- krb5-118 MIT implementation of RFC 4120 network authentication service
- 1.18.2 security =0 1.18Version of this port present on the latest quarterly branch.
- Maintainer: cy@FreeBSD.org
- Port Added: 2020-02-19 02:43:03
- Last Update: 2020-05-23 00:59:56
- SVN Revision: 536249
- License: MIT
- Kerberos V5 is an authentication system developed at MIT.
Abridged from the User Guide:
Under Kerberos, a client sends a request for a ticket to the
Key Distribution Center (KDC). The KDC creates a ticket-granting
ticket (TGT) for the client, encrypts it using the client's
password as the key, and sends the encrypted TGT back to the
client. The client then attempts to decrypt the TGT, using
its password. If the client successfully decrypts the TGT, it
keeps the decrypted TGT, which indicates proof of the client's
identity. The TGT permits the client to obtain additional tickets,
which give permission for specific services.
Since Kerberos negotiates authenticated, and optionally encrypted,
communications between two points anywhere on the internet, it
provides a layer of security that is not dependent on which side of a
firewall either client is on.
The Kerberos V5 package is designed to be easy to use. Most of the
commands are nearly identical to UNIX network programs you are already
used to. Kerberos V5 is a single-sign-on system, which means that you
have to type your password only once per session, and Kerberos does
the authenticating and encrypting transparently.
Jacques Vidrine <firstname.lastname@example.org>
- SVNWeb : Homepage
- pkg-plist: as obtained via:
- Dependency lines:
- Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
- To install the port:
cd /usr/ports/security/krb5-118/ && make install clean
- To add the package:
pkg install krb5-118
- PKGNAME: krb5-118
- Flavors: there is no flavor information for this port.
- TIMESTAMP = 1590189871
SHA256 (krb5-1.18.2.tar.gz) = c6e4c9ec1a98141c3f5d66ddf1a135549050c9fab4e9a4620ee9b22085873ae0
SIZE (krb5-1.18.2.tar.gz) = 8713927
- Slave ports
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
- gmake>=4.3 : devel/gmake
- libtool : devel/libtool
- pkgconf>=1.3.0_1 : devel/pkgconf
- msgfmt : devel/gettext-tools
- perl5>=5.30.r1<5.31 : lang/perl5.30
- Library dependencies:
- libintl.so : devel/gettext-runtime
- libreadline.so.8 : devel/readline
- There are no ports dependent upon this port
- Configuration Options
- ===> The following configuration options are available for krb5-118-1.18.2:
DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
EXAMPLES=on: Build and/or install examples
KRB5_HTML=on: Install krb5 HTML documentation
KRB5_PDF=on: Install krb5 PDF documentation
LDAP=off: LDAP protocol support
LMDB=off: OpenLDAP Lightning Memory-Mapped Database support
NLS=on: Native Language Support
====> Command line editing for kadmin and ktutil: you can only select none or one of them
READLINE=on: Command line editing via libreadline
READLINE_PORT=off: Command line editing via devel/readline
LIBEDIT=off: Command line editing via libedit
===> Use 'make config' to modify these settings
- compiler:c++11-lang cpe gmake gettext-runtime gssapi:bootstrap,mit libtool:build localbase perl5 pkgconfig ssl gettext readline
- Master Sites:
Number of commits found: 6
|Commit History - (may be incomplete: see SVNWeb link above for full details)
|22 May 2020 23:59:56
Update 1.18.1 --> 1.18.2
This is a bug fix release.
* Fix a SPNEGO regression where an acceptor using the default
credential would improperly filter mechanisms, causing a negotiation
* Fix a bug where the KDC would fail to issue tickets if the local
krbtgt principal's first key has a single-DES enctype.
* Add stub functions to allow old versions of OpenSSL libcrypto to
link against libkrb5.
* Fix a NegoEx bug where the client name and delegated credential
might not be reported.
|14 Apr 2020 19:42:30
Update 1.18 --> 1.18.1
|21 Feb 2020 02:06:00
Fix build with libressl.
The new softpkcs11 test makes explicit OpenSSL calls which are
unsupported in LibreSSL. Remove this one test to allow krb5-118
to build with libressl.
|19 Feb 2020 09:15:55
Approved by: portmgr (tier-2 blanket), followup
|19 Feb 2020 09:12:27
Add compiler:c++11-lang to USES to fix build on GCC-based systems:
edwards25519_fiat.h:14: error: expected '=', ',', ';', 'asm' or
'__attribute__' before 'fiat_25519_int128'
Approved by: portmgr (tier-2 blanket)
|19 Feb 2020 02:42:55
Welcome the new KRB5 1.18 (krb5-118)
In addition, deprecate krb5-116 to retire one year after the release
of krb5-118: Feb 12, 2021.
Major changes in 1.18 (2020-02-12)
* Remove support for single-DES encryption types.
* Change the replay cache format to be more efficient and robust.
Replay cache filenames using the new format end with ".rcache2" by
default.(Only the first 15 lines of the commit message are shown above )
Number of commits found: 6
18 vulnerabilities affecting 99 ports have been reported in the past 14 days
* - modified, not new