From 7efc0cfc3df390f3ea64519946a0fd361d1c0f62 Mon Sep 17 00:00:00 2001 From: salo Date: Fri, 13 May 2005 10:08:52 +0000 Subject: Pullup ticket 444 - requested by Johnny C. Lam security update for mit-krb5 Revisions pulled up: - pkgsrc/security/mit-krb5/Makefile 1.17-1.18, 1.20 - pkgsrc/security/mit-krb5/PLIST 1.6-1.8 - pkgsrc/security/mit-krb5/buildlink3.mk 1.4 - pkgsrc/security/mit-krb5/distinfo 1.9-1.10 - pkgsrc/security/mit-krb5/files/kadmind.sh 1.2 - pkgsrc/security/mit-krb5/files/kdc.sh 1.2 - pkgsrc/security/mit-krb5/patches/patch-aa 1.2 - pkgsrc/security/mit-krb5/patches/patch-ab 1.2 - pkgsrc/security/mit-krb5/patches/patch-ac 1.2 - pkgsrc/security/mit-krb5/patches/patch-ad 1.2 - pkgsrc/security/mit-krb5/patches/patch-ae 1.2 - pkgsrc/security/mit-krb5/patches/patch-af 1.3 - pkgsrc/security/mit-krb5/patches/patch-ag 1.3 - pkgsrc/security/mit-krb5/patches/patch-ai removed - pkgsrc/security/mit-krb5/patches/patch-aj 1.2 - pkgsrc/security/mit-krb5/patches/patch-ak 1.1 - pkgsrc/security/mit-krb5/patches/patch-al 1.1 Module Name: pkgsrc Committed By: jlam Date: Sun Apr 10 07:15:25 UTC 2005 Modified Files: pkgsrc/security/mit-krb5: Makefile PLIST distinfo pkgsrc/security/mit-krb5/files: kadmind.sh kdc.sh pkgsrc/security/mit-krb5/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-aj Added Files: pkgsrc/security/mit-krb5/patches: patch-ak Removed Files: pkgsrc/security/mit-krb5/patches: patch-ai Log Message: Updated security/mit-krb5 to krb5-1.4. Changes from version 1.3.6 include: * Merged Athena telnetd changes for creating a new option for requiring encryption. * Add implementation of the RPCSEC_GSS authentication flavor to the RPC library. * The kadmind4 backwards-compatibility admin server and the v5passwdd backwards-compatibility password-changing server have been removed. * Thread safety for krb5 libraries. * Yarrow code now uses AES. * Merged Athena changes to allow ftpd to require encrypted passwords. * Incorporate gss_krb5_set_allowable_enctypes() and gss_krb5_export_lucid_sec_context(), which are needed for NFSv4. * Fix heap buffer overflow in password history mechanism. [MITKRB5-SA-2004-004] --- Module Name: pkgsrc Committed By: jlam Date: Sun Apr 10 07:45:31 UTC 2005 Modified Files: pkgsrc/security/mit-krb5: PLIST Log Message: Remove the examples directory on deinstallation. --- Module Name: pkgsrc Committed By: jlam Date: Sun Apr 10 07:46:51 UTC 2005 Modified Files: pkgsrc/security/mit-krb5: Makefile distinfo Added Files: pkgsrc/security/mit-krb5/patches: patch-al Log Message: Patch from http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt which fixes MITKRB5-SA-2005-001 (CAN-2005-0468 & CAN-2005-0469) relating to buffer overflows in the telnet client. Bump PKGREVISION to 1. --- Module Name: pkgsrc Committed By: jlam Date: Mon Apr 11 22:44:54 UTC 2005 Modified Files: pkgsrc/security/mit-krb5: PLIST Log Message: The FTP daemon is always named "kftpd" regardless of whether prefix-cmds is a PKG_OPTION. --- Module Name: pkgsrc Committed By: jlam Date: Thu Apr 14 23:07:55 UTC 2005 Modified Files: pkgsrc/security/mit-krb5: Makefile Log Message: Remove unused section... MIT krb5 apparently now detects NetBSD's utmpx implementation correctly on NetBSD>=2.0. --- Module Name: pkgsrc Committed By: salo Date: Sat Apr 16 14:32:53 UTC 2005 Modified Files: pkgsrc/security/mit-krb5: buildlink3.mk Log Message: Bump BUILDLINK_RECOMMENDED for latest security fix. (hi jlam!) --- security/mit-krb5/Makefile | 30 +++++------- security/mit-krb5/PLIST | 29 ++++++++++-- security/mit-krb5/buildlink3.mk | 4 +- security/mit-krb5/distinfo | 27 +++++------ security/mit-krb5/files/kadmind.sh | 15 ++---- security/mit-krb5/files/kdc.sh | 15 ++---- security/mit-krb5/patches/patch-aa | 20 ++++---- security/mit-krb5/patches/patch-ab | 8 ++-- security/mit-krb5/patches/patch-ac | 10 ++-- security/mit-krb5/patches/patch-ad | 62 ++++++++++++------------ security/mit-krb5/patches/patch-ae | 15 +++--- security/mit-krb5/patches/patch-af | 56 ++++++++++++---------- security/mit-krb5/patches/patch-ag | 19 ++++---- security/mit-krb5/patches/patch-ai | 13 ------ security/mit-krb5/patches/patch-aj | 6 +-- security/mit-krb5/patches/patch-ak | 22 +++++++++ security/mit-krb5/patches/patch-al | 96 ++++++++++++++++++++++++++++++++++++++ 17 files changed, 280 insertions(+), 167 deletions(-) delete mode 100644 security/mit-krb5/patches/patch-ai create mode 100644 security/mit-krb5/patches/patch-ak create mode 100644 security/mit-krb5/patches/patch-al (limited to 'security') diff --git a/security/mit-krb5/Makefile b/security/mit-krb5/Makefile index 21803d257cc..84588fd2fbc 100644 --- a/security/mit-krb5/Makefile +++ b/security/mit-krb5/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.16 2004/12/28 02:47:49 reed Exp $ +# $NetBSD: Makefile,v 1.16.2.1 2005/05/13 10:08:52 salo Exp $ -DISTNAME= krb5-1.3.6 +DISTNAME= krb5-1.4 PKGNAME= mit-${DISTNAME:S/-signed$//} PKGREVISION= 1 CATEGORIES= security -MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/1.3/ +MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/1.4/ DISTFILES= ${DISTNAME}-signed${EXTRACT_SUFX} EXTRACT_SUFX= .tar @@ -44,14 +44,6 @@ CONFIGURE_ARGS+= --without-krb4 CONFIGURE_ARGS+= --without-tcl MAKE_ENV+= ROOT_USER=${ROOT_USER} -# XXX Force using the BSD utmp interface on NetBSD until the configure -# XXX scripts can be taught how to properly detect our utmpx -# XXX implementation. -# -.if ${OPSYS} == "NetBSD" -CONFIGURE_ENV+= ac_cv_func_setutent=no -.endif - .if defined(KERBEROS_PREFIX_CMDS) && !empty(KERBEROS_PREFIX_CMDS:M[yY][eE][sS]) PKG_DEFAULT_OPTIONS+= prefix-cmds .endif @@ -82,7 +74,7 @@ CONFIGURE_ARGS+= --program-transform-name="${MIT_KRB5_TRANSFORM}" # SUBST_CLASSES+= mit-krb5 SUBST_STAGE.mit-krb5= pre-configure -SUBST_FILES.mit-krb5= include/krb5/stock/osconf.h +SUBST_FILES.mit-krb5= appl/bsd/Makefile.in include/krb5/stock/osconf.h SUBST_SED.mit-krb5= -e "/KRB5_PATH_RLOGIN/s,/rlogin,/${KRB5_PREFIX}rlogin,g" INFO_FILES= krb425.info krb5-admin.info krb5-install.info krb5-user.info @@ -92,7 +84,9 @@ OWN_DIRS_PERMS= ${MIT_KRB5_STATEDIR}/krb5kdc \ ${ROOT_USER} ${ROOT_GROUP} 0700 RCD_SCRIPTS= kadmind kdc -INSTALLATION_DIRS= bin info lib sbin +INSTALLATION_DIRS= bin include/gssapi include/gssrpc info lib \ + man/man1 man/man5 man/man8 sbin \ + share/examples/krb5 # The MIT krb5 distribution is actually a tar file that contains the # real .tar.gz distfile and a PGP signature. @@ -110,11 +104,11 @@ pre-configure: done post-install: - cd ${WRKSRC}/../doc; for info in ${INFO_FILES}; do \ - ${INSTALL_MAN} $$info ${PREFIX}/${INFO_DIR} ; \ - for file in $$info-[0-9]*; do \ - if [ -f "$$file" ]; then \ - ${INSTALL_MAN} $$file ${PREFIX}/${INFO_DIR}; \ + cd ${WRKSRC}/../doc; for i in ${INFO_FILES}; do \ + ${INSTALL_MAN} $$i ${PREFIX}/${INFO_DIR}; \ + for f in $$i-[0-9]*; do \ + if ${TEST} -f "$$f"; then \ + ${INSTALL_MAN} "$$f" ${PREFIX}/${INFO_DIR}; \ fi; \ done; \ done diff --git a/security/mit-krb5/PLIST b/security/mit-krb5/PLIST index 80fe8b2538d..c8477076135 100644 --- a/security/mit-krb5/PLIST +++ b/security/mit-krb5/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.5 2004/09/22 08:09:52 jlam Exp $ +@comment $NetBSD: PLIST,v 1.5.4.1 2005/05/13 10:08:52 salo Exp $ bin/compile_et bin/gss-client bin/kdestroy @@ -16,11 +16,26 @@ bin/kvno bin/sclient bin/sim_client bin/uuclient -bin/v5passwd include/com_err.h include/gssapi/gssapi.h include/gssapi/gssapi_generic.h include/gssapi/gssapi_krb5.h +include/gssrpc/auth.h +include/gssrpc/auth_gss.h +include/gssrpc/auth_gssapi.h +include/gssrpc/auth_unix.h +include/gssrpc/clnt.h +include/gssrpc/netdb.h +include/gssrpc/pmap_clnt.h +include/gssrpc/pmap_prot.h +include/gssrpc/pmap_rmt.h +include/gssrpc/rename.h +include/gssrpc/rpc.h +include/gssrpc/rpc_msg.h +include/gssrpc/svc.h +include/gssrpc/svc_auth.h +include/gssrpc/types.h +include/gssrpc/xdr.h include/krb5.h include/profile.h lib/libcom_err.la @@ -32,13 +47,14 @@ lib/libkadm5clnt.la lib/libkadm5srv.la lib/libkdb5.la lib/libkrb5.la -man/man1/compile_et.1 +lib/libkrb5support.la man/man1/kdestroy.1 man/man1/kerberos.1 man/man1/kftp.1 man/man1/kinit.1 man/man1/klist.1 man/man1/kpasswd.1 +man/man1/krb5-config.1 man/man1/krb5-send-pr.1 man/man1/${KRB5_PREFIX}rcp.1 man/man1/${KRB5_PREFIX}rlogin.1 @@ -47,7 +63,6 @@ man/man1/ksu.1 man/man1/${KRB5_PREFIX}telnet.1 man/man1/kvno.1 man/man1/sclient.1 -man/man1/v5passwd.1 man/man5/.k5login.5 man/man5/kdc.conf.5 man/man5/krb5.conf.5 @@ -85,10 +100,14 @@ sbin/login.krb5 sbin/sim_server sbin/sserver sbin/uuserver -sbin/v5passwdd share/et/et_c.awk share/et/et_h.awk +share/examples/krb5/kdc.conf +share/examples/krb5/krb5.conf +share/examples/krb5/services.append share/gnats/mit @dirrm share/gnats +@dirrm share/examples/krb5 @dirrm share/et +@dirrm include/gssrpc @dirrm include/gssapi diff --git a/security/mit-krb5/buildlink3.mk b/security/mit-krb5/buildlink3.mk index 6ed1a7590a7..6017c9fa2a5 100644 --- a/security/mit-krb5/buildlink3.mk +++ b/security/mit-krb5/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.3 2004/10/03 00:18:10 tv Exp $ +# $NetBSD: buildlink3.mk,v 1.3.4.1 2005/05/13 10:08:52 salo Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ MIT_KRB5_BUILDLINK3_MK:= ${MIT_KRB5_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= mit-krb5 .if !empty(MIT_KRB5_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.mit-krb5+= mit-krb5>=1.3.1 -BUILDLINK_RECOMMENDED.mit-krb5+= mit-krb5>=1.3.4nb3 +BUILDLINK_RECOMMENDED.mit-krb5+= mit-krb5>=1.4nb1 BUILDLINK_PKGSRCDIR.mit-krb5?= ../../security/mit-krb5 .endif # MIT_KRB5_BUILDLINK3_MK diff --git a/security/mit-krb5/distinfo b/security/mit-krb5/distinfo index 67b61ee4314..acb0fbf1705 100644 --- a/security/mit-krb5/distinfo +++ b/security/mit-krb5/distinfo @@ -1,15 +1,16 @@ -$NetBSD: distinfo,v 1.8 2005/02/24 13:10:08 agc Exp $ +$NetBSD: distinfo,v 1.8.2.1 2005/05/13 10:08:52 salo Exp $ -SHA1 (krb5-1.3.6-signed.tar) = 5d9c7a594a0fc972d220e5bc345e8680a89e7b6d -RMD160 (krb5-1.3.6-signed.tar) = baa36413ab629f2f7180043c4836d2c23553ae53 -Size (krb5-1.3.6-signed.tar) = 6533120 bytes -SHA1 (patch-aa) = 2f4e62e7c8cdee2f58f8dd5b385faea0253c0aa5 -SHA1 (patch-ab) = b9f2f54f9ecfe9eaa168bb68b695a454ac044b9d -SHA1 (patch-ac) = e1282a6f00e439d83444f5d8f81dceab863ab1d5 -SHA1 (patch-ad) = 819bfde3e63b70db6204d03fe22f33641b2a1568 -SHA1 (patch-ae) = 7e55b4e13b538ea44fe08d4db2e125c7c91c4d4b -SHA1 (patch-af) = 7c6799dcfa50a405e27119ede6763bda73e85462 -SHA1 (patch-ag) = aadf6c229815fb9780016644728f5cf615c075d8 +SHA1 (krb5-1.4-signed.tar) = fa354aaaeb5ac5039653ebd249b1e3f9273a7a29 +RMD160 (krb5-1.4-signed.tar) = 0231e55c56f3d6d20aee3ca1bcb77b0eeaeabaae +Size (krb5-1.4-signed.tar) = 6625280 bytes +SHA1 (patch-aa) = 17e0934ea2ef21b3457fba54cf3d1c36de2da479 +SHA1 (patch-ab) = 8d6904b80e8576085acbaa3ac0cd17824c7b301d +SHA1 (patch-ac) = d0777e6005cd1249c7c6406068973f6959d11302 +SHA1 (patch-ad) = 02d4b5b4a54f18d27ef73394dc7cb9cdcd791b25 +SHA1 (patch-ae) = fc6d5e11cd827cdfbe1bfc3a3c7ca9f5a71c17d7 +SHA1 (patch-af) = c9631743e3c93aee2aab5c8a370e9bebfc4084e5 +SHA1 (patch-ag) = 52a794b5fa0d1573bb2c9e7c4d233212d767d0e0 SHA1 (patch-ah) = 59a6bfc341a22234b38db406abe83b0d6d358a9f -SHA1 (patch-ai) = 51ebf1d271f1e399da1a8d2ed03ad10014414d35 -SHA1 (patch-aj) = 573d4b9cbffcf80635356e300eb88fe72de82667 +SHA1 (patch-aj) = 5c633571ea932ce349065cbb4c3bf482cc971675 +SHA1 (patch-ak) = 9d95372fd8edddbf0366e83a51d7a0b8a507f218 +SHA1 (patch-al) = dbfae9ee81ba7b0367bc874fe60d1c256f8c5cf1 diff --git a/security/mit-krb5/files/kadmind.sh b/security/mit-krb5/files/kadmind.sh index a4f4cc1fb65..e544045a733 100644 --- a/security/mit-krb5/files/kadmind.sh +++ b/security/mit-krb5/files/kadmind.sh @@ -1,24 +1,17 @@ #!@RCD_SCRIPTS_SHELL@ # -# $NetBSD: kadmind.sh,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +# $NetBSD: kadmind.sh,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ # # PROVIDE: kadmind # REQUIRE: kdc # BEFORE: SERVERS -if [ -f /etc/rc.subr ]; then - . /etc/rc.subr -fi +. /etc/rc.subr name="kadmind" rcvar=$name command="@PREFIX@/sbin/${name}" required_files="@PKG_SYSCONFDIR@/krb5.conf @MIT_KRB5_STATEDIR@/krb5kdc/kdc.conf" -if [ -f /etc/rc.subr ]; then - load_rc_config $name - run_rc_command "$1" -else - @ECHO@ -n " ${name}" - ${command} ${kadmind_flags} -fi +load_rc_config $name +run_rc_command "$1" diff --git a/security/mit-krb5/files/kdc.sh b/security/mit-krb5/files/kdc.sh index ea461dded63..c17a607252b 100644 --- a/security/mit-krb5/files/kdc.sh +++ b/security/mit-krb5/files/kdc.sh @@ -1,24 +1,17 @@ #!@RCD_SCRIPTS_SHELL@ # -# $NetBSD: kdc.sh,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +# $NetBSD: kdc.sh,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ # # PROVIDE: kdc # REQUIRE: NETWORKING # BEFORE: SERVERS -if [ -f /etc/rc.subr ]; then - . /etc/rc.subr -fi +. /etc/rc.subr name="kdc" rcvar=$name command="@PREFIX@/sbin/krb5kdc" required_files="@PKG_SYSCONFDIR@/krb5.conf @MIT_KRB5_STATEDIR@/krb5kdc/kdc.conf" -if [ -f /etc/rc.subr ]; then - load_rc_config $name - run_rc_command "$1" -else - @ECHO@ -n " ${name}" - ${command} ${kdc_flags} -fi +load_rc_config $name +run_rc_command "$1" diff --git a/security/mit-krb5/patches/patch-aa b/security/mit-krb5/patches/patch-aa index 9f050449075..b850bd12045 100644 --- a/security/mit-krb5/patches/patch-aa +++ b/security/mit-krb5/patches/patch-aa @@ -1,8 +1,8 @@ -$NetBSD: patch-aa,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +$NetBSD: patch-aa,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ ---- aclocal.m4.orig Wed May 28 00:06:24 2003 +--- aclocal.m4.orig 2005-01-14 19:10:44.000000000 -0500 +++ aclocal.m4 -@@ -970,8 +970,10 @@ dnl Pull in the necessary stuff to creat +@@ -1113,8 +1113,10 @@ dnl Pull in the necessary stuff to creat AC_DEFUN(KRB5_BUILD_LIBRARY, [KRB5_BUILD_LIBRARY_WITH_DEPS @@ -15,7 +15,7 @@ $NetBSD: patch-aa,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ dnl dnl KRB5_BUILD_LIBRARY_STATIC -@@ -1015,6 +1017,9 @@ AC_SUBST(SHLIBVEXT) +@@ -1162,6 +1164,9 @@ AC_SUBST(SHLIBVEXT) AC_SUBST(SHLIBSEXT) AC_SUBST(DEPLIBEXT) AC_SUBST(PFLIBEXT) @@ -25,7 +25,7 @@ $NetBSD: patch-aa,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ AC_SUBST(LIBINSTLIST)]) dnl -@@ -1028,6 +1033,7 @@ AC_SUBST(OBJLISTS) +@@ -1175,6 +1180,7 @@ AC_SUBST(OBJLISTS) AC_SUBST(STOBJEXT) AC_SUBST(SHOBJEXT) AC_SUBST(PFOBJEXT) @@ -33,7 +33,7 @@ $NetBSD: patch-aa,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ AC_SUBST(PICFLAGS) AC_SUBST(PROFFLAGS)]) -@@ -1077,6 +1083,8 @@ else +@@ -1226,6 +1232,8 @@ else LIBINSTLIST=install-static DEPLIBEXT=$STLIBEXT fi @@ -42,9 +42,9 @@ $NetBSD: patch-aa,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ # Check whether to build shared libraries. AC_ARG_ENABLE([shared], -@@ -1138,8 +1146,35 @@ fi], +@@ -1284,8 +1292,35 @@ else SHLIBSEXT=.so.s-nobuild - )dnl + fi +# Check whether to build libtool archives. +AC_ARG_ENABLE([pkgsrc-libtool], @@ -55,8 +55,8 @@ $NetBSD: patch-aa,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ + *) LIBTOOL=libtool ;; + esac + AC_MSG_RESULT([Enabling libtool archives.]) -+ LIBLIST='lib$(LIB)$(LALIBEXT)' -+ LIBLINKS='$(TOPLIBD)/lib$(LIB)$(LALIBEXT)' ++ LIBLIST='lib$(LIBBASE)$(LALIBEXT)' ++ LIBLINKS='$(TOPLIBD)/lib$(LIBBASE)$(LALIBEXT)' + OBJLISTS=OBJS.LA + LIBINSTLIST=install-libtool + DEPLIBEXT=$LALIBEXT diff --git a/security/mit-krb5/patches/patch-ab b/security/mit-krb5/patches/patch-ab index a97f70d71b7..379e2e71dab 100644 --- a/security/mit-krb5/patches/patch-ab +++ b/security/mit-krb5/patches/patch-ab @@ -1,8 +1,8 @@ -$NetBSD: patch-ab,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +$NetBSD: patch-ab,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ ---- appl/telnet/telnet/Makefile.in.orig Thu Aug 29 05:10:06 2002 +--- appl/telnet/telnet/Makefile.in.orig 2004-04-24 18:20:46.000000000 -0400 +++ appl/telnet/telnet/Makefile.in -@@ -45,8 +45,8 @@ OBJS= authenc.o commands.o main.o networ +@@ -47,8 +47,8 @@ OBJS= authenc.o commands.o main.o networ all:: telnet @@ -13,7 +13,7 @@ $NetBSD: patch-ab,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ clean:: $(RM) telnet -@@ -58,7 +58,6 @@ install:: +@@ -60,7 +60,6 @@ install:: $(INSTALL_DATA) $(srcdir)/$$f.1 \ ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ done diff --git a/security/mit-krb5/patches/patch-ac b/security/mit-krb5/patches/patch-ac index 5675a1a2a48..8dfeacaeca9 100644 --- a/security/mit-krb5/patches/patch-ac +++ b/security/mit-krb5/patches/patch-ac @@ -1,15 +1,15 @@ -$NetBSD: patch-ac,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +$NetBSD: patch-ac,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ ---- appl/telnet/telnetd/Makefile.in.orig Mon Jun 9 17:57:11 2003 +--- appl/telnet/telnetd/Makefile.in.orig 2004-09-22 18:59:45.000000000 -0400 +++ appl/telnet/telnetd/Makefile.in -@@ -58,8 +58,8 @@ OBJS= telnetd.o \ +@@ -60,8 +60,8 @@ OBJS= telnetd.o \ all:: telnetd -telnetd: $(OBJS) $(PTY_DEPLIB) $(KRB4COMPAT_DEPLIBS) ../libtelnet/libtelnet.a -- $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet.a $(PTY_LIB) $(KRB4COMPAT_LIBS) +- $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet.a $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) +telnetd: $(OBJS) $(PTY_DEPLIB) $(KRB4COMPAT_DEPLIBS) ../libtelnet/libtelnet$(DEPSTLIBEXT) -+ $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet$(DEPSTLIBEXT) $(PTY_LIB) $(KRB4COMPAT_LIBS) ++ $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet$(DEPSTLIBEXT) $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) clean:: $(RM) telnetd diff --git a/security/mit-krb5/patches/patch-ad b/security/mit-krb5/patches/patch-ad index d944a0d0fdd..c7d5c2e0912 100644 --- a/security/mit-krb5/patches/patch-ad +++ b/security/mit-krb5/patches/patch-ad @@ -1,6 +1,6 @@ -$NetBSD: patch-ad,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +$NetBSD: patch-ad,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ ---- config/lib.in.orig Fri Jan 10 00:55:18 2003 +--- config/lib.in.orig 2004-09-22 20:25:29.000000000 -0400 +++ config/lib.in @@ -26,8 +26,9 @@ # STOBJLISTS=dir1/OBJS.ST dir2/OBJS.ST etc... @@ -9,17 +9,17 @@ $NetBSD: patch-ad,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +LAOBJLISTS=$(STOBJLISTS:.ST=.LA) -dummy-target-1 $(SUBDIROBJLISTS) $(SUBDIROBJLISTS:.ST=.SH) $(SUBDIROBJLISTS:.ST=.PF): all-recurse -+dummy-target-1 $(SUBDIROBJLISTS) $(SUBDIROBJLISTS:.ST=.SH) $(SUBDIROBJLISTS:.ST=.PF) $(SUBDIROBJLISTS.ST=.LA): all-recurse ++dummy-target-1 $(SUBDIROBJLISTS) $(SUBDIROBJLISTS:.ST=.SH) $(SUBDIROBJLISTS:.ST=.PF) $(SUBDIROBJLISTS:.ST=.LA): all-recurse - lib$(LIB)$(STLIBEXT): $(STOBJLISTS) - $(RM) $@ -@@ -66,6 +67,17 @@ lib$(LIB)$(PFLIBEXT): $(PFOBJLISTS) - $$d/OBJS.PF; done` + # Gets invoked as $(PARSE_OBJLISTS) list-of-OBJS.*-files + PARSE_OBJLISTS= set -x && $(PERL) -p -e '$$e=$$ARGV; $$e =~ s/OBJS\...$$//; s/^/ /; s/ $$//; s/ / $$e/g;' +@@ -65,6 +66,17 @@ lib$(LIBBASE)$(PFLIBEXT): $(PFOBJLISTS) + set -x; objlist=`$(PARSE_OBJLISTS) $(PFOBJLISTS)` && $(AR) cq $@ $$objlist $(RANLIB) $@ -+lib$(LIB)$(LALIBEXT): $(LAOBJLISTS) ++lib$(LIBBASE)$(LALIBEXT): $(LAOBJLISTS) + $(RM) $@ -+ @echo "building $(LIB) libtool archive ($(LIBMAJOR).$(LIBMINOR))" ++ @echo "building $(LIBBASE) libtool archive ($(LIBMAJOR).$(LIBMINOR))" + @dirs=`echo $(LAOBJLISTS) | \ + sed -e 's%/OBJS.LA%%g' -e 's%OBJS.LA%.%'`; \ + $(LIBTOOL) --mode=link $(CC) -o $@ `for d in $$dirs; do \ @@ -28,42 +28,42 @@ $NetBSD: patch-ad,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ + $(LALIB_EXPFLAGS) \ + $(LIBTOOL_TAIL) + - $(TOPLIBD)/lib$(LIB)$(STLIBEXT): lib$(LIB)$(STLIBEXT) + $(TOPLIBD)/lib$(LIBBASE)$(STLIBEXT): lib$(LIBBASE)$(STLIBEXT) $(RM) $@ - (cd $(TOPLIBD) && $(LN_S) $(RELDIR)/lib$(LIB)$(STLIBEXT) .) -@@ -81,6 +93,9 @@ $(TOPLIBD)/lib$(LIB)$(SHLIBVEXT): lib$(L - $(TOPLIBD)/lib$(LIB)$(PFLIBEXT): lib$(LIB)$(PFLIBEXT) + (cd $(TOPLIBD) && $(LN_S) $(RELDIR)/lib$(LIBBASE)$(STLIBEXT) .) +@@ -80,6 +92,9 @@ $(TOPLIBD)/lib$(LIBBASE)$(SHLIBVEXT): li + $(TOPLIBD)/lib$(LIBBASE)$(PFLIBEXT): lib$(LIBBASE)$(PFLIBEXT) $(RM) $@ - (cd $(TOPLIBD) && $(LN_S) $(RELDIR)/lib$(LIB)$(PFLIBEXT) .) -+$(TOPLIBD)/lib$(LIB)$(LALIBEXT): lib$(LIB)$(LALIBEXT) + (cd $(TOPLIBD) && $(LN_S) $(RELDIR)/lib$(LIBBASE)$(PFLIBEXT) .) ++$(TOPLIBD)/lib$(LIBBASE)$(LALIBEXT): lib$(LIBBASE)$(LALIBEXT) + $(RM) $@ -+ (cd $(TOPLIBD) && $(LN_S) $(RELDIR)/lib$(LIB)$(LALIBEXT) .) ++ (cd $(TOPLIBD) && $(LN_S) $(RELDIR)/lib$(LIBBASE)$(LALIBEXT) .) all-libs: $(LIBLIST) all-liblinks: $(LIBLINKS) -@@ -91,6 +106,7 @@ clean-libs: - $(RM) lib$(LIB)$(SHLIBSEXT) - $(RM) lib$(LIB)$(SHLIBEXT) - $(RM) lib$(LIB)$(PFLIBEXT) -+ $(LIBTOOL) mode=uninstall $(RM) lib$(LIB)$(LALIBEXT) +@@ -90,6 +105,7 @@ clean-libs: + $(RM) lib$(LIBBASE)$(SHLIBSEXT) + $(RM) lib$(LIBBASE)$(SHLIBEXT) + $(RM) lib$(LIBBASE)$(PFLIBEXT) ++ $(LIBTOOL) --mode=uninstall $(RM) lib$(LIBBASE)$(LALIBEXT) + $(RM) binutils.versions osf1.exports clean-liblinks: - $(RM) $(TOPLIBD)/lib$(LIB)$(STLIBEXT) @@ -98,6 +114,7 @@ clean-liblinks: - $(RM) $(TOPLIBD)/lib$(LIB)$(SHLIBSEXT) - $(RM) $(TOPLIBD)/lib$(LIB)$(SHLIBEXT) - $(RM) $(TOPLIBD)/lib$(LIB)$(PFLIBEXT) -+ $(RM) $(TOPLIBD)/lib$(LIB)$(LALIBEXT) + $(RM) $(TOPLIBD)/lib$(LIBBASE)$(SHLIBSEXT) + $(RM) $(TOPLIBD)/lib$(LIBBASE)$(SHLIBEXT) + $(RM) $(TOPLIBD)/lib$(LIBBASE)$(PFLIBEXT) ++ $(RM) $(TOPLIBD)/lib$(LIBBASE)$(LALIBEXT) install-libs: $(LIBINSTLIST) install-static: @@ -118,6 +135,9 @@ install-profiled: - $(RM) $(DESTDIR)$(KRB5_LIBDIR)/lib$(LIB)$(PFLIBEXT) - $(INSTALL_DATA) lib$(LIB)$(PFLIBEXT) $(DESTDIR)$(KRB5_LIBDIR) - $(RANLIB) $(DESTDIR)$(KRB5_LIBDIR)/lib$(LIB)$(PFLIBEXT) + $(RM) $(DESTDIR)$(KRB5_LIBDIR)/lib$(LIBBASE)$(PFLIBEXT) + $(INSTALL_DATA) lib$(LIBBASE)$(PFLIBEXT) $(DESTDIR)$(KRB5_LIBDIR) + $(RANLIB) $(DESTDIR)$(KRB5_LIBDIR)/lib$(LIBBASE)$(PFLIBEXT) +install-libtool: -+ $(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(KRB5_LIBDIR)/lib$(LIB)$(LALIBEXT) -+ $(LIBTOOL) --mode=install $(INSTALL_DATA) lib$(LIB)$(LALIBEXT) $(DESTDIR)$(KRB5_LIBDIR) ++ $(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(KRB5_LIBDIR)/lib$(LIBBASE)$(LALIBEXT) ++ $(LIBTOOL) --mode=install $(INSTALL_DATA) lib$(LIBBASE)$(LALIBEXT) $(DESTDIR)$(KRB5_LIBDIR) Makefile: $(SRCTOP)/config/lib.in config.status: $(SRCTOP)/config/shlib.conf diff --git a/security/mit-krb5/patches/patch-ae b/security/mit-krb5/patches/patch-ae index 8720a5e345e..6fe2568d899 100644 --- a/security/mit-krb5/patches/patch-ae +++ b/security/mit-krb5/patches/patch-ae @@ -1,6 +1,6 @@ -$NetBSD: patch-ae,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ +$NetBSD: patch-ae,v 1.1.1.1.8.1 2005/05/13 10:08:52 salo Exp $ ---- config/libobj.in.orig Mon Mar 3 02:09:44 2003 +--- config/libobj.in.orig 2004-05-05 18:50:42.000000000 -0400 +++ config/libobj.in @@ -7,11 +7,13 @@ # STLIBOBJS list of .o objects; this must not contain variable @@ -9,7 +9,7 @@ $NetBSD: patch-ae,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ -.SUFFIXES: .c .so .po +.SUFFIXES: .c .so .po .lo .c.so: - $(CC) $(PICFLAGS) $(ALL_CFLAGS) -c $< -o $*.so.o && $(MV) $*.so.o $*.so + $(CC) $(PICFLAGS) -DSHARED $(ALL_CFLAGS) -c $< -o $*.so.o && $(MV) $*.so.o $*.so .c.po: $(CC) $(PROFFLAGS) $(ALL_CFLAGS) -c $< -o $*.po.o && $(MV) $*.po.o $*.po +.c.lo: @@ -17,19 +17,18 @@ $NetBSD: patch-ae,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ # rules to generate object file lists -@@ -24,10 +26,14 @@ OBJS.SH: $(SHLIBOBJS) - OBJS.PF: $(PFLIBOBJS) +@@ -24,10 +26,13 @@ OBJS.SH: $(SHLIBOBJS) Makefile + OBJS.PF: $(PFLIBOBJS) Makefile @echo $(PFLIBOBJS) > $@ -+OBJS.LA: $(LALIBOBJS) ++OBJS.LA: $(LALIBOBJS) Makefile + @echo $(LALIBOBJS) > $@ + all-libobjs: $(OBJLISTS) clean-libobjs: - $(RM) OBJS.ST OBJS.SH OBJS.PF $(STLIBOBJS) $(SHLIBOBJS) $(PFLIBOBJS) -+ $(RM) OBJS.ST OBJS.SH OBJS.PF OBJS.LA $(STLIBOBJS) $(SHLIBOBJS) $(PFLIBOBJS) -+ $(LIBTOOL) --mode=uninstall $(RM) $(LALIBOBJS) ++ $(RM) OBJS.ST OBJS.SH OBJS.PF OBJS.LA $(STLIBOBJS) $(SHLIBOBJS) $(PFLIBOBJS) $(LALIBOBJS) Makefile: $(SRCTOP)/config/libobj.in config.status: $(SRCTOP)/config/shlib.conf diff --git a/security/mit-krb5/patches/patch-af b/security/mit-krb5/patches/patch-af index de7681c6e8c..6d28f027917 100644 --- a/security/mit-krb5/patches/patch-af +++ b/security/mit-krb5/patches/patch-af @@ -1,20 +1,21 @@ -$NetBSD: patch-af,v 1.2 2004/03/30 20:17:42 jlam Exp $ +$NetBSD: patch-af,v 1.2.8.1 2005/05/13 10:08:52 salo Exp $ ---- config/pre.in.orig Fri Feb 13 16:36:22 2004 +--- config/pre.in.orig 2004-11-19 16:47:51.000000000 -0500 +++ config/pre.in -@@ -138,6 +138,7 @@ ALL_CFLAGS = $(DEFS) $(DEFINES) $(KRB_IN - CFLAGS = @CFLAGS@ +@@ -159,6 +159,7 @@ CFLAGS = @CFLAGS@ + PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ CPPFLAGS = @CPPFLAGS@ DEFS = @DEFS@ +LIBTOOL = @LIBTOOL@ CC = @CC@ LD = $(PURE) @LD@ DEPLIBS = @DEPLIBS@ -@@ -155,10 +156,12 @@ CLNTDEPLIBS = @CLNTDEPLIBS@ +@@ -176,11 +177,12 @@ CLNTDEPLIBS = @CLNTDEPLIBS@ INSTALL=@INSTALL@ INSTALL_STRIP= -INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP) +-INSTALL_SCRIPT=@INSTALL_PROGRAM@ +INSTALL_LIBTOOL=@INSTALL_LIBTOOL@ +INSTALL_PROGRAM=$(INSTALL_LIBTOOL) @INSTALL_PROGRAM@ $(INSTALL_STRIP) +INSTALL_SCRIPT=@INSTALL_SCRIPT@ @@ -25,7 +26,7 @@ $NetBSD: patch-af,v 1.2 2004/03/30 20:17:42 jlam Exp $ ## This is needed because autoconf will sometimes define @exec_prefix@ to be ## ${prefix}. prefix=@prefix@ -@@ -274,6 +277,10 @@ RPATH_FLAG=@RPATH_FLAG@ +@@ -298,6 +300,10 @@ RPATH_FLAG=@RPATH_FLAG@ # depending on whether we're building with shared libraries. DEPLIBEXT=@DEPLIBEXT@ @@ -36,23 +37,25 @@ $NetBSD: patch-af,v 1.2 2004/03/30 20:17:42 jlam Exp $ KADMCLNT_DEPLIB = $(TOPLIBD)/libkadm5clnt$(DEPLIBEXT) KADMSRV_DEPLIB = $(TOPLIBD)/libkadm5srv$(DEPLIBEXT) KDB5_DEPLIB = $(TOPLIBD)/libkdb5$(DEPLIBEXT) -@@ -290,12 +297,12 @@ COM_ERR_DEPLIB = $(COM_ERR_DEPLIB-@COM_E - COM_ERR_DEPLIB-sys = # empty - COM_ERR_DEPLIB-k5 = $(TOPLIBD)/libcom_err$(DEPLIBEXT) +@@ -316,13 +322,13 @@ COM_ERR_DEPLIB-k5 = $(TOPLIBD)/libcom_er + SUPPORT_LIBNAME=krb5support + SUPPORT_DEPLIB = $(TOPLIBD)/lib$(SUPPORT_LIBNAME)$(DEPLIBEXT) -# These are forced to use ".a" as an extension because they're never -+# These are forced to use "@DEPSTLIBEXT@" as an extension because they're never ++# These are forced to use "@DEPSTLIBEXT" as an extension because they're never # built shared. SS_DEPLIB = $(SS_DEPLIB-@SS_VERSION@) -SS_DEPLIB-k5 = $(TOPLIBD)/libss.a +SS_DEPLIB-k5 = $(TOPLIBD)/libss$(DEPSTLIBEXT) SS_DEPLIB-sys = -PTY_DEPLIB = $(TOPLIBD)/libpty.a +-APPUTILS_DEPLIB = $(TOPLIBD)/libapputils.a +PTY_DEPLIB = $(TOPLIBD)/libpty$(DEPSTLIBEXT) ++APPUTILS_DEPLIB = $(TOPLIBD)/libapputils$(DEPSTLIBEXT) - KRB5_BASE_DEPLIBS = $(KRB5_DEPLIB) $(CRYPTO_DEPLIB) $(COM_ERR_DEPLIB) + KRB5_BASE_DEPLIBS = $(KRB5_DEPLIB) $(CRYPTO_DEPLIB) $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB) KRB4COMPAT_DEPLIBS = $(KRB4_DEPLIB) $(DES425_DEPLIB) $(KRB5_BASE_DEPLIBS) -@@ -336,7 +343,7 @@ GEN_LIB = @GEN_LIB@ +@@ -363,7 +369,7 @@ GEN_LIB = @GEN_LIB@ SS_LIB = $(SS_LIB-@SS_VERSION@) SS_LIB-sys = @SS_LIB@ @@ -61,23 +64,17 @@ $NetBSD: patch-af,v 1.2 2004/03/30 20:17:42 jlam Exp $ KDB5_LIB = -lkdb5 DB_LIB = @DB_LIB@ KDB5_DB_LIB = @KDB5_DB_LIB@ -@@ -459,15 +466,23 @@ SHLIBEXT=@SHLIBEXT@ +@@ -494,6 +500,9 @@ SHLIBEXT=@SHLIBEXT@ # usually _p.a PFLIBEXT=@PFLIBEXT@ +# usually .la +LALIBEXT=@LALIBEXT@ + - # "cc -G", "ld -Bshareable", etc. - LDCOMBINE=@LDCOMBINE@ - - # Misc args to tack on the tail of LDCOMBINE - LDCOMBINE_TAIL=@LDCOMBINE_TAIL@ - -+# Args to tack on the tail of LIBTOOL to generate versioned, installable -+# libtool archives. -+LIBTOOL_TAIL=@LIBTOOL_TAIL@ -+ + # File with symbol names to be exported, both functions and data, + # currently not distinguished. + SHLIB_EXPORT_FILE=$(srcdir)/lib$(LIBBASE).exports +@@ -511,6 +520,7 @@ MAKE_SHLIB_COMMAND=@MAKE_SHLIB_COMMAND@ # flags for explicit libraries depending on this one, # e.g. "-R$(SHLIB_RPATH) $(SHLIB_SHLIB_DIRFLAGS) $(SHLIB_EXPLIBS)" SHLIB_EXPFLAGS=@SHLIB_EXPFLAGS@ @@ -85,7 +82,7 @@ $NetBSD: patch-af,v 1.2 2004/03/30 20:17:42 jlam Exp $ ## Parameters to be set by configure for use in libobj.in: -@@ -479,6 +494,7 @@ OBJLISTS=@OBJLISTS@ +@@ -522,6 +532,7 @@ OBJLISTS=@OBJLISTS@ # the suffix substitution will break on some platforms! SHLIBOBJS=$(STLIBOBJS:.o=@SHOBJEXT@) PFLIBOBJS=$(STLIBOBJS:.o=@PFOBJEXT@) @@ -93,3 +90,14 @@ $NetBSD: patch-af,v 1.2 2004/03/30 20:17:42 jlam Exp $ # "$(CC) -G", "$(LD) -Bshareable", etc. LDCOMBINE=@LDCOMBINE@ +@@ -529,6 +540,10 @@ LDCOMBINE=@LDCOMBINE@ + # "-h $@", "-h lib$(LIBNAME).$(LIBMAJOR)", etc. + SONAME=@SONAME@ + ++# Args to tack on the tail of LIBTOOL to generate versioned, installable ++# libtool archives. ++LIBTOOL_TAIL=@LIBTOOL_TAIL@ ++ + # + # rules to make various types of object files + # diff --git a/security/mit-krb5/patches/patch-ag b/security/mit-krb5/patches/patch-ag index 6cc570b5db1..2f0facd820b 100644 --- a/security/mit-krb5/patches/patch-ag +++ b/security/mit-krb5/patches/patch-ag @@ -1,26 +1,27 @@ -$NetBSD: patch-ag,v 1.2 2004/03/30 20:17:42 jlam Exp $ +$NetBSD: patch-ag,v 1.2.8.1 2005/05/13 10:08:52 salo Exp $ ---- config/shlib.conf.orig Fri Feb 13 16:36:22 2004 +--- config/shlib.conf.orig 2004-12-17 21:28:02.000000000 -0500 +++ config/shlib.conf -@@ -8,12 +8,14 @@ SHLIBVEXT=.so.v-nobuild +@@ -8,6 +8,7 @@ SHLIBVEXT=.so.v-nobuild SHLIBSEXT=.so.s-nobuild # Most systems support profiled libraries. PFLIBEXT=_p.a +LALIBEXT=.la # Most systems install shared libs as mode 644, etc. while hpux wants 755 INSTALL_SHLIB='$(INSTALL_DATA)' - + # +@@ -17,6 +18,7 @@ use_linker_fini_option=no STOBJEXT=.o SHOBJEXT=.so PFOBJEXT=.po +LAOBJEXT=.lo # Default for systems w/o shared libraries CC_LINK_STATIC='$(CC) $(PROG_LIBPATH) $(CFLAGS) $(LDFLAGS)' - -@@ -325,3 +327,8 @@ mips-*-netbsd*) - RUN_ENV='LIBPATH=`echo $(PROG_LIBPATH) | sed -e "s/-L//g" -e "s/ /:/g"`:$(PROG_RPATH):/usr/lib:/usr/local/lib; export LIBPATH; ' - - esac + # +@@ -377,3 +379,8 @@ if test "${MAKE_SHLIB_COMMAND}" = "x" ; + MAKE_SHLIB_COMMAND="${LDCOMBINE} -o \$@ \$\$objlist \$(SHLIB_EXPFLAGS) ${LDCOMBINE_TAIL}" + fi + fi + +# Settings for building with libtool. +CC_LINK_LIBTOOL='$(LIBTOOL) --mode=link '"$CC_LINK_SHARED" diff --git a/security/mit-krb5/patches/patch-ai b/security/mit-krb5/patches/patch-ai deleted file mode 100644 index e10e0a6845a..00000000000 --- a/security/mit-krb5/patches/patch-ai +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ai,v 1.1.1.1 2004/03/30 18:07:18 jlam Exp $ - ---- kadmin/cli/Makefile.in.orig Fri Feb 7 16:41:20 2003 -+++ kadmin/cli/Makefile.in -@@ -21,7 +21,7 @@ kadmin_ct.o: kadmin_ct.c - install:: - $(INSTALL_PROGRAM) $(PROG).local ${DESTDIR}$(ADMIN_BINDIR)/$(PROG).local - $(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG) -- $(INSTALL_PROGRAM) $(srcdir)/k5srvutil.sh ${DESTDIR}$(ADMIN_BINDIR)/k5srvutil -+ $(INSTALL_SCRIPT) $(srcdir)/k5srvutil.sh ${DESTDIR}$(ADMIN_BINDIR)/k5srvutil - $(INSTALL_DATA) $(srcdir)/k5srvutil.M ${DESTDIR}$(ADMIN_MANDIR)/k5srvutil.8 - $(INSTALL_DATA) $(srcdir)/$(PROG).M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).8 - $(INSTALL_DATA) $(srcdir)/$(PROG).local.M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).local.8 diff --git a/security/mit-krb5/patches/patch-aj b/security/mit-krb5/patches/patch-aj index aa8e5041fa6..0d79270b2e1 100644 --- a/security/mit-krb5/patches/patch-aj +++ b/security/mit-krb5/patches/patch-aj @@ -1,8 +1,8 @@ -$NetBSD: patch-aj,v 1.1 2004/03/30 19:10:08 jlam Exp $ +$NetBSD: patch-aj,v 1.1.8.1 2005/05/13 10:08:52 salo Exp $ ---- krb5-config.in.orig Thu Apr 3 14:29:09 2003 +--- krb5-config.in.orig 2004-12-16 16:28:13.000000000 -0500 +++ krb5-config.in -@@ -173,6 +173,7 @@ if test -n "$do_libs"; then +@@ -174,6 +174,7 @@ if test -n "$do_libs"; then # Ugly gross hack for our build tree lib_flags=`echo $CC_LINK | sed -e 's/\$(CC)//' \ -e 's/\$(PURE)//' \ diff --git a/security/mit-krb5/patches/patch-ak b/security/mit-krb5/patches/patch-ak new file mode 100644 index 00000000000..a4324209a4e --- /dev/null +++ b/security/mit-krb5/patches/patch-ak @@ -0,0 +1,22 @@ +$NetBSD: patch-ak,v 1.1.2.2 2005/05/13 10:08:52 salo Exp $ + +--- Makefile.in.orig 2004-12-15 15:28:30.000000000 -0500 ++++ Makefile.in +@@ -64,7 +64,7 @@ INSTALLMKDIRS = $(KRB5ROOT) $(KRB5MANROO + install-strip: + $(MAKE) install INSTALL_STRIP=-s + +-install-recurse: install-mkdirs ++install-recurse: + + install-mkdirs: + @for i in $(INSTALLMKDIRS); do \ +@@ -76,7 +76,7 @@ install-headers-mkdirs: + $(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/gssapi + $(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/gssrpc + $(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/kerberosIV +-install-headers-prerecurse: install-headers-mkdirs ++install-headers-prerecurse: + + # install:: + # $(MAKE) $(MFLAGS) install.man diff --git a/security/mit-krb5/patches/patch-al b/security/mit-krb5/patches/patch-al new file mode 100644 index 00000000000..55cf3165d87 --- /dev/null +++ b/security/mit-krb5/patches/patch-al @@ -0,0 +1,96 @@ +$NetBSD: patch-al,v 1.1.2.2 2005/05/13 10:08:52 salo Exp $ + +Patch from http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt +which fixes MITKRB5-SA-2005-001 (CAN-2005-0468 & CAN-2005-0469) relating +to buffer overflows in the telnet client. + +*** appl/telnet/telnet/telnet.c 15 Nov 2002 20:21:35 -0000 5.18 +--- appl/telnet/telnet/telnet.c 15 Mar 2005 18:59:32 -0000 +*************** +*** 1475,1480 **** +--- 1475,1482 ---- + unsigned char flags; + cc_t value; + { ++ if ((slc_replyp - slc_reply) + 6 > sizeof(slc_reply)) ++ return; + if ((*slc_replyp++ = func) == IAC) + *slc_replyp++ = IAC; + if ((*slc_replyp++ = flags) == IAC) +*************** +*** 1488,1498 **** + { + register int len; + +- *slc_replyp++ = IAC; +- *slc_replyp++ = SE; + len = slc_replyp - slc_reply; +! if (len <= 6) + return; + if (NETROOM() > len) { + ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply); + printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2); +--- 1490,1501 ---- + { + register int len; + + len = slc_replyp - slc_reply; +! if (len <= 4 || (len + 2 > sizeof(slc_reply))) + return; ++ *slc_replyp++ = IAC; ++ *slc_replyp++ = SE; ++ len += 2; + if (NETROOM() > len) { + ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply); + printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2); +*************** +*** 1645,1650 **** +--- 1648,1654 ---- + register unsigned char *ep; + { + register unsigned char *vp, c; ++ unsigned int len, olen, elen; + + if (opt_reply == NULL) /*XXX*/ + return; /*XXX*/ +*************** +*** 1662,1680 **** + return; + } + vp = env_getvalue(ep); +! if (opt_replyp + (vp ? strlen((char *)vp) : 0) + +! strlen((char *)ep) + 6 > opt_replyend) + { +! register unsigned int len; +! opt_replyend += OPT_REPLY_SIZE; +! len = opt_replyend - opt_reply; + opt_reply = (unsigned char *)realloc(opt_reply, len); + if (opt_reply == NULL) { + /*@*/ printf("env_opt_add: realloc() failed!!!\n"); + opt_reply = opt_replyp = opt_replyend = NULL; + return; + } +! opt_replyp = opt_reply + len - (opt_replyend - opt_replyp); + opt_replyend = opt_reply + len; + } + if (opt_welldefined((char *) ep)) +--- 1666,1684 ---- + return; + } + vp = env_getvalue(ep); +! elen = 2 * (vp ? strlen((char *)vp) : 0) + +! 2 * strlen((char *)ep) + 6; +! if ((opt_replyend - opt_replyp) < elen) + { +! len = opt_replyend - opt_reply + elen; +! olen = opt_replyp - opt_reply; + opt_reply = (unsigned char *)realloc(opt_reply, len); + if (opt_reply == NULL) { + /*@*/ printf("env_opt_add: realloc() failed!!!\n"); + opt_reply = opt_replyp = opt_replyend = NULL; + return; + } +! opt_replyp = opt_reply + olen; + opt_replyend = opt_reply + len; + } + if (opt_welldefined((char *) ep)) -- cgit v1.2.3