Date: Sat, 12 Nov 2016 21:22:47 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r425994 - in head: . security/heimdal security/heimdal/files Message-ID: <201611122122.uACLMlMK026920@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Sat Nov 12 21:22:47 2016 New Revision: 425994 URL: https://svnweb.freebsd.org/changeset/ports/425994 Log: - Fix Berkeley DB dependency. It now properly uses BDB_LIB specified in Mk/Uses/bdb.mk instead of db185 interfaces in libc. As a side-effect, this causes a compatibility issue between heimdal.db created by kadmin(8) in the base system or one by an older security/heimdal. See UPDATING about this issue. - Fix readline dependency end eliminate libheimedit. - Use -lpthread instead of -pthread. - Use FOO_CONFIGURE_WITH=foo instead of FOO_CONFIGURE_ON=--with-foo. Added: head/security/heimdal/pkg-message (contents, props changed) Deleted: head/security/heimdal/files/patch-cf__db.m4 Modified: head/UPDATING head/security/heimdal/Makefile head/security/heimdal/files/patch-configure head/security/heimdal/pkg-plist Modified: head/UPDATING ============================================================================== --- head/UPDATING Sat Nov 12 20:51:11 2016 (r425993) +++ head/UPDATING Sat Nov 12 21:22:47 2016 (r425994) @@ -5,6 +5,66 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20161112: + AFFECTS: users of security/heimdal + AUTHOR: hrs@FreeBSD.org + + Heimdal in the base system and security/heimdal <= 1.5.3_6 use + Berkeley DB to store principals into /var/heimdal/heimdal.db and + the database format is version 3 by default. On the other hand, + security/heimdal 1.5.3_7 or newer use the newer version of + Berkeley DB and the database format is version 9. + These two versions are not compatible with each other. If there is + a mismatch between Heimdal utilities and its database format, + you will get an error like the following: + + # /usr/local/sbin/kadmin -l dump + BDB0641 __db_meta_setup: /var/heimdal/heimdal.db: unexpected file type or format + kadmin: hdb_open: opening /var/heimdal/heimdal: Invalid argument + + This mismatch can occur in the following three cases: + + 1. You used Heimdal in the base system and switch to use security/heimdal + after creating /var/db/heimdal.db. + + 2. You used security/heimdal >= 1.5.3_7 and switch to use one in the + base system. + + 3. You used security/heimdal < 1.5.3_7 and upgrade it to 1.5.3_7 or later. + + To fix this mismatch, you need to dump contents of heimdal.db and + rebuild the database by using kadmin(8) utility. + + If you use Heimdal in the base system or older versions of + security/heimdal, and plan to switch to use + security/heimdal >= 1.5.3_7, execute the following command + *after* creating a backup copy of /var/heimdal and installing + security/heimdal: + + # /usr/bin/kadmin -l dump /var/heimdal/heimdal.db.dump + # rm /var/heimdal/heimdal.db + # /usr/local/sbin/kadmin -l load /var/heimdal/heimdal.db.dump + # rm /var/heimdal/heimdal.db.dump + + The above example assumes security/heimdal is installed into + /usr/local. If your base system is compiled with WITHOUT_KERBEROS + use the following instead: + + # db_dump185-5 /var/heimdal/heimdal.db | db_load-5 /var/heimdal/heimdal.db.new + # chown 0600 /var/heimdal/heimdal.db.new + # mv /var/heimdal/heimdal.db.new /var/heimdal/heimdal.db + + db_dump and db_load utilitites are installed by database/db5 as + dependency of security/heimdal. + + If you want to switch from security/heimdal to Heimdal in the base + system, use the following: + + # /usr/local/sbin/kadmin -l dump /var/heimdal/heimdal.db.dump + # rm /var/heimdal/heimdal.db + # /usr/bin/kadmin -l load /var/heimdal/heimdal.db.dump + # rm /var/heimdal/heimdal.db.dump + 20161105: AFFECTS: users of security/heimdal AUTHOR: hrs@FreeBSD.org Modified: head/security/heimdal/Makefile ============================================================================== --- head/security/heimdal/Makefile Sat Nov 12 20:51:11 2016 (r425993) +++ head/security/heimdal/Makefile Sat Nov 12 21:22:47 2016 (r425994) @@ -3,7 +3,7 @@ PORTNAME= heimdal PORTVERSION= 1.5.3 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= security ipv6 MASTER_SITES= http://www.h5l.org/dist/src/ \ http://ftp.pdc.kth.se/pub/heimdal/src/ \ @@ -25,6 +25,11 @@ USE_LDCONFIG= ${GSSAPILIBDIR} GNU_CONFIGURE= yes INSTALL_TARGET= install-strip CONFIGURE_ENV= ac_cv_header_fnmatch_h=yes \ + ac_cv_header_db_h=no \ + ac_cv_header_db3_db_h=no \ + ac_cv_header_db4_db_h=no \ + ac_cv_header_db5_db_h=no \ + ac_cv_header_db5_h=no \ ac_cv_prog_COMPILE_ET=${WRKSRC}/lib/com_err/compile_et CONFIGURE_ARGS= --with-libintl \ --with-libintl-include="${LOCALBASE}/include" \ @@ -37,13 +42,14 @@ CONFIGURE_ARGS= --with-libintl \ --with-openssl-lib="${OPENSSLLIB}" \ --enable-otp \ --enable-pthread-support \ + --with-readline="${LOCALBASE}" \ --with-hdbdir="/var/${PORTNAME}" \ --sysconfdir="${PREFIX}/etc" +# XXX --with-readline picks up libreadline even if found in /usr/lib. MAKE_ENV= INSTALL_CATPAGES=no .if !exists(/etc/rc.d/ipropd_master) USE_RC_SUBR= ipropd_master ipropd_slave .endif - INFO= heimdal hx509 MAKE_JOBS_UNSAFE= yes @@ -55,22 +61,24 @@ OPTIONS_SUB= yes IPV6_CONFIGURE_WITH= ipv6 BDB_DESC= Enable BerkeleyDB KDC backend support -BDB_CONFIGURE_ON= --with-berkeley-db -BDB_CONFIGURE_OFF= --without-berkeley-db +BDB_USES= bdb:5 localbase +BDB_CONFIGURE_WITH= berkeley-db +BDB_CONFIGURE_ENV= ac_cv_header_db${BDB_VER}_db_h=yes \ + ac_cv_func_db_create=yes \ + ac_cv_funclib_db_create="-l${BDB_LIB_NAME}" +BDB_CONFIGURE_ON= --disable-ndbm-db SQLITE_DESC= Enable SQLite KDC backend support SQLITE_USES= sqlite -SQLITE_CONFIGURE_ON= --with-sqlite3 \ - --with-sqlite3-include="${LOCALBASE}/include" \ +SQLITE_CONFIGURE_ON= --with-sqlite3-include="${LOCALBASE}/include" \ --with-sqlite3-lib="${LOCALBASE}/lib" -SQLITE_CONFIGURE_OFF= --without-sqlite3 +SQLITE_CONFIGURE_WITH= sqlite3 LDAP_DESC= Enable OpenLDAP KDC backend support LDAP_USE= OPENLDAP=yes -LDAP_CONFIGURE_ON= --with-openldap \ - --with-openldap-include="${LOCALBASE}/include" \ +LDAP_CONFIGURE_ON= --with-openldap-include="${LOCALBASE}/include" \ --with-openldap-lib="${LOCALBASE}/lib" -LDAP_CONFIGURE_OFF= --without-openldap +LDAP_CONFIGURE_WITH= openldap PKINIT_DESC= Enable PK-INIT support PKINIT_CONFIGURE_ENABLE=pk-init Modified: head/security/heimdal/files/patch-configure ============================================================================== --- head/security/heimdal/files/patch-configure Sat Nov 12 20:51:11 2016 (r425993) +++ head/security/heimdal/files/patch-configure Sat Nov 12 21:22:47 2016 (r425994) @@ -1,6 +1,15 @@ ---- configure.orig 2012-12-09 22:09:32 UTC -+++ configure -@@ -9567,29 +9567,6 @@ fi +--- configure.orig 2012-12-10 07:09:32.000000000 +0900 ++++ configure 2016-11-13 03:23:46.814899000 +0900 +@@ -8869,7 +8869,7 @@ + hardcode_minus_L=no + hardcode_shlibpath_var=unsupported + inherit_rpath=no +- link_all_deplibs=unknown ++ link_all_deplibs=no + module_cmds= + module_expsym_cmds= + old_archive_from_new_cmds= +@@ -9567,29 +9567,6 @@ hardcode_shlibpath_var=no ;; @@ -30,7 +39,7 @@ # FreeBSD 3 and greater uses gcc -shared to do shared libraries. freebsd* | dragonfly*) archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' -@@ -10561,10 +10538,6 @@ dgux*) +@@ -10561,10 +10538,6 @@ shlibpath_var=LD_LIBRARY_PATH ;; @@ -41,7 +50,7 @@ freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. -@@ -10572,7 +10545,6 @@ freebsd* | dragonfly*) +@@ -10572,7 +10545,6 @@ objformat=`/usr/bin/objformat` else case $host_os in @@ -49,7 +58,7 @@ *) objformat=elf ;; esac fi -@@ -10590,18 +10562,6 @@ freebsd* | dragonfly*) +@@ -10590,18 +10562,6 @@ esac shlibpath_var=LD_LIBRARY_PATH case $host_os in @@ -68,26 +77,37 @@ *) # from 4.6 on, and DragonFly shlibpath_overrides_runpath=yes hardcode_into_libs=yes -@@ -14227,7 +14187,7 @@ case "$host" in +@@ -11661,7 +11621,7 @@ + old_striplib= + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 + $as_echo_n "checking whether stripping libraries is possible... " >&6; } +-if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then ++if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "strip" >/dev/null; then + test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" + test -z "$striplib" && striplib="$STRIP --strip-unneeded" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +@@ -14227,9 +14187,9 @@ native_pthread_support="netbsd 3 uses explict pthread" PTHREAD_LIBADD="-lpthread" ;; -*-*-freebsd[56789]*) +*-*-freebsd*) native_pthread_support=yes - PTHREAD_LIBADD="-pthread" +- PTHREAD_LIBADD="-pthread" ++ PTHREAD_LIBADD="-lpthread" ;; -@@ -14393,9 +14353,6 @@ done - - else - for ac_header in \ -- db5/db.h \ -- db4/db.h \ -- db3/db.h \ - db.h \ + *-*-openbsd*) + native_pthread_support=yes +@@ -14488,7 +14448,7 @@ + fi + # db_create + eval "ac_tr_func=HAVE_`echo db_create | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" ++eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//;s/[-.]/_/g' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" + eval "LIB_db_create=$ac_res" - do : -@@ -28245,7 +28202,7 @@ fi + case "$ac_res" in +@@ -28245,7 +28205,7 @@ krb_cv_compile_et="no" krb_cv_com_err_need_r="" Added: head/security/heimdal/pkg-message ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/heimdal/pkg-message Sat Nov 12 21:22:47 2016 (r425994) @@ -0,0 +1,7 @@ +==== +heimdal-1.5.3_7 uses a new database format which is incompatible +with Heimdal in the base system and heimdal-1.5.3_6 or prior. + +Please read 20161112 in /usr/ports/UPDATING carefully to upgrade +your database. +==== Modified: head/security/heimdal/pkg-plist ============================================================================== --- head/security/heimdal/pkg-plist Sat Nov 12 20:51:11 2016 (r425993) +++ head/security/heimdal/pkg-plist Sat Nov 12 21:22:47 2016 (r425994) @@ -124,10 +124,6 @@ lib/heimdal/libheimbase.a lib/heimdal/libheimbase.so lib/heimdal/libheimbase.so.1 lib/heimdal/libheimbase.so.1.0.0 -lib/heimdal/libheimedit.a -lib/heimdal/libheimedit.so -lib/heimdal/libheimedit.so.0 -lib/heimdal/libheimedit.so.0.0.36 lib/heimdal/libheimntlm.a lib/heimdal/libheimntlm.so lib/heimdal/libheimntlm.so.0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611122122.uACLMlMK026920>