author: Hiroki Sato <hrs@FreeBSD.org> 2020-03-13 17:12:29 +0000
committer: Hiroki Sato <hrs@FreeBSD.org> 2020-03-13 17:12:29 +0000
commit: a7aadbeb889e852cd5b0975331292b413a07e9b5 (patch)
tree: 1347682ee9bc237a2b116f8016b6380af597576d /security/heimdal
parent: ce2b21f1bca2e1ab1dae577d4b14e78cc2eca89c (diff)
download: ports-a7aadbeb889e852cd5b0975331292b413a07e9b5.tar.gz
ports-a7aadbeb889e852cd5b0975331292b413a07e9b5.zip
6 files changed, 143 insertions, 16 deletions
diff --git a/security/heimdal/files/patch-configure b/security/heimdal/files/patch-configure
index e9dd5cd849b4..70bf5552768d 100644
--- a/security/heimdal/files/patch-configure
+++ b/security/heimdal/files/patch-configure
@@ -1,6 +1,32 @@
---- configure.orig	2019-06-07 06:23:13 UTC
-+++ configure
-@@ -16103,7 +16103,7 @@ case "$host" in
+--- configure.orig	2019-06-07 15:23:13.000000000 +0900
++++ configure	2020-03-13 05:46:04.140343000 +0900
+@@ -792,6 +792,8 @@
+ PKG_CONFIG
+ PKINIT_FALSE
+ PKINIT_TRUE
++KX509_FALSE
++KX509_TRUE
+ OPENLDAP_MODULE_FALSE
+ OPENLDAP_MODULE_TRUE
+ LIB_openldap
+@@ -15041,9 +15043,15 @@
+ $as_echo "#define KX509 1" >>confdefs.h
+ 
+ fi
++ if test "$enable_kx509" != no; then
++  KX509_TRUE=
++  KX509_FALSE='#'
++else
++  KX509_TRUE='#'
++  KX509_FALSE=
++fi
+ 
+ 
+-
+ if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
+ 	if test -n "$ac_tool_prefix"; then
+   # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
+@@ -16103,7 +16111,7 @@
      ;;
  *-*-freebsd*)
  	native_pthread_support=yes
@@ -9,7 +35,7 @@
  	;;
  *-*-openbsd*)
  	native_pthread_support=yes
-@@ -16339,7 +16339,7 @@ if ${ac_cv_funclib_db_create+:} false; then :
+@@ -16339,7 +16347,7 @@
    $as_echo_n "(cached) " >&6
  else
  
@@ -18,7 +44,7 @@
  	ac_save_LIBS="$LIBS"
  	for ac_lib in "" $dbheader db-5 db5 db4 db3 db; do
  		case "$ac_lib" in
-@@ -16912,6 +16912,9 @@ esac
+@@ -16912,6 +16920,9 @@
  
  $as_echo "#define HAVE_NDBM 1" >>confdefs.h
        have_ndbm=yes
@@ -28,7 +54,7 @@
      else
  
        $as_unset ac_cv_func_dbm_firstkey
-@@ -28663,7 +28666,7 @@ fi
+@@ -28663,7 +28674,7 @@
  
  krb_cv_compile_et="no"
  krb_cv_com_err_need_r=""
@@ -37,3 +63,14 @@
  if test "${COMPILE_ET}" != "no"; then
  
  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether compile_et has the features we need" >&5
+@@ -29176,6 +29187,10 @@
+ fi
+ if test -z "${PKINIT_TRUE}" && test -z "${PKINIT_FALSE}"; then
+   as_fn_error $? "conditional \"PKINIT\" was never defined.
++Usually this means the macro was only invoked conditionally." "$LINENO" 5
++fi
++if test -z "${KX509_TRUE}" && test -z "${KX509_FALSE}"; then
++  as_fn_error $? "conditional \"KX509\" was never defined.
+ Usually this means the macro was only invoked conditionally." "$LINENO" 5
+ fi
+ if test -z "${HAVE_CAPNG_TRUE}" && test -z "${HAVE_CAPNG_FALSE}"; then
diff --git a/security/heimdal/files/patch-configure.ac b/security/heimdal/files/patch-configure.ac
new file mode 100644
index 000000000000..8eb45debb5ac
--- /dev/null
+++ b/security/heimdal/files/patch-configure.ac
@@ -0,0 +1,10 @@
+--- configure.ac.orig	2020-03-13 05:39:55.805336000 +0900
++++ configure.ac	2020-03-13 05:40:40.329535000 +0900
+@@ -153,6 +153,7 @@
+ if test "$enable_kx509" != no ;then
+ 	AC_DEFINE([KX509], 1, [Define to enable kx509.])
+ fi
++AM_CONDITIONAL(KX509, test "$enable_kx509" != no)
+ 
+ dnl Need to test if pkg-config exists
+ PKG_PROG_PKG_CONFIG
diff --git a/security/heimdal/files/patch-kdc-Makefile.am b/security/heimdal/files/patch-kdc-Makefile.am
new file mode 100644
index 000000000000..c8ad9e562200
--- /dev/null
+++ b/security/heimdal/files/patch-kdc-Makefile.am
@@ -0,0 +1,17 @@
+--- kdc/Makefile.am.orig	2016-12-20 23:23:06.000000000 +0900
++++ kdc/Makefile.am	2020-03-13 04:31:52.289449000 +0900
+@@ -47,10 +47,13 @@
+ 	pkinit-ec.c		\
+ 	log.c			\
+ 	misc.c			\
+-	kx509.c			\
++	$(libkdc_pkinit)	\
+ 	process.c		\
+ 	windc.c			\
+ 	rx.h
++if KX509
++libkdc_pkinit = kx509.c
++endif
+ 
+ KDC_PROTOS = $(srcdir)/kdc-protos.h $(srcdir)/kdc-private.h
+ 
diff --git a/security/heimdal/files/patch-kdc-Makefile.in b/security/heimdal/files/patch-kdc-Makefile.in
index f6c9743fd29b..5b0ffcb2379d 100644
--- a/security/heimdal/files/patch-kdc-Makefile.in
+++ b/security/heimdal/files/patch-kdc-Makefile.in
@@ -1,6 +1,16 @@
---- kdc/Makefile.in.orig	2020-02-23 12:16:33 UTC
-+++ kdc/Makefile.in
-@@ -213,6 +213,8 @@ PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noins
+--- kdc/Makefile.in.orig	2020-03-13 04:21:16.723517000 +0900
++++ kdc/Makefile.in	2020-03-13 04:31:33.004672000 +0900
+@@ -199,7 +199,8 @@
+ 	$(am__DEPENDENCIES_1)
+ am_libkdc_la_OBJECTS = default_config.lo set_dbinfo.lo digest.lo \
+ 	fast.lo kerberos5.lo krb5tgs.lo pkinit.lo pkinit-ec.lo log.lo \
+-	misc.lo kx509.lo process.lo windc.lo
++	misc.lo $(libkdc_la_pkinit) process.lo windc.lo
++@KX509_TRUE@libkdc_la_pkinit = kx509.lo
+ libkdc_la_OBJECTS = $(am_libkdc_la_OBJECTS)
+ AM_V_lt = $(am__v_lt_@AM_V@)
+ am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+@@ -213,6 +214,8 @@
  am_digest_service_OBJECTS = digest-service.$(OBJEXT)
  digest_service_OBJECTS = $(am_digest_service_OBJECTS)
  am__DEPENDENCIES_2 = $(top_builddir)/lib/hdb/libhdb.la \
@@ -9,7 +19,7 @@
  	$(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \
  	$(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \
  	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
-@@ -224,6 +226,8 @@ digest_service_DEPENDENCIES = libkdc.la \
+@@ -224,6 +227,8 @@
  am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT)
  hprop_OBJECTS = $(am_hprop_OBJECTS)
  hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
@@ -18,7 +28,7 @@
  	$(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \
  	$(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \
  	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
-@@ -232,6 +236,8 @@ hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la
+@@ -232,6 +237,8 @@
  am_hpropd_OBJECTS = hpropd.$(OBJEXT)
  hpropd_OBJECTS = $(am_hpropd_OBJECTS)
  hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
@@ -27,7 +37,7 @@
  	$(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \
  	$(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \
  	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
-@@ -241,6 +247,8 @@ am_kdc_OBJECTS = kdc-connect.$(OBJEXT) kdc-config.$(OB
+@@ -241,6 +248,8 @@
  	kdc-announce.$(OBJEXT) kdc-main.$(OBJEXT)
  kdc_OBJECTS = $(am_kdc_OBJECTS)
  kdc_DEPENDENCIES = libkdc.la $(am__DEPENDENCIES_2) \
@@ -36,7 +46,7 @@
  	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
  kdc_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
  	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(kdc_CFLAGS) $(CFLAGS) \
-@@ -248,23 +256,35 @@ kdc_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOL
+@@ -248,23 +257,35 @@
  kdc_replay_SOURCES = kdc-replay.c
  kdc_replay_OBJECTS = kdc-replay.$(OBJEXT)
  kdc_replay_DEPENDENCIES = libkdc.la $(am__DEPENDENCIES_2) \
@@ -74,7 +84,22 @@
  	$(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \
  	$(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \
  	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
-@@ -636,6 +656,8 @@ libkdc_la_LDFLAGS = -version-info 2:0:0 $(am__append_1
+@@ -622,11 +643,13 @@
+ 	pkinit-ec.c		\
+ 	log.c			\
+ 	misc.c			\
+-	kx509.c			\
++	$(libkdc_pkinit)	\
+ 	process.c		\
+ 	windc.c			\
+ 	rx.h
+ 
++@KX509_TRUE@libkdc_pkinit = kx509.c
++
+ KDC_PROTOS = $(srcdir)/kdc-protos.h $(srcdir)/kdc-private.h
+ ALL_OBJECTS = $(kdc_OBJECTS) $(kdc_replay_OBJECTS) \
+ 	$(kdc_tester_OBJECTS) $(libkdc_la_OBJECTS) \
+@@ -636,6 +659,8 @@
  hprop_LDADD = \
  	$(top_builddir)/lib/hdb/libhdb.la \
  	$(top_builddir)/lib/krb5/libkrb5.la \
@@ -83,7 +108,7 @@
  	$(LIB_kdb)  \
  	$(LIB_hcrypto) \
  	$(top_builddir)/lib/asn1/libasn1.la \
-@@ -645,6 +667,8 @@ hprop_LDADD = \
+@@ -645,6 +670,8 @@
  hpropd_LDADD = \
  	$(top_builddir)/lib/hdb/libhdb.la \
  	$(top_builddir)/lib/krb5/libkrb5.la \
@@ -92,7 +117,7 @@
  	$(LIB_kdb)  \
  	$(LIB_hcrypto) \
  	$(top_builddir)/lib/asn1/libasn1.la \
-@@ -671,17 +695,24 @@ LDADD = $(top_builddir)/lib/hdb/libhdb.la \
+@@ -671,17 +698,24 @@
  	$(LIB_roken) \
  	$(DB3LIB) $(DB1LIB) $(LMDBLIB) $(NDBMLIB)
  
diff --git a/security/heimdal/files/patch-lib-krb5-init_creds_pw.c b/security/heimdal/files/patch-lib-krb5-init_creds_pw.c
new file mode 100644
index 000000000000..0c729ceb26fd
--- /dev/null
+++ b/security/heimdal/files/patch-lib-krb5-init_creds_pw.c
@@ -0,0 +1,18 @@
+--- lib/krb5/init_creds_pw.c.orig	2020-03-12 13:34:52 UTC
++++ lib/krb5/init_creds_pw.c
+@@ -2273,6 +2273,7 @@ krb5_init_creds_step(krb5_context context,
+ 				       &ctx->req_buffer,
+ 				       NULL,
+ 				       NULL);
++#ifdef PKINIT
+ 	    if (ret == 0 && ctx->pk_init_ctx) {
+ 		PA_DATA *pa_pkinit_kx;
+ 		int idx = 0;
+@@ -2293,6 +2294,7 @@ krb5_init_creds_step(krb5_context context,
+ 		else if (pa_pkinit_kx != NULL)
+ 		    ctx->ic_flags |= KRB5_INIT_CREDS_PKINIT_KX_VALID;
+ 	    }
++#endif
+ 	    if (ret == 0)
+ 		ret = copy_EncKDCRepPart(&rep.enc_part, &ctx->enc_part);
+ 
diff --git a/security/heimdal/files/patch-lib-krb5-krb5_locl.h b/security/heimdal/files/patch-lib-krb5-krb5_locl.h
new file mode 100644
index 000000000000..334316489e74
--- /dev/null
+++ b/security/heimdal/files/patch-lib-krb5-krb5_locl.h
@@ -0,0 +1,20 @@
+--- lib/krb5/krb5_locl.h.orig	2020-03-13 06:00:08.405783000 +0900
++++ lib/krb5/krb5_locl.h	2020-03-13 13:19:46.263840000 +0900
+@@ -143,7 +143,7 @@
+ #include <krb5.h>
+ #include <krb5_err.h>
+ #include <asn1_err.h>
+-#ifdef PKINIT
++#if defined(PKINIT) || defined(KX509)
+ #include <hx509.h>
+ #endif
+ 
+@@ -271,7 +271,7 @@
+ #define KRB5_CTX_F_RD_REQ_IGNORE		16
+ #define KRB5_CTX_F_FCACHE_STRICT_CHECKING	32
+     struct send_to_kdc *send_to_kdc;
+-#ifdef PKINIT
++#if defined(PKINIT) || defined(KX509)
+     hx509_context hx509ctx;
+ #endif
+     unsigned int num_kdc_requests;
author	Hiroki Sato <hrs@FreeBSD.org>	2020-03-13 17:12:29 +0000
committer	Hiroki Sato <hrs@FreeBSD.org>	2020-03-13 17:12:29 +0000
commit	a7aadbeb889e852cd5b0975331292b413a07e9b5 (patch)
tree	1347682ee9bc237a2b116f8016b6380af597576d /security/heimdal
parent	ce2b21f1bca2e1ab1dae577d4b14e78cc2eca89c (diff)
download	ports-a7aadbeb889e852cd5b0975331292b413a07e9b5.tar.gz ports-a7aadbeb889e852cd5b0975331292b413a07e9b5.zip