Index: security/krb5-115/Makefile =================================================================== --- security/krb5-115/Makefile +++ security/krb5-115/Makefile @@ -3,6 +3,7 @@ PORTNAME= krb5 PORTVERSION= 1.15.1 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ .if !defined(MASTERDIR) @@ -9,7 +10,6 @@ PKGNAMESUFFIX= -115 .endif - PATCH_SITES= http://web.mit.edu/kerberos/advisories/ PATCH_DIST_STRIP= -p2 @@ -18,7 +18,7 @@ LICENSE= MIT -CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-11[0-9]-* +CONFLICTS= heimdal-[0-9]* srp-[0-9]* krb5-11[34]* KERBEROSV_URL= http://web.mit.edu/kerberos/ USE_PERL5= build @@ -25,7 +25,7 @@ USE_LDCONFIG= yes USE_CSTD= gnu99 GNU_CONFIGURE= yes -USES= cpe gettext gmake perl5 libtool:build \ +USES= cpe gmake perl5 libtool:build \ gssapi:bootstrap,mit pkgconfig:run ssl CONFIGURE_ARGS?= --enable-shared --without-system-verto \ --disable-rpath --localstatedir="${PREFIX}/var" @@ -36,14 +36,22 @@ CPE_VERSION= 5-${PORTVERSION} CPE_PRODUCT= kerberos -OPTIONS_DEFINE= KRB5_PDF KRB5_HTML DNS_FOR_REALM LDAP -OPTIONS_DEFAULT= KRB5_PDF KRB5_HTML +OPTIONS_DEFINE= DOCS EXAMPLES NLS DNS_FOR_REALM LDAP +OPTIONS_DEFAULT= READLINE OPTIONS_RADIO= CMD_LINE_EDITING -OPTIONS_RADIO_CMD_LINE_EDITING= READLINE LIBEDIT -KRB5_PDF_DESC= Install krb5 PDF documentation -KRB5_HTML_DESC= Install krb5 HTML documentation +OPTIONS_RADIO_CMD_LINE_EDITING= READLINE READLINE_PORT LIBEDIT +CMD_LINE_EDITING_DESC= Command line editing for kadmin and ktutil DNS_FOR_REALM_DESC= Enable DNS lookups for Kerberos realm names +DNS_FOR_REALM_CONFIGURE_ENABLE= dns-for-realm LDAP= Enable LDAP support +LDAP_USE= OPENLDAP=yes +LDAP_CONFIGURE_WITH= ldap +NLS_USES= gettext +READLINE_USES= readline +READLINE_PORT_DESC= Command line editing via devel/readline +READLINE_PORT_USES= readline:port +LIBEDIT_USES= libedit +LIBEDIT_CONFIGURE_WITH= libedit .if defined(KRB5_HOME) PREFIX= ${KRB5_HOME} @@ -52,6 +60,11 @@ LDFLAGS+= -L${LOCALBASE}/lib -L${OPENSSLLIB} USE_RC_SUBR= kpropd +OPTIONS_SUB= yes +WRKSRC_SUBDIR= src +DOCSRC= ${WRKSRC}/../doc +PORTDOCS= pdf html +PORTEXAMPLES= kdc.conf krb5.conf services.append .include @@ -72,89 +85,31 @@ BROKEN= LIB_DEPENDS when using KRB5_HOME is broken .endif -.if ${PORT_OPTIONS:MDNS_FOR_REALM} -CONFIGURE_ARGS+= --enable-dns-for-realm +.if defined(PROGRAM_TRANSFORM_NAME) && ${PROGRAM_TRANSFORM_NAME} != "" +CONFIGURE_ARGS+= --program-transform-name="${PROGRAM_TRANSFORM_NAME}" .endif -.if ${PORT_OPTIONS:MLDAP} -USE_OPENLDAP= yes -CONFIGURE_ARGS+= --with-ldap -PLIST_SUB+= LDAP="" -.else -PLIST_SUB+= LDAP="@comment " -.endif - +# OPTIONS helper causes conflicting with/without .if ${PORT_OPTIONS:MREADLINE} -USES+= readline CONFIGURE_ARGS+= --with-readline .else CONFIGURE_ARGS+= --without-readline .endif -.if ${PORT_OPTIONS:MLIBEDIT} -USES+= libedit -CONFIGURE_ARGS+= --with-libedit -.else -CONFIGURE_ARGS+= --without-libedit -.endif - -.if defined(PROGRAM_TRANSFORM_NAME) && ${PROGRAM_TRANSFORM_NAME} != "" -CONFIGURE_ARGS+= --program-transform-name="${PROGRAM_TRANSFORM_NAME}" -.endif - -WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/src - -HTML_DOC_DIR= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/doc/html -PDF_DOC_DIR= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/doc/pdf - - .include post-install: - @${MKDIR} ${STAGEDIR}${PREFIX}/share/doc/krb5 -# html documentation -.if ${PORT_OPTIONS:MKRB5_PDF} - pdf_files=`${FIND} ${PDF_DOC_DIR} ! -type d` - pdf_dirs=`${FIND} ${PDF_DOC_DIR} -type d` - for i in $${pdf_dirs}; do \ - ${MKDIR} ${STAGEDIR}${PREFIX}/share/doc/krb5/$${i}; \ - done; \ - for i in $${pdf_files}; do \ - ${INSTALL_MAN} $${pdf} ${PREFIX}/share/doc/krb5/$${i}; \ - ${ECHO_CMD} share/doc/krb5/$${i} >> ${TMPPLIST}; \ - done +# Docs + ${MKDIR} ${STAGEDIR}${DOCSDIR} + cd ${DOCSRC} && ${COPYTREE_SHARE} pdf ${STAGEDIR}${DOCSDIR} "-name *.pdf" + cd ${DOCSRC} && ${COPYTREE_SHARE} html ${STAGEDIR}${DOCSDIR} +# LDAP files +.if ${PORT_OPTIONS:MLDAP} + ${MKDIR} ${STAGEDIR}${DATADIR} + ${INSTALL_DATA} ${WRKSRC}/plugins/kdb/ldap/libkdb_ldap/kerberos.schema \ + ${STAGEDIR}${DATADIR} + ${INSTALL_DATA} ${WRKSRC}/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif \ + ${STAGEDIR}${DATADIR} .endif -.if ${PORT_OPTIONS:MKRB5_HTML} - html_files=`${FIND} ${HTML_DOC_DIR} ! -type d | ${GREP} -v /_sources` - html_dirs=`${FIND} ${HTML_DOC_DIR} -type d | ${GREP} -v /_sources` - for i in $${html_dirs}; do \ - ${MKDIR} ${PREFIX}/share/doc/krb5/$${i}; \ - done; \ - for i in $${html_files}; do \ - ${INSTALL_MAN} $${i} ${PREFIX}/share/doc/krb5/$${i}; \ - ${ECHO_CMD} share/doc/krb5/$${i} >> ${TMPPLIST}; \ - done -.endif -.if ${PORT_OPTIONS:MKRB5_PDF} - for i in $${pdf_dirs}; do \ - ${ECHO_CMD} @dir share/doc/krb5/$${i} >> ${TMPPLIST}; \ - done | ${TAIL} -r >> ${TMPPLIST} -.endif -.if ${PORT_OPTIONS:MKRB5_HTML} - for i in $${html_dirs}; do \ - ${ECHO_CMD} @dir share/doc/krb5/$${i} >> ${TMPPLIST}; \ - done | ${TAIL} -r >> ${TMPPLIST} -.endif - ${ECHO_CMD} @dir share/doc/krb5 >> ${TMPPLIST} - @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR}/README.FreeBSD > ${STAGEDIR}${PREFIX}/share/doc/krb5/README.FreeBSD - @${CHMOD} 444 ${STAGEDIR}${PREFIX}/share/doc/krb5/README.FreeBSD - @${ECHO} "------------------------------------------------------" - @${ECHO} "This port of MIT Kerberos 5 includes remote login " - @${ECHO} "daemons (telnetd and klogind). These daemons default " - @${ECHO} "to using the system login program (/usr/bin/login). " - @${ECHO} "Please see the file " - @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD" - @${ECHO} "for more information. " - @${ECHO} "------------------------------------------------------" .include Index: security/krb5-115/files/README.FreeBSD =================================================================== --- security/krb5-115/files/README.FreeBSD +++ security/krb5-115/files/README.FreeBSD @@ -1,32 +0,0 @@ -The MIT KRB5 port provides its own login program at -${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of -the FreeBSD login.conf and login.access files that provide a means of -setting up and controlling sessions under FreeBSD. To overcome this, -the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide -interactive login password authentication instead of the login.krb5 -program provided by MIT KRB5. The FreeBSD /usr/bin/login program does -not have support for Kerberos V password authentication, -e.g. authentication at the console. The pam_krb5 port must be used to -provide Kerberos V password authentication. - -For more information about pam_krb5, please see pam(8) and pam_krb5(8). - -If you wish to use login.krb5 that is provided by the MIT KRB5 port, -the arguments "-L ${PREFIX}/sbin/login.krb5" must be -specified as arguments to klogind and KRB5 telnetd, e.g. - -klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5 -eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5 -telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5 - -Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead -of the FreeBSD provided /usr/bin/login for local tty logins, -"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g., - -default:\ - :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\ - :if=/etc/issue:\ - :lo=${PREFIX}/sbin/login.krb5: - -It is recommended that the FreeBSD /usr/bin/login be used with the -pam_krb5 port instead of the MIT KRB5 provided login.krb5. Index: security/krb5-115/files/patch-clients__ksu__Makefile.in =================================================================== --- security/krb5-115/files/patch-clients__ksu__Makefile.in +++ security/krb5-115/files/patch-clients__ksu__Makefile.in @@ -1,5 +1,5 @@ ---- clients/ksu/Makefile.in.orig 2014-01-15 16:44:15.000000000 -0800 -+++ clients/ksu/Makefile.in 2014-05-05 20:51:51.925985974 -0700 +--- clients/ksu/Makefile.in.orig 2017-03-02 22:06:02 UTC ++++ clients/ksu/Makefile.in @@ -1,6 +1,6 @@ mydir=clients$(S)ksu BUILDTOP=$(REL)..$(S).. @@ -8,9 +8,9 @@ KSU_LIBS=@KSU_LIBS@ -@@ -30,6 +30,6 @@ +@@ -30,6 +30,6 @@ clean: - install:: + install: -for f in ksu; do \ - $(INSTALL_SETUID) $$f \ + $(INSTALL_PROGRAM) $$f \ Index: security/krb5-115/files/patch-config__pre.in =================================================================== --- security/krb5-115/files/patch-config__pre.in +++ security/krb5-115/files/patch-config__pre.in @@ -1,6 +1,6 @@ ---- config/pre.in.orig 2014-10-15 16:55:10.000000000 -0700 -+++ config/pre.in 2015-02-04 12:43:45.693875606 -0800 -@@ -178,9 +178,9 @@ +--- config/pre.in.orig 2017-03-02 22:06:02 UTC ++++ config/pre.in +@@ -181,9 +181,9 @@ LIBS = @LIBS@ INSTALL=@INSTALL@ INSTALL_STRIP= INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP) @@ -12,7 +12,7 @@ INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755 -o root ## This is needed because autoconf will sometimes define @exec_prefix@ to be ## ${prefix}. -@@ -197,7 +197,7 @@ +@@ -200,7 +200,7 @@ KRB5MANROOT = @mandir@ ADMIN_BINDIR = @sbindir@ SERVER_BINDIR = @sbindir@ CLIENT_BINDIR =@bindir@ Index: security/krb5-115/files/patch-config__shlib.conf =================================================================== --- security/krb5-115/files/patch-config__shlib.conf +++ security/krb5-115/files/patch-config__shlib.conf @@ -1,6 +1,6 @@ ---- config/shlib.conf.orig 2015-05-08 16:27:02.000000000 -0700 -+++ config/shlib.conf 2015-10-20 21:54:39.834348929 -0700 -@@ -320,14 +320,15 @@ +--- config/shlib.conf.orig 2017-03-02 22:06:02 UTC ++++ config/shlib.conf +@@ -320,14 +320,15 @@ mips-*-netbsd*) PICFLAGS=-fpic ;; esac Index: security/krb5-115/files/patch-lib-krb5-os-localaddr.c =================================================================== --- security/krb5-115/files/patch-lib-krb5-os-localaddr.c +++ security/krb5-115/files/patch-lib-krb5-os-localaddr.c @@ -1,6 +1,6 @@ ---- lib/krb5/os/localaddr.c.orig 2009-10-30 20:17:27.000000000 -0700 -+++ lib/krb5/os/localaddr.c 2010-04-19 12:39:56.707090973 -0700 -@@ -175,6 +175,7 @@ +--- lib/krb5/os/localaddr.c.orig 2017-03-02 22:06:02 UTC ++++ lib/krb5/os/localaddr.c +@@ -176,6 +176,7 @@ printaddr(struct sockaddr *sa) } #endif @@ -8,7 +8,7 @@ static int is_loopback_address(struct sockaddr *sa) { -@@ -191,6 +192,7 @@ +@@ -192,6 +193,7 @@ is_loopback_address(struct sockaddr *sa) return 0; } } @@ -16,7 +16,7 @@ #ifdef HAVE_IFADDRS_H #include -@@ -467,12 +469,14 @@ +@@ -462,12 +464,14 @@ foreach_localaddr (/*@null@*/ void *data ifp->ifa_flags &= ~IFF_UP; continue; } @@ -31,7 +31,7 @@ /* If this address is a duplicate, punt. */ match = 0; for (ifp2 = ifp_head; ifp2 && ifp2 != ifp; ifp2 = ifp2->ifa_next) { -@@ -601,11 +605,13 @@ +@@ -596,11 +600,13 @@ foreach_localaddr (/*@null@*/ void *data } /*@=moduncon@*/ @@ -45,7 +45,7 @@ /* Ignore interfaces that are down. */ if ((lifreq.lifr_flags & IFF_UP) == 0) { Tprintf ((" down\n")); -@@ -772,11 +778,13 @@ +@@ -767,11 +773,13 @@ foreach_localaddr (/*@null@*/ void *data } /*@=moduncon@*/ @@ -59,7 +59,7 @@ /* Ignore interfaces that are down. */ if ((lifreq.iflr_flags & IFF_UP) == 0) { Tprintf ((" down\n")); -@@ -987,11 +995,13 @@ +@@ -982,11 +990,13 @@ foreach_localaddr (/*@null@*/ void *data } /*@=moduncon@*/ Index: security/krb5-115/files/patch-lib__gssapi__krb5__import_name.c =================================================================== --- security/krb5-115/files/patch-lib__gssapi__krb5__import_name.c +++ security/krb5-115/files/patch-lib__gssapi__krb5__import_name.c @@ -1,8 +1,8 @@ ---- lib/gssapi/krb5/import_name.c.orig Mon Jul 18 15:12:42 2005 -+++ lib/gssapi/krb5/import_name.c Tue Nov 8 09:53:58 2005 -@@ -33,6 +33,11 @@ +--- lib/gssapi/krb5/import_name.c.orig 2017-03-02 22:06:02 UTC ++++ lib/gssapi/krb5/import_name.c +@@ -32,6 +32,11 @@ + #include #endif - #endif +#include +#if __FreeBSD_version < 500100 Index: security/krb5-115/pkg-plist =================================================================== --- security/krb5-115/pkg-plist +++ security/krb5-115/pkg-plist @@ -157,13 +157,12 @@ sbin/sim_server sbin/sserver sbin/uuserver -share/doc/krb5/README.FreeBSD share/et/et_c.awk share/et/et_h.awk -share/examples/krb5/kdc.conf -share/examples/krb5/krb5.conf -share/examples/krb5/services.append -share/locale/en_US/LC_MESSAGES/mit-krb5.mo +%%NLS%%share/locale/en_US/LC_MESSAGES/mit-krb5.mo +%%LDAP%%%%DATADIR%%/kerberos.schema +%%LDAP%%%%DATADIR%%/kerberos.ldif +%%LDAP%%@dir %%DATADIR%% @dir lib/krb5/plugins/authdata @dir lib/krb5/plugins/libkrb5 @dir var/run/krb5kdc