Re: krb5-1.3.1 and fetchmail 6.2.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks, Nalin! I tried it out but when I now run configure, I get the
following:

.....
You can ignore any makedepend error messages:
makedepend: warning:  /usr/include/gnu/stubs.h:  non-portable whitespace
encountered at line 7
makedepend: warning:  driver.c (reading /usr/include/krb5.h), line 143: #error
undefined 16 bit type
makedepend: warning:  driver.c (reading /usr/include/krb5.h), line 156: #error:
undefined 32 bit type
makedepend: warning:  driver.c (reading kerberos.h, line 14): cannot find
include file "com_err.h"
        not in /usr/local/lib/gcc-include/com_err.h
        not in /usr/include/com_err.h
        not in /usr/lib/gcc-lib/i386-redhat-linux/3.3.2/include/com_err.h

Is this because my version for fetchmail is 6.2.5 rather than 6.2.0. Are these
serious errors? What should I do?

Thanks and best wishes!!




--- Nalin Dahyabhai <nalin@xxxxxxxxxx> wrote:
> On Tue, Nov 25, 2003 at 02:25:17PM -0800, Globe Trotter wrote:
> > I looked up the fetchmail-friends archive -- could not find it. So if
> > you could send me the patch, that would be very helpful!
> 
> Sure thing.  I'm also attaching a patch which fixes a
> standards-compliance bug which breaks fetchmail's use of GSSAPI for POP.
> 
> Each can be applied by running "patch -sp1 < PATCHFILE" from the top
> level of the fetchmail source tree, and then running 'autoconf' to
> regenerate the configure script using the patched configure.in files.
> 
> Cheers,
> 
> Nalin
> > Use krb5-config, when available.  Detect if krb5 is using the system
version
> of com_err, and if krb5-config knows about krb4 stuff.
> 
> --- fetchmail-6.2.0/configure.in	2002-11-12 12:22:11.000000000 -0500
> +++ fetchmail-6.2.0/configure.in	2002-12-13 16:47:50.000000000 -0500
> @@ -434,6 +434,17 @@
>    AC_DEFINE(KERBEROS_V5)
>    CEFLAGS="$CEFLAGS -I/usr/include/kerberosV"
>    LIBS="$LIBS -lasn1 -lkrb5 -lcom_err -lkafs"
> +elif krb5-config 2> /dev/null >/dev/null ; then
> +  krb5_prefix=`krb5-config --prefix krb5`
> +  AC_MSG_RESULT([krb5-config points to kerberosV under $krb5_prefix])
> +  if test -f ${krb5_prefix}/include/et/com_err.h && \
> +   ! test -f ${krb5_prefix}/include/com_err.h  ; then
> +    CEFLAGS="$CEFLAGS -I${krb5_prefix}/include/et"
> +  fi
> +  unset krb5_prefix
> +  CEFLAGS="$CEFLAGS `krb5-config --cflags krb5`"
> +  LIBS="$LIBS `krb5-config --libs krb5`"
> +  AC_DEFINE(KERBEROS_V5)
>  else
>    if test "$with_kerberos5" != "yes" 
>    then
> @@ -509,6 +520,23 @@
>    AC_DEFINE(KERBEROS_V4)
>    CEFLAGS="$CEFLAGS -I/usr/include/kerberosIV"
>    LIBS="$LIBS -lkrb -ldes"
> +elif krb4-config 2> /dev/null >/dev/null ; then
> +  krb4_prefix=`krb4-config --prefix`
> +  AC_MSG_RESULT([krb4-config points to kerberosIV under $krb4_prefix])
> +  unset krb4_prefix
> +  CEFLAGS="$CEFLAGS `krb4-config --cflags`"
> +  LIBS="$LIBS `krb4-config --libs`"
> +  AC_DEFINE(KERBEROS_V4)
> +elif krb5-config 2> /dev/null >/dev/null ; then
> +  krb4_prefix=`krb5-config --prefix krb4`
> +  AC_MSG_RESULT([krb5-config points to kerberosIV under $krb4_prefix])
> +  if test -f ${krb4_prefix}/include/kerberosIV/krb.h ; then
> +    AC_DEFINE(KERBEROS_V4_V5)
> +  fi
> +  unset krb4_prefix
> +  CEFLAGS="$CEFLAGS `krb5-config --cflags krb4`"
> +  LIBS="$LIBS `krb5-config --libs krb4`"
> +  AC_DEFINE(KERBEROS_V4)
>  else
>    #we need to detect when we're building under a kerberosV compatibility
>    #layer, btw...
> --- fetchmail-6.2.0/acconfig.h	2003-11-13 11:25:12.000000000 -0500
> +++ fetchmail-6.2.0/acconfig.h	2003-11-13 11:25:07.000000000 -0500
> @@ -125,6 +125,9 @@
>  /* Define if you have Kerberos V5 */
>  #undef KERBEROS_V5
>  
> +/* Define if you have Kerberos V4 headers under a kerberosIV directory */
> +#undef KERBEROS_V4_V5
> +
>  /* Define if you have HEIMDAL kerberos 5 */
>  #undef HEIMDAL
>  
> --- fetchmail-6.2.0/kerberos.h	2003-11-13 11:24:52.000000000 -0500
> +++ fetchmail-6.2.0/kerberos.h	2003-11-13 11:24:46.000000000 -0500
> @@ -15,14 +15,19 @@
>  #endif
>  
>  #ifdef KERBEROS_V4
> -#  if defined (__bsdi__) 
> -#    include <des.h> /* order of includes matters */
> -#    define krb_get_err_text(e) (krb_err_txt[e])
> -#  endif
> -#  include <krb.h>
> -#  if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__)
> -#    define krb_get_err_text(e) (krb_err_txt[e])
> -#    include <des.h>
> +#  ifdef KERBEROS_V4_V5
> +#    include <kerberosIV/krb.h>
> +#    include <kerberosIV/des.h>
> +#  else
> +#    if defined (__bsdi__) 
> +#      include <des.h> /* order of includes matters */
> +#      define krb_get_err_text(e) (krb_err_txt[e])
> +#    endif
> +#    include <krb.h>
> +#    if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__)
> +#      define krb_get_err_text(e) (krb_err_txt[e])
> +#      include <des.h>
> +#    endif
>  #  endif
>  #endif
>  
> > Actually check for strong authentication methods if the user specified that
> one should be used, and when performing GSSAPI authentication to a POP
> server,
> use "pop" as the service name, per RFC1734.
> 
> --- fetchmail-6.2.0/fetchmail.h	2003-11-14 14:51:56.000000000 -0500
> +++ fetchmail-6.2.0/fetchmail.h	2003-11-14 14:52:27.000000000 -0500
> @@ -584,7 +584,7 @@
>  /* authentication functions */
>  int do_cram_md5(int sock, char *command, struct query *ctl, char *strip);
>  int do_rfc1731(int sock, char *command, char *truename);
> -int do_gssauth(int sock, char *command, char *hostname, char *username);
> +int do_gssauth(int sock, char *command, char *service, char *hostname, char
> *username);
>  int do_otp(int sock, char *command, struct query *ctl);
>  
>  /* miscellanea */
> --- fetchmail-6.2.0/gssapi.c	2003-11-14 14:53:04.000000000 -0500
> +++ fetchmail-6.2.0/gssapi.c	2003-11-14 14:53:00.000000000 -0500
> @@ -38,7 +38,7 @@
>  #define GSSAUTH_P_INTEGRITY 2
>  #define GSSAUTH_P_PRIVACY   4
>  
> -int do_gssauth(int sock, char *command, char *hostname, char *username)
> +int do_gssauth(int sock, char *command, char *service, char *hostname, char
> *username)
>  {
>      gss_buffer_desc request_buf, send_token;
>      gss_buffer_t sec_token;
> @@ -53,7 +53,7 @@
>      int result;
>  
>      /* first things first: get an imap ticket for host */
> -    sprintf(buf1, "imap@%s", hostname);
> +    sprintf(buf1, "%s@%s", service, hostname);
>      request_buf.value = buf1;
>      request_buf.length = strlen(buf1) + 1;
>      maj_stat = gss_import_name(&min_stat, &request_buf,
> GSS_C_NT_HOSTBASED_SERVICE,
> --- fetchmail-6.2.0/imap.c	2003-11-14 14:53:17.000000000 -0500
> +++ fetchmail-6.2.0/imap.c	2003-11-14 14:53:13.000000000 -0500
> @@ -332,7 +332,7 @@
>      if ((ctl->server.authenticate == A_ANY 
>  	 || ctl->server.authenticate == A_GSSAPI)
>  	&& strstr(capabilities, "AUTH=GSSAPI"))
> -	if(ok = do_gssauth(sock, "AUTHENTICATE", ctl->server.truename,
> ctl->remotename))
> +	if(ok = do_gssauth(sock, "AUTHENTICATE", "imap", ctl->server.truename,
> ctl->remotename))
>  	{
>  	    /* SASL cancellation of authentication */
>  	    gen_send(sock, "*");
> --- fetchmail-6.2.0/pop3.c	2003-11-14 15:07:43.000000000 -0500
> +++ fetchmail-6.2.0/pop3.c	2003-11-14 15:09:42.000000000 -0500
> @@ -199,7 +199,12 @@
>  	 * These authentication methods are blessed by RFC1734,
>  	 * describing the POP3 AUTHentication command.
>  	 */
> -	if (ctl->server.authenticate == A_ANY)
> +	if ((ctl->use_ssl != FLAG_FALSE) ||
> +	    (ctl->server.authenticate == A_ANY) ||
> +	    (ctl->server.authenticate == A_GSSAPI) ||
> +	    (ctl->server.authenticate == A_KERBEROS_V4) ||
> +	    (ctl->server.authenticate == A_OTP) ||
> +	    (ctl->server.authenticate == A_CRAM_MD5))
>  	{
>  	    ok = gen_transact(sock, "CAPA");
>  	    if (ok == PS_SUCCESS)
> @@ -305,7 +310,7 @@
>  	    (ctl->server.authenticate == A_GSSAPI ||
>  	     ctl->server.authenticate == A_ANY))
>  	{
> -	    ok = do_gssauth(sock,"AUTH",ctl->server.truename,ctl->remotename);
> +	    ok =
> do_gssauth(sock,"AUTH","pop",ctl->server.truename,ctl->remotename);
>  	    if (ok == PS_SUCCESS || ctl->server.authenticate != A_ANY)
>  		break;
>  	}
> 


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux