Solved [Solved] Apache24 and mod_auth_kerb2

[meciarz]

Hello,
I'm running FreeBSD 10 and want to run Apache 2.4 with Kerberos authorization. Unfortunately compilation of mod_auth_kerb2 failed (on another machine with FreeBSD 10 and apache22 everything is ok). I was trying to patch with file found on http://sourceforge.net/p/modauthkerb/patches/32/ but make also return error.
Does anyone of you run successfully apache24 with mod_auth_kerb2 and can share working patch for mod_auth_kerb2?

Edit
I have change patch (from upper link)

--- ./src/mod_auth_kerb.c.bsd   Thu Dec  4 20:14:03 2008
+++ ./src/mod_auth_kerb.c       2013-06-18 17:06:05.000000000 +0200
@@ -68,6 +68,12 @@
 #include <http_protocol.h>
 #include <http_request.h>

+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(auth_kerb);
+#undef APLOG_MARK
+#define APLOG_MARK     __FILE__, __LINE__
+#endif
+
 #ifdef STANDARD20_MODULE_STUFF
 #include <apr_strings.h>
 #include <apr_base64.h>
@@ -371,7 +377,11 @@


 #ifdef STANDARD20_MODULE_STUFF
+#ifdef APLOG_USE_MODULE
+   ap_log_rerror(file, line, APLOG_MODULE_INDEX, level | APLOG_NOERRNO, status, r, "%s", errstr);
+#else
    ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr);
+#endif
 #else
    ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr);
 #endif
@@ -1578,7 +1588,7 @@
    char keyname[1024];

    snprintf(keyname, sizeof(keyname) - 1,
-       "mod_auth_kerb::connection::%s::%ld", r->connection->remote_ip,
+       "mod_auth_kerb::connection::%s::%ld", r->useragent_ip,
        r->connection->id);

    if (apr_pool_userdata_get((void**)&conn_data, keyname, r->connection->pool) != 0)
@@ -1608,4 +1618,4 @@
        snprintf(keyname, sizeof(keyname) - 1,
            "mod_auth_kerb::connection::%s::%ld",
-          r->connection->remote_ip, r->connection->id);
+          r->useragent_ip, r->connection->id);
        apr_pool_userdata_set(prevauth, keyname, NULL, r->connection->pool);

but stil get errors:

/usr/include/krb5-protos.h:2131:1: note: 'krb5_get_err_text' declared here
krb5_get_err_text (
^
src/mod_auth_kerb.c:1717:8: error: unknown type name 'authn_status'
static authn_status authn_krb_password(request_rec *r, const char *user,
       ^
src/mod_auth_kerb.c:1730:26: error: use of undeclared identifier 'AUTH_GRANTED'
   if (ret == OK) return AUTH_GRANTED;
                         ^
src/mod_auth_kerb.c:1731:16: error: use of undeclared identifier 'AUTH_USER_NOT_FOUND'
   else return AUTH_USER_NOT_FOUND;
               ^
21 warnings and 3 errors generated.
apxs:Error: Command failed with rc=65536
.
gmake[1]: *** [src/mod_auth_kerb.so] Error 1
gmake[1]: Leaving directory `/usr/ports/www/mod_auth_kerb2/work/mod_auth_kerb-5.4'
*** Error code 1

 

[Deever]

Re: Apache24 and mod_auth_kerb2

Do you have confirmation that this module is available for apache 2.4 at all? Version 2.4 undeservedly seems under heavy disattention[tm] while people prefer nginx instead of apache 2.4 over apache 2.2 in cases where apache 2.4 would be far easier.

I'm running 2.4 as well and will also try mod_auth_kerb when kerberizing my network. Unfortunately I have plenty of work to be done before so you probably better don't wait for me finding a solution for fixing this.

Greetings,
/dev

 

[meciarz]

Re: Apache24 and mod_auth_kerb2

I've looked once again at the code and changed 3 more lines. Now mod_auth_kerb2 is compiling without errors and work ok under apache24.
Here is patch for this:

--- src/mod_auth_kerb.c.orig    Thu Dec  4 20:14:03 2008
+++ src/mod_auth_kerb.c Fri Apr 27 07:55:06 2012
@@ -68,6 +68,12 @@
 #include <http_protocol.h>
 #include <http_request.h>

+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(auth_kerb);
+#undef APLOG_MARK
+#define APLOG_MARK     __FILE__, __LINE__
+#endif
+
 #ifdef STANDARD20_MODULE_STUFF
 #include <apr_strings.h>
 #include <apr_base64.h>
@@ -88,5 +94,5 @@

-#if AP_SERVER_MAJORVERSION_NUMBER == 2 && AP_SERVER_MINORVERSION_NUMBER== 2
-#define APACHE22
+#if AP_SERVER_MAJORVERSION_NUMBER == 2 && AP_SERVER_MINORVERSION_NUMBER== 4
+#define APACHE24
 #include "mod_auth.h"
 #endif
@@ -371,7 +377,11 @@


 #ifdef STANDARD20_MODULE_STUFF
+#ifdef APLOG_USE_MODULE
+   ap_log_rerror(file, line, APLOG_MODULE_INDEX, level | APLOG_NOERRNO, status, r, "%s", errstr);
+#else
    ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr);
+#endif
 #else
    ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr);
 #endif
@@ -1578,7 +1588,7 @@
    char keyname[1024];

    snprintf(keyname, sizeof(keyname) - 1,
-       "mod_auth_kerb::connection::%s::%ld", r->connection->remote_ip,
+       "mod_auth_kerb::connection::%s::%ld", r->useragent_ip,
        r->connection->id);

    if (apr_pool_userdata_get((void**)&conn_data, keyname, r->connection->pool) != 0)
@@ -1608,4 +1618,4 @@
        snprintf(keyname, sizeof(keyname) - 1,
            "mod_auth_kerb::connection::%s::%ld",
-          r->connection->remote_ip, r->connection->id);
+          r->useragent_ip, r->connection->id);
        apr_pool_userdata_set(prevauth, keyname, NULL, r->connection->pool);
@@ -1850,4 +1860,4 @@
 kerb_register_hooks(apr_pool_t *p)
 {
-#ifdef APACHE22
+#ifdef APACHE24
   static const authn_provider authn_krb_provider = {