aboutsummaryrefslogtreecommitdiffstats
path: root/net/tac_plus4/files
diff options
context:
space:
mode:
authormarcus <marcus@FreeBSD.org>2009-07-09 10:47:31 +0800
committermarcus <marcus@FreeBSD.org>2009-07-09 10:47:31 +0800
commita409495702027ffe9f7fabf006cffc96106b705b (patch)
tree0f49e99e3e306b4c8a6219b8a3b6e126311730e1 /net/tac_plus4/files
parent02750c8f5f7c30d8221f54ebe200456b2d2fda63 (diff)
downloadfreebsd-ports-gnome-a409495702027ffe9f7fabf006cffc96106b705b.tar.gz
freebsd-ports-gnome-a409495702027ffe9f7fabf006cffc96106b705b.tar.zst
freebsd-ports-gnome-a409495702027ffe9f7fabf006cffc96106b705b.zip
Update to F4.0.4.18, and add support for TACACS+ profiles to the rc.d
scripts. PR: 134768 (profile support) Submitted by: Ryan T.Dean <rtdean@cytherianage.net> (profile support)
Diffstat (limited to 'net/tac_plus4/files')
-rw-r--r--net/tac_plus4/files/patch-Makefile.in45
-rw-r--r--net/tac_plus4/files/patch-af22
-rw-r--r--net/tac_plus4/files/patch-configure11
-rw-r--r--net/tac_plus4/files/patch-maxsess.c14
-rw-r--r--net/tac_plus4/files/patch-users_guide48
-rw-r--r--net/tac_plus4/files/patch-users_guide.in30
-rw-r--r--net/tac_plus4/files/tac_plus.in82
7 files changed, 130 insertions, 122 deletions
diff --git a/net/tac_plus4/files/patch-Makefile.in b/net/tac_plus4/files/patch-Makefile.in
index 2acad8075525..4ebae68b1d78 100644
--- a/net/tac_plus4/files/patch-Makefile.in
+++ b/net/tac_plus4/files/patch-Makefile.in
@@ -1,25 +1,26 @@
---- Makefile.in.orig Thu Sep 14 21:41:02 2006
-+++ Makefile.in Sun Oct 29 03:04:34 2006
-@@ -71,7 +71,8 @@ am_tac_plus_OBJECTS = tac_plus.$(OBJEXT)
- config.$(OBJEXT) expire.$(OBJEXT) programs.$(OBJEXT) \
- default_fn.$(OBJEXT) pw.$(OBJEXT) utils.$(OBJEXT) \
- default_v0_fn.$(OBJEXT) hash.$(OBJEXT) pwlib.$(OBJEXT) \
-- do_acct.$(OBJEXT) maxsess.$(OBJEXT) regexp.$(OBJEXT)
-+ do_acct.$(OBJEXT) maxsess.$(OBJEXT) regexp.$(OBJEXT) \
-+ opie_fn.$(OBJEXT)
+--- Makefile.in.orig 2009-03-02 12:18:21.000000000 -0500
++++ Makefile.in 2009-07-08 22:29:00.000000000 -0400
+@@ -63,7 +63,8 @@ am__tac_plus_SOURCES_DIST = tac_plus.c a
+ report.c authen.c dump.c md5.c sendauth.c author.c enable.c \
+ packet.c sendpass.c choose_authen.c encrypt.c parse.c config.c \
+ expire.c programs.c default_fn.c pw.c utils.c default_v0_fn.c \
+- hash.c pwlib.c do_acct.c maxsess.c regexp.c skey_fn.c
++ hash.c pwlib.c do_acct.c maxsess.c regexp.c skey_fn.c \
++ opie_fn.c
+ @TACSKEY_TRUE@am__objects_1 = skey_fn.$(OBJEXT)
+ am_tac_plus_OBJECTS = tac_plus.$(OBJEXT) acct.$(OBJEXT) \
+ do_author.$(OBJEXT) md4.$(OBJEXT) report.$(OBJEXT) \
+@@ -74,7 +75,8 @@ am_tac_plus_OBJECTS = tac_plus.$(OBJEXT)
+ expire.$(OBJEXT) programs.$(OBJEXT) default_fn.$(OBJEXT) \
+ pw.$(OBJEXT) utils.$(OBJEXT) default_v0_fn.$(OBJEXT) \
+ hash.$(OBJEXT) pwlib.$(OBJEXT) do_acct.$(OBJEXT) \
+- maxsess.$(OBJEXT) regexp.$(OBJEXT) $(am__objects_1)
++ maxsess.$(OBJEXT) regexp.$(OBJEXT) \
++ opie_fn.$(OBJEXT) $(am__objects_1)
tac_plus_OBJECTS = $(am_tac_plus_OBJECTS)
am__DEPENDENCIES_1 =
tac_plus_DEPENDENCIES = $(am__DEPENDENCIES_1)
-@@ -237,7 +238,7 @@ tac_plus_SOURCES = tac_plus.c \
- config.c expire.c programs.c \
- default_fn.c pw.c utils.c \
- default_v0_fn.c hash.c pwlib.c \
-- do_acct.c maxsess.c regexp.c
-+ do_acct.c maxsess.c regexp.c opie_fn.c
-
- tac_plus_LDADD = $(WRAPLIBS)
- LDADD = @PROFLIBS@
-@@ -248,7 +249,7 @@ noinst_HEADERS = md4.h mschap.h regexp.h
+@@ -257,7 +259,7 @@ noinst_HEADERS = md4.h mschap.h regexp.h
expire.h md5.h parse.h pathsl.h regmagic.h
man_gen_MANS = tac_plus.8 tac_plus.conf.5
@@ -28,7 +29,7 @@
man_MANS = $(man_gen_MANS) $(man_nogen_MANS)
# scripts that are built
-@@ -432,6 +433,7 @@ distclean-compile:
+@@ -443,6 +445,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sendauth.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sendpass.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/skey_fn.Po@am__quote@
@@ -36,7 +37,7 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tac_plus.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tac_pwd.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@
-@@ -832,8 +834,7 @@ info: info-am
+@@ -845,8 +848,7 @@ info: info-am
info-am:
@@ -44,5 +45,5 @@
- install-pkgdataSCRIPTS
+install-data-am: install-man
- install-exec-am: install-binPROGRAMS
+ install-dvi: install-dvi-am
diff --git a/net/tac_plus4/files/patch-af b/net/tac_plus4/files/patch-af
deleted file mode 100644
index d692decaca12..000000000000
--- a/net/tac_plus4/files/patch-af
+++ /dev/null
@@ -1,22 +0,0 @@
---- report.c.orig Wed Aug 2 17:36:49 2000
-+++ report.c Wed Aug 2 17:38:39 2000
-@@ -239,12 +239,16 @@
- if (len <= 0)
- return;
-
-- for (i = 0; i < len && i < 255; i++) {
-+ if(len > 255) len = 255;
-+
-+ for (i = 0; i < len; ) {
- if (32 <= *p && *p <= 126) {
- *bufp++ = *p++;
-+ i++;
- } else {
-- sprintf(bufp, " 0x%x ", *p);
-- bufp += strlen(bufp);
-+ int n = snprintf(bufp, len-i, " 0x%x ", *p);
-+ bufp += n;
-+ i += n;
- p++;
- }
- }
diff --git a/net/tac_plus4/files/patch-configure b/net/tac_plus4/files/patch-configure
deleted file mode 100644
index a44c1803dcf8..000000000000
--- a/net/tac_plus4/files/patch-configure
+++ /dev/null
@@ -1,11 +0,0 @@
---- configure.orig Sun Apr 3 01:20:37 2005
-+++ configure Sun Apr 3 01:20:48 2005
-@@ -1758,7 +1758,7 @@
- #CPPFLAGS="$CFLAGS -I/usr/pkg/include"; export CPPFLAGS
- #LDFLAGS="$LDFLAGS -L/usr/pkg/lib -Xlinker -rpath -Xlinker /usr/pkg/lib"
- #export LDFLAGS
-- LIBS="-lcrypt"; export LIBS
-+ LIBS="-lcrypt $LIBS"; export LIBS
- cat >>confdefs.h <<\_ACEOF
- #define FREEBSD 1
- _ACEOF
diff --git a/net/tac_plus4/files/patch-maxsess.c b/net/tac_plus4/files/patch-maxsess.c
deleted file mode 100644
index e742cce407f6..000000000000
--- a/net/tac_plus4/files/patch-maxsess.c
+++ /dev/null
@@ -1,14 +0,0 @@
---- maxsess.c.orig Tue Jul 18 13:53:34 2006
-+++ maxsess.c Sun Oct 29 02:52:16 2006
-@@ -464,7 +464,11 @@ ckfinger(char *user, char *nas, struct i
- }
- /* Extract username, up to 10 chars wide, starting at char 13 */
- nmlen = 0;
-+#if (TAC_IOS_VERSION == 11)
- name = p + 13;
-+#else
-+ name = p + 15;
-+#endif
- for (i = 0; *name && !isspace((int) *name) && (i < 10); i++) {
- nmbuf[nmlen++] = *name++;
- }
diff --git a/net/tac_plus4/files/patch-users_guide b/net/tac_plus4/files/patch-users_guide
deleted file mode 100644
index 5e499e741a7f..000000000000
--- a/net/tac_plus4/files/patch-users_guide
+++ /dev/null
@@ -1,48 +0,0 @@
---- users_guide.orig Sun Jun 18 13:26:54 2000
-+++ users_guide Sun Dec 8 15:14:01 2002
-@@ -166,7 +166,10 @@
- crimelab.com but now it appears the only source is ftp.bellcore.com. I
- suggest you try a web search for s/key source code.
-
--Note: S/KEY is a trademark of Bell Communications Research (Bellcore).
-+To use OPIE, you must have built tac_plus with the -DWITH_OPIE flag.
-+
-+Note: S/KEY and OPIE are a trademark of Bell Communications Research
-+(Bellcore).
-
- Should you need them, there are routines for accessing password files
- (getpwnam,setpwent,endpwent,setpwfile) in pw.c.
-@@ -436,6 +439,15 @@
- login = skey
- }
-
-+4. Authentication using opie.
-+
-+If you have successfully built tac_plus with opie support, you can specify
-+a user be authenticated via opie, as follows:
-+
-+ user = marcus {
-+ login = opie
-+ }
-+
- RECURSIVE PASSWORD LOOKUPS
- ---------------------------
-
-@@ -1370,7 +1382,7 @@
- and then send the daemon a SIGUSR1. This will cause it to reinitialize
- itself and re-read the configuration file.
-
--On startup, tac_plus creates the file /etc/tac_plus.pid , if possible,
-+On startup, tac_plus creates the file /var/run/tac_plus.pid , if possible,
- containing its process id. If you invoke the daemon so that it listens
- on a non-standard port, the file created is /etc/tac_plus.pid.<port>
- instead, where <port> is the port number the daemon is listening on.
-@@ -1378,7 +1390,7 @@
- Assuming you are listening on the default port 49, something like the
- following should work:
-
--# kill -USR1 `cat /etc/tac_plus.pid`
-+# kill -USR1 `cat /var/run/tac_plus.pid`
-
- It's a good idea to check that the daemon is still running after
- sending it a SIGUSR1, since a syntactically incorrect configuration
diff --git a/net/tac_plus4/files/patch-users_guide.in b/net/tac_plus4/files/patch-users_guide.in
new file mode 100644
index 000000000000..f7679a06c09e
--- /dev/null
+++ b/net/tac_plus4/files/patch-users_guide.in
@@ -0,0 +1,30 @@
+--- users_guide.in.orig 2008-08-20 00:34:57.000000000 -0400
++++ users_guide.in 2009-07-08 22:32:17.000000000 -0400
+@@ -164,7 +164,10 @@ for S/KEY in the Makefile. I got my S/K
+ crimelab.com but now it appears the only source is ftp.bellcore.com. I
+ suggest you try a web search for s/key source code.
+
+-Note: S/KEY is a trademark of Bell Communications Research (Bellcore).
++To use OPIE, you must have built tac_plus with the -DWITH_OPIE flag.
++
++Note: S/KEY and OPIE are a trademark of Bell Communications Research
++(Bellcore).
+
+ Should you need them, there are routines for accessing password files
+ (getpwnam,setpwent,endpwent,setpwfile) in pw.c.
+@@ -454,6 +457,15 @@ be that for each authentiction that is a
+ to be wrong whether it was typed correctly or not.
+
+
++4. Authentication using opie.
++
++If you have successfully built tac_plus with opie support, you can specify
++a user be authenticated via opie, as follows:
++
++ user = marcus {
++ login = opie
++ }
++
+ RECURSIVE PASSWORD LOOKUPS
+ ---------------------------
+
diff --git a/net/tac_plus4/files/tac_plus.in b/net/tac_plus4/files/tac_plus.in
index 05f13e79b7f9..77d14d7d7666 100644
--- a/net/tac_plus4/files/tac_plus.in
+++ b/net/tac_plus4/files/tac_plus.in
@@ -7,11 +7,16 @@
#
# Add the following line to /etc/rc.conf to enable the TACACS+ daemon:
#
-# tac_plus_enable="YES"
-#
-
-tac_plus_enable=${tac_plus_enable-"NO"}
-tac_plus_flags=${tac_plus_flags-"-C %%PREFIX%%/etc/tac_plus.conf"}
+# tac_plus_enable (bool): Set to "NO" by default
+# Set it to "YES" to enable tac_plus
+# tac_plus_flags (str): Set to "" by default
+# Extra flags to be passed to start command
+# tac_plus_profiles (str): Set to "" by default
+# Allows you to run multiple tac_plus daemons with
+# different settings
+# tac_plus_configfile (str): Set to "%%PREFIX%%/etc/tac_plus.conf" by default
+# Allows you to specify a different config file for
+# the tac_plus daemon
. %%RC_SUBR%%
@@ -20,6 +25,73 @@ rcvar=`set_rcvar`
command="%%PREFIX%%/bin/tac_plus"
pidfile="/var/run/${name}.pid"
+tac_plus_enable=${tac_plus_enable:-"NO"}
+tac_plus_flags=${tac_plus_flags:-}
+tac_plus_profiles=${tac_plus_profiles:-}
+tac_plus_configfile=${tac_plus_configfile:-"%%PREFIX%%/etc/tac_plus.conf"}
load_rc_config ${name}
+
+if [ -n "$2" ]; then
+ profile="$2"
+ if [ "x${tac_plus_profiles}" != "x" ]; then
+ eval tac_plus_configfile="\${tac_plus_${profile}_configfile:-}"
+ if [ "x${tac_plus_configfile}" = "x" ]; then
+ echo "You must define a configuration file (tac_plus_${profile}_configfile)"
+ exit 1
+ fi
+ required_files="${tac_plus_configfile}"
+ eval tac_plus_enable="\${tac_plus_${profile}_enable:-${tac_plus_enable}}"
+ eval tac_plus_flags="\${tac_plus_${profile}_flags:-${tac_plus_flags}}"
+ eval tac_plus_port="\${tac_plus_${profile}_port:-}"
+ eval tac_plus_ip="\${tac_plus_${profile}_ip:-}"
+ else
+ echo "$0: extra argument ignored"
+ fi
+else
+ if [ "x${tac_plus_profiles}" != "x" -a "x$1" != "x" ]; then
+ for profile in ${tac_plus_profiles}; do
+ eval _enable="\${tac_plus_${profile}_enable}"
+ case "x${_enable:-${tac_plus_enable}}" in
+ x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
+ continue
+ ;;
+ x[Yy][Ee][Ss])
+
+ ;;
+ *)
+ if test -z "$_enable"; then
+ _var=tac_plus_enable
+ else
+ _var=tac_plus_"${profile}"_enable
+ fi
+ echo "Bad value "\
+ "'${_enable:-${tac_plus_enable}}' "\
+ "for ${_var}. "\
+ "Profile ${profile} skipped."
+ continue
+ esac
+ echo "====> tac_plus profile: ${profile}"
+ %%PREFIX%%/etc/rc.d/tac_plus $1 ${profile}
+ retcode="$?"
+ if [ "0${retcode}" -ne 0 ]; then
+ failed="${profile} (${retcode}) ${failed:-}"
+ else
+ success="${profile} ${success:-}"
+ fi
+ done
+ exit 0
+ fi
+fi
+
+tac_plus_flags="-C ${tac_plus_configfile} ${tac_plus_flags}"
+if [ "x${tac_plus_ip}" != "x" ]; then
+ pidfile="${pidfile}.${tac_plus_ip}"
+ tac_plus_flags="${tac_plus_flags} -B ${tac_plus_ip}"
+fi
+if [ "x${tac_plus_port}" != "x" ]; then
+ pidfile="${pidfile}.${tac_plus_port}"
+ tac_plus_flags="${tac_plus_flags} -p ${tac_plus_port}"
+fi
+
run_rc_command "$1"