pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/heimdal Update security/heimdal to version 1....
details: https://anonhg.NetBSD.org/pkgsrc/rev/395109867108
branches: trunk
changeset: 539115:395109867108
user: jlam <jlam%pkgsrc.org@localhost>
date: Thu Feb 28 08:14:41 2008 +0000
description:
Update security/heimdal to version 1.1. Changes from version 0.7.2 include:
* Read-only PKCS11 provider built-in to hx509.
* Better compatibilty with Windows 2008 Server pre-releases and Vista.
* Add RFC3526 modp group14 as default.
* Handle [kdc] database = { } entries without realm = stanzas.
* Add gss_pseudo_random() for mechglue and krb5.
* Make session key for the krbtgt be selected by the best encryption
type of the client.
* Better interoperability with other PK-INIT implementations.
* Alias support for inital ticket requests.
* Make ASN.1 library less paranoid to with regard to NUL in string to
make it inter-operate with MIT Kerberos again.
* PK-INIT support.
* HDB extensions support, used by PK-INIT.
* New ASN.1 compiler.
* GSS-API mechglue from FreeBSD.
* Updated SPNEGO to support RFC4178.
* Support for Cryptosystem Negotiation Extension (RFC 4537).
* A new X.509 library (hx509) and related crypto functions.
* A new ntlm library (heimntlm) and related crypto functions.
* KDC will return the "response too big" error to force TCP retries
for large (default 1400 bytes) UDP replies. This is common for
PK-INIT requests.
* Libkafs defaults to use 2b tokens.
* krb5_kuserok() also checks ~/.k5login.d directory for acl files.
* Fix memory leaks.
* Bugs fixes
diffstat:
security/heimdal/Makefile | 115 ++++++-------------------
security/heimdal/PLIST | 170 +++++++++++++++++++++++++++++++++----
security/heimdal/buildlink3.mk | 4 +-
security/heimdal/distinfo | 22 ++--
security/heimdal/patches/patch-ac | 6 +-
security/heimdal/patches/patch-ad | 41 +++++++-
security/heimdal/patches/patch-al | 6 +-
security/heimdal/patches/patch-am | 25 -----
security/heimdal/patches/patch-an | 145 --------------------------------
security/heimdal/patches/patch-ao | 44 ---------
security/heimdal/patches/patch-ap | 16 ---
security/heimdal/patches/patch-aq | 16 ---
security/heimdal/patches/patch-ar | 8 +-
security/heimdal/patches/patch-as | 25 +++++
14 files changed, 255 insertions(+), 388 deletions(-)
diffs (truncated from 1089 to 300 lines):
diff -r 14cd346455bc -r 395109867108 security/heimdal/Makefile
--- a/security/heimdal/Makefile Thu Feb 28 00:31:37 2008 +0000
+++ b/security/heimdal/Makefile Thu Feb 28 08:14:41 2008 +0000
@@ -1,13 +1,11 @@
-# $NetBSD: Makefile,v 1.64 2008/01/18 05:09:37 tnn Exp $
+# $NetBSD: Makefile,v 1.65 2008/02/28 08:14:41 jlam Exp $
-DISTNAME= heimdal-0.7.2
-PKGREVISION= 4
+DISTNAME= heimdal-1.1
CATEGORIES= security
-MASTER_SITES= ftp://ftp.pdc.kth.se/pub/heimdal/src/ \
- ftp://ftp.sunet.se/pub/unix/admin/mirror-pdc/heimdal/src/
+MASTER_SITES= http://www.h5l.org/dist/src/
MAINTAINER= lha%NetBSD.org@localhost
-HOMEPAGE= http://www.pdc.kth.se/heimdal/
+HOMEPAGE= http://www.h5l.org/
COMMENT= Kerberos 5 implementation
CONFLICTS+= arla-[0-9]*
@@ -15,86 +13,46 @@
CONFLICTS+= openafs-[0-9]*
CONFLICTS+= gss-[0-9]*
-PKG_INSTALLATION_TYPES= overwrite pkgviews
+#LICENSE= modified-bsd
+
+PKG_DESTDIR_SUPPORT= user-destdir
USE_LIBTOOL= yes
USE_TOOLS+= bison flex
+PKGCONFIG_OVERRIDE+= tools/heimdal-gssapi.pc.in
MAKE_ENV+= INSTALL_CATPAGES=no
-HEIMDAL_STATEDIR?= ${VARBASE}/heimdal
+.include "../../mk/bsd.prefs.mk"
+.include "options.mk"
+
+HEIMDAL_HDB_DIR= ${VARBASE}/heimdal
GNU_CONFIGURE= yes
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+= --localstatedir=${HEIMDAL_STATEDIR:Q}
CONFIGURE_ARGS+= --includedir=${PREFIX}/include/krb5
+CONFIGURE_ARGS+= --with-hdbdir=${HEIMDAL_HDB_DIR:H:Q}
CONFIGURE_ARGS+= --without-x
CONFIGURE_ARGS+= --without-krb4
CONFIGURE_ARGS+= --enable-kcm
+CONFIGURE_ARGS+= --with-openssl=${SSLBASE:Q}
+CONFIGURE_ARGS+= ${ABI:D--with-mips-abi=${ABI}}
+CONFIGURE_ENV+= COMPILE_ET=no # build Heimdal's compile_et(1)
CFLAGS.Darwin+= -DBIND_8_COMPAT
# Though Solaris has a <vis.h> header, it does something very unrelated
# to the BSD <vis.h> header.
+#
OPSYSVARS+= CONFIGURE_ENV
CONFIGURE_ENV.SunOS+= ac_cv_header_vis_h=no
-# Force building and installing Heimdal's own compile_et.
-CONFIGURE_ENV+= COMPILE_ET=no
-
-.include "../../mk/bsd.prefs.mk"
-
-.if defined(ABI)
-CONFIGURE_ARGS+= --with-mips-abi=${ABI}
-.endif
-
# Heimdal's configure script expects to find the readline.h header as
-# <readline.h>.
+# <readline.h>. Also force the configure script to use the terminal
+# library needed by the readline library.
#
+CONFIGURE_ENV+= ac_cv_funclib_tgetent=${BUILDLINK_LDADD.termlib:Q}
CONFIGURE_ARGS+= --with-readline=${BUILDLINK_PREFIX.readline}
CPPFLAGS+= -I${BUILDLINK_PREFIX.readline}/include/readline
-BROKEN_READLINE_DETECTION= yes
-.include "../../devel/readline/buildlink3.mk"
-
-CONFIGURE_ARGS+= --with-openssl=${SSLBASE:Q}
-.include "../../security/openssl/buildlink3.mk"
-
-PKG_OPTIONS_VAR= PKG_OPTIONS.heimdal
-PKG_SUPPORTED_OPTIONS= kerberos-prefix-cmds ldap
-
-.include "../../mk/bsd.options.mk"
-
-.if !empty(PKG_OPTIONS:Mldap)
-. include "../../databases/openldap-client/buildlink3.mk"
-CONFIGURE_ARGS+= --with-openldap=${BUILDLINK_PREFIX.openldap-client}
-PLIST_SUBST+= LDAP=""
-
-post-install: heimdal-ldap-schema
-heimdal-ldap-schema:
- ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/heimdal
- ${INSTALL_DATA} ${WRKSRC}/lib/hdb/hdb.schema \
- ${PREFIX}/share/examples/heimdal
-.else
-PLIST_SUBST+= LDAP="@comment "
-.endif
-
-# Rename some of Heimdal's applications so they won't conflict with
-# other packages.
-#
-.if !empty(PKG_OPTIONS:Mkerberos-prefix-cmds)
-KRB5_PREFIX= k
-HEIMDAL_TRANSFORM= s/^ftp/${KRB5_PREFIX}&/; \
- s/^login/${KRB5_PREFIX}&/; \
- s/^${KRB5_PREFIX}login.access/login.access/; \
- s/^rcp/${KRB5_PREFIX}&/; \
- s/^rsh/${KRB5_PREFIX}&/; \
- s/^su/${KRB5_PREFIX}&/; \
- s/^telnet/${KRB5_PREFIX}&/
-.else
-KRB5_PREFIX= # empty
-HEIMDAL_TRANSFORM= s/^ftp/k&/
-.endif
-PLIST_SUBST+= KRB5_PREFIX=${KRB5_PREFIX:Q}
-CONFIGURE_ARGS+= --program-transform-name=${HEIMDAL_TRANSFORM:Q}
.if ${OPSYS} == "IRIX"
PLIST_SUBST+= IF_IRIX=""
@@ -102,40 +60,21 @@
PLIST_SUBST+= IF_IRIX="@comment "
.endif
-OWN_DIRS_PERMS= ${HEIMDAL_STATEDIR} ${ROOT_USER} ${ROOT_GROUP} 0700
+OWN_DIRS_PERMS= ${HEIMDAL_HDB_DIR} ${ROOT_USER} ${ROOT_GROUP} 0700
+SPECIAL_PERMS+= ${PREFIX}/bin/otp ${SETUID_ROOT_PERMS}
SPECIAL_PERMS= ${PREFIX}/bin/${KRB5_PREFIX}su ${SETUID_ROOT_PERMS}
RCD_SCRIPTS= kadmind kcm kdc kpasswdd
INFO_FILES= # PLIST
-# Dynamically determine the "replacement" headers for things missing
-# in the base system and add them to the PLIST.
+# Dynamically determine the "replacement" headers for bits needed by
+# Heimdal but are missing in the base system and add them to the PLIST.
#
GENERATE_PLIST+= \
- ( cd ${WRKSRC}/lib/roken && ${MAKE_PROGRAM} print-xheaders | \
+ ( cd ${WRKSRC}/lib/roken && ${BUILD_MAKE_CMD} print-xheaders | \
${XARGS} -n 1 | ${SED} -e "s,^,include/krb5/," ); \
${ECHO} "@dirrm include/krb5";
-# Fix some places in the Heimdal sources that don't point to the correct
-# Kerberized binaries when exec'ing programs.
-#
-SUBST_CLASSES+= heimdal
-SUBST_STAGE.heimdal= pre-configure
-SUBST_FILES.heimdal= appl/rcp/rcp.c appl/rcp/rcp_locl.h \
- appl/rsh/rsh_locl.h \
- appl/telnet/telnetd/telnetd.h
-SUBST_SED.heimdal= \
- -e "/RSH_PROGRAM/s,rsh,${KRB5_PREFIX}rsh,g" \
- -e "/PATH_RSH/s,\"/usr/bin/rsh\",BINDIR \"${KRB5_PREFIX}rsh\",g" \
- -e "/PATH_RSH/s,/rsh,/${KRB5_PREFIX}rsh,g" \
- -e "/PATH_LOGIN/s,/login,/${KRB5_PREFIX}login,g"
-
+.include "../../devel/readline/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
.include "../../mk/bdb.buildlink3.mk"
-
-pre-configure:
- cd ${WRKSRC}; for f in lib/hdb/hdb.h; do \
- ${SED} -e "s|/var/heimdal|${HEIMDAL_STATEDIR}|g" \
- $$f > $$f.new; \
- ${MV} -f $$f.new $$f; \
- done
-
.include "../../mk/bsd.pkg.mk"
diff -r 14cd346455bc -r 395109867108 security/heimdal/PLIST
--- a/security/heimdal/PLIST Thu Feb 28 00:31:37 2008 +0000
+++ b/security/heimdal/PLIST Thu Feb 28 08:14:41 2008 +0000
@@ -1,11 +1,8 @@
-@comment $NetBSD: PLIST,v 1.12 2007/02/20 10:17:14 rillig Exp $
-bin/${KRB5_PREFIX}login
-bin/${KRB5_PREFIX}rcp
-bin/${KRB5_PREFIX}rsh
-bin/${KRB5_PREFIX}su
-bin/${KRB5_PREFIX}telnet
+@comment $NetBSD: PLIST,v 1.13 2008/02/28 08:14:41 jlam Exp $
bin/afslog
bin/compile_et
+bin/gss
+bin/hxtool
bin/kauth
bin/kdestroy
bin/kf
@@ -15,28 +12,45 @@
bin/klist
bin/kpasswd
bin/krb5-config
+bin/${KRB5_PREFIX}login
bin/mk_cmds
bin/otp
bin/otpprint
bin/pagsh
bin/pfrom
+bin/${KRB5_PREFIX}rcp
+bin/${KRB5_PREFIX}rsh
bin/string2key
+bin/${KRB5_PREFIX}su
+bin/${KRB5_PREFIX}telnet
bin/verify_krb5_conf
include/krb5/asn1_err.h
include/krb5/base64.h
+include/krb5/cms_asn1.h
include/krb5/com_err.h
include/krb5/com_right.h
+include/krb5/der-protos.h
include/krb5/der.h
+include/krb5/digest_asn1.h
include/krb5/editline.h
include/krb5/getarg.h
include/krb5/gssapi.h
-include/krb5/hdb-private.h
+include/krb5/gssapi/gkrb5_err.h
+include/krb5/gssapi/gssapi.h
+include/krb5/gssapi/gssapi_krb5.h
+include/krb5/gssapi/gssapi_spnego.h
include/krb5/hdb-protos.h
include/krb5/hdb.h
include/krb5/hdb_asn1.h
include/krb5/hdb_err.h
+include/krb5/heim_asn1.h
include/krb5/heim_err.h
+include/krb5/heimntlm-protos.h
+include/krb5/heimntlm.h
include/krb5/hex.h
+include/krb5/hx509-protos.h
+include/krb5/hx509.h
+include/krb5/hx509_err.h
include/krb5/k524_err.h
include/krb5/kadm5/admin.h
include/krb5/kadm5/kadm5-private.h
@@ -44,18 +58,28 @@
include/krb5/kadm5/kadm5_err.h
include/krb5/kadm5/private.h
include/krb5/kafs.h
+include/krb5/kdc-protos.h
+include/krb5/kdc.h
include/krb5/krb5-private.h
include/krb5/krb5-protos.h
include/krb5/krb5-types.h
include/krb5/krb5.h
+include/krb5/krb5/locate_plugin.h
+include/krb5/krb5/windc_plugin.h
include/krb5/krb5_asn1.h
include/krb5/krb5_ccapi.h
include/krb5/krb5_err.h
+include/krb5/kx509_asn1.h
include/krb5/otp.h
include/krb5/parse_bytes.h
include/krb5/parse_time.h
include/krb5/parse_units.h
+include/krb5/pkcs12_asn1.h
+include/krb5/pkcs8_asn1.h
+include/krb5/pkcs9_asn1.h
+include/krb5/pkinit_asn1.h
include/krb5/resolve.h
+include/krb5/rfc2459_asn1.h
include/krb5/roken-common.h
include/krb5/roken.h
include/krb5/rtbl.h
@@ -63,22 +87,26 @@
include/krb5/ss/ss.h
include/krb5/xdbm.h
info/heimdal.info
+info/hx509.info
${IF_IRIX}lib/afskauthlib.so
lib/libasn1.la
lib/libcom_err.la
lib/libeditline.la
lib/libgssapi.la
lib/libhdb.la
+lib/libheimntlm.la
+lib/libhx509.la
lib/libkadm5clnt.la
lib/libkadm5srv.la
lib/libkafs.la
+lib/libkdc.la
lib/libkrb5.la
lib/libotp.la
lib/libroken.la
lib/libsl.la
lib/libss.la
-libexec/${KRB5_PREFIX}rshd
-libexec/${KRB5_PREFIX}telnetd
+lib/pkgconfig/heimdal-gssapi.pc
+lib/windc.la
libexec/hprop
libexec/hpropd
libexec/ipropd-master
@@ -86,36 +114,49 @@
libexec/kadmind
libexec/kcm
libexec/kdc
+libexec/kdigest
Home |
Main Index |
Thread Index |
Old Index