diff options
Diffstat (limited to 'security')
207 files changed, 0 insertions, 11334 deletions
diff --git a/security/botan/Makefile b/security/botan/Makefile deleted file mode 100644 index abd01e089850..000000000000 --- a/security/botan/Makefile +++ /dev/null @@ -1,31 +0,0 @@ -# ex:ts=8 -# New ports collection makefile for: opencl -# Date created: Mar 3, 2001 -# Whom: Ying-Chieh Liao <ijliao@FreeBSD.org> -# -# $FreeBSD$ -# - -PORTNAME= opencl -PORTVERSION= 0.7.3 -CATEGORIES= security -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} -MASTER_SITE_SUBDIR= ${PORTNAME} -DISTNAME= OpenCL-${PORTVERSION} -EXTRACT_SUFX= .tgz - -MAINTAINER= ports@FreeBSD.org - -USE_NEWGCC= yes - -HAS_CONFIGURE= yes -CONFIGURE_SCRIPT= configure.pl -CONFIGURE_ARGS= gcc-freebsd-generic - -USE_GMAKE= yes - -INSTALLS_SHLIB= yes - -PLIST_SUB= PORTVERSION=0.7.2 - -.include <bsd.port.mk> diff --git a/security/botan/distinfo b/security/botan/distinfo deleted file mode 100644 index 8c40a78f9f65..000000000000 --- a/security/botan/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (OpenCL-0.7.3.tgz) = 19b67c399a21e61989d06e9d27645fc8 diff --git a/security/botan/files/patch-configure.pl b/security/botan/files/patch-configure.pl deleted file mode 100644 index 7ce69a825bc2..000000000000 --- a/security/botan/files/patch-configure.pl +++ /dev/null @@ -1,20 +0,0 @@ ---- configure.pl.orig Sat Jun 9 09:40:22 2001 -+++ configure.pl Sun Jun 10 19:23:51 2001 -@@ -1312,7 +1312,7 @@ - DOCDIR = \$(INSTALLROOT)/share/doc/\$(NAME)-\$(VERSION) - - OWNER = root --GROUP = root -+GROUP = wheel - DATA_MODE = 644 - EXEC_MODE = 755 - -@@ -1341,7 +1341,7 @@ - # FIXME: Hardcoded - USER_DOCS = readme.txt doc/license.txt doc/log.txt doc/thanks.txt \\ - doc/pgpkeys.asc --DEVEL_DOCS = doc/doc.ps doc/relnotes.txt -+DEVEL_DOCS = doc/opencl.ps doc/relnotes.txt - - HEADERS = $headers - diff --git a/security/botan/pkg-comment b/security/botan/pkg-comment deleted file mode 100644 index d735abdabc26..000000000000 --- a/security/botan/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -A portable, easy to use, and efficient C++ crypto library diff --git a/security/botan/pkg-descr b/security/botan/pkg-descr deleted file mode 100644 index d45a42c72e24..000000000000 --- a/security/botan/pkg-descr +++ /dev/null @@ -1,14 +0,0 @@ -OpenCL aims to be a portable, easy to use, and efficient C++ crypto -library. It currently supports the following algorithms: - - Block Ciphers: Blowfish, CAST256, CAST5, CS-Cipher, DES, GOST, - IDEA, Luby-Rackoff, MISTY1, RC2, RC5, RC6, Rijndael, SAFER-SK128, - Serpent, SHARK, Skipjack, Square, TEA, Threeway, Twofish, XTEA - Stream Ciphers: ARC4, ISAAC, SEAL - Hash Functions: HAVAL, MD2, MD4, MD5, RIPE-MD128, RIPE-MD160, SHA-1, - SHA2-256, SHA2-512, Tiger - MACs: EMAC, HMAC, MD5MAC - Misc: Adler32, CRC24, CRC32, Randpool, X9.17 RNG - Cipher Modes: CBC w/ Padding, CFB, OFB, Counter - -WWW: http://opencl.sourceforge.net/ diff --git a/security/botan/pkg-plist b/security/botan/pkg-plist deleted file mode 100644 index 5a9a246fb7d0..000000000000 --- a/security/botan/pkg-plist +++ /dev/null @@ -1,73 +0,0 @@ -include/opencl/arc4.h -include/opencl/blowfish.h -include/opencl/cast256.h -include/opencl/cast5.h -include/opencl/checksum.h -include/opencl/config.h -include/opencl/cscipher.h -include/opencl/des.h -include/opencl/desx.h -include/opencl/emac.h -include/opencl/encoder.h -include/opencl/exceptn.h -include/opencl/filtbase.h -include/opencl/filters.h -include/opencl/filters.icc -include/opencl/gost.h -include/opencl/haval.h -include/opencl/hmac.h -include/opencl/idea.h -include/opencl/isaac.h -include/opencl/lubyrack.h -include/opencl/md2.h -include/opencl/md4.h -include/opencl/md5.h -include/opencl/md5mac.h -include/opencl/misty1.h -include/opencl/modes.h -include/opencl/modes.icc -include/opencl/opencl.h -include/opencl/randpool.h -include/opencl/rc2.h -include/opencl/rc5.h -include/opencl/rc6.h -include/opencl/rijndael.h -include/opencl/rmd128.h -include/opencl/rmd160.h -include/opencl/safer_sk.h -include/opencl/seal.h -include/opencl/secalloc.h -include/opencl/secmem.h -include/opencl/secqueue.h -include/opencl/serpent.h -include/opencl/sha1.h -include/opencl/sha256.h -include/opencl/sha512.h -include/opencl/shark.h -include/opencl/skipjack.h -include/opencl/square.h -include/opencl/symkey.h -include/opencl/tea.h -include/opencl/threeway.h -include/opencl/tiger.h -include/opencl/triple.h -include/opencl/twofish.h -include/opencl/types.h -include/opencl/util.h -include/opencl/version.h -include/opencl/x917.h -include/opencl/xtea.h -@dirrm include/opencl -lib/libopencl.a -lib/libopencl-%%PORTVERSION%%.so -lib/libopencl-0.7.so -lib/libopencl-0.so -lib/libopencl.so -share/doc/OpenCL-%%PORTVERSION%%/license.txt -share/doc/OpenCL-%%PORTVERSION%%/log.txt -share/doc/OpenCL-%%PORTVERSION%%/opencl.ps -share/doc/OpenCL-%%PORTVERSION%%/pgpkeys.asc -share/doc/OpenCL-%%PORTVERSION%%/readme.txt -share/doc/OpenCL-%%PORTVERSION%%/relnotes.txt -share/doc/OpenCL-%%PORTVERSION%%/thanks.txt -@dirrm share/doc/OpenCL-%%PORTVERSION%% diff --git a/security/calife-devel/Makefile b/security/calife-devel/Makefile deleted file mode 100644 index 239d7466b8d6..000000000000 --- a/security/calife-devel/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# New ports collection makefile for: calife -# Date created: 13 Jun 2000 -# Whom: Thomas Quinot <thomas@cuivre.fr.eu.org> -# -# $FreeBSD$ -# - -PORTNAME= calife -PORTVERSION= 2.8.4b -CATEGORIES= security -MASTER_SITES= ftp://postfix.eu.org/pub/calife/ - -MAINTAINER= thomas@cuivre.fr.eu.org - -GNU_CONFIGURE= yes -CONFIGURE_ARGS= "--with-etcdir=$(PREFIX)/etc" - -MAN1= calife.1 -MAN5= calife.auth.5 - -.include <bsd.port.mk> diff --git a/security/calife-devel/distinfo b/security/calife-devel/distinfo deleted file mode 100644 index eb2e718f304b..000000000000 --- a/security/calife-devel/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (calife-2.8.4b.tar.gz) = 17a612291fd4d83510cb112ebc8bb899 diff --git a/security/calife-devel/pkg-comment b/security/calife-devel/pkg-comment deleted file mode 100644 index e77274450e6f..000000000000 --- a/security/calife-devel/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -A lightweight alternative to sudo diff --git a/security/calife-devel/pkg-descr b/security/calife-devel/pkg-descr deleted file mode 100644 index 923a2f444531..000000000000 --- a/security/calife-devel/pkg-descr +++ /dev/null @@ -1,9 +0,0 @@ -Calife is a lightweight replacement to Sudo: it allows -users listed in a particular file, $(PREFIX)/etc/calife.auth, -to endorse the identity of any other user after entering their -own password. - -WWW: http://mutt.frmug.org/calife/ - --- -Thomas Quinot -- <thomas@cuivre.fr.eu.org> diff --git a/security/calife-devel/pkg-plist b/security/calife-devel/pkg-plist deleted file mode 100644 index a81fa6a224ab..000000000000 --- a/security/calife-devel/pkg-plist +++ /dev/null @@ -1,2 +0,0 @@ -bin/calife -etc/calife.auth-dist diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile deleted file mode 100644 index 6c55ae2e3a57..000000000000 --- a/security/cyrus-sasl2/Makefile +++ /dev/null @@ -1,147 +0,0 @@ -# New ports collection makefile for: cyrus-sasl -# Date created: Nov 1 1999 -# Whom: hetzels@westbend.net -# -# $FreeBSD$ -# - -PORTNAME= cyrus-sasl -PORTVERSION= 1.5.24 -PORTREVISION= 7 -CATEGORIES= security -MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/ \ - ${MASTER_SITE_LOCAL} \ - ftp://ftp.hanse.de/sites/transit/mirror/ftp.andrew.cmu.edu/pub/cyrus-mail/ -MASTER_SITE_SUBDIR= stb/mirror/ftp.andrew.cmu.edu/pub/cyrus-mail - -PATCH_SITES= http://www.imasy.or.jp/~ume/ipv6/ -PATCHFILES= ${DISTNAME}-ipv6-20010321.diff.gz - -MAINTAINER= hetzels@westbend.net - -USE_OPENSSL= YES - -INSTALLS_SHLIB= yes - -MAN3= sasl.3 sasl_authorize_t.3 sasl_callbacks.3 sasl_checkpass.3 \ - sasl_client_init.3 sasl_client_new.3 sasl_client_start.3 \ - sasl_client_step.3 sasl_decode.3 sasl_done.3 sasl_encode.3 \ - sasl_errstring.3 sasl_getopt_t.3 sasl_getpath_t.3 \ - sasl_getprop.3 sasl_getsecret_t.3 sasl_getsimple_t.3 \ - sasl_listmech.3 sasl_log_t.3 sasl_server_init.3 \ - sasl_server_new.3 sasl_server_start.3 sasl_server_step.3 \ - sasl_setprop.3 sasl_usererr.3 -MAN8= sasldblistusers.8 saslpasswd.8 - -USE_AUTOMAKE= YES -USE_LIBTOOL= YES -AUTOHEADER= autoheader -AUTOMAKE= automake --add-missing --include-deps - -CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc \ - --with-plugindir=${PREFIX}/lib/sasl \ - --with-dbpath=${PREFIX}/etc/sasldb \ - --includedir=${PREFIX}/include/sasl \ - --enable-static \ - --enable-login \ - --with-pwcheck=/var/pwcheck \ - --with-dblib=ndbm \ - --with-rc4=openssl - -SCRIPTS_ENV= WRKDIRPREFIX="${WRKDIRPREFIX}" \ - PREFIX="${PREFIX}" \ - TOUCH="${TOUCH}" \ - MKDIR="${MKDIR}" \ - ENABLE_DB3="${ENABLE_DB3}" \ - ENABLE_MYSQL="${ENABLE_MYSQL}" \ - ENABLE_LDAP="${ENABLE_LDAP}" - -# ENABLE_* variables can be used by depending ports to enable options. - -# JavaSASL needs someone to look at to get it to build -#JAVADIR= jdk1.1.8 -#JAVALIBDIR= ${PREFIX}/${JAVADIR}/lib/i386/green_threads/ - -#.if defined(USE_JAVA) || exists(${LOCALBASE}/${JAVADIR}/bin/java) -#BUILD_DEPENDS= ${LOCALBASE}/${JAVADIR}/bin/java:${PORTSDIR}/java/jdk -#CONFIGURE_ARGS+= --with-java \ -# --with-javabase=${LOCALBASE}/include -# -#CONFIGURE_ENV= JAVAC="${LOCALBASE}/${JAVADIR}/bin/javac" \ -# JAVAH="${LOCALBASE}/${JAVADIR}/bin/javah" \ -# JAVADOC="${LOCALBASE}/${JAVADIR}/bin/javadoc" -#.endif - -.if defined(KRB5_HOME) && exists(${KRB5_HOME}) -CONFIGURE_ARGS+= --enable-gssapi=${KRB5_HOME} -.elif defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME}) -CONFIGURE_ARGS+= --enable-gssapi=${HEIMDAL_HOME} -.else -CONFIGURE_ARGS+= --disable-gssapi -GSSAPI= "@comment " -.endif - -.if exists(/usr/lib/libkrb.a) -CONFIGURE_ARGS+= --enable-krb4 -.else -CONFIGURE_ARGS+= --disable-krb4 -EBONES= "@comment " -.endif - -CONFIGURE_ENV+= LOCALBASE=${LOCALBASE} \ - OPENSSLINC=${OPENSSLINC} \ - OPENSSLLIB=${OPENSSLLIB} - -DOCS= AUTHORS COPYING ChangeLog INSTALL NEWS README TODO - -DOC2= draft-leach-digest-sasl-05.txt \ - draft-newman-auth-scram-03.txt \ - rfc1321.txt rfc2095.txt rfc2104.txt \ - rfc2222.txt rfc2245.txt - -HTDOCS= gssapi index programming sysadmin - -PLIST_SUB= PREFIX=${PREFIX} \ - GSSAPI=${GSSAPI} \ - EBONES=${EBONES} \ - DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \ - -pre-fetch: - @${SETENV} ${SCRIPTS_ENV} ${SH} ${SCRIPTDIR}/configure.sasl - -pre-configure: - @(cd ${WRKSRC} && ${AUTOHEADER}) - -# Create Cyrus user and group -pre-install: - @${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL - -post-install: - @${SED} -e "/%%PREFIX%%/s##${PREFIX}#g" ${FILESDIR}/pwcheck.sh \ - > ${PREFIX}/etc/rc.d/pwcheck.sh - @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh - ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck -.if !defined(NOPORTDOCS) - @${MKDIR} ${DOCSDIR}/html -.for file in ${DOCS} - @${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR} -.endfor -.for file in ${DOC2} - @${INSTALL_DATA} ${WRKSRC}/doc/${file} ${DOCSDIR} -.endfor - @${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR} -.for file in ${HTDOCS} - @${INSTALL_DATA} ${WRKSRC}/doc/${file}.html ${DOCSDIR} -.endfor -.endif - @PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL - @${CAT} ${PKGMESSAGE} - -post-clean: - @${RM} -f ${WRKDIRPREFIX}${.CURDIR}/Makefile.inc - -.if exists(${WRKDIRPREFIX}${.CURDIR}/Makefile.inc) -.include "${WRKDIRPREFIX}${.CURDIR}/Makefile.inc" -.endif - -.include <bsd.port.mk> diff --git a/security/cyrus-sasl2/distinfo b/security/cyrus-sasl2/distinfo deleted file mode 100644 index 1b1e11d6810f..000000000000 --- a/security/cyrus-sasl2/distinfo +++ /dev/null @@ -1,2 +0,0 @@ -MD5 (cyrus-sasl-1.5.24.tar.gz) = ac3837c071c258b80021325936db2583 -MD5 (cyrus-sasl-1.5.24-ipv6-20010321.diff.gz) = a306953c91d9fbf2f4676ef394b38449 diff --git a/security/cyrus-sasl2/files/Sendmail.README b/security/cyrus-sasl2/files/Sendmail.README deleted file mode 100644 index a7dd2267c39d..000000000000 --- a/security/cyrus-sasl2/files/Sendmail.README +++ /dev/null @@ -1,41 +0,0 @@ -How to enable SMTP AUTH with FreeBSD default Sendmail 8.11 - -1) Add the following to /etc/make.conf: - - # Add SMTP AUTH support to Sendmail - SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL - SENDMAIL_LDFLAGS+= -L/usr/local/lib - SENDMAIL_LDADD+= -lsasl - -2) Rebuild FreeBSD (make buildworld, ...) - -3) Create /usr/local/lib/sasl/Sendmail.conf with the following. - - pwcheck_method: pwcheck - -4) Add the following to your sendmail.mc file: - - TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl - define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl - define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl - define(`confRUN_AS_USER',`root:mail')dnl - - ---- - - Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4. - These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space - seperated list. You may want to restrict LOGIN, and PLAIN authentication - methods for use with STARTTLS, as the password is not encrypted when - passed to sendmail. - - LOGIN is required for Outlook Express users. "My server requires - authentication" needs to be checked in the accounts properties to - use SASL Authentication. - - PLAIN is required for Netscape Communicator users. By default Netscape - Communicator will use SASL Authentication when sendmail is compiled with - SASL. - - The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you - are using cyrus-imapd and sendmail on the same server that requires access - to the sasldb database. diff --git a/security/cyrus-sasl2/files/patch-ab b/security/cyrus-sasl2/files/patch-ab deleted file mode 100644 index 403d1b8c8ace..000000000000 --- a/security/cyrus-sasl2/files/patch-ab +++ /dev/null @@ -1,137 +0,0 @@ ---- configure.in.orig Thu Jul 20 21:35:01 2000 -+++ configure.in Thu Nov 16 09:07:00 2000 -@@ -66,8 +66,9 @@ - dnl check for -R, etc. switch - CMU_GUESS_RUNPATH_SWITCH - dnl let's just link against local. otherwise we never find anything useful. --CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" --CMU_ADD_LIBPATH("/usr/local/lib") -+CPPFLAGS="-I${OPENSSLINC} -I${OPENSSLINC}/openssl ${CPPFLAGS}" -+CMU_ADD_LIBPATH("${OPENSSLLIB}") -+CMU_ADD_LIBPATH("${LOCALBASE}/lib") - - AM_DISABLE_STATIC - -@@ -232,6 +233,13 @@ - SASL_DB_BACKEND="db_${dblib}.lo" - AC_DEFINE(SASL_BERKELEYDB) - SASL_DB_LIB="-ldb" -+ for db3loc in ${prefix} /usr/local /usr -+ do -+ if test -d ${db3loc}/include/db3; then -+ CPPFLAGS="-I${db3loc}/include/db3 $CPPFLAGS" -+ break -+ fi -+ done - ;; - *) - AC_MSG_WARN([Disabling SASL authentication database support]) -@@ -310,6 +318,88 @@ - fi - AM_CONDITIONAL(PWCHECK, test "$with_pwcheck" != no) - -+dnl MySQL -+AC_ARG_WITH(mysql, [ --with-mysql=PATH enable authentication from MySQL database [no] ], -+ with_mysql=$withval, -+ with_mysql=no) -+ -+if test -z "$with_mysql"; then -+ for mysqlloc in lib/mysql lib -+ do -+ if test -f ${prefix}/${mysqlloc}/libmysqlclient.a; then -+ with_mysql="${prefix}" -+ break -+ elif test -f /usr/local/${mysqlloc}/libmysqlclient.a; then -+ with_mysql="/usr/local" -+ break -+ elif test -f /usr/${mysqlloc}/libmysqlclient.a; then -+ with_mysql="/usr" -+ break -+ fi -+ done -+fi -+ -+LIB_MYSQL="" -+case "$with_mysql" in -+ no) true;; -+ ""|yes) AC_CHECK_LIB(mysqlclient, mysql_select_db, -+ AC_DEFINE(HAVE_MYSQL) -+ LIB_MYSQL="-lmysqlclient", -+ with_mysql=no);; -+ *) if test -d ${with_mysql}/include/mysql; then -+ CPPFLAGS="$CPPFLAGS -I${with_mysql}/include/mysql" -+ else -+ CPPFLAGS="$CPPFLAGS -I${with_mysql}/include" -+ fi -+ if test -d ${with_mysql}/lib/mysql; then -+ LDFLAGS="$LDFLAGS -L${with_mysql}/lib/mysql" -+ fi -+ AC_DEFINE(HAVE_MYSQL) -+ LIB_MYSQL="-lmysqlclient";; -+esac -+AC_SUBST(LIB_MYSQL) -+ -+dnl LDAP -+AC_ARG_WITH(ldap, [ --with-ldap=PATH enable authentication from LDAP [no] ], -+ with_ldap=$withval, -+ with_ldap=no) -+ -+if test -z "$with_ldap"; then -+ for ldaploc in lib/ldap lib -+ do -+ if test -f ${prefix}/${ldaploc}/libldap.a; then -+ with_ldap="${prefix}" -+ break -+ elif test -f /usr/local/${ldaploc}/libldap.a; then -+ with_ldap="/usr/local" -+ break -+ elif test -f /usr/${ldaploc}/libldap.a; then -+ with_ldap="/usr" -+ break -+ fi -+ done -+fi -+ -+LIB_LDAP="" -+case "$with_ldap" in -+ no) true;; -+ ""|yes) AC_CHECK_LIB(ldap, ldap_open, -+ AC_DEFINE(HAVE_LDAP) -+ LIB_LDAP="-lldap -llber", -+ with_ldap=no);; -+ *) if test -d ${with_ldap}/include/ldap; then -+ CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include/ldap" -+ else -+ CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include" -+ fi -+ if test -d ${with_ldap}/lib/ldap; then -+ LDFLAGS="$LDFLAGS -L${with_ldap}/lib/ldap" -+ fi -+ AC_DEFINE(HAVE_LDAP) -+ LIB_LDAP="-lldap -llber";; -+esac -+AC_SUBST(LIB_LDAP) -+ - dnl CRAM-MD5 - AC_ARG_ENABLE(cram, [ --enable-cram enable CRAM-MD5 authentication [yes] ], - cram=$enableval, -@@ -434,11 +524,15 @@ - fi - - if test "$with_des" != no; then -+ case "$host_os" in -+ freebsd*) -+ COM_ERR="-lcom_err" -+ ;; -+ esac - AC_CHECK_HEADER(krb.h, -- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", -- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", -- AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err), -- -ldes), -+ AC_CHECK_LIB(krb, krb_mk_priv,:, -+ AC_WARN(No Kerberos V4 found); krb4=no, -+ -ldes $COM_ERR), - AC_WARN(No Kerberos V4 found); krb4=no) - else - AC_WARN(No DES library found for Kerberos V4 support) diff --git a/security/cyrus-sasl2/files/patch-ag b/security/cyrus-sasl2/files/patch-ag deleted file mode 100644 index 591a08e66ab5..000000000000 --- a/security/cyrus-sasl2/files/patch-ag +++ /dev/null @@ -1,15 +0,0 @@ ---- acconfig.h.orig Wed Jul 5 11:59:25 2000 -+++ acconfig.h Fri Sep 15 20:56:28 2000 -@@ -84,6 +84,12 @@ - /* do we have PAM for plaintext password checking? */ - #undef HAVE_PAM - -+/* do we have MySQL for plaintext password checking? */ -+#undef HAVE_MYSQL -+ -+/* do we have LDAP for plaintext password checking? */ -+#undef HAVE_LDAP -+ - /* what flavor of GSSAPI are we using? */ - #undef HAVE_GSS_C_NT_HOSTBASED_SERVICE - diff --git a/security/cyrus-sasl2/files/patch-ah b/security/cyrus-sasl2/files/patch-ah deleted file mode 100644 index deb47e550737..000000000000 --- a/security/cyrus-sasl2/files/patch-ah +++ /dev/null @@ -1,9 +0,0 @@ ---- lib/Makefile.am.orig Thu Jul 20 21:35:02 2000 -+++ lib/Makefile.am Fri Sep 15 20:56:28 2000 -@@ -53,5 +53,5 @@ - EXTRA_libsasl_la_SOURCES = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c db_testw32.c - libsasl_la_LDFLAGS = -version-info $(sasl_version) - libsasl_la_DEPENDENCIES = $(SASL_DB_BACKEND) @LTLIBOBJS@ --libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS) -+libsasl_la_LIBADD = @LTLIBOBJS@ $(SASL_DB_BACKEND) $(SASL_DB_LIB) $(SASL_DL_LIB) $(PLAIN_LIBS) ${LIB_LDAP} ${LIB_MYSQL} - # PLAIN_LIBS are linked in for sasl_checkpass diff --git a/security/cyrus-sasl2/files/patch-ai b/security/cyrus-sasl2/files/patch-ai deleted file mode 100644 index ea925f0e9f6f..000000000000 --- a/security/cyrus-sasl2/files/patch-ai +++ /dev/null @@ -1,321 +0,0 @@ ---- lib/checkpw.c.orig Wed Jul 19 20:24:13 2000 -+++ lib/checkpw.c Tue Oct 31 20:52:21 2000 -@@ -95,10 +95,19 @@ - #include <sys/un.h> - #ifdef HAVE_UNISTD_H - #include <unistd.h> --#endif -+#endif /* HAVE_UNISTD_H */ - - extern int errno; --#endif -+#endif /* HAVE_PWCHECK */ -+ -+#ifdef HAVE_MYSQL -+#include <mysql.h> -+#endif /* HAVE_MYSQL */ -+ -+#ifdef HAVE_LDAP -+#include <lber.h> -+#include <ldap.h> -+#endif /* HAVE_LDAP */ - - #ifdef HAVE_KRB - -@@ -170,12 +179,20 @@ - memcpy (&temp_key, "kerberos", 8); - des_fixup_key_parity (&temp_key); - des_key_sched (&temp_key, schedule); -+#ifdef __FreeBSD__ -+ des_cbc_cksum ((const unsigned char *)password, &ivec, passlen, schedule, &ivec); -+#else - des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec); -+#endif - - memcpy (&temp_key, &ivec, sizeof temp_key); - des_fixup_key_parity (&temp_key); - des_key_sched (&temp_key, schedule); -+#ifdef __FreeBSD__ -+ des_cbc_cksum ((const unsigned char *)password, key, passlen, schedule, &ivec); -+#else - des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec); -+#endif - - des_fixup_key_parity (key); - -@@ -210,10 +227,17 @@ - return (str); - } - -+#ifdef __FreeBSD__ -+static int use_key(const char *user __attribute__((unused)), -+ char *instance __attribute__((unused)), -+ const char *realm __attribute__((unused)), -+ const void *key, des_cblock *returned_key) -+#else - static int use_key(char *user __attribute__((unused)), - char *instance __attribute__((unused)), - char *realm __attribute__((unused)), - void *key, des_cblock *returned_key) -+#endif - { - memcpy (returned_key, key, sizeof(des_cblock)); - return 0; -@@ -838,7 +862,7 @@ - - - /* pwcheck daemon-authenticated login */ --static int pwcheck_verify_password(sasl_conn_t *conn, -+static int pwcheck_verify_password(sasl_conn_t *conn __attribute__((unused)), - const char *userid, - const char *passwd, - const char *service __attribute__((unused)), -@@ -853,8 +877,10 @@ - static char response[1024]; - int start, n; - char pwpath[1024]; -+#if 0 /* Not used */ - sasl_getopt_t *getopt; - void *context; -+#endif - - if (reply) { *reply = NULL; } - -@@ -902,6 +928,224 @@ - - #endif - -+#ifdef HAVE_MYSQL -+/* DMZ mysql auth 12/29/1999 -+ * Updated to 1.5.24 by SWH 09/12/2000 -+ * changed to malloc qbuf Simon Loader 10/21/2000 -+ */ -+#ifdef USE_CRYPT_PASSWORD -+#define QUERY_STRING "select %s from %s where %s = '%s' and %s = password('%s')" -+#else -+#define QUERY_STRING "select %s from %s where %s = '%s' and %s = '%s'" -+#endif -+ -+static int mysql_verify_password(sasl_conn_t *conn, -+ const char *userid, -+ const char *password, -+ const char *service __attribute__((unused)), -+ const char *user_realm __attribute__((unused)), -+ const char **reply) -+{ -+ unsigned int numrows; -+ MYSQL mysql,*sock; -+ MYSQL_RES *result; -+ char *qbuf; -+ char *db_user="", -+ *db_passwd="", -+ *db_host="", -+ *db_uidcol="", -+ *db_pwcol="", -+ *db_database="", -+ *db_table=""; -+ sasl_getopt_t *getopt; -+ void *context; -+ -+ if (!userid || !password) { -+ return SASL_BADPARAM; -+ } -+ if (reply) { *reply = NULL; } -+ -+ /* check to see if the user configured a mysqluser/passwd/host/etc */ -+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) { -+ getopt(context, NULL, "mysql_user", (const char **) &db_user, NULL); -+ if (!db_user) db_user = ""; -+ getopt(context, NULL, "mysql_passwd", (const char **) &db_passwd, NULL); -+ if (!db_passwd) db_passwd = ""; -+ getopt(context, NULL, "mysql_host", (const char **) &db_host, NULL); -+ if (!db_host) db_host = ""; -+ getopt(context, NULL, "mysql_database", (const char **) &db_database, NULL); -+ if (!db_database) db_database = ""; -+ getopt(context, NULL, "mysql_table", (const char **) &db_table, NULL); -+ if (!db_table) db_table = ""; -+ getopt(context, NULL, "mysql_uidcol", (const char **) &db_uidcol, NULL); -+ if (!db_uidcol) db_uidcol = ""; -+ getopt(context, NULL, "mysql_pwdcol", (const char **) &db_pwcol, NULL); -+ if (!db_pwcol) db_pwcol = ""; -+ } -+ -+ if (!(sock = mysql_connect(&mysql,db_host,db_user,db_passwd))) -+ { -+ if (reply) { *reply = "cannot connect to MySQL server"; } -+ return SASL_FAIL; -+ } -+ -+ if (mysql_select_db(sock,db_database) < 0) -+ { -+ mysql_close(sock); -+ if (reply) { *reply = "cannot select MySQL database"; } -+ return SASL_FAIL; -+ } -+ /* select DB_UIDCOL from DB_TABLE where DB_UIDCOL = 'userid' AND DB_PWCOL = password('password') */ -+ if ( (qbuf = (char *)malloc(strlen(QUERY_STRING)+strlen(db_uidcol) -+ +strlen(db_table)+strlen(db_uidcol) -+ +strlen(userid)+strlen(db_pwcol) -+ +strlen(password)+1)) == NULL ) { -+ if (reply) { *reply = "cannot malloc memory for sql query"; } -+ return SASL_FAIL; -+ } -+ sprintf(qbuf,QUERY_STRING,db_uidcol,db_table,db_uidcol,userid,db_pwcol,password); -+ if (mysql_query(sock,qbuf) < 0 || !(result=mysql_store_result(sock))) -+ { -+ free(qbuf); -+ mysql_close(sock); -+ return SASL_FAIL; -+ } -+ -+ if (result) //There were some rows found -+ { -+ if ((numrows = mysql_affected_rows(&mysql)) != 1) -+ { -+ mysql_free_result(result); -+ mysql_close(sock); -+ if ((numrows > 1) && (reply)) { *reply = "Detected duplicate entries for user"; } -+ free(qbuf); -+ return SASL_BADAUTH; -+ } else { -+ free(qbuf); -+ mysql_free_result(result); -+ mysql_close(sock); -+ return SASL_OK; -+ } -+ } -+ free(qbuf); -+ mysql_free_result(result); -+ mysql_close(sock); -+ return SASL_BADAUTH; -+} -+#endif /* HAVE_MYSQL */ -+ -+#ifdef HAVE_LDAP -+/* simon@surf.org.uk LDAP auth 07/11/2000 -+ * Updated to 1.5.24 by SWH 09/12/2000 -+ * changed to use malloc and simplify the auth by Simon@surf.org.uk 10/21/2000 -+ */ -+ -+#define LDAP_SERVER "localhost" -+#define LDAP_BASEDN "o=JOFA, c=UK" -+#define LDAP_UIDATTR "uid" -+ -+#ifndef TRUE -+# define TRUE 1 -+# define FALSE 0 -+#endif -+ -+static int ldap_isdigits(char *value) -+{ -+ char *ptr; -+ int num = TRUE; -+ -+ for (ptr = value; *ptr != '\0' && num != FALSE; ptr++) { -+ if (!isdigit(*ptr)) -+ num = FALSE; -+ } -+ -+ return num; -+} -+ -+static int ldap_verify_password(sasl_conn_t *conn, -+ const char *userid, -+ const char *password, -+ const char *service __attribute__((unused)), -+ const char *user_realm __attribute__((unused)), -+ const char **reply) -+{ -+ -+ LDAP *ld; -+ char *dn, -+ *ldap_server="", -+ *ldap_basedn="", -+ *ldap_uidattr="", -+ *port_num=""; -+ int ldap_port = LDAP_PORT; -+ sasl_getopt_t *getopt; -+ void *context; -+ -+ /* If the password is NULL, reject the login... -+ * Otherwise the bind will succed as a reference bind. Not good... -+ */ -+ if (!userid || !password) -+ { -+ return SASL_BADPARAM; -+ } -+ -+ if (reply) { *reply = NULL; } -+ -+ /* check to see if the user configured a mysqluser/passwd/host/etc */ -+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) { -+ getopt(context, NULL, "ldap_server", (const char **) &ldap_server, NULL); -+ if (!ldap_server) ldap_server = LDAP_SERVER; -+ getopt(context, NULL, "ldap_basedn", (const char **) &ldap_basedn, NULL); -+ if (!ldap_basedn) { -+ if (reply) { *reply = "ldap_basedn not defined"; } -+ return SASL_BADPARAM; -+ } -+ getopt(context, NULL, "ldap_uidattr", (const char **) &ldap_uidattr, NULL); -+ if (!ldap_uidattr) ldap_uidattr = LDAP_UIDATTR; -+ getopt(context, NULL, "ldap_port", (const char **) &port_num, NULL); -+ if (!port_num) { -+ ldap_port = LDAP_PORT; -+ } else if (!ldap_isdigits(port_num)) { -+ if (reply) { *reply = "ldap_port - invalid value"; } -+ return SASL_BADPARAM; -+ } else { -+ ldap_port = atoi(port_num); -+ } -+ } -+ -+ /* Open the LDAP connection. */ -+ if ((ld = ldap_open(ldap_server, ldap_port)) == NULL) -+ { -+ if (reply) { *reply = "cannot connect to LDAP server"; } -+ return SASL_FAIL; -+ } -+ -+ if ( (dn = (char *)malloc(strlen(ldap_uidattr) -+ +strlen(userid)+strlen(ldap_basedn)+3)) == NULL ) { -+ if (reply) { *reply = "cannnot allocate memory for ldap dn"; } -+ return SASL_FAIL; -+ } -+ /* Generate a dn that we will try and login with */ -+ sprintf(dn,"%s=%s,%s", ldap_uidattr,userid,ldap_basedn); -+ -+ /* -+ * Just try and bind with the dn we have been given -+ * In most cases the basedn is correct. -+ * If this is not so I have a version or that too -+ * Simon@surf.org.uk -+ */ -+ if (ldap_simple_bind_s(ld,dn,(char *)password) != LDAP_SUCCESS) { -+ free(dn); -+ ldap_unbind(ld); -+ return SASL_BADAUTH; -+ } -+ -+ free(dn); -+ ldap_unbind(ld); -+ return SASL_OK; -+} -+ -+#endif /* HAVE_LDAP */ -+ - struct sasl_verify_password_s _sasl_verify_password[] = { - { "sasldb", &sasldb_verify_password }, - #ifdef HAVE_KRB -@@ -921,6 +1165,12 @@ - #endif - #ifdef HAVE_PWCHECK - { "pwcheck", &pwcheck_verify_password }, -+#endif -+#ifdef HAVE_MYSQL -+ { "mysql", &mysql_verify_password }, -+#endif -+#ifdef HAVE_LDAP -+ { "ldap", &ldap_verify_password }, - #endif - { NULL, NULL } - }; diff --git a/security/cyrus-sasl2/files/patch-aj b/security/cyrus-sasl2/files/patch-aj deleted file mode 100644 index 569384a100d4..000000000000 --- a/security/cyrus-sasl2/files/patch-aj +++ /dev/null @@ -1,46 +0,0 @@ ---- doc/sysadmin.html.orig Wed Jul 12 21:59:51 2000 -+++ doc/sysadmin.html Fri Sep 15 20:56:28 2000 -@@ -171,6 +171,43 @@ - <dt><i>pwcheck</i><dd> checks passwords with the use of a seperate, - helper daemon. <b>needs to be documented.</b><p> - -+<dt><i>mysql</i><dd> A MySQL database can be used for plaintext -+ password checking by setting "pwcheck_method" to "mysql".<p> -+ -+ <p>The following SASL options are used for MySQL Authentication:<p> -+ -+ <dl> -+ <dd>mysql_user: <user></dd> -+ <dd>mysql_passwd: <cleartext pw></dd> -+ <dd>mysql_host: <host></dd> -+ <dd>mysql_database: <database></dd> -+ <dd>mysql_table: <table></dd> -+ <dd>mysql_uidcol: <username col></dd> -+ <dd>mysql_pwdcol: <password col></dd> -+ </dl> -+ -+ <p>MySQL pwcheck_method created by <a href="mailto:dmz@dmzs.com">David Matthew Zendzian</a> -+ the original patch may be found at <a href="http://www.dmzs.com/~dmz/projects/cyrus/">http://www.dmzs.com/~dmz/projects/cyrus/</a>.<p> -+ -+<dt><i>ldap</i><dd> A LDAP server can be used for plaintext password -+ checking by setting "pwcheck_method" to "ldap".<p> -+ -+ <p>The following SASL options are used for LDAP Authentication:<p> -+ -+ <dl> -+ <dd>ldap_server: <LDAP Server [localhost]> -+ <dd>ldap_basedn: <LDAP base dn> -+ <dd>ldap_uidattr: <LDAP uid attribute [uid]> -+ <dd>ldap_port: <LDAP port [389]> -+ </dl> -+ -+ <p>It is a requirement that "ldap_basedn" be set to the appropriate -+ value for your site<br> -+ (ex. ldap_basedn: o=surf, c=UK)<p> -+ -+ <p>LDAP pwcheck_method created by <a href="mailto:simon@surf.org.uk">Simon@surf.org.uk</a> -+ the original patch may be found at <a href="http://www.surf.org.uk/">http://www.surf.org.uk/</a>.<p> -+ - <dt><i>write your own</i><dd> Last, but not least, the most flexible - method of authentication for PLAIN is to write your own. If you do - so, any application that calls the "<tt>sasl_checkpass()</tt>" diff --git a/security/cyrus-sasl2/files/patch-ak b/security/cyrus-sasl2/files/patch-ak deleted file mode 100644 index ecbd20ca3239..000000000000 --- a/security/cyrus-sasl2/files/patch-ak +++ /dev/null @@ -1,30 +0,0 @@ ---- plugins/kerberos4.c.orig Wed Apr 19 11:18:48 2000 -+++ plugins/kerberos4.c Sat Sep 16 18:49:20 2000 -@@ -696,8 +696,13 @@ - - /* decrypt; verify checksum */ - -+#ifdef __FreeBSD__ -+ des_pcbc_encrypt((const unsigned char *)in, -+ (unsigned char *)in, -+#else - des_pcbc_encrypt((des_cblock *)in, - (des_cblock *)in, -+#endif - clientinlen, - text->init_keysched, - &text->session, -@@ -1192,8 +1197,13 @@ - } - sout[len]=0; - -+#ifdef __FreeBSD__ -+ des_pcbc_encrypt((const unsigned char *)sout, -+ (unsigned char *)sout, -+#else - des_pcbc_encrypt((des_cblock *)sout, - (des_cblock *)sout, -+#endif - len, - text->init_keysched, - (des_cblock *)text->session, diff --git a/security/cyrus-sasl2/files/pwcheck.sh b/security/cyrus-sasl2/files/pwcheck.sh deleted file mode 100644 index ba07b9fc580a..000000000000 --- a/security/cyrus-sasl2/files/pwcheck.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -PREFIX=%%PREFIX%% - -case "$1" in - -start) - if [ -x ${PREFIX}/sbin/pwcheck ] - then - ${PREFIX}/sbin/pwcheck & && echo -n " pwcheck" - fi - ;; - -stop) - if [ -r /var/run/pwcheck.pid ] - then - kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck" - rm /var/run/pwcheck.pid - fi - ;; - -*) - echo "usage: $0 {start|stop}" 1>&2 - exit 64 - ;; - -esac - diff --git a/security/cyrus-sasl2/pkg-comment b/security/cyrus-sasl2/pkg-comment deleted file mode 100644 index d3823b87bff0..000000000000 --- a/security/cyrus-sasl2/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -RFC 2222 SASL (Simple Authentication and Security Layer) diff --git a/security/cyrus-sasl2/pkg-deinstall b/security/cyrus-sasl2/pkg-deinstall deleted file mode 100644 index 2ee2b8bca882..000000000000 --- a/security/cyrus-sasl2/pkg-deinstall +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# -# Created by: hetzels@westbend.net - -#set -vx - -PKG_BATCH=${BATCH:=NO} - -PKG_PREFIX=${PKG_PREFIX:=/usr/local} - -# delete sasldb database - -delete_sasldb() { - [ -f %D/etc/sasldb.db -a ! -s %D/etc/sasldb.db ] && rm %D/etc/sasldb.db -} - -# This should really be uninstalled by Sendmail - -sendmail_conf() { - if [ -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then - echo "pwcheck_method: pwcheck" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf.tmp - if cmp -s ${PKG_PREFIX}/lib/sasl/Sendmail.conf ${PKG_PREFIX}/lib/sasl/Sendmail.conf.tmp; then - rm -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf - fi - rm -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf.tmp - fi -} - -case $2 in - DEINSTALL) - delete_sasldb - sendmail_conf - ;; - POST-DEINSTALL) - ;; - -esac diff --git a/security/cyrus-sasl2/pkg-descr b/security/cyrus-sasl2/pkg-descr deleted file mode 100644 index f7549fbbe0a7..000000000000 --- a/security/cyrus-sasl2/pkg-descr +++ /dev/null @@ -1,36 +0,0 @@ -The Cyrus SASL (Simple Authentication and Security Layer) - -SASL is the Simple Authentication and Security Layer, a method -for adding authentication support to connection-based protocols. -To use SASL, a protocol includes a command for identifying and -authenticating a user to a server and for optionally negotiating -protection of subsequent protocol interactions. If its use is -negotiated, a security layer is inserted between the protocol -and the connection. - -FEATURES --------- -The following mechanisms are included in this distribution: -ANONYMOUS -CRAM-MD5 -DIGEST-MD5 -GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5) -KERBEROS_V4 -PLAIN - -The library can use a Berkeley DB, gdbm or ndbm file on the server -side to store per-user authentication secrets. The utility saslpasswd -has been included for adding authentication secrets to the file. - -PLAIN can either check /etc/passwd, Kerberos V4, use PAM, or the sasl -secrets database. By default PAM is used if PAM is found, then -Kerberos, finally /etc/passwd (non-shadow). This is tweakable in the -configuration file. Please see -"${PREFIX}/share/doc/sasl/sysadmin.html". - -The sample directory contains two programs which provide a reference -for using the library, as well as making it easy to test a mechanism -on the command line. See "${PREFIX}/share/doc/sasl/programming.html" -for more information. - -WWW: http://asg.web.cmu.edu/sasl/ diff --git a/security/cyrus-sasl2/pkg-install b/security/cyrus-sasl2/pkg-install deleted file mode 100644 index 816c8132ac4d..000000000000 --- a/security/cyrus-sasl2/pkg-install +++ /dev/null @@ -1,99 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# -# Created by: stb@FreeBSD.org for the cyrus imap server -# Added to the cyrus-sasl port by hetzels@westbend.net - -#set -vx - -PKG_BATCH=${BATCH:=NO} - -PKG_PREFIX=${PKG_PREFIX:=/usr/local} - -# -# create 'cyrus' user and group before installing -# - -create_user() { - if [ ! -x /usr/sbin/pw ]; then - echo "*** Please add a user and a group named \`cyrus' before installing this package." - exit 69 - fi - - if ! pw show group cyrus -q >/dev/null; then - gid=60 - while pw show group -g ${gid} -q >/dev/null; do - gid=`expr ${gid} + 1` - done - if ! pw add group cyrus -g ${gid}; then - e=$? - echo "*** Failed to add group \`cyrus'. Please add it manually." - exit ${e} - fi - echo "*** Added group \`cyrus' (id ${gid})" - else - gid=`pw show group cyrus 2>/dev/null | cut -d: -f3` - fi - - if [ -x /sbin/nologin ]; then - shell=/sbin/nologin - else - shell=/nonexistent - fi - if ! pw show user cyrus -q >/dev/null; then - uid=60 - while pw show user -u ${uid} -q >/dev/null; do - uid=`expr ${uid} + 1` - done - if ! pw add user cyrus -u ${uid} -g ${gid} -d "/nonexistent" \ - -c "the cyrus mail server" -s "${shell}" -p "*" \ - ; then - e=$? - echo "*** Failed to add user \`cyrus'. Please add it manually." - exit ${e} - fi - echo "*** Added user \`cyrus' (id ${uid})" - else - if ! pw mod user cyrus -g ${gid} -d "/nonexistent" \ - -c "the cyrus mail server" -s "${shell}" -p "*" \ - ; then - e=$? - echo "*** Failed to update user \`cyrus'." - exit ${e} - fi - echo "*** Updated user \`cyrus'." - fi - if ! pw group mod cyrus -m daemon; then - echo "*** can't add user \`daemon' to group \`cyrus'" - fi -} - -create_sasldb() { - if [ ! -f ${PGK_PREFIX}/etc/sasldb.db ]; then - touch ${PKG_PREFIX}/etc/sasldb.db - chown cyrus:mail ${PKG_PREFIX}/etc/sasldb.db - chmod 640 ${PKG_PREFIX}/etc/sasldb.db - fi -} - -# This should really be installed by Sendmail - -sendmail_conf() { - if [ ! -f ${PKG_PREFIX}/lib/sasl/Sendmail.conf ]; then - echo "pwcheck_method: pwcheck" > ${PKG_PREFIX}/lib/sasl/Sendmail.conf - fi -} - -case $2 in - PRE-INSTALL) - create_user - ;; - POST-INSTALL) - if [ "${PKG_BATCH}" = "NO" ]; then - create_sasldb - sendmail_conf - fi - ;; - -esac diff --git a/security/cyrus-sasl2/pkg-message b/security/cyrus-sasl2/pkg-message deleted file mode 100644 index 1016d9655c5a..000000000000 --- a/security/cyrus-sasl2/pkg-message +++ /dev/null @@ -1,15 +0,0 @@ -PREFIX/etc/cyrusdb.db now needs to be created -before applications that depend on SASL are used. - - su cyrus - PREFIX/sbin/saslpasswd -c userid - -You will also need to start the pwcheck daemon: - - PREFIX/etc/rc.d/pwcheck.sh start - -Read the documentation in PREFIX/share/doc/SASL - -How to enable SMTP AUTH with system Sendmail 8.11 - Sendmail.README - -How to use LDAP or MySQL for passwords - see html/sysadmin.html diff --git a/security/cyrus-sasl2/pkg-plist b/security/cyrus-sasl2/pkg-plist deleted file mode 100644 index 8eeb026c7fee..000000000000 --- a/security/cyrus-sasl2/pkg-plist +++ /dev/null @@ -1,67 +0,0 @@ -@unexec [ -r /var/run/pwcheck.pid ] && %D/etc/rc.d/pwcheck.sh stop && echo " stopped." -etc/rc.d/pwcheck.sh -include/sasl/hmac-md5.h -include/sasl/md5.h -include/sasl/md5global.h -include/sasl/sasl.h -include/sasl/saslplug.h -include/sasl/saslutil.h -@dirrm include/sasl -lib/libsasl.a -lib/libsasl.so -lib/libsasl.so.8 -lib/sasl/libanonymous.a -lib/sasl/libanonymous.so -lib/sasl/libanonymous.so.1 -lib/sasl/libcrammd5.a -lib/sasl/libcrammd5.so -lib/sasl/libcrammd5.so.1 -lib/sasl/libdigestmd5.a -lib/sasl/libdigestmd5.so -lib/sasl/libdigestmd5.so.0 -%%GSSAPI%%lib/sasl/libgssapiv2.a -%%GSSAPI%%lib/sasl/libgssapiv2.so -%%GSSAPI%%lib/sasl/libgssapiv2.so.1 -%%EBONES%%lib/sasl/libkerberos4.a -%%EBONES%%lib/sasl/libkerberos4.so -%%EBONES%%lib/sasl/libkerberos4.so.1 -lib/sasl/liblogin.a -lib/sasl/liblogin.so -lib/sasl/liblogin.so.0 -lib/sasl/libplain.a -lib/sasl/libplain.so -lib/sasl/libplain.so.1 -sbin/sasldblistusers -sbin/saslpasswd -sbin/pwcheck -%%PORTDOCS%%%%DOCSDIR%%/AUTHORS -%%PORTDOCS%%%%DOCSDIR%%/COPYING -%%PORTDOCS%%%%DOCSDIR%%/ChangeLog -%%PORTDOCS%%%%DOCSDIR%%/INSTALL -%%PORTDOCS%%%%DOCSDIR%%/NEWS -%%PORTDOCS%%%%DOCSDIR%%/README -%%PORTDOCS%%%%DOCSDIR%%/Sendmail.README -%%PORTDOCS%%%%DOCSDIR%%/TODO -%%PORTDOCS%%%%DOCSDIR%%/draft-leach-digest-sasl-05.txt -%%PORTDOCS%%%%DOCSDIR%%/draft-newman-auth-scram-03.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc1321.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2095.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2104.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2222.txt -%%PORTDOCS%%%%DOCSDIR%%/rfc2245.txt -%%PORTDOCS%%%%DOCSDIR%%/gssapi.html -%%PORTDOCS%%%%DOCSDIR%%/index.html -%%PORTDOCS%%%%DOCSDIR%%/programming.html -%%PORTDOCS%%%%DOCSDIR%%/sysadmin.html -%%PORTDOCS%%@dirrm %%DOCSDIR%%/html -%%PORTDOCS%%@dirrm %%DOCSDIR%% -@dirrm lib/sasl -@mode ug=rwx,o= -@cwd /var -@exec mkdir pwcheck -@exec chown cyrus:cyrus pwcheck -@exec chmod o= pwcheck -@comment This file gets created by the pwcheck program -@unexec rm -f /var/pwcheck/pwcheck -@dirrm pwcheck -@cwd %%PREFIX%% diff --git a/security/cyrus-sasl2/scripts/configure.sasl b/security/cyrus-sasl2/scripts/configure.sasl deleted file mode 100644 index 9af2b47675df..000000000000 --- a/security/cyrus-sasl2/scripts/configure.sasl +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/sh -# $FreeBSD$ - -if [ -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc ]; then - exit -fi - -tempfile=`mktemp -t checklist` - -if [ "${BATCH}" ]; then - if [ "x${ENABLE_DB3}" = "xYES" ]; then - OPTIONS=\"DB3\" - fi - if [ "x${ENABLE_MYSQL}" = "xYES" ]; then - OPTIONS="${OPTIONS} \"MySQL\"" - fi - if [ "x${ENABLE_LDAP}" = "xYES" ]; then - OPTIONS="${OPTIONS} \"OpenLDAP\"" - fi - if [ "x${OPTIONS}" != "x" ]; then - set ${OPTIONS} - fi -else - if [ "x${ENABLE_DB3}" = "xYES" -o -f ${PREFIX}/lib/libdb3.so ] ; then - SET_DB3="ON" - else - SET_DB3="OFF" - fi - if [ "x${ENABLE_MYSQL}" = "xYES" -o -f ${PREFIX}/lib/mysql/libmysqlclient.so ] ; then - SET_MYSQL="ON" - else - SET_MYSQL="OFF" - fi - if [ "x${ENABLE_LDAP}" = "xYES" -o \ - -f ${PREFIX}/lib/libldap.so -a -f ${PREFIX}/lib/liblber.so ] ; then - SET_LDAP="ON" - else - SET_LDAP="OFF" - fi - - /usr/bin/dialog --title "Additional SASL options" --clear \ - --checklist "\n\ -Please select desired options:" -1 -1 16 \ -DB3 "Berkeley DB package, revision 3" ${SET_DB3} \ -MySQL "MySQL password Authentication" ${SET_MYSQL} \ -OpenLDAP "OpenLDAP password Authentication" ${SET_LDAP} \ -2> $tempfile - - retval=$? - - if [ -s $tempfile ]; then - set `cat $tempfile` - fi - rm -f $tempfile - - case $retval in - 0) if [ -z "$*" ]; then - echo "Nothing selected" - fi - ;; - 1) echo "Cancel pressed." - exit 1 - ;; - esac -fi - -${MKDIR} ${WRKDIRPREFIX}${CURDIR} -exec > ${WRKDIRPREFIX}${CURDIR}/Makefile.inc - -echo "PREFIX= ${PREFIX}" - -while [ "$1" ]; do - case $1 in - \"DB3\") - echo "LIB_DEPENDS+= db3.2:\${PORTSDIR}/databases/db3" - echo "CONFIGURE_ARGS+=--with-dblib=berkeley" - ;; - \"MySQL\") - echo "LIB_DEPENDS+= mysqlclient.10:\${PORTSDIR}/databases/mysql323-client" - echo "CONFIGURE_ARGS+=--with-mysql=\${PREFIX}" - ;; - \"OpenLDAP\") - echo "LIB_DEPENDS+= ldap.1:\${PORTSDIR}/net/openldap" - echo "LIB_DEPENDS+= lber.1:\${PORTSDIR}/net/openldap" - echo "CONFIGURE_ARGS+=--with-ldap=\${PREFIX}" - ;; - *) - echo "Invalid option(s): $*" > /dev/stderr - rm -f ${WRKDIRPREFIX}${CURDIR}/Makefile.inc - exit 1 - ;; - esac - shift -done diff --git a/security/fwbuilder-devel/Makefile b/security/fwbuilder-devel/Makefile deleted file mode 100644 index 35dc824bd9fa..000000000000 --- a/security/fwbuilder-devel/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# New ports collection makefile for: fwbuilder -# Date Created: 3 Feb 2001 -# Whom: Roman Shterenzon <roman@xpert.com> -# -# $FreeBSD$ -# - -PORTNAME= fwbuilder -PORTVERSION= 0.8.7 -PORTREVISION= 1 -CATEGORIES= security -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} -MASTER_SITE_SUBDIR= ${PORTNAME} - -MAINTAINER= roman@xpert.com - -LIB_DEPENDS= gtkmm.2:${PORTSDIR}/x11-toolkits/gtk-- - -USE_GMAKE= yes -USE_X_PREFIX= yes -USE_LIBTOOL= yes -USE_GNOMELIBS= yes -WITHOUT_ESOUND= yes -CONFIGURE_ARGS+= --with-iconsdir=${X11BASE}/share/gnome/fwbuilder/pixmaps/ --with-templatedir=${X11BASE}/share/gnome/fwbuilder - -post-extract: - @${PERL} -pi -e "s/lc_r/pthread/" ${WRKSRC}/configure ;\ - ${PERL} -pi -e "s|/usr/bin|${LOCALBASE}/bin|" ${WRKSRC}/etc/fwbuilder_prefs.xml.in -.for i in compiler-framework/Makefile.in gui/gnome-wrappers/Makefile.in \ - gui/Makefile.in ipchains/Makefile.in ipfilter/Makefile.in \ - iptables/Makefile.in - @${PERL} -pi -e "s|^CFLAGS\s+=\s+-Wall\s+-g|CFLAGS = \@CFLAGS@ -Wall|" ${WRKSRC}/src/$i -.endfor - -.include <bsd.port.mk> diff --git a/security/fwbuilder-devel/distinfo b/security/fwbuilder-devel/distinfo deleted file mode 100644 index 7e90b4806cb2..000000000000 --- a/security/fwbuilder-devel/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (fwbuilder-0.8.7.tar.gz) = 3fb13778a5b998bf31b789d410587221 diff --git a/security/fwbuilder-devel/files/patch-aa b/security/fwbuilder-devel/files/patch-aa deleted file mode 100644 index 8416f7694d3f..000000000000 --- a/security/fwbuilder-devel/files/patch-aa +++ /dev/null @@ -1,23 +0,0 @@ ---- src/compiler-framework/Makefile.in.orig Sat Feb 3 23:11:36 2001 -+++ src/compiler-framework/Makefile.in Sat Feb 3 23:11:57 2001 -@@ -11,7 +11,7 @@ - - CC= @CC@ - INSTALL = @INSTALL@ --INSTALL_PROGRAM=@INSTALL_PROGRAM@ -+INSTALL_DATA=@INSTALL_DATA@ - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - - XML_CFLAGS = @XML_CFLAGS@ -@@ -45,9 +45,9 @@ - - install: $(FWLIB) $(HEADERS) - $(mkinstalldirs) $(libdir) -- $(INSTALL_PROGRAM) $(FWLIB) $(libdir) -+ $(INSTALL_DATA) $(FWLIB) $(libdir) - $(mkinstalldirs) $(includedir) -- $(INSTALL_PROGRAM) $(HEADERS) $(includedir) -+ $(INSTALL_DATA) $(HEADERS) $(includedir) - - - uninstall: diff --git a/security/fwbuilder-devel/files/patch-ab b/security/fwbuilder-devel/files/patch-ab deleted file mode 100644 index baadcf884946..000000000000 --- a/security/fwbuilder-devel/files/patch-ab +++ /dev/null @@ -1,20 +0,0 @@ ---- examples/Makefile.in.orig Sat Feb 3 23:01:10 2001 -+++ examples/Makefile.in Sat Feb 3 23:01:36 2001 -@@ -13,7 +13,7 @@ - examplesdir = $(docdir) - - INSTALL = @INSTALL@ --INSTALL_PROGRAM=@INSTALL_PROGRAM@ -+INSTALL_DATA=@INSTALL_DATA@ - - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - -@@ -24,7 +24,7 @@ - - install: - $(mkinstalldirs) $(examplesdir) -- $(INSTALL_PROGRAM) -m 0644 $(EXAMPLES) $(examplesdir) -+ $(INSTALL_DATA) $(EXAMPLES) $(examplesdir) - - uninstall: - list='$(EXAMPLES)'; for file in $$list; do \ diff --git a/security/fwbuilder-devel/files/patch-ac b/security/fwbuilder-devel/files/patch-ac deleted file mode 100644 index 91181f8d26e1..000000000000 --- a/security/fwbuilder-devel/files/patch-ac +++ /dev/null @@ -1,20 +0,0 @@ ---- doc/Makefile.in.orig Sat Feb 3 23:04:02 2001 -+++ doc/Makefile.in Sat Feb 3 23:03:24 2001 -@@ -12,7 +12,7 @@ - docdir = @DOCDIR@/fwbuilder - - INSTALL = @INSTALL@ --INSTALL_PROGRAM=@INSTALL_PROGRAM@ -+INSTALL_DATA=@INSTALL_DATA@ - - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - -@@ -33,7 +33,7 @@ - - install: - $(mkinstalldirs) $(docdir) -- $(INSTALL_PROGRAM) -m 0644 $(DOCS) $(docdir) -+ $(INSTALL_DATA) $(DOCS) $(docdir) - - uninstall: - list='$(DOCS)'; for file in $$list; do \ diff --git a/security/fwbuilder-devel/files/patch-ad b/security/fwbuilder-devel/files/patch-ad deleted file mode 100644 index 4fefde3c0957..000000000000 --- a/security/fwbuilder-devel/files/patch-ad +++ /dev/null @@ -1,24 +0,0 @@ ---- etc/Makefile.in.orig Sat Feb 3 23:10:14 2001 -+++ etc/Makefile.in Sat Feb 3 23:10:40 2001 -@@ -11,7 +11,7 @@ - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - - INSTALL = @INSTALL@ --INSTALL_PROGRAM = @INSTALL_PROGRAM@ -+INSTALL_DATA = @INSTALL_DATA@ - - all: fwbuilder_prefs.xml - -@@ -27,9 +27,9 @@ - - install: objects_init.xml fwbuilder_prefs.xml - $(mkinstalldirs) $(datadir) -- $(INSTALL_PROGRAM) objects_init.xml $(datadir) -- $(INSTALL_PROGRAM) fwbuilder_prefs.xml $(datadir) -- $(INSTALL_PROGRAM) fwbuilder.dtd $(datadir) -+ $(INSTALL_DATA) objects_init.xml $(datadir) -+ $(INSTALL_DATA) fwbuilder_prefs.xml $(datadir) -+ $(INSTALL_DATA) fwbuilder.dtd $(datadir) - - uninstall: - rm -f $(datadir)/objects_init.xml diff --git a/security/fwbuilder-devel/files/patch-ae b/security/fwbuilder-devel/files/patch-ae deleted file mode 100644 index 990955c205ca..000000000000 --- a/security/fwbuilder-devel/files/patch-ae +++ /dev/null @@ -1,11 +0,0 @@ ---- src/gui/Makefile.in.orig Wed Mar 21 01:56:07 2001 -+++ src/gui/Makefile.in Wed Mar 21 01:58:19 2001 -@@ -9,7 +9,7 @@ - exec_prefix = @exec_prefix@ - bindir = @bindir@ - sbindir = @sbindir@ --iconsdir = $(prefix)/share/pixmaps/fwbuilder -+iconsdir = @datadir@/fwbuilder/pixmaps - - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - diff --git a/security/fwbuilder-devel/pkg-comment b/security/fwbuilder-devel/pkg-comment deleted file mode 100644 index 59a15672ff03..000000000000 --- a/security/fwbuilder-devel/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -Firewall Builder GUI for IPFilter diff --git a/security/fwbuilder-devel/pkg-descr b/security/fwbuilder-devel/pkg-descr deleted file mode 100644 index e6968c1ca2bb..000000000000 --- a/security/fwbuilder-devel/pkg-descr +++ /dev/null @@ -1,20 +0,0 @@ -Firewall Builder consists of object-oriented GUI and set of policy compilers -for various firewall platforms. In Firewall Builder, firewall policy is a set -of rules, each rule consists of abstract objects which represent real network -objects and services (hosts, routers, firewalls, networks, protocols). -Firewall Builder helps user maintain database of objects and allows policy -editing using simple drag-and-drop operations. - -Preferences and objects databases are stored in XML format. -GUI and policy compilers are completely independent. Support for a new firewall -platform can be added to GUI without any changes done to the program, although -new policy compiler must be written. This provides for consistent abstract -model and the same GUI for different firewall platforms. Currently three most -popular free firewalls are supported: ipchains, iptables and ipfilter. -Because of this, Firewall Builder can be used to manage firewalls built on -variety of platforms including, but not limited to, Linux running ipchains or -iptables and FreeBSD or Solaris running ipfilter. - -WWW: http://www.crocodile.org/~vadim/fwbuilder/ - -Roman Shterenzon <roman@xpert.com> diff --git a/security/fwbuilder-devel/pkg-plist b/security/fwbuilder-devel/pkg-plist deleted file mode 100644 index 421602f42d3f..000000000000 --- a/security/fwbuilder-devel/pkg-plist +++ /dev/null @@ -1,53 +0,0 @@ -bin/fwb_ipchains -bin/fwb_ipfilter -bin/fwb_iptables -bin/fwbuilder -include/fwcompiler.h -lib/libfwcompiler.a -share/doc/fwbuilder/AUTHORS -share/doc/fwbuilder/COPYING -share/doc/fwbuilder/ChangeLog -share/doc/fwbuilder/Credits -share/doc/fwbuilder/FAQ -share/doc/fwbuilder/NEWS -share/doc/fwbuilder/README.compiler-framework -share/doc/fwbuilder/README.examples -share/doc/fwbuilder/README.gui -share/doc/fwbuilder/README.ipchains -share/doc/fwbuilder/README.ipfilter -share/doc/fwbuilder/Requirements -share/doc/fwbuilder/objects.xml -share/gnome/fwbuilder/fwbuilder.dtd -share/gnome/fwbuilder/fwbuilder_prefs.xml -share/gnome/fwbuilder/objects_init.xml -share/gnome/fwbuilder/pixmaps/accept.png -share/gnome/fwbuilder/pixmaps/blank.xpm -share/gnome/fwbuilder/pixmaps/check.xpm -share/gnome/fwbuilder/pixmaps/clock.png -share/gnome/fwbuilder/pixmaps/deny.png -share/gnome/fwbuilder/pixmaps/drag_object.xpm -share/gnome/fwbuilder/pixmaps/error.png -share/gnome/fwbuilder/pixmaps/firewall.png -share/gnome/fwbuilder/pixmaps/firewall_64.png -share/gnome/fwbuilder/pixmaps/folder.png -share/gnome/fwbuilder/pixmaps/folder_64.png -share/gnome/fwbuilder/pixmaps/generic.xpm -share/gnome/fwbuilder/pixmaps/host.png -share/gnome/fwbuilder/pixmaps/host_64.png -share/gnome/fwbuilder/pixmaps/icmp.xpm -share/gnome/fwbuilder/pixmaps/interface.xpm -share/gnome/fwbuilder/pixmaps/ip.xpm -share/gnome/fwbuilder/pixmaps/log.png -share/gnome/fwbuilder/pixmaps/neg.xpm -share/gnome/fwbuilder/pixmaps/net.png -share/gnome/fwbuilder/pixmaps/net_64.png -share/gnome/fwbuilder/pixmaps/question.png -share/gnome/fwbuilder/pixmaps/ref.xpm -share/gnome/fwbuilder/pixmaps/reject.png -share/gnome/fwbuilder/pixmaps/tcp.xpm -share/gnome/fwbuilder/pixmaps/udp.xpm -share/gnome/fwbuilder/pixmaps/uncheck.xpm -share/gnome/fwbuilder/pixmaps/warning.xpm -@dirrm share/doc/fwbuilder -@dirrm share/gnome/fwbuilder/pixmaps -@dirrm share/gnome/fwbuilder diff --git a/security/fwbuilder2/Makefile b/security/fwbuilder2/Makefile deleted file mode 100644 index 35dc824bd9fa..000000000000 --- a/security/fwbuilder2/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# New ports collection makefile for: fwbuilder -# Date Created: 3 Feb 2001 -# Whom: Roman Shterenzon <roman@xpert.com> -# -# $FreeBSD$ -# - -PORTNAME= fwbuilder -PORTVERSION= 0.8.7 -PORTREVISION= 1 -CATEGORIES= security -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} -MASTER_SITE_SUBDIR= ${PORTNAME} - -MAINTAINER= roman@xpert.com - -LIB_DEPENDS= gtkmm.2:${PORTSDIR}/x11-toolkits/gtk-- - -USE_GMAKE= yes -USE_X_PREFIX= yes -USE_LIBTOOL= yes -USE_GNOMELIBS= yes -WITHOUT_ESOUND= yes -CONFIGURE_ARGS+= --with-iconsdir=${X11BASE}/share/gnome/fwbuilder/pixmaps/ --with-templatedir=${X11BASE}/share/gnome/fwbuilder - -post-extract: - @${PERL} -pi -e "s/lc_r/pthread/" ${WRKSRC}/configure ;\ - ${PERL} -pi -e "s|/usr/bin|${LOCALBASE}/bin|" ${WRKSRC}/etc/fwbuilder_prefs.xml.in -.for i in compiler-framework/Makefile.in gui/gnome-wrappers/Makefile.in \ - gui/Makefile.in ipchains/Makefile.in ipfilter/Makefile.in \ - iptables/Makefile.in - @${PERL} -pi -e "s|^CFLAGS\s+=\s+-Wall\s+-g|CFLAGS = \@CFLAGS@ -Wall|" ${WRKSRC}/src/$i -.endfor - -.include <bsd.port.mk> diff --git a/security/fwbuilder2/distinfo b/security/fwbuilder2/distinfo deleted file mode 100644 index 7e90b4806cb2..000000000000 --- a/security/fwbuilder2/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (fwbuilder-0.8.7.tar.gz) = 3fb13778a5b998bf31b789d410587221 diff --git a/security/fwbuilder2/files/patch-aa b/security/fwbuilder2/files/patch-aa deleted file mode 100644 index 8416f7694d3f..000000000000 --- a/security/fwbuilder2/files/patch-aa +++ /dev/null @@ -1,23 +0,0 @@ ---- src/compiler-framework/Makefile.in.orig Sat Feb 3 23:11:36 2001 -+++ src/compiler-framework/Makefile.in Sat Feb 3 23:11:57 2001 -@@ -11,7 +11,7 @@ - - CC= @CC@ - INSTALL = @INSTALL@ --INSTALL_PROGRAM=@INSTALL_PROGRAM@ -+INSTALL_DATA=@INSTALL_DATA@ - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - - XML_CFLAGS = @XML_CFLAGS@ -@@ -45,9 +45,9 @@ - - install: $(FWLIB) $(HEADERS) - $(mkinstalldirs) $(libdir) -- $(INSTALL_PROGRAM) $(FWLIB) $(libdir) -+ $(INSTALL_DATA) $(FWLIB) $(libdir) - $(mkinstalldirs) $(includedir) -- $(INSTALL_PROGRAM) $(HEADERS) $(includedir) -+ $(INSTALL_DATA) $(HEADERS) $(includedir) - - - uninstall: diff --git a/security/fwbuilder2/files/patch-ab b/security/fwbuilder2/files/patch-ab deleted file mode 100644 index baadcf884946..000000000000 --- a/security/fwbuilder2/files/patch-ab +++ /dev/null @@ -1,20 +0,0 @@ ---- examples/Makefile.in.orig Sat Feb 3 23:01:10 2001 -+++ examples/Makefile.in Sat Feb 3 23:01:36 2001 -@@ -13,7 +13,7 @@ - examplesdir = $(docdir) - - INSTALL = @INSTALL@ --INSTALL_PROGRAM=@INSTALL_PROGRAM@ -+INSTALL_DATA=@INSTALL_DATA@ - - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - -@@ -24,7 +24,7 @@ - - install: - $(mkinstalldirs) $(examplesdir) -- $(INSTALL_PROGRAM) -m 0644 $(EXAMPLES) $(examplesdir) -+ $(INSTALL_DATA) $(EXAMPLES) $(examplesdir) - - uninstall: - list='$(EXAMPLES)'; for file in $$list; do \ diff --git a/security/fwbuilder2/files/patch-ac b/security/fwbuilder2/files/patch-ac deleted file mode 100644 index 91181f8d26e1..000000000000 --- a/security/fwbuilder2/files/patch-ac +++ /dev/null @@ -1,20 +0,0 @@ ---- doc/Makefile.in.orig Sat Feb 3 23:04:02 2001 -+++ doc/Makefile.in Sat Feb 3 23:03:24 2001 -@@ -12,7 +12,7 @@ - docdir = @DOCDIR@/fwbuilder - - INSTALL = @INSTALL@ --INSTALL_PROGRAM=@INSTALL_PROGRAM@ -+INSTALL_DATA=@INSTALL_DATA@ - - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - -@@ -33,7 +33,7 @@ - - install: - $(mkinstalldirs) $(docdir) -- $(INSTALL_PROGRAM) -m 0644 $(DOCS) $(docdir) -+ $(INSTALL_DATA) $(DOCS) $(docdir) - - uninstall: - list='$(DOCS)'; for file in $$list; do \ diff --git a/security/fwbuilder2/files/patch-ad b/security/fwbuilder2/files/patch-ad deleted file mode 100644 index 4fefde3c0957..000000000000 --- a/security/fwbuilder2/files/patch-ad +++ /dev/null @@ -1,24 +0,0 @@ ---- etc/Makefile.in.orig Sat Feb 3 23:10:14 2001 -+++ etc/Makefile.in Sat Feb 3 23:10:40 2001 -@@ -11,7 +11,7 @@ - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - - INSTALL = @INSTALL@ --INSTALL_PROGRAM = @INSTALL_PROGRAM@ -+INSTALL_DATA = @INSTALL_DATA@ - - all: fwbuilder_prefs.xml - -@@ -27,9 +27,9 @@ - - install: objects_init.xml fwbuilder_prefs.xml - $(mkinstalldirs) $(datadir) -- $(INSTALL_PROGRAM) objects_init.xml $(datadir) -- $(INSTALL_PROGRAM) fwbuilder_prefs.xml $(datadir) -- $(INSTALL_PROGRAM) fwbuilder.dtd $(datadir) -+ $(INSTALL_DATA) objects_init.xml $(datadir) -+ $(INSTALL_DATA) fwbuilder_prefs.xml $(datadir) -+ $(INSTALL_DATA) fwbuilder.dtd $(datadir) - - uninstall: - rm -f $(datadir)/objects_init.xml diff --git a/security/fwbuilder2/files/patch-ae b/security/fwbuilder2/files/patch-ae deleted file mode 100644 index 990955c205ca..000000000000 --- a/security/fwbuilder2/files/patch-ae +++ /dev/null @@ -1,11 +0,0 @@ ---- src/gui/Makefile.in.orig Wed Mar 21 01:56:07 2001 -+++ src/gui/Makefile.in Wed Mar 21 01:58:19 2001 -@@ -9,7 +9,7 @@ - exec_prefix = @exec_prefix@ - bindir = @bindir@ - sbindir = @sbindir@ --iconsdir = $(prefix)/share/pixmaps/fwbuilder -+iconsdir = @datadir@/fwbuilder/pixmaps - - mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs - diff --git a/security/fwbuilder2/pkg-comment b/security/fwbuilder2/pkg-comment deleted file mode 100644 index 59a15672ff03..000000000000 --- a/security/fwbuilder2/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -Firewall Builder GUI for IPFilter diff --git a/security/fwbuilder2/pkg-descr b/security/fwbuilder2/pkg-descr deleted file mode 100644 index e6968c1ca2bb..000000000000 --- a/security/fwbuilder2/pkg-descr +++ /dev/null @@ -1,20 +0,0 @@ -Firewall Builder consists of object-oriented GUI and set of policy compilers -for various firewall platforms. In Firewall Builder, firewall policy is a set -of rules, each rule consists of abstract objects which represent real network -objects and services (hosts, routers, firewalls, networks, protocols). -Firewall Builder helps user maintain database of objects and allows policy -editing using simple drag-and-drop operations. - -Preferences and objects databases are stored in XML format. -GUI and policy compilers are completely independent. Support for a new firewall -platform can be added to GUI without any changes done to the program, although -new policy compiler must be written. This provides for consistent abstract -model and the same GUI for different firewall platforms. Currently three most -popular free firewalls are supported: ipchains, iptables and ipfilter. -Because of this, Firewall Builder can be used to manage firewalls built on -variety of platforms including, but not limited to, Linux running ipchains or -iptables and FreeBSD or Solaris running ipfilter. - -WWW: http://www.crocodile.org/~vadim/fwbuilder/ - -Roman Shterenzon <roman@xpert.com> diff --git a/security/fwbuilder2/pkg-plist b/security/fwbuilder2/pkg-plist deleted file mode 100644 index 421602f42d3f..000000000000 --- a/security/fwbuilder2/pkg-plist +++ /dev/null @@ -1,53 +0,0 @@ -bin/fwb_ipchains -bin/fwb_ipfilter -bin/fwb_iptables -bin/fwbuilder -include/fwcompiler.h -lib/libfwcompiler.a -share/doc/fwbuilder/AUTHORS -share/doc/fwbuilder/COPYING -share/doc/fwbuilder/ChangeLog -share/doc/fwbuilder/Credits -share/doc/fwbuilder/FAQ -share/doc/fwbuilder/NEWS -share/doc/fwbuilder/README.compiler-framework -share/doc/fwbuilder/README.examples -share/doc/fwbuilder/README.gui -share/doc/fwbuilder/README.ipchains -share/doc/fwbuilder/README.ipfilter -share/doc/fwbuilder/Requirements -share/doc/fwbuilder/objects.xml -share/gnome/fwbuilder/fwbuilder.dtd -share/gnome/fwbuilder/fwbuilder_prefs.xml -share/gnome/fwbuilder/objects_init.xml -share/gnome/fwbuilder/pixmaps/accept.png -share/gnome/fwbuilder/pixmaps/blank.xpm -share/gnome/fwbuilder/pixmaps/check.xpm -share/gnome/fwbuilder/pixmaps/clock.png -share/gnome/fwbuilder/pixmaps/deny.png -share/gnome/fwbuilder/pixmaps/drag_object.xpm -share/gnome/fwbuilder/pixmaps/error.png -share/gnome/fwbuilder/pixmaps/firewall.png -share/gnome/fwbuilder/pixmaps/firewall_64.png -share/gnome/fwbuilder/pixmaps/folder.png -share/gnome/fwbuilder/pixmaps/folder_64.png -share/gnome/fwbuilder/pixmaps/generic.xpm -share/gnome/fwbuilder/pixmaps/host.png -share/gnome/fwbuilder/pixmaps/host_64.png -share/gnome/fwbuilder/pixmaps/icmp.xpm -share/gnome/fwbuilder/pixmaps/interface.xpm -share/gnome/fwbuilder/pixmaps/ip.xpm -share/gnome/fwbuilder/pixmaps/log.png -share/gnome/fwbuilder/pixmaps/neg.xpm -share/gnome/fwbuilder/pixmaps/net.png -share/gnome/fwbuilder/pixmaps/net_64.png -share/gnome/fwbuilder/pixmaps/question.png -share/gnome/fwbuilder/pixmaps/ref.xpm -share/gnome/fwbuilder/pixmaps/reject.png -share/gnome/fwbuilder/pixmaps/tcp.xpm -share/gnome/fwbuilder/pixmaps/udp.xpm -share/gnome/fwbuilder/pixmaps/uncheck.xpm -share/gnome/fwbuilder/pixmaps/warning.xpm -@dirrm share/doc/fwbuilder -@dirrm share/gnome/fwbuilder/pixmaps -@dirrm share/gnome/fwbuilder diff --git a/security/gnupg1/Makefile b/security/gnupg1/Makefile deleted file mode 100644 index c684875ade37..000000000000 --- a/security/gnupg1/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# New ports collection makefile for: gnupg -# Date created: Sep 30, 1998 -# Whom: kuriyama@FreeBSD.org -# -# $FreeBSD$ -# - -PORTNAME= gnupg -PORTVERSION= 1.0.6 -PORTREVISION= 1 -CATEGORIES= security -MASTER_SITES= ftp://ftp.gnupg.org/pub/gcrypt/%SUBDIR%/ \ - ftp://pgp.iijlab.net/pub/%SUBDIR%/ \ - ${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/gnupg/&,} -MASTER_SITE_SUBDIR= gnupg - -MAINTAINER= kuriyama@FreeBSD.org - -#RESTRICTED= "Crypto; export-controlled" -GNU_CONFIGURE= YES -CONFIGURE_ARGS= --with-included-gettext -MAN1= gpg.1 gpgv.1 -MLINKS= gpg.1 gpgm.1 - -.include <bsd.port.pre.mk> - -.if ${OSVERSION} < 300000 -USE_GMAKE= YES -.endif -CFLAGS:= ${CFLAGS:S/-pipe//g} - -post-install: -.if !defined(NOPORTDOCS) - ${MKDIR} ${PREFIX}/share/doc/gnupg -.for i in DETAILS FAQ HACKING OpenPGP - ${INSTALL_DATA} ${WRKSRC}/doc/${i} ${PREFIX}/share/doc/gnupg -.endfor -.for i in ABOUT-NLS AUTHORS BUGS COPYING INSTALL NEWS PROJECTS \ - README THANKS TODO VERSION - ${INSTALL_DATA} ${WRKSRC}/${i} ${PREFIX}/share/doc/gnupg -.endfor -.endif -# ${CHMOD} u+s ${PREFIX}/bin/gpg - -check: - (cd ${WRKSRC}; ${MAKE} check) - -.include <bsd.port.post.mk> diff --git a/security/gnupg1/distinfo b/security/gnupg1/distinfo deleted file mode 100644 index 066384ad17c5..000000000000 --- a/security/gnupg1/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (gnupg-1.0.6.tar.gz) = 7c319a9e5e70ad9bc3bf0d7b5008a508 diff --git a/security/gnupg1/pkg-comment b/security/gnupg1/pkg-comment deleted file mode 100644 index 6848290e02ab..000000000000 --- a/security/gnupg1/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -The GNU Privacy Guard diff --git a/security/gnupg1/pkg-descr b/security/gnupg1/pkg-descr deleted file mode 100644 index 4ad9fb265d00..000000000000 --- a/security/gnupg1/pkg-descr +++ /dev/null @@ -1,9 +0,0 @@ -GnuPG is a complete and free replacement for PGP. - -Because it does not use the patented IDEA algorithm, it can be used -without any restrictions. GnuPG is an RFC2440 (OpenPGP) compliant -application. - -WWW: http://www.gnupg.org/ - -kuriyama@FreeBSD.org diff --git a/security/gnupg1/pkg-plist b/security/gnupg1/pkg-plist deleted file mode 100644 index 543700826619..000000000000 --- a/security/gnupg1/pkg-plist +++ /dev/null @@ -1,78 +0,0 @@ -bin/gpg -bin/gpgv -info/gpg.info -info/gpgv.info -lib/charset.alias -lib/gnupg/rndegd -lib/gnupg/rndunix -lib/gnupg/tiger -share/gnupg/FAQ -share/gnupg/faq.html -share/gnupg/options.skel -share/locale/locale.alias -share/locale/da/LC_MESSAGES/gnupg.mo -share/locale/de/LC_MESSAGES/gnupg.mo -share/locale/eo/LC_MESSAGES/gnupg.mo -share/locale/es_ES/LC_MESSAGES/gnupg.mo -share/locale/et/LC_MESSAGES/gnupg.mo -share/locale/fr/LC_MESSAGES/gnupg.mo -share/locale/id/LC_MESSAGES/gnupg.mo -share/locale/it/LC_MESSAGES/gnupg.mo -share/locale/ja/LC_MESSAGES/gnupg.mo -share/locale/nl/LC_MESSAGES/gnupg.mo -share/locale/pl/LC_MESSAGES/gnupg.mo -share/locale/pt_BR/LC_MESSAGES/gnupg.mo -share/locale/pt_PT/LC_MESSAGES/gnupg.mo -share/locale/sv/LC_MESSAGES/gnupg.mo -share/locale/tr/LC_MESSAGES/gnupg.mo -share/doc/gnupg/README -share/doc/gnupg/DETAILS -share/doc/gnupg/FAQ -share/doc/gnupg/HACKING -share/doc/gnupg/OpenPGP -share/doc/gnupg/ABOUT-NLS -share/doc/gnupg/AUTHORS -share/doc/gnupg/BUGS -share/doc/gnupg/COPYING -share/doc/gnupg/INSTALL -share/doc/gnupg/NEWS -share/doc/gnupg/PROJECTS -share/doc/gnupg/THANKS -share/doc/gnupg/TODO -share/doc/gnupg/VERSION -@dirrm lib/gnupg -@dirrm share/gnupg -@unexec rmdir %D/share/locale/da/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/da 2>/dev/null || true -@unexec rmdir %D/share/locale/de/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/de 2>/dev/null || true -@unexec rmdir %D/share/locale/et/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/et 2>/dev/null || true -@unexec rmdir %D/share/locale/es_ES/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/es_ES 2>/dev/null || true -@unexec rmdir %D/share/locale/eo/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/eo 2>/dev/null || true -@unexec rmdir %D/share/locale/fr/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/fr 2>/dev/null || true -@unexec rmdir %D/share/locale/id/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/id 2>/dev/null || true -@unexec rmdir %D/share/locale/it/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/it 2>/dev/null || true -@unexec rmdir %D/share/locale/ja/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/ja 2>/dev/null || true -@unexec rmdir %D/share/locale/nl/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/nl 2>/dev/null || true -@unexec rmdir %D/share/locale/pl/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/pl 2>/dev/null || true -@unexec rmdir %D/share/locale/pt_BR/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/pt_BR 2>/dev/null || true -@unexec rmdir %D/share/locale/pt_PT/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/pt_PT 2>/dev/null || true -@unexec rmdir %D/share/locale/ru/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/ru 2>/dev/null || true -@unexec rmdir %D/share/locale/sv/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/sv 2>/dev/null || true -@unexec rmdir %D/share/locale/tr/LC_MESSAGES 2>/dev/null || true -@unexec rmdir %D/share/locale/tr 2>/dev/null || true -@unexec rmdir %D/share/locale 2>/dev/null || true -@dirrm share/doc/gnupg diff --git a/security/gpgme03/Makefile b/security/gpgme03/Makefile deleted file mode 100644 index 43b77224f4b7..000000000000 --- a/security/gpgme03/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# New ports collection makefile for: gpgme -# Date created: 15 June 2001 -# Whom: teramoto@comm.eng.osaka-u.ac.jp -# -# $FreeBSD$ -# - -PORTNAME= gpgme -PORTVERSION= 0.2.2 -CATEGORIES= security -MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/alpha/gpgme/ - -MAINTAINER= teramoto@comm.eng.osaka-u.ac.jp - -BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg - -USE_LIBTOOL= yes -USE_GMAKE= yes -INSTALLS_SHLIB= yes - -.include <bsd.port.mk> diff --git a/security/gpgme03/distinfo b/security/gpgme03/distinfo deleted file mode 100644 index 33a4e1002db4..000000000000 --- a/security/gpgme03/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (gpgme-0.2.2.tar.gz) = 5ac08884612ad7fd5bdb640e4b949c79 diff --git a/security/gpgme03/pkg-comment b/security/gpgme03/pkg-comment deleted file mode 100644 index 71cad263dfb7..000000000000 --- a/security/gpgme03/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -A library to make access to GnuPG easier diff --git a/security/gpgme03/pkg-descr b/security/gpgme03/pkg-descr deleted file mode 100644 index 778dff2375ab..000000000000 --- a/security/gpgme03/pkg-descr +++ /dev/null @@ -1,6 +0,0 @@ -GPGME(GnuPG Make Easy) is a library desined to make access -to GnuPG easier for applications. - -WWW: http://www.gnupg.org/gpgme/ - -tetarmoto@comm.eng.osaka-u.ac.jp diff --git a/security/gpgme03/pkg-plist b/security/gpgme03/pkg-plist deleted file mode 100644 index a6e87b096c52..000000000000 --- a/security/gpgme03/pkg-plist +++ /dev/null @@ -1,6 +0,0 @@ -bin/gpgme-config -include/gpgme.h -lib/libgpgme.a -lib/libgpgme.so -lib/libgpgme.so.3 -share/aclocal/gpgme.m4 diff --git a/security/hpn-ssh/Makefile b/security/hpn-ssh/Makefile deleted file mode 100644 index df1724ad80a0..000000000000 --- a/security/hpn-ssh/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -# New ports collection makefile for: openssh -# Date created: 18 Mar 1999 -# Whom: dwcjr@inethouston.net -# -# $FreeBSD$ -# - -PORTNAME= openssh -PORTVERSION= 2.9p2 -CATEGORIES= security ipv6 -MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ - ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \ - ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/ -PKGNAMESUFFIX= -portable - -MAINTAINER= dwcjr@FreeBSD.org - -MAN1= sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1 -MLINKS= ssh.1 slogin.1 -MAN8= sftp-server.8 sshd.8 - -CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto -USE_OPENSSL= YES -GNU_CONFIGURE= yes -CONFIGURE_ARGS?= --prefix=${PREFIX} - -.if exists(/usr/include/security/pam_modules.h) -CONFIGURE_ARGS+= --with-pam -.endif - -.if exists(/usr/include/tcpd.h) -CONFIGURE_ARGS+= --with-tcp-wrappers -.endif - -post-install: - @${CAT} ${PKGMESSAGE} - -.include <bsd.port.mk> diff --git a/security/hpn-ssh/distinfo b/security/hpn-ssh/distinfo deleted file mode 100644 index 1643af453488..000000000000 --- a/security/hpn-ssh/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (openssh-2.9p2.tar.gz) = fb5ea44cb5a894bed7b610c5a517542d diff --git a/security/hpn-ssh/files/patch-auth.c b/security/hpn-ssh/files/patch-auth.c deleted file mode 100644 index 99c9d0c1550e..000000000000 --- a/security/hpn-ssh/files/patch-auth.c +++ /dev/null @@ -1,20 +0,0 @@ ---- auth.c.orig Mon Mar 19 23:15:57 2001 -+++ auth.c Fri Jun 1 07:59:43 2001 -@@ -158,6 +158,17 @@ - } - #endif /* WITH_AIXAUTHENTICATE */ - -+#ifdef __FreeBSD__ -+ /* Fail if the account's expiration time has passed. */ -+ if (pw->pw_expire != 0) { -+ struct timeval tv; -+ -+ (void)gettimeofday(&tv, NULL); -+ if (tv.tv_sec >= pw->pw_expire) -+ return 0; -+ } -+#endif /* __FreeBSD__ */ -+ - /* We found no reason not to let this user try to log on... */ - return 1; - } diff --git a/security/hpn-ssh/files/patch-clientloop.c b/security/hpn-ssh/files/patch-clientloop.c deleted file mode 100644 index 67fc4dcb4f6b..000000000000 --- a/security/hpn-ssh/files/patch-clientloop.c +++ /dev/null @@ -1,11 +0,0 @@ ---- clientloop.c.orig Fri Apr 20 09:17:51 2001 -+++ clientloop.c Sat May 26 15:18:51 2001 -@@ -1131,7 +1131,7 @@ - - if (strcmp(ctype, "forwarded-tcpip") == 0) { - c = client_request_forwarded_tcpip(ctype, rchan); -- } else if (strcmp(ctype, "x11") == 0) { -+ } else if (strcmp(ctype, "x11") == 0 && options.forward_x11) { - c = client_request_x11(ctype, rchan); - } else if (strcmp(ctype, "auth-agent@openssh.com") == 0) { - c = client_request_agent(ctype, rchan); diff --git a/security/hpn-ssh/files/patch-cookie b/security/hpn-ssh/files/patch-cookie deleted file mode 100644 index 4b7d3b7c7d73..000000000000 --- a/security/hpn-ssh/files/patch-cookie +++ /dev/null @@ -1,66 +0,0 @@ ---- channels.c.orig Tue Apr 17 14:55:03 2001 -+++ channels.c Sat Jun 9 06:43:41 2001 -@@ -1612,7 +1612,7 @@ - switch (channels[i].type) { - case SSH_CHANNEL_AUTH_SOCKET: - close(channels[i].sock); -- unlink(channels[i].path); -+ /* auth_sock_cleanup_proc deletes the socket */ - channel_free(i); - break; - case SSH_CHANNEL_PORT_LISTENER: ---- session.c.orig Sun Jun 17 05:40:51 2001 -+++ session.c Sun Aug 19 18:20:27 2001 -@@ -235,6 +235,7 @@ - int success, type, n_bytes, plen, screen_flag, have_pty = 0; - int compression_level = 0, enable_compression_after_reply = 0; - u_int proto_len, data_len, dlen; -+ struct stat st; - - s = session_new(); - s->pw = authctxt->pw; -@@ -317,7 +318,8 @@ - packet_send_debug("X11 forwarding disabled in server configuration file."); - break; - } -- if (!options.xauth_location) { -+ if (!options.xauth_location || -+ (stat(options.xauth_location, &st) == -1)) { - packet_send_debug("No xauth program; cannot forward with spoofing."); - break; - } -@@ -1384,10 +1386,11 @@ - if (!options.use_login) { - /* ignore _PATH_SSH_USER_RC for subsystems */ - if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { -+ snprintf(cmd, sizeof cmd, "%s -c '%s %s'", -+ shell, _PATH_BSHELL, _PATH_SSH_USER_RC); - if (debug_flag) -- fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, -- _PATH_SSH_USER_RC); -- f = popen(_PATH_BSHELL " " _PATH_SSH_USER_RC, "w"); -+ fprintf(stderr, "Running %s\n", cmd); -+ f = popen(cmd, "w"); - if (f) { - if (do_xauth) - fprintf(f, "%s %s\n", s->auth_proto, -@@ -1707,12 +1710,19 @@ - int - session_x11_req(Session *s) - { -+ struct stat st; -+ - if (no_x11_forwarding_flag) { - debug("X11 forwarding disabled in user configuration file."); - return 0; - } - if (!options.x11_forwarding) { - debug("X11 forwarding disabled in server configuration file."); -+ return 0; -+ } -+ if (!options.xauth_location || -+ (stat(options.xauth_location, &st) == -1)) { -+ packet_send_debug("No xauth program; cannot forward with spoofig."); - return 0; - } - debug("Received request for X11 forwarding with auth spoofing."); diff --git a/security/hpn-ssh/files/patch-misc.c b/security/hpn-ssh/files/patch-misc.c deleted file mode 100644 index 0f8ef065fec0..000000000000 --- a/security/hpn-ssh/files/patch-misc.c +++ /dev/null @@ -1,13 +0,0 @@ ---- misc.c.orig Thu Apr 12 22:09:37 2001 -+++ misc.c Sat May 26 15:39:25 2001 -@@ -111,6 +111,10 @@ - copy->pw_class = xstrdup(pw->pw_class); - copy->pw_dir = xstrdup(pw->pw_dir); - copy->pw_shell = xstrdup(pw->pw_shell); -+#ifdef __FreeBSD__ -+ copy->pw_expire = pw->pw_expire; -+ copy->pw_change = pw->pw_change; -+#endif /* __FreeBSD__ */ - return copy; - } - diff --git a/security/hpn-ssh/files/patch-session.c b/security/hpn-ssh/files/patch-session.c deleted file mode 100644 index 57febb0f33b7..000000000000 --- a/security/hpn-ssh/files/patch-session.c +++ /dev/null @@ -1,102 +0,0 @@ ---- session.c.orig Sun Jun 10 17:22:44 2001 -+++ session.c Sun Jun 10 17:23:22 2001 -@@ -514,6 +514,13 @@ - log_init(__progname, options.log_level, options.log_facility, log_stderr); - - /* -+ * Using login and executing a specific "command" are mutually -+ * exclusive, so turn off use_login if there's a command. -+ */ -+ if (command != NULL) -+ options.use_login = 0; -+ -+ /* - * Create a new session and process group since the 4.4BSD - * setlogin() affects the entire process group. - */ -@@ -628,6 +635,13 @@ - /* Child. Reinitialize the log because the pid has changed. */ - log_init(__progname, options.log_level, options.log_facility, log_stderr); - -+ /* -+ * Using login and executing a specific "command" are mutually -+ * exclusive, so turn off use_login if there's a command. -+ */ -+ if (command != NULL) -+ options.use_login = 0; -+ - /* Close the master side of the pseudo tty. */ - close(ptyfd); - -@@ -707,6 +721,11 @@ - time_t last_login_time; - struct passwd * pw = s->pw; - pid_t pid = getpid(); -+#ifdef HAVE_LOGIN_CAP -+ FILE *f; -+ char buf[256]; -+ char *fname; -+#endif /* HAVE_LOGIN_CAP */ - - /* - * Get IP address of client. If the connection is not a socket, let -@@ -767,6 +786,21 @@ - printf("Last login: %s from %s\r\n", time_string, hostname); - } - -+#ifdef HAVE_LOGIN_CAP -+ if (!options.use_login) { -+ fname = login_getcapstr(lc, "copyright", NULL, NULL); -+ if (fname != NULL && (f = fopen(fname, "r")) != NULL) { -+ while (fgets(buf, sizeof(buf), f) != NULL) -+ fputs(buf, stdout); -+ fclose(f); -+ } else -+ (void)printf("%s\n\t%s %s\n", -+ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", -+ "The Regents of the University of California. ", -+ "All rights reserved."); -+ } -+#endif /* HAVE_LOGIN_CAP */ -+ - do_motd(); - } - -@@ -1376,7 +1410,7 @@ - * initgroups, because at least on Solaris 2.3 it leaves file - * descriptors open. - */ -- for (i = 3; i < 64; i++) -+ for (i = 3; i < getdtablesize(); i++) - close(i); - - /* Change current directory to the user\'s home directory. */ -@@ -1400,6 +1434,28 @@ - * in this order). - */ - if (!options.use_login) { -+#ifdef __FreeBSD__ -+ /* -+ * If the password change time is set and has passed, give the -+ * user a password expiry notice and chance to change it. -+ */ -+ if (pw->pw_change != 0) { -+ struct timeval tv; -+ -+ (void)gettimeofday(&tv, NULL); -+ if (tv.tv_sec >= pw->pw_change) { -+ (void)printf( -+ "Sorry -- your password has expired.\n"); -+ syslog(LOG_INFO, -+ "%s Password expired - forcing change", -+ pw->pw_name); -+ if (system("/usr/bin/passwd") != 0) { -+ perror("/usr/bin/passwd"); -+ exit(1); -+ } -+ } -+ } -+#endif /* __FreeBSD__ */ - /* ignore _PATH_SSH_USER_RC for subsystems */ - if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { - snprintf(cmd, sizeof cmd, "%s -c '%s %s'", diff --git a/security/hpn-ssh/files/patch-sshconnect.c b/security/hpn-ssh/files/patch-sshconnect.c deleted file mode 100644 index 0d2e317b7147..000000000000 --- a/security/hpn-ssh/files/patch-sshconnect.c +++ /dev/null @@ -1,15 +0,0 @@ ---- sshconnect.c.orig Fri Apr 13 01:34:36 2001 -+++ sshconnect.c Fri Jun 1 08:01:05 2001 -@@ -504,10 +504,12 @@ - local = (ntohl(((struct sockaddr_in *)hostaddr)->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; - salen = sizeof(struct sockaddr_in); - break; -+#ifdef INET6 - case AF_INET6: - local = IN6_IS_ADDR_LOOPBACK(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr)); - salen = sizeof(struct sockaddr_in6); - break; -+#endif - default: - local = 0; - salen = sizeof(struct sockaddr_storage); diff --git a/security/hpn-ssh/pkg-comment b/security/hpn-ssh/pkg-comment deleted file mode 100644 index d96c7bfa9b13..000000000000 --- a/security/hpn-ssh/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -The portable version of OpenBSD's OpenSSH diff --git a/security/hpn-ssh/pkg-descr b/security/hpn-ssh/pkg-descr deleted file mode 100644 index 6b11fb954879..000000000000 --- a/security/hpn-ssh/pkg-descr +++ /dev/null @@ -1,3 +0,0 @@ -OpenBSD's OpenSSH portable version - -WWW: http://www.openssh.com/portable.html diff --git a/security/hpn-ssh/pkg-message b/security/hpn-ssh/pkg-message deleted file mode 100644 index 47f0f600972d..000000000000 --- a/security/hpn-ssh/pkg-message +++ /dev/null @@ -1,10 +0,0 @@ -To enable this port, please add sshd_program=/usr/local/sbin/sshd and make -sure -sshd_enable is set to YES in your /etc/rc.conf - -You may also want to put NO_OPENSSH= true in your /etc/make.conf -and make sure your path is setup to /usr/local/bin before /usr/bin so that -you -are running the port version of openssh and not the version that comes with -FreeBSD - diff --git a/security/hpn-ssh/pkg-plist b/security/hpn-ssh/pkg-plist deleted file mode 100644 index 63d354393c92..000000000000 --- a/security/hpn-ssh/pkg-plist +++ /dev/null @@ -1,11 +0,0 @@ -@comment slogin must be deleted first -bin/slogin -bin/ssh -bin/scp -bin/ssh-add -bin/ssh-agent -bin/ssh-keygen -bin/ssh-keyscan -bin/sftp -sbin/sshd -libexec/sftp-server diff --git a/security/kgpg-kde4/Makefile b/security/kgpg-kde4/Makefile deleted file mode 100644 index 2960df37148f..000000000000 --- a/security/kgpg-kde4/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -# New ports collection makefile for: kdeutils2 -# Date created: Sun 14 May 2000 02:52:20 -# Whom: Will Andrews <will@FreeBSD.org> -# -# $FreeBSD$ -# - -PORTNAME= kdeutils -PORTVERSION= 2.2 -CATEGORIES?= misc kde -MASTER_SITES= ${MASTER_SITE_KDE} -MASTER_SITE_SUBDIR= stable/${PORTVERSION}/src -DIST_SUBDIR= KDE - -MAINTAINER?= kde@FreeBSD.org - -USE_KDELIBS_VER=2 -USE_BZIP2= yes -INSTALLS_SHLIB= yes -GNU_CONFIGURE= yes -USE_GMAKE= yes -MAN1= efax.1 efix.1 fax.1 - -.include <bsd.port.mk> diff --git a/security/kgpg-kde4/distinfo b/security/kgpg-kde4/distinfo deleted file mode 100644 index bdd12d90fd29..000000000000 --- a/security/kgpg-kde4/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (KDE/kdeutils-2.2.tar.bz2) = 2ee57c259669232cb301359fb9000d08 diff --git a/security/kgpg-kde4/pkg-comment b/security/kgpg-kde4/pkg-comment deleted file mode 100644 index 186230f9287d..000000000000 --- a/security/kgpg-kde4/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -Utilities for the KDE integrated X11 desktop diff --git a/security/kgpg-kde4/pkg-descr b/security/kgpg-kde4/pkg-descr deleted file mode 100644 index 90ae45773bea..000000000000 --- a/security/kgpg-kde4/pkg-descr +++ /dev/null @@ -1 +0,0 @@ -KDE provides an integrated X11 based environment, much like CDE. diff --git a/security/kgpg-kde4/pkg-plist b/security/kgpg-kde4/pkg-plist deleted file mode 100644 index ae31b3d6f094..000000000000 --- a/security/kgpg-kde4/pkg-plist +++ /dev/null @@ -1,310 +0,0 @@ -bin/ark -bin/efax -bin/efix -bin/fax -bin/kab -bin/karm -bin/kcalc -bin/kcharselect -bin/kdepasswd -bin/kdessh -bin/kdf -bin/kedit -bin/kfind -bin/kfloppy -bin/khexedit -bin/kjots -bin/klaptopdaemon -bin/kljettool -bin/klpq -bin/klprfax -bin/klprfax_filter -bin/klprfax_lpd -bin/knotes -bin/ktimer -bin/kwikdisk -include/KNotesIface.h -lib/kcalc.la -lib/kcalc.so -lib/kde2/kedit.la -lib/kde2/kedit.so -lib/kfind.la -lib/kfind.so -lib/libark.la -lib/libark.so -lib/libark.so.1 -lib/libkcharselectapplet.la -lib/libkcharselectapplet.so -lib/libkcharselectapplet.so.1 -lib/libkcm_kdf.la -lib/libkcm_kdf.so -lib/libkcm_laptop.la -lib/libkcm_laptop.so -share/applnk/Editors/KEdit.desktop -share/applnk/Kfind.desktop -share/applnk/Settings/Information/kcmdf.desktop -share/applnk/Settings/Information/pcmcia.desktop -share/applnk/Settings/PowerControl/battery.desktop -share/applnk/Settings/PowerControl/bwarning.desktop -share/applnk/Settings/PowerControl/cwarning.desktop -share/applnk/Settings/PowerControl/power.desktop -share/applnk/System/kdf.desktop -share/applnk/System/kwikdisk.desktop -share/applnk/Utilities/KCharSelect.desktop -share/applnk/Utilities/KFloppy.desktop -share/applnk/Utilities/KLJetTool.desktop -share/applnk/Utilities/KLpq.desktop -share/applnk/Utilities/Kjots.desktop -share/applnk/Utilities/ark.desktop -share/applnk/Utilities/kab.desktop -share/applnk/Utilities/karm.desktop -share/applnk/Utilities/kcalc.desktop -share/applnk/Utilities/kdepasswd.desktop -share/applnk/Utilities/khexedit.desktop -share/applnk/Utilities/klprfax.desktop -share/applnk/Utilities/knotes.desktop -share/applnk/Utilities/ktimer.desktop -share/apps/ark/ark_part.rc -share/apps/ark/arkui.rc -share/apps/ark/icons/hicolor/22x22/actions/ark_adddir.png -share/apps/ark/icons/hicolor/22x22/actions/ark_addfile.png -share/apps/ark/icons/hicolor/22x22/actions/ark_delete.png -share/apps/ark/icons/hicolor/22x22/actions/ark_extract.png -share/apps/ark/icons/hicolor/22x22/actions/ark_help.png -share/apps/ark/icons/hicolor/22x22/actions/ark_new.png -share/apps/ark/icons/hicolor/22x22/actions/ark_open.png -share/apps/ark/icons/hicolor/22x22/actions/ark_options.png -share/apps/ark/icons/hicolor/22x22/actions/ark_selectall.png -share/apps/ark/icons/hicolor/22x22/actions/ark_view.png -share/apps/kab/htmlexport/templates/index.html -share/apps/kab/htmlexport/templates/kab_address.html -share/apps/kab/htmlexport/templates/kab_background.gif -share/apps/kab/htmlexport/templates/kab_entrylist.html -share/apps/kab/htmlexport/templates/kab_person.html -share/apps/kab/pics/addressbook_logo.png -share/apps/karm/karmui.rc -share/apps/karm/pics/clock.xpm -share/apps/karm/pics/clockedit.xpm -share/apps/karm/pics/empty-watch.xpm -share/apps/karm/pics/filedel.xpm -share/apps/karm/pics/watch-0.xpm -share/apps/karm/pics/watch-1.xpm -share/apps/karm/pics/watch-2.xpm -share/apps/karm/pics/watch-3.xpm -share/apps/karm/pics/watch-4.xpm -share/apps/karm/pics/watch-5.xpm -share/apps/karm/pics/watch-6.xpm -share/apps/karm/pics/watch-7.xpm -share/apps/kcalc/pics/kcalclogo.png -share/apps/kdf/pics/delete.png -share/apps/kdf/pics/tick.png -share/apps/kedit/keditui.rc -share/apps/kfind/icons/locolor/22x22/actions/archive.png -share/apps/kfind/icons/locolor/22x22/actions/delete.png -share/apps/kfind/icons/locolor/22x22/actions/idea.png -share/apps/kfind/icons/locolor/22x22/actions/info.png -share/apps/kfind/icons/locolor/22x22/actions/openfile.png -share/apps/kfind/icons/locolor/22x22/actions/save.png -share/apps/kfind/icons/locolor/22x22/actions/search.png -share/apps/kfloppy/pics/kfloppylogo.png -share/apps/khexedit/toolbar/hexdrag.png -share/apps/khexedit/toolbar/hexmask.png -share/apps/khexedit/toolbar/hexwrite.png -share/apps/kicker/applets/kcharselectapplet.desktop -share/apps/kjots/pics/filedel.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/laptop_charge.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/laptop_nobattery.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/laptop_nocharge.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/power.png -share/apps/klaptopdaemon/icons/hicolor/32x32/actions/power.png -share/apps/kljettool/pics/kljetlogo.png -share/apps/knotes/knotesui.rc -share/apps/knotes/pics/knotesclose.png -share/apps/knotes/pics/knotesdelete.png -share/apps/knotes/pics/knoteslogo.png -share/apps/konqueror/servicemenus/arkservicemenu.desktop -share/config/knotesrc -share/doc/HTML/en/ark/common -share/doc/HTML/en/ark/index.cache.bz2 -share/doc/HTML/en/ark/index.docbook -share/doc/HTML/en/kab/common -share/doc/HTML/en/kab/index.cache.bz2 -share/doc/HTML/en/kab/index.docbook -share/doc/HTML/en/kab/kab-edit.png -share/doc/HTML/en/kab/kab-using.png -share/doc/HTML/en/karm/common -share/doc/HTML/en/karm/index.cache.bz2 -share/doc/HTML/en/karm/index.docbook -share/doc/HTML/en/karm/karm.png -share/doc/HTML/en/kcalc/common -share/doc/HTML/en/kcalc/index.cache.bz2 -share/doc/HTML/en/kcalc/index.docbook -share/doc/HTML/en/kcalc/kcalc_on_Aix.txt -share/doc/HTML/en/kcalc/kcalc_on_OSF.txt -share/doc/HTML/en/kdf/common -share/doc/HTML/en/kdf/index.cache.bz2 -share/doc/HTML/en/kdf/index.docbook -share/doc/HTML/en/kdf/kdf.png -share/doc/HTML/en/kdf/kdf_config.png -share/doc/HTML/en/kedit/common -share/doc/HTML/en/kedit/index.cache.bz2 -share/doc/HTML/en/kedit/index.docbook -share/doc/HTML/en/kfind/common -share/doc/HTML/en/kfind/index.cache.bz2 -share/doc/HTML/en/kfind/index.docbook -share/doc/HTML/en/kfloppy/common -share/doc/HTML/en/kfloppy/index.cache.bz2 -share/doc/HTML/en/kfloppy/index.docbook -share/doc/HTML/en/khexedit/common -share/doc/HTML/en/khexedit/index.cache.bz2 -share/doc/HTML/en/khexedit/index.docbook -share/doc/HTML/en/khexedit/khexedit1.png -share/doc/HTML/en/kjots/common -share/doc/HTML/en/kjots/index.cache.bz2 -share/doc/HTML/en/kjots/index.docbook -share/doc/HTML/en/kljettool/README -share/doc/HTML/en/kljettool/common -share/doc/HTML/en/kljettool/djcdoscommands.txt -share/doc/HTML/en/kljettool/filter -share/doc/HTML/en/kljettool/hp690c.zip -share/doc/HTML/en/kljettool/index.cache.bz2 -share/doc/HTML/en/kljettool/index.docbook -share/doc/HTML/en/kljettool/magic -share/doc/HTML/en/kljettool/screenshot.png -share/doc/HTML/en/klpq/common -share/doc/HTML/en/klpq/index.cache.bz2 -share/doc/HTML/en/klpq/index.docbook -share/doc/HTML/en/klprfax/common -share/doc/HTML/en/klprfax/index.cache.bz2 -share/doc/HTML/en/klprfax/index.docbook -share/doc/HTML/en/knotes/common -share/doc/HTML/en/knotes/index.cache.bz2 -share/doc/HTML/en/knotes/index.docbook -share/doc/HTML/en/kpm/common -share/doc/HTML/en/kpm/index.cache.bz2 -share/doc/HTML/en/kpm/index.docbook -share/doc/HTML/en/kpm/kpmjobs.png -share/doc/HTML/en/kpm/kpmmemory.png -share/doc/HTML/en/kpm/kpmstart.png -share/doc/HTML/en/kpm/kpmtext.png -share/doc/HTML/en/kpm/qps.1 -share/icons/hicolor/16x16/apps/ark.png -share/icons/hicolor/16x16/apps/kab.png -share/icons/hicolor/16x16/apps/karm.png -share/icons/hicolor/16x16/apps/kcalc.png -share/icons/hicolor/16x16/apps/kcharselect.png -share/icons/hicolor/16x16/apps/kcmdf.png -share/icons/hicolor/16x16/apps/kdf.png -share/icons/hicolor/16x16/apps/kedit.png -share/icons/hicolor/16x16/apps/kfind.png -share/icons/hicolor/16x16/apps/kfloppy.png -share/icons/hicolor/16x16/apps/khexedit.png -share/icons/hicolor/16x16/apps/kjots.png -share/icons/hicolor/16x16/apps/klaptopdaemon.png -share/icons/hicolor/16x16/apps/kljettool.png -share/icons/hicolor/16x16/apps/klpq.png -share/icons/hicolor/16x16/apps/klprfax.png -share/icons/hicolor/16x16/apps/knotes.png -share/icons/hicolor/16x16/apps/kwikdisk.png -share/icons/hicolor/16x16/apps/laptop_battery.png -share/icons/hicolor/16x16/apps/laptop_pcmcia.png -share/icons/hicolor/32x32/apps/ark.png -share/icons/hicolor/32x32/apps/kab.png -share/icons/hicolor/32x32/apps/karm.png -share/icons/hicolor/32x32/apps/kcalc.png -share/icons/hicolor/32x32/apps/kcmdf.png -share/icons/hicolor/32x32/apps/kdf.png -share/icons/hicolor/32x32/apps/kedit.png -share/icons/hicolor/32x32/apps/kfind.png -share/icons/hicolor/32x32/apps/kfloppy.png -share/icons/hicolor/32x32/apps/khexedit.png -share/icons/hicolor/32x32/apps/kjots.png -share/icons/hicolor/32x32/apps/kljettool.png -share/icons/hicolor/32x32/apps/klpq.png -share/icons/hicolor/32x32/apps/klprfax.png -share/icons/hicolor/32x32/apps/knotes.png -share/icons/hicolor/32x32/apps/kwikdisk.png -share/icons/hicolor/32x32/apps/laptop_battery.png -share/icons/hicolor/32x32/apps/laptop_pcmcia.png -share/icons/hicolor/48x48/apps/ark.png -share/icons/hicolor/48x48/apps/kab.png -share/icons/hicolor/48x48/apps/karm.png -share/icons/hicolor/48x48/apps/kcalc.png -share/icons/hicolor/48x48/apps/kcharselect.png -share/icons/hicolor/48x48/apps/kedit.png -share/icons/hicolor/48x48/apps/kfind.png -share/icons/hicolor/48x48/apps/kfloppy.png -share/icons/hicolor/48x48/apps/khexedit.png -share/icons/hicolor/48x48/apps/kjots.png -share/icons/hicolor/48x48/apps/kljettool.png -share/icons/hicolor/48x48/apps/klpq.png -share/icons/hicolor/48x48/apps/knotes.png -share/icons/hicolor/48x48/apps/laptop_battery.png -share/icons/hicolor/48x48/apps/laptop_pcmcia.png -share/icons/locolor/16x16/apps/klprfax.png -share/icons/locolor/32x32/apps/klprfax.png -share/services/arkpart.desktop -@dirrm share/icons/locolor/32x32/apps -@dirrm share/icons/locolor/16x16/apps -@dirrm share/icons/hicolor/48x48/apps -@dirrm share/icons/hicolor/32x32/apps -@dirrm share/icons/hicolor/16x16/apps -@dirrm share/doc/HTML/en/kpm -@dirrm share/doc/HTML/en/knotes -@dirrm share/doc/HTML/en/klprfax -@dirrm share/doc/HTML/en/klpq -@dirrm share/doc/HTML/en/kljettool -@dirrm share/doc/HTML/en/kjots -@dirrm share/doc/HTML/en/khexedit -@dirrm share/doc/HTML/en/kfloppy -@dirrm share/doc/HTML/en/kfind -@dirrm share/doc/HTML/en/kedit -@dirrm share/doc/HTML/en/kdf -@dirrm share/doc/HTML/en/kcalc -@dirrm share/doc/HTML/en/karm -@dirrm share/doc/HTML/en/kab -@dirrm share/doc/HTML/en/ark -@dirrm share/apps/konqueror/servicemenus -@dirrm share/apps/konqueror -@dirrm share/apps/knotes/pics -@dirrm share/apps/knotes -@dirrm share/apps/kljettool/pics -@dirrm share/apps/kljettool -@dirrm share/apps/klaptopdaemon/icons/hicolor/32x32/actions -@dirrm share/apps/klaptopdaemon/icons/hicolor/32x32 -@dirrm share/apps/klaptopdaemon/icons/hicolor/16x16/actions -@dirrm share/apps/klaptopdaemon/icons/hicolor/16x16 -@dirrm share/apps/klaptopdaemon/icons/hicolor -@dirrm share/apps/klaptopdaemon/icons -@dirrm share/apps/klaptopdaemon -@dirrm share/apps/kjots/pics -@dirrm share/apps/kjots -@dirrm share/apps/kicker/applets -@dirrm share/apps/khexedit/toolbar -@dirrm share/apps/khexedit -@dirrm share/apps/kfloppy/pics -@dirrm share/apps/kfloppy -@dirrm share/apps/kfind/icons/locolor/22x22/actions -@dirrm share/apps/kedit -@dirrm share/apps/kdf/pics -@dirrm share/apps/kdf -@dirrm share/apps/kcalc/pics -@dirrm share/apps/kcalc -@dirrm share/apps/karm/pics -@dirrm share/apps/karm -@dirrm share/apps/kab/pics -@dirrm share/apps/kab/htmlexport/templates -@dirrm share/apps/kab/htmlexport -@dirrm share/apps/ark/icons/hicolor/22x22/actions -@dirrm share/apps/ark/icons/hicolor/22x22 -@dirrm share/apps/ark/icons/hicolor -@dirrm share/apps/ark/icons -@dirrm share/apps/ark -@dirrm share/apps -@dirrm share/applnk/Utilities -@dirrm share/applnk/System -@dirrm share/applnk/Settings/PowerControl -@dirrm share/applnk/Settings/Information -@dirrm share/applnk/Editors -@dirrm share/applnk -@dirrm lib/kde2 diff --git a/security/krb5-16/Makefile b/security/krb5-16/Makefile deleted file mode 100644 index 7fac84161a4a..000000000000 --- a/security/krb5-16/Makefile +++ /dev/null @@ -1,117 +0,0 @@ -# Ports collection Makefile for: MIT Kerberos V -# Date created: 6/5/1998 -# Whom: nectar@FreeBSD.org -# -# $FreeBSD$ -# - -PORTNAME= krb5 -PORTVERSION= 1.2.2 -PORTREVISION= 4 -CATEGORIES= security -MASTER_SITES= # manual download - -MAINTAINER= Cy.Schubert@uumail.gov.bc.ca - -BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4 - -KERBEROSV_URL= http://web.mit.edu/network/kerberos-form.html -USE_GMAKE= yes -INSTALLS_SHLIB= yes -GNU_CONFIGURE= yes -CONFIGURE_ARGS?= --enable-shared --with-ccopts="${CFLAGS}" -CONFIGURE_ENV= INSTALL="${INSTALL}" -MAKE_ARGS= INSTALL="${INSTALL}" -KRB5_KRB4_COMPAT?= YES - -.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" -MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ -.endif - -.if !defined(KRB5_KRB4_COMPAT) || ${KRB5_KRB4_COMPAT} == "NO" -CONFIGURE_ARGS+= --without-krb4 -.endif - -.if defined(KRB5_HOME) -PREFIX= ${KRB5_HOME} -.endif - -RESTRICTED= "Crypto; export-controlled" -# Set USA_RESIDENT appropriately in /etc/make.conf if you like - -INFO_FILES= krb425.info krb5-admin.info krb5-admin.info-1 \ - krb5-admin.info-2 krb5-admin.info-3 krb5-install.info \ - krb5-install.info-1 krb5-install.info-2 krb5-user.info - -MAN1= krb5-send-pr.1 kpasswd.1 v5passwd.1 klist.1 kinit.1 \ - kdestroy.1 ksu.1 sclient.1 rsh.1 rcp.1 rlogin.1 \ - v4rcp.1 ftp.1 telnet.1 kerberos.1 kvno.1 -MAN5= kdc.conf.5 krb5.conf.5 .k5login.5 -MAN8= krb5kdc.8 kadmin.8 kadmin.local.8 kdb5_util.8 \ - ktutil.8 kadmind.8 kprop.8 kpropd.8 sserver.8 \ - kshd.8 klogind.8 login.krb5.8 ftpd.8 telnetd.8 - -WRKSRC= ${WRKDIR}/${DISTNAME}/src - -WANT_HTML?= YES -HTML_DOC_DIR= ${WRKDIR}/${DISTNAME}/doc -HTML_DOCS= admin.html install_foot.html user-guide.html \ - admin_foot.html install_toc.html user-guide_foot.html \ - admin_toc.html krb425.html user-guide_toc.html \ - install.html krb425_toc.html - -.if !defined(USA_RESIDENT) || ${USA_RESIDENT} == "YES" -do-fetch: - @if [ ! -f ${DISTDIR}/${DISTNAME}${EXTRACT_SUFX} ]; then \ - ${ECHO} ""; \ - ${ECHO} ">> Kerberos V contains encryption software and is"; \ - ${ECHO} " export restricted. If you are not a USA resident,";\ - ${ECHO} " then you cannot obtain the Kerberos V sources from";\ - ${ECHO} " within the United States."; \ - ${ECHO} ""; \ - ${ECHO} ">> The Kerberos V sources must be fetched manually."; \ - ${ECHO} " Please visit ${KERBEROSV_URL}"; \ - ${ECHO} " to download ${DISTNAME}${EXTRACT_SUFX} and place"; \ - ${ECHO} " it in ${DISTDIR}. Then run make again."; \ - ${FALSE}; \ - fi -.endif - -pre-build: -.if !defined(KRB5_KRB4_COMPAT) - @${ECHO} "------------------------------------------------------" - @${ECHO} "Set KRB5_KRB4_COMPAT=NO if you do not want to build " - @${ECHO} "the KerberosIV compatibility libraries. " - @${ECHO} "------------------------------------------------------" -.endif - -post-build: - @(cd ${WRKSRC}/../doc && \ - ${MAKE} ${INFO_FILES}) - -.include <bsd.port.pre.mk> - -post-install: -# html documentation -.if defined(WANT_HTML) && ${WANT_HTML} == "YES" - @${MKDIR} ${PREFIX}/share/doc/krb5 -.for html in ${HTML_DOCS} - ${INSTALL_MAN} ${HTML_DOC_DIR}/${html} ${PREFIX}/share/doc/krb5 -.endfor -.endif -# handle info files -.for info in ${INFO_FILES} - ${INSTALL_MAN} ${WRKSRC}/../doc/${info} ${PREFIX}/info/${info} -.endfor -.for info in ${INFO_FILES:M*.info} - install-info ${PREFIX}/info/${info} ${PREFIX}/info/dir -.endfor -# fixup packing list (no libs without version numbers in aout case) -.if ${PORTOBJFORMAT} == "aout" - ${ECHO_MSG} "Fixing packing list for a.out" - ${MV} ${TMPPLIST} ${TMPPLIST}.new - ${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST} - ${RM} ${TMPPLIST}.new -.endif - -.include <bsd.port.post.mk> diff --git a/security/krb5-16/distinfo b/security/krb5-16/distinfo deleted file mode 100644 index e8159e50a95c..000000000000 --- a/security/krb5-16/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c diff --git a/security/krb5-16/files/patch-ac b/security/krb5-16/files/patch-ac deleted file mode 100644 index 8bca5437d964..000000000000 --- a/security/krb5-16/files/patch-ac +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/admin.texinfo Fri Feb 6 21:40:56 1998 -+++ admin.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb5-admin.info - @settitle Kerberos V5 System Administrator's Guide -+@dircategory Kerberos V5 -+@direntry -+* Admin Guide: (krb5-admin). Kerberos V5 System Admin's Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-16/files/patch-ad b/security/krb5-16/files/patch-ad deleted file mode 100644 index c8b6d3e99e91..000000000000 --- a/security/krb5-16/files/patch-ad +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/user-guide.texinfo Fri Feb 6 21:40:58 1998 -+++ user-guide.texinfo Fri Jun 19 15:13:45 1998 -@@ -3,6 +3,10 @@ - @c guide - @setfilename krb5-user.info - @settitle Kerberos V5 UNIX User's Guide -+@dircategory Kerberos V5 -+@direntry -+* User's Guide: (krb5-user). Kerberos V5 UNIX User's Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-16/files/patch-ae b/security/krb5-16/files/patch-ae deleted file mode 100644 index f5643b5aa04f..000000000000 --- a/security/krb5-16/files/patch-ae +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/install.texinfo Fri Feb 6 21:40:56 1998 -+++ install.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb5-install.info - @settitle Kerberos V5 Installation Guide -+@dircategory Kerberos V5 -+@direntry -+* Installation Guide: (krb5-install). Kerberos V5 Installation Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-16/files/patch-af b/security/krb5-16/files/patch-af deleted file mode 100644 index e054b18bbef5..000000000000 --- a/security/krb5-16/files/patch-af +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/krb425.texinfo Fri Feb 6 21:40:57 1998 -+++ krb425.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb425.info - @settitle Upgrading to Kerberos V5 from Kerberos V4 -+@dircategory Kerberos V5 -+@direntry -+* Upgrading from V4 to V5: (krb425). Upgrading from Kerberos V4 to V5 -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-16/files/patch-ai b/security/krb5-16/files/patch-ai deleted file mode 100644 index 634db6cdec73..000000000000 --- a/security/krb5-16/files/patch-ai +++ /dev/null @@ -1,287 +0,0 @@ ---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001 -+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001 -@@ -485,7 +485,13 @@ - #ifndef LOG_DAEMON - #define LOG_DAEMON 0 - #endif -- openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON); -+ -+#ifndef LOG_FTP -+#define FACILITY LOG_DAEMON -+#else -+#define FACILITY LOG_FTP -+#endif -+ openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY); - - addrlen = sizeof (his_addr); - if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) { -@@ -761,7 +767,16 @@ - int result; - #ifdef GSSAPI - if (auth_type && strcmp(auth_type, "GSSAPI") == 0) { -+ int len; - authorized = ftpd_gss_userok(&client_name, name) == 0; -+ len = sizeof("GSSAPI user is not authorized as " -+ "; Password required.") -+ + strlen(client_name.value) -+ + strlen(name); -+ if (len >= sizeof(buf)) { -+ syslog(LOG_ERR, "user: username too long"); -+ name = "[username too long]"; -+ } - sprintf(buf, "GSSAPI user %s is%s authorized as %s", - client_name.value, authorized ? "" : " not", - name); -@@ -772,7 +787,18 @@ - #endif /* GSSAPI */ - #ifdef KRB5_KRB4_COMPAT - if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) { -+ int len; - authorized = kuserok(&kdata,name) == 0; -+ len = sizeof("Kerberos user .@ is not authorized as " -+ "; Password required.") -+ + strlen(kdata.pname) -+ + strlen(kdata.pinst) -+ + strlen(kdata.prealm) -+ + strlen(name); -+ if (len >= sizeof(buf)) { -+ syslog(LOG_ERR, "user: username too long"); -+ name = "[username too long]"; -+ } - sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s", - kdata.pname, *kdata.pinst ? "." : "", - kdata.pinst, kdata.prealm, -@@ -1179,6 +1205,11 @@ - } else { - char line[FTP_BUFSIZ]; - -+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) { -+ syslog(LOG_ERR, "retrieve: filename too long"); -+ reply(501, "filename too long"); -+ return; -+ } - (void) sprintf(line, cmd, name), name = line; - fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose; - st.st_size = -1; -@@ -1417,6 +1448,10 @@ - return (file); - } - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ -+ */ - #ifdef STDARG - secure_error(char *fmt, ...) - #else -@@ -1616,13 +1651,19 @@ - { - char line[FTP_BUFSIZ]; - FILE *fin; -- int c; -+ int c, n; - char str[FTP_BUFSIZ], *p; - -+ if (strlen(filename) + sizeof("/bin/ls -lgA ") -+ >= sizeof(line)) { -+ reply(501, "filename too long"); -+ return; -+ } - (void) sprintf(line, "/bin/ls -lgA %s", filename); - fin = ftpd_popen(line, "r"); - lreply(211, "status of %s:", filename); - p = str; -+ n = 0; - while ((c = getc(fin)) != EOF) { - if (c == '\n') { - if (ferror(stdout)){ -@@ -1639,7 +1680,16 @@ - *p = '\0'; - reply(0, "%s", str); - p = str; -- } else *p++ = c; -+ n = 0; -+ } else { -+ *p++ = c; -+ n++; -+ if (n >= sizeof(str)) { -+ reply(551, "output line too long"); -+ (void) ftpd_pclose(fin); -+ return; -+ } -+ } - } - if (p != str) { - *p = '\0'; -@@ -1723,6 +1773,10 @@ - - char cont_char = ' '; - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ bytes for now. -+ */ - #ifdef STDARG - reply(int n, char *fmt, ...) - #else -@@ -1744,22 +1798,32 @@ - #endif - - if (auth_type) { -- char in[FTP_BUFSIZ], out[FTP_BUFSIZ]; -+ /* -+ * Deal with expansion in mk_{safe,priv}, -+ * radix_encode, gss_seal, plus slop. -+ */ -+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2]; - int length, kerror; - if (n) sprintf(in, "%d%c", n, cont_char); - else in[0] = '\0'; - strncat(in, buf, sizeof (in) - strlen(in) - 1); - #ifdef KRB5_KRB4_COMPAT - if (strcmp(auth_type, "KERBEROS_V4") == 0) { -- if ((length = clevel == PROT_P ? -- krb_mk_priv((unsigned char *)in, -- (unsigned char *)out, -- strlen(in), schedule, &kdata.session, -- &ctrl_addr, &his_addr) -- : krb_mk_safe((unsigned char *)in, -- (unsigned char *)out, -- strlen(in), &kdata.session, -- &ctrl_addr, &his_addr)) == -1) { -+ if (clevel == PROT_P) -+ length = krb_mk_priv((unsigned char *)in, -+ (unsigned char *)out, -+ strlen(in), -+ schedule, &kdata.session, -+ &ctrl_addr, -+ &his_addr); -+ else -+ length = krb_mk_safe((unsigned char *)in, -+ (unsigned char *)out, -+ strlen(in), -+ &kdata.session, -+ &ctrl_addr, -+ &his_addr); -+ if (length == -1) { - syslog(LOG_ERR, - "krb_mk_%s failed for KERBEROS_V4", - clevel == PROT_P ? "priv" : "safe"); -@@ -1803,13 +1867,16 @@ - } - #endif /* GSSAPI */ - /* Other auth types go here ... */ -- if (kerror = radix_encode(out, in, &length, 0)) { -+ if (length >= sizeof(in) / 4 * 3) { -+ syslog(LOG_ERR, "input to radix_encode too long"); -+ fputs(in, stdout); -+ } else if (kerror = radix_encode(out, in, &length, 0)) { - syslog(LOG_ERR, "Couldn't encode reply (%s)", - radix_error(kerror)); - fputs(in,stdout); - } else -- printf("%s%c%s", clevel == PROT_P ? "632" : "631", -- n ? cont_char : '-', in); -+ printf("%s%c%s", clevel == PROT_P ? "632" : "631", -+ n ? cont_char : '-', in); - } else { - if (n) printf("%d%c", n, cont_char); - fputs(buf, stdout); -@@ -1822,6 +1889,10 @@ - } - } - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ -+ */ - #ifdef STDARG - lreply(int n, char *fmt, ...) - #else -@@ -1866,7 +1937,8 @@ - - if (cp = strchr(cbuf,'\n')) - *cp = '\0'; -- reply(500, "'%s': command not understood.", cbuf); -+ reply(500, "'%.*s': command not understood.", -+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf); - } - - delete_file(name) -@@ -2143,7 +2215,21 @@ - int code; - char *string; - { -- reply(code, "%s: %s.", string, strerror(errno)); -+ char *err_string; -+ size_t extra_len; -+ err_string = strerror(errno); -+ if (err_string == NULL) -+ err_string = "(unknown error)"; -+ extra_len = strlen(err_string) + sizeof("(truncated): ."); -+ /* -+ * XXX knows about FTP_BUFSIZ in reply() -+ */ -+ if (strlen(string) + extra_len > FTP_BUFSIZ) { -+ reply(code, "(truncated)%.*s: %s.", -+ FTP_BUFSIZ - extra_len, string, err_string); -+ } else { -+ reply(code, "%s: %s.", string, err_string); -+ } - } - - auth(type) -@@ -2226,6 +2312,10 @@ - secure_error("ADAT: krb_mk_safe failed"); - return(0); - } -+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) { -+ secure_error("ADAT: reply too long"); -+ return(0); -+ } - if (kerror = radix_encode(out_buf, buf, &length, 0)) { - secure_error("Couldn't encode ADAT reply (%s)", - radix_error(kerror)); -@@ -2360,6 +2450,16 @@ - } - - if (out_tok.length) { -+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT=")) -+ / 4 * 3)) { -+ secure_error("ADAT: reply too long"); -+ syslog(LOG_ERR, "ADAT: reply too long"); -+ (void) gss_release_cred(&stat_min, &server_creds); -+ if (ret_flags & GSS_C_DELEG_FLAG) -+ (void) gss_release_cred(&stat_min, -+ &deleg_creds); -+ return(0); -+ } - if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) { - secure_error("Couldn't encode ADAT reply (%s)", - radix_error(kerror)); -@@ -2458,6 +2558,9 @@ - * n>=0 on success - * -1 on error - * -2 on security error -+ * -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ - */ - #ifdef STDARG - secure_fprintf(FILE *stream, char *fmt, ...) -@@ -2575,6 +2678,15 @@ - dir->d_name[2] == '\0') - continue; - -+ if (strlen(dirname) + strlen(dir->d_name) -+ + 1 /* slash */ -+ + 2 /* CRLF */ -+ + 1 > sizeof(nbuf)) { -+ syslog(LOG_ERR, -+ "send_file_list: pathname too long"); -+ ret = -2; /* XXX */ -+ goto data_err; -+ } - sprintf(nbuf, "%s/%s", dirname, dir->d_name); - - /* diff --git a/security/krb5-16/files/patch-aj b/security/krb5-16/files/patch-aj deleted file mode 100644 index c3bb8dfd6960..000000000000 --- a/security/krb5-16/files/patch-aj +++ /dev/null @@ -1,19 +0,0 @@ -*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998 ---- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998 -*************** -*** 66,72 **** - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); ---- 66,72 ---- - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c deleted file mode 100644 index 9a19ab958aaf..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c +++ /dev/null @@ -1,12 +0,0 @@ ---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001 -@@ -43,8 +43,7 @@ - int len; - { - if (nfrontp + len < netobuf + BUFSIZ) { -- memcpy((void *)nfrontp, (void *)str, len); -- nfrontp += len; -+ output_datalen(str, len); - return(len); - } - return(0); diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h deleted file mode 100644 index 38fd6ac1fd53..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h +++ /dev/null @@ -1,24 +0,0 @@ ---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001 -@@ -75,7 +75,7 @@ - - extern char netibuf[BUFSIZ], *netip; - --extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -+extern char netobuf[BUFSIZ], *nfrontp, *nbackp; - extern char *neturg; /* one past last bye of urgent data */ - - extern int pcc, ncc; -@@ -187,8 +187,10 @@ - tty_setsofttab P((int)), - tty_tspeed P((int)), - willoption P((int)), -- wontoption P((int)), -- writenet P((unsigned char *, int)); -+ wontoption P((int)); -+ -+extern int output_data __P((const char *, ...)) __printflike(1, 2); -+extern int output_datalen __P((const char *, size_t)); - - #ifdef ENCRYPTION - extern char *nclearto; diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::slc.c b/security/krb5-16/files/patch-appl::telnet::telnetd::slc.c deleted file mode 100644 index f4e7d41e494d..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::slc.c +++ /dev/null @@ -1,11 +0,0 @@ ---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001 -@@ -198,7 +198,7 @@ - (void) sprintf((char *)slcptr, "%c%c", IAC, SE); - slcptr += 2; - len = slcptr - slcbuf; -- writenet(slcbuf, len); -+ output_datalen(slcbuf, len); - netflush(); /* force it out immediately */ - DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2);); - } diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::state.c b/security/krb5-16/files/patch-appl::telnet::telnetd::state.c deleted file mode 100644 index baf207333a1d..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::state.c +++ /dev/null @@ -1,134 +0,0 @@ ---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001 -@@ -33,6 +33,7 @@ - - /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */ - -+#include <stdarg.h> - #include "telnetd.h" - #if defined(AUTHENTICATION) - #include <libtelnet/auth.h> -@@ -86,7 +87,7 @@ - if (!auth_negotiated) { - static char *error = - "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n"; -- writenet(error, strlen(error)); -+ output_datalen(error, strlen(error)); - netflush(); - exit(1); - } -@@ -209,8 +210,7 @@ - } - - netclear(); /* clear buffer back */ -- *nfrontp++ = IAC; -- *nfrontp++ = DM; -+ output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); -@@ -463,8 +463,7 @@ - set_his_want_state_will(option); - do_dont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)doopt, option); -- nfrontp += sizeof (dont) - 2; -+ output_data((const char *)doopt, option); - - DIAG(TD_OPTIONS, printoption("td: send do", option)); - } -@@ -683,8 +682,7 @@ - set_his_want_state_wont(option); - do_dont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)dont, option); -- nfrontp += sizeof (doopt) - 2; -+ output_data((const char *)dont, option); - - DIAG(TD_OPTIONS, printoption("td: send dont", option)); - } -@@ -833,8 +831,7 @@ - set_my_want_state_will(option); - will_wont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)will, option); -- nfrontp += sizeof (doopt) - 2; -+ output_data((const char *)will, option); - - DIAG(TD_OPTIONS, printoption("td: send will", option)); - } -@@ -993,8 +990,7 @@ - set_my_want_state_wont(option); - will_wont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)wont, option); -- nfrontp += sizeof (wont) - 2; -+ output_data((const char *)wont, option); - - DIAG(TD_OPTIONS, printoption("td: send wont", option)); - } -@@ -1393,9 +1389,8 @@ - env_ovar_wrong: - env_ovar = OLD_ENV_VALUE; - env_ovalue = OLD_ENV_VAR; -- DIAG(TD_OPTIONS, {sprintf(nfrontp, -- "ENVIRON VALUE and VAR are reversed!\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_OPTIONS, -+ output_data("ENVIRON VALUE and VAR are reversed!\r\n")); - - } - } -@@ -1633,11 +1628,51 @@ - ADD(IAC); - ADD(SE); - -- writenet(statusbuf, ncp - statusbuf); -+ output_datalen(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ - - DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); -+} -+ -+/* -+ * This function appends data to nfrontp and advances nfrontp. -+ */ -+ -+int -+output_data(const char *format, ...) -+{ -+ va_list args; -+ size_t remaining, ret; -+ -+ va_start(args, format); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ /* try a netflush() if the room is too low */ -+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } -+ ret = vsnprintf(nfrontp, remaining, format, args); -+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1); -+ va_end(args); -+ return ret; -+} -+ -+int -+output_datalen(const char *buf, size_t len) -+{ -+ size_t remaining; -+ -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ if (remaining < len) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } -+ if (remaining < len) -+ return -1; -+ memmove(nfrontp, buf, len); -+ nfrontp += len; -+ return (len); - } - - static int envvarok(varp) diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c deleted file mode 100644 index 9eef1709beeb..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c +++ /dev/null @@ -1,169 +0,0 @@ ---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001 -@@ -693,7 +693,7 @@ - char *error_message = - "Encryption was not successfully negotiated. Goodbye.\r\n\r\n"; - -- writenet(error_message, strlen(error_message)); -+ output_datalen(error_message, strlen(error_message)); - netflush(); - exit(1); - } -@@ -782,9 +782,7 @@ - { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_XDISPLOC)) { -@@ -792,9 +790,7 @@ - { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { -@@ -802,9 +798,7 @@ - { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - else if (his_state_is_will(TELOPT_OLD_ENVIRON)) { -@@ -812,17 +806,13 @@ - { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_TTYPE)) { - - if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) { -- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf)); -- nfrontp += sizeof(ttytype_sbbuf); -- *nfrontp = '\0'; -+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - } - if (his_state_is_will(TELOPT_TSPEED)) { -@@ -902,9 +892,7 @@ - return; - settimer(baseline); - if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) { -- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf)); -- nfrontp += sizeof(ttytype_sbbuf); -- *nfrontp = '\0'; -+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); -@@ -1177,9 +1165,7 @@ - * mode, which we do not want. - */ - if (his_want_state_is_will(TELOPT_ECHO)) { -- DIAG(TD_OPTIONS, -- {sprintf(nfrontp, "td: simulating recv\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n")); - willoption(TELOPT_ECHO); - } - -@@ -1308,9 +1294,7 @@ - localstat(); - #endif /* LINEMODE */ - -- DIAG(TD_REPORT, -- {sprintf(nfrontp, "td: Entering processing loop\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n")); - - #ifdef convex - startslave(host); -@@ -1435,8 +1419,7 @@ - netip = netibuf; - } - DIAG((TD_REPORT | TD_NETDATA), -- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc); -- nfrontp += strlen(nfrontp);}); -+ output_data("td: netread %d chars\r\n", ncc)); - DIAG(TD_NETDATA, printdata("nd", netip, ncc)); - } - -@@ -1483,8 +1466,7 @@ - * royally if we send them urgent - * mode data. - */ -- *nfrontp++ = IAC; -- *nfrontp++ = DM; -+ output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - #endif - } -@@ -1495,13 +1477,11 @@ - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; - if (newflow != flowmode) { - flowmode = newflow; -- (void) sprintf(nfrontp, -- "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON - : LFLOW_OFF, - IAC, SE); -- nfrontp += 6; - } - } - pcc--; -@@ -1524,19 +1504,19 @@ - break; - c = *ptyip++ & 0377, pcc--; - if (c == IAC) -- *nfrontp++ = c; -+ output_data("%c", c); - #if defined(CRAY2) && defined(UNICOS5) - else if (c == '\n' && - my_state_is_wont(TELOPT_BINARY) && newmap) -- *nfrontp++ = '\r'; -+ output_data("\r"); - #endif /* defined(CRAY2) && defined(UNICOS5) */ -- *nfrontp++ = c; -+ output_data("%c", c); - if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { - if (pcc > 0 && ((*ptyip & 0377) == '\n')) { -- *nfrontp++ = *ptyip++ & 0377; -+ output_data("%c", *ptyip++ & 0377); - pcc--; - } else -- *nfrontp++ = '\0'; -+ output_data("%c", '\0'); - } - } - #if defined(CRAY2) && defined(UNICOS5) -@@ -1707,10 +1687,7 @@ - return; - } - #endif -- (void) strncpy(nfrontp, "\r\n[Yes]\r\n", -- sizeof(netobuf) - 1 - (nfrontp - netobuf)); -- nfrontp += 9; -- *nfrontp = '\0'; -+ output_data("\r\n[Yes]\r\n"); - } - - void diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c deleted file mode 100644 index 422f1c8e0645..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c +++ /dev/null @@ -1,74 +0,0 @@ ---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001 -@@ -283,10 +283,9 @@ - # endif /* KLUDGELINEMODE */ - send_do(TELOPT_LINEMODE, 1); - /* send along edit modes */ -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB, -+ output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - # ifdef KLUDGELINEMODE - } -@@ -312,10 +311,9 @@ - /* - * Send along appropriate edit mode mask. - */ -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB, -+ output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - } - -@@ -359,20 +357,18 @@ - if (his_state_is_will(TELOPT_LFLOW)) { - if (tty_flowmode() != flowmode) { - flowmode = tty_flowmode(); -- (void) sprintf(nfrontp, "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON : LFLOW_OFF, - IAC, SE); -- nfrontp += 6; - } - if (tty_restartany() != restartany) { - restartany = tty_restartany(); -- (void) sprintf(nfrontp, "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - restartany ? LFLOW_RESTART_ANY - : LFLOW_RESTART_XON, - IAC, SE); -- nfrontp += 6; - } - } - } -@@ -445,10 +441,9 @@ - useeditmode |= MODE_SOFT_TAB; - if (tty_islitecho()) - useeditmode |= MODE_LIT_ECHO; -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, -+ output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode, IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - } - -@@ -504,11 +499,10 @@ - set_termbuf(); - - if (!ack) { -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, -+ output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode|MODE_ACK, - IAC, SE); -- nfrontp += 7; - } - - editmode = useeditmode; diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c deleted file mode 100644 index d49598c27487..000000000000 --- a/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c +++ /dev/null @@ -1,879 +0,0 @@ ---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001 -+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001 -@@ -58,8 +58,7 @@ - { - void netflush(); - -- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { - netflush(); - } -@@ -74,8 +73,7 @@ - syslog(LOG_INFO, "ttloop: peer died: %m"); - exit(1); - } -- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc)); - netip = netibuf; - telrcv(); /* state machine */ - if (ncc > 0) { -@@ -117,9 +115,8 @@ - int n; - - if ((n = pfrontp - pbackp) > 0) { -- DIAG((TD_REPORT | TD_PTYDATA), -- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n); -- nfrontp += strlen(nfrontp); }); -+ DIAG(TD_REPORT | TD_PTYDATA, -+ output_data("td: ptyflush %d chars\r\n", n)); - DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); - n = write(pty, pbackp, n); - } -@@ -251,11 +248,9 @@ - extern int not42; - - if ((n = nfrontp - nbackp) > 0) { -- DIAG(TD_REPORT, -- { sprintf(nfrontp, "td: netflush %d chars\r\n", n); -- n += strlen(nfrontp); /* get count first */ -- nfrontp += strlen(nfrontp); /* then move pointer */ -- }); -+ DIAG(TD_REPORT, { -+ n += output_data("td: netflush %d chars\r\n", n); -+ }); - #ifdef ENCRYPTION - if (encrypt_output) { - char *s = nclearto ? nclearto : nbackp; -@@ -314,33 +309,6 @@ - - - /* -- * writenet -- * -- * Just a handy little function to write a bit of raw data to the net. -- * It will force a transmit of the buffer if necessary -- * -- * arguments -- * ptr - A pointer to a character string to write -- * len - How many bytes to write -- */ -- void --writenet(ptr, len) -- register unsigned char *ptr; -- register int len; --{ -- /* flush buffer if no room for new data) */ -- if ((&netobuf[BUFSIZ] - nfrontp) < len) { -- /* if this fails, don't worry, buffer is a little big */ -- netflush(); -- } -- -- memcpy(nfrontp, ptr, len); -- nfrontp += len; -- --} /* end of writenet */ -- -- --/* - * miscellaneous functions doing a variety of little jobs follow ... - */ - -@@ -528,12 +496,11 @@ - register int option; - { - if (TELOPT_OK(option)) -- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option)); -+ output_data("%s %s\r\n", fmt, TELOPT(option)); - else if (TELCMD_OK(option)) -- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option)); -+ output_data("%s %s\r\n", fmt, TELCMD(option)); - else -- sprintf(nfrontp, "%s %d\r\n", fmt, option); -- nfrontp += strlen(nfrontp); -+ output_data("%s %d\r\n", fmt, option); - return; - } - -@@ -550,9 +517,8 @@ - return; - - if (direction) { -- sprintf(nfrontp, "td: %s suboption ", -+ output_data("td: %s suboption ", - direction == '<' ? "recv" : "send"); -- nfrontp += strlen(nfrontp); - if (length >= 3) { - register int j; - -@@ -560,232 +526,192 @@ - j = pointer[length-1]; - - if (i != IAC || j != SE) { -- sprintf(nfrontp, "(terminated by "); -- nfrontp += strlen(nfrontp); -+ output_data("(terminated by "); - if (TELOPT_OK(i)) -- sprintf(nfrontp, "%s ", TELOPT(i)); -+ output_data("%s ", TELOPT(i)); - else if (TELCMD_OK(i)) -- sprintf(nfrontp, "%s ", TELCMD(i)); -+ output_data("%s ", TELCMD(i)); - else -- sprintf(nfrontp, "%d ", i); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", i); - if (TELOPT_OK(j)) -- sprintf(nfrontp, "%s", TELOPT(j)); -+ output_data("%s", TELOPT(j)); - else if (TELCMD_OK(j)) -- sprintf(nfrontp, "%s", TELCMD(j)); -+ output_data("%s", TELCMD(j)); - else -- sprintf(nfrontp, "%d", j); -- nfrontp += strlen(nfrontp); -- sprintf(nfrontp, ", not IAC SE!) "); -- nfrontp += strlen(nfrontp); -+ output_data("%d", j); -+ output_data(", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { -- sprintf(nfrontp, "(Empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(Empty suboption??\?)"); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: -- sprintf(nfrontp, "TERMINAL-TYPE "); -- nfrontp += strlen(nfrontp); -+ output_data("TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2); -+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND"); -+ output_data("SEND"); - break; - default: -- sprintf(nfrontp, -+ output_data( - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } -- nfrontp += strlen(nfrontp); - break; - case TELOPT_TSPEED: -- sprintf(nfrontp, "TERMINAL-SPEED"); -- nfrontp += strlen(nfrontp); -+ output_data("TERMINAL-SPEED"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2); -- nfrontp += strlen(nfrontp); -+ output_data(" IS %.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) -- sprintf(nfrontp, " SEND"); -+ output_data(" SEND"); - else -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - } - break; - - case TELOPT_LFLOW: -- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL"); -- nfrontp += strlen(nfrontp); -+ output_data("TOGGLE-FLOW-CONTROL"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: -- sprintf(nfrontp, " OFF"); break; -+ output_data(" OFF"); break; - case LFLOW_ON: -- sprintf(nfrontp, " ON"); break; -+ output_data(" ON"); break; - case LFLOW_RESTART_ANY: -- sprintf(nfrontp, " RESTART-ANY"); break; -+ output_data(" RESTART-ANY"); break; - case LFLOW_RESTART_XON: -- sprintf(nfrontp, " RESTART-XON"); break; -+ output_data(" RESTART-XON"); break; - default: -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -+ output_data(" %d (unknown)", pointer[1]); - } -- nfrontp += strlen(nfrontp); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_NAWS: -- sprintf(nfrontp, "NAWS"); -- nfrontp += strlen(nfrontp); -+ output_data("NAWS"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - if (length == 2) { -- sprintf(nfrontp, " ?%d?", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[1]); - break; - } -- sprintf(nfrontp, " %d %d (%d)", -+ output_data(" %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); -- nfrontp += strlen(nfrontp); - if (length == 4) { -- sprintf(nfrontp, " ?%d?", pointer[3]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[3]); - break; - } -- sprintf(nfrontp, " %d %d (%d)", -+ output_data(" %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); -- nfrontp += strlen(nfrontp); - for (i = 5; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_LINEMODE: -- sprintf(nfrontp, "LINEMODE "); -- nfrontp += strlen(nfrontp); -+ output_data("LINEMODE "); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: -- sprintf(nfrontp, "WILL "); -+ output_data("WILL "); - goto common; - case WONT: -- sprintf(nfrontp, "WONT "); -+ output_data("WONT "); - goto common; - case DO: -- sprintf(nfrontp, "DO "); -+ output_data("DO "); - goto common; - case DONT: -- sprintf(nfrontp, "DONT "); -+ output_data("DONT "); - common: -- nfrontp += strlen(nfrontp); - if (length < 3) { -- sprintf(nfrontp, "(no option??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: -- sprintf(nfrontp, "Forward Mask"); -- nfrontp += strlen(nfrontp); -+ output_data("Forward Mask"); - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " %x", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %x", pointer[i]); - } - break; - default: -- sprintf(nfrontp, "%d (unknown)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data("%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - break; - } - break; - - case LM_SLC: -- sprintf(nfrontp, "SLC"); -- nfrontp += strlen(nfrontp); -+ output_data("SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) -- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC])); -+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC])); - else -- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: -- sprintf(nfrontp, " NOSUPPORT"); break; -+ output_data(" NOSUPPORT"); break; - case SLC_CANTCHANGE: -- sprintf(nfrontp, " CANTCHANGE"); break; -+ output_data(" CANTCHANGE"); break; - case SLC_VARIABLE: -- sprintf(nfrontp, " VARIABLE"); break; -+ output_data(" VARIABLE"); break; - case SLC_DEFAULT: -- sprintf(nfrontp, " DEFAULT"); break; -+ output_data(" DEFAULT"); break; - } -- nfrontp += strlen(nfrontp); -- sprintf(nfrontp, "%s%s%s", -+ output_data("%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); -- nfrontp += strlen(nfrontp); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) { -- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]); -- nfrontp += strlen(nfrontp); -+ output_data("(0x%x)", pointer[i+SLC_FLAGS]); - } -- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case LM_MODE: -- sprintf(nfrontp, "MODE "); -- nfrontp += strlen(nfrontp); -+ output_data("MODE "); - if (length < 3) { -- sprintf(nfrontp, "(no mode??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(no mode??\?)"); - break; - } - { -@@ -796,24 +722,19 @@ - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); -- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0"); -- nfrontp += strlen(nfrontp); -+ output_data("%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) { -- sprintf(nfrontp, " (0x%x)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data(" (0x%x)", pointer[2]); - } - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " ?0x%x?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?0x%x?", pointer[i]); - } - break; - default: -- sprintf(nfrontp, "%d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data("%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - } - break; -@@ -822,24 +743,20 @@ - register char *cp; - register int j, k; - -- sprintf(nfrontp, "STATUS"); -- nfrontp += strlen(nfrontp); -+ output_data("STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) -- sprintf(nfrontp, " SEND"); -+ output_data(" SEND"); - else -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - case TELQUAL_IS: -- sprintf(nfrontp, " IS\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data(" IS\r\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { -@@ -850,18 +767,15 @@ - common2: - i++; - if (TELOPT_OK(pointer[i])) -- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i])); -+ output_data(" %s %s", cp, TELOPT(pointer[i])); - else -- sprintf(nfrontp, " %s %d", cp, pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %s %d", cp, pointer[i]); - -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data("\r\n"); - break; - - case SB: -- sprintf(nfrontp, " SB "); -- nfrontp += strlen(nfrontp); -+ output_data(" SB "); - i++; - j = k = i; - while (j < length) { -@@ -877,20 +791,17 @@ - } - printsub(0, &pointer[i], k - i); - if (i < length) { -- sprintf(nfrontp, " SE"); -- nfrontp += strlen(nfrontp); -+ output_data(" SE"); - i = j; - } else - i = j - 1; - -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data("\r\n"); - - break; - - default: -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - break; - } - } -@@ -900,86 +811,77 @@ - } - - case TELOPT_XDISPLOC: -- sprintf(nfrontp, "X-DISPLAY-LOCATION "); -- nfrontp += strlen(nfrontp); -+ output_data("X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2); -+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND"); -+ output_data("SEND"); - break; - default: -- sprintf(nfrontp, "- unknown qualifier %d (0x%x).", -+ output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } -- nfrontp += strlen(nfrontp); - break; - - case TELOPT_NEW_ENVIRON: -- sprintf(nfrontp, "NEW-ENVIRON "); -+ output_data("NEW-ENVIRON "); - goto env_common1; - case TELOPT_OLD_ENVIRON: -- sprintf(nfrontp, "OLD-ENVIRON"); -+ output_data("OLD-ENVIRON"); - env_common1: -- nfrontp += strlen(nfrontp); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS "); -+ output_data("IS "); - goto env_common; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND "); -+ output_data("SEND "); - goto env_common; - case TELQUAL_INFO: -- sprintf(nfrontp, "INFO "); -+ output_data("INFO "); - env_common: -- nfrontp += strlen(nfrontp); - { - register int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VAR: -- sprintf(nfrontp, "\" VAR " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" VAR " + noquote); - noquote = 2; - break; - - case NEW_ENV_VALUE: -- sprintf(nfrontp, "\" VALUE " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" VALUE " + noquote); - noquote = 2; - break; - - case ENV_ESC: -- sprintf(nfrontp, "\" ESC " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: -- sprintf(nfrontp, "\" USERVAR " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { -- *nfrontp++ = '"'; -+ output_data("\""); - noquote = 0; - } -- *nfrontp++ = pointer[i]; -+ output_data("%c", pointer[i]); - } else { -- sprintf(nfrontp, "\" %03o " + noquote, -+ output_data("\" %03o " + noquote, - pointer[i]); -- nfrontp += strlen(nfrontp); - noquote = 2; - } - break; - } - } - if (!noquote) -- *nfrontp++ = '"'; -+ output_data("\""); - break; - } - } -@@ -987,90 +889,69 @@ - - #if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: -- sprintf(nfrontp, "AUTHENTICATION"); -- nfrontp += strlen(nfrontp); -+ output_data("AUTHENTICATION"); - - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: -- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ? -+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); -- nfrontp += strlen(nfrontp); - if (AUTHTYPE_NAME_OK(pointer[2])) -- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2])); -+ output_data("%s ", AUTHTYPE_NAME(pointer[2])); - else -- sprintf(nfrontp, "%d ", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[2]); - if (length < 3) { -- sprintf(nfrontp, "(partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(partial suboption??\?)"); - break; - } -- sprintf(nfrontp, "%s|%s%s", -+ output_data("%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY", - ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ? - "|ENCRYPT" : ""); -- nfrontp += strlen(nfrontp); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); -- sprintf(nfrontp, "%s", buf); -- nfrontp += strlen(nfrontp); -+ output_data("%s", buf); - break; - - case TELQUAL_SEND: - i = 2; -- sprintf(nfrontp, " SEND "); -- nfrontp += strlen(nfrontp); -+ output_data(" SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) -- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i])); -+ output_data("%s ", AUTHTYPE_NAME(pointer[i])); - else -- sprintf(nfrontp, "%d ", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[i]); - if (++i >= length) { -- sprintf(nfrontp, "(partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(partial suboption??\?)"); - break; - } -- sprintf(nfrontp, "%s|%s%s ", -+ output_data( "%s|%s%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY", - ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ? - "|ENCRYPT" : ""); -- nfrontp += strlen(nfrontp); - ++i; - } - break; - - case TELQUAL_NAME: -- i = 2; -- sprintf(nfrontp, " NAME \""); -- nfrontp += strlen(nfrontp); -- while (i < length) { -- if (isprint(pointer[i])) -- *nfrontp++ = pointer[i++]; -- else { -- sprintf(nfrontp, "\"%03o",pointer[i++]); -- nfrontp += strlen(nfrontp); -- } -- } -- *nfrontp++ = '"'; -+ output_data(" NAME \"%.*s\"", -+ length - 2, -+ pointer + 2); - break; - - default: - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - } -@@ -1079,86 +960,70 @@ - - #ifdef ENCRYPTION - case TELOPT_ENCRYPT: -- sprintf(nfrontp, "ENCRYPT"); -- nfrontp += strlen(nfrontp); -+ output_data("ENCRYPT"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: -- sprintf(nfrontp, " START"); -- nfrontp += strlen(nfrontp); -+ output_data(" START"); - break; - - case ENCRYPT_END: -- sprintf(nfrontp, " END"); -- nfrontp += strlen(nfrontp); -+ output_data(" END"); - break; - - case ENCRYPT_REQSTART: -- sprintf(nfrontp, " REQUEST-START"); -- nfrontp += strlen(nfrontp); -+ output_data(" REQUEST-START"); - break; - - case ENCRYPT_REQEND: -- sprintf(nfrontp, " REQUEST-END"); -- nfrontp += strlen(nfrontp); -+ output_data(" REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: -- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ? -+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); -- nfrontp += strlen(nfrontp); - if (length < 3) { -- sprintf(nfrontp, " (partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (partial suboption??\?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) -- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2])); -+ output_data("%s ", ENCTYPE_NAME(pointer[2])); - else -- sprintf(nfrontp, " %d (unknown)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); -- sprintf(nfrontp, "%s", buf); -- nfrontp += strlen(nfrontp); -+ output_data("%s", buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; -- sprintf(nfrontp, " SUPPORT "); -- nfrontp += strlen(nfrontp); -+ output_data(" SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) -- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i])); -+ output_data("%s ", ENCTYPE_NAME(pointer[i])); - else -- sprintf(nfrontp, "%d ", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: -- sprintf(nfrontp, " ENC_KEYID", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" ENC_KEYID"); - goto encommon; - - case ENCRYPT_DEC_KEYID: -- sprintf(nfrontp, " DEC_KEYID", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" DEC_KEYID"); - goto encommon; - - default: -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - break; - } -@@ -1167,18 +1032,15 @@ - - default: - if (TELOPT_OK(pointer[0])) -- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0])); -+ output_data( "%s (unknown)", TELOPT(pointer[0])); - else -- sprintf(nfrontp, "%d (unknown)", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data( "%d (unknown)", pointer[i]); - for (i = 1; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data( " %d", pointer[i]); - } - break; - } -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data( "\r\n"); - } - - /* -@@ -1200,26 +1062,22 @@ - } - - /* add a line of output */ -- sprintf(nfrontp, "%s: ", tag); -- nfrontp += strlen(nfrontp); -+ output_data("%s: ", tag); - for (i = 0; i < 20 && cnt; i++) { -- sprintf(nfrontp, "%02x", *ptr); -- nfrontp += strlen(nfrontp); -+ output_data("%02x", *ptr); - if (isprint(*ptr)) { - xbuf[i] = *ptr; - } else { - xbuf[i] = '.'; - } - if (i % 2) { -- *nfrontp = ' '; -- nfrontp++; -+ output_data(" "); - } - cnt--; - ptr++; - } - xbuf[i] = '\0'; -- sprintf(nfrontp, " %s\r\n", xbuf ); -- nfrontp += strlen(nfrontp); -+ output_data(" %s\r\n", xbuf ); - } - } - #endif /* DIAGNOSTICS */ diff --git a/security/krb5-16/files/patch-as b/security/krb5-16/files/patch-as deleted file mode 100644 index 0b26c449fe11..000000000000 --- a/security/krb5-16/files/patch-as +++ /dev/null @@ -1,199 +0,0 @@ ---- clients/ksu/main.c.orig Wed Feb 28 14:06:55 2001 -+++ clients/ksu/main.c Thu Sep 6 16:21:46 2001 -@@ -31,6 +31,10 @@ - #include <sys/wait.h> - #include <signal.h> - -+#ifdef LOGIN_CAP -+#include <login_cap.h> -+#endif -+ - /* globals */ - char * prog_name; - int auth_debug =0; -@@ -60,7 +64,7 @@ - ill specified arguments to commands */ - - void usage (){ -- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); -+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); - } - - /* for Ultrix and friends ... */ -@@ -76,6 +80,7 @@ - int argc; - char ** argv; - { -+int asme = 0; - int hp =0; - int some_rest_copy = 0; - int all_rest_copy = 0; -@@ -90,6 +95,7 @@ - char * cc_target_tag = NULL; - char * target_user = NULL; - char * source_user; -+char * source_shell; - - krb5_ccache cc_source = NULL; - const char * cc_source_tag = NULL; -@@ -118,6 +124,11 @@ - char * dir_of_cc_target; - char * dir_of_cc_source; - -+#ifdef LOGIN_CAP -+login_cap_t *lc; -+int setwhat; -+#endif -+ - options.opt = KRB5_DEFAULT_OPTIONS; - options.lifetime = KRB5_DEFAULT_TKT_LIFE; - options.rlife =0; -@@ -181,7 +192,7 @@ - com_err (prog_name, errno, "while setting euid to source user"); - exit (1); - } -- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){ -+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){ - switch (option) { - case 'r': - options.opt |= KDC_OPT_RENEWABLE; -@@ -227,6 +238,9 @@ - errflg++; - } - break; -+ case 'm': -+ asme = 1; -+ break; - case 'n': - if ((retval = krb5_parse_name(ksu_context, optarg, &client))){ - com_err(prog_name, retval, "when parsing name %s", optarg); -@@ -341,6 +355,7 @@ - - /* allocate space and copy the usernamane there */ - source_user = xstrdup(pwd->pw_name); -+ source_shell = xstrdup(pwd->pw_shell); - source_uid = pwd->pw_uid; - source_gid = pwd->pw_gid; - -@@ -668,43 +683,64 @@ - /* get the shell of the user, this will be the shell used by su */ - target_pwd = getpwnam(target_user); - -- if (target_pwd->pw_shell) -- shell = xstrdup(target_pwd->pw_shell); -- else { -- shell = _DEF_CSH; /* default is cshell */ -- } -+ if (asme) { -+ if (source_shell && *source_shell) { -+ shell = strdup(source_shell); -+ } else { -+ shell = _DEF_CSH; -+ } -+ } else { -+ if (target_pwd->pw_shell) -+ shell = strdup(target_pwd->pw_shell); -+ else { -+ shell = _DEF_CSH; /* default is cshell */ -+ } -+ } - - #ifdef HAVE_GETUSERSHELL - - /* insist that the target login uses a standard shell (root is omited) */ - -- if (!standard_shell(target_pwd->pw_shell) && source_uid) { -- fprintf(stderr, "ksu: permission denied (shell).\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -+ if (asme) { -+ if (!standard_shell(pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } else { -+ if (!standard_shell(target_pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - } - #endif /* HAVE_GETUSERSHELL */ - -- if (target_pwd->pw_uid){ -- -- if(set_env_var("USER", target_pwd->pw_name)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -- } -+ if (!asme) { -+ if (target_pwd->pw_uid){ -+ if (set_env_var("USER", target_pwd->pw_name)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } - -- if(set_env_var( "HOME", target_pwd->pw_dir)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+ if (set_env_var( "HOME", target_pwd->pw_dir)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - -- if(set_env_var( "SHELL", shell)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+ if (set_env_var( "SHELL", shell)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } -+ -+#ifdef LOGIN_CAP -+ lc = login_getpwclass(pwd); -+#endif - - /* set the cc env name to target */ - -@@ -714,7 +750,18 @@ - sweep_up(ksu_context, cc_target); - exit(1); - } -- -+#ifdef LOGIN_CAP -+ setwhat = LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; -+ setwhat |= LOGIN_SETPATH|LOGIN_SETUMASK|LOGIN_SETENV; -+ /* -+ * Don't touch resource/priority settings if -m has been -+ * used or -l and -c hasn't, and we're not su'ing to root. -+ */ -+ if (target_pwd->pw_uid) -+ setwhat &= ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES); -+ if (setusercontext(lc, target_pwd, target_pwd->pw_uid, setwhat) < 0) -+ err(1, "setusercontext"); -+#else - /* set permissions */ - if (setgid(target_pwd->pw_gid) < 0) { - perror("ksu: setgid"); -@@ -754,7 +801,8 @@ - perror("ksu: setuid"); - sweep_up(ksu_context, cc_target); - exit(1); -- } -+ } -+#endif - - if (access( cc_target_tag_tmp, R_OK | W_OK )){ - com_err(prog_name, errno, diff --git a/security/krb5-16/files/patch-at b/security/krb5-16/files/patch-at deleted file mode 100644 index ef9ea4856f7a..000000000000 --- a/security/krb5-16/files/patch-at +++ /dev/null @@ -1,14 +0,0 @@ -*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998 ---- include/sys/syslog.h Tue Jun 30 19:46:02 1998 -*************** -*** 34,39 **** ---- 34,42 ---- - #define LOG_LPR (6<<3) /* line printer subsystem */ - #define LOG_NEWS (7<<3) /* network news subsystem */ - #define LOG_UUCP (8<<3) /* UUCP subsystem */ -+ #if (defined(BSD) && (BSD >= 199306)) -+ #define LOG_FTP (11<<3) /* ftp daemon */ -+ #endif - /* other codes through 15 reserved for system use */ - #define LOG_LOCAL0 (16<<3) /* reserved for local use */ - #define LOG_LOCAL1 (17<<3) /* reserved for local use */ diff --git a/security/krb5-16/files/patch-av b/security/krb5-16/files/patch-av deleted file mode 100644 index 8363b8bb1e2d..000000000000 --- a/security/krb5-16/files/patch-av +++ /dev/null @@ -1,15 +0,0 @@ -*** clients/ksu/Makefile.in.ORIG Sun Aug 2 16:51:18 1998 ---- clients/ksu/Makefile.in Sun Aug 2 16:53:48 1998 -*************** -*** 3,7 **** - mydir=ksu - BUILDTOP=$(REL)$(U)$(S)$(U) -! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"' - CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) - ---- 3,7 ---- - mydir=ksu - BUILDTOP=$(REL)$(U)$(S)$(U) -! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/bin /bin /usr/sbin /sbin"' - CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) - diff --git a/security/krb5-16/files/patch-ax b/security/krb5-16/files/patch-ax deleted file mode 100644 index 58cfe89d9294..000000000000 --- a/security/krb5-16/files/patch-ax +++ /dev/null @@ -1,11 +0,0 @@ ---- ../doc/Makefile.orig Wed Jan 20 21:57:45 1999 -+++ ../doc/Makefile Wed Jan 20 21:59:19 1999 -@@ -1,7 +1,7 @@ - SRCDIR=../src - DVI=texi2dvi - DVIPS=dvips -o "$@" --INFO=makeinfo -+INFO=makeinfo --no-validate - HTML=texi2html - RM=rm -f - TAR=tar -chvf diff --git a/security/krb5-16/files/patch-ay b/security/krb5-16/files/patch-ay deleted file mode 100644 index 4ed0c9e5cbbb..000000000000 --- a/security/krb5-16/files/patch-ay +++ /dev/null @@ -1,50 +0,0 @@ ---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998 -+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999 -@@ -21,13 +21,26 @@ - #include "libpty.h" - #include "pty-int.h" - -+#ifdef __FreeBSD__ -+#define PTYCHARS1 "pqrsPQRS" -+#define PTYCHARS2 "0123456789abcdefghijklmnopqrstuv" -+#endif -+ -+#ifndef PTYCHARS1 -+#define PTYCHARS1 "pqrstuvwxyzPQRST" -+#endif -+ -+#ifndef PTYCHARS2 -+#define PTYCHARS2 "0123456789abcdef" -+#endif -+ - long pty_getpty (fd, slave, slavelength) - int slavelength; - int *fd; char *slave; - { -- char *cp; -+ char *cp1, *cp2; - char *p; -- int i,ptynum; -+ int ptynum; - struct stat stb; - char slavebuf[1024]; - #ifdef HAVE__GETPTY -@@ -109,14 +122,14 @@ - strncpy(slave, slavebuf, slavelength); - return 0; - } else { -- for (cp = "pqrstuvwxyzPQRST";*cp; cp++) { -+ for (cp1 = PTYCHARS1; *cp1 != '\0'; cp1++) { - sprintf(slavebuf,"/dev/ptyXX"); -- slavebuf[sizeof("/dev/pty") - 1] = *cp; -+ slavebuf[sizeof("/dev/pty") - 1] = *cp1; - slavebuf[sizeof("/dev/ptyp") - 1] = '0'; - if (stat(slavebuf, &stb) < 0) - break; -- for (i = 0; i < 16; i++) { -- slavebuf[sizeof("/dev/ptyp") - 1] = "0123456789abcdef"[i]; -+ for (cp2 = PTYCHARS2; *cp2 != '\0'; cp2++) { -+ slavebuf[sizeof("/dev/ptyp") - 1] = *cp2; - *fd = open(slavebuf, O_RDWR); - if (*fd < 0) continue; - diff --git a/security/krb5-16/files/patch-ba b/security/krb5-16/files/patch-ba deleted file mode 100644 index 60d70466eff3..000000000000 --- a/security/krb5-16/files/patch-ba +++ /dev/null @@ -1,81 +0,0 @@ ---- appl/bsd/login.c.ORIG Wed Oct 13 12:55:47 1999 -+++ appl/bsd/login.c Wed Oct 13 12:56:29 1999 -@@ -1303,19 +1304,6 @@ - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - } - -- /* Policy: If local password is good, user is good. -- We really can't trust the Kerberos password, -- because somebody on the net could spoof the -- Kerberos server (not easy, but possible). -- Some sites might want to use it anyways, in -- which case they should change this line -- to: -- if (kpass_ok) -- */ -- -- if (lpass_ok) -- break; -- - if (got_v5_tickets) { - if (retval = krb5_verify_init_creds(kcontext, &my_creds, NULL, - NULL, &xtra_creds, -@@ -1338,6 +1326,9 @@ - } - #endif /* KRB4_GET_TICKETS */ - -+ if (lpass_ok) -+ break; -+ - bad_login: - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - -@@ -1640,20 +1631,28 @@ - /* set up credential cache -- obeying KRB5_ENV_CCNAME - set earlier */ - /* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */ -- if (retval = krb5_cc_default(kcontext, &ccache)) { -+ retval = krb5_cc_default(kcontext, &ccache); -+ if (retval) - com_err(argv[0], retval, "while getting default ccache"); -- } else if (retval = krb5_cc_initialize(kcontext, ccache, me)) { -- com_err(argv[0], retval, "when initializing cache"); -- } else if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds)) { -- com_err(argv[0], retval, "while storing credentials"); -- } else if (xtra_creds && -- (retval = krb5_cc_copy_creds(kcontext, xtra_creds, -- ccache))) { -- com_err(argv[0], retval, "while storing credentials"); -+ else { -+ retval = krb5_cc_initialize(kcontext, ccache, me); -+ if (retval) -+ com_err(argv[0], retval, "when initializing cache"); -+ else { -+ retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ else { -+ if (xtra_creds) { -+ retval = krb5_cc_copy_creds(kcontext, xtra_creds, -+ ccache); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ krb5_cc_destroy(kcontext, xtra_creds); -+ } -+ } -+ } - } -- -- if (xtra_creds) -- krb5_cc_destroy(kcontext, xtra_creds); - } else if (forwarded_v5_tickets && rewrite_ccache) { - if ((retval = krb5_cc_initialize (kcontext, ccache, me))) { - syslog(LOG_ERR, -@@ -1727,6 +1727,7 @@ - - if (ccname) - setenv("KRB5CCNAME", ccname, 1); -+ krb5_cc_set_default_name(kcontext, ccname); - - setenv("HOME", pwd->pw_dir, 1); - setenv("PATH", LPATH, 1); diff --git a/security/krb5-16/files/patch-bb b/security/krb5-16/files/patch-bb deleted file mode 100644 index 6545ae682c53..000000000000 --- a/security/krb5-16/files/patch-bb +++ /dev/null @@ -1,10 +0,0 @@ ---- appl/telnet/telnet/Makefile.in.orig Sat Dec 18 10:47:05 1999 -+++ appl/telnet/telnet/Makefile.in Sat Dec 18 10:47:13 1999 -@@ -58,7 +58,6 @@ - $(INSTALL_DATA) $(srcdir)/$$f.1 \ - ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ - done -- $(INSTALL_DATA) $(srcdir)/tmac.doc ${DESTDIR}$(CLIENT_MANDIR)/tmac.doc - - authenc.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) - commands.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) diff --git a/security/krb5-16/files/patch-bd b/security/krb5-16/files/patch-bd deleted file mode 100644 index b2bf41284bb7..000000000000 --- a/security/krb5-16/files/patch-bd +++ /dev/null @@ -1,19 +0,0 @@ ---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001 -+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001 -@@ -805,11 +805,13 @@ - * This is a valid reply in some cases but not in others. - */ - if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) { -- *(char **)&($$) = *ftpglob((char *) $1); -- if (globerr != NULL) { -+ char **vv; -+ vv = ftpglob((char *) $1); -+ if (vv == NULL || globerr != NULL) { - reply(550, globerr); - $$ = NULL; -- } -+ } else -+ $$ = *vv; - free((char *) $1); - } else - $$ = $1; diff --git a/security/krb5-16/pkg-comment b/security/krb5-16/pkg-comment deleted file mode 100644 index 339cc4cd5571..000000000000 --- a/security/krb5-16/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -An authentication system developed at MIT, successor to Kerberos IV diff --git a/security/krb5-16/pkg-descr b/security/krb5-16/pkg-descr deleted file mode 100644 index 376a48c52faf..000000000000 --- a/security/krb5-16/pkg-descr +++ /dev/null @@ -1,24 +0,0 @@ -Kerberos V5 is an authentication system developed at MIT. -WWW: http://web.mit.edu/kerberos/www/ - -Abridged from the User Guide: - Under Kerberos, a client sends a request for a ticket to the - Key Distribution Center (KDC). The KDC creates a ticket-granting - ticket (TGT) for the client, encrypts it using the client's - password as the key, and sends the encrypted TGT back to the - client. The client then attempts to decrypt the TGT, using - its password. If the client successfully decrypts the TGT, it - keeps the decrypted TGT, which indicates proof of the client's - identity. The TGT permits the client to obtain additional tickets, - which give permission for specific services. - Since Kerberos negotiates authenticated, and optionally encrypted, - communications between two points anywhere on the internet, it - provides a layer of security that is not dependent on which side of a - firewall either client is on. - The Kerberos V5 package is designed to be easy to use. Most of the - commands are nearly identical to UNIX network programs you are already - used to. Kerberos V5 is a single-sign-on system, which means that you - have to type your password only once per session, and Kerberos does - the authenticating and encrypting transparently. - -Jacques Vidrine <n@nectar.com> diff --git a/security/krb5-16/pkg-plist b/security/krb5-16/pkg-plist deleted file mode 100644 index df48394c37cf..000000000000 --- a/security/krb5-16/pkg-plist +++ /dev/null @@ -1,123 +0,0 @@ -@unexec install-info --delete %D/info/krb425.info %D/info/dir -@unexec install-info --delete %D/info/krb5-admin.info %D/info/dir -@unexec install-info --delete %D/info/krb5-install.info %D/info/dir -@unexec install-info --delete %D/info/krb5-user.info %D/info/dir -bin/ftp -bin/gss-client -bin/kdestroy -bin/kinit -bin/klist -bin/kpasswd -bin/krb524init -bin/ksu -bin/kvno -bin/rcp -bin/rlogin -bin/rsh -bin/sclient -bin/sim_client -bin/telnet -bin/uuclient -bin/v4rcp -bin/v5passwd -include/com_err.h -include/gssapi/gssapi.h -include/gssapi/gssapi_generic.h -include/gssapi/gssapi_krb5.h -include/kerberosIV/des.h -include/kerberosIV/kadm.h -include/kerberosIV/krb.h -include/kerberosIV/krb_err.h -include/kerberosIV/mit-copyright.h -include/krb5.h -include/libpty.h -include/mit-sipb-copyright.h -include/port-sockets.h -include/profile.h -info/krb425.info -info/krb5-admin.info -info/krb5-admin.info-1 -info/krb5-admin.info-2 -info/krb5-admin.info-3 -info/krb5-install.info -info/krb5-install.info-1 -info/krb5-install.info-2 -info/krb5-user.info -lib/libcom_err.a -lib/libcom_err.so -lib/libcom_err.so.3 -lib/libdes425.a -lib/libdes425.so -lib/libdes425.so.3 -lib/libdyn.a -lib/libdyn.so -lib/libdyn.so.1 -lib/libgssapi_krb5.a -lib/libgssapi_krb5.so -lib/libgssapi_krb5.so.2 -lib/libgssrpc.a -lib/libgssrpc.so -lib/libgssrpc.so.3 -lib/libk5crypto.a -lib/libk5crypto.so -lib/libk5crypto.so.3 -lib/libkadm5clnt.a -lib/libkadm5clnt.so -lib/libkadm5clnt.so.4 -lib/libkadm5srv.a -lib/libkadm5srv.so -lib/libkadm5srv.so.4 -lib/libkdb5.a -lib/libkdb5.so -lib/libkdb5.so.3 -lib/libkrb4.a -lib/libkrb4.so -lib/libkrb4.so.2 -lib/libkrb5.a -lib/libkrb5.so -lib/libkrb5.so.3 -lib/libkrb524.a -lib/libpty.a -lib/libpty.so -lib/libpty.so.1 -lib/libss.a -sbin/ftpd -sbin/gss-server -sbin/kadmin -sbin/kadmin.local -sbin/kadmind -sbin/kadmind4 -sbin/kdb5_util -sbin/klogind -sbin/kprop -sbin/kpropd -sbin/krb5-send-pr -sbin/krb524d -sbin/krb5kdc -sbin/kshd -sbin/ktutil -sbin/login.krb5 -sbin/sim_server -sbin/sserver -sbin/telnetd -sbin/uuserver -sbin/v5passwdd -share/doc/krb5/admin.html -share/doc/krb5/admin_foot.html -share/doc/krb5/admin_toc.html -share/doc/krb5/install.html -share/doc/krb5/install_foot.html -share/doc/krb5/install_toc.html -share/doc/krb5/krb425.html -share/doc/krb5/krb425_toc.html -share/doc/krb5/user-guide.html -share/doc/krb5/user-guide_foot.html -share/doc/krb5/user-guide_toc.html -share/gnats/mit -@dirrm include/gssapi -@dirrm include/kerberosIV -@dirrm share/doc/krb5 -@exec install-info %D/info/krb425.info %D/info/dir -@exec install-info %D/info/krb5-admin.info %D/info/dir -@exec install-info %D/info/krb5-install.info %D/info/dir -@exec install-info %D/info/krb5-user.info %D/info/dir diff --git a/security/krb5-17/Makefile b/security/krb5-17/Makefile deleted file mode 100644 index 7fac84161a4a..000000000000 --- a/security/krb5-17/Makefile +++ /dev/null @@ -1,117 +0,0 @@ -# Ports collection Makefile for: MIT Kerberos V -# Date created: 6/5/1998 -# Whom: nectar@FreeBSD.org -# -# $FreeBSD$ -# - -PORTNAME= krb5 -PORTVERSION= 1.2.2 -PORTREVISION= 4 -CATEGORIES= security -MASTER_SITES= # manual download - -MAINTAINER= Cy.Schubert@uumail.gov.bc.ca - -BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4 - -KERBEROSV_URL= http://web.mit.edu/network/kerberos-form.html -USE_GMAKE= yes -INSTALLS_SHLIB= yes -GNU_CONFIGURE= yes -CONFIGURE_ARGS?= --enable-shared --with-ccopts="${CFLAGS}" -CONFIGURE_ENV= INSTALL="${INSTALL}" -MAKE_ARGS= INSTALL="${INSTALL}" -KRB5_KRB4_COMPAT?= YES - -.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" -MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ -.endif - -.if !defined(KRB5_KRB4_COMPAT) || ${KRB5_KRB4_COMPAT} == "NO" -CONFIGURE_ARGS+= --without-krb4 -.endif - -.if defined(KRB5_HOME) -PREFIX= ${KRB5_HOME} -.endif - -RESTRICTED= "Crypto; export-controlled" -# Set USA_RESIDENT appropriately in /etc/make.conf if you like - -INFO_FILES= krb425.info krb5-admin.info krb5-admin.info-1 \ - krb5-admin.info-2 krb5-admin.info-3 krb5-install.info \ - krb5-install.info-1 krb5-install.info-2 krb5-user.info - -MAN1= krb5-send-pr.1 kpasswd.1 v5passwd.1 klist.1 kinit.1 \ - kdestroy.1 ksu.1 sclient.1 rsh.1 rcp.1 rlogin.1 \ - v4rcp.1 ftp.1 telnet.1 kerberos.1 kvno.1 -MAN5= kdc.conf.5 krb5.conf.5 .k5login.5 -MAN8= krb5kdc.8 kadmin.8 kadmin.local.8 kdb5_util.8 \ - ktutil.8 kadmind.8 kprop.8 kpropd.8 sserver.8 \ - kshd.8 klogind.8 login.krb5.8 ftpd.8 telnetd.8 - -WRKSRC= ${WRKDIR}/${DISTNAME}/src - -WANT_HTML?= YES -HTML_DOC_DIR= ${WRKDIR}/${DISTNAME}/doc -HTML_DOCS= admin.html install_foot.html user-guide.html \ - admin_foot.html install_toc.html user-guide_foot.html \ - admin_toc.html krb425.html user-guide_toc.html \ - install.html krb425_toc.html - -.if !defined(USA_RESIDENT) || ${USA_RESIDENT} == "YES" -do-fetch: - @if [ ! -f ${DISTDIR}/${DISTNAME}${EXTRACT_SUFX} ]; then \ - ${ECHO} ""; \ - ${ECHO} ">> Kerberos V contains encryption software and is"; \ - ${ECHO} " export restricted. If you are not a USA resident,";\ - ${ECHO} " then you cannot obtain the Kerberos V sources from";\ - ${ECHO} " within the United States."; \ - ${ECHO} ""; \ - ${ECHO} ">> The Kerberos V sources must be fetched manually."; \ - ${ECHO} " Please visit ${KERBEROSV_URL}"; \ - ${ECHO} " to download ${DISTNAME}${EXTRACT_SUFX} and place"; \ - ${ECHO} " it in ${DISTDIR}. Then run make again."; \ - ${FALSE}; \ - fi -.endif - -pre-build: -.if !defined(KRB5_KRB4_COMPAT) - @${ECHO} "------------------------------------------------------" - @${ECHO} "Set KRB5_KRB4_COMPAT=NO if you do not want to build " - @${ECHO} "the KerberosIV compatibility libraries. " - @${ECHO} "------------------------------------------------------" -.endif - -post-build: - @(cd ${WRKSRC}/../doc && \ - ${MAKE} ${INFO_FILES}) - -.include <bsd.port.pre.mk> - -post-install: -# html documentation -.if defined(WANT_HTML) && ${WANT_HTML} == "YES" - @${MKDIR} ${PREFIX}/share/doc/krb5 -.for html in ${HTML_DOCS} - ${INSTALL_MAN} ${HTML_DOC_DIR}/${html} ${PREFIX}/share/doc/krb5 -.endfor -.endif -# handle info files -.for info in ${INFO_FILES} - ${INSTALL_MAN} ${WRKSRC}/../doc/${info} ${PREFIX}/info/${info} -.endfor -.for info in ${INFO_FILES:M*.info} - install-info ${PREFIX}/info/${info} ${PREFIX}/info/dir -.endfor -# fixup packing list (no libs without version numbers in aout case) -.if ${PORTOBJFORMAT} == "aout" - ${ECHO_MSG} "Fixing packing list for a.out" - ${MV} ${TMPPLIST} ${TMPPLIST}.new - ${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST} - ${RM} ${TMPPLIST}.new -.endif - -.include <bsd.port.post.mk> diff --git a/security/krb5-17/distinfo b/security/krb5-17/distinfo deleted file mode 100644 index e8159e50a95c..000000000000 --- a/security/krb5-17/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c diff --git a/security/krb5-17/files/patch-ac b/security/krb5-17/files/patch-ac deleted file mode 100644 index 8bca5437d964..000000000000 --- a/security/krb5-17/files/patch-ac +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/admin.texinfo Fri Feb 6 21:40:56 1998 -+++ admin.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb5-admin.info - @settitle Kerberos V5 System Administrator's Guide -+@dircategory Kerberos V5 -+@direntry -+* Admin Guide: (krb5-admin). Kerberos V5 System Admin's Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-17/files/patch-ad b/security/krb5-17/files/patch-ad deleted file mode 100644 index c8b6d3e99e91..000000000000 --- a/security/krb5-17/files/patch-ad +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/user-guide.texinfo Fri Feb 6 21:40:58 1998 -+++ user-guide.texinfo Fri Jun 19 15:13:45 1998 -@@ -3,6 +3,10 @@ - @c guide - @setfilename krb5-user.info - @settitle Kerberos V5 UNIX User's Guide -+@dircategory Kerberos V5 -+@direntry -+* User's Guide: (krb5-user). Kerberos V5 UNIX User's Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-17/files/patch-ae b/security/krb5-17/files/patch-ae deleted file mode 100644 index f5643b5aa04f..000000000000 --- a/security/krb5-17/files/patch-ae +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/install.texinfo Fri Feb 6 21:40:56 1998 -+++ install.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb5-install.info - @settitle Kerberos V5 Installation Guide -+@dircategory Kerberos V5 -+@direntry -+* Installation Guide: (krb5-install). Kerberos V5 Installation Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-17/files/patch-af b/security/krb5-17/files/patch-af deleted file mode 100644 index e054b18bbef5..000000000000 --- a/security/krb5-17/files/patch-af +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/krb425.texinfo Fri Feb 6 21:40:57 1998 -+++ krb425.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb425.info - @settitle Upgrading to Kerberos V5 from Kerberos V4 -+@dircategory Kerberos V5 -+@direntry -+* Upgrading from V4 to V5: (krb425). Upgrading from Kerberos V4 to V5 -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-17/files/patch-ai b/security/krb5-17/files/patch-ai deleted file mode 100644 index 634db6cdec73..000000000000 --- a/security/krb5-17/files/patch-ai +++ /dev/null @@ -1,287 +0,0 @@ ---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001 -+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001 -@@ -485,7 +485,13 @@ - #ifndef LOG_DAEMON - #define LOG_DAEMON 0 - #endif -- openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON); -+ -+#ifndef LOG_FTP -+#define FACILITY LOG_DAEMON -+#else -+#define FACILITY LOG_FTP -+#endif -+ openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY); - - addrlen = sizeof (his_addr); - if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) { -@@ -761,7 +767,16 @@ - int result; - #ifdef GSSAPI - if (auth_type && strcmp(auth_type, "GSSAPI") == 0) { -+ int len; - authorized = ftpd_gss_userok(&client_name, name) == 0; -+ len = sizeof("GSSAPI user is not authorized as " -+ "; Password required.") -+ + strlen(client_name.value) -+ + strlen(name); -+ if (len >= sizeof(buf)) { -+ syslog(LOG_ERR, "user: username too long"); -+ name = "[username too long]"; -+ } - sprintf(buf, "GSSAPI user %s is%s authorized as %s", - client_name.value, authorized ? "" : " not", - name); -@@ -772,7 +787,18 @@ - #endif /* GSSAPI */ - #ifdef KRB5_KRB4_COMPAT - if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) { -+ int len; - authorized = kuserok(&kdata,name) == 0; -+ len = sizeof("Kerberos user .@ is not authorized as " -+ "; Password required.") -+ + strlen(kdata.pname) -+ + strlen(kdata.pinst) -+ + strlen(kdata.prealm) -+ + strlen(name); -+ if (len >= sizeof(buf)) { -+ syslog(LOG_ERR, "user: username too long"); -+ name = "[username too long]"; -+ } - sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s", - kdata.pname, *kdata.pinst ? "." : "", - kdata.pinst, kdata.prealm, -@@ -1179,6 +1205,11 @@ - } else { - char line[FTP_BUFSIZ]; - -+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) { -+ syslog(LOG_ERR, "retrieve: filename too long"); -+ reply(501, "filename too long"); -+ return; -+ } - (void) sprintf(line, cmd, name), name = line; - fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose; - st.st_size = -1; -@@ -1417,6 +1448,10 @@ - return (file); - } - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ -+ */ - #ifdef STDARG - secure_error(char *fmt, ...) - #else -@@ -1616,13 +1651,19 @@ - { - char line[FTP_BUFSIZ]; - FILE *fin; -- int c; -+ int c, n; - char str[FTP_BUFSIZ], *p; - -+ if (strlen(filename) + sizeof("/bin/ls -lgA ") -+ >= sizeof(line)) { -+ reply(501, "filename too long"); -+ return; -+ } - (void) sprintf(line, "/bin/ls -lgA %s", filename); - fin = ftpd_popen(line, "r"); - lreply(211, "status of %s:", filename); - p = str; -+ n = 0; - while ((c = getc(fin)) != EOF) { - if (c == '\n') { - if (ferror(stdout)){ -@@ -1639,7 +1680,16 @@ - *p = '\0'; - reply(0, "%s", str); - p = str; -- } else *p++ = c; -+ n = 0; -+ } else { -+ *p++ = c; -+ n++; -+ if (n >= sizeof(str)) { -+ reply(551, "output line too long"); -+ (void) ftpd_pclose(fin); -+ return; -+ } -+ } - } - if (p != str) { - *p = '\0'; -@@ -1723,6 +1773,10 @@ - - char cont_char = ' '; - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ bytes for now. -+ */ - #ifdef STDARG - reply(int n, char *fmt, ...) - #else -@@ -1744,22 +1798,32 @@ - #endif - - if (auth_type) { -- char in[FTP_BUFSIZ], out[FTP_BUFSIZ]; -+ /* -+ * Deal with expansion in mk_{safe,priv}, -+ * radix_encode, gss_seal, plus slop. -+ */ -+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2]; - int length, kerror; - if (n) sprintf(in, "%d%c", n, cont_char); - else in[0] = '\0'; - strncat(in, buf, sizeof (in) - strlen(in) - 1); - #ifdef KRB5_KRB4_COMPAT - if (strcmp(auth_type, "KERBEROS_V4") == 0) { -- if ((length = clevel == PROT_P ? -- krb_mk_priv((unsigned char *)in, -- (unsigned char *)out, -- strlen(in), schedule, &kdata.session, -- &ctrl_addr, &his_addr) -- : krb_mk_safe((unsigned char *)in, -- (unsigned char *)out, -- strlen(in), &kdata.session, -- &ctrl_addr, &his_addr)) == -1) { -+ if (clevel == PROT_P) -+ length = krb_mk_priv((unsigned char *)in, -+ (unsigned char *)out, -+ strlen(in), -+ schedule, &kdata.session, -+ &ctrl_addr, -+ &his_addr); -+ else -+ length = krb_mk_safe((unsigned char *)in, -+ (unsigned char *)out, -+ strlen(in), -+ &kdata.session, -+ &ctrl_addr, -+ &his_addr); -+ if (length == -1) { - syslog(LOG_ERR, - "krb_mk_%s failed for KERBEROS_V4", - clevel == PROT_P ? "priv" : "safe"); -@@ -1803,13 +1867,16 @@ - } - #endif /* GSSAPI */ - /* Other auth types go here ... */ -- if (kerror = radix_encode(out, in, &length, 0)) { -+ if (length >= sizeof(in) / 4 * 3) { -+ syslog(LOG_ERR, "input to radix_encode too long"); -+ fputs(in, stdout); -+ } else if (kerror = radix_encode(out, in, &length, 0)) { - syslog(LOG_ERR, "Couldn't encode reply (%s)", - radix_error(kerror)); - fputs(in,stdout); - } else -- printf("%s%c%s", clevel == PROT_P ? "632" : "631", -- n ? cont_char : '-', in); -+ printf("%s%c%s", clevel == PROT_P ? "632" : "631", -+ n ? cont_char : '-', in); - } else { - if (n) printf("%d%c", n, cont_char); - fputs(buf, stdout); -@@ -1822,6 +1889,10 @@ - } - } - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ -+ */ - #ifdef STDARG - lreply(int n, char *fmt, ...) - #else -@@ -1866,7 +1937,8 @@ - - if (cp = strchr(cbuf,'\n')) - *cp = '\0'; -- reply(500, "'%s': command not understood.", cbuf); -+ reply(500, "'%.*s': command not understood.", -+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf); - } - - delete_file(name) -@@ -2143,7 +2215,21 @@ - int code; - char *string; - { -- reply(code, "%s: %s.", string, strerror(errno)); -+ char *err_string; -+ size_t extra_len; -+ err_string = strerror(errno); -+ if (err_string == NULL) -+ err_string = "(unknown error)"; -+ extra_len = strlen(err_string) + sizeof("(truncated): ."); -+ /* -+ * XXX knows about FTP_BUFSIZ in reply() -+ */ -+ if (strlen(string) + extra_len > FTP_BUFSIZ) { -+ reply(code, "(truncated)%.*s: %s.", -+ FTP_BUFSIZ - extra_len, string, err_string); -+ } else { -+ reply(code, "%s: %s.", string, err_string); -+ } - } - - auth(type) -@@ -2226,6 +2312,10 @@ - secure_error("ADAT: krb_mk_safe failed"); - return(0); - } -+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) { -+ secure_error("ADAT: reply too long"); -+ return(0); -+ } - if (kerror = radix_encode(out_buf, buf, &length, 0)) { - secure_error("Couldn't encode ADAT reply (%s)", - radix_error(kerror)); -@@ -2360,6 +2450,16 @@ - } - - if (out_tok.length) { -+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT=")) -+ / 4 * 3)) { -+ secure_error("ADAT: reply too long"); -+ syslog(LOG_ERR, "ADAT: reply too long"); -+ (void) gss_release_cred(&stat_min, &server_creds); -+ if (ret_flags & GSS_C_DELEG_FLAG) -+ (void) gss_release_cred(&stat_min, -+ &deleg_creds); -+ return(0); -+ } - if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) { - secure_error("Couldn't encode ADAT reply (%s)", - radix_error(kerror)); -@@ -2458,6 +2558,9 @@ - * n>=0 on success - * -1 on error - * -2 on security error -+ * -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ - */ - #ifdef STDARG - secure_fprintf(FILE *stream, char *fmt, ...) -@@ -2575,6 +2678,15 @@ - dir->d_name[2] == '\0') - continue; - -+ if (strlen(dirname) + strlen(dir->d_name) -+ + 1 /* slash */ -+ + 2 /* CRLF */ -+ + 1 > sizeof(nbuf)) { -+ syslog(LOG_ERR, -+ "send_file_list: pathname too long"); -+ ret = -2; /* XXX */ -+ goto data_err; -+ } - sprintf(nbuf, "%s/%s", dirname, dir->d_name); - - /* diff --git a/security/krb5-17/files/patch-aj b/security/krb5-17/files/patch-aj deleted file mode 100644 index c3bb8dfd6960..000000000000 --- a/security/krb5-17/files/patch-aj +++ /dev/null @@ -1,19 +0,0 @@ -*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998 ---- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998 -*************** -*** 66,72 **** - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); ---- 66,72 ---- - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c deleted file mode 100644 index 9a19ab958aaf..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c +++ /dev/null @@ -1,12 +0,0 @@ ---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001 -@@ -43,8 +43,7 @@ - int len; - { - if (nfrontp + len < netobuf + BUFSIZ) { -- memcpy((void *)nfrontp, (void *)str, len); -- nfrontp += len; -+ output_datalen(str, len); - return(len); - } - return(0); diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-17/files/patch-appl::telnet::telnetd::ext.h deleted file mode 100644 index 38fd6ac1fd53..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::ext.h +++ /dev/null @@ -1,24 +0,0 @@ ---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001 -@@ -75,7 +75,7 @@ - - extern char netibuf[BUFSIZ], *netip; - --extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -+extern char netobuf[BUFSIZ], *nfrontp, *nbackp; - extern char *neturg; /* one past last bye of urgent data */ - - extern int pcc, ncc; -@@ -187,8 +187,10 @@ - tty_setsofttab P((int)), - tty_tspeed P((int)), - willoption P((int)), -- wontoption P((int)), -- writenet P((unsigned char *, int)); -+ wontoption P((int)); -+ -+extern int output_data __P((const char *, ...)) __printflike(1, 2); -+extern int output_datalen __P((const char *, size_t)); - - #ifdef ENCRYPTION - extern char *nclearto; diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::slc.c b/security/krb5-17/files/patch-appl::telnet::telnetd::slc.c deleted file mode 100644 index f4e7d41e494d..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::slc.c +++ /dev/null @@ -1,11 +0,0 @@ ---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001 -@@ -198,7 +198,7 @@ - (void) sprintf((char *)slcptr, "%c%c", IAC, SE); - slcptr += 2; - len = slcptr - slcbuf; -- writenet(slcbuf, len); -+ output_datalen(slcbuf, len); - netflush(); /* force it out immediately */ - DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2);); - } diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::state.c b/security/krb5-17/files/patch-appl::telnet::telnetd::state.c deleted file mode 100644 index baf207333a1d..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::state.c +++ /dev/null @@ -1,134 +0,0 @@ ---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001 -@@ -33,6 +33,7 @@ - - /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */ - -+#include <stdarg.h> - #include "telnetd.h" - #if defined(AUTHENTICATION) - #include <libtelnet/auth.h> -@@ -86,7 +87,7 @@ - if (!auth_negotiated) { - static char *error = - "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n"; -- writenet(error, strlen(error)); -+ output_datalen(error, strlen(error)); - netflush(); - exit(1); - } -@@ -209,8 +210,7 @@ - } - - netclear(); /* clear buffer back */ -- *nfrontp++ = IAC; -- *nfrontp++ = DM; -+ output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); -@@ -463,8 +463,7 @@ - set_his_want_state_will(option); - do_dont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)doopt, option); -- nfrontp += sizeof (dont) - 2; -+ output_data((const char *)doopt, option); - - DIAG(TD_OPTIONS, printoption("td: send do", option)); - } -@@ -683,8 +682,7 @@ - set_his_want_state_wont(option); - do_dont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)dont, option); -- nfrontp += sizeof (doopt) - 2; -+ output_data((const char *)dont, option); - - DIAG(TD_OPTIONS, printoption("td: send dont", option)); - } -@@ -833,8 +831,7 @@ - set_my_want_state_will(option); - will_wont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)will, option); -- nfrontp += sizeof (doopt) - 2; -+ output_data((const char *)will, option); - - DIAG(TD_OPTIONS, printoption("td: send will", option)); - } -@@ -993,8 +990,7 @@ - set_my_want_state_wont(option); - will_wont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)wont, option); -- nfrontp += sizeof (wont) - 2; -+ output_data((const char *)wont, option); - - DIAG(TD_OPTIONS, printoption("td: send wont", option)); - } -@@ -1393,9 +1389,8 @@ - env_ovar_wrong: - env_ovar = OLD_ENV_VALUE; - env_ovalue = OLD_ENV_VAR; -- DIAG(TD_OPTIONS, {sprintf(nfrontp, -- "ENVIRON VALUE and VAR are reversed!\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_OPTIONS, -+ output_data("ENVIRON VALUE and VAR are reversed!\r\n")); - - } - } -@@ -1633,11 +1628,51 @@ - ADD(IAC); - ADD(SE); - -- writenet(statusbuf, ncp - statusbuf); -+ output_datalen(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ - - DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); -+} -+ -+/* -+ * This function appends data to nfrontp and advances nfrontp. -+ */ -+ -+int -+output_data(const char *format, ...) -+{ -+ va_list args; -+ size_t remaining, ret; -+ -+ va_start(args, format); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ /* try a netflush() if the room is too low */ -+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } -+ ret = vsnprintf(nfrontp, remaining, format, args); -+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1); -+ va_end(args); -+ return ret; -+} -+ -+int -+output_datalen(const char *buf, size_t len) -+{ -+ size_t remaining; -+ -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ if (remaining < len) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } -+ if (remaining < len) -+ return -1; -+ memmove(nfrontp, buf, len); -+ nfrontp += len; -+ return (len); - } - - static int envvarok(varp) diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c deleted file mode 100644 index 9eef1709beeb..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c +++ /dev/null @@ -1,169 +0,0 @@ ---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001 -@@ -693,7 +693,7 @@ - char *error_message = - "Encryption was not successfully negotiated. Goodbye.\r\n\r\n"; - -- writenet(error_message, strlen(error_message)); -+ output_datalen(error_message, strlen(error_message)); - netflush(); - exit(1); - } -@@ -782,9 +782,7 @@ - { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_XDISPLOC)) { -@@ -792,9 +790,7 @@ - { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { -@@ -802,9 +798,7 @@ - { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - else if (his_state_is_will(TELOPT_OLD_ENVIRON)) { -@@ -812,17 +806,13 @@ - { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_TTYPE)) { - - if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) { -- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf)); -- nfrontp += sizeof(ttytype_sbbuf); -- *nfrontp = '\0'; -+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - } - if (his_state_is_will(TELOPT_TSPEED)) { -@@ -902,9 +892,7 @@ - return; - settimer(baseline); - if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) { -- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf)); -- nfrontp += sizeof(ttytype_sbbuf); -- *nfrontp = '\0'; -+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); -@@ -1177,9 +1165,7 @@ - * mode, which we do not want. - */ - if (his_want_state_is_will(TELOPT_ECHO)) { -- DIAG(TD_OPTIONS, -- {sprintf(nfrontp, "td: simulating recv\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n")); - willoption(TELOPT_ECHO); - } - -@@ -1308,9 +1294,7 @@ - localstat(); - #endif /* LINEMODE */ - -- DIAG(TD_REPORT, -- {sprintf(nfrontp, "td: Entering processing loop\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n")); - - #ifdef convex - startslave(host); -@@ -1435,8 +1419,7 @@ - netip = netibuf; - } - DIAG((TD_REPORT | TD_NETDATA), -- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc); -- nfrontp += strlen(nfrontp);}); -+ output_data("td: netread %d chars\r\n", ncc)); - DIAG(TD_NETDATA, printdata("nd", netip, ncc)); - } - -@@ -1483,8 +1466,7 @@ - * royally if we send them urgent - * mode data. - */ -- *nfrontp++ = IAC; -- *nfrontp++ = DM; -+ output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - #endif - } -@@ -1495,13 +1477,11 @@ - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; - if (newflow != flowmode) { - flowmode = newflow; -- (void) sprintf(nfrontp, -- "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON - : LFLOW_OFF, - IAC, SE); -- nfrontp += 6; - } - } - pcc--; -@@ -1524,19 +1504,19 @@ - break; - c = *ptyip++ & 0377, pcc--; - if (c == IAC) -- *nfrontp++ = c; -+ output_data("%c", c); - #if defined(CRAY2) && defined(UNICOS5) - else if (c == '\n' && - my_state_is_wont(TELOPT_BINARY) && newmap) -- *nfrontp++ = '\r'; -+ output_data("\r"); - #endif /* defined(CRAY2) && defined(UNICOS5) */ -- *nfrontp++ = c; -+ output_data("%c", c); - if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { - if (pcc > 0 && ((*ptyip & 0377) == '\n')) { -- *nfrontp++ = *ptyip++ & 0377; -+ output_data("%c", *ptyip++ & 0377); - pcc--; - } else -- *nfrontp++ = '\0'; -+ output_data("%c", '\0'); - } - } - #if defined(CRAY2) && defined(UNICOS5) -@@ -1707,10 +1687,7 @@ - return; - } - #endif -- (void) strncpy(nfrontp, "\r\n[Yes]\r\n", -- sizeof(netobuf) - 1 - (nfrontp - netobuf)); -- nfrontp += 9; -- *nfrontp = '\0'; -+ output_data("\r\n[Yes]\r\n"); - } - - void diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c deleted file mode 100644 index 422f1c8e0645..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c +++ /dev/null @@ -1,74 +0,0 @@ ---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001 -@@ -283,10 +283,9 @@ - # endif /* KLUDGELINEMODE */ - send_do(TELOPT_LINEMODE, 1); - /* send along edit modes */ -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB, -+ output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - # ifdef KLUDGELINEMODE - } -@@ -312,10 +311,9 @@ - /* - * Send along appropriate edit mode mask. - */ -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB, -+ output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - } - -@@ -359,20 +357,18 @@ - if (his_state_is_will(TELOPT_LFLOW)) { - if (tty_flowmode() != flowmode) { - flowmode = tty_flowmode(); -- (void) sprintf(nfrontp, "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON : LFLOW_OFF, - IAC, SE); -- nfrontp += 6; - } - if (tty_restartany() != restartany) { - restartany = tty_restartany(); -- (void) sprintf(nfrontp, "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - restartany ? LFLOW_RESTART_ANY - : LFLOW_RESTART_XON, - IAC, SE); -- nfrontp += 6; - } - } - } -@@ -445,10 +441,9 @@ - useeditmode |= MODE_SOFT_TAB; - if (tty_islitecho()) - useeditmode |= MODE_LIT_ECHO; -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, -+ output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode, IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - } - -@@ -504,11 +499,10 @@ - set_termbuf(); - - if (!ack) { -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, -+ output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode|MODE_ACK, - IAC, SE); -- nfrontp += 7; - } - - editmode = useeditmode; diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c deleted file mode 100644 index d49598c27487..000000000000 --- a/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c +++ /dev/null @@ -1,879 +0,0 @@ ---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001 -+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001 -@@ -58,8 +58,7 @@ - { - void netflush(); - -- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { - netflush(); - } -@@ -74,8 +73,7 @@ - syslog(LOG_INFO, "ttloop: peer died: %m"); - exit(1); - } -- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc)); - netip = netibuf; - telrcv(); /* state machine */ - if (ncc > 0) { -@@ -117,9 +115,8 @@ - int n; - - if ((n = pfrontp - pbackp) > 0) { -- DIAG((TD_REPORT | TD_PTYDATA), -- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n); -- nfrontp += strlen(nfrontp); }); -+ DIAG(TD_REPORT | TD_PTYDATA, -+ output_data("td: ptyflush %d chars\r\n", n)); - DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); - n = write(pty, pbackp, n); - } -@@ -251,11 +248,9 @@ - extern int not42; - - if ((n = nfrontp - nbackp) > 0) { -- DIAG(TD_REPORT, -- { sprintf(nfrontp, "td: netflush %d chars\r\n", n); -- n += strlen(nfrontp); /* get count first */ -- nfrontp += strlen(nfrontp); /* then move pointer */ -- }); -+ DIAG(TD_REPORT, { -+ n += output_data("td: netflush %d chars\r\n", n); -+ }); - #ifdef ENCRYPTION - if (encrypt_output) { - char *s = nclearto ? nclearto : nbackp; -@@ -314,33 +309,6 @@ - - - /* -- * writenet -- * -- * Just a handy little function to write a bit of raw data to the net. -- * It will force a transmit of the buffer if necessary -- * -- * arguments -- * ptr - A pointer to a character string to write -- * len - How many bytes to write -- */ -- void --writenet(ptr, len) -- register unsigned char *ptr; -- register int len; --{ -- /* flush buffer if no room for new data) */ -- if ((&netobuf[BUFSIZ] - nfrontp) < len) { -- /* if this fails, don't worry, buffer is a little big */ -- netflush(); -- } -- -- memcpy(nfrontp, ptr, len); -- nfrontp += len; -- --} /* end of writenet */ -- -- --/* - * miscellaneous functions doing a variety of little jobs follow ... - */ - -@@ -528,12 +496,11 @@ - register int option; - { - if (TELOPT_OK(option)) -- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option)); -+ output_data("%s %s\r\n", fmt, TELOPT(option)); - else if (TELCMD_OK(option)) -- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option)); -+ output_data("%s %s\r\n", fmt, TELCMD(option)); - else -- sprintf(nfrontp, "%s %d\r\n", fmt, option); -- nfrontp += strlen(nfrontp); -+ output_data("%s %d\r\n", fmt, option); - return; - } - -@@ -550,9 +517,8 @@ - return; - - if (direction) { -- sprintf(nfrontp, "td: %s suboption ", -+ output_data("td: %s suboption ", - direction == '<' ? "recv" : "send"); -- nfrontp += strlen(nfrontp); - if (length >= 3) { - register int j; - -@@ -560,232 +526,192 @@ - j = pointer[length-1]; - - if (i != IAC || j != SE) { -- sprintf(nfrontp, "(terminated by "); -- nfrontp += strlen(nfrontp); -+ output_data("(terminated by "); - if (TELOPT_OK(i)) -- sprintf(nfrontp, "%s ", TELOPT(i)); -+ output_data("%s ", TELOPT(i)); - else if (TELCMD_OK(i)) -- sprintf(nfrontp, "%s ", TELCMD(i)); -+ output_data("%s ", TELCMD(i)); - else -- sprintf(nfrontp, "%d ", i); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", i); - if (TELOPT_OK(j)) -- sprintf(nfrontp, "%s", TELOPT(j)); -+ output_data("%s", TELOPT(j)); - else if (TELCMD_OK(j)) -- sprintf(nfrontp, "%s", TELCMD(j)); -+ output_data("%s", TELCMD(j)); - else -- sprintf(nfrontp, "%d", j); -- nfrontp += strlen(nfrontp); -- sprintf(nfrontp, ", not IAC SE!) "); -- nfrontp += strlen(nfrontp); -+ output_data("%d", j); -+ output_data(", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { -- sprintf(nfrontp, "(Empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(Empty suboption??\?)"); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: -- sprintf(nfrontp, "TERMINAL-TYPE "); -- nfrontp += strlen(nfrontp); -+ output_data("TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2); -+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND"); -+ output_data("SEND"); - break; - default: -- sprintf(nfrontp, -+ output_data( - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } -- nfrontp += strlen(nfrontp); - break; - case TELOPT_TSPEED: -- sprintf(nfrontp, "TERMINAL-SPEED"); -- nfrontp += strlen(nfrontp); -+ output_data("TERMINAL-SPEED"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2); -- nfrontp += strlen(nfrontp); -+ output_data(" IS %.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) -- sprintf(nfrontp, " SEND"); -+ output_data(" SEND"); - else -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - } - break; - - case TELOPT_LFLOW: -- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL"); -- nfrontp += strlen(nfrontp); -+ output_data("TOGGLE-FLOW-CONTROL"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: -- sprintf(nfrontp, " OFF"); break; -+ output_data(" OFF"); break; - case LFLOW_ON: -- sprintf(nfrontp, " ON"); break; -+ output_data(" ON"); break; - case LFLOW_RESTART_ANY: -- sprintf(nfrontp, " RESTART-ANY"); break; -+ output_data(" RESTART-ANY"); break; - case LFLOW_RESTART_XON: -- sprintf(nfrontp, " RESTART-XON"); break; -+ output_data(" RESTART-XON"); break; - default: -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -+ output_data(" %d (unknown)", pointer[1]); - } -- nfrontp += strlen(nfrontp); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_NAWS: -- sprintf(nfrontp, "NAWS"); -- nfrontp += strlen(nfrontp); -+ output_data("NAWS"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - if (length == 2) { -- sprintf(nfrontp, " ?%d?", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[1]); - break; - } -- sprintf(nfrontp, " %d %d (%d)", -+ output_data(" %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); -- nfrontp += strlen(nfrontp); - if (length == 4) { -- sprintf(nfrontp, " ?%d?", pointer[3]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[3]); - break; - } -- sprintf(nfrontp, " %d %d (%d)", -+ output_data(" %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); -- nfrontp += strlen(nfrontp); - for (i = 5; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_LINEMODE: -- sprintf(nfrontp, "LINEMODE "); -- nfrontp += strlen(nfrontp); -+ output_data("LINEMODE "); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: -- sprintf(nfrontp, "WILL "); -+ output_data("WILL "); - goto common; - case WONT: -- sprintf(nfrontp, "WONT "); -+ output_data("WONT "); - goto common; - case DO: -- sprintf(nfrontp, "DO "); -+ output_data("DO "); - goto common; - case DONT: -- sprintf(nfrontp, "DONT "); -+ output_data("DONT "); - common: -- nfrontp += strlen(nfrontp); - if (length < 3) { -- sprintf(nfrontp, "(no option??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: -- sprintf(nfrontp, "Forward Mask"); -- nfrontp += strlen(nfrontp); -+ output_data("Forward Mask"); - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " %x", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %x", pointer[i]); - } - break; - default: -- sprintf(nfrontp, "%d (unknown)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data("%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - break; - } - break; - - case LM_SLC: -- sprintf(nfrontp, "SLC"); -- nfrontp += strlen(nfrontp); -+ output_data("SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) -- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC])); -+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC])); - else -- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: -- sprintf(nfrontp, " NOSUPPORT"); break; -+ output_data(" NOSUPPORT"); break; - case SLC_CANTCHANGE: -- sprintf(nfrontp, " CANTCHANGE"); break; -+ output_data(" CANTCHANGE"); break; - case SLC_VARIABLE: -- sprintf(nfrontp, " VARIABLE"); break; -+ output_data(" VARIABLE"); break; - case SLC_DEFAULT: -- sprintf(nfrontp, " DEFAULT"); break; -+ output_data(" DEFAULT"); break; - } -- nfrontp += strlen(nfrontp); -- sprintf(nfrontp, "%s%s%s", -+ output_data("%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); -- nfrontp += strlen(nfrontp); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) { -- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]); -- nfrontp += strlen(nfrontp); -+ output_data("(0x%x)", pointer[i+SLC_FLAGS]); - } -- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case LM_MODE: -- sprintf(nfrontp, "MODE "); -- nfrontp += strlen(nfrontp); -+ output_data("MODE "); - if (length < 3) { -- sprintf(nfrontp, "(no mode??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(no mode??\?)"); - break; - } - { -@@ -796,24 +722,19 @@ - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); -- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0"); -- nfrontp += strlen(nfrontp); -+ output_data("%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) { -- sprintf(nfrontp, " (0x%x)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data(" (0x%x)", pointer[2]); - } - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " ?0x%x?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?0x%x?", pointer[i]); - } - break; - default: -- sprintf(nfrontp, "%d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data("%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - } - break; -@@ -822,24 +743,20 @@ - register char *cp; - register int j, k; - -- sprintf(nfrontp, "STATUS"); -- nfrontp += strlen(nfrontp); -+ output_data("STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) -- sprintf(nfrontp, " SEND"); -+ output_data(" SEND"); - else -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - case TELQUAL_IS: -- sprintf(nfrontp, " IS\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data(" IS\r\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { -@@ -850,18 +767,15 @@ - common2: - i++; - if (TELOPT_OK(pointer[i])) -- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i])); -+ output_data(" %s %s", cp, TELOPT(pointer[i])); - else -- sprintf(nfrontp, " %s %d", cp, pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %s %d", cp, pointer[i]); - -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data("\r\n"); - break; - - case SB: -- sprintf(nfrontp, " SB "); -- nfrontp += strlen(nfrontp); -+ output_data(" SB "); - i++; - j = k = i; - while (j < length) { -@@ -877,20 +791,17 @@ - } - printsub(0, &pointer[i], k - i); - if (i < length) { -- sprintf(nfrontp, " SE"); -- nfrontp += strlen(nfrontp); -+ output_data(" SE"); - i = j; - } else - i = j - 1; - -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data("\r\n"); - - break; - - default: -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - break; - } - } -@@ -900,86 +811,77 @@ - } - - case TELOPT_XDISPLOC: -- sprintf(nfrontp, "X-DISPLAY-LOCATION "); -- nfrontp += strlen(nfrontp); -+ output_data("X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2); -+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND"); -+ output_data("SEND"); - break; - default: -- sprintf(nfrontp, "- unknown qualifier %d (0x%x).", -+ output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } -- nfrontp += strlen(nfrontp); - break; - - case TELOPT_NEW_ENVIRON: -- sprintf(nfrontp, "NEW-ENVIRON "); -+ output_data("NEW-ENVIRON "); - goto env_common1; - case TELOPT_OLD_ENVIRON: -- sprintf(nfrontp, "OLD-ENVIRON"); -+ output_data("OLD-ENVIRON"); - env_common1: -- nfrontp += strlen(nfrontp); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS "); -+ output_data("IS "); - goto env_common; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND "); -+ output_data("SEND "); - goto env_common; - case TELQUAL_INFO: -- sprintf(nfrontp, "INFO "); -+ output_data("INFO "); - env_common: -- nfrontp += strlen(nfrontp); - { - register int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VAR: -- sprintf(nfrontp, "\" VAR " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" VAR " + noquote); - noquote = 2; - break; - - case NEW_ENV_VALUE: -- sprintf(nfrontp, "\" VALUE " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" VALUE " + noquote); - noquote = 2; - break; - - case ENV_ESC: -- sprintf(nfrontp, "\" ESC " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: -- sprintf(nfrontp, "\" USERVAR " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { -- *nfrontp++ = '"'; -+ output_data("\""); - noquote = 0; - } -- *nfrontp++ = pointer[i]; -+ output_data("%c", pointer[i]); - } else { -- sprintf(nfrontp, "\" %03o " + noquote, -+ output_data("\" %03o " + noquote, - pointer[i]); -- nfrontp += strlen(nfrontp); - noquote = 2; - } - break; - } - } - if (!noquote) -- *nfrontp++ = '"'; -+ output_data("\""); - break; - } - } -@@ -987,90 +889,69 @@ - - #if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: -- sprintf(nfrontp, "AUTHENTICATION"); -- nfrontp += strlen(nfrontp); -+ output_data("AUTHENTICATION"); - - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: -- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ? -+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); -- nfrontp += strlen(nfrontp); - if (AUTHTYPE_NAME_OK(pointer[2])) -- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2])); -+ output_data("%s ", AUTHTYPE_NAME(pointer[2])); - else -- sprintf(nfrontp, "%d ", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[2]); - if (length < 3) { -- sprintf(nfrontp, "(partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(partial suboption??\?)"); - break; - } -- sprintf(nfrontp, "%s|%s%s", -+ output_data("%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY", - ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ? - "|ENCRYPT" : ""); -- nfrontp += strlen(nfrontp); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); -- sprintf(nfrontp, "%s", buf); -- nfrontp += strlen(nfrontp); -+ output_data("%s", buf); - break; - - case TELQUAL_SEND: - i = 2; -- sprintf(nfrontp, " SEND "); -- nfrontp += strlen(nfrontp); -+ output_data(" SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) -- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i])); -+ output_data("%s ", AUTHTYPE_NAME(pointer[i])); - else -- sprintf(nfrontp, "%d ", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[i]); - if (++i >= length) { -- sprintf(nfrontp, "(partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(partial suboption??\?)"); - break; - } -- sprintf(nfrontp, "%s|%s%s ", -+ output_data( "%s|%s%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY", - ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ? - "|ENCRYPT" : ""); -- nfrontp += strlen(nfrontp); - ++i; - } - break; - - case TELQUAL_NAME: -- i = 2; -- sprintf(nfrontp, " NAME \""); -- nfrontp += strlen(nfrontp); -- while (i < length) { -- if (isprint(pointer[i])) -- *nfrontp++ = pointer[i++]; -- else { -- sprintf(nfrontp, "\"%03o",pointer[i++]); -- nfrontp += strlen(nfrontp); -- } -- } -- *nfrontp++ = '"'; -+ output_data(" NAME \"%.*s\"", -+ length - 2, -+ pointer + 2); - break; - - default: - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - } -@@ -1079,86 +960,70 @@ - - #ifdef ENCRYPTION - case TELOPT_ENCRYPT: -- sprintf(nfrontp, "ENCRYPT"); -- nfrontp += strlen(nfrontp); -+ output_data("ENCRYPT"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: -- sprintf(nfrontp, " START"); -- nfrontp += strlen(nfrontp); -+ output_data(" START"); - break; - - case ENCRYPT_END: -- sprintf(nfrontp, " END"); -- nfrontp += strlen(nfrontp); -+ output_data(" END"); - break; - - case ENCRYPT_REQSTART: -- sprintf(nfrontp, " REQUEST-START"); -- nfrontp += strlen(nfrontp); -+ output_data(" REQUEST-START"); - break; - - case ENCRYPT_REQEND: -- sprintf(nfrontp, " REQUEST-END"); -- nfrontp += strlen(nfrontp); -+ output_data(" REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: -- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ? -+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); -- nfrontp += strlen(nfrontp); - if (length < 3) { -- sprintf(nfrontp, " (partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (partial suboption??\?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) -- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2])); -+ output_data("%s ", ENCTYPE_NAME(pointer[2])); - else -- sprintf(nfrontp, " %d (unknown)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); -- sprintf(nfrontp, "%s", buf); -- nfrontp += strlen(nfrontp); -+ output_data("%s", buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; -- sprintf(nfrontp, " SUPPORT "); -- nfrontp += strlen(nfrontp); -+ output_data(" SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) -- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i])); -+ output_data("%s ", ENCTYPE_NAME(pointer[i])); - else -- sprintf(nfrontp, "%d ", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: -- sprintf(nfrontp, " ENC_KEYID", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" ENC_KEYID"); - goto encommon; - - case ENCRYPT_DEC_KEYID: -- sprintf(nfrontp, " DEC_KEYID", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" DEC_KEYID"); - goto encommon; - - default: -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - break; - } -@@ -1167,18 +1032,15 @@ - - default: - if (TELOPT_OK(pointer[0])) -- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0])); -+ output_data( "%s (unknown)", TELOPT(pointer[0])); - else -- sprintf(nfrontp, "%d (unknown)", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data( "%d (unknown)", pointer[i]); - for (i = 1; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data( " %d", pointer[i]); - } - break; - } -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data( "\r\n"); - } - - /* -@@ -1200,26 +1062,22 @@ - } - - /* add a line of output */ -- sprintf(nfrontp, "%s: ", tag); -- nfrontp += strlen(nfrontp); -+ output_data("%s: ", tag); - for (i = 0; i < 20 && cnt; i++) { -- sprintf(nfrontp, "%02x", *ptr); -- nfrontp += strlen(nfrontp); -+ output_data("%02x", *ptr); - if (isprint(*ptr)) { - xbuf[i] = *ptr; - } else { - xbuf[i] = '.'; - } - if (i % 2) { -- *nfrontp = ' '; -- nfrontp++; -+ output_data(" "); - } - cnt--; - ptr++; - } - xbuf[i] = '\0'; -- sprintf(nfrontp, " %s\r\n", xbuf ); -- nfrontp += strlen(nfrontp); -+ output_data(" %s\r\n", xbuf ); - } - } - #endif /* DIAGNOSTICS */ diff --git a/security/krb5-17/files/patch-as b/security/krb5-17/files/patch-as deleted file mode 100644 index 0b26c449fe11..000000000000 --- a/security/krb5-17/files/patch-as +++ /dev/null @@ -1,199 +0,0 @@ ---- clients/ksu/main.c.orig Wed Feb 28 14:06:55 2001 -+++ clients/ksu/main.c Thu Sep 6 16:21:46 2001 -@@ -31,6 +31,10 @@ - #include <sys/wait.h> - #include <signal.h> - -+#ifdef LOGIN_CAP -+#include <login_cap.h> -+#endif -+ - /* globals */ - char * prog_name; - int auth_debug =0; -@@ -60,7 +64,7 @@ - ill specified arguments to commands */ - - void usage (){ -- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); -+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); - } - - /* for Ultrix and friends ... */ -@@ -76,6 +80,7 @@ - int argc; - char ** argv; - { -+int asme = 0; - int hp =0; - int some_rest_copy = 0; - int all_rest_copy = 0; -@@ -90,6 +95,7 @@ - char * cc_target_tag = NULL; - char * target_user = NULL; - char * source_user; -+char * source_shell; - - krb5_ccache cc_source = NULL; - const char * cc_source_tag = NULL; -@@ -118,6 +124,11 @@ - char * dir_of_cc_target; - char * dir_of_cc_source; - -+#ifdef LOGIN_CAP -+login_cap_t *lc; -+int setwhat; -+#endif -+ - options.opt = KRB5_DEFAULT_OPTIONS; - options.lifetime = KRB5_DEFAULT_TKT_LIFE; - options.rlife =0; -@@ -181,7 +192,7 @@ - com_err (prog_name, errno, "while setting euid to source user"); - exit (1); - } -- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){ -+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){ - switch (option) { - case 'r': - options.opt |= KDC_OPT_RENEWABLE; -@@ -227,6 +238,9 @@ - errflg++; - } - break; -+ case 'm': -+ asme = 1; -+ break; - case 'n': - if ((retval = krb5_parse_name(ksu_context, optarg, &client))){ - com_err(prog_name, retval, "when parsing name %s", optarg); -@@ -341,6 +355,7 @@ - - /* allocate space and copy the usernamane there */ - source_user = xstrdup(pwd->pw_name); -+ source_shell = xstrdup(pwd->pw_shell); - source_uid = pwd->pw_uid; - source_gid = pwd->pw_gid; - -@@ -668,43 +683,64 @@ - /* get the shell of the user, this will be the shell used by su */ - target_pwd = getpwnam(target_user); - -- if (target_pwd->pw_shell) -- shell = xstrdup(target_pwd->pw_shell); -- else { -- shell = _DEF_CSH; /* default is cshell */ -- } -+ if (asme) { -+ if (source_shell && *source_shell) { -+ shell = strdup(source_shell); -+ } else { -+ shell = _DEF_CSH; -+ } -+ } else { -+ if (target_pwd->pw_shell) -+ shell = strdup(target_pwd->pw_shell); -+ else { -+ shell = _DEF_CSH; /* default is cshell */ -+ } -+ } - - #ifdef HAVE_GETUSERSHELL - - /* insist that the target login uses a standard shell (root is omited) */ - -- if (!standard_shell(target_pwd->pw_shell) && source_uid) { -- fprintf(stderr, "ksu: permission denied (shell).\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -+ if (asme) { -+ if (!standard_shell(pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } else { -+ if (!standard_shell(target_pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - } - #endif /* HAVE_GETUSERSHELL */ - -- if (target_pwd->pw_uid){ -- -- if(set_env_var("USER", target_pwd->pw_name)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -- } -+ if (!asme) { -+ if (target_pwd->pw_uid){ -+ if (set_env_var("USER", target_pwd->pw_name)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } - -- if(set_env_var( "HOME", target_pwd->pw_dir)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+ if (set_env_var( "HOME", target_pwd->pw_dir)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - -- if(set_env_var( "SHELL", shell)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+ if (set_env_var( "SHELL", shell)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } -+ -+#ifdef LOGIN_CAP -+ lc = login_getpwclass(pwd); -+#endif - - /* set the cc env name to target */ - -@@ -714,7 +750,18 @@ - sweep_up(ksu_context, cc_target); - exit(1); - } -- -+#ifdef LOGIN_CAP -+ setwhat = LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; -+ setwhat |= LOGIN_SETPATH|LOGIN_SETUMASK|LOGIN_SETENV; -+ /* -+ * Don't touch resource/priority settings if -m has been -+ * used or -l and -c hasn't, and we're not su'ing to root. -+ */ -+ if (target_pwd->pw_uid) -+ setwhat &= ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES); -+ if (setusercontext(lc, target_pwd, target_pwd->pw_uid, setwhat) < 0) -+ err(1, "setusercontext"); -+#else - /* set permissions */ - if (setgid(target_pwd->pw_gid) < 0) { - perror("ksu: setgid"); -@@ -754,7 +801,8 @@ - perror("ksu: setuid"); - sweep_up(ksu_context, cc_target); - exit(1); -- } -+ } -+#endif - - if (access( cc_target_tag_tmp, R_OK | W_OK )){ - com_err(prog_name, errno, diff --git a/security/krb5-17/files/patch-at b/security/krb5-17/files/patch-at deleted file mode 100644 index ef9ea4856f7a..000000000000 --- a/security/krb5-17/files/patch-at +++ /dev/null @@ -1,14 +0,0 @@ -*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998 ---- include/sys/syslog.h Tue Jun 30 19:46:02 1998 -*************** -*** 34,39 **** ---- 34,42 ---- - #define LOG_LPR (6<<3) /* line printer subsystem */ - #define LOG_NEWS (7<<3) /* network news subsystem */ - #define LOG_UUCP (8<<3) /* UUCP subsystem */ -+ #if (defined(BSD) && (BSD >= 199306)) -+ #define LOG_FTP (11<<3) /* ftp daemon */ -+ #endif - /* other codes through 15 reserved for system use */ - #define LOG_LOCAL0 (16<<3) /* reserved for local use */ - #define LOG_LOCAL1 (17<<3) /* reserved for local use */ diff --git a/security/krb5-17/files/patch-av b/security/krb5-17/files/patch-av deleted file mode 100644 index 8363b8bb1e2d..000000000000 --- a/security/krb5-17/files/patch-av +++ /dev/null @@ -1,15 +0,0 @@ -*** clients/ksu/Makefile.in.ORIG Sun Aug 2 16:51:18 1998 ---- clients/ksu/Makefile.in Sun Aug 2 16:53:48 1998 -*************** -*** 3,7 **** - mydir=ksu - BUILDTOP=$(REL)$(U)$(S)$(U) -! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"' - CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) - ---- 3,7 ---- - mydir=ksu - BUILDTOP=$(REL)$(U)$(S)$(U) -! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/bin /bin /usr/sbin /sbin"' - CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) - diff --git a/security/krb5-17/files/patch-ax b/security/krb5-17/files/patch-ax deleted file mode 100644 index 58cfe89d9294..000000000000 --- a/security/krb5-17/files/patch-ax +++ /dev/null @@ -1,11 +0,0 @@ ---- ../doc/Makefile.orig Wed Jan 20 21:57:45 1999 -+++ ../doc/Makefile Wed Jan 20 21:59:19 1999 -@@ -1,7 +1,7 @@ - SRCDIR=../src - DVI=texi2dvi - DVIPS=dvips -o "$@" --INFO=makeinfo -+INFO=makeinfo --no-validate - HTML=texi2html - RM=rm -f - TAR=tar -chvf diff --git a/security/krb5-17/files/patch-ay b/security/krb5-17/files/patch-ay deleted file mode 100644 index 4ed0c9e5cbbb..000000000000 --- a/security/krb5-17/files/patch-ay +++ /dev/null @@ -1,50 +0,0 @@ ---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998 -+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999 -@@ -21,13 +21,26 @@ - #include "libpty.h" - #include "pty-int.h" - -+#ifdef __FreeBSD__ -+#define PTYCHARS1 "pqrsPQRS" -+#define PTYCHARS2 "0123456789abcdefghijklmnopqrstuv" -+#endif -+ -+#ifndef PTYCHARS1 -+#define PTYCHARS1 "pqrstuvwxyzPQRST" -+#endif -+ -+#ifndef PTYCHARS2 -+#define PTYCHARS2 "0123456789abcdef" -+#endif -+ - long pty_getpty (fd, slave, slavelength) - int slavelength; - int *fd; char *slave; - { -- char *cp; -+ char *cp1, *cp2; - char *p; -- int i,ptynum; -+ int ptynum; - struct stat stb; - char slavebuf[1024]; - #ifdef HAVE__GETPTY -@@ -109,14 +122,14 @@ - strncpy(slave, slavebuf, slavelength); - return 0; - } else { -- for (cp = "pqrstuvwxyzPQRST";*cp; cp++) { -+ for (cp1 = PTYCHARS1; *cp1 != '\0'; cp1++) { - sprintf(slavebuf,"/dev/ptyXX"); -- slavebuf[sizeof("/dev/pty") - 1] = *cp; -+ slavebuf[sizeof("/dev/pty") - 1] = *cp1; - slavebuf[sizeof("/dev/ptyp") - 1] = '0'; - if (stat(slavebuf, &stb) < 0) - break; -- for (i = 0; i < 16; i++) { -- slavebuf[sizeof("/dev/ptyp") - 1] = "0123456789abcdef"[i]; -+ for (cp2 = PTYCHARS2; *cp2 != '\0'; cp2++) { -+ slavebuf[sizeof("/dev/ptyp") - 1] = *cp2; - *fd = open(slavebuf, O_RDWR); - if (*fd < 0) continue; - diff --git a/security/krb5-17/files/patch-ba b/security/krb5-17/files/patch-ba deleted file mode 100644 index 60d70466eff3..000000000000 --- a/security/krb5-17/files/patch-ba +++ /dev/null @@ -1,81 +0,0 @@ ---- appl/bsd/login.c.ORIG Wed Oct 13 12:55:47 1999 -+++ appl/bsd/login.c Wed Oct 13 12:56:29 1999 -@@ -1303,19 +1304,6 @@ - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - } - -- /* Policy: If local password is good, user is good. -- We really can't trust the Kerberos password, -- because somebody on the net could spoof the -- Kerberos server (not easy, but possible). -- Some sites might want to use it anyways, in -- which case they should change this line -- to: -- if (kpass_ok) -- */ -- -- if (lpass_ok) -- break; -- - if (got_v5_tickets) { - if (retval = krb5_verify_init_creds(kcontext, &my_creds, NULL, - NULL, &xtra_creds, -@@ -1338,6 +1326,9 @@ - } - #endif /* KRB4_GET_TICKETS */ - -+ if (lpass_ok) -+ break; -+ - bad_login: - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - -@@ -1640,20 +1631,28 @@ - /* set up credential cache -- obeying KRB5_ENV_CCNAME - set earlier */ - /* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */ -- if (retval = krb5_cc_default(kcontext, &ccache)) { -+ retval = krb5_cc_default(kcontext, &ccache); -+ if (retval) - com_err(argv[0], retval, "while getting default ccache"); -- } else if (retval = krb5_cc_initialize(kcontext, ccache, me)) { -- com_err(argv[0], retval, "when initializing cache"); -- } else if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds)) { -- com_err(argv[0], retval, "while storing credentials"); -- } else if (xtra_creds && -- (retval = krb5_cc_copy_creds(kcontext, xtra_creds, -- ccache))) { -- com_err(argv[0], retval, "while storing credentials"); -+ else { -+ retval = krb5_cc_initialize(kcontext, ccache, me); -+ if (retval) -+ com_err(argv[0], retval, "when initializing cache"); -+ else { -+ retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ else { -+ if (xtra_creds) { -+ retval = krb5_cc_copy_creds(kcontext, xtra_creds, -+ ccache); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ krb5_cc_destroy(kcontext, xtra_creds); -+ } -+ } -+ } - } -- -- if (xtra_creds) -- krb5_cc_destroy(kcontext, xtra_creds); - } else if (forwarded_v5_tickets && rewrite_ccache) { - if ((retval = krb5_cc_initialize (kcontext, ccache, me))) { - syslog(LOG_ERR, -@@ -1727,6 +1727,7 @@ - - if (ccname) - setenv("KRB5CCNAME", ccname, 1); -+ krb5_cc_set_default_name(kcontext, ccname); - - setenv("HOME", pwd->pw_dir, 1); - setenv("PATH", LPATH, 1); diff --git a/security/krb5-17/files/patch-bb b/security/krb5-17/files/patch-bb deleted file mode 100644 index 6545ae682c53..000000000000 --- a/security/krb5-17/files/patch-bb +++ /dev/null @@ -1,10 +0,0 @@ ---- appl/telnet/telnet/Makefile.in.orig Sat Dec 18 10:47:05 1999 -+++ appl/telnet/telnet/Makefile.in Sat Dec 18 10:47:13 1999 -@@ -58,7 +58,6 @@ - $(INSTALL_DATA) $(srcdir)/$$f.1 \ - ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ - done -- $(INSTALL_DATA) $(srcdir)/tmac.doc ${DESTDIR}$(CLIENT_MANDIR)/tmac.doc - - authenc.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) - commands.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) diff --git a/security/krb5-17/files/patch-bd b/security/krb5-17/files/patch-bd deleted file mode 100644 index b2bf41284bb7..000000000000 --- a/security/krb5-17/files/patch-bd +++ /dev/null @@ -1,19 +0,0 @@ ---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001 -+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001 -@@ -805,11 +805,13 @@ - * This is a valid reply in some cases but not in others. - */ - if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) { -- *(char **)&($$) = *ftpglob((char *) $1); -- if (globerr != NULL) { -+ char **vv; -+ vv = ftpglob((char *) $1); -+ if (vv == NULL || globerr != NULL) { - reply(550, globerr); - $$ = NULL; -- } -+ } else -+ $$ = *vv; - free((char *) $1); - } else - $$ = $1; diff --git a/security/krb5-17/pkg-comment b/security/krb5-17/pkg-comment deleted file mode 100644 index 339cc4cd5571..000000000000 --- a/security/krb5-17/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -An authentication system developed at MIT, successor to Kerberos IV diff --git a/security/krb5-17/pkg-descr b/security/krb5-17/pkg-descr deleted file mode 100644 index 376a48c52faf..000000000000 --- a/security/krb5-17/pkg-descr +++ /dev/null @@ -1,24 +0,0 @@ -Kerberos V5 is an authentication system developed at MIT. -WWW: http://web.mit.edu/kerberos/www/ - -Abridged from the User Guide: - Under Kerberos, a client sends a request for a ticket to the - Key Distribution Center (KDC). The KDC creates a ticket-granting - ticket (TGT) for the client, encrypts it using the client's - password as the key, and sends the encrypted TGT back to the - client. The client then attempts to decrypt the TGT, using - its password. If the client successfully decrypts the TGT, it - keeps the decrypted TGT, which indicates proof of the client's - identity. The TGT permits the client to obtain additional tickets, - which give permission for specific services. - Since Kerberos negotiates authenticated, and optionally encrypted, - communications between two points anywhere on the internet, it - provides a layer of security that is not dependent on which side of a - firewall either client is on. - The Kerberos V5 package is designed to be easy to use. Most of the - commands are nearly identical to UNIX network programs you are already - used to. Kerberos V5 is a single-sign-on system, which means that you - have to type your password only once per session, and Kerberos does - the authenticating and encrypting transparently. - -Jacques Vidrine <n@nectar.com> diff --git a/security/krb5-17/pkg-plist b/security/krb5-17/pkg-plist deleted file mode 100644 index df48394c37cf..000000000000 --- a/security/krb5-17/pkg-plist +++ /dev/null @@ -1,123 +0,0 @@ -@unexec install-info --delete %D/info/krb425.info %D/info/dir -@unexec install-info --delete %D/info/krb5-admin.info %D/info/dir -@unexec install-info --delete %D/info/krb5-install.info %D/info/dir -@unexec install-info --delete %D/info/krb5-user.info %D/info/dir -bin/ftp -bin/gss-client -bin/kdestroy -bin/kinit -bin/klist -bin/kpasswd -bin/krb524init -bin/ksu -bin/kvno -bin/rcp -bin/rlogin -bin/rsh -bin/sclient -bin/sim_client -bin/telnet -bin/uuclient -bin/v4rcp -bin/v5passwd -include/com_err.h -include/gssapi/gssapi.h -include/gssapi/gssapi_generic.h -include/gssapi/gssapi_krb5.h -include/kerberosIV/des.h -include/kerberosIV/kadm.h -include/kerberosIV/krb.h -include/kerberosIV/krb_err.h -include/kerberosIV/mit-copyright.h -include/krb5.h -include/libpty.h -include/mit-sipb-copyright.h -include/port-sockets.h -include/profile.h -info/krb425.info -info/krb5-admin.info -info/krb5-admin.info-1 -info/krb5-admin.info-2 -info/krb5-admin.info-3 -info/krb5-install.info -info/krb5-install.info-1 -info/krb5-install.info-2 -info/krb5-user.info -lib/libcom_err.a -lib/libcom_err.so -lib/libcom_err.so.3 -lib/libdes425.a -lib/libdes425.so -lib/libdes425.so.3 -lib/libdyn.a -lib/libdyn.so -lib/libdyn.so.1 -lib/libgssapi_krb5.a -lib/libgssapi_krb5.so -lib/libgssapi_krb5.so.2 -lib/libgssrpc.a -lib/libgssrpc.so -lib/libgssrpc.so.3 -lib/libk5crypto.a -lib/libk5crypto.so -lib/libk5crypto.so.3 -lib/libkadm5clnt.a -lib/libkadm5clnt.so -lib/libkadm5clnt.so.4 -lib/libkadm5srv.a -lib/libkadm5srv.so -lib/libkadm5srv.so.4 -lib/libkdb5.a -lib/libkdb5.so -lib/libkdb5.so.3 -lib/libkrb4.a -lib/libkrb4.so -lib/libkrb4.so.2 -lib/libkrb5.a -lib/libkrb5.so -lib/libkrb5.so.3 -lib/libkrb524.a -lib/libpty.a -lib/libpty.so -lib/libpty.so.1 -lib/libss.a -sbin/ftpd -sbin/gss-server -sbin/kadmin -sbin/kadmin.local -sbin/kadmind -sbin/kadmind4 -sbin/kdb5_util -sbin/klogind -sbin/kprop -sbin/kpropd -sbin/krb5-send-pr -sbin/krb524d -sbin/krb5kdc -sbin/kshd -sbin/ktutil -sbin/login.krb5 -sbin/sim_server -sbin/sserver -sbin/telnetd -sbin/uuserver -sbin/v5passwdd -share/doc/krb5/admin.html -share/doc/krb5/admin_foot.html -share/doc/krb5/admin_toc.html -share/doc/krb5/install.html -share/doc/krb5/install_foot.html -share/doc/krb5/install_toc.html -share/doc/krb5/krb425.html -share/doc/krb5/krb425_toc.html -share/doc/krb5/user-guide.html -share/doc/krb5/user-guide_foot.html -share/doc/krb5/user-guide_toc.html -share/gnats/mit -@dirrm include/gssapi -@dirrm include/kerberosIV -@dirrm share/doc/krb5 -@exec install-info %D/info/krb425.info %D/info/dir -@exec install-info %D/info/krb5-admin.info %D/info/dir -@exec install-info %D/info/krb5-install.info %D/info/dir -@exec install-info %D/info/krb5-user.info %D/info/dir diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile deleted file mode 100644 index 7fac84161a4a..000000000000 --- a/security/krb5-appl/Makefile +++ /dev/null @@ -1,117 +0,0 @@ -# Ports collection Makefile for: MIT Kerberos V -# Date created: 6/5/1998 -# Whom: nectar@FreeBSD.org -# -# $FreeBSD$ -# - -PORTNAME= krb5 -PORTVERSION= 1.2.2 -PORTREVISION= 4 -CATEGORIES= security -MASTER_SITES= # manual download - -MAINTAINER= Cy.Schubert@uumail.gov.bc.ca - -BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4 - -KERBEROSV_URL= http://web.mit.edu/network/kerberos-form.html -USE_GMAKE= yes -INSTALLS_SHLIB= yes -GNU_CONFIGURE= yes -CONFIGURE_ARGS?= --enable-shared --with-ccopts="${CFLAGS}" -CONFIGURE_ENV= INSTALL="${INSTALL}" -MAKE_ARGS= INSTALL="${INSTALL}" -KRB5_KRB4_COMPAT?= YES - -.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO" -MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ -.endif - -.if !defined(KRB5_KRB4_COMPAT) || ${KRB5_KRB4_COMPAT} == "NO" -CONFIGURE_ARGS+= --without-krb4 -.endif - -.if defined(KRB5_HOME) -PREFIX= ${KRB5_HOME} -.endif - -RESTRICTED= "Crypto; export-controlled" -# Set USA_RESIDENT appropriately in /etc/make.conf if you like - -INFO_FILES= krb425.info krb5-admin.info krb5-admin.info-1 \ - krb5-admin.info-2 krb5-admin.info-3 krb5-install.info \ - krb5-install.info-1 krb5-install.info-2 krb5-user.info - -MAN1= krb5-send-pr.1 kpasswd.1 v5passwd.1 klist.1 kinit.1 \ - kdestroy.1 ksu.1 sclient.1 rsh.1 rcp.1 rlogin.1 \ - v4rcp.1 ftp.1 telnet.1 kerberos.1 kvno.1 -MAN5= kdc.conf.5 krb5.conf.5 .k5login.5 -MAN8= krb5kdc.8 kadmin.8 kadmin.local.8 kdb5_util.8 \ - ktutil.8 kadmind.8 kprop.8 kpropd.8 sserver.8 \ - kshd.8 klogind.8 login.krb5.8 ftpd.8 telnetd.8 - -WRKSRC= ${WRKDIR}/${DISTNAME}/src - -WANT_HTML?= YES -HTML_DOC_DIR= ${WRKDIR}/${DISTNAME}/doc -HTML_DOCS= admin.html install_foot.html user-guide.html \ - admin_foot.html install_toc.html user-guide_foot.html \ - admin_toc.html krb425.html user-guide_toc.html \ - install.html krb425_toc.html - -.if !defined(USA_RESIDENT) || ${USA_RESIDENT} == "YES" -do-fetch: - @if [ ! -f ${DISTDIR}/${DISTNAME}${EXTRACT_SUFX} ]; then \ - ${ECHO} ""; \ - ${ECHO} ">> Kerberos V contains encryption software and is"; \ - ${ECHO} " export restricted. If you are not a USA resident,";\ - ${ECHO} " then you cannot obtain the Kerberos V sources from";\ - ${ECHO} " within the United States."; \ - ${ECHO} ""; \ - ${ECHO} ">> The Kerberos V sources must be fetched manually."; \ - ${ECHO} " Please visit ${KERBEROSV_URL}"; \ - ${ECHO} " to download ${DISTNAME}${EXTRACT_SUFX} and place"; \ - ${ECHO} " it in ${DISTDIR}. Then run make again."; \ - ${FALSE}; \ - fi -.endif - -pre-build: -.if !defined(KRB5_KRB4_COMPAT) - @${ECHO} "------------------------------------------------------" - @${ECHO} "Set KRB5_KRB4_COMPAT=NO if you do not want to build " - @${ECHO} "the KerberosIV compatibility libraries. " - @${ECHO} "------------------------------------------------------" -.endif - -post-build: - @(cd ${WRKSRC}/../doc && \ - ${MAKE} ${INFO_FILES}) - -.include <bsd.port.pre.mk> - -post-install: -# html documentation -.if defined(WANT_HTML) && ${WANT_HTML} == "YES" - @${MKDIR} ${PREFIX}/share/doc/krb5 -.for html in ${HTML_DOCS} - ${INSTALL_MAN} ${HTML_DOC_DIR}/${html} ${PREFIX}/share/doc/krb5 -.endfor -.endif -# handle info files -.for info in ${INFO_FILES} - ${INSTALL_MAN} ${WRKSRC}/../doc/${info} ${PREFIX}/info/${info} -.endfor -.for info in ${INFO_FILES:M*.info} - install-info ${PREFIX}/info/${info} ${PREFIX}/info/dir -.endfor -# fixup packing list (no libs without version numbers in aout case) -.if ${PORTOBJFORMAT} == "aout" - ${ECHO_MSG} "Fixing packing list for a.out" - ${MV} ${TMPPLIST} ${TMPPLIST}.new - ${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST} - ${RM} ${TMPPLIST}.new -.endif - -.include <bsd.port.post.mk> diff --git a/security/krb5-appl/distinfo b/security/krb5-appl/distinfo deleted file mode 100644 index e8159e50a95c..000000000000 --- a/security/krb5-appl/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c diff --git a/security/krb5-appl/files/patch-ac b/security/krb5-appl/files/patch-ac deleted file mode 100644 index 8bca5437d964..000000000000 --- a/security/krb5-appl/files/patch-ac +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/admin.texinfo Fri Feb 6 21:40:56 1998 -+++ admin.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb5-admin.info - @settitle Kerberos V5 System Administrator's Guide -+@dircategory Kerberos V5 -+@direntry -+* Admin Guide: (krb5-admin). Kerberos V5 System Admin's Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-appl/files/patch-ad b/security/krb5-appl/files/patch-ad deleted file mode 100644 index c8b6d3e99e91..000000000000 --- a/security/krb5-appl/files/patch-ad +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/user-guide.texinfo Fri Feb 6 21:40:58 1998 -+++ user-guide.texinfo Fri Jun 19 15:13:45 1998 -@@ -3,6 +3,10 @@ - @c guide - @setfilename krb5-user.info - @settitle Kerberos V5 UNIX User's Guide -+@dircategory Kerberos V5 -+@direntry -+* User's Guide: (krb5-user). Kerberos V5 UNIX User's Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-appl/files/patch-ae b/security/krb5-appl/files/patch-ae deleted file mode 100644 index f5643b5aa04f..000000000000 --- a/security/krb5-appl/files/patch-ae +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/install.texinfo Fri Feb 6 21:40:56 1998 -+++ install.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb5-install.info - @settitle Kerberos V5 Installation Guide -+@dircategory Kerberos V5 -+@direntry -+* Installation Guide: (krb5-install). Kerberos V5 Installation Guide -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-appl/files/patch-af b/security/krb5-appl/files/patch-af deleted file mode 100644 index e054b18bbef5..000000000000 --- a/security/krb5-appl/files/patch-af +++ /dev/null @@ -1,13 +0,0 @@ ---- ../doc/krb425.texinfo Fri Feb 6 21:40:57 1998 -+++ krb425.texinfo Fri Jun 19 15:13:45 1998 -@@ -5,6 +5,10 @@ - @c guide - @setfilename krb425.info - @settitle Upgrading to Kerberos V5 from Kerberos V4 -+@dircategory Kerberos V5 -+@direntry -+* Upgrading from V4 to V5: (krb425). Upgrading from Kerberos V4 to V5 -+@end direntry - @setchapternewpage odd @c chapter begins on next odd page - @c @setchapternewpage on @c chapter begins on next page - @c @smallbook @c Format for 7" X 9.25" paper diff --git a/security/krb5-appl/files/patch-ai b/security/krb5-appl/files/patch-ai deleted file mode 100644 index 634db6cdec73..000000000000 --- a/security/krb5-appl/files/patch-ai +++ /dev/null @@ -1,287 +0,0 @@ ---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001 -+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001 -@@ -485,7 +485,13 @@ - #ifndef LOG_DAEMON - #define LOG_DAEMON 0 - #endif -- openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON); -+ -+#ifndef LOG_FTP -+#define FACILITY LOG_DAEMON -+#else -+#define FACILITY LOG_FTP -+#endif -+ openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY); - - addrlen = sizeof (his_addr); - if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) { -@@ -761,7 +767,16 @@ - int result; - #ifdef GSSAPI - if (auth_type && strcmp(auth_type, "GSSAPI") == 0) { -+ int len; - authorized = ftpd_gss_userok(&client_name, name) == 0; -+ len = sizeof("GSSAPI user is not authorized as " -+ "; Password required.") -+ + strlen(client_name.value) -+ + strlen(name); -+ if (len >= sizeof(buf)) { -+ syslog(LOG_ERR, "user: username too long"); -+ name = "[username too long]"; -+ } - sprintf(buf, "GSSAPI user %s is%s authorized as %s", - client_name.value, authorized ? "" : " not", - name); -@@ -772,7 +787,18 @@ - #endif /* GSSAPI */ - #ifdef KRB5_KRB4_COMPAT - if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) { -+ int len; - authorized = kuserok(&kdata,name) == 0; -+ len = sizeof("Kerberos user .@ is not authorized as " -+ "; Password required.") -+ + strlen(kdata.pname) -+ + strlen(kdata.pinst) -+ + strlen(kdata.prealm) -+ + strlen(name); -+ if (len >= sizeof(buf)) { -+ syslog(LOG_ERR, "user: username too long"); -+ name = "[username too long]"; -+ } - sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s", - kdata.pname, *kdata.pinst ? "." : "", - kdata.pinst, kdata.prealm, -@@ -1179,6 +1205,11 @@ - } else { - char line[FTP_BUFSIZ]; - -+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) { -+ syslog(LOG_ERR, "retrieve: filename too long"); -+ reply(501, "filename too long"); -+ return; -+ } - (void) sprintf(line, cmd, name), name = line; - fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose; - st.st_size = -1; -@@ -1417,6 +1448,10 @@ - return (file); - } - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ -+ */ - #ifdef STDARG - secure_error(char *fmt, ...) - #else -@@ -1616,13 +1651,19 @@ - { - char line[FTP_BUFSIZ]; - FILE *fin; -- int c; -+ int c, n; - char str[FTP_BUFSIZ], *p; - -+ if (strlen(filename) + sizeof("/bin/ls -lgA ") -+ >= sizeof(line)) { -+ reply(501, "filename too long"); -+ return; -+ } - (void) sprintf(line, "/bin/ls -lgA %s", filename); - fin = ftpd_popen(line, "r"); - lreply(211, "status of %s:", filename); - p = str; -+ n = 0; - while ((c = getc(fin)) != EOF) { - if (c == '\n') { - if (ferror(stdout)){ -@@ -1639,7 +1680,16 @@ - *p = '\0'; - reply(0, "%s", str); - p = str; -- } else *p++ = c; -+ n = 0; -+ } else { -+ *p++ = c; -+ n++; -+ if (n >= sizeof(str)) { -+ reply(551, "output line too long"); -+ (void) ftpd_pclose(fin); -+ return; -+ } -+ } - } - if (p != str) { - *p = '\0'; -@@ -1723,6 +1773,10 @@ - - char cont_char = ' '; - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ bytes for now. -+ */ - #ifdef STDARG - reply(int n, char *fmt, ...) - #else -@@ -1744,22 +1798,32 @@ - #endif - - if (auth_type) { -- char in[FTP_BUFSIZ], out[FTP_BUFSIZ]; -+ /* -+ * Deal with expansion in mk_{safe,priv}, -+ * radix_encode, gss_seal, plus slop. -+ */ -+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2]; - int length, kerror; - if (n) sprintf(in, "%d%c", n, cont_char); - else in[0] = '\0'; - strncat(in, buf, sizeof (in) - strlen(in) - 1); - #ifdef KRB5_KRB4_COMPAT - if (strcmp(auth_type, "KERBEROS_V4") == 0) { -- if ((length = clevel == PROT_P ? -- krb_mk_priv((unsigned char *)in, -- (unsigned char *)out, -- strlen(in), schedule, &kdata.session, -- &ctrl_addr, &his_addr) -- : krb_mk_safe((unsigned char *)in, -- (unsigned char *)out, -- strlen(in), &kdata.session, -- &ctrl_addr, &his_addr)) == -1) { -+ if (clevel == PROT_P) -+ length = krb_mk_priv((unsigned char *)in, -+ (unsigned char *)out, -+ strlen(in), -+ schedule, &kdata.session, -+ &ctrl_addr, -+ &his_addr); -+ else -+ length = krb_mk_safe((unsigned char *)in, -+ (unsigned char *)out, -+ strlen(in), -+ &kdata.session, -+ &ctrl_addr, -+ &his_addr); -+ if (length == -1) { - syslog(LOG_ERR, - "krb_mk_%s failed for KERBEROS_V4", - clevel == PROT_P ? "priv" : "safe"); -@@ -1803,13 +1867,16 @@ - } - #endif /* GSSAPI */ - /* Other auth types go here ... */ -- if (kerror = radix_encode(out, in, &length, 0)) { -+ if (length >= sizeof(in) / 4 * 3) { -+ syslog(LOG_ERR, "input to radix_encode too long"); -+ fputs(in, stdout); -+ } else if (kerror = radix_encode(out, in, &length, 0)) { - syslog(LOG_ERR, "Couldn't encode reply (%s)", - radix_error(kerror)); - fputs(in,stdout); - } else -- printf("%s%c%s", clevel == PROT_P ? "632" : "631", -- n ? cont_char : '-', in); -+ printf("%s%c%s", clevel == PROT_P ? "632" : "631", -+ n ? cont_char : '-', in); - } else { - if (n) printf("%d%c", n, cont_char); - fputs(buf, stdout); -@@ -1822,6 +1889,10 @@ - } - } - -+/* -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ -+ */ - #ifdef STDARG - lreply(int n, char *fmt, ...) - #else -@@ -1866,7 +1937,8 @@ - - if (cp = strchr(cbuf,'\n')) - *cp = '\0'; -- reply(500, "'%s': command not understood.", cbuf); -+ reply(500, "'%.*s': command not understood.", -+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf); - } - - delete_file(name) -@@ -2143,7 +2215,21 @@ - int code; - char *string; - { -- reply(code, "%s: %s.", string, strerror(errno)); -+ char *err_string; -+ size_t extra_len; -+ err_string = strerror(errno); -+ if (err_string == NULL) -+ err_string = "(unknown error)"; -+ extra_len = strlen(err_string) + sizeof("(truncated): ."); -+ /* -+ * XXX knows about FTP_BUFSIZ in reply() -+ */ -+ if (strlen(string) + extra_len > FTP_BUFSIZ) { -+ reply(code, "(truncated)%.*s: %s.", -+ FTP_BUFSIZ - extra_len, string, err_string); -+ } else { -+ reply(code, "%s: %s.", string, err_string); -+ } - } - - auth(type) -@@ -2226,6 +2312,10 @@ - secure_error("ADAT: krb_mk_safe failed"); - return(0); - } -+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) { -+ secure_error("ADAT: reply too long"); -+ return(0); -+ } - if (kerror = radix_encode(out_buf, buf, &length, 0)) { - secure_error("Couldn't encode ADAT reply (%s)", - radix_error(kerror)); -@@ -2360,6 +2450,16 @@ - } - - if (out_tok.length) { -+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT=")) -+ / 4 * 3)) { -+ secure_error("ADAT: reply too long"); -+ syslog(LOG_ERR, "ADAT: reply too long"); -+ (void) gss_release_cred(&stat_min, &server_creds); -+ if (ret_flags & GSS_C_DELEG_FLAG) -+ (void) gss_release_cred(&stat_min, -+ &deleg_creds); -+ return(0); -+ } - if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) { - secure_error("Couldn't encode ADAT reply (%s)", - radix_error(kerror)); -@@ -2458,6 +2558,9 @@ - * n>=0 on success - * -1 on error - * -2 on security error -+ * -+ * XXX callers need to limit total length of output string to -+ * FTP_BUFSIZ - */ - #ifdef STDARG - secure_fprintf(FILE *stream, char *fmt, ...) -@@ -2575,6 +2678,15 @@ - dir->d_name[2] == '\0') - continue; - -+ if (strlen(dirname) + strlen(dir->d_name) -+ + 1 /* slash */ -+ + 2 /* CRLF */ -+ + 1 > sizeof(nbuf)) { -+ syslog(LOG_ERR, -+ "send_file_list: pathname too long"); -+ ret = -2; /* XXX */ -+ goto data_err; -+ } - sprintf(nbuf, "%s/%s", dirname, dir->d_name); - - /* diff --git a/security/krb5-appl/files/patch-aj b/security/krb5-appl/files/patch-aj deleted file mode 100644 index c3bb8dfd6960..000000000000 --- a/security/krb5-appl/files/patch-aj +++ /dev/null @@ -1,19 +0,0 @@ -*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998 ---- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998 -*************** -*** 66,72 **** - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); ---- 66,72 ---- - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c deleted file mode 100644 index 9a19ab958aaf..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c +++ /dev/null @@ -1,12 +0,0 @@ ---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001 -@@ -43,8 +43,7 @@ - int len; - { - if (nfrontp + len < netobuf + BUFSIZ) { -- memcpy((void *)nfrontp, (void *)str, len); -- nfrontp += len; -+ output_datalen(str, len); - return(len); - } - return(0); diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h deleted file mode 100644 index 38fd6ac1fd53..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h +++ /dev/null @@ -1,24 +0,0 @@ ---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001 -@@ -75,7 +75,7 @@ - - extern char netibuf[BUFSIZ], *netip; - --extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -+extern char netobuf[BUFSIZ], *nfrontp, *nbackp; - extern char *neturg; /* one past last bye of urgent data */ - - extern int pcc, ncc; -@@ -187,8 +187,10 @@ - tty_setsofttab P((int)), - tty_tspeed P((int)), - willoption P((int)), -- wontoption P((int)), -- writenet P((unsigned char *, int)); -+ wontoption P((int)); -+ -+extern int output_data __P((const char *, ...)) __printflike(1, 2); -+extern int output_datalen __P((const char *, size_t)); - - #ifdef ENCRYPTION - extern char *nclearto; diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c deleted file mode 100644 index f4e7d41e494d..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c +++ /dev/null @@ -1,11 +0,0 @@ ---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001 -@@ -198,7 +198,7 @@ - (void) sprintf((char *)slcptr, "%c%c", IAC, SE); - slcptr += 2; - len = slcptr - slcbuf; -- writenet(slcbuf, len); -+ output_datalen(slcbuf, len); - netflush(); /* force it out immediately */ - DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2);); - } diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c deleted file mode 100644 index baf207333a1d..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c +++ /dev/null @@ -1,134 +0,0 @@ ---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001 -@@ -33,6 +33,7 @@ - - /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */ - -+#include <stdarg.h> - #include "telnetd.h" - #if defined(AUTHENTICATION) - #include <libtelnet/auth.h> -@@ -86,7 +87,7 @@ - if (!auth_negotiated) { - static char *error = - "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n"; -- writenet(error, strlen(error)); -+ output_datalen(error, strlen(error)); - netflush(); - exit(1); - } -@@ -209,8 +210,7 @@ - } - - netclear(); /* clear buffer back */ -- *nfrontp++ = IAC; -- *nfrontp++ = DM; -+ output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); -@@ -463,8 +463,7 @@ - set_his_want_state_will(option); - do_dont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)doopt, option); -- nfrontp += sizeof (dont) - 2; -+ output_data((const char *)doopt, option); - - DIAG(TD_OPTIONS, printoption("td: send do", option)); - } -@@ -683,8 +682,7 @@ - set_his_want_state_wont(option); - do_dont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)dont, option); -- nfrontp += sizeof (doopt) - 2; -+ output_data((const char *)dont, option); - - DIAG(TD_OPTIONS, printoption("td: send dont", option)); - } -@@ -833,8 +831,7 @@ - set_my_want_state_will(option); - will_wont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)will, option); -- nfrontp += sizeof (doopt) - 2; -+ output_data((const char *)will, option); - - DIAG(TD_OPTIONS, printoption("td: send will", option)); - } -@@ -993,8 +990,7 @@ - set_my_want_state_wont(option); - will_wont_resp[option]++; - } -- (void) sprintf(nfrontp, (char *)wont, option); -- nfrontp += sizeof (wont) - 2; -+ output_data((const char *)wont, option); - - DIAG(TD_OPTIONS, printoption("td: send wont", option)); - } -@@ -1393,9 +1389,8 @@ - env_ovar_wrong: - env_ovar = OLD_ENV_VALUE; - env_ovalue = OLD_ENV_VAR; -- DIAG(TD_OPTIONS, {sprintf(nfrontp, -- "ENVIRON VALUE and VAR are reversed!\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_OPTIONS, -+ output_data("ENVIRON VALUE and VAR are reversed!\r\n")); - - } - } -@@ -1633,11 +1628,51 @@ - ADD(IAC); - ADD(SE); - -- writenet(statusbuf, ncp - statusbuf); -+ output_datalen(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ - - DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); -+} -+ -+/* -+ * This function appends data to nfrontp and advances nfrontp. -+ */ -+ -+int -+output_data(const char *format, ...) -+{ -+ va_list args; -+ size_t remaining, ret; -+ -+ va_start(args, format); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ /* try a netflush() if the room is too low */ -+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } -+ ret = vsnprintf(nfrontp, remaining, format, args); -+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1); -+ va_end(args); -+ return ret; -+} -+ -+int -+output_datalen(const char *buf, size_t len) -+{ -+ size_t remaining; -+ -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ if (remaining < len) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } -+ if (remaining < len) -+ return -1; -+ memmove(nfrontp, buf, len); -+ nfrontp += len; -+ return (len); - } - - static int envvarok(varp) diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c deleted file mode 100644 index 9eef1709beeb..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c +++ /dev/null @@ -1,169 +0,0 @@ ---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001 -@@ -693,7 +693,7 @@ - char *error_message = - "Encryption was not successfully negotiated. Goodbye.\r\n\r\n"; - -- writenet(error_message, strlen(error_message)); -+ output_datalen(error_message, strlen(error_message)); - netflush(); - exit(1); - } -@@ -782,9 +782,7 @@ - { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_XDISPLOC)) { -@@ -792,9 +790,7 @@ - { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { -@@ -802,9 +798,7 @@ - { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - else if (his_state_is_will(TELOPT_OLD_ENVIRON)) { -@@ -812,17 +806,13 @@ - { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE }; - - if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) { -- memcpy(nfrontp, sb, sizeof(sb)); -- nfrontp += sizeof(sb); -- *nfrontp = '\0'; -+ output_datalen(sb, sizeof sb); - } - } - if (his_state_is_will(TELOPT_TTYPE)) { - - if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) { -- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf)); -- nfrontp += sizeof(ttytype_sbbuf); -- *nfrontp = '\0'; -+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - } - if (his_state_is_will(TELOPT_TSPEED)) { -@@ -902,9 +892,7 @@ - return; - settimer(baseline); - if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) { -- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf)); -- nfrontp += sizeof(ttytype_sbbuf); -- *nfrontp = '\0'; -+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf); - } - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); -@@ -1177,9 +1165,7 @@ - * mode, which we do not want. - */ - if (his_want_state_is_will(TELOPT_ECHO)) { -- DIAG(TD_OPTIONS, -- {sprintf(nfrontp, "td: simulating recv\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n")); - willoption(TELOPT_ECHO); - } - -@@ -1308,9 +1294,7 @@ - localstat(); - #endif /* LINEMODE */ - -- DIAG(TD_REPORT, -- {sprintf(nfrontp, "td: Entering processing loop\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n")); - - #ifdef convex - startslave(host); -@@ -1435,8 +1419,7 @@ - netip = netibuf; - } - DIAG((TD_REPORT | TD_NETDATA), -- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc); -- nfrontp += strlen(nfrontp);}); -+ output_data("td: netread %d chars\r\n", ncc)); - DIAG(TD_NETDATA, printdata("nd", netip, ncc)); - } - -@@ -1483,8 +1466,7 @@ - * royally if we send them urgent - * mode data. - */ -- *nfrontp++ = IAC; -- *nfrontp++ = DM; -+ output_data("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - #endif - } -@@ -1495,13 +1477,11 @@ - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; - if (newflow != flowmode) { - flowmode = newflow; -- (void) sprintf(nfrontp, -- "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON - : LFLOW_OFF, - IAC, SE); -- nfrontp += 6; - } - } - pcc--; -@@ -1524,19 +1504,19 @@ - break; - c = *ptyip++ & 0377, pcc--; - if (c == IAC) -- *nfrontp++ = c; -+ output_data("%c", c); - #if defined(CRAY2) && defined(UNICOS5) - else if (c == '\n' && - my_state_is_wont(TELOPT_BINARY) && newmap) -- *nfrontp++ = '\r'; -+ output_data("\r"); - #endif /* defined(CRAY2) && defined(UNICOS5) */ -- *nfrontp++ = c; -+ output_data("%c", c); - if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { - if (pcc > 0 && ((*ptyip & 0377) == '\n')) { -- *nfrontp++ = *ptyip++ & 0377; -+ output_data("%c", *ptyip++ & 0377); - pcc--; - } else -- *nfrontp++ = '\0'; -+ output_data("%c", '\0'); - } - } - #if defined(CRAY2) && defined(UNICOS5) -@@ -1707,10 +1687,7 @@ - return; - } - #endif -- (void) strncpy(nfrontp, "\r\n[Yes]\r\n", -- sizeof(netobuf) - 1 - (nfrontp - netobuf)); -- nfrontp += 9; -- *nfrontp = '\0'; -+ output_data("\r\n[Yes]\r\n"); - } - - void diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c deleted file mode 100644 index 422f1c8e0645..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c +++ /dev/null @@ -1,74 +0,0 @@ ---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001 -+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001 -@@ -283,10 +283,9 @@ - # endif /* KLUDGELINEMODE */ - send_do(TELOPT_LINEMODE, 1); - /* send along edit modes */ -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB, -+ output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - # ifdef KLUDGELINEMODE - } -@@ -312,10 +311,9 @@ - /* - * Send along appropriate edit mode mask. - */ -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB, -+ output_data("%c%c%c%c%c%c%c", IAC, SB, - TELOPT_LINEMODE, LM_MODE, useeditmode, - IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - } - -@@ -359,20 +357,18 @@ - if (his_state_is_will(TELOPT_LFLOW)) { - if (tty_flowmode() != flowmode) { - flowmode = tty_flowmode(); -- (void) sprintf(nfrontp, "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON : LFLOW_OFF, - IAC, SE); -- nfrontp += 6; - } - if (tty_restartany() != restartany) { - restartany = tty_restartany(); -- (void) sprintf(nfrontp, "%c%c%c%c%c%c", -+ output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - restartany ? LFLOW_RESTART_ANY - : LFLOW_RESTART_XON, - IAC, SE); -- nfrontp += 6; - } - } - } -@@ -445,10 +441,9 @@ - useeditmode |= MODE_SOFT_TAB; - if (tty_islitecho()) - useeditmode |= MODE_LIT_ECHO; -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, -+ output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode, IAC, SE); -- nfrontp += 7; - editmode = useeditmode; - } - -@@ -504,11 +499,10 @@ - set_termbuf(); - - if (!ack) { -- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, -+ output_data("%c%c%c%c%c%c%c", IAC, - SB, TELOPT_LINEMODE, LM_MODE, - useeditmode|MODE_ACK, - IAC, SE); -- nfrontp += 7; - } - - editmode = useeditmode; diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c deleted file mode 100644 index d49598c27487..000000000000 --- a/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c +++ /dev/null @@ -1,879 +0,0 @@ ---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001 -+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001 -@@ -58,8 +58,7 @@ - { - void netflush(); - -- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n"); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { - netflush(); - } -@@ -74,8 +73,7 @@ - syslog(LOG_INFO, "ttloop: peer died: %m"); - exit(1); - } -- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc); -- nfrontp += strlen(nfrontp);}); -+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc)); - netip = netibuf; - telrcv(); /* state machine */ - if (ncc > 0) { -@@ -117,9 +115,8 @@ - int n; - - if ((n = pfrontp - pbackp) > 0) { -- DIAG((TD_REPORT | TD_PTYDATA), -- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n); -- nfrontp += strlen(nfrontp); }); -+ DIAG(TD_REPORT | TD_PTYDATA, -+ output_data("td: ptyflush %d chars\r\n", n)); - DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); - n = write(pty, pbackp, n); - } -@@ -251,11 +248,9 @@ - extern int not42; - - if ((n = nfrontp - nbackp) > 0) { -- DIAG(TD_REPORT, -- { sprintf(nfrontp, "td: netflush %d chars\r\n", n); -- n += strlen(nfrontp); /* get count first */ -- nfrontp += strlen(nfrontp); /* then move pointer */ -- }); -+ DIAG(TD_REPORT, { -+ n += output_data("td: netflush %d chars\r\n", n); -+ }); - #ifdef ENCRYPTION - if (encrypt_output) { - char *s = nclearto ? nclearto : nbackp; -@@ -314,33 +309,6 @@ - - - /* -- * writenet -- * -- * Just a handy little function to write a bit of raw data to the net. -- * It will force a transmit of the buffer if necessary -- * -- * arguments -- * ptr - A pointer to a character string to write -- * len - How many bytes to write -- */ -- void --writenet(ptr, len) -- register unsigned char *ptr; -- register int len; --{ -- /* flush buffer if no room for new data) */ -- if ((&netobuf[BUFSIZ] - nfrontp) < len) { -- /* if this fails, don't worry, buffer is a little big */ -- netflush(); -- } -- -- memcpy(nfrontp, ptr, len); -- nfrontp += len; -- --} /* end of writenet */ -- -- --/* - * miscellaneous functions doing a variety of little jobs follow ... - */ - -@@ -528,12 +496,11 @@ - register int option; - { - if (TELOPT_OK(option)) -- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option)); -+ output_data("%s %s\r\n", fmt, TELOPT(option)); - else if (TELCMD_OK(option)) -- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option)); -+ output_data("%s %s\r\n", fmt, TELCMD(option)); - else -- sprintf(nfrontp, "%s %d\r\n", fmt, option); -- nfrontp += strlen(nfrontp); -+ output_data("%s %d\r\n", fmt, option); - return; - } - -@@ -550,9 +517,8 @@ - return; - - if (direction) { -- sprintf(nfrontp, "td: %s suboption ", -+ output_data("td: %s suboption ", - direction == '<' ? "recv" : "send"); -- nfrontp += strlen(nfrontp); - if (length >= 3) { - register int j; - -@@ -560,232 +526,192 @@ - j = pointer[length-1]; - - if (i != IAC || j != SE) { -- sprintf(nfrontp, "(terminated by "); -- nfrontp += strlen(nfrontp); -+ output_data("(terminated by "); - if (TELOPT_OK(i)) -- sprintf(nfrontp, "%s ", TELOPT(i)); -+ output_data("%s ", TELOPT(i)); - else if (TELCMD_OK(i)) -- sprintf(nfrontp, "%s ", TELCMD(i)); -+ output_data("%s ", TELCMD(i)); - else -- sprintf(nfrontp, "%d ", i); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", i); - if (TELOPT_OK(j)) -- sprintf(nfrontp, "%s", TELOPT(j)); -+ output_data("%s", TELOPT(j)); - else if (TELCMD_OK(j)) -- sprintf(nfrontp, "%s", TELCMD(j)); -+ output_data("%s", TELCMD(j)); - else -- sprintf(nfrontp, "%d", j); -- nfrontp += strlen(nfrontp); -- sprintf(nfrontp, ", not IAC SE!) "); -- nfrontp += strlen(nfrontp); -+ output_data("%d", j); -+ output_data(", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { -- sprintf(nfrontp, "(Empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(Empty suboption??\?)"); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: -- sprintf(nfrontp, "TERMINAL-TYPE "); -- nfrontp += strlen(nfrontp); -+ output_data("TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2); -+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND"); -+ output_data("SEND"); - break; - default: -- sprintf(nfrontp, -+ output_data( - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } -- nfrontp += strlen(nfrontp); - break; - case TELOPT_TSPEED: -- sprintf(nfrontp, "TERMINAL-SPEED"); -- nfrontp += strlen(nfrontp); -+ output_data("TERMINAL-SPEED"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2); -- nfrontp += strlen(nfrontp); -+ output_data(" IS %.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) -- sprintf(nfrontp, " SEND"); -+ output_data(" SEND"); - else -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - } - break; - - case TELOPT_LFLOW: -- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL"); -- nfrontp += strlen(nfrontp); -+ output_data("TOGGLE-FLOW-CONTROL"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: -- sprintf(nfrontp, " OFF"); break; -+ output_data(" OFF"); break; - case LFLOW_ON: -- sprintf(nfrontp, " ON"); break; -+ output_data(" ON"); break; - case LFLOW_RESTART_ANY: -- sprintf(nfrontp, " RESTART-ANY"); break; -+ output_data(" RESTART-ANY"); break; - case LFLOW_RESTART_XON: -- sprintf(nfrontp, " RESTART-XON"); break; -+ output_data(" RESTART-XON"); break; - default: -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -+ output_data(" %d (unknown)", pointer[1]); - } -- nfrontp += strlen(nfrontp); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_NAWS: -- sprintf(nfrontp, "NAWS"); -- nfrontp += strlen(nfrontp); -+ output_data("NAWS"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - if (length == 2) { -- sprintf(nfrontp, " ?%d?", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[1]); - break; - } -- sprintf(nfrontp, " %d %d (%d)", -+ output_data(" %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); -- nfrontp += strlen(nfrontp); - if (length == 4) { -- sprintf(nfrontp, " ?%d?", pointer[3]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[3]); - break; - } -- sprintf(nfrontp, " %d %d (%d)", -+ output_data(" %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); -- nfrontp += strlen(nfrontp); - for (i = 5; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case TELOPT_LINEMODE: -- sprintf(nfrontp, "LINEMODE "); -- nfrontp += strlen(nfrontp); -+ output_data("LINEMODE "); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: -- sprintf(nfrontp, "WILL "); -+ output_data("WILL "); - goto common; - case WONT: -- sprintf(nfrontp, "WONT "); -+ output_data("WONT "); - goto common; - case DO: -- sprintf(nfrontp, "DO "); -+ output_data("DO "); - goto common; - case DONT: -- sprintf(nfrontp, "DONT "); -+ output_data("DONT "); - common: -- nfrontp += strlen(nfrontp); - if (length < 3) { -- sprintf(nfrontp, "(no option??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: -- sprintf(nfrontp, "Forward Mask"); -- nfrontp += strlen(nfrontp); -+ output_data("Forward Mask"); - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " %x", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %x", pointer[i]); - } - break; - default: -- sprintf(nfrontp, "%d (unknown)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data("%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - break; - } - break; - - case LM_SLC: -- sprintf(nfrontp, "SLC"); -- nfrontp += strlen(nfrontp); -+ output_data("SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) -- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC])); -+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC])); - else -- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: -- sprintf(nfrontp, " NOSUPPORT"); break; -+ output_data(" NOSUPPORT"); break; - case SLC_CANTCHANGE: -- sprintf(nfrontp, " CANTCHANGE"); break; -+ output_data(" CANTCHANGE"); break; - case SLC_VARIABLE: -- sprintf(nfrontp, " VARIABLE"); break; -+ output_data(" VARIABLE"); break; - case SLC_DEFAULT: -- sprintf(nfrontp, " DEFAULT"); break; -+ output_data(" DEFAULT"); break; - } -- nfrontp += strlen(nfrontp); -- sprintf(nfrontp, "%s%s%s", -+ output_data("%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); -- nfrontp += strlen(nfrontp); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) { -- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]); -- nfrontp += strlen(nfrontp); -+ output_data("(0x%x)", pointer[i+SLC_FLAGS]); - } -- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - - case LM_MODE: -- sprintf(nfrontp, "MODE "); -- nfrontp += strlen(nfrontp); -+ output_data("MODE "); - if (length < 3) { -- sprintf(nfrontp, "(no mode??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(no mode??\?)"); - break; - } - { -@@ -796,24 +722,19 @@ - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); -- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0"); -- nfrontp += strlen(nfrontp); -+ output_data("%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) { -- sprintf(nfrontp, " (0x%x)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data(" (0x%x)", pointer[2]); - } - for (i = 3; i < length; i++) { -- sprintf(nfrontp, " ?0x%x?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?0x%x?", pointer[i]); - } - break; - default: -- sprintf(nfrontp, "%d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data("%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - } - break; -@@ -822,24 +743,20 @@ - register char *cp; - register int j, k; - -- sprintf(nfrontp, "STATUS"); -- nfrontp += strlen(nfrontp); -+ output_data("STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) -- sprintf(nfrontp, " SEND"); -+ output_data(" SEND"); - else -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - case TELQUAL_IS: -- sprintf(nfrontp, " IS\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data(" IS\r\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { -@@ -850,18 +767,15 @@ - common2: - i++; - if (TELOPT_OK(pointer[i])) -- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i])); -+ output_data(" %s %s", cp, TELOPT(pointer[i])); - else -- sprintf(nfrontp, " %s %d", cp, pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %s %d", cp, pointer[i]); - -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data("\r\n"); - break; - - case SB: -- sprintf(nfrontp, " SB "); -- nfrontp += strlen(nfrontp); -+ output_data(" SB "); - i++; - j = k = i; - while (j < length) { -@@ -877,20 +791,17 @@ - } - printsub(0, &pointer[i], k - i); - if (i < length) { -- sprintf(nfrontp, " SE"); -- nfrontp += strlen(nfrontp); -+ output_data(" SE"); - i = j; - } else - i = j - 1; - -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data("\r\n"); - - break; - - default: -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - break; - } - } -@@ -900,86 +811,77 @@ - } - - case TELOPT_XDISPLOC: -- sprintf(nfrontp, "X-DISPLAY-LOCATION "); -- nfrontp += strlen(nfrontp); -+ output_data("X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2); -+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND"); -+ output_data("SEND"); - break; - default: -- sprintf(nfrontp, "- unknown qualifier %d (0x%x).", -+ output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } -- nfrontp += strlen(nfrontp); - break; - - case TELOPT_NEW_ENVIRON: -- sprintf(nfrontp, "NEW-ENVIRON "); -+ output_data("NEW-ENVIRON "); - goto env_common1; - case TELOPT_OLD_ENVIRON: -- sprintf(nfrontp, "OLD-ENVIRON"); -+ output_data("OLD-ENVIRON"); - env_common1: -- nfrontp += strlen(nfrontp); - switch (pointer[1]) { - case TELQUAL_IS: -- sprintf(nfrontp, "IS "); -+ output_data("IS "); - goto env_common; - case TELQUAL_SEND: -- sprintf(nfrontp, "SEND "); -+ output_data("SEND "); - goto env_common; - case TELQUAL_INFO: -- sprintf(nfrontp, "INFO "); -+ output_data("INFO "); - env_common: -- nfrontp += strlen(nfrontp); - { - register int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VAR: -- sprintf(nfrontp, "\" VAR " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" VAR " + noquote); - noquote = 2; - break; - - case NEW_ENV_VALUE: -- sprintf(nfrontp, "\" VALUE " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" VALUE " + noquote); - noquote = 2; - break; - - case ENV_ESC: -- sprintf(nfrontp, "\" ESC " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: -- sprintf(nfrontp, "\" USERVAR " + noquote); -- nfrontp += strlen(nfrontp); -+ output_data("\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { -- *nfrontp++ = '"'; -+ output_data("\""); - noquote = 0; - } -- *nfrontp++ = pointer[i]; -+ output_data("%c", pointer[i]); - } else { -- sprintf(nfrontp, "\" %03o " + noquote, -+ output_data("\" %03o " + noquote, - pointer[i]); -- nfrontp += strlen(nfrontp); - noquote = 2; - } - break; - } - } - if (!noquote) -- *nfrontp++ = '"'; -+ output_data("\""); - break; - } - } -@@ -987,90 +889,69 @@ - - #if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: -- sprintf(nfrontp, "AUTHENTICATION"); -- nfrontp += strlen(nfrontp); -+ output_data("AUTHENTICATION"); - - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: -- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ? -+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); -- nfrontp += strlen(nfrontp); - if (AUTHTYPE_NAME_OK(pointer[2])) -- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2])); -+ output_data("%s ", AUTHTYPE_NAME(pointer[2])); - else -- sprintf(nfrontp, "%d ", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[2]); - if (length < 3) { -- sprintf(nfrontp, "(partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(partial suboption??\?)"); - break; - } -- sprintf(nfrontp, "%s|%s%s", -+ output_data("%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY", - ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ? - "|ENCRYPT" : ""); -- nfrontp += strlen(nfrontp); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); -- sprintf(nfrontp, "%s", buf); -- nfrontp += strlen(nfrontp); -+ output_data("%s", buf); - break; - - case TELQUAL_SEND: - i = 2; -- sprintf(nfrontp, " SEND "); -- nfrontp += strlen(nfrontp); -+ output_data(" SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) -- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i])); -+ output_data("%s ", AUTHTYPE_NAME(pointer[i])); - else -- sprintf(nfrontp, "%d ", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[i]); - if (++i >= length) { -- sprintf(nfrontp, "(partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data("(partial suboption??\?)"); - break; - } -- sprintf(nfrontp, "%s|%s%s ", -+ output_data( "%s|%s%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY", - ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ? - "|ENCRYPT" : ""); -- nfrontp += strlen(nfrontp); - ++i; - } - break; - - case TELQUAL_NAME: -- i = 2; -- sprintf(nfrontp, " NAME \""); -- nfrontp += strlen(nfrontp); -- while (i < length) { -- if (isprint(pointer[i])) -- *nfrontp++ = pointer[i++]; -- else { -- sprintf(nfrontp, "\"%03o",pointer[i++]); -- nfrontp += strlen(nfrontp); -- } -- } -- *nfrontp++ = '"'; -+ output_data(" NAME \"%.*s\"", -+ length - 2, -+ pointer + 2); - break; - - default: - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " ?%d?", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" ?%d?", pointer[i]); - } - break; - } -@@ -1079,86 +960,70 @@ - - #ifdef ENCRYPTION - case TELOPT_ENCRYPT: -- sprintf(nfrontp, "ENCRYPT"); -- nfrontp += strlen(nfrontp); -+ output_data("ENCRYPT"); - if (length < 2) { -- sprintf(nfrontp, " (empty suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: -- sprintf(nfrontp, " START"); -- nfrontp += strlen(nfrontp); -+ output_data(" START"); - break; - - case ENCRYPT_END: -- sprintf(nfrontp, " END"); -- nfrontp += strlen(nfrontp); -+ output_data(" END"); - break; - - case ENCRYPT_REQSTART: -- sprintf(nfrontp, " REQUEST-START"); -- nfrontp += strlen(nfrontp); -+ output_data(" REQUEST-START"); - break; - - case ENCRYPT_REQEND: -- sprintf(nfrontp, " REQUEST-END"); -- nfrontp += strlen(nfrontp); -+ output_data(" REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: -- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ? -+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); -- nfrontp += strlen(nfrontp); - if (length < 3) { -- sprintf(nfrontp, " (partial suboption??\?)"); -- nfrontp += strlen(nfrontp); -+ output_data(" (partial suboption??\?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) -- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2])); -+ output_data("%s ", ENCTYPE_NAME(pointer[2])); - else -- sprintf(nfrontp, " %d (unknown)", pointer[2]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); -- sprintf(nfrontp, "%s", buf); -- nfrontp += strlen(nfrontp); -+ output_data("%s", buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; -- sprintf(nfrontp, " SUPPORT "); -- nfrontp += strlen(nfrontp); -+ output_data(" SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) -- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i])); -+ output_data("%s ", ENCTYPE_NAME(pointer[i])); - else -- sprintf(nfrontp, "%d ", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data("%d ", pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: -- sprintf(nfrontp, " ENC_KEYID", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" ENC_KEYID"); - goto encommon; - - case ENCRYPT_DEC_KEYID: -- sprintf(nfrontp, " DEC_KEYID", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" DEC_KEYID"); - goto encommon; - - default: -- sprintf(nfrontp, " %d (unknown)", pointer[1]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data(" %d", pointer[i]); - } - break; - } -@@ -1167,18 +1032,15 @@ - - default: - if (TELOPT_OK(pointer[0])) -- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0])); -+ output_data( "%s (unknown)", TELOPT(pointer[0])); - else -- sprintf(nfrontp, "%d (unknown)", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data( "%d (unknown)", pointer[i]); - for (i = 1; i < length; i++) { -- sprintf(nfrontp, " %d", pointer[i]); -- nfrontp += strlen(nfrontp); -+ output_data( " %d", pointer[i]); - } - break; - } -- sprintf(nfrontp, "\r\n"); -- nfrontp += strlen(nfrontp); -+ output_data( "\r\n"); - } - - /* -@@ -1200,26 +1062,22 @@ - } - - /* add a line of output */ -- sprintf(nfrontp, "%s: ", tag); -- nfrontp += strlen(nfrontp); -+ output_data("%s: ", tag); - for (i = 0; i < 20 && cnt; i++) { -- sprintf(nfrontp, "%02x", *ptr); -- nfrontp += strlen(nfrontp); -+ output_data("%02x", *ptr); - if (isprint(*ptr)) { - xbuf[i] = *ptr; - } else { - xbuf[i] = '.'; - } - if (i % 2) { -- *nfrontp = ' '; -- nfrontp++; -+ output_data(" "); - } - cnt--; - ptr++; - } - xbuf[i] = '\0'; -- sprintf(nfrontp, " %s\r\n", xbuf ); -- nfrontp += strlen(nfrontp); -+ output_data(" %s\r\n", xbuf ); - } - } - #endif /* DIAGNOSTICS */ diff --git a/security/krb5-appl/files/patch-as b/security/krb5-appl/files/patch-as deleted file mode 100644 index 0b26c449fe11..000000000000 --- a/security/krb5-appl/files/patch-as +++ /dev/null @@ -1,199 +0,0 @@ ---- clients/ksu/main.c.orig Wed Feb 28 14:06:55 2001 -+++ clients/ksu/main.c Thu Sep 6 16:21:46 2001 -@@ -31,6 +31,10 @@ - #include <sys/wait.h> - #include <signal.h> - -+#ifdef LOGIN_CAP -+#include <login_cap.h> -+#endif -+ - /* globals */ - char * prog_name; - int auth_debug =0; -@@ -60,7 +64,7 @@ - ill specified arguments to commands */ - - void usage (){ -- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); -+ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name); - } - - /* for Ultrix and friends ... */ -@@ -76,6 +80,7 @@ - int argc; - char ** argv; - { -+int asme = 0; - int hp =0; - int some_rest_copy = 0; - int all_rest_copy = 0; -@@ -90,6 +95,7 @@ - char * cc_target_tag = NULL; - char * target_user = NULL; - char * source_user; -+char * source_shell; - - krb5_ccache cc_source = NULL; - const char * cc_source_tag = NULL; -@@ -118,6 +124,11 @@ - char * dir_of_cc_target; - char * dir_of_cc_source; - -+#ifdef LOGIN_CAP -+login_cap_t *lc; -+int setwhat; -+#endif -+ - options.opt = KRB5_DEFAULT_OPTIONS; - options.lifetime = KRB5_DEFAULT_TKT_LIFE; - options.rlife =0; -@@ -181,7 +192,7 @@ - com_err (prog_name, errno, "while setting euid to source user"); - exit (1); - } -- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){ -+ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){ - switch (option) { - case 'r': - options.opt |= KDC_OPT_RENEWABLE; -@@ -227,6 +238,9 @@ - errflg++; - } - break; -+ case 'm': -+ asme = 1; -+ break; - case 'n': - if ((retval = krb5_parse_name(ksu_context, optarg, &client))){ - com_err(prog_name, retval, "when parsing name %s", optarg); -@@ -341,6 +355,7 @@ - - /* allocate space and copy the usernamane there */ - source_user = xstrdup(pwd->pw_name); -+ source_shell = xstrdup(pwd->pw_shell); - source_uid = pwd->pw_uid; - source_gid = pwd->pw_gid; - -@@ -668,43 +683,64 @@ - /* get the shell of the user, this will be the shell used by su */ - target_pwd = getpwnam(target_user); - -- if (target_pwd->pw_shell) -- shell = xstrdup(target_pwd->pw_shell); -- else { -- shell = _DEF_CSH; /* default is cshell */ -- } -+ if (asme) { -+ if (source_shell && *source_shell) { -+ shell = strdup(source_shell); -+ } else { -+ shell = _DEF_CSH; -+ } -+ } else { -+ if (target_pwd->pw_shell) -+ shell = strdup(target_pwd->pw_shell); -+ else { -+ shell = _DEF_CSH; /* default is cshell */ -+ } -+ } - - #ifdef HAVE_GETUSERSHELL - - /* insist that the target login uses a standard shell (root is omited) */ - -- if (!standard_shell(target_pwd->pw_shell) && source_uid) { -- fprintf(stderr, "ksu: permission denied (shell).\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -+ if (asme) { -+ if (!standard_shell(pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } else { -+ if (!standard_shell(target_pwd->pw_shell) && source_uid) { -+ fprintf(stderr, "ksu: permission denied (shell).\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - } - #endif /* HAVE_GETUSERSHELL */ - -- if (target_pwd->pw_uid){ -- -- if(set_env_var("USER", target_pwd->pw_name)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -- } -+ if (!asme) { -+ if (target_pwd->pw_uid){ -+ if (set_env_var("USER", target_pwd->pw_name)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } - -- if(set_env_var( "HOME", target_pwd->pw_dir)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+ if (set_env_var( "HOME", target_pwd->pw_dir)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } - -- if(set_env_var( "SHELL", shell)){ -- fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -- sweep_up(ksu_context, cc_target); -- exit(1); -- } -+ if (set_env_var( "SHELL", shell)){ -+ fprintf(stderr,"ksu: couldn't set environment variable USER\n"); -+ sweep_up(ksu_context, cc_target); -+ exit(1); -+ } -+ } -+ -+#ifdef LOGIN_CAP -+ lc = login_getpwclass(pwd); -+#endif - - /* set the cc env name to target */ - -@@ -714,7 +750,18 @@ - sweep_up(ksu_context, cc_target); - exit(1); - } -- -+#ifdef LOGIN_CAP -+ setwhat = LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; -+ setwhat |= LOGIN_SETPATH|LOGIN_SETUMASK|LOGIN_SETENV; -+ /* -+ * Don't touch resource/priority settings if -m has been -+ * used or -l and -c hasn't, and we're not su'ing to root. -+ */ -+ if (target_pwd->pw_uid) -+ setwhat &= ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES); -+ if (setusercontext(lc, target_pwd, target_pwd->pw_uid, setwhat) < 0) -+ err(1, "setusercontext"); -+#else - /* set permissions */ - if (setgid(target_pwd->pw_gid) < 0) { - perror("ksu: setgid"); -@@ -754,7 +801,8 @@ - perror("ksu: setuid"); - sweep_up(ksu_context, cc_target); - exit(1); -- } -+ } -+#endif - - if (access( cc_target_tag_tmp, R_OK | W_OK )){ - com_err(prog_name, errno, diff --git a/security/krb5-appl/files/patch-at b/security/krb5-appl/files/patch-at deleted file mode 100644 index ef9ea4856f7a..000000000000 --- a/security/krb5-appl/files/patch-at +++ /dev/null @@ -1,14 +0,0 @@ -*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998 ---- include/sys/syslog.h Tue Jun 30 19:46:02 1998 -*************** -*** 34,39 **** ---- 34,42 ---- - #define LOG_LPR (6<<3) /* line printer subsystem */ - #define LOG_NEWS (7<<3) /* network news subsystem */ - #define LOG_UUCP (8<<3) /* UUCP subsystem */ -+ #if (defined(BSD) && (BSD >= 199306)) -+ #define LOG_FTP (11<<3) /* ftp daemon */ -+ #endif - /* other codes through 15 reserved for system use */ - #define LOG_LOCAL0 (16<<3) /* reserved for local use */ - #define LOG_LOCAL1 (17<<3) /* reserved for local use */ diff --git a/security/krb5-appl/files/patch-av b/security/krb5-appl/files/patch-av deleted file mode 100644 index 8363b8bb1e2d..000000000000 --- a/security/krb5-appl/files/patch-av +++ /dev/null @@ -1,15 +0,0 @@ -*** clients/ksu/Makefile.in.ORIG Sun Aug 2 16:51:18 1998 ---- clients/ksu/Makefile.in Sun Aug 2 16:53:48 1998 -*************** -*** 3,7 **** - mydir=ksu - BUILDTOP=$(REL)$(U)$(S)$(U) -! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"' - CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) - ---- 3,7 ---- - mydir=ksu - BUILDTOP=$(REL)$(U)$(S)$(U) -! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/bin /bin /usr/sbin /sbin"' - CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) - diff --git a/security/krb5-appl/files/patch-ax b/security/krb5-appl/files/patch-ax deleted file mode 100644 index 58cfe89d9294..000000000000 --- a/security/krb5-appl/files/patch-ax +++ /dev/null @@ -1,11 +0,0 @@ ---- ../doc/Makefile.orig Wed Jan 20 21:57:45 1999 -+++ ../doc/Makefile Wed Jan 20 21:59:19 1999 -@@ -1,7 +1,7 @@ - SRCDIR=../src - DVI=texi2dvi - DVIPS=dvips -o "$@" --INFO=makeinfo -+INFO=makeinfo --no-validate - HTML=texi2html - RM=rm -f - TAR=tar -chvf diff --git a/security/krb5-appl/files/patch-ay b/security/krb5-appl/files/patch-ay deleted file mode 100644 index 4ed0c9e5cbbb..000000000000 --- a/security/krb5-appl/files/patch-ay +++ /dev/null @@ -1,50 +0,0 @@ ---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998 -+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999 -@@ -21,13 +21,26 @@ - #include "libpty.h" - #include "pty-int.h" - -+#ifdef __FreeBSD__ -+#define PTYCHARS1 "pqrsPQRS" -+#define PTYCHARS2 "0123456789abcdefghijklmnopqrstuv" -+#endif -+ -+#ifndef PTYCHARS1 -+#define PTYCHARS1 "pqrstuvwxyzPQRST" -+#endif -+ -+#ifndef PTYCHARS2 -+#define PTYCHARS2 "0123456789abcdef" -+#endif -+ - long pty_getpty (fd, slave, slavelength) - int slavelength; - int *fd; char *slave; - { -- char *cp; -+ char *cp1, *cp2; - char *p; -- int i,ptynum; -+ int ptynum; - struct stat stb; - char slavebuf[1024]; - #ifdef HAVE__GETPTY -@@ -109,14 +122,14 @@ - strncpy(slave, slavebuf, slavelength); - return 0; - } else { -- for (cp = "pqrstuvwxyzPQRST";*cp; cp++) { -+ for (cp1 = PTYCHARS1; *cp1 != '\0'; cp1++) { - sprintf(slavebuf,"/dev/ptyXX"); -- slavebuf[sizeof("/dev/pty") - 1] = *cp; -+ slavebuf[sizeof("/dev/pty") - 1] = *cp1; - slavebuf[sizeof("/dev/ptyp") - 1] = '0'; - if (stat(slavebuf, &stb) < 0) - break; -- for (i = 0; i < 16; i++) { -- slavebuf[sizeof("/dev/ptyp") - 1] = "0123456789abcdef"[i]; -+ for (cp2 = PTYCHARS2; *cp2 != '\0'; cp2++) { -+ slavebuf[sizeof("/dev/ptyp") - 1] = *cp2; - *fd = open(slavebuf, O_RDWR); - if (*fd < 0) continue; - diff --git a/security/krb5-appl/files/patch-ba b/security/krb5-appl/files/patch-ba deleted file mode 100644 index 60d70466eff3..000000000000 --- a/security/krb5-appl/files/patch-ba +++ /dev/null @@ -1,81 +0,0 @@ ---- appl/bsd/login.c.ORIG Wed Oct 13 12:55:47 1999 -+++ appl/bsd/login.c Wed Oct 13 12:56:29 1999 -@@ -1303,19 +1304,6 @@ - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - } - -- /* Policy: If local password is good, user is good. -- We really can't trust the Kerberos password, -- because somebody on the net could spoof the -- Kerberos server (not easy, but possible). -- Some sites might want to use it anyways, in -- which case they should change this line -- to: -- if (kpass_ok) -- */ -- -- if (lpass_ok) -- break; -- - if (got_v5_tickets) { - if (retval = krb5_verify_init_creds(kcontext, &my_creds, NULL, - NULL, &xtra_creds, -@@ -1338,6 +1326,9 @@ - } - #endif /* KRB4_GET_TICKETS */ - -+ if (lpass_ok) -+ break; -+ - bad_login: - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - -@@ -1640,20 +1631,28 @@ - /* set up credential cache -- obeying KRB5_ENV_CCNAME - set earlier */ - /* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */ -- if (retval = krb5_cc_default(kcontext, &ccache)) { -+ retval = krb5_cc_default(kcontext, &ccache); -+ if (retval) - com_err(argv[0], retval, "while getting default ccache"); -- } else if (retval = krb5_cc_initialize(kcontext, ccache, me)) { -- com_err(argv[0], retval, "when initializing cache"); -- } else if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds)) { -- com_err(argv[0], retval, "while storing credentials"); -- } else if (xtra_creds && -- (retval = krb5_cc_copy_creds(kcontext, xtra_creds, -- ccache))) { -- com_err(argv[0], retval, "while storing credentials"); -+ else { -+ retval = krb5_cc_initialize(kcontext, ccache, me); -+ if (retval) -+ com_err(argv[0], retval, "when initializing cache"); -+ else { -+ retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ else { -+ if (xtra_creds) { -+ retval = krb5_cc_copy_creds(kcontext, xtra_creds, -+ ccache); -+ if (retval) -+ com_err(argv[0], retval, "while storing credentials"); -+ krb5_cc_destroy(kcontext, xtra_creds); -+ } -+ } -+ } - } -- -- if (xtra_creds) -- krb5_cc_destroy(kcontext, xtra_creds); - } else if (forwarded_v5_tickets && rewrite_ccache) { - if ((retval = krb5_cc_initialize (kcontext, ccache, me))) { - syslog(LOG_ERR, -@@ -1727,6 +1727,7 @@ - - if (ccname) - setenv("KRB5CCNAME", ccname, 1); -+ krb5_cc_set_default_name(kcontext, ccname); - - setenv("HOME", pwd->pw_dir, 1); - setenv("PATH", LPATH, 1); diff --git a/security/krb5-appl/files/patch-bb b/security/krb5-appl/files/patch-bb deleted file mode 100644 index 6545ae682c53..000000000000 --- a/security/krb5-appl/files/patch-bb +++ /dev/null @@ -1,10 +0,0 @@ ---- appl/telnet/telnet/Makefile.in.orig Sat Dec 18 10:47:05 1999 -+++ appl/telnet/telnet/Makefile.in Sat Dec 18 10:47:13 1999 -@@ -58,7 +58,6 @@ - $(INSTALL_DATA) $(srcdir)/$$f.1 \ - ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ - done -- $(INSTALL_DATA) $(srcdir)/tmac.doc ${DESTDIR}$(CLIENT_MANDIR)/tmac.doc - - authenc.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) - commands.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) diff --git a/security/krb5-appl/files/patch-bd b/security/krb5-appl/files/patch-bd deleted file mode 100644 index b2bf41284bb7..000000000000 --- a/security/krb5-appl/files/patch-bd +++ /dev/null @@ -1,19 +0,0 @@ ---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001 -+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001 -@@ -805,11 +805,13 @@ - * This is a valid reply in some cases but not in others. - */ - if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) { -- *(char **)&($$) = *ftpglob((char *) $1); -- if (globerr != NULL) { -+ char **vv; -+ vv = ftpglob((char *) $1); -+ if (vv == NULL || globerr != NULL) { - reply(550, globerr); - $$ = NULL; -- } -+ } else -+ $$ = *vv; - free((char *) $1); - } else - $$ = $1; diff --git a/security/krb5-appl/pkg-comment b/security/krb5-appl/pkg-comment deleted file mode 100644 index 339cc4cd5571..000000000000 --- a/security/krb5-appl/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -An authentication system developed at MIT, successor to Kerberos IV diff --git a/security/krb5-appl/pkg-descr b/security/krb5-appl/pkg-descr deleted file mode 100644 index 376a48c52faf..000000000000 --- a/security/krb5-appl/pkg-descr +++ /dev/null @@ -1,24 +0,0 @@ -Kerberos V5 is an authentication system developed at MIT. -WWW: http://web.mit.edu/kerberos/www/ - -Abridged from the User Guide: - Under Kerberos, a client sends a request for a ticket to the - Key Distribution Center (KDC). The KDC creates a ticket-granting - ticket (TGT) for the client, encrypts it using the client's - password as the key, and sends the encrypted TGT back to the - client. The client then attempts to decrypt the TGT, using - its password. If the client successfully decrypts the TGT, it - keeps the decrypted TGT, which indicates proof of the client's - identity. The TGT permits the client to obtain additional tickets, - which give permission for specific services. - Since Kerberos negotiates authenticated, and optionally encrypted, - communications between two points anywhere on the internet, it - provides a layer of security that is not dependent on which side of a - firewall either client is on. - The Kerberos V5 package is designed to be easy to use. Most of the - commands are nearly identical to UNIX network programs you are already - used to. Kerberos V5 is a single-sign-on system, which means that you - have to type your password only once per session, and Kerberos does - the authenticating and encrypting transparently. - -Jacques Vidrine <n@nectar.com> diff --git a/security/krb5-appl/pkg-plist b/security/krb5-appl/pkg-plist deleted file mode 100644 index df48394c37cf..000000000000 --- a/security/krb5-appl/pkg-plist +++ /dev/null @@ -1,123 +0,0 @@ -@unexec install-info --delete %D/info/krb425.info %D/info/dir -@unexec install-info --delete %D/info/krb5-admin.info %D/info/dir -@unexec install-info --delete %D/info/krb5-install.info %D/info/dir -@unexec install-info --delete %D/info/krb5-user.info %D/info/dir -bin/ftp -bin/gss-client -bin/kdestroy -bin/kinit -bin/klist -bin/kpasswd -bin/krb524init -bin/ksu -bin/kvno -bin/rcp -bin/rlogin -bin/rsh -bin/sclient -bin/sim_client -bin/telnet -bin/uuclient -bin/v4rcp -bin/v5passwd -include/com_err.h -include/gssapi/gssapi.h -include/gssapi/gssapi_generic.h -include/gssapi/gssapi_krb5.h -include/kerberosIV/des.h -include/kerberosIV/kadm.h -include/kerberosIV/krb.h -include/kerberosIV/krb_err.h -include/kerberosIV/mit-copyright.h -include/krb5.h -include/libpty.h -include/mit-sipb-copyright.h -include/port-sockets.h -include/profile.h -info/krb425.info -info/krb5-admin.info -info/krb5-admin.info-1 -info/krb5-admin.info-2 -info/krb5-admin.info-3 -info/krb5-install.info -info/krb5-install.info-1 -info/krb5-install.info-2 -info/krb5-user.info -lib/libcom_err.a -lib/libcom_err.so -lib/libcom_err.so.3 -lib/libdes425.a -lib/libdes425.so -lib/libdes425.so.3 -lib/libdyn.a -lib/libdyn.so -lib/libdyn.so.1 -lib/libgssapi_krb5.a -lib/libgssapi_krb5.so -lib/libgssapi_krb5.so.2 -lib/libgssrpc.a -lib/libgssrpc.so -lib/libgssrpc.so.3 -lib/libk5crypto.a -lib/libk5crypto.so -lib/libk5crypto.so.3 -lib/libkadm5clnt.a -lib/libkadm5clnt.so -lib/libkadm5clnt.so.4 -lib/libkadm5srv.a -lib/libkadm5srv.so -lib/libkadm5srv.so.4 -lib/libkdb5.a -lib/libkdb5.so -lib/libkdb5.so.3 -lib/libkrb4.a -lib/libkrb4.so -lib/libkrb4.so.2 -lib/libkrb5.a -lib/libkrb5.so -lib/libkrb5.so.3 -lib/libkrb524.a -lib/libpty.a -lib/libpty.so -lib/libpty.so.1 -lib/libss.a -sbin/ftpd -sbin/gss-server -sbin/kadmin -sbin/kadmin.local -sbin/kadmind -sbin/kadmind4 -sbin/kdb5_util -sbin/klogind -sbin/kprop -sbin/kpropd -sbin/krb5-send-pr -sbin/krb524d -sbin/krb5kdc -sbin/kshd -sbin/ktutil -sbin/login.krb5 -sbin/sim_server -sbin/sserver -sbin/telnetd -sbin/uuserver -sbin/v5passwdd -share/doc/krb5/admin.html -share/doc/krb5/admin_foot.html -share/doc/krb5/admin_toc.html -share/doc/krb5/install.html -share/doc/krb5/install_foot.html -share/doc/krb5/install_toc.html -share/doc/krb5/krb425.html -share/doc/krb5/krb425_toc.html -share/doc/krb5/user-guide.html -share/doc/krb5/user-guide_foot.html -share/doc/krb5/user-guide_toc.html -share/gnats/mit -@dirrm include/gssapi -@dirrm include/kerberosIV -@dirrm share/doc/krb5 -@exec install-info %D/info/krb425.info %D/info/dir -@exec install-info %D/info/krb5-admin.info %D/info/dir -@exec install-info %D/info/krb5-install.info %D/info/dir -@exec install-info %D/info/krb5-user.info %D/info/dir diff --git a/security/kwallet/Makefile b/security/kwallet/Makefile deleted file mode 100644 index 2960df37148f..000000000000 --- a/security/kwallet/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -# New ports collection makefile for: kdeutils2 -# Date created: Sun 14 May 2000 02:52:20 -# Whom: Will Andrews <will@FreeBSD.org> -# -# $FreeBSD$ -# - -PORTNAME= kdeutils -PORTVERSION= 2.2 -CATEGORIES?= misc kde -MASTER_SITES= ${MASTER_SITE_KDE} -MASTER_SITE_SUBDIR= stable/${PORTVERSION}/src -DIST_SUBDIR= KDE - -MAINTAINER?= kde@FreeBSD.org - -USE_KDELIBS_VER=2 -USE_BZIP2= yes -INSTALLS_SHLIB= yes -GNU_CONFIGURE= yes -USE_GMAKE= yes -MAN1= efax.1 efix.1 fax.1 - -.include <bsd.port.mk> diff --git a/security/kwallet/distinfo b/security/kwallet/distinfo deleted file mode 100644 index bdd12d90fd29..000000000000 --- a/security/kwallet/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (KDE/kdeutils-2.2.tar.bz2) = 2ee57c259669232cb301359fb9000d08 diff --git a/security/kwallet/pkg-comment b/security/kwallet/pkg-comment deleted file mode 100644 index 186230f9287d..000000000000 --- a/security/kwallet/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -Utilities for the KDE integrated X11 desktop diff --git a/security/kwallet/pkg-descr b/security/kwallet/pkg-descr deleted file mode 100644 index 90ae45773bea..000000000000 --- a/security/kwallet/pkg-descr +++ /dev/null @@ -1 +0,0 @@ -KDE provides an integrated X11 based environment, much like CDE. diff --git a/security/kwallet/pkg-plist b/security/kwallet/pkg-plist deleted file mode 100644 index ae31b3d6f094..000000000000 --- a/security/kwallet/pkg-plist +++ /dev/null @@ -1,310 +0,0 @@ -bin/ark -bin/efax -bin/efix -bin/fax -bin/kab -bin/karm -bin/kcalc -bin/kcharselect -bin/kdepasswd -bin/kdessh -bin/kdf -bin/kedit -bin/kfind -bin/kfloppy -bin/khexedit -bin/kjots -bin/klaptopdaemon -bin/kljettool -bin/klpq -bin/klprfax -bin/klprfax_filter -bin/klprfax_lpd -bin/knotes -bin/ktimer -bin/kwikdisk -include/KNotesIface.h -lib/kcalc.la -lib/kcalc.so -lib/kde2/kedit.la -lib/kde2/kedit.so -lib/kfind.la -lib/kfind.so -lib/libark.la -lib/libark.so -lib/libark.so.1 -lib/libkcharselectapplet.la -lib/libkcharselectapplet.so -lib/libkcharselectapplet.so.1 -lib/libkcm_kdf.la -lib/libkcm_kdf.so -lib/libkcm_laptop.la -lib/libkcm_laptop.so -share/applnk/Editors/KEdit.desktop -share/applnk/Kfind.desktop -share/applnk/Settings/Information/kcmdf.desktop -share/applnk/Settings/Information/pcmcia.desktop -share/applnk/Settings/PowerControl/battery.desktop -share/applnk/Settings/PowerControl/bwarning.desktop -share/applnk/Settings/PowerControl/cwarning.desktop -share/applnk/Settings/PowerControl/power.desktop -share/applnk/System/kdf.desktop -share/applnk/System/kwikdisk.desktop -share/applnk/Utilities/KCharSelect.desktop -share/applnk/Utilities/KFloppy.desktop -share/applnk/Utilities/KLJetTool.desktop -share/applnk/Utilities/KLpq.desktop -share/applnk/Utilities/Kjots.desktop -share/applnk/Utilities/ark.desktop -share/applnk/Utilities/kab.desktop -share/applnk/Utilities/karm.desktop -share/applnk/Utilities/kcalc.desktop -share/applnk/Utilities/kdepasswd.desktop -share/applnk/Utilities/khexedit.desktop -share/applnk/Utilities/klprfax.desktop -share/applnk/Utilities/knotes.desktop -share/applnk/Utilities/ktimer.desktop -share/apps/ark/ark_part.rc -share/apps/ark/arkui.rc -share/apps/ark/icons/hicolor/22x22/actions/ark_adddir.png -share/apps/ark/icons/hicolor/22x22/actions/ark_addfile.png -share/apps/ark/icons/hicolor/22x22/actions/ark_delete.png -share/apps/ark/icons/hicolor/22x22/actions/ark_extract.png -share/apps/ark/icons/hicolor/22x22/actions/ark_help.png -share/apps/ark/icons/hicolor/22x22/actions/ark_new.png -share/apps/ark/icons/hicolor/22x22/actions/ark_open.png -share/apps/ark/icons/hicolor/22x22/actions/ark_options.png -share/apps/ark/icons/hicolor/22x22/actions/ark_selectall.png -share/apps/ark/icons/hicolor/22x22/actions/ark_view.png -share/apps/kab/htmlexport/templates/index.html -share/apps/kab/htmlexport/templates/kab_address.html -share/apps/kab/htmlexport/templates/kab_background.gif -share/apps/kab/htmlexport/templates/kab_entrylist.html -share/apps/kab/htmlexport/templates/kab_person.html -share/apps/kab/pics/addressbook_logo.png -share/apps/karm/karmui.rc -share/apps/karm/pics/clock.xpm -share/apps/karm/pics/clockedit.xpm -share/apps/karm/pics/empty-watch.xpm -share/apps/karm/pics/filedel.xpm -share/apps/karm/pics/watch-0.xpm -share/apps/karm/pics/watch-1.xpm -share/apps/karm/pics/watch-2.xpm -share/apps/karm/pics/watch-3.xpm -share/apps/karm/pics/watch-4.xpm -share/apps/karm/pics/watch-5.xpm -share/apps/karm/pics/watch-6.xpm -share/apps/karm/pics/watch-7.xpm -share/apps/kcalc/pics/kcalclogo.png -share/apps/kdf/pics/delete.png -share/apps/kdf/pics/tick.png -share/apps/kedit/keditui.rc -share/apps/kfind/icons/locolor/22x22/actions/archive.png -share/apps/kfind/icons/locolor/22x22/actions/delete.png -share/apps/kfind/icons/locolor/22x22/actions/idea.png -share/apps/kfind/icons/locolor/22x22/actions/info.png -share/apps/kfind/icons/locolor/22x22/actions/openfile.png -share/apps/kfind/icons/locolor/22x22/actions/save.png -share/apps/kfind/icons/locolor/22x22/actions/search.png -share/apps/kfloppy/pics/kfloppylogo.png -share/apps/khexedit/toolbar/hexdrag.png -share/apps/khexedit/toolbar/hexmask.png -share/apps/khexedit/toolbar/hexwrite.png -share/apps/kicker/applets/kcharselectapplet.desktop -share/apps/kjots/pics/filedel.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/laptop_charge.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/laptop_nobattery.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/laptop_nocharge.png -share/apps/klaptopdaemon/icons/hicolor/16x16/actions/power.png -share/apps/klaptopdaemon/icons/hicolor/32x32/actions/power.png -share/apps/kljettool/pics/kljetlogo.png -share/apps/knotes/knotesui.rc -share/apps/knotes/pics/knotesclose.png -share/apps/knotes/pics/knotesdelete.png -share/apps/knotes/pics/knoteslogo.png -share/apps/konqueror/servicemenus/arkservicemenu.desktop -share/config/knotesrc -share/doc/HTML/en/ark/common -share/doc/HTML/en/ark/index.cache.bz2 -share/doc/HTML/en/ark/index.docbook -share/doc/HTML/en/kab/common -share/doc/HTML/en/kab/index.cache.bz2 -share/doc/HTML/en/kab/index.docbook -share/doc/HTML/en/kab/kab-edit.png -share/doc/HTML/en/kab/kab-using.png -share/doc/HTML/en/karm/common -share/doc/HTML/en/karm/index.cache.bz2 -share/doc/HTML/en/karm/index.docbook -share/doc/HTML/en/karm/karm.png -share/doc/HTML/en/kcalc/common -share/doc/HTML/en/kcalc/index.cache.bz2 -share/doc/HTML/en/kcalc/index.docbook -share/doc/HTML/en/kcalc/kcalc_on_Aix.txt -share/doc/HTML/en/kcalc/kcalc_on_OSF.txt -share/doc/HTML/en/kdf/common -share/doc/HTML/en/kdf/index.cache.bz2 -share/doc/HTML/en/kdf/index.docbook -share/doc/HTML/en/kdf/kdf.png -share/doc/HTML/en/kdf/kdf_config.png -share/doc/HTML/en/kedit/common -share/doc/HTML/en/kedit/index.cache.bz2 -share/doc/HTML/en/kedit/index.docbook -share/doc/HTML/en/kfind/common -share/doc/HTML/en/kfind/index.cache.bz2 -share/doc/HTML/en/kfind/index.docbook -share/doc/HTML/en/kfloppy/common -share/doc/HTML/en/kfloppy/index.cache.bz2 -share/doc/HTML/en/kfloppy/index.docbook -share/doc/HTML/en/khexedit/common -share/doc/HTML/en/khexedit/index.cache.bz2 -share/doc/HTML/en/khexedit/index.docbook -share/doc/HTML/en/khexedit/khexedit1.png -share/doc/HTML/en/kjots/common -share/doc/HTML/en/kjots/index.cache.bz2 -share/doc/HTML/en/kjots/index.docbook -share/doc/HTML/en/kljettool/README -share/doc/HTML/en/kljettool/common -share/doc/HTML/en/kljettool/djcdoscommands.txt -share/doc/HTML/en/kljettool/filter -share/doc/HTML/en/kljettool/hp690c.zip -share/doc/HTML/en/kljettool/index.cache.bz2 -share/doc/HTML/en/kljettool/index.docbook -share/doc/HTML/en/kljettool/magic -share/doc/HTML/en/kljettool/screenshot.png -share/doc/HTML/en/klpq/common -share/doc/HTML/en/klpq/index.cache.bz2 -share/doc/HTML/en/klpq/index.docbook -share/doc/HTML/en/klprfax/common -share/doc/HTML/en/klprfax/index.cache.bz2 -share/doc/HTML/en/klprfax/index.docbook -share/doc/HTML/en/knotes/common -share/doc/HTML/en/knotes/index.cache.bz2 -share/doc/HTML/en/knotes/index.docbook -share/doc/HTML/en/kpm/common -share/doc/HTML/en/kpm/index.cache.bz2 -share/doc/HTML/en/kpm/index.docbook -share/doc/HTML/en/kpm/kpmjobs.png -share/doc/HTML/en/kpm/kpmmemory.png -share/doc/HTML/en/kpm/kpmstart.png -share/doc/HTML/en/kpm/kpmtext.png -share/doc/HTML/en/kpm/qps.1 -share/icons/hicolor/16x16/apps/ark.png -share/icons/hicolor/16x16/apps/kab.png -share/icons/hicolor/16x16/apps/karm.png -share/icons/hicolor/16x16/apps/kcalc.png -share/icons/hicolor/16x16/apps/kcharselect.png -share/icons/hicolor/16x16/apps/kcmdf.png -share/icons/hicolor/16x16/apps/kdf.png -share/icons/hicolor/16x16/apps/kedit.png -share/icons/hicolor/16x16/apps/kfind.png -share/icons/hicolor/16x16/apps/kfloppy.png -share/icons/hicolor/16x16/apps/khexedit.png -share/icons/hicolor/16x16/apps/kjots.png -share/icons/hicolor/16x16/apps/klaptopdaemon.png -share/icons/hicolor/16x16/apps/kljettool.png -share/icons/hicolor/16x16/apps/klpq.png -share/icons/hicolor/16x16/apps/klprfax.png -share/icons/hicolor/16x16/apps/knotes.png -share/icons/hicolor/16x16/apps/kwikdisk.png -share/icons/hicolor/16x16/apps/laptop_battery.png -share/icons/hicolor/16x16/apps/laptop_pcmcia.png -share/icons/hicolor/32x32/apps/ark.png -share/icons/hicolor/32x32/apps/kab.png -share/icons/hicolor/32x32/apps/karm.png -share/icons/hicolor/32x32/apps/kcalc.png -share/icons/hicolor/32x32/apps/kcmdf.png -share/icons/hicolor/32x32/apps/kdf.png -share/icons/hicolor/32x32/apps/kedit.png -share/icons/hicolor/32x32/apps/kfind.png -share/icons/hicolor/32x32/apps/kfloppy.png -share/icons/hicolor/32x32/apps/khexedit.png -share/icons/hicolor/32x32/apps/kjots.png -share/icons/hicolor/32x32/apps/kljettool.png -share/icons/hicolor/32x32/apps/klpq.png -share/icons/hicolor/32x32/apps/klprfax.png -share/icons/hicolor/32x32/apps/knotes.png -share/icons/hicolor/32x32/apps/kwikdisk.png -share/icons/hicolor/32x32/apps/laptop_battery.png -share/icons/hicolor/32x32/apps/laptop_pcmcia.png -share/icons/hicolor/48x48/apps/ark.png -share/icons/hicolor/48x48/apps/kab.png -share/icons/hicolor/48x48/apps/karm.png -share/icons/hicolor/48x48/apps/kcalc.png -share/icons/hicolor/48x48/apps/kcharselect.png -share/icons/hicolor/48x48/apps/kedit.png -share/icons/hicolor/48x48/apps/kfind.png -share/icons/hicolor/48x48/apps/kfloppy.png -share/icons/hicolor/48x48/apps/khexedit.png -share/icons/hicolor/48x48/apps/kjots.png -share/icons/hicolor/48x48/apps/kljettool.png -share/icons/hicolor/48x48/apps/klpq.png -share/icons/hicolor/48x48/apps/knotes.png -share/icons/hicolor/48x48/apps/laptop_battery.png -share/icons/hicolor/48x48/apps/laptop_pcmcia.png -share/icons/locolor/16x16/apps/klprfax.png -share/icons/locolor/32x32/apps/klprfax.png -share/services/arkpart.desktop -@dirrm share/icons/locolor/32x32/apps -@dirrm share/icons/locolor/16x16/apps -@dirrm share/icons/hicolor/48x48/apps -@dirrm share/icons/hicolor/32x32/apps -@dirrm share/icons/hicolor/16x16/apps -@dirrm share/doc/HTML/en/kpm -@dirrm share/doc/HTML/en/knotes -@dirrm share/doc/HTML/en/klprfax -@dirrm share/doc/HTML/en/klpq -@dirrm share/doc/HTML/en/kljettool -@dirrm share/doc/HTML/en/kjots -@dirrm share/doc/HTML/en/khexedit -@dirrm share/doc/HTML/en/kfloppy -@dirrm share/doc/HTML/en/kfind -@dirrm share/doc/HTML/en/kedit -@dirrm share/doc/HTML/en/kdf -@dirrm share/doc/HTML/en/kcalc -@dirrm share/doc/HTML/en/karm -@dirrm share/doc/HTML/en/kab -@dirrm share/doc/HTML/en/ark -@dirrm share/apps/konqueror/servicemenus -@dirrm share/apps/konqueror -@dirrm share/apps/knotes/pics -@dirrm share/apps/knotes -@dirrm share/apps/kljettool/pics -@dirrm share/apps/kljettool -@dirrm share/apps/klaptopdaemon/icons/hicolor/32x32/actions -@dirrm share/apps/klaptopdaemon/icons/hicolor/32x32 -@dirrm share/apps/klaptopdaemon/icons/hicolor/16x16/actions -@dirrm share/apps/klaptopdaemon/icons/hicolor/16x16 -@dirrm share/apps/klaptopdaemon/icons/hicolor -@dirrm share/apps/klaptopdaemon/icons -@dirrm share/apps/klaptopdaemon -@dirrm share/apps/kjots/pics -@dirrm share/apps/kjots -@dirrm share/apps/kicker/applets -@dirrm share/apps/khexedit/toolbar -@dirrm share/apps/khexedit -@dirrm share/apps/kfloppy/pics -@dirrm share/apps/kfloppy -@dirrm share/apps/kfind/icons/locolor/22x22/actions -@dirrm share/apps/kedit -@dirrm share/apps/kdf/pics -@dirrm share/apps/kdf -@dirrm share/apps/kcalc/pics -@dirrm share/apps/kcalc -@dirrm share/apps/karm/pics -@dirrm share/apps/karm -@dirrm share/apps/kab/pics -@dirrm share/apps/kab/htmlexport/templates -@dirrm share/apps/kab/htmlexport -@dirrm share/apps/ark/icons/hicolor/22x22/actions -@dirrm share/apps/ark/icons/hicolor/22x22 -@dirrm share/apps/ark/icons/hicolor -@dirrm share/apps/ark/icons -@dirrm share/apps/ark -@dirrm share/apps -@dirrm share/applnk/Utilities -@dirrm share/applnk/System -@dirrm share/applnk/Settings/PowerControl -@dirrm share/applnk/Settings/Information -@dirrm share/applnk/Editors -@dirrm share/applnk -@dirrm lib/kde2 diff --git a/security/openssl-beta/Makefile b/security/openssl-beta/Makefile deleted file mode 100644 index a10932ada9b5..000000000000 --- a/security/openssl-beta/Makefile +++ /dev/null @@ -1,128 +0,0 @@ -# New ports collection makefile for: OpenSSL -# Date created: Sun Jan 3 19:36:27 CET 1999 -# Whom: Dirk Froemberg <dirk@FreeBSD.org> -# -# $FreeBSD$ -# - -PORTNAME= openssl -PORTVERSION= 0.9.6b -CATEGORIES= security devel -MASTER_SITES= http://www.openssl.org/source/ \ - ftp://ftp.openssl.org/source/ \ - ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/ \ - ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/ - -MAINTAINER= ports@FreeBSD.org - -.include <bsd.port.pre.mk> -.if exists(/usr/lib/libssl.a) && ${OSVERSION} >= 430000 -FORBIDDEN= "OpenSSL is already in the base system" -.endif - -.if ${PORTOBJFORMAT} == "aout" -MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=-Bforcearchive -.else -MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive -.endif - -USE_PERL5= yes -.if defined(NOSHARED) -PLIST= ${PKGDIR}/pkg-plist.noshared -.else -ALL_TARGET= freebsd-shared all -SHLIBVER= 2 -MAKE_ENV+= SHLIBVER=${SHLIBVER} -INSTALLS_SHLIB= yes -.endif - -MANPREFIX= ${PREFIX}/openssl - -MAN1= CA.pl.1 asn1parse.1 ca.1 ciphers.1 crl.1 crl2pkcs7.1 dgst.1 \ - dhparam.1 dsa.1 dsaparam.1 enc.1 gendsa.1 genrsa.1 nseq.1 \ - openssl.1 passwd.1 pkcs12.1 pkcs7.1 pkcs8.1 rand.1 req.1 \ - rsa.1 s_client.1 s_server.1 sess_id.1 smime.1 speed.1 \ - spkac.1 verify.1 version.1 x509.1 rsautl.1 - -MAN3= BN_CTX_new.3 BN_CTX_start.3 BN_add.3 BN_add_word.3 \ - BN_bn2bin.3 BN_cmp.3 BN_copy.3 BN_generate_prime.3 \ - BN_mod_inverse.3 BN_mod_mul_montgomery.3 \ - BN_mod_mul_reciprocal.3 BN_new.3 BN_num_bytes.3 BN_rand.3 \ - BN_set_bit.3 BN_zero.3 CRYPTO_set_ex_data.3 \ - DH_generate_key.3 DH_generate_parameters.3 \ - DH_get_ex_new_index.3 DH_new.3 DH_set_method.3 DH_size.3 \ - DSA_SIG_new.3 DSA_do_sign.3 DSA_dup_DH.3 DSA_generate_key.3 \ - DSA_generate_parameters.3 DSA_get_ex_new_index.3 DSA_new.3 \ - DSA_set_method.3 DSA_sign.3 DSA_size.3 ERR_GET_LIB.3 \ - ERR_clear_error.3 ERR_error_string.3 ERR_get_error.3 \ - ERR_load_crypto_strings.3 ERR_load_strings.3 \ - ERR_print_errors.3 ERR_put_error.3 ERR_remove_state.3 \ - EVP_DigestInit.3 EVP_EncryptInit.3 EVP_OpenInit.3 \ - EVP_SealInit.3 EVP_SignInit.3 EVP_VerifyInit.3 \ - OPENSSL_VERSION_NUMBER.3 OpenSSL_add_all_algorithms.3 \ - RAND_add.3 RAND_bytes.3 RAND_cleanup.3 RAND_egd.3 \ - RAND_load_file.3 RAND_set_rand_method.3 RSA_blinding_on.3 \ - RSA_check_key.3 RSA_generate_key.3 RSA_get_ex_new_index.3 \ - RSA_new.3 RSA_padding_add_PKCS1_type_1.3 RSA_print.3 \ - RSA_private_encrypt.3 RSA_public_encrypt.3 RSA_set_method.3 \ - RSA_sign.3 RSA_sign_ASN1_OCTET_STRING.3 RSA_size.3 \ - SSL_get_error.3 blowfish.3 bn.3 bn_internal.3 buffer.3 \ - crypto.3 d2i_DHparams.3 d2i_RSAPublicKey.3 des.3 dh.3 dsa.3 \ - err.3 hmac.3 lh_stats.3 lhash.3 md5.3 mdc2.3 rand.3 rc4.3 \ - ripemd.3 rsa.3 sha.3 ssl.3 threads.3 BIO_ctrl.3 BIO_f_base64.3 \ - BIO_f_buffer.3 BIO_f_cipher.3 BIO_f_md.3 BIO_f_null.3 \ - BIO_f_ssl.3 BIO_find_type.3 BIO_new.3 BIO_new_bio_pair.3 \ - BIO_push.3 BIO_read.3 BIO_s_accept.3 BIO_s_bio.3 \ - BIO_s_connect.3 BIO_s_fd.3 BIO_s_file.3 BIO_s_mem.3 \ - BIO_s_null.3 BIO_s_socket.3 BIO_set_callback.3 \ - BIO_should_retry.3 SSL_CIPHER_get_name.3 \ - SSL_CTX_add_extra_chain_cert.3 SSL_CTX_add_session.3 \ - SSL_CTX_flush_sessions.3 SSL_CTX_free.3 \ - SSL_CTX_get_ex_new_index.3 SSL_CTX_get_verify_mode.3 \ - SSL_CTX_load_verify_locations.3 SSL_CTX_new.3 \ - SSL_CTX_sess_number.3 SSL_CTX_sess_set_cache_size.3 \ - SSL_CTX_sess_set_get_cb.3 SSL_CTX_sessions.3 \ - SSL_CTX_set_cipher_list.3 SSL_CTX_set_client_CA_list.3 \ - SSL_CTX_set_default_passwd_cb.3 SSL_CTX_set_mode.3 \ - SSL_CTX_set_options.3 SSL_CTX_set_session_cache_mode.3 \ - SSL_CTX_set_session_id_context.3 SSL_CTX_set_ssl_version.3 \ - SSL_CTX_set_timeout.3 SSL_CTX_set_verify.3 \ - SSL_CTX_use_certificate.3 SSL_SESSION_free.3 \ - SSL_SESSION_get_ex_new_index.3 SSL_SESSION_get_time.3 \ - SSL_accept.3 SSL_clear.3 SSL_connect.3 \ - SSL_free.3 SSL_get_ciphers.3 SSL_get_client_CA_list.3 \ - SSL_get_current_cipher.3 SSL_get_ex_data_X509_STORE_CTX_idx.3 \ - SSL_get_ex_new_index.3 SSL_get_fd.3 \ - SSL_get_peer_cert_chain.3 SSL_get_peer_certificate.3 \ - SSL_get_rbio.3 SSL_get_session.3 SSL_get_verify_result.3 \ - SSL_get_version.3 SSL_library_init.3 \ - SSL_load_client_CA_file.3 SSL_new.3 \ - SSL_pending.3 SSL_read.3 SSL_set_bio.3 SSL_set_connect_state.3 \ - SSL_set_fd.3 SSL_set_session.3 SSL_set_shutdown.3 \ - SSL_set_verify_result.3 SSL_shutdown.3 SSL_write.3 \ - bio.3 d2i_SSL_SESSION.3 evp.3 - -MAN5= config.5 - -MAN7= des_modes.7 - -do-configure: - @cd ${WRKSRC} \ - && ${SETENV} CC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \ - ./config --prefix=${PREFIX} --openssldir=${PREFIX}/openssl \ - -L${PREFIX}/lib - -post-install: -.if !defined(NOSHARED) -.for i in libcrypto libssl - @${INSTALL_DATA} ${WRKSRC}/$i.so.${SHLIBVER} ${PREFIX}/lib - @${LN} -sf $i.so.${SHLIBVER} ${PREFIX}/lib/$i.so -.endfor -.endif -.if !defined(NOPORTDOCS) - @${MKDIR} ${PREFIX}/share/doc/openssl - @${INSTALL_DATA} ${WRKSRC}/doc/openssl.txt ${PREFIX}/share/doc/openssl -.endif - @${SED} -e 's#/usr/local#${PREFIX}#g' ${PKGMESSAGE} - -.include <bsd.port.post.mk> diff --git a/security/openssl-beta/distinfo b/security/openssl-beta/distinfo deleted file mode 100644 index 9706a7e95eb3..000000000000 --- a/security/openssl-beta/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (openssl-0.9.6b.tar.gz) = bd8c4d8c5bafc7a4d55d152989fdb327 diff --git a/security/openssl-beta/files/patch-ab b/security/openssl-beta/files/patch-ab deleted file mode 100644 index 571ebd87ca56..000000000000 --- a/security/openssl-beta/files/patch-ab +++ /dev/null @@ -1,33 +0,0 @@ ---- Makefile.org.orig Thu Apr 5 13:08:02 2001 -+++ Makefile.org Mon Apr 23 01:08:26 2001 -@@ -178,7 +178,7 @@ - ONEDIRS=out tmp - EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS - WDIRS= windows --LIBS= libcrypto.a libssl.a -+LIBS= libcrypto.a libssl.a libRSAglue.a - SHARED_CRYPTO=libcrypto$(SHLIB_EXT) - SHARED_SSL=libssl$(SHLIB_EXT) - SHARED_LIBS= -@@ -250,6 +250,21 @@ - done - - build-shared: clean-shared do_$(SHLIB_TARGET) link-shared -+ -+freebsd-shared: -+ for i in ${SHLIBDIRS}; do \ -+ rm -f lib$$i.a lib$$i.so \ -+ lib$$i.so.${SHLIBVER}; \ -+ ${MAKE} CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='-fPIC ${CFLAG}' SDIRS='${SDIRS}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' DIRS=$$i clean all || exit 1; \ -+ ( set -x; ${CC} -nodefaultlibs -shared -o lib$$i.so.${SHLIBVER} \ -+ -Wl,-S,-soname=lib$$i.so.${SHLIBVER} \ -+ -Wl,${WHOLE_ARCHIVE_FLAG} lib$$i.a ) || exit 1; \ -+ rm -f lib$$i.a; (cd $$i ; ${MAKE} clean) || exit 1 ;\ -+ done; -+ @set -x; \ -+ for i in ${SHLIBDIRS}; do \ -+ ln -s lib$$i.so.${SHLIBVER} lib$$i.so; \ -+ done; - - do_bsd-gcc-shared: do_gnu-shared - do_linux-shared: do_gnu-shared diff --git a/security/openssl-beta/files/patch-ac b/security/openssl-beta/files/patch-ac deleted file mode 100644 index ee53834a5973..000000000000 --- a/security/openssl-beta/files/patch-ac +++ /dev/null @@ -1,22 +0,0 @@ ---- Configure.orig Thu Apr 5 13:07:55 2001 -+++ Configure Fri Apr 13 00:53:07 2001 -@@ -270,7 +270,7 @@ - "alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:tru64-shared::.so", - "alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared::.so", - "alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared::.so", --"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"FreeBSD-alpha","$ENV{CC}:-DTERMIOS $ENV{CFLAGS}::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2:::", - - #### Alpha Linux with GNU C and Compaq C setups - # Special notes: -@@ -307,8 +307,8 @@ - "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", --"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", --"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", -+"FreeBSD-elf", "$ENV{CC}:-DTERMIOS -DL_ENDIAN $ENV{CFLAGS}::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", -+"FreeBSD", "$ENV{CC}:-DTERMIOS -DL_ENDIAN $ENV{CFLAGS}::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", - "bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}", - "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "nextstep", "cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", diff --git a/security/openssl-beta/files/patch-ad b/security/openssl-beta/files/patch-ad deleted file mode 100644 index cd606a304160..000000000000 --- a/security/openssl-beta/files/patch-ad +++ /dev/null @@ -1,11 +0,0 @@ ---- crypto/md5/md5.c.orig Thu Apr 9 07:59:29 1998 -+++ crypto/md5/md5.c Sun Dec 27 18:44:33 1998 -@@ -94,7 +94,7 @@ - err++; - continue; - } -- printf("MD5(%s)= ",argv[i]); -+ printf("MD5 (%s) = ",argv[i]); - do_fp(IN); - fclose(IN); - } diff --git a/security/openssl-beta/files/patch-ag b/security/openssl-beta/files/patch-ag deleted file mode 100644 index e0faf51d9bfa..000000000000 --- a/security/openssl-beta/files/patch-ag +++ /dev/null @@ -1,11 +0,0 @@ ---- apps/dgst.c.orig Thu Apr 5 13:08:50 2001 -+++ apps/dgst.c Fri Apr 13 00:58:32 2001 -@@ -318,7 +318,7 @@ - err++; - continue; - } -- if(!out_bin) BIO_printf(out, "%s(%s)= ",name,argv[i]); -+ if(!out_bin) BIO_printf(out, "%s(%s) = ",name,argv[i]); - do_fp(out, buf,inp,separator, out_bin, sigkey, - sigbuf, siglen); - (void)BIO_reset(bmd); diff --git a/security/openssl-beta/files/patch-ah b/security/openssl-beta/files/patch-ah deleted file mode 100644 index 7ca781180b32..000000000000 --- a/security/openssl-beta/files/patch-ah +++ /dev/null @@ -1,53 +0,0 @@ ---- config.orig Tue Mar 14 00:52:44 2000 -+++ config Sat Apr 15 14:18:03 2000 -@@ -311,50 +311,6 @@ - esac - done - --# figure out if gcc is available and if so we use it otherwise --# we fallback to whatever cc does on the system --GCCVER=`(gcc --version) 2>/dev/null` --if [ "$GCCVER" != "" ]; then -- CC=gcc -- # then strip off whatever prefix Cygnus prepends the number with... -- GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'` -- # peak single digit before and after first dot, e.g. 2.95.1 gives 29 -- GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'` --else -- CC=cc --fi -- --if [ "$SYSTEM" = "SunOS" ]; then -- # check for WorkShop C, expected output is "cc: blah-blah C x.x" -- CCVER=`(cc -V 2>&1) 2>/dev/null | \ -- egrep -e '^cc: .* C [0-9]\.[0-9]' | \ -- sed 's/.* C \([0-9]\)\.\([0-9]\).*/\1\2/'` -- CCVER=${CCVER:-0} -- if [ $CCVER -gt 40 ]; then -- CC=cc # overrides gcc!!! -- if [ $CCVER -eq 50 ]; then -- echo "WARNING! Detected WorkShop C 5.0. Do make sure you have" -- echo " patch #107357-01 or later applied." -- sleep 5 -- fi -- elif [ "$CC" = "cc" -a $CCVER -gt 0 ]; then -- CC=sc3 -- fi --fi -- --if [ "${SYSTEM}-${MACHINE}" = "Linux-alpha" ]; then -- # check for Compaq C, expected output is "blah-blah C Vx.x" -- CCCVER=`(ccc -V 2>&1) 2>/dev/null | \ -- egrep -e '.* C V[0-9]\.[0-9]' | \ -- sed 's/.* C V\([0-9]\)\.\([0-9]\).*/\1\2/'` -- CCCVER=${CCCVER:-0} -- if [ $CCCVER -gt 60 ]; then -- CC=ccc # overrides gcc!!! well, ccc outperforms inoticeably -- # only on hash routines and des, otherwise gcc (2.95) -- # keeps along rather tight... -- fi --fi -- - GCCVER=${GCCVER:-0} - CCVER=${CCVER:-0} - diff --git a/security/openssl-beta/files/patch-ak b/security/openssl-beta/files/patch-ak deleted file mode 100644 index 819def697e15..000000000000 --- a/security/openssl-beta/files/patch-ak +++ /dev/null @@ -1,13 +0,0 @@ ---- apps/Makefile.ssl.orig Sun May 23 14:36:09 1999 -+++ apps/Makefile.ssl Fri May 28 22:29:19 1999 -@@ -101,8 +101,8 @@ - cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ - done -- @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \ -- chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf -+ @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.sample; \ -+ chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.sample - - tags: - ctags $(SRC) diff --git a/security/openssl-beta/pkg-comment b/security/openssl-beta/pkg-comment deleted file mode 100644 index bf6eaba1f945..000000000000 --- a/security/openssl-beta/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -SSL and crypto library diff --git a/security/openssl-beta/pkg-descr b/security/openssl-beta/pkg-descr deleted file mode 100644 index 57b3b8981bd6..000000000000 --- a/security/openssl-beta/pkg-descr +++ /dev/null @@ -1,19 +0,0 @@ -The OpenSSL Project is a collaborative effort to develop a robust, -commercial-grade, full-featured, and Open Source toolkit implementing -the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security -(TLS v1) protocols with full-strength cryptography world-wide. The -project is managed by a worldwide community of volunteers that use -the Internet to communicate, plan, and develop the OpenSSL tookit -and its related documentation. - -OpenSSL is based on the excellent SSLeay library developed by Eric -A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under -an Apache-style licence, which basically means that you are free -to get and use it for commercial and non-commercial purposes subject -to some simple license conditions. - -OpenSSL homepage: - - http://www.openssl.org/ - -WWW: http://www.openssl.org diff --git a/security/openssl-beta/pkg-message b/security/openssl-beta/pkg-message deleted file mode 100644 index ac397b19a14a..000000000000 --- a/security/openssl-beta/pkg-message +++ /dev/null @@ -1,4 +0,0 @@ - -Copy /usr/local/openssl/openssl.cnf.sample to /usr/local/openssl/openssl.cnf -and edit it to fit your needs. - diff --git a/security/openssl-beta/pkg-plist b/security/openssl-beta/pkg-plist deleted file mode 100644 index 071c42297585..000000000000 --- a/security/openssl-beta/pkg-plist +++ /dev/null @@ -1,85 +0,0 @@ -bin/c_rehash -bin/openssl -include/openssl/asn1.h -include/openssl/asn1_mac.h -include/openssl/bio.h -include/openssl/blowfish.h -include/openssl/bn.h -include/openssl/buffer.h -include/openssl/cast.h -include/openssl/comp.h -include/openssl/conf.h -include/openssl/conf_api.h -include/openssl/crypto.h -include/openssl/des.h -include/openssl/dh.h -include/openssl/dsa.h -include/openssl/dso.h -include/openssl/e_os.h -include/openssl/e_os2.h -include/openssl/ebcdic.h -include/openssl/err.h -include/openssl/evp.h -include/openssl/hmac.h -include/openssl/idea.h -include/openssl/lhash.h -include/openssl/md2.h -include/openssl/md4.h -include/openssl/md5.h -include/openssl/mdc2.h -include/openssl/obj_mac.h -include/openssl/objects.h -include/openssl/opensslconf.h -include/openssl/opensslv.h -include/openssl/pem.h -include/openssl/pem2.h -include/openssl/pkcs12.h -include/openssl/pkcs7.h -include/openssl/rand.h -include/openssl/rc2.h -include/openssl/rc4.h -include/openssl/rc5.h -include/openssl/ripemd.h -include/openssl/rsa.h -include/openssl/safestack.h -include/openssl/sha.h -include/openssl/ssl.h -include/openssl/ssl2.h -include/openssl/ssl23.h -include/openssl/ssl3.h -include/openssl/stack.h -include/openssl/symhacks.h -include/openssl/tls1.h -include/openssl/tmdiff.h -include/openssl/txt_db.h -include/openssl/x509.h -include/openssl/x509_vfy.h -include/openssl/x509v3.h -lib/libRSAglue.a -lib/libcrypto.a -lib/libcrypto.so -lib/libcrypto.so.2 -lib/libssl.a -lib/libssl.so -lib/libssl.so.2 -openssl/misc/CA.pl -openssl/misc/CA.sh -openssl/misc/c_hash -openssl/misc/c_info -openssl/misc/c_issuer -openssl/misc/c_name -openssl/misc/der_chop -openssl/openssl.cnf.sample -share/doc/openssl/openssl.txt -@dirrm include/openssl -@dirrm openssl/certs -@dirrm openssl/lib -@dirrm openssl/man/man1 -@dirrm openssl/man/man3 -@dirrm openssl/man/man5 -@dirrm openssl/man/man7 -@dirrm openssl/man -@dirrm openssl/misc -@dirrm openssl/private -@dirrm openssl -@dirrm share/doc/openssl diff --git a/security/openssl-beta/pkg-plist.noshared b/security/openssl-beta/pkg-plist.noshared deleted file mode 100644 index 9870cf6aacbc..000000000000 --- a/security/openssl-beta/pkg-plist.noshared +++ /dev/null @@ -1,76 +0,0 @@ -bin/c_rehash -bin/openssl -include/openssl/asn1.h -include/openssl/asn1_mac.h -include/openssl/bio.h -include/openssl/blowfish.h -include/openssl/bn.h -include/openssl/buffer.h -include/openssl/cast.h -include/openssl/comp.h -include/openssl/conf.h -include/openssl/crypto.h -include/openssl/des.h -include/openssl/dh.h -include/openssl/dsa.h -include/openssl/e_os.h -include/openssl/e_os2.h -include/openssl/ebcdic.h -include/openssl/err.h -include/openssl/evp.h -include/openssl/hmac.h -include/openssl/idea.h -include/openssl/lhash.h -include/openssl/md2.h -include/openssl/md5.h -include/openssl/mdc2.h -include/openssl/objects.h -include/openssl/opensslconf.h -include/openssl/opensslv.h -include/openssl/pem.h -include/openssl/pem2.h -include/openssl/pkcs12.h -include/openssl/pkcs7.h -include/openssl/rand.h -include/openssl/rc2.h -include/openssl/rc4.h -include/openssl/rc5.h -include/openssl/ripemd.h -include/openssl/rsa.h -include/openssl/safestack.h -include/openssl/sha.h -include/openssl/ssl.h -include/openssl/ssl2.h -include/openssl/ssl23.h -include/openssl/ssl3.h -include/openssl/stack.h -include/openssl/tls1.h -include/openssl/tmdiff.h -include/openssl/txt_db.h -include/openssl/x509.h -include/openssl/x509_vfy.h -include/openssl/x509v3.h -lib/libRSAglue.a -lib/libcrypto.a -lib/libssl.a -openssl/misc/CA.pl -openssl/misc/CA.sh -openssl/misc/c_hash -openssl/misc/c_info -openssl/misc/c_issuer -openssl/misc/c_name -openssl/misc/der_chop -openssl/openssl.cnf.sample -share/doc/openssl/openssl.txt -@dirrm include/openssl -@dirrm openssl/certs -@dirrm openssl/lib -@dirrm openssl/man/man1 -@dirrm openssl/man/man3 -@dirrm openssl/man/man5 -@dirrm openssl/man/man7 -@dirrm openssl/man -@dirrm openssl/misc -@dirrm openssl/private -@dirrm openssl -@dirrm share/doc/openssl diff --git a/security/opieprint/Makefile b/security/opieprint/Makefile deleted file mode 100644 index ddbe71c927d9..000000000000 --- a/security/opieprint/Makefile +++ /dev/null @@ -1,29 +0,0 @@ -# New ports collection makefile for: keyprint -# Date created: Sat May 29 02:05:00 PDT 1999 -# Whom: mharo@FreeBSD.org -# -# $FreeBSD$ -# - -PORTNAME= keyprint -PORTVERSION= 1.0 -CATEGORIES= security -MASTER_SITES= ${MASTER_SITE_LOCAL} -MASTER_SITE_SUBDIR= mharo - -MAINTAINER= mharo@FreeBSD.org - -NO_BUILD= yes - -post-patch: - ${PERL} -pi -e 's,__PREFIX__,${PREFIX},' ${WRKSRC}/keyprint - -do-install: - ${MKDIR} ${PREFIX}/share/keyprint - ${INSTALL_DATA} ${WRKSRC}/keyblank.ps ${PREFIX}/share/keyprint - ${INSTALL_SCRIPT} ${WRKSRC}/keyprint ${PREFIX}/bin -.if !defined(NOPORTDOCS) - ${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/keyprint -.endif - -.include <bsd.port.mk> diff --git a/security/opieprint/distinfo b/security/opieprint/distinfo deleted file mode 100644 index 692ad721b513..000000000000 --- a/security/opieprint/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (keyprint-1.0.tar.gz) = e142a207c6c33a60b5940a8050dc9ea9 diff --git a/security/opieprint/pkg-comment b/security/opieprint/pkg-comment deleted file mode 100644 index d9644e1fe249..000000000000 --- a/security/opieprint/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -Print S/Key keys on a piece of paper, twice the size of a credit card diff --git a/security/opieprint/pkg-descr b/security/opieprint/pkg-descr deleted file mode 100644 index 56e6e215f8fd..000000000000 --- a/security/opieprint/pkg-descr +++ /dev/null @@ -1,19 +0,0 @@ -This is keyprint: a quick hack for printing S/Key keys on a small piece -of paper, twice the size of a credit card for easy storage in a -wallet, card holder, etc. It produces a PostScript file which can be -printed and then trimmed to size: - - hn38925 - +----------------------------------------+ - | 1 af fd alfal 26 fd s fdas da | - | 2 af fd alfal 27 fd s fdas da | - | 3 af fd alfal 28 fd s fdas da | - | . . | - | . . | - | 74 af fd alfal 98 fd s fdas da | - | 75 af fd alfal 99 fd s fdas da | - +----------------------------------------+ - -Warning: If you don't have a secure network, then it is not a good -idea to print this key set on a network printer. It might be obvious, -but you never know. diff --git a/security/opieprint/pkg-plist b/security/opieprint/pkg-plist deleted file mode 100644 index 8c721589ccc4..000000000000 --- a/security/opieprint/pkg-plist +++ /dev/null @@ -1,4 +0,0 @@ -bin/keyprint -share/keyprint/README -share/keyprint/keyblank.ps -@dirrm share/keyprint diff --git a/security/racoon2/Makefile b/security/racoon2/Makefile deleted file mode 100644 index 0500de67f12d..000000000000 --- a/security/racoon2/Makefile +++ /dev/null @@ -1,45 +0,0 @@ -# New ports collection makefile for: racoon -# Date created: 4 July 2000 -# Whom: sumikawa -# -# $FreeBSD$ -# - -PORTNAME= racoon -PORTVERSION= 20010831a -CATEGORIES= security net -MASTER_SITES= ftp://ftp.kame.net/pub/kame/misc/ - -MAINTAINER= sumikawa@FreeBSD.org - -.if !exists(/usr/lib/libipsec.so.1) -BROKEN= "You must upgrade the OS" -.endif - -USE_OPENSSL= YES - -WRKSRC= ${WRKDIR}/${DISTNAME}/racoon -GNU_CONFIGURE= yes -CONFIGURE_ENV+=CPPFLAGS=-I${LOCALBASE}/include CFLAGS=-I${LOCALBASE}/include \ - LDFLAGS="-L${LOCALBASE}/lib -L${WRKSRC}/../libipsec" -CONFIGURE_ARGS+=--enable-debug -CONFIGURE_ARGS+=--enable-ipv6 -CONFIGURE_ARGS+=--sysconfdir=${LOCALBASE}/etc -CONFIGURE_ARGS+=--with-pkgversion=${PORTVERSION} - -MAN5= racoon.conf.5 -MAN8= racoon.8 - -pre-patch: - ${MV} ${WRKSRC}/racoon.8 ${WRKSRC}/racoon.8.in - -pre-configure: - (cd ${WRKSRC}/../libipsec; make) - -post-install: - @if [ -z `/sbin/sysctl -a | ${GREP} -q ipsec && echo ipsec` ]; then \ - ${ECHO_MSG} "WARNING: IPsec feature is disabled on this host"; \ - ${ECHO_MSG} " You must build the kernel if you want to run racoon on the host"; \ - fi ; - -.include <bsd.port.mk> diff --git a/security/racoon2/distinfo b/security/racoon2/distinfo deleted file mode 100644 index 9764c8ac5b0b..000000000000 --- a/security/racoon2/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (racoon-20010831a.tar.gz) = d4a8563587b475fe34267462e9dce3d0 diff --git a/security/racoon2/files/patch-aa b/security/racoon2/files/patch-aa deleted file mode 100644 index b9e78afe4ac3..000000000000 --- a/security/racoon2/files/patch-aa +++ /dev/null @@ -1,20 +0,0 @@ ---- ../libipsec/Makefile.orig Sun Jun 11 23:54:31 2000 -+++ ../libipsec/Makefile Tue Oct 17 01:06:10 2000 -@@ -25,12 +25,13 @@ - # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - # SUCH DAMAGE. - --.if exists(${.CURDIR}/../Makefile.opsys) --.include "${.CURDIR}/../Makefile.opsys" --.endif -+#.if exists(${.CURDIR}/../Makefile.opsys) -+#.include "${.CURDIR}/../Makefile.opsys" -+#.endif -+OPSYS!= uname -s - - LIB= ipsec --CFLAGS+=-g -+CFLAGS+=-g -I. - .if (${OPSYS} != "NetBSD") - CFLAGS+=-DIPSEC_DEBUG -DIPSEC -DINET6 - .else diff --git a/security/racoon2/files/patch-ab b/security/racoon2/files/patch-ab deleted file mode 100644 index 70206c12ebfe..000000000000 --- a/security/racoon2/files/patch-ab +++ /dev/null @@ -1,22 +0,0 @@ ---- Makefile.in.orig Tue Jun 13 14:01:41 2000 -+++ Makefile.in Wed Jul 5 16:20:04 2000 -@@ -7,7 +7,7 @@ - LDFLAGS=@LDFLAGS@ - CPPFLAGS= @CPPFLAGS@ - OPTFLAG=@OPTFLAG@ --CFLAGS= @CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -Dss_family=__ss_family -Dss_len=__ss_len -DSYSCONFDIR=\"${sysconfdir}\" -+CFLAGS= @CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -Dss_family=__ss_family -Dss_len=__ss_len -DSYSCONFDIR=\"${sysconfdir}/racoon\" - CFLAGS+=-DYY_NO_UNPUT - CFLAGS+=-I${srcdir}/../libipsec - LIBS= @LIBS@ -@@ -79,10 +79,6 @@ - $(INSTALL) -o bin -g bin -m 444 racoon.conf.5 $(mandir)/man5 - -mkdir -p ${sysconfdir}/racoon - for i in $(CONF); do \ -- if test ! -f ${sysconfdir}/racoon/$$i; then \ -- $(INSTALL) -o bin -g bin -m 444 samples/$$i \ -- ${sysconfdir}/racoon; \ -- fi; \ - $(INSTALL) -o bin -g bin -m 444 samples/$$i \ - ${sysconfdir}/racoon/$$i.dist; \ - done diff --git a/security/racoon2/files/patch-ac b/security/racoon2/files/patch-ac deleted file mode 100644 index ee9eba403dd1..000000000000 --- a/security/racoon2/files/patch-ac +++ /dev/null @@ -1,11 +0,0 @@ ---- configure- Wed Jul 5 16:18:19 2000 -+++ configure Wed Jul 5 16:18:32 2000 -@@ -4021,7 +4021,7 @@ - - cat >> $CONFIG_STATUS <<EOF - --CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf"} -+CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf racoon.8"} - EOF - cat >> $CONFIG_STATUS <<\EOF - for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then diff --git a/security/racoon2/files/patch-ad b/security/racoon2/files/patch-ad deleted file mode 100644 index 8b8fb3b81fe0..000000000000 --- a/security/racoon2/files/patch-ad +++ /dev/null @@ -1,13 +0,0 @@ ---- racoon.8.in.orig Tue Jul 4 21:27:59 2000 -+++ racoon.8.in Wed Jul 5 16:17:43 2000 -@@ -97,8 +97,8 @@ - .El - .\" - .Sh FILES --.Bl -tag -width /usr/local/v6/etc/racoon.conf -compact --.It Pa /usr/local/v6/etc/racoon.conf -+.Bl -tag -width @sysconfdir@/racoon/racoon.conf -compact -+.It Pa @sysconfdir@/racoon/racoon.conf - default configuration file. - .It Pa /var/log/racoon.log - default log file. diff --git a/security/racoon2/files/patch-ae b/security/racoon2/files/patch-ae deleted file mode 100644 index 66fed09eb1c8..000000000000 --- a/security/racoon2/files/patch-ae +++ /dev/null @@ -1,16 +0,0 @@ -$NetBSD: patch-ae,v 1.9 2001/08/02 12:44:18 itojun Exp $ - ---- ../libipsec/key_debug.c- Thu Aug 2 21:38:17 2001 -+++ ../libipsec/key_debug.c Thu Aug 2 21:38:44 2001 -@@ -392,9 +392,8 @@ - - printf("sadb_x_sa2{ mode=%u reqid=%u\n", - sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); -- printf(" reserved1=%u reserved2=%u sequence=%u }\n", -- sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, -- sa2->sadb_x_sa2_sequence); -+ printf(" reserved1=%u reserved2=%u }\n", -+ sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2); - - return; - } diff --git a/security/racoon2/files/patch-af b/security/racoon2/files/patch-af deleted file mode 100644 index d4563bc11a42..000000000000 --- a/security/racoon2/files/patch-af +++ /dev/null @@ -1,14 +0,0 @@ -$NetBSD: patch-af,v 1.1 2001/08/02 12:44:18 itojun Exp $ - ---- ../libipsec/pfkey_dump.c- Thu Aug 2 21:38:21 2001 -+++ ../libipsec/pfkey_dump.c Thu Aug 2 21:38:34 2001 -@@ -299,8 +299,7 @@ - } - - /* replay windoe size & flags */ -- printf("\tseq=0x%08x replay=%u flags=0x%08x ", -- m_sa2->sadb_x_sa2_sequence, -+ printf("\treplay=%u flags=0x%08x ", - m_sa->sadb_sa_replay, - m_sa->sadb_sa_flags); - diff --git a/security/racoon2/pkg-comment b/security/racoon2/pkg-comment deleted file mode 100644 index 252204b81ad6..000000000000 --- a/security/racoon2/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -KAME racoon IKE daemon diff --git a/security/racoon2/pkg-descr b/security/racoon2/pkg-descr deleted file mode 100644 index 9470793d9b4b..000000000000 --- a/security/racoon2/pkg-descr +++ /dev/null @@ -1,18 +0,0 @@ -racoon speaks IKE (ISAKMP/Oakley) key management protocol, to -establish security association with other hosts. - -Known issues: -- Too many use of dynamic memory allocation, which leads to memory leak. -- Non-threaded implementation. Simultaneous key negotiation performance - should be improved. -- Cannot negotiate keys for per-socket policy. -- Cryptic configuration syntax - blame IPsec specification too... -- Needs more documentation. - -Design choice, not a bug: -- racoon negotiate IPsec keys only. It does not negotiate policy. Policy must - be configured into the kernel separately from racoon. If you want to - support roaming clients, you may need to have a mechanism to put policy - for the roaming client after phase 1 finishes. - -WWW: http://www.kame.net/ diff --git a/security/racoon2/pkg-plist b/security/racoon2/pkg-plist deleted file mode 100644 index 0f1457b0e69f..000000000000 --- a/security/racoon2/pkg-plist +++ /dev/null @@ -1,4 +0,0 @@ -sbin/racoon -etc/racoon/psk.txt.dist -etc/racoon/racoon.conf.dist -@unexec rmdir %D/etc/racoon 2>/dev/null || true diff --git a/security/stunnel/files/stunnel.in b/security/stunnel/files/stunnel.in deleted file mode 100644 index dc074e2771a1..000000000000 --- a/security/stunnel/files/stunnel.in +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# -# A sample stunnel startup script written by martti.kuparinen@ericsson.com -# -# $FreeBSD$ -# - -# Where is the program -STUNNEL="!!PREFIX!!/sbin/stunnel" - -case "$1" in - start) - ${STUNNEL} -d 993 -r localhost:imap -p !!PREFIX!!/etc/stunnel.pem - ${STUNNEL} -d 995 -r localhost:pop3 -p !!PREFIX!!/etc/stunnel.pem - ;; - - stop) - killall `basename ${STUNNEL}` - ;; - - *) - echo "" - echo "Usage: `basename $0` { start | stop }" - echo "" - ;; -esac diff --git a/security/tripwire12/Makefile b/security/tripwire12/Makefile deleted file mode 100644 index a54f61ea8e41..000000000000 --- a/security/tripwire12/Makefile +++ /dev/null @@ -1,57 +0,0 @@ -# New ports collection makefile for: tripwire -# Date created: 31 Mar 1997 -# Whom: Joe Greco <jgreco@ns.sol.net> -# -# $FreeBSD$ -# - -PORTNAME= tripwire -PORTVERSION= 1.2 -CATEGORIES= security -MASTER_SITES= ftp://ftp.fu-berlin.de/unix/security/tripwire/ -EXTRACT_SUFX= .tar.Z - -MAINTAINER= jgreco@ns.sol.net - -MAN5= tw.config.5 -MAN8= siggen.8 tripwire.8 -NO_CDROM= "cannot be redistributed for more than the cost of duplication" -NO_PACKAGE= "requires local database to be built" -RESTRICTED= "contains crypto class algorithms" - -post-extract: - @ (cd ${WRKDIR}; tar xpf T1.2.tar) - -post-patch: - @${PERL} -pi -e 's|/secureplace/bin|${PREFIX}/bin|g;' \ - -e 's|/usr/man|${PREFIX}/man|g;' ${WRKSRC}/Makefile - -pre-configure: - @ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs - @ ${SED} s%/kernel%`sysctl -bn kern.bootfile`% \ - < ${FILESDIR}/tw.conf.freebsd2 \ - > ${WRKSRC}/configs/tw.conf.freebsd2 - -post-install: - @ ${MKDIR} /var/adm/tcheck - @ ${CP} ${FILESDIR}/tw.conf.freebsd2 /var/adm/tcheck/tw.config - # Creating tripwire database - @ (cd /var/adm/tcheck; tripwire -initialize) -.if defined(TRIPWIRE_FLOPPY) && ${TRIPWIRE_FLOPPY} == YES - # preparing the floppy - @ disklabel -w -B /dev/rfd0c fd1440 - @ newfs -u 0 -t 0 -i 196608 -m 0 -T minimum -o space /dev/rfd0c - mount /dev/fd0c /mnt - # transferring things to the floppy - @ ${CP} -p /var/adm/tcheck/tw.config /mnt/tw.config - @ ${GZIP_CMD} < /var/adm/tcheck/databases/tw.db_`hostname` \ - > /mnt/tw.db_`hostname`.gz - @ ${CP} -p ${FILESDIR}/twcheck /usr/bin/gunzip \ - ${PREFIX}/bin/tripwire \ - /mnt/ - @ ${CHMOD} 555 /mnt/tripwire /mnt/gunzip /mnt/twcheck - @ umount /mnt - # Do not forget to remove and write-protect the floppy. -.endif - -.include <bsd.port.mk> diff --git a/security/tripwire12/distinfo b/security/tripwire12/distinfo deleted file mode 100644 index 99144795d9b7..000000000000 --- a/security/tripwire12/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (tripwire-1.2.tar.Z) = c82e0327e0caa1821e3e564fa1938d88 diff --git a/security/tripwire12/files/conf-freebsd2.h b/security/tripwire12/files/conf-freebsd2.h deleted file mode 100644 index d8f2942118e3..000000000000 --- a/security/tripwire12/files/conf-freebsd2.h +++ /dev/null @@ -1,55 +0,0 @@ -/* $FreeBSD$ */ - -/* - * conf-freebsd2.h - * - * Tripwire configuration file - * - * Joe Greco - * sol.net Network Services - * Derived from the other BSD config.h's - */ - -/*** - *** Operating System specifics - *** - *** If the answer to a question in the comment is "Yes", then - *** change the corresponding "#undef" to a "#define" - ***/ - -/* - * is your OS a System V derivitive? if so, what version? - * (e.g., define SYSV 4) - */ - -#undef SYSV - -/* - * does your system have a <malloc.h> like System V? - */ - -#undef MALLOCH - -/* - * does your system have a <stdlib.h> like POSIX says you should? - */ - -#define STDLIBH - -/* - * does your system use readdir(3) that returns (struct dirent *)? - */ - -#define DIRENT - -/* - * is #include <string.h> ok? (as opposed to <strings.h>) - */ - -#define STRINGH - -/* - * does your system have gethostname(2) (instead of uname(2))? - */ - -#define GETHOSTNAME diff --git a/security/tripwire12/files/patch-aa b/security/tripwire12/files/patch-aa deleted file mode 100644 index 81238bf9ae3a..000000000000 --- a/security/tripwire12/files/patch-aa +++ /dev/null @@ -1,38 +0,0 @@ -*** include/config.h.orig Fri Jul 15 06:02:52 1994 ---- include/config.h Sun Dec 31 18:56:20 1989 -*************** -*** 17,23 **** - *** file that corresponds with your operating system. - ***/ - -! #include "../configs/conf-svr4.h" - - #ifdef TW_TYPE32 - typedef TW_TYPE32 int32; ---- 17,23 ---- - *** file that corresponds with your operating system. - ***/ - -! #include "../configs/conf-freebsd2.h" - - #ifdef TW_TYPE32 - typedef TW_TYPE32 int32; -*************** -*** 103,110 **** - #endif - */ - -! #define CONFIG_PATH "/tmp/genek" -! #define DATABASE_PATH "/tmp/genek" - - /******* name of Tripwire files ************************************** - * ---- 103,110 ---- - #endif - */ - -! # define CONFIG_PATH "/var/adm/tcheck" -! # define DATABASE_PATH "/var/adm/tcheck/databases" - - /******* name of Tripwire files ************************************** - * diff --git a/security/tripwire12/files/patch-ab b/security/tripwire12/files/patch-ab deleted file mode 100644 index 7dcf3348984f..000000000000 --- a/security/tripwire12/files/patch-ab +++ /dev/null @@ -1,62 +0,0 @@ -*** Makefile Mon Jul 25 10:59:41 1994 ---- Makefile Thu Jan 2 12:04:35 1997 -*************** -*** 34,36 **** - # you can use ANSI C if you like, but K&R is equally fine. -! CC = cc # common - #CC = gcc # also common ---- 34,36 ---- - # you can use ANSI C if you like, but K&R is equally fine. -! #CC = cc # common - #CC = gcc # also common -*************** -*** 38,40 **** - -! CFLAGS = -O # common - #CFLAGS = -g # common ---- 38,40 ---- - -! #CFLAGS = -O # common - #CFLAGS = -g # common -*************** -*** 60,66 **** - #CPP = /lib/cpp # on older systems - - # make sure libraries are not linked dynamically (as a security measure) -! LDFLAGS= # common - #LDFLAGS= -non_shared # OSF/1 - #LDFLAGS= -Bstatic # SunOS 4 (cannot statically link tripwire - # on Solaris 2.3) ---- 60,67 ---- - #CPP = /lib/cpp # on older systems - - # make sure libraries are not linked dynamically (as a security measure) -! LDFLAGS= -static -! #LDFLAGS= # common - #LDFLAGS= -non_shared # OSF/1 - #LDFLAGS= -Bstatic # SunOS 4 (cannot statically link tripwire - # on Solaris 2.3) - - ---- src/Makefile.orig Mon Jul 25 10:40:54 1994 -+++ src/Makefile Sun May 28 15:52:25 2000 -@@ -3,7 +3,7 @@ - # Tripwire build - # - --CFLAGS = -O -+#CFLAGS = -O - - OFILES = config.parse.o main.o list.o ignorevec.o dbase.build.o \ - utils.o preen.o preen.interp.o preen.report.o \ -@@ -103,8 +103,9 @@ - .c.o: - $(CC) $(CFLAGS) -c $< - --install: tripwire -+install: tripwire siggen - $(INSTALL) tripwire $(DESTDIR) -+ $(INSTALL) siggen $(DESTDIR) - - clean: - -rm -f $(OFILES) config.lex.c config.pre.c y.tab.c lex.yy.c help.c \ diff --git a/security/tripwire12/files/patch-ac b/security/tripwire12/files/patch-ac deleted file mode 100644 index bad090157860..000000000000 --- a/security/tripwire12/files/patch-ac +++ /dev/null @@ -1,16 +0,0 @@ -This patch eliminates a compiler warning about LITTLE_ENDIAN begin -redefined. - -*** sigs/sha/sha.c.orig Mon Jul 25 08:46:45 1994 ---- sigs/sha/sha.c Mon Mar 31 19:55:23 1997 -*************** -*** 47,52 **** ---- 47,54 ---- - #include "sha.h" - - #if BYTEORDER == 0x1234 -+ #undef BIG_ENDIAN -+ #undef LITTLE_ENDIAN - #define LITTLE_ENDIAN - #endif - diff --git a/security/tripwire12/files/patch-mktemp b/security/tripwire12/files/patch-mktemp deleted file mode 100644 index 3e871d4b6e5b..000000000000 --- a/security/tripwire12/files/patch-mktemp +++ /dev/null @@ -1,239 +0,0 @@ -This patches replace all uses of the (potentially insecure) mktemp(3) -with a much safer tmpfile(3). - ---- src/config.parse.c Wed Jul 20 21:03:26 1994 -+++ src/config.parse.c Wed May 17 17:30:22 2000 -@@ -55,7 +55,6 @@ - #endif - - /* prototypes */ --char *mktemp(); - static void configfile_descend(); - - #ifndef L_tmpnam -@@ -86,7 +85,6 @@ - char ignorestring[1024]; - char s[MAXPATHLEN+1024]; - char configfile[MAXPATHLEN+512]; -- char *tmpfilename; - char number[128]; - int entrynum = 0; - int err; -@@ -98,18 +96,6 @@ - if (!printpreprocess && !quietmode) - fputs("### Phase 1: Reading configuration file\n", stderr); - -- /* generate temporary file name */ -- if ((tmpfilename = (char *) malloc(L_tmpnam + MAXPATHLEN)) == NULL) { -- perror("configfile_read: malloc()"); -- exit(1); -- }; -- (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE); -- -- if ((char *) mktemp(tmpfilename) == NULL) { -- perror("configfile_read: mktemp()"); -- exit(1); -- } -- - /* generate configuration file name */ - if (specified_configmode != SPECIFIED_FILE) - sprintf(configfile, "%s/%s", config_path, config_file); -@@ -149,25 +135,17 @@ - - err = umask(077); /* to protect the tempfile */ - -- if ((fpout = fopen(tmpfilename, "w+")) == NULL) { -- sprintf(s, "tripwire: Couldn't open config file '%s'", configfile); -- perror(s); -- exit(1); -- } -- (void) umask(err); /* return it to its former state */ -- -- /* The following unlink accomplishes two things: -+ /* The use of tmpfile(3) accomplishes two things: - * 1) if the program terminates, we won't leave a temp - * file sitting around with potentially sensitive names - * in it. - * 2) the file is "hidden" while we run - */ -- if (unlink(tmpfilename) < 0) { -- perror("configfile_read: unlink()"); -+ if ((fpout = tmpfile()) == NULL) { -+ perror("tmpfile"); - exit(1); - } -- free(tmpfilename); -- -+ (void) umask(err); /* return it to its former state */ - - /* - * pass 0: preprocess file ---- src/dbase.build.c Mon Jul 25 11:24:09 1994 -+++ src/dbase.build.c Wed May 17 18:22:14 2000 -@@ -66,7 +66,6 @@ - int files_scanned_num = 0; - - /* prototypes */ --char *mktemp(); - static void database_record_write(); - - char backupfile[MAXPATHLEN+256]; -@@ -125,17 +124,7 @@ - - /* where do we write the new database? */ - if (mode == DBASE_TEMPORARY) { -- char *tmpfilename = (char *) malloc(strlen(TEMPFILE_TEMPLATE)+1); -- if (tmpfilename == NULL) -- die_with_err("malloc() failed in database_build", (char *) NULL); -- (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE); -- -- if ((char *) mktemp(tmpfilename) == NULL) -- die_with_err("database_build: mktemp()", (char *) NULL); -- -- (void) strcpy(tempdatabase_file, tmpfilename); -- (void) strcpy(database, tempdatabase_file); -- free(tmpfilename); -+ /* do nothing */ - } /* end if temporary database */ - else if (mode == DBASE_UPDATE) { - sprintf(database, "./databases/%s", database_file); -@@ -224,6 +213,12 @@ - } - - /* rebuild the database */ -+ if (mode == DBASE_TEMPORARY) { -+ fpw = tmpfile(); -+ if (fpw == NULL) -+ die_with_err("call tmpfile(3) failed. Check your TMPDIR setting", -+ NULL); -+ } else - if ((fpw = fopen(database, "w")) == NULL) - die_with_err("Hint: Maybe the database directory '%s' doesn't exist? fopen()", database); - -@@ -369,6 +364,6 @@ - -- /* we don't want to allow anyone to spoof the temporary file in /tmp */ -+ /* if the database was temporary, the file was opened by tmpfile(3) -- -+ as such, it can not be accessed by anything but this process */ - if (mode == DBASE_TEMPORARY) { -- if ((fptempdbase = freopen(database, "r", fpw)) == NULL) -- die_with_err("temporary database file disappeared?!?", database); -+ fptempdbase = fpw; - rewind(fptempdbase); ---- src/main.c Fri Aug 26 04:23:03 1994 -+++ src/main.c Wed May 17 18:01:00 2000 -@@ -108,7 +108,6 @@ - char *database_path = DATABASE_PATH; - char *config_path = CONFIG_PATH; - --char tempdatabase_file[MAXPATHLEN+256]; - FILE *fptempdbase; - - char *defaultignore = DEFAULTIGNORE; ---- src/preen.c Mon Jul 25 11:24:11 1994 -+++ src/preen.c Wed May 17 18:22:22 2000 -@@ -37,7 +37,6 @@ - static int numentriesread = 0; /* running count of @@contents */ - - /* prototypes */ --char *mktemp(); - static void olddbasefile_load(); - - char *updatemodes[] = { -@@ -97,9 +96,6 @@ - preen_report(interactive, ppp_updateentries); - if (!specified_configmode) - (void) fclose(fp_in); -- -- /* remove the temporary database file */ -- (void) unlink(tempdatabase_file); - - SPDEBUG(3) printf("*** leaving update_gather()\n"); - ---- src/siggen.c Mon Jul 25 11:24:12 1994 -+++ src/siggen.c Wed May 17 18:36:51 2000 -@@ -52,7 +52,6 @@ - - extern int optind; - int debuglevel = 0; --char *mktemp(); - - int (*pf_signatures [NUM_SIGS]) () = { - SIG0FUNC, -@@ -84,7 +83,6 @@ - }; - int verbosity = 0; - int quietmode = 0; --char *tmpfilename = NULL; - int readstdin = 0; - - -@@ -167,19 +167,6 @@ - FILE *fpout; -- /* generate temporary file name */ -- if ((tmpfilename = (char *) malloc(L_tmpnam + MAXPATHLEN)) == NULL) { -- perror("main: malloc()"); -- exit(1); -- }; -- (void) strcpy(tmpfilename, "/tmp/twzXXXXXX"); -- -- if ((char *) mktemp(tmpfilename) == NULL) { -- perror("siggen: mktemp()"); -- exit(1); -- } - - /* output */ -- if (!(fpout = fopen(tmpfilename, "w"))) { -- char err[1024]; -- sprintf(err, "main: fopen(%s)", tmpfilename); -- perror(err); -+ if (!(fpout = tmpfile())) { -+ perror("tmpfile()"); - exit(1); -@@ -189,12 +176,6 @@ - putc(c, fpout); -- fclose(fpout); -- if ((fd = open(tmpfilename, O_RDONLY)) < 0) { -- perror("siggen: open"); -- exit(1); -- } -- if (siggen(fd) < 0) -+ rewind(fpout); -+ if (siggen(fileno(fpout)) < 0) - errors++; - -- if (fd) -- close(fd); -+ close(fd); -- unlink(tmpfilename); ---- src/utils.c Mon Jul 25 12:23:16 1994 -+++ src/utils.c Wed May 17 18:21:38 2000 -@@ -785,23 +785,15 @@ - int - fd_tempfilename_generate() - { -- char tmp[MAXPATHLEN+256]; -- int fd; -+ FILE *tmp; - -- (void) strcpy(tmp, TEMPFILE_TEMPLATE); -- if ((char *) mktemp(tmp) == NULL) { -- perror("tempfilename_generate: mktemp()"); -+ tmp = tmpfile(); -+ if (tmp == NULL) { -+ perror("tempfilename_generate: tmpfile()"); - exit(1); - } - -- if ((fd = open(tmp, O_RDWR | O_CREAT, 0600)) < 0) { -- perror("tempfilename_generate: open()"); -- exit(1); -- } -- /* unlink right away to make sure no one can tamper with our file */ -- unlink(tmp); -- -- return fd; -+ return fileno(tmp); - } - - /* diff --git a/security/tripwire12/files/patch-warnings b/security/tripwire12/files/patch-warnings deleted file mode 100644 index ddd14eff68c6..000000000000 --- a/security/tripwire12/files/patch-warnings +++ /dev/null @@ -1,33 +0,0 @@ -This patches remove some of the warnings produced by the compiler. - ---- src/siggen.c Mon Jul 25 11:24:12 1994 -+++ src/siggen.c Wed May 17 19:15:29 2000 -@@ -15,2 +15,3 @@ - #include "../include/config.h" -+#include <unistd.h> - #include <stdio.h> -@@ -104,4 +104,6 @@ -+ -+/* forward declaration, to avoid compiler warnings */ -+int siggen(int); - - int - main(argc, argv) ---- aux/byteorder.c Fri Jul 15 07:02:36 1994 -+++ aux/byteorder.c Wed May 17 19:12:42 2000 -@@ -22,3 +22,3 @@ - --void -+int - main() -@@ -34,2 +34,3 @@ - -+#warning "the shift-width warning below can be ignored" - if (sizeof(int32) > 4) ---- aux/types.c Sun Dec 12 23:02:27 1993 -+++ aux/types.c Wed May 17 19:23:21 2000 -@@ -24,3 +24,3 @@ - --void -+int - main(argc, argv) diff --git a/security/tripwire12/files/tw.conf.freebsd2 b/security/tripwire12/files/tw.conf.freebsd2 deleted file mode 100644 index c195f38872e2..000000000000 --- a/security/tripwire12/files/tw.conf.freebsd2 +++ /dev/null @@ -1,154 +0,0 @@ -# $FreeBSD$ -# -# tripwire.config -# Generic version for FreeBSD -# Will need editing...see comments below -# -# This file contains a list of files and directories that System -# Preener will scan. Information collected from these files will be -# stored in the tripwire.database file. -# -# Format: [!|=] entry [ignore-flags] -# -# where: '!' signifies the entry is to be pruned (inclusive) from -# the list of files to be scanned. -# '=' signifies the entry is to be added, but if it is -# a directory, then all its contents are pruned -# (useful for /tmp). -# -# where: entry is the absolute pathname of a file or a directory -# -# where ignore-flags are in the format: -# [template][ [+|-][pinugsam12] ... ] -# -# - : ignore the following atributes -# + : do not ignore the following attributes -# -# p : permission and file mode bits a: access timestamp -# i : inode number m: modification timestamp -# n : number of links (ref count) c: inode creation timestamp -# u : user id of owner 1: signature 1 -# g : group id of owner 2: signature 2 -# s : size of file -# -# -# Ex: The following entry will scan all the files in /etc, and report -# any changes in mode bits, inode number, reference count, uid, -# gid, modification and creation timestamp, and the signatures. -# However, it will ignore any changes in the access timestamp. -# -# /etc +pinugsm12-a -# -# The following templates have been pre-defined to make these long ignore -# mask descriptions unecessary. -# -# Templates: (default) R : [R]ead-only (+pinugsm12-a) -# L : [L]og file (+pinug-sam12) -# N : ignore [N]othing (+pinusgsamc12) -# E : ignore [E]verything (-pinusgsamc12) -# -# By default, Tripwire uses the R template -- it ignores -# only the access timestamp. -# -# You can use templates with modifiers, like: -# Ex: /etc/lp E+ug -# -# Example configuration file: -# /etc R # all system files -# !/etc/lp R # ...but not those logs -# =/tmp N # just the directory, not its files -# -# Note the difference between pruning (via "!") and ignoring everything -# (via "E" template): Ignoring everything in a directory still monitors -# for added and deleted files. Pruning a directory will prevent Tripwire -# from even looking in the specified directory. -# -# -# Tripwire running slowly? Modify your tripwire.config entries to -# ignore the (signature 2) attribute when this computationally-exorbitant -# protection is not needed. (See README and design document for further -# details.) -# - -# First, root's traditional "home". Note that FreeBSD's root's home (/root) -# is protected by R-2 protections in the default config file. -=/ L -/.rhosts R # may not exist -/.profile R # may not exist -/.cshrc R # may not exist -/.login R # may not exist -/.exrc R # may not exist -/.logout R # may not exist -/.forward R # may not exist - -# Unix itself -/kernel R - -# /bin -/bin R-2 - -# /dev -/dev L - -# /etc -/etc R-2 -/etc/aliases L -/etc/dumpdates L -/etc/motd L - -# my passwd database should be static at time of system build. yours may -# not be, if not, uncomment the lines below. - -# /etc/passwd L -# /etc/master.passwd L -# /etc/pwd.db L -# /etc/spwd.db L - -# /home -=/home - -# /lkm and /modules -/lkm R-2 -/modules R-2 - -# /boot -/boot R-2 - -# /root -/root R-2 -/root/.history L - -# /sbin -/sbin R-2 - -# /stand -/stand R-2 - -# /usr/bin -/usr/bin R-2 - -/usr/include R-12 - -/usr/lib R-2 - -/usr/libdata R-2 - -/usr/libexec R-2 - -/usr/local/bin R-2 - -/usr/local/etc L - -/usr/local/lib R-2 - -/usr/local/libexec R-2 - -/usr/local/sbin R-2 - -/usr/local/share R-2 - -/usr/sbin R-2 - -/usr/share R-2 - -########################################### diff --git a/security/tripwire12/files/twcheck b/security/tripwire12/files/twcheck deleted file mode 100644 index a4dffd2b61c9..000000000000 --- a/security/tripwire12/files/twcheck +++ /dev/null @@ -1,3 +0,0 @@ -#! /bin/sh - - -./gunzip < tw.db_`hostname`.gz | ./tripwire -dfd 0 -c tw.config diff --git a/security/tripwire12/pkg-comment b/security/tripwire12/pkg-comment deleted file mode 100644 index e72f9d2604a3..000000000000 --- a/security/tripwire12/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -File system security and verification program diff --git a/security/tripwire12/pkg-descr b/security/tripwire12/pkg-descr deleted file mode 100644 index 06132f876d9b..000000000000 --- a/security/tripwire12/pkg-descr +++ /dev/null @@ -1,13 +0,0 @@ -Tripwire is a tool that aids system administrators and -users in monitoring a designated set of files for any changes. -Used with system files on a regular (e.g., daily) basis, Tripwire -can notify system administrators of corrupted or tampered files, -so damage control measures can be taken in a timely manner. - -If "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the -"make" command line, this port will write the tripwire database to -a floppy disk, which should then be write-protected and used as a -reference for future runs. The diskette should be formatted and -present in the "A" drive before starting the "make install" step. - -Joe Greco <jgreco@ns.sol.net> diff --git a/security/tripwire12/pkg-plist b/security/tripwire12/pkg-plist deleted file mode 100644 index f34115341fbe..000000000000 --- a/security/tripwire12/pkg-plist +++ /dev/null @@ -1,2 +0,0 @@ -bin/siggen -bin/tripwire diff --git a/security/zenmap/Makefile b/security/zenmap/Makefile deleted file mode 100644 index 74b1d5008319..000000000000 --- a/security/zenmap/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# ex:ts=8 -# Ports collection makefile for: nmap -# Date created: Tue Aug 04, 1998 -# Whom: David O'Brien (obrien@NUXI.com) -# -# $FreeBSD$ -# - -MASTERDIR= ${.CURDIR}/../nmap -PKGDIR= ${.CURDIR} - -PORTNAME= nmapfe - -RUN_DEPENDS= nmap:${PORTSDIR}/security/nmap - -USE_GTK= yes -#WRKSRC:= ${WRKSRC}/nmapfe -INSTALL_TARGET= install-nmapfe -MAN1= nmapfe.1 xnmap.1 - -after-install: - test -e ${PREFIX}/bin/nmapfe \ - || (cd ${PREFIX}/bin ; ${LN} -f nmapfe xnmap) - -.include "${MASTERDIR}/Makefile" diff --git a/security/zenmap/distinfo b/security/zenmap/distinfo deleted file mode 100644 index f39de2ced0c5..000000000000 --- a/security/zenmap/distinfo +++ /dev/null @@ -1 +0,0 @@ -MD5 (nmapfe-0.9.5.tgz) = f7cd97ddcd1eca49489298ad9bd3bf00 diff --git a/security/zenmap/files/nmap.1 b/security/zenmap/files/nmap.1 deleted file mode 100644 index b80aaa89fe46..000000000000 --- a/security/zenmap/files/nmap.1 +++ /dev/null @@ -1,87 +0,0 @@ -.\" -.\" Copyright (c) 1998 David E. O'Brien -.\" -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $FreeBSD$ -.\" -.\" .TH NMAP 1L local -.Dd August 4, 1998 -.Dt NMAP 1 -.Os BSD -.Sh NAME -.Nm nmap -.Nd network port scanner -.Sh SYNOPSIS -.Nm nmap -.Op Ar options -.Ar hostname -.Op Ar /mask -.Sh DESCRIPTION -.Nm -is a utility for port scanning large networks, although it works fine for -single hosts. The guiding philosophy for the creation of -.Nm -was TMTOWTDI (There's More Than One Way To Do It). This is the Perl slogan, but -it is equally applicable to scanners. Sometimes you need speed, other times you -may need stealth. In some cases, bypassing firewalls may be required. Not to -mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, -etc.). You just can't do all this with one scanning mode. And you don't want to -have 10 different scanners around, all with different interfaces and -capabilities. Thus -.Nm -incorporats virtually every scanning technique known. -Specifically, -.Nm -supports: - - Vanilla TCP connect() scanning, - TCP SYN (half open) scanning, - TCP FIN (stealth) scanning, - TCP ftp proxy (bounce attack) scanning - SYN/FIN scanning using IP fragments (bypasses packet filters), - UDP recvfrom() scanning, - UDP raw ICMP port unreachable scanning, - ICMP scanning (ping-sweep), and - Reverse-ident scanning. - -.Nm -also supports a number of performance and reliability features such as dynamic -delay time calculations, packet timeout and retransmission, parallel port -scanning, detection of down hosts via parallel pings, and flexible target and -port specification. -.Sh FILES -none. -.Sh SEE ALSO -.Xr mscan 1L , -.Xr nc 1L , -.Xr scrobe 1L -.Sh DIAGNOSTICS -none. -.Sh BUGS -none known. -.Sh AUTHORS -This man page has been written by David O'Brien (obrien@cs.ucdavis.edu) -.\" .Sh HISTORY -.\" .Nm -.\" appeared in FreeBSD 3.0. diff --git a/security/zenmap/pkg-comment b/security/zenmap/pkg-comment deleted file mode 100644 index 5678ecd23a9f..000000000000 --- a/security/zenmap/pkg-comment +++ /dev/null @@ -1 +0,0 @@ -GUI frontend for the nmap scanning utility diff --git a/security/zenmap/pkg-descr b/security/zenmap/pkg-descr deleted file mode 100644 index ef1316ec24bc..000000000000 --- a/security/zenmap/pkg-descr +++ /dev/null @@ -1,6 +0,0 @@ -nmapfe is a GUI front end for the nmap port scanning tool. - -WWW: http://www.insecure.org/nmap/index.html - --- David - obrien@cs.ucdavis.edu diff --git a/security/zenmap/pkg-plist b/security/zenmap/pkg-plist deleted file mode 100644 index 201a9646d72f..000000000000 --- a/security/zenmap/pkg-plist +++ /dev/null @@ -1,3 +0,0 @@ -@comment $FreeBSD$ -bin/nmapfe -bin/xnmap |