Created attachment 174308 [details]
"This module has been built as a replacement for the aging mod_auth_kerb. Its aim is to use only GSSAPI calls and be as much as possible agnostic of the actual mechanism used."
I took a lot of inspiration from other Apache module port's Makefiles, particularly the do-install target (which is a workaround for libtool's inability not to install .la and .a files). Any improvement suggestions
will be welcome.
Have you tried to USE_GITHUB instead of using a MASTER_SITES which points to github ?
I did, and as far as I can tell, USE_GITHUB can only download tags (that is, repo snapshots), not prepared release tarballs.
If I use that, I also have to do USES=autoreconf, and I thought it was better to avoid that if possible.
Created attachment 174381 [details]
Updated new port
New patch with USE_GITHUB, USES=autoreconf.
I have also added an override of $KRB5_CONFIG in CONFIGURE_ENV, because without that, the port will compile with port MIT headers, then link with base Heimdal libraries, and eventually fail to run due to undefined symbols.
Testbuilds fail in configure phase. See
(identical problem for the other platforms 11a, 10i, 9.3a)
Created attachment 174468 [details]
Updated new port
- Fixes OpenSSL selection (base and port) on 9, 10, 11
- IGNOREs with base OpenSSL on 9, due to API incompatibility
- IGNOREs with any LibreSSL, due to (im)proper use of footgun with regard
to the OPENSSL_VERSION_NUMBER macro
- Adds module configuration file
- I arbitrarily chose the load order prefix (240, currently vacant) based
on information from apache@ that there are no rules for selecting it
A commit references this bug:
Date: Sat Sep 10 19:10:08 UTC 2016
New revision: 421727
New port: www/mod_auth_gssapi
This module adds support for single-sign-on authentication via GSSAPI
to the Apache httpd. It is intended as a successor to mod_auth_kerb.
Submitted by: firstname.lastname@example.org