Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Jun 2025 02:51:53 GMT
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 8f18d513c03a - main - gssd: Add support for MIT KRB5
Message-ID:  <202506160251.55G2prBb063050@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=8f18d513c03afd64e0fa7cf2bea382d4de24324f

commit 8f18d513c03afd64e0fa7cf2bea382d4de24324f
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2025-06-11 02:31:31 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2025-06-16 02:49:36 +0000

    gssd: Add support for MIT KRB5
    
    Fix gssd build when building with MIT KRB5.
    
    krb5_get_init_creds_opt_set_default_flags() is not an MIT KRB5 function.
    It is also not needed to resolve the default keytable.
    
    Sponsored by:           The FreeBSD Foundation
    Reviewed by:            rmacklem
    Differential revision:  https://reviews.freebsd.org/D50810
---
 usr.sbin/gssd/Makefile | 7 +++++++
 usr.sbin/gssd/gssd.c   | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/usr.sbin/gssd/Makefile b/usr.sbin/gssd/Makefile
index e30463ddf50b..7ad1cae7eb55 100644
--- a/usr.sbin/gssd/Makefile
+++ b/usr.sbin/gssd/Makefile
@@ -11,7 +11,14 @@ WARNS?= 1
 
 LIBADD=	gssapi
 .if ${MK_KERBEROS_SUPPORT} != "no"
+.if ${MK_MITKRB5} != "no"
+# MIT KRB5
+LIBADD+=	krb5 k5crypto krb5profile krb5support
+CFLAGS+= -DMK_MITKRB5=yes
+.else
+# Heimdal
 LIBADD+=	krb5 roken
+.endif
 .else
 CFLAGS+= -DWITHOUT_KERBEROS
 .endif
diff --git a/usr.sbin/gssd/gssd.c b/usr.sbin/gssd/gssd.c
index d1d5c2119ab5..c6d9f01131f7 100644
--- a/usr.sbin/gssd/gssd.c
+++ b/usr.sbin/gssd/gssd.c
@@ -1189,8 +1189,11 @@ gssd_get_cc_from_keytab(const char *name)
 	if (ret == 0)
 		ret = krb5_cc_initialize(context, ccache, principal);
 	if (ret == 0) {
+#ifndef MK_MITKRB5
+		/* For Hemdal only */
 		krb5_get_init_creds_opt_set_default_flags(context, "gssd",
 		    krb5_principal_get_realm(context, principal), opt);
+#endif
 		kt_ret = ret = krb5_kt_default(context, &kt);
 	}
 	if (ret == 0)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202506160251.55G2prBb063050>