forked from Lainports/freebsd-ports
8e584a521a
- Add a SASL port option
- Fix the KERBEROS ports option - it was a no-op, setting a
configure flag which modifies how Kerberos was used without
setting the flag that actually enables it.
- Use GSSAPI instead of $ENV{KRB5CCNAME} to set the credential
cache. The latter pollutes the unsuspecting application's
environment and does not always work (for instance, it breaks when
nss_ldap is invoked from OpenSSH, although I haven't quite
determined why)
- Add patches to support Heimdal in addition to MIT Kerberos. Note
that I tried to ensure that the code is unchanged in the
non-Heimdal case, but that I have no way of testing with MIT
Kerberos.
With the above changes, I have successfully configured a FreeBSD 9.2
server to authenticate users against a Microsoft Windows 2012 Active
Directory server.
Non-functional changes:
- Modernize and stagify
- Remove text in pkg-message about a change that was made ten years ago
- Take maintainership as current maintainer has been AWOL for 2+ years
- Bump PORTREVISION
Approved by: maintainer hasn't been heard of for 2+ years
12 lines
415 B
C
12 lines
415 B
C
--- ldap-nss.h.orig
|
|
+++ ldap-nss.h
|
|
@@ -923,6 +923,8 @@
|
|
int _nss_ldap_get_ld_errno (char **m, char **s);
|
|
|
|
#ifdef CONFIGURE_KRB5_KEYTAB
|
|
-int do_init_krb5_cache(ldap_config_t *config);
|
|
+int do_init_krb5_cache (ldap_config_t *config);
|
|
+int do_select_krb5_cache (ldap_config_t * config);
|
|
+int do_restore_krb5_cache (ldap_config_t * config);
|
|
#endif /* CONFIGURE_KRB5_KEYTAB */
|
|
#endif /* _LDAP_NSS_LDAP_LDAP_NSS_H */
|