diff options
author | Jacques Vidrine <nectar@FreeBSD.org> | 2001-09-07 19:45:46 +0000 |
---|---|---|
committer | Jacques Vidrine <nectar@FreeBSD.org> | 2001-09-07 19:45:46 +0000 |
commit | 39daa242c80f7aabead7326aec5d742f7614cddf (patch) | |
tree | eef3d1f01a153539f572e8b8a67a3ae5feae3082 /security/heimdal | |
parent | 78462c178d8ec9b15c00efc2a7b32e756e429fe8 (diff) | |
download | ports-39daa242c80f7aabead7326aec5d742f7614cddf.tar.gz ports-39daa242c80f7aabead7326aec5d742f7614cddf.zip |
Notes
Diffstat (limited to 'security/heimdal')
-rw-r--r-- | security/heimdal/Makefile | 17 | ||||
-rw-r--r-- | security/heimdal/Makefile.man | 4 | ||||
-rw-r--r-- | security/heimdal/distinfo | 2 | ||||
-rw-r--r-- | security/heimdal/files/kdc.sh | 68 | ||||
-rw-r--r-- | security/heimdal/files/patch-ad | 34 | ||||
-rw-r--r-- | security/heimdal/files/patch-cb | 13 | ||||
-rw-r--r-- | security/heimdal/files/patch-cc | 13 | ||||
-rw-r--r-- | security/heimdal/files/patch-cj | 36 | ||||
-rw-r--r-- | security/heimdal/files/patch-ck | 25 | ||||
-rw-r--r-- | security/heimdal/files/patch-cl | 33 | ||||
-rw-r--r-- | security/heimdal/files/patch-cm | 12 | ||||
-rw-r--r-- | security/heimdal/files/patch-cn | 20 | ||||
-rw-r--r-- | security/heimdal/files/patch-co | 11 | ||||
-rw-r--r-- | security/heimdal/pkg-plist | 1 |
14 files changed, 52 insertions, 237 deletions
diff --git a/security/heimdal/Makefile b/security/heimdal/Makefile index afae62bb02c6..5b6aa8bcf7ae 100644 --- a/security/heimdal/Makefile +++ b/security/heimdal/Makefile @@ -6,7 +6,7 @@ # PORTNAME= heimdal -PORTVERSION= 0.4d +PORTVERSION= 0.4e CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.pdc.kth.se/pub/heimdal/src/ \ ftp://ftp.replay.com/pub/replay/crypto/APPS/kerberos/heimdal/ \ @@ -47,6 +47,7 @@ CONFIGURE_ARGS+= --without-x .endif .if exists(/usr/lib/libkrb.a) && !defined(WITHOUT_KRB4) +CONFIGURE_ENV+= LIBS="-lcom_err" CONFIGURE_ARGS+= --with-krb4-include=/usr/include --with-krb4-lib=/usr/lib .elif !defined(KRB5_KRB4_COMPAT) CONFIGURE_ARGS+= --without-krb4 @@ -59,14 +60,6 @@ OPENSSL_IN_BASE= YES PLIST:= ${WRKDIR}/PLIST -# Nuke com_err stuff, it is in the base system. -pre-configure: - @(set -e; \ - cd ${CONFIGURE_WRKSRC}; \ - find . -type f -name 'Makefile.in' -print | xargs perl -i -p \ - -e 's,\$$\(top_builddir\)/lib/com_err/compile_et,compile_et,;' \ - -e 's,../com_err/libcom_err.la,,;';) - pre-install: @${CP} ${PKGDIR}/pkg-plist ${PLIST} .if exists(/usr/lib/libkrb.a) && !defined(WITHOUT_KRB4) @@ -84,12 +77,6 @@ pre-install: .include "Makefile.man" -# awful hack to avoid running automake after patching configure -pre-configure: - @find ${WRKSRC} -name Makefile.in -exec ${TOUCH} {} \; - @${TOUCH} ${WRKSRC}/include/stamp-h.in - @${TOUCH} ${WRKSRC}/include/config.h.in - post-install: install-info ${PREFIX}/info/heimdal.info ${PREFIX}/info/dir ${SED} 's;%%PREFIX%%;${PREFIX};g' ${FILESDIR}/kdc.sh > \ diff --git a/security/heimdal/Makefile.man b/security/heimdal/Makefile.man index a6fd5bcc4268..6500174b16f7 100644 --- a/security/heimdal/Makefile.man +++ b/security/heimdal/Makefile.man @@ -1,7 +1,6 @@ # $FreeBSD$ MAN1= ftp.1 \ - kauth.1 \ kdestroy.1 \ kf.1 \ kgetcred.1 \ @@ -20,7 +19,8 @@ MAN1= ftp.1 \ tenletxr.1 \ xnlock.1 -MAN3= editline.3 \ +MAN3= arg_printusage.3 \ + editline.3 \ getarg.3 \ k_afs_cell_of_file.3 \ k_hasafs.3 \ diff --git a/security/heimdal/distinfo b/security/heimdal/distinfo index 5b7b3fe34ef8..3f323ad5ff58 100644 --- a/security/heimdal/distinfo +++ b/security/heimdal/distinfo @@ -1 +1 @@ -MD5 (heimdal-0.4d.tar.gz) = 0d2d78b576553ea08a2def85013adb81 +MD5 (heimdal-0.4e.tar.gz) = 239aa6841881f77db64faeaea47d7593 diff --git a/security/heimdal/files/kdc.sh b/security/heimdal/files/kdc.sh index 1e8d24a5810e..13aa415fdab4 100644 --- a/security/heimdal/files/kdc.sh +++ b/security/heimdal/files/kdc.sh @@ -1,28 +1,54 @@ #!/bin/sh -kdc=%%PREFIX%%/libexec/kdc +# Installation prefix for Heimdal +PREFIX="%%PREFIX%%" -case "$1" in -start) - if [ -x $kdc ]; then - echo -n ' kdc' - $kdc & - fi - ;; -stop) - if [ -f /var/run/kdc.pid ]; then - kill -TERM `cat /var/run/kdc.pid` - rm -f /var/run/kdc.pid - echo -n ' kdc' - fi - ;; -restart) - if [ -f /var/run/kdc.pid ]; then - $0 stop - sleep 2 +# One of `none', `master', or `slave' +KDC_ROLE=none +KDC_FLAGS="" +IPROP_MASTER_HOST="" + +KDC="${PREFIX}/libexec/kdc" +KPASSWDD="${PREFIX}/libexec/kpasswdd" +IPROPD_MASTER="${PREFIX}/libexec/ipropd-master" +IPROPD_SLAVE="${PREFIX}/libexec/ipropd-slave" + +case "${KDC_ROLE}" in +none) run_kdc=0 run_master=0 run_slave=0 ;; +master) run_kdc=1 run_master=1 run_slave=0 ;; +slave) run_kdc=1 run_master=0 run_slave=1 ;; +*) echo "KDC_ROLE is not set." >&2 + exit 64 + ;; +esac + +do_start() { + if test "${run_kdc}" -eq "1"; then + ${KDC} ${KDC_FLAGS} & + test "${run_master}" -eq "1" && ${KPASSWDD} & + test "${run_master}" -eq "1" && ${IPROPD_MASTER} & + test "${run_slave}" -eq "1" && ${IPROPD_SLAVE} ${IPROP_MASTER_HOST} & fi - $0 start - ;; + echo -n ' kdc' +} + +do_stop() { + for pid in kdc kpasswdd ipropd-master ipropd-slave; do + test -f "/var/run/${pid}.pid" && kill `cat /var/run/${pid}.pid` + done + echo -n ' kdc' +} + +do_restart() { + do_stop + sleep 1 + do_start +} + +case "$1" in +start) do_start ;; +stop) do_stop ;; +restart) do_restart ;; *) echo "Usage: `basename $0` {start|stop}" >&2 exit 64 diff --git a/security/heimdal/files/patch-ad b/security/heimdal/files/patch-ad deleted file mode 100644 index 719c82896d4e..000000000000 --- a/security/heimdal/files/patch-ad +++ /dev/null @@ -1,34 +0,0 @@ ---- lib/gssapi/accept_sec_context.c.orig Mon Jul 16 22:28:38 2001 -+++ lib/gssapi/accept_sec_context.c Tue Jul 17 08:10:32 2001 -@@ -283,12 +283,27 @@ - - krb5_ccache ccache; - -- if (delegated_cred_handle == NULL || *delegated_cred_handle == NULL) -+ if (delegated_cred_handle == NULL) - /* XXX Create a new delegated_cred_handle? */ - kret = krb5_cc_default (gssapi_krb5_context, &ccache); -- -- else { -- if ((*delegated_cred_handle)->ccache == NULL) -+ else if (*delegated_cred_handle == NULL) { -+ if ((*delegated_cred_handle = -+ calloc(1, sizeof(**delegated_cred_handle))) == NULL) { -+ kret = ENOMEM; -+ krb5_set_error_string(gssapi_krb5_context, "out of memory"); -+ gssapi_krb5_set_error_string(); -+ goto failure; -+ } -+ if ((kret = gss_duplicate_name(minor_status, ticket->client, -+ &(*delegated_cred_handle)->principal)) != 0) { -+ flags &= ~GSS_C_DELEG_FLAG; -+ free(*delegated_cred_handle); -+ *delegated_cred_handle = NULL; -+ goto end_fwd; -+ } -+ } -+ if (delegated_cred_handle != NULL && -+ (*delegated_cred_handle)->ccache == NULL) { - kret = krb5_cc_gen_new (gssapi_krb5_context, - &krb5_mcc_ops, - &(*delegated_cred_handle)->ccache); diff --git a/security/heimdal/files/patch-cb b/security/heimdal/files/patch-cb deleted file mode 100644 index a6e1baed6fda..000000000000 --- a/security/heimdal/files/patch-cb +++ /dev/null @@ -1,13 +0,0 @@ ---- configure.in.orig Mon Feb 5 01:58:05 2001 -+++ configure.in Mon May 21 08:12:54 2001 -@@ -83,6 +83,10 @@ - LIB_openldap="-R $openldap_libdir $LIB_openldap" - fi - -+dnl Kerberos 4 libraries are quite likely to need to link against -+dnl libcom_err. -+AC_CHECK_LIB(com_err, init_error_table) -+ - AC_TEST_PACKAGE_NEW(krb4,[#include <krb.h>],-lkrb,-ldes,/usr/athena, KRB4) - - LIB_kdb= diff --git a/security/heimdal/files/patch-cc b/security/heimdal/files/patch-cc deleted file mode 100644 index 1439fa6d0613..000000000000 --- a/security/heimdal/files/patch-cc +++ /dev/null @@ -1,13 +0,0 @@ ---- configure.orig Mon Feb 5 02:03:23 2001 -+++ configure Mon May 21 08:14:53 2001 -@@ -11827,6 +11827,10 @@ - LIB_openldap="-R $openldap_libdir $LIB_openldap" - fi - -+# Kerberos IV on FreeBSD depends on libcom_err -+LIBS="-lcom_err $LIBS" -+echo '#define HAVE_LIBCOM_ERR 1' >> confdefs.h -+ - # Check whether --with-krb4 or --without-krb4 was given. - if test "${with_krb4+set}" = set; then - withval="$with_krb4" diff --git a/security/heimdal/files/patch-cj b/security/heimdal/files/patch-cj deleted file mode 100644 index 69b1c2c845d2..000000000000 --- a/security/heimdal/files/patch-cj +++ /dev/null @@ -1,36 +0,0 @@ ---- appl/ftp/ftpd/ftpd.c.ORIG Fri Jun 29 09:41:46 2001 -+++ appl/ftp/ftpd/ftpd.c Fri Jun 29 09:42:04 2001 -@@ -68,6 +68,7 @@ - int debug = 0; - int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */ - int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */ -+int restricted_data_ports = 1; - int logging; - int guest; - int dochroot; -@@ -217,6 +218,7 @@ - { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout" }, - { NULL, 'T', arg_integer, &maxtimeout, "max timeout" }, - { NULL, 'u', arg_string, &umask_string, "umask for user logins" }, -+ { NULL, 'U', arg_negative_flag, &restricted_data_ports, "don't use high data ports" }, - { NULL, 'd', arg_flag, &debug, "enable debugging" }, - { NULL, 'v', arg_flag, &debug, "enable debugging" }, - { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" }, -@@ -1951,6 +1953,8 @@ - socket_set_address_and_port (pasv_addr, - socket_get_address (ctrl_addr), - 0); -+ socket_set_portrange(pdata, restricted_data_ports, -+ pasv_addr->sa_family); - seteuid(0); - if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { - seteuid(pw->pw_uid); -@@ -1993,6 +1997,8 @@ - socket_set_address_and_port (pasv_addr, - socket_get_address (ctrl_addr), - 0); -+ socket_set_portrange(pdata, restricted_data_ports, -+ pasv_addr->sa_family); - seteuid(0); - if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { - seteuid(pw->pw_uid); diff --git a/security/heimdal/files/patch-ck b/security/heimdal/files/patch-ck deleted file mode 100644 index 87afecea5c03..000000000000 --- a/security/heimdal/files/patch-ck +++ /dev/null @@ -1,25 +0,0 @@ ---- appl/ftp/ftpd/ftpd.8.orig Tue Feb 16 14:14:08 1999 -+++ appl/ftp/ftpd/ftpd.8 Fri Nov 3 12:07:47 2000 -@@ -43,7 +43,7 @@ - .Sh SYNOPSIS - .Nm ftpd - .Op Fl a Ar authmode --.Op Fl dilv -+.Op Fl dilvU - .Op Fl g Ar umask - .Op Fl p Ar port - .Op Fl T Ar maxtimeout -@@ -127,6 +127,13 @@ - seconds (the default is 15 minutes). - .It Fl u - Set the initial umask to something else than the default 027. -+.It Fl U -+In previous versions of -+.Nm ftpd , -+when a passive mode client requested a data connection to the server, the -+server would use data ports in the range 1024..4999. Now, by default, the -+server will use data ports in the range 49152..65535. Specifying this option -+will revert to the old behavior. - .It Fl v - Verbose mode. - .El diff --git a/security/heimdal/files/patch-cl b/security/heimdal/files/patch-cl deleted file mode 100644 index 015645d31f68..000000000000 --- a/security/heimdal/files/patch-cl +++ /dev/null @@ -1,33 +0,0 @@ ---- lib/roken/socket.c.orig Wed Jul 26 23:41:06 2000 -+++ lib/roken/socket.c Fri Nov 3 11:56:34 2000 -@@ -222,6 +222,31 @@ - } - - /* -+ * Set the range of ports to use when binding with port = 0. -+ */ -+void -+socket_set_portrange (int sock, int restrict, int af) -+{ -+#if defined(IP_PORTRANGE) -+ if (af == AF_INET) { -+ int on = restrict ? IP_PORTRANGE_HIGH : IP_PORTRANGE_DEFAULT; -+ if (setsockopt (sock, IPPROTO_IP, IP_PORTRANGE, &on, -+ sizeof(on)) < 0) -+ warn ("setsockopt IP_PORTRANGE (ignored)"); -+ } -+#endif -+#if defined(IPV6_PORTRANGE) -+ if (af == AF_INET6) { -+ int on = restrict ? IPV6_PORTRANGE_HIGH : -+ IPV6_PORTRANGE_DEFAULT; -+ if (setsockopt (sock, IPPROTO_IPV6, IPV6_PORTRANGE, &on, -+ sizeof(on)) < 0) -+ warn ("setsockopt IPV6_PORTRANGE (ignored)"); -+ } -+#endif -+} -+ -+/* - * Enable debug on `sock'. - */ diff --git a/security/heimdal/files/patch-cm b/security/heimdal/files/patch-cm deleted file mode 100644 index dc0a4bc28ef3..000000000000 --- a/security/heimdal/files/patch-cm +++ /dev/null @@ -1,12 +0,0 @@ ---- lib/roken/roken-common.h.orig Fri Nov 3 11:31:42 2000 -+++ lib/roken/roken-common.h Fri Nov 3 11:57:01 2000 -@@ -276,6 +276,9 @@ - socket_set_port (struct sockaddr *sa, int port); - - void -+socket_set_portrange (int sock, int restrict, int af); -+ -+void - socket_set_debug (int sock); - - void diff --git a/security/heimdal/files/patch-cn b/security/heimdal/files/patch-cn deleted file mode 100644 index bca48b727ed1..000000000000 --- a/security/heimdal/files/patch-cn +++ /dev/null @@ -1,20 +0,0 @@ ---- lib/Makefile.in.orig Thu Dec 14 09:25:08 2000 -+++ lib/Makefile.in Thu Dec 14 09:25:18 2000 -@@ -190,7 +190,7 @@ - @OTP_TRUE@dir_otp = @OTP_TRUE@otp - @DCE_TRUE@dir_dce = @DCE_TRUE@kdfs - --SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \ -+SUBDIRS = @DIR_roken@ vers editline sl asn1 @DIR_des@ krb5 \ - kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) $(dir_dce) - - subdir = lib -@@ -210,7 +210,7 @@ - DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - - GZIP_ENV = --best --DIST_SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \ -+DIST_SUBDIRS = @DIR_roken@ vers editline sl asn1 @DIR_des@ krb5 \ - kafs hdb kadm5 gssapi auth 45 otp kdfs - all: all-redirect - .SUFFIXES: diff --git a/security/heimdal/files/patch-co b/security/heimdal/files/patch-co deleted file mode 100644 index 4395d43ec21e..000000000000 --- a/security/heimdal/files/patch-co +++ /dev/null @@ -1,11 +0,0 @@ ---- include/Makefile.in.orig Wed Nov 8 10:21:59 2000 -+++ include/Makefile.in Wed Nov 8 10:22:07 2000 -@@ -199,8 +199,6 @@ - asn1.h \ - asn1_err.h \ - base64.h \ -- com_err.h \ -- com_right.h \ - der.h \ - des.h \ - editline.h \ diff --git a/security/heimdal/pkg-plist b/security/heimdal/pkg-plist index f2e161c9acdd..0fc706f5b5b4 100644 --- a/security/heimdal/pkg-plist +++ b/security/heimdal/pkg-plist @@ -1,5 +1,4 @@ bin/ftp -bin/kauth bin/kdestroy bin/kf bin/kgetcred |