Attempt to dispel rumors that GSSAPI and Kerberos are interchangable.

The Generic Security Services Application Programming Interface is an abstract interface for creating security contexts between two peers to allow for secure passing of messages and other operations, which allows for the use of many different underlying security mechanisms. Kerberos 5 is a common such security mechanism, but is far from the only mechanism in use. Many krb5 implementations provide a GSSAPI library that provides the krb5 mechanism(s); in some cases, those libraries can also support user-provided GSSAPI mechanisms as well. The only implementations of the GSSAPI which are currently supported by the USES=gssapi support in the Ports Collection are such libraries provided by krb5 implementations. Approved by: hrs (mentor)
svn path=/head/; revision=45306
2014-07-16 02:47:17 +00:00 · 2014-07-16 02:47:17 +00:00 · e674769e8e · 2020-12-08 03:00:23 +00:00
commit e674769e8e
parent f44c52f8fb
1 changed files with 10 additions and 7 deletions
--- a/en_US.ISO8859-1/books/porters-handbook/uses.xml
+++ b/en_US.ISO8859-1/books/porters-handbook/uses.xml
@ -275,10 +275,12 @@
    <literal>flags</literal>, <literal>bootstrap</literal></entry>

  <entry>
-    <para>Handle dependency on <application>Kerberos</application>
-      ports.  By default, or set to <literal>base</literal>,
-      <application>Kerberos</application> from the base system is
-      used.  Set to <literal>heimdal</literal> to use <package
+    <para>Handle dependencies needed by consumers of the
+      <acronym>GSS-API</acronym>.  Only libraries that provide the
+      <application>Kerberos</application> mechanism are available.
+      By default, or set to <literal>base</literal>,
+      the <acronym>GSS-API</acronym> library from the base system is used.
+      Can also be set to <literal>heimdal</literal> to use <package
 	role="port">security/heimdal</package>, or
      <literal>mit</literal> to use <package
 	role="port">security/krb5</package>.</para>
@ -287,7 +289,8 @@
      installation is not in <varname>LOCALBASE</varname>, set
      <varname>HEIMDAL_HOME</varname> (for <literal>heimdal</literal>)
      or <varname>KRB5_HOME</varname> (for <literal>krb5</literal>) to
-      the base <application>Kerberos</application> directory.</para>
+      the location of the <application>Kerberos</application>
+      installation.</para>

    <para>These variables are exported for the ports to use:</para>

@ -301,7 +304,7 @@
      <listitem><para><varname>GSSAPI_CONFIGURE_ARGS</varname></para></listitem>
    </itemizedlist>

-    <para>The <literal>flags</literal> option can be set with
+    <para>The <literal>flags</literal> option can be given alongside
      <literal>base</literal>, <literal>heimdal</literal>, or
      <literal>mit</literal> to automatically add
      <varname>GSSAPICPPFLAGS</varname>,
@ -312,7 +315,7 @@
      <literal>base,flags</literal>.</para>

    <para>The <literal>bootstrap</literal> option is a special prefix
-      only for use with <package role="port">security/krb5</package>
+      only for use by <package role="port">security/krb5</package>
      and <package role="port">security/heimdal</package>.  For
      example, use <literal>bootstrap,mit</literal>.</para>