Bug#830844: Pending fixes for bugs in the libauthen-krb5-perl package

[Damyan Ivanov]

-=| Sergio Gelato, 12.07.2016 11:51:20 +0200 |=-
> > https://anonscm.debian.org/cgit/pkg-perl/packages/libauthen-krb5-perl.git/commit/?id=3558a41
> 
> You may have missed a documentation reference in Krb5.pm:
> -------
> =item get_krbhst(realm)
> 
> Returns a list of the Kerberos servers from the specified realm.

Oh, I missed the "PREFIX = krb5_" thing in MODULE description and 
looked only for "krb5_get_krbhst".

> -------
> which raises the issue of how much Perl code out there may call
> Authen::Krb5::get_krbhst($realm) .

None in Debian: 
https://codesearch.debian.net/search?q=get_krbhst&perpkg=1

And whoever used that method in some non-packaged stuff would have 
seen the undefined symbol error already.

> As far as my own needs are concerned it's OK to drop this function,
> but it is an API change and may deserve a bump in the module's version number.
> 
> Alternatively, one could lift the implementation of krb5_get_krbhst (in terms
> of profile_get_values, which is a public interface) from older libkrb5, or
> provide a new one if there are licensing issues. Of course this is more
> work and best left to upstream.
> 
> As a stop-gap, maybe one could keep Authen::Krb5::get_krbhst but with a
> dummy implementation that always returns undef?

Latest upstream release is from 2010 and RT at 
https://rt.cpan.org/Public/Dist/Display.html?Name=Krb5 seems like it 
was never touched.

I am inclined to drop get_krbhst from the POD and move on. Yes, that 
would be API breakage, but that part of the API was already broken, 
and the patch fixes the PERL_DL_NONLAZY=1 use case so it seems like an 
improvement to me.

If an implementation using public Kerberos API appears later, amending 
would be easy. I myself don't feel qualified to write such 
implementation.

Better approaches welcome, of course. I won't rush with the POD 
removal.