Split the cyrus sasl gssapi plugin into two separate packages. #212
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Reverted libpng to version 1.6.10 due to a misplaced statement in png.c Fixed "-zmem" option (only "-zm" would work since version 1.7.62).
See http://www.scala-lang.org/news/2014/04/21/release-notes-2.11.0.html and http://www.scala-lang.org/news/2.11.1 for changes from 2.10.3.
20140524: * Support for vertical writing in the Windows environment.
OpenAFS 1.6.9
All server platforms
* Fix for OPENAFS-SA-2014-002
OpenAFS 1.6.8
All platforms
* Documentation improvements (10751 10875 10931 10897 10883 10954 10955)
* Improved diagnostics and error messages (10756 10814 10949)
* Fixed a bug in RX that could make errors during packet reception go
unnoticed. (10733)
* Fixed a bug that made "vos size -dump" display the wrong size for
large volumes. (10933) (RT #131819)
All server platforms
* Change the default fileserver sync behavior from "delayed" to "onclose".
This means that explicit syncing only happens when a volume is detached.
(10809)
* Added the -offline-timeout and -offline-shutdown-timeout options to the
fileserver, to implement interrupting clients accessing volumes we are
trying to take offline. (6266 10799)
Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request. This enables HTTPS name-based virtual hosting to separate backend servers without installing the private key on the proxy machine.
(pkgsrc)
- Add following line to find -lperl
LDFLAGS+= -L${PREFIX}/${PERL5_SUB_INSTALLARCHLIB}/CORE
- Drop NetBSD-5, net/agr/if_agrioctl.h is missing
- Add options.mk and support json, snmp, xml selection,
those were missing in configured list
- Now includes readline.buildlink3.mk
(upstream)
lldpd (0.7.9)
* Changes:
+ Default location for chroot, socket and PID are now configurable
in `./configure`. The default location is based on the value of
`runstatedir` which in turn may be based on the value of
`localstatedir` which defaults to `/usr/local/var`. Therefore,
to get the previous locations, lldpd should be configured with
`./configure --localstatedir=/var`.
* Fixes:
+ Fix `configure system bond-slave-src-mac-type local`. Also use
it as default.
* Features:
+ Add support for shutdown LLDPU.
+ Ability to configure IP management pattern from lldpcli.
+ Ability to choose what port ID should be (MAC or interface name).
lldpd (0.7.8)
* Fixes:
+ Don't hard-code default values for system name, system
description and port description. When the field is not present,
just don't display it.
+ Fix lldpcli behaviour when suid.
+ On OSX, don't use p2p0 interfaces: it would break WLAN.
+ Fix SNMP support on RHEL.
* Features:
+ Android support
+ Add the possibility to disable privilege separation (lower
memory consumption, lower security, don't do it).
+ Interfaces can now be whitelisted. For example, *,!eth*,!!eth1
is a valid pattern for all interfaces except eth ones, except
eth1. Moreover, on exact match, an matching interface
circumvents most sanity checks (like VLAN handling).
+ Ability to override the hostname.
lldpd (0.7.7)
* Features:
+ Use a locally administered MAC address or an arbitrary one
instead of null MAC address for bond devices on Linux. This is
configurable through `lldpcli`.
+ Add support for "team" driver (alternative to bond devices).
+ Preliminary support for DTrace/systemtap.
+ Preliminary support for seccomp (for monitor process).
+ Setup chroot inside lldpd instead of relying on init script.
* Fixes:
+ Various bugs related to fixed point number handling (for
coordinates in LLDP-MED)
+ Fix a regression in how MAC address of an enslaved device is
retrieved.
… the PDF, there's no point in building it, so disable TeX auto-detection.
Alan Coopersmith (1):
Mark DEPTH_MASK as Unsigned int
Arnaud Fontaine (3):
Add autogen.sh to EXTRA_DIST.
Follow changes in m4 submodule.
Release 0.3.9
Gaetan Nadon (9):
config: add bug URL to AC_INIT
config: replace deprecated use of AC_OUTPUT with AC_CONFIG_FILES
config: use AC_CONFIG_HEADERS to create a config.h file
config: remove old dead code for documentation
config: add missing COPYING file
make: use AM_CPPFLAGS rather than per-target libxcb_render_util_la_CPPFLAGS
make: using EXTRA_DIST for xcb-renderutil.pc.in is redundant
make: there should be no attempt to remove any Makefile.in file
make: compile the library with standard xorg warning flags
Jochen Keil (1):
Fix compilation and linking issues with C++
Niclas Zeising (1):
Check submodules before running autoconf.
- DEPENDS+= mozilla-rootcerts are removed, cert included now.
- Deleted SUBST_CLASSES+= macro_S to avoid name (_S) conflicts on NetBSD-5.*
(The probelm no longer exists)
- Correct MESSAGE (but this is to be committed separately)
(Upstream): Bump version 2.0 to 2.0.2RC4
---------------
This commit log compiled from that of wip/trustedQSL/Makefile by mef@
Sorry if typo or too compact.
2.0.2RC4 2014/06/07
- No pop up when prompting user for password when batch mode
- If QSO database is corrupted and can not be repaired, delete it
2.0.2RC3 2014/05/09
- Ensure station locations added (sign a log -> list of stn loc.)
- Restore from .tbk to restore multiple pending callsign
certificates for a given callsign
- Correct message when callsign cert. is uploaded
- Delete any older version, when renewed callsign is installed
- Correct the behaviour for non ascii directory name on Windows
- Correct the number of QSO in some case when signing
(ignoring might have shown negative number)
2.0.2RC2 2014/04/22
- Windows only
2.0.2RC1 2014/04/16
- OpenSSL update (Heartbleed). no practical attack anyway
(Windows only)
2.0.1RC9 2014/03/01
- Avoid application crash when database conversion for Open/Close
- Faster conversion of database
2.0.1RC8 2014/02/27
- Limit the number of copies of application running
(multiple run might have database corrution)
2.0.1RC7 2014/02/13
- When a callsign cert is about to expire (within 60 days), TQSL
warns. But even after user submitted renewal, it continued
- Correct the automatic backup directory (by from preference pane)
- Search Log files with .ADI, .ADIF also
2.0.1RC6 2014/02/05
- Copyright notice / date (only)
2.0.1RC5 2014/01/29
- Avoid crash at starting if certifiacate status file is empty
- Corrected for checking for new release even with -RC change
2.0.1RC4 2014/01/22
- Canadian province PQ/QC issue
- Correct start-up threads management
- (OpenSuSE Linux) for pending callsign requests
- Accept valid callsign only based on location
- Correct hang if command line argument is wrong
- Update message during callsign certificate creation
2.0.1RC3, 2014/01/13 (but hangs when reading cert_status.xml)
Two additional changes in TQSL 2.0 RC3:
-------------
A. Because new modes may not yet be specified in ADIF, and because
LoTW may not accept all modes specified in ADIF, TQSL enables you to
"map" a new mode to a mode or mode group recognized by LoTW; this
most often takes the form of mapping a new digital mode to the DATA
mode group. Versions of TQSL prior to 2.0 would allow you to map
modes accepted by LoTW. This version of TQSL will refuse to map a
mode that is accepted by LoTW. Any existing mappings of modes
accepted by LoTW will be automatically removed on startup; you will
be notified if this happens.
B. When submitting log files in Cabrillo format, previous versions of
TQSL submitted FM and PH modes as PHONE. TQSL 2.0 RC2 submits FM mode
as FM, and PH mode as SSB.
----------------------------
2.0.1RC2 2013/09/01
Contest name recognition is corrected (Re: JIDX)
clamav-0.98.4, dar-2.4.14, delegate-9.9.9, go-1.3, lftp-4.5.2, libusb-1.0.19, skype-4.3, xterm-307.
restrictions, make the code generator issue explicit alignment requests.
Otherwise, a system that uses Heimdal, for example, might try to get MIT installed overtop heimdal when trying to use sasl/gssapi
|
I'm not sure this will work as-is. Each package would need to explicitly state which KRB5_TYPE to use, so that the correct dependency is pulled in. At the very least set KRB5_ACCEPTED in each package Makefile, but I'm not sure how that will behave when KRB5_DEFAULT is not in the list of KRB5_ACCEPTED. See mk/krb5.buildlink.mk for more details, and have a play to ensure that it works as expected for both packages. |
|
I think explicitly stating --with-gss_impl=mit or --with-gss_impl=heimdal makes it build against the right version. But I see what you mean about the dependencies (as I don't see either heimdal or mit in the dependencies when I do pkg_info on the local package tarball) I only see Requires: What I don't quite understand is what's different between these packages and the original cy2-gssapi pkg from which I sourced them. |
|
I've made use of Heimdal explicit in the Heimdal-specific package and added conflicts to both packages. Even though the SunOS platform makefile sets the default Kerberos implementation to MIT, I set the same in my two packages. Please let me know if that works better; the Heimdal package is in use in production on my KDCs and LDAP servers now. |
1 similar comment
|
I've made use of Heimdal explicit in the Heimdal-specific package and added conflicts to both packages. Even though the SunOS platform makefile sets the default Kerberos implementation to MIT, I set the same in my two packages. Please let me know if that works better; the Heimdal package is in use in production on my KDCs and LDAP servers now. |
|
@jperkin this is my first foray into fun with pkgsrc. Does the latest round of changes (as written) allay the issues? I can confirm that when I build this on trunk (rather than on the 201xQy release at which my builder box points), it does pull in the latest heimdal from pkgsrc (which is newer than what's installed) as I would expect. |
|
Closing, this is ancient. If it's still needed, I probably should respin this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change brings pkgsrc inline with what other distributions such as Debian do with the GSSAPI plugin. While the existing cy2-gssapi package can link against the correct GSSAPI implementation (depending upon what is installed on the build box), it does little to help users of binary packages. Therefore, we split the package into cy2-gssapi-(mit|heimdal) so that users can install a build that has correct Kerberos implementation linked in.