diff --git a/autofs-5.0.4-add-mount-wait-parameter.patch b/autofs-5.0.4-add-mount-wait-parameter.patch new file mode 100644 index 0000000..b29bf4b --- /dev/null +++ b/autofs-5.0.4-add-mount-wait-parameter.patch @@ -0,0 +1,172 @@ +autofs-5.0.4 - add mount wait parameter + +From: Ian Kent + +Often delays when trying to mount from a server that is not reponding +for some reason are undesirable. To try and prevent these delays we +provide a configuration setting to limit the time that we wait for +our spawned mount(8) process to complete before sending it a SIGTERM +signal. This patch adds a configuration parameter to allow us to +request we limit the time we wait for mount(8) to complete before +send it a TERM signal. +--- + + CHANGELOG | 1 + + daemon/spawn.c | 3 ++- + include/defaults.h | 2 ++ + lib/defaults.c | 13 +++++++++++++ + man/auto.master.5.in | 7 +++++++ + redhat/autofs.sysconfig.in | 9 +++++++++ + samples/autofs.conf.default.in | 9 +++++++++ + 7 files changed, 43 insertions(+), 1 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index 5adcca5..fadb229 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -2,6 +2,7 @@ + ----------------------- + - fix included map read fail handling. + - refactor ldap sasl bind handling. ++- add mount wait timeout parameter. + + 03/09/2009 autofs-5.0.5 + ----------------------- +diff --git a/daemon/spawn.c b/daemon/spawn.c +index e02d926..db356d4 100644 +--- a/daemon/spawn.c ++++ b/daemon/spawn.c +@@ -305,6 +305,7 @@ int spawn_mount(unsigned logopt, ...) + unsigned int options; + unsigned int retries = MTAB_LOCK_RETRIES; + int update_mtab = 1, ret, printed = 0; ++ unsigned int wait = defaults_get_mount_wait(); + char buf[PATH_MAX]; + + /* If we use mount locking we can't validate the location */ +@@ -355,7 +356,7 @@ int spawn_mount(unsigned logopt, ...) + va_end(arg); + + while (retries--) { +- ret = do_spawn(logopt, -1, options, prog, (const char **) argv); ++ ret = do_spawn(logopt, wait, options, prog, (const char **) argv); + if (ret & MTAB_NOTUPDATED) { + struct timespec tm = {3, 0}; + +diff --git a/include/defaults.h b/include/defaults.h +index 9bf16e5..cda2174 100644 +--- a/include/defaults.h ++++ b/include/defaults.h +@@ -24,6 +24,7 @@ + + #define DEFAULT_TIMEOUT 600 + #define DEFAULT_NEGATIVE_TIMEOUT 60 ++#define DEFAULT_MOUNT_WAIT -1 + #define DEFAULT_UMOUNT_WAIT 12 + #define DEFAULT_BROWSE_MODE 1 + #define DEFAULT_LOGGING 0 +@@ -64,6 +65,7 @@ struct ldap_searchdn *defaults_get_searchdns(void); + void defaults_free_searchdns(struct ldap_searchdn *); + unsigned int defaults_get_mount_nfs_default_proto(void); + unsigned int defaults_get_append_options(void); ++unsigned int defaults_get_mount_wait(void); + unsigned int defaults_get_umount_wait(void); + const char *defaults_get_auth_conf_file(void); + unsigned int defaults_get_map_hash_table_size(void); +diff --git a/lib/defaults.c b/lib/defaults.c +index 17164bd..2204b18 100644 +--- a/lib/defaults.c ++++ b/lib/defaults.c +@@ -47,6 +47,7 @@ + + #define ENV_MOUNT_NFS_DEFAULT_PROTOCOL "MOUNT_NFS_DEFAULT_PROTOCOL" + #define ENV_APPEND_OPTIONS "APPEND_OPTIONS" ++#define ENV_MOUNT_WAIT "MOUNT_WAIT" + #define ENV_UMOUNT_WAIT "UMOUNT_WAIT" + #define ENV_AUTH_CONF_FILE "AUTH_CONF_FILE" + +@@ -325,6 +326,7 @@ unsigned int defaults_read_config(unsigned int to_syslog) + check_set_config_value(key, ENV_NAME_ENTRY_ATTR, value, to_syslog) || + check_set_config_value(key, ENV_NAME_VALUE_ATTR, value, to_syslog) || + check_set_config_value(key, ENV_APPEND_OPTIONS, value, to_syslog) || ++ check_set_config_value(key, ENV_MOUNT_WAIT, value, to_syslog) || + check_set_config_value(key, ENV_UMOUNT_WAIT, value, to_syslog) || + check_set_config_value(key, ENV_AUTH_CONF_FILE, value, to_syslog) || + check_set_config_value(key, ENV_MAP_HASH_TABLE_SIZE, value, to_syslog) || +@@ -667,6 +669,17 @@ unsigned int defaults_get_append_options(void) + return res; + } + ++unsigned int defaults_get_mount_wait(void) ++{ ++ long wait; ++ ++ wait = get_env_number(ENV_MOUNT_WAIT); ++ if (wait < 0) ++ wait = DEFAULT_MOUNT_WAIT; ++ ++ return (unsigned int) wait; ++} ++ + unsigned int defaults_get_umount_wait(void) + { + long wait; +diff --git a/man/auto.master.5.in b/man/auto.master.5.in +index 71c4402..792035f 100644 +--- a/man/auto.master.5.in ++++ b/man/auto.master.5.in +@@ -174,6 +174,13 @@ Set the default timeout for caching failed key lookups (program default + 60). If the equivalent command line option is given it will override this + setting. + .TP ++.B MOUNT_WAIT ++Set the default time to wait for a response from a spawned mount(8) ++before sending it a SIGTERM. Note that we still need to wait for the ++RPC layer to timeout before the sub-process exits so this isn't ideal ++but it is the best we can do. The default is to wait until mount(8) ++returns without intervention. ++.TP + .B UMOUNT_WAIT + Set the default time to wait for a response from a spawned umount(8) + before sending it a SIGTERM. Note that we still need to wait for the +diff --git a/redhat/autofs.sysconfig.in b/redhat/autofs.sysconfig.in +index 37448ea..c72cd2b 100644 +--- a/redhat/autofs.sysconfig.in ++++ b/redhat/autofs.sysconfig.in +@@ -14,6 +14,15 @@ TIMEOUT=300 + # + #NEGATIVE_TIMEOUT=60 + # ++# MOUNT_WAIT - time to wait for a response from umount(8). ++# Setting this timeout can cause problems when ++# mount would otherwise wait for a server that ++# is temporarily unavailable, such as when it's ++# restarting. The defailt of waiting for mount(8) ++# usually results in a wait of around 3 minutes. ++# ++#MOUNT_WAIT=-1 ++# + # UMOUNT_WAIT - time to wait for a response from umount(8). + # + #UMOUNT_WAIT=12 +diff --git a/samples/autofs.conf.default.in b/samples/autofs.conf.default.in +index 7dee5fd..b87c4d0 100644 +--- a/samples/autofs.conf.default.in ++++ b/samples/autofs.conf.default.in +@@ -14,6 +14,15 @@ TIMEOUT=300 + # + #NEGATIVE_TIMEOUT=60 + # ++# MOUNT_WAIT - time to wait for a response from umount(8). ++# Setting this timeout can cause problems when ++# mount would otherwise wait for a server that ++# is temporarily unavailable, such as when it's ++# restarting. The defailt of waiting for mount(8) ++# usually results in a wait of around 3 minutes. ++# ++#MOUNT_WAIT=-1 ++# + # UMOUNT_WAIT - time to wait for a response from umount(8). + # + #UMOUNT_WAIT=12 diff --git a/autofs-5.0.5-fix-backwards-ifndef-INET6.patch b/autofs-5.0.5-fix-backwards-ifndef-INET6.patch new file mode 100644 index 0000000..bb420cc --- /dev/null +++ b/autofs-5.0.5-fix-backwards-ifndef-INET6.patch @@ -0,0 +1,48 @@ +autofs-5.0.5 - fix backwards #ifndef INET6 + +From: Jeff Moyer + +Fix reversed macro checks for INET6 in get_proximity(). + +Signed-off-by: Jeff Moyer +--- + + CHANGELOG | 1 + + modules/replicated.c | 4 ++-- + 2 files changed, 3 insertions(+), 2 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index b9b1602..7997d1d 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -6,6 +6,7 @@ + - special case cifs escapes. + - fix compile fail with when LDAP is excluded. + - more code analysis corrections (and fix a typo in an init script). ++- fix backwards #ifndef INET6. + + 03/09/2009 autofs-5.0.5 + ----------------------- +diff --git a/modules/replicated.c b/modules/replicated.c +index a66de9f..4cd3eb4 100644 +--- a/modules/replicated.c ++++ b/modules/replicated.c +@@ -231,7 +231,7 @@ static unsigned int get_proximity(struct sockaddr *host_addr) + break; + + case AF_INET6: +-#ifndef INET6 ++#ifdef INET6 + if (host_addr->sa_family == AF_INET) + break; + +@@ -313,7 +313,7 @@ static unsigned int get_proximity(struct sockaddr *host_addr) + break; + + case AF_INET6: +-#ifndef INET6 ++#ifdef INET6 + if (host_addr->sa_family == AF_INET) + break; + diff --git a/autofs-5.0.5-fix-included-map-read-fail-handling.patch b/autofs-5.0.5-fix-included-map-read-fail-handling.patch new file mode 100644 index 0000000..4794ac1 --- /dev/null +++ b/autofs-5.0.5-fix-included-map-read-fail-handling.patch @@ -0,0 +1,44 @@ +autofs-5.0.5 - fix included map read fail handling + +From: Ian Kent + +If an included map read fails an error is returned and subsequent +master map entries are not read. We should report the failure but +we shouldn't stop reading the master map. +--- + + CHANGELOG | 4 ++++ + modules/lookup_file.c | 7 ------- + 2 files changed, 4 insertions(+), 7 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index e734cb3..674a48b 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -1,3 +1,7 @@ ++??/??/20?? autofs-5.0.6 ++----------------------- ++- fix included map read fail handling. ++ + 03/09/2009 autofs-5.0.5 + ----------------------- + - fix dumb libxml2 check +diff --git a/modules/lookup_file.c b/modules/lookup_file.c +index a4ca39d..e43ab2f 100644 +--- a/modules/lookup_file.c ++++ b/modules/lookup_file.c +@@ -438,13 +438,6 @@ int lookup_read_master(struct master *master, time_t age, void *context) + MODPREFIX + "failed to read included master map %s", + master->name); +- if (!master->recurse) { +- master->name = save_name; +- master->depth--; +- master->recurse = 0; +- fclose(f); +- return NSS_STATUS_UNAVAIL; +- } + } + master->depth--; + master->recurse = 0; diff --git a/autofs-5.0.5-fix-libxml2-workaround-configure.patch b/autofs-5.0.5-fix-libxml2-workaround-configure.patch new file mode 100644 index 0000000..6ecc192 --- /dev/null +++ b/autofs-5.0.5-fix-libxml2-workaround-configure.patch @@ -0,0 +1,79 @@ +autofs-5.0.5 - fix libxml2 workaround configure + +From: Ian Kent + +The configure logic related to work around the libxml2 library +reload issues is not quite right. The xml code is needed if +ldap is used so it is sufficient to require inclusion of the +workaround code if autofs is being built with LDAP support. +--- + + CHANGELOG | 1 + + daemon/Makefile | 2 -- + daemon/automount.c | 8 +++++--- + 3 files changed, 6 insertions(+), 5 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index 671c979..23351c8 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -4,6 +4,7 @@ + - refactor ldap sasl bind handling. + - add mount wait timeout parameter. + - special case cifs escapes. ++- fix compile fail with when LDAP is excluded. + + 03/09/2009 autofs-5.0.5 + ----------------------- +diff --git a/daemon/Makefile b/daemon/Makefile +index 371ec72..9e9d635 100644 +--- a/daemon/Makefile ++++ b/daemon/Makefile +@@ -23,10 +23,8 @@ LDFLAGS += -rdynamic + LIBS = -ldl + + ifeq ($(LDAP), 1) +- ifeq ($(SASL), 1) + CFLAGS += $(XML_FLAGS) + LIBS += $(XML_LIBS) +- endif + endif + + all: automount +diff --git a/daemon/automount.c b/daemon/automount.c +index 979ecd6..7c44d4b 100644 +--- a/daemon/automount.c ++++ b/daemon/automount.c +@@ -38,10 +38,12 @@ + #include + + #include "automount.h" +-#ifdef LIBXML2_WORKAROUND ++#if defined(LIBXML2_WORKAROUND) || defined(TIRPC_WORKAROUND) + #include ++#ifdef WITH_LDAP + #include + #endif ++#endif + + const char *program; /* Initialized with argv[0] */ + const char *version = VERSION_STRING; /* Program version */ +@@ -2110,7 +2112,7 @@ int main(int argc, char *argv[]) + exit(1); + } + +-#ifdef LIBXML2_WORKAROUND ++#if defined(WITH_LDAP) && defined(LIBXML2_WORKAROUND) + void *dh_xml2 = dlopen("libxml2.so", RTLD_NOW); + if (!dh_xml2) + dh_xml2 = dlopen("libxml2.so.2", RTLD_NOW); +@@ -2158,7 +2160,7 @@ int main(int argc, char *argv[]) + if (dh_tirpc) + dlclose(dh_tirpc); + #endif +-#ifdef LIBXML2_WORKAROUND ++#if defined(WITH_LDAP) && defined( LIBXML2_WORKAROUND) + if (dh_xml2) { + xmlCleanupParser(); + dlclose(dh_xml2); diff --git a/autofs-5.0.5-more-code-analysis-corrections.patch b/autofs-5.0.5-more-code-analysis-corrections.patch new file mode 100644 index 0000000..87c6855 --- /dev/null +++ b/autofs-5.0.5-more-code-analysis-corrections.patch @@ -0,0 +1,241 @@ +autofs-5.0.5 - more code analysis corrections (and fix a typo in an init script) + +From: Jeff Moyer + +- fix an obvious type in Redhat init script. +- don't call ldap_msgfree when result pointer is null. +- check return of ldap_parse_result as pointers will be invalid on fail. +- get rid of a bogus assignment in defaults_free_searchdns. +- get rid of unused optlen variable in parse_sun.c. +- check return status of stat(2) in do_mount_direct(). +- get rid of unused name variable in master_add_map_source(). +- check return from ops->askumount() in expire_cleanup(). +- in mount_autofs.c:mount_mount(), don't increment val since we never + look at it again. +- in autofs_sasl_dispose() ctxt must always be valid or we would have + a much bigger problem. +- in st_start_handler() and alarm_start_handler() it is possible for + pthread_attr_destroy() to be called with a NULL pointer. +- we could end up with a non-null result pointer after a failed call to + ldap_search_s(), well maybe, so check for it anyway. + +Signed-off-by: Jeff Moyer +--- + + CHANGELOG | 1 + + daemon/direct.c | 2 +- + daemon/state.c | 5 +++-- + lib/alarm.c | 3 ++- + lib/defaults.c | 1 - + lib/master.c | 6 +----- + modules/cyrus-sasl.c | 2 +- + modules/lookup_ldap.c | 13 +++++++++++-- + modules/mount_autofs.c | 2 +- + modules/parse_sun.c | 3 +-- + redhat/autofs.init.in | 2 +- + 11 files changed, 23 insertions(+), 17 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index 23351c8..b9b1602 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -5,6 +5,7 @@ + - add mount wait timeout parameter. + - special case cifs escapes. + - fix compile fail with when LDAP is excluded. ++- more code analysis corrections (and fix a typo in an init script). + + 03/09/2009 autofs-5.0.5 + ----------------------- +diff --git a/daemon/direct.c b/daemon/direct.c +index 0c78627..9b4e57b 100644 +--- a/daemon/direct.c ++++ b/daemon/direct.c +@@ -1245,7 +1245,7 @@ static void *do_mount_direct(void *arg) + } + + status = stat(mt.name, &st); +- if (!S_ISDIR(st.st_mode) || st.st_dev != mt.dev) { ++ if (status != 0 || !S_ISDIR(st.st_mode) || st.st_dev != mt.dev) { + error(ap->logopt, + "direct trigger not valid or already mounted %s", + mt.name); +diff --git a/daemon/state.c b/daemon/state.c +index 71af46a..27bc6de 100644 +--- a/daemon/state.c ++++ b/daemon/state.c +@@ -160,7 +160,7 @@ void expire_cleanup(void *arg) + * been signaled to shutdown. + */ + rv = ops->askumount(ap->logopt, ap->ioctlfd, &idle); +- if (!idle && !ap->shutdown) { ++ if (!rv && !idle && !ap->shutdown) { + next = ST_READY; + if (!ap->submount) + alarm_add(ap, ap->exp_runfreq); +@@ -1198,7 +1198,8 @@ int st_start_handler(void) + + status = pthread_create(&thid, pattrs, st_queue_handler, NULL); + +- pthread_attr_destroy(pattrs); ++ if (pattrs) ++ pthread_attr_destroy(pattrs); + + return !status; + } +diff --git a/lib/alarm.c b/lib/alarm.c +index 46df38a..f403d8f 100755 +--- a/lib/alarm.c ++++ b/lib/alarm.c +@@ -239,7 +239,8 @@ int alarm_start_handler(void) + + status = pthread_create(&thid, pattrs, alarm_handler, NULL); + +- pthread_attr_destroy(pattrs); ++ if (pattrs) ++ pthread_attr_destroy(pattrs); + + return !status; + } +diff --git a/lib/defaults.c b/lib/defaults.c +index 2204b18..cb8354d 100644 +--- a/lib/defaults.c ++++ b/lib/defaults.c +@@ -534,7 +534,6 @@ void defaults_free_searchdns(struct ldap_searchdn *sdn) + struct ldap_searchdn *this = sdn; + struct ldap_searchdn *next; + +- next = this; + while (this) { + next = this->next; + free(this->basedn); +diff --git a/lib/master.c b/lib/master.c +index e43f835..8455f40 100644 +--- a/lib/master.c ++++ b/lib/master.c +@@ -152,7 +152,7 @@ master_add_map_source(struct master_mapent *entry, + { + struct map_source *source; + char *ntype, *nformat; +- const char **tmpargv, *name = NULL; ++ const char **tmpargv; + + source = malloc(sizeof(struct map_source)); + if (!source) +@@ -188,10 +188,6 @@ master_add_map_source(struct master_mapent *entry, + source->argc = argc; + source->argv = tmpargv; + +- /* Can be NULL for "hosts" map */ +- if (argv) +- name = argv[0]; +- + master_source_writelock(entry); + + if (!entry->maps) +diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c +index 828143e..92e2226 100644 +--- a/modules/cyrus-sasl.c ++++ b/modules/cyrus-sasl.c +@@ -911,7 +911,7 @@ void autofs_sasl_dispose(struct lookup_context *ctxt) + { + int status, ret; + +- if (ctxt && ctxt->sasl_conn) { ++ if (ctxt->sasl_conn) { + sasl_dispose(&ctxt->sasl_conn); + ctxt->sasl_conn = NULL; + } +diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c +index f1fb9ce..d8bd169 100644 +--- a/modules/lookup_ldap.c ++++ b/modules/lookup_ldap.c +@@ -389,13 +389,16 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt + error(logopt, + MODPREFIX "query failed for search dn %s: %s", + this->basedn, ldap_err2string(rv)); ++ if (result) { ++ ldap_msgfree(result); ++ result = NULL; ++ } + } + + this = this->next; + } + + if (!result) { +- ldap_msgfree(result); + error(logopt, + MODPREFIX "failed to find query dn under search base dns"); + free(query); +@@ -1954,6 +1957,12 @@ do_paged: + sp->cookie = NULL; + } + ++ if (rv != LDAP_SUCCESS) { ++ debug(ap->logopt, ++ MODPREFIX "ldap_parse_result failed with %d", rv); ++ goto out_free; ++ } ++ + /* + * Parse the page control returned to get the cookie and + * determine whether there are more pages. +@@ -1970,8 +1979,8 @@ do_paged: + if (returnedControls) + ldap_controls_free(returnedControls); + ++out_free: + ldap_control_free(pageControl); +- + return rv; + } + +diff --git a/modules/mount_autofs.c b/modules/mount_autofs.c +index afb1859..2a5d860 100644 +--- a/modules/mount_autofs.c ++++ b/modules/mount_autofs.c +@@ -119,7 +119,7 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, + else if (strncmp(cp, "timeout=", 8) == 0) { + char *val = strchr(cp, '='); + unsigned tout; +- if (val++) { ++ if (val) { + int ret = sscanf(cp, "timeout=%u", &tout); + if (ret) + timeout = tout; +diff --git a/modules/parse_sun.c b/modules/parse_sun.c +index db36ae2..921daf4 100644 +--- a/modules/parse_sun.c ++++ b/modules/parse_sun.c +@@ -1334,7 +1334,7 @@ int parse_mount(struct autofs_point *ap, const char *name, + char *pmapent, *options; + const char *p; + int mapent_len, rv = 0; +- int optlen, cur_state; ++ int cur_state; + int slashify = ctxt->slashify_colons; + unsigned int append_options; + +@@ -1389,7 +1389,6 @@ int parse_mount(struct autofs_point *ap, const char *name, + logerr(MODPREFIX "strdup: %s", estr); + return 1; + } +- optlen = strlen(options); + + p = skipspace(pmapent); + +diff --git a/redhat/autofs.init.in b/redhat/autofs.init.in +index fded1d8..806302b 100644 +--- a/redhat/autofs.init.in ++++ b/redhat/autofs.init.in +@@ -172,7 +172,7 @@ case "$1" in + fi + ;; + *) +- echo $"Usage: $0 {start|forcestart|stop|status|restart|orcerestart|reload|condrestart}" ++ echo $"Usage: $0 {start|forcestart|stop|status|restart|forcerestart|reload|condrestart}" + exit 1; + ;; + esac diff --git a/autofs-5.0.5-refactor-ldap-sasl-bind.patch b/autofs-5.0.5-refactor-ldap-sasl-bind.patch new file mode 100644 index 0000000..c830ec2 --- /dev/null +++ b/autofs-5.0.5-refactor-ldap-sasl-bind.patch @@ -0,0 +1,223 @@ +autofs-5.0.5 - refactor ldap sasl bind + +From: Ian Kent + +During the sasl authentication (and possible authentication method +selection) we establish a connection and then dispose of it and then +authenticate again. This is a little inefficient but some servers +don't like a second authentication using the same LDAP handle and +authentication fails when it should succeed. We should use the +authentication connection once we get it and not perform another +later. + +Also fixed with this patch. If a server returns a set of +authentication mechanisms that all require authentication, then the +connection pointer is returned to the caller uninitialized (reported +and fix provided by Jeff Moyer). +--- + + CHANGELOG | 1 + + modules/cyrus-sasl.c | 55 ++++++++++++++++++--------------------------- + modules/lookup_ldap.c | 60 ------------------------------------------------- + 3 files changed, 23 insertions(+), 93 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index 674a48b..5adcca5 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -1,6 +1,7 @@ + ??/??/20?? autofs-5.0.6 + ----------------------- + - fix included map read fail handling. ++- refactor ldap sasl bind handling. + + 03/09/2009 autofs-5.0.5 + ----------------------- +diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c +index 04001d0..828143e 100644 +--- a/modules/cyrus-sasl.c ++++ b/modules/cyrus-sasl.c +@@ -87,8 +87,8 @@ static sasl_callback_t callbacks[] = { + { SASL_CB_LIST_END, NULL, NULL }, + }; + +-static char *sasl_auth_id, *sasl_auth_secret; +-sasl_secret_t *sasl_secret; ++static char *sasl_auth_id = NULL; ++static char *sasl_auth_secret = NULL; + + static int + sasl_log_func(void *context, int level, const char *message) +@@ -798,7 +798,7 @@ sasl_bind_mech(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt, const c + sasl_conn_t * + sasl_choose_mech(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt) + { +- sasl_conn_t *conn; ++ sasl_conn_t *conn = NULL; + int authenticated; + int i; + char **mechanisms; +@@ -845,22 +845,6 @@ sasl_choose_mech(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt) + return conn; + } + +-int +-autofs_sasl_bind(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt) +-{ +- sasl_conn_t *conn; +- +- if (!ctxt->sasl_mech) +- return -1; +- +- conn = sasl_bind_mech(logopt, ldap, ctxt, ctxt->sasl_mech); +- if (!conn) +- return -1; +- +- ctxt->sasl_conn = conn; +- return 0; +-} +- + /* + * Routine called when unbinding an ldap connection. + */ +@@ -883,35 +867,40 @@ autofs_sasl_unbind(struct lookup_context *ctxt) + * -1 - Failure + */ + int +-autofs_sasl_init(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt) ++autofs_sasl_bind(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt) + { +- sasl_conn_t *conn; ++ sasl_conn_t *conn = NULL; ++ ++ /* If we already have a connection use it */ ++ if (ctxt->sasl_conn) ++ return 0; + + sasl_auth_id = ctxt->user; + sasl_auth_secret = ctxt->secret; + ++ if (ctxt->auth_required & LDAP_AUTH_AUTODETECT) { ++ if (ctxt->sasl_mech) { ++ free(ctxt->sasl_mech); ++ ctxt->sasl_mech = NULL; ++ } ++ } ++ + /* + * If LDAP_AUTH_AUTODETECT is set, it means that there was no + * mechanism specified in the configuration file or auto + * selection has been requested, so try to auto-select an + * auth mechanism. + */ +- if (!(ctxt->auth_required & LDAP_AUTH_AUTODETECT)) ++ if (ctxt->sasl_mech) + conn = sasl_bind_mech(logopt, ldap, ctxt, ctxt->sasl_mech); +- else { +- if (ctxt->sasl_mech) { +- free(ctxt->sasl_mech); +- ctxt->sasl_mech = NULL; +- } ++ else + conn = sasl_choose_mech(logopt, ldap, ctxt); +- } + +- if (conn) { +- sasl_dispose(&conn); +- return 0; +- } ++ if (!conn) ++ return -1; + +- return -1; ++ ctxt->sasl_conn = conn; ++ return 0; + } + + /* +diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c +index 2ecf5fe..f1fb9ce 100644 +--- a/modules/lookup_ldap.c ++++ b/modules/lookup_ldap.c +@@ -59,7 +59,6 @@ struct ldap_search_params { + time_t age; + }; + +-static LDAP *auth_init(unsigned logopt, const char *, struct lookup_context *); + static int decode_percent_hack(const char *, char **); + + #ifndef HAVE_LDAP_CREATE_PAGE_CONTROL +@@ -600,33 +599,6 @@ static LDAP *connect_to_server(unsigned logopt, const char *uri, struct lookup_c + { + LDAP *ldap; + +-#ifdef WITH_SASL +- /* +- * Determine which authentication mechanism to use if we require +- * authentication. +- */ +- if (ctxt->auth_required & (LDAP_AUTH_REQUIRED|LDAP_AUTH_AUTODETECT)) { +- ldap = auth_init(logopt, uri, ctxt); +- if (!ldap && ctxt->auth_required & LDAP_AUTH_AUTODETECT) +- info(logopt, +- "no authentication mechanisms auto detected."); +- if (!ldap) { +- error(logopt, MODPREFIX +- "cannot initialize authentication setup"); +- return NULL; +- } +- +- if (!do_bind(logopt, ldap, uri, ctxt)) { +- unbind_ldap_connection(logopt, ldap, ctxt); +- autofs_sasl_dispose(ctxt); +- error(logopt, MODPREFIX "cannot bind to server"); +- return NULL; +- } +- +- return ldap; +- } +-#endif +- + ldap = do_connect(logopt, uri, ctxt); + if (!ldap) { + warn(logopt, +@@ -1074,38 +1046,6 @@ out: + + return ret; + } +- +-/* +- * Reads in the xml configuration file and parses out the relevant +- * information. If there is no configuration file, then we fall back to +- * trying all supported authentication mechanisms until one works. +- * +- * Returns ldap connection on success, with authtype, user and secret +- * filled in as appropriate. Returns NULL on failre. +- */ +-static LDAP *auth_init(unsigned logopt, const char *uri, struct lookup_context *ctxt) +-{ +- int ret; +- LDAP *ldap; +- +- ldap = init_ldap_connection(logopt, uri, ctxt); +- if (!ldap) +- return NULL; +- +- /* +- * Initialize the sasl library. It is okay if user and secret +- * are NULL, here. +- * +- * The autofs_sasl_init routine will figure out which mechamism +- * to use. If kerberos is used, it will also take care to initialize +- * the credential cache and the client and service principals. +- */ +- ret = autofs_sasl_init(logopt, ldap, ctxt); +- if (ret) +- return NULL; +- +- return ldap; +-} + #endif + + /* diff --git a/autofs-5.0.5-special-case-cifs-escapes.patch b/autofs-5.0.5-special-case-cifs-escapes.patch new file mode 100644 index 0000000..2cac62c --- /dev/null +++ b/autofs-5.0.5-special-case-cifs-escapes.patch @@ -0,0 +1,99 @@ +autofs-5.0.5 - special case cifs escapes + +From: Ian Kent + +Since "\" is a valid seperator for cifs shares it can't be used to escape +characters in the share name passed to mount.cifs. So we have no choice +but to require that the seperator we use is "/" and de-quote the string +before sending it to mount.cifs. +--- + + CHANGELOG | 1 + + modules/mount_generic.c | 36 ++++++++++++++++++++++++++++++------ + 2 files changed, 31 insertions(+), 6 deletions(-) + + +diff --git a/CHANGELOG b/CHANGELOG +index fadb229..671c979 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -3,6 +3,7 @@ + - fix included map read fail handling. + - refactor ldap sasl bind handling. + - add mount wait timeout parameter. ++- special case cifs escapes. + + 03/09/2009 autofs-5.0.5 + ----------------------- +diff --git a/modules/mount_generic.c b/modules/mount_generic.c +index 8edad8b..da85d1a 100644 +--- a/modules/mount_generic.c ++++ b/modules/mount_generic.c +@@ -39,6 +39,7 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int + { + char fullpath[PATH_MAX]; + char buf[MAX_ERR_BUF]; ++ char *loc; + int err; + int len, status, existed = 1; + +@@ -74,22 +75,44 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int + if (!status) + existed = 0; + ++ /* ++ * Special case quoting for cifs share names. ++ * ++ * Since "\" is a valid seperator for cifs shares it can't be ++ * used to escape characters in the share name passed to ++ * mount.cifs. So we have no choice but to require that the ++ * seperator we use is "/" and de-quote the string before ++ * sending it to mount.cifs. ++ */ ++ loc = NULL; ++ if (strcmp(fstype, "cifs")) ++ loc = strdup(what); ++ else ++ loc = dequote(what, strlen(what), ap->logopt); ++ if (!loc) { ++ error(ap->logopt, ++ MODPREFIX "failed to alloc buffer for mount location"); ++ return 1; ++ } ++ + if (options && options[0]) { + debug(ap->logopt, + MODPREFIX "calling mount -t %s " SLOPPY "-o %s %s %s", +- fstype, options, what, fullpath); ++ fstype, options, loc, fullpath); + + err = spawn_mount(ap->logopt, "-t", fstype, +- SLOPPYOPT "-o", options, what, fullpath, NULL); ++ SLOPPYOPT "-o", options, loc, fullpath, NULL); + } else { + debug(ap->logopt, MODPREFIX "calling mount -t %s %s %s", +- fstype, what, fullpath); +- err = spawn_mount(ap->logopt, "-t", fstype, what, fullpath, NULL); ++ fstype, loc, fullpath); ++ err = spawn_mount(ap->logopt, "-t", fstype, loc, fullpath, NULL); + } + + if (err) { + info(ap->logopt, MODPREFIX "failed to mount %s (type %s) on %s", +- what, fstype, fullpath); ++ loc, fstype, fullpath); ++ ++ free(loc); + + if (ap->type != LKP_INDIRECT) + return 1; +@@ -100,7 +123,8 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int + return 1; + } else { + info(ap->logopt, MODPREFIX "mounted %s type %s on %s", +- what, fstype, fullpath); ++ loc, fstype, fullpath); ++ free(loc); + return 0; + } + } diff --git a/autofs.spec b/autofs.spec index 6a57a94..dc7b713 100644 --- a/autofs.spec +++ b/autofs.spec @@ -4,12 +4,19 @@ Summary: A tool for automatically mounting and unmounting filesystems Name: autofs Version: 5.0.5 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 License: GPLv2+ Group: System Environment/Daemons URL: http://wiki.autofs.net/ Source: ftp://ftp.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}.tar.bz2 +Patch1: autofs-5.0.5-fix-included-map-read-fail-handling.patch +Patch2: autofs-5.0.5-refactor-ldap-sasl-bind.patch +Patch3: autofs-5.0.4-add-mount-wait-parameter.patch +Patch4: autofs-5.0.5-special-case-cifs-escapes.patch +Patch5: autofs-5.0.5-fix-libxml2-workaround-configure.patch +Patch6: autofs-5.0.5-more-code-analysis-corrections.patch +Patch7: autofs-5.0.5-fix-backwards-ifndef-INET6.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf, hesiod-devel, openldap-devel, bison, flex, libxml2-devel, cyrus-sasl-devel, openssl-devel module-init-tools util-linux nfs-utils e2fsprogs libtirpc-devel Requires: kernel >= 2.6.17 @@ -51,6 +58,13 @@ inkludera nÀtfilsystem, CD-ROM, floppydiskar, och sÄ vidare. %prep %setup -q echo %{version}-%{release} > .version +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 %build #CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%{_libdir} @@ -103,6 +117,17 @@ fi %{_libdir}/autofs/ %changelog +* Tue Oct 6 2009 Ian Kent - 1:5.0.5-2 +- fix included map read fail handling. +- refactor ldap sasl authentication bind to eliminate extra connect + causing some servers to reject the request. +- add mount wait parameter to allow timeout of mount requests to + unresponsive servers. +- special case cifs escape handling. +- fix libxml2 workaround configure. +- more code analysis corrections (and fix a typo in an init script). +- fix backwards #ifndef INET6. + * Fri Sep 4 2009 Ian Kent - 1:5.0.5-1 - update source to latest upstream version. - this is essentially a consolidation of the patches already in this rpm.