monsieurp 15/04/22 22:27:05
Added: jdbc-postgresql-9.4_p1201-remove-sspi.patch
jdbc-postgresql-9.4_p1201-remove-osgi.patch
Log:
Version bump courtesy of Andreas Sturmlechner
<andreas.sturmlech...@gmail.com>. Fix bug 545004.
Signed-off-by: Patrice Clement <monsie...@gentoo.org>
(Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key
93491BB8)
Revision Changes Path
1.1
dev-java/jdbc-postgresql/files/jdbc-postgresql-9.4_p1201-remove-sspi.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-java/jdbc-postgresql/files/jdbc-postgresql-9.4_p1201-remove-sspi.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-java/jdbc-postgresql/files/jdbc-postgresql-9.4_p1201-remove-sspi.patch?rev=1.1&content-type=text/plain
Index: jdbc-postgresql-9.4_p1201-remove-sspi.patch
===================================================================
--- a/org/postgresql/core/v3/ConnectionFactoryImpl.java 2015-03-23
07:32:15.000000000 +0100
+++ b/org/postgresql/core/v3/ConnectionFactoryImpl.java 2015-03-23
07:41:53.160058718 +0100
@@ -19,7 +19,6 @@
import org.postgresql.PGProperty;
import org.postgresql.core.*;
-import org.postgresql.sspi.SSPIClient;
import org.postgresql.hostchooser.GlobalHostStatusTracker;
import org.postgresql.hostchooser.HostChooser;
import org.postgresql.hostchooser.HostChooserFactory;
@@ -387,11 +386,7 @@
// or an authentication request
String password = PGProperty.PASSWORD.get(info);
-
- /* SSPI negotiation state, if used */
- SSPIClient sspiClient = null;
- try {
authloop:
while (true)
{
@@ -507,88 +502,16 @@
case AUTH_REQ_SSPI:
/*
* Use GSSAPI if requested on all platforms, via JSSE.
- *
- * For SSPI auth requests, if we're on Windows attempt
native SSPI
- * authentication if available, and if not disabled by
setting a
- * kerberosServerName. On other platforms, attempt
JSSE GSSAPI
- * negotiation with the SSPI server.
- *
- * Note that this is slightly different to libpq,
which uses SSPI
- * for GSSAPI where supported. We prefer to use the
existing Java
- * JSSE Kerberos support rather than going to native
(via JNA) calls
- * where possible, so that JSSE system properties etc
continue
- * to work normally.
- *
- * Note that while SSPI is often Kerberos-based
there's no guarantee
- * it will be; it may be NTLM or anything else. If the
client responds
- * to an SSPI request via GSSAPI and the other end
isn't using Kerberos
- * for SSPI then authentication will fail.
*/
- final String gsslib = PGProperty.GSS_LIB.get(info);
- final boolean usespnego =
PGProperty.USE_SPNEGO.getBoolean(info);
-
- boolean useSSPI = false;
+ org.postgresql.gss.MakeGSS.authenticate(pgStream, host,
+ user, password,
+ PGProperty.JAAS_APPLICATION_NAME.get(info),
+ PGProperty.KERBEROS_SERVER_NAME.get(info),
+ logger,
+ PGProperty.USE_SPNEGO.getBoolean(info));
+
+ break;
- /*
- * Use SSPI if we're in auto mode on windows and have a
- * request for SSPI auth, or if it's forced. Otherwise
- * use gssapi. If the user has specified a Kerberos
server
- * name we'll always use JSSE GSSAPI.
- */
- if (gsslib.equals("gssapi"))
- logger.debug("Using JSSE GSSAPI, param
gsslib=gssapi");
- else if (areq == AUTH_REQ_GSS &&
!gsslib.equals("sspi"))
- logger.debug("Using JSSE GSSAPI, gssapi requested
by server and gsslib=sspi not forced");
- else
- {
- /* Determine if SSPI is supported by the client */
- sspiClient = new SSPIClient(pgStream,
- PGProperty.SSPI_SERVICE_CLASS.get(info),
- /* Use negotiation for SSPI, or if
explicitly requested for GSS */
- areq == AUTH_REQ_SSPI || (areq ==
AUTH_REQ_GSS && usespnego),
- logger);
-
- useSSPI = sspiClient.isSSPISupported();
- logger.debug("SSPI support detected: " + useSSPI);
-
- if (!useSSPI) {
- /* No need to dispose() if no SSPI used */
- sspiClient = null;
-
- if (gsslib.equals("sspi"))
- throw new PSQLException("SSPI forced with
gsslib=sspi, but SSPI not available; set loglevel=2 for details",
-
PSQLState.CONNECTION_UNABLE_TO_CONNECT);
- }
-
- logger.debug("Using SSPI: " + useSSPI + ",
gsslib="+gsslib+" and SSPI support detected");
- }
-
- if (useSSPI)
- {
- /* SSPI requested and detected as available */
- sspiClient.startSSPI();
- }
- else
- {
- /* Use JGSS's GSSAPI for this request */
- org.postgresql.gss.MakeGSS.authenticate(pgStream,
host,
- user, password,
- PGProperty.JAAS_APPLICATION_NAME.get(info),
- PGProperty.KERBEROS_SERVER_NAME.get(info),
- logger,
- usespnego);
- }
-
- break;
-
- case AUTH_REQ_GSS_CONTINUE:
- /*
- * Only called for SSPI, as GSS is handled by
an inner loop
- * in MakeGSS.
- */
- sspiClient.continueSSPI(l_msgLen - 8);
- break;
-
case AUTH_REQ_OK:
/* Cleanup after successful authentication */
if (logger.logDebug())
@@ -609,18 +532,6 @@
throw new PSQLException(GT.tr("Protocol error. Session
setup failed."), PSQLState.PROTOCOL_VIOLATION);
}
}
- } finally {
- /* Cleanup after successful or failed authentication attempts */
- if (sspiClient != null)
- {
- try {
- sspiClient.dispose();
- } catch (RuntimeException ex) {
- logger.log("Unexpected error during SSPI
context disposal", ex);
- }
-
- }
- }
}
1.1
dev-java/jdbc-postgresql/files/jdbc-postgresql-9.4_p1201-remove-osgi.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-java/jdbc-postgresql/files/jdbc-postgresql-9.4_p1201-remove-osgi.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-java/jdbc-postgresql/files/jdbc-postgresql-9.4_p1201-remove-osgi.patch?rev=1.1&content-type=text/plain
Index: jdbc-postgresql-9.4_p1201-remove-osgi.patch
===================================================================
--- a/build.xml 2015-02-18 17:44:58.000000000 +0100
+++ b/build.xml 2015-03-23 02:19:03.951945663 +0100
@@ -403,34 +403,6 @@
<attribute name="Implementation-Vendor" value="PostgreSQL Global
Development Group" />
</manifest>
</jar>
-
- <!-- add OSGi meta information -->
- <property name="osgidir" value="${builddir}/osgi"/>
- <mkdir dir="${osgidir}"/>
-
- <!-- create a bnd file named after the JAR file so that bnd wrap tool
find it -->
- <echo file="${osgidir}/${artifact.version.string}.bnd">
-Bundle-ManifestVersion: 2
-
-Bundle-Name: PostgreSQL JDBC Driver ${jdbc.version.upper}
-Bundle-SymbolicName: org.postgresql.${jdbc.version}
-Bundle-Version: ${osgi.version}
-
-Bundle-Vendor: PostgreSQL Global Development Group
-Bundle-Copyright: Copyright (c) 2003-2015, PostgreSQL Global Development Group
-Bundle-License: http://www.postgresql.org/about/licence/
-Bundle-DocURL: http://jdbc.postgresql.org/
-
-Bundle-Classpath: .
-Bundle-Activator: org.postgresql.osgi.PGBundleActivator
-Require-Capability:
osgi.ee;filter:="(&(|(osgi.ee=J2SE)(osgi.ee=JavaSE))(version>=${java.specification.version}))"
-Export-Package: org.postgresql*; version=${fullversion}
-Import-Package: javax.sql, javax.transaction.xa, javax.naming,
*;resolution:=optional
- </echo>
-
- <!-- run wrap task from bnd -->
- <taskdef resource="aQute/bnd/ant/taskdef.properties"
classpathref="dependency.build.classpath"/>
- <bndwrap jars="${artifact.jar.build}" output="${artifact.jar}"
definitions="${osgidir}"/>
</target>
<!-- create a distribution with docs, dependencies, and driver jar -->
