| 363135 |
12-Jul-2020 |
0mp |
MFC 362491:
Improve the rcorder manual page
- Fix formatting issues such as:
- Use Ql instead of Dq Li as Li is deprecated
- Address some mandoc warnings
- Add arguments missing from the list of options (i.e., document "-k keep"
instead of just "-k").
- Document that -k and -s can be specified multiple times
- Use sshd instead of named for the example in the BUGS section, as named
is not in the base system. Also, use Nm instead of Xr there as it is not
the sshd binary that is required to be running, but the service.
- Use Sy instead of Cm for KEYWORDS. Cm is reserved for command-line
modifiers of the CLI.
- Add an EXAMPLES section
- Cross-reference service(8). |
| 320907 |
12-Jul-2017 |
delphij |
MFC r320906: MFV r320905: Import upstream fix for CVE-2017-11103.
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'. Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.
Submitted by: hrs
Obtained from: Heimdal
Security: FreeBSD-SA-17:05.heimdal
Security: CVE-2017-11103 |
| 302408 |
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.
Additional commits post-branch will follow.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| 299495 |
11-May-2016 |
cem |
libkrb5: Fix potential double-free
If krb5_make_principal fails, tmp_creds.server may remain a pointer to freed
memory and then be double-freed. After freeing it the first time, initialize
it to NULL, which causes subsequent krb5_free_principal calls to do the right
thing.
Reported by: Coverity
CID: 1273430
Sponsored by: EMC / Isilon Storage Division
|
| 234027 |
08-Apr-2012 |
stas |
- Update FreeBSD's Heimdal distribution to 1.5.2. This is a bugfix
release, which fixes a DoS issue in libkrb5.
|
| 233294 |
22-Mar-2012 |
stas |
- Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
o kgetcred(1) allows one to manually get a ticket for a particular service.
o kf(1) securily forwards ticket to another host through an authenticated
and encrypted stream.
o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
and other user kerberos operations. klist and kswitch are just symlinks
to kcc(1) now.
o kswitch(1) allows you to easily switch between kerberos credentials if
you're running KCM.
o hxtool(1) is a certificate management tool to use with PKINIT.
o string2key(1) maps a password into key.
o kdigest(8) is a userland tool to access the KDC's digest interface.
o kimpersonate(8) creates a "fake" ticket for a service.
We also now install manpages for some lirbaries that were not installed
before, libheimntlm and libhx509.
- The new HEIMDAL version no longer supports Kerberos 4. All users are
recommended to switch to Kerberos 5.
- Weak ciphers are now disabled by default. To enable DES support (used
by telnet(8)), use "allow_weak_crypto" option in krb5.conf.
- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
disabled due to the function they use (krb5_get_err_text(3)) being
deprecated. I plan to work on this next.
- Heimdal's KDC now require sqlite to operate. We use the bundled version
and install it as libheimsqlite. If some other FreeBSD components will
require it in the future we can rename it to libbsdsqlite and use for these
components as well.
- This is not a latest Heimdal version, the new one was released while I was
working on the update. I will update it to 1.5.2 soon, as it fixes some
important bugs and security issues.
|
| 178828 |
07-May-2008 |
dfr |
Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
|
| 178826 |
07-May-2008 |
dfr |
This commit was generated by cvs2svn to compensate for changes in r178825,
which included commits to RCS files with non-trunk default branches.
|
| 142404 |
24-Feb-2005 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r142403,
which included commits to RCS files with non-trunk default branches.
|
| 127811 |
03-Apr-2004 |
nectar |
Resolve conflicts after import of Heimdal 0.6.1.
|
| 127809 |
03-Apr-2004 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r127808,
which included commits to RCS files with non-trunk default branches.
|
| 120953 |
09-Oct-2003 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r120952,
which included commits to RCS files with non-trunk default branches.
|
| 120948 |
09-Oct-2003 |
nectar |
Resolve conflicts after import of Heimdal 0.6.
|
| 120946 |
09-Oct-2003 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r120945,
which included commits to RCS files with non-trunk default branches.
|
| 107208 |
24-Nov-2002 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r107207,
which included commits to RCS files with non-trunk default branches.
|
| 104205 |
30-Sep-2002 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r104204,
which included commits to RCS files with non-trunk default branches.
|
| 103426 |
16-Sep-2002 |
nectar |
Resolve conflicts.
|
| 103424 |
16-Sep-2002 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r103423,
which included commits to RCS files with non-trunk default branches.
|
| 102654 |
30-Aug-2002 |
nectar |
Pass the pointy hat! Remove accidently imported files.
|
| 102647 |
30-Aug-2002 |
nectar |
Resolve conflicts after import of Heimdal Kerberos circa 2002/08/29.
|
| 102645 |
30-Aug-2002 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r102644,
which included commits to RCS files with non-trunk default branches.
|
| 90931 |
19-Feb-2002 |
nectar |
Update build after import of Heimdal Kerberos 2002/02/17.
|
| 90929 |
19-Feb-2002 |
nectar |
Resolve conflicts after import of Heimdal Kerberos 2002/02/17.
|
| 90927 |
19-Feb-2002 |
nectar |
This commit was generated by cvs2svn to compensate for changes in r90926,
which included commits to RCS files with non-trunk default branches.
|
| 78536 |
21-Jun-2001 |
assar |
fix merges from 0.3f
|
| 78528 |
21-Jun-2001 |
assar |
This commit was generated by cvs2svn to compensate for changes in r78527,
which included commits to RCS files with non-trunk default branches.
|
| 76372 |
08-May-2001 |
assar |
This commit was generated by cvs2svn to compensate for changes in r76371,
which included commits to RCS files with non-trunk default branches.
|
| 72463 |
13-Feb-2001 |
assar |
nuke conflict markers
|
| 72448 |
13-Feb-2001 |
assar |
fix conflicts in heimdal 0.3e import
|
| 72446 |
13-Feb-2001 |
assar |
This commit was generated by cvs2svn to compensate for changes in r72445,
which included commits to RCS files with non-trunk default branches.
|
| 57428 |
24-Feb-2000 |
markm |
Merge conflicts.
|
| 57423 |
24-Feb-2000 |
markm |
This commit was generated by cvs2svn to compensate for changes in r57422,
which included commits to RCS files with non-trunk default branches.
|
| 57420 |
24-Feb-2000 |
markm |
This commit was generated by cvs2svn to compensate for changes in r57419,
which included commits to RCS files with non-trunk default branches.
|
| 57417 |
24-Feb-2000 |
markm |
This commit was generated by cvs2svn to compensate for changes in r57416,
which included commits to RCS files with non-trunk default branches.
|
| 55683 |
09-Jan-2000 |
markm |
This commit was generated by cvs2svn to compensate for changes in r55682,
which included commits to RCS files with non-trunk default branches.
|