From dba4c91055dfd4b456979d8900a1ea26b41612d6 Mon Sep 17 00:00:00 2001 From: Steve Traylen Date: Oct 01 2011 19:20:17 +0000 Subject: Merge branch 'master' into el5 --- diff --git a/.gitignore b/.gitignore index a6f74ec..1875dc9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /myproxy-5.3.tar.gz /myproxy-5.4.tar.gz +/myproxy-5.5.tar.gz diff --git a/myproxy-globus-7129-ptII.patch b/myproxy-globus-7129-ptII.patch deleted file mode 100644 index b6d0265..0000000 --- a/myproxy-globus-7129-ptII.patch +++ /dev/null @@ -1,30 +0,0 @@ -Update of /cvsroot/cilogon/myproxy -In directory vz-cvs-4.sog:/tmp/cvs-serv11386 - -Modified Files: - myproxy_creds.c -Log Message: -log if myproxy_creds_retrieve() fails when it shouldn't - - -Index: myproxy_creds.c -=================================================================== -RCS file: /cvsroot/cilogon/myproxy/myproxy_creds.c,v -retrieving revision 1.112 -retrieving revision 1.113 -diff -C2 -d -r1.112 -r1.113 -*** myproxy_creds.c 30 Aug 2011 21:06:58 -0000 1.112 ---- myproxy_creds.c 30 Aug 2011 23:15:17 -0000 1.113 -*************** -*** 1157,1160 **** ---- 1157,1165 ---- - numcreds++; - } -+ } else { -+ verror_put_string("failed to retrieve credentials for " -+ "username \"%s\"", new_cred->username); -+ myproxy_log_verror(); /* internal error; should not happen */ -+ verror_clear(); - } - } - diff --git a/myproxy-globus-7129-ptIII.patch b/myproxy-globus-7129-ptIII.patch deleted file mode 100644 index ef70b44..0000000 --- a/myproxy-globus-7129-ptIII.patch +++ /dev/null @@ -1,57 +0,0 @@ - -http://lists.globus.org/pipermail/myproxy-commit/2011-August/000619.html - -Update of /cvsroot/cilogon/myproxy -In directory vz-cvs-4.sog:/tmp/cvs-serv30047 - -Modified Files: - myproxy_creds.c -Log Message: -fix failure handling for myproxy_creds_retrieve() calls in -myproxy_creds_retrieve_all_ex(): -1) when trying to load default credential, it's not an error if we - don't find one - this is a fix to my last commit -2) when scanning directory, if we fail to load a credential that - should be there, don't rely on creds structure that may be cleared, - but instead use stashed values when logging error - - -Index: myproxy_creds.c -=================================================================== -RCS file: /cvsroot/cilogon/myproxy/myproxy_creds.c,v -retrieving revision 1.113 -retrieving revision 1.114 -diff -C2 -d -r1.113 -r1.114 -*** myproxy_creds.c 30 Aug 2011 23:15:17 -0000 1.113 ---- myproxy_creds.c 31 Aug 2011 18:25:32 -0000 1.114 -*************** -*** 1158,1165 **** - } - } else { -! verror_put_string("failed to retrieve credentials for " -! "username \"%s\"", new_cred->username); -! myproxy_log_verror(); /* internal error; should not happen */ -! verror_clear(); - } - } ---- 1158,1162 ---- - } - } else { -! verror_clear(); /* OK if we don't find creds w/o credname */ - } - } -*************** -*** 1215,1220 **** - verror_put_string("failed to retrieve credentials for " - "username \"%s\", credname \"%s\"", -! new_cred->username, -! new_cred->credname ? new_cred->credname : ""); - myproxy_log_verror(); /* internal error; should not happen */ - verror_clear(); ---- 1212,1216 ---- - verror_put_string("failed to retrieve credentials for " - "username \"%s\", credname \"%s\"", -! de->d_name, cname ? cname : ""); - myproxy_log_verror(); /* internal error; should not happen */ - verror_clear(); - diff --git a/myproxy-globus-7129.patch b/myproxy-globus-7129.patch deleted file mode 100644 index 202b1cf..0000000 --- a/myproxy-globus-7129.patch +++ /dev/null @@ -1,110 +0,0 @@ -Modified Files: - VERSION myproxy_creds.c -Log Message: -in myproxy-server, fix abort when processing INFO response when -the user has stored credentials both with and without a credential -name; bug was introduced in myproxy-server v4.9 -(http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7209) - - -Index: myproxy_creds.c -=================================================================== -RCS file: /cvsroot/cilogon/myproxy/myproxy_creds.c,v -retrieving revision 1.111 -retrieving revision 1.112 -diff -C2 -d -r1.111 -r1.112 -*** myproxy_creds.c 4 May 2011 21:29:26 -0000 1.111 ---- myproxy_creds.c 30 Aug 2011 21:06:58 -0000 1.112 -*************** -*** 1042,1045 **** ---- 1042,1068 ---- - - /* -+ * returns 1 if creds structure matches the query parameters; 0 otherwise -+ */ -+ static int -+ myproxy_creds_match(struct myproxy_creds *creds, -+ char *username, char *owner_name, char *credname, -+ time_t start_time, time_t end_time) -+ { -+ if (username && strcmp(username, creds->username)) -+ return 0; -+ if (owner_name && strcmp(owner_name, creds->owner_name)) -+ return 0; -+ if (credname && -+ ((!creds->credname && credname[0] != '\0') || -+ (creds->credname && strcmp(credname, creds->credname)))) -+ return 0; -+ if ((start_time && start_time > creds->end_time) || -+ (end_time && end_time < creds->end_time)) -+ return 0; -+ -+ return 1; -+ } -+ -+ /* - * We implement the query logic of both myproxy_creds_retrieve_all() - * and myproxy_admin_retrieve_all() in this function here since -*************** -*** 1116,1119 **** ---- 1139,1167 ---- - new_cred = creds; /* new_cred is what we're filling in */ - -+ /* -+ * first add the credential w/o a credname, if one exists, because -+ * we always want it to be first on the list. -+ */ -+ if (sterile_username && -+ (!credname || credname[0] == '\0')) { /* only if no credname query */ -+ assert(new_cred->username == NULL); -+ assert(new_cred->credname == NULL); -+ new_cred->username = strdup(sterile_username); -+ if (myproxy_creds_retrieve(new_cred) == 0) { -+ if (myproxy_creds_match(new_cred, username, -+ owner_name, credname, -+ start_time, end_time)) { -+ cur_cred = new_cred; -+ new_cred = malloc(sizeof(struct myproxy_creds)); -+ memset(new_cred, 0, sizeof(struct myproxy_creds)); -+ numcreds++; -+ } -+ } -+ } -+ -+ /* -+ * next search for credentials with a credname, by scanning the -+ * entire directory... -+ */ - if ((dir = opendir(storage_dir)) == NULL) { - verror_put_string("failed to open credential storage directory"); -*************** -*** 1147,1162 **** - } - if (myproxy_creds_retrieve(new_cred) == 0) { -! if (username && strcmp(username, new_cred->username)) -! continue; -! if (owner_name && strcmp(owner_name, new_cred->owner_name)) -! continue; -! if (credname && -! ((!new_cred->credname && credname[0] != '\0') || -! (new_cred->credname && -! strcmp(credname, new_cred->credname)))) -! continue; -! if ((start_time && start_time > new_cred->end_time) || -! (end_time && end_time < new_cred->end_time)) - continue; - if (cur_cred) cur_cred->next = new_cred; - cur_cred = new_cred; ---- 1195,1205 ---- - } - if (myproxy_creds_retrieve(new_cred) == 0) { -! if (sterile_username && !new_cred->credname) -! continue; /* already handled cred w/o name */ -! if (!myproxy_creds_match(new_cred, username, -! owner_name, credname, -! start_time, end_time)) { - continue; -+ } - if (cur_cred) cur_cred->next = new_cred; - cur_cred = new_cred; - diff --git a/myproxy.init b/myproxy.init index ebac8df..6a261d7 100644 --- a/myproxy.init +++ b/myproxy.init @@ -25,7 +25,7 @@ prog=$(basename $exec) # Defaults MYPROXY_USER=myproxy -MYPROXY_OPTIONS="-s /var/lib/myproxy" +MYPROXY_OPTIONS="" X509_USER_CERT=/etc/grid-security/myproxy/hostcert.pem X509_USER_KEY=/etc/grid-security/myproxy/hostkey.pem diff --git a/myproxy.spec b/myproxy.spec index d4f8cdd..84db40a 100644 --- a/myproxy.spec +++ b/myproxy.spec @@ -9,8 +9,8 @@ %global with_checks 1 Name: myproxy -Version: 5.4 -Release: 4%{?dist} +Version: 5.5 +Release: 1%{?dist} Summary: Manage X.509 Public Key Infrastructure (PKI) security credentials Group: System Environment/Daemons @@ -22,11 +22,6 @@ Source1: myproxy.init Source2: myproxy.sysconfig Source3: README.Fedora -#http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7209 -Patch0: myproxy-globus-7129.patch -#http://lists.globus.org/pipermail/myproxy-commit/2011-August/000619.html -Patch1: myproxy-globus-7129-ptII.patch -Patch2: myproxy-globus-7129-ptIII.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: globus-gss-assist-devel%{?_isa} > 3 @@ -175,9 +170,6 @@ Package %{name}-doc contains the MyProxy documentation. cp -p %{SOURCE1} . cp -p %{SOURCE2} . cp -p %{SOURCE3} . -%patch0 -p0 -%patch1 -p0 -%patch2 -p0 %build rm -f doxygen/Doxyfile* @@ -396,6 +388,11 @@ fi %{_libdir}/pkgconfig/myproxy.pc %changelog +* Sat Oct 1 2011 Steve Traylen - 5.5-1 +- Update to version 5.5, drop myproxy-globus-7129.patch, pII, pIII, + fixed upstream. +- No longer hard code /var/lib/myproxy since the default anyway now. + * Thu Sep 1 2011 Steve Traylen - 5.4-4 - Add myproxy-globus-7129-PartII.patch patch and myproxy-globus-7129-PartIII.patch patch. diff --git a/myproxy.sysconfig b/myproxy.sysconfig index 1d4e244..ac749c1 100644 --- a/myproxy.sysconfig +++ b/myproxy.sysconfig @@ -2,7 +2,7 @@ # Override these defaults here. ## MYPROXY_USER=myproxy -## MYPROXY_OPTIONS="-s /var/lib/myproxy" +## MYPROXY_OPTIONS="" ## X509_USER_CERT=/etc/grid-security/myproxy/hostcert.pem ## X509_USER_KEY=/etc/grid-security/myproxy/hostkey.pem diff --git a/sources b/sources index be70caa..e1d43e4 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ab190cdcea594ae9d76b518441e6e614 myproxy-5.4.tar.gz +cf1f353e73a2d30f9c364abd8b8910ab myproxy-5.5.tar.gz