From nobody Sun Jan 28 14:49:09 2024
X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNDpc3TTGz58jMW
	for <freebsd-arch@mlmmj.nyi.freebsd.org>; Sun, 28 Jan 2024 14:49:12 +0000 (UTC)
	(envelope-from cy.schubert@cschubert.com)
Received: from omta001.cacentral1.a.cloudfilter.net (omta001.cacentral1.a.cloudfilter.net [3.97.99.32])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "Client", Issuer "CA" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TNDpc1YBxz42T0
	for <freebsd-arch@freebsd.org>; Sun, 28 Jan 2024 14:49:12 +0000 (UTC)
	(envelope-from cy.schubert@cschubert.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: from shw-obgw-4002a.ext.cloudfilter.net ([10.228.9.250])
	by cmsmtp with ESMTPS
	id U1zzrUk1bxDxGU6T9r9ShN; Sun, 28 Jan 2024 14:49:11 +0000
Received: from spqr.komquats.com ([70.66.152.170])
	by cmsmtp with ESMTPSA
	id U6T7rtU069Cr4U6T8rx9x7; Sun, 28 Jan 2024 14:49:11 +0000
X-Authority-Analysis: v=2.4 cv=etl8zZpX c=1 sm=1 tr=0 ts=65b66967
 a=y8EK/9tc/U6QY+pUhnbtgQ==:117 a=y8EK/9tc/U6QY+pUhnbtgQ==:17
 a=kj9zAlcOel0A:10 a=dEuoMetlWLkA:10 a=6I5d2MoRAAAA:8 a=NEAV23lmAAAA:8
 a=YxBL1-UpAAAA:8 a=EkcXrb_YAAAA:8 a=ev-HsTzYMAcI_nSn1-cA:9 a=CjuIK1q_8ugA:10
 a=dLLiUHJ_Wr8A:10 a=IjZwj45LgO3ly-622nXo:22 a=Ia-lj3WSrqcvXOmTRaiG:22
 a=LK5xJRSDVpKd5WXXoEvA:22
Received: from slippy.cwsent.com (slippy [10.1.1.91])
	by spqr.komquats.com (Postfix) with ESMTP id 574CD126E;
	Sun, 28 Jan 2024 06:49:09 -0800 (PST)
Received: by slippy.cwsent.com (Postfix, from userid 1000)
	id 31033460; Sun, 28 Jan 2024 06:49:09 -0800 (PST)
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.8+dev
Reply-to: Cy Schubert <Cy.Schubert@cschubert.com>
From: Cy Schubert <Cy.Schubert@cschubert.com>
X-os: FreeBSD
X-Sender: cy@cwsent.com
X-URL: http://www.cschubert.com/
To: Minsoo Choo <minsoochoo0122@proton.me>
cc: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
Subject: Re: Importing Heimdal 7.8.0
In-reply-to: <RXB5EBpxQpjbYQliH9nPyZKbaP2qAIfex2iEcanqW7rPoCiFzZKzJgUmd24Z_MCQvNDJ1_lmnD5lue9BicXM59W_D4zL00ekultlPSD_pAw=@proton.me>
References: <RXB5EBpxQpjbYQliH9nPyZKbaP2qAIfex2iEcanqW7rPoCiFzZKzJgUmd24Z_MCQvNDJ1_lmnD5lue9BicXM59W_D4zL00ekultlPSD_pAw=@proton.me>
Comments: In-reply-to Minsoo Choo <minsoochoo0122@proton.me>
   message dated "Sun, 28 Jan 2024 05:38:03 +0000."
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-arch
List-Help: <mailto:freebsd-arch+help@freebsd.org>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Subscribe: <mailto:freebsd-arch+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-arch+unsubscribe@freebsd.org>
Sender: owner-freebsd-arch@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 28 Jan 2024 06:49:09 -0800
Message-Id: <20240128144909.31033460@slippy.cwsent.com>
X-CMAE-Envelope: MS4xfJ4jVHvmJC/M7zKvoctlapcuKFeAVqfpwSPwXeBmQ8blbtcvp4srMEFSH/ZbyAMksYdXC8x77z+vpDblwNZU8WQS/0dDuLEhhX7LIpqPbMYNpzzpIGbC
 Rlhih8cvnwBvyiBAqQKwmvmBmaK1HR/4mqT05FavVM1Qf+SSvVOE3ef3KRDdwiWSoH11Ke9jGbusNFrb1wLleY1cbpSu7vORrZXgwplNOFOoKOwp6aJ2KGeA
 flduYZqJSnM4w057qGnNGQ==
X-Rspamd-Queue-Id: 4TNDpc1YBxz42T0
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:16509, ipnet:3.96.0.0/15, country:US]

In message <RXB5EBpxQpjbYQliH9nPyZKbaP2qAIfex2iEcanqW7rPoCiFzZKzJgUmd24Z_MCQ
vND
J1_lmnD5lue9BicXM59W_D4zL00ekultlPSD_pAw=@proton.me>, Minsoo Choo writes:
> Hello everyone,
> 
> I'm currently working on importing the latest version of Heimdal, which is 7.8.0. Although it seems that a contributor is trying to import kerberos5 by this summer [1], I will try as much as I can since I found out the process easier than I expected.
> 
> There are some modifications that need to be discussed before commiting changes:
> 
> - Introduction of hcrypto library. OpenSSL will be used as its backend. NetBSD patched files to use OpenSSL direclty [2], but this is harder to maintain in future.
> - Moving libcom_err from /lib to /kerberos/lib
> - Moving compile_et from /usr.bin to /keberos/usr.bin
> - libgssapi: Heimdal has expended FreeBSD's libgssapi implementation, and it internally uses private functions that is not accessible from FreeBSD's libgssapi. In newer versions of Heimdal's libgssapi, it is really hard to separate libgssapi_krb5, libgssapi_spnego, and libgssapi_ntlm. My suggestion is to build libheimgssapi for heimdal's internal use and keep our libgssapi.
> 
> Because I'm not very familiar with FreeBSD src tree yet, I encoutered some problems:
> 
> - How do I regenerate Makefile.depend? What command arguments do I need to use mkdep(1)? We need it for new Makefiles introduced for new libraries and programs.
> - How do I make libhcrypto before libhx509? It looks like Makefile.inc1 needs to be fixed but I can't figure it out.
> 
> Reviews:
> Since the import of heimdal is too big, I separated reviews in two.
> D43625 [3]: Import heimdal 7.8.0 to crypto/heimdal. No reviews or modificatoins needed for now.
> D43624 [4]: Changes to FreeBSD base to build heimdal. Reviews and advice needed.
> 
> [1] https://lists.freebsd.org/archives/freebsd-arch/2023-December/000580.html
> [2] https://github.com/IIJ-NetBSD/netbsd-src/tree/master/crypto/external/bsd/heimdal
> [3] https://reviews.freebsd.org/D43625[4] [https://reviews.freebsd.org/D4362](https://reviews.freebsd.org/D43625)4
> 

I'm in the works of replacing Heimdal 1.5.2 with MIT KRB5 1.21.2.


-- 
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  https://FreeBSD.org
NTP:           <cy@nwtime.org>    Web:  https://nwtime.org

			e^(i*pi)+1=0