pkgsrc/security/heimdal, branch pkgsrc

pkgsrc/security/heimdal, branch pkgsrc_2008Q2 [no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q2 2008-05-14T18:01:26Z libhcrypto.la only seems to get installed if we're building on 3.x or older, 2008-05-14T18:01:26Z jwise jwise 2008-05-14T18:01:26Z urn:sha1:6dceab10f96d152f1fd9a02163ed67d0dc38238a so make it only end up in the PLIST if that is the case. Add missing library (libhcrypto) to PLIST, allowing sudo to build against 2008-05-05T02:26:03Z jwise jwise 2008-05-05T02:26:03Z urn:sha1:a73ef1bf252b95ee1b335580310b025d1785d931 this heimdal on 3.x. Bump PKGREVISION. Convert to use PLIST_VARS instead of manually passing "@comment " 2008-04-12T22:42:57Z jlam jlam 2008-04-12T22:42:57Z urn:sha1:84db467ec7c8386066718011f8d47775d5608811 through PLIST_SUBST to the plist module. also set KRB5_CONFIG in the case where using builtin but 2008-04-04T21:10:45Z markd markd 2008-04-04T21:10:45Z urn:sha1:23cc1d8e946f0197d2029845d34b44b59d4a9e84 /usr/bin/krb5-config exists. Fixes build of imap-uw package with the kerberos option on NetBSD-current and possibly other platforms. As of revision 1.2 of termcap.buildlink3.mk, "-ltermcap" is automatically 2008-03-04T22:37:46Z jlam jlam 2008-03-04T22:37:46Z urn:sha1:61bd3a33b1a025a996a49011b4650fbf2de4ee48 transformed into the correct set of libraries, so we no longer need to override the configure script's check for which library has tgetent(). The "missing-from-system" headers that Heimdal installs are now placed 2008-03-02T06:41:32Z jlam jlam 2008-03-02T06:41:32Z urn:sha1:38712cc90e6dcbe8a795f10488a013df0d00fdb8 into ${PREFIX}/include/krb5/roken instead of ${PREFIX}/include/krb5. This is good because it reduces the likelihood of a conflict with any other similarly named headers if you simply add -I${PREFIX}/include/krb5 to the compiler command line. Patch from PR pkg/38119 by charlie. Rename termlib.* to termcap.* to better document exactly what packages 2008-02-29T22:41:13Z jlam jlam 2008-02-29T22:41:13Z urn:sha1:05936720dad08bf2ed3f1ce13c7fb38884f3d760 are trying to use (the termcap t*() API). Update security/heimdal to version 1.1. Changes from version 0.7.2 include: 2008-02-28T14:11:55Z jlam jlam 2008-02-28T14:11:55Z urn:sha1:1a27e15523165867adf2b93c1b126439fb35a509 * Read-only PKCS11 provider built-in to hx509. * Better compatibilty with Windows 2008 Server pre-releases and Vista. * Add RFC3526 modp group14 as default. * Handle [kdc] database = { } entries without realm = stanzas. * Add gss_pseudo_random() for mechglue and krb5. * Make session key for the krbtgt be selected by the best encryption type of the client. * Better interoperability with other PK-INIT implementations. * Alias support for inital ticket requests. * Make ASN.1 library less paranoid to with regard to NUL in string to make it inter-operate with MIT Kerberos again. * PK-INIT support. * HDB extensions support, used by PK-INIT. * New ASN.1 compiler. * GSS-API mechglue from FreeBSD. * Updated SPNEGO to support RFC4178. * Support for Cryptosystem Negotiation Extension (RFC 4537). * A new X.509 library (hx509) and related crypto functions. * A new ntlm library (heimntlm) and related crypto functions. * KDC will return the "response too big" error to force TCP retries for large (default 1400 bytes) UDP replies. This is common for PK-INIT requests. * Libkafs defaults to use 2b tokens. * krb5_kuserok() also checks ~/.k5login.d directory for acl files. * Fix memory leaks. * Bugs fixes Update security/heimdal to version 1.1. Changes from version 0.7.2 include: 2008-02-28T08:14:41Z jlam jlam 2008-02-28T08:14:41Z urn:sha1:875504683b7adea3b7ce9463d328e868c224218d * Read-only PKCS11 provider built-in to hx509. * Better compatibilty with Windows 2008 Server pre-releases and Vista. * Add RFC3526 modp group14 as default. * Handle [kdc] database = { } entries without realm = stanzas. * Add gss_pseudo_random() for mechglue and krb5. * Make session key for the krbtgt be selected by the best encryption type of the client. * Better interoperability with other PK-INIT implementations. * Alias support for inital ticket requests. * Make ASN.1 library less paranoid to with regard to NUL in string to make it inter-operate with MIT Kerberos again. * PK-INIT support. * HDB extensions support, used by PK-INIT. * New ASN.1 compiler. * GSS-API mechglue from FreeBSD. * Updated SPNEGO to support RFC4178. * Support for Cryptosystem Negotiation Extension (RFC 4537). * A new X.509 library (hx509) and related crypto functions. * A new ntlm library (heimntlm) and related crypto functions. * KDC will return the "response too big" error to force TCP retries for large (default 1400 bytes) UDP replies. This is common for PK-INIT requests. * Libkafs defaults to use 2b tokens. * krb5_kuserok() also checks ~/.k5login.d directory for acl files. * Fix memory leaks. * Bugs fixes Per the process outlined in revbump(1), perform a recursive revbump 2008-01-18T05:06:18Z tnn tnn 2008-01-18T05:06:18Z urn:sha1:1c8e24b168b5909ecc586bdbb660570b490d92ef on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@