aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2002-04-20 06:23:32 +0800
committerkris <kris@FreeBSD.org>2002-04-20 06:23:32 +0800
commitb24f448f474f991a656a87a2ba812eb7b475a9d4 (patch)
treebb6b68e9df48ce6e4056ed0144b265d4d1e8716c /security
parent0e0cbd0bb8ed21ce885a49de7a7a0c54a748759e (diff)
downloadfreebsd-ports-gnome-b24f448f474f991a656a87a2ba812eb7b475a9d4.tar.gz
freebsd-ports-gnome-b24f448f474f991a656a87a2ba812eb7b475a9d4.tar.zst
freebsd-ports-gnome-b24f448f474f991a656a87a2ba812eb7b475a9d4.zip
Patches from maintainer:
* HKP (WWW) key submissions disabled by default, enabled via configuration file * nicer formatting of long (SHA-1) fingerprints * pksdctl usage() shows available commands/arguments * manual page fixes Bump PORTREVISION. PR: ports/34970 Submitted by: Jason Harris <jharris@widomaker.com>
Diffstat (limited to 'security')
-rw-r--r--security/pks/Makefile1
-rw-r--r--security/pks/files/patch-ae14
-rw-r--r--security/pks/files/patch-af14
-rw-r--r--security/pks/files/patch-ag15
-rw-r--r--security/pks/files/patch-ah14
-rw-r--r--security/pks/files/patch-ai20
-rw-r--r--security/pks/files/patch-aj18
-rw-r--r--security/pks/files/patch-ak53
-rw-r--r--security/pks/files/patch-al15
-rw-r--r--security/pks/files/patch-am71
-rw-r--r--security/pks/files/patch-an32
-rw-r--r--security/pks/files/patch-ao14
12 files changed, 281 insertions, 0 deletions
diff --git a/security/pks/Makefile b/security/pks/Makefile
index ba11fc7088b0..df68c58960ac 100644
--- a/security/pks/Makefile
+++ b/security/pks/Makefile
@@ -7,6 +7,7 @@
PORTNAME= pks
PORTVERSION= 0.9.4
+PORTREVISION= 1
CATEGORIES= security www
MASTER_SITES+= http://www.mit.edu/people/marc/pks/ \
ftp://ftp.neonramp.com/pub/pksd/
diff --git a/security/pks/files/patch-ae b/security/pks/files/patch-ae
new file mode 100644
index 000000000000..8f41658185ec
--- /dev/null
+++ b/security/pks/files/patch-ae
@@ -0,0 +1,14 @@
+===================================================================
+RCS file: pks_www.c,v
+retrieving revision 1.19
+diff -u -r1.19 pks_www.c
+--- pks_www.c 1999/06/02 06:06:01 1.19
++++ pks_www.c 2001/09/02 04:14:22
+@@ -529,5 +529,6 @@
+ void pks_www_init(pks_www_conf *conf)
+ {
+ www_init(conf->port, pks_www, conf);
+- www_init(conf->db_dir, pks_www, conf);
++ //www_init(conf->db_dir, pks_www, conf); // wtf? This snuck in via
++ // NetBSD's patch-ac...
+ }
diff --git a/security/pks/files/patch-af b/security/pks/files/patch-af
new file mode 100644
index 000000000000..bcfba40b019f
--- /dev/null
+++ b/security/pks/files/patch-af
@@ -0,0 +1,14 @@
+===================================================================
+RCS file: pks_www.h,v
+retrieving revision 1.4
+diff -u -r1.4 pks_www.h
+--- pks_www.h 1999/05/20 03:39:52 1.4
++++ pks_www.h 2001/09/02 04:15:06
+@@ -12,6 +12,7 @@
+
+ typedef struct _pks_www_conf {
+ int port;
++ int readonly;
+ int max_reply_keys;
+ char *db_dir;
+ pks_incr_conf *pic;
diff --git a/security/pks/files/patch-ag b/security/pks/files/patch-ag
new file mode 100644
index 000000000000..f5d9039a2101
--- /dev/null
+++ b/security/pks/files/patch-ag
@@ -0,0 +1,15 @@
+===================================================================
+RCS file: pksd.8,v
+retrieving revision 1.3
+diff -u -r1.3 pksd.8
+--- pksd.8 1999/06/02 06:07:30 1.3
++++ pksd.8 2001/09/02 04:15:53
+@@ -17,7 +17,7 @@
+
+ The server takes a single argument, which is the name of the
+ configuration file. The format of this file is documented in
+-\fBpksd.conf(8)\fR.
++\fBpksd.conf(5)\fR.
+
+ The server supports queries via the web and via an email interface.
+ The web interface implements a few form URI's which are described in
diff --git a/security/pks/files/patch-ah b/security/pks/files/patch-ah
new file mode 100644
index 000000000000..272bc9a4701a
--- /dev/null
+++ b/security/pks/files/patch-ah
@@ -0,0 +1,14 @@
+===================================================================
+RCS file: pksd.c,v
+retrieving revision 1.24
+diff -u -r1.24 pksd.c
+--- pksd.c 1999/05/31 20:21:20 1.24
++++ pksd.c 2001/09/02 04:17:59
+@@ -84,6 +84,7 @@
+ psc.mrc = &mrc;
+
+ pwc.port = pc.www_port;
++ pwc.readonly = pc.www_readonly;
+ pwc.db_dir = pc.db_dir;
+ pwc.max_reply_keys = pc.max_reply_keys;
+ pwc.pic = &pic;
diff --git a/security/pks/files/patch-ai b/security/pks/files/patch-ai
new file mode 100644
index 000000000000..e04211b957d9
--- /dev/null
+++ b/security/pks/files/patch-ai
@@ -0,0 +1,20 @@
+===================================================================
+RCS file: pksd.conf.5,v
+retrieving revision 1.7
+diff -u -r1.7 pksd.conf.5
+--- pksd.conf.5 1999/05/17 05:20:20 1.7
++++ pksd.conf.5 2001/09/02 04:19:53
+@@ -42,6 +42,13 @@
+ .BR 0 ,
+ then HTTP connections are not accepted on any port.
+ .TP
++.B www_readonly
++This controls key updates/submissions via HTTP. If it is
++.BR 0 ,
++then keys may be submitted via HTTP. The DEFAULT is
++.BR 1,
++which DOES NOT allow key updates/submissions via HTTP.
++.TP
+ .B socket_name
+ This is the name of the unix domain socket on which
+ .B pksd(8)
diff --git a/security/pks/files/patch-aj b/security/pks/files/patch-aj
new file mode 100644
index 000000000000..c55fd3491e2f
--- /dev/null
+++ b/security/pks/files/patch-aj
@@ -0,0 +1,18 @@
+===================================================================
+RCS file: pksdctl.c,v
+retrieving revision 1.11
+diff -u -r1.11 pksdctl.c
+--- pksdctl.c 1999/05/17 05:20:20 1.11
++++ pksdctl.c 2001/09/02 04:20:57
+@@ -20,6 +20,11 @@
+ void usage(char *argv0)
+ {
+ fprintf(stderr, "usage: %s socket string\n", argv0);
++ fprintf(stderr, "usage: %s <pksd socket> <command> [arg]\n", argv0);
++ fprintf(stderr, " commands: mail <msg>\n");
++ fprintf(stderr, " disable <userid>\n");
++ fprintf(stderr, " shutdown\n");
++
+ exit(1);
+ }
+
diff --git a/security/pks/files/patch-ak b/security/pks/files/patch-ak
new file mode 100644
index 000000000000..a22d40e97d27
--- /dev/null
+++ b/security/pks/files/patch-ak
@@ -0,0 +1,53 @@
+===================================================================
+RCS file: www.c,v
+retrieving revision 1.25
+diff -u -r1.25 www.c
+--- www.c 1999/06/02 06:08:16 1.25
++++ www.c 2001/09/02 04:26:28
+@@ -21,6 +21,7 @@
+ #include "www.h"
+ #include "globals.h"
+ #include "parse.h"
++#include "pks_www.h"
+
+ static const long hexchar[] = {
+ 256,256,256,256,256,256,256,256,256,256,256,256,256,256,256,256,
+@@ -140,6 +141,7 @@
+ typedef struct _hh_state {
+ httphandler h;
+ xbuffer xb;
++ unsigned int readonly;
+ void *c;
+ long ptr;
+ long method, uri, method_len, uri_len;
+@@ -148,10 +150,12 @@
+
+ static void reader(int fd, unsigned char *input, long len, int done, void *c)
+ {
+- hh_state *s = (hh_state *) c;
+
++ hh_state *s = (hh_state *) c;
+ long ptr, cnt;
+ long dummy, dummy_len;
++ unsigned int readonly = s->readonly;
++
+
+ if (done < 0) {
+ xbuffer_free(&(s->xb));
+@@ -360,7 +364,7 @@
+ }
+ }
+ } else if (is_token(input+s->method, s->method_len, post, post_len, 0)) {
+- if (s->content_length == 0) {
++ if ((s->content_length == 0) || readonly) {
+ www_reply(fd, 1000, 400, bad_request, NULL, 0);
+ mp_delete_read(fd);
+ xbuffer_free(&(s->xb));
+@@ -484,6 +488,7 @@
+
+ hhs->h = h;
+ hhs->c = c;
++ hhs->readonly = ((pks_www_conf *)c)->readonly;
+ xbuffer_alloc(&(hhs->xb));
+ hhs->ptr = 0;
+ hhs->uri = -1;
diff --git a/security/pks/files/patch-al b/security/pks/files/patch-al
new file mode 100644
index 000000000000..696a734b1e8a
--- /dev/null
+++ b/security/pks/files/patch-al
@@ -0,0 +1,15 @@
+===================================================================
+RCS file: globals.h,v
+retrieving revision 1.15
+diff -u -r1.15 globals.h
+--- globals.h 1999/07/20 05:02:45 1.15
++++ globals.h 2001/09/02 03:43:32
+@@ -13,7 +13,7 @@
+ "42.17.2+magicfeature", or "42.17.3+joe". Don't remove any
+ existing modifiers. */
+
+-#define PKS_VERSION "0.9.4+patch2"
++#define PKS_VERSION "0.9.4+patch2+JHpatch1"
+
+ #ifdef DEBUG
+ extern int debug;
diff --git a/security/pks/files/patch-am b/security/pks/files/patch-am
new file mode 100644
index 000000000000..57c8b7728f82
--- /dev/null
+++ b/security/pks/files/patch-am
@@ -0,0 +1,71 @@
+===================================================================
+RCS file: kd_index.c,v
+retrieving revision 1.16
+diff -u -r1.16 kd_index.c
+--- kd_index.c 1999/09/23 03:19:36 1.16
++++ kd_index.c 2001/09/02 04:00:23
+@@ -122,6 +122,7 @@
+
+ int keys_elem_genindex(void *e, void *c)
+ {
++
+ keys_elem *ke = (keys_elem *) e;
+ keg_state *s = (keg_state *) c;
+ gi_state gis;
+@@ -131,6 +132,8 @@
+ SHS_CTX sha;
+ unsigned char hash[20];
+ int i;
++ unsigned int pos = 0;
++
+
+ /* pgp does gmtime, so we do, too */
+ c_tm = gmtime(&(ke->create_time));
+@@ -163,24 +166,33 @@
+ MD5Final(hash, &md5ctx);
+ }
+
+- for (i=0; i<8; i++)
+- sprintf(buf+i*3, "%02X ", hash[i]);
+- buf[24] = ' ';
+- for (i=8; i<16; i++)
+- sprintf(buf+1+i*3, "%02X ", hash[i]);
++ pos = 0;
++ // print longer SHA-1 hashes differently
+ if (ke->keytype == 16 || ke->keytype == 17) {
+- buf[49] = ' ';
+- for (i=16; i<20; i++)
+- sprintf(buf+2+i*3, "%02X ", hash[i]);
+- buf[62] = '\n';
+- } else {
+- buf[48] = '\n';
+- }
++ for (i = 0; i < 20; i += 2) {
++ sprintf (&buf[pos], "%02X%02X ", hash[i], hash[i+1]);
++ pos += 5; // just added n chars...
++ // add another space halfway through...
++ if (i == 8) {
++ buf[pos] = ' ';
++ pos++;
++ }
++ } // for i
++ pos--; // remove last space
++ buf[pos] = '\n';
++ } else { // if keytype != 16 or 17
++ for (i=0; i<8; i++)
++ sprintf(buf+i*3, "%02X ", hash[i]);
++ buf[24] = ' ';
++ for (i=8; i<16; i++)
++ sprintf(buf+1+i*3, "%02X ", hash[i]);
++ buf[48] = '\n';
++ } // if else on keytype
+
+- if (!xbuffer_append_str(s->xb, " Key fingerprint = "))
++ if (!xbuffer_append_str(s->xb, " Key fingerprint = "))
+ return(0);
+ if (ke->keytype == 16 || ke->keytype == 17) {
+- if (!xbuffer_append(s->xb, (unsigned char *) buf, 63))
++ if (!xbuffer_append(s->xb, (unsigned char *) buf, 51))
+ return(0);
+ } else {
+ if (!xbuffer_append(s->xb, (unsigned char *) buf, 49))
diff --git a/security/pks/files/patch-an b/security/pks/files/patch-an
new file mode 100644
index 000000000000..abd1aff0976e
--- /dev/null
+++ b/security/pks/files/patch-an
@@ -0,0 +1,32 @@
+===================================================================
+RCS file: pks_config.c,v
+retrieving revision 1.13
+diff -u -r1.13 pks_config.c
+--- pks_config.c 1999/05/20 03:39:51 1.13
++++ pks_config.c 2001/09/02 04:05:57
+@@ -20,6 +20,7 @@
+ const pks_config default_config = {
+ "/var/spool/pks/etc/db",
+ 0,
++ 1,
+ "/var/spool/pks/pksd_socket",
+ "",
+ "root",
+@@ -40,6 +41,9 @@
+ const char www_port_str[] = "www_port";
+ long www_port_len = sizeof(www_port_str)-1;
+
++const char www_readonly_str[] = "www_readonly";
++long www_readonly_len = sizeof(www_readonly_str)-1;
++
+ const char sockname_str[] = "socket_name";
+ long sockname_len = sizeof(sockname_str)-1;
+
+@@ -147,6 +151,7 @@
+
+ if (str_conf(db_dir_str, db_dir_len, pc->db_dir))
+ else if (num_conf(www_port_str, www_port_len, pc->www_port))
++ else if (num_conf(www_readonly_str, www_readonly_len, pc->www_readonly))
+ else if (str_conf(sockname_str, sockname_len, pc->socket_name))
+ else if (str_conf(mdc_str, mdc_len, pc->mail_delivery_client))
+ else if (str_conf(maint_str, maint_len, pc->maintainer_email))
diff --git a/security/pks/files/patch-ao b/security/pks/files/patch-ao
new file mode 100644
index 000000000000..9b5052ea0d01
--- /dev/null
+++ b/security/pks/files/patch-ao
@@ -0,0 +1,14 @@
+===================================================================
+RCS file: pks_config.h,v
+retrieving revision 1.11
+diff -u -r1.11 pks_config.h
+--- pks_config.h 1999/05/20 03:39:52 1.11
++++ pks_config.h 2001/09/02 04:07:18
+@@ -16,6 +16,7 @@
+
+ /* web server stuff */
+ int www_port;
++ int www_readonly;
+
+ /* mail server stuff */
+ char socket_name[1024];
generated by cgit (git 2.34.1) at 2025-01-16 07:43:12 +0800