Ticket #198 (closed defect: fixed)

Opened 13 years ago

Last modified 13 years ago

debathena-moira FTBFS on Squeeze

Reported by: broder Owned by: broder
Priority: blocker Milestone:
Component: -- Keywords: proposed
Cc: Fixed in version:
Upstream bug:

Description

Squeeze doesn't have krb4, and Moira really wants krb4.

See #195 for some of the initial discussion, but this is substantial enough that it warrants a new ticket.

Unfortunately, while Sam left the krb4 runtime in libkrb53 for temporary compatibility, he punted the development files, which means that our only option is to get Moira to build in a krb4-less world.

The following files include <krb.h>, and therefore won't build because of that. A lot of them use the ANAME_SZ, INST_SZ, and REALM_SZ. Some of them actually use krb4 library calls. Fixing these files will ripple out into others.

./update/client.c
./update/auth_002.c
./update/ticket.c
./update/auth_003.c
./include/update.h
./clients/lib/utils.c
./clients/lib/member.c
./clients/moira/user.c
./clients/moira/namespace.c
./clients/mailmaint/mailmaint.c
./lib/mr_auth.c
./lib/kname_unparse.c

Attachments

build-without-krb4 Download (1.0 KB) - added by broder 13 years ago.
build-without-krb4.2 Download (7.5 KB) - added by broder 13 years ago.
build-without-krb4.3 Download (9.0 KB) - added by broder 13 years ago.
build-without-krb4.4 Download (21.6 KB) - added by broder 13 years ago.
build-without-krb4.5 Download (21.9 KB) - added by broder 13 years ago.

Change History

Changed 13 years ago by broder

Changed 13 years ago by broder

comment:1 Changed 13 years ago by broder

Ok - I've done some more work on this. I haven't tried building with by patch yet, so who knows it if it works, but if it does, here are the files that still need to be patched:

./update/auth_003.c
./clients/moira/user.c
./clients/moira/namespace.c
./clients/mailmaint/mailmaint.c
./lib/mr_auth.c
./lib/kname_unparse.c

I added a new error code, MR_NO_KRB4, and I'm changing any functions that are actually krb4 auth-type functions to return that when krb4 isn't available.

Changed 13 years ago by broder

comment:2 Changed 13 years ago by broder

I seem to have missed some files that need patching due to only looking for <krb.h> and not <des.h>.

Here is the current list of files that I know still need to be patched:

./update/auth_003.c
./clients/moira/user.c
./clients/mailmaint/mailmaint.c
./lib/kname_unparse.c
./update/update_server.c
./update/smskey.c
./update/get_file.c
./update/send_file.c

Unfortunately, it looks like the update_server can only encrypt file transfers using DES. Since I neither want to change the server code nor learn how krb5 encryption works, I'm planning to just disable encrypted file transfers when built with --without-krb4

Changed 13 years ago by broder

comment:3 follow-up: ↓ 4 Changed 13 years ago by broder

Ok - attachment:ticket:198:build-without-krb4.4 Download should allow you to build without any krb4 at all by passing --without-krb4.

To work around the dependence on kname_parse, I added a new function to libmoira: mr_kname_parse, defined in lib/kname_parse.c for parity with kname_unparse. I also created a new header - include/mr_krb.h. Any file that needs kname_parse (which I think is actually just update/auth_003.c) includes <mr_krb.h> instead of <krb.h> when it's being built without krb4. mr_krb.h includes #define kname_parse mr_kname_parse.

I haven't actually verified that the patch lets us build Moira on Squeeze, but I'm going to test that now and make tweaks as necessary. I'll give this about a day or so to elicit comments, at which point I will submit the patch to moiradev and upload a Debathena build with the patch to -proposed.

Changed 13 years ago by broder

comment:4 in reply to: ↑ 3 Changed 13 years ago by broder

attachment:ticket:198:build-without-krb4.4 Download built without krb4. attachment:ticket:198:build-without-krb4.5 Download is slightly more awesome in that it will build with krb4 as well.

comment:5 Changed 13 years ago by broder

  • Status changed from new to accepted
  • Keywords proposed added
  • Owner set to broder

I committed my patch in r23746 and uploaded a version of debathena-moira with that patch to -proposed.

I've confirmed that I can perform both krb4 and krb5 auth on Hardy, so I'm going to plan to move the package to production on Friday.

comment:6 Changed 13 years ago by broder

  • Status changed from accepted to closed
  • Resolution set to fixed

Moved to production last night.

Note: See TracTickets for help on using tickets.