5.a -o \
+-                   -f $dir/lib64/libgssapi_krb5.a -o \
+-                   -f $dir/lib64/libgssapi_krb5.so -o \
+-                   -f $dir/lib/libgssapi_krb5.so \) ; then
++    if $K5CONFIG --version | grep -q -e heimdal; then
++      K5VERS=`$K5CONFIG --version | head -n 1 | cut -f2 -d ' ' | tr -d '.'`
++      AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries])
++      gssapi_lib=gssapi
++      KRBIMPL="heimdal"
++    elif $K5CONFIG --version | grep -q -e Kerberos; then
++      K5VERS=`$K5CONFIG --version | head -n 1 | cut -f4 -d ' ' | tr -d '.'`
+          AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries])
+-         KRBDIR="$dir"
+-  dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the
+-  dnl private function (gss_krb5_ccache_name) to get correct
+-  dnl behavior of changing the ccache used by gssapi.
+-  dnl Starting in 1.3.2, we *DO NOT* want to use
+-  dnl gss_krb5_ccache_name, instead we want to set KRB5CCNAME
+-  dnl to get gssapi to use a different ccache
+          if test $K5VERS -le 131; then
+            AC_DEFINE(USE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the private function, gss_krb5_cache_name, must be used to tell the Kerberos library which credentials cache to use. Otherwise, this is done by setting the KRB5CCNAME environment variable])
+          fi
+          gssapi_lib=gssapi_krb5
+-         break
+-      dnl The following ugly hack brought on by the split installation
+-      dnl of Heimdal Kerberos on SuSe
+-      elif test \( -f $dir/include/heim_err.h -o\
+-      		 -f $dir/include/heimdal/heim_err.h \) -a \
+-                -f $dir/lib/libroken.a; then
+-         AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries])
+-         KRBDIR="$dir"
+-         gssapi_lib=gssapi
+-        break
+-      fi
+-    fi
+-  done
+-  dnl We didn't find a usable Kerberos environment
+-  if test "x$KRBDIR" = "x"; then
+-    if test "x$krb5_with" = "x"; then
+-      AC_MSG_ERROR(Kerberos v5 with GSS support not found: consider --disable-gss or --with-krb5=)
++      KRBIMPL="mit-krb5"
+     else
+-      AC_MSG_ERROR(Kerberos v5 with GSS support not found at $krb5_with)
+-    fi
++      AC_MSG_ERROR(Unknown Kerberos 5 Implementation. Is neither heimdal or mit-krb5.)
++      KRBIMPL="unknown"
+   fi
+-  AC_MSG_RESULT($KRBDIR)
+-
+-  dnl Check if -rpath=$(KRBDIR)/lib is needed
+-  echo "The current KRBDIR is $KRBDIR"
+-  if test "$KRBDIR/lib" = "/lib" -o "$KRBDIR/lib" = "/usr/lib" \
+-       -o "$KRBDIR/lib" = "//lib" -o "$KRBDIR/lib" = "/usr//lib" ; then
+-    KRBLDFLAGS="";
+-  elif /sbin/ldconfig -p | grep > /dev/null "=> $KRBDIR/lib/"; then
+-    KRBLDFLAGS="";
+-  else
+-    KRBLDFLAGS="-Wl,-rpath=$KRBDIR/lib"
++    AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
+   fi
++  AC_MSG_RESULT($KRBIMPL)
+ 
+-  dnl Now check for functions within gssapi library
+-  AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context,
+-    AC_DEFINE(HAVE_LUCID_CONTEXT_SUPPORT, 1, [Define this if the Kerberos GSS library supports gss_krb5_export_lucid_sec_context]), ,$KRBLIBS)
+-  AC_CHECK_LIB($gssapi_lib, gss_krb5_set_allowable_enctypes,
+-    AC_DEFINE(HAVE_SET_ALLOWABLE_ENCTYPES, 1, [Define this if the Kerberos GSS library supports gss_krb5_set_allowable_enctypes]), ,$KRBLIBS)
+-  AC_CHECK_LIB($gssapi_lib, gss_krb5_ccache_name,
+-    AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the Kerberos GSS library supports gss_krb5_ccache_name]), ,$KRBLIBS)
+-
+-  dnl Check for newer error message facility
+-  AC_CHECK_LIB($gssapi_lib, krb5_get_error_message,
+-    AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE, 1, [Define this if the function krb5_get_error_message is available]), ,$KRBLIBS)
+-
+-  dnl Check for function to specify addressless tickets
+-  AC_CHECK_LIB($gssapi_lib, krb5_get_init_creds_opt_set_addressless,
+-    AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS, 1, [Define this if the function krb5_get_init_creds_opt_set_addressless is available]), ,$KRBLIBS)
+-
+-  dnl If they specified a directory and it didn't work, give them a warning
+-  if test "x$krb5_with" != "x" -a "$krb5_with" != "$KRBDIR"; then
+-    AC_MSG_WARN(Using $KRBDIR instead of requested value of $krb5_with for Kerberos!)
+-  fi
++  AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context, AC_DEFINE(HAVE_LUCID_CONTEXT_SUPPORT, 1, [Define this if the Kerberos GSS library supports gss_krb5_export_lucid_sec_context]), ,$KRBLIBS)
++  AC_CHECK_LIB($gssapi_lib, gss_krb5_set_allowable_enctypes, AC_DEFINE(HAVE_SET_ALLOWABLE_ENCTYPES, 1, [Define this if the Kerberos GSS library supports gss_krb5_set_allowable_enctypes]), ,$KRBLIBS)
++  AC_CHECK_LIB($gssapi_lib, gss_krb5_ccache_name, AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the Kerberos GSS library supports gss_krb5_ccache_name]), ,$KRBLIBS)
++  AC_CHECK_LIB($gssapi_lib, krb5_get_error_message, AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE, 1, [Define this if the function krb5_get_error_message is available]), ,$KRBLIBS)
++  AC_CHECK_LIB($gssapi_lib, krb5_get_init_creds_opt_set_addressless, AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS, 1, [Define this if the function krb5_get_init_creds_opt_set_addressless is available]), ,$KRBLIBS)
+ 
+-  AC_SUBST([KRBDIR])
+   AC_SUBST([KRBLIBS])
+   AC_SUBST([KRBCFLAGS])
+   AC_SUBST([KRBLDFLAGS])