Add a package for the SKIP package from Sun Microsystems,

for making secure pipes across the internet (etc.)
author: Julian Elischer <julian@FreeBSD.org> 1998-01-09 23:23:58 +0000
committer: Julian Elischer <julian@FreeBSD.org> 1998-01-09 23:23:58 +0000
commit: de8a9e28514d8bc9a9fec2eea38c03176e927046 (patch)
tree: e5692950c8d78ca95a07e7aff61f86d562892e1c /security/skip
parent: Upgrade, 4.36 -> 4.41. (diff)
70 files changed, 2545 insertions, 0 deletions
diff --git a/security/skip/Makefile b/security/skip/Makefile
new file mode 100644
index 000000000000..789c58205a29
--- /dev/null
+++ b/security/skip/Makefile
@@ -0,0 +1,67 @@
+# New ports collection makefile for:    skip
+# Version required:     		1.0
+# Date created:         		26 November 1997
+# Whom:                 		Archie L. Cobbs <archie@whistle.com>
+#
+# $Id: Makefile,v 1.25 1997/06/26 15:50:06 max Exp $
+
+DISTNAME=		skip-1.0
+CATEGORIES=		security
+
+DISTFILES=		skipsrc-1.0.tar.Z
+EXTRACT_SUFX=		tar.Z
+
+MAINTAINER=		archie@whistle.com
+
+BUILD_DEPENDS=	${X11BASE}/lib/libxview.a:${PORTSDIR}/x11/xview-lib \
+		${X11BASE}/lib/X11/config/XView.cf:${PORTSDIR}/x11/xview-config
+LIB_DEPENDS=	xview\\.3\\.:${PORTSDIR}/x11/xview-lib
+
+# The SKIP code is restricted from export from the United States and Canada.
+# See the file doc/00README for legal details.
+RESTRICTED=		Contains strong crypto; no export from U.S./Canada
+NO_PACKAGE=		${RESTRICTED}
+NO_CDROM=		${RESTRICTED}
+
+IS_INTERACTIVE=		yes
+NO_WRKSUBDIR=		defined
+PATCH_STRIP=		-p1
+HAS_CONFIGURE=		defined
+CONFIGURE_SCRIPT=	Configure
+CONFIGURE_ARGS=		freebsd
+USE_GMAKE=		defined
+
+MTREE_FILE=		${FILESDIR}/skip.mtree
+MAN1=			certreq.1 skiphost.1 skipstat.1 skiptool.1 skipd.1 \
+			skipdb.1 skipca.1 skiplocal.1 install_skip_keys.1 \
+			skipd_restart.1 skipif.1 skip_conf.1 skiplog.1 \
+			print_cert.1
+MAN4=			skipd.conf.4 raw_keys.4
+
+# The user must 'fetch' the sources manually
+pre-fetch:
+	@if [ ! -f ${DISTDIR}/${DISTFILES} ]; then \
+	  echo ""; \
+	  echo "***"; \
+	  echo "***    NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE"; \
+	  echo "***"; \
+	  echo "*** You must get the source yourself from this web page:"; \
+	  echo "***     http://skip.incog.com/src-form.html"; \
+	  echo "*** and put it into ${DISTDIR} with the name ${DISTFILES}."; \
+	  echo "***"; \
+	  echo ""; \
+	  false; \
+	fi
+
+# SKIP has a lot of hard coded paths in it. Our patches replace
+# them with @@PREFIX@@, which we then replace with ${PREFIX}.
+post-patch:
+	@find ${WRKSRC} -name '*.orig' -print | xargs rm
+	@cd ${WRKSRC}; \
+	FILES=`find . -type f -print | xargs grep -l @@PREFIX@@`; \
+	for FILE in $$FILES; do \
+	  sed 's!@@PREFIX@@!${PREFIX}!g' < $$FILE > $$FILE.new ; \
+	  mv $$FILE.new $$FILE; \
+	done
+
+.include <bsd.port.mk>
diff --git a/security/skip/distinfo b/security/skip/distinfo
new file mode 100644
index 000000000000..6502d9bac82e
--- /dev/null
+++ b/security/skip/distinfo
@@ -0,0 +1 @@
+MD5 (skipsrc-1.0.tar.Z) = 4ef36b4332dbb96ae74220c14a48e429
diff --git a/security/skip/files/patch-aa b/security/skip/files/patch-aa
new file mode 100644
index 000000000000..e54d2149c589
--- /dev/null
+++ b/security/skip/files/patch-aa
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/Configure skipsrc-1.0/Configure
+--- skipsrc-1.0.orig/Configure	Fri Oct 25 13:13:15 1996
++++ skipsrc-1.0/Configure	Wed Dec 10 15:10:41 1997
+@@ -103,8 +103,6 @@
+ 		echo "$0: failed to install skip/freebsd/Makefile.defs"
+ 		exit 1
+ 	fi
+-	echo "Configured to build on freebsd"
+-	echo "Don't forget to use gmake to compile"
+ 	exit 0
+ fi
+ if [ "$system" = "sunos" ]
diff --git a/security/skip/files/patch-ab b/security/skip/files/patch-ab
new file mode 100644
index 000000000000..86e6bd8cdd1b
--- /dev/null
+++ b/security/skip/files/patch-ab
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/Makefile skipsrc-1.0/Makefile
+--- skipsrc-1.0.orig/Makefile	Fri Oct 25 13:11:18 1996
++++ skipsrc-1.0/Makefile	Mon Dec  8 13:22:13 1997
+@@ -74,3 +74,7 @@
+ cleanpkgs:
+ 	@echo "Cleaning SKIP package directory..."
+ 	@(cd mkpkgs; $(MAKE) clean)
++
++install:
++	@true
++
diff --git a/security/skip/files/patch-ac b/security/skip/files/patch-ac
new file mode 100644
index 000000000000..8b0c7cb1f3c1
--- /dev/null
+++ b/security/skip/files/patch-ac
@@ -0,0 +1,32 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/admin/hosts.4.x skipsrc-1.0/admin/hosts.4.x
+--- skipsrc-1.0.orig/admin/hosts.4.x	Fri Oct 25 13:13:14 1996
++++ skipsrc-1.0/admin/hosts.4.x	Thu Dec 18 10:53:56 1997
+@@ -46,20 +46,18 @@
+ #
+ # SKIP host access control information
+ # 
+-PATH=/usr/skip/bin:/bin export PATH
+-SKIP_ACL=/etc/skip/acl.*
++PREFIX=@@PREFIX@@
++SKIP_BIN=${PREFIX}/bin
++PATH=${SKIP_BIN}:${PATH} export PATH
++SKIP_ACL=${PREFIX}/etc/skip/acl.*
+ SKIP_NOCHECK=no; export SKIP_NOCHECK
+ OS_NAME=`uname`
+ 
+-echo "starting SKIP for $OS_NAME v1.0." > /dev/console
+-
+ # Update ACL for each SKIP interface
+ #
+-for acl in $SKIP_ACL "end" ; do
+-	if [ $acl = "end" ]; then
+-		break
+-	fi
+-	if [ -f $SKIP_ACL ]; then
+-		. $SKIP_ACL > /dev/null
++for ACL in ${SKIP_ACL}; do
++	if [ -f "${ACL}" ]; then
++		. ${ACL} > /dev/null
+ 	fi
+ done
++
diff --git a/security/skip/files/patch-ad b/security/skip/files/patch-ad
new file mode 100644
index 000000000000..fb97d4fad614
--- /dev/null
+++ b/security/skip/files/patch-ad
@@ -0,0 +1,38 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/admin/install_skip_keys.sh skipsrc-1.0/admin/install_skip_keys.sh
+--- skipsrc-1.0.orig/admin/install_skip_keys.sh	Fri Oct 25 13:11:19 1996
++++ skipsrc-1.0/admin/install_skip_keys.sh	Wed Nov 26 18:36:37 1997
+@@ -145,18 +145,11 @@
+ 	rm -rf $DIR
+ }
+ 
++PREFIX=@@PREFIX@@
++SKIP_BIN=${PREFIX}/bin
++SKIP_ETC=${PREFIX}/etc/skip
+ 
+-SUNOS=`uname -r | sed 's/\..*//g'`
+-if [ $SUNOS = 5 ]; then
+-	SKIP_BIN=/opt/SUNWicg/bin
+-	SKIP_ETC=/etc/opt/SUNWicg/skip
+-else
+-	SKIP_BIN=/usr/skip/bin
+-	SKIP_ETC=/etc/skip
+-fi
+-
+-SKIP_PATH=${SKIP_PATH-$SKIP_BIN}
+-PATH=${SKIP_PATH}:/bin:/usr/ucb:$PATH export PATH
++PATH=${SKIP_BIN}:${PATH} export PATH
+ 
+ if [ $# -lt 1 ]
+ then
+@@ -168,11 +161,6 @@
+ if [ $USER != "root" ]
+ then
+ 	echo "$0: you must be root to run this command."
+-	exit 1
+-fi
+-
+-if [ ! -d $SKIP_PATH ]; then
+-	echo "$0: cannot find $SKIP_PATH - is SKIP installed?"
+ 	exit 1
+ fi
+ 
diff --git a/security/skip/files/patch-ae b/security/skip/files/patch-ae
new file mode 100644
index 000000000000..0c5b0b0067f6
--- /dev/null
+++ b/security/skip/files/patch-ae
@@ -0,0 +1,21 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/admin/skip_conf.sh skipsrc-1.0/admin/skip_conf.sh
+--- skipsrc-1.0.orig/admin/skip_conf.sh	Fri Oct 25 13:11:19 1996
++++ skipsrc-1.0/admin/skip_conf.sh	Wed Nov 26 18:39:02 1997
+@@ -8,14 +8,9 @@
+ 	exit 1
+ fi
+ 
+-SUNOS=`/bin/uname -r | /bin/sed 's/\..*//g'`
+-if [ $SUNOS = 5 ]; then
+-	SKIP_BIN=/opt/SUNWicg/bin
+-	SKIP_ETC=/etc/opt/SUNWicg/skip
+-else
+-	SKIP_BIN=/usr/skip/bin
+-	SKIP_ETC=/etc/skip
+-fi
++PREFIX=@@PREFIX@@
++SKIP_BIN=${PREFIX}/bin
++SKIP_ETC=${PREFIX}/etc/skip
+ 
+ VARIABLE=$1
+ shift
diff --git a/security/skip/files/patch-af b/security/skip/files/patch-af
new file mode 100644
index 000000000000..c35cf5d0c137
--- /dev/null
+++ b/security/skip/files/patch-af
@@ -0,0 +1,27 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/admin/skipd_restart.sh skipsrc-1.0/admin/skipd_restart.sh
+--- skipsrc-1.0.orig/admin/skipd_restart.sh	Fri Oct 25 13:11:19 1996
++++ skipsrc-1.0/admin/skipd_restart.sh	Wed Nov 26 20:13:18 1997
+@@ -4,20 +4,9 @@
+ #
+ #  Kill and restart the SKIP key management/certificate daemon
+ 
+-PATH=/bin:/usr/bin:/sbin:/usr/sbin
+-export PATH
+-
+-SUNOS=`uname -r | sed 's/\..*//g'`
+-if [ $SUNOS = 5 ]; then
+-	SKIP_BIN=/opt/SUNWicg/bin
+-	SKIP_ETC=/etc/opt/SUNWicg/skip
+-else
+-	SKIP_BIN=/usr/skip/bin
+-	SKIP_ETC=/etc/skip
+-fi
+-
+-SKIP_PID=$SKIP_ETC/skipd.pid
+-SKIPD=$SKIP_BIN/skipd
++SKIP_BIN=@@PREFIX@@/bin
++SKIPD=${SKIP_BIN}/skipd
++SKIP_PID=/var/run/skipd.pid
+ 
+ PATH=$SKIP_BIN:$PATH
+ 
diff --git a/security/skip/files/patch-ag b/security/skip/files/patch-ag
new file mode 100644
index 000000000000..5ba5def5403f
--- /dev/null
+++ b/security/skip/files/patch-ag
@@ -0,0 +1,58 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/admin/skipif.sh skipsrc-1.0/admin/skipif.sh
+--- skipsrc-1.0.orig/admin/skipif.sh	Fri Oct 25 13:11:20 1996
++++ skipsrc-1.0/admin/skipif.sh	Wed Nov 26 20:01:21 1997
+@@ -4,30 +4,15 @@
+ #
+ # SKIP interface management utility
+ 
+-os_release=`uname -r | sed 's/\..*//g'`
+-os_name=`uname`
++PREFIX=@@PREFIX@@
++SKIP_BIN=${PREFIX}/bin
++SKIP_ETC=${PREFIX}/etc/skip
++
++ECHO=echo
++TAB="        "
++ECHO_NONL="echo -n"
+ 
+-if [ $os_release = 5 ]; then
+-	SKIP_BIN=/opt/SUNWicg/bin
+-	SKIP_ETC=/etc/opt/SUNWicg/skip
+-	ECHO=/bin/echo
+-	TAB="\t"
+-	ECHO_NONL=$ECHO
+-	NO_NL="\c"
+-else
+-	SKIP_BIN=/usr/skip/bin
+-	SKIP_ETC=/etc/skip
+-	ECHO=echo
+-	TAB="        "
+-	ECHO_NONL="echo -n"
+-fi
+-
+-PATH=/bin:/usr/bin:/usr/sbin:/usr/ucb:/etc:$SKIP_BIN
+-
+-if [ $os_name != SunOS ]
+-then
+-	PATH=/sbin:$PATH
+-fi
++PATH=/bin:/usr/bin:/sbin:/usr/sbin:${SKIP_BIN}
+ export PATH
+ 
+ SKIPHOST=$SKIP_BIN/skiphost
+@@ -40,14 +25,11 @@
+ SKIP_SAVE="skipif: saving configuration to $SKIP_ETC/acl."
+ SKIP_NOSKIPIF="skipif: no SKIP interface found"
+ 
+-
+ # Get the list of the network interfaces -eclude loopback interfaces
+ #
+ get_if_list()
+ {
+-
+-iflist=`netstat -i |grep -v Name|grep -v Kernel |grep -v Iface| \
+-		sed -e "s/ \(.*\)//"|grep -v lo0|grep -v lo|uniq`
++iflist=`ifconfig -a | grep '^[a-z]' | awk -F: '{print $1}' | grep -v 'lo[0-9]'`
+ }
+ 
+ # List all the network interfaces status
diff --git a/security/skip/files/patch-ah b/security/skip/files/patch-ah
new file mode 100644
index 000000000000..450845a2d84f
--- /dev/null
+++ b/security/skip/files/patch-ah
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/hashcert/dh_keygen.C skipsrc-1.0/certs/hashcert/dh_keygen.C
+--- skipsrc-1.0.orig/certs/hashcert/dh_keygen.C	Fri Oct 25 13:11:37 1996
++++ skipsrc-1.0/certs/hashcert/dh_keygen.C	Mon Dec 15 16:57:05 1997
+@@ -54,6 +54,8 @@
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <unistd.h>
++#include <time.h>
+ #include <sys/types.h>
+ #include "Time.h"
+ #include "Bigint.h"
diff --git a/security/skip/files/patch-ai b/security/skip/files/patch-ai
new file mode 100644
index 000000000000..8d6f80a5bc8e
--- /dev/null
+++ b/security/skip/files/patch-ai
@@ -0,0 +1,13 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/AuthPolicy.C skipsrc-1.0/certs/lib/AuthPolicy.C
+--- skipsrc-1.0.orig/certs/lib/AuthPolicy.C	Fri Oct 25 13:11:37 1996
++++ skipsrc-1.0/certs/lib/AuthPolicy.C	Fri Nov 21 11:39:11 1997
+@@ -44,7 +44,9 @@
+ 
+ #pragma ident "@(#)AuthPolicy.C	1.9 96/05/15"
+ 
++#include <sys/types.h>
+ #include <dirent.h>
++#include <string.h>
+ #include "AuthPolicy.h"
+ 
+ 
diff --git a/security/skip/files/patch-aj b/security/skip/files/patch-aj
new file mode 100644
index 000000000000..1ff6b6224647
--- /dev/null
+++ b/security/skip/files/patch-aj
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/Bstream.C skipsrc-1.0/certs/lib/Bstream.C
+--- skipsrc-1.0.orig/certs/lib/Bstream.C	Fri Oct 25 13:11:38 1996
++++ skipsrc-1.0/certs/lib/Bstream.C	Fri Nov 21 11:39:11 1997
+@@ -48,6 +48,7 @@
+ #include <netinet/in.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <string.h>
+ #include <unistd.h>
+ #include <fcntl.h>
+ #include "Bstream.h"
diff --git a/security/skip/files/patch-ak b/security/skip/files/patch-ak
new file mode 100644
index 000000000000..59395b7f31ab
--- /dev/null
+++ b/security/skip/files/patch-ak
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/CertInfo.C skipsrc-1.0/certs/lib/CertInfo.C
+--- skipsrc-1.0.orig/certs/lib/CertInfo.C	Fri Oct 25 13:11:39 1996
++++ skipsrc-1.0/certs/lib/CertInfo.C	Fri Nov 21 11:39:11 1997
+@@ -44,6 +44,7 @@
+ 
+ #pragma ident "@(#)CertInfo.C	1.14 96/04/10"
+ 
++#include <time.h>
+ #include "CertInfo.h"
+ #include "X509skip.h"
+ #include "HashCert.h"
diff --git a/security/skip/files/patch-al b/security/skip/files/patch-al
new file mode 100644
index 000000000000..0ad2024e1558
--- /dev/null
+++ b/security/skip/files/patch-al
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/Name.C skipsrc-1.0/certs/lib/Name.C
+--- skipsrc-1.0.orig/certs/lib/Name.C	Fri Oct 25 13:11:40 1996
++++ skipsrc-1.0/certs/lib/Name.C	Fri Nov 21 11:39:11 1997
+@@ -48,6 +48,7 @@
+ #include <stdarg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <string.h>
+ #include "Time.h"
+ #include "Bigint.h"
+ #include "Bstream.h"
diff --git a/security/skip/files/patch-am b/security/skip/files/patch-am
new file mode 100644
index 000000000000..b5c1e1a5f684
--- /dev/null
+++ b/security/skip/files/patch-am
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/SkipCert.C skipsrc-1.0/certs/lib/SkipCert.C
+--- skipsrc-1.0.orig/certs/lib/SkipCert.C	Fri Oct 25 13:11:43 1996
++++ skipsrc-1.0/certs/lib/SkipCert.C	Fri Nov 21 11:39:11 1997
+@@ -46,6 +46,7 @@
+ 
+ #include <sys/types.h>
+ #include <stdio.h>
++#include <string.h>
+ 
+ #include "Bstream.h"
+ #include "Bigint.h"
diff --git a/security/skip/files/patch-an b/security/skip/files/patch-an
new file mode 100644
index 000000000000..c17ba4b11f41
--- /dev/null
+++ b/security/skip/files/patch-an
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/Time.C skipsrc-1.0/certs/lib/Time.C
+--- skipsrc-1.0.orig/certs/lib/Time.C	Fri Oct 25 13:11:43 1996
++++ skipsrc-1.0/certs/lib/Time.C	Fri Nov 21 11:39:11 1997
+@@ -46,6 +46,7 @@
+ 
+ #include <sys/types.h>
+ #include <stdio.h>
++#include <string.h>
+ #include "Time.h"
+ #include <time.h>
+ #include <sys/time.h>
diff --git a/security/skip/files/patch-ao b/security/skip/files/patch-ao
new file mode 100644
index 000000000000..bb1d2b3ee202
--- /dev/null
+++ b/security/skip/files/patch-ao
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/asn1_der_decode.C skipsrc-1.0/certs/lib/asn1_der_decode.C
+--- skipsrc-1.0.orig/certs/lib/asn1_der_decode.C	Fri Oct 25 13:11:45 1996
++++ skipsrc-1.0/certs/lib/asn1_der_decode.C	Fri Nov 21 11:39:11 1997
+@@ -48,6 +48,7 @@
+ #include <stdarg.h>
+ #include <stdlib.h>
+ #include <stdio.h>
++#include <string.h>
+ #include "my_types.h"
+ #include "Time.h"
+ #include "Bigint.h"
diff --git a/security/skip/files/patch-ap b/security/skip/files/patch-ap
new file mode 100644
index 000000000000..1c8063f4b987
--- /dev/null
+++ b/security/skip/files/patch-ap
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/passwd_subr.C skipsrc-1.0/certs/lib/passwd_subr.C
+--- skipsrc-1.0.orig/certs/lib/passwd_subr.C	Fri Oct 25 13:11:49 1996
++++ skipsrc-1.0/certs/lib/passwd_subr.C	Fri Nov 21 11:39:11 1997
+@@ -52,6 +52,7 @@
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <string.h>
+ #include "Bstream.h"
+ #include "Bigint.h"
+ #include "ObjId.h"
diff --git a/security/skip/files/patch-aq b/security/skip/files/patch-aq
new file mode 100644
index 000000000000..d3098f900402
--- /dev/null
+++ b/security/skip/files/patch-aq
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/test_ca.C skipsrc-1.0/certs/lib/test_ca.C
+--- skipsrc-1.0.orig/certs/lib/test_ca.C	Fri Oct 25 13:11:50 1996
++++ skipsrc-1.0/certs/lib/test_ca.C	Mon Dec 15 16:56:35 1997
+@@ -46,6 +46,7 @@
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <unistd.h>
+ #include <sys/types.h>
+ #include "Time.h"
+ #include "Bigint.h"
diff --git a/security/skip/files/patch-ar b/security/skip/files/patch-ar
new file mode 100644
index 000000000000..374e06be1206
--- /dev/null
+++ b/security/skip/files/patch-ar
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/test_passwd.C skipsrc-1.0/certs/lib/test_passwd.C
+--- skipsrc-1.0.orig/certs/lib/test_passwd.C	Fri Oct 25 13:11:50 1996
++++ skipsrc-1.0/certs/lib/test_passwd.C	Mon Dec 15 16:56:09 1997
+@@ -46,6 +46,7 @@
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <unistd.h>
+ #include "Bstream.h"
+ #include "Bigint.h"
+ #include "ObjId.h"
diff --git a/security/skip/files/patch-as b/security/skip/files/patch-as
new file mode 100644
index 000000000000..c205fa903b6f
--- /dev/null
+++ b/security/skip/files/patch-as
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/certs/lib/userfuncs.C skipsrc-1.0/certs/lib/userfuncs.C
+--- skipsrc-1.0.orig/certs/lib/userfuncs.C	Fri Oct 25 13:11:51 1996
++++ skipsrc-1.0/certs/lib/userfuncs.C	Fri Nov 21 11:39:11 1997
+@@ -47,6 +47,8 @@
+ #include <sys/types.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <pwd.h>
++#include <unistd.h>
+ #include "Time.h"
+ #include "Bigint.h"
+ #include "Bstream.h"
diff --git a/security/skip/files/patch-at b/security/skip/files/patch-at
new file mode 100644
index 000000000000..a90d1aa8586f
--- /dev/null
+++ b/security/skip/files/patch-at
@@ -0,0 +1,27 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/doc/INSTALL skipsrc-1.0/doc/INSTALL
+--- skipsrc-1.0.orig/doc/INSTALL	Fri Oct 25 13:11:55 1996
++++ skipsrc-1.0/doc/INSTALL	Fri Dec  5 17:47:56 1997
+@@ -1,6 +1,13 @@
+ Quick-Start Guide
+ -----------------
+ 
++    *** 
++    ***        NOTE TO FREEBSD PORT USERS
++    *** 
++    *** If you've installed SKIP using the FreeBSD port
++    *** or package, you can go directly to step #4.
++    *** 
++
+ This is a quick-start guide for SKIP.  It covers installing the SKIP
+ binaries and setting up IP-level encryption between two hosts.
+ 
+@@ -64,7 +71,8 @@
+ View the key manager log file to see if the the certificate
+ exchange and the shared secret computation succeeded:
+ 
+-	tail /var/log/skip.log
++	tail /var/log/skiphost.log
++	tail /var/log/messages
+ 
+ If you have tcpdump, etherfind, snoop, or some other packet dumping
+ utility, you can verify that encrypted packets are using protocol 57.
diff --git a/security/skip/files/patch-au b/security/skip/files/patch-au
new file mode 100644
index 000000000000..4e9ebdb29a27
--- /dev/null
+++ b/security/skip/files/patch-au
@@ -0,0 +1,68 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/doc/README.FreeBSD skipsrc-1.0/doc/README.FreeBSD
+--- skipsrc-1.0.orig/doc/README.FreeBSD	Wed Dec 31 16:00:00 1969
++++ skipsrc-1.0/doc/README.FreeBSD	Tue Dec 23 16:23:06 1997
+@@ -0,0 +1,64 @@
++
++Some notes regarding the FreeBSD port of SKIP
++December 8, 1997
++
++- Most of the non-man page documentation has NOT be patched to
++  reflect the different locations of files, etc. The main difference
++  is that the original version of SKIP puts everything under /usr/skip,
++  wheras the FreeBSD port puts it under /usr/local (or elsewhere if
++  you set ${PREFIX}). This documentation can be found under
++  /usr/local/share/doc/skip.
++
++- SKIP is applied to packets *after* any ipfw(8) filtering is applied.
++  This is true for both incoming and outgoing packets. Note that SKIP
++  has its own access control functionality.
++
++  One way to deal with this is to do the following:
++
++  - Setup ipfw as you normally would to restrict access to your machine.
++  - Add additional ipfw rules to allow SKIP related traffic:
++    - ipfw add 10 allow 57 from any to any
++    - ipfw add 10 allow 79 from any to any (if using SunScreen mode)
++    - ipfw add 10 allow 50 from any to any (if using raw ESP/AH mode)
++    - ipfw add 10 allow 51 from any to any (if using raw ESP/AH mode)
++    - ipfw add 10 allow udp from any to <your-address> 1640
++    - ipfw add 10 allow udp from <your-address> 1640 to any
++  - Set the default rule for SKIP to be to allow access.
++
++- Skipd will logs via syslog(3) instead of logging directly
++  to /var/log/skip.log as before, using the LOG_DAEMON facility.
++
++  You may want to redirect this output to its own log file.
++  This is done by the following steps:
++
++    1. touch /var/log/skipd
++    2. Edit /etc/syslog.conf and add these lines at the end:
++
++       !skipd
++       *.*		/var/log/skipd.log
++
++    3. Edit /etc/newsyslog.conf as appropriate
++    4. Restart syslogd
++
++- Each time skip is started (at reboot time), the skiphost
++  output is written to /var/log/skiphost.log. You may also
++  want to add an entry to /etc/newsyslog.conf for this one
++  as well.
++
++- Users of skip should subscribe to the SKIP mailing list
++  by sending an email to "majordomo@skip.org" containing
++  the line "subscribe skip-info".
++
++- If you have trouble:
++
++  - If there is a problem with the port itself (e.g., it won't
++    compile on your system), use send-pr(1) to send a problem report.
++
++  - If you are having trouble with SKIP configuration, use,
++    compatibility, etc., send your questions to the SKIP
++    mailing list: skip-info@skip.org (you should subscribe
++    to it first).
++
++Thanks,
++-Archie Cobbs  <archie@whistle.com>
++
diff --git a/security/skip/files/patch-av b/security/skip/files/patch-av
new file mode 100644
index 000000000000..5e630c71a49d
--- /dev/null
+++ b/security/skip/files/patch-av
@@ -0,0 +1,19 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/doc/ROADMAP skipsrc-1.0/doc/ROADMAP
+--- skipsrc-1.0.orig/doc/ROADMAP	Fri Oct 25 13:11:55 1996
++++ skipsrc-1.0/doc/ROADMAP	Mon Dec  8 13:00:51 1997
+@@ -1,6 +1,10 @@
+ This directory contains documentation and legal statements for this
+ release.
+ 
++README.FreeBSD			- Notes on the FreeBSD port of SKIP.
++				  All of the other documentation is NOT
++				  specific to FreeBSD.
++
+ 00README		        - Introduction, Release notes and Build 
+ 			          Instructions.  Read this first.  You
+ 				  should read this if only for the 
+@@ -24,3 +28,4 @@
+ 				  architecture and performance.
+ 
+ usersguide.*			- User's guide in various formats
++
diff --git a/security/skip/files/patch-aw b/security/skip/files/patch-aw
new file mode 100644
index 000000000000..536aac0d2203
--- /dev/null
+++ b/security/skip/files/patch-aw
@@ -0,0 +1,17 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/libdb/PORT/freebsd2.1/include/compat.h skipsrc-1.0/libdb/PORT/freebsd2.1/include/compat.h
+--- skipsrc-1.0.orig/libdb/PORT/freebsd2.1/include/compat.h	Fri Oct 25 13:12:04 1996
++++ skipsrc-1.0/libdb/PORT/freebsd2.1/include/compat.h	Tue Dec  9 11:24:35 1997
+@@ -125,13 +125,6 @@
+ #define	bcopy(a, b, n)		memmove(b, a, n)
+ #endif
+ 
+-#if defined(BSD) || defined(BSD4_3)
+-#define	strchr(a, b)		index(a, b)
+-#define	strrchr(a, b)		rindex(a, b)
+-#define	memcmp(a, b, n)		bcmp(a, b, n)
+-#define	memmove(a, b, n)	bcopy(b, a, n)
+-#endif
+-
+ /*
+  * 32-bit machine.  The db routines are theoretically independent of
+  * the size of u_shorts and u_longs, but I don't know that anyone has
diff --git a/security/skip/files/patch-ax b/security/skip/files/patch-ax
new file mode 100644
index 000000000000..d874c43a189c
--- /dev/null
+++ b/security/skip/files/patch-ax
@@ -0,0 +1,46 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/mkpkgs/freebsd/Makefile skipsrc-1.0/mkpkgs/freebsd/Makefile
+--- skipsrc-1.0.orig/mkpkgs/freebsd/Makefile	Fri Oct 25 13:12:32 1996
++++ skipsrc-1.0/mkpkgs/freebsd/Makefile	Mon Dec  8 16:34:23 1997
+@@ -64,6 +64,7 @@
+ 	$(BLD_DIR)/doc/SKIP_SOFTWARE_LICENSE \
+ 	$(BLD_DIR)/doc/BN_SOFTWARE_LICENSE \
+ 	$(BLD_DIR)/doc/README.PATENT \
++	$(BLD_DIR)/doc/README.FreeBSD \
+ 	$(BLD_DIR)/doc/00README \
+ 	$(BLD_DIR)/doc/INSTALL \
+ 	$(BLD_DIR)/doc/advanced.TOPICS \
+@@ -104,10 +105,10 @@
+ 	$(MKDIR) $(BSDPROTO)/bin
+ 	$(MKDIR) $(BSDPROTO)/doc
+ 
+-	$(INSTALL) -m 0555 $(BLD_DIR)/skip/freebsd/install.skip \
+-					$(BSDPROTO)/install.skip
+-	$(INSTALL) -m 0555 $(BLD_DIR)/admin/remove.skip	 \
+-					$(BSDPROTO)/remove.skip
++#	$(INSTALL) -m 0555 $(BLD_DIR)/skip/freebsd/install.skip \
++#					$(BSDPROTO)/install.skip
++#	$(INSTALL) -m 0555 $(BLD_DIR)/admin/remove.skip	 \
++#					$(BSDPROTO)/remove.skip
+ 
+ 	@echo "Initializing skip/etc directory"
+ 	$(INSTALL) -m 0444 $(BLD_DIR)/admin/SunICG_CA_selfcert \
+@@ -191,6 +192,8 @@
+ 		$(BSDPROTO)/doc/BN_SOFTWARE_LICENSE
+ 	$(INSTALL) -m 0644 $(BLD_DIR)/doc/README.PATENT \
+ 		$(BSDPROTO)/doc/README.PATENT
++	$(INSTALL) -m 0644 $(BLD_DIR)/doc/README.FreeBSD \
++		$(BSDPROTO)/doc/README.FreeBSD
+ 	$(INSTALL) -m 0644 $(BLD_DIR)/doc/00README \
+ 		$(BSDPROTO)/doc/00README
+ 	$(INSTALL) -m 0644 $(BLD_DIR)/doc/INSTALL \
+@@ -239,8 +242,8 @@
+ 		$(BSDPROTO)/man/man4/raw_keys.4
+ 	$(INSTALL) -m 0644 $(BLD_DIR)/certs/man/print_cert.1m \
+ 		$(BSDPROTO)/man/man1/print_cert.1
+-	(cd $(BSDBIN); tar cvf skip.tar skip)
+-	(cd $(BSDBIN); compress skip.tar)
++#	(cd $(BSDBIN); tar cvf skip.tar skip)
++#	(cd $(BSDBIN); compress skip.tar)
+ 
+ clean:
+ 	@-$(RM) -rf $(BSDBIN)
diff --git a/security/skip/files/patch-ay b/security/skip/files/patch-ay
new file mode 100644
index 000000000000..ece612801395
--- /dev/null
+++ b/security/skip/files/patch-ay
@@ -0,0 +1,73 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/bdcmod/des_ecb/dessp.c skipsrc-1.0/skip/bdcmod/des_ecb/dessp.c
+--- skipsrc-1.0.orig/skip/bdcmod/des_ecb/dessp.c	Fri Oct 25 13:12:34 1996
++++ skipsrc-1.0/skip/bdcmod/des_ecb/dessp.c	Tue Dec  9 11:34:28 1997
+@@ -2,6 +2,7 @@
+ #pragma ident "@(#)dessp.c	1.2 95/11/15 Sun Microsystems"
+ 
+ unsigned long Spbox[8][64] = {
++{
+ 0x01010400,0x00000000,0x00010000,0x01010404,
+ 0x01010004,0x00010404,0x00000004,0x00010000,
+ 0x00000400,0x01010400,0x01010404,0x00000400,
+@@ -18,6 +19,7 @@
+ 0x01000004,0x00000404,0x00010404,0x01010400,
+ 0x00000404,0x01000400,0x01000400,0x00000000,
+ 0x00010004,0x00010400,0x00000000,0x01010004,
++}, {
+ 0x80108020,0x80008000,0x00008000,0x00108020,
+ 0x00100000,0x00000020,0x80100020,0x80008020,
+ 0x80000020,0x80108020,0x80108000,0x80000000,
+@@ -34,6 +36,7 @@
+ 0x00100020,0x80008020,0x80000020,0x00100020,
+ 0x00108000,0x00000000,0x80008000,0x00008020,
+ 0x80000000,0x80100020,0x80108020,0x00108000,
++}, {
+ 0x00000208,0x08020200,0x00000000,0x08020008,
+ 0x08000200,0x00000000,0x00020208,0x08000200,
+ 0x00020008,0x08000008,0x08000008,0x00020000,
+@@ -50,6 +53,7 @@
+ 0x00000008,0x00020208,0x00020200,0x08000008,
+ 0x08020000,0x08000208,0x00000208,0x08020000,
+ 0x00020208,0x00000008,0x08020008,0x00020200,
++}, {
+ 0x00802001,0x00002081,0x00002081,0x00000080,
+ 0x00802080,0x00800081,0x00800001,0x00002001,
+ 0x00000000,0x00802000,0x00802000,0x00802081,
+@@ -66,6 +70,7 @@
+ 0x00800001,0x00002001,0x00802080,0x00800081,
+ 0x00002001,0x00002080,0x00800000,0x00802001,
+ 0x00000080,0x00800000,0x00002000,0x00802080,
++}, {
+ 0x00000100,0x02080100,0x02080000,0x42000100,
+ 0x00080000,0x00000100,0x40000000,0x02080000,
+ 0x40080100,0x00080000,0x02000100,0x40080100,
+@@ -82,6 +87,7 @@
+ 0x02080000,0x00000000,0x40080000,0x42000000,
+ 0x00080100,0x02000100,0x40000100,0x00080000,
+ 0x00000000,0x40080000,0x02080100,0x40000100,
++}, {
+ 0x20000010,0x20400000,0x00004000,0x20404010,
+ 0x20400000,0x00000010,0x20404010,0x00400000,
+ 0x20004000,0x00404010,0x00400000,0x20000010,
+@@ -98,6 +104,7 @@
+ 0x00000010,0x00004000,0x20400000,0x00404010,
+ 0x00004000,0x00400010,0x20004010,0x00000000,
+ 0x20404000,0x20000000,0x00400010,0x20004010,
++}, {
+ 0x00200000,0x04200002,0x04000802,0x00000000,
+ 0x00000800,0x04000802,0x00200802,0x04200800,
+ 0x04200802,0x00200000,0x00000000,0x04000002,
+@@ -114,6 +121,7 @@
+ 0x00200800,0x00000000,0x00000002,0x04200802,
+ 0x00000000,0x00200802,0x04200000,0x00000800,
+ 0x04000002,0x04000800,0x00000800,0x00200002,
++}, {
+ 0x10001040,0x00001000,0x00040000,0x10041040,
+ 0x10000000,0x10001040,0x00000040,0x10000000,
+ 0x00040040,0x10040000,0x10041040,0x00041000,
+@@ -130,4 +138,5 @@
+ 0x10040000,0x10001000,0x10001040,0x00000000,
+ 0x10041040,0x00041000,0x00041000,0x00001040,
+ 0x00001040,0x00040040,0x10000000,0x10041000,
++},
+ };
diff --git a/security/skip/files/patch-az b/security/skip/files/patch-az
new file mode 100644
index 000000000000..2d97eac4f498
--- /dev/null
+++ b/security/skip/files/patch-az
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/bdcmod/fast_des_cbc/descbc.c skipsrc-1.0/skip/bdcmod/fast_des_cbc/descbc.c
+--- skipsrc-1.0.orig/skip/bdcmod/fast_des_cbc/descbc.c	Fri Oct 25 13:12:36 1996
++++ skipsrc-1.0/skip/bdcmod/fast_des_cbc/descbc.c	Mon Dec 15 17:41:10 1997
+@@ -424,7 +424,7 @@
+ 		return;
+ 	cs=(struct des_cbc_state *)csp;
+ 
+-	*payload = IPPROTO_ENCAP;
++	*payload = IPPROTO_IPIP;
+ 
+ 	ks = (unsigned long *)(cs->keysched);
+ 	mod8 = (len & 0x07);	/* technically this is (len % 8) */
diff --git a/security/skip/files/patch-ba b/security/skip/files/patch-ba
new file mode 100644
index 000000000000..18e09d8b3ba4
--- /dev/null
+++ b/security/skip/files/patch-ba
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/bdcmod/simplecrypt/simplecrypt.c skipsrc-1.0/skip/bdcmod/simplecrypt/simplecrypt.c
+--- skipsrc-1.0.orig/skip/bdcmod/simplecrypt/simplecrypt.c	Fri Oct 25 13:12:38 1996
++++ skipsrc-1.0/skip/bdcmod/simplecrypt/simplecrypt.c	Mon Dec 15 17:41:14 1997
+@@ -335,7 +335,7 @@
+ 	register char		*s = keyp->buf;
+ 	register char		*e = keyp->buf + keyp->len;
+ 
+-	*payload_type = IPPROTO_ENCAP;
++	*payload_type = IPPROTO_IPIP;
+ 
+ 	/*
+ 	 * exclusive-or the key over the buffer
diff --git a/security/skip/files/patch-bb b/security/skip/files/patch-bb
new file mode 100644
index 000000000000..e684daa9dfdb
--- /dev/null
+++ b/security/skip/files/patch-bb
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/common/skip_keystore.c skipsrc-1.0/skip/common/skip_keystore.c
+--- skipsrc-1.0.orig/skip/common/skip_keystore.c	Fri Oct 25 13:12:41 1996
++++ skipsrc-1.0/skip/common/skip_keystore.c	Mon Dec 15 17:41:20 1997
+@@ -308,7 +308,7 @@
+ 		/*
+ 	 	 * SKIP tunneling mode
+ 	 	 */
+-		params->payload_type = IPPROTO_ENCAP;
++		params->payload_type = IPPROTO_IPIP;
+ 	}
+ 	/*
+ 	 * Return offset of data to decrypt
diff --git a/security/skip/files/patch-bc b/security/skip/files/patch-bc
new file mode 100644
index 000000000000..0177ad2efe22
--- /dev/null
+++ b/security/skip/files/patch-bc
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/freebsd/Makefile.defs skipsrc-1.0/skip/freebsd/Makefile.defs
+--- skipsrc-1.0.orig/skip/freebsd/Makefile.defs	Fri Oct 25 13:12:42 1996
++++ skipsrc-1.0/skip/freebsd/Makefile.defs	Fri Nov 21 11:39:11 1997
+@@ -93,7 +93,7 @@
+ 
+ # Kernel compilation flags
+ #
+-K_FLAGS_FREEBSD_gnu	= -DKERNEL -DFREEBSD
++K_FLAGS_FREEBSD_gnu	= -DKERNEL -DACTUALLY_LKM_NOT_KERNEL
+ 
+ # OS Libraries
+ #
diff --git a/security/skip/files/patch-bd b/security/skip/files/patch-bd
new file mode 100644
index 000000000000..e3f4a1a5e0ef
--- /dev/null
+++ b/security/skip/files/patch-bd
@@ -0,0 +1,137 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/freebsd/rc skipsrc-1.0/skip/freebsd/rc
+--- skipsrc-1.0.orig/skip/freebsd/rc	Fri Oct 25 13:13:19 1996
++++ skipsrc-1.0/skip/freebsd/rc	Thu Dec 18 10:50:34 1997
+@@ -44,22 +44,30 @@
+  
+ #pragma ident "@(#)rc	1.5 96/10/08 Sun Microsystems"
+ #
+-PATH=/bin:/usr/bin:/sbin:/usr/ucb:/usr/etc
+-SKIP_PATH=${SKIP_PATH-/usr/skip}
+-SKIPD=/usr/skip/bin/skipd
+-SKIP_HOST=/usr/skip/bin/skiphost
+-SKIP_VAR_CMD=/usr/skip/bin/skipvar
+-SKIP_SECURE_HOSTS=/etc/skip/hosts
+-SKIP_ETC=/etc/skip
+-SKIP_VAR=/var/skip
++
++PATH=/bin:/usr/bin:/sbin:/usr/sbin
++PREFIX=@@PREFIX@@
++
++SKIP_BIN=${PREFIX}/bin
++SKIP_ETC=${PREFIX}/etc/skip
++SKIP_LKM=${PREFIX}/lkm
++
++SKIPD=${SKIP_BIN}/skipd
++SKIP_HOST=${SKIP_BIN}/skiphost
++SKIP_MKDEV=${SKIP_ETC}/skip.mkdev
++SKIP_SECURE_HOSTS=${SKIP_ETC}/hosts
++
++SKIP_VAR=/var/tmp
+ VAR_SIZE=830
+-SKIP_REQ_FILES="$SKIP_PATH/drv/skip.o $SKIP_ETC/skip.mkdev"
+-PSEUDO_DRVS="skip"
++
++SKIP_REQ_FILES="${SKIP_LKM}/skip.o ${SKIP_ETC}/skip.mkdev"
++SKIP_MOD="skip_mod"
+ 
+ verify_owner()
+ {
+ 	me=`whoami`
+ 	if [ $me != "root" ]; then
++		echo ""
+ 		echo "skip: this script must be run as root ... fatal error"
+ 		exit 1
+ 	fi
+@@ -68,6 +76,7 @@
+ pre_checks() {
+ 	for FILE in $SKIP_REQ_FILES; do
+ 	if [ ! -f $FILE ]; then
++		echo ""
+ 		echo "skip: installation problem detected"
+ 		echo "skip: $FILE not found"
+ 		echo "skip: please refer to installation guide"
+@@ -76,6 +85,7 @@
+ 	done
+ 
+ 	if [ ! -w $SKIP_VAR ]; then
++		echo ""
+ 		echo "skip: can not write to $SKIP_VAR"
+ 		exit 1
+ 	fi
+@@ -85,11 +95,12 @@
+ 
+ 	sync
+ 
+-	DISK_AVAIL=`df $SKIP_VAR | awk 'NR==2 {x=$4}
++	DISK_AVAIL=`df -k $SKIP_VAR | awk 'NR==2 {x=$4}
+ 		NR==3 {x=$3}
+ 		END  {print x}'`
+ 
+ 	if [ $DISK_AVAIL -lt $VAR_SIZE ]; then
++		echo ""
+ 		echo "skip: not enough space available in $SKIP_VAR"
+ 		echo "skip: $VAR_SIZE kbytes will be required to run the product"
+ 	exit 1
+@@ -98,45 +109,37 @@
+ 
+ load_driver()
+ {
+-	modstat > $SKIP_VAR/modules
+-
+-	# load pseudo-drivers
+-	for driver in $PSEUDO_DRVS; do
++	modstat | awk '{ print $8 }' | grep ${SKIP_MOD} > /dev/null 2>&1
+ 
+-		awk '{ print $8 }' $SKIP_VAR/modules | grep $driver > /dev/null 2>&1
++	if [ $? -ne 0 ]; then
++		modload -q -o ${SKIP_VAR}/${SKIP_MOD}.out \
++			-p ${SKIP_MKDEV} ${SKIP_LKM}/skip.o > /dev/null
++		if [ $? -ne 0 ]; then
++			echo ""
++			echo "skip: failed to load driver"
++			echo "skip: perhaps too many drivers are loaded?"
++			exit 1
++		fi
+ 
+-		if [ $? -eq 0 ]; then
+-			echo "skip: driver already loaded"
+-		else
+-			echo "skip: loading driver"
+-			modload -o $SKIP_VAR/$driver \
+-				-p $SKIP_ETC/$driver.mkdev \
+-				$SKIP_PATH/drv/$driver.o> /dev/null
+-
+-
+-			if [ $? -ne 0 ]; then
+-				echo "skip: failed to load driver"
+-				echo "skip: perhaps too many drivers are loaded?"
+-				exit 1
+-			fi
++	fi
+ 
+-		fi
+-	done
+ }
+ 
+ start_daemons() {
+ 	if [ -x $SKIPD ]; then
+-		echo -n "starting skip key manager daemon"
+-		$SKIPD > /var/log/skipd.log &
+-		echo "."
++		$SKIPD
+ 	fi
+ 
+ 	if [ -x $SKIP_SECURE_HOSTS -a -x $SKIP_HOST ]; then
+-		$SKIP_SECURE_HOSTS >> /var/log/skipd.log 2>&1 &
++		$SKIP_SECURE_HOSTS >> /var/log/skiphost.log 2>&1 &
+ 	fi
+ }
+ 
+ # main
++
++# keep console output pretty
++echo -n " skip"
++
+ verify_owner
+ pre_checks
+ load_driver
diff --git a/security/skip/files/patch-be b/security/skip/files/patch-be
new file mode 100644
index 000000000000..fbfae2ba743c
--- /dev/null
+++ b/security/skip/files/patch-be
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/freebsd/skip.mkdev skipsrc-1.0/skip/freebsd/skip.mkdev
+--- skipsrc-1.0.orig/skip/freebsd/skip.mkdev	Fri Oct 25 13:13:20 1996
++++ skipsrc-1.0/skip/freebsd/skip.mkdev	Thu Dec  4 17:53:18 1997
+@@ -48,7 +48,7 @@
+ SKIP_KEYMGRD_MINOR=0
+ SKIP_ACL_NODE=/dev/skip
+ SKIP_MAX_OPENS=16
+-PATH=/bin:/usr/ucb:/sbin:
++PATH=/bin:/usr/bin:/sbin:/usr/sbin
+ 
+ if [ $# != 3 ]; then
+ 	exit
diff --git a/security/skip/files/patch-bf b/security/skip/files/patch-bf
new file mode 100644
index 000000000000..40c8b6c44f31
--- /dev/null
+++ b/security/skip/files/patch-bf
@@ -0,0 +1,98 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/freebsd/skip_es.c skipsrc-1.0/skip/freebsd/skip_es.c
+--- skipsrc-1.0.orig/skip/freebsd/skip_es.c	Fri Oct 25 13:12:42 1996
++++ skipsrc-1.0/skip/freebsd/skip_es.c	Mon Dec 15 17:41:37 1997
+@@ -81,6 +81,11 @@
+ static unsigned short	skip_pktid;
+ static skip_softc_t	skip_softc[SKIP_MAX_OPENS];
+ 
++#ifdef NEW_TIMEOUT_INTERFACE
++static struct callout_handle
++	skip_timeout_handle = CALLOUT_HANDLE_INITIALIZER(&skip_timeout_handle);
++#endif
++
+ /*
+  * statistics
+  */
+@@ -252,7 +257,8 @@
+ 		for (pr = inetdomain.dom_protosw;
+ 			pr < inetdomain.dom_protoswNPROTOSW; pr++) {
+ 
+-			pr->pr_input = skip_ifinput;
++			pr->pr_input =
++				(void (*)(struct mbuf *, int)) skip_ifinput;
+ 		}
+ 		splx(s);
+ 	}
+@@ -788,7 +794,11 @@
+ static void
+ skip_inittimers()
+ {
++#ifdef NEW_TIMEOUT_INTERFACE
++	skip_timeout_handle = timeout(skip_timer, NULL, skip_key_tick * hz);
++#else
+ 	timeout(skip_timer, NULL, skip_key_tick * hz);
++#endif
+ }
+  
+ /* skip_uninittimers()
+@@ -800,7 +810,12 @@
+ static void
+ skip_uninittimers()
+ {
++#ifdef NEW_TIMEOUT_INTERFACE
++	untimeout(skip_timer, NULL, skip_timeout_handle);
++	callout_handle_init(&skip_timeout_handle);
++#else
+ 	untimeout(skip_timer, NULL);
++#endif
+ }
+  
+ /* skip_timer()
+@@ -819,7 +834,11 @@
+ 	 * run through the key store
+ 	 */
+ 	skip_key_iterate(skip_key_check, NULL);
++#ifdef NEW_TIMEOUT_INTERFACE
++	skip_timeout_handle = timeout(skip_timer, NULL, skip_key_tick * hz);
++#else
+ 	timeout(skip_timer, NULL, skip_key_tick * hz);
++#endif
+ }
+ 
+ #ifdef notdef
+@@ -1718,7 +1737,7 @@
+ 		 */
+ 		decryptbuf->m_data += iphlen;
+ 	
+-                SKIP_DEBUG2("skip_ifinput: decryptbuf m_len=%d m_data=%d\n",
++                SKIP_DEBUG2("skip_ifinput: decryptbuf m_len=%d m_data=%p\n",
+                                         decryptbuf->m_len, decryptbuf->m_data);
+ 
+ 	} 
+@@ -2005,7 +2024,7 @@
+ 			if (params.kp_alg) {
+ 				newip->ip_p = SKIP_NEXT_ESP;
+ 			} else {
+-				newip->ip_p = IPPROTO_ENCAP;
++				newip->ip_p = IPPROTO_IPIP;
+ 			}
+ 		}
+ 		skip_if->stats.skip_if_raw_out++;
+@@ -2097,7 +2116,7 @@
+ 	register skip_param_t   *params = &res->params;
+ 	register struct ip      *ip = mtod(original, struct ip *);
+ 	int                     rc, s, iphlen;
+-	struct mbuf             *outbuf, *new_hdr;
++	struct mbuf             *outbuf;
+ 
+ 	SKIP_PRINT("skip_decrypt_done", params);
+ 
+@@ -2125,7 +2144,7 @@
+ 	 */
+ 	outbuf = (res->modes & SKIP_CRYPT_ON) ? m : original;
+ 
+-	if (res->proto != IPPROTO_ENCAP) {
++	if (res->proto != IPPROTO_IPIP) {
+ 		/*
+ 		 * transport mode, need to copy original IP header
+ 		 */
diff --git a/security/skip/files/patch-bg b/security/skip/files/patch-bg
new file mode 100644
index 000000000000..537173a5c80c
--- /dev/null
+++ b/security/skip/files/patch-bg
@@ -0,0 +1,176 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/freebsd/skip_os.h skipsrc-1.0/skip/freebsd/skip_os.h
+--- skipsrc-1.0.orig/skip/freebsd/skip_os.h	Fri Oct 25 13:12:43 1996
++++ skipsrc-1.0/skip/freebsd/skip_os.h	Mon Dec 15 17:44:31 1997
+@@ -54,7 +54,6 @@
+ #ifndef KERNEL
+ #include <stdio.h>
+ #include <string.h>
+-#include <strings.h>
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <unistd.h>
+@@ -69,6 +68,12 @@
+ #include <dirent.h>
+ #endif
+ 
++#include <osreldate.h>
++
++#ifdef KERNEL
++#include <sys/cdefs.h>
++#endif
++
+ #include <sys/types.h>
+ #include <sys/errno.h>
+ #include <sys/time.h>
+@@ -83,10 +88,14 @@
+ #include <sys/file.h>
+ #include <sys/sockio.h>
+ #include <sys/wait.h>
++#include <sys/fcntl.h>
+ 
+ #ifndef  __cplusplus
+ #include <machine/cpu.h>
+ #include <net/if.h>
++#if __FreeBSD_version >= 300000
++#include <net/if_var.h>
++#endif
+ #include <netinet/in_systm.h>
+ #endif
+ #include <netinet/in.h>
+@@ -94,8 +103,8 @@
+ #include <netinet/ip.h>
+ #include <netinet/udp.h>
+ #include <netinet/in_var.h>
+-#include <arpa/inet.h>
+ #endif
++#include <arpa/inet.h>
+ 
+ /* 
+  * Basic required types and constants
+@@ -116,6 +125,7 @@
+ #include <sys/sysent.h>
+ #include <sys/exec.h>
+ #include <sys/lkm.h>
++#include <sys/sysproto.h>
+ #include <sys/protosw.h>
+ #include <net/route.h>
+ #include <sys/kernel.h>
+@@ -123,6 +133,7 @@
+ #include <net/netisr.h>
+ #include <sys/proc.h>
+ #include <sys/device.h>
++#include <sys/libkern.h>
+ 
+ #define	PANIC(s)		panic(s)
+ 
+@@ -131,11 +142,17 @@
+  */
+ #define	SYSMEM_ALLOC(size)	malloc((u_long)size, M_PCB, M_NOWAIT) 
+ #define	SYSMEM_FREE(m, n)	free(m, M_PCB)
+-#define	BCOPY(s, d, n)		bcopy((caddr_t) s, (caddr_t) d, n)
+-#define	BZERO(s, n)		bzero((caddr_t) s, n)
+-#define	BCMP(s, d, n)		bcmp((caddr_t) s, (caddr_t) d, n)
+ #define	STATIC			static
+ 
++/*
++ * The kernel doesn't have memcpy() or memcmp(), but gcc will inline them
++ */
++#ifdef KERNEL
++extern int	memcmp(const void *, const void *, size_t);
++#endif
++#define	BCOPY(s, d, n)		memcpy((caddr_t) (d), (caddr_t) (s), n)
++#define	BCMP(s, d, n)		memcmp((caddr_t) (d), (caddr_t) (s), n)
++#define	BZERO(s, n)		bzero((caddr_t) (s), n)
+ 
+ #define ALIGNED(x)		(((unsigned int)(x)&(skip_alignment - 1)) == 0)
+ 
+@@ -205,26 +222,21 @@
+ }
+ 
+ /*
++ * Whether to use old or new timeout()/untimeout() interface
++ */
++#if __FreeBSD_version >= 300001
++#define NEW_TIMEOUT_INTERFACE
++#endif
++
++/*
+  * ANSI prototypes for system routines
+  */
++#if __FreeBSD_version < 300000
+ extern int			splimp();
+ extern int			splnet();
+-extern void			splx(int);
+-extern void			m_freem(struct mbuf *);
+-extern void			panic(const char *, ...);
+-extern int			tsleep(void *, int, char *, int);
+-extern void			wakeup(void *);
+-extern int			uiomove(caddr_t, int, struct uio *);
+-extern int     			copyin(void *, void *, u_int );
+-extern int			copyout(void *, void *, u_int);
+-extern int			mclget(struct mbuf *);
+-extern int			m_cpytoc(struct mbuf *, int, int, caddr_t);
+-
+-extern void 			log(int, const char *, ...);
+-
+-extern char			*strncpy(char *, const char *, size_t);
++extern void			splx(int s);
++#endif
+ 
+-extern void			printf(const char *, ...);
+ #else /* KERNEL */
+ 
+ /*
+@@ -251,37 +263,12 @@
+ #endif
+ #define	STATIC
+ 
+-/*
+- * ANSI prototypes for C library routines and syscalls
+- */
+-extern int			gethostname(char *, int);
+-extern int			fprintf(FILE *, const char *, ...);
+-extern int			fflush(FILE *);
+-extern int			fgetc(FILE *);
+-extern int			fseek(FILE *, long, int);
+-extern size_t			fread(void *, size_t, size_t, FILE *);
+-extern int			fclose(FILE *);
+-extern int			socket(int, int, int);
+-extern int			ioctl(int, int, ...);
+-extern int			pclose(FILE *);
+-/*extern int			getrlimit(int, struct rlimit *); */
+-extern void			perror(const char *);
+-extern time_t			time(time_t *);
+-extern int			getopt(int, char * const *, const char *);
+-extern int			sscanf(const char *, const char *, ...);
+-
+ #endif /* KERNEL */
+ 
+-/* XXX Bad IPPROTO_ENCAP define  ? */
+-#ifdef IPPROTO_ENCAP
+-#undef IPPROTO_ENCAP
+-#endif
+-#define IPPROTO_ENCAP		4
+-
+ /* SKIP specific */
+ 
+-#define SKIP_DIR		"/etc/skip/"
+-#define SKIP_BIN		"/usr/skip/bin"
++#define SKIP_DIR		"@@PREFIX@@/etc/skip/"
++#define SKIP_BIN		"@@PREFIX@@/bin"
+ #define KEYMGR			"/dev/skip_key"
+ 
+ /*
+@@ -306,12 +293,6 @@
+ /* General purpose */
+ 
+ typedef unsigned char byte;
+-
+-#if 0
+-extern void			bcopy(void *, void *, int);
+-extern void			bzero(void *, int);
+-extern int			bcmp(void *, void *, int);
+-#endif
+ 
+ #define	SKIP_IFCMP(if1, if2)    strcmp(if1, if2)
+ 
diff --git a/security/skip/files/patch-bh b/security/skip/files/patch-bh
new file mode 100644
index 000000000000..b528ca23c257
--- /dev/null
+++ b/security/skip/files/patch-bh
@@ -0,0 +1,89 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/freebsd/skip_wrapper.c skipsrc-1.0/skip/freebsd/skip_wrapper.c
+--- skipsrc-1.0.orig/skip/freebsd/skip_wrapper.c	Fri Oct 25 13:12:43 1996
++++ skipsrc-1.0/skip/freebsd/skip_wrapper.c	Mon Dec 22 12:48:43 1997
+@@ -66,18 +66,7 @@
+ #include <skip_es.h>
+ #include <skip_if.h>
+ 
+-
+-/*
+- * SunOS 4.1.x loadable driver wrapper for the SKIP module
+- */
+-extern char		skip_module_name[];
+-
+-/*
+- * Module linkage information for the kernel.
+- */
+-extern int		nulldev();
+-
+-struct cfdriver skipcd=
++struct cfdriver skipcd =
+         { NULL, "skip", NULL, NULL, DV_DULL, 0 };
+ 
+ struct cdevsw skipdevsw = {
+@@ -85,36 +74,55 @@
+ 	NULL, NULL, NULL, skip_ifselect, NULL, NULL 
+ };
+ 
+-MOD_DEV("skipmod", LM_DT_CHAR, -1, (void *)&skipdevsw)
++/* The following is necessary to work around a bug in versions
++   of FreeBSD's lkm.h up to and including 2.2.5 */
++
++#if __FreeBSD__ >= 2
++#include <osreldate.h>
++#if __FreeBSD_version <= 225000
++#define skip_module _module
++#endif
++#endif
++
++MOD_DEV(skip, LM_DT_CHAR, -1, (void *)&skipdevsw);
+ 
+ extern int		skip_init(), skip_uninit();
+ 
+ /*ARGSUSED*/
+-int
+-skipmod_load(struct lkm_table *lkmtp, int cmd)
++static int
++skip_load(struct lkm_table *lkmtp, int cmd)
+ {
+-
+ 	int rc;
++
+ 	rc = skip_init();
+ 	if (rc != 0) {
+ 		return (rc);
+ 	}
+-	uprintf("skip: driver loaded\n");
++	log(LOG_INFO, "skip: driver loaded\n");
+ 	return (0);
+ }
+ 
+-skipmod_unload(struct lkm_table *lkmtp, int cmd)
++static int
++skip_unload(struct lkm_table *lkmtp, int cmd)
+ {
+-	
+ 	int rc;
++
+ 	rc = skip_uninit();
+ 	if (rc == 0) {
+-		uprintf("skip: driver unloaded\n");
++		log(LOG_INFO, "skip: driver unloaded\n");
+ 	}
+ 	return (rc);
+ }
+ 
+-xxxinit(struct lkm_table *lkmtp, int cmd, int ver)
++static int
++skip_stat(struct lkm_table *lkmtp, int cmd)
++{
++	return(ENOSYS);
++}
++
++int
++skip(struct lkm_table *lkmtp, int cmd, int ver)
+ {
+-	DISPATCH(lkmtp, cmd, ver, skipmod_load, skipmod_unload, nosys);
++	MOD_DISPATCH(skip, lkmtp, cmd, ver, skip_load, skip_unload, skip_stat);
+ }
++
diff --git a/security/skip/files/patch-bi b/security/skip/files/patch-bi
new file mode 100644
index 000000000000..47e937b11173
--- /dev/null
+++ b/security/skip/files/patch-bi
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/include/skip_conf.h skipsrc-1.0/skip/include/skip_conf.h
+--- skipsrc-1.0.orig/skip/include/skip_conf.h	Fri Oct 25 13:12:44 1996
++++ skipsrc-1.0/skip/include/skip_conf.h	Wed Nov 26 20:13:42 1997
+@@ -58,7 +58,7 @@
+ #define SKIP_CERTSBASE			SKIP_DIR"certdb"
+ #define SKIP_SECRET_CACHE		SKIP_DIR"secret_cache"
+ #define SKIP_RAW_FILE			SKIP_DIR"raw_keys"
+-#define SKIP_PID			SKIP_DIR"skipd.pid"
++#define SKIP_PID			"/var/run/skipd.pid"
+ 
+ /* 
+  * Key manager Crypt algorithms supported
diff --git a/security/skip/files/patch-bj b/security/skip/files/patch-bj
new file mode 100644
index 000000000000..fb1335eb21f3
--- /dev/null
+++ b/security/skip/files/patch-bj
@@ -0,0 +1,24 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/cdp_queue.C skipsrc-1.0/skip/keymgrd/cdp_queue.C
+--- skipsrc-1.0.orig/skip/keymgrd/cdp_queue.C	Fri Oct 25 13:12:47 1996
++++ skipsrc-1.0/skip/keymgrd/cdp_queue.C	Tue Dec 23 13:37:22 1997
+@@ -91,17 +91,17 @@
+ 
+ 	switch (kind) {
+ 	case RESOLVER_PING:
+-		skip_log(SKIP_NOTICE, "add_cdp_resolver(@) (bilateral)");
++		skip_log(SKIP_INFO, "add_cdp_resolver(@) (bilateral)");
+ 		break;
+ 
+ 	case RESOLVER_TUNNEL:
+-		skip_log(SKIP_NOTICE, "add_cdp_resolver(=) (tunnel)");
++		skip_log(SKIP_INFO, "add_cdp_resolver(=) (tunnel)");
+ 		break;
+ 		
+ 	case RESOLVER_HOST:
+ 		if (parse_ip_address(&r.server, arg))
+ 			return;
+-		skip_log(SKIP_NOTICE, "add_cdp_resolver(%s)", arg);
++		skip_log(SKIP_INFO, "add_cdp_resolver(%s)", arg);
+ 		break;
+ 
+ 	default:
diff --git a/security/skip/files/patch-bk b/security/skip/files/patch-bk
new file mode 100644
index 000000000000..936c4991a483
--- /dev/null
+++ b/security/skip/files/patch-bk
@@ -0,0 +1,24 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skip_init.C skipsrc-1.0/skip/keymgrd/skip_init.C
+--- skipsrc-1.0.orig/skip/keymgrd/skip_init.C	Fri Oct 25 13:12:49 1996
++++ skipsrc-1.0/skip/keymgrd/skip_init.C	Tue Dec 23 13:35:05 1997
+@@ -81,7 +81,7 @@
+ 		return;
+ 	}
+ 
+-        skip_log(SKIP_NOTICE, "local name nsid=%d mkid=%s",
++        skip_log(SKIP_INFO, "local name nsid=%d mkid=%s",
+ 			      nsid, keyid.get_info_str());
+ }
+ 
+@@ -135,9 +135,9 @@
+ 	{
+        	   // Let the random number generator kick off its entropy gathering
+ 
+-           skip_log(SKIP_NOTICE, "Initializing random number generator...");
++           skip_log(SKIP_INFO, "Initializing random number generator...");
+            Bstream dummy = get_random_bytes(1);
+-	   skip_log(SKIP_NOTICE, "done");
++	   skip_log(SKIP_INFO, "done");
+ 	}
+ 
+ 	auth.load(SKIP_DIR);
diff --git a/security/skip/files/patch-bl b/security/skip/files/patch-bl
new file mode 100644
index 000000000000..65b4f91396e4
--- /dev/null
+++ b/security/skip/files/patch-bl
@@ -0,0 +1,11 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skip_keymgrsubr.C skipsrc-1.0/skip/keymgrd/skip_keymgrsubr.C
+--- skipsrc-1.0.orig/skip/keymgrd/skip_keymgrsubr.C	Fri Oct 25 13:12:49 1996
++++ skipsrc-1.0/skip/keymgrd/skip_keymgrsubr.C	Tue Nov 25 19:30:19 1997
+@@ -59,7 +59,6 @@
+ #include "SkipCert.h"
+ #include "X509skip.h"
+ #include "HashCert.h"
+-#include "malloc.h"
+ #include "utils.h"
+ #include "Sig.h"
+ #include "skip_log.h"
diff --git a/security/skip/files/patch-bm b/security/skip/files/patch-bm
new file mode 100644
index 000000000000..5294d2ababed
--- /dev/null
+++ b/security/skip/files/patch-bm
@@ -0,0 +1,39 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skip_log.C skipsrc-1.0/skip/keymgrd/skip_log.C
+--- skipsrc-1.0.orig/skip/keymgrd/skip_log.C	Fri Oct 25 13:12:50 1996
++++ skipsrc-1.0/skip/keymgrd/skip_log.C	Thu Dec  4 18:20:12 1997
+@@ -60,7 +60,7 @@
+ 	strcpy(outbuf,buf);
+ }
+ 
+-FILE *skip_log_fp = NULL;
++int skip_log_syslog = 0;
+ 
+ void skip_log(int severity, char *control,...)
+ {
+@@ -71,15 +71,15 @@
+ 	get_time(buf);
+ 	va_start(va,control);
+ 
+-	if (skip_log_fp)
+-		out = skip_log_fp;
+-	else if (severity == SKIP_NOTICE) 
+-		out=stdout;
+-	else
+-		out=stderr;
+-
+-	fprintf(out,"%s",buf);
+-	vfprintf(out, control,va);
+-	fprintf(out,"\n");
+-	fflush(out);
++	if (skip_log_syslog) {
++	  vsyslog(severity, control, va);
++	} else {
++		out = (severity == SKIP_NOTICE) ? stdout : stderr;
++		fprintf(out, "%s",buf);
++		vfprintf(out, control, va);
++		fprintf(out, "\n");
++		fflush(out);
++	}
++	va_end(va);
+ }
++
diff --git a/security/skip/files/patch-bn b/security/skip/files/patch-bn
new file mode 100644
index 000000000000..f69beab98bfa
--- /dev/null
+++ b/security/skip/files/patch-bn
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skip_log.h skipsrc-1.0/skip/keymgrd/skip_log.h
+--- skipsrc-1.0.orig/skip/keymgrd/skip_log.h	Fri Oct 25 13:12:51 1996
++++ skipsrc-1.0/skip/keymgrd/skip_log.h	Tue Dec 23 13:33:48 1997
+@@ -45,5 +45,6 @@
+ #pragma ident "@(#)skip_log.h	1.3 95/11/17"
+  
+ void skip_log(int,char*,...);
+-#define SKIP_ERROR 	1
+-#define	SKIP_NOTICE	2
++#define SKIP_ERROR 	LOG_ERR
++#define	SKIP_NOTICE	LOG_NOTICE
++#define	SKIP_INFO	LOG_INFO
diff --git a/security/skip/files/patch-bo b/security/skip/files/patch-bo
new file mode 100644
index 000000000000..a102b4ca993e
--- /dev/null
+++ b/security/skip/files/patch-bo
@@ -0,0 +1,21 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skip_msgs.C skipsrc-1.0/skip/keymgrd/skip_msgs.C
+--- skipsrc-1.0.orig/skip/keymgrd/skip_msgs.C	Fri Oct 25 13:12:51 1996
++++ skipsrc-1.0/skip/keymgrd/skip_msgs.C	Tue Dec 23 13:36:10 1997
+@@ -82,7 +82,7 @@
+         set.msgtype	= SKIP_SET_CDP_SERVER_PORT;
+         set.port	= cdp_port;
+ 	
+- 	skip_log(SKIP_NOTICE, "Setting CDP port=%d", cdp_port);
++ 	skip_log(SKIP_INFO, "Setting CDP port=%d", cdp_port);
+         fflush(stdout);
+  
+         if (put_kernel_message(fd, &set, sizeof(set)) < 0) {
+@@ -107,7 +107,7 @@
+         set.version     = version;
+         set.kij_alg     = kij_alg;
+ 	
+- 	skip_log(SKIP_NOTICE, "Setting supported kij alg=%d for version %d",
++ 	skip_log(SKIP_INFO, "Setting supported kij alg=%d for version %d",
+                                                         kij_alg, version);
+         fflush(stdout);
+  
diff --git a/security/skip/files/patch-bp b/security/skip/files/patch-bp
new file mode 100644
index 000000000000..15a20691971f
--- /dev/null
+++ b/security/skip/files/patch-bp
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skipca.C skipsrc-1.0/skip/keymgrd/skipca.C
+--- skipsrc-1.0.orig/skip/keymgrd/skipca.C	Fri Oct 25 13:12:53 1996
++++ skipsrc-1.0/skip/keymgrd/skipca.C	Fri Dec  5 15:26:53 1997
+@@ -307,7 +307,7 @@
+ 	}
+ 	if (overwrite) {
+ 		int ret;
+-		sprintf(buf,"/usr/bin/rm -rf %s", CA_PATH);
++		sprintf(buf,"/bin/rm -rf %s", CA_PATH);
+ 		ret = system(buf);
+ 		if (ret) {
+ 			fprintf(stderr,"Unable to Clean old directory %s \n",
diff --git a/security/skip/files/patch-bq b/security/skip/files/patch-bq
new file mode 100644
index 000000000000..1b31054145b2
--- /dev/null
+++ b/security/skip/files/patch-bq
@@ -0,0 +1,76 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skipd.C skipsrc-1.0/skip/keymgrd/skipd.C
+--- skipsrc-1.0.orig/skip/keymgrd/skipd.C	Fri Oct 25 13:12:54 1996
++++ skipsrc-1.0/skip/keymgrd/skipd.C	Thu Dec  4 18:25:47 1997
+@@ -48,6 +48,7 @@
+  * System includes
+  */
+ #include <skip_os.h>
++#include <err.h>
+ 
+ /*
+  * SKIP includes
+@@ -84,8 +85,9 @@
+ {
+ 	int c;
+ 	int errflag = 0;
++	int noFork = 0;
+ 
+-	while ((c = getopt(argc, argv, "vV?")) != EOF) {
++	while ((c = getopt(argc, argv, "nvV?")) != EOF) {
+ 		switch(c) {
+ 		case 'v':
+ 			verbose = 1;
+@@ -95,6 +97,9 @@
+ 			verbose = 2;
+ 			break;
+ 
++		case 'n':
++			noFork = 1;
++			break;
+ 		case '?':
+ 		default:
+ 			errflag++;
+@@ -106,34 +111,18 @@
+ 		exit(1);
+ 	}
+ 
++	if (!noFork)
+ 	{
+-		extern FILE *skip_log_fp;
+-
+-		skip_log_fp = fopen("/var/log/skipd.log", "w+");
++		extern int skip_log_syslog;
+ 
+-		// if open fails, skip_log will default to stdout/stderr
++		/* output to syslog */
++		openlog("skipd", 0, LOG_DAEMON);
++		skip_log_syslog = 1;
++
++		/* become a background daemon */
++		if (daemon(0, 0))
++			err(1, "daemon");
+ 	}
+-
+-
+-//  put ourselves into the background
+-
+-	switch (fork()) {
+-	case -1:
+-		skip_log(SKIP_ERROR, "fork failed");
+-		exit(1);
+-
+-	case 0:
+-		break;
+-
+-	default:
+-		exit(0);
+-	}
+-
+-	setsid();
+-
+-	freopen("/dev/null", "r", stdin);
+-	freopen("/dev/null", "w", stdout);
+-	freopen("/dev/null", "w", stderr);
+ 
+ 	skip_init();
+ 	skipd_loop();
diff --git a/security/skip/files/patch-br b/security/skip/files/patch-br
new file mode 100644
index 000000000000..0f52890ca702
--- /dev/null
+++ b/security/skip/files/patch-br
@@ -0,0 +1,13 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/skiplocal.C skipsrc-1.0/skip/keymgrd/skiplocal.C
+--- skipsrc-1.0.orig/skip/keymgrd/skiplocal.C	Fri Oct 25 13:12:55 1996
++++ skipsrc-1.0/skip/keymgrd/skiplocal.C	Sat Dec 20 11:26:35 1997
+@@ -88,8 +88,7 @@
+ 
+ void
+ usage(char *s){
+-	fprintf(stderr, "%s [add|export|extract|list|keygen|rm"
+-		, s);
++	fprintf(stderr, "%s [add|export|extract|list|keygen|rm]\n", s);
+ 	exit(1);
+ }
+ 
diff --git a/security/skip/files/patch-bs b/security/skip/files/patch-bs
new file mode 100644
index 000000000000..5aa638eb1f0b
--- /dev/null
+++ b/security/skip/files/patch-bs
@@ -0,0 +1,13 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/keymgrd/t_mem.c skipsrc-1.0/skip/keymgrd/t_mem.c
+--- skipsrc-1.0.orig/skip/keymgrd/t_mem.c	Fri Oct 25 13:12:55 1996
++++ skipsrc-1.0/skip/keymgrd/t_mem.c	Tue Nov 25 19:31:01 1997
+@@ -45,8 +45,7 @@
+ #pragma ident "@(#)t_mem.c	1.2 95/11/23 Sun Microsystems"
+ 
+ #include "global.h"
+-#include <memory.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include <string.h>
+ 
+ void T_memset(POINTER s, int c, unsigned int n )
diff --git a/security/skip/files/patch-bt b/security/skip/files/patch-bt
new file mode 100644
index 000000000000..8fe4122a27ac
--- /dev/null
+++ b/security/skip/files/patch-bt
@@ -0,0 +1,27 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/install_skip_keys.1m skipsrc-1.0/skip/man/install_skip_keys.1m
+--- skipsrc-1.0.orig/skip/man/install_skip_keys.1m	Fri Oct 25 13:12:56 1996
++++ skipsrc-1.0/skip/man/install_skip_keys.1m	Wed Nov 26 20:03:59 1997
+@@ -41,20 +41,13 @@
+ .RE
+ .P
+ .SH FILES
+-.SS Solaris 1.x systems:
+ .P
+-/etc/skip/certdb.dir
++@@PREFIX@@/etc/skip/certdb.dir
+ .br
+-/etc/skip/localid/..
++@@PREFIX@@/etc/skip/localid/..
+ .br
+-/etc/skip/CAs/...
++@@PREFIX@@/etc/skip/CAs/...
+ .br
+-.P
+-.SS Solaris 2.x systems:
+-.P
+-/etc/opt/SUNWicg/skip/certdb
+-/etc/opt/SUNWicg/skip/localid/...
+-/etc/opt/SUNWicg/skip/CAs/...
+ .P
+ .SH NOTES
+ Currently the name of the Certificate is hard coded into the code.  We 
diff --git a/security/skip/files/patch-bu b/security/skip/files/patch-bu
new file mode 100644
index 000000000000..8e412fc982cc
--- /dev/null
+++ b/security/skip/files/patch-bu
@@ -0,0 +1,14 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/raw_keys.4 skipsrc-1.0/skip/man/raw_keys.4
+--- skipsrc-1.0.orig/skip/man/raw_keys.4	Fri Oct 25 13:12:56 1996
++++ skipsrc-1.0/skip/man/raw_keys.4	Wed Nov 26 20:04:19 1997
+@@ -42,9 +42,4 @@
+ link.
+ .SH FILES
+ .P
+-.SH Solaris 2.x systems:
+-/etc/opt/SUNWicg/skip/raw_keys
+-.P
+-.SH Other systems:
+-.P
+-/etc/skip/raw_keys
++@@PREFIX@@/etc/skip/raw_keys
diff --git a/security/skip/files/patch-bv b/security/skip/files/patch-bv
new file mode 100644
index 000000000000..42d8dc5238cb
--- /dev/null
+++ b/security/skip/files/patch-bv
@@ -0,0 +1,21 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skip_certd.1m skipsrc-1.0/skip/man/skip_certd.1m
+--- skipsrc-1.0.orig/skip/man/skip_certd.1m	Fri Oct 25 13:12:56 1996
++++ skipsrc-1.0/skip/man/skip_certd.1m	Wed Nov 26 20:04:40 1997
+@@ -14,15 +14,10 @@
+ .SH FILES
+ .br
+ /tmp/skip_certd.log
+-.SS Solaris 1.x systems:
+ .P
+-/etc/skip/certs.dir
++@@PREFIX@@/etc/skip/certs.dir
+ .br
+-/etc/skip/certs.pag
++@@PREFIX@@/etc/skip/certs.pag
+ .P
+-.SS Solaris 2.x systems:
+-.P
+-/etc/opt/SUNWicg/skip/certs.dir
+-/etc/opt/SUNWicg/skip/certs.pag
+ .SH SEE ALSO
+ caping(1)
diff --git a/security/skip/files/patch-bw b/security/skip/files/patch-bw
new file mode 100644
index 000000000000..3161f4609937
--- /dev/null
+++ b/security/skip/files/patch-bw
@@ -0,0 +1,14 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skip_conf.1m skipsrc-1.0/skip/man/skip_conf.1m
+--- skipsrc-1.0.orig/skip/man/skip_conf.1m	Fri Oct 25 13:12:56 1996
++++ skipsrc-1.0/skip/man/skip_conf.1m	Wed Nov 26 20:08:31 1997
+@@ -28,9 +28,4 @@
+ and remove any max_certdb_size lines from \fIskipd.conf\fP.
+ .SH FILES
+ .P
+-.SH Solaris 2.x systems:
+-/etc/opt/SUNWicg/skip/skipd.conf
+-.P
+-.SH Other systems:
+-.P
+-/etc/skip/skipd.conf
++@@PREFIX@@/etc/skip/skipd.conf
diff --git a/security/skip/files/patch-bx b/security/skip/files/patch-bx
new file mode 100644
index 000000000000..d9b923ca0723
--- /dev/null
+++ b/security/skip/files/patch-bx
@@ -0,0 +1,20 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skipca.1m skipsrc-1.0/skip/man/skipca.1m
+--- skipsrc-1.0.orig/skip/man/skipca.1m	Fri Oct 25 13:12:57 1996
++++ skipsrc-1.0/skip/man/skipca.1m	Wed Nov 26 20:10:01 1997
+@@ -81,14 +81,10 @@
+ .SH FILES
+ .SS Solaris 1.x systems:
+ .P
+-/etc/skip/CAs
++@@PREFIX@@/etc/skip/CAs
+ .br
+-.SS Solaris 2.x systems:
+-.P
+-/etc/opt/SUNWicg/skip/CAs
+-.P
+ .SH SEE ALSO
+ .BR skipdb(1m)
+-.BR skiplocala(1m)
++.BR skiplocal(1m)
+ .BR skipd(1m)
+ 
diff --git a/security/skip/files/patch-by b/security/skip/files/patch-by
new file mode 100644
index 000000000000..b03d7ff0a712
--- /dev/null
+++ b/security/skip/files/patch-by
@@ -0,0 +1,24 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skipd.1m skipsrc-1.0/skip/man/skipd.1m
+--- skipsrc-1.0.orig/skip/man/skipd.1m	Fri Oct 25 13:12:57 1996
++++ skipsrc-1.0/skip/man/skipd.1m	Wed Nov 26 20:10:11 1997
+@@ -62,17 +62,9 @@
+ skipd.conf(4)
+ .P
+ .SH FILES
+-.SH Solaris 2.x systems:
+-/etc/opt/SUNWicg/skip/skipd.conf
+-.br
+-/etc/opt/SUNWicg/skip/CAs/
+-.br
+-/etc/opt/SUNWicg/skip/localid/
+-.P
+-.SH Other systems:
+ .P
+-/etc/skip/skipd.conf
++@@PREFIX@@/etc/skip/skipd.conf
+ .br
+-/etc/skip/CAs/
++@@PREFIX@@/etc/skip/CAs/
+ .br
+-/etc/skip/localid/
++@@PREFIX@@/etc/skip/localid/
diff --git a/security/skip/files/patch-bz b/security/skip/files/patch-bz
new file mode 100644
index 000000000000..33f2b30799e5
--- /dev/null
+++ b/security/skip/files/patch-bz
@@ -0,0 +1,14 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skipd.conf.4 skipsrc-1.0/skip/man/skipd.conf.4
+--- skipsrc-1.0.orig/skip/man/skipd.conf.4	Fri Oct 25 13:12:57 1996
++++ skipsrc-1.0/skip/man/skipd.conf.4	Wed Nov 26 20:10:30 1997
+@@ -85,9 +85,4 @@
+ \fIskipd.conf\fP options may be set with the \fIskip_conf\fP command.
+ .SH FILES
+ .P
+-.SH Solaris 2.x systems:
+-/etc/opt/SUNWicg/skip/skipd.conf
+-.P
+-.SH Other systems:
+-.P
+-/etc/skip/skipd.conf
++@@PREFIX@@/etc/skip/skipd.conf
diff --git a/security/skip/files/patch-ca b/security/skip/files/patch-ca
new file mode 100644
index 000000000000..7f318d1deb51
--- /dev/null
+++ b/security/skip/files/patch-ca
@@ -0,0 +1,19 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skipd_restart.1m skipsrc-1.0/skip/man/skipd_restart.1m
+--- skipsrc-1.0.orig/skip/man/skipd_restart.1m	Fri Oct 25 13:12:57 1996
++++ skipsrc-1.0/skip/man/skipd_restart.1m	Wed Nov 26 20:11:08 1997
+@@ -9,13 +9,6 @@
+ You must be root to run this command.
+ .SH FILES
+ .P
+-.SH Solaris 2.x systems:
+-/etc/opt/SUNWicg/skip/skipd.pid
++/var/run/skipd.pid
+ .br
+-/opt/SUNWicg/bin/skipd
+-.P
+-.SH Other systems:
+-.P
+-/etc/skip/skipd.pid
+-.br
+-/usr/skip/bin/skipd
++@@PREFIX@@/bin/skipd
diff --git a/security/skip/files/patch-cb b/security/skip/files/patch-cb
new file mode 100644
index 000000000000..2879bc41947d
--- /dev/null
+++ b/security/skip/files/patch-cb
@@ -0,0 +1,18 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skipdb.1m skipsrc-1.0/skip/man/skipdb.1m
+--- skipsrc-1.0.orig/skip/man/skipdb.1m	Fri Oct 25 13:12:57 1996
++++ skipsrc-1.0/skip/man/skipdb.1m	Wed Nov 26 20:11:24 1997
+@@ -79,13 +79,9 @@
+ skipdb will always return 0 on Success and non-zero on error.  An appropriate
+ error message will be written to standard error.
+ .SH FILES
+-.SS Solaris 1.x systems:
+ .P
+-/etc/skip/certdb
++@@PREFIX@@/etc/skip/certdb
+ .br
+-.SS Solaris 2.x systems:
+-.P
+-/etc/opt/SUNWicg/skip/certdb
+ .P
+ .SH SEE ALSO
+ .BR skiplocal(1m)
diff --git a/security/skip/files/patch-cc b/security/skip/files/patch-cc
new file mode 100644
index 000000000000..c379ab3f002b
--- /dev/null
+++ b/security/skip/files/patch-cc
@@ -0,0 +1,17 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skipif.1m skipsrc-1.0/skip/man/skipif.1m
+--- skipsrc-1.0.orig/skip/man/skipif.1m	Fri Oct 25 13:12:58 1996
++++ skipsrc-1.0/skip/man/skipif.1m	Wed Nov 26 20:11:45 1997
+@@ -104,12 +104,8 @@
+ skipif will advise so.
+ .SH FILES
+ .br
+-.SS Solaris 2.x systems:
+ .P
+-/etc/opt/SUNWicg/skip/acl.<interface>
+-.SS Other systems:
+-.P
+-/etc/skip/acl.<interface>
++@@PREFIX@@/etc/skip/acl.<interface>
+ .P
+ .SH SEE ALSO
+ skiphost(1M), skipstat(1M), skiptool(1M), ifconfig(1M)
diff --git a/security/skip/files/patch-cd b/security/skip/files/patch-cd
new file mode 100644
index 000000000000..3643a7316719
--- /dev/null
+++ b/security/skip/files/patch-cd
@@ -0,0 +1,18 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/man/skiplocal.1m skipsrc-1.0/skip/man/skiplocal.1m
+--- skipsrc-1.0.orig/skip/man/skiplocal.1m	Fri Oct 25 13:12:58 1996
++++ skipsrc-1.0/skip/man/skiplocal.1m	Wed Nov 26 20:11:53 1997
+@@ -171,13 +171,9 @@
+ \fBskipd_restart\fP in order for the changes to take effect.
+ .P
+ .SH FILES
+-.SS Solaris 1.x systems:
+ .P
+-/etc/skip/localids
++@@PREFIX@@/etc/skip/localids
+ .br
+-.SS Solaris 2.x systems:
+-.P
+-/etc/opt/SUNWicg/skip/localids
+ .P
+ .SH BUGS
+ skiplocal export does not work well for communicating with multiple keys.
diff --git a/security/skip/files/patch-ce b/security/skip/files/patch-ce
new file mode 100644
index 000000000000..31fadd547ff2
--- /dev/null
+++ b/security/skip/files/patch-ce
@@ -0,0 +1,92 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/tools/lib/skip_freebsd.c skipsrc-1.0/skip/tools/lib/skip_freebsd.c
+--- skipsrc-1.0.orig/skip/tools/lib/skip_freebsd.c	Fri Oct 25 13:13:02 1996
++++ skipsrc-1.0/skip/tools/lib/skip_freebsd.c	Fri Dec  5 17:33:01 1997
+@@ -235,7 +235,7 @@
+ char *
+ skip_default_if()
+ {
+-#define	SKIP_DEFAULT_IF		"eth0"	/* 3com 3c589 */
++#define	SKIP_DEFAULT_IF		"ed1"
+ 	static char		devname[MAXPATHLEN];
+ 	char			cbuf[sizeof(struct ifreq) * 16];
+ 	struct ifconf		ifc;
+@@ -244,6 +244,7 @@
+ 	struct sockaddr_in	*sa;
+ 	char			hostname[MAXHOSTNAMELEN];
+ 	int			s, n;
++	int			goodness = 0;
+ 
+ 	strcpy(devname, SKIP_DEFAULT_IF);
+ 
+@@ -253,11 +254,13 @@
+ 
+ 	hp = _skip_gethostbyname(hostname);
+ 
++#if 0
+ 	if (hp == NULL) {
+ 		return(devname);
+ 	}
++#endif
+ 
+-	if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
++	if ((s = socket(PF_INET, SOCK_RAW, 0)) < 0) {
+ 		return (devname);
+ 	}
+ 
+@@ -276,33 +279,37 @@
+ 	 * just in case the primary can't be found.
+ 	 * 
+ 	 */
+-	end = (struct ifreq *) (ifc.ifc_buf + ifc.ifc_len);
+-	while (ifr < end) {
++	for (end = (struct ifreq *) (ifc.ifc_buf + ifc.ifc_len),
++	    ifr = ifc.ifc_req;
++	  ifr < end;
++	  ifr = (struct ifreq *)
++	    ((char *) &ifr->ifr_addr + ifr->ifr_addr.sa_len))
++	{
++		int	newgoodness = 0;
+ 
+ 		strcpy(ifflags.ifr_name, ifr->ifr_name);
+ 		if (ioctl(s, SIOCGIFFLAGS, (char *) &ifflags) < 0) {
+-			/*goto out;*/
++			continue;
+ 		}
+ 		if ((ifflags.ifr_flags & (IFF_LOOPBACK|IFF_UP|IFF_RUNNING)) ==
+ 					(IFF_UP|IFF_RUNNING)) {
+-			/*
+-			 * note the interface name just in case
+-			 */
+-			strcpy(devname, ifr->ifr_name);
+-			/*
+-			 * but try to find an exact match
+-			 */
+-			sa = (struct sockaddr_in *) &ifr->ifr_addr;
+-			if (memcmp(hp->h_addr_list[0], (void *) &sa->sin_addr,
+-							hp->h_length) == 0) {
+-					break;
++			/* try to find an exact match */
++			if (hp && ifr->ifr_addr.sa_family == AF_INET) {
++			    sa = (struct sockaddr_in *) &ifr->ifr_addr;
++			    if (memcmp(hp->h_addr_list[0],
++				(void *) &sa->sin_addr, hp->h_length) == 0)
++				    break;
++			}
++			/* try to prefer ethernet interfaces */
++			if (ifflags.ifr_flags & IFF_BROADCAST)
++				newgoodness += 1;
++			if (!(ifflags.ifr_flags & IFF_POINTOPOINT))
++				newgoodness += 1;
++			if (newgoodness > goodness) {
++				strcpy(devname, ifr->ifr_name);
++				goodness = newgoodness;
+ 			}
+ 		}
+-		if(ifr->ifr_addr.sa_len)      /* Dohw! */
+-			ifr = (struct ifreq *) ((caddr_t) ifr +
+-			ifr->ifr_addr.sa_len -
+-			sizeof(struct sockaddr));
+-		ifr++;
+ 	}
+ out:
+  	(void) close(s);
diff --git a/security/skip/files/patch-cf b/security/skip/files/patch-cf
new file mode 100644
index 000000000000..7c0ce157aef5
--- /dev/null
+++ b/security/skip/files/patch-cf
@@ -0,0 +1,19 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/tools/skiptool/Makefile skipsrc-1.0/skip/tools/skiptool/Makefile
+--- skipsrc-1.0.orig/skip/tools/skiptool/Makefile	Fri Oct 25 13:13:05 1996
++++ skipsrc-1.0/skip/tools/skiptool/Makefile	Tue Nov 25 18:08:50 1997
+@@ -97,11 +97,15 @@
+ 
+ # Compiler flags.
+ 
++PREFIX?=	/usr/local
++
+ DYNAMIC_PATH	= $(DYNAMIC_$(OSNAME))
+ CFLAGS 		+= $(U_DEBUG) $(OS) -DSKIP_RELEASE="\"$(SKIP_RELEASE)\""
+ SKIPINC_DIR 	=  -I../lib -I$(COMM_INC) -I$(DRVDIR)
+ CPPFLAGS 	+= -I$(WIN_HOME)/include -DMAIN $(SKIPINC_DIR)
+ CPPFLAGS 	+= -I$(WIN_HOME)/include/pixrect
++CPPFLAGS 	+= -I${PREFIX}/include
++CPPFLAGS 	+= -I${PREFIX}/include/pixrect
+ LDFLAGS 	+= -L$(WIN_HOME)/lib $(DYNAMIC_PATH)
+ LDLIBS 		+= ../lib/$(SKIP_LIB) $(OS_LIB) -lxview -lolgx -lX11
+ 
diff --git a/security/skip/files/patch-cg b/security/skip/files/patch-cg
new file mode 100644
index 000000000000..192329de324c
--- /dev/null
+++ b/security/skip/files/patch-cg
@@ -0,0 +1,12 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/tools/skiptool/es_glue.c skipsrc-1.0/skip/tools/skiptool/es_glue.c
+--- skipsrc-1.0.orig/skip/tools/skiptool/es_glue.c	Fri Oct 25 13:13:05 1996
++++ skipsrc-1.0/skip/tools/skiptool/es_glue.c	Tue Nov 25 18:53:43 1997
+@@ -1948,7 +1948,7 @@
+ void
+ stats(int which)
+ {
+-	char					*opt, *t, s[STRSZ], *argv[12];
++	char					*opt = NULL, *t = NULL, s[STRSZ], *argv[12];
+ 	char					ifstats[STRSZ], *optarg = NULL;
+ 
+ 	switch (which) {
diff --git a/security/skip/files/patch-ch b/security/skip/files/patch-ch
new file mode 100644
index 000000000000..35d109ebe4d1
--- /dev/null
+++ b/security/skip/files/patch-ch
@@ -0,0 +1,17 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/tools/skiptool/es_ras.c skipsrc-1.0/skip/tools/skiptool/es_ras.c
+--- skipsrc-1.0.orig/skip/tools/skiptool/es_ras.c	Fri Oct 25 13:13:06 1996
++++ skipsrc-1.0/skip/tools/skiptool/es_ras.c	Tue Dec  2 17:05:13 1997
+@@ -92,6 +92,13 @@
+ 	if (stat(path, &st) == 0) {
+ 		return (path);
+ 	}
++
++	strcpy(path, SKIP_DIR);
++	strcat(path, "/");
++	strcat(path, name);
++	if (stat(path, &st) == 0) {
++		return (path);
++	}
+ 	return (NULL);
+ }
+ 
diff --git a/security/skip/files/patch-ci b/security/skip/files/patch-ci
new file mode 100644
index 000000000000..c036ead156f1
--- /dev/null
+++ b/security/skip/files/patch-ci
@@ -0,0 +1,378 @@
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/tools/skiptool/skiptool_stubs.c skipsrc-1.0/skip/tools/skiptool/skiptool_stubs.c
+--- skipsrc-1.0.orig/skip/tools/skiptool/skiptool_stubs.c	Fri Oct 25 13:13:10 1996
++++ skipsrc-1.0/skip/tools/skiptool/skiptool_stubs.c	Tue Nov 25 19:52:44 1997
+@@ -68,6 +68,10 @@
+ 
+ #include "es_glue.h"
+ 
++#ifndef __GNUC__
++#define __attribute__ (x)
++#endif
++
+ /*
+  * Global object definitions.
+  */
+@@ -173,7 +177,7 @@
+ Menu_item
+ skiptool_menu_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -206,7 +210,7 @@
+ void
+ skiptool_base_window_access_ctrl_notify_callback(Panel_item item, int value, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -231,7 +235,7 @@
+ void
+ skiptool_base_window_access_mode_notify_callback(Panel_item item, int value, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -261,7 +265,7 @@
+ void
+ skiptool_base_window_delete_button_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -280,7 +284,7 @@
+ void
+ skiptool_key_params_win_key_apply_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_key_params_win_objects *ip = (skiptool_key_params_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_key_params_win_objects *ip __attribute__ ((unused)) = (skiptool_key_params_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -302,7 +306,7 @@
+ void
+ skiptool_key_params_win_key_default_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_key_params_win_objects *ip = (skiptool_key_params_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_key_params_win_objects *ip __attribute__ ((unused)) = (skiptool_key_params_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -322,7 +326,7 @@
+ void
+ skiptool_required_win_required_add_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_required_win_objects *ip = (skiptool_required_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_required_win_objects *ip __attribute__ ((unused)) = (skiptool_required_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -341,7 +345,7 @@
+ void
+ skiptool_required_win_required_cancel_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_required_win_objects *ip = (skiptool_required_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_required_win_objects *ip __attribute__ ((unused)) = (skiptool_required_win_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -360,7 +364,7 @@
+ Menu_item
+ skiptool_help_menu_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -405,7 +409,7 @@
+ Menu_item
+ skiptool_stats_menu_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -438,7 +442,7 @@
+ Menu_item
+ skiptool_stats_menu_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -471,7 +475,7 @@
+ Menu_item
+ skiptool_stats_menu_item2_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -504,7 +508,7 @@
+ Menu_item
+ skiptool_stats_menu_item3_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -537,7 +541,7 @@
+ void
+ skiptool_hostwin_v2_s_nsid_notify_callback(Panel_item item, int value, Event *event)
+ {
+-	skiptool_hostwin_v2_objects *ip = (skiptool_hostwin_v2_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_hostwin_v2_objects *ip __attribute__ ((unused)) = (skiptool_hostwin_v2_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -572,6 +576,10 @@
+ 
+ 	case PANEL_LIST_OP_DELETE:
+ 		break;
++
++	case PANEL_LIST_OP_DESELECT:
++	case PANEL_LIST_OP_DBL_CLICK:
++		break;
+ 	}
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+ 
+@@ -601,6 +609,10 @@
+ 
+ 	case PANEL_LIST_OP_DELETE:
+ 		break;
++
++	case PANEL_LIST_OP_DESELECT:
++	case PANEL_LIST_OP_DBL_CLICK:
++		break;
+ 	}
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -616,7 +628,7 @@
+ void
+ skiptool_base_window_delete_xbutton_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+ 
+@@ -634,7 +646,7 @@
+ void
+ skiptool_base_window_to_x_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+ 
+@@ -652,7 +664,7 @@
+ void
+ skiptool_base_window_to_a_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+ 
+@@ -670,7 +682,7 @@
+ Menu_item
+ skiptool_stats_menu_item4_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -703,7 +715,7 @@
+ Menu_item
+ skiptool_stats_menu_item5_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -736,7 +748,7 @@
+ Menu_item
+ skiptool_menu_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -772,7 +784,7 @@
+ Menu_item
+ skiptool_menu_item3_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -805,7 +817,7 @@
+ Menu_item
+ skiptool_menu_item4_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -838,7 +850,7 @@
+ Menu_item
+ skiptool_version_menu_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -869,7 +881,7 @@
+ Menu_item
+ skiptool_version_menu_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -900,7 +912,7 @@
+ Menu_item
+ skiptool_version_menu_item2_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -931,7 +943,7 @@
+ Menu_item
+ skiptool_version_menu_nom_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -962,7 +974,7 @@
+ Menu_item
+ skiptool_version_menu_nom_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -993,7 +1005,7 @@
+ Menu_item
+ skiptool_version_menu_net_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1024,7 +1036,7 @@
+ Menu_item
+ skiptool_version_menu_net_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1055,7 +1067,7 @@
+ Menu_item
+ skiptool_version_menu_net_item2_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1086,7 +1098,7 @@
+ Menu_item
+ skiptool_version_menu_net_item3_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1346,7 +1358,7 @@
+ Menu_item
+ skiptool_version_menu_item3_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1377,7 +1389,7 @@
+ Menu_item
+ skiptool_xversion_menu_nom_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1410,7 +1422,7 @@
+ Menu_item
+ skiptool_xversion_menu_nom_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	Xv_opaque ip = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
++	Xv_opaque ip __attribute__ ((unused)) = (Xv_opaque) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1443,7 +1455,7 @@
+ Menu_item
+ skiptool_exc_menu_item0_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1476,7 +1488,7 @@
+ Menu_item
+ skiptool_exc_menu_item1_callback(Menu_item item, Menu_generate op)
+ {
+-	skiptool_base_window_objects * ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects * ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	switch (op) {
+ 	case MENU_DISPLAY:
+@@ -1842,7 +1854,7 @@
+ void
+ skiptool_nomwin_v2_skip_mode_notify_callback(Panel_item item, int value, Event *event)
+ {
+-	skiptool_nomwin_v2_objects *ip = (skiptool_nomwin_v2_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_nomwin_v2_objects *ip __attribute__ ((unused)) = (skiptool_nomwin_v2_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+@@ -1910,7 +1922,7 @@
+ void
+ skiptool_base_window_about_button_notify_callback(Panel_item item, Event *event)
+ {
+-	skiptool_base_window_objects *ip = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
++	skiptool_base_window_objects *ip __attribute__ ((unused)) = (skiptool_base_window_objects *) xv_get(item, XV_KEY_DATA, INSTANCE);
+ 	
+ 	/* gxv_start_connections DO NOT EDIT THIS SECTION */
+ 
diff --git a/security/skip/files/skip.mtree b/security/skip/files/skip.mtree
new file mode 100644
index 000000000000..8d3c0377fad6
--- /dev/null
+++ b/security/skip/files/skip.mtree
@@ -0,0 +1,36 @@
+# $Id$
+
+/set type=dir uname=root gname=wheel mode=0755
+.
+    bin
+    ..
+    sbin
+    ..
+    lib
+    ..
+    lkm
+    ..
+    etc
+        rc.d
+	..
+	skip
+	..
+    ..
+    man
+        cat1            uname=man
+        ..
+        cat4            uname=man
+        ..
+        man1
+        ..
+        man4
+        ..
+    ..
+    share
+        doc
+	    skip
+	    ..
+        ..
+    ..
+..
+
diff --git a/security/skip/pkg-comment b/security/skip/pkg-comment
new file mode 100644
index 000000000000..02f7ac1e21d0
--- /dev/null
+++ b/security/skip/pkg-comment
@@ -0,0 +1 @@
+Stateless IP layer security and encryption from Sun Microsystems
diff --git a/security/skip/pkg-descr b/security/skip/pkg-descr
new file mode 100644
index 000000000000..4a1056da6be3
--- /dev/null
+++ b/security/skip/pkg-descr
@@ -0,0 +1,25 @@
+
+This is from http://skip.incog.com:
+
+  SKIP - Simple Key management for Internet Protocols
+
+  IP-Level Cryptography
+  Secure every application with one protocol 
+
+  SKIP secures the network at the IP packet level. Any networked
+  application gains the benefits of encryption, without requiring
+  modification. SKIP is unique in that an Internet host can send an
+  encrypted packet to another host without requiring a prior message
+  exchange to set up a secure channel. SKIP is particularly well-suited
+  to IP networks, as both are stateless protocols. Some of the
+  advantages of SKIP include:
+
+    - No connection setup overhead
+    - High availability - encryption gateways that fail can reboot and
+	resume decrypting packets instantly, without having to renegotiate
+	(potentially thousands) of existing connections
+    - Allows uni-directional IP (e.g., IP broadcast via satellite or cable)
+    - Scalable multicast key distribution
+    - SKIP gateways can be configured in parallel to perform instant-failover
+
+Archie Cobbs <archie@whistle.com>
diff --git a/security/skip/pkg-plist b/security/skip/pkg-plist
new file mode 100644
index 000000000000..7656379c66ab
--- /dev/null
+++ b/security/skip/pkg-plist
@@ -0,0 +1,60 @@
+bin/skiptool
+bin/skiphost
+bin/skipstat
+bin/skiplog
+bin/skipstat_ui
+bin/skipvar
+bin/test_key
+bin/skipd
+bin/skipdb
+bin/skipca
+bin/skiplocal
+bin/certreq
+bin/X509toHashCert
+bin/dh_keygen
+bin/print_cert
+bin/install_skip_keys
+bin/skipd_restart
+bin/skipif
+bin/skip_conf
+man/man1/certreq.1.gz
+man/man1/skiphost.1.gz
+man/man1/skipstat.1.gz
+man/man1/skiptool.1.gz
+man/man1/skipd.1.gz
+man/man1/skipdb.1.gz
+man/man1/skipca.1.gz
+man/man1/skiplocal.1.gz
+man/man1/install_skip_keys.1.gz
+man/man1/skipd_restart.1.gz
+man/man1/skipif.1.gz
+man/man1/skip_conf.1.gz
+man/man1/skiplog.1.gz
+man/man1/print_cert.1.gz
+man/man4/skipd.conf.4.gz
+man/man4/raw_keys.4.gz
+etc/rc.d/skip.sh
+etc/skip/skip.mkdev
+etc/skip/dh_params
+etc/skip/skipd.conf
+etc/skip/hosts
+etc/skip/SunICG_CA_selfcert
+etc/skip/none.ras
+etc/skip/unknown.ras
+etc/skip/icon_v1.ras
+etc/skip/icon_v2.ras
+etc/skip/skiptool_small.ras
+etc/skip/updated.ras
+etc/skip/nomadic.ras
+share/doc/skip/SKIP_SOFTWARE_LICENSE
+share/doc/skip/BN_SOFTWARE_LICENSE
+share/doc/skip/README.PATENT
+share/doc/skip/00README
+share/doc/skip/INSTALL
+share/doc/skip/README.FreeBSD
+share/doc/skip/advanced.TOPICS
+share/doc/skip/usersguide.txt
+share/doc/skip/usersguide.ps
+share/doc/skip/usersguide.html
+share/doc/skip/inet-95.ps
+lkm/skip.o
diff --git a/security/skip/scripts/post-install b/security/skip/scripts/post-install
new file mode 100644
index 000000000000..c761d496c7e4
--- /dev/null
+++ b/security/skip/scripts/post-install
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+# This is an interactive script to setup SKIP keys, etc.
+
+SKIP_ETC="${PREFIX}/etc/skip"
+SKIP_BIN="${PREFIX}/bin"
+
+Confirm()
+{
+  while true; do
+  {
+    YESNO="$2"
+    echo -n "$1? [${YESNO}] "
+    read NEWYESNO
+    if [ "${NEWYESNO}" != "" ]; then
+      YESNO=${NEWYESNO}
+    fi
+    if [ "${YESNO}" != "y" -a "${YESNO}" != "n" ]; then
+      echo "Please answer y or n."
+    else
+      break
+    fi
+  }
+  done
+  if [ "${YESNO}" != "y" ]; then
+    return 1
+  else
+    return 0
+  fi
+}
+
+init_skip_dbs ()
+{
+  echo "Initializing SKIP certification database..."
+  ${SKIP_BIN}/skipdb init -o
+
+  echo "Initializing SKIP authorities database..."
+  ${SKIP_BIN}/skipca init -r
+
+  echo "Initializing SKIP local identities database..."
+  ${SKIP_BIN}/skiplocal init -o
+}
+
+generate_key ()
+{
+  echo "Generating Diffie-Hellman public/private key pair..."
+  ${SKIP_BIN}/skiplocal keygen
+}
+
+activate_skip ()
+{
+  echo "Adding SKIP to primary network interface..."
+  ${SKIP_BIN}/skipif -a
+}
+
+# main()
+
+cat << xxENDxx
+
+You now have a chance to:
+
+ o Initialize your SKIP databases.
+ o Generate a Diffie-Hellman public/private key pair.
+ o Add SKIP to your primary network interface.
+
+Notes:
+
+ o If you have an existing working SKIP configuration that
+   you want to keep, you should choose NOT to proceed.
+   Proceeding will overwrite any existing SKIP configuration.
+ o If you choose not to proceed, you will have to initialize
+   the SKIP certification, authorities, and local identities
+   databases manually.
+ o SKIP will be active, but disabled, until you reboot and
+   enable it manually using the skiphost command as described
+   in step 5 of doc/INSTALL.
+
+xxENDxx
+
+Confirm "Do you want to proceed" "y" || exit 0
+
+init_skip_dbs;
+generate_key;
+activate_skip;
+
diff --git a/security/skip/scripts/pre-install b/security/skip/scripts/pre-install
new file mode 100644
index 000000000000..dac838f8ed37
--- /dev/null
+++ b/security/skip/scripts/pre-install
@@ -0,0 +1,132 @@
+#!/bin/sh
+
+#
+# The skip build process actually builds a tree of files
+# in the subdirectory SKIPDIR (defined below). So all we
+# have to do is install these files, with some slight
+# rearrangement, and then deal with the rc script stuff.
+#
+
+SKIPDIR="${WRKSRC}/mkpkgs/freebsd/bin.x86/skip"
+
+Report ()
+{
+  echo "     " $1
+}
+
+install_lkm_files ()
+{
+  LKM_FILES="drv/skip.o"
+
+  Report "Installing kernel module in ${PREFIX}/lkm"
+  ${BSD_INSTALL_DATA} ${LKM_FILES} ${PREFIX}/lkm
+}
+
+install_etc_files ()
+{
+  ETC_FILES="etc/dh_params \
+		etc/skipd.conf \
+		etc/SunICG_CA_selfcert"
+  RAS_FILES="bin/none.ras \
+		bin/unknown.ras \
+		bin/icon_v1.ras \
+		bin/icon_v2.ras \
+		bin/skiptool_small.ras \
+		bin/updated.ras \
+		bin/nomadic.ras"
+  SCR_FILES="etc/skip.mkdev \
+		etc/hosts"
+
+  Report "Installing miscellaneous files in ${PREFIX}/etc/skip"
+  ${BSD_INSTALL_DATA} ${ETC_FILES} ${PREFIX}/etc/skip
+  ${BSD_INSTALL_DATA} ${RAS_FILES} ${PREFIX}/etc/skip
+  ${BSD_INSTALL_SCRIPT} ${SCR_FILES} ${PREFIX}/etc/skip
+}
+
+install_bin_files ()
+{
+  BIN_FILES="bin/skiptool \
+		bin/skiphost \
+		bin/skipstat \
+		bin/skiplog \
+		bin/skipstat_ui \
+		bin/skipvar \
+		bin/test_key \
+		bin/skipd \
+		bin/skipdb \
+		bin/skipca \
+		bin/skiplocal \
+		bin/certreq \
+		bin/X509toHashCert \
+		bin/dh_keygen \
+		bin/print_cert"
+  SCRIPT_FILES="bin/install_skip_keys \
+		bin/skipd_restart \
+		bin/skipif \
+		bin/skip_conf"
+
+  Report "Installing binaries and scripts in ${PREFIX}/bin"
+  ${BSD_INSTALL_PROGRAM} ${BIN_FILES} ${PREFIX}/bin
+  ${BSD_INSTALL_SCRIPT} ${SCRIPT_FILES} ${PREFIX}/bin
+}
+
+install_doc_files ()
+{
+  DOC_FILES="doc/SKIP_SOFTWARE_LICENSE \
+		doc/BN_SOFTWARE_LICENSE \
+		doc/README.PATENT \
+		doc/README.FreeBSD \
+		doc/00README \
+		doc/INSTALL \
+		doc/advanced.TOPICS \
+		doc/usersguide.txt \
+		doc/usersguide.ps \
+		doc/usersguide.html \
+		doc/inet-95.ps"
+
+  Report "Installing documentation in ${PREFIX}/share/doc/skip"
+  ${BSD_INSTALL_DATA} ${DOC_FILES} ${PREFIX}/share/doc/skip
+}
+
+install_man_files ()
+{
+  MAN1_FILES="man/man1/certreq.1 \
+		man/man1/skiphost.1 \
+		man/man1/skipstat.1 \
+		man/man1/skiptool.1 \
+		man/man1/skipd.1  \
+		man/man1/skipdb.1 \
+		man/man1/skipca.1 \
+		man/man1/skiplocal.1 \
+		man/man1/install_skip_keys.1 \
+		man/man1/skipd_restart.1 \
+		man/man1/skipif.1 \
+		man/man1/skip_conf.1 \
+		man/man1/skiplog.1 \
+		man/man1/print_cert.1"
+  MAN4_FILES="man/man4/skipd.conf.4 \
+		man/man4/raw_keys.4"
+
+  Report "Installing man pages in ${PREFIX}/man"
+  ${BSD_INSTALL_MAN} ${MAN1_FILES} ${PREFIX}/man/man1
+  ${BSD_INSTALL_MAN} ${MAN4_FILES} ${PREFIX}/man/man4
+}
+
+install_rc_file ()
+{
+  RC_FILE="etc/rc"
+
+  Report "Installing startup script in ${PREFIX}/etc/rc.d"
+  ${BSD_INSTALL_SCRIPT} ${RC_FILE} ${PREFIX}/etc/rc.d/skip.sh
+}
+
+# main()
+
+cd ${SKIPDIR} || exit 1
+install_lkm_files;
+install_etc_files;
+install_bin_files;
+install_doc_files;
+install_man_files;
+install_rc_file;
+
diff --git a/security/skip/scripts/pre-patch b/security/skip/scripts/pre-patch
new file mode 100644
index 000000000000..1f184c68710f
--- /dev/null
+++ b/security/skip/scripts/pre-patch
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+#
+# Set user-writable flags so patch(1) doesn't trip up.
+#
+
+FIXDIRS="${WRKSRC}/skip/man ${WRKSRC}/admin"
+
+for DIR in ${FIXDIRS}; do
+  chmod -R u+w ${DIR}
+done
+
author	Julian Elischer <julian@FreeBSD.org>	1998-01-09 23:23:58 +0000
committer	Julian Elischer <julian@FreeBSD.org>	1998-01-09 23:23:58 +0000
commit	de8a9e28514d8bc9a9fec2eea38c03176e927046 (patch)
tree	e5692950c8d78ca95a07e7aff61f86d562892e1c /security/skip
parent	Upgrade, 4.36 -> 4.41. (diff)