aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--security/audit/Makefile4
-rw-r--r--security/audit/files/patch-src_lib_packet.c41
-rw-r--r--security/audit/files/patch-src_modules_auth_srp_auth_srp.c138
-rw-r--r--security/audit/pkg-plist1
4 files changed, 180 insertions, 4 deletions
diff --git a/security/audit/Makefile b/security/audit/Makefile
index 68b8978b9e12..32c7a600884a 100644
--- a/security/audit/Makefile
+++ b/security/audit/Makefile
@@ -61,10 +61,6 @@ LIBVERSION= 1
.include <bsd.port.pre.mk>
-.if ${OSVERSION} >= 700042
-BROKEN= Broken with gcc 4.2
-.endif
-
post-patch:
${REINPLACE_CMD} -e "s@Linux@FreeBSD@g" ${WRKSRC}/configure
(${FIND} ${WRKSRC}/src/modules -name Makefile.in -exec \
diff --git a/security/audit/files/patch-src_lib_packet.c b/security/audit/files/patch-src_lib_packet.c
new file mode 100644
index 000000000000..1907180ccf69
--- /dev/null
+++ b/security/audit/files/patch-src_lib_packet.c
@@ -0,0 +1,41 @@
+--- src/lib/packet.c.orig 2007-10-17 08:15:35.000000000 +0200
++++ src/lib/packet.c 2007-10-17 08:04:21.000000000 +0200
+@@ -546,16 +546,16 @@ void
+ packet_put_raw(PACKET *p, const void *_data, ssize_t size)
+ {
+ ssize_t written;
+- void *data;
++ char *data;
+
+ if (p == NULL || _data == NULL || size <= 0)
+ return;
+
+- data = (void *) _data;
++ data = (char *) _data;
+ while (size) {
+ written = buf_put_raw(p->pkt_wbuf, data, size);
+ size -= written;
+- (char *) data += written;
++ data += written;
+ if (size)
+ _packet_write(p);
+ }
+@@ -604,14 +604,16 @@ void
+ packet_get_raw(PACKET *p, void *data, ssize_t size)
+ {
+ ssize_t readed;
++ char *cdata;
+
+ if (p == NULL || data == NULL || size <= 0)
+ return;
+
++ cdata = (char *)data;
+ while (size) {
+- readed = buf_get_raw(p->pkt_rbuf, data, size);
++ readed = buf_get_raw(p->pkt_rbuf, cdata, size);
+ size -= readed;
+- (char *) data += readed;
++ cdata += readed;
+ if (size)
+ _packet_read(p);
+ }
diff --git a/security/audit/files/patch-src_modules_auth_srp_auth_srp.c b/security/audit/files/patch-src_modules_auth_srp_auth_srp.c
new file mode 100644
index 000000000000..6e836e71617d
--- /dev/null
+++ b/security/audit/files/patch-src_modules_auth_srp_auth_srp.c
@@ -0,0 +1,138 @@
+--- src/modules/auth/srp/auth_srp.c.orig 2007-10-17 08:09:07.000000000 +0200
++++ src/modules/auth/srp/auth_srp.c 2007-10-17 08:09:09.000000000 +0200
+@@ -445,7 +445,7 @@ _auth_srvr(AUTHCON *ct)
+ USER_M1[SHA1_DIGESTSIZE],
+ bs[NBYTES];
+ BIGNUM A, B, S, b, u, v, s, tmp;
+- BN_CTX bnctx;
++ BN_CTX *bnctx = BN_CTX_new();
+ void *buffer;
+ size_t bufsiz;
+ char hostname[MAXHOSTNAMELEN]; /* XXX: move to engine */
+@@ -468,7 +468,7 @@ _auth_srvr(AUTHCON *ct)
+ BN_init(&u);
+ BN_init(&v);
+ BN_init(&tmp);
+- BN_CTX_init(&bnctx);
++ BN_CTX_init(bnctx);
+
+ clnt_st = LOGIN_FAILED;
+
+@@ -493,7 +493,7 @@ _auth_srvr(AUTHCON *ct)
+ */
+ _rand_bn(&b);
+ _rand_bn(&u);
+- if (!BN_mod_exp(&tmp, &g, &b, &n, &bnctx) || !BN_add(&B, &tmp, &v))
++ if (!BN_mod_exp(&tmp, &g, &b, &n, bnctx) || !BN_add(&B, &tmp, &v))
+ _fatal_bn("srvr_auth()");
+
+ /* Receive A, send B and u */
+@@ -507,9 +507,9 @@ _auth_srvr(AUTHCON *ct)
+ * K = HASH(S)
+ * M1 = HASH(A, B, K)
+ */
+- if (!BN_mod_exp(&S, &v, &u, &n, &bnctx) ||
+- !BN_mul(&tmp, &A, &S, &bnctx) ||
+- !BN_mod_exp(&S, &tmp, &b, &n, &bnctx))
++ if (!BN_mod_exp(&S, &v, &u, &n, bnctx) ||
++ !BN_mul(&tmp, &A, &S, bnctx) ||
++ !BN_mod_exp(&S, &tmp, &b, &n, bnctx))
+ _fatal_bn("srvr_auth()");
+ _hash_bn(K, &S, &buffer, &bufsiz);
+ _auth_digest1(M1, &A, &B, K, &buffer, &bufsiz);
+@@ -560,7 +560,7 @@ _auth_srvr(AUTHCON *ct)
+ BN_clear_free(&u);
+ BN_clear_free(&v);
+ BN_clear_free(&tmp);
+- BN_CTX_free(&bnctx);
++ BN_CTX_free(bnctx);
+ free(buffer);
+
+ /* Init encryption */
+@@ -603,7 +603,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+ M2[SHA1_DIGESTSIZE],
+ SERVER_M2[SHA1_DIGESTSIZE];
+ BIGNUM a, u, x, A, B, S, tmp1, tmp2;
+- BN_CTX bnctx;
++ BN_CTX *bnctx = BN_CTX_new();
+ SHA1_CTX sha1_ctx;
+ void *buffer;
+ size_t bufsiz;
+@@ -621,7 +621,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+ BN_init(&S);
+ BN_init(&tmp1);
+ BN_init(&tmp2);
+- BN_CTX_init(&bnctx);
++ BN_CTX_init(bnctx);
+
+ srvr_st = clnt_st = LOGIN_FAILED;
+
+@@ -663,7 +663,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+ * A = g exp a
+ */
+ _rand_bn(&a);
+- if (!BN_mod_exp(&A, &g, &a, &n, &bnctx))
++ if (!BN_mod_exp(&A, &g, &a, &n, bnctx))
+ _fatal_bn("_auth_clnt()");
+
+ /* Send A, receive B and u */
+@@ -675,11 +675,11 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+ * Calculate:
+ * S = ( (B - g exp x) exp (a + u * x) ) % n
+ */
+- if (!BN_mul(&S, &u, &x, &bnctx) ||
++ if (!BN_mul(&S, &u, &x, bnctx) ||
+ !BN_add(&tmp1, &S, &a) ||
+- !BN_mod_exp(&S, &g, &x, &n, &bnctx) ||
++ !BN_mod_exp(&S, &g, &x, &n, bnctx) ||
+ !BN_sub(&tmp2, &B, &S) ||
+- !BN_mod_exp(&S, &tmp2, &tmp1, &n, &bnctx))
++ !BN_mod_exp(&S, &tmp2, &tmp1, &n, bnctx))
+ _fatal_bn("_auth_clnt()");
+
+ /*
+@@ -717,7 +717,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+ BN_clear_free(&S);
+ BN_clear_free(&tmp1);
+ BN_clear_free(&tmp2);
+- BN_CTX_free(&bnctx);
++ BN_CTX_free(bnctx);
+ free(buffer);
+
+ /* Init encryption */
+@@ -744,7 +744,7 @@ static int
+ _filter_resource(AUTHCON *ct, struct autharg_filter *args)
+ {
+ SHA1_CTX sha1_ctx;
+- BN_CTX bnctx;
++ BN_CTX *bnctx = BN_CTX_new();
+ BIGNUM salt, verifier, x;
+ unsigned char bsalt[NBYTES], xdigest[SHA1_DIGESTSIZE];
+
+@@ -756,7 +756,7 @@ _filter_resource(AUTHCON *ct, struct aut
+ /* Just filter srp passwords */
+ if (!strcmp(args->rname, SRP_PASS_RNAME)) {
+
+- BN_CTX_init(&bnctx);
++ BN_CTX_init(bnctx);
+ BN_init(&salt);
+ BN_init(&x);
+ BN_init(&verifier);
+@@ -774,7 +774,7 @@ _filter_resource(AUTHCON *ct, struct aut
+ SHA1Update(&sha1_ctx, args->value, args->vsize);
+ SHA1Final(xdigest, &sha1_ctx);
+ if (BN_bin2bn(xdigest, sizeof(xdigest), &x) == NULL ||
+- !BN_mod_exp(&verifier, &g, &x, &n, &bnctx))
++ !BN_mod_exp(&verifier, &g, &x, &n, bnctx))
+ _fatal_bn("_filter_resource()");
+
+ /* Get memory for the filtered value */
+@@ -793,7 +793,7 @@ _filter_resource(AUTHCON *ct, struct aut
+ BN_clear_free(&verifier);
+ BN_clear_free(&x);
+ BN_clear_free(&salt);
+- BN_CTX_free(&bnctx);
++ BN_CTX_free(bnctx);
+
+ if (args->fvalue == NULL)
+ return (-1);
diff --git a/security/audit/pkg-plist b/security/audit/pkg-plist
index 0b74e0fa0be4..bc7129def4b3 100644
--- a/security/audit/pkg-plist
+++ b/security/audit/pkg-plist
@@ -7,6 +7,7 @@ lib/alat/libattr_peo.so.1
lib/alat/libattr_regex.so.1
lib/alat/libattr_tcp.so.1
lib/alat/libauth_raw.so.1
+lib/alat/libauth_srp.so.1
lib/alat/libia_syslog.so.1
lib/alat/libres_local.so.1
sbin/auditd