Bring it back again.

Port was o.k. to get tacacs up and running using a Cisco router and
I really missed it.

- Added me as maintainer of the port
- Moved sources to my homepage download area
- Compressed sources using bzip2
- Removed some not needed variables in Makefile
- Committed with new nd5 checksum

5 files changed, 323 insertions, 0 deletions

diff --git a/net/tac_plus4/files/extra-patch-ba b/net/tac_plus4/files/extra-patch-ba
new file mode 100644
index 000000000000..9cb5ff36426d
--- /dev/null
+++ b/net/tac_plus4/files/extra-patch-ba
@@ -0,0 +1,69 @@
+*** authen.c.orig	Sat Jul 29 02:49:15 1995
+--- authen.c	Wed Jul 16 15:00:40 1997
+***************
+*** 209,217 ****
+  
+  	    datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+  	    if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! 		prompt = "\nUser Access Verification\n\nUsername: ";
+  	    } else {
+! 		prompt = "Username: ";
+  	    }
+  	    send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */
+  			      prompt, /* msg */
+--- 209,217 ----
+  
+  	    datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+  	    if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! 		prompt = "\nUser Access Verification\n\nlogin: ";
+  	    } else {
+! 		prompt = "login: ";
+  	    }
+  	    send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */
+  			      prompt, /* msg */
+*** default_fn.c.orig	Sat Jul 29 02:49:18 1995
+--- default_fn.c	Wed Jul 16 15:00:52 1997
+***************
+*** 76,84 ****
+  	    /* No username. Try requesting one */
+  	    data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+  	    if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! 		prompt = "\nUser Access Verification\n\nUsername: ";
+  	    } else {
+! 		prompt = "Username: ";
+  	    }
+  	    data->server_msg = tac_strdup(prompt);
+  	    p->state = STATE_AUTHEN_GETUSER;
+--- 76,84 ----
+  	    /* No username. Try requesting one */
+  	    data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+  	    if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! 		prompt = "\nUser Access Verification\n\nlogin: ";
+  	    } else {
+! 		prompt = "login: ";
+  	    }
+  	    data->server_msg = tac_strdup(prompt);
+  	    p->state = STATE_AUTHEN_GETUSER;
+*** skey_fn.c.orig	Wed Jul 16 14:38:34 1997
+--- skey_fn.c	Wed Jul 16 15:01:01 1997
+***************
+*** 104,112 ****
+  	    /* No username. Try requesting one */
+  	    data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+  	    if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! 		prompt = "\nUser Access Verification\n\nUsername: ";
+  	    } else {
+! 		prompt = "Username: ";
+  	    }
+  	    data->server_msg = tac_strdup(prompt);
+  	    p->state = STATE_AUTHEN_GETUSER;
+--- 104,112 ----
+  	    /* No username. Try requesting one */
+  	    data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+  	    if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! 		prompt = "\nUser Access Verification\n\nlogin: ";
+  	    } else {
+! 		prompt = "login: ";
+  	    }
+  	    data->server_msg = tac_strdup(prompt);
+  	    p->state = STATE_AUTHEN_GETUSER;
diff --git a/net/tac_plus4/files/patch-aa b/net/tac_plus4/files/patch-aa
new file mode 100644
index 000000000000..3171aeea68aa
--- /dev/null
+++ b/net/tac_plus4/files/patch-aa
@@ -0,0 +1,43 @@
+--- Makefile.orig	Sat Jul 29 00:49:20 1995
++++ Makefile	Thu Oct 14 22:12:44 1999
+@@ -22,9 +22,9 @@
+ # OSLIBS=-lsocket -lnsl
+ 
+ # For FreeBSD
+-# OS=-DFREEBSD
++OS=-DFREEBSD
+ # You may also need to add
+-# OSLIBS=-lcrypt
++OSLIBS=-lcrypt
+ 
+ # For LINUX
+ # OS=-DLINUX
+@@ -40,23 +40,23 @@
+ # FLAGS   = -DTAC_PLUS_USERID=$(USERID) -DTAC_PLUS_GROUPID=$(GROUPID)
+ 
+ # Definitions for SKEY functionality
+-# DEFINES = -DSKEY
+-# LIBS = ../crimelab/skey/src/libskey.a
++DEFINES = -DSKEY
++LIBS = -lskey -lmd
+ # INCLUDES = -I../crimelab/skey/src
+ 
+-DEBUG = -g
++#DEBUG = -g
+ 
+ # On startup, tac_plus creates the file /etc/tac_plus.pid (if
+ # possible), containing its process id. Uncomment and modify the
+ # following line to change this filename
+ 
+-# PIDFILE = -DTAC_PLUS_PIDFILE=\"/var/run/tac_plus.pid\" 
++PIDFILE = -DTAC_PLUS_PIDFILE=\"/var/run/tac_plus.pid\" 
+ 
+ #
+ # End of customisable section of Makefile
+ #
+ 
+-CFLAGS = $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE)
++CFLAGS += $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE)
+ 
+ SRCS =	acct.c authen.c author.c choose_authen.c config.c do_acct.c \
+ 	do_author.c dump.c encrypt.c expire.c md5.c \
diff --git a/net/tac_plus4/files/patch-ab b/net/tac_plus4/files/patch-ab
new file mode 100644
index 000000000000..e91f6f07290c
--- /dev/null
+++ b/net/tac_plus4/files/patch-ab
@@ -0,0 +1,28 @@
+*** skey_fn.c.orig	Sat Jul 29 02:49:18 1995
+--- skey_fn.c	Mon Mar  3 17:33:57 1997
+***************
+*** 153,158 ****
+--- 153,163 ----
+  		char buf[256];
+  		sprintf(buf, "%s\nPassword: ", skeyprompt);
+  		data->server_msg = tac_strdup(buf);
++ 
++ 		/* We try to make it in accordance of standard FreeBSD
++ 		 * behaviour in order to avoid surprises for user */
++ 		data->flags = TAC_PLUS_AUTHEN_FLAG_NOECHO;
++ 
+  		data->status = TAC_PLUS_AUTHEN_STATUS_GETPASS;
+  		p->state = STATE_AUTHEN_GETPASS;
+  		return (0);
+*** tac_plus.h.orig	Sat Jul 29 02:49:19 1995
+--- tac_plus.h	Mon Mar  3 17:35:51 1997
+***************
+*** 91,96 ****
+--- 91,97 ----
+  #ifdef FREEBSD
+  #define CONST_SYSERRLIST
+  #define STDLIB_MALLOC
++ #define NO_PWAGE
+  #define VOIDSIG
+  #endif
+  
diff --git a/net/tac_plus4/files/patch-ac b/net/tac_plus4/files/patch-ac
new file mode 100644
index 000000000000..bed281b63e19
--- /dev/null
+++ b/net/tac_plus4/files/patch-ac
@@ -0,0 +1,107 @@
+*** tac_plus.1.orig	Sat Jul 29 02:49:20 1995
+--- tac_plus.1	Mon Mar  3 17:34:30 1997
+***************
+*** 30,36 ****
+  authorisation and accounting.
+  .LP
+  On startup, tac_plus creates the file
+! .B /etc/tac_plus.pid ,
+  if possible, containing its process id.
+  .LP
+  .SH ARGUMENTS and OPTIONS
+--- 30,36 ----
+  authorisation and accounting.
+  .LP
+  On startup, tac_plus creates the file
+! .B /var/run/tac_plus.pid ,
+  if possible, containing its process id.
+  .LP
+  .SH ARGUMENTS and OPTIONS
+***************
+*** 79,91 ****
+  .B \-d <level>
+  Switch on debugging and write debug output into
+  .B
+! /tmp/var/tac_plus.log. 
+  
+  See the definitions of debugging flags at the bottom of tac_plus.h for
+  available flags and their meanings.  Most flags cause extra messages
+  to be sent to 
+  .B
+! /tmp/var/tac_plus.log 
+  and also to 
+  .B
+  syslog.
+--- 79,91 ----
+  .B \-d <level>
+  Switch on debugging and write debug output into
+  .B
+! /var/tmp/tac_plus.log. 
+  
+  See the definitions of debugging flags at the bottom of tac_plus.h for
+  available flags and their meanings.  Most flags cause extra messages
+  to be sent to 
+  .B
+! /var/tmp/tac_plus.log 
+  and also to 
+  .B
+  syslog.
+***************
+*** 177,183 ****
+  facility.
+  .nf
+  
+! local6.info					/var/adm/messages
+  
+  .fi
+  .LP
+--- 177,183 ----
+  facility.
+  .nf
+  
+! local6.info					/var/log/tac_plus.log
+  
+  .fi
+  .LP
+***************
+*** 194,200 ****
+  .B /var/tmp/tac_plus.log
+  Contains debugging output when -d is in effect.
+  .TP
+! .B /etc/tac_plus.pid 
+  contains the process id of currently running daemon.
+  .SH BUGS
+  The configuration file syntax is too complex.
+--- 194,200 ----
+  .B /var/tmp/tac_plus.log
+  Contains debugging output when -d is in effect.
+  .TP
+! .B /var/run/tac_plus.pid 
+  contains the process id of currently running daemon.
+  .SH BUGS
+  The configuration file syntax is too complex.
+*** users_guide.orig	Sat Jul 29 02:49:20 1995
+--- users_guide	Mon Mar  3 19:51:56 1997
+***************
+*** 996,1005 ****
+  and then send the daemon a SIGUSR1. This will cause it to reinitialize
+  itself and re-read the configuration file.
+  
+! On startup, tac_plus creates the file /etc/tac_plus.pid , if possible,
+  containing its process id, so something like the following should work:
+  
+! # kill -USR1 `cat /etc/tac_plus.pid`
+  
+  It's a good idea to check that the daemon is still running after
+  sending it a SIGUSR1, since a syntactically incorrect configuration
+--- 996,1005 ----
+  and then send the daemon a SIGUSR1. This will cause it to reinitialize
+  itself and re-read the configuration file.
+  
+! On startup, tac_plus creates the file /var/run/tac_plus.pid, if possible,
+  containing its process id, so something like the following should work:
+  
+! # kill -USR1 `cat /var/run/tac_plus.pid`
+  
+  It's a good idea to check that the daemon is still running after
+  sending it a SIGUSR1, since a syntactically incorrect configuration
diff --git a/net/tac_plus4/files/tac_plus.conf.example b/net/tac_plus4/files/tac_plus.conf.example
new file mode 100644
index 000000000000..0d7b273210a6
--- /dev/null
+++ b/net/tac_plus4/files/tac_plus.conf.example
@@ -0,0 +1,76 @@
+# /usr/local/etc/tac_plus.conf
+
+user=fred {
+    name = "Fred Flintstone"
+    login = des mEX027bHtzTlQ
+
+    # Remember that authorization is also recursive over groups, in
+    # the same way that password lookups are recursive. Thus, if you
+    # place a user in a group, the daemon will look in the group for
+    # authorization parameters if it cannot find them in the user
+    # declaration.
+    member = admin
+
+    expires = "May 23 2005"
+ 
+    service = exec {
+        # When Fred starts an exec, his connection access list is 5
+        acl = 5
+ 
+        # We require this autocmd to be done at startup
+        autocmd = "telnet foo"
+    }
+ 
+    # All commands except telnet 131.108.13.* are denied for Fred
+    cmd = telnet {
+        # Fred can run the following telnet command
+        permit 131\.108\.13\.[0-9]+
+
+        deny .*
+    }
+ 
+    service = ppp protocol = ip {
+        # Fred can run ip over ppp only if he uses one 
+        # of the following mandatory addresses If he supplies no
+        # address, the first one here will be mandated
+        addr=131.108.12.11
+        addr=131.108.12.12
+        addr=131.108.12.13
+        addr=131.108.12.14
+ 
+        # Fred's mandatory input access list number is 101
+        inacl=101
+ 
+        # We will suggest an output access list of 102, but Fred may
+        # choose to ignore or override it
+        optional outacl=102
+    }
+
+    service = slip {
+        # Fred can run slip. When he does, he will have to use
+        # these mandatory access lists
+        inacl=101
+        outacl=102
+    }
+ 
+    # set a timeout in the lcp layer of ppp
+    service = ppp protocol = lcp {
+        timeout = 10
+    }
+}
+
+user = wilma {
+    # Wilma has no password of her own, but she's a group member so
+    # she'll use the group password if there is one. Same for her
+    # password expiry date
+    member = admin
+}
+ 
+group = admin {
+    # group members who don't have their own password will be looked
+    # up in /etc/passwd
+    login = file /etc/passwd
+ 
+    # group members who have no expiry date set will use this one
+    expires = "Jan 1 1998"
+}