Re:
- Reply: Cy Schubert : "MIT KRB5"
- In reply to: Cy Schubert : "No subject"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 02 Jun 2025 02:48:28 UTC
On 6/1/25 21:50, Cy Schubert wrote: > Hi arch@, > > I'm preparing a number of MIT KRB5 commits. Some will be reviewed, others not. > The commits I am planning are: > > 1. Import pam-krb5 (MIT compatible pam_krb5) from vendor branch. No phabricator > review will be requested. > > 2. Import MIT KRB5 from vendor branch. No phabricator review will be requested. > > 3. Four patches to MIT KRB5 to allow it to build under FreeBSD. No review. > > 4. Hook MIT KRB5 and pam-krb5 into the build. I will request a phabricator review > of this. It includes the following files: > > modified: Makefile.inc1 > modified: Makefile.libcompat > modified: crypto/krb5/src/lib/krb5/ccache/t_stdio.c > modified: crypto/krb5/src/lib/krb5/os/localaddr.c > modified: crypto/krb5/src/util/ss/listen.c > modified: crypto/krb5/src/util/ss/ss_internal.h > modified: crypto/openssh/krb5_config.h > modified: etc/Makefile > new file: etc/gss-mit/Makefile > new file: etc/gss-mit/mech > new file: etc/gss-mit/qop > modified: etc/mtree/BSD.include.dist > modified: etc/mtree/BSD.usr.dist > new file: krb5/Makefile > new file: krb5/Makefile.et > new file: krb5/Makefile.inc > new file: krb5/README > new file: krb5/include/Makefile > new file: krb5/include/Makefile.inc > new file: krb5/include/autoconf.h > new file: krb5/include/gssapi/Makefile > new file: krb5/include/gssrpc/Makefile > new file: krb5/include/gssrpc/types.h > new file: krb5/include/krb5/Makefile > new file: krb5/include/krb5_private/Makefile > new file: krb5/include/osconf.h > new file: krb5/lib/Makefile > new file: krb5/lib/Makefile.inc > new file: krb5/lib/apputils/Makefile > new file: krb5/lib/crypto/Makefile > new file: krb5/lib/crypto/builtin/Makefile.inc > new file: krb5/lib/crypto/builtin/aes/Makefile.inc > new file: krb5/lib/crypto/builtin/camellia/Makefile.inc > new file: krb5/lib/crypto/builtin/des/Makefile.inc > new file: krb5/lib/crypto/builtin/enc_provider/Makefile.inc > new file: krb5/lib/crypto/builtin/hash_provider/Makefile.inc > new file: krb5/lib/crypto/builtin/md4/Makefile.inc > new file: krb5/lib/crypto/builtin/md5/Makefile.inc > new file: krb5/lib/crypto/builtin/sha1/Makefile.inc > new file: krb5/lib/crypto/builtin/sha2/Makefile.inc > new file: krb5/lib/crypto/krb/Makefile.inc > new file: krb5/lib/crypto/openssl/Makefile.inc > new file: krb5/lib/crypto/openssl/des/Makefile.inc > new file: krb5/lib/crypto/openssl/enc_provider/Makefile.inc > new file: krb5/lib/crypto/openssl/hash_provider/Makefile.inc > new file: krb5/lib/gssapi/Makefile > new file: krb5/lib/gssapi/errmap.h > new file: krb5/lib/gssapi/error_map.h > new file: krb5/lib/gssapi/generic/Makefile.et > new file: krb5/lib/gssapi/generic/Makefile.inc > new file: krb5/lib/gssapi/krb5/Makefile.et > new file: krb5/lib/gssapi/krb5/Makefile.inc > new file: krb5/lib/gssapi/mechglue/Makefile.inc > new file: krb5/lib/gssapi/spnego/Makefile.inc > new file: krb5/lib/kadm5clnt/Makefile > new file: krb5/lib/kadm5clnt/clnt/Makefile.inc > new file: krb5/lib/kadm5srv/Makefile > new file: krb5/lib/kadm5srv/srv/Makefile.inc > new file: krb5/lib/kadmin_common/Makefile > new file: krb5/lib/kdb/Makefile > new file: krb5/lib/kprop_util/Makefile > new file: krb5/lib/krad/Makefile > new file: krb5/lib/krb5/Makefile > new file: krb5/lib/krb5/asn.1/Makefile.inc > new file: krb5/lib/krb5/ccache/Makefile.inc > new file: krb5/lib/krb5/docs/Makefile.inc > new file: krb5/lib/krb5/error_tables/Makefile.inc > new file: krb5/lib/krb5/keytab/Makefile.inc > new file: krb5/lib/krb5/krb/Makefile.inc > new file: krb5/lib/krb5/os/Makefile.inc > new file: krb5/lib/krb5/rcache/Makefile.inc > new file: krb5/lib/krb5/unicode/Makefile.inc > new file: krb5/lib/rpc/Makefile > new file: krb5/libexec/Makefile > new file: krb5/libexec/Makefile.inc > new file: krb5/libexec/kadmind/Makefile > new file: krb5/libexec/kdc/Makefile > new file: krb5/libexec/kprop/Makefile > new file: krb5/libexec/kpropd/Makefile > new file: krb5/libexec/kproplog/Makefile > new file: krb5/plugins/Makefile > new file: krb5/plugins/Makefile.inc > new file: krb5/plugins/audit/Makefile > new file: krb5/plugins/k5tls/Makefile > new file: krb5/plugins/kdb/Makefile > new file: krb5/plugins/kdb/Makefile.inc > new file: krb5/plugins/kdb/db2/Makefile > new file: krb5/plugins/kdb/db2/libdb2/Makefile.inc > new file: krb5/plugins/kdb/db2/libdb2/btree/Makefile.inc > new file: krb5/plugins/kdb/db2/libdb2/db/Makefile.inc > new file: krb5/plugins/kdb/db2/libdb2/hash/Makefile.inc > new file: krb5/plugins/kdb/db2/libdb2/include/Makefile.inc > new file: krb5/plugins/kdb/db2/libdb2/mpool/Makefile.inc > new file: krb5/plugins/kdb/db2/libdb2/recno/Makefile.inc > new file: krb5/plugins/preauth/Makefile > new file: krb5/plugins/preauth/Makefile.inc > new file: krb5/plugins/preauth/otp/Makefile > new file: krb5/plugins/preauth/pkinit/Makefile > new file: krb5/plugins/preauth/spake/Makefile > new file: krb5/plugins/preauth/test/Makefile > new file: krb5/usr.bin/Makefile > new file: krb5/usr.bin/Makefile.inc > new file: krb5/usr.bin/gss-client/Makefile > new file: krb5/usr.bin/kadmin/Makefile > new file: krb5/usr.bin/kdestroy/Makefile > new file: krb5/usr.bin/kinit/Makefile > new file: krb5/usr.bin/klist/Makefile > new file: krb5/usr.bin/kpasswd/Makefile > new file: krb5/usr.bin/ksu/Makefile > new file: krb5/usr.bin/kswitch/Makefile > new file: krb5/usr.bin/ktutil/Makefile > new file: krb5/usr.bin/kvno/Makefile > new file: krb5/usr.bin/sclient/Makefile > new file: krb5/usr.bin/sim_client/Makefile > new file: krb5/usr.sbin/Makefile > new file: krb5/usr.sbin/Makefile.inc > new file: krb5/usr.sbin/gss-server/Makefile > new file: krb5/usr.sbin/kadmin.local/Makefile > new file: krb5/usr.sbin/kdb5_util/Makefile > new file: krb5/usr.sbin/sim_server/Makefile > new file: krb5/usr.sbin/sserver/Makefile > new file: krb5/util/Makefile > new file: krb5/util/Makefile.inc > new file: krb5/util/build-tools/Makefile > new file: krb5/util/build-tools/krb5-config.sh > new file: krb5/util/compile_et/Makefile > new file: krb5/util/et/Makefile > new file: krb5/util/profile/Makefile > new file: krb5/util/ss/Makefile > new file: krb5/util/support/Makefile > new file: krb5/util/verto/Makefile > modified: lib/Makefile > modified: lib/libpam/modules/pam_krb5/Makefile > new file: lib/libpam/modules/pam_krb5/config.h > modified: lib/libpam/modules/pam_krb5/pam_krb5.c > modified: lib/libpam/modules/pam_ksu/Makefile > modified: lib/libpam/modules/pam_ksu/pam_ksu.c > modified: lib/libtelnet/Makefile > modified: secure/libexec/sshd-session/Makefile > modified: secure/ssh.mk > modified: share/mk/bsd.libnames.mk > modified: share/mk/src.libnames.mk > modified: share/mk/src.opts.mk > modified: tools/build/Makefile > modified: tools/build/mk/OptionalObsoleteFiles.inc > new file: tools/build/options/WITH_MITKRB5 > modified: usr.bin/Makefile > modified: usr.bin/telnet/Makefile > modified: usr.sbin/gssd/Makefile > modified: usr.sbin/gssd/gssd.c > > Does this sound reasonable? > > I am open to and considering breaking the last commit into a number of smaller > commits, culminating in the actual hook of MIT KRB5 into the build. Note that it > will only build with the WITH_MITKRB5 defined in src.conf. > > The src/krb5 Makefiles are structured so that they loosely follow the tree > structure in MIT's build. Should upstream add or remove files, it would be easier > for persons maintaining it to find the corresponding Makefile in our bespoke build > tree. My only thought was if we wanted the krb5 tree to be under secure/ rather than a new top-level directory? Aside from that question, the rest of the plan seems fine to me. In terms of the last commit, if you think there are reasonable ways to break it up, that might make reviewing easier, but I'm not sure it's worth the extra work if it is a pain to split it up. -- John Baldwin