pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/heimdal Update security/heimdal to version 1....



details:   https://anonhg.NetBSD.org/pkgsrc/rev/395109867108
branches:  trunk
changeset: 539115:395109867108
user:      jlam <jlam%pkgsrc.org@localhost>
date:      Thu Feb 28 08:14:41 2008 +0000

description:
Update security/heimdal to version 1.1.  Changes from version 0.7.2 include:

 * Read-only PKCS11 provider built-in to hx509.
 * Better compatibilty with Windows 2008 Server pre-releases and Vista.
 * Add RFC3526 modp group14 as default.
 * Handle [kdc] database = { } entries without realm = stanzas.
 * Add gss_pseudo_random() for mechglue and krb5.
 * Make session key for the krbtgt be selected by the best encryption
   type of the client.
 * Better interoperability with other PK-INIT implementations.
 * Alias support for inital ticket requests.
 * Make ASN.1 library less paranoid to with regard to NUL in string to
   make it inter-operate with MIT Kerberos again.
 * PK-INIT support.
 * HDB extensions support, used by PK-INIT.
 * New ASN.1 compiler.
 * GSS-API mechglue from FreeBSD.
 * Updated SPNEGO to support RFC4178.
 * Support for Cryptosystem Negotiation Extension (RFC 4537).
 * A new X.509 library (hx509) and related crypto functions.
 * A new ntlm library (heimntlm) and related crypto functions.
 * KDC will return the "response too big" error to force TCP retries
   for large (default 1400 bytes) UDP replies.  This is common for
   PK-INIT requests.
 * Libkafs defaults to use 2b tokens.
 * krb5_kuserok() also checks ~/.k5login.d directory for acl files.
 * Fix memory leaks.
 * Bugs fixes

diffstat:

 security/heimdal/Makefile         |  115 ++++++-------------------
 security/heimdal/PLIST            |  170 +++++++++++++++++++++++++++++++++----
 security/heimdal/buildlink3.mk    |    4 +-
 security/heimdal/distinfo         |   22 ++--
 security/heimdal/patches/patch-ac |    6 +-
 security/heimdal/patches/patch-ad |   41 +++++++-
 security/heimdal/patches/patch-al |    6 +-
 security/heimdal/patches/patch-am |   25 -----
 security/heimdal/patches/patch-an |  145 --------------------------------
 security/heimdal/patches/patch-ao |   44 ---------
 security/heimdal/patches/patch-ap |   16 ---
 security/heimdal/patches/patch-aq |   16 ---
 security/heimdal/patches/patch-ar |    8 +-
 security/heimdal/patches/patch-as |   25 +++++
 14 files changed, 255 insertions(+), 388 deletions(-)

diffs (truncated from 1089 to 300 lines):

diff -r 14cd346455bc -r 395109867108 security/heimdal/Makefile
--- a/security/heimdal/Makefile Thu Feb 28 00:31:37 2008 +0000
+++ b/security/heimdal/Makefile Thu Feb 28 08:14:41 2008 +0000
@@ -1,13 +1,11 @@
-# $NetBSD: Makefile,v 1.64 2008/01/18 05:09:37 tnn Exp $
+# $NetBSD: Makefile,v 1.65 2008/02/28 08:14:41 jlam Exp $
 
-DISTNAME=      heimdal-0.7.2
-PKGREVISION=   4
+DISTNAME=      heimdal-1.1
 CATEGORIES=    security
-MASTER_SITES=  ftp://ftp.pdc.kth.se/pub/heimdal/src/   \
-               ftp://ftp.sunet.se/pub/unix/admin/mirror-pdc/heimdal/src/
+MASTER_SITES=  http://www.h5l.org/dist/src/
 
 MAINTAINER=    lha%NetBSD.org@localhost
-HOMEPAGE=      http://www.pdc.kth.se/heimdal/
+HOMEPAGE=      http://www.h5l.org/
 COMMENT=       Kerberos 5 implementation
 
 CONFLICTS+=    arla-[0-9]*
@@ -15,86 +13,46 @@
 CONFLICTS+=    openafs-[0-9]*
 CONFLICTS+=    gss-[0-9]*
 
-PKG_INSTALLATION_TYPES=        overwrite pkgviews
+#LICENSE=      modified-bsd
+
+PKG_DESTDIR_SUPPORT=   user-destdir
 
 USE_LIBTOOL=           yes
 USE_TOOLS+=            bison flex
+PKGCONFIG_OVERRIDE+=   tools/heimdal-gssapi.pc.in
 MAKE_ENV+=             INSTALL_CATPAGES=no
 
-HEIMDAL_STATEDIR?=     ${VARBASE}/heimdal
+.include "../../mk/bsd.prefs.mk"
+.include "options.mk"
+
+HEIMDAL_HDB_DIR=       ${VARBASE}/heimdal
 
 GNU_CONFIGURE=         yes
 CONFIGURE_ARGS+=       --sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+=       --localstatedir=${HEIMDAL_STATEDIR:Q}
 CONFIGURE_ARGS+=       --includedir=${PREFIX}/include/krb5
+CONFIGURE_ARGS+=       --with-hdbdir=${HEIMDAL_HDB_DIR:H:Q}
 CONFIGURE_ARGS+=       --without-x
 CONFIGURE_ARGS+=       --without-krb4
 CONFIGURE_ARGS+=       --enable-kcm
+CONFIGURE_ARGS+=       --with-openssl=${SSLBASE:Q}
+CONFIGURE_ARGS+=       ${ABI:D--with-mips-abi=${ABI}}
+CONFIGURE_ENV+=                COMPILE_ET=no   # build Heimdal's compile_et(1)
 
 CFLAGS.Darwin+=                -DBIND_8_COMPAT
 
 # Though Solaris has a <vis.h> header, it does something very unrelated
 # to the BSD <vis.h> header.
+#
 OPSYSVARS+=            CONFIGURE_ENV
 CONFIGURE_ENV.SunOS+=  ac_cv_header_vis_h=no
 
-# Force building and installing Heimdal's own compile_et.
-CONFIGURE_ENV+=                COMPILE_ET=no
-
-.include "../../mk/bsd.prefs.mk"
-
-.if defined(ABI)
-CONFIGURE_ARGS+=       --with-mips-abi=${ABI}
-.endif
-
 # Heimdal's configure script expects to find the readline.h header as
-# <readline.h>.
+# <readline.h>.  Also force the configure script to use the terminal
+# library needed by the readline library.
 #
+CONFIGURE_ENV+=                ac_cv_funclib_tgetent=${BUILDLINK_LDADD.termlib:Q}
 CONFIGURE_ARGS+=       --with-readline=${BUILDLINK_PREFIX.readline}
 CPPFLAGS+=             -I${BUILDLINK_PREFIX.readline}/include/readline
-BROKEN_READLINE_DETECTION=     yes
-.include "../../devel/readline/buildlink3.mk"
-
-CONFIGURE_ARGS+=       --with-openssl=${SSLBASE:Q}
-.include "../../security/openssl/buildlink3.mk"
-
-PKG_OPTIONS_VAR=       PKG_OPTIONS.heimdal
-PKG_SUPPORTED_OPTIONS= kerberos-prefix-cmds ldap
-
-.include "../../mk/bsd.options.mk"
-
-.if !empty(PKG_OPTIONS:Mldap)
-.  include "../../databases/openldap-client/buildlink3.mk"
-CONFIGURE_ARGS+=       --with-openldap=${BUILDLINK_PREFIX.openldap-client}
-PLIST_SUBST+=          LDAP=""
-
-post-install: heimdal-ldap-schema
-heimdal-ldap-schema:
-       ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/heimdal
-       ${INSTALL_DATA} ${WRKSRC}/lib/hdb/hdb.schema                    \
-               ${PREFIX}/share/examples/heimdal
-.else
-PLIST_SUBST+=          LDAP="@comment "
-.endif
-
-# Rename some of Heimdal's applications so they won't conflict with
-# other packages.
-#
-.if !empty(PKG_OPTIONS:Mkerberos-prefix-cmds)
-KRB5_PREFIX=           k
-HEIMDAL_TRANSFORM=     s/^ftp/${KRB5_PREFIX}&/;                        \
-                       s/^login/${KRB5_PREFIX}&/;                      \
-                       s/^${KRB5_PREFIX}login.access/login.access/;    \
-                       s/^rcp/${KRB5_PREFIX}&/;                        \
-                       s/^rsh/${KRB5_PREFIX}&/;                        \
-                       s/^su/${KRB5_PREFIX}&/;                         \
-                       s/^telnet/${KRB5_PREFIX}&/
-.else
-KRB5_PREFIX=           # empty
-HEIMDAL_TRANSFORM=     s/^ftp/k&/
-.endif
-PLIST_SUBST+=          KRB5_PREFIX=${KRB5_PREFIX:Q}
-CONFIGURE_ARGS+=       --program-transform-name=${HEIMDAL_TRANSFORM:Q}
 
 .if ${OPSYS} == "IRIX"
 PLIST_SUBST+=          IF_IRIX=""
@@ -102,40 +60,21 @@
 PLIST_SUBST+=          IF_IRIX="@comment "
 .endif
 
-OWN_DIRS_PERMS=                ${HEIMDAL_STATEDIR} ${ROOT_USER} ${ROOT_GROUP} 0700
+OWN_DIRS_PERMS=                ${HEIMDAL_HDB_DIR} ${ROOT_USER} ${ROOT_GROUP} 0700
+SPECIAL_PERMS+=                ${PREFIX}/bin/otp ${SETUID_ROOT_PERMS}
 SPECIAL_PERMS=         ${PREFIX}/bin/${KRB5_PREFIX}su ${SETUID_ROOT_PERMS}
 RCD_SCRIPTS=           kadmind kcm kdc kpasswdd
 INFO_FILES=            # PLIST
 
-# Dynamically determine the "replacement" headers for things missing
-# in the base system and add them to the PLIST.
+# Dynamically determine the "replacement" headers for bits needed by
+# Heimdal but are missing in the base system and add them to the PLIST.
 #
 GENERATE_PLIST+=       \
-       ( cd ${WRKSRC}/lib/roken && ${MAKE_PROGRAM} print-xheaders |    \
+       ( cd ${WRKSRC}/lib/roken && ${BUILD_MAKE_CMD} print-xheaders |  \
          ${XARGS} -n 1 | ${SED} -e "s,^,include/krb5/," );             \
        ${ECHO} "@dirrm include/krb5";
 
-# Fix some places in the Heimdal sources that don't point to the correct
-# Kerberized binaries when exec'ing programs.
-#
-SUBST_CLASSES+=                heimdal
-SUBST_STAGE.heimdal=   pre-configure
-SUBST_FILES.heimdal=   appl/rcp/rcp.c appl/rcp/rcp_locl.h              \
-                       appl/rsh/rsh_locl.h                             \
-                       appl/telnet/telnetd/telnetd.h
-SUBST_SED.heimdal=                                                     \
-       -e "/RSH_PROGRAM/s,rsh,${KRB5_PREFIX}rsh,g"                     \
-       -e "/PATH_RSH/s,\"/usr/bin/rsh\",BINDIR \"${KRB5_PREFIX}rsh\",g" \
-       -e "/PATH_RSH/s,/rsh,/${KRB5_PREFIX}rsh,g"                      \
-       -e "/PATH_LOGIN/s,/login,/${KRB5_PREFIX}login,g"
-
+.include "../../devel/readline/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
 .include "../../mk/bdb.buildlink3.mk"
-
-pre-configure:
-       cd ${WRKSRC}; for f in lib/hdb/hdb.h; do                        \
-               ${SED}  -e "s|/var/heimdal|${HEIMDAL_STATEDIR}|g"       \
-                       $$f > $$f.new;                                  \
-               ${MV} -f $$f.new $$f;                                   \
-       done
-
 .include "../../mk/bsd.pkg.mk"
diff -r 14cd346455bc -r 395109867108 security/heimdal/PLIST
--- a/security/heimdal/PLIST    Thu Feb 28 00:31:37 2008 +0000
+++ b/security/heimdal/PLIST    Thu Feb 28 08:14:41 2008 +0000
@@ -1,11 +1,8 @@
-@comment $NetBSD: PLIST,v 1.12 2007/02/20 10:17:14 rillig Exp $
-bin/${KRB5_PREFIX}login
-bin/${KRB5_PREFIX}rcp
-bin/${KRB5_PREFIX}rsh
-bin/${KRB5_PREFIX}su
-bin/${KRB5_PREFIX}telnet
+@comment $NetBSD: PLIST,v 1.13 2008/02/28 08:14:41 jlam Exp $
 bin/afslog
 bin/compile_et
+bin/gss
+bin/hxtool
 bin/kauth
 bin/kdestroy
 bin/kf
@@ -15,28 +12,45 @@
 bin/klist
 bin/kpasswd
 bin/krb5-config
+bin/${KRB5_PREFIX}login
 bin/mk_cmds
 bin/otp
 bin/otpprint
 bin/pagsh
 bin/pfrom
+bin/${KRB5_PREFIX}rcp
+bin/${KRB5_PREFIX}rsh
 bin/string2key
+bin/${KRB5_PREFIX}su
+bin/${KRB5_PREFIX}telnet
 bin/verify_krb5_conf
 include/krb5/asn1_err.h
 include/krb5/base64.h
+include/krb5/cms_asn1.h
 include/krb5/com_err.h
 include/krb5/com_right.h
+include/krb5/der-protos.h
 include/krb5/der.h
+include/krb5/digest_asn1.h
 include/krb5/editline.h
 include/krb5/getarg.h
 include/krb5/gssapi.h
-include/krb5/hdb-private.h
+include/krb5/gssapi/gkrb5_err.h
+include/krb5/gssapi/gssapi.h
+include/krb5/gssapi/gssapi_krb5.h
+include/krb5/gssapi/gssapi_spnego.h
 include/krb5/hdb-protos.h
 include/krb5/hdb.h
 include/krb5/hdb_asn1.h
 include/krb5/hdb_err.h
+include/krb5/heim_asn1.h
 include/krb5/heim_err.h
+include/krb5/heimntlm-protos.h
+include/krb5/heimntlm.h
 include/krb5/hex.h
+include/krb5/hx509-protos.h
+include/krb5/hx509.h
+include/krb5/hx509_err.h
 include/krb5/k524_err.h
 include/krb5/kadm5/admin.h
 include/krb5/kadm5/kadm5-private.h
@@ -44,18 +58,28 @@
 include/krb5/kadm5/kadm5_err.h
 include/krb5/kadm5/private.h
 include/krb5/kafs.h
+include/krb5/kdc-protos.h
+include/krb5/kdc.h
 include/krb5/krb5-private.h
 include/krb5/krb5-protos.h
 include/krb5/krb5-types.h
 include/krb5/krb5.h
+include/krb5/krb5/locate_plugin.h
+include/krb5/krb5/windc_plugin.h
 include/krb5/krb5_asn1.h
 include/krb5/krb5_ccapi.h
 include/krb5/krb5_err.h
+include/krb5/kx509_asn1.h
 include/krb5/otp.h
 include/krb5/parse_bytes.h
 include/krb5/parse_time.h
 include/krb5/parse_units.h
+include/krb5/pkcs12_asn1.h
+include/krb5/pkcs8_asn1.h
+include/krb5/pkcs9_asn1.h
+include/krb5/pkinit_asn1.h
 include/krb5/resolve.h
+include/krb5/rfc2459_asn1.h
 include/krb5/roken-common.h
 include/krb5/roken.h
 include/krb5/rtbl.h
@@ -63,22 +87,26 @@
 include/krb5/ss/ss.h
 include/krb5/xdbm.h
 info/heimdal.info
+info/hx509.info
 ${IF_IRIX}lib/afskauthlib.so
 lib/libasn1.la
 lib/libcom_err.la
 lib/libeditline.la
 lib/libgssapi.la
 lib/libhdb.la
+lib/libheimntlm.la
+lib/libhx509.la
 lib/libkadm5clnt.la
 lib/libkadm5srv.la
 lib/libkafs.la
+lib/libkdc.la
 lib/libkrb5.la
 lib/libotp.la
 lib/libroken.la
 lib/libsl.la
 lib/libss.la
-libexec/${KRB5_PREFIX}rshd
-libexec/${KRB5_PREFIX}telnetd
+lib/pkgconfig/heimdal-gssapi.pc
+lib/windc.la
 libexec/hprop
 libexec/hpropd
 libexec/ipropd-master
@@ -86,36 +114,49 @@
 libexec/kadmind
 libexec/kcm
 libexec/kdc
+libexec/kdigest



Home | Main Index | Thread Index | Old Index