- Update to 2.4.1

8 files changed, 44 insertions, 87 deletions

diff --git a/security/pam_krb5-rh/Makefile b/security/pam_krb5-rh/Makefile
index 4d6d0b65e3b9..257f42465136 100644
--- a/security/pam_krb5-rh/Makefile
+++ b/security/pam_krb5-rh/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	pam_krb5
-DISTVERSION=	2.3.13-1
+DISTVERSION=	2.4.1
 CATEGORIES=	security
 MASTER_SITES=	https://fedorahosted.org/released/${PORTNAME}/ \
 		http://mirrors.rit.edu/zi/
@@ -25,10 +25,10 @@ GNU_CONFIGURE=	yes
 CONFIGURE_ARGS+=--with-libiconv-prefix=${LOCALBASE} --without-afs \
 		--with-libintl-prefix=${LOCALBASE} --with-krb4=no \
 		--without-keyutils
-LDFLAGS=	-L${LOCALBASE}/lib
+LDFLAGS+=	-L${LOCALBASE}/lib
 
 MAN5=		pam_krb5.5
-MAN8=		pam_krb5.8 pam_krb5_storetmp.8
+MAN8=		pam_krb5.8 pam_krb5_cchelper.8
 
 .if defined(WITHOUT_NLS)
 PLIST_SUB+=	NLS="@comment "
@@ -39,6 +39,12 @@ LDFLAGS+=	-lintl
 USE_GETTEXT=	yes
 .endif
 
+.include <bsd.port.pre.mk>
+
+.if ${OSVERSION} < 800000
+BROKEN=		does not build on FreeBSD 7.x
+.endif
+
 post-patch:
 	@${REINPLACE_CMD} -e 's|libdir)/security|libdir)|g' ${WRKSRC}/src/Makefile.in
 	@${REINPLACE_CMD} -e 's|/lib64/security|${LOCALBASE}/lib|g' \
@@ -48,4 +54,4 @@ post-patch:
 	@${REINPLACE_CMD} -e 's|PAM_AUTHTOK_RECOVER_ERR|PAM_AUTHTOK_RECOVERY_ERR|g' \
 		${WRKSRC}/src/password.c
 
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>
diff --git a/security/pam_krb5-rh/distinfo b/security/pam_krb5-rh/distinfo
index 54fc02854c4e..5195669ab659 100644
--- a/security/pam_krb5-rh/distinfo
+++ b/security/pam_krb5-rh/distinfo
@@ -1,2 +1,2 @@
-SHA256 (pam_krb5-2.3.13-1.tar.gz) = bc5b45afcb5951edc0c4b98a3342d96a3b59cedd4234560b6d1450ebe990195f
-SIZE (pam_krb5-2.3.13-1.tar.gz) = 566365
+SHA256 (pam_krb5-2.4.1.tar.gz) = 198b2d8587055f48282357cbe27b2973993abf8a026463ec46cc3ec7bd099ce2
+SIZE (pam_krb5-2.4.1.tar.gz) = 547592
diff --git a/security/pam_krb5-rh/files/patch-src__cchelper.c b/security/pam_krb5-rh/files/patch-src__cchelper.c
new file mode 100644
index 000000000000..da318aca18c8
--- /dev/null
+++ b/security/pam_krb5-rh/files/patch-src__cchelper.c
@@ -0,0 +1,10 @@
+--- ./src/cchelper.c.orig	2012-12-14 22:20:31.000000000 -0500
++++ ./src/cchelper.c	2012-12-14 22:20:36.000000000 -0500
+@@ -44,6 +44,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <unistd.h>
++#include <sys/signal.h>
+ 
+ #include KRB5_H
+ 
diff --git a/security/pam_krb5-rh/files/patch-src__mkdir.c b/security/pam_krb5-rh/files/patch-src__mkdir.c
new file mode 100644
index 000000000000..ac68654a2f85
--- /dev/null
+++ b/security/pam_krb5-rh/files/patch-src__mkdir.c
@@ -0,0 +1,11 @@
+--- ./src/mkdir.c.orig	2012-09-12 22:34:04.000000000 -0400
++++ ./src/mkdir.c	2012-12-14 22:26:24.000000000 -0500
+@@ -34,6 +34,8 @@
+ 
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <sys/syslimits.h>
++#include <sys/limits.h>
+ #include <dirent.h>
+ #include <errno.h>
+ #include <fcntl.h>
diff --git a/security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c b/security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c
new file mode 100644
index 000000000000..290346e746bd
--- /dev/null
+++ b/security/pam_krb5-rh/files/patch-src__pam_krb5_cchelper.c
@@ -0,0 +1,10 @@
+--- ./src/pam_krb5_cchelper.c.orig	2012-12-14 22:27:50.000000000 -0500
++++ ./src/pam_krb5_cchelper.c	2012-12-14 22:28:00.000000000 -0500
+@@ -34,6 +34,7 @@
+ 
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <sys/syslimits.h>
+ #include <dirent.h>
+ #include <errno.h>
+ #include <fcntl.h>
diff --git a/security/pam_krb5-rh/files/patch-src__storetmp.c b/security/pam_krb5-rh/files/patch-src__storetmp.c
deleted file mode 100644
index ae7894a30a11..000000000000
--- a/security/pam_krb5-rh/files/patch-src__storetmp.c
+++ /dev/null
@@ -1,10 +0,0 @@
---- ./src/storetmp.c.orig	2011-10-18 11:47:04.000000000 -0400
-+++ ./src/storetmp.c	2011-10-18 11:47:16.000000000 -0400
-@@ -36,6 +36,7 @@
- #include <sys/select.h>
- #include <sys/stat.h>
- #include <sys/wait.h>
-+#include <sys/signal.h>
- #include <errno.h>
- #include <fcntl.h>
- #include <grp.h>
diff --git a/security/pam_krb5-rh/files/patch-src__v5.c b/security/pam_krb5-rh/files/patch-src__v5.c
deleted file mode 100644
index ec9fa8296269..000000000000
--- a/security/pam_krb5-rh/files/patch-src__v5.c
+++ /dev/null
@@ -1,70 +0,0 @@
---- ./src/v5.c.orig	2011-07-29 15:31:01.000000000 -0400
-+++ ./src/v5.c	2011-10-24 09:25:15.000000000 -0400
-@@ -1350,6 +1350,9 @@
- 	krb5_creds tmpcreds;
- 	krb5_ccache ccache;
- 	krb5_get_init_creds_opt *tmp_gicopts;
-+	krb5_timestamp sec;
-+	const char *e = NULL;
-+	char *p;
- 
- 	/* In case we already have creds, get rid of them. */
- 	krb5_free_cred_contents(ctx, creds);
-@@ -1393,23 +1396,50 @@
- 		memset(&service_principal, 0, sizeof(service_principal));
- 		if (krb5_parse_name(ctx, realm_service,
- 				    &service_principal) == 0) {
--			if (options->debug) {
--				debug("attempting to read existing credentials "
--				      "from %s", krb5_cc_default_name(ctx));
--			}
- 			memset(&ccache, 0, sizeof(ccache));
- 			/* In case we're setuid/setgid, switch to the caller's
- 			 * permissions. */
- 			saved_perms = _pam_krb5_switch_perms();
-+
-+			e = getenv("KRB5CCNAME");
-+			if (e) {
-+	        		p = strndup(e, 128);
-+	        		if (p == NULL) {
-+					memset(&e, 0, sizeof(e));
-+					if (options->debug)
-+		        			debug("malloc: out of memory");
-+					return ENOMEM;
-+	        		}
-+	        		if ((strnlen(p, 128) > 96) || strnlen(p, 128) <= 0) {
-+					memset(&e, 0, sizeof(e));
-+					if (options->debug)
-+		        			debug("KRB5CCNAME is too long or too short, aborting");
-+					return PAM_SYSTEM_ERR;
-+	        		}
-+	        		if (strncmp(p, "FILE", 4) == 0 && (p[4] == ':' || p[4] == '='))
-+					krb5_cc_set_default_name(ctx, p);
-+	        		else {
-+					if (options->debug)
-+		        			debug("KRB5CCNAME does not start with FILE:");
-+	        		}
-+	        		memset(&e, 0, sizeof(e));
-+			}
-+			if (options->debug) {
-+				debug("attempting to read existing credentials "
-+					"from %s", krb5_cc_default_name(ctx));
-+			}
- 			if ((saved_perms != NULL) &&
- 			    (krb5_cc_default(ctx, &ccache) == 0)) {
-+				krb5_timeofday (ctx, &sec);
- 				tmpcreds.client = userinfo->principal_name;
- 				tmpcreds.server = service_principal;
- 				i = krb5_cc_retrieve_cred(ctx, ccache, 0,
- 							  &tmpcreds, creds);
--				/* FIXME: check if the creds are expired?
--				 * What's the right error code if we check, and
--				 * they are? */
-+				if ((i == 0) && creds->times.endtime < sec) {
-+					if (options->debug)
-+						warn("Credentials expired");
-+					i = KRB5_KPASSWD_AUTHERROR;
-+				}
- 				memset(&tmpcreds, 0, sizeof(tmpcreds));
- 				krb5_cc_close(ctx, ccache);
- 				/* In case we're setuid/setgid, restore the
diff --git a/security/pam_krb5-rh/pkg-plist b/security/pam_krb5-rh/pkg-plist
index 70c618007345..836cfd9d6f9c 100644
--- a/security/pam_krb5-rh/pkg-plist
+++ b/security/pam_krb5-rh/pkg-plist
@@ -1,4 +1,4 @@
-lib/pam_krb5/pam_krb5_storetmp
+lib/pam_krb5/pam_krb5_cchelper
 lib/pam_krb5.so
 lib/pam_krb5.la
 @dirrm lib/pam_krb5