Date: Sat, 16 Oct 2010 18:35:51 +0200 (CEST) From: Joerg Pulz <Joerg.Pulz@frm2.tum.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/151506: [PATCH] security/heimdal: update to 1.4 Message-ID: <201010161635.o9GGZpfj066615@hades.admin.frm2> Resent-Message-ID: <201010161700.o9GH0LHK030106@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 151506 >Category: ports >Synopsis: [PATCH] security/heimdal: update to 1.4 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sat Oct 16 17:00:20 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Joerg Pulz >Release: FreeBSD 8.0-STABLE amd64 >Organization: TU Muenchen / FRM II >Environment: System: FreeBSD hades.admin.frm2 8.0-STABLE FreeBSD 8.0-STABLE #2: Thu Jan 21 12:42:55 CET 2010 root@hades.admin.frm2:/usr/obj/usr/src/sys/GENERIC amd64 >Description: Update security/heimdal to version 1.4 . * More OPTIONS for better customization * Support for more KDC backends * No longer broken on CURRENT * Dependencies updated * Makefile.man and pkg-plist* updated * Removed patches and added new ones (obtained from git and my own ones) The kdc.sh script is left as is for now. I would suggest using the scripts in base (/etc/rc.d/kerberos | kadmind | kpasswd) for now. I will write missing scripts for the next update (e.g. kcm, ipropd-master, ...) NOTE: Support for KerberosIV will be completely removed from heimdal before version 1.5 will be released. NOTE from Release announcement: Disabled write support NDBM hdb backend (read still in there) since it can't handle large records, please migrate to a diffrent backend (like BDB4). This update obsoletes ports/138929 . This update will probably fix ports/124375 but i didn't tried it. Maybe someone on behalf of apache@ can do this. Tinderbox tested on: - 8-STABLE amd64 (with various OPTIONS combinations) - 8.1-RELEASE-p1 i386 (with various OPTIONS combinations) Compilation tested on: - 9-CURRENT amd64 (with various OPTIONS combinations) Runtime tested on: - 8.1-RELEASE-p1 amd64 I really would like to see our base heimdal updated in the near future, as what we now have is horribly broken. As i've never done any vendor import related stuff in base and heimdal lives in serveral places it's really a pain for me. Any guidance and help there is much appreciated. >How-To-Repeat: >Fix: Apply the patch. Remove zero byte files from CVS. Add new files to CVS. --- security__heimdal.diff begins here --- Index: Makefile =================================================================== RCS file: /home/ncvs/ports/security/heimdal/Makefile,v retrieving revision 1.88 diff -u -r1.88 Makefile --- Makefile 20 Mar 2010 15:09:48 -0000 1.88 +++ Makefile 16 Oct 2010 15:24:51 -0000 @@ -6,8 +6,8 @@ # PORTNAME= heimdal -PORTVERSION= 1.0.1 -PORTREVISION= 2 +PORTVERSION= 1.4 +#PORTREVISION= 2 CATEGORIES= security ipv6 MASTER_SITES= http://ftp.pdc.kth.se/pub/heimdal/src/ \ ftp://ftp.pdc.kth.se/pub/heimdal/src/ \ @@ -19,26 +19,33 @@ CONFLICTS= krb4-[0-9]* krb5-[0-9]* srp-[0-9]* -OPTIONS+= LDAP "Use OpenLDAP as the KDC backend" off -OPTIONS+= CRACKLIB "Use CrackLib for password quality checking" off -OPTIONS+= X11 "Build X11 utilies" off +OPTIONS= IPV6 "Enable IPV6 support" on \ + KCM "Enable Kerberos Credentials Manager" on \ + BDB "Enable BerkeleyDB KDC backend support" off \ + SQLITE "Enable SQLite KDC backend support" off \ + LDAP "Enable OpenLDAP KDC backend support" off \ + PKINIT "Enable PK-INIT support" on \ + DIGEST "Enable DIGEST support" on \ + KX509 "Enable kx509 support" on \ + KRB4 "Enable krb4 support" off \ + CRACKLIB "Use CrackLib for password quality checking" off \ + X11 "Build X11 utilies" off USE_AUTOTOOLS= libtool:22 +USE_GNOME= gnomehack pkgconfig USE_OPENSSL= yes +USE_GETTEXT= yes GNU_CONFIGURE= yes USE_LDCONFIG= yes -CONFIGURE_ENV+= CFLAGS="${CFLAGS}" -CONFIGURE_ARGS+= --enable-shared --without-krb4 +CONFIGURE_ARGS+= --with-libintl=${LOCALBASE} \ + --with-readline=${DESTDIR}/usr \ + --enable-pthread-support INFO= heimdal hx509 PLIST= ${WRKDIR}/PLIST .include <bsd.port.pre.mk> -.if ${OSVERSION} > 900007 -BROKEN= fails to build with new utmpx -.endif - .if ${ARCH} == "amd64" CFLAGS+= -fPIC .endif @@ -49,16 +56,74 @@ PLIST_SUB+= HCRYPTO="" .endif +.if defined(WITHOUT_IPV6) +CONFIGURE_ARGS+= --without-ipv6 +.else +CONFIGURE_ARGS+= --with-ipv6 +.endif + +.if !defined(WITHOUT_KCM) +CONFIGURE_ARGS+= --enable-kcm +PLIST_SUB+= KCM="" +.else +CONFIGURE_ARGS+= --disable-kcm +PLIST_SUB+= KCM="@comment " +.endif + +.if defined(WITH_BDB) +USE_BDB= yes +CFLAGS+= -I${BDB_INCLUDE_DIR} +LDFLAGS+= -L${BDB_LIB_DIR} +CONFIGURE_ARGS+= --with-berkeley-db=${LOCALBASE} +# --with-berkeley-db-include=${BDB_INCLUDE_DIR} +.else +CONFIGURE_ARGS+= --without-berkeley-db +.endif + +.if defined(WITH_SQLITE) +USE_SQLITE= yes +CONFIGURE_ARGS+= --with-sqlite3=${LOCALBASE} +PLIST_SUB+= SQLITE="@comment " +.else +CONFIGURE_ARGS+= --without-sqlite3 +PLIST_SUB+= SQLITE="" +.endif + .if defined(WITH_LDAP) USE_OPENLDAP= yes CONFIGURE_ARGS+= --with-openldap=${LOCALBASE} -#EXTRA_PATCHES+= ${FILESDIR}/extrapatch-lib_hdb_hdb-ldap.c . if defined(LDAP_SOCKET_PATH) _SOCK= ${LDAP_SOCKET_PATH:C|/|%2f|g} . else LDAP_RUN_DIR?= /var/run/openldap _SOCK= ${LDAP_RUN_DIR:C|/|%2f|g}%2fldapi . endif +.else +CONFIGURE_ARGS+= --without-openldap +.endif + +.if defined(WITHOUT_PKINIT) +CONFIGURE_ARGS+= --disable-pk-init +.else +CONFIGURE_ARGS+= --enable-pk-init +.endif + +.if defined(WITHOUT_DIGEST) +CONFIGURE_ARGS+= --disable-digest +.else +CONFIGURE_ARGS+= --enable-digest +.endif + +.if defined(WITHOUT_KX509) +CONFIGURE_ARGS+= --disable-kx509 +.else +CONFIGURE_ARGS+= --enable-kx509 +.endif + +.if !defined(WITH_KRB4) +CONFIGURE_ARGS+= --disable-krb4 +.else +CONFIGURE_ARGS+= --enable-krb4 .endif .if defined(WITH_CRACKLIB) @@ -66,7 +131,7 @@ .endif .if defined(WITH_X11) -USE_XORG= x11 +USE_XORG= x11 xt CONFIGURE_ARGS+= --with-x .else CONFIGURE_ARGS+= --without-x @@ -86,6 +151,10 @@ @${REINPLACE_CMD} -e 's|$$ac_cv_header_fnmatch_h|yes|' \ ${WRKSRC}/configure +post-configure: + @${CP} ${FILESDIR}/lib__otp__version-script.map \ + ${WRKSRC}/lib/otp/version-script.map + post-build: .if defined(WITH_CRACKLIB) ${SED} -e "s;%%LOCALBASE%%;${LOCALBASE};g" \ Index: Makefile.man =================================================================== RCS file: /home/ncvs/ports/security/heimdal/Makefile.man,v retrieving revision 1.8 diff -u -r1.8 Makefile.man --- Makefile.man 27 Sep 2007 00:16:01 -0000 1.8 +++ Makefile.man 16 Oct 2010 15:24:54 -0000 @@ -3,20 +3,175 @@ MAN1+= kdestroy.1 MAN1+= kf.1 MAN1+= kgetcred.1 -MAN1+= kimpersonate.1 MAN1+= kinit.1 MAN1+= klist.1 MAN1+= kpasswd.1 MAN1+= krb5-config.1 +MAN1+= kswitch.1 MAN1+= login.1 MAN1+= otp.1 MAN1+= otpprint.1 MAN1+= pagsh.1 MAN1+= pfrom.1 +MAN1+= rcp.1 MAN1+= rsh.1 MAN1+= su.1 MAN1+= telnet.1 -MAN3+= editline.3 +MAN3+= DES_cbc_cksum.3 +MAN3+= DES_cbc_encrypt.3 +MAN3+= DES_cfb64_encrypt.3 +MAN3+= DES_check_key_parity.3 +MAN3+= DES_ecb3_encrypt.3 +MAN3+= DES_ecb_encrypt.3 +MAN3+= DES_ede3_cbc_encrypt.3 +MAN3+= DES_encrypt.3 +MAN3+= DES_init_random_number_generator.3 +MAN3+= DES_is_weak_key.3 +MAN3+= DES_key_sched.3 +MAN3+= DES_new_random_key.3 +MAN3+= DES_pcbc_encrypt.3 +MAN3+= DES_random_key.3 +MAN3+= DES_set_key.3 +MAN3+= DES_set_key_checked.3 +MAN3+= DES_set_key_unchecked.3 +MAN3+= DES_set_odd_parity.3 +MAN3+= DES_string_to_key.3 +MAN3+= DH_check_pubkey.3 +MAN3+= DH_compute_key.3 +MAN3+= DH_free.3 +MAN3+= DH_generate_key.3 +MAN3+= DH_generate_parameters_ex.3 +MAN3+= DH_get_default_method.3 +MAN3+= DH_get_ex_data.3 +MAN3+= DH_imath_method.3 +MAN3+= DH_ltm_method.3 +MAN3+= DH_new.3 +MAN3+= DH_new_method.3 +MAN3+= DH_null_method.3 +MAN3+= DH_set_default_method.3 +MAN3+= DH_set_ex_data.3 +MAN3+= DH_set_method.3 +MAN3+= DH_size.3 +MAN3+= DH_up_ref.3 +MAN3+= EVP_BytesToKey.3 +MAN3+= EVP_CIPHER_CTX_block_size.3 +MAN3+= EVP_CIPHER_CTX_cipher.3 +MAN3+= EVP_CIPHER_CTX_cleanup.3 +MAN3+= EVP_CIPHER_CTX_ctrl.3 +MAN3+= EVP_CIPHER_CTX_flags.3 +MAN3+= EVP_CIPHER_CTX_get_app_data.3 +MAN3+= EVP_CIPHER_CTX_init.3 +MAN3+= EVP_CIPHER_CTX_iv_length.3 +MAN3+= EVP_CIPHER_CTX_key_length.3 +MAN3+= EVP_CIPHER_CTX_mode.3 +MAN3+= EVP_CIPHER_CTX_rand_key.3 +MAN3+= EVP_CIPHER_CTX_set_app_data.3 +MAN3+= EVP_CIPHER_CTX_set_key_length.3 +MAN3+= EVP_CIPHER_block_size.3 +MAN3+= EVP_CIPHER_iv_length.3 +MAN3+= EVP_CIPHER_key_length.3 +MAN3+= EVP_CipherFinal_ex.3 +MAN3+= EVP_CipherInit_ex.3 +MAN3+= EVP_CipherUpdate.3 +MAN3+= EVP_Digest.3 +MAN3+= EVP_DigestFinal_ex.3 +MAN3+= EVP_DigestInit_ex.3 +MAN3+= EVP_DigestUpdate.3 +MAN3+= EVP_MD_CTX_block_size.3 +MAN3+= EVP_MD_CTX_cleanup.3 +MAN3+= EVP_MD_CTX_create.3 +MAN3+= EVP_MD_CTX_destroy.3 +MAN3+= EVP_MD_CTX_init.3 +MAN3+= EVP_MD_CTX_md.3 +MAN3+= EVP_MD_CTX_size.3 +MAN3+= EVP_MD_block_size.3 +MAN3+= EVP_MD_size.3 +MAN3+= EVP_aes_128_cbc.3 +MAN3+= EVP_aes_128_cfb8.3 +MAN3+= EVP_aes_192_cbc.3 +MAN3+= EVP_aes_192_cfb8.3 +MAN3+= EVP_aes_256_cbc.3 +MAN3+= EVP_aes_256_cfb8.3 +MAN3+= EVP_camellia_128_cbc.3 +MAN3+= EVP_camellia_192_cbc.3 +MAN3+= EVP_camellia_256_cbc.3 +MAN3+= EVP_des_cbc.3 +MAN3+= EVP_des_ede3_cbc.3 +MAN3+= EVP_enc_null.3 +MAN3+= EVP_get_cipherbyname.3 +MAN3+= EVP_hcrypto_aes_128_cbc.3 +MAN3+= EVP_hcrypto_aes_128_cfb8.3 +MAN3+= EVP_hcrypto_aes_192_cbc.3 +MAN3+= EVP_hcrypto_aes_192_cfb8.3 +MAN3+= EVP_hcrypto_aes_256_cbc.3 +MAN3+= EVP_hcrypto_aes_256_cfb8.3 +MAN3+= EVP_hcrypto_camellia_128_cbc.3 +MAN3+= EVP_hcrypto_camellia_192_cbc.3 +MAN3+= EVP_hcrypto_camellia_256_cbc.3 +MAN3+= EVP_hcrypto_des_cbc.3 +MAN3+= EVP_hcrypto_des_ede3_cbc.3 +MAN3+= EVP_hcrypto_md2.3 +MAN3+= EVP_hcrypto_md4.3 +MAN3+= EVP_hcrypto_md5.3 +MAN3+= EVP_hcrypto_rc2_40_cbc.3 +MAN3+= EVP_hcrypto_rc2_64_cbc.3 +MAN3+= EVP_hcrypto_rc2_cbc.3 +MAN3+= EVP_hcrypto_sha1.3 +MAN3+= EVP_hcrypto_sha256.3 +MAN3+= EVP_md2.3 +MAN3+= EVP_md4.3 +MAN3+= EVP_md5.3 +MAN3+= EVP_md_null.3 +MAN3+= EVP_rc2_40_cbc.3 +MAN3+= EVP_rc2_64_cbc.3 +MAN3+= EVP_rc2_cbc.3 +MAN3+= EVP_rc4.3 +MAN3+= EVP_rc4_40.3 +MAN3+= EVP_sha.3 +MAN3+= EVP_sha1.3 +MAN3+= EVP_sha256.3 +MAN3+= EVP_wincrypt_des_ede3_cbc.3 +MAN3+= HDB.3 +MAN3+= OpenSSL_add_all_algorithms.3 +MAN3+= OpenSSL_add_all_algorithms_conf.3 +MAN3+= OpenSSL_add_all_algorithms_noconf.3 +MAN3+= PKCS5_PBKDF2_HMAC_SHA1.3 +MAN3+= RAND_add.3 +MAN3+= RAND_bytes.3 +MAN3+= RAND_cleanup.3 +MAN3+= RAND_file_name.3 +MAN3+= RAND_get_rand_method.3 +MAN3+= RAND_load_file.3 +MAN3+= RAND_pseudo_bytes.3 +MAN3+= RAND_seed.3 +MAN3+= RAND_set_rand_engine.3 +MAN3+= RAND_set_rand_method.3 +MAN3+= RAND_status.3 +MAN3+= RAND_write_file.3 +MAN3+= RSA_free.3 +MAN3+= RSA_get_app_data.3 +MAN3+= RSA_get_method.3 +MAN3+= RSA_new.3 +MAN3+= RSA_new_method.3 +MAN3+= RSA_set_app_data.3 +MAN3+= RSA_set_method.3 +MAN3+= RSA_up_ref.3 +MAN3+= __gss_c_attr_stream_sizes_oid_desc.3 +MAN3+= challange.3 +MAN3+= context.3 +MAN3+= data.3 +MAN3+= dnsdomainname.3 +MAN3+= dnsservername.3 +MAN3+= domain.3 +MAN3+= domainname.3 +MAN3+= ecalloc.3 +MAN3+= emalloc.3 +MAN3+= eread.3 +MAN3+= erealloc.3 +MAN3+= esetenv.3 +MAN3+= estrdup.3 +MAN3+= ewrite.3 +MAN3+= flags.3 MAN3+= getarg.3 MAN3+= gss_accept_sec_context.3 MAN3+= gss_acquire_cred.3 @@ -48,9 +203,11 @@ MAN3+= gss_krb5_get_tkt_flags.3 MAN3+= gss_krb5_import_ccache.3 MAN3+= gss_krb5_import_cred.3 +MAN3+= gss_oid_equal.3 MAN3+= gss_process_context_token.3 MAN3+= gss_release_buffer.3 MAN3+= gss_release_cred.3 +MAN3+= gss_release_iov_buffer.3 MAN3+= gss_release_name.3 MAN3+= gss_release_oid_set.3 MAN3+= gss_seal.3 @@ -58,13 +215,225 @@ MAN3+= gss_test_oid_set_member.3 MAN3+= gss_unseal.3 MAN3+= gss_unwrap.3 +MAN3+= gss_unwrap_iov.3 MAN3+= gss_verify.3 MAN3+= gss_verify_mic.3 MAN3+= gss_wrap.3 +MAN3+= gss_wrap_iov.3 +MAN3+= gss_wrap_iov_length.3 MAN3+= gss_wrap_size_limit.3 MAN3+= gssapi.3 +MAN3+= gssapi_mechs_intro.3 +MAN3+= gssapi_services_intro.3 MAN3+= gsskrb5_extract_authz_data_from_sec_context.3 MAN3+= gsskrb5_register_acceptor_identity.3 +MAN3+= hcrypto_core.3 +MAN3+= hcrypto_des.3 +MAN3+= hcrypto_dh.3 +MAN3+= hcrypto_evp.3 +MAN3+= hcrypto_misc.3 +MAN3+= hcrypto_rand.3 +MAN3+= hcrypto_rsa.3 +MAN3+= hdb__del.3 +MAN3+= hdb__get.3 +MAN3+= hdb__put.3 +MAN3+= hdb_auth_status.3 +MAN3+= hdb_check_constrained_delegation.3 +MAN3+= hdb_check_pkinit_ms_upn_match.3 +MAN3+= hdb_close.3 +MAN3+= hdb_destroy.3 +MAN3+= hdb_fetch.3 +MAN3+= hdb_firstkey.3 +MAN3+= hdb_free.3 +MAN3+= hdb_get_realms.3 +MAN3+= hdb_lock.3 +MAN3+= hdb_name.3 +MAN3+= hdb_nextkey.3 +MAN3+= hdb_open.3 +MAN3+= hdb_password.3 +MAN3+= hdb_remove.3 +MAN3+= hdb_rename.3 +MAN3+= hdb_store.3 +MAN3+= hdb_unlock.3 +MAN3+= heim_ntlm_build_ntlm1_master.3 +MAN3+= heim_ntlm_calculate_ntlm1.3 +MAN3+= heim_ntlm_calculate_ntlm2.3 +MAN3+= heim_ntlm_decode_targetinfo.3 +MAN3+= heim_ntlm_encode_targetinfo.3 +MAN3+= heim_ntlm_encode_type1.3 +MAN3+= heim_ntlm_encode_type2.3 +MAN3+= heim_ntlm_encode_type3.3 +MAN3+= heim_ntlm_free_buf.3 +MAN3+= heim_ntlm_free_targetinfo.3 +MAN3+= heim_ntlm_free_type1.3 +MAN3+= heim_ntlm_free_type2.3 +MAN3+= heim_ntlm_free_type3.3 +MAN3+= heim_ntlm_nt_key.3 +MAN3+= heim_ntlm_ntlmv2_key.3 +MAN3+= heim_ntlm_verify_ntlm2.3 +MAN3+= hostname.3 +MAN3+= hx509.3 +MAN3+= hx509_bitstring_print.3 +MAN3+= hx509_ca.3 +MAN3+= hx509_ca_sign.3 +MAN3+= hx509_ca_sign_self.3 +MAN3+= hx509_ca_tbs_add_crl_dp_uri.3 +MAN3+= hx509_ca_tbs_add_eku.3 +MAN3+= hx509_ca_tbs_add_san_hostname.3 +MAN3+= hx509_ca_tbs_add_san_jid.3 +MAN3+= hx509_ca_tbs_add_san_ms_upn.3 +MAN3+= hx509_ca_tbs_add_san_otherName.3 +MAN3+= hx509_ca_tbs_add_san_pkinit.3 +MAN3+= hx509_ca_tbs_add_san_rfc822name.3 +MAN3+= hx509_ca_tbs_free.3 +MAN3+= hx509_ca_tbs_init.3 +MAN3+= hx509_ca_tbs_set_ca.3 +MAN3+= hx509_ca_tbs_set_domaincontroller.3 +MAN3+= hx509_ca_tbs_set_notAfter.3 +MAN3+= hx509_ca_tbs_set_notAfter_lifetime.3 +MAN3+= hx509_ca_tbs_set_notBefore.3 +MAN3+= hx509_ca_tbs_set_proxy.3 +MAN3+= hx509_ca_tbs_set_serialnumber.3 +MAN3+= hx509_ca_tbs_set_spki.3 +MAN3+= hx509_ca_tbs_set_subject.3 +MAN3+= hx509_ca_tbs_set_template.3 +MAN3+= hx509_ca_tbs_set_unique.3 +MAN3+= hx509_ca_tbs_subject_expand.3 +MAN3+= hx509_ca_tbs_template_units.3 +MAN3+= hx509_cert.3 +MAN3+= hx509_cert_binary.3 +MAN3+= hx509_cert_check_eku.3 +MAN3+= hx509_cert_cmp.3 +MAN3+= hx509_cert_find_subjectAltName_otherName.3 +MAN3+= hx509_cert_free.3 +MAN3+= hx509_cert_get_SPKI.3 +MAN3+= hx509_cert_get_SPKI_AlgorithmIdentifier.3 +MAN3+= hx509_cert_get_attribute.3 +MAN3+= hx509_cert_get_base_subject.3 +MAN3+= hx509_cert_get_friendly_name.3 +MAN3+= hx509_cert_get_issuer.3 +MAN3+= hx509_cert_get_issuer_unique_id.3 +MAN3+= hx509_cert_get_notAfter.3 +MAN3+= hx509_cert_get_notBefore.3 +MAN3+= hx509_cert_get_serialnumber.3 +MAN3+= hx509_cert_get_subject.3 +MAN3+= hx509_cert_get_subject_unique_id.3 +MAN3+= hx509_cert_init.3 +MAN3+= hx509_cert_init_data.3 +MAN3+= hx509_cert_keyusage_print.3 +MAN3+= hx509_cert_ref.3 +MAN3+= hx509_cert_set_friendly_name.3 +MAN3+= hx509_certs_add.3 +MAN3+= hx509_certs_append.3 +MAN3+= hx509_certs_end_seq.3 +MAN3+= hx509_certs_filter.3 +MAN3+= hx509_certs_find.3 +MAN3+= hx509_certs_free.3 +MAN3+= hx509_certs_info.3 +MAN3+= hx509_certs_init.3 +MAN3+= hx509_certs_iter_f.3 +MAN3+= hx509_certs_merge.3 +MAN3+= hx509_certs_next_cert.3 +MAN3+= hx509_certs_start_seq.3 +MAN3+= hx509_certs_store.3 +MAN3+= hx509_ci_print_names.3 +MAN3+= hx509_clear_error_string.3 +MAN3+= hx509_cms.3 +MAN3+= hx509_cms_create_signed_1.3 +MAN3+= hx509_cms_envelope_1.3 +MAN3+= hx509_cms_unenvelope.3 +MAN3+= hx509_cms_unwrap_ContentInfo.3 +MAN3+= hx509_cms_verify_signed.3 +MAN3+= hx509_cms_wrap_ContentInfo.3 +MAN3+= hx509_context_free.3 +MAN3+= hx509_context_init.3 +MAN3+= hx509_context_set_missing_revoke.3 +MAN3+= hx509_crl_add_revoked_certs.3 +MAN3+= hx509_crl_alloc.3 +MAN3+= hx509_crl_free.3 +MAN3+= hx509_crl_lifetime.3 +MAN3+= hx509_crl_sign.3 +MAN3+= hx509_crypto.3 +MAN3+= hx509_env.3 +MAN3+= hx509_env_add.3 +MAN3+= hx509_env_add_binding.3 +MAN3+= hx509_env_find.3 +MAN3+= hx509_env_find_binding.3 +MAN3+= hx509_env_free.3 +MAN3+= hx509_env_lfind.3 +MAN3+= hx509_err.3 +MAN3+= hx509_error.3 +MAN3+= hx509_free_error_string.3 +MAN3+= hx509_free_octet_string_list.3 +MAN3+= hx509_general_name_unparse.3 +MAN3+= hx509_get_error_string.3 +MAN3+= hx509_get_one_cert.3 +MAN3+= hx509_keyset.3 +MAN3+= hx509_lock.3 +MAN3+= hx509_misc.3 +MAN3+= hx509_name.3 +MAN3+= hx509_name_binary.3 +MAN3+= hx509_name_cmp.3 +MAN3+= hx509_name_copy.3 +MAN3+= hx509_name_expand.3 +MAN3+= hx509_name_free.3 +MAN3+= hx509_name_is_null_p.3 +MAN3+= hx509_name_to_Name.3 +MAN3+= hx509_name_to_string.3 +MAN3+= hx509_ocsp_request.3 +MAN3+= hx509_ocsp_verify.3 +MAN3+= hx509_oid_print.3 +MAN3+= hx509_oid_sprint.3 +MAN3+= hx509_parse_name.3 +MAN3+= hx509_peer.3 +MAN3+= hx509_peer_info_add_cms_alg.3 +MAN3+= hx509_peer_info_alloc.3 +MAN3+= hx509_peer_info_free.3 +MAN3+= hx509_peer_info_set_cert.3 +MAN3+= hx509_peer_info_set_cms_algs.3 +MAN3+= hx509_print.3 +MAN3+= hx509_print_cert.3 +MAN3+= hx509_print_stdout.3 +MAN3+= hx509_query.3 +MAN3+= hx509_query_alloc.3 +MAN3+= hx509_query_free.3 +MAN3+= hx509_query_match_cmp_func.3 +MAN3+= hx509_query_match_eku.3 +MAN3+= hx509_query_match_friendly_name.3 +MAN3+= hx509_query_match_issuer_serial.3 +MAN3+= hx509_query_match_option.3 +MAN3+= hx509_query_statistic_file.3 +MAN3+= hx509_query_unparse_stats.3 +MAN3+= hx509_revoke.3 +MAN3+= hx509_revoke_add_crl.3 +MAN3+= hx509_revoke_add_ocsp.3 +MAN3+= hx509_revoke_free.3 +MAN3+= hx509_revoke_init.3 +MAN3+= hx509_revoke_ocsp_print.3 +MAN3+= hx509_revoke_verify.3 +MAN3+= hx509_set_error_string.3 +MAN3+= hx509_set_error_stringv.3 +MAN3+= hx509_unparse_der_name.3 +MAN3+= hx509_validate_cert.3 +MAN3+= hx509_validate_ctx_add_flags.3 +MAN3+= hx509_validate_ctx_free.3 +MAN3+= hx509_validate_ctx_init.3 +MAN3+= hx509_validate_ctx_set_print.3 +MAN3+= hx509_verify.3 +MAN3+= hx509_verify_attach_anchors.3 +MAN3+= hx509_verify_attach_revoke.3 +MAN3+= hx509_verify_ctx_f_allow_default_trustanchors.3 +MAN3+= hx509_verify_destroy_ctx.3 +MAN3+= hx509_verify_hostname.3 +MAN3+= hx509_verify_init_ctx.3 +MAN3+= hx509_verify_path.3 +MAN3+= hx509_verify_set_max_depth.3 +MAN3+= hx509_verify_set_proxy_certificate.3 +MAN3+= hx509_verify_set_strict_rfc3280_verification.3 +MAN3+= hx509_verify_set_time.3 +MAN3+= hx509_verify_signature.3 +MAN3+= hx509_xfree.3 +MAN3+= internalvsmechname.3 MAN3+= k_hasafs_recheck.3 MAN3+= kadm5_add_passwd_quality_verifier.3 MAN3+= kadm5_check_password_quality.3 @@ -79,8 +448,7 @@ MAN3+= krb524_convert_creds_kdc.3 MAN3+= krb524_convert_creds_kdc_ccache.3 MAN3+= krb5_425_conv_principal.3 -MAN3+= krb5_abort.3 -MAN3+= krb5_abortx.3 +MAN3+= krb5_acc_ops.3 MAN3+= krb5_acl_match_file.3 MAN3+= krb5_acl_match_string.3 MAN3+= krb5_add_et_list.3 @@ -90,14 +458,16 @@ MAN3+= krb5_address.3 MAN3+= krb5_address_compare.3 MAN3+= krb5_address_order.3 +MAN3+= krb5_address_prefixlen_boundary.3 MAN3+= krb5_address_search.3 -MAN3+= krb5_addresses.3 MAN3+= krb5_afslog.3 MAN3+= krb5_afslog_uid.3 +MAN3+= krb5_allow_weak_crypto.3 MAN3+= krb5_aname_to_localname.3 MAN3+= krb5_anyaddr.3 MAN3+= krb5_appdefault.3 MAN3+= krb5_append_addresses.3 +MAN3+= krb5_auth.3 MAN3+= krb5_auth_con_addflags.3 MAN3+= krb5_auth_con_generatelocalsubkey.3 MAN3+= krb5_auth_con_getauthenticator.3 @@ -121,16 +491,26 @@ MAN3+= krb5_c_valid_cksumtype.3 MAN3+= krb5_c_valid_enctype.3 MAN3+= krb5_c_verify_checksum.3 +MAN3+= krb5_cc_cache_end_seq_get.3 +MAN3+= krb5_cc_cache_get_first.3 +MAN3+= krb5_cc_cache_match.3 +MAN3+= krb5_cc_cache_next.3 MAN3+= krb5_cc_clear_mcred.3 MAN3+= krb5_cc_close.3 +MAN3+= krb5_cc_copy_creds.3 MAN3+= krb5_cc_copy_cache.3 -MAN3+= krb5_cc_cursor.3 +MAN3+= krb5_cc_copy_match_f.3 MAN3+= krb5_cc_default.3 MAN3+= krb5_cc_default_name.3 MAN3+= krb5_cc_destroy.3 MAN3+= krb5_cc_end_seq_get.3 MAN3+= krb5_cc_gen_new.3 MAN3+= krb5_cc_get_full_name.3 +MAN3+= krb5_cc_get_config.3 +MAN3+= krb5_cc_get_flags.3 +MAN3+= krb5_cc_get_friendly_name.3 +MAN3+= krb5_cc_get_kdc_offset.3 +MAN3+= krb5_cc_get_lifetime.3 MAN3+= krb5_cc_get_name.3 MAN3+= krb5_cc_get_ops.3 MAN3+= krb5_cc_get_prefix_ops.3 @@ -138,47 +518,50 @@ MAN3+= krb5_cc_get_type.3 MAN3+= krb5_cc_get_version.3 MAN3+= krb5_cc_initialize.3 +MAN3+= krb5_cc_last_change_time.3 +MAN3+= krb5_cc_move.3 MAN3+= krb5_cc_new_unique.3 MAN3+= krb5_cc_next_cred.3 -MAN3+= krb5_cc_next_cred_match.3 -MAN3+= krb5_cc_ops.3 MAN3+= krb5_cc_register.3 MAN3+= krb5_cc_remove_cred.3 MAN3+= krb5_cc_resolve.3 MAN3+= krb5_cc_retrieve_cred.3 +MAN3+= krb5_cc_set_config.3 MAN3+= krb5_cc_set_default_name.3 MAN3+= krb5_cc_set_flags.3 +MAN3+= krb5_cc_set_friendly_name.3 +MAN3+= krb5_cc_set_kdc_offset.3 MAN3+= krb5_cc_start_seq_get.3 MAN3+= krb5_cc_store_cred.3 +MAN3+= krb5_cc_support_switch.3 +MAN3+= krb5_cc_switch.3 MAN3+= krb5_ccache.3 +MAN3+= krb5_ccache_intro.3 +MAN3+= krb5_cccol_cursor_free.3 +MAN3+= krb5_cccol_cursor_new.3 +MAN3+= krb5_cccol_cursor_next.3 +MAN3+= krb5_cccol_last_change_time.3 MAN3+= krb5_change_password.3 MAN3+= krb5_check_transited.3 MAN3+= krb5_check_transited_realms.3 MAN3+= krb5_checksum.3 MAN3+= krb5_checksum_disable.3 +MAN3+= krb5_cksumtype_to_enctype.3 MAN3+= krb5_cksumtype_valid.3 -MAN3+= krb5_clear_error_string.3 +MAN3+= krb5_clear_error_message.3 MAN3+= krb5_compare_creds.3 -MAN3+= krb5_config.3 MAN3+= krb5_config_file_free.3 MAN3+= krb5_config_free_strings.3 -MAN3+= krb5_config_get.3 MAN3+= krb5_config_get_bool.3 -MAN3+= krb5_config_get_int.3 MAN3+= krb5_config_get_list.3 -MAN3+= krb5_config_get_next.3 MAN3+= krb5_config_get_string.3 MAN3+= krb5_config_get_strings.3 MAN3+= krb5_config_get_time.3 -MAN3+= krb5_config_parse_file.3 MAN3+= krb5_config_parse_file_multi.3 -MAN3+= krb5_config_vget.3 +MAN3+= krb5_config_parse_string_multi.3 MAN3+= krb5_config_vget_bool.3 MAN3+= krb5_config_vget_bool_default.3 -MAN3+= krb5_config_vget_int.3 -MAN3+= krb5_config_vget_int_default.3 MAN3+= krb5_config_vget_list.3 -MAN3+= krb5_config_vget_next.3 MAN3+= krb5_config_vget_string.3 MAN3+= krb5_config_vget_string_default.3 MAN3+= krb5_config_vget_strings.3 @@ -188,6 +571,7 @@ MAN3+= krb5_copy_address.3 MAN3+= krb5_copy_addresses.3 MAN3+= krb5_copy_checksum.3 +MAN3+= krb5_copy_context.3 MAN3+= krb5_copy_creds.3 MAN3+= krb5_copy_creds_contents.3 MAN3+= krb5_copy_data.3 @@ -197,37 +581,50 @@ MAN3+= krb5_copy_principal.3 MAN3+= krb5_copy_ticket.3 MAN3+= krb5_create_checksum.3 +MAN3+= krb5_create_checksum_iov.3 +MAN3+= krb5_credential.3 MAN3+= krb5_creds.3 +MAN3+= krb5_creds_get_ticket_flags.3 +MAN3+= krb5_crypto.3 +MAN3+= krb5_crypto_fx_cf2.3 MAN3+= krb5_crypto_get_checksum_type.3 MAN3+= krb5_crypto_getblocksize.3 MAN3+= krb5_crypto_getconfoundersize.3 MAN3+= krb5_crypto_getenctype.3 MAN3+= krb5_crypto_getpadsize.3 MAN3+= krb5_crypto_init.3 +MAN3+= krb5_crypto_iov.3 MAN3+= krb5_crypto_overhead.3 -MAN3+= krb5_data.3 MAN3+= krb5_data_alloc.3 MAN3+= krb5_data_cmp.3 MAN3+= krb5_data_copy.3 MAN3+= krb5_data_free.3 MAN3+= krb5_data_realloc.3 MAN3+= krb5_data_zero.3 +MAN3+= krb5_decrypt_iov_ivec.3 MAN3+= krb5_decrypt_ivec.3 MAN3+= krb5_decrypt_ticket.3 +MAN3+= krb5_deprecated.3 MAN3+= krb5_digest.3 +MAN3+= krb5_digest_probe.3 MAN3+= krb5_domain_x500_decode.3 MAN3+= krb5_domain_x500_encode.3 MAN3+= krb5_eai_to_heim_errno.3 MAN3+= krb5_encrypt.3 +MAN3+= krb5_encrypt_iov_ivec.3 MAN3+= krb5_encrypt_ivec.3 MAN3+= krb5_enctype_disable.3 +MAN3+= krb5_enctype_enable.3 MAN3+= krb5_enctype_keysize.3 MAN3+= krb5_enctype_to_string.3 MAN3+= krb5_enctype_valid.3 +MAN3+= krb5_enctypes_compatible_keys.3 +MAN3+= krb5_error.3 MAN3+= krb5_error_from_rd_error.3 MAN3+= krb5_expand_hostname.3 MAN3+= krb5_expand_hostname_realms.3 MAN3+= krb5_fcc_ops.3 +MAN3+= krb5_fileformats.3 MAN3+= krb5_find_padata.3 MAN3+= krb5_format_time.3 MAN3+= krb5_free_address.3 @@ -238,6 +635,7 @@ MAN3+= krb5_free_config_files.3 MAN3+= krb5_free_cred_contents.3 MAN3+= krb5_free_creds.3 +MAN3+= krb5_free_creds_contents.3 MAN3+= krb5_free_data.3 MAN3+= krb5_free_data_contents.3 MAN3+= krb5_free_error.3 @@ -252,23 +650,18 @@ MAN3+= krb5_free_ticket.3 MAN3+= krb5_fwd_tgt_creds.3 MAN3+= krb5_generate_random_block.3 -MAN3+= krb5_generate_random_keyblock.3 -MAN3+= krb5_generate_subkey.3 MAN3+= krb5_generate_subkey_extended.3 MAN3+= krb5_get_all_client_addrs.3 -MAN3+= krb5_get_cred_from_kdc.3 -MAN3+= krb5_get_cred_from_kdc_opt.3 MAN3+= krb5_get_credentials.3 MAN3+= krb5_get_credentials_with_flags.3 MAN3+= krb5_get_creds.3 MAN3+= krb5_get_default_config_files.3 +MAN3+= krb5_get_default_in_tkt_etypes.3 MAN3+= krb5_get_default_principal.3 MAN3+= krb5_get_default_realm.3 MAN3+= krb5_get_default_realms.3 +MAN3+= krb5_get_dns_canonicalize_hostname.3 MAN3+= krb5_get_dns_canonize_hostname.3 -MAN3+= krb5_get_err_text.3 -MAN3+= krb5_get_error_message.3 -MAN3+= krb5_get_error_string.3 MAN3+= krb5_get_extra_addresses.3 MAN3+= krb5_get_fcache_version.3 MAN3+= krb5_get_forwarded_creds.3 @@ -280,10 +673,12 @@ MAN3+= krb5_get_in_tkt_with_password.3 MAN3+= krb5_get_in_tkt_with_skey.3 MAN3+= krb5_get_init_creds.3 +MAN3+= krb5_get_init_creds_keyblock.3 MAN3+= krb5_get_init_creds_keytab.3 MAN3+= krb5_get_init_creds_opt.3 MAN3+= krb5_get_init_creds_opt_alloc.3 MAN3+= krb5_get_init_creds_opt_free.3 +MAN3+= krb5_get_init_creds_opt_get_error.3 MAN3+= krb5_get_init_creds_opt_init.3 MAN3+= krb5_get_init_creds_opt_set_address_list.3 MAN3+= krb5_get_init_creds_opt_set_addressless.3 @@ -309,30 +704,50 @@ MAN3+= krb5_get_renewed_creds.3 MAN3+= krb5_get_server_rcache.3 MAN3+= krb5_get_use_admin_kdc.3 -MAN3+= krb5_get_warn_dest.3 +MAN3+= krb5_get_validated_creds.3 MAN3+= krb5_get_wrapped_length.3 MAN3+= krb5_getportbyname.3 MAN3+= krb5_h_addr2addr.3 MAN3+= krb5_h_addr2sockaddr.3 MAN3+= krb5_h_errno_to_heim_errno.3 -MAN3+= krb5_have_error_string.3 MAN3+= krb5_hmac.3 MAN3+= krb5_init_context.3 MAN3+= krb5_init_ets.3 +MAN3+= krb5_init_creds_free.3 +MAN3+= krb5_init_creds_get.3 +MAN3+= krb5_init_creds_get_error.3 +MAN3+= krb5_init_creds_init.3 +MAN3+= krb5_init_creds_intro.3 +MAN3+= krb5_init_creds_set_keytab.3 +MAN3+= krb5_init_creds_set_password.3 +MAN3+= krb5_init_creds_set_service.3 +MAN3+= krb5_init_creds_step.3 +MAN3+= krb5_init_etype.3 +MAN3+= krb5_introduction.3 +MAN3+= krb5_is_config_principal.3 MAN3+= krb5_is_thread_safe.3 -MAN3+= krb5_keyblock.3 +MAN3+= krb5_kerberos_enctypes.3 MAN3+= krb5_keyblock_get_enctype.3 MAN3+= krb5_keyblock_init.3 MAN3+= krb5_keyblock_zero.3 MAN3+= krb5_keytab.3 +MAN3+= krb5_keytab_intro.3 +MAN3+= krb5_keytab_key_proc.3 +MAN3+= krb5_keytype_to_enctypes.3 +MAN3+= krb5_keytype_to_enctypes_default.3 +MAN3+= krb5_keytype_to_string.3 MAN3+= krb5_krbhst_init.3 MAN3+= krb5_krbhst_init_flags.3 MAN3+= krb5_kt_default_modify_name.3 +MAN3+= krb5_kt_destroy.3 +MAN3+= krb5_kt_get_full_name.3 MAN3+= krb5_kt_get_type.3 MAN3+= krb5_kuserok.3 MAN3+= krb5_make_addrport.3 MAN3+= krb5_max_sockaddr_size.3 MAN3+= krb5_mcc_ops.3 +MAN3+= krb5_mk_priv.3 +MAN3+= krb5_mk_safe.3 MAN3+= krb5_mk_rep.3 MAN3+= krb5_mk_rep_exact.3 MAN3+= krb5_mk_rep_extended.3 @@ -340,6 +755,9 @@ MAN3+= krb5_mk_req_exact.3 MAN3+= krb5_mk_req_extended.3 MAN3+= krb5_openlog.3 +MAN3+= krb5_pac.3 +MAN3+= krb5_pac_get_buffer.3 +MAN3+= krb5_pac_verify.3 MAN3+= krb5_padata_add.3 MAN3+= krb5_parse_address.3 MAN3+= krb5_parse_name.3 @@ -347,6 +765,7 @@ MAN3+= krb5_parse_nametype.3 MAN3+= krb5_passwd_result_to_string.3 MAN3+= krb5_password_key_proc.3 +MAN3+= krb5_plugin_register.3 MAN3+= krb5_prepend_config_files.3 MAN3+= krb5_prepend_config_files_default.3 MAN3+= krb5_princ_realm.3 @@ -354,9 +773,13 @@ MAN3+= krb5_principal.3 MAN3+= krb5_principal_compare.3 MAN3+= krb5_principal_compare_any_realm.3 +MAN3+= krb5_principal_get_num_comp.3 MAN3+= krb5_principal_get_realm.3 MAN3+= krb5_principal_get_type.3 +MAN3+= krb5_principal_intro.3 +MAN3+= krb5_principal_is_krbtgt.3 MAN3+= krb5_principal_match.3 +MAN3+= krb5_principal_set_realm.3 MAN3+= krb5_principal_set_type.3 MAN3+= krb5_print_address.3 MAN3+= krb5_prompt.3 @@ -380,14 +803,23 @@ MAN3+= krb5_rc_store.3 MAN3+= krb5_rcache.3 MAN3+= krb5_rd_error.3 +MAN3+= krb5_rd_priv.3 MAN3+= krb5_rd_rep.3 MAN3+= krb5_rd_req.3 +MAN3+= krb5_rd_req_ctx.3 +MAN3+= krb5_rd_req_in_ctx_alloc.3 +MAN3+= krb5_rd_req_in_set_keytab.3 +MAN3+= krb5_rd_req_in_set_pac_check.3 +MAN3+= krb5_rd_req_out_ctx_free.3 +MAN3+= krb5_rd_req_out_get_server.3 +MAN3+= krb5_rd_safe.3 MAN3+= krb5_rd_req_with_keyblock.3 MAN3+= krb5_realm_compare.3 MAN3+= krb5_ret_address.3 MAN3+= krb5_ret_addrs.3 MAN3+= krb5_ret_authdata.3 MAN3+= krb5_ret_creds.3 +MAN3+= krb5_ret_creds_tag.3 MAN3+= krb5_ret_data.3 MAN3+= krb5_ret_int16.3 MAN3+= krb5_ret_int32.3 @@ -395,19 +827,23 @@ MAN3+= krb5_ret_keyblock.3 MAN3+= krb5_ret_principal.3 MAN3+= krb5_ret_string.3 -MAN3+= krb5_ret_stringnl.3 MAN3+= krb5_ret_stringz.3 MAN3+= krb5_ret_times.3 MAN3+= krb5_ret_uint16.3 MAN3+= krb5_ret_uint32.3 MAN3+= krb5_ret_uint8.3 MAN3+= krb5_set_config_files.3 +MAN3+= krb5_set_default_in_tkt_etypes.3 MAN3+= krb5_set_default_realm.3 +MAN3+= krb5_set_dns_canonicalize_hostname.3 MAN3+= krb5_set_dns_canonize_hostname.3 +MAN3+= krb5_set_error_message.3 MAN3+= krb5_set_error_string.3 MAN3+= krb5_set_extra_addresses.3 MAN3+= krb5_set_fcache_version.3 +MAN3+= krb5_set_home_dir_access.3 MAN3+= krb5_set_ignore_addresses.3 +MAN3+= krb5_set_kdc_sec_offset.3 MAN3+= krb5_set_max_time_skew.3 MAN3+= krb5_set_password.3 MAN3+= krb5_set_password_using_ccache.3 @@ -424,7 +860,9 @@ MAN3+= krb5_storage_from_data.3 MAN3+= krb5_storage_from_fd.3 MAN3+= krb5_storage_from_mem.3 +MAN3+= krb5_storage_from_readonly_mem.3 MAN3+= krb5_storage_get_byteorder.3 +MAN3+= krb5_storage_get_eof_code.3 MAN3+= krb5_storage_is_flags.3 MAN3+= krb5_storage_read.3 MAN3+= krb5_storage_seek.3 @@ -432,11 +870,13 @@ MAN3+= krb5_storage_set_eof_code.3 MAN3+= krb5_storage_set_flags.3 MAN3+= krb5_storage_to_data.3 +MAN3+= krb5_storage_truncate.3 MAN3+= krb5_storage_write.3 MAN3+= krb5_store_address.3 MAN3+= krb5_store_addrs.3 MAN3+= krb5_store_authdata.3 MAN3+= krb5_store_creds.3 +MAN3+= krb5_store_creds_tag.3 MAN3+= krb5_store_data.3 MAN3+= krb5_store_int16.3 MAN3+= krb5_store_int32.3 @@ -444,7 +884,6 @@ MAN3+= krb5_store_keyblock.3 MAN3+= krb5_store_principal.3 MAN3+= krb5_store_string.3 -MAN3+= krb5_store_stringnl.3 MAN3+= krb5_store_stringz.3 MAN3+= krb5_store_times.3 MAN3+= krb5_store_uint16.3 @@ -453,15 +892,18 @@ MAN3+= krb5_string_to_deltat.3 MAN3+= krb5_string_to_enctype.3 MAN3+= krb5_string_to_key.3 +MAN3+= krb5_string_to_keytype.3 MAN3+= krb5_string_to_key_data.3 MAN3+= krb5_string_to_key_data_salt.3 MAN3+= krb5_string_to_key_data_salt_opaque.3 MAN3+= krb5_string_to_key_salt.3 MAN3+= krb5_string_to_key_salt_opaque.3 +MAN3+= krb5_support.3 MAN3+= krb5_ticket.3 MAN3+= krb5_ticket_get_authorization_data_type.3 MAN3+= krb5_ticket_get_client.3 MAN3+= krb5_ticket_get_endtime.3 +MAN3+= krb5_ticket_get_flags.3 MAN3+= krb5_ticket_get_server.3 MAN3+= krb5_timeofday.3 MAN3+= krb5_unparse_name.3 @@ -470,9 +912,9 @@ MAN3+= krb5_unparse_name_fixed_short.3 MAN3+= krb5_unparse_name_flags.3 MAN3+= krb5_unparse_name_short.3 -MAN3+= krb5_vabort.3 -MAN3+= krb5_vabortx.3 +MAN3+= krb5_v4compat.3 MAN3+= krb5_verify_ap_req.3 +MAN3+= krb5_verify_checksum_iov.3 MAN3+= krb5_verify_init_creds.3 MAN3+= krb5_verify_init_creds_opt_init.3 MAN3+= krb5_verify_init_creds_opt_set_ap_req_nofail.3 @@ -486,8 +928,32 @@ MAN3+= krb5_verify_opt_set_service.3 MAN3+= krb5_verify_user.3 MAN3+= krb5_verify_user_opt.3 -MAN3+= krb5_vset_error_string.3 -MAN3+= krb5_warn.3 +MAN3+= length.3 +MAN3+= lm.3 +MAN3+= ntlm.3 +MAN3+= ntlm_buf.3 +MAN3+= ntlm_core.3 +MAN3+= ntlm_targetinfo.3 +MAN3+= ntlm_type1.3 +MAN3+= ntlm_type2.3 +MAN3+= ntlm_type3.3 +MAN3+= os.3 +MAN3+= page_ca.3 +MAN3+= page_cert.3 +MAN3+= page_cms.3 +MAN3+= page_des.3 +MAN3+= page_dh.3 +MAN3+= page_env.3 +MAN3+= page_error.3 +MAN3+= page_evp.3 +MAN3+= page_keyset.3 +MAN3+= page_lock.3 +MAN3+= page_name.3 +MAN3+= page_peer.3 +MAN3+= page_print.3 +MAN3+= page_rand.3 +MAN3+= page_revoke.3 +MAN3+= page_rsa.3 MAN3+= parse_time.3 MAN3+= print_time_table.3 MAN3+= rtbl.3 @@ -505,11 +971,33 @@ MAN3+= rtbl_set_flags.3 MAN3+= rtbl_set_prefix.3 MAN3+= rtbl_set_separator.3 +MAN3+= servername.3 +MAN3+= sessionkey.3 +MAN3+= targetinfo.3 +MAN3+= targetname.3 MAN3+= unparse_time.3 MAN3+= unparse_time_approx.3 +MAN3+= username.3 +MAN3+= wind.3 +MAN3+= wind_profile.3 +MAN3+= wind_punycode_label_toascii.3 +MAN3+= wind_stringprep.3 +MAN3+= wind_ucs2read.3 +MAN3+= wind_ucs2utf8.3 +MAN3+= wind_ucs2utf8_length.3 +MAN3+= wind_ucs2write.3 +MAN3+= wind_ucs4utf8.3 +MAN3+= wind_ucs4utf8_length.3 +MAN3+= wind_utf8ucs2.3 +MAN3+= wind_utf8ucs2_length.3 +MAN3+= wind_utf8ucs4.3 +MAN3+= wind_utf8ucs4_length.3 +MAN3+= ws.3 MAN5+= ftpusers.5 MAN5+= krb5.conf.5 MAN5+= login.access.5 +MAN5+= mech.5 +MAN5+= qop.5 MAN8+= ftpd.8 MAN8+= hprop.8 MAN8+= hpropd.8 @@ -519,10 +1007,14 @@ MAN8+= ipropd-slave.8 MAN8+= kadmin.8 MAN8+= kadmind.8 +.if !defined(WITHOUT_KCM) MAN8+= kcm.8 +.endif MAN8+= kdc.8 +MAN8+= kdigest.8 MAN8+= kerberos.8 MAN8+= kfd.8 +MAN8+= kimpersonate.8 MAN8+= kpasswdd.8 MAN8+= kstash.8 MAN8+= ktutil.8 Index: distinfo =================================================================== RCS file: /home/ncvs/ports/security/heimdal/distinfo,v retrieving revision 1.28 diff -u -r1.28 distinfo --- distinfo 27 Sep 2007 00:16:01 -0000 1.28 +++ distinfo 16 Oct 2010 15:24:54 -0000 @@ -1,6 +1,3 @@ -MD5 (heimdal-1.0.1.tar.gz) = 498e24f52b4f2e658e31f728a1279769 -SHA256 (heimdal-1.0.1.tar.gz) = b46222d18d52eb0b2f6e0959b4a047a4f4d992600a8d0fbe2f834c6c7fc54cc2 -SIZE (heimdal-1.0.1.tar.gz) = 3398032 -MD5 (heimdal-0.7.2-setuid-patch.txt) = b4413b9b8be35c87bf4b2f314047946c -SHA256 (heimdal-0.7.2-setuid-patch.txt) = 5609bb6c97c7a0863881613ae985838b2dcdbaf5fc254dd890b2babfd39404e8 -SIZE (heimdal-0.7.2-setuid-patch.txt) = 7357 +MD5 (heimdal-1.4.tar.gz) = 31d08bbf47a77827fe97ef3f52b4c9c4 +SHA256 (heimdal-1.4.tar.gz) = c7729b946fffa9716a9a6f78b9d08115cba2da9b76afc477498b50396e3b7f6a +SIZE (heimdal-1.4.tar.gz) = 6095377 Index: pkg-plist =================================================================== RCS file: /home/ncvs/ports/security/heimdal/pkg-plist,v retrieving revision 1.35 diff -u -r1.35 pkg-plist --- pkg-plist 12 Nov 2007 23:27:08 -0000 1.35 +++ pkg-plist 16 Oct 2010 15:24:54 -0000 @@ -1,8 +1,8 @@ -bin/mk_cmds bin/afslog bin/ftp bin/gss bin/hxtool +bin/idn-lookup bin/kauth bin/kdestroy bin/kf @@ -11,6 +11,7 @@ bin/klist bin/kpasswd bin/krb5-config +bin/kswitch bin/login bin/otp bin/otpprint @@ -23,17 +24,20 @@ bin/telnet bin/verify_krb5_conf etc/rc.d/kdc.sh.sample +include/asn1-common.h include/asn1_err.h include/base64.h include/cms_asn1.h +include/crmf_asn1.h +include/der-private.h include/der-protos.h include/der.h include/digest_asn1.h -include/editline.h include/getarg.h include/gssapi.h include/gssapi/gkrb5_err.h include/gssapi/gssapi.h +include/gssapi/gssapi_ntlm.h include/gssapi/gssapi_krb5.h include/gssapi/gssapi_spnego.h %%HCRYPTO%%include/hcrypto/aes.h @@ -59,6 +63,7 @@ include/hdb_asn1.h include/hdb_err.h include/heim_asn1.h +include/heim-ipc.h include/heim_err.h include/heimntlm-protos.h include/heimntlm.h @@ -70,6 +75,7 @@ include/kadm5/admin.h include/kadm5/kadm5-private.h include/kadm5/kadm5-protos.h +include/kadm5/kadm5-pwcheck.h include/kadm5/kadm5_err.h include/kadm5/private.h include/kafs.h @@ -80,15 +86,18 @@ include/krb5-types.h include/krb5.h include/krb5/locate_plugin.h +include/krb5/send_to_kdc_plugin.h include/krb5/windc_plugin.h include/krb5_asn1.h include/krb5_ccapi.h include/krb5_err.h include/kx509_asn1.h +include/ocsp_asn1.h include/otp.h include/parse_bytes.h include/parse_time.h include/parse_units.h +include/pkcs10_asn1.h include/pkcs12_asn1.h include/pkcs8_asn1.h include/pkcs9_asn1.h @@ -99,16 +108,13 @@ include/roken.h include/rtbl.h include/sl.h -include/ss/ss.h +include/wind.h +include/wind_err.h include/xdbm.h lib/libasn1.a lib/libasn1.la lib/libasn1.so lib/libasn1.so.8 -lib/libeditline.a -lib/libeditline.la -lib/libeditline.so -lib/libeditline.so.0 lib/libgssapi.a lib/libgssapi.la lib/libgssapi.so @@ -117,6 +123,10 @@ %%HCRYPTO%%lib/libhcrypto.la %%HCRYPTO%%lib/libhcrypto.so %%HCRYPTO%%lib/libhcrypto.so.5 +%%SQLITE%%lib/libheimsqlite.a +%%SQLITE%%lib/libheimsqlite.la +%%SQLITE%%lib/libheimsqlite.so +%%SQLITE%%lib/libheimsqlite.so.0 lib/libhdb.a lib/libhdb.la lib/libhdb.so @@ -128,7 +138,7 @@ lib/libhx509.a lib/libhx509.la lib/libhx509.so -lib/libhx509.so.2 +lib/libhx509.so.5 lib/libkadm5clnt.a lib/libkadm5clnt.la lib/libkadm5clnt.so @@ -148,7 +158,7 @@ lib/libkrb5.a lib/libkrb5.la lib/libkrb5.so -lib/libkrb5.so.23 +lib/libkrb5.so.26 lib/libotp.a lib/libotp.la lib/libotp.so @@ -161,21 +171,26 @@ lib/libsl.la lib/libsl.so lib/libsl.so.2 -lib/libss.a -lib/libss.la -lib/libss.so -lib/libss.so.1 +lib/libwind.a +lib/libwind.la +lib/libwind.so +lib/libwind.so.0 lib/windc.a lib/windc.la lib/windc.so lib/windc.so.0 +libdata/pkgconfig/heimdal-gssapi.pc +libexec/digest-service libexec/ftpd +libexec/heimdal/asn1_compile +libexec/heimdal/asn1_print +libexec/heimdal/slc libexec/hprop libexec/hpropd libexec/ipropd-master libexec/ipropd-slave libexec/kadmind -libexec/kcm +%%KCM%%libexec/kcm libexec/kdc libexec/kdigest libexec/kfd @@ -189,9 +204,9 @@ sbin/kadmin sbin/kstash sbin/ktutil -@dirrm include/ss @dirrm include/krb5 @dirrm include/kadm5 %%HCRYPTO%%@dirrm include/hcrypto @dirrm include/gssapi @dirrm include/roken +@dirrm libexec/heimdal Index: pkg-plist.com_err =================================================================== RCS file: /home/ncvs/ports/security/heimdal/pkg-plist.com_err,v retrieving revision 1.1 diff -u -r1.1 pkg-plist.com_err --- pkg-plist.com_err 12 Apr 2004 18:03:31 -0000 1.1 +++ pkg-plist.com_err 16 Oct 2010 15:24:54 -0000 @@ -2,5 +2,6 @@ include/com_err.h include/com_right.h lib/libcom_err.a +lib/libcom_err.la lib/libcom_err.so lib/libcom_err.so.2 Index: files/kpasswdd-cracklib.c.in =================================================================== RCS file: /home/ncvs/ports/security/heimdal/files/kpasswdd-cracklib.c.in,v retrieving revision 1.3 diff -u -r1.3 kpasswdd-cracklib.c.in --- files/kpasswdd-cracklib.c.in 29 Oct 2007 13:31:06 -0000 1.3 +++ files/kpasswdd-cracklib.c.in 16 Oct 2010 15:24:54 -0000 @@ -1,4 +1,5 @@ #include <stdlib.h> +#include <string.h> #include <krb5.h> #include <packer.h> Index: files/lib__otp__version-script.map =================================================================== RCS file: files/lib__otp__version-script.map diff -N files/lib__otp__version-script.map --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/lib__otp__version-script.map 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,25 @@ +HEIMDAL_OTP_1.0 { + global: + otp_challenge; + otp_checksum; + otp_db_close; + otp_db_open; + otp_delete; + otp_error; + otp_find_alg; + otp_get; + otp_parse; + otp_parse_altdict; + otp_parse_hex; + otp_parse_stddict; + otp_print_hex; + otp_print_hex_extended; + otp_print_stddict; + otp_print_stddict_extended; + otp_put; + otp_simple_get; + otp_verify_user; + otp_verify_user_1; + local: + *; +}; Index: files/patch-kcm_connect.c =================================================================== RCS file: files/patch-kcm_connect.c diff -N files/patch-kcm_connect.c --- files/patch-kcm_connect.c 11 Mar 2010 07:49:46 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,14 +0,0 @@ - -$FreeBSD: ports/security/heimdal/files/patch-kcm_connect.c,v 1.1 2010/03/11 07:49:46 brooks Exp $ - ---- kcm/connect.c.orig -+++ kcm/connect.c -@@ -149,7 +149,7 @@ - struct sockcred *sc; - - memset(&msg, 0, sizeof(msg)); -- crmsgsize = CMSG_SPACE(SOCKCREDSIZE(NGROUPS)); -+ crmsgsize = CMSG_SPACE(SOCKCREDSIZE(CMGROUP_MAX)); - if (crmsgsize == 0) - return 1 ; - Index: files/patch-kdc__524.c =================================================================== RCS file: files/patch-kdc__524.c diff -N files/patch-kdc__524.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-kdc__524.c 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,16 @@ +--- kdc/524.c.orig 2010-10-15 14:18:24.000000000 +0200 ++++ kdc/524.c 2010-10-15 14:19:43.000000000 +0200 +@@ -33,6 +33,8 @@ + + #include "kdc_locl.h" + ++#ifdef KRB4 ++ + #include <krb5-v4compat.h> + + /* +@@ -394,3 +396,4 @@ + _kdc_free_ent (context, server); + return ret; + } ++#endif /* KRB4 */ Index: files/patch-kdc__config.c =================================================================== RCS file: files/patch-kdc__config.c diff -N files/patch-kdc__config.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-kdc__config.c 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,28 @@ +--- kdc/config.c.orig 2010-10-16 15:50:27.000000000 +0200 ++++ kdc/config.c 2010-10-16 15:51:28.000000000 +0200 +@@ -333,6 +333,7 @@ + + krb5_kdc_windc_init(context); + ++#ifdef PKINIT + #ifdef __APPLE__ + config->enable_pkinit = 1; + +@@ -345,7 +346,7 @@ + if (config->pkinit_kdc_anchors == NULL) + config->pkinit_kdc_anchors = strdup("KEYCHAIN:"); + +-#endif ++#endif /* __APPLE__ */ + + if (config->enable_pkinit) { + if (config->pkinit_kdc_identity == NULL) +@@ -361,6 +362,8 @@ + config->pkinit_kdc_revoke); + + } ++ ++#endif /* PKINIT */ + + return config; + } Index: files/patch-kdc__kdc-replay.c =================================================================== RCS file: files/patch-kdc__kdc-replay.c diff -N files/patch-kdc__kdc-replay.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-kdc__kdc-replay.c 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,18 @@ +--- kdc/kdc-replay.c.orig 2010-10-16 16:43:39.000000000 +0200 ++++ kdc/kdc-replay.c 2010-10-16 16:45:24.000000000 +0200 +@@ -86,6 +86,7 @@ + if (ret) + krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); + ++#ifdef PKINIT + if (config->enable_pkinit) { + if (config->pkinit_kdc_identity == NULL) + krb5_errx(context, 1, "pkinit enabled but no identity"); +@@ -100,6 +101,7 @@ + config->pkinit_kdc_revoke); + + } ++#endif /* PKINIT */ + + if (argc != 2) + errx(1, "argc != 2"); Index: files/patch-kdc__v4_dump.c =================================================================== RCS file: files/patch-kdc__v4_dump.c diff -N files/patch-kdc__v4_dump.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-kdc__v4_dump.c 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,16 @@ +--- kdc/v4_dump.c.orig 2010-10-15 14:18:38.000000000 +0200 ++++ kdc/v4_dump.c 2010-10-15 14:20:11.000000000 +0200 +@@ -33,6 +33,8 @@ + + #include "hprop.h" + ++#ifdef KRB4 ++ + static time_t + time_parse(const char *cp) + { +@@ -139,3 +141,4 @@ + fclose(f); + return 0; + } ++#endif /* KRB4 */ Index: files/patch-lib__hdb__Makefile.in =================================================================== RCS file: files/patch-lib__hdb__Makefile.in diff -N files/patch-lib__hdb__Makefile.in --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-lib__hdb__Makefile.in 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,19 @@ +--- lib/hdb/Makefile.in.orig 2010-10-15 20:43:32.000000000 +0200 ++++ lib/hdb/Makefile.in 2010-10-15 20:44:22.000000000 +0200 +@@ -424,7 +424,7 @@ + SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 + DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include + AM_CPPFLAGS = $(INCLUDES_roken) -I../asn1 -I$(srcdir)/../asn1 \ +- $(INCLUDE_hcrypto) $(INCLUDE_openldap) \ ++ $(INCLUDE_hcrypto) $(INCLUDE_openldap) $(INCLUDE_libintl) \ + -DHDB_DB_DIR=\"$(DIR_hdbdir)\" -I$(srcdir)/../krb5 \ + $(INCLUDE_sqlite3) $(am__append_1) + @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +@@ -475,6 +475,7 @@ + + LDADD = libhdb.la \ + $(LIB_openldap) \ ++ $(LIB_libintl) \ + ../krb5/libkrb5.la \ + ../asn1/libasn1.la \ + $(LIB_hcrypto) \ Index: files/patch-lib__hdb__hdb-ldap.c =================================================================== RCS file: files/patch-lib__hdb__hdb-ldap.c diff -N files/patch-lib__hdb__hdb-ldap.c --- files/patch-lib__hdb__hdb-ldap.c 2 Sep 2009 03:27:29 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,11 +0,0 @@ ---- lib/hdb/hdb-ldap.c 2008-10-12 01:15:38.000000000 +0000 -+++ lib/hdb/hdb-ldap.c 2008-10-12 01:15:55.000000000 +0000 -@@ -222,7 +222,7 @@ - - (*modlist)[cMods]->mod_bvalues = bv; - -- bv[i] = ber_memalloc(sizeof(*bv));; -+ bv[i] = ber_memalloc(sizeof(**bv));; - if (bv[i] == NULL) - return ENOMEM; - Index: files/patch-lib__krb5__name-45-test.c =================================================================== RCS file: files/patch-lib__krb5__name-45-test.c diff -N files/patch-lib__krb5__name-45-test.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-lib__krb5__name-45-test.c 16 Oct 2010 15:24:54 -0000 @@ -0,0 +1,21 @@ +--- lib/krb5/name-45-test.c.orig 2010-10-15 14:18:52.000000000 +0200 ++++ lib/krb5/name-45-test.c 2010-10-15 14:21:45.000000000 +0200 +@@ -35,6 +35,8 @@ + #include "krb5_locl.h" + #include <err.h> + ++#ifdef KRB4 ++ + enum { MAX_COMPONENTS = 3 }; + + static struct testcase { +@@ -292,3 +294,9 @@ + } + return val; + } ++ ++#else /* stub for !KRB4 */ ++int main(int argc, char *argv[]) { ++ return 77; ++} +++#endif --- security__heimdal.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201010161635.o9GGZpfj066615>