Attachment #214343 for bug #246355

Lines 1-12 Link Here

(-)squid-devel/files/patch-src_acl_external_eDirectory__userip_ext__edirectory__userip__acl.cc (-3 / +6 lines)
1	--- src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc.orig 2020-04-19 10:50:48 UTC	1	--- src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc.orig 2020-04-19 12:38:51 UTC
2	+++ src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc	2	+++ src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc
3	@@ -69,6 +69,9 @@	3	@@ -69,6 +69,12 @@
4	#ifdef HAVE_NETDB_H	4	#ifdef HAVE_NETDB_H
5	#include <netdb.h>	5	#include <netdb.h>
6	#endif	6	#endif
7	+#include <sys/types.h>	7	+#ifdef HAVE_SYS_SOCKET_H
8	+#include <sys/socket.h>	8	+#include <sys/socket.h>
		9	+#endif
		10	+#ifdef HAVE_NETINET_IN_H
9	+#include <netinet/in.h>	11	+#include <netinet/in.h>
		12	+#endif
10		13
11	#ifdef HELPER_INPUT_BUFFER	14	#ifdef HELPER_INPUT_BUFFER
12	#define EDUI_MAXLEN HELPER_INPUT_BUFFER	15	#define EDUI_MAXLEN HELPER_INPUT_BUFFER




--- src/acl/external/kerberos_ldap_group/support_krb5.cc.orig	2020-04-19 12:38:51 UTC
+++ src/acl/external/kerberos_ldap_group/support_krb5.cc
@@ -467,10 +467,15 @@ krb5_create_cache(char *domain, char *service_principa
                 }
 
                 // overwrite limitation of enctypes
+#if USE_HEIMDAL_KRB5
+                creds->session.keytype = 0;
+                if (creds->session.keyvalue.length>0)
+                    krb5_free_keyblock_contents(kparam.context, &creds->session);
+#else
                 creds->keyblock.enctype = 0;
                 if (creds->keyblock.contents)
                     krb5_free_keyblock_contents(kparam.context, &creds->keyblock);
-
+#endif
                 code = krb5_get_credentials(kparam.context, 0, kparam.cc[ccindex], creds, &tgt_creds);
                 if (code) {
                     k5_error("Error while getting tgt", code);

Lines 1-11 Link Here

(-)squid-devel/files/patch-src_acl_external_session_ext__session__acl.cc (-5 / +7 lines)
1	--- src/acl/external/session/ext_session_acl.cc.orig 2020-04-19 10:50:48 UTC	1	--- src/acl/external/session/ext_session_acl.cc.orig 2020-05-10 08:32:32 UTC
2	+++ src/acl/external/session/ext_session_acl.cc	2	+++ src/acl/external/session/ext_session_acl.cc
3	@@ -137,7 +137,7 @@ static void init_db(void)	3	@@ -137,6 +137,10 @@ static void init_db(void)
4	}	4	}
5	}	5	}
6	#elif USE_TRIVIALDB	6	#elif USE_TRIVIALDB
7	- db = tdb_open(db_path, 0, TDB_CLEAR_IF_FIRST, O_CREAT\|O_DSYNC, 0666);	7	+#if _SQUID_FREEBSD_ && !defined(O_DSYNC)
8	+ db = tdb_open(db_path, 0, TDB_CLEAR_IF_FIRST, O_CREAT\|O_SYNC, 0666);	8	+ // FreeBSD lacks O_DSYNC, O_SYNC is closest to correct behaviour
		9	+#define O_DSYNC O_SYNC
		10	+#endif
		11	db = tdb_open(db_path, 0, TDB_CLEAR_IF_FIRST, O_CREAT\|O_DSYNC, 0666);
9	#endif	12	#endif
10	if (!db) {	13	if (!db) {
11	fprintf(stderr, "FATAL: %s: Failed to open session db '%s'\n", program_name, db_path);

Return to bug 246355

Line 0 Link Here

(-)squid-devel/files/patch-src_acl_external_kerberos__ldap__group_support__krb5.cc (+19 lines)
	1	--- src/acl/external/kerberos_ldap_group/support_krb5.cc.orig 2020-04-19 12:38:51 UTC
	2	+++ src/acl/external/kerberos_ldap_group/support_krb5.cc
	3	@@ -467,10 +467,15 @@ krb5_create_cache(char domain, char service_principa
	4	}
	5
	6	// overwrite limitation of enctypes
	7	+#if USE_HEIMDAL_KRB5
	8	+ creds->session.keytype = 0;
	9	+ if (creds->session.keyvalue.length>0)
	10	+ krb5_free_keyblock_contents(kparam.context, &creds->session);
	11	+#else
	12	creds->keyblock.enctype = 0;
	13	if (creds->keyblock.contents)
	14	krb5_free_keyblock_contents(kparam.context, &creds->keyblock);
	15	-
	16	+#endif
	17	code = krb5_get_credentials(kparam.context, 0, kparam.cc[ccindex], creds, &tgt_creds);
	18	if (code) {
	19	k5_error("Error while getting tgt", code);