GSSAPI and Heimdal in Base

Dewayne Geraghty dewayne.geraghty at heuristicsystems.com.au
Wed Feb 19 21:09:45 UTC 2014 

On 20/02/2014 12:29 AM, Bryan Drewery wrote:
> On 2/17/2014 5:23 PM, Robert Simmons wrote:
>> Actually both port and base are 1.5.2. Base was updated in Apr 2012:
>> http://svnweb.freebsd.org/base?view=revision&revision=234027
>>
>> Both 9.x and 10.0 have Heimdal 1.5.2, same version in ports.
>>
>> The Heimdal project's current stable version is actually 1.5.3. They
>> have forgotten to update their main website, but the Git repository
>> speaks the truth:
>> https://github.com/heimdal/heimdal/blob/master/NEWS
>>
>> Also, they are pushing out 1.6 release candidates at the moment, so I
>> think 1.6 should arrive shortly.
>>
>> I will give the project a poke and see if they can update their
>> website, but security/openssh-portable should build fine against
>> heimdal base or the  heimdal port since they are identical.
>
> I will take another look, however I could not get it to build with the
> base heimdal so I marked it broken.
>
>> On Mon, Feb 17, 2014 at 7:43 AM, Dewayne Geraghty
>> <dewayne.geraghty at heuristicsystems.com.au> wrote:
>>> Robert,
>>> There's a couple of versions different.  Heimdal from ports is 1.5.2.
>>> I'm writing personally because I don't build any systems with the
>>> heimdal in base, but I recall it being around 1.0.1 on 9.X.
>>>
>>> As an aside I recall the openssh developer mentioning somewhere that
>>> gssapi wasn't supported in openssh 6.5, but if it builds for you then
>>> you're probably running an earlier version of the ports system?  It's
>>> also helpful to let folks know what FreeBSD version you're discussing ;)
>>>
>>> Cheers, Dewayne
>>>
>>> On 17/02/2014 5:14 PM, Robert Simmons wrote:
>>>> When building openssh-portable, and enabling kerb_gssapi, but using
>>>> the heimdal that is in base, it gives the error:
>>>> KERB_GSSAPI Requires either MIT or HEMIDAL, does not build with base
>>>> Heimdal currently
>>>>
>>>> What is the difference between base and the port of Heimdal?
>>>> _______________________________________________
>>>> freebsd-ports at freebsd.org mailing list
>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
>>>> To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"
>>>>
>>>>
>> _______________________________________________
>> freebsd-ports at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
>> To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"
>>
>
Bryan,
The base heimdal in 9.x is 1.1.0.   As suggested to me by John Marshall,
use:
svn cat svn://svn.freebsd.org/base/stable/9/kerberos5/include/version.h
| grep heimdal_version
svn cat svn://svn.freebsd.org/base/stable/10/kerberos5/include/version.h
| grep heimdal_version
svn cat svn://svn.freebsd.org/base/head/kerberos5/include/version.h |
grep heimdal_version

while head and 10.x use heimdal 1.5.2

Thanks for looking after openssh, I particularly appreciate the new key
storage mechanism (bcrypt KDF a GREAT improvement for keys at rest!). 
Unfortunately I don't use gssapi with ssh, though it heimdal 1.5.2 works
well with other ports.

Dewayne.

More information about the freebsd-ports mailing list