in a publicly-exported structure was renamed from "private" to
"opt_private". This allows <krb5.h> to be used by C++ compilers.
Bump the PKGREVISION to 1.
for the "db4" option and just rely on the appropriate BDB_* settings
via bdb.buildlink3.mk. Also, we tweak the builtin.mk file so use
krb5-config, if it's available, to check the version of the built-in
heimdal. Patches patch-ab, patch-ae and patch-af have been sent back
upstream and will be incorporated into future Heimdal releases.
Changes between version 0.6.5 and version 0.7.1 include:
* Support for KCM, a process based credential cache
* Support CCAPI credential cache
* SPNEGO support
* AES (and the gssapi conterpart, CFX) support
* Adding new and improve old documentation
* Bug fixes
Okayed by lha@. I tested on Linux and DragonFly. I got this from
Joerg Sonnenberger.
On DragonFly, the configure errored like:
/usr/include/openssl/md5.h:110: error: syntax error before "size_t"
In file included from conftest.c:34:
/usr/include/openssl/sha.h:109: error: syntax error before "size_t"
This caused tests to break and it ended up building and installing libdes
and des.h, md4.h, and related headers.
So later libgssapi needed this libdes which was not buildlinked which
broke kdelibs3 build.
This patch is the same as revision 1.3 of
/cvsroot/src/crypto/dist/heimdal/lib/asn1/gen_glue.c by matt@
those cvs log:
Don't emit struct units [] anymore. emit a struct units * const foo and
in the C file initialize that to the static list.
Bump pkgrevision: it changes the binary package on gcc<4 platforms
approved by wiz@
package. Also please pkglint. Changes in heimdal 0.6.4 include:
* fix vulnerabilities in telnet
* rshd: encryption without a separate error socket should now work
* telnet now uses appdefaults for the encrypt and forward/forwardable
settings
* bug fixes
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
yes/no by a package Makefile, depending on whether the configure
process properly detects the additional libraries needed to link
against -lreadline (typically, you need either "-lreadline -ltermcap",
or "-lreadline -lcurses" to properly link against -lreadline). If this
variable is set to "yes", then we automatically expand "-lreadline" into
"-lreadline -l<termcap functions library>". BROKEN_READLINE_DETECTION
defaults to "no".
Set BROKEN_READLINE_DETECTION to "yes" in security/heimdal and remove
the custom logic that did the same work.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
-lreadline also needs either -ltermcap, -lcurses, -lncurses in the link
command to resolve all symbols used in the readline library. Cause one
of these libraries to automatically be added whenever "-lreadline"
appears on the command line. This is a generalization of the change in
revision 1.6 to work on more operating systems.
* fix vulnerabilities in ftpd
* support for linux AFS /proc "syscalls"
* support for RFC3244 (Windows 2000 Kerberos Change/Set Password) in kpasswdd
* fix possible KDC denial of service
* Fix possible buffer overrun in v4 kadmin (which now defaults to off)
into the bsd.options.mk framework. Instead of appending to
${PKG_OPTIONS_VAR}, it appends to PKG_DEFAULT_OPTIONS. This causes
the default options to be the union of PKG_DEFAULT_OPTIONS and any
old USE_* and FOO_USE_* settings.
This fixes PR pkg/26590.
for each package can be determined by invoking:
make show-var VARNAME=PKG_OPTIONS_VAR
The old options are still supported unless the variable named in
PKG_OPTIONS_VAR is set within make(1) (usually via /etc/mk.conf).
be linked in when testing -lreadline usability so that test fails on
Solaris - so pass that lib into configure at the start via the environment.
Also allow optional use of db4 rather that db.
Kerberos implementation packages to decide whether to prefix certain
commands with a "k" to differentiate it from system tools with similar
names. KERBEROS_PREFIX_CMDS defaults to "no".
Heimdal is a free implementation of Kerberos 5.
Kerberos is a system for authenticating users and services on a network.
It is built upon the assumption that the network is "unsafe". Kerberos
is a trusted third-party service. That means that there is a third
party (the Kerberos server) that is trusted by all the entities on the
network (users and services, usually called "principals"). All
principals share a secret password (or key) with the Kerberos server and
this enables principals to verify that the messages from the Kerberos
server are authentic. Thus trusting the Kerberos server, users and
services can authenticate each other.
