[OpenAFS] Re: OpenAFS + Kerb5

Douglas E. Engert deengert@anl.gov
Tue, 21 Feb 2006 13:56:13 -0600 

This is a multi-part message in MIME format.
--------------060508050703000007060906
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

This sounds like you are using the SEAM Kerberos support. I sent a bug
report on 1/27/2006 for 1.4.1-rc5 regarding using aklog with SEAM on
Solaris 10 which had some of the same problems.

The attached patch might help.

Jeff Blaine wrote:

> Okay.  Still treading water far from shore after
> downloading and installing Sun Studio 11 (/opt/SUNWspro/bin/cc)
> 
> :(
> 
> Solaris 9 SPARC.
> 
> ...
> make[3]: Entering directory `/export/home/src/openafs-1.4.1-rc7/src/aklog'
> /opt/SUNWspro/bin/cc  -O -I/export/home/krb5/include -DALLOW_REGISTER
> -I/export/home/src/openafs-1.4.1-rc7/src/config -I. -I.
> -I/export/home/src/openafs-1.4.1-rc7/include
> -I/export/home/src/openafs-1.4.1-rc7/include/afs
> -I/export/home/src/openafs-1.4.1-rc7/include/rx
> -I/export/home/src/openafs-1.4.1-rc7
> -I/export/home/src/openafs-1.4.1-rc7/src
> -I/export/home/src/openafs-1.4.1-rc7/src -dy -Bdynamic -c aklog.c
> "aklog.h", line 57: syntax error before or at: u_int32_t
> "aklog.h", line 67: incomplete struct/union/enum ktext: ticket_st
> "aklog.h", line 71: warning: unnamed struct member
> "aklog.h", line 73: syntax error before or at: typedef
> "aklog.c", line 19: member cannot be function: main
> "aklog.c", line 19: warning: syntax requires ";" after last struct/union
> member
> "aklog.c", line 19: syntax error before or at: {
> cc: acomp failed for aklog.c
> 
> 
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> 
> 

-- 

  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

--------------060508050703000007060906
Content-Type: text/plain;
 name="aklog.1.4.1-rc5.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="aklog.1.4.1-rc5.patch"

--- ./,aklog.h	Mon Jul 11 14:07:00 2005
+++ ./aklog.h	Fri Jan 27 08:32:13 2006
@@ -51,6 +51,10 @@
 #define INST_SZ 40
 #endif /* INST_SZ */
 
+#ifndef u_int32_t
+#define u_int32_t uint32_t
+#endif
+
 struct ktext {
     unsigned int length;
     unsigned char dat[MAX_KTXT_LEN];
--- ./,aklog_main.c	Mon Jul 18 21:51:53 2005
+++ ./aklog_main.c	Fri Jan 27 13:39:17 2006
@@ -201,7 +201,7 @@
 #if !defined(HAVE_KRB5_524_CONVERT_CREDS) && defined(HAVE_KRB524_CONVERT_CREDS_KDC)
 #define krb5_524_convert_creds krb524_convert_creds_kdc
 #elif !defined(HAVE_KRB5_524_CONVERT_CREDS) && !defined(HAVE_KRB524_CONVERT_CREDS_KDC)
-#error "You must have one of krb5_524_convert_creds or krb524_convert_creds_kdc available"
+#define HAVE_NO_KRB5_524
 #endif
 
 #endif /* WINDOWS */
@@ -631,6 +631,7 @@
 		   get_cred_keylen(v5cred));
 	    atoken.ticketLen = v5cred->ticket.length;
 	    memcpy(atoken.ticket, v5cred->ticket.data, atoken.ticketLen);
+#ifndef HAVE_NO_KRB5_524
 	} else {
     	    CREDENTIALS cred;
 
@@ -665,6 +666,7 @@
 	    memcpy(&atoken.sessionKey, cred.session, 8);
 	    atoken.ticketLen = cred.ticket_st.length;
 	    memcpy(atoken.ticket, cred.ticket_st.dat, atoken.ticketLen);
+#endif /* HAVE_NO_KRB5_524 */
 	}
 	
 	if (!force &&
@@ -1187,7 +1189,11 @@
 	    "[-d] [[-cell | -c] cell [-k krb_realm]] ",
 	    "[[-p | -path] pathname]\n",
 	    "    [-zsubs] [-hosts] [-noauth] [-noprdb] [-force] [-setpag] \n"
-	    "    [-linked] [-524]\n");
+	    "    [-linked]"
+#ifndef HAVE_NO_KRB5_524
+		" [-524]"
+#endif
+		"\n");
     fprintf(stderr, "    -d gives debugging information.\n");
     fprintf(stderr, "    krb_realm is the kerberos realm of a cell.\n");
     fprintf(stderr, "    pathname is the name of a directory to which ");
@@ -1199,7 +1205,9 @@
     fprintf(stderr, "    -force means replace identical tickets. \n");
     fprintf(stderr, "    -linked means if AFS node is linked, try both. \n");
     fprintf(stderr, "    -setpag set the AFS process authentication group.\n");
+#ifndef HAVE_NO_KRB5_524
     fprintf(stderr, "    -524 means use the 524 converter instead of V5 directly\n");
+#endif
     fprintf(stderr, "    No commandline arguments means ");
     fprintf(stderr, "authenticate to the local cell.\n");
     fprintf(stderr, "\n");
@@ -1272,8 +1280,10 @@
 		linked++;
 	else if (strcmp(argv[i], "-force") == 0)
 	    force++;
+#ifndef HAVE_NO_KRB5_524
 	else if (strcmp(argv[i], "-524") == 0)
 	    do524++;
+#endif
     else if (strcmp(argv[i], "-setpag") == 0)
 	    afssetpag++;
 	else if (((strcmp(argv[i], "-cell") == 0) ||
@@ -1526,14 +1536,13 @@
 #include <afs/error_table.h>
 #undef error_table
 
-#ifndef HAVE_ADD_ERROR_TABLE
-void add_error_table (const struct error_table *);
-#endif /* !HAVE_ADD_ERROR_TABLE */
-
 void
 add_to_error_table(struct et_list *new_table)
 {
+/*if we don't have it, we can't call it */
+#ifdef HAVE_ADD_ERROR_TABLE
 	add_error_table((struct error_table *) new_table->table);
+#endif
 }
 #endif /* HAVE_ADD_TO_ERROR_TABLE */
 

--------------060508050703000007060906--