Site Navigation

Date:      Tue, 30 Jan 2018 02:20:10 +0000 (UTC)
From:      Dan Langille <dvl@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r460369 - in head/security/py-kerberos: . files
Message-ID:  <201801300220.w0U2KA3t041949@repo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

Author: dvl
Date: Tue Jan 30 02:20:10 2018
New Revision: 460369
URL: https://svnweb.freebsd.org/changeset/ports/460369

Log:
  Fix for use with either GSSAPI_BASE or GSSAPI_HEIMDAL
  
  Without, the first invocation of authGSSClientStep raises kerberos.GSSError
  after failing to acquire a ticket for the krbtgt service on the intended host
  rather than the specified service.
  
  PR:		204899
  Submitted by:	John W. O'Brien <john@saltant.com>

Modified:
  head/security/py-kerberos/Makefile
  head/security/py-kerberos/files/extra-patch-src_kerberosgss.c
  head/security/py-kerberos/files/extra-patch-src_kerberosgss.h

Modified: head/security/py-kerberos/Makefile
==============================================================================
--- head/security/py-kerberos/Makefile	Tue Jan 30 01:18:07 2018	(r460368)
+++ head/security/py-kerberos/Makefile	Tue Jan 30 02:20:10 2018	(r460369)
@@ -3,6 +3,7 @@
 
 PORTNAME=	kerberos
 PORTVERSION=	1.2.5
+PORTREVISION=	1
 CATEGORIES=	security python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}

Modified: head/security/py-kerberos/files/extra-patch-src_kerberosgss.c
==============================================================================
--- head/security/py-kerberos/files/extra-patch-src_kerberosgss.c	Tue Jan 30 01:18:07 2018	(r460368)
+++ head/security/py-kerberos/files/extra-patch-src_kerberosgss.c	Tue Jan 30 02:20:10 2018	(r460369)
@@ -38,3 +38,12 @@
      if (kt) {
          krb5_kt_close(kcontext, kt);
      }
+@@ -150,7 +148,7 @@ int authenticate_gss_client_init(
+     name_token.value = (char *)service;
+     
+     maj_stat = gss_import_name(
+-        &min_stat, &name_token, gss_krb5_nt_service_name, &state->server_name
++        &min_stat, &name_token, GSS_C_NT_HOSTBASED_SERVICE, &state->server_name
+     );
+     
+     if (GSS_ERROR(maj_stat)) {

Modified: head/security/py-kerberos/files/extra-patch-src_kerberosgss.h
==============================================================================
--- head/security/py-kerberos/files/extra-patch-src_kerberosgss.h	Tue Jan 30 01:18:07 2018	(r460368)
+++ head/security/py-kerberos/files/extra-patch-src_kerberosgss.h	Tue Jan 30 02:20:10 2018	(r460369)
@@ -1,11 +1,10 @@
 --- src/kerberosgss.h.orig	2015-03-29 03:41:32 UTC
 +++ src/kerberosgss.h
-@@ -14,8 +14,9 @@
+@@ -14,8 +14,8 @@
   * limitations under the License.
   **/
  
 +#include <krb5.h>
-+#define gss_krb5_nt_service_name GSS_KRB5_NT_PRINCIPAL_NAME
  #include <gssapi/gssapi.h>
 -#include <gssapi/gssapi_generic.h>
  #include <gssapi/gssapi_krb5.h>

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801300220.w0U2KA3t041949>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact