FreshPorts -- security/krb5-114: MIT implementation of RFC 4120 network authentication service

Port details

krb5-114 MIT implementation of RFC 4120 network authentication service

1.14.6_4 security =0 1.14.6_4Version of this port present on the latest quarterly branch.

DEPRECATED: EOL twelve months after release of krb5-1.16

This port expired on: 2018-12-31

Maintainer: cy@FreeBSD.org

Port Added: 2015-12-15 05:02:18

Last Update: 2018-12-31 13:37:59

SVN Revision: 488786

License: MIT

WWW:

http://web.mit.edu/kerberos/

Description:

Kerberos V5 is an authentication system developed at MIT. WWW: http://web.mit.edu/kerberos/ Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>

~~cgit~~ ¦ ~~GitHub~~ ¦ ~~GitHub~~ ¦ ~~GitLab~~ ¦

Manual pages:

pkg-plist: as obtained via: make generate-plist

Expand this list (174 items)

Collapse this list.

/usr/local/share/licenses/krb5-114-1.14.6_4/catalog.mk
/usr/local/share/licenses/krb5-114-1.14.6_4/LICENSE
/usr/local/share/licenses/krb5-114-1.14.6_4/MIT
bin/compile_et
bin/gss-client
bin/k5srvutil
bin/kadmin
bin/kdestroy
bin/kinit
bin/klist
bin/kpasswd
bin/krb5-config
@mode 04755
@owner root
@group wheel
bin/ksu
@mode
@owner root
@group wheel
bin/kswitch
bin/ktutil
bin/kvno
bin/sclient
bin/sim_client
bin/uuclient
include/com_err.h
include/gssapi.h
include/gssapi/gssapi.h
include/gssapi/gssapi_ext.h
include/gssapi/gssapi_generic.h
include/gssapi/gssapi_krb5.h
include/gssapi/mechglue.h
include/gssrpc/auth.h
include/gssrpc/auth_gss.h
include/gssrpc/auth_gssapi.h
include/gssrpc/auth_unix.h
include/gssrpc/clnt.h
include/gssrpc/netdb.h
include/gssrpc/pmap_clnt.h
include/gssrpc/pmap_prot.h
include/gssrpc/pmap_rmt.h
include/gssrpc/rename.h
include/gssrpc/rpc.h
include/gssrpc/rpc_msg.h
include/gssrpc/svc.h
include/gssrpc/svc_auth.h
include/gssrpc/types.h
include/gssrpc/xdr.h
include/krad.h
include/krb5.h
include/krb5/ccselect_plugin.h
include/krb5/clpreauth_plugin.h
include/krb5/hostrealm_plugin.h
include/krb5/kadm5_hook_plugin.h
include/krb5/kdcpreauth_plugin.h
include/krb5/localauth_plugin.h
include/krb5/krb5.h
include/krb5/locate_plugin.h
include/krb5/plugin.h
include/krb5/pwqual_plugin.h
include/kadm5/admin.h
include/kadm5/chpass_util_strings.h
include/kadm5/kadm_err.h
include/kdb.h
include/krb5/preauth_plugin.h
include/profile.h
include/verto-module.h
include/verto.h
lib/libcom_err.so
lib/libcom_err.so.3
lib/libcom_err.so.3.0
lib/libgssapi_krb5.so
lib/libgssapi_krb5.so.2
lib/libgssapi_krb5.so.2.2
lib/libgssrpc.so
lib/libgssrpc.so.4
lib/libgssrpc.so.4.2
lib/libk5crypto.so
lib/libk5crypto.so.3
lib/libk5crypto.so.3.1
lib/libkadm5clnt.so
lib/libkadm5clnt_mit.so
lib/libkadm5clnt_mit.so.10
lib/libkadm5clnt_mit.so.10.0
lib/libkadm5srv.so
lib/libkadm5srv_mit.so
lib/libkadm5srv_mit.so.10
lib/libkadm5srv_mit.so.10.0
lib/libkdb5.so
lib/libkdb5.so.8
lib/libkdb5.so.8.0
lib/libkrb5.so
lib/libkrb5.so.3
lib/libkrb5.so.3.3
lib/libkrb5support.so
lib/libkrb5support.so.0
lib/libkrb5support.so.0.1
lib/krb5/plugins/kdb/db2.so
lib/krb5/plugins/tls/k5tls.so
@comment lib/krb5/plugins/kdb/kldap.so
lib/krb5/plugins/preauth/otp.so
lib/krb5/plugins/preauth/pkinit.so
lib/krb5/plugins/preauth/test.so
@comment lib/libkdb_ldap.so
@comment lib/libkdb_ldap.so.1
@comment lib/libkdb_ldap.so.1.0
lib/libkrad.so
lib/libkrad.so.0
lib/libkrad.so.0.0
lib/libverto.so
lib/libverto.so.0
lib/libverto.so.0.0
libdata/pkgconfig/gssrpc.pc
libdata/pkgconfig/kadm-client.pc
libdata/pkgconfig/kadm-server.pc
libdata/pkgconfig/kdb.pc
libdata/pkgconfig/krb5-gssapi.pc
libdata/pkgconfig/krb5.pc
libdata/pkgconfig/mit-krb5-gssapi.pc
libdata/pkgconfig/mit-krb5.pc
man/man1/compile_et.1.gz
man/man1/k5srvutil.1.gz
man/man1/kadmin.1.gz
man/man1/kdestroy.1.gz
man/man1/kinit.1.gz
man/man1/klist.1.gz
man/man1/kpasswd.1.gz
man/man1/krb5-config.1.gz
man/man1/ksu.1.gz
man/man1/kswitch.1.gz
man/man1/ktutil.1.gz
man/man1/kvno.1.gz
man/man1/sclient.1.gz
man/man3/com_err.3.gz
man/man5/.k5identity.5.gz
man/man5/.k5login.5.gz
man/man5/k5identity.5.gz
man/man5/k5login.5.gz
man/man5/kadm5.acl.5.gz
man/man5/kdc.conf.5.gz
man/man5/krb5.conf.5.gz
man/man8/kadmin.local.8.gz
man/man8/kadmind.8.gz
man/man8/kdb5_ldap_util.8.gz
man/man8/kdb5_util.8.gz
man/man8/kprop.8.gz
man/man8/kpropd.8.gz
man/man8/kproplog.8.gz
man/man8/krb5kdc.8.gz
man/man8/sserver.8.gz
sbin/gss-server
sbin/kadmin.local
sbin/kadmind
@comment sbin/kdb5_ldap_util
sbin/kdb5_util
sbin/kprop
sbin/kpropd
sbin/kproplog
sbin/krb5-send-pr
sbin/krb5kdc
sbin/sim_server
sbin/sserver
sbin/uuserver
share/et/et_c.awk
share/et/et_h.awk
share/locale/en_US/LC_MESSAGES/mit-krb5.mo
@comment share/krb5/kerberos.schema
@comment share/krb5/kerberos.ldif
@dir lib/krb5/plugins/authdata
@dir lib/krb5/plugins/libkrb5
@dir var/run/krb5kdc
@dir var/krb5kdc
@postexec /usr/sbin/service ldconfig restart > /dev/null
@postunexec /usr/sbin/service ldconfig restart > /dev/null

Collapse this list.

Dependency lines:

krb5-114>0:security/krb5-114

Conflicts:

CONFLICTS:

heimdal-[0-9]*
srp-[0-9]*
krb5-11[35]-[0-9]*
krb5-1.[0-9]*
krb5-devel-*

CONFLICTS_BUILD:

boringssl-*

No installation instructions:

This port has been deleted.

PKGNAME: krb5-114

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1506419928 SHA256 (krb5-1.14.6.tar.gz) = e259f8ed9f0c2a326e5a4d06b3f268575443fa83c0d348b37b7b5329ac5d0470 SIZE (krb5-1.14.6.tar.gz) = 12326355

No package information for this port in our database: Sometimes this happens. Not all ports have packages. Perhaps there is a build error. Check the fallout link:

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

gmake : devel/gmake
libtool : devel/libtool
msgfmt : devel/gettext-tools
perl5>=5.26<5.27 : lang/perl5.26

Runtime dependencies:

pkgconf>=1.3.0_1 : devel/pkgconf

Library dependencies:

libintl.so : devel/gettext-runtime
libreadline.so.7 : devel/readline

There are no ports dependent upon this port

Configuration Options:

===> The following configuration options are available for krb5-114-1.14.6_4: DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names EXAMPLES=on: Build and/or install examples KRB5_HTML=on: Install krb5 HTML documentation KRB5_PDF=on: Install krb5 PDF documentation LDAP=off: LDAP protocol support NLS=on: Native Language Support ====> Command line editing for kadmin and ktutil: you can only select none or one of them READLINE=on: Command line editing via libreadline READLINE_PORT=off: Command line editing via devel/readline LIBEDIT=off: Command line editing via libedit ===> Use 'make config' to modify these settings

Options name:

N/A

USES:

cpe gmake localbase perl5 libtool:build gssapi:bootstrap,mit pkgconfig:run ssl gettext-runtime gettext readline

FreshPorts was unable to extract/find any pkg message

Master Sites:

Expand this list (1 items)

Collapse this list.

http://web.mit.edu/kerberos/dist/krb5/1.14/

Collapse this list.

Number of commits found: 47

Commit	Credits	Log message
Commit History - (may be incomplete: for full details, see links to repositories near top of page)
1.14.6_4 31 Dec 2018 13:37:59	rene	Remove expired ports: 2018-12-31 net/libsrtp: Superseded by libsrtp2 2018-12-31 x11-toolkits/wlc: Deprecated upstream 2018-12-31 japanese/spamassassin: does not build 2018-12-31 www/spdylay: SPDY is deprecated, use HTTP/2 instead 2018-12-31 www/moodle33: Upstream no longer maintained 2018-12-31 security/krb5-114: EOL twelve months after release of krb5-1.16 2018-12-31 databases/mongodb32: EOL upstream since September 2018 2018-12-31 databases/mongodb32-tools: EOL upstream since September 2018 2018-12-31 audio/creox: Qt4 has been EOL since december 2015 2018-12-31 audio/terminatorx: Unmaintained, broken too often 2018-12-31 audio/shoutcast: Upstream vendor no longer provides releases 2018-12-31 dns/powerdns-recursor40: FreeBSD 10.3 has reached EoL since 2018-04-30; users should upgrade and use dns/powerdns-recursor instead 2018-12-31 sysutils/ataidle: obsoleted by camcontrol(8) 2018-12-31 sysutils/syslog-ng37: No longer officially supported by Balabit, does not support openssl111 2018-12-31 sysutils/cfengine22: No longeer supported by cfengine.com 2018-12-31 sysutils/syslog-ng36: No longer officially supported by Balabit, does not support openssl111
1.14.6_4 10 Nov 2018 10:09:49	mat	security/openssl-devel was removed, but there is a security/openssl111 now.
1.14.6_4 23 Oct 2018 16:34:44	jbeich	Expand FreeBSD 12 conditionals to include 13.0-CURRENT
1.14.6_4 16 Oct 2018 13:41:26	rene	Fix INDEX Pointy hat: cy
16 Oct 2018 12:38:46	cy	This old, out to be expired, krb5-114 fails to build under HEAD. It is already deprecated and scheduled for removal at the end of the year.
1.14.6_4 02 Jul 2018 05:57:38	cy	While working the ports fallout due to making Hemidal in base private it was discovered that com_err.3, though distributed in the tarball, was not installed. Install it.
1.14.6_3 02 Jul 2018 05:57:27	cy	Sort man pages.
1.14.6_3 19 Jun 2018 13:38:35	cy	Revert r472760 and instead use upstream git commit beeb2828945a41d86488e391ce440bacee0ec committed to the krb5 development branch Saturday, June 16. The upstream commit message follows: Author: Thomas Sondergaard <tsondergaard@vitalimages.com> Date: Sat Jun 16 18:14:50 2018 +0200 Eliminate use of the 'register' keyword 'register' is a reserved and unused keyword in C++17 so having it present in the public headers presents a a compatibility issue. Also in C the 'register' keyword is mostly obsolete, so remove all uses of it. [ghudson@mit.edu: adjusted style of some of the affected lines]
1.14.6_2 19 Jun 2018 06:51:56	cy	While working on the ports fallout due to the private Heimdal in base project, a port (www/squid-devel) was discovered to be grumpy due to numerous errors such as below: /usr/local/include/krb5/krb5.h:3566:19: error: 'register' storage class specifier is deprecated and incompatible with C++17 [-Werror,-Wdeprecated-register] register char **name); ^~~~~~~~~ The "register" keyword is meaningless and can cause grief among ports that build against any of the krb5 ports.
1.14.6_1 13 Jun 2018 05:55:52	cy	MIT krb5 fails to build with boringssl installed due to a missing typedef for PKCS7 in the boringssl pkcs7.h.
1.14.6_1 12 Jun 2018 03:42:25	cy	krb5-114 is deprecated and scheduled for deletion at the end of this year. Mark broken with OpenSSL >= 1.1.0. PR: 228900
1.14.6_1 02 Feb 2018 06:50:25	cy	Fix build when NLS option is unchecked. Reported by: Geraud CONTINSOUZAS <geraud.continsouzas@skazy.nc>
1.14.6 10 Jan 2018 15:08:51	danfe	Do not abuse INSTALL_MAN when installing documentation, examples, and other miscellaneous files which are not actually manual pages.
1.14.6 06 Dec 2017 15:22:50	cy	Adjust expiry date. Reported by: Boris Samorodov <bsam@passap.ru>
1.14.6 06 Dec 2017 04:43:03	cy	As per MIT policy, deprecate and expire twelve months following release of 1.16 (+ grace period to end of month).
1.14.6 30 Oct 2017 16:55:27	mandree	Reconcile e2fsprogs ./. krb5-* conflicts. * Move conflicting e2fsprogs headers & libs into .../e2fsprogs/... subdirs. * Move conflicting awk scripts into ${DATADIR}. * Rename and patch compile_et to e2fsprogs-compile_et. * Remove conflict markers (from e2fsprogs and krb5-). Add CPPFLAGS/LDFLAGS to sysutils/fusefs-ext2, including --rpath setting. While here, also: * sort pkg-plist and files/unwanted * use FUSEFS_CONFIGURE_ENABLE=fuse2fs to prevent e2fsprogs from picking up fusefs (implies --disable-fuse2fs if the option remains disabled) * add --without-included-gettext to CONFIGURE_ARGS just to be on the safe side. And of course, bump PORTREVISION to 3 in e2fsprogs. Since other ports do not change files or runtime behaviour, their PORTREVISION remains untouched.
1.14.6 30 Oct 2017 00:16:28	mandree	Add CONFLICTS between krb5-* and e2fsprogs. Reported by: jbeich@
1.14.6 05 Oct 2017 01:55:26	cy	Register conflicts among the krb5 ports. Reported by: rodrigo
1.14.6 26 Sep 2017 10:10:20	cy	Update 1.14.5 --> 1.14.6
1.14.5_5 27 Jun 2017 13:46:53	sunpoet	Update devel/readline to 7.0 patch 3 - Bump PORTREVISION for shlib change Changes: https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html Differential Revision: https://reviews.freebsd.org/D11172 PR: 219947 Exp-run by: antoine
1.14.5_4 21 Jun 2017 02:46:53	cy	Switch to USES=localbase.
1.14.5_4 14 Mar 2017 04:57:38	cy	Fix up plist.
1.14.5_4 14 Mar 2017 03:24:42	cy	Pet portlint. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_4 14 Mar 2017 03:22:20	cy	Simplfy WRKSRC by using WRKSRC_SUBDIR. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_4 14 Mar 2017 03:17:52	cy	Describe CMD_LINE_EDITING RADIO group. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_4 14 Mar 2017 03:15:55	cy	Respect global NLS option. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_4 14 Mar 2017 03:14:08	cy	Convert to global EXAMPLES (default). PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_4 14 Mar 2017 03:09:16	cy	New READLINE_PORT option to select to use readline in base or readline in ports. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_4 14 Mar 2017 03:06:23	cy	Remove redundant file that should have been removed in r253265. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_3 14 Mar 2017 02:59:39	cy	Use options helpers. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_3 14 Mar 2017 02:55:24	cy	Install LDIF and schema files if LDAP is enabled PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_2 14 Mar 2017 02:51:37	cy	Replace explicit PLIST_SUB with OPTIONS_SUB, simplifying Makefiles. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_2 14 Mar 2017 02:48:20	cy	Make READLINE default. PR: 217552 Submitted by: John W. O'brien <john@saltant.com> Differential Revision: D9889
1.14.5_1 05 Mar 2017 03:29:50	cy	Revert the rename of README.FreeBSD to README.FreeBSD.in. This is part of a possible future change to this port that was accidentally not removed prior to committing r435447.
1.14.5_1 05 Mar 2017 03:27:05	cy	Remove redundant message about Kerberos klogind and telnetd. These programs ere moved to krb5-appl (by MIT) when krb5-appl was created in r253265. This message should have been removed from this Makefile at that time. Pointy hat to: cy (that's me)
1.14.5 04 Mar 2017 00:08:53	cy	Update 1.14.4 --> 1.14.5
1.14.4_1 04 Feb 2017 01:37:17	cy	pkgconfig is only needed at install/runtime. Reported by: des
1.14.4 16 Dec 2016 20:16:48	cy	Replace description with somthing more relevant to today. Suggested by: wollman
1.14.4 14 Sep 2016 10:02:15	cy	Update 1.14.3 --> 1.14.4.
1.14.3 22 Jul 2016 00:29:31	cy	Replace USE_OPENSSL with USES=ssl.
1.14.3 22 Jul 2016 00:24:35	cy	Update to 1.14.3. This is a bug fix release. * Improve some error messages * Improve documentation * Allow a principal with nonexistent policy to bypass the minimum password lifetime check, consistent with other aspects of nonexistent policies * Fix a rare KDC denial of service vulnerability when anonymous client principals are restricted to obtaining TGTs only [CVE-2016-3120] MFH: 2016Q3 Security: 62d45229-4fa0-11e6-9d13-206a8a720317 Security: CVE-2016-3120
1.14.2 19 May 2016 10:53:06	amdmi3	- Fix trailing whitespace in pkg-descrs, categories [p-x]* Approved by: portmgr blanket
1.14.2 20 Apr 2016 12:29:43	cy	Update 1.14.1 --> 1.14.2
1.14.1 30 Mar 2016 07:28:23	bapt	Remove uneeded dependency on GNU m4
1.14.1 02 Mar 2016 02:33:21	cy	Update 1.14 --> 1.14.1
1.14 15 Dec 2015 05:02:21	cy	This is the second part of two commits, the first being r403749. Adopt the same port structure as used by the cfengine family of ports: security/krb5 is renamed to security/krb5-114. A brand new security/krb5 now becomes a master port for the family of security/krb5-* ports. The default installs krb5-1.14. There is no functional change to the port build nor does the name of the latest krb5 port and package change. Users can continue to install security/krb5 to track the latest major version of security/krb5. Users wishing to install a specific version branch of krb5 can continue to install any of the security/krb5-* ports or by setting KRB5_VERSION in make.conf make.conf or including the branch on the make command line during build: make KRB5_VERSIN=NNN make -V VERSIONS lists available versions. security/krb5-appl has been updated to support this change (also fixing a typo in the krb5-appl/Makefile). Inspired by: sysutils/cfengine
1.14 15 Dec 2015 04:57:49	cy	Move security/krb5 to security/krb5-114 in preparation for restructuring of the krb5 faimily of ports. Inspired by: the cfengine family of ports

Number of commits found: 47

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox	Apr 04
firefox-esr	Apr 04
firefox-esr	Apr 04
firefox-esr	Apr 04
firefox-esr	Apr 04
firefox-esr	Apr 04
firefox-esr	Apr 04

27 vulnerabilities affecting 254 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2025-04-04 17:02:35 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	33246
Broken	130
Deprecated	280
Ignore	245
Forbidden	1
Restricted	2
No CDROM	1
Vulnerable	26
Expired	33
Set to expire	237
Interactive	0
new 24 hours	2
new 48 hours	3
new 7 days	10
new fortnight	38
new month	97

Newsfeed changes