diff options
| author | Rene Ladan <rene@FreeBSD.org> | 2023-10-01 09:33:38 +0000 |
|---|---|---|
| committer | Rene Ladan <rene@FreeBSD.org> | 2023-10-01 09:33:38 +0000 |
| commit | 055f9a3cd96d8358eee345fb279dd49183102cbc (patch) | |
| tree | d340dbc3453abab555389b514002bd992185cc27 | |
| parent | 01607ea1ec0d2e6ceff738a7d1a4ed68dd849d68 (diff) | |
| download | ports-055f9a3cd96d8358eee345fb279dd49183102cbc.tar.gz ports-055f9a3cd96d8358eee345fb279dd49183102cbc.zip | |
security/krb5-appl: Remove expired port
2023-10-01 security/krb5-appl: Desupported by upstream, uses old ciphers
22 files changed, 1 insertions, 671 deletions
@@ -7928,3 +7928,4 @@ databases/percona57-server||2023-10-01|Has expired: Upstream EOL reaches on 2023 databases/percona57-client||2023-10-01|Has expired: Upstream EOL reaches on 2023-10-01 sysutils/nfs-over-tls||2023-10-01|Has expired: All supported releases of FreeBSD include this in base x11/antimicro|x11/antimicrox|2023-10-01|Has expired: Replaced by x11/antimicrox upstream no longer maintained +security/krb5-appl||2023-10-01|Has expired: Desupported by upstream, uses old ciphers diff --git a/security/Makefile b/security/Makefile index adba6386fe44..ea8e787c5200 100644 --- a/security/Makefile +++ b/security/Makefile @@ -270,7 +270,6 @@ SUBDIR += krb5-119 SUBDIR += krb5-120 SUBDIR += krb5-121 - SUBDIR += krb5-appl SUBDIR += krb5-devel SUBDIR += kstart SUBDIR += ktls_isa-l_crypto-kmod diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile deleted file mode 100644 index 85a50750172e..000000000000 --- a/security/krb5-appl/Makefile +++ /dev/null @@ -1,124 +0,0 @@ -PORTNAME= krb5-appl -PORTVERSION= 1.0.3 -PORTREVISION= 4 -CATEGORIES= security -MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ -DISTNAME= ${PORTNAME}-${PORTVERSION}-signed -EXTRACT_SUFX= .tar - -PATCH_SITES= http://web.mit.edu/kerberos/advisories/ - -MAINTAINER= cy@FreeBSD.org -COMMENT= MIT implementation of RFC 4120 network authentication clients -WWW= https://web.mit.edu/kerberos/ - -DEPRECATED= Desupported by upstream, uses old ciphers -EXPIRATION_DATE= 2023-10-01 - -BUILD_DEPENDS= krb5-config:security/krb5 - -CONFLICTS= heimdal srp bsdftpd-ssl - -KERBEROSV_URL= http://web.mit.edu/kerberos/ -USES= autoreconf gmake ncurses perl5 gssapi:mit ssl -GNU_CONFIGURE= yes -USE_PERL5= build -USE_LDCONFIG= yes -USE_CSTD= gnu89 -CONFIGURE_ARGS?= --with-krb5=${KRB5_HOME} -CONFIGURE_ENV= INSTALL="${INSTALL}" YACC=/usr/bin/yacc -MAKE_ARGS= INSTALL="${INSTALL}" -PATCH_DIST_STRIP= -p1 - -OPTIONS_DEFINE= KRB5_RENAME_FTP KRB5_RENAME_TELNET KRB5_RENAME_RLOGIN KRB5_RENAME_RSH KRB5_RENAME_RCP -OPTIONS_DEFAULT= KRB5_PORT KRB5_RENAME_FTP KRB5_RENAME_TELNET \ - KRB5_RENAME_RLOGIN KRB5_RENAME_RSH KRB5_RENAME_RCP -KRB5_RENAME_FTP_DESC= Rename ftp to kftp -KRB5_RENAME_TELNET_DESC= Rename telnet to ktelnet -KRB5_RENAME_RLOGIN_DESC= Rename rlogin to krlogin -KRB5_RENAME_RSH_DESC= Rename rsh to krsh -KRB5_RENAME_RCP_DESC= Rename rcp to krcp -KRB5_PORT_DESC= Depend on security/krb5 - -.include <bsd.port.pre.mk> - -KRB5_PORT_LIB_DEPENDS= libkrb5support.so:security/krb5 -KRB5_PORT_RUN_DEPENDS= kinit:security/krb5 - -KRB5_DOC_BUILD_DEPENDS+= texi2dvi:print/texinfo \ - dvips:print/dvipsk-tetex -KRB5_DOC_INFO= krb5-admin krb5-install krb5-user - -CFLAGS+= -I${PREFIX}/include -LDFLAGS+= -L${PREFIX}/lib - -.if ${PORT_OPTIONS:MKRB5_RENAME_FTP} -PROGRAM_TRANSFORM_NAME+= s/^ftp/kftp/; -PLIST_SUB+= FTP_PROG="kftp" -.else -PLIST_SUB+= FTP_PROG="ftp" -.endif - -.if ${PORT_OPTIONS:MKRB5_RENAME_TELNET} -PROGRAM_TRANSFORM_NAME+= s/^telnet/ktelnet/; -PLIST_SUB+= TELNET_PROG="ktelnet" -.else -PLIST_SUB+= TELNET_PROG="telnet" -.endif - -.if ${PORT_OPTIONS:MKRB5_RENAME_RLOGIN} -PLIST_SUB+= RLOGIN_PROG="krlogin" -PROGRAM_TRANSFORM_NAME+= s/^rlogin/krlogin/; -.else -PLIST_SUB+= RLOGIN_PROG="rlogin" -.endif - -.if ${PORT_OPTIONS:MKRB5_RENAME_RSH} -PLIST_SUB+= RSH_PROG="krsh" -PROGRAM_TRANSFORM_NAME+= s/^rsh/krsh/; -.else -PLIST_SUB+= RSH_PROG="rsh" -.endif - -.if ${PORT_OPTIONS:MKRB5_RENAME_RCP} -PROGRAM_TRANSFORM_NAME+= s/^rcp/krcp/; -PLIST_SUB+= RCP_PROG="krcp" -.else -PLIST_SUB+= RCP_PROG="rcp" -.endif - -.if ! ( ${PORT_OPTIONS:MKRB5_RENAME_RLOGIN} && \ - ${PORT_OPTIONS:MKRB5_RENAME_RSH} && \ - ${PORT_OPTIONS:MKRB5_RENAME_RCP} ) -CONFLICTS+= bsdrcmds-* -.endif - -.if defined(PROGRAM_TRANSFORM_NAME) && ${PROGRAM_TRANSFORM_NAME} != "" -CONFIGURE_ARGS+= --program-transform-name="${PROGRAM_TRANSFORM_NAME}" -.endif - -WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} - -HTML_DOC_DIR= ${WRKDIR}/${PORTNAME}-${PORTVERSION}/doc -HTML_DOCS= ftp.html kdestroy.html kinit.html klist.html \ - kpasswd.html krb5-admin.html \ - krb5-install.html krb5-user.html ksu.html \ - rcp.html rlogin.html rsh.html telnet.html - -CONFIGURE_ARGS+= CPPFLAGS="-I${OPENSSLINC} -L${OPENSSLLIB}" - -post-extract: - @${TAR} -C ${WRKDIR} -xzf ${WRKDIR}/${PORTNAME}-${PORTVERSION}.tar.gz --no-same-owner --no-same-permissions - @${RM} ${WRKDIR}/${PORTNAME}-${PORTVERSION}.tar.gz ${WRKDIR}/${PORTNAME}-${PORTVERSION}.tar.gz.asc - -post-install: - @${ECHO} "------------------------------------------------------" - @${ECHO} "This port of MIT Kerberos 5 includes remote login " - @${ECHO} "daemons (telnetd and klogind). These daemons default " - @${ECHO} "to using the system login program (/usr/bin/login). " - @${ECHO} "Please see the file " - @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD" - @${ECHO} "for more information. " - @${ECHO} "------------------------------------------------------" - -.include <bsd.port.post.mk> diff --git a/security/krb5-appl/distinfo b/security/krb5-appl/distinfo deleted file mode 100644 index b033954e2220..000000000000 --- a/security/krb5-appl/distinfo +++ /dev/null @@ -1,2 +0,0 @@ -SHA256 (krb5-appl-1.0.3-signed.tar) = feb88581eba566554ad515a6fcf18cee11e8409a2c4755bf5188db96f0b7f039 -SIZE (krb5-appl-1.0.3-signed.tar) = 634880 diff --git a/security/krb5-appl/files/README.FreeBSD b/security/krb5-appl/files/README.FreeBSD deleted file mode 100644 index e888e689eb04..000000000000 --- a/security/krb5-appl/files/README.FreeBSD +++ /dev/null @@ -1,32 +0,0 @@ -The MIT KRB5 port provides its own login program at -${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of -the FreeBSD login.conf and login.access files that provide a means of -setting up and controlling sessions under FreeBSD. To overcome this, -the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide -interactive login password authentication instead of the login.krb5 -program provided by MIT KRB5. The FreeBSD /usr/bin/login program does -not have support for Kerberos V password authentication, -e.g. authentication at the console. The pam_krb5 port must be used to -provide Kerberos V password authentication. - -For more information about pam_krb5, please see pam(8) and pam_krb5(8). - -If you wish to use login.krb5 that is provided by the MIT KRB5 port, -the arguments "-L ${PREFIX}/sbin/login.krb5" must be -specified as arguments to klogind and KRB5 telnetd, e.g. - -klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5 -eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5 -telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5 - -Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead -of the FreeBSD provided /usr/bin/login for local tty logins, -"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g., - -default:\ - :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\ - :if=/etc/issue:\ - :lo=${PREFIX}/sbin/login.krb5: - -It is recommended that the FreeBSD /usr/bin/login be used with the -pam_krb5 port instead of the MIT KRB5 provided login.krb5. diff --git a/security/krb5-appl/files/patch-appl__bsd__Makefile.in b/security/krb5-appl/files/patch-appl__bsd__Makefile.in deleted file mode 100644 index 2b7510072d90..000000000000 --- a/security/krb5-appl/files/patch-appl__bsd__Makefile.in +++ /dev/null @@ -1,12 +0,0 @@ ---- bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001 -+++ bsd/Makefile.in Mon Dec 31 21:52:45 2001 -@@ -31,8 +31,8 @@ - -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\" - - DEFINES = $(RSH) $(BSD) $(RPROGS) -DKERBEROS \ -- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \ -+ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \ - -DHEIMDAL_FRIENDLY - - all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP) - diff --git a/security/krb5-appl/files/patch-appl__bsd__klogind.M b/security/krb5-appl/files/patch-appl__bsd__klogind.M deleted file mode 100644 index 1d48bb21db10..000000000000 --- a/security/krb5-appl/files/patch-appl__bsd__klogind.M +++ /dev/null @@ -1,26 +0,0 @@ ---- bsd/klogind.M.orig 2008-12-15 12:29:01.000000000 -0800 -+++ bsd/klogind.M 2009-08-28 13:13:28.000000000 -0700 -@@ -13,7 +13,7 @@ - .B \-rcpPef - ] - [[ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP ]] ] --[ \fB\-D\fP \fIport\fP ] -+[ \fB\-D\fP \fIport\fP ] [\fB\-L\fP \fIloginpath\fP] - .SH DESCRIPTION - .I Klogind - is the server for the -@@ -136,11 +136,9 @@ - .IP \fB\-M\ realm\fP - Set the Kerberos realm to use. - --.IP \fB\-L\ login\fP --Set the login program to use. This option only has an effect if --DO_NOT_USE_K_LOGIN was not defined when --.I klogind --was compiled. -+.IP \fB\-L\ loginpath\fP -+Specify pathname to an alternative login program. Default: /usr/bin/login. -+KRB5_HOME/sbin/login.krb5 may be specified. - - .IP \fB\-D\ port\fP - Run in standalone mode, listening on \fBport\fP. The daemon will exit diff --git a/security/krb5-appl/files/patch-appl__gssftp__ftp__ftp_var.h b/security/krb5-appl/files/patch-appl__gssftp__ftp__ftp_var.h deleted file mode 100644 index efb2721cd5e8..000000000000 --- a/security/krb5-appl/files/patch-appl__gssftp__ftp__ftp_var.h +++ /dev/null @@ -1,23 +0,0 @@ ---- gssftp/ftp/ftp_var.h.orig Tue Jun 17 02:37:40 2003 -+++ gssftp/ftp/ftp_var.h Sat Aug 30 05:30:44 2003 -@@ -33,6 +33,10 @@ - * @(#)ftp_var.h 5.9 (Berkeley) 6/1/90 - */ - -+#if defined(__FreeBSD_cc_version) && __FreeBSD_cc_version > 500000 -+#undef __BSD_VISIBLE -+#endif -+ - #ifdef _WIN32 - #include <windows.h> - #include <winsock2.h> -@@ -57,9 +61,7 @@ - typedef void (*sig_t)(int); - typedef void sigtype; - #else --#define sig_t my_sig_t - #define sigtype krb5_sigtype --typedef sigtype (*sig_t)(); - #endif - - /* diff --git a/security/krb5-appl/files/patch-appl__telnet__telnetd__Makefile.in b/security/krb5-appl/files/patch-appl__telnet__telnetd__Makefile.in deleted file mode 100644 index 784cf5991d94..000000000000 --- a/security/krb5-appl/files/patch-appl__telnet__telnetd__Makefile.in +++ /dev/null @@ -1,11 +0,0 @@ ---- telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001 -+++ telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001 -@@ -24,7 +24,7 @@ - # @(#)Makefile.generic 5.5 (Berkeley) 3/1/91 - # - --AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -+AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\" - OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON - LOCALINCLUDES=-I.. -I$(srcdir)/.. - DEFINES = -DTELNET_BUFSIZE=65535 $(AUTH_DEF) $(OTHERDEFS) diff --git a/security/krb5-appl/files/patch-appl__telnet__telnetd__telnetd.8 b/security/krb5-appl/files/patch-appl__telnet__telnetd__telnetd.8 deleted file mode 100644 index fc9068bd71f4..000000000000 --- a/security/krb5-appl/files/patch-appl__telnet__telnetd__telnetd.8 +++ /dev/null @@ -1,22 +0,0 @@ ---- telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001 -+++ telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001 -@@ -43,7 +43,7 @@ - [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP] - [\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP] - [\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]] --[\fB\-debug\fP [\fIport\fP]] -+[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP] - .SH DESCRIPTION - The - .B telnetd -@@ -221,6 +221,10 @@ - in response to a - .SM DO TIMING-MARK) - for kludge linemode support. -+.TP -+\fB\-L\fP \fIloginpath\fP -+Specify pathname to an alternative login program. Default: /usr/bin/login. -+KRB5_HOME/sbin/login.krb5 may be specified. - .TP - .B \-l - Specifies line mode. Tries to force clients to use line-at-a-time diff --git a/security/krb5-appl/files/patch-appl__telnet__telnetd__utility.c b/security/krb5-appl/files/patch-appl__telnet__telnetd__utility.c deleted file mode 100644 index 2e754e7294ba..000000000000 --- a/security/krb5-appl/files/patch-appl__telnet__telnetd__utility.c +++ /dev/null @@ -1,38 +0,0 @@ ---- telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002 -+++ telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002 -@@ -408,18 +408,25 @@ - int - netwrite(const char *buf, size_t len) - { -- size_t remain; -+ int remaining, copied; -+ -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ while (len > 0) { -+ /* Free up enough space if the room is too low*/ -+ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) { -+ netflush(); -+ remaining = BUFSIZ - (nfrontp - netobuf); -+ } - -- remain = sizeof(netobuf) - (nfrontp - netobuf); -- if (remain < len) { -- netflush(); -- remain = sizeof(netobuf) - (nfrontp - netobuf); -+ /* Copy out as much as will fit */ -+ copied = remaining > len ? len : remaining; -+ memmove(nfrontp, buf, copied); -+ nfrontp += copied; -+ len -= copied; -+ remaining -= copied; -+ buf += copied; - } -- if (remain < len) -- return 0; -- memcpy(nfrontp, buf, len); -- nfrontp += len; -- return len; -+ return copied; - } - - /* diff --git a/security/krb5-appl/files/patch-bsd-krlogind.c b/security/krb5-appl/files/patch-bsd-krlogind.c deleted file mode 100644 index a7afaf09e7c3..000000000000 --- a/security/krb5-appl/files/patch-bsd-krlogind.c +++ /dev/null @@ -1,26 +0,0 @@ ---- bsd/krlogind.c.orig 2009-11-21 12:29:19.000000000 -0800 -+++ bsd/krlogind.c 2011-08-31 21:05:10.318698837 -0700 -@@ -236,6 +236,9 @@ - #ifdef HAVE_UTMP_H - #include <utmp.h> - #endif -+#ifdef HAVE_UTMPX_H -+#include <utmpx.h> -+#endif - - int non_privileged = 0; /* set when connection is seen to be from */ - /* a non-privileged port */ -@@ -275,8 +278,13 @@ - #define MAX_PROG_NAME 16 - - #ifndef UT_NAMESIZE /* linux defines it directly in <utmp.h> */ -+#ifdef HAVE_UTMP_H - #define UT_NAMESIZE sizeof(((struct utmp *)0)->ut_name) - #endif -+#ifdef HAVE_UTMPX_H -+#define UT_NAMESIZE sizeof(((struct utmpx *)0)->ut_user) -+#endif -+#endif - - #if HAVE_ARPA_NAMESER_H - #include <arpa/nameser.h> diff --git a/security/krb5-appl/files/patch-bsd-krshd.c b/security/krb5-appl/files/patch-bsd-krshd.c deleted file mode 100644 index f15bf6c523a5..000000000000 --- a/security/krb5-appl/files/patch-bsd-krshd.c +++ /dev/null @@ -1,13 +0,0 @@ ---- bsd/krshd.c.orig 2011-07-11 12:31:31.000000000 -0700 -+++ bsd/krshd.c 2011-11-16 13:01:40.184757547 -0800 -@@ -174,6 +174,10 @@ - #ifdef HAVE_UTMP_H - #include <utmp.h> - #endif -+#ifdef HAVE_UTMPX_H -+#include <utmpx.h> -+#define UT_NAMESIZE sizeof(((struct utmpx *)0)->ut_user) -+#endif - - #ifndef UT_NAMESIZE /* linux defines it directly in <utmp.h> */ - #define UT_NAMESIZE sizeof(((struct utmp *)0)->ut_name) diff --git a/security/krb5-appl/files/patch-bsd__login.c b/security/krb5-appl/files/patch-bsd__login.c deleted file mode 100644 index 15a341cdaf59..000000000000 --- a/security/krb5-appl/files/patch-bsd__login.c +++ /dev/null @@ -1,120 +0,0 @@ ---- bsd/login.c.orig 2009-11-21 12:29:19.000000000 -0800 -+++ bsd/login.c 2011-08-31 21:56:02.581035877 -0700 -@@ -86,7 +86,12 @@ - #include <netdb.h> - - #include <time.h> -+#ifdef HAVE_UTMP_H - #include <utmp.h> -+#endif -+#ifdef HAVE_UTMPX_H -+#include <utmpx.h> -+#endif - #include <signal.h> - - #include <assert.h> -@@ -225,8 +230,13 @@ - #endif - #ifndef UT_NAMESIZE - /* linux defines it directly in <utmp.h> */ -+#ifdef HAVE_UTMP_H - #define UT_NAMESIZE sizeof(((struct utmp *)0)->ut_name) - #endif -+#ifdef HAVE_UTMPX_H -+#define UT_NAMESIZE sizeof(((struct utmpx *)0)->ut_user) -+#endif -+#endif - - #ifndef HAVE_SETPRIORITY - /* if we don't have it, punt it cleanly */ -@@ -964,19 +974,6 @@ - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - } - -- /* Policy: If local password is good, user is good. -- We really can't trust the Kerberos password, -- because somebody on the net could spoof the -- Kerberos server (not easy, but possible). -- Some sites might want to use it anyways, in -- which case they should change this line -- to: -- if (kpass_ok) -- */ -- -- if (lpass_ok) -- break; -- - if (got_v5_tickets) { - retval = krb5_verify_init_creds(kcontext, &my_creds, NULL, - NULL, &xtra_creds, -@@ -993,6 +990,9 @@ - } - } - -+ if (lpass_ok) -+ break; -+ - bad_login: - setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); - -@@ -1250,21 +1250,23 @@ - /* set up credential cache -- obeying KRB5_ENV_CCNAME - set earlier */ - /* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */ -- if ((retval = krb5_cc_default(kcontext, &ccache))) { -+ if ((retval = krb5_cc_default(kcontext, &ccache))) - com_err(argv[0], retval, "while getting default ccache"); -- } else if ((retval = krb5_cc_initialize(kcontext, ccache, me))) { -- com_err(argv[0], retval, "when initializing cache"); -- } else if ((retval = krb5_cc_store_cred(kcontext, ccache, -- &my_creds))) { -- com_err(argv[0], retval, "while storing credentials"); -- } else if (xtra_creds && -- (retval = krb5_cc_copy_creds(kcontext, xtra_creds, -- ccache))) { -- com_err(argv[0], retval, "while storing credentials"); -+ else { -+ if (retval = krb5_cc_initialize(kcontext, ccache, me)) -+ com_err(argv[0], retval, "when initializing cache"); -+ else { -+ if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds)) -+ com_err(argv[0], retval, "while storing credentials"); -+ else { -+ if (xtra_creds && -+ (retval = krb5_cc_copy_creds(kcontext, xtra_creds, ccache))) { -+ com_err(argv[0], retval, "while storing credentials"); -+ krb5_cc_destroy(kcontext, xtra_creds); -+ } -+ } -+ } - } -- -- if (xtra_creds) -- krb5_cc_destroy(kcontext, xtra_creds); - } else if (forwarded_v5_tickets && rewrite_ccache) { - if ((retval = krb5_cc_initialize (kcontext, ccache, me))) { - syslog(LOG_ERR, -@@ -1322,6 +1324,7 @@ - - if (ccname) - setenv("KRB5CCNAME", ccname, 1); -+ krb5_cc_set_default_name(kcontext, ccname); - - setenv("HOME", pwd->pw_dir, 1); - setenv("PATH", LPATH, 0); -@@ -1652,6 +1655,7 @@ - int quiet; - char *tty; - { -+#if !(defined(__FreeBSD_version)) || (defined(__FreeBSD_version) && (__FreeBSD_version <= 900007)) - #if defined(HAVE_LASTLOG_H) || (defined(BSD) && (BSD >= 199103)) - struct lastlog ll; - time_t lltime; -@@ -1692,6 +1696,7 @@ - (void)close(fd); - } - #endif -+#endif - } - - #undef UNKNOWN diff --git a/security/krb5-appl/files/patch-gssftp__ftpd__ftpd.c b/security/krb5-appl/files/patch-gssftp__ftpd__ftpd.c deleted file mode 100644 index a8860362805b..000000000000 --- a/security/krb5-appl/files/patch-gssftp__ftpd__ftpd.c +++ /dev/null @@ -1,17 +0,0 @@ ---- gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002 -+++ gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002 -@@ -487,7 +487,13 @@ - #ifndef LOG_DAEMON - #define LOG_DAEMON 0 - #endif -- openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON); -+ -+#ifndef LOG_FTP -+#define FACILITY LOG_DAEMON -+#else -+#define FACILITY LOG_FTP -+#endif -+ openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY); - - addrlen = sizeof (his_addr); - if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) { diff --git a/security/krb5-appl/files/patch-gssftp__ftpd__logwtmp.c b/security/krb5-appl/files/patch-gssftp__ftpd__logwtmp.c deleted file mode 100644 index 997041c77f9e..000000000000 --- a/security/krb5-appl/files/patch-gssftp__ftpd__logwtmp.c +++ /dev/null @@ -1,19 +0,0 @@ -*** gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998 ---- gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998 -*************** -*** 66,72 **** - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); ---- 66,72 ---- - struct stat buf; - time_t time(); - -! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (fstat(fd, &buf) == 0) { - (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); diff --git a/security/krb5-appl/files/patch-libpty-logwtmp.c b/security/krb5-appl/files/patch-libpty-logwtmp.c deleted file mode 100644 index b6af12eb74c6..000000000000 --- a/security/krb5-appl/files/patch-libpty-logwtmp.c +++ /dev/null @@ -1,16 +0,0 @@ ---- libpty/logwtmp.c.orig 2009-11-05 12:15:06.000000000 -0800 -+++ libpty/logwtmp.c 2011-08-31 20:37:06.438225202 -0700 -@@ -104,8 +104,13 @@ - ut.ut_host[sizeof(ut.ut_host) - 1] = '\0'; - #endif - strncpy(ut.ut_line, tty, sizeof(ut.ut_line)); -+#ifdef HAVE_UTMPX_H -+ strncpy(ut.ut_user, user, sizeof(ut.ut_user)); -+ return ptyint_update_wtmpx(&utx); -+#else - strncpy(ut.ut_name, user, sizeof(ut.ut_name)); - return ptyint_update_wtmp(&ut); -+#endif - - #endif /* !HAVE_LOGWTMP */ - } diff --git a/security/krb5-appl/files/patch-libpty-update_wtmp.c b/security/krb5-appl/files/patch-libpty-update_wtmp.c deleted file mode 100644 index 8aa80234fc9e..000000000000 --- a/security/krb5-appl/files/patch-libpty-update_wtmp.c +++ /dev/null @@ -1,65 +0,0 @@ ---- libpty/update_wtmp.c.orig 2009-11-05 12:15:06.000000000 -0800 -+++ libpty/update_wtmp.c 2011-08-31 20:51:26.695908790 -0700 -@@ -50,8 +50,13 @@ - ptyint_update_wtmpx(struct utmpx *ent) - { - #if !(defined(HAVE_UPDWTMPX) && defined(WTMPX_FILE)) -+#ifdef HAVE_UTMPX_H -+ struct utmpx ut; -+#endif -+#ifdef HAVE_UTMP_H - struct utmp ut; - #endif -+#endif - - #if defined(HAVE_UPDWTMPX) && defined(WTMPX_FILE) - updwtmpx(WTMPX_FILE, ent); -@@ -62,9 +67,17 @@ - getutmp(ent, &ut); - #else /* Emulate getutmp(). Yuck. */ - memset(&ut, 0, sizeof(ut)); -+#ifdef HAVE_UTMPX_H -+ strncpy(ut.ut_user, ent->ut_user, sizeof(ut.ut_user)); -+#else - strncpy(ut.ut_name, ent->ut_user, sizeof(ut.ut_name)); -+#endif - strncpy(ut.ut_line, ent->ut_line, sizeof(ut.ut_line)); -+#ifdef HAVE_UTMPX_H -+ ut.ut_tv.tv_sec = ent->ut_tv.tv_sec; -+#else - ut.ut_time = ent->ut_tv.tv_sec; -+#endif - #ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(ut.ut_host, ent->ut_host, sizeof(ut.ut_host)); - ut.ut_host[sizeof(ut.ut_host) - 1] = '\0'; -@@ -88,7 +101,11 @@ - #endif - #endif /* !HAVE_GETUTMP */ - -+#ifdef HAVE_UTMP_H - return ptyint_update_wtmp(&ut); -+#else -+ return 0; -+#endif - #endif /* !(defined(WTMPX_FILE) && defined(HAVE_UPDWTMPX)) */ - } - -@@ -97,8 +114,13 @@ - #if !(defined(WTMPX_FILE) && defined(HAVE_UPDWTMPX)) \ - || !defined(HAVE_SETUTXENT) - -+#ifdef HAVE_UTMP_H - long - ptyint_update_wtmp(struct utmp *ent) -+#ifdef HAVE_SETUTXENT -+long ptyint_update_wtmpx(struct utmpx *utx); -+#endif -+ - { - #ifndef HAVE_UPDWTMP - int fd; -@@ -123,3 +145,4 @@ - } - - #endif -+#endif diff --git a/security/krb5-appl/files/patch-libpty__getpty.c b/security/krb5-appl/files/patch-libpty__getpty.c deleted file mode 100644 index 262474d0b4a7..000000000000 --- a/security/krb5-appl/files/patch-libpty__getpty.c +++ /dev/null @@ -1,50 +0,0 @@ ---- libpty/getpty.c.orig 2009-11-05 12:15:06.000000000 -0800 -+++ libpty/getpty.c 2010-04-21 21:36:45.637180364 -0700 -@@ -23,13 +23,26 @@ - #include "pty-int.h" - #include <k5-platform.h> - -+#ifdef __FreeBSD__ -+#define PTYCHARS1 "pqrsPQRS" -+#define PTYCHARS2 "0123456789abcdefghijklmnopqrstuv" -+#endif -+ -+#ifndef PTYCHARS1 -+#define PTYCHARS1 "pqrstuvwxyzPQRST" -+#endif -+ -+#ifndef PTYCHARS2 -+#define PTYCHARS2 "0123456789abcdef" -+#endif -+ - long - ptyint_getpty_ext(int *fd, char *slave, size_t slavelength, int do_grantpt) - { -+ int ptynum; -+ char *cp1, *cp2; - #if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY) -- char *cp; - char *p; -- int i,ptynum; - struct stat stb; - char slavebuf[1024]; - #endif -@@ -112,14 +125,14 @@ - strncpy(slave, slavebuf, slavelength); - return 0; - } else { -- for (cp = "pqrstuvwxyzPQRST";*cp; cp++) { -+ for (cp1 = PTYCHARS1; *cp1 != '\0'; cp1++) { - snprintf(slavebuf,sizeof(slavebuf),"/dev/ptyXX"); -- slavebuf[sizeof("/dev/pty") - 1] = *cp; -+ slavebuf[sizeof("/dev/pty") - 1] = *cp1; - slavebuf[sizeof("/dev/ptyp") - 1] = '0'; - if (stat(slavebuf, &stb) < 0) - break; -- for (i = 0; i < 16; i++) { -- slavebuf[sizeof("/dev/ptyp") - 1] = "0123456789abcdef"[i]; -+ for (cp2 = PTYCHARS2; *cp2 != '\0'; cp2++) { -+ slavebuf[sizeof("/dev/ptyp") - 1] = *cp2; - *fd = open(slavebuf, O_RDWR); - if (*fd < 0) continue; - diff --git a/security/krb5-appl/files/patch-telnet__telnet__Makefile.in b/security/krb5-appl/files/patch-telnet__telnet__Makefile.in deleted file mode 100644 index 915db004a33f..000000000000 --- a/security/krb5-appl/files/patch-telnet__telnet__Makefile.in +++ /dev/null @@ -1,10 +0,0 @@ ---- telnet/telnet/Makefile.in.orig Sat Dec 18 10:47:05 1999 -+++ telnet/telnet/Makefile.in Sat Dec 18 10:47:13 1999 -@@ -58,7 +58,6 @@ - $(INSTALL_DATA) $(srcdir)/$$f.1 \ - ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ - done -- $(INSTALL_DATA) $(srcdir)/tmac.doc ${DESTDIR}$(CLIENT_MANDIR)/tmac.doc - - authenc.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) - commands.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) diff --git a/security/krb5-appl/pkg-descr b/security/krb5-appl/pkg-descr deleted file mode 100644 index 0c75f989b418..000000000000 --- a/security/krb5-appl/pkg-descr +++ /dev/null @@ -1,24 +0,0 @@ -Kerberos V5 is an authentication system developed at MIT. -This package/port contains the applications which used to be in the -MIT Kerberos distribution. -Abridged from the User Guide: - Under Kerberos, a client sends a request for a ticket to the - Key Distribution Center (KDC). The KDC creates a ticket-granting - ticket (TGT) for the client, encrypts it using the client's - password as the key, and sends the encrypted TGT back to the - client. The client then attempts to decrypt the TGT, using - its password. If the client successfully decrypts the TGT, it - keeps the decrypted TGT, which indicates proof of the client's - identity. The TGT permits the client to obtain additional tickets, - which give permission for specific services. - Since Kerberos negotiates authenticated, and optionally encrypted, - communications between two points anywhere on the internet, it - provides a layer of security that is not dependent on which side of a - firewall either client is on. - The Kerberos V5 package is designed to be easy to use. Most of the - commands are nearly identical to UNIX network programs you are already - used to. Kerberos V5 is a single-sign-on system, which means that you - have to type your password only once per session, and Kerberos does - the authenticating and encrypting transparently. - -Jacques Vidrine <n@nectar.com> diff --git a/security/krb5-appl/pkg-plist b/security/krb5-appl/pkg-plist deleted file mode 100644 index 00b827c04578..000000000000 --- a/security/krb5-appl/pkg-plist +++ /dev/null @@ -1,20 +0,0 @@ -bin/%%FTP_PROG%% -bin/%%RCP_PROG%% -bin/%%RLOGIN_PROG%% -bin/%%RSH_PROG%% -bin/%%TELNET_PROG%% -man/man1/%%RSH_PROG%%.1.gz -man/man1/%%RCP_PROG%%.1.gz -man/man1/%%RLOGIN_PROG%%.1.gz -man/man1/%%FTP_PROG%%.1.gz -man/man1/%%TELNET_PROG%%.1.gz -man/man8/kshd.8.gz -man/man8/klogind.8.gz -man/man8/login.krb5.8.gz -man/man8/%%FTP_PROG%%d.8.gz -man/man8/%%TELNET_PROG%%d.8.gz -sbin/%%FTP_PROG%%d -sbin/klogind -sbin/kshd -sbin/login.krb5 -sbin/%%TELNET_PROG%%d |