FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

We also have a status page: https://freshports.wordpress.com/

Port details
krb5-114 MIT implementation of RFC 4120 network authentication service
1.14.6 security on this many watch lists=0 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Deprecated DEPRECATED: EOL twelve months after release of krb5-1.16
Expiration Date EXPIRATION DATE: 2018-12-31
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 15 Dec 2015 05:02:18
License: MIT
Kerberos V5 is an authentication system developed at MIT.
WWW: http://web.mit.edu/kerberos/

Abridged from the User Guide:
       Under Kerberos, a client sends a request for a ticket to the
   Key Distribution Center (KDC). The KDC creates a ticket-granting
   ticket (TGT) for the client, encrypts it using the client's
   password as the key, and sends the encrypted TGT back to the
   client. The client then attempts to decrypt the TGT, using
   its password. If the client successfully decrypts the TGT, it
   keeps the decrypted TGT, which indicates proof of the client's
   identity. The TGT permits the client to obtain additional tickets,
   which give permission for specific services.
       Since Kerberos negotiates authenticated, and optionally encrypted,
   communications between two points anywhere on the internet, it
   provides a layer of security that is not dependent on which side of a
   firewall either client is on.
       The Kerberos V5 package is designed to be easy to use. Most of the
   commands are nearly identical to UNIX network programs you are already
   used to. Kerberos V5 is a single-sign-on system, which means that you
   have to type your password only once per session, and Kerberos does
   the authenticating and encrypting transparently.

Jacques Vidrine <n@nectar.com>
SVNWeb : Homepage : PortsMon
    Pseudo-pkg-plist information, but much better, from make generate-plist
    Expand this list (173 items)
  1. /usr/local/share/licenses/krb5-114-1.14.6/catalog.mk
  2. /usr/local/share/licenses/krb5-114-1.14.6/LICENSE
  3. /usr/local/share/licenses/krb5-114-1.14.6/MIT
  4. bin/compile_et
  5. bin/gss-client
  6. bin/k5srvutil
  7. bin/kadmin
  8. bin/kdestroy
  9. bin/kinit
  10. bin/klist
  11. bin/kpasswd
  12. bin/krb5-config
  13. @mode 04755
  14. @owner root
  15. @group wheel
  16. bin/ksu
  17. @mode
  18. @owner root
  19. @group wheel
  20. bin/kswitch
  21. bin/ktutil
  22. bin/kvno
  23. bin/sclient
  24. bin/sim_client
  25. bin/uuclient
  26. include/com_err.h
  27. include/gssapi.h
  28. include/gssapi/gssapi.h
  29. include/gssapi/gssapi_ext.h
  30. include/gssapi/gssapi_generic.h
  31. include/gssapi/gssapi_krb5.h
  32. include/gssapi/mechglue.h
  33. include/gssrpc/auth.h
  34. include/gssrpc/auth_gss.h
  35. include/gssrpc/auth_gssapi.h
  36. include/gssrpc/auth_unix.h
  37. include/gssrpc/clnt.h
  38. include/gssrpc/netdb.h
  39. include/gssrpc/pmap_clnt.h
  40. include/gssrpc/pmap_prot.h
  41. include/gssrpc/pmap_rmt.h
  42. include/gssrpc/rename.h
  43. include/gssrpc/rpc.h
  44. include/gssrpc/rpc_msg.h
  45. include/gssrpc/svc.h
  46. include/gssrpc/svc_auth.h
  47. include/gssrpc/types.h
  48. include/gssrpc/xdr.h
  49. include/krad.h
  50. include/krb5.h
  51. include/krb5/ccselect_plugin.h
  52. include/krb5/clpreauth_plugin.h
  53. include/krb5/hostrealm_plugin.h
  54. include/krb5/kadm5_hook_plugin.h
  55. include/krb5/kdcpreauth_plugin.h
  56. include/krb5/localauth_plugin.h
  57. include/krb5/krb5.h
  58. include/krb5/locate_plugin.h
  59. include/krb5/plugin.h
  60. include/krb5/pwqual_plugin.h
  61. include/kadm5/admin.h
  62. include/kadm5/chpass_util_strings.h
  63. include/kadm5/kadm_err.h
  64. include/kdb.h
  65. include/krb5/preauth_plugin.h
  66. include/profile.h
  67. include/verto-module.h
  68. include/verto.h
  69. lib/libcom_err.so
  70. lib/libcom_err.so.3
  71. lib/libcom_err.so.3.0
  72. lib/libgssapi_krb5.so
  73. lib/libgssapi_krb5.so.2
  74. lib/libgssapi_krb5.so.2.2
  75. lib/libgssrpc.so
  76. lib/libgssrpc.so.4
  77. lib/libgssrpc.so.4.2
  78. lib/libk5crypto.so
  79. lib/libk5crypto.so.3
  80. lib/libk5crypto.so.3.1
  81. lib/libkadm5clnt.so
  82. lib/libkadm5clnt_mit.so
  83. lib/libkadm5clnt_mit.so.10
  84. lib/libkadm5clnt_mit.so.10.0
  85. lib/libkadm5srv.so
  86. lib/libkadm5srv_mit.so
  87. lib/libkadm5srv_mit.so.10
  88. lib/libkadm5srv_mit.so.10.0
  89. lib/libkdb5.so
  90. lib/libkdb5.so.8
  91. lib/libkdb5.so.8.0
  92. lib/libkrb5.so
  93. lib/libkrb5.so.3
  94. lib/libkrb5.so.3.3
  95. lib/libkrb5support.so
  96. lib/libkrb5support.so.0
  97. lib/libkrb5support.so.0.1
  98. lib/krb5/plugins/kdb/db2.so
  99. lib/krb5/plugins/tls/k5tls.so
  100. @comment lib/krb5/plugins/kdb/kldap.so
  101. lib/krb5/plugins/preauth/otp.so
  102. lib/krb5/plugins/preauth/pkinit.so
  103. lib/krb5/plugins/preauth/test.so
  104. @comment lib/libkdb_ldap.so
  105. @comment lib/libkdb_ldap.so.1
  106. @comment lib/libkdb_ldap.so.1.0
  107. lib/libkrad.so
  108. lib/libkrad.so.0
  109. lib/libkrad.so.0.0
  110. lib/libverto.so
  111. lib/libverto.so.0
  112. lib/libverto.so.0.0
  113. libdata/pkgconfig/gssrpc.pc
  114. libdata/pkgconfig/kadm-client.pc
  115. libdata/pkgconfig/kadm-server.pc
  116. libdata/pkgconfig/kdb.pc
  117. libdata/pkgconfig/krb5-gssapi.pc
  118. libdata/pkgconfig/krb5.pc
  119. libdata/pkgconfig/mit-krb5-gssapi.pc
  120. libdata/pkgconfig/mit-krb5.pc
  121. man/man1/k5srvutil.1.gz
  122. man/man1/kadmin.1.gz
  123. man/man1/krb5-config.1.gz
  124. man/man1/kpasswd.1.gz
  125. man/man1/klist.1.gz
  126. man/man1/kinit.1.gz
  127. man/man1/kdestroy.1.gz
  128. man/man1/kswitch.1.gz
  129. man/man1/ksu.1.gz
  130. man/man1/ktutil.1.gz
  131. man/man1/sclient.1.gz
  132. man/man1/kvno.1.gz
  133. man/man1/compile_et.1.gz
  134. man/man5/kadm5.acl.5.gz
  135. man/man5/kdc.conf.5.gz
  136. man/man5/krb5.conf.5.gz
  137. man/man5/.k5identity.5.gz
  138. man/man5/.k5login.5.gz
  139. man/man5/k5identity.5.gz
  140. man/man5/k5login.5.gz
  141. man/man8/krb5kdc.8.gz
  142. man/man8/kadmin.local.8.gz
  143. man/man8/kdb5_ldap_util.8.gz
  144. man/man8/kdb5_util.8.gz
  145. man/man8/kadmind.8.gz
  146. man/man8/kprop.8.gz
  147. man/man8/kpropd.8.gz
  148. man/man8/kproplog.8.gz
  149. man/man8/sserver.8.gz
  150. sbin/gss-server
  151. sbin/kadmin.local
  152. sbin/kadmind
  153. @comment sbin/kdb5_ldap_util
  154. sbin/kdb5_util
  155. sbin/kprop
  156. sbin/kpropd
  157. sbin/kproplog
  158. sbin/krb5-send-pr
  159. sbin/krb5kdc
  160. sbin/sim_server
  161. sbin/sserver
  162. sbin/uuserver
  163. share/et/et_c.awk
  164. share/et/et_h.awk
  165. share/locale/en_US/LC_MESSAGES/mit-krb5.mo
  166. @comment share/krb5/kerberos.schema
  167. @comment share/krb5/kerberos.ldif
  168. @dir lib/krb5/plugins/authdata
  169. @dir lib/krb5/plugins/libkrb5
  170. @dir var/run/krb5kdc
  171. @dir var/krb5kdc
  172. @postexec /sbin/ldconfig -m /usr/local/lib
  173. @postunexec /sbin/ldconfig -R
  174. Collapse this list.

To install the port: cd /usr/ports/security/krb5-114/ && make install clean
To add the package: pkg install krb5-114

PKGNAME: krb5-114

distinfo:

TIMESTAMP = 1506419928
SHA256 (krb5-1.14.6.tar.gz) = e259f8ed9f0c2a326e5a4d06b3f268575443fa83c0d348b37b7b5329ac5d0470
SIZE (krb5-1.14.6.tar.gz) = 12326355


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. gmake : devel/gmake
  2. libtool : devel/libtool
  3. msgfmt : devel/gettext-tools
  4. perl5>=5.24<5.25 : lang/perl5.24
Runtime dependencies:
  1. pkgconf>=1.3.0_1 : devel/pkgconf
Library dependencies:
  1. libintl.so : devel/gettext-runtime
  2. libreadline.so.7 : devel/readline
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for krb5-114-1.14.6:
     DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
     EXAMPLES=on: Build and/or install examples
     KRB5_HTML=on: Install krb5 HTML documentation
     KRB5_PDF=on: Install krb5 PDF documentation
     LDAP=off: LDAP protocol support
     NLS=on: Native Language Support
====> Command line editing for kadmin and ktutil: you can only select none or one of them
     READLINE=on: Command line editing via libreadline
     READLINE_PORT=off: Command line editing via devel/readline
     LIBEDIT=off: Command line editing via libedit
===> Use 'make config' to modify these settings

USES:
cpe gmake localbase perl5 libtool:build  gssapi:bootstrap,mit pkgconfig:run ssl gettext readline

Master Sites:
  1. http://web.mit.edu/kerberos/dist/krb5/1.14/
Port Moves
  • port moved here from security/krb5-113 on 2017-12-03
    REASON: Has expired: EOL twelve months after release of krb5-1.15

Number of commits found: 34

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
06 Dec 2017 15:22:50
Original commit files touched by this commit  1.14.6
Revision:455653
cy search for other commits by this committer
Adjust expiry date.

Reported by:	Boris Samorodov <bsam@passap.ru>
06 Dec 2017 04:43:03
Original commit files touched by this commit  1.14.6
Revision:455635
cy search for other commits by this committer
As per MIT policy, deprecate and expire twelve months following
release of 1.16 (+ grace period to end of month).
30 Oct 2017 16:55:27
Original commit files touched by this commit  1.14.6
Revision:453195
mandree search for other commits by this committer
Reconcile e2fsprogs ./. krb5-* conflicts.

* Move conflicting e2fsprogs headers & libs into .../e2fsprogs/... subdirs.
* Move conflicting awk scripts into ${DATADIR}.
* Rename and patch compile_et to e2fsprogs-compile_et.
* Remove conflict markers (from e2fsprogs and krb5-*).
* Add CPPFLAGS/LDFLAGS to sysutils/fusefs-ext2, including
  --rpath setting.

While here, also:
* sort pkg-plist and files/unwanted
* use FUSEFS_CONFIGURE_ENABLE=fuse2fs to prevent e2fsprogs from picking up
  fusefs (implies --disable-fuse2fs if the option remains disabled)
* add --without-included-gettext to CONFIGURE_ARGS just to be on the safe
  side.

And of course, bump PORTREVISION to 3 in e2fsprogs. Since other ports
do not change files or runtime behaviour, their PORTREVISION remains
untouched.
30 Oct 2017 00:16:28
Original commit files touched by this commit  1.14.6
Revision:453148
mandree search for other commits by this committer
Add CONFLICTS between krb5-* and e2fsprogs.

Reported by: jbeich@
05 Oct 2017 01:55:26
Original commit files touched by this commit  1.14.6
Revision:451259
cy search for other commits by this committer
Register conflicts among the krb5 ports.

Reported by:	rodrigo
26 Sep 2017 10:10:20
Original commit files touched by this commit  1.14.6
Revision:450655
cy search for other commits by this committer
Update 1.14.5 --> 1.14.6
27 Jun 2017 13:46:53
Original commit files touched by this commit  1.14.5_5
Revision:444463 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine
21 Jun 2017 02:46:53
Original commit files touched by this commit  1.14.5_4
Revision:444011 This port version is marked as vulnerable.
cy search for other commits by this committer
Switch to USES=localbase.
14 Mar 2017 04:57:38
Original commit files touched by this commit  1.14.5_4
Revision:436130 This port version is marked as vulnerable.
cy search for other commits by this committer
Fix up plist.
14 Mar 2017 03:24:42
Original commit files touched by this commit  1.14.5_4
Revision:436129 This port version is marked as vulnerable.
cy search for other commits by this committer
Pet portlint.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 03:22:20
Original commit files touched by this commit  1.14.5_4
Revision:436128 This port version is marked as vulnerable.
cy search for other commits by this committer
Simplfy WRKSRC by using WRKSRC_SUBDIR.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 03:17:52
Original commit files touched by this commit  1.14.5_4
Revision:436127 This port version is marked as vulnerable.
cy search for other commits by this committer
Describe CMD_LINE_EDITING RADIO group.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 03:15:55
Original commit files touched by this commit  1.14.5_4
Revision:436126 This port version is marked as vulnerable.
cy search for other commits by this committer
Respect global NLS option.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 03:14:08
Original commit files touched by this commit  1.14.5_4
Revision:436125 This port version is marked as vulnerable.
cy search for other commits by this committer
Convert to global EXAMPLES (default).

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 03:09:16
Original commit files touched by this commit  1.14.5_4
Revision:436122 This port version is marked as vulnerable.
cy search for other commits by this committer
New READLINE_PORT option to select to use readline in base or
readline in ports.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 03:06:23
Original commit files touched by this commit  1.14.5_4
Revision:436121 This port version is marked as vulnerable.
cy search for other commits by this committer
Remove redundant file that should have been removed in r253265.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 02:59:39
Original commit files touched by this commit  1.14.5_3
Revision:436119 This port version is marked as vulnerable.
cy search for other commits by this committer
Use options helpers.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 02:55:24
Original commit files touched by this commit  1.14.5_3
Revision:436118 This port version is marked as vulnerable.
cy search for other commits by this committer
Install LDIF and schema files if LDAP is enabled

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 02:51:37
Original commit files touched by this commit  1.14.5_2
Revision:436117 This port version is marked as vulnerable.
cy search for other commits by this committer
Replace explicit PLIST_SUB with OPTIONS_SUB, simplifying Makefiles.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
14 Mar 2017 02:48:20
Original commit files touched by this commit  1.14.5_2
Revision:436116 This port version is marked as vulnerable.
cy search for other commits by this committer
Make READLINE default.

PR:		217552
Submitted by:	John W. O'brien <john@saltant.com>
Differential Revision:	D9889
05 Mar 2017 03:29:50
Original commit files touched by this commit  1.14.5_1
Revision:435448 This port version is marked as vulnerable.
cy search for other commits by this committer
Revert the rename of README.FreeBSD to README.FreeBSD.in. This is
part of a possible future change to this port that was accidentally
not removed prior to committing r435447.
05 Mar 2017 03:27:05
Original commit files touched by this commit  1.14.5_1
Revision:435447  Sanity Test Failure This port version is marked as vulnerable.
cy search for other commits by this committer
Remove redundant message about Kerberos klogind and telnetd. These
programs ere moved to krb5-appl (by MIT) when krb5-appl was created
in r253265. This message should have been removed from this Makefile
at that time.

Pointy hat to:	cy (that's me)
04 Mar 2017 00:08:53
Original commit files touched by this commit  1.14.5
Revision:435377 This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.14.4 --> 1.14.5
04 Feb 2017 01:37:17
Original commit files touched by this commit  1.14.4_1
Revision:433276 This port version is marked as vulnerable.
cy search for other commits by this committer
pkgconfig is only needed at install/runtime.

Reported by:	des
16 Dec 2016 20:16:48
Original commit files touched by this commit  1.14.4
Revision:428694 This port version is marked as vulnerable.
cy search for other commits by this committer
Replace description with somthing more relevant to today.

Suggested by:	wollman
14 Sep 2016 10:02:15
Original commit files touched by this commit  1.14.4
Revision:422124 This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.14.3 --> 1.14.4.
22 Jul 2016 00:29:31
Original commit files touched by this commit  1.14.3
Revision:418904 This port version is marked as vulnerable.
cy search for other commits by this committer
Replace USE_OPENSSL with USES=ssl.
22 Jul 2016 00:24:35
Original commit files touched by this commit  1.14.3
Revision:418903 This port version is marked as vulnerable.
cy search for other commits by this committer
Update to 1.14.3.

This is a bug fix release.

* Improve some error messages

* Improve documentation

* Allow a principal with nonexistent policy to bypass the minimum
  password lifetime check, consistent with other aspects of
  nonexistent policies

* Fix a rare KDC denial of service vulnerability when anonymous client
  principals are restricted to obtaining TGTs only [CVE-2016-3120]

MFH:		2016Q3
Security:	62d45229-4fa0-11e6-9d13-206a8a720317
Security:	CVE-2016-3120
19 May 2016 10:53:06
Original commit files touched by this commit  1.14.2
Revision:415500 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Fix trailing whitespace in pkg-descrs, categories [p-x]*

Approved by:	portmgr blanket
20 Apr 2016 12:29:43
Original commit files touched by this commit  1.14.2
Revision:413685 This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.14.1 --> 1.14.2
30 Mar 2016 07:28:23
Original commit files touched by this commit  1.14.1
Revision:412159 This port version is marked as vulnerable.
bapt search for other commits by this committer
Remove uneeded dependency on GNU m4
02 Mar 2016 02:33:21
Original commit files touched by this commit  1.14.1
Revision:409908 This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.14 --> 1.14.1
15 Dec 2015 05:02:21
Original commit files touched by this commit  1.14
Revision:403760 This port version is marked as vulnerable.
cy search for other commits by this committer
This is the second part of two commits, the first being r403749.

Adopt the same port structure as used by the cfengine family of ports:

security/krb5 is renamed to security/krb5-114.

A brand new security/krb5 now becomes a master port for the family of
security/krb5-* ports. The default installs krb5-1.14. There is no
functional change to the port build nor does the name of the latest krb5
port and package change. Users can continue to install security/krb5
to track the latest major version of security/krb5.

Users wishing to install a specific version branch of krb5 can continue
to install any of the security/krb5-* ports or by setting KRB5_VERSION
in make.conf make.conf or including the branch on the make command line
during build:

	make KRB5_VERSIN=NNN

make -V VERSIONS lists available versions.

security/krb5-appl has been updated to support this change (also fixing
a typo in the krb5-appl/Makefile).

Inspired by:            sysutils/cfengine
15 Dec 2015 04:57:49
Original commit files touched by this commit  1.14
Revision:403759 This port version is marked as vulnerable.
cy search for other commits by this committer
Move security/krb5 to security/krb5-114 in preparation for restructuring
of the krb5 faimily of ports.

Inspired by:	the cfengine family of ports

Number of commits found: 34

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
libXcursorDec 17
libXfont2Dec 17
libXfont2Dec 17
globalDec 16
jenkinsDec 15
jenkins-ltsDec 15
gitlabDec 14
nodeDec 14
node4Dec 14
node6Dec 14
node8Dec 14
torDec 14
asterisk13Dec 13
asterisk13*Dec 13
asterisk13*Dec 13

18 vulnerabilities affecting 90 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2017-12-17 18:50:28


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 32134
Broken 122
Deprecated 47
Ignore 358
Forbidden 0
Restricted 173
No CDROM 77
Vulnerable 41
Expired 10
Set to expire 39
Interactive 0
new 24 hours 8
new 48 hours9
new 7 days32
new fortnight108
new month43008

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2017 Dan Langille. All rights reserved.