Subject: pkg/12875: Emacs krb5 support
To: None <gnats-bugs@gnats.netbsd.org>
From: None <nocturne@arepa.com>
List: netbsd-bugs
Date: 05/08/2001 17:13:26
>Number: 12875
>Category: pkg
>Synopsis: Patch to add krb5 support to emacs-movemail
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue May 08 14:13:03 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Eric Mumpower
>Release: Stock 1.5 system, 2001-05-07 pkgsrc
>Organization:
Arepa
>Environment:
System: NetBSD floyd.arepa.com 1.5 NetBSD 1.5 (FLOYD) #1: Tue May 1 13:06:56 EDT 2001 root@floyd.arepa.com:/usr/src/sys/arch/i386/compile/FLOYD i386
>Description:
Emacs's movemail has mostly-functional code which supports krb5-pop.
NetBSD ships with Krb5. Why not allow users to build emacs-movemail
with krb5-pop support?
I enclose (to show the scope of the needed changes) a rough patch
which, if applied, patches Emacs's movemail code to work with Heimdal
and then enables the support.
I am aware that probably the optimal way to integrate this into the
pkgsrc Makefile is to conditionalize on several mk.conf variables,
which control (among other things) whether k5pop is enabled, the port
number used for kpop, the krb5 service name, and perhaps even the
default MAILHOST.
However, I'm not sufficiently familiar with the design ideals of the
NetBSD pkgsrc build system, to properly extend adequate tendrils of
configuration-control into the emacs source tree, at least not on my
first implementation.
I could handle this in short order simply by adding this as
configure.in features and tweaking the source, Makefile.in, and pkgsrc
Makefile, to allow the user to enable/configure/disable these
features. But these are broadly-scoped changes, and for some reason I
have the gut feeling that this approach would be less desirable to the
NetBSD pkgsrc maintainers. And yet, the more I consider this, the more
I think that perhaps this is the right way to do this.
Please advise?
>How-To-Repeat:
>Fix:
*** src/config.in-prekrb Tue May 8 11:17:27 2001
--- src/config.in Tue May 8 12:28:15 2001
***************
*** 109,119 ****
#undef MAIL_USE_POP
/* Define to support Kerberos-authenticated POP mail retrieval. */
! #undef KERBEROS
/* Define to use Kerberos 5 instead of Kerberos 4 */
! #undef KERBEROS5
/* Define to support GSS-API in addition to (or instead of) Kerberos */
! #undef GSSAPI
/* Define to support using a Hesiod database to find the POP server. */
#undef HESIOD
--- 109,119 ----
#undef MAIL_USE_POP
/* Define to support Kerberos-authenticated POP mail retrieval. */
! #define KERBEROS 1
/* Define to use Kerberos 5 instead of Kerberos 4 */
! #define KERBEROS5 1
/* Define to support GSS-API in addition to (or instead of) Kerberos */
! #define GSSAPI 1
/* Define to support using a Hesiod database to find the POP server. */
#undef HESIOD
***************
*** 150,172 ****
#undef HAVE_LIBKRB4
#undef HAVE_LIBDES
#undef HAVE_LIBDES425
! #undef HAVE_LIBKRB5
! #undef HAVE_LIBCRYPTO
! #undef HAVE_LIBCOM_ERR
/* header files */
! #undef HAVE_KRB5_H
#undef HAVE_DES_H
#undef HAVE_KRB_H
#undef HAVE_KERBEROSIV_DES_H
#undef HAVE_KERBEROSIV_KRB_H
#undef HAVE_KERBEROS_DES_H
#undef HAVE_KERBEROS_KRB_H
! #undef HAVE_COM_ERR_H
/* GSS-API libraries and headers */
! #undef HAVE_LIBGSSAPI_KRB5
! #undef HAVE_LIBGSSAPI
! #undef HAVE_GSSAPI_H
/* Mail-file locking */
#undef HAVE_LIBMAIL
--- 150,172 ----
#undef HAVE_LIBKRB4
#undef HAVE_LIBDES
#undef HAVE_LIBDES425
! #define HAVE_LIBKRB5 1
! #define HAVE_LIBCRYPTO 1
! #define HAVE_LIBCOM_ERR 1
/* header files */
! #define HAVE_KRB5_H 1
#undef HAVE_DES_H
#undef HAVE_KRB_H
#undef HAVE_KERBEROSIV_DES_H
#undef HAVE_KERBEROSIV_KRB_H
#undef HAVE_KERBEROS_DES_H
#undef HAVE_KERBEROS_KRB_H
! #define HAVE_COM_ERR_H 1
/* GSS-API libraries and headers */
! #define HAVE_LIBGSSAPI_KRB5
! #define HAVE_LIBGSSAPI
! #define HAVE_GSSAPI_H
/* Mail-file locking */
#undef HAVE_LIBMAIL
*** lib-src/Makefile.in-prekrb Tue May 8 11:19:25 2001
--- lib-src/Makefile.in Tue May 8 12:27:03 2001
***************
*** 125,131 ****
# HESIOD Support Hesiod lookups of user mailboxes.
# MAILHOST A string, the host name of the default POP
# mail host for the site.
! MOVE_FLAGS=
# ========================== start of cpp stuff =======================
/* From here on, comments must be done in C syntax. */
--- 125,131 ----
# HESIOD Support Hesiod lookups of user mailboxes.
# MAILHOST A string, the host name of the default POP
# mail host for the site.
! MOVE_FLAGS=-I/usr/include/krb5
# ========================== start of cpp stuff =======================
/* From here on, comments must be done in C syntax. */
***************
*** 185,211 ****
#ifdef KERBEROS
# ifdef HAVE_LIBKRB
! KRB4LIB = -lkrb
# else
# ifdef HAVE_LIBKRB4
! KRB4LIB = -lkrb4
# endif
# endif
# ifdef HAVE_LIBDES
! DESLIB = -ldes
# else
# ifdef HAVE_LIBDES425
! DESLIB = -ldes425
# endif
# endif
# ifdef HAVE_LIBKRB5
! KRB5LIB = -lkrb5
# endif
# ifdef HAVE_LIBCRYPTO
! CRYPTOLIB = -lcrypto
# endif
# ifdef HAVE_LIBCOM_ERR
! COM_ERRLIB = -lcom_err
# endif
#endif /* KERBEROS */
--- 185,211 ----
#ifdef KERBEROS
# ifdef HAVE_LIBKRB
! KRB4LIB = -lkrb
# else
# ifdef HAVE_LIBKRB4
! KRB4LIB = -lkrb4
# endif
# endif
# ifdef HAVE_LIBDES
! DESLIB = -ldes
# else
# ifdef HAVE_LIBDES425
! DESLIB = -ldes425
# endif
# endif
# ifdef HAVE_LIBKRB5
! KRB5LIB = -lkrb5
# endif
# ifdef HAVE_LIBCRYPTO
! CRYPTOLIB = -lcrypto -lasn1 -lroken
# endif
# ifdef HAVE_LIBCOM_ERR
! COM_ERRLIB = -lcom_err
# endif
#endif /* KERBEROS */
*** lib-src/pop.c-prekrb Tue May 8 11:30:42 2001
--- lib-src/pop.c Tue May 8 15:39:52 2001
***************
*** 149,155 ****
static void pop_trash _P((popserver));
static char *find_crlf _P((char *, int));
! #define ERROR_MAX 80 /* a pretty arbitrary size */
#define POP_PORT 110
#define KPOP_PORT 1109
#ifdef WINDOWSNT
--- 149,155 ----
static void pop_trash _P((popserver));
static char *find_crlf _P((char *, int));
! #define ERROR_MAX 160 /* a pretty arbitrary size */
#define POP_PORT 110
#define KPOP_PORT 1109
#ifdef WINDOWSNT
***************
*** 158,163 ****
--- 158,168 ----
#define POP_SERVICE "pop"
#endif
#ifdef KERBEROS
+ /*
+ * You may need to change this value to whatever service type you use for
+ * your kpopper, e.g. "host/whatever.your.domain" or
+ * "pop/whatever.your.domain"
+ */
#define KPOP_SERVICE "kpop"
#endif
***************
*** 1045,1051 ****
krb5_auth_context auth_context = 0;
krb5_ccache ccdef;
krb5_principal client, server;
! krb5_error *err_ret;
register char *cp;
#else
KTEXT ticket;
--- 1050,1057 ----
krb5_auth_context auth_context = 0;
krb5_ccache ccdef;
krb5_principal client, server;
! /* If we don't set err_ret to NULL, Heimdal might not do it for us. */
! krb5_error *err_ret = NULL;
register char *cp;
#else
KTEXT ticket;
***************
*** 1159,1169 ****
krb5error:
if (auth_context)
krb5_auth_con_free (kcontext, auth_context);
- if (kcontext)
- krb5_free_context (kcontext);
strcpy (pop_error, KRB_ERROR);
! strncat (pop_error, error_message (rem),
ERROR_MAX - sizeof(KRB_ERROR));
CLOSESOCKET (sock);
return (-1);
}
--- 1165,1175 ----
krb5error:
if (auth_context)
krb5_auth_con_free (kcontext, auth_context);
strcpy (pop_error, KRB_ERROR);
! strncat (pop_error, krb5_get_err_text (kcontext, rem),
ERROR_MAX - sizeof(KRB_ERROR));
+ if (kcontext)
+ krb5_free_context (kcontext);
CLOSESOCKET (sock);
return (-1);
}
***************
*** 1201,1223 ****
krb5_free_principal (kcontext, server);
if (rem)
{
! if (err_ret && err_ret->text.length)
{
strcpy (pop_error, KRB_ERROR);
! strncat (pop_error, error_message (rem),
ERROR_MAX - sizeof (KRB_ERROR));
strncat (pop_error, " [server says '",
ERROR_MAX - strlen (pop_error) - 1);
! strncat (pop_error, err_ret->text.data,
! min (ERROR_MAX - strlen (pop_error) - 1,
! err_ret->text.length));
strncat (pop_error, "']",
ERROR_MAX - strlen (pop_error) - 1);
}
else
{
strcpy (pop_error, KRB_ERROR);
! strncat (pop_error, error_message (rem),
ERROR_MAX - sizeof (KRB_ERROR));
}
if (err_ret)
--- 1207,1228 ----
krb5_free_principal (kcontext, server);
if (rem)
{
! if (err_ret && err_ret->e_text)
{
strcpy (pop_error, KRB_ERROR);
! strncat (pop_error, krb5_get_err_text (kcontext, rem),
ERROR_MAX - sizeof (KRB_ERROR));
strncat (pop_error, " [server says '",
ERROR_MAX - strlen (pop_error) - 1);
! strncat (pop_error, *err_ret->e_text,
! ERROR_MAX - strlen (pop_error) - 1);
strncat (pop_error, "']",
ERROR_MAX - strlen (pop_error) - 1);
}
else
{
strcpy (pop_error, KRB_ERROR);
! strncat (pop_error, krb5_get_err_text (kcontext, rem),
ERROR_MAX - sizeof (KRB_ERROR));
}
if (err_ret)
>Release-Note:
>Audit-Trail:
>Unformatted: