| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
|
|
NOTE: THIS IS A SECURITY UPDATE.
Changes from version 1.3.4 include:
* [2841] Fix heap buffer overflow in password history
mechanism. [MITKRB5-SA-2004-004]
* [2682] Fix ftpd hang caused by empty PASS command.
* [2686] Fix double-free errors. [MITKRB5-SA-2004-002]
* [2687] Fix denial-of-service vulnerability in ASN.1
decoder. [MITKRB5-SA-2004-003]
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
|
|
scripts can be taught how to properly detect our utmpx implementation.
This should fix the build on NetBSD-2.0 and -current.
|
|
Bump the PKGREVISION for this security update.
|
|
into the bsd.options.mk framework. Instead of appending to
${PKG_OPTIONS_VAR}, it appends to PKG_DEFAULT_OPTIONS. This causes
the default options to be the union of PKG_DEFAULT_OPTIONS and any
old USE_* and FOO_USE_* settings.
This fixes PR pkg/26590.
|
|
for each package can be determined by invoking:
make show-var VARNAME=PKG_OPTIONS_VAR
The old options are still supported unless the variable named in
PKG_OPTIONS_VAR is set within make(1) (usually via /etc/mk.conf).
|
|
|
|
|
|
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
|
|
include a fix for security advisory [MITKRB-SA-2004-001]:
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
Please read the security advisory to see if you are affected and should
update your MIT krb5 installation.
|
|
|
|
Bump PKGREVISION.
|
|
|
|
[2284] Fixed accept_sec_context to use a replay cache in the
GSS_C_NO_CREDENTIAL case.
[2453] The AES string-to-key function no longer returns a pointer to
stack memory when given a password longer than 64 characters.
[2277] In sendto_kdc, a socket leak on connection failure was fixed.
[2384] A memory leak in the TCP handling code in the KDC has been fixed.
|
|
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
|
|
|
|
info documentation. (Okay'd by jlam.)
|
|
|
|
* Support for AES in GSSAPI has been implemented. This corresponds to the
in-progress work in the IETF (CFX).
* To avoid compatibility problems, unrecognized TGS options will now be
ignored.
* 128-bit AES has been added to the default enctypes.
* AES cryptosystem now chains IVs. This WILL break backwards compatibility
for the kcmd applications, if they are using AES session keys.
* Assorted minor bug fixes and plugged memory leaks.
|
|
bother with a PKGREVSION bump since this package is 15 minutes old.
|
|
on the wip/mit-krb5 package by Jeremy Reed, but heavily modified by me to
libtoolize the build.
Kerberos V5 is an authentication system developed at MIT. It is a network
authentication protocol designed to provide strong authentication for
client/server applications by using secret-key cryptography. (Kerberos
5 is discussed in RFC 1510.)
This package provides Kerberos and GSSAPI (Generic Security Services
Application Programming Interface) development headers and libraries.
It also includes Kerberos ticket and principal tools, and Kerberized
r-services, telnet and ftp services.
|
