aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorcy <cy@FreeBSD.org>2014-10-17 03:44:22 +0800
committercy <cy@FreeBSD.org>2014-10-17 03:44:22 +0800
commit8993dcfe053fd434fdbc7aa7a40fb215d5368e51 (patch)
tree3efed35560be113a42a1a507a075ca41a260dea8 /security
parent2db1261c9074c61bb080e6294820463040a5be5d (diff)
downloadfreebsd-ports-gnome-8993dcfe053fd434fdbc7aa7a40fb215d5368e51.tar.gz
freebsd-ports-gnome-8993dcfe053fd434fdbc7aa7a40fb215d5368e51.tar.zst
freebsd-ports-gnome-8993dcfe053fd434fdbc7aa7a40fb215d5368e51.zip
MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release. - Update security/krb5 1.12.2 --> 1.13 - Copy the old security/krb5 1.12.2 to security/krb5-112 (now a maintenance release supported by MIT) - Move the old krb5-maint (1.11.5: old maintenance release) to security/krb5-111 (the old maintenance release still supported by MIT)
Diffstat (limited to 'security')
-rw-r--r--security/Makefile3
-rw-r--r--security/krb5-111/Makefile (renamed from security/krb5-maint/Makefile)4
-rw-r--r--security/krb5-111/distinfo (renamed from security/krb5-maint/distinfo)0
-rw-r--r--security/krb5-111/files/README.FreeBSD (renamed from security/krb5-maint/files/README.FreeBSD)0
-rw-r--r--security/krb5-111/files/patch-clients__ksu__Makefile.in (renamed from security/krb5-maint/files/patch-clients__ksu__Makefile.in)0
-rw-r--r--security/krb5-111/files/patch-config__pre.in (renamed from security/krb5-maint/files/patch-config__pre.in)0
-rw-r--r--security/krb5-111/files/patch-config__shlib.conf (renamed from security/krb5-maint/files/patch-config__shlib.conf)0
-rw-r--r--security/krb5-111/files/patch-lib-apputils-net-server.c (renamed from security/krb5-maint/files/patch-lib-apputils-net-server.c)0
-rw-r--r--security/krb5-111/files/patch-lib-krb5-os-localaddr.c (renamed from security/krb5-maint/files/patch-lib-krb5-os-localaddr.c)0
-rw-r--r--security/krb5-111/files/patch-lib__gssapi__krb5__import_name.c (renamed from security/krb5-maint/files/patch-lib__gssapi__krb5__import_name.c)0
-rw-r--r--security/krb5-111/pkg-descr (renamed from security/krb5-maint/pkg-descr)0
-rw-r--r--security/krb5-111/pkg-plist (renamed from security/krb5-maint/pkg-plist)0
-rw-r--r--security/krb5-112/Makefile145
-rw-r--r--security/krb5-112/distinfo2
-rw-r--r--security/krb5-112/files/README.FreeBSD32
-rw-r--r--security/krb5-112/files/kpropd.in28
-rw-r--r--security/krb5-112/files/patch-clients__ksu__Makefile.in18
-rw-r--r--security/krb5-112/files/patch-config__pre.in11
-rw-r--r--security/krb5-112/files/patch-config__shlib.conf19
-rw-r--r--security/krb5-112/files/patch-lib-apputils-net-server.c (renamed from security/krb5/files/patch-lib-apputils-net-server.c)0
-rw-r--r--security/krb5-112/files/patch-lib-krb5-os-localaddr.c75
-rw-r--r--security/krb5-112/files/patch-lib__gssapi__krb5__import_name.c14
-rw-r--r--security/krb5-112/pkg-descr24
-rw-r--r--security/krb5-112/pkg-plist173
-rw-r--r--security/krb5/Makefile4
-rw-r--r--security/krb5/distinfo4
-rw-r--r--security/krb5/files/patch-lib__krb5__ccache__kcm.c11
-rw-r--r--security/krb5/pkg-plist7
28 files changed, 563 insertions, 11 deletions
diff --git a/security/Makefile b/security/Makefile
index 46a7b122b350..62249ffc3626 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -247,8 +247,9 @@
SUBDIR += kpcli
SUBDIR += kqoauth
SUBDIR += krb5
+ SUBDIR += krb5-111
+ SUBDIR += krb5-112
SUBDIR += krb5-appl
- SUBDIR += krb5-maint
SUBDIR += kripp
SUBDIR += kwalletmanager
SUBDIR += l0pht-watch
diff --git a/security/krb5-maint/Makefile b/security/krb5-111/Makefile
index 562d1b3868ae..736fd31c2c68 100644
--- a/security/krb5-maint/Makefile
+++ b/security/krb5-111/Makefile
@@ -1,7 +1,7 @@
# Created by: nectar@FreeBSD.org
# $FreeBSD$
-PORTNAME= krb5-maint
+PORTNAME= krb5--111
PORTVERSION= 1.11.5
PORTREVISION= 3
CATEGORIES= security
@@ -19,7 +19,7 @@ LICENSE= MIT
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
-CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-[0-9]*
+CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-[0-9]* krb5-maint-112-*
KERBEROSV_URL= http://web.mit.edu/kerberos/
USES= gettext gmake perl5
diff --git a/security/krb5-maint/distinfo b/security/krb5-111/distinfo
index c56a114c57ad..c56a114c57ad 100644
--- a/security/krb5-maint/distinfo
+++ b/security/krb5-111/distinfo
diff --git a/security/krb5-maint/files/README.FreeBSD b/security/krb5-111/files/README.FreeBSD
index e888e689eb04..e888e689eb04 100644
--- a/security/krb5-maint/files/README.FreeBSD
+++ b/security/krb5-111/files/README.FreeBSD
diff --git a/security/krb5-maint/files/patch-clients__ksu__Makefile.in b/security/krb5-111/files/patch-clients__ksu__Makefile.in
index e86eb930d129..e86eb930d129 100644
--- a/security/krb5-maint/files/patch-clients__ksu__Makefile.in
+++ b/security/krb5-111/files/patch-clients__ksu__Makefile.in
diff --git a/security/krb5-maint/files/patch-config__pre.in b/security/krb5-111/files/patch-config__pre.in
index bdd183e98ad4..bdd183e98ad4 100644
--- a/security/krb5-maint/files/patch-config__pre.in
+++ b/security/krb5-111/files/patch-config__pre.in
diff --git a/security/krb5-maint/files/patch-config__shlib.conf b/security/krb5-111/files/patch-config__shlib.conf
index 05983c9ad8e3..05983c9ad8e3 100644
--- a/security/krb5-maint/files/patch-config__shlib.conf
+++ b/security/krb5-111/files/patch-config__shlib.conf
diff --git a/security/krb5-maint/files/patch-lib-apputils-net-server.c b/security/krb5-111/files/patch-lib-apputils-net-server.c
index 01d029809636..01d029809636 100644
--- a/security/krb5-maint/files/patch-lib-apputils-net-server.c
+++ b/security/krb5-111/files/patch-lib-apputils-net-server.c
diff --git a/security/krb5-maint/files/patch-lib-krb5-os-localaddr.c b/security/krb5-111/files/patch-lib-krb5-os-localaddr.c
index 06b6043f22c9..06b6043f22c9 100644
--- a/security/krb5-maint/files/patch-lib-krb5-os-localaddr.c
+++ b/security/krb5-111/files/patch-lib-krb5-os-localaddr.c
diff --git a/security/krb5-maint/files/patch-lib__gssapi__krb5__import_name.c b/security/krb5-111/files/patch-lib__gssapi__krb5__import_name.c
index 40f116af2196..40f116af2196 100644
--- a/security/krb5-maint/files/patch-lib__gssapi__krb5__import_name.c
+++ b/security/krb5-111/files/patch-lib__gssapi__krb5__import_name.c
diff --git a/security/krb5-maint/pkg-descr b/security/krb5-111/pkg-descr
index d11e2e6d1c15..d11e2e6d1c15 100644
--- a/security/krb5-maint/pkg-descr
+++ b/security/krb5-111/pkg-descr
diff --git a/security/krb5-maint/pkg-plist b/security/krb5-111/pkg-plist
index 14dcef45452d..14dcef45452d 100644
--- a/security/krb5-maint/pkg-plist
+++ b/security/krb5-111/pkg-plist
diff --git a/security/krb5-112/Makefile b/security/krb5-112/Makefile
new file mode 100644
index 000000000000..0c49bdabfa31
--- /dev/null
+++ b/security/krb5-112/Makefile
@@ -0,0 +1,145 @@
+# Created by: nectar@FreeBSD.org
+# $FreeBSD$
+
+PORTNAME= krb5-112
+PORTVERSION= 1.12.2
+CATEGORIES= security
+MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
+DISTNAME= ${PORTNAME}-${PORTVERSION}-signed
+EXTRACT_SUFX= .tar
+
+PATCH_SITES= http://web.mit.edu/kerberos/advisories/
+PATCH_DIST_STRIP= -p2
+
+MAINTAINER= cy@FreeBSD.org
+COMMENT= Authentication system developed at MIT, successor to Kerberos IV
+
+LICENSE= MIT
+
+BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
+
+CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-[0-9]* krb5-maint-111-*
+
+LATEST_LINK= ${PORTNAME}-19
+KERBEROSV_URL= http://web.mit.edu/kerberos/
+USE_PERL5= build
+USE_LDCONFIG= yes
+USE_CSTD= gnu99
+GNU_CONFIGURE= yes
+USES= gettext gmake perl5 libtool:build
+CONFIGURE_ARGS?= --enable-shared --without-system-verto
+CONFIGURE_ENV= INSTALL="${INSTALL}" YACC="${YACC}"
+MAKE_ARGS= INSTALL="${INSTALL}"
+
+OPTIONS_DEFINE= KRB5_PDF KRB5_HTML DNS_FOR_REALM LDAP READLINE
+OPTIONS_DEFAULT= KRB5_PDF KRB5_HTML
+KRB5_PDF_DESC= Install krb5 PDF documentation
+KRB5_HTML_DESC= Install krb5 HTML documentation
+DNS_FOR_REALM_DESC= Enable DNS lookups for Kerberos realm names
+LDAP= Enable LDAP support
+
+.if defined(KRB5_HOME)
+PREFIX= ${KRB5_HOME}
+CFLAGS+= -Wl,-rpath=${KRB5_HOME}/lib
+LDFLAGS+= -Wl,-rpath=${KRB5_HOME}/lib
+.endif
+LDFLAGS+= -L${LOCALBASE}/lib
+CFLAGS+= -I${LOCALBASE}/include
+
+USE_OPENSSL= yes
+USE_RC_SUBR= kpropd
+
+.include <bsd.port.pre.mk>
+
+.if defined(KRB5_HOME) && ${KRB5_HOME} != ${LOCALBASE}
+BROKEN= LIB_DEPENDS when using KRB5_HOME is broken
+.endif
+
+.if ${PORT_OPTIONS:MDNS_FOR_REALM}
+CONFIGURE_ARGS+= --enable-dns-for-realm
+.endif
+
+.if ${PORT_OPTIONS:MLDAP}
+USE_OPENLDAP= yes
+CONFIGURE_ARGS+= --with-ldap
+PLIST_SUB+= LDAP=""
+.else
+PLIST_SUB+= LDAP="@comment "
+.endif
+
+.if ${PORT_OPTIONS:MREADLINE}
+USES+= readline:port
+CONFIGURE_ARGS+= --with-readline
+.endif
+
+.include "${PORTSDIR}/Mk/bsd.openssl.mk"
+
+.if defined(PROGRAM_TRANSFORM_NAME) && ${PROGRAM_TRANSFORM_NAME} != ""
+CONFIGURE_ARGS+= --program-transform-name="${PROGRAM_TRANSFORM_NAME}"
+.endif
+
+WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/src
+
+HTML_DOC_DIR= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/doc/html
+PDF_DOC_DIR= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/doc/pdf
+
+CONFIGURE_ARGS+= CPPFLAGS="-I${OPENSSLINC} -L${OPENSSLLIB} -L${LOCALBASE}/include"
+
+post-extract:
+ @${TAR} -C ${WRKDIR} -xzf ${WRKDIR}/${PORTNAME}-${PORTVERSION}.tar.gz
+ @${RM} ${WRKDIR}/${PORTNAME}-${PORTVERSION}.tar.gz ${WRKDIR}/${PORTNAME}-${PORTVERSION}.tar.gz.asc
+.if !defined(EXTRACT_PRESERVE_OWNERSHIP)
+ @if [ `id -u` = 0 ]; then \
+ ${CHMOD} -R ug-s,go-w ${WRKDIR}/${PORTNAME}-${PORTVERSION}; \
+ ${CHOWN} -R 0:0 ${WRKDIR}/${PORTNAME}-${PORTVERSION}; \
+ fi
+.endif
+
+post-install:
+ @${MKDIR} ${STAGEDIR}${PREFIX}/share/doc/krb5
+# html documentation
+.if ${PORT_OPTIONS:MKRB5_PDF}
+ pdf_files=`${FIND} ${PDF_DOC_DIR} ! -type d`
+ pdf_dirs=`${FIND} ${PDF_DOC_DIR} -type d`
+ for i in $${pdf_dirs}; do \
+ ${MKDIR} ${STAGEDIR}${PREFIX}/share/doc/krb5/$${i}; \
+ done; \
+ for i in $${pdf_files}; do \
+ ${INSTALL_MAN} $${pdf} ${PREFIX}/share/doc/krb5/$${i}; \
+ ${ECHO_CMD} share/doc/krb5/$${i} >> ${TMPPLIST}; \
+ done
+.endif
+.if ${PORT_OPTIONS:MKRB5_HTML}
+ html_files=`${FIND} ${HTML_DOC_DIR} ! -type d | ${GREP} -v /_sources`
+ html_dirs=`${FIND} ${HTML_DOC_DIR} -type d | ${GREP} -v /_sources`
+ for i in $${html_dirs}; do \
+ ${MKDIR} ${PREFIX}/share/doc/krb5/$${i}; \
+ done; \
+ for i in $${html_files}; do \
+ ${INSTALL_MAN} $${i} ${PREFIX}/share/doc/krb5/$${i}; \
+ ${ECHO_CMD} share/doc/krb5/$${i} >> ${TMPPLIST}; \
+ done
+.endif
+.if ${PORT_OPTIONS:MKRB5_PDF}
+ for i in $${pdf_dirs}; do \
+ ${ECHO_CMD} @dirrm share/doc/krb5/$${i} >> ${TMPPLIST}; \
+ done | ${TAIL} -r >> ${TMPPLIST}
+.endif
+.if ${PORT_OPTIONS:MKRB5_HTML}
+ for i in $${html_dirs}; do \
+ ${ECHO_CMD} @dirrm share/doc/krb5/$${i} >> ${TMPPLIST}; \
+ done | ${TAIL} -r >> ${TMPPLIST}
+.endif
+ ${ECHO_CMD} @dirrm share/doc/krb5 >> ${TMPPLIST}
+ @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR}/README.FreeBSD > ${STAGEDIR}${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${CHMOD} 444 ${STAGEDIR}${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "This port of MIT Kerberos 5 includes remote login "
+ @${ECHO} "daemons (telnetd and klogind). These daemons default "
+ @${ECHO} "to using the system login program (/usr/bin/login). "
+ @${ECHO} "Please see the file "
+ @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
+ @${ECHO} "for more information. "
+ @${ECHO} "------------------------------------------------------"
+
+.include <bsd.port.post.mk>
diff --git a/security/krb5-112/distinfo b/security/krb5-112/distinfo
new file mode 100644
index 000000000000..964947a9eaf8
--- /dev/null
+++ b/security/krb5-112/distinfo
@@ -0,0 +1,2 @@
+SHA256 (krb5-1.12.2-signed.tar) = 09bd180107b5c2b3b7378c57c023fb02a103d4cac39d6f2dd600275d7a4f3744
+SIZE (krb5-1.12.2-signed.tar) = 11991040
diff --git a/security/krb5-112/files/README.FreeBSD b/security/krb5-112/files/README.FreeBSD
new file mode 100644
index 000000000000..e888e689eb04
--- /dev/null
+++ b/security/krb5-112/files/README.FreeBSD
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
diff --git a/security/krb5-112/files/kpropd.in b/security/krb5-112/files/kpropd.in
new file mode 100644
index 000000000000..faa27dc7dbba
--- /dev/null
+++ b/security/krb5-112/files/kpropd.in
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# $FreeBSD$
+#
+# PROVIDE: kpropd
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# kpropd_enable (bool): Set to NO by default.
+# Set it to YES to enable kpropd.
+# kpropd_flags (str): Set to "" by default.
+
+. /etc/rc.subr
+
+name=kpropd
+rcvar=kpropd_enable
+
+load_rc_config $name
+
+: ${kpropd_enable:="NO"}
+: ${kpropd_flags=""}
+
+command=%%PREFIX%%/sbin/${name}
+
+run_rc_command "$1"
diff --git a/security/krb5-112/files/patch-clients__ksu__Makefile.in b/security/krb5-112/files/patch-clients__ksu__Makefile.in
new file mode 100644
index 000000000000..7ec54abdc076
--- /dev/null
+++ b/security/krb5-112/files/patch-clients__ksu__Makefile.in
@@ -0,0 +1,18 @@
+--- clients/ksu/Makefile.in.orig 2014-01-15 16:44:15.000000000 -0800
++++ clients/ksu/Makefile.in 2014-05-05 20:51:51.925985974 -0700
+@@ -1,6 +1,6 @@
+ mydir=clients$(S)ksu
+ BUILDTOP=$(REL)..$(S)..
+-DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"'
++DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/bin /bin /usr/sbin /sbin"' -DDEBUG
+
+ KSU_LIBS=@KSU_LIBS@
+
+@@ -30,6 +30,6 @@
+
+ install::
+ -for f in ksu; do \
+- $(INSTALL_SETUID) $$f \
++ $(INSTALL_PROGRAM) $$f \
+ $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \
+ done
diff --git a/security/krb5-112/files/patch-config__pre.in b/security/krb5-112/files/patch-config__pre.in
new file mode 100644
index 000000000000..bdd183e98ad4
--- /dev/null
+++ b/security/krb5-112/files/patch-config__pre.in
@@ -0,0 +1,11 @@
+--- config/pre.in.orig Fri Nov 19 13:47:51 2004
++++ config/pre.in Thu Jan 27 17:43:12 2005
+@@ -177,7 +177,7 @@
+ INSTALL=@INSTALL@
+ INSTALL_STRIP=
+ INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP)
+-INSTALL_SCRIPT=@INSTALL_PROGRAM@
++INSTALL_SCRIPT=@INSTALL_SCRIPT@
+ INSTALL_DATA=@INSTALL_DATA@
+ INSTALL_SHLIB=@INSTALL_SHLIB@
+ INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755 -o root
diff --git a/security/krb5-112/files/patch-config__shlib.conf b/security/krb5-112/files/patch-config__shlib.conf
new file mode 100644
index 000000000000..805e56e91e7f
--- /dev/null
+++ b/security/krb5-112/files/patch-config__shlib.conf
@@ -0,0 +1,19 @@
+--- config/shlib.conf.orig 2013-12-10 14:49:15.000000000 -0800
++++ config/shlib.conf 2013-12-11 12:58:51.983110392 -0800
+@@ -315,13 +315,13 @@
+ ;;
+ esac
+ SHLIBVEXT='.so.$(LIBMAJOR)'
+- RPATH_FLAG='-Wl,--enable-new-dtags -Wl,-rpath -Wl,'
++ LDCOMBINE="libtool --mode=link cc -Xcompiler -shared"
++ RPATH_FLAG='-Wl,-rpath -Wl,'
+ PROG_RPATH_FLAGS='$(RPATH_FLAG)$(PROG_RPATH)'
+ CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) $(PROG_RPATH_FLAGS) $(CFLAGS) $(LDFLAGS)'
+ CXX_LINK_SHARED='$(CXX) $(PROG_LIBPATH) $(PROG_RPATH_FLAGS) $(CXXFLAGS) $(LDFLAGS)'
+ SHLIBEXT=.so
+- LDCOMBINE='ld -Bshareable'
+- SHLIB_RPATH_FLAGS='--enable-new-dtags -rpath $(SHLIB_RDIRS)'
++ SHLIB_RPATH_FLAGS='-rpath $(SHLIB_RDIRS)'
+ SHLIB_EXPFLAGS='$(SHLIB_RPATH_FLAGS) $(SHLIB_DIRS) $(SHLIB_EXPLIBS)'
+ CC_LINK_STATIC='$(CC) $(PROG_LIBPATH) $(CFLAGS) $(LDFLAGS)'
+ CXX_LINK_STATIC='$(CXX) $(PROG_LIBPATH) $(CXXFLAGS) $(LDFLAGS)'
diff --git a/security/krb5/files/patch-lib-apputils-net-server.c b/security/krb5-112/files/patch-lib-apputils-net-server.c
index b4fbf4a5655c..b4fbf4a5655c 100644
--- a/security/krb5/files/patch-lib-apputils-net-server.c
+++ b/security/krb5-112/files/patch-lib-apputils-net-server.c
diff --git a/security/krb5-112/files/patch-lib-krb5-os-localaddr.c b/security/krb5-112/files/patch-lib-krb5-os-localaddr.c
new file mode 100644
index 000000000000..06b6043f22c9
--- /dev/null
+++ b/security/krb5-112/files/patch-lib-krb5-os-localaddr.c
@@ -0,0 +1,75 @@
+--- lib/krb5/os/localaddr.c.orig 2009-10-30 20:17:27.000000000 -0700
++++ lib/krb5/os/localaddr.c 2010-04-19 12:39:56.707090973 -0700
+@@ -175,6 +175,7 @@
+ }
+ #endif
+
++#if 0
+ static int
+ is_loopback_address(struct sockaddr *sa)
+ {
+@@ -191,6 +192,7 @@
+ return 0;
+ }
+ }
++#endif
+
+ #ifdef HAVE_IFADDRS_H
+ #include <ifaddrs.h>
+@@ -467,12 +469,14 @@
+ ifp->ifa_flags &= ~IFF_UP;
+ continue;
+ }
++#if 0
+ if (is_loopback_address(ifp->ifa_addr)) {
+ /* Pretend it's not up, so the second pass will skip
+ it. */
+ ifp->ifa_flags &= ~IFF_UP;
+ continue;
+ }
++#endif
+ /* If this address is a duplicate, punt. */
+ match = 0;
+ for (ifp2 = ifp_head; ifp2 && ifp2 != ifp; ifp2 = ifp2->ifa_next) {
+@@ -601,11 +605,13 @@
+ }
+ /*@=moduncon@*/
+
++#if 0
+ /* None of the current callers want loopback addresses. */
+ if (is_loopback_address((struct sockaddr *)&lifr->lifr_addr)) {
+ Tprintf ((" loopback\n"));
+ goto skip;
+ }
++#endif
+ /* Ignore interfaces that are down. */
+ if ((lifreq.lifr_flags & IFF_UP) == 0) {
+ Tprintf ((" down\n"));
+@@ -772,11 +778,13 @@
+ }
+ /*@=moduncon@*/
+
++#if 0
+ /* None of the current callers want loopback addresses. */
+ if (is_loopback_address(&lifr->iflr_addr)) {
+ Tprintf ((" loopback\n"));
+ goto skip;
+ }
++#endif
+ /* Ignore interfaces that are down. */
+ if ((lifreq.iflr_flags & IFF_UP) == 0) {
+ Tprintf ((" down\n"));
+@@ -987,11 +995,13 @@
+ }
+ /*@=moduncon@*/
+
++#if 0
+ /* None of the current callers want loopback addresses. */
+ if (is_loopback_address(&ifreq.ifr_addr)) {
+ Tprintf ((" loopback\n"));
+ goto skip;
+ }
++#endif
+ /* Ignore interfaces that are down. */
+ if ((ifreq.ifr_flags & IFF_UP) == 0) {
+ Tprintf ((" down\n"));
diff --git a/security/krb5-112/files/patch-lib__gssapi__krb5__import_name.c b/security/krb5-112/files/patch-lib__gssapi__krb5__import_name.c
new file mode 100644
index 000000000000..40f116af2196
--- /dev/null
+++ b/security/krb5-112/files/patch-lib__gssapi__krb5__import_name.c
@@ -0,0 +1,14 @@
+--- lib/gssapi/krb5/import_name.c.orig Mon Jul 18 15:12:42 2005
++++ lib/gssapi/krb5/import_name.c Tue Nov 8 09:53:58 2005
+@@ -33,6 +33,11 @@
+ #endif
+ #endif
+
++#include <sys/param.h>
++#if __FreeBSD_version < 500100
++#include <stdio.h>
++#endif
++
+ #ifdef HAVE_STRING_H
+ #include <string.h>
+ #else
diff --git a/security/krb5-112/pkg-descr b/security/krb5-112/pkg-descr
new file mode 100644
index 000000000000..d11e2e6d1c15
--- /dev/null
+++ b/security/krb5-112/pkg-descr
@@ -0,0 +1,24 @@
+Kerberos V5 is an authentication system developed at MIT.
+WWW: http://web.mit.edu/kerberos/
+
+Abridged from the User Guide:
+ Under Kerberos, a client sends a request for a ticket to the
+ Key Distribution Center (KDC). The KDC creates a ticket-granting
+ ticket (TGT) for the client, encrypts it using the client's
+ password as the key, and sends the encrypted TGT back to the
+ client. The client then attempts to decrypt the TGT, using
+ its password. If the client successfully decrypts the TGT, it
+ keeps the decrypted TGT, which indicates proof of the client's
+ identity. The TGT permits the client to obtain additional tickets,
+ which give permission for specific services.
+ Since Kerberos negotiates authenticated, and optionally encrypted,
+ communications between two points anywhere on the internet, it
+ provides a layer of security that is not dependent on which side of a
+ firewall either client is on.
+ The Kerberos V5 package is designed to be easy to use. Most of the
+ commands are nearly identical to UNIX network programs you are already
+ used to. Kerberos V5 is a single-sign-on system, which means that you
+ have to type your password only once per session, and Kerberos does
+ the authenticating and encrypting transparently.
+
+Jacques Vidrine <n@nectar.com>
diff --git a/security/krb5-112/pkg-plist b/security/krb5-112/pkg-plist
new file mode 100644
index 000000000000..95f61efd08d7
--- /dev/null
+++ b/security/krb5-112/pkg-plist
@@ -0,0 +1,173 @@
+bin/compile_et
+bin/gss-client
+bin/k5srvutil
+bin/kadmin
+bin/kdestroy
+bin/kinit
+bin/klist
+bin/kpasswd
+bin/krb5-config
+@mode 04755
+@owner root
+@group wheel
+bin/ksu
+@mode
+@owner root
+@group wheel
+bin/kswitch
+bin/ktutil
+bin/kvno
+bin/sclient
+bin/sim_client
+bin/uuclient
+include/com_err.h
+include/gssapi.h
+include/gssapi/gssapi.h
+include/gssapi/gssapi_ext.h
+include/gssapi/gssapi_generic.h
+include/gssapi/gssapi_krb5.h
+include/gssapi/mechglue.h
+include/gssrpc/auth.h
+include/gssrpc/auth_gss.h
+include/gssrpc/auth_gssapi.h
+include/gssrpc/auth_unix.h
+include/gssrpc/clnt.h
+include/gssrpc/netdb.h
+include/gssrpc/pmap_clnt.h
+include/gssrpc/pmap_prot.h
+include/gssrpc/pmap_rmt.h
+include/gssrpc/rename.h
+include/gssrpc/rpc.h
+include/gssrpc/rpc_msg.h
+include/gssrpc/svc.h
+include/gssrpc/svc_auth.h
+include/gssrpc/types.h
+include/gssrpc/xdr.h
+include/krad.h
+include/krb5.h
+include/krb5/ccselect_plugin.h
+include/krb5/clpreauth_plugin.h
+include/krb5/hostrealm_plugin.h
+include/krb5/kadm5_hook_plugin.h
+include/krb5/kdcpreauth_plugin.h
+include/krb5/localauth_plugin.h
+include/krb5/krb5.h
+include/krb5/locate_plugin.h
+include/krb5/plugin.h
+include/krb5/pwqual_plugin.h
+include/kadm5/admin.h
+include/kadm5/chpass_util_strings.h
+include/kadm5/kadm_err.h
+include/kdb.h
+include/krb5/preauth_plugin.h
+include/profile.h
+include/verto-module.h
+include/verto.h
+lib/libcom_err.so
+lib/libcom_err.so.3
+lib/libgssapi_krb5.so
+lib/libgssapi_krb5.so.2
+lib/libgssrpc.so
+lib/libgssrpc.so.4
+lib/libk5crypto.so
+lib/libk5crypto.so.3
+lib/libkadm5clnt.so
+lib/libkadm5clnt_mit.so
+lib/libkadm5clnt_mit.so.9
+lib/libkadm5srv.so
+lib/libkadm5srv_mit.so
+lib/libkadm5srv_mit.so.9
+lib/libkdb5.so
+lib/libkdb5.so.7
+lib/libkrb5.so
+lib/libkrb5.so.3
+lib/libkrb5support.so
+lib/libkrb5support.so.0
+lib/krb5/plugins/kdb/db2.so
+%%LDAP%%lib/krb5/plugins/kdb/kldap.so
+lib/krb5/plugins/preauth/otp.so
+lib/krb5/plugins/preauth/pkinit.so
+%%LDAP%%lib/libkdb_ldap.so
+%%LDAP%%lib/libkdb_ldap.so.1
+lib/libkrad.so
+lib/libkrad.so.0
+lib/libverto.so.0
+lib/libverto.so
+lib/pkgconfig/gssrpc.pc
+lib/pkgconfig/kadm-client.pc
+lib/pkgconfig/kadm-server.pc
+lib/pkgconfig/kdb.pc
+lib/pkgconfig/krb5-gssapi.pc
+lib/pkgconfig/krb5.pc
+lib/pkgconfig/mit-krb5-gssapi.pc
+lib/pkgconfig/mit-krb5.pc
+man/man1/k5srvutil.1.gz
+man/man1/kadmin.1.gz
+man/man1/krb5-config.1.gz
+man/man1/krb5-send-pr.1.gz
+man/man1/kpasswd.1.gz
+man/man1/klist.1.gz
+man/man1/kinit.1.gz
+man/man1/kdestroy.1.gz
+man/man1/kswitch.1.gz
+man/man1/ksu.1.gz
+man/man1/ktutil.1.gz
+man/man1/sclient.1.gz
+man/man1/kvno.1.gz
+man/man1/compile_et.1.gz
+man/man5/kadm5.acl.5.gz
+man/man5/kdc.conf.5.gz
+man/man5/krb5.conf.5.gz
+man/man5/.k5identity.5.gz
+man/man5/.k5login.5.gz
+man/man5/k5identity.5.gz
+man/man5/k5login.5.gz
+man/man8/krb5kdc.8.gz
+man/man8/kadmin.local.8.gz
+man/man8/kdb5_ldap_util.8.gz
+man/man8/kdb5_util.8.gz
+man/man8/kadmind.8.gz
+man/man8/kprop.8.gz
+man/man8/kpropd.8.gz
+man/man8/kproplog.8.gz
+man/man8/sserver.8.gz
+sbin/gss-server
+sbin/kadmin.local
+sbin/kadmind
+%%LDAP%%sbin/kdb5_ldap_util
+sbin/kdb5_util
+sbin/kprop
+sbin/kpropd
+sbin/kproplog
+sbin/krb5-send-pr
+sbin/krb5kdc
+sbin/sim_server
+sbin/sserver
+sbin/uuserver
+share/doc/krb5/README.FreeBSD
+share/et/et_c.awk
+share/et/et_h.awk
+share/examples/krb5/kdc.conf
+share/examples/krb5/krb5.conf
+share/examples/krb5/services.append
+share/gnats/mit
+share/locale/en_US/LC_MESSAGES/mit-krb5.mo
+@exec mkdir -p %D/var/krb5kdc
+@dirrmtry var/krb5kdc
+@dirrmtry var
+@dirrmtry share/locale/en_US/LC_MESSAGES
+@dirrmtry share/locale/en_US
+@dirrm lib/pkgconfig
+@dirrm lib/krb5/plugins/preauth
+@dirrm lib/krb5/plugins/libkrb5
+@dirrm lib/krb5/plugins/kdb
+@dirrm lib/krb5/plugins/authdata
+@dirrm lib/krb5/plugins
+@dirrm lib/krb5
+@dirrm include/gssapi
+@dirrm include/gssrpc
+@dirrm include/krb5
+@dirrm include/kadm5
+@dirrm share/et
+@dirrmtry share/gnats
+@dirrm share/examples/krb5
diff --git a/security/krb5/Makefile b/security/krb5/Makefile
index 28cf6403c062..142c910a67d2 100644
--- a/security/krb5/Makefile
+++ b/security/krb5/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= krb5
-PORTVERSION= 1.12.2
+PORTVERSION= 1.13
CATEGORIES= security
MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
DISTNAME= ${PORTNAME}-${PORTVERSION}-signed
@@ -18,7 +18,7 @@ LICENSE= MIT
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
-CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-maint-[0-9]*
+CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-maint-11[0-9]-[0-9]*
LATEST_LINK= ${PORTNAME}-19
KERBEROSV_URL= http://web.mit.edu/kerberos/
diff --git a/security/krb5/distinfo b/security/krb5/distinfo
index 964947a9eaf8..89e5f8d20756 100644
--- a/security/krb5/distinfo
+++ b/security/krb5/distinfo
@@ -1,2 +1,2 @@
-SHA256 (krb5-1.12.2-signed.tar) = 09bd180107b5c2b3b7378c57c023fb02a103d4cac39d6f2dd600275d7a4f3744
-SIZE (krb5-1.12.2-signed.tar) = 11991040
+SHA256 (krb5-1.13-signed.tar) = dc8f79ae9ab777d0f815e84ed02ac4ccfe3d5826eb4947a195dfce9fd95a9582
+SIZE (krb5-1.13-signed.tar) = 12083200
diff --git a/security/krb5/files/patch-lib__krb5__ccache__kcm.c b/security/krb5/files/patch-lib__krb5__ccache__kcm.c
new file mode 100644
index 000000000000..931d821ff783
--- /dev/null
+++ b/security/krb5/files/patch-lib__krb5__ccache__kcm.c
@@ -0,0 +1,11 @@
+--- lib/krb5/ccache/cc_kcm.c.orig 2014-10-15 16:55:10.000000000 -0700
++++ lib/krb5/ccache/cc_kcm.c 2014-10-16 00:04:30.312921884 -0700
+@@ -377,7 +377,7 @@
+ kcmio_call(krb5_context context, struct kcmio *io, struct kcmreq *req)
+ {
+ krb5_error_code ret;
+- size_t reply_len;
++ size_t reply_len = 0; /* XXX Make clang happy */
+
+ if (k5_buf_status(&req->reqbuf) != 0)
+ return ENOMEM;
diff --git a/security/krb5/pkg-plist b/security/krb5/pkg-plist
index 95f61efd08d7..ab2b5fc28ce7 100644
--- a/security/krb5/pkg-plist
+++ b/security/krb5/pkg-plist
@@ -78,12 +78,13 @@ lib/libkadm5srv.so
lib/libkadm5srv_mit.so
lib/libkadm5srv_mit.so.9
lib/libkdb5.so
-lib/libkdb5.so.7
+lib/libkdb5.so.8
lib/libkrb5.so
lib/libkrb5.so.3
lib/libkrb5support.so
lib/libkrb5support.so.0
lib/krb5/plugins/kdb/db2.so
+lib/krb5/plugins/tls/k5tls.so
%%LDAP%%lib/krb5/plugins/kdb/kldap.so
lib/krb5/plugins/preauth/otp.so
lib/krb5/plugins/preauth/pkinit.so
@@ -104,7 +105,6 @@ lib/pkgconfig/mit-krb5.pc
man/man1/k5srvutil.1.gz
man/man1/kadmin.1.gz
man/man1/krb5-config.1.gz
-man/man1/krb5-send-pr.1.gz
man/man1/kpasswd.1.gz
man/man1/klist.1.gz
man/man1/kinit.1.gz
@@ -150,7 +150,6 @@ share/et/et_h.awk
share/examples/krb5/kdc.conf
share/examples/krb5/krb5.conf
share/examples/krb5/services.append
-share/gnats/mit
share/locale/en_US/LC_MESSAGES/mit-krb5.mo
@exec mkdir -p %D/var/krb5kdc
@dirrmtry var/krb5kdc
@@ -158,6 +157,7 @@ share/locale/en_US/LC_MESSAGES/mit-krb5.mo
@dirrmtry share/locale/en_US/LC_MESSAGES
@dirrmtry share/locale/en_US
@dirrm lib/pkgconfig
+@dirrm lib/krb5/plugins/tls
@dirrm lib/krb5/plugins/preauth
@dirrm lib/krb5/plugins/libkrb5
@dirrm lib/krb5/plugins/kdb
@@ -169,5 +169,4 @@ share/locale/en_US/LC_MESSAGES/mit-krb5.mo
@dirrm include/krb5
@dirrm include/kadm5
@dirrm share/et
-@dirrmtry share/gnats
@dirrm share/examples/krb5