- Update patchfiles to match latest release (Nov 2001)

- Fix MASTER_SITES (adding local mirror) The old master sites referenced distinct distfiles with the same filename. Primary site carries the latest version which includes minor bugfixes. Patches in previous commit were broken as they matched the older release.
author: Johan van Selst <johans@FreeBSD.org> 2007-10-17 08:35:03 +0000
committer: Johan van Selst <johans@FreeBSD.org> 2007-10-17 08:35:03 +0000
commit: 996f4eccd712d958a8e286583e0308aabfa066be (patch)
tree: 8f63ff7e68885b522aec7ff721753afbc093fdd8
parent: Update to 0.15 (diff)
7 files changed, 136 insertions, 63 deletions
diff --git a/security/audit/Makefile b/security/audit/Makefile
index 135b1c3c8f9c..71cfcb425bca 100644
--- a/security/audit/Makefile
+++ b/security/audit/Makefile
@@ -10,8 +10,7 @@ PORTVERSION=	1.0
 PORTREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	http://www1.corest.com/download/audit/ \
-		http://www2.corest.com/download/audit/ \
-		ftp://ftp.nuug.no/pub/anders/distfiles/
+		ftp://ftp.stack.nl/pub/users/johans/audit/
 DISTNAME=	${PORTNAME}-v${PORTVERSION}beta-src
 
 MAINTAINER=	ports@FreeBSD.org
@@ -22,7 +21,7 @@ OPTIONS=	MYSQL "With MySQL support" off \
 
 MAKE_ARGS=	CFLAGS+="-fPIC -DPIC"
 
-WRKSRC=		${WRKDIR}/${PORTNAME}-v${PORTVERSION}beta
+WRKSRC=		${WRKDIR}/${PORTNAME}-v${PORTVERSION}
 
 USE_GMAKE=	yes
 USE_LDCONFIG=	${PREFIX}/lib/alat
diff --git a/security/audit/files/patch-ac b/security/audit/files/patch-ac
index 495d981dc14f..d46c546e077c 100644
--- a/security/audit/files/patch-ac
+++ b/security/audit/files/patch-ac
@@ -1,6 +1,6 @@
---- src/auditd/auditd.c.orig	Sun Nov 24 05:22:21 2002
-+++ src/auditd/auditd.c	Sun Nov 24 05:25:39 2002
-@@ -54,6 +54,10 @@
+--- src/auditd/auditd.c.orig	2001-11-01 23:22:31.000000000 +0100
++++ src/auditd/auditd.c	2007-10-17 09:41:34.000000000 +0200
+@@ -55,6 +55,10 @@
  #include <sysexits.h>
  #include <unistd.h>
  #include <openssl/evp.h>
@@ -9,5 +9,5 @@
 +#include <limits.h>
 +#endif
  
- #include "version.h"
  #include "sysdep.h"
+ #include "packet.h"
diff --git a/security/audit/files/patch-ad b/security/audit/files/patch-ad
index f89021de5b3d..08738b0a6129 100644
--- a/security/audit/files/patch-ad
+++ b/security/audit/files/patch-ad
@@ -1,5 +1,5 @@
---- src/auditd/ia.c.orig	Sun Nov 24 05:32:00 2002
-+++ src/auditd/ia.c	Sun Nov 24 05:32:23 2002
+--- src/auditd/ia.c.orig	2001-10-10 02:30:11.000000000 +0200
++++ src/auditd/ia.c	2007-10-17 09:41:34.000000000 +0200
 @@ -54,6 +54,10 @@
  #include <sysexits.h>
  #include <unistd.h>
@@ -9,5 +9,5 @@
 +#include <limits.h>
 +#endif
  
- #include "version.h"
  #include "sysdep.h"
+ #include "packet.h"
diff --git a/security/audit/files/patch-src::audit::audit.c b/security/audit/files/patch-src::audit::audit.c
index 0bd030d92b75..6f027726cbc7 100644
--- a/security/audit/files/patch-src::audit::audit.c
+++ b/security/audit/files/patch-src::audit::audit.c
@@ -1,6 +1,6 @@
---- src/audit/audit.c.orig	Thu Nov  4 07:24:04 2004
-+++ src/audit/audit.c	Thu Nov  4 07:25:17 2004
-@@ -143,6 +143,7 @@
+--- src/audit/audit.c.orig	2001-10-06 01:14:58.000000000 +0200
++++ src/audit/audit.c	2007-10-17 09:41:34.000000000 +0200
+@@ -147,6 +147,7 @@
  	case SIGABRT:
  		fatal(-1, "");
  	default:
diff --git a/security/audit/files/patch-src_include_sysdep.h b/security/audit/files/patch-src_include_sysdep.h
new file mode 100644
index 000000000000..d33f3c733d1c
--- /dev/null
+++ b/security/audit/files/patch-src_include_sysdep.h
@@ -0,0 +1,13 @@
+--- src/include/sysdep.h.orig	2007-10-17 09:51:14.000000000 +0200
++++ src/include/sysdep.h	2007-10-17 09:50:32.000000000 +0200
+@@ -96,10 +96,6 @@ size_t strlcat (char *, const char *, si
+ #define _PASSWORD_LEN	128
+ #endif
+ 
+-#if defined(__FreeBSD__)
+-typedef int32_t in_addr_t;
+-#endif /* __FreeBSD__ */
+-
+ int init_socket ();
+ 
+ #endif /* SYSDEP */
diff --git a/security/audit/files/patch-src_lib_packet.c b/security/audit/files/patch-src_lib_packet.c
index 1907180ccf69..a6f960ca5a1a 100644
--- a/security/audit/files/patch-src_lib_packet.c
+++ b/security/audit/files/patch-src_lib_packet.c
@@ -1,6 +1,6 @@
---- src/lib/packet.c.orig	2007-10-17 08:15:35.000000000 +0200
-+++ src/lib/packet.c	2007-10-17 08:04:21.000000000 +0200
-@@ -546,16 +546,16 @@ void
+--- src/lib/packet.c.orig	2001-10-06 00:04:06.000000000 +0200
++++ src/lib/packet.c	2007-10-17 09:44:32.000000000 +0200
+@@ -546,19 +546,19 @@
  packet_put_raw(PACKET *p, const void *_data, ssize_t size)
  {
  	ssize_t	 written;
@@ -14,13 +14,16 @@
 +	data = (char *) _data;
  	while (size) {
  		written = buf_put_raw(p->pkt_wbuf, data, size);
+ 		if (written < 0)
+ 			fatal(EX_SOFTWARE, "Invalid internal packet structure. "
+ 			    "Connection aborted.");
  		size -= written;
 -		(char *) data += written;
 +		data += written;
  		if (size)
  			_packet_write(p);
  	}
-@@ -604,14 +604,16 @@ void
+@@ -607,14 +607,16 @@
  packet_get_raw(PACKET *p, void *data, ssize_t size)
  {
  	ssize_t readed;
diff --git a/security/audit/files/patch-src_modules_auth_srp_auth_srp.c b/security/audit/files/patch-src_modules_auth_srp_auth_srp.c
index 6e836e71617d..c86f1af9e833 100644
--- a/security/audit/files/patch-src_modules_auth_srp_auth_srp.c
+++ b/security/audit/files/patch-src_modules_auth_srp_auth_srp.c
@@ -1,6 +1,32 @@
---- src/modules/auth/srp/auth_srp.c.orig	2007-10-17 08:09:07.000000000 +0200
-+++ src/modules/auth/srp/auth_srp.c	2007-10-17 08:09:09.000000000 +0200
-@@ -445,7 +445,7 @@ _auth_srvr(AUTHCON *ct)
+--- src/modules/auth/srp/auth_srp.c.orig	2001-12-12 21:35:02.000000000 +0100
++++ src/modules/auth/srp/auth_srp.c	2007-10-17 09:48:57.000000000 +0200
+@@ -289,7 +289,7 @@
+ _get_srppass(AUTHCON *ct, BIGNUM *v, BIGNUM *s, unsigned char *bs)
+ {
+ 	RESOURCE	*r;
+-	BN_CTX		 bnctx;
++	BN_CTX		*bnctx = BN_CTX_new();
+ 	BIGNUM		 tmp;
+ 
+ 	if (ct->rlist != NULL) {
+@@ -308,12 +308,12 @@
+ 
+ 	/* Generate fake verifier and salt (try to avoid timing attack) */
+ 	log_debug(AUTH_SRP "Generating fake verifier and salt.");
+-	BN_CTX_init(&bnctx);
++	BN_CTX_init(bnctx);
+ 	BN_init(&tmp);
+-	_rand_bn(v, &tmp, &bnctx);
+-	_rand_bn(s, &tmp, &bnctx);
++	_rand_bn(v, &tmp, bnctx);
++	_rand_bn(s, &tmp, bnctx);
+ 	BN_free(&tmp);
+-	BN_CTX_free(&bnctx);
++	BN_CTX_free(bnctx);
+ 	BN_bn2bin(s, bs);
+ 	return (-1);
+ }
+@@ -460,7 +460,7 @@
  			 USER_M1[SHA1_DIGESTSIZE],
  			 bs[NBYTES];
  	BIGNUM		 A, B, S, b, u, v, s, tmp;
@@ -9,7 +35,7 @@
  	void		*buffer;
  	size_t		 bufsiz;
  	char		 hostname[MAXHOSTNAMELEN]; /* XXX: move to engine */
-@@ -468,7 +468,7 @@ _auth_srvr(AUTHCON *ct)
+@@ -483,7 +483,7 @@
  	BN_init(&u);
  	BN_init(&v);
  	BN_init(&tmp);
@@ -18,29 +44,35 @@
  
  	clnt_st = LOGIN_FAILED;
  
-@@ -493,7 +493,7 @@ _auth_srvr(AUTHCON *ct)
+@@ -508,10 +508,10 @@
+ 	 *	u = rand(); 1 < u < p - 1
+ 	 *	B = (g exp b + v) % p = ((g exp b) % p + v) % p
  	 */
- 	_rand_bn(&b);
- 	_rand_bn(&u);
--	if (!BN_mod_exp(&tmp, &g, &b, &n, &bnctx) || !BN_add(&B, &tmp, &v))
-+	if (!BN_mod_exp(&tmp, &g, &b, &n, bnctx) || !BN_add(&B, &tmp, &v))
+-	_rand_bn(&b, &tmp, &bnctx);
+-	_rand_bn(&u, &tmp, &bnctx);
+-	if (!BN_mod_exp(&B, &g, &b, &p, &bnctx) ||
+-	    !BN_add(&tmp, &B, &v) || !BN_mod(&B, &tmp, &p, &bnctx))
++	_rand_bn(&b, &tmp, bnctx);
++	_rand_bn(&u, &tmp, bnctx);
++	if (!BN_mod_exp(&B, &g, &b, &p, bnctx) ||
++	    !BN_add(&tmp, &B, &v) || !BN_mod(&B, &tmp, &p, bnctx))
  		_fatal_bn("srvr_auth()");
  
  	/* Receive A, send B and u */
-@@ -507,9 +507,9 @@ _auth_srvr(AUTHCON *ct)
+@@ -527,9 +527,9 @@
  	 *	K  = HASH(S)
  	 *	M1 = HASH(A, B, K)
  	 */
--	if (!BN_mod_exp(&S, &v, &u, &n, &bnctx) ||
--	    !BN_mul(&tmp, &A, &S, &bnctx) ||
--	    !BN_mod_exp(&S, &tmp, &b, &n, &bnctx))
-+	if (!BN_mod_exp(&S, &v, &u, &n, bnctx) ||
-+	    !BN_mul(&tmp, &A, &S, bnctx) ||
-+	    !BN_mod_exp(&S, &tmp, &b, &n, bnctx))
+-	if (!BN_mod_exp(&S, &v, &u, &p, &bnctx) ||
+-	    !BN_mod_mul(&tmp, &A, &S, &p, &bnctx) ||
+-	    !BN_mod_exp(&S, &tmp, &b, &p, &bnctx))
++	if (!BN_mod_exp(&S, &v, &u, &p, bnctx) ||
++	    !BN_mod_mul(&tmp, &A, &S, &p, bnctx) ||
++	    !BN_mod_exp(&S, &tmp, &b, &p, bnctx))
  		_fatal_bn("srvr_auth()");
  	_hash_bn(K, &S, &buffer, &bufsiz);
  	_auth_digest1(M1, &A, &B, K, &buffer, &bufsiz);
-@@ -560,7 +560,7 @@ _auth_srvr(AUTHCON *ct)
+@@ -581,7 +581,7 @@
  	BN_clear_free(&u);
  	BN_clear_free(&v);
  	BN_clear_free(&tmp);
@@ -49,49 +81,65 @@
  	free(buffer);
  
  	/* Init encryption */
-@@ -603,7 +603,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+@@ -624,7 +624,7 @@
  			 M2[SHA1_DIGESTSIZE],
  			 SERVER_M2[SHA1_DIGESTSIZE];
- 	BIGNUM		 a, u, x, A, B, S, tmp1, tmp2;
+ 	BIGNUM		 a, u, x, A, B, S, tmp1, tmp2, tmp3;
 -	BN_CTX		 bnctx;
 +	BN_CTX		*bnctx = BN_CTX_new();
  	SHA1_CTX	 sha1_ctx;
  	void		*buffer;
  	size_t		 bufsiz;
-@@ -621,7 +621,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
- 	BN_init(&S);
+@@ -643,7 +643,7 @@
  	BN_init(&tmp1);
  	BN_init(&tmp2);
+ 	BN_init(&tmp3);
 -	BN_CTX_init(&bnctx);
 +	BN_CTX_init(bnctx);
  
  	srvr_st = clnt_st = LOGIN_FAILED;
  
-@@ -663,7 +663,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
- 	 *	A = g exp a
+@@ -681,7 +681,7 @@
+ 	SHA1Final(xdigest, &sha1_ctx);
+ 	bzero(args->pass, sizeof(args->pass));
+ 	if (BN_bin2bn(xdigest, sizeof(xdigest), &tmp1) == NULL ||
+-	    !BN_mod(&x, &tmp1, &pm1, &bnctx))
++	    !BN_mod(&x, &tmp1, &pm1, bnctx))
+ 		_fatal_bn("_auth_clnt()");
+ 	
+ 	/*
+@@ -689,8 +689,8 @@
+ 	 *	a = rand(); 1 < a < n - 1
+ 	 *	A = (g exp a) % n
  	 */
- 	_rand_bn(&a);
--	if (!BN_mod_exp(&A, &g, &a, &n, &bnctx))
-+	if (!BN_mod_exp(&A, &g, &a, &n, bnctx))
+-	_rand_bn(&a, &tmp1, &bnctx);
+-	if (!BN_mod_exp(&A, &g, &a, &p, &bnctx))
++	_rand_bn(&a, &tmp1, bnctx);
++	if (!BN_mod_exp(&A, &g, &a, &p, bnctx))
  		_fatal_bn("_auth_clnt()");
  
  	/* Send A, receive B and u */
-@@ -675,11 +675,11 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
- 	 * Calculate:
- 	 *	S = ( (B - g exp x) exp (a + u * x) ) % n
+@@ -704,14 +704,14 @@
+ 	 *	  = ( (B - (g exp x) % n) exp
+ 	 *	    ((a + ((u * x) % (n - 1))) % (n - 1)) ) % n
  	 */
--	if (!BN_mul(&S, &u, &x, &bnctx) ||
-+	if (!BN_mul(&S, &u, &x, bnctx) ||
- 	    !BN_add(&tmp1, &S, &a) ||
--	    !BN_mod_exp(&S, &g, &x, &n, &bnctx) ||
-+	    !BN_mod_exp(&S, &g, &x, &n, bnctx) ||
- 	    !BN_sub(&tmp2, &B, &S) ||
--	    !BN_mod_exp(&S, &tmp2, &tmp1, &n, &bnctx))
-+	    !BN_mod_exp(&S, &tmp2, &tmp1, &n, bnctx))
+-	if (!BN_mod_mul(&tmp1, &u, &x, &pm1, &bnctx) ||
++	if (!BN_mod_mul(&tmp1, &u, &x, &pm1, bnctx) ||
+ 	    !BN_add(&S, &tmp1, &a) ||
+-	    !BN_mod(&tmp1, &S, &pm1, &bnctx) ||
+-	    !BN_mod_exp(&tmp2, &g, &x, &p, &bnctx) ||
++	    !BN_mod(&tmp1, &S, &pm1, bnctx) ||
++	    !BN_mod_exp(&tmp2, &g, &x, &p, bnctx) ||
+ 	    !BN_add(&tmp3, &B, &p) ||	/* Workaround for the BN_mod() bug */
+ 	    !BN_sub(&S, &tmp3, &tmp2) ||
+-	    !BN_mod(&tmp2, &S, &p, &bnctx) ||
+-	    !BN_mod_exp(&S, &tmp2, &tmp1, &p, &bnctx))
++	    !BN_mod(&tmp2, &S, &p, bnctx) ||
++	    !BN_mod_exp(&S, &tmp2, &tmp1, &p, bnctx))
  		_fatal_bn("_auth_clnt()");
  
  	/*
-@@ -717,7 +717,7 @@ _auth_clnt(AUTHCON *ct, struct autharg_c
+@@ -749,7 +749,7 @@
  	BN_clear_free(&S);
  	BN_clear_free(&tmp1);
  	BN_clear_free(&tmp2);
@@ -100,16 +148,16 @@
  	free(buffer);
  
  	/* Init encryption */
-@@ -744,7 +744,7 @@ static int
+@@ -776,7 +776,7 @@
  _filter_resource(AUTHCON *ct, struct autharg_filter *args)
  {
  	SHA1_CTX	sha1_ctx;
 -	BN_CTX		bnctx;
 +	BN_CTX	       *bnctx = BN_CTX_new();
- 	BIGNUM		salt, verifier, x;
+ 	BIGNUM		salt, verifier, x, tmp;
  	unsigned char	bsalt[NBYTES], xdigest[SHA1_DIGESTSIZE];
  
-@@ -756,7 +756,7 @@ _filter_resource(AUTHCON *ct, struct aut
+@@ -789,7 +789,7 @@
  	/* Just filter srp passwords */
  	if (!strcmp(args->rname, SRP_PASS_RNAME)) {
  
@@ -118,16 +166,26 @@
  		BN_init(&salt);
  		BN_init(&x);
  		BN_init(&verifier);
-@@ -774,7 +774,7 @@ _filter_resource(AUTHCON *ct, struct aut
+@@ -801,15 +801,15 @@
+ 		 *	x = HASH(salt, password); 1 < x < n - 1
+ 		 *	verifier = (g exp x) % n
+ 		 */
+-		_rand_bn(&salt, &tmp, &bnctx);
++		_rand_bn(&salt, &tmp, bnctx);
+ 		BN_bn2bin(&salt, bsalt);
+ 		SHA1Init(&sha1_ctx);
+ 		SHA1Update(&sha1_ctx, bsalt, sizeof(bsalt));
  		SHA1Update(&sha1_ctx, args->value, args->vsize);
  		SHA1Final(xdigest, &sha1_ctx);
- 		if (BN_bin2bn(xdigest, sizeof(xdigest), &x) == NULL ||
--		    !BN_mod_exp(&verifier, &g, &x, &n, &bnctx))
-+		    !BN_mod_exp(&verifier, &g, &x, &n, bnctx))
+ 		if (BN_bin2bn(xdigest, sizeof(xdigest), &tmp) == NULL ||
+-		    !BN_mod(&x, &tmp, &pm1, &bnctx) ||
+-		    !BN_mod_exp(&verifier, &g, &x, &p, &bnctx))
++		    !BN_mod(&x, &tmp, &pm1, bnctx) ||
++		    !BN_mod_exp(&verifier, &g, &x, &p, bnctx))
  			_fatal_bn("_filter_resource()");
  
  		/* Get memory for the filtered value */
-@@ -793,7 +793,7 @@ _filter_resource(AUTHCON *ct, struct aut
+@@ -829,7 +829,7 @@
  		BN_clear_free(&verifier);
  		BN_clear_free(&x);
  		BN_clear_free(&salt);
author	Johan van Selst <johans@FreeBSD.org>	2007-10-17 08:35:03 +0000
committer	Johan van Selst <johans@FreeBSD.org>	2007-10-17 08:35:03 +0000
commit	996f4eccd712d958a8e286583e0308aabfa066be (patch)
tree	8f63ff7e68885b522aec7ff721753afbc093fdd8
parent	Update to 0.15 (diff)