svn commit: r425994 - in head: . security/heimdal security/heimdal/files
Hiroki Sato
hrs at FreeBSD.org
Sat Nov 12 21:22:49 UTC 2016
Author: hrs
Date: Sat Nov 12 21:22:47 2016
New Revision: 425994
URL: https://svnweb.freebsd.org/changeset/ports/425994
Log:
- Fix Berkeley DB dependency. It now properly uses BDB_LIB specified in
Mk/Uses/bdb.mk instead of db185 interfaces in libc.
As a side-effect, this causes a compatibility issue between
heimdal.db created by kadmin(8) in the base system or one by
an older security/heimdal. See UPDATING about this issue.
- Fix readline dependency end eliminate libheimedit.
- Use -lpthread instead of -pthread.
- Use FOO_CONFIGURE_WITH=foo instead of FOO_CONFIGURE_ON=--with-foo.
Added:
head/security/heimdal/pkg-message (contents, props changed)
Deleted:
head/security/heimdal/files/patch-cf__db.m4
Modified:
head/UPDATING
head/security/heimdal/Makefile
head/security/heimdal/files/patch-configure
head/security/heimdal/pkg-plist
Modified: head/UPDATING
==============================================================================
--- head/UPDATING Sat Nov 12 20:51:11 2016 (r425993)
+++ head/UPDATING Sat Nov 12 21:22:47 2016 (r425994)
@@ -5,6 +5,66 @@ they are unavoidable.
You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.
+20161112:
+ AFFECTS: users of security/heimdal
+ AUTHOR: hrs at FreeBSD.org
+
+ Heimdal in the base system and security/heimdal <= 1.5.3_6 use
+ Berkeley DB to store principals into /var/heimdal/heimdal.db and
+ the database format is version 3 by default. On the other hand,
+ security/heimdal 1.5.3_7 or newer use the newer version of
+ Berkeley DB and the database format is version 9.
+ These two versions are not compatible with each other. If there is
+ a mismatch between Heimdal utilities and its database format,
+ you will get an error like the following:
+
+ # /usr/local/sbin/kadmin -l dump
+ BDB0641 __db_meta_setup: /var/heimdal/heimdal.db: unexpected file type or format
+ kadmin: hdb_open: opening /var/heimdal/heimdal: Invalid argument
+
+ This mismatch can occur in the following three cases:
+
+ 1. You used Heimdal in the base system and switch to use security/heimdal
+ after creating /var/db/heimdal.db.
+
+ 2. You used security/heimdal >= 1.5.3_7 and switch to use one in the
+ base system.
+
+ 3. You used security/heimdal < 1.5.3_7 and upgrade it to 1.5.3_7 or later.
+
+ To fix this mismatch, you need to dump contents of heimdal.db and
+ rebuild the database by using kadmin(8) utility.
+
+ If you use Heimdal in the base system or older versions of
+ security/heimdal, and plan to switch to use
+ security/heimdal >= 1.5.3_7, execute the following command
+ *after* creating a backup copy of /var/heimdal and installing
+ security/heimdal:
+
+ # /usr/bin/kadmin -l dump /var/heimdal/heimdal.db.dump
+ # rm /var/heimdal/heimdal.db
+ # /usr/local/sbin/kadmin -l load /var/heimdal/heimdal.db.dump
+ # rm /var/heimdal/heimdal.db.dump
+
+ The above example assumes security/heimdal is installed into
+ /usr/local. If your base system is compiled with WITHOUT_KERBEROS
+ use the following instead:
+
+ # db_dump185-5 /var/heimdal/heimdal.db | db_load-5 /var/heimdal/heimdal.db.new
+ # chown 0600 /var/heimdal/heimdal.db.new
+ # mv /var/heimdal/heimdal.db.new /var/heimdal/heimdal.db
+
+ db_dump and db_load utilitites are installed by database/db5 as
+ dependency of security/heimdal.
+
+ If you want to switch from security/heimdal to Heimdal in the base
+ system, use the following:
+
+ # /usr/local/sbin/kadmin -l dump /var/heimdal/heimdal.db.dump
+ # rm /var/heimdal/heimdal.db
+ # /usr/bin/kadmin -l load /var/heimdal/heimdal.db.dump
+ # rm /var/heimdal/heimdal.db.dump
+
20161105:
AFFECTS: users of security/heimdal
AUTHOR: hrs at FreeBSD.org
Modified: head/security/heimdal/Makefile
==============================================================================
--- head/security/heimdal/Makefile Sat Nov 12 20:51:11 2016 (r425993)
+++ head/security/heimdal/Makefile Sat Nov 12 21:22:47 2016 (r425994)
@@ -3,7 +3,7 @@
PORTNAME= heimdal
PORTVERSION= 1.5.3
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= security ipv6
MASTER_SITES= http://www.h5l.org/dist/src/ \
http://ftp.pdc.kth.se/pub/heimdal/src/ \
@@ -25,6 +25,11 @@ USE_LDCONFIG= ${GSSAPILIBDIR}
GNU_CONFIGURE= yes
INSTALL_TARGET= install-strip
CONFIGURE_ENV= ac_cv_header_fnmatch_h=yes \
+ ac_cv_header_db_h=no \
+ ac_cv_header_db3_db_h=no \
+ ac_cv_header_db4_db_h=no \
+ ac_cv_header_db5_db_h=no \
+ ac_cv_header_db5_h=no \
ac_cv_prog_COMPILE_ET=${WRKSRC}/lib/com_err/compile_et
CONFIGURE_ARGS= --with-libintl \
--with-libintl-include="${LOCALBASE}/include" \
@@ -37,13 +42,14 @@ CONFIGURE_ARGS= --with-libintl \
--with-openssl-lib="${OPENSSLLIB}" \
--enable-otp \
--enable-pthread-support \
+ --with-readline="${LOCALBASE}" \
--with-hdbdir="/var/${PORTNAME}" \
--sysconfdir="${PREFIX}/etc"
+# XXX --with-readline picks up libreadline even if found in /usr/lib.
MAKE_ENV= INSTALL_CATPAGES=no
.if !exists(/etc/rc.d/ipropd_master)
USE_RC_SUBR= ipropd_master ipropd_slave
.endif
-
INFO= heimdal hx509
MAKE_JOBS_UNSAFE= yes
@@ -55,22 +61,24 @@ OPTIONS_SUB= yes
IPV6_CONFIGURE_WITH= ipv6
BDB_DESC= Enable BerkeleyDB KDC backend support
-BDB_CONFIGURE_ON= --with-berkeley-db
-BDB_CONFIGURE_OFF= --without-berkeley-db
+BDB_USES= bdb:5 localbase
+BDB_CONFIGURE_WITH= berkeley-db
+BDB_CONFIGURE_ENV= ac_cv_header_db${BDB_VER}_db_h=yes \
+ ac_cv_func_db_create=yes \
+ ac_cv_funclib_db_create="-l${BDB_LIB_NAME}"
+BDB_CONFIGURE_ON= --disable-ndbm-db
SQLITE_DESC= Enable SQLite KDC backend support
SQLITE_USES= sqlite
-SQLITE_CONFIGURE_ON= --with-sqlite3 \
- --with-sqlite3-include="${LOCALBASE}/include" \
+SQLITE_CONFIGURE_ON= --with-sqlite3-include="${LOCALBASE}/include" \
--with-sqlite3-lib="${LOCALBASE}/lib"
-SQLITE_CONFIGURE_OFF= --without-sqlite3
+SQLITE_CONFIGURE_WITH= sqlite3
LDAP_DESC= Enable OpenLDAP KDC backend support
LDAP_USE= OPENLDAP=yes
-LDAP_CONFIGURE_ON= --with-openldap \
- --with-openldap-include="${LOCALBASE}/include" \
+LDAP_CONFIGURE_ON= --with-openldap-include="${LOCALBASE}/include" \
--with-openldap-lib="${LOCALBASE}/lib"
-LDAP_CONFIGURE_OFF= --without-openldap
+LDAP_CONFIGURE_WITH= openldap
PKINIT_DESC= Enable PK-INIT support
PKINIT_CONFIGURE_ENABLE=pk-init
Modified: head/security/heimdal/files/patch-configure
==============================================================================
--- head/security/heimdal/files/patch-configure Sat Nov 12 20:51:11 2016 (r425993)
+++ head/security/heimdal/files/patch-configure Sat Nov 12 21:22:47 2016 (r425994)
@@ -1,6 +1,15 @@
---- configure.orig 2012-12-09 22:09:32 UTC
-+++ configure
-@@ -9567,29 +9567,6 @@ fi
+--- configure.orig 2012-12-10 07:09:32.000000000 +0900
++++ configure 2016-11-13 03:23:46.814899000 +0900
+@@ -8869,7 +8869,7 @@
+ hardcode_minus_L=no
+ hardcode_shlibpath_var=unsupported
+ inherit_rpath=no
+- link_all_deplibs=unknown
++ link_all_deplibs=no
+ module_cmds=
+ module_expsym_cmds=
+ old_archive_from_new_cmds=
+@@ -9567,29 +9567,6 @@
hardcode_shlibpath_var=no
;;
@@ -30,7 +39,7 @@
# FreeBSD 3 and greater uses gcc -shared to do shared libraries.
freebsd* | dragonfly*)
archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
-@@ -10561,10 +10538,6 @@ dgux*)
+@@ -10561,10 +10538,6 @@
shlibpath_var=LD_LIBRARY_PATH
;;
@@ -41,7 +50,7 @@
freebsd* | dragonfly*)
# DragonFly does not have aout. When/if they implement a new
# versioning mechanism, adjust this.
-@@ -10572,7 +10545,6 @@ freebsd* | dragonfly*)
+@@ -10572,7 +10545,6 @@
objformat=`/usr/bin/objformat`
else
case $host_os in
@@ -49,7 +58,7 @@
*) objformat=elf ;;
esac
fi
-@@ -10590,18 +10562,6 @@ freebsd* | dragonfly*)
+@@ -10590,18 +10562,6 @@
esac
shlibpath_var=LD_LIBRARY_PATH
case $host_os in
@@ -68,26 +77,37 @@
*) # from 4.6 on, and DragonFly
shlibpath_overrides_runpath=yes
hardcode_into_libs=yes
-@@ -14227,7 +14187,7 @@ case "$host" in
+@@ -11661,7 +11621,7 @@
+ old_striplib=
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5
+ $as_echo_n "checking whether stripping libraries is possible... " >&6; }
+-if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
++if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "strip" >/dev/null; then
+ test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+ test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+@@ -14227,9 +14187,9 @@
native_pthread_support="netbsd 3 uses explict pthread"
PTHREAD_LIBADD="-lpthread"
;;
-*-*-freebsd[56789]*)
+*-*-freebsd*)
native_pthread_support=yes
- PTHREAD_LIBADD="-pthread"
+- PTHREAD_LIBADD="-pthread"
++ PTHREAD_LIBADD="-lpthread"
;;
-@@ -14393,9 +14353,6 @@ done
-
- else
- for ac_header in \
-- db5/db.h \
-- db4/db.h \
-- db3/db.h \
- db.h \
+ *-*-openbsd*)
+ native_pthread_support=yes
+@@ -14488,7 +14448,7 @@
+ fi
+ # db_create
+ eval "ac_tr_func=HAVE_`echo db_create | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
++eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//;s/[-.]/_/g' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+ eval "LIB_db_create=$ac_res"
- do :
-@@ -28245,7 +28202,7 @@ fi
+ case "$ac_res" in
+@@ -28245,7 +28205,7 @@
krb_cv_compile_et="no"
krb_cv_com_err_need_r=""
Added: head/security/heimdal/pkg-message
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/heimdal/pkg-message Sat Nov 12 21:22:47 2016 (r425994)
@@ -0,0 +1,7 @@
+====
+heimdal-1.5.3_7 uses a new database format which is incompatible
+with Heimdal in the base system and heimdal-1.5.3_6 or prior.
+
+Please read 20161112 in /usr/ports/UPDATING carefully to upgrade
+your database.
+====
Modified: head/security/heimdal/pkg-plist
==============================================================================
--- head/security/heimdal/pkg-plist Sat Nov 12 20:51:11 2016 (r425993)
+++ head/security/heimdal/pkg-plist Sat Nov 12 21:22:47 2016 (r425994)
@@ -124,10 +124,6 @@ lib/heimdal/libheimbase.a
lib/heimdal/libheimbase.so
lib/heimdal/libheimbase.so.1
lib/heimdal/libheimbase.so.1.0.0
-lib/heimdal/libheimedit.a
-lib/heimdal/libheimedit.so
-lib/heimdal/libheimedit.so.0
-lib/heimdal/libheimedit.so.0.0.36
lib/heimdal/libheimntlm.a
lib/heimdal/libheimntlm.so
lib/heimdal/libheimntlm.so.0
More information about the svn-ports-head
mailing list