Bug 131878 - www/squid: Bug with kerberos heimdal negotiate auth.
Summary: www/squid: Bug with kerberos heimdal negotiate auth.
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-02-19 16:30 UTC by Pavel Volkov
Modified: 2009-03-29 21:24 UTC (History)
1 user (show)

See Also:


Attachments
squid-3.0.13.patch (562 bytes, patch)
2009-02-19 16:30 UTC, Pavel Volkov
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Pavel Volkov 2009-02-19 16:30:01 UTC
Eliminates an error in squid_kerb_auth: parseNegTokenInit failed with rc=102

Port maintainer (tmseck@web.de) is cc'd.

Generated with FreeBSD Port Tools 0.77
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2009-02-19 16:30:11 UTC
Maintainer of www/squid,

Please note that PR ports/131878 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/131878

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2009-02-19 16:30:14 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 3 Thomas-Martin Seck 2009-02-28 10:56:42 UTC
Thank you for the report. Could you please file a bug against Squid or
point me to the bugzilla entry of an existing report for this issue? I
would like to know a bit more about this issue and would then like to
get a patch directly from the developers. Thanks!
Comment 4 Pavel I Volkov 2009-03-02 10:56:46 UTC
Hello. This is not a problem Squid.
A clear indication of the order of bytes in memory allows you to solve
the problem is well described in the list
http://www.mail-archive.com/squid-users@squid-cache.org/msg47702.html
Thanks!
Comment 5 Thomas-Martin Seck 2009-03-08 17:18:08 UTC
Thank you for the pointer. The need for the additional define is in fact
even documented in the helper's readme. Somehow it got lost when the
helper got integrated into Squid's source. Your patch is OK, I will
integrate it into www/squid and www/squid30.
Comment 6 Thomas-Martin Seck 2009-03-08 18:48:30 UTC
On closer examination it occured to me that it might be smarter not to
assume that FreeBSD always fits the little endian assumption. So I guess
we better instrument what configure found out about the system...

Could you try this patch against www/squid?

Index: files/patch-squid_kerb_auth
===================================================================
--- files/patch-squid_kerb_auth	(revision 1555)
+++ files/patch-squid_kerb_auth	(revision 1561)
@@ -557,3 +557,23 @@
  #define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE
  #else
  #include <gssapi/gssapi.h>
+--- helpers/negotiate_auth/squid_kerb_auth/spnegohelp/derparse.c.orig	2007-05-15 01:36:32.000000000 +0200
++++ helpers/negotiate_auth/squid_kerb_auth/spnegohelp/derparse.c	2009-03-08 19:39:03.000000000 +0100
+@@ -22,12 +22,17 @@
+ //
+ /////////////////////////////////////////////////////////////
+ 
++#include "config.h"
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <memory.h>
+ #include "spnego.h"
+ #include "derparse.h"
+ 
++#ifndef WORDS_BIGENDIAN
++#define __LITTLE_ENDIAN__ 1
++#endif
++
+ //
+ // The GSS Mechanism OID enumeration values (SPNEGO_MECH_OID) control which offset in
+ // the array below, that a mechanism can be found.
Comment 7 Pav Lucistnik freebsd_committer freebsd_triage 2009-03-25 14:59:48 UTC
Any update on this PR? Thomas, you ever got a word back from the
submitter?

-- 
Pav Lucistnik <pav@oook.cz>
              <pav@FreeBSD.org>

The answer to the all-encompassing question on life, the universe
and everything: close windows and reboot.
Comment 8 Thomas-Martin Seck 2009-03-25 18:52:06 UTC
* Pav Lucistnik (pav@FreeBSD.org):

> Any update on this PR? Thomas, you ever got a word back from the
> submitter?

Not regarding my latest feedback which means to check whether we are not
actually compiling on a big endian architecture since the submitter's
patch assumes that we are always little endian. (This is probably not
correct for at least FreeBSD-sparc64, is it?) I'd therefore prefer to
check what configure already found out about endianness. This is equally
straightforward and I'll update the squid/squid30 ports within the next
few days accordingly. I plan to submit this patch upstream, too.
Comment 9 Pav Lucistnik freebsd_committer freebsd_triage 2009-03-25 20:55:00 UTC
> > Any update on this PR? Thomas, you ever got a word back from the
> > submitter?
> 
> Not regarding my latest feedback which means to check whether we are not
> actually compiling on a big endian architecture since the submitter's
> patch assumes that we are always little endian. (This is probably not
> correct for at least FreeBSD-sparc64, is it?) I'd therefore prefer to
> check what configure already found out about endianness. This is equally
> straightforward and I'll update the squid/squid30 ports within the next
> few days accordingly. I plan to submit this patch upstream, too.

Sounds good. So do you want me to commit your patch from 8 Mar 2009
19:48:30 ?

-- 
Pav Lucistnik <pav@oook.cz>
              <pav@FreeBSD.org>
Your sig line (k) was stolen! -more- There is a puff of smoke!
Comment 10 Thomas-Martin Seck 2009-03-28 16:50:46 UTC
* Pav Lucistnik (pav@FreeBSD.org):

> Sounds good. So do you want me to commit your patch from 8 Mar 2009
> 19:48:30 ?

Thanks, but I tweaked this one a bit further to make sure that the
do not get distracted by an explicit (and possibly erroneous)
-D__LITTLE_ENDIAN__ . Update PRs to follow soon now.
Comment 11 Pav Lucistnik freebsd_committer freebsd_triage 2009-03-29 21:24:02 UTC
State Changed
From-To: feedback->closed

Fix submitted in ports/133159