mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-23 00:43:28 +00:00
Brand new MIT KRB5 beta.
This commit is contained in:
parent
76a7e4739b
commit
6c8e7e98c6
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=99158
2
MOVED
2
MOVED
@ -163,7 +163,7 @@ biology/gaussian||2003-01-31|deleted maintain is hard and gray in license
|
||||
graphics/xine_dvdnav_plugin||2003-02-01|integrated into graphics/libxine
|
||||
devel/ossp-mm||2003-02-01|accidental dupe of devel/mm
|
||||
archivers/linux_rar||2003-02-03|FreeBSD/i386 binary is available
|
||||
security/krb5-beta||2003-08-07|deleted: no longer in beta, MIT KRB5 1.3 released
|
||||
security/krb5-beta||2004-01-25|resurrected: brand new MIT KRB5 1.3.2 beta
|
||||
security/pam_krb5||2003-02-12|resurrected: required when MIT KRB5 used in place of base system KRB5
|
||||
deskutils/gnucash|finance/gnucash|2003-02-05|new category
|
||||
x11-toolkits/crux||2003-02-07|deleted: added to GNOME 2.2 desktop
|
||||
|
@ -137,6 +137,7 @@
|
||||
SUBDIR += knocker
|
||||
SUBDIR += krb4
|
||||
SUBDIR += krb5
|
||||
SUBDIR += krb5-beta
|
||||
SUBDIR += kripp
|
||||
SUBDIR += kssh
|
||||
SUBDIR += l0pht-watch
|
||||
|
157
security/krb5-beta/Makefile
Normal file
157
security/krb5-beta/Makefile
Normal file
@ -0,0 +1,157 @@
|
||||
# Ports collection Makefile for: MIT Kerberos V
|
||||
# Date created: 6/5/1998
|
||||
# Whom: nectar@FreeBSD.org
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PORTNAME= krb5
|
||||
PORTVERSION= 1.3.2.b1
|
||||
CATEGORIES= security
|
||||
# USE_TARBALL tells the port that the user has fetched the source
|
||||
# directly from MIT or crypto-publish.org (CRYTPO-PUBLISH).
|
||||
USE_KRB5_TARBALL?= MIT
|
||||
|
||||
.if defined(USE_KRB5_TARBALL) && ${USE_KRB5_TARBALL} == "CRYPTO-PUBLISH"
|
||||
MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
|
||||
EXTRACT_SUFX= .tar.gz
|
||||
.else
|
||||
MASTER_SITES= http://web.mit.edu/kerberos/www/dist/krb5/${PORTVERSION:C/\.[0-9]*\.b[0-9]$//}/
|
||||
EXTRACT_SUFX= .tar
|
||||
.endif
|
||||
DISTNAME= ${PORTNAME}-${PORTVERSION:S/.b/-beta/}
|
||||
|
||||
MAINTAINER= cy@FreeBSD.org
|
||||
COMMENT= An authentication system developed at MIT, successor to Kerberos IV
|
||||
|
||||
BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
|
||||
|
||||
KERBEROSV_URL= http://web.mit.edu/network/kerberos-form.html
|
||||
USE_REINPLACE= yes
|
||||
USE_GMAKE= yes
|
||||
USE_PERL5_BUILD= yes
|
||||
INSTALLS_SHLIB= yes
|
||||
GNU_CONFIGURE= yes
|
||||
CONFIGURE_ARGS?= --enable-shared
|
||||
CONFIGURE_ENV= INSTALL="${INSTALL}" YACC=/usr/bin/yacc \
|
||||
CFLAGS="${CFLAGS}"
|
||||
MAKE_ARGS= INSTALL="${INSTALL}"
|
||||
KRB5_KRB4_COMPAT?= NO
|
||||
|
||||
.if !defined(KRB5_KRB4_COMPAT) || ${KRB5_KRB4_COMPAT} == "NO"
|
||||
CONFIGURE_ARGS+= --without-krb4
|
||||
PLIST_SUB+= KRB4="@comment "
|
||||
.else
|
||||
PLIST_SUB+= KRB4=""
|
||||
.endif
|
||||
|
||||
.if defined(KRB5_HOME)
|
||||
PREFIX= ${KRB5_HOME}
|
||||
.endif
|
||||
|
||||
INFO_FILES= krb425.info krb5-admin.info krb5-admin.info-1 \
|
||||
krb5-admin.info-2 krb5-admin.info-3 krb5-install.info \
|
||||
krb5-install.info-1 krb5-install.info-2 krb5-user.info
|
||||
|
||||
MAN1= krb5-send-pr.1 kpasswd.1 v5passwd.1 klist.1 kinit.1 \
|
||||
kdestroy.1 ksu.1 sclient.1 rsh.1 rcp.1 rlogin.1 \
|
||||
ftp.1 telnet.1 kerberos.1 kvno.1 compile_et.1
|
||||
.if defined(KRB5_KRB4_COMPAT) && ${KRB5_KRB4_COMPAT} != "NO"
|
||||
MAN1+= v4rcp.1
|
||||
.endif
|
||||
MAN5= kdc.conf.5 krb5.conf.5 .k5login.5
|
||||
MAN8= krb5kdc.8 kadmin.8 kadmin.local.8 kdb5_util.8 \
|
||||
ktutil.8 kadmind.8 kprop.8 kpropd.8 sserver.8 \
|
||||
kshd.8 klogind.8 login.krb5.8 ftpd.8 telnetd.8 \
|
||||
k5srvutil.8
|
||||
|
||||
WRKSRC= ${WRKDIR}/${DISTNAME}/src
|
||||
|
||||
WANT_HTML?= YES
|
||||
HTML_DOC_DIR= ${WRKDIR}/${DISTNAME}/doc
|
||||
HTML_DOCS= admin.html user-guide.html install.html
|
||||
HTML_OUTDIRS= krb5-admin krb5-install
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if defined(USE_KRB5_TARBALL) && ${USE_KRB5_TARBALL} == "MIT"
|
||||
post-extract:
|
||||
@${TAR} -C ${WRKDIR} -xzf ${WRKDIR}/${DISTNAME}.tar.gz
|
||||
@${RM} ${WRKDIR}/${DISTNAME}.tar.gz ${WRKDIR}/${DISTNAME}.tar.gz.asc
|
||||
.if !defined(EXTRACT_PRESERVE_OWNERSHIP)
|
||||
@if [ `id -u` = 0 ]; then \
|
||||
${CHMOD} -R ug-s,go-w ${WRKDIR}/${DISTNAME}; \
|
||||
${CHOWN} -R 0:0 ${WRKDIR}/${DISTNAME}; \
|
||||
fi
|
||||
.endif
|
||||
.endif
|
||||
|
||||
post-patch:
|
||||
.if ${OSVERSION} >= 500000
|
||||
@${REINPLACE_CMD} -e '1s,^#!\/usr\/athena,#!${LOCALBASE},' \
|
||||
${WRKSRC}/../doc/man2html
|
||||
.else
|
||||
@${REINPLACE_CMD} -e '1s,^#!\/usr\/athena,#!\/usr,' \
|
||||
${WRKSRC}/../doc/man2html
|
||||
.endif
|
||||
|
||||
pre-build:
|
||||
.if !defined(KRB5_KRB4_COMPAT)
|
||||
@${ECHO} "------------------------------------------------------"
|
||||
@${ECHO} "Set KRB5_KRB4_COMPAT=NO if you do not want to build "
|
||||
@${ECHO} "the KerberosIV compatibility libraries. "
|
||||
@${ECHO} "------------------------------------------------------"
|
||||
.endif
|
||||
|
||||
post-build:
|
||||
@(cd ${WRKSRC}/../doc && \
|
||||
${MAKE} ${INFO_FILES})
|
||||
.if defined(WANT_HTML) && ${WANT_HTML} == "YES"
|
||||
@(cd ${WRKSRC}/../doc && \
|
||||
${MAKE} ${HTML_DOCS})
|
||||
.endif
|
||||
|
||||
post-install:
|
||||
# html documentation
|
||||
.if defined(WANT_HTML) && ${WANT_HTML} == "YES"
|
||||
@${MKDIR} ${PREFIX}/share/doc/krb5
|
||||
for html in ${HTML_DOC_DIR}/*.html; do \
|
||||
${INSTALL_MAN} $${html} ${PREFIX}/share/doc/krb5; \
|
||||
${ECHO_CMD} share/doc/krb5/`${BASENAME} $${html}` >> ${TMPPLIST}; \
|
||||
done
|
||||
.for htmldir in ${HTML_OUTDIRS}
|
||||
@${MKDIR} ${PREFIX}/share/doc/krb5/${htmldir}
|
||||
for html in ${HTML_DOC_DIR}/${htmldir}/*; do \
|
||||
${INSTALL_MAN} $${html} ${PREFIX}/share/doc/krb5/${htmldir}; \
|
||||
${ECHO_CMD} share/doc/krb5/${htmldir}/`${BASENAME} $${html}` >> ${TMPPLIST}; \
|
||||
done
|
||||
${ECHO_CMD} @dirrm share/doc/krb5/${htmldir} >> ${TMPPLIST}
|
||||
.endfor
|
||||
.endif
|
||||
${ECHO_CMD} @dirrm share/doc/krb5 >> ${TMPPLIST}
|
||||
# handle info files
|
||||
.for info in ${INFO_FILES}
|
||||
${INSTALL_MAN} ${WRKSRC}/../doc/${info} ${PREFIX}/info/${info}
|
||||
.endfor
|
||||
.for info in ${INFO_FILES:M*.info}
|
||||
install-info ${PREFIX}/info/${info} ${PREFIX}/info/dir
|
||||
.endfor
|
||||
# fixup packing list (no libs without version numbers in aout case)
|
||||
.if ${PORTOBJFORMAT} == "aout"
|
||||
${ECHO_MSG} "Fixing packing list for a.out"
|
||||
${MV} ${TMPPLIST} ${TMPPLIST}.new
|
||||
${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST}
|
||||
${RM} ${TMPPLIST}.new
|
||||
.endif
|
||||
@${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR}/README.FreeBSD > ${PREFIX}/share/doc/krb5/README.FreeBSD
|
||||
@${CHMOD} 444 ${PREFIX}/share/doc/krb5/README.FreeBSD
|
||||
@${ECHO} "------------------------------------------------------"
|
||||
@${ECHO} "This port of MIT Kerberos 5 includes remote login "
|
||||
@${ECHO} "daemons (telnetd and klogind). These daemons default "
|
||||
@${ECHO} "to using the system login program (/usr/bin/login). "
|
||||
@${ECHO} "Please see the file "
|
||||
@${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
|
||||
@${ECHO} "for more information. "
|
||||
@${ECHO} "------------------------------------------------------"
|
||||
|
||||
.include <bsd.port.post.mk>
|
1
security/krb5-beta/distinfo
Normal file
1
security/krb5-beta/distinfo
Normal file
@ -0,0 +1 @@
|
||||
MD5 (krb5-1.3.2-beta1.tar) = b457d2c6cc43a3220469dec4b7f66d48
|
32
security/krb5-beta/files/README.FreeBSD
Normal file
32
security/krb5-beta/files/README.FreeBSD
Normal file
@ -0,0 +1,32 @@
|
||||
The MIT KRB5 port provides its own login program at
|
||||
${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
|
||||
the FreeBSD login.conf and login.access files that provide a means of
|
||||
setting up and controlling sessions under FreeBSD. To overcome this,
|
||||
the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
|
||||
interactive login password authentication instead of the login.krb5
|
||||
program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
|
||||
not have support for Kerberos V password authentication,
|
||||
e.g. authentication at the console. The pam_krb5 port must be used to
|
||||
provide Kerberos V password authentication.
|
||||
|
||||
For more information about pam_krb5, please see pam(8) and pam_krb5(8).
|
||||
|
||||
If you wish to use login.krb5 that is provided by the MIT KRB5 port,
|
||||
the arguments "-L ${PREFIX}/sbin/login.krb5" must be
|
||||
specified as arguments to klogind and KRB5 telnetd, e.g.
|
||||
|
||||
klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
|
||||
eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
|
||||
telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
|
||||
|
||||
Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
|
||||
of the FreeBSD provided /usr/bin/login for local tty logins,
|
||||
"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
|
||||
|
||||
default:\
|
||||
:cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
|
||||
:if=/etc/issue:\
|
||||
:lo=${PREFIX}/sbin/login.krb5:
|
||||
|
||||
It is recommended that the FreeBSD /usr/bin/login be used with the
|
||||
pam_krb5 port instead of the MIT KRB5 provided login.krb5.
|
13
security/krb5-beta/files/patch-ac
Normal file
13
security/krb5-beta/files/patch-ac
Normal file
@ -0,0 +1,13 @@
|
||||
--- ../doc/admin.texinfo Fri Feb 6 21:40:56 1998
|
||||
+++ admin.texinfo Fri Jun 19 15:13:45 1998
|
||||
@@ -5,6 +5,10 @@
|
||||
@c guide
|
||||
@setfilename krb5-admin.info
|
||||
@settitle Kerberos V5 System Administrator's Guide
|
||||
+@dircategory Kerberos V5
|
||||
+@direntry
|
||||
+* Admin Guide: (krb5-admin). Kerberos V5 System Admin's Guide
|
||||
+@end direntry
|
||||
@setchapternewpage odd @c chapter begins on next odd page
|
||||
@c @setchapternewpage on @c chapter begins on next page
|
||||
@c @smallbook @c Format for 7" X 9.25" paper
|
13
security/krb5-beta/files/patch-ad
Normal file
13
security/krb5-beta/files/patch-ad
Normal file
@ -0,0 +1,13 @@
|
||||
--- ../doc/user-guide.texinfo Fri Feb 6 21:40:58 1998
|
||||
+++ user-guide.texinfo Fri Jun 19 15:13:45 1998
|
||||
@@ -3,6 +3,10 @@
|
||||
@c guide
|
||||
@setfilename krb5-user.info
|
||||
@settitle Kerberos V5 UNIX User's Guide
|
||||
+@dircategory Kerberos V5
|
||||
+@direntry
|
||||
+* User's Guide: (krb5-user). Kerberos V5 UNIX User's Guide
|
||||
+@end direntry
|
||||
@setchapternewpage odd @c chapter begins on next odd page
|
||||
@c @setchapternewpage on @c chapter begins on next page
|
||||
@c @smallbook @c Format for 7" X 9.25" paper
|
13
security/krb5-beta/files/patch-ae
Normal file
13
security/krb5-beta/files/patch-ae
Normal file
@ -0,0 +1,13 @@
|
||||
--- ../doc/install.texinfo Fri Feb 6 21:40:56 1998
|
||||
+++ install.texinfo Fri Jun 19 15:13:45 1998
|
||||
@@ -5,6 +5,10 @@
|
||||
@c guide
|
||||
@setfilename krb5-install.info
|
||||
@settitle Kerberos V5 Installation Guide
|
||||
+@dircategory Kerberos V5
|
||||
+@direntry
|
||||
+* Installation Guide: (krb5-install). Kerberos V5 Installation Guide
|
||||
+@end direntry
|
||||
@setchapternewpage odd @c chapter begins on next odd page
|
||||
@c @setchapternewpage on @c chapter begins on next page
|
||||
@c @smallbook @c Format for 7" X 9.25" paper
|
13
security/krb5-beta/files/patch-af
Normal file
13
security/krb5-beta/files/patch-af
Normal file
@ -0,0 +1,13 @@
|
||||
--- ../doc/krb425.texinfo Fri Feb 6 21:40:57 1998
|
||||
+++ krb425.texinfo Fri Jun 19 15:13:45 1998
|
||||
@@ -5,6 +5,10 @@
|
||||
@c guide
|
||||
@setfilename krb425.info
|
||||
@settitle Upgrading to Kerberos V5 from Kerberos V4
|
||||
+@dircategory Kerberos V5
|
||||
+@direntry
|
||||
+* Upgrading from V4 to V5: (krb425). Upgrading from Kerberos V4 to V5
|
||||
+@end direntry
|
||||
@c @setchapternewpage odd @c chapter begins on next odd page
|
||||
@c @setchapternewpage on @c chapter begins on next page
|
||||
@c @smallbook @c Format for 7" X 9.25" paper
|
28
security/krb5-beta/files/patch-ai
Normal file
28
security/krb5-beta/files/patch-ai
Normal file
@ -0,0 +1,28 @@
|
||||
--- appl/gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002
|
||||
+++ appl/gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002
|
||||
@@ -487,7 +487,13 @@
|
||||
#ifndef LOG_DAEMON
|
||||
#define LOG_DAEMON 0
|
||||
#endif
|
||||
- openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON);
|
||||
+
|
||||
+#ifndef LOG_FTP
|
||||
+#define FACILITY LOG_DAEMON
|
||||
+#else
|
||||
+#define FACILITY LOG_FTP
|
||||
+#endif
|
||||
+ openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
|
||||
|
||||
addrlen = sizeof (his_addr);
|
||||
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
|
||||
@@ -2312,6 +2318,10 @@
|
||||
if ((length = krb_mk_safe((u_char *)&cksum, out_buf, sizeof(cksum),
|
||||
&kdata.session,&ctrl_addr, &his_addr)) == -1) {
|
||||
secure_error("ADAT: krb_mk_safe failed");
|
||||
+ return(0);
|
||||
+ }
|
||||
+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
|
||||
+ secure_error("ADAT: reply too long");
|
||||
return(0);
|
||||
}
|
||||
if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
|
19
security/krb5-beta/files/patch-aj
Normal file
19
security/krb5-beta/files/patch-aj
Normal file
@ -0,0 +1,19 @@
|
||||
*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998
|
||||
--- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998
|
||||
***************
|
||||
*** 66,72 ****
|
||||
struct stat buf;
|
||||
time_t time();
|
||||
|
||||
! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0)
|
||||
return;
|
||||
if (fstat(fd, &buf) == 0) {
|
||||
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
|
||||
--- 66,72 ----
|
||||
struct stat buf;
|
||||
time_t time();
|
||||
|
||||
! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0)
|
||||
return;
|
||||
if (fstat(fd, &buf) == 0) {
|
||||
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
|
12
security/krb5-beta/files/patch-appl::bsd::Makefile.in
Normal file
12
security/krb5-beta/files/patch-appl::bsd::Makefile.in
Normal file
@ -0,0 +1,12 @@
|
||||
--- appl/bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001
|
||||
+++ appl/bsd/Makefile.in Mon Dec 31 21:52:45 2001
|
||||
@@ -31,8 +31,8 @@
|
||||
-DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\"
|
||||
|
||||
DEFINES = $(RSH) $(BSD) $(RPROGS) -DKERBEROS \
|
||||
- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \
|
||||
+ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \
|
||||
-DHEIMDAL_FRIENDLY
|
||||
|
||||
all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP)
|
||||
|
35
security/krb5-beta/files/patch-appl::bsd::klogind.M
Normal file
35
security/krb5-beta/files/patch-appl::bsd::klogind.M
Normal file
@ -0,0 +1,35 @@
|
||||
--- appl/bsd/klogind.M.orig Wed Feb 28 14:06:43 2001
|
||||
+++ appl/bsd/klogind.M Mon Dec 31 21:22:27 2001
|
||||
@@ -14,7 +14,7 @@
|
||||
.B \-kr54cpPef
|
||||
]
|
||||
[[ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP ]] ]
|
||||
-[ \fB\-D\fP \fIport\fP ]
|
||||
+[ \fB\-D\fP \fIport\fP ] [\fB\-L\fP \fIloginpath\fP]
|
||||
.SH DESCRIPTION
|
||||
.I Klogind
|
||||
is the server for the
|
||||
@@ -107,6 +108,10 @@
|
||||
Beta5 (May 1995)--present bogus checksums that prevent Kerberos
|
||||
authentication from succeeding in the default mode.
|
||||
|
||||
+.IP \fB\-L\ loginpath\fP
|
||||
+Specify pathname to an alternative login program. Default: /usr/bin/login.
|
||||
+KRB5_HOME/sbin/login.krb5 may be specified.
|
||||
+
|
||||
|
||||
.PP
|
||||
If the
|
||||
@@ -157,12 +162,6 @@
|
||||
|
||||
.IP \fB\-M\ realm\fP
|
||||
Set the Kerberos realm to use.
|
||||
-
|
||||
-.IP \fB\-L\ login\fP
|
||||
-Set the login program to use. This option only has an effect if
|
||||
-DO_NOT_USE_K_LOGIN was not defined when
|
||||
-.I klogind
|
||||
-was compiled.
|
||||
|
||||
.IP \fB\-D\ port\fP
|
||||
Run in standalone mode, listening on \fBport\fP. The daemon will exit
|
23
security/krb5-beta/files/patch-appl::gssftp::ftp::ftp_var.h
Normal file
23
security/krb5-beta/files/patch-appl::gssftp::ftp::ftp_var.h
Normal file
@ -0,0 +1,23 @@
|
||||
--- appl/gssftp/ftp/ftp_var.h.orig Tue Jun 17 02:37:40 2003
|
||||
+++ appl/gssftp/ftp/ftp_var.h Sat Aug 30 05:30:44 2003
|
||||
@@ -33,6 +33,10 @@
|
||||
* @(#)ftp_var.h 5.9 (Berkeley) 6/1/90
|
||||
*/
|
||||
|
||||
+#if defined(__FreeBSD_cc_version) && __FreeBSD_cc_version > 500000
|
||||
+#undef __BSD_VISIBLE
|
||||
+#endif
|
||||
+
|
||||
#ifdef _WIN32
|
||||
#include <windows.h>
|
||||
#include <winsock2.h>
|
||||
@@ -57,9 +61,7 @@
|
||||
typedef void (*sig_t)(int);
|
||||
typedef void sigtype;
|
||||
#else
|
||||
-#define sig_t my_sig_t
|
||||
#define sigtype krb5_sigtype
|
||||
-typedef sigtype (*sig_t)();
|
||||
#endif
|
||||
|
||||
/*
|
@ -0,0 +1,11 @@
|
||||
--- appl/telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001
|
||||
+++ appl/telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001
|
||||
@@ -24,7 +24,7 @@
|
||||
# @(#)Makefile.generic 5.5 (Berkeley) 3/1/91
|
||||
#
|
||||
|
||||
-AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN
|
||||
+AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\"
|
||||
OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON
|
||||
LOCALINCLUDES=-I.. -I$(srcdir)/..
|
||||
DEFINES = $(AUTH_DEF) $(OTHERDEFS)
|
@ -0,0 +1,22 @@
|
||||
--- appl/telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001
|
||||
+++ appl/telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001
|
||||
@@ -43,7 +43,7 @@
|
||||
[\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
|
||||
[\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
|
||||
[\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
|
||||
-[\fB\-debug\fP [\fIport\fP]]
|
||||
+[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP]
|
||||
.SH DESCRIPTION
|
||||
The
|
||||
.B telnetd
|
||||
@@ -221,6 +221,10 @@
|
||||
in response to a
|
||||
.SM DO TIMING-MARK)
|
||||
for kludge linemode support.
|
||||
+.TP
|
||||
+\fB\-L\fP \fIloginpath\fP
|
||||
+Specify pathname to an alternative login program. Default: /usr/bin/login.
|
||||
+KRB5_HOME/sbin/login.krb5 may be specified.
|
||||
.TP
|
||||
.B \-l
|
||||
Specifies line mode. Tries to force clients to use line-at-a-time
|
@ -0,0 +1,38 @@
|
||||
--- appl/telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002
|
||||
+++ appl/telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002
|
||||
@@ -408,18 +408,25 @@
|
||||
int
|
||||
netwrite(const char *buf, size_t len)
|
||||
{
|
||||
- size_t remain;
|
||||
+ int remaining, copied;
|
||||
+
|
||||
+ remaining = BUFSIZ - (nfrontp - netobuf);
|
||||
+ while (len > 0) {
|
||||
+ /* Free up enough space if the room is too low*/
|
||||
+ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
|
||||
+ netflush();
|
||||
+ remaining = BUFSIZ - (nfrontp - netobuf);
|
||||
+ }
|
||||
|
||||
- remain = sizeof(netobuf) - (nfrontp - netobuf);
|
||||
- if (remain < len) {
|
||||
- netflush();
|
||||
- remain = sizeof(netobuf) - (nfrontp - netobuf);
|
||||
+ /* Copy out as much as will fit */
|
||||
+ copied = remaining > len ? len : remaining;
|
||||
+ memmove(nfrontp, buf, copied);
|
||||
+ nfrontp += copied;
|
||||
+ len -= copied;
|
||||
+ remaining -= copied;
|
||||
+ buf += copied;
|
||||
}
|
||||
- if (remain < len)
|
||||
- return 0;
|
||||
- memcpy(nfrontp, buf, len);
|
||||
- nfrontp += len;
|
||||
- return len;
|
||||
+ return copied;
|
||||
}
|
||||
|
||||
/*
|
195
security/krb5-beta/files/patch-as
Normal file
195
security/krb5-beta/files/patch-as
Normal file
@ -0,0 +1,195 @@
|
||||
--- clients/ksu/main.c.orig Wed Aug 14 12:14:49 2002
|
||||
+++ clients/ksu/main.c Tue Jul 29 18:46:00 2003
|
||||
@@ -32,6 +32,10 @@
|
||||
#include <signal.h>
|
||||
#include <grp.h>
|
||||
|
||||
+#ifdef LOGIN_CAP
|
||||
+#include <login_cap.h>
|
||||
+#endif
|
||||
+
|
||||
/* globals */
|
||||
char * prog_name;
|
||||
int auth_debug =0;
|
||||
@@ -61,7 +65,7 @@
|
||||
ill specified arguments to commands */
|
||||
|
||||
void usage (){
|
||||
- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
|
||||
+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
|
||||
}
|
||||
|
||||
/* for Ultrix and friends ... */
|
||||
@@ -77,6 +81,7 @@
|
||||
int argc;
|
||||
char ** argv;
|
||||
{
|
||||
+ int asme = 0;
|
||||
int hp =0;
|
||||
int some_rest_copy = 0;
|
||||
int all_rest_copy = 0;
|
||||
@@ -91,6 +96,7 @@
|
||||
char * cc_target_tag = NULL;
|
||||
char * target_user = NULL;
|
||||
char * source_user;
|
||||
+ char * source_shell;
|
||||
|
||||
krb5_ccache cc_source = NULL;
|
||||
const char * cc_source_tag = NULL;
|
||||
@@ -117,6 +123,11 @@
|
||||
krb5_principal kdc_server;
|
||||
krb5_boolean zero_password;
|
||||
char * dir_of_cc_target;
|
||||
+
|
||||
+#ifdef LOGIN_CAP
|
||||
+ login_cap_t *lc;
|
||||
+ int setwhat;
|
||||
+#endif
|
||||
|
||||
options.opt = KRB5_DEFAULT_OPTIONS;
|
||||
options.lifetime = KRB5_DEFAULT_TKT_LIFE;
|
||||
@@ -181,7 +192,7 @@
|
||||
com_err (prog_name, errno, "while setting euid to source user");
|
||||
exit (1);
|
||||
}
|
||||
- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){
|
||||
+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){
|
||||
switch (option) {
|
||||
case 'r':
|
||||
options.opt |= KDC_OPT_RENEWABLE;
|
||||
@@ -227,6 +238,9 @@
|
||||
errflg++;
|
||||
}
|
||||
break;
|
||||
+ case 'm':
|
||||
+ asme = 1;
|
||||
+ break;
|
||||
case 'n':
|
||||
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
|
||||
com_err(prog_name, retval, "when parsing name %s", optarg);
|
||||
@@ -341,6 +355,7 @@
|
||||
|
||||
/* allocate space and copy the usernamane there */
|
||||
source_user = xstrdup(pwd->pw_name);
|
||||
+ source_shell = xstrdup(pwd->pw_shell);
|
||||
source_uid = pwd->pw_uid;
|
||||
source_gid = pwd->pw_gid;
|
||||
|
||||
@@ -672,43 +687,64 @@
|
||||
/* get the shell of the user, this will be the shell used by su */
|
||||
target_pwd = getpwnam(target_user);
|
||||
|
||||
- if (target_pwd->pw_shell)
|
||||
- shell = xstrdup(target_pwd->pw_shell);
|
||||
- else {
|
||||
- shell = _DEF_CSH; /* default is cshell */
|
||||
+ if (asme) {
|
||||
+ if (source_shell && *source_shell) {
|
||||
+ shell = strdup(source_shell);
|
||||
+ } else {
|
||||
+ shell = _DEF_CSH;
|
||||
+ }
|
||||
+ } else {
|
||||
+ if (target_pwd->pw_shell)
|
||||
+ shell = strdup(target_pwd->pw_shell);
|
||||
+ else {
|
||||
+ shell = _DEF_CSH; /* default is cshell */
|
||||
+ }
|
||||
}
|
||||
|
||||
#ifdef HAVE_GETUSERSHELL
|
||||
|
||||
/* insist that the target login uses a standard shell (root is omited) */
|
||||
|
||||
- if (!standard_shell(target_pwd->pw_shell) && source_uid) {
|
||||
- fprintf(stderr, "ksu: permission denied (shell).\n");
|
||||
- sweep_up(ksu_context, cc_target);
|
||||
- exit(1);
|
||||
+ if (asme) {
|
||||
+ if (!standard_shell(pwd->pw_shell) && source_uid) {
|
||||
+ fprintf(stderr, "ksu: permission denied (shell).\n");
|
||||
+ sweep_up(ksu_context, cc_target);
|
||||
+ exit(1);
|
||||
+ }
|
||||
+ } else {
|
||||
+ if (!standard_shell(target_pwd->pw_shell) && source_uid) {
|
||||
+ fprintf(stderr, "ksu: permission denied (shell).\n");
|
||||
+ sweep_up(ksu_context, cc_target);
|
||||
+ exit(1);
|
||||
+ }
|
||||
}
|
||||
#endif /* HAVE_GETUSERSHELL */
|
||||
|
||||
- if (target_pwd->pw_uid){
|
||||
-
|
||||
- if(set_env_var("USER", target_pwd->pw_name)){
|
||||
+ if (!asme) {
|
||||
+ if (target_pwd->pw_uid){
|
||||
+ if (set_env_var("USER", target_pwd->pw_name)){
|
||||
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
|
||||
+ sweep_up(ksu_context, cc_target);
|
||||
+ exit(1);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (set_env_var( "HOME", target_pwd->pw_dir)){
|
||||
fprintf(stderr,"ksu: couldn't set environment variable USER\n");
|
||||
sweep_up(ksu_context, cc_target);
|
||||
exit(1);
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- if(set_env_var( "HOME", target_pwd->pw_dir)){
|
||||
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
|
||||
- sweep_up(ksu_context, cc_target);
|
||||
- exit(1);
|
||||
- }
|
||||
+ }
|
||||
|
||||
- if(set_env_var( "SHELL", shell)){
|
||||
- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
|
||||
- sweep_up(ksu_context, cc_target);
|
||||
- exit(1);
|
||||
- }
|
||||
+ if (set_env_var( "SHELL", shell)){
|
||||
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
|
||||
+ sweep_up(ksu_context, cc_target);
|
||||
+ exit(1);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+#ifdef LOGIN_CAP
|
||||
+ lc = login_getpwclass(pwd);
|
||||
+#endif
|
||||
|
||||
/* set the cc env name to target */
|
||||
|
||||
@@ -718,7 +754,19 @@
|
||||
sweep_up(ksu_context, cc_target);
|
||||
exit(1);
|
||||
}
|
||||
-
|
||||
+
|
||||
+#ifdef LOGIN_CAP
|
||||
+ setwhat = LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY;
|
||||
+ setwhat |= LOGIN_SETPATH|LOGIN_SETUMASK|LOGIN_SETENV;
|
||||
+ /*
|
||||
+ * Don't touch resource/priority settings if -m has been
|
||||
+ * used or -l and -c hasn't, and we're not su'ing to root.
|
||||
+ */
|
||||
+ if (target_pwd->pw_uid)
|
||||
+ setwhat &= ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES);
|
||||
+ if (setusercontext(lc, target_pwd, target_pwd->pw_uid, setwhat) < 0)
|
||||
+ err(1, "setusercontext");
|
||||
+#else
|
||||
/* set permissions */
|
||||
if (setgid(target_pwd->pw_gid) < 0) {
|
||||
perror("ksu: setgid");
|
||||
@@ -759,6 +807,7 @@
|
||||
sweep_up(ksu_context, cc_target);
|
||||
exit(1);
|
||||
}
|
||||
+#endif
|
||||
|
||||
if (access( cc_target_tag_tmp, R_OK | W_OK )){
|
||||
com_err(prog_name, errno,
|
14
security/krb5-beta/files/patch-at
Normal file
14
security/krb5-beta/files/patch-at
Normal file
@ -0,0 +1,14 @@
|
||||
*** include/syslog.h.ORIG Fri Feb 6 19:42:12 1998
|
||||
--- include/syslog.h Tue Jun 30 19:46:02 1998
|
||||
***************
|
||||
*** 34,39 ****
|
||||
--- 34,42 ----
|
||||
#define LOG_LPR (6<<3) /* line printer subsystem */
|
||||
#define LOG_NEWS (7<<3) /* network news subsystem */
|
||||
#define LOG_UUCP (8<<3) /* UUCP subsystem */
|
||||
+ #if (defined(BSD) && (BSD >= 199306))
|
||||
+ #define LOG_FTP (11<<3) /* ftp daemon */
|
||||
+ #endif
|
||||
/* other codes through 15 reserved for system use */
|
||||
#define LOG_LOCAL0 (16<<3) /* reserved for local use */
|
||||
#define LOG_LOCAL1 (17<<3) /* reserved for local use */
|
15
security/krb5-beta/files/patch-av
Normal file
15
security/krb5-beta/files/patch-av
Normal file
@ -0,0 +1,15 @@
|
||||
*** clients/ksu/Makefile.in.ORIG Sun Aug 2 16:51:18 1998
|
||||
--- clients/ksu/Makefile.in Sun Aug 2 16:53:48 1998
|
||||
***************
|
||||
*** 3,7 ****
|
||||
mydir=ksu
|
||||
BUILDTOP=$(REL)$(U)$(S)$(U)
|
||||
! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"'
|
||||
CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE)
|
||||
|
||||
--- 3,7 ----
|
||||
mydir=ksu
|
||||
BUILDTOP=$(REL)$(U)$(S)$(U)
|
||||
! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/bin /bin /usr/sbin /sbin"'
|
||||
CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE)
|
||||
|
11
security/krb5-beta/files/patch-ax
Normal file
11
security/krb5-beta/files/patch-ax
Normal file
@ -0,0 +1,11 @@
|
||||
--- ../doc/Makefile.orig Fri Sep 20 10:35:27 2002
|
||||
+++ ../doc/Makefile Tue Jul 29 18:53:08 2003
|
||||
@@ -1,7 +1,7 @@
|
||||
SRCDIR=../src
|
||||
DVI=texi2dvi
|
||||
DVIPS=dvips -o "$@"
|
||||
-INFO=makeinfo
|
||||
+INFO=makeinfo --no-validate
|
||||
HTML=makeinfo --html
|
||||
RM=rm -f
|
||||
TAR=tar -chvf
|
50
security/krb5-beta/files/patch-ay
Normal file
50
security/krb5-beta/files/patch-ay
Normal file
@ -0,0 +1,50 @@
|
||||
--- util/pty/getpty.c.orig Wed Jan 9 14:28:37 2002
|
||||
+++ util/pty/getpty.c Thu Jan 10 21:30:40 2002
|
||||
@@ -24,13 +24,26 @@
|
||||
#include "libpty.h"
|
||||
#include "pty-int.h"
|
||||
|
||||
+#ifdef __FreeBSD__
|
||||
+#define PTYCHARS1 "pqrsPQRS"
|
||||
+#define PTYCHARS2 "0123456789abcdefghijklmnopqrstuv"
|
||||
+#endif
|
||||
+
|
||||
+#ifndef PTYCHARS1
|
||||
+#define PTYCHARS1 "pqrstuvwxyzPQRST"
|
||||
+#endif
|
||||
+
|
||||
+#ifndef PTYCHARS2
|
||||
+#define PTYCHARS2 "0123456789abcdef"
|
||||
+#endif
|
||||
+
|
||||
long
|
||||
ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt)
|
||||
{
|
||||
+ int ptynum;
|
||||
+ char *cp1, *cp2;
|
||||
#if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY)
|
||||
- char *cp;
|
||||
char *p;
|
||||
- int i,ptynum;
|
||||
struct stat stb;
|
||||
char slavebuf[1024];
|
||||
#endif
|
||||
@@ -115,14 +128,14 @@
|
||||
strncpy(slave, slavebuf, slavelength);
|
||||
return 0;
|
||||
} else {
|
||||
- for (cp = "pqrstuvwxyzPQRST";*cp; cp++) {
|
||||
+ for (cp1 = PTYCHARS1; *cp1 != '\0'; cp1++) {
|
||||
sprintf(slavebuf,"/dev/ptyXX");
|
||||
- slavebuf[sizeof("/dev/pty") - 1] = *cp;
|
||||
+ slavebuf[sizeof("/dev/pty") - 1] = *cp1;
|
||||
slavebuf[sizeof("/dev/ptyp") - 1] = '0';
|
||||
if (stat(slavebuf, &stb) < 0)
|
||||
break;
|
||||
- for (i = 0; i < 16; i++) {
|
||||
- slavebuf[sizeof("/dev/ptyp") - 1] = "0123456789abcdef"[i];
|
||||
+ for (cp2 = PTYCHARS2; *cp2 != '\0'; cp2++) {
|
||||
+ slavebuf[sizeof("/dev/ptyp") - 1] = *cp2;
|
||||
*fd = open(slavebuf, O_RDWR);
|
||||
if (*fd < 0) continue;
|
||||
|
77
security/krb5-beta/files/patch-ba
Normal file
77
security/krb5-beta/files/patch-ba
Normal file
@ -0,0 +1,77 @@
|
||||
--- appl/bsd/login.c.orig Tue May 27 21:06:25 2003
|
||||
+++ appl/bsd/login.c Tue Jul 29 20:52:25 2003
|
||||
@@ -1342,19 +1342,6 @@
|
||||
setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
|
||||
}
|
||||
|
||||
- /* Policy: If local password is good, user is good.
|
||||
- We really can't trust the Kerberos password,
|
||||
- because somebody on the net could spoof the
|
||||
- Kerberos server (not easy, but possible).
|
||||
- Some sites might want to use it anyways, in
|
||||
- which case they should change this line
|
||||
- to:
|
||||
- if (kpass_ok)
|
||||
- */
|
||||
-
|
||||
- if (lpass_ok)
|
||||
- break;
|
||||
-
|
||||
if (got_v5_tickets) {
|
||||
retval = krb5_verify_init_creds(kcontext, &my_creds, NULL,
|
||||
NULL, &xtra_creds,
|
||||
@@ -1378,6 +1365,9 @@
|
||||
}
|
||||
#endif /* KRB4_GET_TICKETS */
|
||||
|
||||
+ if (lpass_ok)
|
||||
+ break;
|
||||
+
|
||||
bad_login:
|
||||
setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
|
||||
|
||||
@@ -1667,21 +1657,23 @@
|
||||
/* set up credential cache -- obeying KRB5_ENV_CCNAME
|
||||
set earlier */
|
||||
/* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
|
||||
- if ((retval = krb5_cc_default(kcontext, &ccache))) {
|
||||
+ if ((retval = krb5_cc_default(kcontext, &ccache)))
|
||||
com_err(argv[0], retval, "while getting default ccache");
|
||||
- } else if ((retval = krb5_cc_initialize(kcontext, ccache, me))) {
|
||||
- com_err(argv[0], retval, "when initializing cache");
|
||||
- } else if ((retval = krb5_cc_store_cred(kcontext, ccache,
|
||||
- &my_creds))) {
|
||||
- com_err(argv[0], retval, "while storing credentials");
|
||||
- } else if (xtra_creds &&
|
||||
- (retval = krb5_cc_copy_creds(kcontext, xtra_creds,
|
||||
- ccache))) {
|
||||
- com_err(argv[0], retval, "while storing credentials");
|
||||
+ else {
|
||||
+ if (retval = krb5_cc_initialize(kcontext, ccache, me))
|
||||
+ com_err(argv[0], retval, "when initializing cache");
|
||||
+ else {
|
||||
+ if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds))
|
||||
+ com_err(argv[0], retval, "while storing credentials");
|
||||
+ else {
|
||||
+ if (xtra_creds &&
|
||||
+ (retval = krb5_cc_copy_creds(kcontext, xtra_creds, ccache))) {
|
||||
+ com_err(argv[0], retval, "while storing credentials");
|
||||
+ krb5_cc_destroy(kcontext, xtra_creds);
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
-
|
||||
- if (xtra_creds)
|
||||
- krb5_cc_destroy(kcontext, xtra_creds);
|
||||
} else if (forwarded_v5_tickets && rewrite_ccache) {
|
||||
if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
|
||||
syslog(LOG_ERR,
|
||||
@@ -1762,6 +1754,7 @@
|
||||
|
||||
if (ccname)
|
||||
setenv("KRB5CCNAME", ccname, 1);
|
||||
+ krb5_cc_set_default_name(kcontext, ccname);
|
||||
|
||||
setenv("HOME", pwd->pw_dir, 1);
|
||||
setenv("PATH", LPATH, 1);
|
10
security/krb5-beta/files/patch-bb
Normal file
10
security/krb5-beta/files/patch-bb
Normal file
@ -0,0 +1,10 @@
|
||||
--- appl/telnet/telnet/Makefile.in.orig Sat Dec 18 10:47:05 1999
|
||||
+++ appl/telnet/telnet/Makefile.in Sat Dec 18 10:47:13 1999
|
||||
@@ -58,7 +58,6 @@
|
||||
$(INSTALL_DATA) $(srcdir)/$$f.1 \
|
||||
${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \
|
||||
done
|
||||
- $(INSTALL_DATA) $(srcdir)/tmac.doc ${DESTDIR}$(CLIENT_MANDIR)/tmac.doc
|
||||
|
||||
authenc.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET)
|
||||
commands.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET)
|
10
security/krb5-beta/files/patch-config::pre.in
Normal file
10
security/krb5-beta/files/patch-config::pre.in
Normal file
@ -0,0 +1,10 @@
|
||||
--- config/pre.in.orig Tue May 27 21:06:28 2003
|
||||
+++ config/pre.in Wed Aug 6 11:11:54 2003
|
||||
@@ -152,6 +152,7 @@
|
||||
INSTALL=@INSTALL@
|
||||
INSTALL_STRIP=
|
||||
INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP)
|
||||
+INSTALL_SCRIPT=@INSTALL_SCRIPT@
|
||||
INSTALL_DATA=@INSTALL_DATA@
|
||||
INSTALL_SHLIB=@INSTALL_SHLIB@
|
||||
INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755 -o root
|
19
security/krb5-beta/files/patch-config::shlib.conf
Normal file
19
security/krb5-beta/files/patch-config::shlib.conf
Normal file
@ -0,0 +1,19 @@
|
||||
--- config/shlib.conf.orig Sun Mar 2 23:09:45 2003
|
||||
+++ config/shlib.conf Tue Jul 29 18:16:43 2003
|
||||
@@ -179,14 +179,15 @@
|
||||
PICFLAGS=-fpic
|
||||
if test "x$objformat" = "xelf" ; then
|
||||
SHLIBVEXT='.so.$(LIBMAJOR)'
|
||||
+ LDCOMBINE='cc -shared -Wl,-soname,lib$(LIB)$(SHLIBVEXT)'
|
||||
RPATH_FLAG='-Wl,-rpath -Wl,'
|
||||
else
|
||||
+ LDCOMBINE='ld -Bshareable'
|
||||
RPATH_FLAG=-R
|
||||
SHLIBVEXT='.so.$(LIBMAJOR).$(LIBMINOR)'
|
||||
fi
|
||||
CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) $(RPATH_FLAG)$(PROG_RPATH) $(CFLAGS) $(LDFLAGS)'
|
||||
SHLIBEXT=.so
|
||||
- LDCOMBINE='ld -Bshareable'
|
||||
SHLIB_EXPFLAGS='-R$(SHLIB_RDIRS) $(SHLIB_DIRS) $(SHLIB_EXPLIBS)'
|
||||
CC_LINK_STATIC='$(CC) $(PROG_LIBPATH) $(CFLAGS) $(LDFLAGS)'
|
||||
RUN_ENV='LD_LIBRARY_PATH=`echo $(PROG_LIBPATH) | sed -e "s/-L//g" -e "s/ /:/g"`; export LD_LIBRARY_PATH;'
|
11
security/krb5-beta/files/patch-kadmin::cli::Makefile.in
Normal file
11
security/krb5-beta/files/patch-kadmin::cli::Makefile.in
Normal file
@ -0,0 +1,11 @@
|
||||
--- kadmin/cli/Makefile.in.orig Fri Feb 7 13:41:20 2003
|
||||
+++ kadmin/cli/Makefile.in Tue Aug 5 16:32:02 2003
|
||||
@@ -21,7 +21,7 @@
|
||||
install::
|
||||
$(INSTALL_PROGRAM) $(PROG).local ${DESTDIR}$(ADMIN_BINDIR)/$(PROG).local
|
||||
$(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)
|
||||
- $(INSTALL_PROGRAM) $(srcdir)/k5srvutil.sh ${DESTDIR}$(ADMIN_BINDIR)/k5srvutil
|
||||
+ $(INSTALL_SCRIPT) $(srcdir)/k5srvutil.sh ${DESTDIR}$(ADMIN_BINDIR)/k5srvutil
|
||||
$(INSTALL_DATA) $(srcdir)/k5srvutil.M ${DESTDIR}$(ADMIN_MANDIR)/k5srvutil.8
|
||||
$(INSTALL_DATA) $(srcdir)/$(PROG).M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).8
|
||||
$(INSTALL_DATA) $(srcdir)/$(PROG).local.M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).local.8
|
12
security/krb5-beta/files/patch-lib::krb5::krb::srv_rcache.c
Normal file
12
security/krb5-beta/files/patch-lib::krb5::krb::srv_rcache.c
Normal file
@ -0,0 +1,12 @@
|
||||
--- lib/krb5/krb/srv_rcache.c 1999-09-24 17:19:48.000000000 -0400
|
||||
+++ lib/krb5/krb/srv_rcache.c 2003-02-03 19:29:32.000000000 -0500
|
||||
@@ -48,6 +48,9 @@
|
||||
unsigned long uid = geteuid();
|
||||
#endif
|
||||
|
||||
+ if (piece == NULL)
|
||||
+ return ENOMEM;
|
||||
+
|
||||
rcache = (krb5_rcache) malloc(sizeof(*rcache));
|
||||
if (!rcache)
|
||||
return ENOMEM;
|
14
security/krb5-beta/files/patch-lib::krb5::os::hst_realm.c
Normal file
14
security/krb5-beta/files/patch-lib::krb5::os::hst_realm.c
Normal file
@ -0,0 +1,14 @@
|
||||
--- lib/krb5/os/hst_realm.c.orig Tue Oct 15 15:51:50 2002
|
||||
+++ lib/krb5/os/hst_realm.c Sat Jan 24 20:11:05 2004
|
||||
@@ -438,9 +438,11 @@
|
||||
return EAFNOSUPPORT;
|
||||
case EAI_MEMORY:
|
||||
return ENOMEM;
|
||||
+#ifdef EAI_NODATA
|
||||
#if EAI_NODATA != EAI_NONAME
|
||||
case EAI_NODATA:
|
||||
return KRB5_EAI_NODATA;
|
||||
+#endif
|
||||
#endif
|
||||
case EAI_NONAME:
|
||||
return KRB5_EAI_NONAME;
|
13
security/krb5-beta/files/patch-lib::krb5::os::locate_kdc.c
Normal file
13
security/krb5-beta/files/patch-lib::krb5::os::locate_kdc.c
Normal file
@ -0,0 +1,13 @@
|
||||
--- lib/krb5/os/locate_kdc.c.orig Mon Jun 9 14:27:56 2003
|
||||
+++ lib/krb5/os/locate_kdc.c Sun Jan 25 13:28:01 2004
|
||||
@@ -185,8 +185,10 @@
|
||||
#ifdef EAI_ADDRFAMILY
|
||||
case EAI_ADDRFAMILY:
|
||||
#endif
|
||||
+#ifdef EAI_NODATA
|
||||
#if EAI_NODATA != EAI_NONAME
|
||||
case EAI_NODATA:
|
||||
+#endif
|
||||
#endif
|
||||
case EAI_NONAME:
|
||||
/* Name not known or no address data, but no error. Do
|
24
security/krb5-beta/pkg-descr
Normal file
24
security/krb5-beta/pkg-descr
Normal file
@ -0,0 +1,24 @@
|
||||
Kerberos V5 is an authentication system developed at MIT.
|
||||
WWW: http://web.mit.edu/kerberos/www/
|
||||
|
||||
Abridged from the User Guide:
|
||||
Under Kerberos, a client sends a request for a ticket to the
|
||||
Key Distribution Center (KDC). The KDC creates a ticket-granting
|
||||
ticket (TGT) for the client, encrypts it using the client's
|
||||
password as the key, and sends the encrypted TGT back to the
|
||||
client. The client then attempts to decrypt the TGT, using
|
||||
its password. If the client successfully decrypts the TGT, it
|
||||
keeps the decrypted TGT, which indicates proof of the client's
|
||||
identity. The TGT permits the client to obtain additional tickets,
|
||||
which give permission for specific services.
|
||||
Since Kerberos negotiates authenticated, and optionally encrypted,
|
||||
communications between two points anywhere on the internet, it
|
||||
provides a layer of security that is not dependent on which side of a
|
||||
firewall either client is on.
|
||||
The Kerberos V5 package is designed to be easy to use. Most of the
|
||||
commands are nearly identical to UNIX network programs you are already
|
||||
used to. Kerberos V5 is a single-sign-on system, which means that you
|
||||
have to type your password only once per session, and Kerberos does
|
||||
the authenticating and encrypting transparently.
|
||||
|
||||
Jacques Vidrine <n@nectar.com>
|
108
security/krb5-beta/pkg-plist
Normal file
108
security/krb5-beta/pkg-plist
Normal file
@ -0,0 +1,108 @@
|
||||
@unexec install-info --delete %D/info/krb425.info %D/info/dir
|
||||
@unexec install-info --delete %D/info/krb5-admin.info %D/info/dir
|
||||
@unexec install-info --delete %D/info/krb5-install.info %D/info/dir
|
||||
@unexec install-info --delete %D/info/krb5-user.info %D/info/dir
|
||||
bin/compile_et
|
||||
bin/ftp
|
||||
bin/gss-client
|
||||
bin/kdestroy
|
||||
bin/kinit
|
||||
bin/klist
|
||||
bin/kpasswd
|
||||
bin/krb5-config
|
||||
%%KRB4%%bin/krb524init
|
||||
bin/ksu
|
||||
bin/kvno
|
||||
bin/rcp
|
||||
bin/rlogin
|
||||
bin/rsh
|
||||
bin/sclient
|
||||
bin/sim_client
|
||||
bin/telnet
|
||||
bin/uuclient
|
||||
%%KRB4%%bin/v4rcp
|
||||
bin/v5passwd
|
||||
include/com_err.h
|
||||
include/gssapi/gssapi.h
|
||||
include/gssapi/gssapi_generic.h
|
||||
include/gssapi/gssapi_krb5.h
|
||||
%%KRB4%%include/kerberosIV/des.h
|
||||
%%KRB4%%include/kerberosIV/kadm_err.h
|
||||
%%KRB4%%include/kerberosIV/krb.h
|
||||
%%KRB4%%include/kerberosIV/krb_err.h
|
||||
%%KRB4%%include/kerberosIV/mit-copyright.h
|
||||
include/krb5.h
|
||||
include/profile.h
|
||||
info/krb425.info
|
||||
info/krb5-admin.info
|
||||
info/krb5-admin.info-1
|
||||
info/krb5-admin.info-2
|
||||
info/krb5-admin.info-3
|
||||
info/krb5-install.info
|
||||
info/krb5-install.info-1
|
||||
info/krb5-install.info-2
|
||||
info/krb5-user.info
|
||||
lib/libcom_err.a
|
||||
lib/libcom_err.so
|
||||
lib/libcom_err.so.3
|
||||
lib/libdes425.a
|
||||
lib/libdes425.so
|
||||
lib/libdes425.so.3
|
||||
lib/libgssapi_krb5.a
|
||||
lib/libgssapi_krb5.so
|
||||
lib/libgssapi_krb5.so.2
|
||||
lib/libgssrpc.a
|
||||
lib/libgssrpc.so
|
||||
lib/libgssrpc.so.3
|
||||
lib/libk5crypto.a
|
||||
lib/libk5crypto.so
|
||||
lib/libk5crypto.so.3
|
||||
lib/libkadm5clnt.a
|
||||
lib/libkadm5clnt.so
|
||||
lib/libkadm5clnt.so.5
|
||||
lib/libkadm5srv.a
|
||||
lib/libkadm5srv.so
|
||||
lib/libkadm5srv.so.5
|
||||
lib/libkdb5.a
|
||||
lib/libkdb5.so
|
||||
lib/libkdb5.so.4
|
||||
%%KRB4%%lib/libkrb4.a
|
||||
%%KRB4%%lib/libkrb4.so
|
||||
%%KRB4%%lib/libkrb4.so.2
|
||||
lib/libkrb5.a
|
||||
lib/libkrb5.so
|
||||
lib/libkrb5.so.3
|
||||
sbin/ftpd
|
||||
sbin/gss-server
|
||||
sbin/k5srvutil
|
||||
sbin/kadmin
|
||||
sbin/kadmin.local
|
||||
sbin/kadmind
|
||||
%%KRB4%%sbin/kadmind4
|
||||
sbin/kdb5_util
|
||||
sbin/klogind
|
||||
sbin/kprop
|
||||
sbin/kpropd
|
||||
sbin/krb5-send-pr
|
||||
%%KRB4%%sbin/krb524d
|
||||
sbin/krb5kdc
|
||||
sbin/kshd
|
||||
sbin/ktutil
|
||||
sbin/login.krb5
|
||||
sbin/sim_server
|
||||
sbin/sserver
|
||||
sbin/telnetd
|
||||
sbin/uuserver
|
||||
sbin/v5passwdd
|
||||
share/doc/krb5/README.FreeBSD
|
||||
share/et/et_c.awk
|
||||
share/et/et_h.awk
|
||||
share/gnats/mit
|
||||
@dirrm include/gssapi
|
||||
@dirrm include/kerberosIV
|
||||
@dirrm share/et
|
||||
@dirrm share/gnats
|
||||
@exec install-info %D/info/krb425.info %D/info/dir
|
||||
@exec install-info %D/info/krb5-admin.info %D/info/dir
|
||||
@exec install-info %D/info/krb5-install.info %D/info/dir
|
||||
@exec install-info %D/info/krb5-user.info %D/info/dir
|
Loading…
Reference in New Issue
Block a user