After building/installing the www/mod_auth_kerb2 port, attempting to load it in Apache results in the following error message: httpd: Syntax error on line 103 of /usr/local/etc/apache22/httpd.conf: Cannot load /usr/local/libexec/apache22/mod_auth_kerb.so into server: /usr/local/libexec/apache22/mod_auth_kerb.so: Undefined symbol "gsskrb5_register_acceptor_identity" Fix: I was able to get Apache to load the module by editing the Makefile under work/ to add -lgssapi_krb5 to KRB5_LDFLAGS. However, I was unable to get mod_auth_kerb to function properly under 8.0. I was able to identify that the issue appears to lie in the GSSAPI area, but was unable to get additional details beyond the following: In src/mod_auth_kerb.c, on line 1445, the if block for "(major_status & GSS_S_CONTINUE_NEEDED)" is triggered. A bug has been filed with the current maintainer of mod_auth_kerb, however, I'm not sure if the bug that was opened is the actual root cause of the issue as the module works fine under FreeBSD 7.2-RELEASE. http://sourceforge.net/tracker/index.php?func=detail&aid=2832475&group_id=51775&atid=464524 How-To-Repeat: Install www/mod_auth_kerb2 on 8.0-BETA2 and try to load the module.
Responsible Changed From-To: freebsd-ports-bugs->apache Over to maintainer (via the GNATS Auto Assign Tool)
The failure to load the module portion of this PR may be due to changes in Heimdal 1.1 and might be fixed by updating /usr/bin/krb5-config to add -lgssapi_krb5 to the list for --libs gssapi. -- Ryan Steinmetz Lead Security/Systems Administrator Infrastructure Engineering Rochester Institute of Technology 585.475.5663 PGP: EF36 D45A 5CA9 28B1 A550 18CD A43C D111 7AD7 FAF2
Responsible Changed From-To: apache->pgollucci I'll take it.
State Changed From-To: open->suspended stalled
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I am coming across the bug reported in this PR. I am running 8.0-RELEASE-p2 with apache22 and mod_auth_kerb 5.4 in ports. With the - -lgssapi_krb5 patch it compiles, and it works for Krb5 authentication. However it sig 11's when I try to use GSSAPI/SPEGNO: - -=- [Fri Apr 09 01:10:43 2010] [notice] child pid 70541 exit signal Segmentation fault (11) [Fri Apr 09 01:10:43 2010] [notice] child pid 70540 exit signal Segmentation fault (11) [Fri Apr 09 01:10:43 2010] [notice] child pid 70538 exit signal Segmentation fault (11) - -=- I see that the PR has been suspended/stalled; is there any more data needed to help get this resolved? (I'd really like to get GSSAPI-auth working again!) Best Wishes - Peter - -- [ plosher@isc.org | ISC | OpenPGP 0xE8048D08 | "The bits *must* flow" ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAku+yTkACgkQPtVx9OgEjQjDvwCg2iOOOogBcGFAWuHGolDQM0Vd j7AAmQHBvh94W4B1AN2J8TBqbSaFLbJx =a//5 -----END PGP SIGNATURE-----
This is a multi-part message in MIME format.
Responsible Changed From-To: pgollucci->apache Over to maintainer.
State Changed From-To: suspended->open apache@ does not maintainer security/heimdal
Responsible Changed From-To: apache->freebsd-ports-bugs apache@ does not maintainer security/heimdal
State Changed From-To: open->closed should be fixed
This still fails to load with the error: httpd: Syntax error on line 103 of /usr/local/etc/apache22/httpd.conf: Cannot load /usr/local/libexec/apache22/mod_auth_kerb.so into server: /usr/local/libexec/apache22/mod_auth_kerb.so: Undefined symbol "gsskrb5_register_acceptor_identity" I also do not have security/heimdal installed. I'm using the Heimdal libs in base. Please note that there are two issues listed in this PR: 1. The modules failure to load with the above error. 2. The modules failure to work after -lgssapi_krb5 has been added to KRB5_LDFLAGS.
State Changed From-To: closed->open
Responsible Changed From-To: freebsd-ports-bugs->apache Over to maintainer(s).
Responsible Changed From-To: apache->zi I'll take it.
State Changed From-To: open->closed This issue has been resolved. Please update your ports tree and install revision 4 of this port.