[MacPorts] #36781: cyrus-sasl2: use Heimdal instead of MIT Kerberos on Lion and later
MacPorts
noreply at macports.org
Sun Oct 28 15:20:00 PDT 2012
#36781: cyrus-sasl2: use Heimdal instead of MIT Kerberos on Lion and later
-------------------------+--------------------------------
Reporter: aronnax@… | Owner: macports-tickets@…
Type: enhancement | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 2.1.2
Keywords: | Port: cyrus-sasl2
-------------------------+--------------------------------
I co-maintain a port (nds2-client) that uses Kerberos authentication via
SASL. In Lion, Apple switched their Kerberos implementation from MIT
Kerberos to Heimdal. However, MacPorts' /opt/local/bin/kinit is still MIT
Kerberos. As a result, keys created by /opt/local/bin/kinit are not
visible by /usr/bin/klist, whereas keys created by /usr/bin/kinit are not
visible by /opt/local/bin/klist.
In order to smooth Kerberos authentication, I propose that cyrus-sasl2
depend on the Heimdal port on Lion and later. This will make it so that
MacPorts programs can use the same credentials cache as Apple's kerberos
utilities.
My proposal would consist of three patches:
1. heimdal: change prefix from ${prefix}/libexec/heimdal to ${prefix} and
add a conflict with kerberos5
2. kerberos5: add a conflict with heimdal
3. cyrus-sasl2: kerberos variant depends on kerberos5 on darwin <= 10,
and heimdal on all other platforms
As I have conceived them, these three patches would have to go through at
the same time. Right now, I will attach just the cyrus-sasl2 patch. I
would appreciate instructions on whether to attach the heimdal and
kerberos5 patches here or to open separate cross-referenced bug reports
for them.
--
Ticket URL: <https://trac.macports.org/ticket/36781>
MacPorts <http://www.macports.org/>
Ports system for Mac OS
More information about the macports-tickets
mailing list