From nobody Fri Dec 29 04:03:27 2023
X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T1WvR0Rcyz55Nmg
	for <freebsd-arch@mlmmj.nyi.freebsd.org>; Fri, 29 Dec 2023 04:03:31 +0000 (UTC)
	(envelope-from cy.schubert@cschubert.com)
Received: from omta001.cacentral1.a.cloudfilter.net (omta001.cacentral1.a.cloudfilter.net [3.97.99.32])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "Client", Issuer "CA" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4T1WvQ5jNCz4Jst
	for <freebsd-arch@freebsd.org>; Fri, 29 Dec 2023 04:03:30 +0000 (UTC)
	(envelope-from cy.schubert@cschubert.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: from shw-obgw-4003a.ext.cloudfilter.net ([10.228.9.183])
	by cmsmtp with ESMTPS
	id J3WJrNoQe8jpTJ45praTT5; Fri, 29 Dec 2023 04:03:29 +0000
Received: from spqr.komquats.com ([70.66.152.170])
	by cmsmtp with ESMTPSA
	id J45orEvmbMsNfJ45prUGPj; Fri, 29 Dec 2023 04:03:29 +0000
X-Authority-Analysis: v=2.4 cv=KJNJsXJo c=1 sm=1 tr=0 ts=658e4511
 a=y8EK/9tc/U6QY+pUhnbtgQ==:117 a=y8EK/9tc/U6QY+pUhnbtgQ==:17
 a=kj9zAlcOel0A:10 a=e2cXIFwxEfEA:10 a=Rk-M77FJAAAA:8 a=YxBL1-UpAAAA:8
 a=6I5d2MoRAAAA:8 a=EkcXrb_YAAAA:8 a=aQeGU2onRW3SJlTcsDMA:9 a=CjuIK1q_8ugA:10
 a=ef1k35tKgZpiIrJ2aQ5N:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22
 a=LK5xJRSDVpKd5WXXoEvA:22
Received: from slippy.cwsent.com (slippy [10.1.1.91])
	by spqr.komquats.com (Postfix) with ESMTP id C7FC4AE4;
	Thu, 28 Dec 2023 20:03:27 -0800 (PST)
Received: by slippy.cwsent.com (Postfix, from userid 1000)
	id BBA24F2; Thu, 28 Dec 2023 20:03:27 -0800 (PST)
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.8+dev
Reply-to: Cy Schubert <Cy.Schubert@cschubert.com>
From: Cy Schubert <Cy.Schubert@cschubert.com>
X-os: FreeBSD
X-Sender: cy@cwsent.com
X-URL: http://www.cschubert.com/
To: Lexi Winter <lexi@le-fay.org>
cc: freebsd-arch@freebsd.org
Subject: Re: status of Heimdal in src
In-reply-to: <ZY4Pu2Z-_iQfJKAK@ilythia.eden.le-fay.org>
References: <ZY4Pu2Z-_iQfJKAK@ilythia.eden.le-fay.org>
Comments: In-reply-to Lexi Winter <lexi@le-fay.org>
   message dated "Fri, 29 Dec 2023 00:15:55 +0000."
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-arch
List-Help: <mailto:freebsd-arch+help@freebsd.org>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Subscribe: <mailto:freebsd-arch+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-arch+unsubscribe@freebsd.org>
Sender: owner-freebsd-arch@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 28 Dec 2023 20:03:27 -0800
Message-Id: <20231229040327.BBA24F2@slippy.cwsent.com>
X-CMAE-Envelope: MS4xfAtCP9I+oCVt7NF6AHMEK2heu3PQHTeCjTeE5GfVh5fPAnRCdHycxe/TLCryvKRDo+uvwFZW+6PnbQXzKhfkOy66HnhniuaFwMG05LiDISFkfU9K8ck0
 NwMe0/fkT/46kG/3ECrv/7M0fgoqVvAvyqExTual3fPQ7GNLhqRN4md6YRwTewpk26JqG1Erp4mX6NodFFin7z6BJ0y6R9dzRuFevU+NsvRTlGD2UtUHUYo5
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:16509, ipnet:3.96.0.0/15, country:US]
X-Spamd-Bar: ----
X-Rspamd-Queue-Id: 4T1WvQ5jNCz4Jst

In message <ZY4Pu2Z-_iQfJKAK@ilythia.eden.le-fay.org>, Lexi Winter writes:
> hello,
>
> i'm interested in the status of Heimdal in src (src/crypto/heimdal).
> although the vendor branch was recently updated, it hasn't been merged
> into src for a long time: the current version is 1.5.2, which is over 10
> years old.  in particular, this version is missing newer cyphers, like
> the SHA2-based algorithms.
>
> is there something preventing a newer version from being merged, or is
> it just a lack of someone having time to work on it?  if the latter, i'd
> be interested in picking this up (or helping, if someone is already
> working on it).

I'm currently working on replacing Heimdal with MIT. The reasons for this 
are threefold.

First, after importing Heimdal 7.7.0 locally, 7.8.0 failed to import. 
They'd restructured the code enough to require significant restructuring of 
makefiles.

Secondly, a large user of FreeBSD has requested replacing Heimdal with MIT.

Third. Popular demand. A substantial number of persons have suggested the 
MIT upgrade.

IMO MIT is the gold standard. (Make this our fourth point.)

The MIT upgrade is an exercise in reverse engineering the GNU 
configure/make build and implementing this within FreeBSD's bespoke build 
system. IMO MIT is easier to work with than Heimdal.

Initially MIT will become an option, later becoming the default. And 
finally removal of Heimdal. My target is sometime during the 15-CURRENT 
life cycle. Hopefully this summer.


-- 
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  https://FreeBSD.org
NTP:           <cy@nwtime.org>    Web:  https://nwtime.org

			e^(i*pi)+1=0