notbugIf you buy from Amazon USA, please support us by using this link.
Port details
krb5-116 MIT implementation of RFC 4120 network authentication service
1.16.3 security on this many watch lists=0 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2017-12-06 04:18:23
Last Update: 2019-01-13 15:57:20
SVN Revision: 490150
License: MIT
Kerberos V5 is an authentication system developed at MIT.
WWW: http://web.mit.edu/kerberos/

Abridged from the User Guide:
       Under Kerberos, a client sends a request for a ticket to the
   Key Distribution Center (KDC). The KDC creates a ticket-granting
   ticket (TGT) for the client, encrypts it using the client's
   password as the key, and sends the encrypted TGT back to the
   client. The client then attempts to decrypt the TGT, using
   its password. If the client successfully decrypts the TGT, it
   keeps the decrypted TGT, which indicates proof of the client's
   identity. The TGT permits the client to obtain additional tickets,
   which give permission for specific services.
       Since Kerberos negotiates authenticated, and optionally encrypted,
   communications between two points anywhere on the internet, it
   provides a layer of security that is not dependent on which side of a
   firewall either client is on.
       The Kerberos V5 package is designed to be easy to use. Most of the
   commands are nearly identical to UNIX network programs you are already
   used to. Kerberos V5 is a single-sign-on system, which means that you
   have to type your password only once per session, and Kerberos does
   the authenticating and encrypting transparently.

Jacques Vidrine <n@nectar.com>
SVNWeb : Homepage : PortsMon
    Pseudo-pkg-plist information, but much better, from make generate-plist
    Expand this list (179 items)
  1. /usr/local/share/licenses/krb5-116-1.16.3/catalog.mk
  2. /usr/local/share/licenses/krb5-116-1.16.3/LICENSE
  3. /usr/local/share/licenses/krb5-116-1.16.3/MIT
  4. bin/compile_et
  5. bin/gss-client
  6. bin/k5srvutil
  7. bin/kadmin
  8. bin/kdestroy
  9. bin/kinit
  10. bin/klist
  11. bin/kpasswd
  12. bin/krb5-config
  13. @mode 04755
  14. @owner root
  15. @group wheel
  16. bin/ksu
  17. @mode
  18. @owner root
  19. @group wheel
  20. bin/kswitch
  21. bin/ktutil
  22. bin/kvno
  23. bin/sclient
  24. bin/sim_client
  25. bin/uuclient
  26. include/com_err.h
  27. include/gssapi.h
  28. include/gssapi/gssapi.h
  29. include/gssapi/gssapi_ext.h
  30. include/gssapi/gssapi_generic.h
  31. include/gssapi/gssapi_krb5.h
  32. include/gssapi/mechglue.h
  33. include/gssrpc/auth.h
  34. include/gssrpc/auth_gss.h
  35. include/gssrpc/auth_gssapi.h
  36. include/gssrpc/auth_unix.h
  37. include/gssrpc/clnt.h
  38. include/gssrpc/netdb.h
  39. include/gssrpc/pmap_clnt.h
  40. include/gssrpc/pmap_prot.h
  41. include/gssrpc/pmap_rmt.h
  42. include/gssrpc/rename.h
  43. include/gssrpc/rpc.h
  44. include/gssrpc/rpc_msg.h
  45. include/gssrpc/svc.h
  46. include/gssrpc/svc_auth.h
  47. include/gssrpc/types.h
  48. include/gssrpc/xdr.h
  49. include/krad.h
  50. include/krb5.h
  51. include/krb5/ccselect_plugin.h
  52. include/krb5/clpreauth_plugin.h
  53. include/krb5/hostrealm_plugin.h
  54. include/krb5/kadm5_hook_plugin.h
  55. include/krb5/kdcpolicy_plugin.h
  56. include/krb5/kdcpreauth_plugin.h
  57. include/krb5/localauth_plugin.h
  58. include/krb5/krb5.h
  59. include/krb5/locate_plugin.h
  60. include/krb5/plugin.h
  61. include/krb5/pwqual_plugin.h
  62. include/kadm5/admin.h
  63. include/kadm5/chpass_util_strings.h
  64. include/krb5/kadm5_auth_plugin.h
  65. include/kadm5/kadm_err.h
  66. include/kdb.h
  67. include/krb5/certauth_plugin.h
  68. include/krb5/preauth_plugin.h
  69. include/profile.h
  70. include/verto-module.h
  71. include/verto.h
  72. lib/libcom_err.so
  73. lib/libcom_err.so.3
  74. lib/libcom_err.so.3.0
  75. lib/libgssapi_krb5.so
  76. lib/libgssapi_krb5.so.2
  77. lib/libgssapi_krb5.so.2.2
  78. lib/libgssrpc.so
  79. lib/libgssrpc.so.4
  80. lib/libgssrpc.so.4.2
  81. lib/libk5crypto.so
  82. lib/libk5crypto.so.3
  83. lib/libk5crypto.so.3.1
  84. lib/libkadm5clnt.so
  85. lib/libkadm5clnt_mit.so
  86. lib/libkadm5clnt_mit.so.11
  87. lib/libkadm5clnt_mit.so.11.0
  88. lib/libkadm5srv.so
  89. lib/libkadm5srv_mit.so
  90. lib/libkadm5srv_mit.so.11
  91. lib/libkadm5srv_mit.so.11.0
  92. lib/libkdb5.so
  93. lib/libkdb5.so.9
  94. lib/libkdb5.so.9.0
  95. lib/libkrb5.so
  96. lib/libkrb5.so.3
  97. lib/libkrb5.so.3.3
  98. lib/libkrb5support.so
  99. lib/libkrb5support.so.0
  100. lib/libkrb5support.so.0.1
  101. lib/krb5/plugins/kdb/db2.so
  102. lib/krb5/plugins/tls/k5tls.so
  103. @comment lib/krb5/plugins/kdb/kldap.so
  104. lib/krb5/plugins/preauth/otp.so
  105. lib/krb5/plugins/preauth/pkinit.so
  106. lib/krb5/plugins/preauth/test.so
  107. @comment lib/libkdb_ldap.so
  108. @comment lib/libkdb_ldap.so.1
  109. @comment lib/libkdb_ldap.so.1.0
  110. lib/libkrad.so
  111. lib/libkrad.so.0
  112. lib/libkrad.so.0.0
  113. lib/libverto.so
  114. lib/libverto.so.0
  115. lib/libverto.so.0.0
  116. libdata/pkgconfig/gssrpc.pc
  117. libdata/pkgconfig/kadm-client.pc
  118. libdata/pkgconfig/kadm-server.pc
  119. libdata/pkgconfig/kdb.pc
  120. libdata/pkgconfig/krb5-gssapi.pc
  121. libdata/pkgconfig/krb5.pc
  122. libdata/pkgconfig/mit-krb5-gssapi.pc
  123. libdata/pkgconfig/mit-krb5.pc
  124. man/man1/compile_et.1.gz
  125. man/man1/k5srvutil.1.gz
  126. man/man1/kadmin.1.gz
  127. man/man1/kdestroy.1.gz
  128. man/man1/kinit.1.gz
  129. man/man1/klist.1.gz
  130. man/man1/kpasswd.1.gz
  131. man/man1/krb5-config.1.gz
  132. man/man1/ksu.1.gz
  133. man/man1/kswitch.1.gz
  134. man/man1/ktutil.1.gz
  135. man/man1/kvno.1.gz
  136. man/man1/sclient.1.gz
  137. man/man3/com_err.3.gz
  138. man/man5/.k5identity.5.gz
  139. man/man5/.k5login.5.gz
  140. man/man5/k5identity.5.gz
  141. man/man5/k5login.5.gz
  142. man/man5/kadm5.acl.5.gz
  143. man/man5/kdc.conf.5.gz
  144. man/man5/krb5.conf.5.gz
  145. man/man7/kerberos.7.gz
  146. man/man8/kadmin.local.8.gz
  147. man/man8/kadmind.8.gz
  148. man/man8/kdb5_ldap_util.8.gz
  149. man/man8/kdb5_util.8.gz
  150. man/man8/kprop.8.gz
  151. man/man8/kpropd.8.gz
  152. man/man8/kproplog.8.gz
  153. man/man8/krb5kdc.8.gz
  154. man/man8/sserver.8.gz
  155. sbin/gss-server
  156. sbin/kadmin.local
  157. sbin/kadmind
  158. @comment sbin/kdb5_ldap_util
  159. sbin/kdb5_util
  160. sbin/kprop
  161. sbin/kpropd
  162. sbin/kproplog
  163. sbin/krb5-send-pr
  164. sbin/krb5kdc
  165. sbin/sim_server
  166. sbin/sserver
  167. sbin/uuserver
  168. share/et/et_c.awk
  169. share/et/et_h.awk
  170. share/locale/de/LC_MESSAGES/mit-krb5.mo
  171. share/locale/en_US/LC_MESSAGES/mit-krb5.mo
  172. @comment share/krb5/kerberos.schema
  173. @comment share/krb5/kerberos.ldif
  174. @dir lib/krb5/plugins/authdata
  175. @dir lib/krb5/plugins/libkrb5
  176. @dir var/run/krb5kdc
  177. @dir var/krb5kdc
  178. @postexec /usr/sbin/service ldconfig restart > /dev/null
  179. @postunexec /usr/sbin/service ldconfig restart > /dev/null
  180. Collapse this list.

Dependency line: krb5-116>0:security/krb5-116

Conflicts:
  • CONFLICTS:
    • heimdal-[0-9]*
    • srp-[0-9]*
    • krb5-11[3457]-[0-9]*
    • krb5-1.[0-9]*
    • krb5-devel-*
  • CONFLICTS_BUILD:
    • boringssl-*
Conflicts Matches:
    There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/security/krb5-116/ && make install clean
To add the package: pkg install krb5-116

PKGNAME: krb5-116

There is no flavor information for this port.

distinfo:

TIMESTAMP = 1546910420
SHA256 (krb5-1.16.3.tar.gz) = e40499df7c6dbef0cf9b11870a0e167cde827737d8b2c06a9436334f08ab9b0d
SIZE (krb5-1.16.3.tar.gz) = 9656985


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. gmake : devel/gmake
  2. libtool : devel/libtool
  3. pkgconf>=1.3.0_1 : devel/pkgconf
  4. msgfmt : devel/gettext-tools
  5. perl5>=5.28.r1<5.29 : lang/perl5.28
Library dependencies:
  1. libintl.so : devel/gettext-runtime
  2. libreadline.so.7 : devel/readline
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for krb5-116-1.16.3:
     DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
     EXAMPLES=on: Build and/or install examples
     KRB5_HTML=on: Install krb5 HTML documentation
     KRB5_PDF=on: Install krb5 PDF documentation
     LDAP=off: LDAP protocol support
     NLS=on: Native Language Support
====> Command line editing for kadmin and ktutil: you can only select none or one of them
     READLINE=on: Command line editing via libreadline
     READLINE_PORT=off: Command line editing via devel/readline
     LIBEDIT=off: Command line editing via libedit
===> Use 'make config' to modify these settings

USES:
cpe gmake localbase perl5 libtool:build  gssapi:bootstrap,mit pkgconfig ssl  gettext-runtime gettext readline

Master Sites:
  1. http://web.mit.edu/kerberos/dist/krb5/1.16/

Number of commits found: 18

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
13 Jan 2019 15:57:20
Original commit files touched by this commit  1.16.3
Revision:490150
cy search for other commits by this committer
pkgconfig is used at build time, not runtime.

MFH:		2019Q1 (krb5-devel will need to have all its previous
		commits brought up to level in 2019Q1 first)
08 Jan 2019 20:29:34
Original commit files touched by this commit  1.16.3
Revision:489737
cy search for other commits by this committer
Welcome the new KRB5 1.17 (krb5-117).

Major changes in 1.17 (2019-01-08)
==================================

Administrator experience:

* A new Kerberos database module using the Lightning Memory-Mapped
  Database library (LMDB) has been added.  The LMDB KDB module should
  be more performant and more robust than the DB2 module, and may
  become the default module for new databases in a future release.

* "kdb5_util dump" will no longer dump policy entries when specific
  principal names are requested.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
08 Jan 2019 20:02:54
Original commit files touched by this commit  1.16.3
Revision:489735
cy search for other commits by this committer
Correct CONFLICTS.

MFH:		2019Q1
08 Jan 2019 01:41:04
Original commit files touched by this commit  1.16.3
Revision:489636
cy search for other commits by this committer
Update 1.16.2 --> 1.16.3

Major changes in 1.16.3 (2019-01-07)
====================================

This is a bug fix release.

* Fix a regression in the MEMORY credential cache type which could
  cause client programs to crash.

* MEMORY credential caches will not be listed in the global
  collection, with the exception of the default credential cache if it
  is of type MEMORY.

* Remove an incorrect assertion in the KDC which could be used to
  cause a crash [CVE-2018-20217].

MFH:		2019Q1
02 Nov 2018 15:51:37
Original commit files touched by this commit  1.16.2
Revision:483818
cy search for other commits by this committer
krb5-116: update 1.16.1 --> 1.16.2
02 Jul 2018 05:57:38
Original commit files touched by this commit  1.16.1_5
Revision:473706
cy search for other commits by this committer
While working the ports fallout due to making Hemidal in base
private it was discovered that com_err.3, though distributed in
the tarball, was not installed. Install it.
02 Jul 2018 05:57:27
Original commit files touched by this commit  1.16.1_4
Revision:473705
cy search for other commits by this committer
Sort man pages.
19 Jun 2018 13:38:35
Original commit files touched by this commit  1.16.1_4
Revision:472784
cy search for other commits by this committer
Revert r472760 and instead use upstream git commit
beeb2828945a41d86488e391ce440bacee0ec committed to the krb5
development branch Saturday, June 16. The upstream commit
message follows:

  Author: Thomas Sondergaard <tsondergaard@vitalimages.com>
  Date:   Sat Jun 16 18:14:50 2018 +0200

     Eliminate use of the 'register' keyword

     'register' is a reserved and unused keyword in C++17 so having it
     present in the public headers presents a a compatibility issue. Also
     in C the 'register' keyword is mostly obsolete, so remove all uses of
     it.

     [ghudson@mit.edu: adjusted style of some of the affected lines]
19 Jun 2018 06:51:56
Original commit files touched by this commit  1.16.1_3
Revision:472760
cy search for other commits by this committer
While working on the ports fallout due to the private Heimdal in base
project, a port (www/squid-devel) was discovered to be grumpy due to
numerous errors such as below:

/usr/local/include/krb5/krb5.h:3566:19: error: 'register' storage class
specifier is deprecated and incompatible with C++17
[-Werror,-Wdeprecated-register]
                  register char **name);
                  ^~~~~~~~~

The "register" keyword is meaningless and can cause grief among ports
that build against any of the krb5 ports.
13 Jun 2018 05:55:52
Original commit files touched by this commit  1.16.1_2
Revision:472287
cy search for other commits by this committer
MIT krb5 fails to build with boringssl installed due to a missing
typedef for PKCS7 in the boringssl pkcs7.h.
13 Jun 2018 05:44:58
Original commit files touched by this commit  1.16.1_2
Revision:472286
cy search for other commits by this committer
Fix build with libressl and bearssl.

PR:		228970
12 Jun 2018 03:42:18
Original commit files touched by this commit  1.16.1_1
Revision:472227
cy search for other commits by this committer
Fix logic from patch supplied in PR 217027, committed in
r433966 and r433967.

PR:		228900
04 May 2018 06:18:44
Original commit files touched by this commit  1.16.1
Revision:469006
cy search for other commits by this committer
Update 1.16 --> 1.16.1

Major changes in 1.16.1 (2018-05-03)
====================================

This is a bug fix release.

* Fix flaws in LDAP DN checking, including a null dereference KDC
  crash which could be triggered by kadmin clients with administrative
  privileges [CVE-2018-5729, CVE-2018-5730].

* Fix a KDC PKINIT memory leak.

* Fix a small KDC memory leak on transited or authdata errors when
  processing TGS requests.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
29 Mar 2018 14:53:24
Original commit files touched by this commit  1.16_1
Revision:465899
mat search for other commits by this committer
Mark some ports broken with openssl-devel.

Sponsored by:	Absolight
02 Feb 2018 06:50:25
Original commit files touched by this commit  1.16_1
Revision:460669
cy search for other commits by this committer
Fix build when NLS option is unchecked.

Reported by:	Geraud CONTINSOUZAS <geraud.continsouzas@skazy.nc>
11 Jan 2018 16:24:53
Original commit files touched by this commit  1.16
Revision:458754
danfe search for other commits by this committer
Remove superfluous linefeeds.
10 Jan 2018 15:08:51
Original commit files touched by this commit  1.16
Revision:458646
danfe search for other commits by this committer
Do not abuse INSTALL_MAN when installing documentation, examples, and
other miscellaneous files which are not actually manual pages.
06 Dec 2017 04:18:14
Original commit files touched by this commit  1.16
Revision:455634
cy search for other commits by this committer
Welcome the new security/krb5-116 port. This port follows MIT's
KRB5 1.16 releases.

Major changes in 1.16 (2017-12-05)
==================================

Administrator experience:

* The KDC can match PKINIT client certificates against the
  "pkinit_cert_match" string attribute on the client principal entry,
  using the same syntax as the existing "pkinit_cert_match" profile
  option.

* The ktutil addent command supports the "-k 0" option to ignore the
  key version, and the "-s" option to use a non-default salt string.
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 18

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
joomla3Jan 20
drupal7Jan 19
drupal8Jan 19
helmJan 18
gitlab-ceJan 17
jenkinsJan 16
jenkins-ltsJan 16
py-matrix-synapseJan 15
irssiJan 10
giteaJan 06
uriparserJan 06
chromiumJan 05
chromiumJan 05
openjpeg*Jan 05
py-django111Jan 05

9 vulnerabilities affecting 54 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2019-01-20 01:05:52


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 36016
Broken 120
Deprecated 412
Ignore 333
Forbidden 3
Restricted 162
No CDROM 74
Vulnerable 34
Expired 5
Set to expire 385
Interactive 0
new 24 hours 2
new 48 hours11
new 7 days45
new fortnight76
new month159

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2019 Dan Langille. All rights reserved.