Date: Sat, 6 Jun 1998 00:17:52 -0500 (CDT) From: n@nectar.com To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: ports/6870: new port, Kerberos V 1.0.5 Message-ID: <199806060517.AAA06175@bone.nectar.com>
next in thread | raw e-mail | index | archive | help
>Number: 6870 >Category: ports >Synopsis: new port, Kerberos V 1.0.5 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jun 5 22:20:01 PDT 1998 >Last-Modified: >Originator: Jacques Vidrine <n@nectar.com> >Organization: none >Release: FreeBSD 3.0-CURRENT i386 >Environment: Tested on 3.0-CURRENT and 2.2.5-STABLE. >Description: An authentication system developed at MIT, and the successor to Kerberos IV. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # krb5 # krb5/files # krb5/files/md5 # krb5/Makefile # krb5/patches # krb5/patches/patch-aa # krb5/patches/patch-ab # krb5/pkg # krb5/pkg/COMMENT # krb5/pkg/DESCR # krb5/pkg/PLIST # echo c - krb5 mkdir -p krb5 > /dev/null 2>&1 echo c - krb5/files mkdir -p krb5/files > /dev/null 2>&1 echo x - krb5/files/md5 sed 's/^X//' >krb5/files/md5 << 'END-of-krb5/files/md5' XMD5 (krb5/krb5-1.0.5.src.tar.gz) = 97b523ba3c3f0b6a703691daadb2d85c XMD5 (krb5/krb5-1.0.5.doc.tar.gz) = 6eadfe9cff088bc5cc704b720c3883f6 XMD5 (krb5/krb5-1.0.5.crypto.tar.gz) = 2303ee0ebd08fad1945365f4cbb310d6 END-of-krb5/files/md5 echo x - krb5/Makefile sed 's/^X//' >krb5/Makefile << 'END-of-krb5/Makefile' X# Ports collection Makefile for: MIT Kerberos V X# Version required: 1.0.5 X# Date created: 6/5/1998 X# Whom: n@nectar.com X# X# $Id$ X# X XDISTNAME= krb5-1.0.5 XCATEGORIES= security XMASTER_SITES= ftp://athena-dist.mit.edu/pub/kerberos XDIST_SUBDIR= krb5 XDISTFILES= krb5-1.0.5.src.tar.gz \ X krb5-1.0.5.doc.tar.gz \ X krb5-1.0.5.crypto.tar.gz X XMAINTAINER= n@nectar.com X XUSE_GMAKE= yes XGNU_CONFIGURE= yes XCONFIGURE_ARGS= --enable-shared X XRESTRICTED= "Crypto; export-controlled" X# Set USA_RESIDENT appropriately in /etc/make.conf if you like X Xfetch-depends: X.if !defined(USA_RESIDENT) || ${USA_RESIDENT} != YES && ${USA_RESIDENT} != NO X @echo X @echo ">> You must set the variable USA_RESIDENT to YES if you are" X @echo " a United States resident, otherwise NO." X @echo " If you are a US resident, understand that this software" X @echo " may be export restricted." X @echo " If you are not a US resident, then you cannot obtain" X @echo " Kerberos V source from a server within the United" X @echo " States. You will have to find the source elsewhere," X @echo " and put them in ${_DISTDIR}." X.endif X X XMAN1= krb5-send-pr.1 kpasswd.1 v5passwd.1 klist.1 kinit.1 \ X kdestroy.1 ksu.1 sclient.1 rsh.1 rcp.1 rlogin.1 \ X v4rcp.1 ftp.1 telnet.1 kerberos.1 XMAN5= kdc.conf.5 krb5.conf.5 .k5login.5 XMAN8= krb5kdc.8 kadmin.8 kadmin.local.8 kdb5_util.8 \ X ktutil.8 kadmind.8 kprop.8 kpropd.8 sserver.8 \ X kshd.8 klogind.8 login.krb5.8 ftpd.8 telnetd.8 X XWRKSRC= ${WRKDIR}/${DISTNAME}/src XRECONF_COOKIE= ${WRKDIR}/.reconf_done XREADME_KRB5=README.KRB5-1.0.5 XAWK_SCRIPT='/1) Change into the directory/ { if (match($$0, "dist/[0-9]+")) print substr($$0, RSTART, RLENGTH) }' X XWANT_HTML?= YES XHTML_DOC_DIR= ${WRKDIR}/${DISTNAME}/doc XHTML_DOCS= admin.html install_foot.html user-guide.html \ X admin_foot.html install_toc.html user-guide_foot.html \ X admin_toc.html krb425.html user-guide_toc.html \ X install.html krb425_toc.html XSETUID_EXE= bin/ksu bin/v4rcp X Xpre-fetch: X @${MKDIR} ${_DISTDIR} X @(cd ${_DISTDIR}; \ X if [ ! -f ${README_KRB5} ]; then \ X for site in ${MASTER_SITES}; do \ X ${ECHO_MSG} ">> Attempting to fetch ${README_KRB5} from $${site}."; \ X if ${FETCH_CMD} ${FETCH_BEFORE_ARGS} $${site}/${README_KRB5} ${FETCH_AFTER_ARGS}; then \ X break; \ X fi \ X done; fi); \ X if [ ! -f ${_DISTDIR}/${README_KRB5} ]; then \ X ${ECHO_MSG} ">> Couldn't fetch it - please try to retrieve"; \ X ${ECHO_MSG} ">> this port manually into ${_DISTDIR} and try"; \ X ${ECHO_MSG} ">> again."; \ X fi X Xdo-fetch: X @${MKDIR} ${_DISTDIR} X @(cd ${_DISTDIR}; \ X secret=`${AWK} ${AWK_SCRIPT} < ${_DISTDIR}/${README_KRB5}`; \ X for file in ${DISTFILES}; do \ X if [ ! -f $$file -a ! -f `${BASENAME} $$file` ]; then \ X if [ -h $$file -o -h `${BASENAME} $$file` ]; then \ X ${ECHO_MSG} ">> ${_DISTDIR}/$$file is a broken symlink."; \ X ${ECHO_MSG} ">> Perhaps a filesystem (most likely a CD) isn't mounted?"; \ X ${ECHO_MSG} ">> Please correct this problem and try again."; \ X exit 1; \ X fi ; \ X ${ECHO_MSG} ">> $$file doesn't seem to exist on this system."; \ X for site in ${MASTER_SITES}; do \ X ${ECHO_MSG} ">> Attempting to fetch from $${site}/$${secret}."; \ X if ${FETCH_CMD} ${FETCH_BEFORE_ARGS} $${site}/$${secret}/$${file} ${FETCH_AFTER_ARGS}; then \ X continue 2; \ X fi \ X done; \ X ${ECHO_MSG} ">> Couldn't fetch it - please try to retrieve this";\ X ${ECHO_MSG} ">> port manually into ${_DISTDIR} and try again."; \ X exit 1; \ X fi \ X done) X Xpre-configure: ${RECONF_COOKIE} X X${RECONF_COOKIE}: X @(cd ${WRKSRC}/util/autoconf && ./configure && gmake) X @(cd ${WRKSRC} && ./util/reconf --force) X touch ${RECONF_COOKIE} X X Xpost-install: X# XXX Not sure why tmac.doc is installed here -- I don't think X# we need it. I should patch the distribution to not install X# it, I think. X @rm -f ${PREFIX}/man/man1/tmac.doc X# shared libs X ${LDCONFIG} -m ${PREFIX}/lib X# html documentation X.if defined(WANT_HTML) && ${WANT_HTML} == YES X @${MKDIR} ${PREFIX}/share/doc/krb5 X.for html in ${HTML_DOCS} X ${INSTALL_MAN} ${HTML_DOC_DIR}/${html} ${PREFIX}/share/doc/krb5 X.endfor X.endif X# fixup setuid executables X.for setuid in ${SETUID_EXE} X chown root ${PREFIX}/${setuid} X.endfor X X.include <bsd.port.mk> END-of-krb5/Makefile echo c - krb5/patches mkdir -p krb5/patches > /dev/null 2>&1 echo x - krb5/patches/patch-aa sed 's/^X//' >krb5/patches/patch-aa << 'END-of-krb5/patches/patch-aa' X--- configure.in.orig 1998/05/27 20:22:52 1.1.1.1 X+++ configure.in 1998/05/28 16:14:23 1.2 X@@ -21,6 +21,28 @@ X AC_ARG_ENABLE([shared], X [ --enable-shared build shared libraries],[ X case $krb5_cv_host in X+*-*-freebsd*) X+ echo "Enabling shared libraries for FreeBSD...." X+ krb5_cv_shlibs_cflags=-fpic X+ krb5_cv_shlibs_ext=so X+ krb5_cv_noshlibs_ext=a X+krb5_cv_shlibs_versioned_filenames=yes # version in filename of library X+ krb5_cv_shlibs_need_nover=no X+ krb5_cv_shlibs_dir=shared X+ krb5_cv_shlibs_ldflag= X+ krb5_cv_noshlibs_ldflag="-static" X+ krb5_cv_shlibs_sym_ufo="-u " X+ krb5_cv_shlibs_dirhead="-Wl,-R -Wl," X+ krb5_cv_exe_need_dirs=yes X+ krb5_cv_shlibs_use_dirs=yes X+ krb5_cv_shlibs_use_colon_dirs=no X+ krb5_cv_shlibs_tail_comp= X+ krb5_cv_shlibs_enabled=yes X+ krb5_cv_staticlibs_enabled=yes X+ krb5_cv_shlibs_run_ldpath=default X+ krb5_cv_shlibs_run_libpath=no X+ krb5_cv_shlibs_run_rldroot=no X+ ;; X *-*-netbsd*) X echo "Enabling shared libraries for NetBSD...." X krb5_cv_shlibs_cflags=-fpic END-of-krb5/patches/patch-aa echo x - krb5/patches/patch-ab sed 's/^X//' >krb5/patches/patch-ab << 'END-of-krb5/patches/patch-ab' X--- util/makeshlib.sh.orig 1998/05/27 20:24:15 1.1.1.1 X+++ util/makeshlib.sh 1998/05/28 16:14:32 1.2 X@@ -17,6 +17,18 @@ X VERSION="$1" ; shift X X case $host in X+*-*-freebsd*) X+ FILES=`for i X+ do X+ sed -e "s;^;$i/shared/;" -e "s; ; $i/shared/;g" -e "s;^$i/shared/\$;;" $i/DONE X+ done` X+ # Hack to deal with the fact that with cc options are different X+ # from ld... X+ ldflags=`echo $ldflags |sed -e "s/-Wl,//g"` X+ echo ld -Bshareable $ldflags -o $library $FILES $libdirfl $liblist X+ ld -Bshareable $ldflags -o $library $FILES $libdirfl $liblist X+ stat=$? X+ ;; X *-*-netbsd*) X FILES=`for i X do END-of-krb5/patches/patch-ab echo c - krb5/pkg mkdir -p krb5/pkg > /dev/null 2>&1 echo x - krb5/pkg/COMMENT sed 's/^X//' >krb5/pkg/COMMENT << 'END-of-krb5/pkg/COMMENT' XAn authentication system developed at MIT, and the successor to Kerberos IV. END-of-krb5/pkg/COMMENT echo x - krb5/pkg/DESCR sed 's/^X//' >krb5/pkg/DESCR << 'END-of-krb5/pkg/DESCR' XFrom the User Guide: X X Kerberos V5 is an authentication system developed at MIT. Kerberos is X named for the three-headed watchdog from Greek mythology, who guarded X the entrance to the underworld. X X Under Kerberos, a client (generally either a user or a service) sends X a request for a ticket to the Key Distribution Center (KDC). The KDC X creates a ticket-granting ticket (TGT) for the client, encrypts it X using the client's password as the key, and sends the encrypted TGT X back to the client. The client then attempts to decrypt the TGT, using X its password. If the client successfully decrypts the TGT (i.e., if X the client gave the correct password), it keeps the decrypted TGT, X which indicates proof of the client's identity. X X The TGT, which expires at a specified time, permits the client to X obtain additional tickets, which give permission for specific X services. The requesting and granting of these additional tickets is X user-transparent. X X Since Kerberos negotiates authenticated, and optionally encrypted, X communications between two points anywhere on the internet, it X provides a layer of security that is not dependent on which side of a X firewall either client is on. Since studies have shown that half of X the computer security breaches in industry happen from inside X firewalls, MIT's Kerberos V5 plays a vital role in maintaining your X nework security. X X The Kerberos V5 package is designed to be easy to use. Most of the X commands are nearly identical to UNIX network programs you are already X used to. Kerberos V5 is a single-sign-on system, which means that you X have to type your password only once per session, and Kerberos does X the authenticating and encrypting transparently. X XSee also: X X http://web.mit.edu/kerberos/www/ X XJacques Vidrine <n@nectar.com> END-of-krb5/pkg/DESCR echo x - krb5/pkg/PLIST sed 's/^X//' >krb5/pkg/PLIST << 'END-of-krb5/pkg/PLIST' Xbin/krb524init Xbin/kpasswd Xbin/v5passwd Xbin/klist Xbin/kinit Xbin/kdestroy Xbin/ksu Xbin/sclient Xbin/sim_client Xbin/uuclient Xbin/rsh Xbin/rcp Xbin/rlogin Xbin/v4rcp Xbin/gss-client Xbin/ftp Xbin/telnet Xinclude/gssapi/gssapi_generic.h Xinclude/gssapi/gssapi.h Xinclude/gssapi/gssapi_krb5.h Xinclude/kerberosIV/krb.h Xinclude/kerberosIV/des.h Xinclude/kerberosIV/kadm.h Xinclude/kerberosIV/mit-copyright.h Xinclude/kerberosIV/krb_err.h Xinclude/com_err.h Xinclude/mit-sipb-copyright.h Xinclude/libpty.h Xinclude/krb5.h Xlib/libcom_err.a Xlib/libcom_err.so.1.0 Xlib/libpty.a Xlib/libdyn.a Xlib/libdyn.so.1.0 Xlib/libcrypto.so.1.0 Xlib/libcrypto.a Xlib/libkrb5.so.1.0 Xlib/libkrb5.a Xlib/libdes425.a Xlib/libdes425.so.1.0 Xlib/libkrb4.so.1.0 Xlib/libkrb4.a Xlib/libkrb5util.a Xlib/libkdb5.so.1.0 Xlib/libkdb5.a Xlib/libgssapi_krb5.a Xlib/libgssapi_krb5.so.1.0 Xlib/libgssrpc.a Xlib/libgssrpc.so.1.0 Xlib/libkadm5clnt.a Xlib/libkadm5clnt.so.1.0 Xlib/libkadm5srv.a Xlib/libkadm5srv.so.1.0 Xlib/libkrb524.a X@exec /sbin/ldconfig -m %D/lib Xman/man1/krb5-send-pr.1.gz Xman/man1/kpasswd.1.gz Xman/man1/v5passwd.1.gz Xman/man1/klist.1.gz Xman/man1/kinit.1.gz Xman/man1/kdestroy.1.gz Xman/man1/ksu.1.gz Xman/man1/sclient.1.gz Xman/man1/rsh.1.gz Xman/man1/rcp.1.gz Xman/man1/rlogin.1.gz Xman/man1/v4rcp.1.gz Xman/man1/ftp.1.gz Xman/man1/telnet.1.gz Xman/man1/kerberos.1.gz Xman/man5/kdc.conf.5.gz Xman/man5/krb5.conf.5.gz Xman/man5/.k5login.5.gz Xman/man8/krb5kdc.8.gz Xman/man8/kadmin.8.gz Xman/man8/kadmin.local.8.gz Xman/man8/kdb5_util.8.gz Xman/man8/ktutil.8.gz Xman/man8/kadmind.8.gz Xman/man8/kprop.8.gz Xman/man8/kpropd.8.gz Xman/man8/sserver.8.gz Xman/man8/kshd.8.gz Xman/man8/klogind.8.gz Xman/man8/login.krb5.8.gz Xman/man8/ftpd.8.gz Xman/man8/telnetd.8.gz Xsbin/krb5-send-pr Xsbin/krb524d Xsbin/krb5kdc Xsbin/kadmin.local Xsbin/kadmin Xsbin/kdb5_util Xsbin/ktutil Xsbin/kadmind Xsbin/kadmind4 Xsbin/v5passwdd Xsbin/kprop Xsbin/kpropd Xsbin/sserver Xsbin/sim_server Xsbin/uuserver Xsbin/kshd Xsbin/klogind Xsbin/login.krb5 Xsbin/gss-server Xsbin/ftpd Xsbin/telnetd Xshare/gnats/mit Xshare/doc/krb5/admin.html Xshare/doc/krb5/install_foot.html Xshare/doc/krb5/user-guide.html Xshare/doc/krb5/admin_foot.html Xshare/doc/krb5/install_toc.html Xshare/doc/krb5/user-guide_foot.html Xshare/doc/krb5/admin_toc.html Xshare/doc/krb5/krb425.html Xshare/doc/krb5/user-guide_toc.html Xshare/doc/krb5/install.html Xshare/doc/krb5/krb425_toc.html X@dirrm include/gssapi X@dirrm include/kerberosIV X@dirrm share/doc/krb5 END-of-krb5/pkg/PLIST exit >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806060517.AAA06175>