Date: Sun, 1 Feb 2015 18:43:43 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r378261 - in head/security/p5-Authen-Krb5: . files Message-ID: <201502011843.t11Ihhnh034169@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Sun Feb 1 18:43:42 2015 New Revision: 378261 URL: https://svnweb.freebsd.org/changeset/ports/378261 QAT: https://qat.redports.org/buildarchive/r378261/ Log: - Add Heimdal support. - Use USES=gssapi. Added: head/security/p5-Authen-Krb5/files/ head/security/p5-Authen-Krb5/files/krb5-heimdal-compat.h (contents, props changed) head/security/p5-Authen-Krb5/files/patch-Krb5.xs (contents, props changed) head/security/p5-Authen-Krb5/files/patch-Makefile.PL (contents, props changed) Modified: head/security/p5-Authen-Krb5/Makefile Modified: head/security/p5-Authen-Krb5/Makefile ============================================================================== --- head/security/p5-Authen-Krb5/Makefile Sun Feb 1 18:40:57 2015 (r378260) +++ head/security/p5-Authen-Krb5/Makefile Sun Feb 1 18:43:42 2015 (r378261) @@ -3,7 +3,7 @@ PORTNAME= Authen-Krb5 PORTVERSION= 1.9 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- @@ -12,12 +12,24 @@ DISTNAME= Krb5-${PORTVERSION} MAINTAINER= perl@FreeBSD.org COMMENT= Perl extension for Kerberos 5 -LIB_DEPENDS= libkrb5.so.3:${PORTSDIR}/security/krb5 - USES= perl5 USE_PERL5= configure +CONFIGURE_ENV= GSSAPIBASEDIR="${GSSAPIBASEDIR}" + +OPTIONS_SINGLE= GSSAPI +OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT +OPTIONS_DEFAULT= GSSAPI_BASE + +GSSAPI_BASE_USES= gssapi +GSSAPI_BASE_CONFIGURE_ENV= HAVE_HEIMDAL=1 +GSSAPI_HEIMDAL_USES= gssapi:heimdal +GSSAPI_HEIMDAL_CONFIGURE_ENV= HAVE_HEIMDAL=1 +GSSAPI_MIT_USES= gssapi:mit + +post-extract: + ${INSTALL_DATA} ${FILESDIR}/krb5-heimdal-compat.h ${WRKSRC} -post-patch: - @${REINPLACE_CMD} -e 's,/usr,${LOCALBASE},g' ${WRKSRC}/Makefile.PL +post-build: + ${STRIP_CMD} ${WRKSRC}/blib/arch/auto/Authen/Krb5/Krb5.so .include <bsd.port.mk> Added: head/security/p5-Authen-Krb5/files/krb5-heimdal-compat.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Authen-Krb5/files/krb5-heimdal-compat.h Sun Feb 1 18:43:42 2015 (r378261) @@ -0,0 +1,27 @@ +/* $FreeBSD$ */ +#if 0 +#define HAVE_HEIMDAL 1 +#endif + +#ifdef HAVE_HEIMDAL +#ifndef _KRB5_HEIMDAL_COMPAT_H +#define _KRB5_HEIMDAL_COMPAT_H + +#include <com_err.h> + +#if !defined(krb5_enc_tkt_part) +typedef struct EncTicketPart krb5_enc_tkt_part; +#endif + +/* Use real function. MIT's krb5.h defines this as a macro. */ +#undef krb5_princ_realm + +typedef krb5int32 krb5_int32; +typedef heim_octet_string krb5_octet; + +#ifndef MAX_KEYTAB_NAME_LEN +#define MAX_KEYTAB_NAME_LEN 255 +#endif + +#endif /* !_KRB5_HEIMDAL_COMPAT_H */ +#endif /* HAVE_HEIMDAL */ Added: head/security/p5-Authen-Krb5/files/patch-Krb5.xs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Authen-Krb5/files/patch-Krb5.xs Sun Feb 1 18:43:42 2015 (r378261) @@ -0,0 +1,405 @@ +--- Krb5.xs.orig 2010-01-04 10:29:19.000000000 +0900 ++++ Krb5.xs 2015-01-04 06:35:55.000000000 +0900 +@@ -16,6 +16,7 @@ + + #include <errno.h> + #include "krb5_constants.c" ++#include "krb5-heimdal-compat.h" + + #ifdef __cplusplus + } +@@ -45,6 +46,7 @@ + static krb5_error_code err; + static krb5_keytab_entry keytab_entry_init; + ++#ifndef HAVE_HEIMDAL + /* + * These are internal Kerberos library functions that aren't prototyped and + * that we probably shouldn't be calling. Prototype them with the arguments +@@ -52,6 +54,7 @@ + */ + krb5_error_code krb5_free_krbhst(krb5_context, char * const *); + krb5_error_code krb5_get_krbhst(krb5_context, const krb5_data *, char ***); ++#endif + + /* + * The following three routines implement a "safehouse" for nested Kerberos +@@ -112,10 +115,18 @@ + + CODE: + if (e) { ++#ifdef HAVE_HEIMDAL ++ ST(0) = sv_2mortal(newSVpv(krb5_get_error_message(0, e), 0)); ++#else + ST(0) = sv_2mortal(newSVpv((char *)error_message(e), 0)); ++#endif + } + else { ++#ifdef HAVE_HEIMDAL ++ ST(0) = sv_2mortal(newSVpv(krb5_get_error_message(0, err), 0)); ++#else + ST(0) = sv_2mortal(newSVpv((char *)error_message(err), 0)); ++#endif + (void) SvUPGRADE(ST(0), SVt_PVIV); + SvIVX(ST(0)) = err; + SvIOK_on(ST(0)); +@@ -181,14 +192,20 @@ + char *realm + + PREINIT: ++#ifndef HAVE_HEIMDAL + krb5_data realm_data; ++#endif + char **hostlist; + int i; + + PPCODE: ++#ifdef HAVE_HEIMDAL ++ err = krb5_get_krbhst(context,(const krb5_realm *)realm,&hostlist); ++#else + realm_data.data = realm; + realm_data.length = strlen(realm); + err = krb5_get_krbhst(context,&realm_data,&hostlist); ++#endif + if (err || !hostlist) XSRETURN_UNDEF; + for (i = 0; hostlist[i]; i++) { + XPUSHs(sv_2mortal(newSVpv(hostlist[i], +@@ -202,11 +219,19 @@ + + CODE: + err = krb5_build_principal_ext(context, &RETVAL, ++#ifdef HAVE_HEIMDAL ++ krb5_realm_length(*krb5_princ_realm(context, p)), ++ krb5_realm_data(*krb5_princ_realm(context, p)), ++ KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME, ++ krb5_realm_length(*krb5_princ_realm(context, p)), ++ krb5_realm_data(*krb5_princ_realm(context, p)), ++#else + krb5_princ_realm(context, p)->length, + krb5_princ_realm(context, p)->data, + KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME, + krb5_princ_realm(context, p)->length, + krb5_princ_realm(context, p)->data, ++#endif + 0); + + if (err) XSRETURN_UNDEF; +@@ -519,7 +544,11 @@ + unsigned short port + + CODE: ++#ifdef HAVE_HEIMDAL ++ err = krb5_make_addrport(context,&addr,RETVAL,port); ++#else + err = krb5_gen_portaddr(context,addr,(krb5_pointer)&port,&RETVAL); ++#endif + if (err) XSRETURN_UNDEF; + + OUTPUT: +@@ -651,14 +680,22 @@ + Authen::Krb5::Principal p + + CODE: ++#ifdef HAVE_HEIMDAL ++ ST(0) = sv_2mortal(newSVpv(krb5_realm_data(p->realm),krb5_realm_length(p->realm))); ++#else + ST(0) = sv_2mortal(newSVpv(p->realm.data,p->realm.length)); ++#endif + + krb5_int32 + type(p) + Authen::Krb5::Principal p + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL = krb5_principal_get_type(0, p); ++#else + RETVAL = p->type; ++#endif + + OUTPUT: + RETVAL +@@ -668,14 +705,27 @@ + Authen::Krb5::Principal p + + PPCODE: ++#ifdef HAVE_HEIMDAL ++ unsigned char buf[256]; ++ size_t ret_len; ++ ++ if (length_Principal(p) > 0) { ++ int len = length_Principal(p); ++#else + if (p->length > 0) { + int len = p->length; + krb5_data *data; +- ++#endif ++#ifdef HAVE_HEIMDAL ++ EXTEND(sp,1); ++ encode_Principal(buf, sizeof(buf), p, &ret_len); ++ PUSHs(sv_2mortal(newSVpv((const char *)buf, ret_len))); ++#else + EXTEND(sp,len); + for (data = p->data; len--; data++) { + PUSHs(sv_2mortal(newSVpv(data->data,data->length))); + } ++#endif + } + + void +@@ -811,7 +861,11 @@ + Authen::Krb5::KeyBlock kb + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL = length_EncryptionKey(kb); ++#else + RETVAL = kb->length; ++#endif + + OUTPUT: + RETVAL +@@ -821,15 +875,28 @@ + Authen::Krb5::KeyBlock kb + + PPCODE: ++#ifdef HAVE_HEIMDAL ++ unsigned char buf[256]; ++ size_t len; ++ ++ len = length_EncryptionKey(kb); ++ decode_EncryptionKey(buf, sizeof(buf), kb, &len); ++ XPUSHs(newSVpvn((char*)buf, len)); ++#else + /* sv_2mortal here causes 'Attempt to free unreferenced scalar' later */ + XPUSHs(newSVpvn((char*)(kb->contents), kb->length)); ++#endif + + int + enctype(kb) + Authen::Krb5::KeyBlock kb + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL = (int)kb->keytype; ++#else + RETVAL = (int)kb->enctype; ++#endif + + OUTPUT: + RETVAL +@@ -839,14 +906,32 @@ + Authen::Krb5::KeyBlock kb + + PREINIT: ++#ifdef HAVE_HEIMDAL ++ char *buf; ++ krb5_enctype **enctypes; ++ unsigned int ret_len; ++#else + char buf[256]; ++#endif + + PPCODE: ++#ifdef HAVE_HEIMDAL ++ err = krb5_keytype_to_enctypes(0, kb->keytype, &ret_len, enctypes); ++ if (err) { ++ XSRETURN_UNDEF; ++ } ++ err = krb5_enctype_to_string(0, *enctypes[0], &buf); ++ free(enctypes); ++#else + err = krb5_enctype_to_string(kb->enctype, buf, 255); ++#endif + if (err) { + XSRETURN_UNDEF; + } + XPUSHs(newSVpv(buf, 0)); ++#ifdef HAVE_HEIMDAL ++ free(buf); ++#endif + + void + DESTROY(kb) +@@ -1001,7 +1086,11 @@ + Authen::Krb5::Ticket t + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL = &t->ticket; ++#else + RETVAL = t->enc_part2; ++#endif + + OUTPUT: + RETVAL +@@ -1023,7 +1112,12 @@ + Authen::Krb5::EncTktPart etp + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL->name = etp->cname; ++ RETVAL->realm = etp->crealm; ++#else + RETVAL = etp->client; ++#endif + + OUTPUT: + RETVAL +@@ -1034,7 +1128,11 @@ + + CODE: + if (etp && should_free((SV *)etp)) { ++#ifdef HAVE_HEIMDAL ++ free_EncTicketPart(etp); ++#else + krb5_free_enc_tkt_part(context,etp); ++#endif + freed((SV *)etp); + } + +@@ -1048,8 +1146,15 @@ + + CODE: + if (!New(0,RETVAL,1,krb5_address)) XSRETURN_UNDEF; ++#ifdef HAVE_HEIMDAL ++ size_t len, ret_len; ++ unsigned char *cp = (unsigned char *)SvPV(contents,ret_len); ++ decode_HostAddress(cp, ret_len, RETVAL, &len); ++ RETVAL->addr_type = addrtype; ++#else + RETVAL->addrtype = addrtype; + RETVAL->contents = (krb5_octet *)SvPV(contents,RETVAL->length); ++#endif + + OUTPUT: + RETVAL +@@ -1072,7 +1177,16 @@ + Authen::Krb5::Keyblock keyblock + + CODE: ++#ifdef HAVE_HEIMDAL ++ krb5int32 keytype; ++ krb5_enctype **enctypes; ++ unsigned ret_len; ++ ++ krb5_keytype_to_enctypes(0, keyblock->keytype, &ret_len, enctypes); ++ RETVAL = *enctypes[0]; ++#else + RETVAL = keyblock->enctype; ++#endif + + OUTPUT: + RETVAL +@@ -1082,7 +1196,11 @@ + Authen::Krb5::Keyblock keyblock + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL = length_EncryptionKey(keyblock); ++#else + RETVAL = keyblock->length; ++#endif + + OUTPUT: + RETVAL +@@ -1092,9 +1210,19 @@ + Authen::Krb5::Keyblock keyblock + + CODE: ++#ifdef HAVE_HEIMDAL ++ unsigned char buf[256]; ++ size_t ret_len; ++ ++ if (length_EncryptionKey(keyblock) == 0) ++ XSRETURN_UNDEF; ++ encode_EncryptionKey(buf, sizeof(buf), keyblock, &ret_len); ++ RETVAL = newSVpv((char *)buf, ret_len); ++#else + if (keyblock->contents == NULL) + XSRETURN_UNDEF; + RETVAL = newSVpv((char *) keyblock->contents, keyblock->length); ++#endif + + OUTPUT: + RETVAL +@@ -1104,11 +1232,19 @@ + Authen::Krb5::Keyblock keyblock + + CODE: ++#ifdef HAVE_HEIMDAL ++ int len; ++ ++ len = length_EncryptionKey(keyblock); ++ if (len > 0) ++ free_EncryptionKey(keyblock); ++#else + if (keyblock->contents) { + memset(keyblock->contents, 0, keyblock->length); + free(keyblock->contents); + keyblock->contents = NULL; + } ++#endif + + MODULE = Authen::Krb5 PACKAGE = Authen::Krb5::Keytab + +@@ -1236,7 +1372,11 @@ + *RETVAL = keytab_entry_init; + RETVAL->principal = principal; + RETVAL->vno = vno; ++#ifdef HAVE_HEIMDAL ++ RETVAL->keyblock = *key; ++#else + RETVAL->key = *key; ++#endif + + can_free((SV *)RETVAL); + +@@ -1281,7 +1421,11 @@ + Authen::Krb5::KeytabEntry entry + + CODE: ++#ifdef HAVE_HEIMDAL ++ err = krb5_copy_keyblock(context, &entry->keyblock, &RETVAL); ++#else + err = krb5_copy_keyblock(context, &entry->key, &RETVAL); ++#endif + if (err) + XSRETURN_UNDEF; + can_free((SV *)RETVAL); +@@ -1380,14 +1524,19 @@ + PREINIT: + krb5_error_code retval; + krb5_ticket *t; ++#ifdef HAVE_HEIMDAL ++ size_t ret_len; ++#endif + + CODE: + if (!New(0,t,1,krb5_ticket)) XSRETURN_UNDEF; +- ++#ifdef HAVE_HEIMDAL ++ retval = krb5_decode_EncTicketPart(0, &t, sizeof(*t), ++ (struct EncTicketPart *)&cred->ticket, &ret_len); ++#else + retval = krb5_decode_ticket(&cred->ticket, &t); +- ++#endif + RETVAL = t; +- + can_free((SV *)RETVAL); + + OUTPUT: +@@ -1398,7 +1547,11 @@ + Authen::Krb5::Creds cred + + CODE: ++#ifdef HAVE_HEIMDAL ++ RETVAL = &cred->session; ++#else + RETVAL = &cred->keyblock; ++#endif + + can_free((SV *)RETVAL); + Added: head/security/p5-Authen-Krb5/files/patch-Makefile.PL ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Authen-Krb5/files/patch-Makefile.PL Sun Feb 1 18:43:42 2015 (r378261) @@ -0,0 +1,63 @@ +--- Makefile.PL.orig 2008-03-16 23:59:50.000000000 +0900 ++++ Makefile.PL 2015-01-04 06:44:41.000000000 +0900 +@@ -1,39 +1,33 @@ + use ExtUtils::MakeMaker; + +-##### CHANGE THESE ACCORDING TO YOUR CONFIGURATION ##### +- +-# location of Kerberos 5 libraries +-my $KRB5_LIBDIR = '/usr/lib'; ++my $CONF = $ENV{"GSSAPIBASEDIR"} . "/bin/krb5-config"; ++my $DEFS; ++my $KRB5_INCS; ++my $KRB5_LIBS; + +-# any extra libraries? +-# add -lresolv here if you get errors like the following (usually on linux): +-# undefined symbol: __res_search +-my $KRB5_EXTRALIBS = '-lresolv'; ++if (-f $CONF) { ++ $KRB5_LIBS = `$CONF --libs krb5`; ++ $KRB5_INCS = `$CONF --cflags krb5`; ++ chomp($KRB5_LIBS); ++ chomp($KRB5_INCS); ++} else { ++ $KRB5_LIBS = $ENV{'GSSAPILDFLAGS'} . " " . $ENV{'GSSAPILIBS'}; ++ $KRB5_INCS = $ENV{'GSSAPICPPFLAGS'}; ++} + +-# location of Kerberos 5 includes +-my $KRB5_INCDIR = '/usr/include'; ++if (defined($ENV{'HAVE_HEIMDAL'})) { ++ $DEFS = "-DHAVE_HEIMDAL"; ++} + +-# any extra include flags? +-my $KRB5_EXTRAINCS = ''; ++print "KRB5_LIBS: $KRB5_LIBS\n"; ++print "KRB5_INCS: $KRB5_INCS\n"; + + ##### DO NOT CHANGE ANYTHING BELOW HERE ##### + +-# check for libk5crypto -- only in krb5-1.1 and above +-print "Checking for libk5crypto..."; +-my $cryptolib; +-if ( -r "${KRB5_LIBDIR}/libk5crypto.a" || -r "${KRB5_LIBDIR}/libk5crypto.so" ) { +- print "yes\n"; +- $cryptolib = '-lk5crypto'; +-} +-else { +- print "no. I'll use libcrypto instead.\n"; +- $cryptolib = '-lcrypto'; +-} +- + WriteMakefile( + 'NAME' => 'Authen::Krb5', + 'VERSION_FROM' => 'Krb5.pm', +- 'LIBS' => ["-L${KRB5_LIBDIR} -lkrb5 ${cryptolib} -lcom_err $KRB5_EXTRALIBS"], +- 'DEFINE' => '', +- 'INC' => "-I${KRB5_INCDIR} $KRB5_EXTRAINCS" ++ 'LIBS' => [$KRB5_LIBS], ++ 'DEFINE' => $DEFS, ++ 'INC' => $KRB5_INCS + );
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502011843.t11Ihhnh034169>