From 417edb970ec87cd1e45ea2923fdee4c6cb5d57f4 Mon Sep 17 00:00:00 2001
From: Clinton Ebadi <clinton@unknownlamer.org>
Date: Sun, 11 Nov 2018 20:52:06 -0500
Subject: [PATCH] apache: use HTTP for mod_auth_kerb service principal

HTTP/host is the hardcoded service name that the negotitate auth
method requires, which is why it has never worked here. Switch to the
expected service name going forward.
---
 src/plugins/apache.sml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/plugins/apache.sml b/src/plugins/apache.sml
index fa5cc3a..6a9fa39 100644
--- a/src/plugins/apache.sml
+++ b/src/plugins/apache.sml
@@ -929,7 +929,7 @@ val () = Env.action_one "authType"
 		  write "\n";
 		  case ty of
 		      "kerberos" => 
-		      write "\tKrbServiceName apache2\n\tKrb5Keytab /etc/keytabs/service/apache\n\tKrbMethodNegotiate on\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC on\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n"
+		      write "\tKrbServiceName HTTP\n\tKrb5Keytab /etc/keytabs/service/apache\n\tKrbMethodNegotiate on\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC on\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n"
 		    | _ => ())
 	     else
 		 print "WARNING: Skipped Kerberos authType because this isn't an SSL vhost.\n")
-- 
2.20.1