Update to 5.0rc7; from Chris Kuethe <chris.kuethe@gmail.com>

2006-05-27 16:08:16 +00:00 · 2006-05-27 16:08:16 +00:00 · 8c34fcfac1
commit 8c34fcfac1
parent 2c3d9ae3ec
3 changed files with 19 additions and 9 deletions
--- a/www/mod_auth_kerb/Makefile
+++ b/www/mod_auth_kerb/Makefile
@ -1,12 +1,11 @@
-# $OpenBSD: Makefile,v 1.3 2005/11/04 09:31:25 alek Exp $
+# $OpenBSD: Makefile,v 1.4 2006/05/27 16:08:16 alek Exp $

 SHARED_ONLY=	Yes

 COMMENT=	"Apache Kerberos authentication module"

-VERSION=	5.0-rc6
+VERSION=	5.0rc7
 DISTNAME=	mod_auth_kerb-${VERSION}
-PKGNAME=	mod_auth_kerb-${VERSION:S/-//}p1
 CATEGORIES=	www

 HOMEPAGE=	http://modauthkerb.sourceforge.net/
@ -23,6 +22,7 @@ WANTLIB=		ssl gssapi krb5 crypto
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=modauthkerb/}

 NO_REGRESS=	Yes
+USE_GMAKE=	Yes

 CONFIGURE_STYLE=gnu
 CONFIGURE_ENV=	KRB5_CPPFLAGS="-I/usr/include/kerberosV" \
--- a/www/mod_auth_kerb/distinfo
+++ b/www/mod_auth_kerb/distinfo
@ -1,4 +1,4 @@
-MD5 (mod_auth_kerb-5.0-rc6.tar.gz) = 274edfb950af20ce6ef0ddcb7c20263a
-RMD160 (mod_auth_kerb-5.0-rc6.tar.gz) = a9a277c532e7f72b3a649346e88db7aea1889036
-SHA1 (mod_auth_kerb-5.0-rc6.tar.gz) = b1700b4eca2d50691977849750f5e614c7caa80d
-SIZE (mod_auth_kerb-5.0-rc6.tar.gz) = 68761
+MD5 (mod_auth_kerb-5.0rc7.tar.gz) = 139b63c98333682e611515b225b5222d
+RMD160 (mod_auth_kerb-5.0rc7.tar.gz) = f336f1c9c4b67a88fd162395ec1299f73c5e89c4
+SHA1 (mod_auth_kerb-5.0rc7.tar.gz) = 5a3e699b86c0f08b09fe44aa2747bfd8a67f5b87
+SIZE (mod_auth_kerb-5.0rc7.tar.gz) = 72272
--- a/www/mod_auth_kerb/files/README
+++ b/www/mod_auth_kerb/files/README
@ -1,4 +1,4 @@
-$OpenBSD: README,v 1.2 2005/11/04 09:31:25 alek Exp $
+$OpenBSD: README,v 1.3 2006/05/27 16:08:16 alek Exp $

 If you haven't already run the module enabler, you can manually enable
 Kerberos support by adding the following lines into httpd.conf near the
@ -32,7 +32,17 @@ writeable by apache, and has no relation to your other Kerberos keys. One
 way to do this:

 	ktutil -k /var/www/conf/httpd.keytab add -V 1 -e des-cbc-crc \
-		-w PASSWORD -p http/host.domain.tld@REALM.TLD
+		-w PASSWORD -p http/host.domain.tld@YOUR.REALM
+
+Depending on your ID management system, you may be able to simply "get" a
+principal, though you will needed the appropriate kdc privileges to do so:
+
+	ktutil -k /var/www/conf/httpd.keytab get \
+		http/host.domain.tld@YOUR.REALM
+
+Once you have created the keytab with the web server's principal, you should
+restrict permissions on the keytab:
+
 	chown root:www /var/www/conf/httpd.keytab
 	chmod 0440 /var/www/conf/httpd.keytab