- Add LICENSE.

- Build kcm by default.
- Use gssapi.mk.
- Use ${opt}_* variables instead of .if ${PORT_OPTIONS:Mopt} wherever possible.
- Use /var/heimdal as $hdbdir for compatibility with Heimdal in base.
- Merge pkg-plist.* into pkg-plist.
- Remove lines that are no longer valid.
- Remove stale kdc.sh.  rc.d scripts in base system work with this port.

8 files changed, 186 insertions, 191 deletions

diff --git a/security/heimdal/Makefile b/security/heimdal/Makefile
index d7b5672c2629..f2ab03788b9b 100644
--- a/security/heimdal/Makefile
+++ b/security/heimdal/Makefile
@@ -3,136 +3,106 @@
 
 PORTNAME=	heimdal
 PORTVERSION=	1.5.2
-PORTREVISION=	13
+PORTREVISION=	14
 CATEGORIES=	security ipv6
 MASTER_SITES=	http://www.h5l.org/dist/src/ \
 		http://ftp.pdc.kth.se/pub/heimdal/src/ \
 		ftp://ftp.pdc.kth.se/pub/heimdal/src/ \
 		ftp://ftp.sunet.se/pub/unix/admin/mirror-pdc/heimdal/src/
 
-MAINTAINER=	ports@FreeBSD.org
+MAINTAINER=	hrs@FreeBSD.org
 COMMENT=	Popular BSD-licensed implementation of Kerberos 5
 
-CONFLICTS=	krb4-[0-9]* krb5-[0-9]* krb5-maint-[0-9]* srp-[0-9]*
+LICENSE=	BSD3CLAUSE
+LICENSE_FILE=	${WRKSRC}/LICENSE
 
-OPTIONS_DEFINE=	IPV6 KCM BDB SQLITE LDAP PKINIT DIGEST KX509 CRACKLIB X11
-OPTIONS_DEFAULT=	KCM BDB PKINIT DIGEST KX509
-OPTIONS_SUB=	yes
-KCM_DESC=	Enable Kerberos Credentials Manager
-BDB_DESC=	Enable BerkeleyDB KDC backend support
-SQLITE_DESC=	Enable SQLite KDC backend support
-LDAP_DESC=	Enable OpenLDAP KDC backend support
-PKINIT_DESC=	Enable PK-INIT support
-DIGEST_DESC=	Enable DIGEST support
-KX509_DESC=	Enable kx509 support
-CRACKLIB_DESC=	Use CrackLib for password quality checking
-X11_DESC=	Build X11 utilies
-
-IPV6_CONFIGURE_WITH=		ipv6
-KCM_CONFIGURE_ENABLE=		kcm
-X11_CONFIGURE_WITH=		x
-KX509_CONFIGURE_ENABLE=		kx509
-DIGEST_CONFIGURE_ENABLE=	digest
-PKINIT_CONFIGURE_ENABLE=	pk-init
-CRACKLIB_BUILD_DEPENDS=		${PREFIX}/lib/libcrack.a:${PORTSDIR}/security/cracklib
-
-USES=		gettext libtool pathfix pkgconfig
+CONFLICTS=	krb4-[0-9]* krb5-[0-9]* krb5-maint-[0-9]* srp-[0-9]* \
+		wu-ftpd-[0-9]* wu-ftpd+ipv6-[0-9]*
+
+USES=		gettext gssapi:bootstrap,heimdal libtool pathfix pkgconfig \
+		readline makeinfo
 USE_LDCONFIG=	yes
 USE_OPENSSL=	yes
 GNU_CONFIGURE=	yes
 INSTALL_TARGET=	install-strip
-MAKE_JOBS_UNSAFE=	yes
-CONFIGURE_ARGS+=	--with-libintl=${LOCALBASE} \
-			--with-readline=${DESTDIR}/usr \
-			--enable-pthread-support \
-			--with-hdbdir=/var/db/${PORTNAME} \
-			--sysconfdir=${PREFIX}/etc
-MAKE_ENV+=	INSTALL_CATPAGES=no
+CONFIGURE_ENV=	ac_cv_header_fnmatch_h=yes
+CONFIGURE_ARGS=	--with-libintl \
+		--with-libintl-include="${LOCALBASE}/include" \
+		--with-libintl-lib="${LOCALBASE}/lib" \
+		--with-kcm \
+		--with-openssl \
+		--with-openssl-include="${OPENSSLINC}" \
+		--with-openssl-lib="${OPENSSLLIB}" \
+		--enable-otp \
+		--enable-pthread-support \
+		--with-hdbdir="/var/${PORTNAME}" \
+		--sysconfdir="${PREFIX}/etc"
+MAKE_ENV=	INSTALL_CATPAGES=no
 
 INFO=		heimdal hx509
-PLIST=		${WRKDIR}/PLIST
 
-.include <bsd.port.options.mk>
+OPTIONS_DEFINE=	IPV6 BDB SQLITE LDAP PKINIT DIGEST KX509 CRACKLIB X11
+OPTIONS_DEFAULT=IPV6 BDB             PKINIT DIGEST KX509
+OPTIONS_SUB=	yes
 
-.if ${PORT_OPTIONS:MBDB}
-USE_BDB=		yes
-CFLAGS+=		-I${BDB_INCLUDE_DIR}
-CPPFLAGS+=		-I${BDB_INCLUDE_DIR}
-LDFLAGS+=		-L${BDB_LIB_DIR}
-CONFIGURE_ARGS+=	--with-berkeley-db=${LOCALBASE} \
-			--with-berkeley-db-include=${BDB_INCLUDE_DIR}
-.else
-CONFIGURE_ARGS+=	--with-berkeley-db=no
-.endif
+IPV6_CONFIGURE_WITH=	ipv6
 
-.if ${PORT_OPTIONS:MSQLITE}
-USE_SQLITE=		yes
-CONFIGURE_ARGS+=	--with-sqlite3=${LOCALBASE}
-.else
-CONFIGURE_ARGS+=	--without-sqlite3
-.endif
+BDB_DESC=		Enable BerkeleyDB KDC backend support
+BDB_CONFIGURE_ON=	--with-berkeley-db \
+			--with-berkeley-db-include=/usr/include
+BDB_CONFIGURE_OFF=	--without-berkeley-db
 
-.if ${PORT_OPTIONS:MLDAP}
-USE_OPENLDAP=		yes
-WANT_OPENLDAP_SASL?=	yes
-CONFIGURE_ARGS+=	--with-openldap=${LOCALBASE}
-.  if defined(LDAP_SOCKET_PATH)
-_SOCK=		${LDAP_SOCKET_PATH:C|/|%2f|g}
-.  else
-LDAP_RUN_DIR?=	/var/run/openldap
-_SOCK=		${LDAP_RUN_DIR:C|/|%2f|g}%2fldapi
-.  endif
-.else
-CONFIGURE_ARGS+=	--without-openldap
-.endif
+SQLITE_DESC=		Enable SQLite KDC backend support
+SQLITE_USE=		SQLITE=yes
+SQLITE_CONFIGURE_ON=	--with-sqlite3 \
+			--with-sqlite3-include="${LOCALBASE}/include" \
+			--with-sqlite3-lib="${LOCALBASE}/lib"
+SQLITE_CONFIGURE_OFF=	--without-sqlite3
 
-.if ${PORT_OPTIONS:MX11}
-USE_XORG=	x11 xt
-.endif
+LDAP_DESC=		Enable OpenLDAP KDC backend support
+LDAP_USE=		OPENLDAP=yes
+LDAP_CONFIGURE_ON=	--with-openldap \
+			--with-openldap-include="${LOCALBASE}/include" \
+			--with-openldap-lib="${LOCALBASE}/lib"
+LDAP_CONFIGURE_OFF=	--without-openldap
 
-.if defined(HEIMDAL_HOME)
-PREFIX=		${HEIMDAL_HOME}
-.else
-CONFLICTS+=	wu-ftpd-[0-9]* wu-ftpd+ipv6-[0-9]*
-.endif
+PKINIT_DESC=		Enable PK-INIT support
+PKINIT_CONFIGURE_ENABLE=pk-init
+
+DIGEST_DESC=		Enable DIGEST support
+DIGEST_CONFIGURE_ENABLE=digest
+
+KX509_DESC=		Enable kx509 support
+KX509_CONFIGURE_ENABLE=	kx509
+
+CRACKLIB_DESC=		Use CrackLib for password quality checking
+CRACKLIB_BUILD_DEPENDS=	${PREFIX}/lib/libcrack.a:${PORTSDIR}/security/cracklib
+
+X11_DESC=		Build X11 utilies
+X11_USE=		XORG=x11,xt
+X11_CONFIGURE_WITH=	x
+
+.include <bsd.port.options.mk>
 
-post-patch:
 .if ${PORT_OPTIONS:MLDAP}
-	@${REINPLACE_CMD} -e 's|%%LDAP_SOCKET%%|${_SOCK:Q}|g' \
-		${WRKSRC}/lib/hdb/hdb-ldap.c
+WANT_OPENLDAP_SASL?=	yes
 .endif
-	@${REINPLACE_CMD} -e 's|$$ac_cv_header_fnmatch_h|yes|' \
-		${WRKSRC}/configure
-	@${REINPLACE_CMD} -e 's|@LDFLAGS@|@LDFLAGS@ \$$\(PTHREADS_LIBADD\)|g' \
-		${WRKSRC}/lib/ipc/Makefile.in
 
-post-build:
-.if ${PORT_OPTIONS:MCRACKLIB}
-	${SED} -e "s;%%LOCALBASE%%;${LOCALBASE};g" \
-		${FILESDIR}/kpasswdd-cracklib.c.in > ${WRKSRC}/kpasswdd-cracklib.c
-	(cd ${WRKSRC} && \
-		${CC} ${CFLAGS} -fPIC -shared -I${LOCALBASE}/include -I./include \
-		-L${LOCALBASE}/lib -o ./kpasswdd-cracklib.so ./kpasswdd-cracklib.c -lcrack)
-.endif
+post-extract:
+	@${MKDIR} ${WRKSRC}/kpasswdd-cracklib
+	${INSTALL_DATA} ${FILESDIR}/kpasswdd-cracklib.c \
+	    ${WRKSRC}/kpasswdd-cracklib
+	${INSTALL_DATA} ${FILESDIR}/kpasswdd-Makefile \
+	    ${WRKSRC}/kpasswdd-cracklib/Makefile
 
-pre-install:
-	@${CP} ${PKGDIR}/pkg-plist ${PLIST}
-	@if [ -f ${WRKSRC}/lib/com_err/.libs/compile_et ]; then \
-		${CAT} ${PKGDIR}/pkg-plist.com_err >> ${PLIST}; \
-	fi
-.if ${PORT_OPTIONS:MX11}
-	@${CAT} ${PKGDIR}/pkg-plist.x11 >> ${PLIST}
-.endif
-.if !exists(/usr/include/ifaddrs.h)
-	@${ECHO_CMD} include/ifaddrs.h >> ${PLIST}
-.endif
 .if ${PORT_OPTIONS:MCRACKLIB}
-	${INSTALL_PROGRAM} ${WRKSRC}/kpasswdd-cracklib.so ${STAGEDIR}${PREFIX}/lib/
-	@${ECHO_CMD} lib/kpasswdd-cracklib.so >> ${PLIST}
-.endif
+post-build:
+	cd ${WRKSRC}/kpasswdd-cracklib && \
+	    ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_ARGS} ${BUILD_TARGET}
 
 post-install:
-	${SED} 's;%%PREFIX%%;${PREFIX};g' ${FILESDIR}/kdc.sh > \
-		${STAGEDIR}${PREFIX}/etc/rc.d/kdc.sh.sample
+	cd ${WRKSRC}/kpasswdd-cracklib && \
+	    ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_ARGS} ${INSTALL_TARGET}
+.endif
 
 .include <bsd.port.mk>
diff --git a/security/heimdal/files/kdc.sh b/security/heimdal/files/kdc.sh
deleted file mode 100644
index 53bb5d4cf26f..000000000000
--- a/security/heimdal/files/kdc.sh
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/bin/sh
-
-# Installation prefix for Heimdal
-PREFIX="%%PREFIX%%"
-
-# One of `none', `master', or `slave' 
-KDC_ROLE=none
-KDC_FLAGS=""
-IPROP_MASTER_HOST=""
-
-KDC="${PREFIX}/libexec/kdc"
-KPASSWDD="${PREFIX}/libexec/kpasswdd"
-# Uncomment to use CrackLib
-#KPASSWDD_FLAGS="--check-library=${PREFIX}/lib/kpasswdd-cracklib.so"
-IPROPD_MASTER="${PREFIX}/libexec/ipropd-master"
-IPROPD_SLAVE="${PREFIX}/libexec/ipropd-slave"
-
-case "${KDC_ROLE}" in
-none)	run_kdc=0 run_master=0 run_slave=0 ;;
-master)	run_kdc=1 run_master=1 run_slave=0 ;;
-slave) 	run_kdc=1 run_master=0 run_slave=1 ;;
-*)	echo "KDC_ROLE is not set." >&2
-	exit 64
-	;;
-esac
-
-do_start() {
-    if test "${run_kdc}" -eq "1"; then
-	${KDC} ${KDC_FLAGS} &
-	test "${run_master}" -eq "1" && ${KPASSWDD} ${KPASSWDD_FLAGS} &
-	test "${run_master}" -eq "1" && ${IPROPD_MASTER} &
-	test "${run_slave}"  -eq "1" && ${IPROPD_SLAVE} ${IPROP_MASTER_HOST} &
-    fi
-    echo -n ' kdc'
-}
-
-do_stop() {
-    for pid in kdc kpasswdd ipropd-master ipropd-slave; do
-	test -f "/var/run/${pid}.pid" && kill `cat /var/run/${pid}.pid`
-    done
-    echo -n ' kdc'
-}
-
-do_restart() {
-    do_stop
-    sleep 1
-    do_start
-}
-
-case "$1" in
-start)		do_start   ;;
-stop)		do_stop    ;;
-restart)	do_restart ;;
-*)
-    echo "Usage: `basename $0` {start|stop}" >&2
-    exit 64
-    ;;
-esac
-
-exit 0
diff --git a/security/heimdal/files/kpasswdd-Makefile b/security/heimdal/files/kpasswdd-Makefile
new file mode 100644
index 000000000000..426074e91ff8
--- /dev/null
+++ b/security/heimdal/files/kpasswdd-Makefile
@@ -0,0 +1,17 @@
+# $FreeBSD$
+
+all: kpasswdd-cracklib.so
+
+kpasswdd-cracklib.so: kpasswdd-cracklib.c
+	${CC} ${CFLAGS} -fPIC -shared \
+	    -DLOCALBASE=\"${LOCALBASE}\" \
+	    -I${LOCALBASE}/include -I./include \
+	    -o ${.TARGET} ${.ALLSRC} \
+	    -lcrack -L${LOCALBASE}/lib
+
+install-strip: install
+
+install: ${DESTDIR}${PREFIX}/lib/kpasswdd-cracklib.so
+
+${DESTDIR}${PREFIX}/lib/kpasswdd-cracklib.so: kpasswdd-cracklib.so
+	${BSD_INSTALL_LIB} ${.ALLSRC} ${.TARGET}
diff --git a/security/heimdal/files/kpasswdd-cracklib.c.in b/security/heimdal/files/kpasswdd-cracklib.c
index 703f41127edc..fd44c06a9f38 100644
--- a/security/heimdal/files/kpasswdd-cracklib.c.in
+++ b/security/heimdal/files/kpasswdd-cracklib.c
@@ -16,7 +16,7 @@ passwd_check(krb5_context context, krb5_principal principal,
 				return "out of memory";
 		memcpy(p, password->data, password->length);
 		p[password->length] = '\0';
-		result = FascistCheck(p, "%%LOCALBASE%%/libdata/cracklib/pw_dict");
+		result = FascistCheck(p, LOCALBASE "/libdata/cracklib/pw_dict");
 		free(p);
 		return result;
 }
diff --git a/security/heimdal/files/patch-configure b/security/heimdal/files/patch-configure
new file mode 100644
index 000000000000..e81b494103c6
--- /dev/null
+++ b/security/heimdal/files/patch-configure
@@ -0,0 +1,71 @@
+--- configure.orig	2014-08-30 19:16:38.000000000 +0900
++++ configure	2014-08-30 19:18:12.000000000 +0900
+@@ -9567,29 +9567,6 @@
+       hardcode_shlibpath_var=no
+       ;;
+ 
+-    freebsd1*)
+-      ld_shlibs=no
+-      ;;
+-
+-    # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+-    # support.  Future versions do this automatically, but an explicit c++rt0.o
+-    # does not break anything, and helps significantly (at the cost of a little
+-    # extra space).
+-    freebsd2.2*)
+-      archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+-      hardcode_libdir_flag_spec='-R$libdir'
+-      hardcode_direct=yes
+-      hardcode_shlibpath_var=no
+-      ;;
+-
+-    # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+-    freebsd2*)
+-      archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+-      hardcode_direct=yes
+-      hardcode_minus_L=yes
+-      hardcode_shlibpath_var=no
+-      ;;
+-
+     # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+     freebsd* | dragonfly*)
+       archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+@@ -10561,10 +10538,6 @@
+   shlibpath_var=LD_LIBRARY_PATH
+   ;;
+ 
+-freebsd1*)
+-  dynamic_linker=no
+-  ;;
+-
+ freebsd* | dragonfly*)
+   # DragonFly does not have aout.  When/if they implement a new
+   # versioning mechanism, adjust this.
+@@ -10590,18 +10563,6 @@
+   esac
+   shlibpath_var=LD_LIBRARY_PATH
+   case $host_os in
+-  freebsd2*)
+-    shlibpath_overrides_runpath=yes
+-    ;;
+-  freebsd3.[01]* | freebsdelf3.[01]*)
+-    shlibpath_overrides_runpath=yes
+-    hardcode_into_libs=yes
+-    ;;
+-  freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+-  freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+-    shlibpath_overrides_runpath=no
+-    hardcode_into_libs=yes
+-    ;;
+   *) # from 4.6 on, and DragonFly
+     shlibpath_overrides_runpath=yes
+     hardcode_into_libs=yes
+@@ -14227,7 +14188,7 @@
+ 	native_pthread_support="netbsd 3 uses explict pthread"
+ 		PTHREAD_LIBADD="-lpthread"
+ 	;;
+-*-*-freebsd[56789]*)
++*-*-freebsd*)
+ 	native_pthread_support=yes
+ 	PTHREAD_LIBADD="-pthread"
+ 	;;
diff --git a/security/heimdal/pkg-plist b/security/heimdal/pkg-plist
index e5110882582d..bf73e3dabb31 100644
--- a/security/heimdal/pkg-plist
+++ b/security/heimdal/pkg-plist
@@ -12,6 +12,7 @@ bin/klist
 bin/kpasswd
 bin/krb5-config
 bin/kswitch
+%%X11%%bin/kx
 bin/login
 bin/otp
 bin/otpprint
@@ -19,11 +20,14 @@ bin/pagsh
 bin/pfrom
 bin/rcp
 bin/rsh
+%%X11%%bin/rxtelnet
+%%X11%%bin/rxterm
 bin/string2key
 bin/su
 bin/telnet
+%%X11%%bin/tenletxr
 bin/verify_krb5_conf
-etc/rc.d/kdc.sh.sample
+%%X11%%bin/xnlock
 include/asn1-common.h
 include/asn1_err.h
 include/base64.h
@@ -37,16 +41,16 @@ include/getarg.h
 include/gssapi.h
 include/gssapi/gkrb5_err.h
 include/gssapi/gssapi.h
-include/gssapi/gssapi_ntlm.h
 include/gssapi/gssapi_krb5.h
+include/gssapi/gssapi_ntlm.h
 include/gssapi/gssapi_oid.h
 include/gssapi/gssapi_spnego.h
 include/hdb-protos.h
 include/hdb.h
 include/hdb_asn1.h
 include/hdb_err.h
-include/heim_asn1.h
 include/heim-ipc.h
+include/heim_asn1.h
 include/heim_err.h
 include/heimbase.h
 include/heimntlm-protos.h
@@ -97,6 +101,7 @@ include/sl.h
 include/wind.h
 include/wind_err.h
 include/xdbm.h
+%%CRACKLIB%%lib/kpasswdd-cracklib.so
 lib/libasn1.a
 lib/libasn1.so
 lib/libasn1.so.8
@@ -105,22 +110,26 @@ lib/libgssapi.a
 lib/libgssapi.so
 lib/libgssapi.so.3
 lib/libgssapi.so.3.0.0
-lib/libheimbase.a
-lib/libheimbase.so
-lib/libheimbase.so.1
-lib/libheimbase.so.1.0.0
-%%NO_SQLITE%%lib/libheimsqlite.a
-%%NO_SQLITE%%lib/libheimsqlite.so
-%%NO_SQLITE%%lib/libheimsqlite.so.0
-%%NO_SQLITE%%lib/libheimsqlite.so.0.0.0
 lib/libhdb.a
 lib/libhdb.so
 lib/libhdb.so.9
 lib/libhdb.so.9.2.0
+lib/libheimbase.a
+lib/libheimbase.so
+lib/libheimbase.so.1
+lib/libheimbase.so.1.0.0
+lib/libheimedit.a
+lib/libheimedit.so
+lib/libheimedit.so.0
+lib/libheimedit.so.0.0.36
 lib/libheimntlm.a
 lib/libheimntlm.so
 lib/libheimntlm.so.0
 lib/libheimntlm.so.0.1.0
+%%NO_SQLITE%%lib/libheimsqlite.a
+%%NO_SQLITE%%lib/libheimsqlite.so
+%%NO_SQLITE%%lib/libheimsqlite.so.0
+%%NO_SQLITE%%lib/libheimsqlite.so.0.0.0
 lib/libhx509.a
 lib/libhx509.so
 lib/libhx509.so.5
@@ -176,12 +185,13 @@ libexec/hpropd
 libexec/ipropd-master
 libexec/ipropd-slave
 libexec/kadmind
-%%KCM%%libexec/kcm
+libexec/kcm
 libexec/kdc
 libexec/kdigest
 libexec/kfd
 libexec/kimpersonate
 libexec/kpasswdd
+%%X11%%libexec/kxd
 libexec/popper
 libexec/push
 libexec/rshd
@@ -1192,7 +1202,7 @@ man/man8/ipropd-master.8.gz
 man/man8/ipropd-slave.8.gz
 man/man8/kadmin.8.gz
 man/man8/kadmind.8.gz
-%%KCM%%man/man8/kcm.8.gz
+man/man8/kcm.8.gz
 man/man8/kdc.8.gz
 man/man8/kdigest.8.gz
 man/man8/kerberos.8.gz
@@ -1212,8 +1222,8 @@ sbin/iprop-log
 sbin/kadmin
 sbin/kstash
 sbin/ktutil
+@dirrm libexec/heimdal
+@dirrm include/roken
 @dirrm include/krb5
 @dirrm include/kadm5
 @dirrm include/gssapi
-@dirrm include/roken
-@dirrm libexec/heimdal
diff --git a/security/heimdal/pkg-plist.com_err b/security/heimdal/pkg-plist.com_err
deleted file mode 100644
index c0988c5b7dbc..000000000000
--- a/security/heimdal/pkg-plist.com_err
+++ /dev/null
@@ -1,7 +0,0 @@
-bin/compile_et
-include/com_err.h
-include/com_right.h
-lib/libcom_err.a
-lib/libcom_err.so
-lib/libcom_err.so.1
-lib/libcom_err.so.1.1.3
diff --git a/security/heimdal/pkg-plist.x11 b/security/heimdal/pkg-plist.x11
deleted file mode 100644
index 3d39266b871a..000000000000
--- a/security/heimdal/pkg-plist.x11
+++ /dev/null
@@ -1,6 +0,0 @@
-bin/kx
-bin/rxtelnet
-bin/rxterm
-bin/tenletxr
-bin/xnlock
-libexec/kxd