- krb5-117 MIT implementation of RFC 4120 network authentication service
- 1.17.1 security =0 1.17.1Version of this port present on the latest quarterly branch.
- Maintainer: cy@FreeBSD.org
- Port Added: 2019-01-08 20:29:52
- Last Update: 2019-12-12 20:55:16
- SVN Revision: 519948
- License: MIT
- Kerberos V5 is an authentication system developed at MIT.
Abridged from the User Guide:
Under Kerberos, a client sends a request for a ticket to the
Key Distribution Center (KDC). The KDC creates a ticket-granting
ticket (TGT) for the client, encrypts it using the client's
password as the key, and sends the encrypted TGT back to the
client. The client then attempts to decrypt the TGT, using
its password. If the client successfully decrypts the TGT, it
keeps the decrypted TGT, which indicates proof of the client's
identity. The TGT permits the client to obtain additional tickets,
which give permission for specific services.
Since Kerberos negotiates authenticated, and optionally encrypted,
communications between two points anywhere on the internet, it
provides a layer of security that is not dependent on which side of a
firewall either client is on.
The Kerberos V5 package is designed to be easy to use. Most of the
commands are nearly identical to UNIX network programs you are already
used to. Kerberos V5 is a single-sign-on system, which means that you
have to type your password only once per session, and Kerberos does
the authenticating and encrypting transparently.
Jacques Vidrine <email@example.com>
- SVNWeb : Homepage
- pkg-plist: as obtained via:
- Dependency lines:
- Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
- To install the port:
cd /usr/ports/security/krb5-117/ && make install clean
- To add the package:
pkg install krb5-117
- PKGNAME: krb5-117
- Flavors: there is no flavor information for this port.
- TIMESTAMP = 1576180923
SHA256 (krb5-1.17.1.tar.gz) = 3706d7ec2eaa773e0e32d3a87bf742ebaecae7d064e190443a3acddfd8afb181
SIZE (krb5-1.17.1.tar.gz) = 8765399
- Slave ports
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
- gmake : devel/gmake
- libtool : devel/libtool
- pkgconf>=1.3.0_1 : devel/pkgconf
- msgfmt : devel/gettext-tools
- perl5>=5.30.r1<5.31 : lang/perl5.30
- Library dependencies:
- libintl.so : devel/gettext-runtime
- libreadline.so.8 : devel/readline
- There are no ports dependent upon this port
- Configuration Options
- ===> The following configuration options are available for krb5-117-1.17.1:
DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
EXAMPLES=on: Build and/or install examples
KRB5_HTML=on: Install krb5 HTML documentation
KRB5_PDF=on: Install krb5 PDF documentation
LDAP=off: LDAP protocol support
LMDB=off: OpenLDAP Lightning Memory-Mapped Database support
NLS=on: Native Language Support
====> Command line editing for kadmin and ktutil: you can only select none or one of them
READLINE=on: Command line editing via libreadline
READLINE_PORT=off: Command line editing via devel/readline
LIBEDIT=off: Command line editing via libedit
===> Use 'make config' to modify these settings
- cpe gmake localbase perl5 libtool:build gssapi:bootstrap,mit pkgconfig ssl gettext-runtime gettext readline
- Master Sites:
Number of commits found: 9
|Commit History - (may be incomplete: see SVNWeb link above for full details)
|12 Dec 2019 20:55:16
Update 1.17 --> 1.17.1
|03 May 2019 12:50:53
Fix build with libressl 2.9.1.
Reported by: many
|09 Apr 2019 14:04:50
Update devel/readline to 8.0
- Bump PORTREVISION of dependent ports for shlib change
Exp-run by: antoine
|12 Mar 2019 04:18:32
Fix build with LibreSSL 2.9.
Submitted by: Charlie Li <firstname.lastname@example.org>
|15 Feb 2019 04:37:25
Provide a script from which to start krb5kdc through /etc/rc.d/kdc.
Simply add kdc_enable="YES" and kdc_program="/usr/local/sbin/kdc"
to /etc/rc.d. The script removes the Heimdal kdc --detach argument
prior to invoking krb5kdc.
The other approach that was considered was to replace getopt() in
kdc/main.c with getopt_long() however this approach was considered too
|13 Jan 2019 15:57:20
pkgconfig is used at build time, not runtime.
MFH: 2019Q1 (krb5-devel will need to have all its previous
commits brought up to level in 2019Q1 first)
|09 Jan 2019 03:19:13
LMDB requires LDAP.
|09 Jan 2019 03:04:30
Disable auto detection of lmdb. It causes grief to those without
Reported by: "Alex V. Petrov" <email@example.com>, kib@
|08 Jan 2019 20:29:34
Welcome the new KRB5 1.17 (krb5-117).
Major changes in 1.17 (2019-01-08)
* A new Kerberos database module using the Lightning Memory-Mapped
Database library (LMDB) has been added. The LMDB KDB module should
be more performant and more robust than the DB2 module, and may
become the default module for new databases in a future release.
* "kdb5_util dump" will no longer dump policy entries when specific
principal names are requested.
(Only the first 15 lines of the commit message are shown above )
Number of commits found: 9
8 vulnerabilities affecting 139 ports have been reported in the past 14 days
* - modified, not new