libsasl2-modules-gssapi-mit: buggy autoconf m4 script makes SASL's "keytab" option not work
Russ Allbery
rra at debian.org
Tue Jan 28 20:39:08 UTC 2014
Roberto C. Sánchez <roberto at connexer.com> writes:
> Sam, Russ, and Ben,
> I am going through some old bug reports against cyrus-sasl2, and I am
> curious as to your thoughts about the fix for #651308 as suggested by
> the submitter.
> On Thu, Dec 08, 2011 at 01:19:47AM +0800, Liu Yubao wrote:
>>
>> * What was the outcome of this action?
>> * What outcome did you expect instead?
>>
>> I feel it's better to fix sasl.m4 rather than directly change
>> plugins/gssapi.c to add more macros, maybe it's even better to just
>> change /usr/include/mit-krb5/gssapi/gssapi_krb5.h to use this macro:
>> #define krb5_gss_register_acceptor_identity
>> gsskrb5_register_acceptor_identity but this way breaks ABI
>> compatibility.
> Would the suggested change to MIT Kerberos be something that would be
> entertained by yourselves and by upstream? Or is this something that
> needs to be fixed from within the cyrus-sasl2 package?
I think this needs to be fixed within the cyrus-sasl2 package. Exposing
this as a function would mean adding a new function just to make the
Autoconf probe work, which doesn't seem like a good idea. (The solution
that the bug reporter proposes definitely doesn't work, since as mentioned
that would change the GSS-API library API.)
I suspect that SASL is currently doing something like:
AC_CHECK_FUNCS([gsskrb5_register_acceptor_identity])
The right solution is probably to also do:
AC_CHECK_FUNCS([krb5_gss_regster_acceptor_identity])
and then use whichever one is found.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list