Commit graph

3 commits

Author SHA1 Message Date
Dag-Erling Smørgrav
4dcfac20dd Add patches for a couple of issues I found while researching #190055:
- Use GID_MAX instead of LONG_MAX, they are not the same on 64-bit.
 - Correctly restore the egid after reading the krb5 credential cache.

MFH:		2014Q4
2014-11-13 21:46:11 +00:00
Dag-Erling Smørgrav
8e613c06bf MIT Kerberos already has profile_t, so don't typedef it. 2014-03-27 16:56:10 +00:00
Dag-Erling Smørgrav
8e584a521a Functional changes:
- Add a SASL port option

  - Fix the KERBEROS ports option - it was a no-op, setting a
    configure flag which modifies how Kerberos was used without
    setting the flag that actually enables it.

  - Use GSSAPI instead of $ENV{KRB5CCNAME} to set the credential
    cache.  The latter pollutes the unsuspecting application's
    environment and does not always work (for instance, it breaks when
    nss_ldap is invoked from OpenSSH, although I haven't quite
    determined why)

  - Add patches to support Heimdal in addition to MIT Kerberos.  Note
    that I tried to ensure that the code is unchanged in the
    non-Heimdal case, but that I have no way of testing with MIT
    Kerberos.

  With the above changes, I have successfully configured a FreeBSD 9.2
  server to authenticate users against a Microsoft Windows 2012 Active
  Directory server.

Non-functional changes:

  - Modernize and stagify

  - Remove text in pkg-message about a change that was made ten years ago

  - Take maintainership as current maintainer has been AWOL for 2+ years

  - Bump PORTREVISION

Approved by:	maintainer hasn't been heard of for 2+ years
2014-01-14 14:19:05 +00:00