From owner-freebsd-ports-bugs@FreeBSD.ORG  Tue Nov  9 10:00:23 2010
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8C3B51065675
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Tue,  9 Nov 2010 10:00:23 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 5D7768FC17
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Tue,  9 Nov 2010 10:00:23 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oA9A0Ns0042037
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Tue, 9 Nov 2010 10:00:23 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oA9A0Ngb042019;
	Tue, 9 Nov 2010 10:00:23 GMT (envelope-from gnats)
Resent-Date: Tue, 9 Nov 2010 10:00:23 GMT
Resent-Message-Id: <201011091000.oA9A0Ngb042019@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Joerg Pulz <Joerg.Pulz@frm2.tum.de>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 141ED106566B
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue,  9 Nov 2010 09:55:45 +0000 (UTC)
	(envelope-from Joerg.Pulz@frm2.tum.de)
Received: from mailhost.frm2.tum.de (mailhost.frm2.tum.de [129.187.179.12])
	by mx1.freebsd.org (Postfix) with ESMTP id 659098FC12
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue,  9 Nov 2010 09:55:44 +0000 (UTC)
Received: from mailhost.frm2.tum.de (localhost [127.0.0.1])
	by mailhost.frm2.tum.de (8.14.4/8.14.4) with ESMTP id oA99thx8016425
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue, 9 Nov 2010 10:55:43 +0100 (CET)
	(envelope-from jpulz@frm2.tum.de)
Received: from hades.admin.frm2 (hades.admin.frm2 [172.25.1.10])
	by mailhost.frm2.tum.de (8.14.4/8.14.4) with ESMTP id oA99teU4016420
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue, 9 Nov 2010 10:55:40 +0100 (CET)
	(envelope-from jpulz@frm2.tum.de)
Received: from hades.admin.frm2 (localhost [127.0.0.1])
	by hades.admin.frm2 (8.14.3/8.14.3) with ESMTP id oA99teiu033326
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue, 9 Nov 2010 10:55:40 +0100 (CET)
	(envelope-from jpulz@frm2.tum.de)
Received: (from jpulz@localhost)
	by hades.admin.frm2 (8.14.3/8.14.3/Submit) id oA99teIr033325;
	Tue, 9 Nov 2010 10:55:40 +0100 (CET) (envelope-from jpulz)
Message-Id: <201011090955.oA99teIr033325@hades.admin.frm2>
Date: Tue, 9 Nov 2010 10:55:40 +0100 (CET)
From: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: 
Subject: ports/152071: security/cyrus-sasl2: fix GSSAPI when using heimdal
	from ports
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Nov 2010 10:00:23 -0000


>Number:         152071
>Category:       ports
>Synopsis:       security/cyrus-sasl2: fix GSSAPI when using heimdal from ports
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Nov 09 10:00:22 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Joerg Pulz
>Release:        FreeBSD 8.0-STABLE amd64
>Organization:
TU-Munchen / FRM II
>Environment:
System: FreeBSD hades.admin.frm2 8.0-STABLE FreeBSD 8.0-STABLE #2: Thu Jan 21 12:42:55 CET 2010 root@hades.admin.frm2:/usr/obj/usr/src/sys/GENERIC amd64


	
>Description:
	Enable the configure tests for GSS_C_NT_HOSTBASED_SERVICE and
	GSS_C_NT_USER_NAME if --with-gss_impl=heimdal is used.
	Currently the tests are only done for CyberSafe gss implementation.
	After the update of security/heimdal to version 1.4, one gets unresolved
	symbol "gss_nt_service_name" errors when dlopening
	lib/sasl2/libgssapiv2.so.2 which is linked against the ports libraries.

	The relevant code block is in plugins/gssapi.c :
		#ifndef HAVE_GSS_C_NT_HOSTBASED_SERVICE
		extern gss_OID gss_nt_service_name;
		#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
		#endif

	The attached patch resolves the above mentioned problem.
	As both base heimdal and security/heimdal provide
	GSS_C_NT_HOSTBASED_SERVICE and GSS_C_NT_USER_NAME it will work with
	both.
>How-To-Repeat:
	
>Fix:

	

--- security__cyrus-sasl2.diff begins here ---
--- files/patch-configure.orig	2006-05-19 22:45:36.000000000 +0200
+++ files/patch-configure	2010-11-09 10:33:21.000000000 +0100
@@ -1,7 +1,5 @@
-Index: configure
-diff -u configure.orig configure
---- configure.orig	Fri May 19 04:30:13 2006
-+++ configure	Sat May 20 04:04:39 2006
+--- configure.orig	2009-05-07 16:24:25.000000000 +0200
++++ configure	2010-11-09 10:26:27.000000000 +0100
 @@ -1586,6 +1586,7 @@
  fi
  echo "$as_me:$LINENO: result: yes" >&5
@@ -10,7 +8,7 @@
  test "$program_prefix" != NONE &&
    program_transform_name="s,^,$program_prefix,;$program_transform_name"
  # Use a double $ so make ignores it.
-@@ -5125,7 +5126,7 @@
+@@ -5147,7 +5148,7 @@
  	fi
  
  	saved_LIBS=$LIBS
@@ -19,7 +17,7 @@
            do
  	    LIBS="$saved_LIBS -l$dbname"
  	    cat >conftest.$ac_ext <<_ACEOF
-@@ -5135,6 +5136,7 @@
+@@ -5157,6 +5158,7 @@
  cat confdefs.h >>conftest.$ac_ext
  cat >>conftest.$ac_ext <<_ACEOF
  /* end confdefs.h.  */
@@ -27,7 +25,7 @@
  #include <db.h>
  int
  main ()
-@@ -5882,7 +5884,7 @@
+@@ -5904,7 +5906,7 @@
  	fi
  
  	saved_LIBS=$LIBS
@@ -36,7 +34,7 @@
            do
  	    LIBS="$saved_LIBS -l$dbname"
  	    cat >conftest.$ac_ext <<_ACEOF
-@@ -5892,6 +5894,7 @@
+@@ -5914,6 +5916,7 @@
  cat confdefs.h >>conftest.$ac_ext
  cat >>conftest.$ac_ext <<_ACEOF
  /* end confdefs.h.  */
@@ -44,7 +42,7 @@
  #include <db.h>
  int
  main ()
-@@ -7193,6 +7196,8 @@
+@@ -7215,6 +7218,8 @@
    SASLAUTHD_TRUE='#'
    SASLAUTHD_FALSE=
  fi
@@ -53,7 +51,7 @@
  
  echo "$as_me:$LINENO: checking if I should include saslauthd" >&5
  echo $ECHO_N "checking if I should include saslauthd... $ECHO_C" >&6
-@@ -10650,7 +10655,7 @@
+@@ -10672,7 +10677,7 @@
    echo $ECHO_N "(cached) $ECHO_C" >&6
  else
    ac_check_lib_save_LIBS=$LIBS
@@ -62,7 +60,7 @@
  cat >conftest.$ac_ext <<_ACEOF
  #line $LINENO "configure"
  /* confdefs.h.  */
-@@ -11060,7 +11065,7 @@
+@@ -11082,7 +11087,7 @@
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_LIBS $gssapi_dir/libgssapi_krb5.a $gssapi_dir/libkrb5.a $gssapi_dir/libk5crypto.a $gssapi_dir/libcom_err.a ${K5SUPSTATIC}"
    elif test "$gss_impl" = "heimdal"; then
      CPPFLAGS="$CPPFLAGS -DKRB5_HEIMDAL"
@@ -71,7 +69,25 @@
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_STATIC_LIBS $gssapi_dir/libgssapi.a $gssapi_dir/libkrb5.a $gssapi_dir/libasn1.a $gssapi_dir/libroken.a $gssapi_dir/libcom_err.a ${LIB_CRYPT}"
    elif test "$gss_impl" = "cybersafe03"; then
  # Version of CyberSafe with two libraries
-@@ -11898,7 +11903,7 @@
+@@ -11119,7 +11124,7 @@
+ # in gssapi\rfckrb5.h
+ #
+ if test "$gssapi" != "no"; then
+-  if test "$gss_impl" = "cybersafe" -o "$gss_impl" = "cybersafe03"; then
++  if test "$gss_impl" = "cybersafe" -o "$gss_impl" = "cybersafe03" -o "$gss_impl" = "heimdal"; then
+     cat >conftest.$ac_ext <<_ACEOF
+ #line $LINENO "configure"
+ /* confdefs.h.  */
+@@ -11190,7 +11195,7 @@
+ 
+   fi
+ 
+-  if test "$gss_impl" = "cybersafe" -o "$gss_impl" = "cybersafe03"; then
++  if test "$gss_impl" = "cybersafe" -o "$gss_impl" = "cybersafe03" -o "$gss_impl" = "heimdal"; then
+     cat >conftest.$ac_ext <<_ACEOF
+ #line $LINENO "configure"
+ /* confdefs.h.  */
+@@ -11920,7 +11925,7 @@
    echo $ECHO_N "(cached) $ECHO_C" >&6
  else
    ac_check_lib_save_LIBS=$LIBS
--- security__cyrus-sasl2.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted: