Bug 43774

Summary: Allow users to build security/cyrus_sasl without Kerberos IV support
Product: Ports & Packages Reporter: Guido Berhoerster <ich>
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Guido Berhoerster 2002-10-07 17:20:02 UTC 
The security/cyrus_sasl port automatically activates Kerberos IV support if
/usr/lib/libkrb.a is found on the system. Users might have Kerberos IV
installed but don't want Cyrus SASL to support it e.g. because they only use
it with sendmail to authenticate themselves with a different method.
Once Kerberos support is compiled in via --enable-krb4 it cannot be disabled
later. And if Kerberos is not configured and there is no /etc/srvtab sendmail
produces annoying error messages until a dummy file with that name is created.

Fix: Add a simple switch like WITHOUT_KRB4 to the Makefile and thus allow users to
turn off Kerberos support even if they have Kerberos installed, e.g. like this:



-.if exists(/usr/lib/libkrb.a)
+.if exists(/usr/lib/libkrb.a) && !defined(WITHOUT_KRB4)
 CONFIGURE_ARGS+=       --enable-krb4
 .else
 CONFIGURE_ARGS+=       --disable-krb4--aVwuzeGfenZ5WcvdFu4qsimrqubBNKYpI8d60GrpImdF60P3
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- Makefile.orig       Sat Oct  5 15:13:42 2002
+++ Makefile    Mon Oct  7 16:02:38 2002
@@ -82,7 +82,7 @@
 GSSAPI=        "@comment "
 .endif
How-To-Repeat: Build the security/cyrus_sasl port on a system which has Kerberos IV installed.
Comment 1 Scot W. Hetzel 2002-10-08 03:41:10 UTC 
From: "Guido Berhoerster" <ich@guido-berhoerster.org>
> >Description:
> The security/cyrus_sasl port automatically activates Kerberos IV support
if
> /usr/lib/libkrb.a is found on the system. Users might have Kerberos IV
> installed but don't want Cyrus SASL to support it e.g. because they only
use
> it with sendmail to authenticate themselves with a different method.
> Once Kerberos support is compiled in via --enable-krb4 it cannot be
disabled
> later. And if Kerberos is not configured and there is no /etc/srvtab
sendmail
> produces annoying error messages until a dummy file with that name is
created.
>
There's another way to silence the error message:

    mkdir /usr/local/lib/sasl/disable
    cd /usr/local/lib/sasl
    mv libkerberos4.* disable

> >How-To-Repeat:
> Build the security/cyrus_sasl port on a system which has Kerberos IV
installed.
>
> >Fix:
> Add a simple switch like WITHOUT_KRB4 to the Makefile and thus allow users
to
> turn off Kerberos support even if they have Kerberos installed, e.g. like
this:
>
I have no objection to having this switch added.

Scot W. Hetzel
Comment 2 Tilman Keskinoz freebsd_committer freebsd_triage 2003-05-09 13:43:40 UTC 
State Changed
From-To: open->closed

Fixed with the latest commit to cyrus-sasl