notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Port details
krb5-116 MIT implementation of RFC 4120 network authentication service
1.16.3_2 security on this many watch lists=0 search for ports that depend on this port Find issues related to this port Report an issue related to this port
1.16.3_1Version of this port present on the latest quarterly branch.
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2017-12-06 04:18:23
Last Update: 2019-05-03 13:50:53
SVN Revision: 500725
License: MIT
Kerberos V5 is an authentication system developed at MIT.
WWW: http://web.mit.edu/kerberos/

Abridged from the User Guide:
       Under Kerberos, a client sends a request for a ticket to the
   Key Distribution Center (KDC). The KDC creates a ticket-granting
   ticket (TGT) for the client, encrypts it using the client's
   password as the key, and sends the encrypted TGT back to the
   client. The client then attempts to decrypt the TGT, using
   its password. If the client successfully decrypts the TGT, it
   keeps the decrypted TGT, which indicates proof of the client's
   identity. The TGT permits the client to obtain additional tickets,
   which give permission for specific services.
       Since Kerberos negotiates authenticated, and optionally encrypted,
   communications between two points anywhere on the internet, it
   provides a layer of security that is not dependent on which side of a
   firewall either client is on.
       The Kerberos V5 package is designed to be easy to use. Most of the
   commands are nearly identical to UNIX network programs you are already
   used to. Kerberos V5 is a single-sign-on system, which means that you
   have to type your password only once per session, and Kerberos does
   the authenticating and encrypting transparently.

Jacques Vidrine <n@nectar.com>
SVNWeb : Homepage
    Pseudo-pkg-plist information, but much better, from make generate-plist
    Expand this list (180 items)
  1. /usr/local/share/licenses/krb5-116-1.16.3_2/catalog.mk
  2. /usr/local/share/licenses/krb5-116-1.16.3_2/LICENSE
  3. /usr/local/share/licenses/krb5-116-1.16.3_2/MIT
  4. bin/compile_et
  5. bin/gss-client
  6. bin/k5srvutil
  7. bin/kadmin
  8. bin/kdestroy
  9. bin/kinit
  10. bin/klist
  11. bin/kpasswd
  12. bin/krb5-config
  13. @mode 04755
  14. @owner root
  15. @group wheel
  16. bin/ksu
  17. @mode
  18. @owner root
  19. @group wheel
  20. bin/kswitch
  21. bin/ktutil
  22. bin/kvno
  23. bin/sclient
  24. bin/sim_client
  25. bin/uuclient
  26. include/com_err.h
  27. include/gssapi.h
  28. include/gssapi/gssapi.h
  29. include/gssapi/gssapi_ext.h
  30. include/gssapi/gssapi_generic.h
  31. include/gssapi/gssapi_krb5.h
  32. include/gssapi/mechglue.h
  33. include/gssrpc/auth.h
  34. include/gssrpc/auth_gss.h
  35. include/gssrpc/auth_gssapi.h
  36. include/gssrpc/auth_unix.h
  37. include/gssrpc/clnt.h
  38. include/gssrpc/netdb.h
  39. include/gssrpc/pmap_clnt.h
  40. include/gssrpc/pmap_prot.h
  41. include/gssrpc/pmap_rmt.h
  42. include/gssrpc/rename.h
  43. include/gssrpc/rpc.h
  44. include/gssrpc/rpc_msg.h
  45. include/gssrpc/svc.h
  46. include/gssrpc/svc_auth.h
  47. include/gssrpc/types.h
  48. include/gssrpc/xdr.h
  49. include/krad.h
  50. include/krb5.h
  51. include/krb5/ccselect_plugin.h
  52. include/krb5/clpreauth_plugin.h
  53. include/krb5/hostrealm_plugin.h
  54. include/krb5/kadm5_hook_plugin.h
  55. include/krb5/kdcpolicy_plugin.h
  56. include/krb5/kdcpreauth_plugin.h
  57. include/krb5/localauth_plugin.h
  58. include/krb5/krb5.h
  59. include/krb5/locate_plugin.h
  60. include/krb5/plugin.h
  61. include/krb5/pwqual_plugin.h
  62. include/kadm5/admin.h
  63. include/kadm5/chpass_util_strings.h
  64. include/krb5/kadm5_auth_plugin.h
  65. include/kadm5/kadm_err.h
  66. include/kdb.h
  67. include/krb5/certauth_plugin.h
  68. include/krb5/preauth_plugin.h
  69. include/profile.h
  70. include/verto-module.h
  71. include/verto.h
  72. lib/libcom_err.so
  73. lib/libcom_err.so.3
  74. lib/libcom_err.so.3.0
  75. lib/libgssapi_krb5.so
  76. lib/libgssapi_krb5.so.2
  77. lib/libgssapi_krb5.so.2.2
  78. lib/libgssrpc.so
  79. lib/libgssrpc.so.4
  80. lib/libgssrpc.so.4.2
  81. lib/libk5crypto.so
  82. lib/libk5crypto.so.3
  83. lib/libk5crypto.so.3.1
  84. lib/libkadm5clnt.so
  85. lib/libkadm5clnt_mit.so
  86. lib/libkadm5clnt_mit.so.11
  87. lib/libkadm5clnt_mit.so.11.0
  88. lib/libkadm5srv.so
  89. lib/libkadm5srv_mit.so
  90. lib/libkadm5srv_mit.so.11
  91. lib/libkadm5srv_mit.so.11.0
  92. lib/libkdb5.so
  93. lib/libkdb5.so.9
  94. lib/libkdb5.so.9.0
  95. lib/libkrb5.so
  96. lib/libkrb5.so.3
  97. lib/libkrb5.so.3.3
  98. lib/libkrb5support.so
  99. lib/libkrb5support.so.0
  100. lib/libkrb5support.so.0.1
  101. lib/krb5/plugins/kdb/db2.so
  102. lib/krb5/plugins/tls/k5tls.so
  103. @comment lib/krb5/plugins/kdb/kldap.so
  104. lib/krb5/plugins/preauth/otp.so
  105. lib/krb5/plugins/preauth/pkinit.so
  106. lib/krb5/plugins/preauth/test.so
  107. @comment lib/libkdb_ldap.so
  108. @comment lib/libkdb_ldap.so.1
  109. @comment lib/libkdb_ldap.so.1.0
  110. lib/libkrad.so
  111. lib/libkrad.so.0
  112. lib/libkrad.so.0.0
  113. lib/libverto.so
  114. lib/libverto.so.0
  115. lib/libverto.so.0.0
  116. libdata/pkgconfig/gssrpc.pc
  117. libdata/pkgconfig/kadm-client.pc
  118. libdata/pkgconfig/kadm-server.pc
  119. libdata/pkgconfig/kdb.pc
  120. libdata/pkgconfig/krb5-gssapi.pc
  121. libdata/pkgconfig/krb5.pc
  122. libdata/pkgconfig/mit-krb5-gssapi.pc
  123. libdata/pkgconfig/mit-krb5.pc
  124. man/man1/compile_et.1.gz
  125. man/man1/k5srvutil.1.gz
  126. man/man1/kadmin.1.gz
  127. man/man1/kdestroy.1.gz
  128. man/man1/kinit.1.gz
  129. man/man1/klist.1.gz
  130. man/man1/kpasswd.1.gz
  131. man/man1/krb5-config.1.gz
  132. man/man1/ksu.1.gz
  133. man/man1/kswitch.1.gz
  134. man/man1/ktutil.1.gz
  135. man/man1/kvno.1.gz
  136. man/man1/sclient.1.gz
  137. man/man3/com_err.3.gz
  138. man/man5/.k5identity.5.gz
  139. man/man5/.k5login.5.gz
  140. man/man5/k5identity.5.gz
  141. man/man5/k5login.5.gz
  142. man/man5/kadm5.acl.5.gz
  143. man/man5/kdc.conf.5.gz
  144. man/man5/krb5.conf.5.gz
  145. man/man7/kerberos.7.gz
  146. man/man8/kadmin.local.8.gz
  147. man/man8/kadmind.8.gz
  148. man/man8/kdb5_ldap_util.8.gz
  149. man/man8/kdb5_util.8.gz
  150. man/man8/kprop.8.gz
  151. man/man8/kpropd.8.gz
  152. man/man8/kproplog.8.gz
  153. man/man8/krb5kdc.8.gz
  154. man/man8/sserver.8.gz
  155. sbin/gss-server
  156. sbin/kadmin.local
  157. sbin/kadmind
  158. @comment sbin/kdb5_ldap_util
  159. sbin/kdc
  160. sbin/kdb5_util
  161. sbin/kprop
  162. sbin/kpropd
  163. sbin/kproplog
  164. sbin/krb5-send-pr
  165. sbin/krb5kdc
  166. sbin/sim_server
  167. sbin/sserver
  168. sbin/uuserver
  169. share/et/et_c.awk
  170. share/et/et_h.awk
  171. share/locale/de/LC_MESSAGES/mit-krb5.mo
  172. share/locale/en_US/LC_MESSAGES/mit-krb5.mo
  173. @comment share/krb5/kerberos.schema
  174. @comment share/krb5/kerberos.ldif
  175. @dir lib/krb5/plugins/authdata
  176. @dir lib/krb5/plugins/libkrb5
  177. @dir var/run/krb5kdc
  178. @dir var/krb5kdc
  179. @postexec /usr/sbin/service ldconfig restart > /dev/null
  180. @postunexec /usr/sbin/service ldconfig restart > /dev/null
  181. Collapse this list.
Dependency lines:
  • krb5-116>0:security/krb5-116
Conflicts:
  • CONFLICTS:
    • heimdal-[0-9]*
    • srp-[0-9]*
    • krb5-11[3457]-[0-9]*
    • krb5-1.[0-9]*
    • krb5-devel-*
  • CONFLICTS_BUILD:
    • boringssl-*
Conflicts Matches:
    There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/security/krb5-116/ && make install clean
To add the package: pkg install krb5-116

PKGNAME: krb5-116

There is no flavor information for this port.

distinfo:

TIMESTAMP = 1546910420
SHA256 (krb5-1.16.3.tar.gz) = e40499df7c6dbef0cf9b11870a0e167cde827737d8b2c06a9436334f08ab9b0d
SIZE (krb5-1.16.3.tar.gz) = 9656985


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. gmake : devel/gmake
  2. libtool : devel/libtool
  3. pkgconf>=1.3.0_1 : devel/pkgconf
  4. msgfmt : devel/gettext-tools
  5. perl5>=5.28.r1<5.29 : lang/perl5.28
Library dependencies:
  1. libintl.so : devel/gettext-runtime
  2. libreadline.so.8 : devel/readline
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for krb5-116-1.16.3_2:
     DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
     EXAMPLES=on: Build and/or install examples
     KRB5_HTML=on: Install krb5 HTML documentation
     KRB5_PDF=on: Install krb5 PDF documentation
     LDAP=off: LDAP protocol support
     NLS=on: Native Language Support
====> Command line editing for kadmin and ktutil: you can only select none or one of them
     READLINE=on: Command line editing via libreadline
     READLINE_PORT=off: Command line editing via devel/readline
     LIBEDIT=off: Command line editing via libedit
===> Use 'make config' to modify these settings

USES:
cpe gmake localbase perl5 libtool:build  gssapi:bootstrap,mit pkgconfig ssl  gettext-runtime gettext readline

Master Sites:
  1. http://web.mit.edu/kerberos/dist/krb5/1.16/

Number of commits found: 22

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
03 May 2019 12:50:53
Original commit files touched by this commit  1.16.3_2
Revision:500725
cy search for other commits by this committer
Fix build with libressl 2.9.1.

PR:		237621
Reported by:	many
MFH:		2019Q2
09 Apr 2019 14:04:50
Original commit files touched by this commit  1.16.3_2
Revision:498476
sunpoet search for other commits by this committer
Update devel/readline to 8.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://tiswww.case.edu/php/chet/readline/CHANGES
PR:		236156
Exp-run by:	antoine
12 Mar 2019 04:18:32
Original commit files touched by this commit  1.16.3_1
Revision:495423
cy search for other commits by this committer
Fix build with LibreSSL 2.9.

PR:		234064
Submitted by:	Charlie Li <ml+freebsd@vishwin.info>
15 Feb 2019 04:37:25
Original commit files touched by this commit  1.16.3_1
Revision:492968
cy search for other commits by this committer
Provide a script from which to start krb5kdc through /etc/rc.d/kdc.
Simply add kdc_enable="YES" and kdc_program="/usr/local/sbin/kdc"
to /etc/rc.d. The script removes the Heimdal kdc --detach argument
prior to invoking krb5kdc.

The other approach that was considered was to replace getopt() in
kdc/main.c with getopt_long() however this approach was considered too
intrusive.
13 Jan 2019 15:57:20
Original commit files touched by this commit  1.16.3
Revision:490150
cy search for other commits by this committer
pkgconfig is used at build time, not runtime.

MFH:		2019Q1 (krb5-devel will need to have all its previous
		commits brought up to level in 2019Q1 first)
08 Jan 2019 20:29:34
Original commit files touched by this commit  1.16.3
Revision:489737
cy search for other commits by this committer
Welcome the new KRB5 1.17 (krb5-117).

Major changes in 1.17 (2019-01-08)
==================================

Administrator experience:

* A new Kerberos database module using the Lightning Memory-Mapped
  Database library (LMDB) has been added.  The LMDB KDB module should
  be more performant and more robust than the DB2 module, and may
  become the default module for new databases in a future release.

* "kdb5_util dump" will no longer dump policy entries when specific
  principal names are requested.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
08 Jan 2019 20:02:54
Original commit files touched by this commit  1.16.3
Revision:489735
cy search for other commits by this committer
Correct CONFLICTS.

MFH:		2019Q1
08 Jan 2019 01:41:04
Original commit files touched by this commit  1.16.3
Revision:489636
cy search for other commits by this committer
Update 1.16.2 --> 1.16.3

Major changes in 1.16.3 (2019-01-07)
====================================

This is a bug fix release.

* Fix a regression in the MEMORY credential cache type which could
  cause client programs to crash.

* MEMORY credential caches will not be listed in the global
  collection, with the exception of the default credential cache if it
  is of type MEMORY.

* Remove an incorrect assertion in the KDC which could be used to
  cause a crash [CVE-2018-20217].

MFH:		2019Q1
02 Nov 2018 15:51:37
Original commit files touched by this commit  1.16.2
Revision:483818
cy search for other commits by this committer
krb5-116: update 1.16.1 --> 1.16.2
02 Jul 2018 05:57:38
Original commit files touched by this commit  1.16.1_5
Revision:473706
cy search for other commits by this committer
While working the ports fallout due to making Hemidal in base
private it was discovered that com_err.3, though distributed in
the tarball, was not installed. Install it.
02 Jul 2018 05:57:27
Original commit files touched by this commit  1.16.1_4
Revision:473705
cy search for other commits by this committer
Sort man pages.
19 Jun 2018 13:38:35
Original commit files touched by this commit  1.16.1_4
Revision:472784
cy search for other commits by this committer
Revert r472760 and instead use upstream git commit
beeb2828945a41d86488e391ce440bacee0ec committed to the krb5
development branch Saturday, June 16. The upstream commit
message follows:

  Author: Thomas Sondergaard <tsondergaard@vitalimages.com>
  Date:   Sat Jun 16 18:14:50 2018 +0200

     Eliminate use of the 'register' keyword

     'register' is a reserved and unused keyword in C++17 so having it
     present in the public headers presents a a compatibility issue. Also
     in C the 'register' keyword is mostly obsolete, so remove all uses of
     it.

     [ghudson@mit.edu: adjusted style of some of the affected lines]
19 Jun 2018 06:51:56
Original commit files touched by this commit  1.16.1_3
Revision:472760
cy search for other commits by this committer
While working on the ports fallout due to the private Heimdal in base
project, a port (www/squid-devel) was discovered to be grumpy due to
numerous errors such as below:

/usr/local/include/krb5/krb5.h:3566:19: error: 'register' storage class
specifier is deprecated and incompatible with C++17
[-Werror,-Wdeprecated-register]
                  register char **name);
                  ^~~~~~~~~

The "register" keyword is meaningless and can cause grief among ports
that build against any of the krb5 ports.
13 Jun 2018 05:55:52
Original commit files touched by this commit  1.16.1_2
Revision:472287
cy search for other commits by this committer
MIT krb5 fails to build with boringssl installed due to a missing
typedef for PKCS7 in the boringssl pkcs7.h.
13 Jun 2018 05:44:58
Original commit files touched by this commit  1.16.1_2
Revision:472286
cy search for other commits by this committer
Fix build with libressl and bearssl.

PR:		228970
12 Jun 2018 03:42:18
Original commit files touched by this commit  1.16.1_1
Revision:472227
cy search for other commits by this committer
Fix logic from patch supplied in PR 217027, committed in
r433966 and r433967.

PR:		228900
04 May 2018 06:18:44
Original commit files touched by this commit  1.16.1
Revision:469006
cy search for other commits by this committer
Update 1.16 --> 1.16.1

Major changes in 1.16.1 (2018-05-03)
====================================

This is a bug fix release.

* Fix flaws in LDAP DN checking, including a null dereference KDC
  crash which could be triggered by kadmin clients with administrative
  privileges [CVE-2018-5729, CVE-2018-5730].

* Fix a KDC PKINIT memory leak.

* Fix a small KDC memory leak on transited or authdata errors when
  processing TGS requests.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
29 Mar 2018 14:53:24
Original commit files touched by this commit  1.16_1
Revision:465899
mat search for other commits by this committer
Mark some ports broken with openssl-devel.

Sponsored by:	Absolight
02 Feb 2018 06:50:25
Original commit files touched by this commit  1.16_1
Revision:460669
cy search for other commits by this committer
Fix build when NLS option is unchecked.

Reported by:	Geraud CONTINSOUZAS <geraud.continsouzas@skazy.nc>
11 Jan 2018 16:24:53
Original commit files touched by this commit  1.16
Revision:458754
danfe search for other commits by this committer
Remove superfluous linefeeds.
10 Jan 2018 15:08:51
Original commit files touched by this commit  1.16
Revision:458646
danfe search for other commits by this committer
Do not abuse INSTALL_MAN when installing documentation, examples, and
other miscellaneous files which are not actually manual pages.
06 Dec 2017 04:18:14
Original commit files touched by this commit  1.16
Revision:455634
cy search for other commits by this committer
Welcome the new security/krb5-116 port. This port follows MIT's
KRB5 1.16 releases.

Major changes in 1.16 (2017-12-05)
==================================

Administrator experience:

* The KDC can match PKINIT client certificates against the
  "pkinit_cert_match" string attribute on the client principal entry,
  using the same syntax as the existing "pkinit_cert_match" profile
  option.

* The ktutil addent command supports the "-k 0" option to ignore the
  key version, and the "-s" option to use a non-default salt string.
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 22

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
GraphicsMagickJun 16
netatalk3Jun 16
chromiumJun 15
neovimJun 13
phpmyadminJun 13
vimJun 13
vim-consoleJun 13
vim-tinyJun 13
mybbJun 12
linux-flashplayerJun 11
drupal7Jun 08
eximJun 06
py-django111Jun 06
py-django21Jun 06
py-django22Jun 06

12 vulnerabilities affecting 78 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2019-06-16 18:07:46


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 36685
Broken 82
Deprecated 120
Ignore 303
Forbidden 3
Restricted 162
No CDROM 74
Vulnerable 33
Expired 14
Set to expire 91
Interactive 0
new 24 hours 9
new 48 hours13
new 7 days38
new fortnight60
new month202

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2019 Dan Langille. All rights reserved.