diff options
| author | cy <cy@FreeBSD.org> | 2012-11-04 02:59:37 +0800 |
|---|---|---|
| committer | cy <cy@FreeBSD.org> | 2012-11-04 02:59:37 +0800 |
| commit | 2fdaca26fd9903ff1d02a696d5d5f9ddaca288cd (patch) | |
| tree | 81dc4e8f79d350b1239ca833333217272025adc8 | |
| parent | 0dce0da18fabb3b5fc10c9cd0edfa6a2912023d6 (diff) | |
| download | freebsd-ports-gnome-2fdaca26fd9903ff1d02a696d5d5f9ddaca288cd.tar.gz freebsd-ports-gnome-2fdaca26fd9903ff1d02a696d5d5f9ddaca288cd.tar.zst freebsd-ports-gnome-2fdaca26fd9903ff1d02a696d5d5f9ddaca288cd.zip | |
Update krb5 1.9.2 --> 1.10.3
Feature safe: yes
| -rw-r--r-- | security/krb5/Makefile | 12 | ||||
| -rw-r--r-- | security/krb5/distinfo | 6 | ||||
| -rw-r--r-- | security/krb5/files/patch-as | 192 | ||||
| -rw-r--r-- | security/krb5/files/patch-config::shlib.conf | 9 | ||||
| -rw-r--r-- | security/krb5/pkg-plist | 12 |
5 files changed, 24 insertions, 207 deletions
diff --git a/security/krb5/Makefile b/security/krb5/Makefile index 5cb41895799e..4b40fb59645e 100644 --- a/security/krb5/Makefile +++ b/security/krb5/Makefile @@ -6,14 +6,12 @@ # PORTNAME= krb5 -PORTVERSION= 1.9.2 -PORTREVISION= 3 +PORTVERSION= 1.10.3 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ PATCH_SITES= http://web.mit.edu/kerberos/advisories/ DISTNAME= ${PORTNAME}-${PORTVERSION}-signed EXTRACT_SUFX= .tar -PATCHFILES= 2011-007-patch.txt MAINTAINER= cy@FreeBSD.org COMMENT= An authentication system developed at MIT, successor to Kerberos IV @@ -29,6 +27,7 @@ USE_PERL5_BUILD= yes USE_LDCONFIG= yes USE_CSTD= gnu89 USE_AUTOTOOLS= libtool +USE_GETTEXT= yes CONFIGURE_ARGS?= --enable-shared CONFIGURE_ENV= INSTALL="${INSTALL}" YACC="${YACC}" MAKE_ARGS= INSTALL="${INSTALL}" @@ -45,6 +44,7 @@ PREFIX= ${KRB5_HOME} CFLAGS+= -rpath=${KRB5_HOME}/lib LDFLAGS+= -rpath=${KRB5_HOME}/lib .endif +LDFLAGS+= -L${LOCALBASE}/lib .include <bsd.port.pre.mk> @@ -73,9 +73,11 @@ WITH_OPENSSL_PORT= yes .include "${PORTSDIR}/Mk/bsd.openssl.mk" MAN1= k5srvutil.1 kadmin.1 krb5-send-pr.1 krb5-config.1 \ - kpasswd.1 klist.1 kinit.1 kdestroy.1 ksu.1 ktutil.1 \ + kpasswd.1 klist.1 kinit.1 kdestroy.1 kswitch.1 ksu.1 \ + ktutil.1 \ sclient.1 kerberos.1 kvno.1 compile_et.1 -MAN5= kdc.conf.5 krb5.conf.5 .k5login.5 +MAN5= kdc.conf.5 krb5.conf.5 .k5identity.5 .k5login.5 \ + k5identity.5 k5login.5 MAN8= krb5kdc.8 kadmin.local.8 kdb5_util.8 kadmind.8 \ kprop.8 kpropd.8 kproplog.8 sserver.8 diff --git a/security/krb5/distinfo b/security/krb5/distinfo index 4592bb0ea23d..4343b1ad17dd 100644 --- a/security/krb5/distinfo +++ b/security/krb5/distinfo @@ -1,4 +1,2 @@ -SHA256 (krb5-1.9.2-signed.tar) = 96b213345b02862b5fef61ef1dd26f643f07e4207496c35179cea35ddb7ae68c -SIZE (krb5-1.9.2-signed.tar) = 12185600 -SHA256 (2011-007-patch.txt) = 0b0413e175e81b5fb7497f3351341066644431d72663bb1cba9d59b715669486 -SIZE (2011-007-patch.txt) = 1417 +SHA256 (krb5-1.10.3-signed.tar) = fc48f9f985bf04aa91c239dae0daaa0509c85b61b2d172d9d65ab0c52bcea3cf +SIZE (krb5-1.10.3-signed.tar) = 11530240 diff --git a/security/krb5/files/patch-as b/security/krb5/files/patch-as deleted file mode 100644 index 2ddf97ea1104..000000000000 --- a/security/krb5/files/patch-as +++ /dev/null @@ -1,192 +0,0 @@ ---- clients/ksu/main.c.orig 2009-11-02 19:27:56.000000000 -0800 -+++ clients/ksu/main.c 2010-04-19 12:27:09.090190157 -0700 -@@ -33,6 +33,10 @@ - #include <signal.h> - #include <grp.h> - -+#ifdef LOGIN_CAP -+#include <login_cap.h> -+#endif -+ - /* globals */ - char * prog_name; - int auth_debug =0; -@@ -62,7 +66,7 @@ - ill specified arguments to commands */ - - void usage (){ -- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); -+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); - } - - /* for Ultrix and friends ... */ -@@ -78,6 +82,7 @@ - int argc; - char ** argv; - { -+ int asme = 0; - int hp =0; - int some_rest_copy = 0; - int all_rest_copy = 0; -@@ -92,6 +97,7 @@ - char * cc_target_tag = NULL; - char * target_user = NULL; - char * source_user; -+ char * source_shell; - - krb5_ccache cc_source = NULL; - const char * cc_source_tag = NULL; -@@ -119,6 +125,11 @@ - krb5_boolean zero_password; - char * dir_of_cc_target; - -+#ifdef LOGIN_CAP -+ login_cap_t *lc; -+ int setwhat; -+#endif -+ - options.opt = KRB5_DEFAULT_OPTIONS; - options.lifetime = KRB5_DEFAULT_TKT_LIFE; - options.rlife =0; -@@ -182,7 +193,8 @@ - com_err (prog_name, errno, "while setting euid to source user"); - exit (1); - } -- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){ -+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){ -+ - switch (option) { - case 'r': - options.opt |= KDC_OPT_RENEWABLE; -@@ -228,6 +240,9 @@ - errflg++; - } - break; -+ case 'm': -+ asme = 1; -+ break; - case 'n': - if ((retval = krb5_parse_name(ksu_context, optarg, &client))){ - com_err(prog_name, retval, "when parsing name %s", optarg); -@@ -342,6 +357,7 @@ - - /* allocate space and copy the usernamane there */ - source_user = xstrdup(pwd->pw_name); -+ source_shell = xstrdup(pwd->pw_shell); - source_uid = pwd->pw_uid; - source_gid = pwd->pw_gid; - -@@ -673,43 +689,64 @@ - /* get the shell of the user, this will be the shell used by su */ - target_pwd = getpwnam(target_user); - -- if (target_pwd->pw_shell) -- shell = xstrdup(target_pwd->pw_shell); -- else { -- shell = _DEF_CSH; /* default is cshell */ -+ if (asme) { -+ if (source_shell && *source_shell) { -+ shell = strdup(source_shell); -+ } else { -+ shell = _DEF_CSH; -+ } -+ } else { -+ if (target_pwd->pw_shell) -+ shell = strdup(target_pwd->pw_shell); -+ else { -+ shell = _DEF_CSH; /* default is cshell */ -+ } - } - - #ifdef HAVE_GETUSERSHELL - - /* insist that the target login uses a standard shell (root is omited) */ - -- if (!standard_shell(target_pwd->pw_shell) && source_uid) { -- fprintf(stderr, "ksu: permission denied (shell).\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -+ if (asme) { -+ if (!standard_shell(pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } else { -+ if (!standard_shell(target_pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - } - #endif /* HAVE_GETUSERSHELL */ - -- if (target_pwd->pw_uid){ -+ if (!asme) { -+ if (target_pwd->pw_uid){ -+ if (set_env_var("USER", target_pwd->pw_name)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } - -- if(set_env_var("USER", target_pwd->pw_name)){ -+ if (set_env_var( "HOME", target_pwd->pw_dir)){ - fprintf(stderr,"ksu: couldn't set environment variable USER\n"); - sweep_up(ksu_context, cc_target); - exit(1); -- } -- } -+ } - -- if(set_env_var( "HOME", target_pwd->pw_dir)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -+ if (set_env_var( "SHELL", shell)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - } - -- if(set_env_var( "SHELL", shell)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+#ifdef LOGIN_CAP -+ lc = login_getpwclass(pwd); -+#endif - - /* set the cc env name to target */ - -@@ -720,6 +757,19 @@ - exit(1); - } - -+#ifdef LOGIN_CAP -+ setwhat = LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORIT -+ -+ setwhat |= LOGIN_SETPATH|LOGIN_SETUMASK|LOGIN_SETENV; -+ /* -+ * Don't touch resource/priority settings if -m has been -+ * used or -l and -c hasn't, and we're not su'ing to root. -+ */ -+ if (target_pwd->pw_uid) -+ setwhat &= ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES); -+ if (setusercontext(lc, target_pwd, target_pwd->pw_uid, setwhat) < 0) -+ err(1, "setusercontext"); -+#else - /* set permissions */ - if (setgid(target_pwd->pw_gid) < 0) { - perror("ksu: setgid"); -@@ -760,6 +810,7 @@ - sweep_up(ksu_context, cc_target); - exit(1); - } -+#endif /* LOGIN_CAP */ - - if (access( cc_target_tag_tmp, R_OK | W_OK )){ - com_err(prog_name, errno, diff --git a/security/krb5/files/patch-config::shlib.conf b/security/krb5/files/patch-config::shlib.conf index c8a3d391a103..55f967d8a505 100644 --- a/security/krb5/files/patch-config::shlib.conf +++ b/security/krb5/files/patch-config::shlib.conf @@ -1,13 +1,13 @@ ---- config/shlib.conf.orig 2008-12-08 14:33:07.000000000 -0800 -+++ config/shlib.conf 2009-08-28 13:27:39.000000000 -0700 -@@ -299,24 +299,17 @@ +--- config/shlib.conf.orig 2012-08-08 15:27:55.000000000 -0700 ++++ config/shlib.conf 2012-11-02 17:49:31.140500618 -0700 +@@ -306,24 +306,18 @@ ;; *-*-freebsd*) - if test -x /usr/bin/objformat ; then - objformat=`/usr/bin/objformat` - else -- objformat="aout" +- objformat="elf" - fi - PICFLAGS=-fpic - if test "x$objformat" = "xelf" ; then @@ -15,6 +15,7 @@ + sparc64-*) PICFLAGS=-fPIC;; + *) PICFLAGS=-fpic;; + esac ++ SHLIBVEXT='.so.$(LIBMAJOR)' + LDCOMBINE="libtool --mode=link cc -Xcompiler -shared" RPATH_FLAG='-Wl,-rpath -Wl,' diff --git a/security/krb5/pkg-plist b/security/krb5/pkg-plist index edbd0b5486e8..3791eacaf5a8 100644 --- a/security/krb5/pkg-plist +++ b/security/krb5/pkg-plist @@ -7,6 +7,7 @@ bin/kinit bin/klist bin/kpasswd bin/krb5-config +bin/kswitch bin/ksu bin/ktutil bin/kvno @@ -46,7 +47,10 @@ include/kadm5/admin.h include/kadm5/chpass_util_strings.h include/kadm5/kadm_err.h include/kdb.h +include/krb5/preauth_plugin.h include/profile.h +include/verto-module.h +include/verto.h lib/libcom_err.so lib/libcom_err.so.3 lib/libgssapi_krb5.so @@ -62,14 +66,17 @@ lib/libkadm5srv.so lib/libkadm5srv_mit.so lib/libkadm5srv_mit.so.8 lib/libkdb5.so -lib/libkdb5.so.5 +lib/libkdb5.so.6 lib/libkrb5.so lib/libkrb5.so.3 lib/libkrb5support.so lib/libkrb5support.so.0 lib/krb5/plugins/kdb/db2.so -lib/krb5/plugins/preauth/encrypted_challenge.so lib/krb5/plugins/preauth/pkinit.so +lib/libverto-k5ev.so.0 +lib/libverto-k5ev.so +lib/libverto.so.0 +lib/libverto.so sbin/gss-server sbin/kadmin.local sbin/kadmind @@ -89,6 +96,7 @@ share/examples/krb5/kdc.conf share/examples/krb5/krb5.conf share/examples/krb5/services.append share/gnats/mit +share/locale/en_US/LC_MESSAGES/mit-krb5.mo @dirrm lib/krb5/plugins/preauth @dirrm lib/krb5/plugins/libkrb5 @dirrm lib/krb5/plugins/kdb |