pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/heimdal Update security/heimdal to version 1....
details: https://anonhg.NetBSD.org/pkgsrc/rev/0f7b3f95097a
branches: trunk
changeset: 539124:0f7b3f95097a
user: jlam <jlam%pkgsrc.org@localhost>
date: Thu Feb 28 14:11:55 2008 +0000
description:
Update security/heimdal to version 1.1. Changes from version 0.7.2 include:
* Read-only PKCS11 provider built-in to hx509.
* Better compatibilty with Windows 2008 Server pre-releases and Vista.
* Add RFC3526 modp group14 as default.
* Handle [kdc] database = { } entries without realm = stanzas.
* Add gss_pseudo_random() for mechglue and krb5.
* Make session key for the krbtgt be selected by the best encryption
type of the client.
* Better interoperability with other PK-INIT implementations.
* Alias support for inital ticket requests.
* Make ASN.1 library less paranoid to with regard to NUL in string to
make it inter-operate with MIT Kerberos again.
* PK-INIT support.
* HDB extensions support, used by PK-INIT.
* New ASN.1 compiler.
* GSS-API mechglue from FreeBSD.
* Updated SPNEGO to support RFC4178.
* Support for Cryptosystem Negotiation Extension (RFC 4537).
* A new X.509 library (hx509) and related crypto functions.
* A new ntlm library (heimntlm) and related crypto functions.
* KDC will return the "response too big" error to force TCP retries
for large (default 1400 bytes) UDP replies. This is common for
PK-INIT requests.
* Libkafs defaults to use 2b tokens.
* krb5_kuserok() also checks ~/.k5login.d directory for acl files.
* Fix memory leaks.
* Bugs fixes
diffstat:
security/heimdal/options.mk | 68 +++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 68 insertions(+), 0 deletions(-)
diffs (72 lines):
diff -r 749de21ec2a9 -r 0f7b3f95097a security/heimdal/options.mk
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/heimdal/options.mk Thu Feb 28 14:11:55 2008 +0000
@@ -0,0 +1,68 @@
+# $NetBSD: options.mk,v 1.1 2008/02/28 14:11:55 jlam Exp $
+
+PKG_OPTIONS_VAR= PKG_OPTIONS.heimdal
+PKG_SUPPORTED_OPTIONS= inet6 kerberos-prefix-cmds ldap
+PKG_SUGGESTED_OPTIONS= inet6
+
+.include "../../mk/bsd.options.mk"
+
+###
+### IPv6 support.
+###
+.if !empty(PKG_OPTIONS:Minet6)
+CONFIGURE_ARGS+= --with-ipv6
+.else
+CONFIGURE_ARGS+= --without-ipv6
+.endif
+
+###
+### Support using LDAP as a KDC backend.
+###
+.if !empty(PKG_OPTIONS:Mldap)
+. include "../../databases/openldap-client/buildlink3.mk"
+CONFIGURE_ARGS+= --with-openldap=${BUILDLINK_PREFIX.openldap-client}
+PLIST_SUBST+= LDAP=""
+
+post-install: heimdal-ldap-schema
+heimdal-ldap-schema:
+ ${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/share/examples/heimdal
+ ${INSTALL_DATA} ${WRKSRC}/lib/hdb/hdb.schema \
+ ${DESTDIR}${PREFIX}/share/examples/heimdal
+.else
+PLIST_SUBST+= LDAP="@comment "
+.endif
+
+###
+### Rename some of Heimdal's applications so they won't conflict with
+### other packages.
+###
+.if !empty(PKG_OPTIONS:Mkerberos-prefix-cmds)
+KRB5_PREFIX= k
+HEIMDAL_TRANSFORM= s/^ftp/${KRB5_PREFIX}&/; \
+ s/^login/${KRB5_PREFIX}&/; \
+ s/^${KRB5_PREFIX}login.access/login.access/; \
+ s/^rcp/${KRB5_PREFIX}&/; \
+ s/^rsh/${KRB5_PREFIX}&/; \
+ s/^su/${KRB5_PREFIX}&/; \
+ s/^telnet/${KRB5_PREFIX}&/
+.else
+KRB5_PREFIX= # empty
+HEIMDAL_TRANSFORM= s/^ftp/k&/
+.endif
+
+PLIST_SUBST+= KRB5_PREFIX=${KRB5_PREFIX:Q}
+CONFIGURE_ARGS+= --program-transform-name=${HEIMDAL_TRANSFORM:Q}
+#
+# Fix some places in the Heimdal sources that don't point to the correct
+# Kerberized binaries when exec'ing programs.
+#
+SUBST_CLASSES+= heimdal
+SUBST_STAGE.heimdal= pre-configure
+SUBST_FILES.heimdal= appl/rcp/rcp.c appl/rcp/rcp_locl.h \
+ appl/rsh/rsh_locl.h \
+ appl/telnet/telnetd/telnetd.h
+SUBST_SED.heimdal= \
+ -e "/RSH_PROGRAM/s,rsh,${KRB5_PREFIX}rsh,g" \
+ -e "/PATH_RSH/s,\"/usr/bin/rsh\",BINDIR \"${KRB5_PREFIX}rsh\",g" \
+ -e "/PATH_RSH/s,/rsh,/${KRB5_PREFIX}rsh,g" \
+ -e "/PATH_LOGIN/s,/login,/${KRB5_PREFIX}login,g"
Home |
Main Index |
Thread Index |
Old Index