head 1.8; access; symbols pkgsrc-2014Q4:1.7.0.26 pkgsrc-2014Q4-base:1.7 pkgsrc-2014Q3:1.7.0.24 pkgsrc-2014Q3-base:1.7 pkgsrc-2014Q2:1.7.0.22 pkgsrc-2014Q2-base:1.7 pkgsrc-2014Q1:1.7.0.20 pkgsrc-2014Q1-base:1.7 pkgsrc-2013Q4:1.7.0.18 pkgsrc-2013Q4-base:1.7 pkgsrc-2013Q3:1.7.0.16 pkgsrc-2013Q3-base:1.7 pkgsrc-2013Q2:1.7.0.14 pkgsrc-2013Q2-base:1.7 pkgsrc-2013Q1:1.7.0.12 pkgsrc-2013Q1-base:1.7 pkgsrc-2012Q4:1.7.0.10 pkgsrc-2012Q4-base:1.7 pkgsrc-2012Q3:1.7.0.8 pkgsrc-2012Q3-base:1.7 pkgsrc-2012Q2:1.7.0.6 pkgsrc-2012Q2-base:1.7 pkgsrc-2012Q1:1.7.0.4 pkgsrc-2012Q1-base:1.7 pkgsrc-2011Q4:1.7.0.2 pkgsrc-2011Q4-base:1.7 pkgsrc-2011Q3:1.6.0.46 pkgsrc-2011Q3-base:1.6 pkgsrc-2011Q2:1.6.0.44 pkgsrc-2011Q2-base:1.6 pkgsrc-2011Q1:1.6.0.42 pkgsrc-2011Q1-base:1.6 pkgsrc-2010Q4:1.6.0.40 pkgsrc-2010Q4-base:1.6 pkgsrc-2010Q3:1.6.0.38 pkgsrc-2010Q3-base:1.6 pkgsrc-2010Q2:1.6.0.36 pkgsrc-2010Q2-base:1.6 pkgsrc-2010Q1:1.6.0.34 pkgsrc-2010Q1-base:1.6 pkgsrc-2009Q4:1.6.0.32 pkgsrc-2009Q4-base:1.6 pkgsrc-2009Q3:1.6.0.30 pkgsrc-2009Q3-base:1.6 pkgsrc-2009Q2:1.6.0.28 pkgsrc-2009Q2-base:1.6 pkgsrc-2009Q1:1.6.0.26 pkgsrc-2009Q1-base:1.6 pkgsrc-2008Q4:1.6.0.24 pkgsrc-2008Q4-base:1.6 pkgsrc-2008Q3:1.6.0.22 pkgsrc-2008Q3-base:1.6 cube-native-xorg:1.6.0.20 cube-native-xorg-base:1.6 pkgsrc-2008Q2:1.6.0.18 pkgsrc-2008Q2-base:1.6 cwrapper:1.6.0.16 pkgsrc-2008Q1:1.6.0.14 pkgsrc-2008Q1-base:1.6 pkgsrc-2007Q4:1.6.0.12 pkgsrc-2007Q4-base:1.6 pkgsrc-2007Q3:1.6.0.10 pkgsrc-2007Q3-base:1.6 pkgsrc-2007Q2:1.6.0.8 pkgsrc-2007Q2-base:1.6 pkgsrc-2007Q1:1.6.0.6 pkgsrc-2007Q1-base:1.6 pkgsrc-2006Q4:1.6.0.4 pkgsrc-2006Q4-base:1.6 pkgsrc-2006Q3:1.6.0.2 pkgsrc-2006Q3-base:1.6 pkgsrc-2006Q2:1.5.0.4 pkgsrc-2006Q2-base:1.5 pkgsrc-2006Q1:1.5.0.2 pkgsrc-2006Q1-base:1.5 pkgsrc-2005Q4:1.4.0.18 pkgsrc-2005Q4-base:1.4 pkgsrc-2005Q3:1.4.0.16 pkgsrc-2005Q3-base:1.4 pkgsrc-2005Q2:1.4.0.14 pkgsrc-2005Q2-base:1.4 pkgsrc-2005Q1:1.4.0.12 pkgsrc-2005Q1-base:1.4 pkgsrc-2004Q4:1.4.0.10 pkgsrc-2004Q4-base:1.4 pkgsrc-2004Q3:1.4.0.8 pkgsrc-2004Q3-base:1.4 pkgsrc-2004Q2:1.4.0.6 pkgsrc-2004Q2-base:1.4 pkgsrc-2004Q1:1.4.0.4 pkgsrc-2004Q1-base:1.4 pkgsrc-2003Q4:1.4.0.2 pkgsrc-2003Q4-base:1.4 buildlink2-base:1.4 netbsd-1-5-PATCH001:1.2 netbsd-1-5-RELEASE:1.2 netbsd-1-4-PATCH003:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.8 date 2015.01.04.12.07.51; author joerg; state dead; branches; next 1.7; commitid eYFW6YhanRejCH4y; 1.7 date 2011.11.28.19.33.13; author marino; state Exp; branches; next 1.6; 1.6 date 2006.09.07.08.46.20; author wennmach; state Exp; branches; next 1.5; 1.5 date 2006.02.20.15.15.48; author joerg; state Exp; branches; next 1.4; 1.4 date 2002.04.05.11.32.21; author wennmach; state dead; branches; next 1.3; 1.3 date 2001.08.02.12.46.49; author wennmach; state Exp; branches; next 1.2; 1.2 date 2000.06.08.13.53.25; author wennmach; state Exp; branches; next 1.1; 1.1 date 2000.05.25.17.57.28; author wennmach; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2000.05.25.17.57.28; author wennmach; state Exp; branches; next ; desc @@ 1.8 log @At long last, remove KerberosIV support. Just use ROT13 if you need a similar encryption strength. @ text @$NetBSD: patch-aa,v 1.7 2011/11/28 19:33:13 marino Exp $ --- appl/bsd/encrypt.c.orig 2001-09-09 20:27:22.000000000 +0000 +++ appl/bsd/encrypt.c @@@@ -63,12 +63,15 @@@@ RCSID("$Id: encrypt.c,v 1.6 2001/09/09 2 *((c)++)=(unsigned char)(((l) )&0xff)) /* This has some uglies in it but it works - even over sockets. */ -extern int errno; int des_rw_mode=DES_PCBC_MODE; int LEFT_JUSTIFIED = 0; int +#if defined(__DragonFly__) || defined (__FreeBSD__) +bsd_des_enc_read(int fd, char *buf, int len, des_key_schedule sched, des_cblock *iv) +#else bsd_des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock *iv) +#endif { /* data to be unencrypted */ int net_num=0; @@@@ -213,7 +216,11 @@@@ bsd_des_enc_read(int fd, char *buf, int } int +#if defined(__DragonFly__) || defined (__FreeBSD__) +bsd_des_enc_write(int fd, char *buf, int len, des_key_schedule sched, des_cblock *iv) +#else bsd_des_enc_write(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock *iv) +#endif { long rnum; int i,j,k,outnum; @ 1.7 log @security/kth-krb4: Add DragonFly and FreeBSD support The majority of these patches were inspired from FreeBSD's ports. FreeBSD, along with at least Debian, have removed Kerberos4 due to secuity concerns. From: http://web.mit.edu/kerberos/krb4-end-of-life.html : "Serious protocol flaws[2] have been found in Kerberos 4. These flaws permit attacks which require far less effort than an exhaustive search of the DES key space. These flaws make Kerberos 4 cross-realm authentication an unacceptable security risk and raise serious questions about the security of the entire Kerberos 4 protocol. The known insecurity of DES, combined with the recently discovered protocol flaws, make it extremely inadvisable to rely on the security of version 4 of the Kerberos protocol. These factors motivate the MIT Kerberos Team to remove support for Kerberos version 4 from the MIT implementation of Kerberos." This end-of-life announcement is dated 19 October 2006. I think it's a good question to ask why this package and the packages that depend on it are still in pkgsrc. @ text @d1 1 a1 1 $NetBSD$ @ 1.6 log @Update kth-krb4 to 1.2.2 (the current release). New in 1.2.2: * cross-realm disabled in the server Addresses PR pkg/31431 by Zafer Aydogan. While there, make package pkglint-clean. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.5 2006/02/20 15:15:48 joerg Exp $ d3 3 a5 3 --- appl/bsd/encrypt.c.orig 2001-09-09 22:27:22.000000000 +0200 +++ appl/bsd/encrypt.c 2006-09-07 10:19:23.000000000 +0200 @@@@ -63,7 +63,6 @@@@ d13 21 @ 1.5 log @Fix errno. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 --- appl/bsd/encrypt.c.orig 2006-02-17 15:53:23.000000000 +0000 +++ appl/bsd/encrypt.c @@@@ -63,7 +63,6 @@@@ RCSID("$Id: encrypt.c,v 1.6 2001/09/09 2 @ 1.4 log @Update kth-krb4 to 1.1.1. This is a prerequisite step for the new arla version (0.35.7). While here, buildlinkify. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.3 2001/08/02 12:46:49 wennmach Exp $ d3 9 a11 58 Do also install roken.h, roken-common.h, and libroken.a Use "cp" instead of "install" during the build process, since the latter may require root privileges. --- lib/roken/Makefile.in.orig Thu Jun 21 17:21:10 2001 +++ lib/roken/Makefile.in Wed Aug 1 14:25:16 2001 @@@@ -3,6 +3,7 @@@@ # SHELL = /bin/sh +CP = /bin/cp srcdir = @@srcdir@@ top_srcdir = @@top_srcdir@@ @@@@ -27,6 +28,13 @@@@ prefix = @@prefix@@ exec_prefix = @@exec_prefix@@ libdir = @@libdir@@ + +includedir = @@includedir@@ + +incdir = $(includedir) +inc_DATA = roken.h roken-common.h +idir = $(top_builddir)/include + EXECSUFFIX = @@EXECSUFFIX@@ PICFLAGS = # @@PICFLAGS@@ @@@@ -169,8 +177,19 @@@@ $(CC) -c $(DEFS) -I. -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< install: all + $(MKINSTALLDIRS) $(DESTDIR)$(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(DESTDIR)$(libdir)/$(LIB) + @@install_symlink_command@@ + $(MKINSTALLDIRS) $(DESTDIR)$(includedir) + @@for i in $(inc_DATA); do \ + echo " $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i";\ + $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i; done uninstall: + rm -f $(DESTDIR)$(libdir)/$(LIB) + @@for i in $(inc_DATA); do \ + echo " rm -f $(DESTDIR)$(incdir)/$$i";\ + rm -f $(DESTDIR)$(incdir)/$$i; done TAGS: $(SOURCES) $(EXTRA_SOURCES) etags $(SOURCES) $(EXTRA_SOURCES) @@@@ -220,8 +239,8 @@@@ install-roken-h: roken.h @@if [ -f ../../include/roken.h ] && cmp -s ../../include/roken.h roken.h ; \ then :; else \ - echo " $(INSTALL) roken.h ../../include/roken.h"; \ - $(INSTALL) roken.h ../../include/roken.h; fi + echo " $(CP) roken.h ../../include/roken.h"; \ + $(CP) roken.h ../../include/roken.h; fi $(OBJECTS): ../../include/config.h roken.h @ 1.3 log @The telnetd in kth-krb4-1.0.1 seems to be vulnerable to the buffer overflow attack described in SA2001-12 (noted by T. M. Pederson in PR pkg/13610). Instead of applying the patch submitted by T. M. Pederson, we upgrade kth-krb4 to 1.0.9 where the vulnerability has been fixed. The upgrade to 1.0.9 was provided by Assar Westerlund and slightly modified by myself. Also included is diff file for /etc/services for NetBSD-1.5 (and 1.5.1) also submitted by T. M. Pederson in PR 12540. Note: files/services.diff resurfaces as files/services-1.4.2.diff. Closes PR 13610 and PR 12540. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.2 2000/06/08 13:53:25 wennmach Exp $ @ 1.2 log @Added descriptions of what exactly each patch does. Inserted placeholders into MESSAGE which get replaced during pre-install. Enhanced MESSAGE text. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1.1.1 2000/05/25 17:57:28 wennmach Exp $ d7 2 a8 2 --- lib/roken/Makefile.in.orig Tue Nov 30 20:22:59 1999 +++ lib/roken/Makefile.in Thu May 25 16:25:38 2000 d16 2 a17 2 VPATH = @@srcdir@@ @@@@ -24,6 +25,13 @@@@ d31 1 a31 1 @@@@ -162,8 +170,19 @@@@ d51 1 a51 1 @@@@ -213,8 +232,8 @@@@ @ 1.1 log @Initial revision @ text @d1 5 a5 1 $NetBSD$ @ 1.1.1.1 log @Initial import of kth-krb4-1.0.1: Kerberos IV distribution from KTH @ text @@