| Port details |
- krb5-111 Authentication system developed at MIT, successor to Kerberos IV
- 1.11.6_2 security
 =0       1.11.6_2Version of this port present on the latest quarterly branch.  DEPRECATED: EOLed by MIT in December 2014.
 This port expired on: 2015-08-31
- Maintainer: cy@FreeBSD.org
- Port Added: 2014-10-16 19:44:48
- Last Update: 2015-09-16 02:31:37
- SVN Revision: 397036
- License: MIT
- WWW:
- http://web.mit.edu/kerberos/
- Description:
- Kerberos V5 is an authentication system developed at MIT.
WWW: http://web.mit.edu/kerberos/
Abridged from the User Guide:
Under Kerberos, a client sends a request for a ticket to the
Key Distribution Center (KDC). The KDC creates a ticket-granting
ticket (TGT) for the client, encrypts it using the client's
password as the key, and sends the encrypted TGT back to the
client. The client then attempts to decrypt the TGT, using
its password. If the client successfully decrypts the TGT, it
keeps the decrypted TGT, which indicates proof of the client's
identity. The TGT permits the client to obtain additional tickets,
which give permission for specific services.
Since Kerberos negotiates authenticated, and optionally encrypted,
communications between two points anywhere on the internet, it
provides a layer of security that is not dependent on which side of a
firewall either client is on.
The Kerberos V5 package is designed to be easy to use. Most of the
commands are nearly identical to UNIX network programs you are already
used to. Kerberos V5 is a single-sign-on system, which means that you
have to type your password only once per session, and Kerberos does
the authenticating and encrypting transparently.
Jacques Vidrine <n@nectar.com>
 cgit ¦ GitHub ¦ GitHub ¦ GitLab ¦ 
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - There is no configure plist information for this port.
- Dependency lines:
-
- krb5-111>0:security/krb5-111
- No installation instructions:
- This port has been deleted.
- PKGNAME: krb5-111
- Flavors: there is no flavor information for this port.
- distinfo:
- There is no distinfo for this port.
No package information for this port in our database- Sometimes this happens. Not all ports have packages. Perhaps there is a build error. Check the fallout link:
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- gm4 : devel/m4
- libcrypto.so.8 : security/openssl
- msgfmt : devel/gettext-tools
- gmake : devel/gmake
- perl5.20.2 : lang/perl5.20
- Runtime dependencies:
-
- libcrypto.so.8 : security/openssl
- Library dependencies:
-
- libintl.so : devel/gettext-runtime
- There are no ports dependent upon this port
Configuration Options:- ===> The following configuration options are available for krb5-111-1.11.6_2:
DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
KRB5_HTML=on: Install krb5 HTML documentation
KRB5_PDF=on: Install krb5 PDF documentation
LDAP=off: LDAP protocol support
===> Use 'make config' to modify these settings
- Options name:
- N/A
- USES:
- cpe gettext gmake perl5 gssapi:bootstrap,mit
- FreshPorts was unable to extract/find any pkg message
- Master Sites:
|
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
1.11.6_2
16 Sep 2015 02:31:37
  |
cy |
Expiry date has passed, retire security/krb5-111.
EOLed by MIT in December 2014. |
1.11.6_2
17 Aug 2015 14:20:41
|
mat |
Remove UNIQUENAME and LATEST_LINK.
UNIQUENAME was never unique, it was only used by USE_LDCONFIG and now,
we won't have conflicts there.
Use PKGBASE instead of LATEST_LINK in PKGLATESTFILE, the *only* consumer
is pkg-devel, and it works just fine without LATEST_LINK as pkg-devel
has the correct PKGNAME anyway.
Now that UNIQUENAME is gone, OPTIONSFILE is too. (it's been called
OPTIONS_FILE now.)
Reviewed by: antoine, bapt
Exp-run by: antoine
Sponsored by: Absolight
Differential Revision: https://reviews.freebsd.org/D3336 |
1.11.6_2
06 Jun 2015 20:27:21
|
cy |
MIT KRB5 ports build unusable binaries due to incorrect linking
when build under poudriere. This commit fixes that. |
1.11.6_1
20 Apr 2015 19:06:30
|
tijl |
- Display a stage-qa warning when ports use PREFIX/var instead of /var
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
when CONFIGURE_ARGS already sets it. (GNU configure scripts set it to
PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
they aren't affected by this change (for now at least). This commit is
meant to ensure that new ports don't make the same mistake.
- games/acm: the configure script in this port is very old; instead of
patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
changed the behaviour of the configure script; adjust the port to this.
PR: 199506
Exp-run by: antoine
Approved by: portmgr (antoine) |
1.11.6_1
23 Mar 2015 19:04:24
|
cy |
Fix build with libressl.
PR: 198749, 198750 |
1.11.6
05 Mar 2015 18:48:32
|
cy |
Advertise CPE data for Kerberos.
PR: 197465, 197466, 197467 |
1.11.6
26 Feb 2015 01:20:18
|
cy |
Update 1.11.5 --> 1.11.6
This is a bugfix release. The krb5-1.11 release series has reached
the end of its maintenance period, and krb5-1.11.6 is the last planned
release in the krb5-1.11 series. For new deployments, installers
should prefer the krb5-1.13 release series or later.
This commit deprecates this port.
* Work around a gcc optimizer bug that could cause DB2 KDC database
operations to spin in an infinite loop
* Fix a backward compatibility problem with the LDAP KDB schema that
could prevent krb5-1.11 and later from decoding entries created by
krb5-1.6.
(Only the first 15 lines of the commit message are shown above  ) |
1.11.5_6
20 Feb 2015 20:59:09
 |
cy |
Fix broken rpath.
Submitted by: hrs |
1.11.5_5
13 Feb 2015 20:25:24
|
cy |
Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MIT
for krb5-111 and krb5-112.
Obtained from: Greg Hudson <ghudson@mit.edu>
Security: CVE-2014-5353, CVE-2014-5354 |
1.11.5_4
13 Feb 2015 01:48:15
|
cy |
Forbid krb5-111 and krb5-112.
Security: CVE-2014-5353, CVE-2014-5354
Security: VUXML: 3a888a1e-b321-11e4-83b2-206a8a720317 |
1.11.5_4
05 Feb 2015 03:39:14
|
cy |
Correct various packaging issues:
- Libraries are not installed stripped;
- pkgconfig files should be installed to libdata;
- Use of deprecated @dirrm[try]
PR: PR/197338
Submitted by: delphij |
1.11.5_4
04 Feb 2015 20:47:05
|
cy |
Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,
gss_process_context_token VU#540092
CVE-2014-5352: gss_process_context_token() incorrectly frees context
CVE-2014-9421: kadmind doubly frees partial deserialization results
CVE-2014-9422: kadmind incorrectly validates server principal name
CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
Security: VUXML: 24ce5597-acab-11e4-a847-206a8a720317
Security: MIT KRB5: VU#540092
Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423 |
1.11.5_3
14 Dec 2014 11:44:25
|
antoine |
- Remove support for EXTRACT_PRESERVE_OWNERSHIP
- Update a few comments related to extract
Differential Revision: https://reviews.freebsd.org/D1189
With hat: portmgr |
1.11.5_3
18 Oct 2014 17:05:56
|
cy |
Fix LATEST_LINK. |
1.11.5_3
18 Oct 2014 10:06:58
|
antoine |
Unbreak |
1.11.5_3
16 Oct 2014 19:44:22
|
cy |
MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release.
- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
(now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
security/krb5-111 (the old maintenance release still supported by MIT) |
As an Amazon Associate I earn from qualifying purchases.