diff --git a/net/SSLtelnet/Makefile b/net/SSLtelnet/Makefile index 97802d85014c..1f4b0a5b5dbb 100644 --- a/net/SSLtelnet/Makefile +++ b/net/SSLtelnet/Makefile @@ -3,7 +3,7 @@ # Date created: Mar 29, 1998 # Whom: issei@jp.FreeBSD.ORG # -# $Id: Makefile,v 1.6 1999/01/10 14:11:16 dirk Exp $ +# $Id: Makefile,v 1.7 1999/03/26 08:44:57 dirk Exp $ DISTNAME= SSLtelnet-0.13 CATEGORIES= net security @@ -11,8 +11,6 @@ MASTER_SITES= ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/ MAINTAINER= issei@jp.FreeBSD.ORG -BROKEN= does not work with openssl-0.9.2b at the moment - .if defined(USA_RESIDENT) && ${USA_RESIDENT} != YES && ${USA_RESIDENT} != NO pre-fetch: @echo diff --git a/net/SSLtelnet/files/Makefile.patch b/net/SSLtelnet/files/Makefile.patch index d7255681eb5e..173a0d76f97d 100644 --- a/net/SSLtelnet/files/Makefile.patch +++ b/net/SSLtelnet/files/Makefile.patch @@ -1,11 +1,11 @@ ---- Makefile.orig Wed Jul 22 15:23:12 1998 -+++ Makefile Wed Jul 22 15:24:43 1998 +--- Makefile.orig Thu Aug 5 09:03:59 1999 ++++ Makefile Thu Aug 5 09:05:32 1999 @@ -98,7 +98,7 @@ #BSD386 - CC = gcc -DTERMCAP $(socksflags) + CC += -DTERMCAP $(socksflags) -LDADD = -ltermcap $(sockslib) -+LDADD = -L$(SSLTOP)/lib -lssl -lcrypto -lRSAglue -lrsaref -ltermcap $(sockslib) ++LDADD = -L$(SSLTOP)/lib -lssl -lcrypto -lRSAglue -lrsaref -ltermcap $(sockslib) all: @-mkdir bin 2>/dev/null diff --git a/net/SSLtelnet/files/patch-aa b/net/SSLtelnet/files/patch-aa index c5ec8cdcad61..b93630d58cca 100644 --- a/net/SSLtelnet/files/patch-aa +++ b/net/SSLtelnet/files/patch-aa @@ -1,5 +1,5 @@ --- Makefile.orig Thu Sep 24 23:50:59 1998 -+++ Makefile Wed Mar 24 19:07:12 1999 ++++ Makefile Thu Aug 5 08:57:44 1999 @@ -47,7 +47,7 @@ # the location where SSLeay is installed ... @@ -26,7 +26,7 @@ #LDADD = -ltermcap $(sockslib) + +#BSD386 -+CC = gcc -DTERMCAP $(socksflags) ++CC += -DTERMCAP $(socksflags) +LDADD = -ltermcap $(sockslib) all: @@ -51,23 +51,14 @@ certificate: (\ -+ [ -f $(INSTALLTOP)/certs/telnetd.pem ] && exit; \ - cd $(INSTALLTOP)/certs; \ +- cd $(INSTALLTOP)/certs; \ - ssleay req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; \ - ln -s telnetd.pem `ssleay x509 -noout -hash < telnetd.pem`.0 ;\ +- chmod 600 $(INSTALLTOP)/certs/telnetd.pem; \ ++ [ -f $(INSTALLTOP)/openssl/certs/telnetd.pem ] && exit; \ ++ cd $(INSTALLTOP)/openssl/certs; \ + openssl req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; \ + ln -s telnetd.pem `openssl x509 -noout -hash < telnetd.pem`.0 ;\ - chmod 600 $(INSTALLTOP)/certs/telnetd.pem; \ ++ chmod 600 $(INSTALLTOP)/openssl/certs/telnetd.pem; \ ) - ---- lib/Makefile.orig Wed Sep 2 13:11:39 1998 -+++ lib/Makefile Wed Sep 2 13:11:49 1998 -@@ -1,7 +1,7 @@ - #SUBDIRS= gmp-1.2 kerberosIV/krb libbsd libdes/des libpk libtelnet libutil - SUBDIRS= gmp-1.3.2 libbsd libpk libtelnet libutil --SUBDIRS= libbsd libtelnet libutil -+SUBDIRS= libtelnet - - all: - @for i in $(SUBDIRS); \ diff --git a/net/SSLtelnet/files/patch-ab b/net/SSLtelnet/files/patch-ab index 1175eef711b8..8dc321e8b2f7 100644 --- a/net/SSLtelnet/files/patch-ab +++ b/net/SSLtelnet/files/patch-ab @@ -9,142 +9,3 @@ #define _PATH_LOGIN "/usr/bin/login" #else #define _PATH_LOGIN "/bin/login" ---- telnetd/sys_term.c.orig Sat Aug 2 14:37:00 1997 -+++ telnetd/sys_term.c Sat Oct 17 22:11:51 1998 -@@ -531,7 +531,7 @@ - return(p); - #else - -- register char c, *p1, *p2; -+ register char c, *p1, *p2, *cp; - register int i; - - #if defined(__GNUC__) || defined(__sgi) -@@ -548,20 +548,40 @@ - p1 = &line[8]; - p2 = &line[9]; - #endif -- -- for (c = 'p'; c <= 's'; c++) { -+ for (cp = "pqrsPQRS"; *cp; cp++) { - struct stat stb; - -- *p1 = c; -+ *p1 = *cp; - *p2 = '0'; -+ /* -+ * This stat() check is just to keep us from -+ * looping through all 256 combinations if there -+ * aren't that many ptys available. -+ */ - if (stat(line, &stb) < 0) - break; -- for (i = 0; i < 16; i++) { -- *p2 = "0123456789abcdef"[i]; -+ for (i = 0; i < 32; i++) { -+ *p2 = "0123456789abcdefghijklmnopqrstuv"[i]; - p = open(line, 2); - if (p > 0) { -+#ifndef __hpux - line[5] = 't'; -- return(p); -+#else -+ for (p1 = &line[8]; *p1; p1++) -+ *p1 = *(p1+1); -+ line[9] = 't'; -+#endif -+ chown(line, 0, 0); -+ chmod(line, 0600); -+#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207 -+ if (ioctl(p, TIOCGPGRP, &dummy) == 0 -+ || errno != EIO) { -+ chmod(line, 0666); -+ close(p); -+ line[5] = 'p'; -+ } else -+#endif /* defined(sun) && defined(TIOCGPGRP) && BSD < 199207 */ -+ return(p); - } - } - } -@@ -733,11 +753,7 @@ - else - termbuf.lflags &= ~LPASS8; - #else -- if (on) { -- termbuf.c_iflag &= ~ISTRIP; -- } else { -- termbuf.c_iflag |= ISTRIP; -- } -+ termbuf.c_iflag &= ~ISTRIP; - #endif - } - ---- telnetd/telnetd.c.orig Sat Aug 2 14:40:48 1997 -+++ telnetd/telnetd.c Sat Oct 17 22:13:52 1998 -@@ -140,7 +140,7 @@ - highpty = getnpty(); - #endif /* CRAY */ - -- while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:")) != EOF) { -+ while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:q")) != EOF) { - switch(ch) { - - #ifdef USE_SSL -@@ -203,6 +203,11 @@ - - } - break; -+ -+ case 'q': -+ ssl_quiet_flag = 1; -+ break; -+ - #endif /* USE_SSL */ - - #ifdef AUTHENTICATE -@@ -584,7 +589,7 @@ - #ifdef USE_SSL - /* might as well output something useful here ... */ - fprintf(stderr, " [-z ssl] [-z secure] [-z debug] [-z verify=int]\n\t"); -- fprintf(stderr, " [-z cert=file] [-z key=file]\n\t"); -+ fprintf(stderr, " [-z cert=file] [-z key=file] [-q]\n\t"); - #endif /* USE_SSL */ - fprintf(stderr, " [port]\n"); - exit(1); -@@ -656,7 +661,12 @@ - fflush(stderr); - } - -- fatal(net,"[SSL required - connection rejected]"); -+ if (ssl_quiet_flag) { -+ sleep(1); -+ exit(1); -+ } -+ else -+ fatal(net,"[SSL required - connection rejected]"); - - } - } ---- telnetd/Makefile.orig Tue Sep 12 10:22:51 1995 -+++ telnetd/Makefile Sat Oct 17 22:11:51 1998 -@@ -4,16 +4,13 @@ - - PROG= telnetd - --CFLAGS= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ -- -DDIAGNOSTICS -DFILIO_H \ -- -I../lib -I../lib/libbsd/include \ -+CFLAGS+= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ -+ -DDIAGNOSTICS -DFILIO_H -I../lib -I../lib/libbsd/include \ - -I$(SSLTOP)/include - - LIBS= ../lib/libtelnet/libtelnet.a \ -- ../lib/libbsd/libbsd.a \ -- ../lib/libutil/libutil.a \ - $(SSLTOP)/lib/libssl.a \ -- $(SSLTOP)/lib/libcrypto.a -+ $(SSLTOP)/lib/libcrypto.a -lutil - # $(SSLTOP)/lib/libdes.a - - OBJS= authenc.o global.o slc.o state.o sys_term.o telnetd.o \ diff --git a/net/SSLtelnet/files/patch-ac b/net/SSLtelnet/files/patch-ac index 23de97ed64e5..a18ec3842bc2 100644 --- a/net/SSLtelnet/files/patch-ac +++ b/net/SSLtelnet/files/patch-ac @@ -12,22 +12,3 @@ if (f & MODE_OUTBIN) { tmp_tc.c_cflag &= ~(CSIZE|PARENB); tmp_tc.c_cflag |= CS8; ---- telnet/Makefile.orig Sat Aug 2 13:30:16 1997 -+++ telnet/Makefile Fri Oct 16 20:42:09 1998 -@@ -6,14 +6,12 @@ - PROG= telnet - - --CFLAGS= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ -- -DFILIO_H \ -- -I../lib/libbsd/include -I../lib \ -+CFLAGS+= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ -+ -DFILIO_H -I../lib -I../lib/libbsd/include \ - -I$(SSLTOP)/include - - - LIBS= ../lib/libtelnet/libtelnet.a \ -- ../lib/libbsd/libbsd.a \ - $(SSLTOP)/lib/libssl.a \ - $(SSLTOP)/lib/libcrypto.a - # $(SSLTOP)/lib/libdes.a diff --git a/net/SSLtelnet/files/patch-ad b/net/SSLtelnet/files/patch-ad index 54344b9f5a6f..09ee0ce1b39d 100644 --- a/net/SSLtelnet/files/patch-ad +++ b/net/SSLtelnet/files/patch-ad @@ -8,15 +8,3 @@ extern char *ssl_log_file; extern char *ssl_cert_file; ---- lib/libtelnet/Makefile.orig Sat Aug 2 13:31:37 1997 -+++ lib/libtelnet/Makefile Wed Sep 2 13:16:15 1998 -@@ -12,8 +12,7 @@ - #CFLAGS= -DENCRYPT -DAUTHENTICATE -DSRA -DUSE_SSL -DDES_ENCRYPTION \ - #-I../libbsd/include -I../libpk - --CFLAGS= -DAUTHENTICATE -DUSE_SSL \ ---I../libbsd/include -I$(SSLTOP)/include -I../libpk -g -+CFLAGS+= -DAUTHENTICATE -DUSE_SSL -I$(SSLTOP)/include -I../libbsd/include - - lib${LIB}.a: ${OBJS} - echo building standard ${LIB} library diff --git a/net/SSLtelnet/files/patch-ae b/net/SSLtelnet/files/patch-ae new file mode 100644 index 000000000000..c44e222bd4eb --- /dev/null +++ b/net/SSLtelnet/files/patch-ae @@ -0,0 +1,11 @@ +--- lib/Makefile.orig Wed Sep 2 13:11:39 1998 ++++ lib/Makefile Wed Sep 2 13:11:49 1998 +@@ -1,7 +1,7 @@ + #SUBDIRS= gmp-1.2 kerberosIV/krb libbsd libdes/des libpk libtelnet libutil + SUBDIRS= gmp-1.3.2 libbsd libpk libtelnet libutil + +-SUBDIRS= libbsd libtelnet libutil ++SUBDIRS= libtelnet + + all: + @for i in $(SUBDIRS); \ diff --git a/net/SSLtelnet/files/patch-af b/net/SSLtelnet/files/patch-af new file mode 100644 index 000000000000..64220971489e --- /dev/null +++ b/net/SSLtelnet/files/patch-af @@ -0,0 +1,70 @@ +--- telnetd/sys_term.c.orig Sat Aug 2 14:37:00 1997 ++++ telnetd/sys_term.c Sat Oct 17 22:11:51 1998 +@@ -531,7 +531,7 @@ + return(p); + #else + +- register char c, *p1, *p2; ++ register char c, *p1, *p2, *cp; + register int i; + + #if defined(__GNUC__) || defined(__sgi) +@@ -548,20 +548,40 @@ + p1 = &line[8]; + p2 = &line[9]; + #endif +- +- for (c = 'p'; c <= 's'; c++) { ++ for (cp = "pqrsPQRS"; *cp; cp++) { + struct stat stb; + +- *p1 = c; ++ *p1 = *cp; + *p2 = '0'; ++ /* ++ * This stat() check is just to keep us from ++ * looping through all 256 combinations if there ++ * aren't that many ptys available. ++ */ + if (stat(line, &stb) < 0) + break; +- for (i = 0; i < 16; i++) { +- *p2 = "0123456789abcdef"[i]; ++ for (i = 0; i < 32; i++) { ++ *p2 = "0123456789abcdefghijklmnopqrstuv"[i]; + p = open(line, 2); + if (p > 0) { ++#ifndef __hpux + line[5] = 't'; +- return(p); ++#else ++ for (p1 = &line[8]; *p1; p1++) ++ *p1 = *(p1+1); ++ line[9] = 't'; ++#endif ++ chown(line, 0, 0); ++ chmod(line, 0600); ++#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207 ++ if (ioctl(p, TIOCGPGRP, &dummy) == 0 ++ || errno != EIO) { ++ chmod(line, 0666); ++ close(p); ++ line[5] = 'p'; ++ } else ++#endif /* defined(sun) && defined(TIOCGPGRP) && BSD < 199207 */ ++ return(p); + } + } + } +@@ -733,11 +753,7 @@ + else + termbuf.lflags &= ~LPASS8; + #else +- if (on) { +- termbuf.c_iflag &= ~ISTRIP; +- } else { +- termbuf.c_iflag |= ISTRIP; +- } ++ termbuf.c_iflag &= ~ISTRIP; + #endif + } diff --git a/net/SSLtelnet/files/patch-ag b/net/SSLtelnet/files/patch-ag new file mode 100644 index 000000000000..8afb82138f54 --- /dev/null +++ b/net/SSLtelnet/files/patch-ag @@ -0,0 +1,46 @@ +--- telnetd/telnetd.c.orig Sat Aug 2 14:40:48 1997 ++++ telnetd/telnetd.c Sat Oct 17 22:13:52 1998 +@@ -140,7 +140,7 @@ + highpty = getnpty(); + #endif /* CRAY */ + +- while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:")) != EOF) { ++ while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:q")) != EOF) { + switch(ch) { + + #ifdef USE_SSL +@@ -203,6 +203,11 @@ + + } + break; ++ ++ case 'q': ++ ssl_quiet_flag = 1; ++ break; ++ + #endif /* USE_SSL */ + + #ifdef AUTHENTICATE +@@ -584,7 +589,7 @@ + #ifdef USE_SSL + /* might as well output something useful here ... */ + fprintf(stderr, " [-z ssl] [-z secure] [-z debug] [-z verify=int]\n\t"); +- fprintf(stderr, " [-z cert=file] [-z key=file]\n\t"); ++ fprintf(stderr, " [-z cert=file] [-z key=file] [-q]\n\t"); + #endif /* USE_SSL */ + fprintf(stderr, " [port]\n"); + exit(1); +@@ -656,7 +661,12 @@ + fflush(stderr); + } + +- fatal(net,"[SSL required - connection rejected]"); ++ if (ssl_quiet_flag) { ++ sleep(1); ++ exit(1); ++ } ++ else ++ fatal(net,"[SSL required - connection rejected]"); + + } + } diff --git a/net/SSLtelnet/files/patch-ah b/net/SSLtelnet/files/patch-ah new file mode 100644 index 000000000000..6a032123d1a3 --- /dev/null +++ b/net/SSLtelnet/files/patch-ah @@ -0,0 +1,23 @@ +--- telnetd/Makefile.orig Tue Sep 12 11:22:51 1995 ++++ telnetd/Makefile Thu Aug 5 03:54:59 1999 +@@ -4,16 +4,13 @@ + + PROG= telnetd + +-CFLAGS= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ +- -DDIAGNOSTICS -DFILIO_H \ +- -I../lib -I../lib/libbsd/include \ +- -I$(SSLTOP)/include ++CFLAGS+= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ ++ -DDIAGNOSTICS -DFILIO_H -I../lib -I../lib/libbsd/include \ ++ -I$(SSLTOP)/include -I$(SSLTOP)/include/openssl + + LIBS= ../lib/libtelnet/libtelnet.a \ +- ../lib/libbsd/libbsd.a \ +- ../lib/libutil/libutil.a \ + $(SSLTOP)/lib/libssl.a \ +- $(SSLTOP)/lib/libcrypto.a ++ $(SSLTOP)/lib/libcrypto.a -lutil + # $(SSLTOP)/lib/libdes.a + + OBJS= authenc.o global.o slc.o state.o sys_term.o telnetd.o \ diff --git a/net/SSLtelnet/files/patch-ai b/net/SSLtelnet/files/patch-ai new file mode 100644 index 000000000000..4366b390b136 --- /dev/null +++ b/net/SSLtelnet/files/patch-ai @@ -0,0 +1,20 @@ +--- telnet/Makefile.orig Sat Aug 2 14:30:16 1997 ++++ telnet/Makefile Thu Aug 5 03:54:01 1999 +@@ -6,14 +6,12 @@ + PROG= telnet + + +-CFLAGS= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ +- -DFILIO_H \ +- -I../lib/libbsd/include -I../lib \ +- -I$(SSLTOP)/include ++CFLAGS+= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \ ++ -DFILIO_H -I../lib -I../lib/libbsd/include \ ++ -I$(SSLTOP)/include -I$(SSLTOP)/include/openssl + + + LIBS= ../lib/libtelnet/libtelnet.a \ +- ../lib/libbsd/libbsd.a \ + $(SSLTOP)/lib/libssl.a \ + $(SSLTOP)/lib/libcrypto.a + # $(SSLTOP)/lib/libdes.a diff --git a/net/SSLtelnet/files/patch-aj b/net/SSLtelnet/files/patch-aj new file mode 100644 index 000000000000..a59f9a1790f6 --- /dev/null +++ b/net/SSLtelnet/files/patch-aj @@ -0,0 +1,13 @@ +--- lib/libtelnet/Makefile.orig Sat Aug 2 14:31:37 1997 ++++ lib/libtelnet/Makefile Thu Aug 5 03:52:45 1999 +@@ -12,8 +12,8 @@ + #CFLAGS= -DENCRYPT -DAUTHENTICATE -DSRA -DUSE_SSL -DDES_ENCRYPTION \ + #-I../libbsd/include -I../libpk + +-CFLAGS= -DAUTHENTICATE -DUSE_SSL \ +--I../libbsd/include -I$(SSLTOP)/include -I../libpk -g ++CFLAGS+= -DAUTHENTICATE -DUSE_SSL -I$(SSLTOP)/include \ ++ -I$(SSLTOP)/include/openssl -I../libbsd/include + + lib${LIB}.a: ${OBJS} + echo building standard ${LIB} library diff --git a/net/SSLtelnet/files/patch-ak b/net/SSLtelnet/files/patch-ak new file mode 100644 index 000000000000..56ba27966759 --- /dev/null +++ b/net/SSLtelnet/files/patch-ak @@ -0,0 +1,11 @@ +--- lib/libtelnet/sslapp.c.old Thu Aug 5 03:36:35 1999 ++++ lib/libtelnet/sslapp.c Thu Aug 5 03:36:55 1999 +@@ -81,7 +81,7 @@ + + if (ssl_debug_flag) + BIO_printf(bio_err,"Generating temp (512 bit) RSA key ...\r\n"); +- rsa=RSA_generate_key(512,RSA_F4,NULL); ++ rsa=RSA_generate_key(512,RSA_F4,NULL,NULL); + if (ssl_debug_flag) + BIO_printf(bio_err,"Generation of temp (512 bit) RSA key done\r\n"); + diff --git a/net/SSLtelnet/pkg-descr b/net/SSLtelnet/pkg-descr index d346018fd912..688541192c6f 100644 --- a/net/SSLtelnet/pkg-descr +++ b/net/SSLtelnet/pkg-descr @@ -1,13 +1,13 @@ This program suports both certification and cryptogoraphic with using SSL. -If you do not have certification (/usr/local/certs/telnet.pem) provided by CA, -this port make dummy certification. Of cource it is useless to certify but you -can use SSL telnet/telnetd in encryption only mode with it. +If you do not have certification (/usr/local/openssl/certs/telnet.pem) provided +by CA, this port make dummy certification. Of cource it is useless to certify +but you can use SSL telnet/telnetd in encryption only mode with it. You must edit /etc/inetd.conf to make SSL telnetd available. Some examples below: -1. Accept both normail telnet client and SSL telnet client. +1. Accept both normal telnet client and SSL telnet client. telnet stream tcp nowait root /usr/local/libexec/telnetd telnetd diff --git a/net/SSLtelnet/pkg-plist b/net/SSLtelnet/pkg-plist index e1b50c6fe211..e73e012349b8 100644 --- a/net/SSLtelnet/pkg-plist +++ b/net/SSLtelnet/pkg-plist @@ -1,3 +1,3 @@ bin/telnet libexec/telnetd -@exec ( [ -f %D/certs/telnetd.pem ] && exit ; echo "Making certificate files" ; cd %D/certs ; ssleay req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; ln -s telnetd.pem `ssleay x509 -noout -hash < telnetd.pem`.0 ; chmod 644 %D/certs/telnetd.pem ) +@exec ( [ -f %D/openssl/certs/telnetd.pem ] && exit ; echo "Making certificate files" ; cd %D/openssl/certs ; %D/bin/openssl req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; ln -s telnetd.pem `%D/bin/openssl x509 -noout -hash < telnetd.pem`.0 ; chmod 644 %D/openssl/certs/telnetd.pem )