diff options
-rw-r--r-- | net/tac_plus4/Makefile | 22 | ||||
-rw-r--r-- | net/tac_plus4/distinfo | 2 | ||||
-rw-r--r-- | net/tac_plus4/files/extra-patch-ba | 24 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-aa | 50 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-ac | 156 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-ae | 11 | ||||
-rw-r--r-- | net/tac_plus4/files/tac_plus.conf.example | 4 | ||||
-rw-r--r-- | net/tac_plus4/pkg-comment | 2 | ||||
-rw-r--r-- | net/tac_plus4/pkg-descr | 19 | ||||
-rw-r--r-- | net/tac_plus4/pkg-plist | 3 |
10 files changed, 143 insertions, 150 deletions
diff --git a/net/tac_plus4/Makefile b/net/tac_plus4/Makefile index f45c06eae6f3..20b2c6b5d3a2 100644 --- a/net/tac_plus4/Makefile +++ b/net/tac_plus4/Makefile @@ -6,16 +6,16 @@ # $FreeBSD$ # -DISTNAME= tac_plus.2.1 -PKGNAME= tac_plus-2.1 +DISTNAME= tac_plus.F4.0.3.alpha +PKGNAME= tac_plus-F4.0.3 CATEGORIES= net -MASTER_SITES= http://www.FreeBSD.ORG/~andreas/download/ +MASTER_SITES= ftp://ftp-eng.cisco.com/pub/tacacs/ +EXTRACT_SUFX= .tar.Z -MAINTAINER= andreas@FreeBSD.org +MAINTAINER= tasic@lucky.net -USE_BZIP2= yes ALL_TARGET= tac_plus -MAN8= tac_plus.8 +MAN1= tac_plus.1 EXTRA_PATCH= patch-ba # To change the text displayed when users are prompted to enter @@ -27,19 +27,23 @@ pre-patch: do-install: ${INSTALL_PROGRAM} ${WRKSRC}/tac_plus ${PREFIX}/sbin - ${INSTALL_MAN} ${WRKSRC}/tac_plus.1 ${PREFIX}/man/man8/tac_plus.8 + ${INSTALL_MAN} ${WRKSRC}/tac_plus.1 ${PREFIX}/man/man1/tac_plus.1 ${INSTALL_DATA} ${FILESDIR}/tac_plus.conf.example ${PREFIX}/etc/ @if [ ! -f ${PREFIX}/etc/rc.d/tac_plus.sh ]; then \ ${ECHO} "Installing ${PREFIX}/etc/rc.d/tac_plus.sh startup file."; \ ${ECHO} "#!/bin/sh" > ${PREFIX}/etc/rc.d/tac_plus.sh; \ - ${ECHO} "[ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -C ${PREFIX}/etc/tac_plus.conf && ${ECHO} -n ' tac_plus'" >> ${PREFIX}/etc/rc.d/tac_plus.sh; \ - ${CHMOD} 751 ${PREFIX}/etc/rc.d/tac_plus.sh; \ + ${ECHO} "[ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -C ${PREFIX}/etc/tac_plus.conf && echo -n ' tac_plus'" >> ${PREFIX}/etc/rc.d/tac_plus.sh; \ + chmod 751 ${PREFIX}/etc/rc.d/tac_plus.sh; \ fi .if !defined(NOPORTDOCS) @${MKDIR} ${PREFIX}/share/doc/tac_plus ${INSTALL_DATA} ${WRKSRC}/users_guide ${PREFIX}/share/doc/tac_plus + ${INSTALL_SCRIPT} ${WRKSRC}/convert.pl ${PREFIX}/share/doc/tac_plus .endif +post-install: + strip ${PREFIX}/sbin/tac_plus + pre-clean: @${RM} -f ${PATCHDIR}/${EXTRA_PATCH} diff --git a/net/tac_plus4/distinfo b/net/tac_plus4/distinfo index d7608267ac7c..d6daf2e4bfc6 100644 --- a/net/tac_plus4/distinfo +++ b/net/tac_plus4/distinfo @@ -1 +1 @@ -MD5 (tac_plus.2.1.tar.bz2) = 32b086d7d5b71eb097c317a38fe5d84b +MD5 (tac_plus.F4.0.3.alpha.tar.Z) = 451d92503b5832a848c1b76ce58a4636 diff --git a/net/tac_plus4/files/extra-patch-ba b/net/tac_plus4/files/extra-patch-ba index 9cb5ff36426d..58d401a07eaf 100644 --- a/net/tac_plus4/files/extra-patch-ba +++ b/net/tac_plus4/files/extra-patch-ba @@ -1,7 +1,7 @@ -*** authen.c.orig Sat Jul 29 02:49:15 1995 ---- authen.c Wed Jul 16 15:00:40 1997 +*** authen.c.orig Thu Sep 9 15:21:09 1999 +--- authen.c Thu Sep 9 15:21:28 1999 *************** -*** 209,217 **** +*** 227,235 **** datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { @@ -11,7 +11,7 @@ } send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */ prompt, /* msg */ ---- 209,217 ---- +--- 227,235 ---- datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { @@ -21,10 +21,10 @@ } send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */ prompt, /* msg */ -*** default_fn.c.orig Sat Jul 29 02:49:18 1995 ---- default_fn.c Wed Jul 16 15:00:52 1997 +*** default_v0_fn.c.orig Thu Sep 9 15:22:52 1999 +--- default_v0_fn.c Thu Sep 9 15:23:09 1999 *************** -*** 76,84 **** +*** 87,95 **** /* No username. Try requesting one */ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { @@ -34,7 +34,7 @@ } data->server_msg = tac_strdup(prompt); p->state = STATE_AUTHEN_GETUSER; ---- 76,84 ---- +--- 87,95 ---- /* No username. Try requesting one */ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { @@ -44,10 +44,10 @@ } data->server_msg = tac_strdup(prompt); p->state = STATE_AUTHEN_GETUSER; -*** skey_fn.c.orig Wed Jul 16 14:38:34 1997 ---- skey_fn.c Wed Jul 16 15:01:01 1997 +*** skey_fn.c.orig Thu Sep 9 15:23:23 1999 +--- skey_fn.c Thu Sep 9 15:23:56 1999 *************** -*** 104,112 **** +*** 116,124 **** /* No username. Try requesting one */ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { @@ -57,7 +57,7 @@ } data->server_msg = tac_strdup(prompt); p->state = STATE_AUTHEN_GETUSER; ---- 104,112 ---- +--- 116,124 ---- /* No username. Try requesting one */ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { diff --git a/net/tac_plus4/files/patch-aa b/net/tac_plus4/files/patch-aa index 3171aeea68aa..0ab3ea3f0758 100644 --- a/net/tac_plus4/files/patch-aa +++ b/net/tac_plus4/files/patch-aa @@ -1,18 +1,24 @@ ---- Makefile.orig Sat Jul 29 00:49:20 1995 -+++ Makefile Thu Oct 14 22:12:44 1999 -@@ -22,9 +22,9 @@ - # OSLIBS=-lsocket -lnsl +--- Makefile.orig Sat Apr 3 08:03:48 1999 ++++ Makefile Tue Nov 9 21:48:01 1999 +@@ -31,13 +31,13 @@ + # OS=-DMIPS + + # For Solaris (SUNOS 5.3, 5.4, 5.5, 5.6) uncomment the following two lines +-OS=-DSOLARIS +-OSLIBS=-lsocket -lnsl ++# OS=-DSOLARIS ++# OSLIBS=-lsocket -lnsl # For FreeBSD -# OS=-DFREEBSD +OS=-DFREEBSD - # You may also need to add + # You may also need to add: -# OSLIBS=-lcrypt +OSLIBS=-lcrypt - - # For LINUX - # OS=-DLINUX -@@ -40,23 +40,23 @@ + # NOTE: If you want your password encryption to be compatible with + # e.g. SunOS, you may need to instead use: + # OSLIBS=-ldescrypt +@@ -62,12 +62,12 @@ # FLAGS = -DTAC_PLUS_USERID=$(USERID) -DTAC_PLUS_GROUPID=$(GROUPID) # Definitions for SKEY functionality @@ -22,10 +28,13 @@ +LIBS = -lskey -lmd # INCLUDES = -I../crimelab/skey/src + # Debugging flags -DEBUG = -g -+#DEBUG = -g ++# DEBUG = -g - # On startup, tac_plus creates the file /etc/tac_plus.pid (if + # Enforce a limit on maximum sessions per user. See the user's guide + # for more information. +@@ -83,13 +83,13 @@ # possible), containing its process id. Uncomment and modify the # following line to change this filename @@ -36,8 +45,19 @@ # End of customisable section of Makefile # --CFLAGS = $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE) -+CFLAGS += $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE) +-CFLAGS = $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE) $(MAXSESS) ++CFLAGS += $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE) $(MAXSESS) + + HFILES = expire.h parse.h regmagic.h md5.h regexp.h tac_plus.h + +@@ -128,8 +128,8 @@ + -rm -f *.o *~ *.BAK tac_plus generate_passwd + + install: +- cp tac_plus /usr/local/bin +- cp tac_plus.1 /usr/man/manl/tac_plus.1 ++ cp tac_plus $(PREFIX)/sbin ++ cp tac_plus.1 $(PREFIX)/man1/tac_plus.1 - SRCS = acct.c authen.c author.c choose_authen.c config.c do_acct.c \ - do_author.c dump.c encrypt.c expire.c md5.c \ + depend: + makedepend $(CFLAGS) $(SRCS) diff --git a/net/tac_plus4/files/patch-ac b/net/tac_plus4/files/patch-ac index bed281b63e19..444a0a679658 100644 --- a/net/tac_plus4/files/patch-ac +++ b/net/tac_plus4/files/patch-ac @@ -1,107 +1,49 @@ -*** tac_plus.1.orig Sat Jul 29 02:49:20 1995 ---- tac_plus.1 Mon Mar 3 17:34:30 1997 -*************** -*** 30,36 **** - authorisation and accounting. - .LP - On startup, tac_plus creates the file -! .B /etc/tac_plus.pid , - if possible, containing its process id. - .LP - .SH ARGUMENTS and OPTIONS ---- 30,36 ---- - authorisation and accounting. - .LP - On startup, tac_plus creates the file -! .B /var/run/tac_plus.pid , - if possible, containing its process id. - .LP - .SH ARGUMENTS and OPTIONS -*************** -*** 79,91 **** - .B \-d <level> - Switch on debugging and write debug output into - .B -! /tmp/var/tac_plus.log. - - See the definitions of debugging flags at the bottom of tac_plus.h for - available flags and their meanings. Most flags cause extra messages - to be sent to - .B -! /tmp/var/tac_plus.log - and also to - .B - syslog. ---- 79,91 ---- - .B \-d <level> - Switch on debugging and write debug output into - .B -! /var/tmp/tac_plus.log. - - See the definitions of debugging flags at the bottom of tac_plus.h for - available flags and their meanings. Most flags cause extra messages - to be sent to - .B -! /var/tmp/tac_plus.log - and also to - .B - syslog. -*************** -*** 177,183 **** - facility. - .nf - -! local6.info /var/adm/messages - - .fi - .LP ---- 177,183 ---- - facility. - .nf - -! local6.info /var/log/tac_plus.log - - .fi - .LP -*************** -*** 194,200 **** - .B /var/tmp/tac_plus.log - Contains debugging output when -d is in effect. - .TP -! .B /etc/tac_plus.pid - contains the process id of currently running daemon. - .SH BUGS - The configuration file syntax is too complex. ---- 194,200 ---- - .B /var/tmp/tac_plus.log - Contains debugging output when -d is in effect. - .TP -! .B /var/run/tac_plus.pid - contains the process id of currently running daemon. - .SH BUGS - The configuration file syntax is too complex. -*** users_guide.orig Sat Jul 29 02:49:20 1995 ---- users_guide Mon Mar 3 19:51:56 1997 -*************** -*** 996,1005 **** - and then send the daemon a SIGUSR1. This will cause it to reinitialize - itself and re-read the configuration file. - -! On startup, tac_plus creates the file /etc/tac_plus.pid , if possible, - containing its process id, so something like the following should work: - -! # kill -USR1 `cat /etc/tac_plus.pid` - - It's a good idea to check that the daemon is still running after - sending it a SIGUSR1, since a syntactically incorrect configuration ---- 996,1005 ---- - and then send the daemon a SIGUSR1. This will cause it to reinitialize - itself and re-read the configuration file. - -! On startup, tac_plus creates the file /var/run/tac_plus.pid, if possible, - containing its process id, so something like the following should work: - -! # kill -USR1 `cat /var/run/tac_plus.pid` - - It's a good idea to check that the daemon is still running after - sending it a SIGUSR1, since a syntactically incorrect configuration +--- tac_plus.1.orig Sat Apr 3 08:03:47 1999 ++++ tac_plus.1 Tue Nov 9 21:55:56 1999 +@@ -32,7 +32,7 @@ + authorisation and accounting. + .LP + On startup, tac_plus creates the file +-.B /etc/tac_plus.pid , ++.B /var/run/tac_plus.pid , + if possible, containing its process id. + .LP + .SH ARGUMENTS and OPTIONS +@@ -195,7 +195,7 @@ + facility. + .nf + +-local6.info /var/adm/messages ++local6.info /var/log/tac_plus.log + + .fi + .LP +@@ -212,7 +212,7 @@ + .B /var/tmp/tac_plus.log + Contains debugging output when -d is in effect. + .TP +-.B /etc/tac_plus.pid or /etc/tac_plus.pid.port ++.B /var/run/tac_plus.pid or /var/run/tac_plus.pid.port + contains the process id of the currently running daemon. The port + number is appended to the filename only if the port being used is not + the default one of 49. +--- users_guide.orig Sat Apr 3 08:03:48 1999 ++++ users_guide Tue Nov 9 21:57:03 1999 +@@ -1368,7 +1368,7 @@ + and then send the daemon a SIGUSR1. This will cause it to reinitialize + itself and re-read the configuration file. + +-On startup, tac_plus creates the file /etc/tac_plus.pid , if possible, ++On startup, tac_plus creates the file /var/run/tac_plus.pid , if possible, + containing its process id. If you invoke the daemon so that it listens + on a non-standard port, the file created is /etc/tac_plus.pid.<port> + instead, where <port> is the port number the daemon is listening on. +@@ -1376,7 +1376,7 @@ + Assuming you are listening on the default port 49, something like the + following should work: + +-# kill -USR1 `cat /etc/tac_plus.pid` ++# kill -USR1 `cat /var/run/tac_plus.pid` + + It's a good idea to check that the daemon is still running after + sending it a SIGUSR1, since a syntactically incorrect configuration diff --git a/net/tac_plus4/files/patch-ae b/net/tac_plus4/files/patch-ae new file mode 100644 index 000000000000..d4b6b710404a --- /dev/null +++ b/net/tac_plus4/files/patch-ae @@ -0,0 +1,11 @@ +--- do_acct.c.orig Tue Nov 9 22:02:51 1999 ++++ do_acct.c Tue Nov 9 22:03:30 1999 +@@ -158,7 +158,7 @@ + #endif + entry.ut_time = utime; + +- wtmpfd = open(wtmpfile, O_CREAT | O_WRONLY | O_APPEND | O_SYNC, 0666); ++ wtmpfd = open(wtmpfile, O_CREAT | O_WRONLY | O_APPEND, 0666); + if (wtmpfd < 0) { + report(LOG_ERR, "Can't open wtmp file %s -- %s", + wtmpfile, sys_errlist[errno]); diff --git a/net/tac_plus4/files/tac_plus.conf.example b/net/tac_plus4/files/tac_plus.conf.example index 0d7b273210a6..06a5d5b9a308 100644 --- a/net/tac_plus4/files/tac_plus.conf.example +++ b/net/tac_plus4/files/tac_plus.conf.example @@ -1,5 +1,9 @@ # /usr/local/etc/tac_plus.conf + # This is example from old version of tac_plus. It will work + # but config file have new features. I recomend to read + # /usr/local/share/doc/tac_plus/users_guide + user=fred { name = "Fred Flintstone" login = des mEX027bHtzTlQ diff --git a/net/tac_plus4/pkg-comment b/net/tac_plus4/pkg-comment index 0913e34a9c9b..433e105ebfae 100644 --- a/net/tac_plus4/pkg-comment +++ b/net/tac_plus4/pkg-comment @@ -1 +1 @@ -A remote authentication/authorization/accounting server +The Cisco remote authentication/authorization/accounting server. diff --git a/net/tac_plus4/pkg-descr b/net/tac_plus4/pkg-descr index 9d288f319368..7f5e0b77dff9 100644 --- a/net/tac_plus4/pkg-descr +++ b/net/tac_plus4/pkg-descr @@ -1,5 +1,16 @@ -tacacs+ services network requests for authentication -and authorization, verifies identities, grants or denies -authorizations, and logs accounting records. +tacacs+ s program that allow authorization and authentication via net on +remote access servers. Authnticate users, authorize commands and log +accounting information. -WWW: http://www.cisco.com/warp/public/146/187.html +This new version 4 has improved features and bugfixes over the older 2.x +version, which is still available, since this source is still marked ALPHA. + +Improved features among others and bugfixes: Microsoft CHAP support. +To enable MSCHAP you need to optain a key from Microsoft, see the FAQ +section in the users guide. Therefore this isn't enabled by default. + +Details are described at: +http://www.cisco.com/warp/public/146/187.html + +-- Taras +tasic@lucky.net diff --git a/net/tac_plus4/pkg-plist b/net/tac_plus4/pkg-plist index 8bc819ecc460..9193e7af0a92 100644 --- a/net/tac_plus4/pkg-plist +++ b/net/tac_plus4/pkg-plist @@ -1,5 +1,6 @@ -sbin/tac_plus etc/rc.d/tac_plus.sh etc/tac_plus.conf.example +sbin/tac_plus share/doc/tac_plus/users_guide +share/doc/tac_plus/convert.pl @dirrm share/doc/tac_plus |