security/pidentd: Remove port

pidentd is broken on recent FreeBSD versions and abandoned upstream. Remove port, disconnect from category Makefile. PR: 254748 Reported by: daniel.engberg.lists@pyret.net
2025-01-30 10:38:37 +00:00 · 2021-04-08 00:22:32 +02:00 · 2021-04-08 00:22:32 +02:00 · 97563f8b64
commit 97563f8b64
parent 77b1bcdba7
7 changed files with 0 additions and 258 deletions
--- a/security/Makefile
+++ b/security/Makefile
@ -787,7 +787,6 @@
    SUBDIR += php80-sodium
    SUBDIR += phpsecinfo
    SUBDIR += picosha2
-    SUBDIR += pidentd
    SUBDIR += pidgin-encryption
    SUBDIR += pidgin-otr
    SUBDIR += pinentry
--- a/security/pidentd/Makefile
+++ b/security/pidentd/Makefile
@ -1,49 +0,0 @@
-# Created by: torstenb
-
-PORTNAME=	pidentd
-PORTVERSION=	3.0.19
-PORTREVISION=	4
-CATEGORIES=	security
-MASTER_SITES=	ftp://ftp.lysator.liu.se/pub/unix/ident/servers/ \
-		ftp://ftp.stack.nl/pub/users/johans/pidentd/
-
-PATCH_SITES=	ftp://ftp.stack.nl/pub/users/johans/pidentd/ \
-		ftp://mud.stack.nl/pub/pidentd/
-PATCHFILES=	pidentd-${PORTVERSION}-ipv6-20080101.diff.gz
-PATCH_DIST_STRIP=	-p0
-
-MAINTAINER=	ports@FreeBSD.org
-COMMENT=	RFC1413 identification server
-
-BROKEN_FreeBSD_12=	fails to compile: k_freebsd2.c: storage size of 'pcbp' isn't known
-BROKEN_FreeBSD_13=	fails to compile: k_freebsd2.c: storage size of 'pcbp' isn't known
-
-CONFLICTS_INSTALL=	fakeident-[0-9]*
-
-GNU_CONFIGURE=	yes
-USES=		ssl
-
-PLIST_FILES=	sbin/ibench sbin/identd sbin/idecrypt sbin/ikeygen \
-		man/man8/identd.8.gz man/man8/idecrypt.8.gz
-
-CFLAGS+=	-DINCLUDE_CRYPT -DOPENSSL_DES_LIBDES_COMPATIBILITY
-LDFLAGS+=	-L${OPENSSLLIB} -lcrypto
-
-post-extract:
-	${CP} ${FILESDIR}/idecrypt.8 ${WRKSRC}/doc/idecrypt.8
-
-post-patch:
-	@${REINPLACE_CMD} \
-		-e 's| /etc/identd.conf| ${PREFIX}/etc/identd.conf|' \
-		-e 's| /etc/identd.key| ${PREFIX}/etc/identd.key|' \
-		${WRKSRC}/doc/identd.8 ${WRKSRC}/doc/idecrypt.8
-	@${REINPLACE_CMD} -e 's|freebsd.4.7.|freebsd|' ${WRKSRC}/configure
-	@${REINPLACE_CMD} -e 's|$$(sbindir)|$${DESTDIR}&|' \
-		-e 's|-m 755|-s &|' ${WRKSRC}/src/Makefile.in
-	@${REINPLACE_CMD} -e 's|$$(mandir)|$${DESTDIR}&|' ${WRKSRC}/Makefile.in
-
-post-install:
-	${INSTALL_MAN} -m 644 ${WRKSRC}/doc/idecrypt.8 \
-		${STAGEDIR}${MANPREFIX}/man/man8
-
-.include <bsd.port.mk>
--- a/security/pidentd/distinfo
+++ b/security/pidentd/distinfo
@ -1,4 +0,0 @@
-SHA256 (pidentd-3.0.19.tar.gz) = 4c57574f3f64aca62a852935a17055999f1b6a61ab5b01b6e5201c8887293b30
-SIZE (pidentd-3.0.19.tar.gz) = 145505
-SHA256 (pidentd-3.0.19-ipv6-20080101.diff.gz) = 57ac0abd67ef71c8324ec560ce9356c1a8cf1f651a5070e04db3de350a7bff5d
-SIZE (pidentd-3.0.19-ipv6-20080101.diff.gz) = 7931
--- a/security/pidentd/files/idecrypt.8
+++ b/security/pidentd/files/idecrypt.8
@ -1,94 +0,0 @@
-.TH IDECRYPT 8 "19 May 1996"
-.SH NAME
-idecrypt \- Decrypt tokens obtained from identd
-.SH SYNOPSIS
-.B idecrypt
-.SH DESCRIPTION
-.B idecrypt
-is a utility for decrypting the encrypted tokens that
-.BR identd (8)
-provided instead of usernames when it is
-run in encrypted-token mode (that is, with the
-.B \-C
-flag).
-.PP
-.B idecrypt
-reads up to 1024 lines from the
-.B /etc/identd.key
-file, converting each line to a DES key using
-.BR des_string_to_key (3).
-It then reads standard input, searching for encrypted tokens
-in the format produced by
-.BR identd (8),
-decrypts the tokens if possible, and copies all unrecognised text from
-standard input to standard output without modification.
-.PP
-If more than one key appears in the key file, then
-.BR identd (8)
-will use the first key for encryption, and
-.B idecrypt
-will attempt to use all the keys for decryption.
-This allows new keys to be used by
-.BR identd (8)
-without losing the ability for
-.B idecrypt
-to decrypt old tokens (until there are more than 1024 keys in the key file).
-.PP
-Each encrypted token consists of 32 base64 characters, enclosed in
-square brackets.  To make it easier to process logs generated by
-versions of
-.B tcpd (8)
-that convert the square brackets to underlines,
-.B idecrypt
-permits underline characters instead of square brackets
-in its input.
-.PP
-.BR idecrypt 's
-output from decrypting each token is a human readable string
-containing the timestamp (displayed as a local time in
-.BR ctime (3)
-format), the numeric uid, the local IP address, the local port number,
-the remote IP address and the remote port number.
-.SH EXAMPLE
-Suppose that the local host has IP address 10.2.3.4, the local
-.B /etc/identd.key
-file contains
-.PP
-foobar
-.PP
-and the local host is running the
-.BR identd (8)
-server in encrypted-token mode.
-.PP
-Now, if a local user
-with uid 501 telnets to a remote host with IP address 10.9.8.7,
-the remote host may choose to make an ident query back to the
-local host, in order to obtain some information to be logged for
-possible use later.  The local
-.BR identd (8)
-might send the following encrypted token to the remote host
-instead of sending a username:
-.PP
-[aALdNYxh2496K4DDTel2Nk0Jzj5mRbok]
-.PP
-If the administrator of the remote host later provides the administrator
-of the local host with a copy of the encrypted token, and if
-the secret key has not been removed from the local
-.B /etc/identd.key
-file, then the administrator of the local host can run
-.B idecrypt
-and can provide the encrypted token in standard input.
-.PP
-.B idecrypt
-will then print the following decrypted information:
-.PP
-Sun May 19 00:25:23 1996 501 10.2.3.4 2304 10.9.8.7 23
-.PP
-This represents the time the encrypted token was created,
-the local user id, the local IP address and port number, and the
-remote IP address and port number.
-.SH SEE ALSO
-.BR identd (8)
-.BR tcpd (8)
-.SH BUGS
-The handling of fatal errors could be better.
--- a/security/pidentd/files/patch-src_idecrypt.c
+++ b/security/pidentd/files/patch-src_idecrypt.c
@ -1,46 +0,0 @@
--- src/idecrypt.c.orig	2015-02-28 20:14:56.633084000 +0100
-+++ src/idecrypt.c	2015-02-28 20:19:20.661476344 +0100
-@@ -100,8 +100,8 @@
-     char buf1[40], buf2[40];
-     struct sockaddr_gen ip_local, ip_remote;
-     int keyfile_fd;
-    des_cblock key_bin;
-    des_key_schedule sched;
-+    DES_cblock key_bin;
-+    DES_key_schedule sched;
-     static char readable[256];
-     
- 
-@@ -118,8 +118,8 @@
-     while (read(keyfile_fd, keybuf, sizeof(keybuf)-1) == sizeof(keybuf)-1)
-     {
- 	keybuf[sizeof(keybuf)-1] = '\0';
-	des_string_to_key(keybuf, &key_bin);
-	des_set_key(&key_bin, sched);
-+	DES_string_to_key(keybuf, &key_bin);
-+	DES_set_key(&key_bin, &sched);
- 
- 	count = (len == 32) ? 24 : 48;
- 	for (i = 0, j = 0; i < count; i += 3, j += 4)
-@@ -131,15 +131,15 @@
- 
- 	count = (len == 32) ? 2 : 8;
- 	for (i = count; i >= 0; i -= 2) {
-	    des_ecb_encrypt((des_cblock *)&(r.longs[i+2]),
-			    (des_cblock *)&(r.longs[i+2]),
-			    sched, DES_DECRYPT);
-+	    DES_ecb_encrypt((DES_cblock *)&(r.longs[i+2]),
-+			    (DES_cblock *)&(r.longs[i+2]),
-+			    &sched, DES_DECRYPT);
- 	    r.longs[i+2] ^= r.longs[i  ];
- 	    r.longs[i+3] ^= r.longs[i+1];
- 	}
-	des_ecb_encrypt((des_cblock *)&(r.longs[0]),
-			(des_cblock *)&(r.longs[0]),
-			sched, DES_DECRYPT);
-+	DES_ecb_encrypt((DES_cblock *)&(r.longs[0]),
-+			(DES_cblock *)&(r.longs[0]),
-+			&sched, DES_DECRYPT);
- 
- 	count = (len == 32) ? 6 : 12;
- 	for (i = 1; i < count; i++)
--- a/security/pidentd/files/patch-src_pides.c
+++ b/security/pidentd/files/patch-src_pides.c
@ -1,52 +0,0 @@
--- src/pdes.c.orig	2015-02-28 20:14:56.633084000 +0100
-+++ src/pdes.c	2015-02-28 20:17:14.869504878 +0100
-@@ -46,7 +46,7 @@
- 
- 
- 
-static des_key_schedule sched;
-+static DES_key_schedule sched;
- 
- 
- 
-@@ -55,7 +55,7 @@
- {
-     char keybuf[1024+1];
-     int fd, res;
-    des_cblock key_bin;
-+    DES_cblock key_bin;
- 
- 
-     if (keyfile == NULL)
-@@ -100,8 +100,8 @@
-     }
- 
-     keybuf[sizeof(keybuf)-1] = '\0';
-    des_string_to_key(keybuf, &key_bin);
-    des_set_key(&key_bin, sched);
-+    DES_string_to_key(keybuf, &key_bin);
-+    DES_set_key(&key_bin, &sched);
- 
-     return 0;
- }
-@@ -162,16 +162,16 @@
-     for (i = 1; i < count; i++)
- 	r.longs[0] ^= r.longs[i];
- 
-    des_ecb_encrypt((des_cblock *)&(r.longs[0]), (des_cblock *)&(r.longs[0]),
-		    sched, DES_ENCRYPT);
-+    DES_ecb_encrypt((DES_cblock *)&(r.longs[0]), (DES_cblock *)&(r.longs[0]),
-+		    &sched, DES_ENCRYPT);
- 
-     count = (family == AF_INET) ? 4 : 10;
-     for (i = 0; i < count; i += 2) {
- 	r.longs[i+2] ^= r.longs[i  ];
- 	r.longs[i+3] ^= r.longs[i+1];
- 
-	des_ecb_encrypt((des_cblock *)&(r.longs[i+2]),
-			(des_cblock *)&(r.longs[i+2]), sched, DES_ENCRYPT);
-+	DES_ecb_encrypt((DES_cblock *)&(r.longs[i+2]),
-+			(DES_cblock *)&(r.longs[i+2]), &sched, DES_ENCRYPT);
-     }
- 
-     count = (family == AF_INET) ? 24 : 48;
--- a/security/pidentd/pkg-descr
+++ b/security/pidentd/pkg-descr
@ -1,12 +0,0 @@
-This is a program that implements the RFC1413 identification server. It
-was very much inspired by Dan Bernstein's original 'authd' (but unlike
-that program doesn't use 'netstat' to get some of the information) It
-uses the kernel information directly.  (And is due to that fact a lot
-faster). Dan has now written another version of the 'authd' daemon that
-uses his 'kstuff' to read the kernel information. Unlike that daemon,
-this will use only normally available kernel access functions (and is due
-to that more limited in the different machines it support). Please note
-that this daemon used to be called pauthd but has changed name to better
-reflect what it does (and to conform to the new RFC).
-
-WWW: http://www.lysator.liu.se/~pen/pidentd/