Date: Fri, 10 Feb 2012 00:54:45 -0800 From: Ansar Mohammed <ansarm@gmail.com> To: Rick Macklem <rmacklem@uoguelph.ca> Cc: freebsd-hackers@freebsd.org, Benjamin Kaduk <kaduk@mit.edu> Subject: Re: Kerberos and FreeBSD Message-ID: <CAOO1MfubjpOqAs2_BNoGD=3ji_nMTuGMv6U9m1A%2BghGK5W5psw@mail.gmail.com> In-Reply-To: <487167524.1045003.1328751695510.JavaMail.root@erie.cs.uoguelph.ca> References: <alpine.GSO.1.10.1202081139340.882@multics.mit.edu> <487167524.1045003.1328751695510.JavaMail.root@erie.cs.uoguelph.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the feedback. I built world and disabled Kerberos in src.conf. I will just install Heimdal via ports now. There seems to be alot of other rather old bits of software in a default installation. I noticed some old digiboard utility in a base 9.0 build. On Wed, Feb 8, 2012 at 5:41 PM, Rick Macklem <rmacklem@uoguelph.ca> wrote: > Benjamin Kaduk wrote: >> On Wed, 8 Feb 2012, Ansar Mohammed wrote: >> >> > Hello All, >> > Is the port of Heimdal on FreeBSD being maintained? The version that >> > ships with 9.0 seems a bit old. >> > >> > #> /usr/libexec/kdc-v >> > kdc (Heimdal 1.1.0) >> > Copyright 1995-2008 Kungliga Tekniska H=F6gskolan >> > Send bug-reports to heimdal-bugs@h5l.org >> >> My understanding is that every five years or so, someone becomes fed >> up >> enough with the staleness of the "current" version and puts in the >> effort >> to merge in a newer version. >> It looks like 3 years ago, dfr brought in that Heimdal 1.1 you see, to >> replace the Heimdal 0.6 that nectar brought in 8 years ago. >> I don't know of anyone with active plans to bring in a new version, at >> present. >> >> -Ben Kaduk >> > I think it's a little trickier than it sounds. The Kerberos in FreeBSD > isn't vanilla Heimdal 1.1, but a somewhat modified variant. > > Heimdal libraries have a separate source file for each function, plus > a source file that defines all global storage used by functions in the > library. > One difference w.r.t. the FreeBSD variant that I am aware of is: > - Some of the functions were moved from one library to another. (I don't > =A0know why, but maybe it was to avoid a POLA violation which would requi= re > =A0apps to be linked with additional libraries?) > =A0- To do this, some global variables were added to the source file in t= he > =A0 =A0library these functions were moved to. > As such, if you statically link an app. to both libraries, the global var= iable > can come up "multiply defined". (I ran into this when I was developing a = "gssd" > prior to the one introduced as part of the kernel rpc.) You can get aroun= d this > by dynamically linking, being careful about the order in which the librar= ies are > specified. (The command "krb5-config --libs" helps w.r.t. this.) > > I don't know what else was changed, but I do know that it isn't as trivia= l as > replacing the sources with ones from a newer Heimdal release. > > I think it would be nice if a newer Heimdal release was brought it, with = the > minimal changes required to make it work. (If that meant that apps. neede= d more > libraries, the make files could use "krb5-config --libs" to handle it, I = think?) > > Oh, and I'm not volunteering to try and do it;-) rick >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOO1MfubjpOqAs2_BNoGD=3ji_nMTuGMv6U9m1A%2BghGK5W5psw>