FreshPorts -- security/krb5-116: MIT implementation of RFC 4120 network authentication service

Port details

krb5-116 MIT implementation of RFC 4120 network authentication service

1.16.4 security =0 1.16.4Version of this port present on the latest quarterly branch.

DEPRECATED: EOL one year after the release of krb5 1.18

This port expired on: 2021-02-12

Maintainer: cy@FreeBSD.org

Port Added: 2017-12-06 04:18:23

Last Update: 2021-02-14 13:02:25

SVN Revision: 565223

License: MIT

WWW:

http://web.mit.edu/kerberos/

Description:

Kerberos V5 is an authentication system developed at MIT. WWW: http://web.mit.edu/kerberos/ Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>

~~cgit~~ ¦ ~~GitHub~~ ¦ ~~GitHub~~ ¦ ~~GitLab~~ ¦

Manual pages:

pkg-plist: as obtained via: make generate-plist

Expand this list (179 items)

Collapse this list.

@ldconfig
/usr/local/share/licenses/krb5-116-1.16.4/catalog.mk
/usr/local/share/licenses/krb5-116-1.16.4/LICENSE
/usr/local/share/licenses/krb5-116-1.16.4/MIT
bin/compile_et
bin/gss-client
bin/k5srvutil
bin/kadmin
bin/kdestroy
bin/kinit
bin/klist
bin/kpasswd
bin/krb5-config
@mode 04755
@owner root
@group wheel
bin/ksu
@mode
@owner root
@group wheel
bin/kswitch
bin/ktutil
bin/kvno
bin/sclient
bin/sim_client
bin/uuclient
include/com_err.h
include/gssapi.h
include/gssapi/gssapi.h
include/gssapi/gssapi_ext.h
include/gssapi/gssapi_generic.h
include/gssapi/gssapi_krb5.h
include/gssapi/mechglue.h
include/gssrpc/auth.h
include/gssrpc/auth_gss.h
include/gssrpc/auth_gssapi.h
include/gssrpc/auth_unix.h
include/gssrpc/clnt.h
include/gssrpc/netdb.h
include/gssrpc/pmap_clnt.h
include/gssrpc/pmap_prot.h
include/gssrpc/pmap_rmt.h
include/gssrpc/rename.h
include/gssrpc/rpc.h
include/gssrpc/rpc_msg.h
include/gssrpc/svc.h
include/gssrpc/svc_auth.h
include/gssrpc/types.h
include/gssrpc/xdr.h
include/krad.h
include/krb5.h
include/krb5/ccselect_plugin.h
include/krb5/clpreauth_plugin.h
include/krb5/hostrealm_plugin.h
include/krb5/kadm5_hook_plugin.h
include/krb5/kdcpolicy_plugin.h
include/krb5/kdcpreauth_plugin.h
include/krb5/localauth_plugin.h
include/krb5/krb5.h
include/krb5/locate_plugin.h
include/krb5/plugin.h
include/krb5/pwqual_plugin.h
include/kadm5/admin.h
include/kadm5/chpass_util_strings.h
include/krb5/kadm5_auth_plugin.h
include/kadm5/kadm_err.h
include/kdb.h
include/krb5/certauth_plugin.h
include/krb5/preauth_plugin.h
include/profile.h
include/verto-module.h
include/verto.h
lib/libcom_err.so
lib/libcom_err.so.3
lib/libcom_err.so.3.0
lib/libgssapi_krb5.so
lib/libgssapi_krb5.so.2
lib/libgssapi_krb5.so.2.2
lib/libgssrpc.so
lib/libgssrpc.so.4
lib/libgssrpc.so.4.2
lib/libk5crypto.so
lib/libk5crypto.so.3
lib/libk5crypto.so.3.1
lib/libkadm5clnt.so
lib/libkadm5clnt_mit.so
lib/libkadm5clnt_mit.so.11
lib/libkadm5clnt_mit.so.11.0
lib/libkadm5srv.so
lib/libkadm5srv_mit.so
lib/libkadm5srv_mit.so.11
lib/libkadm5srv_mit.so.11.0
lib/libkdb5.so
lib/libkdb5.so.9
lib/libkdb5.so.9.0
lib/libkrb5.so
lib/libkrb5.so.3
lib/libkrb5.so.3.3
lib/libkrb5support.so
lib/libkrb5support.so.0
lib/libkrb5support.so.0.1
lib/krb5/plugins/kdb/db2.so
lib/krb5/plugins/tls/k5tls.so
@comment lib/krb5/plugins/kdb/kldap.so
lib/krb5/plugins/preauth/otp.so
lib/krb5/plugins/preauth/pkinit.so
lib/krb5/plugins/preauth/test.so
@comment lib/libkdb_ldap.so
@comment lib/libkdb_ldap.so.1
@comment lib/libkdb_ldap.so.1.0
lib/libkrad.so
lib/libkrad.so.0
lib/libkrad.so.0.0
lib/libverto.so
lib/libverto.so.0
lib/libverto.so.0.0
libdata/pkgconfig/gssrpc.pc
libdata/pkgconfig/kadm-client.pc
libdata/pkgconfig/kadm-server.pc
libdata/pkgconfig/kdb.pc
libdata/pkgconfig/krb5-gssapi.pc
libdata/pkgconfig/krb5.pc
libdata/pkgconfig/mit-krb5-gssapi.pc
libdata/pkgconfig/mit-krb5.pc
man/man1/compile_et.1.gz
man/man1/k5srvutil.1.gz
man/man1/kadmin.1.gz
man/man1/kdestroy.1.gz
man/man1/kinit.1.gz
man/man1/klist.1.gz
man/man1/kpasswd.1.gz
man/man1/krb5-config.1.gz
man/man1/ksu.1.gz
man/man1/kswitch.1.gz
man/man1/ktutil.1.gz
man/man1/kvno.1.gz
man/man1/sclient.1.gz
man/man3/com_err.3.gz
man/man5/.k5identity.5.gz
man/man5/.k5login.5.gz
man/man5/k5identity.5.gz
man/man5/k5login.5.gz
man/man5/kadm5.acl.5.gz
man/man5/kdc.conf.5.gz
man/man5/krb5.conf.5.gz
man/man7/kerberos.7.gz
man/man8/kadmin.local.8.gz
man/man8/kadmind.8.gz
man/man8/kdb5_ldap_util.8.gz
man/man8/kdb5_util.8.gz
man/man8/kprop.8.gz
man/man8/kpropd.8.gz
man/man8/kproplog.8.gz
man/man8/krb5kdc.8.gz
man/man8/sserver.8.gz
sbin/gss-server
sbin/kadmin.local
sbin/kadmind
@comment sbin/kdb5_ldap_util
sbin/kdc
sbin/kdb5_util
sbin/kprop
sbin/kpropd
sbin/kproplog
sbin/krb5-send-pr
sbin/krb5kdc
sbin/sim_server
sbin/sserver
sbin/uuserver
share/et/et_c.awk
share/et/et_h.awk
share/locale/de/LC_MESSAGES/mit-krb5.mo
share/locale/en_US/LC_MESSAGES/mit-krb5.mo
@comment share/krb5/kerberos.schema
@comment share/krb5/kerberos.ldif
@dir lib/krb5/plugins/authdata
@dir lib/krb5/plugins/libkrb5
@dir var/run/krb5kdc
@dir var/krb5kdc

Collapse this list.

Dependency lines:

krb5-116>0:security/krb5-116

Conflicts:

CONFLICTS:

heimdal-[0-9]*
srp-[0-9]*
krb5-11[3457]-[0-9]*
krb5-1.[0-9]*
krb5-devel-*

CONFLICTS_BUILD:

boringssl-*

No installation instructions:

This port has been deleted.

PKGNAME: krb5-116

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1576180881 SHA256 (krb5-1.16.4.tar.gz) = 55bc02efbc3be2d4c9af9033f6bf17c434eb2efc4fdb0d1f5a99208c64b85da6 SIZE (krb5-1.16.4.tar.gz) = 9652568

Packages (timestamps in pop-ups are UTC):

krb5-116
ABI	aarch64	amd64	armv6	armv7	i386	powerpc	powerpc64	powerpc64le
FreeBSD:13:latest	-	-	1.16.4	-	-	-	1.16.4	-
FreeBSD:13:quarterly	-	-	-	-	-	-	-	-
FreeBSD:14:latest	-	-	-	-	-	-	-	-
FreeBSD:14:quarterly	-	-	-	-	-	-	-	-
FreeBSD:15:latest	-	-	n/a	-	n/a	-	-	-

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

gmake : devel/gmake
libtool : devel/libtool
pkgconf>=1.3.0_1 : devel/pkgconf
msgfmt : devel/gettext-tools
perl5>=5.30.r1<5.31 : lang/perl5.30

Library dependencies:

libintl.so : devel/gettext-runtime
libreadline.so.8 : devel/readline

There are no ports dependent upon this port

Configuration Options:

===> The following configuration options are available for krb5-116-1.16.4: DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names EXAMPLES=on: Build and/or install examples KRB5_HTML=on: Install krb5 HTML documentation KRB5_PDF=on: Install krb5 PDF documentation LDAP=off: LDAP protocol support NLS=on: Native Language Support ====> Command line editing for kadmin and ktutil: you can only select none or one of them READLINE=on: Command line editing via libreadline READLINE_PORT=off: Command line editing via devel/readline LIBEDIT=off: Command line editing via libedit ===> Use 'make config' to modify these settings

Options name:

N/A

USES:

cpe gmake localbase perl5 libtool:build gssapi:bootstrap,mit pkgconfig ssl gettext-runtime gettext readline

FreshPorts was unable to extract/find any pkg message

Master Sites:

Expand this list (1 items)

Collapse this list.

http://web.mit.edu/kerberos/dist/krb5/1.16/

Collapse this list.

Port Moves

port moved to security/krb5-118 on 2021-02-14
REASON: Has expired: EOL one year after the release of krb5 1.18

Number of commits found: 25

Commit	Credits	Log message
Commit History - (may be incomplete: for full details, see links to repositories near top of page)
1.16.4 14 Feb 2021 13:02:25	rene	Remove expired ports: 2021-02-12 misc/cdcollect: Unmaintained and dead upstream (12+ years) depends on deprecated libraries as www/gtkhtml3. 2021-02-12 security/krb5-116: EOL one year after the release of krb5 1.18
1.16.4 19 Feb 2020 02:42:55	cy	Welcome the new KRB5 1.18 (krb5-118) In addition, deprecate krb5-116 to retire one year after the release of krb5-118: Feb 12, 2021. Major changes in 1.18 (2020-02-12) ================================== Administrator experience: * Remove support for single-DES encryption types. * Change the replay cache format to be more efficient and robust. Replay cache filenames using the new format end with ".rcache2" by default. (Only the first 15 lines of the commit message are shown above )
1.16.4 12 Dec 2019 20:55:12	cy	Update 1.16.3 --> 1.16.4
1.16.3_2 03 May 2019 12:50:53	cy	Fix build with libressl 2.9.1. PR: 237621 Reported by: many MFH: 2019Q2
1.16.3_2 09 Apr 2019 14:04:50	sunpoet	Update devel/readline to 8.0 - Bump PORTREVISION of dependent ports for shlib change Changes: https://tiswww.case.edu/php/chet/readline/CHANGES PR: 236156 Exp-run by: antoine
1.16.3_1 12 Mar 2019 04:18:32	cy	Fix build with LibreSSL 2.9. PR: 234064 Submitted by: Charlie Li <ml+freebsd@vishwin.info>
1.16.3_1 15 Feb 2019 04:37:25	cy	Provide a script from which to start krb5kdc through /etc/rc.d/kdc. Simply add kdc_enable="YES" and kdc_program="/usr/local/sbin/kdc" to /etc/rc.d. The script removes the Heimdal kdc --detach argument prior to invoking krb5kdc. The other approach that was considered was to replace getopt() in kdc/main.c with getopt_long() however this approach was considered too intrusive.
1.16.3 13 Jan 2019 15:57:20	cy	pkgconfig is used at build time, not runtime. MFH: 2019Q1 (krb5-devel will need to have all its previous commits brought up to level in 2019Q1 first)
1.16.3 08 Jan 2019 20:29:34	cy	Welcome the new KRB5 1.17 (krb5-117). Major changes in 1.17 (2019-01-08) ================================== Administrator experience: * A new Kerberos database module using the Lightning Memory-Mapped Database library (LMDB) has been added. The LMDB KDB module should be more performant and more robust than the DB2 module, and may become the default module for new databases in a future release. * "kdb5_util dump" will no longer dump policy entries when specific principal names are requested. (Only the first 15 lines of the commit message are shown above )
1.16.3 08 Jan 2019 20:02:54	cy	Correct CONFLICTS. MFH: 2019Q1
1.16.3 08 Jan 2019 01:41:04	cy	Update 1.16.2 --> 1.16.3 Major changes in 1.16.3 (2019-01-07) ==================================== This is a bug fix release. * Fix a regression in the MEMORY credential cache type which could cause client programs to crash. * MEMORY credential caches will not be listed in the global collection, with the exception of the default credential cache if it is of type MEMORY. * Remove an incorrect assertion in the KDC which could be used to cause a crash [CVE-2018-20217]. MFH: 2019Q1
1.16.2 02 Nov 2018 15:51:37	cy	krb5-116: update 1.16.1 --> 1.16.2
1.16.1_5 02 Jul 2018 05:57:38	cy	While working the ports fallout due to making Hemidal in base private it was discovered that com_err.3, though distributed in the tarball, was not installed. Install it.
1.16.1_4 02 Jul 2018 05:57:27	cy	Sort man pages.
1.16.1_4 19 Jun 2018 13:38:35	cy	Revert r472760 and instead use upstream git commit beeb2828945a41d86488e391ce440bacee0ec committed to the krb5 development branch Saturday, June 16. The upstream commit message follows: Author: Thomas Sondergaard <tsondergaard@vitalimages.com> Date: Sat Jun 16 18:14:50 2018 +0200 Eliminate use of the 'register' keyword 'register' is a reserved and unused keyword in C++17 so having it present in the public headers presents a a compatibility issue. Also in C the 'register' keyword is mostly obsolete, so remove all uses of it. [ghudson@mit.edu: adjusted style of some of the affected lines]
1.16.1_3 19 Jun 2018 06:51:56	cy	While working on the ports fallout due to the private Heimdal in base project, a port (www/squid-devel) was discovered to be grumpy due to numerous errors such as below: /usr/local/include/krb5/krb5.h:3566:19: error: 'register' storage class specifier is deprecated and incompatible with C++17 [-Werror,-Wdeprecated-register] register char **name); ^~~~~~~~~ The "register" keyword is meaningless and can cause grief among ports that build against any of the krb5 ports.
1.16.1_2 13 Jun 2018 05:55:52	cy	MIT krb5 fails to build with boringssl installed due to a missing typedef for PKCS7 in the boringssl pkcs7.h.
1.16.1_2 13 Jun 2018 05:44:58	cy	Fix build with libressl and bearssl. PR: 228970
1.16.1_1 12 Jun 2018 03:42:18	cy	Fix logic from patch supplied in PR 217027, committed in r433966 and r433967. PR: 228900
1.16.1 04 May 2018 06:18:44	cy	Update 1.16 --> 1.16.1 Major changes in 1.16.1 (2018-05-03) ==================================== This is a bug fix release. * Fix flaws in LDAP DN checking, including a null dereference KDC crash which could be triggered by kadmin clients with administrative privileges [CVE-2018-5729, CVE-2018-5730]. * Fix a KDC PKINIT memory leak. * Fix a small KDC memory leak on transited or authdata errors when processing TGS requests. (Only the first 15 lines of the commit message are shown above )
1.16_1 29 Mar 2018 14:53:24	mat	Mark some ports broken with openssl-devel. Sponsored by: Absolight
1.16_1 02 Feb 2018 06:50:25	cy	Fix build when NLS option is unchecked. Reported by: Geraud CONTINSOUZAS <geraud.continsouzas@skazy.nc>
1.16 11 Jan 2018 16:24:53	danfe	Remove superfluous linefeeds.
1.16 10 Jan 2018 15:08:51	danfe	Do not abuse INSTALL_MAN when installing documentation, examples, and other miscellaneous files which are not actually manual pages.
1.16 06 Dec 2017 04:18:14	cy	Welcome the new security/krb5-116 port. This port follows MIT's KRB5 1.16 releases. Major changes in 1.16 (2017-12-05) ================================== Administrator experience: * The KDC can match PKINIT client certificates against the "pkinit_cert_match" string attribute on the client principal entry, using the same syntax as the existing "pkinit_cert_match" profile option. * The ktutil addent command supports the "-k 0" option to ignore the key version, and the "-s" option to use a non-default salt string. (Only the first 15 lines of the commit message are shown above )

Number of commits found: 25

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

vaultwarden	Nov 18
mongodb50	Nov 17
mongodb60	Nov 17
mongodb70	Nov 17
mongodb80	Nov 17
chromium	Nov 16
electron31^*	Nov 16
electron32^*	Nov 16
ungoogled-chromium	Nov 16
vaultwarden	Nov 16
electron31	Nov 14
gitlab	Nov 14
postgresql12-client	Nov 14
postgresql12-plperl	Nov 14
postgresql12-server	Nov 14

20 vulnerabilities affecting 158 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2024-11-19 19:12:13 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	33084
Broken	119
Deprecated	186
Ignore	248
Forbidden	1
Restricted	2
No CDROM	1
Vulnerable	36
Expired	12
Set to expire	148
Interactive	0
new 24 hours	57
new 48 hours	75
new 7 days	93
new fortnight	126
new month	362