aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CVSROOT/modules1
-rw-r--r--MOVED2
-rw-r--r--security/Makefile1
-rw-r--r--security/krb5-beta/Makefile157
-rw-r--r--security/krb5-beta/distinfo1
-rw-r--r--security/krb5-beta/files/README.FreeBSD32
-rw-r--r--security/krb5-beta/files/patch-ac13
-rw-r--r--security/krb5-beta/files/patch-ad13
-rw-r--r--security/krb5-beta/files/patch-ae13
-rw-r--r--security/krb5-beta/files/patch-af13
-rw-r--r--security/krb5-beta/files/patch-ai28
-rw-r--r--security/krb5-beta/files/patch-aj19
-rw-r--r--security/krb5-beta/files/patch-appl::bsd::Makefile.in12
-rw-r--r--security/krb5-beta/files/patch-appl::bsd::klogind.M35
-rw-r--r--security/krb5-beta/files/patch-appl::gssftp::ftp::ftp_var.h23
-rw-r--r--security/krb5-beta/files/patch-appl::telnet::telnetd::Makefile.in11
-rw-r--r--security/krb5-beta/files/patch-appl::telnet::telnetd::telnetd.822
-rw-r--r--security/krb5-beta/files/patch-appl::telnet::telnetd::utility.c38
-rw-r--r--security/krb5-beta/files/patch-as195
-rw-r--r--security/krb5-beta/files/patch-at14
-rw-r--r--security/krb5-beta/files/patch-av15
-rw-r--r--security/krb5-beta/files/patch-ax11
-rw-r--r--security/krb5-beta/files/patch-ay50
-rw-r--r--security/krb5-beta/files/patch-ba77
-rw-r--r--security/krb5-beta/files/patch-bb10
-rw-r--r--security/krb5-beta/files/patch-config::pre.in10
-rw-r--r--security/krb5-beta/files/patch-config::shlib.conf19
-rw-r--r--security/krb5-beta/files/patch-kadmin::cli::Makefile.in11
-rw-r--r--security/krb5-beta/files/patch-lib::krb5::krb::srv_rcache.c12
-rw-r--r--security/krb5-beta/files/patch-lib::krb5::os::hst_realm.c14
-rw-r--r--security/krb5-beta/files/patch-lib::krb5::os::locate_kdc.c13
-rw-r--r--security/krb5-beta/pkg-descr24
-rw-r--r--security/krb5-beta/pkg-plist108
33 files changed, 1016 insertions, 1 deletions
diff --git a/CVSROOT/modules b/CVSROOT/modules
index e70d1b859f74..e823baae6768 100644
--- a/CVSROOT/modules
+++ b/CVSROOT/modules
@@ -3983,6 +3983,7 @@ kprof ports/devel/kprof
kpsk ports/comms/kpsk
krb4 ports/security/krb4
krb5 ports/security/krb5
+krb5-beta ports/security/krb5-beta
krdesktop ports/net/krdesktop
krefty ports/deskutils/krefty
krename ports/sysutils/krename
diff --git a/MOVED b/MOVED
index da0e1b00561c..54b497b14b62 100644
--- a/MOVED
+++ b/MOVED
@@ -163,7 +163,7 @@ biology/gaussian||2003-01-31|deleted maintain is hard and gray in license
graphics/xine_dvdnav_plugin||2003-02-01|integrated into graphics/libxine
devel/ossp-mm||2003-02-01|accidental dupe of devel/mm
archivers/linux_rar||2003-02-03|FreeBSD/i386 binary is available
-security/krb5-beta||2003-08-07|deleted: no longer in beta, MIT KRB5 1.3 released
+security/krb5-beta||2004-01-25|resurrected: brand new MIT KRB5 1.3.2 beta
security/pam_krb5||2003-02-12|resurrected: required when MIT KRB5 used in place of base system KRB5
deskutils/gnucash|finance/gnucash|2003-02-05|new category
x11-toolkits/crux||2003-02-07|deleted: added to GNOME 2.2 desktop
diff --git a/security/Makefile b/security/Makefile
index e49678b5ccdf..8a17d83204ec 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -137,6 +137,7 @@
SUBDIR += knocker
SUBDIR += krb4
SUBDIR += krb5
+ SUBDIR += krb5-beta
SUBDIR += kripp
SUBDIR += kssh
SUBDIR += l0pht-watch
diff --git a/security/krb5-beta/Makefile b/security/krb5-beta/Makefile
new file mode 100644
index 000000000000..1b107ee4be05
--- /dev/null
+++ b/security/krb5-beta/Makefile
@@ -0,0 +1,157 @@
+# Ports collection Makefile for: MIT Kerberos V
+# Date created: 6/5/1998
+# Whom: nectar@FreeBSD.org
+#
+# $FreeBSD$
+#
+
+PORTNAME= krb5
+PORTVERSION= 1.3.2.b1
+CATEGORIES= security
+# USE_TARBALL tells the port that the user has fetched the source
+# directly from MIT or crypto-publish.org (CRYTPO-PUBLISH).
+USE_KRB5_TARBALL?= MIT
+
+.if defined(USE_KRB5_TARBALL) && ${USE_KRB5_TARBALL} == "CRYPTO-PUBLISH"
+MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
+EXTRACT_SUFX= .tar.gz
+.else
+MASTER_SITES= http://web.mit.edu/kerberos/www/dist/krb5/${PORTVERSION:C/\.[0-9]*\.b[0-9]$//}/
+EXTRACT_SUFX= .tar
+.endif
+DISTNAME= ${PORTNAME}-${PORTVERSION:S/.b/-beta/}
+
+MAINTAINER= cy@FreeBSD.org
+COMMENT= An authentication system developed at MIT, successor to Kerberos IV
+
+BUILD_DEPENDS= gm4:${PORTSDIR}/devel/m4
+
+KERBEROSV_URL= http://web.mit.edu/network/kerberos-form.html
+USE_REINPLACE= yes
+USE_GMAKE= yes
+USE_PERL5_BUILD= yes
+INSTALLS_SHLIB= yes
+GNU_CONFIGURE= yes
+CONFIGURE_ARGS?= --enable-shared
+CONFIGURE_ENV= INSTALL="${INSTALL}" YACC=/usr/bin/yacc \
+ CFLAGS="${CFLAGS}"
+MAKE_ARGS= INSTALL="${INSTALL}"
+KRB5_KRB4_COMPAT?= NO
+
+.if !defined(KRB5_KRB4_COMPAT) || ${KRB5_KRB4_COMPAT} == "NO"
+CONFIGURE_ARGS+= --without-krb4
+PLIST_SUB+= KRB4="@comment "
+.else
+PLIST_SUB+= KRB4=""
+.endif
+
+.if defined(KRB5_HOME)
+PREFIX= ${KRB5_HOME}
+.endif
+
+INFO_FILES= krb425.info krb5-admin.info krb5-admin.info-1 \
+ krb5-admin.info-2 krb5-admin.info-3 krb5-install.info \
+ krb5-install.info-1 krb5-install.info-2 krb5-user.info
+
+MAN1= krb5-send-pr.1 kpasswd.1 v5passwd.1 klist.1 kinit.1 \
+ kdestroy.1 ksu.1 sclient.1 rsh.1 rcp.1 rlogin.1 \
+ ftp.1 telnet.1 kerberos.1 kvno.1 compile_et.1
+.if defined(KRB5_KRB4_COMPAT) && ${KRB5_KRB4_COMPAT} != "NO"
+MAN1+= v4rcp.1
+.endif
+MAN5= kdc.conf.5 krb5.conf.5 .k5login.5
+MAN8= krb5kdc.8 kadmin.8 kadmin.local.8 kdb5_util.8 \
+ ktutil.8 kadmind.8 kprop.8 kpropd.8 sserver.8 \
+ kshd.8 klogind.8 login.krb5.8 ftpd.8 telnetd.8 \
+ k5srvutil.8
+
+WRKSRC= ${WRKDIR}/${DISTNAME}/src
+
+WANT_HTML?= YES
+HTML_DOC_DIR= ${WRKDIR}/${DISTNAME}/doc
+HTML_DOCS= admin.html user-guide.html install.html
+HTML_OUTDIRS= krb5-admin krb5-install
+
+.include <bsd.port.pre.mk>
+
+.if defined(USE_KRB5_TARBALL) && ${USE_KRB5_TARBALL} == "MIT"
+post-extract:
+ @${TAR} -C ${WRKDIR} -xzf ${WRKDIR}/${DISTNAME}.tar.gz
+ @${RM} ${WRKDIR}/${DISTNAME}.tar.gz ${WRKDIR}/${DISTNAME}.tar.gz.asc
+.if !defined(EXTRACT_PRESERVE_OWNERSHIP)
+ @if [ `id -u` = 0 ]; then \
+ ${CHMOD} -R ug-s,go-w ${WRKDIR}/${DISTNAME}; \
+ ${CHOWN} -R 0:0 ${WRKDIR}/${DISTNAME}; \
+ fi
+.endif
+.endif
+
+post-patch:
+.if ${OSVERSION} >= 500000
+ @${REINPLACE_CMD} -e '1s,^#!\/usr\/athena,#!${LOCALBASE},' \
+ ${WRKSRC}/../doc/man2html
+.else
+ @${REINPLACE_CMD} -e '1s,^#!\/usr\/athena,#!\/usr,' \
+ ${WRKSRC}/../doc/man2html
+.endif
+
+pre-build:
+.if !defined(KRB5_KRB4_COMPAT)
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "Set KRB5_KRB4_COMPAT=NO if you do not want to build "
+ @${ECHO} "the KerberosIV compatibility libraries. "
+ @${ECHO} "------------------------------------------------------"
+.endif
+
+post-build:
+ @(cd ${WRKSRC}/../doc && \
+ ${MAKE} ${INFO_FILES})
+.if defined(WANT_HTML) && ${WANT_HTML} == "YES"
+ @(cd ${WRKSRC}/../doc && \
+ ${MAKE} ${HTML_DOCS})
+.endif
+
+post-install:
+# html documentation
+.if defined(WANT_HTML) && ${WANT_HTML} == "YES"
+ @${MKDIR} ${PREFIX}/share/doc/krb5
+ for html in ${HTML_DOC_DIR}/*.html; do \
+ ${INSTALL_MAN} $${html} ${PREFIX}/share/doc/krb5; \
+ ${ECHO_CMD} share/doc/krb5/`${BASENAME} $${html}` >> ${TMPPLIST}; \
+ done
+.for htmldir in ${HTML_OUTDIRS}
+ @${MKDIR} ${PREFIX}/share/doc/krb5/${htmldir}
+ for html in ${HTML_DOC_DIR}/${htmldir}/*; do \
+ ${INSTALL_MAN} $${html} ${PREFIX}/share/doc/krb5/${htmldir}; \
+ ${ECHO_CMD} share/doc/krb5/${htmldir}/`${BASENAME} $${html}` >> ${TMPPLIST}; \
+ done
+ ${ECHO_CMD} @dirrm share/doc/krb5/${htmldir} >> ${TMPPLIST}
+.endfor
+.endif
+ ${ECHO_CMD} @dirrm share/doc/krb5 >> ${TMPPLIST}
+# handle info files
+.for info in ${INFO_FILES}
+ ${INSTALL_MAN} ${WRKSRC}/../doc/${info} ${PREFIX}/info/${info}
+.endfor
+.for info in ${INFO_FILES:M*.info}
+ install-info ${PREFIX}/info/${info} ${PREFIX}/info/dir
+.endfor
+# fixup packing list (no libs without version numbers in aout case)
+.if ${PORTOBJFORMAT} == "aout"
+ ${ECHO_MSG} "Fixing packing list for a.out"
+ ${MV} ${TMPPLIST} ${TMPPLIST}.new
+ ${GREP} -v '\.so$$' ${TMPPLIST}.new > ${TMPPLIST}
+ ${RM} ${TMPPLIST}.new
+.endif
+ @${SED} "s%\${PREFIX}%${PREFIX}%" ${FILESDIR}/README.FreeBSD > ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${CHMOD} 444 ${PREFIX}/share/doc/krb5/README.FreeBSD
+ @${ECHO} "------------------------------------------------------"
+ @${ECHO} "This port of MIT Kerberos 5 includes remote login "
+ @${ECHO} "daemons (telnetd and klogind). These daemons default "
+ @${ECHO} "to using the system login program (/usr/bin/login). "
+ @${ECHO} "Please see the file "
+ @${ECHO} "${PREFIX}/share/doc/krb5/README.FreeBSD"
+ @${ECHO} "for more information. "
+ @${ECHO} "------------------------------------------------------"
+
+.include <bsd.port.post.mk>
diff --git a/security/krb5-beta/distinfo b/security/krb5-beta/distinfo
new file mode 100644
index 000000000000..ead9928442ad
--- /dev/null
+++ b/security/krb5-beta/distinfo
@@ -0,0 +1 @@
+MD5 (krb5-1.3.2-beta1.tar) = b457d2c6cc43a3220469dec4b7f66d48
diff --git a/security/krb5-beta/files/README.FreeBSD b/security/krb5-beta/files/README.FreeBSD
new file mode 100644
index 000000000000..e888e689eb04
--- /dev/null
+++ b/security/krb5-beta/files/README.FreeBSD
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
diff --git a/security/krb5-beta/files/patch-ac b/security/krb5-beta/files/patch-ac
new file mode 100644
index 000000000000..8bca5437d964
--- /dev/null
+++ b/security/krb5-beta/files/patch-ac
@@ -0,0 +1,13 @@
+--- ../doc/admin.texinfo Fri Feb 6 21:40:56 1998
++++ admin.texinfo Fri Jun 19 15:13:45 1998
+@@ -5,6 +5,10 @@
+ @c guide
+ @setfilename krb5-admin.info
+ @settitle Kerberos V5 System Administrator's Guide
++@dircategory Kerberos V5
++@direntry
++* Admin Guide: (krb5-admin). Kerberos V5 System Admin's Guide
++@end direntry
+ @setchapternewpage odd @c chapter begins on next odd page
+ @c @setchapternewpage on @c chapter begins on next page
+ @c @smallbook @c Format for 7" X 9.25" paper
diff --git a/security/krb5-beta/files/patch-ad b/security/krb5-beta/files/patch-ad
new file mode 100644
index 000000000000..c8b6d3e99e91
--- /dev/null
+++ b/security/krb5-beta/files/patch-ad
@@ -0,0 +1,13 @@
+--- ../doc/user-guide.texinfo Fri Feb 6 21:40:58 1998
++++ user-guide.texinfo Fri Jun 19 15:13:45 1998
+@@ -3,6 +3,10 @@
+ @c guide
+ @setfilename krb5-user.info
+ @settitle Kerberos V5 UNIX User's Guide
++@dircategory Kerberos V5
++@direntry
++* User's Guide: (krb5-user). Kerberos V5 UNIX User's Guide
++@end direntry
+ @setchapternewpage odd @c chapter begins on next odd page
+ @c @setchapternewpage on @c chapter begins on next page
+ @c @smallbook @c Format for 7" X 9.25" paper
diff --git a/security/krb5-beta/files/patch-ae b/security/krb5-beta/files/patch-ae
new file mode 100644
index 000000000000..f5643b5aa04f
--- /dev/null
+++ b/security/krb5-beta/files/patch-ae
@@ -0,0 +1,13 @@
+--- ../doc/install.texinfo Fri Feb 6 21:40:56 1998
++++ install.texinfo Fri Jun 19 15:13:45 1998
+@@ -5,6 +5,10 @@
+ @c guide
+ @setfilename krb5-install.info
+ @settitle Kerberos V5 Installation Guide
++@dircategory Kerberos V5
++@direntry
++* Installation Guide: (krb5-install). Kerberos V5 Installation Guide
++@end direntry
+ @setchapternewpage odd @c chapter begins on next odd page
+ @c @setchapternewpage on @c chapter begins on next page
+ @c @smallbook @c Format for 7" X 9.25" paper
diff --git a/security/krb5-beta/files/patch-af b/security/krb5-beta/files/patch-af
new file mode 100644
index 000000000000..49425d6efceb
--- /dev/null
+++ b/security/krb5-beta/files/patch-af
@@ -0,0 +1,13 @@
+--- ../doc/krb425.texinfo Fri Feb 6 21:40:57 1998
++++ krb425.texinfo Fri Jun 19 15:13:45 1998
+@@ -5,6 +5,10 @@
+ @c guide
+ @setfilename krb425.info
+ @settitle Upgrading to Kerberos V5 from Kerberos V4
++@dircategory Kerberos V5
++@direntry
++* Upgrading from V4 to V5: (krb425). Upgrading from Kerberos V4 to V5
++@end direntry
+ @c @setchapternewpage odd @c chapter begins on next odd page
+ @c @setchapternewpage on @c chapter begins on next page
+ @c @smallbook @c Format for 7" X 9.25" paper
diff --git a/security/krb5-beta/files/patch-ai b/security/krb5-beta/files/patch-ai
new file mode 100644
index 000000000000..f5b733194344
--- /dev/null
+++ b/security/krb5-beta/files/patch-ai
@@ -0,0 +1,28 @@
+--- appl/gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002
++++ appl/gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002
+@@ -487,7 +487,13 @@
+ #ifndef LOG_DAEMON
+ #define LOG_DAEMON 0
+ #endif
+- openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON);
++
++#ifndef LOG_FTP
++#define FACILITY LOG_DAEMON
++#else
++#define FACILITY LOG_FTP
++#endif
++ openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
+
+ addrlen = sizeof (his_addr);
+ if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
+@@ -2312,6 +2318,10 @@
+ if ((length = krb_mk_safe((u_char *)&cksum, out_buf, sizeof(cksum),
+ &kdata.session,&ctrl_addr, &his_addr)) == -1) {
+ secure_error("ADAT: krb_mk_safe failed");
++ return(0);
++ }
++ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
++ secure_error("ADAT: reply too long");
+ return(0);
+ }
+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
diff --git a/security/krb5-beta/files/patch-aj b/security/krb5-beta/files/patch-aj
new file mode 100644
index 000000000000..c3bb8dfd6960
--- /dev/null
+++ b/security/krb5-beta/files/patch-aj
@@ -0,0 +1,19 @@
+*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998
+--- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998
+***************
+*** 66,72 ****
+ struct stat buf;
+ time_t time();
+
+! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0)
+ return;
+ if (fstat(fd, &buf) == 0) {
+ (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
+--- 66,72 ----
+ struct stat buf;
+ time_t time();
+
+! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0)
+ return;
+ if (fstat(fd, &buf) == 0) {
+ (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
diff --git a/security/krb5-beta/files/patch-appl::bsd::Makefile.in b/security/krb5-beta/files/patch-appl::bsd::Makefile.in
new file mode 100644
index 000000000000..581048933264
--- /dev/null
+++ b/security/krb5-beta/files/patch-appl::bsd::Makefile.in
@@ -0,0 +1,12 @@
+--- appl/bsd/Makefile.in.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/Makefile.in Mon Dec 31 21:52:45 2001
+@@ -31,8 +31,8 @@
+ -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\"
+
+ DEFINES = $(RSH) $(BSD) $(RPROGS) -DKERBEROS \
+- -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \
++ -DLOGIN_PROGRAM=\"/usr/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \
+ -DHEIMDAL_FRIENDLY
+
+ all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP)
+
diff --git a/security/krb5-beta/files/patch-appl::bsd::klogind.M b/security/krb5-beta/files/patch-appl::bsd::klogind.M
new file mode 100644
index 000000000000..9cddd5fc222d
--- /dev/null
+++ b/security/krb5-beta/files/patch-appl::bsd::klogind.M
@@ -0,0 +1,35 @@
+--- appl/bsd/klogind.M.orig Wed Feb 28 14:06:43 2001
++++ appl/bsd/klogind.M Mon Dec 31 21:22:27 2001
+@@ -14,7 +14,7 @@
+ .B \-kr54cpPef
+ ]
+ [[ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP ]] ]
+-[ \fB\-D\fP \fIport\fP ]
++[ \fB\-D\fP \fIport\fP ] [\fB\-L\fP \fIloginpath\fP]
+ .SH DESCRIPTION
+ .I Klogind
+ is the server for the
+@@ -107,6 +108,10 @@
+ Beta5 (May 1995)--present bogus checksums that prevent Kerberos
+ authentication from succeeding in the default mode.
+
++.IP \fB\-L\ loginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
++
+
+ .PP
+ If the
+@@ -157,12 +162,6 @@
+
+ .IP \fB\-M\ realm\fP
+ Set the Kerberos realm to use.
+-
+-.IP \fB\-L\ login\fP
+-Set the login program to use. This option only has an effect if
+-DO_NOT_USE_K_LOGIN was not defined when
+-.I klogind
+-was compiled.
+
+ .IP \fB\-D\ port\fP
+ Run in standalone mode, listening on \fBport\fP. The daemon will exit
diff --git a/security/krb5-beta/files/patch-appl::gssftp::ftp::ftp_var.h b/security/krb5-beta/files/patch-appl::gssftp::ftp::ftp_var.h
new file mode 100644
index 000000000000..256e929aa68f
--- /dev/null
+++ b/security/krb5-beta/files/patch-appl::gssftp::ftp::ftp_var.h
@@ -0,0 +1,23 @@
+--- appl/gssftp/ftp/ftp_var.h.orig Tue Jun 17 02:37:40 2003
++++ appl/gssftp/ftp/ftp_var.h Sat Aug 30 05:30:44 2003
+@@ -33,6 +33,10 @@
+ * @(#)ftp_var.h 5.9 (Berkeley) 6/1/90
+ */
+
++#if defined(__FreeBSD_cc_version) && __FreeBSD_cc_version > 500000
++#undef __BSD_VISIBLE
++#endif
++
+ #ifdef _WIN32
+ #include <windows.h>
+ #include <winsock2.h>
+@@ -57,9 +61,7 @@
+ typedef void (*sig_t)(int);
+ typedef void sigtype;
+ #else
+-#define sig_t my_sig_t
+ #define sigtype krb5_sigtype
+-typedef sigtype (*sig_t)();
+ #endif
+
+ /*
diff --git a/security/krb5-beta/files/patch-appl::telnet::telnetd::Makefile.in b/security/krb5-beta/files/patch-appl::telnet::telnetd::Makefile.in
new file mode 100644
index 000000000000..cb5a0e26d49d
--- /dev/null
+++ b/security/krb5-beta/files/patch-appl::telnet::telnetd::Makefile.in
@@ -0,0 +1,11 @@
+--- appl/telnet/telnetd/Makefile.in.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/Makefile.in Mon Dec 31 21:51:19 2001
+@@ -24,7 +24,7 @@
+ # @(#)Makefile.generic 5.5 (Berkeley) 3/1/91
+ #
+
+-AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN
++AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=\"/usr/bin/login\"
+ OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON
+ LOCALINCLUDES=-I.. -I$(srcdir)/..
+ DEFINES = $(AUTH_DEF) $(OTHERDEFS)
diff --git a/security/krb5-beta/files/patch-appl::telnet::telnetd::telnetd.8 b/security/krb5-beta/files/patch-appl::telnet::telnetd::telnetd.8
new file mode 100644
index 000000000000..951ee0d5692a
--- /dev/null
+++ b/security/krb5-beta/files/patch-appl::telnet::telnetd::telnetd.8
@@ -0,0 +1,22 @@
+--- appl/telnet/telnetd/telnetd.8.orig Wed Feb 28 14:06:51 2001
++++ appl/telnet/telnetd/telnetd.8 Mon Dec 31 21:16:55 2001
+@@ -43,7 +43,7 @@
+ [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
+ [\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
+ [\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
+-[\fB\-debug\fP [\fIport\fP]]
++[\fB\-debug\fP] [\fB\-L\fP \fIloginpath\fP] [\fIport\fP]
+ .SH DESCRIPTION
+ The
+ .B telnetd
+@@ -221,6 +221,10 @@
+ in response to a
+ .SM DO TIMING-MARK)
+ for kludge linemode support.
++.TP
++\fB\-L\fP \fIloginpath\fP
++Specify pathname to an alternative login program. Default: /usr/bin/login.
++KRB5_HOME/sbin/login.krb5 may be specified.
+ .TP
+ .B \-l
+ Specifies line mode. Tries to force clients to use line-at-a-time
diff --git a/security/krb5-beta/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-beta/files/patch-appl::telnet::telnetd::utility.c
new file mode 100644
index 000000000000..8bb656dc0673
--- /dev/null
+++ b/security/krb5-beta/files/patch-appl::telnet::telnetd::utility.c
@@ -0,0 +1,38 @@
+--- appl/telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002
++++ appl/telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002
+@@ -408,18 +408,25 @@
+ int
+ netwrite(const char *buf, size_t len)
+ {
+- size_t remain;
++ int remaining, copied;
++
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ while (len > 0) {
++ /* Free up enough space if the room is too low*/
++ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
++ netflush();
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ }
+
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
+- if (remain < len) {
+- netflush();
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
++ /* Copy out as much as will fit */
++ copied = remaining > len ? len : remaining;
++ memmove(nfrontp, buf, copied);
++ nfrontp += copied;
++ len -= copied;
++ remaining -= copied;
++ buf += copied;
+ }
+- if (remain < len)
+- return 0;
+- memcpy(nfrontp, buf, len);
+- nfrontp += len;
+- return len;
++ return copied;
+ }
+
+ /*
diff --git a/security/krb5-beta/files/patch-as b/security/krb5-beta/files/patch-as
new file mode 100644
index 000000000000..de19886eac08
--- /dev/null
+++ b/security/krb5-beta/files/patch-as
@@ -0,0 +1,195 @@
+--- clients/ksu/main.c.orig Wed Aug 14 12:14:49 2002
++++ clients/ksu/main.c Tue Jul 29 18:46:00 2003
+@@ -32,6 +32,10 @@
+ #include <signal.h>
+ #include <grp.h>
+
++#ifdef LOGIN_CAP
++#include <login_cap.h>
++#endif
++
+ /* globals */
+ char * prog_name;
+ int auth_debug =0;
+@@ -61,7 +65,7 @@
+ ill specified arguments to commands */
+
+ void usage (){
+- fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
++ fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
+ }
+
+ /* for Ultrix and friends ... */
+@@ -77,6 +81,7 @@
+ int argc;
+ char ** argv;
+ {
++ int asme = 0;
+ int hp =0;
+ int some_rest_copy = 0;
+ int all_rest_copy = 0;
+@@ -91,6 +96,7 @@
+ char * cc_target_tag = NULL;
+ char * target_user = NULL;
+ char * source_user;
++ char * source_shell;
+
+ krb5_ccache cc_source = NULL;
+ const char * cc_source_tag = NULL;
+@@ -117,6 +123,11 @@
+ krb5_principal kdc_server;
+ krb5_boolean zero_password;
+ char * dir_of_cc_target;
++
++#ifdef LOGIN_CAP
++ login_cap_t *lc;
++ int setwhat;
++#endif
+
+ options.opt = KRB5_DEFAULT_OPTIONS;
+ options.lifetime = KRB5_DEFAULT_TKT_LIFE;
+@@ -181,7 +192,7 @@
+ com_err (prog_name, errno, "while setting euid to source user");
+ exit (1);
+ }
+- while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){
++ while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkmql:e:")) != -1)){
+ switch (option) {
+ case 'r':
+ options.opt |= KDC_OPT_RENEWABLE;
+@@ -227,6 +238,9 @@
+ errflg++;
+ }
+ break;
++ case 'm':
++ asme = 1;
++ break;
+ case 'n':
+ if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
+ com_err(prog_name, retval, "when parsing name %s", optarg);
+@@ -341,6 +355,7 @@
+
+ /* allocate space and copy the usernamane there */
+ source_user = xstrdup(pwd->pw_name);
++ source_shell = xstrdup(pwd->pw_shell);
+ source_uid = pwd->pw_uid;
+ source_gid = pwd->pw_gid;
+
+@@ -672,43 +687,64 @@
+ /* get the shell of the user, this will be the shell used by su */
+ target_pwd = getpwnam(target_user);
+
+- if (target_pwd->pw_shell)
+- shell = xstrdup(target_pwd->pw_shell);
+- else {
+- shell = _DEF_CSH; /* default is cshell */
++ if (asme) {
++ if (source_shell && *source_shell) {
++ shell = strdup(source_shell);
++ } else {
++ shell = _DEF_CSH;
++ }
++ } else {
++ if (target_pwd->pw_shell)
++ shell = strdup(target_pwd->pw_shell);
++ else {
++ shell = _DEF_CSH; /* default is cshell */
++ }
+ }
+
+ #ifdef HAVE_GETUSERSHELL
+
+ /* insist that the target login uses a standard shell (root is omited) */
+
+- if (!standard_shell(target_pwd->pw_shell) && source_uid) {
+- fprintf(stderr, "ksu: permission denied (shell).\n");
+- sweep_up(ksu_context, cc_target);
+- exit(1);
++ if (asme) {
++ if (!standard_shell(pwd->pw_shell) && source_uid) {
++ fprintf(stderr, "ksu: permission denied (shell).\n");
++ sweep_up(ksu_context, cc_target);
++ exit(1);
++ }
++ } else {
++ if (!standard_shell(target_pwd->pw_shell) && source_uid) {
++ fprintf(stderr, "ksu: permission denied (shell).\n");
++ sweep_up(ksu_context, cc_target);
++ exit(1);
++ }
+ }
+ #endif /* HAVE_GETUSERSHELL */
+
+- if (target_pwd->pw_uid){
+-
+- if(set_env_var("USER", target_pwd->pw_name)){
++ if (!asme) {
++ if (target_pwd->pw_uid){
++ if (set_env_var("USER", target_pwd->pw_name)){
++ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
++ sweep_up(ksu_context, cc_target);
++ exit(1);
++ }
++ }
++
++ if (set_env_var( "HOME", target_pwd->pw_dir)){
+ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+- }
+- }
+-
+- if(set_env_var( "HOME", target_pwd->pw_dir)){
+- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+- sweep_up(ksu_context, cc_target);
+- exit(1);
+- }
++ }
+
+- if(set_env_var( "SHELL", shell)){
+- fprintf(stderr,"ksu: couldn't set environment variable USER\n");
+- sweep_up(ksu_context, cc_target);
+- exit(1);
+- }
++ if (set_env_var( "SHELL", shell)){
++ fprintf(stderr,"ksu: couldn't set environment variable USER\n");
++ sweep_up(ksu_context, cc_target);
++ exit(1);
++ }
++ }
++
++#ifdef LOGIN_CAP
++ lc = login_getpwclass(pwd);
++#endif
+
+ /* set the cc env name to target */
+
+@@ -718,7 +754,19 @@
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
+-
++
++#ifdef LOGIN_CAP
++ setwhat = LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY;
++ setwhat |= LOGIN_SETPATH|LOGIN_SETUMASK|LOGIN_SETENV;
++ /*
++ * Don't touch resource/priority settings if -m has been
++ * used or -l and -c hasn't, and we're not su'ing to root.
++ */
++ if (target_pwd->pw_uid)
++ setwhat &= ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES);
++ if (setusercontext(lc, target_pwd, target_pwd->pw_uid, setwhat) < 0)
++ err(1, "setusercontext");
++#else
+ /* set permissions */
+ if (setgid(target_pwd->pw_gid) < 0) {
+ perror("ksu: setgid");
+@@ -759,6 +807,7 @@
+ sweep_up(ksu_context, cc_target);
+ exit(1);
+ }
++#endif
+
+ if (access( cc_target_tag_tmp, R_OK | W_OK )){
+ com_err(prog_name, errno,
diff --git a/security/krb5-beta/files/patch-at b/security/krb5-beta/files/patch-at
new file mode 100644
index 000000000000..060207ec644a
--- /dev/null
+++ b/security/krb5-beta/files/patch-at
@@ -0,0 +1,14 @@
+*** include/syslog.h.ORIG Fri Feb 6 19:42:12 1998
+--- include/syslog.h Tue Jun 30 19:46:02 1998
+***************
+*** 34,39 ****
+--- 34,42 ----
+ #define LOG_LPR (6<<3) /* line printer subsystem */
+ #define LOG_NEWS (7<<3) /* network news subsystem */
+ #define LOG_UUCP (8<<3) /* UUCP subsystem */
++ #if (defined(BSD) && (BSD >= 199306))
++ #define LOG_FTP (11<<3) /* ftp daemon */
++ #endif
+ /* other codes through 15 reserved for system use */
+ #define LOG_LOCAL0 (16<<3) /* reserved for local use */
+ #define LOG_LOCAL1 (17<<3) /* reserved for local use */
diff --git a/security/krb5-beta/files/patch-av b/security/krb5-beta/files/patch-av
new file mode 100644
index 000000000000..8363b8bb1e2d
--- /dev/null
+++ b/security/krb5-beta/files/patch-av
@@ -0,0 +1,15 @@
+*** clients/ksu/Makefile.in.ORIG Sun Aug 2 16:51:18 1998
+--- clients/ksu/Makefile.in Sun Aug 2 16:53:48 1998
+***************
+*** 3,7 ****
+ mydir=ksu
+ BUILDTOP=$(REL)$(U)$(S)$(U)
+! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"'
+ CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE)
+
+--- 3,7 ----
+ mydir=ksu
+ BUILDTOP=$(REL)$(U)$(S)$(U)
+! DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/bin /bin /usr/sbin /sbin"'
+ CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE)
+
diff --git a/security/krb5-beta/files/patch-ax b/security/krb5-beta/files/patch-ax
new file mode 100644
index 000000000000..443b321e28db
--- /dev/null
+++ b/security/krb5-beta/files/patch-ax
@@ -0,0 +1,11 @@
+--- ../doc/Makefile.orig Fri Sep 20 10:35:27 2002
++++ ../doc/Makefile Tue Jul 29 18:53:08 2003
+@@ -1,7 +1,7 @@
+ SRCDIR=../src
+ DVI=texi2dvi
+ DVIPS=dvips -o "$@"
+-INFO=makeinfo
++INFO=makeinfo --no-validate
+ HTML=makeinfo --html
+ RM=rm -f
+ TAR=tar -chvf
diff --git a/security/krb5-beta/files/patch-ay b/security/krb5-beta/files/patch-ay
new file mode 100644
index 000000000000..54c041e205f1
--- /dev/null
+++ b/security/krb5-beta/files/patch-ay
@@ -0,0 +1,50 @@
+--- util/pty/getpty.c.orig Wed Jan 9 14:28:37 2002
++++ util/pty/getpty.c Thu Jan 10 21:30:40 2002
+@@ -24,13 +24,26 @@
+ #include "libpty.h"
+ #include "pty-int.h"
+
++#ifdef __FreeBSD__
++#define PTYCHARS1 "pqrsPQRS"
++#define PTYCHARS2 "0123456789abcdefghijklmnopqrstuv"
++#endif
++
++#ifndef PTYCHARS1
++#define PTYCHARS1 "pqrstuvwxyzPQRST"
++#endif
++
++#ifndef PTYCHARS2
++#define PTYCHARS2 "0123456789abcdef"
++#endif
++
+ long
+ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt)
+ {
++ int ptynum;
++ char *cp1, *cp2;
+ #if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY)
+- char *cp;
+ char *p;
+- int i,ptynum;
+ struct stat stb;
+ char slavebuf[1024];
+ #endif
+@@ -115,14 +128,14 @@
+ strncpy(slave, slavebuf, slavelength);
+ return 0;
+ } else {
+- for (cp = "pqrstuvwxyzPQRST";*cp; cp++) {
++ for (cp1 = PTYCHARS1; *cp1 != '\0'; cp1++) {
+ sprintf(slavebuf,"/dev/ptyXX");
+- slavebuf[sizeof("/dev/pty") - 1] = *cp;
++ slavebuf[sizeof("/dev/pty") - 1] = *cp1;
+ slavebuf[sizeof("/dev/ptyp") - 1] = '0';
+ if (stat(slavebuf, &stb) < 0)
+ break;
+- for (i = 0; i < 16; i++) {
+- slavebuf[sizeof("/dev/ptyp") - 1] = "0123456789abcdef"[i];
++ for (cp2 = PTYCHARS2; *cp2 != '\0'; cp2++) {
++ slavebuf[sizeof("/dev/ptyp") - 1] = *cp2;
+ *fd = open(slavebuf, O_RDWR);
+ if (*fd < 0) continue;
+
diff --git a/security/krb5-beta/files/patch-ba b/security/krb5-beta/files/patch-ba
new file mode 100644
index 000000000000..dd0c760df7d2
--- /dev/null
+++ b/security/krb5-beta/files/patch-ba
@@ -0,0 +1,77 @@
+--- appl/bsd/login.c.orig Tue May 27 21:06:25 2003
++++ appl/bsd/login.c Tue Jul 29 20:52:25 2003
+@@ -1342,19 +1342,6 @@
+ setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
+ }
+
+- /* Policy: If local password is good, user is good.
+- We really can't trust the Kerberos password,
+- because somebody on the net could spoof the
+- Kerberos server (not easy, but possible).
+- Some sites might want to use it anyways, in
+- which case they should change this line
+- to:
+- if (kpass_ok)
+- */
+-
+- if (lpass_ok)
+- break;
+-
+ if (got_v5_tickets) {
+ retval = krb5_verify_init_creds(kcontext, &my_creds, NULL,
+ NULL, &xtra_creds,
+@@ -1378,6 +1365,9 @@
+ }
+ #endif /* KRB4_GET_TICKETS */
+
++ if (lpass_ok)
++ break;
++
+ bad_login:
+ setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET);
+
+@@ -1667,21 +1657,23 @@
+ /* set up credential cache -- obeying KRB5_ENV_CCNAME
+ set earlier */
+ /* (KRB5_ENV_CCNAME == "KRB5CCNAME" via osconf.h) */
+- if ((retval = krb5_cc_default(kcontext, &ccache))) {
++ if ((retval = krb5_cc_default(kcontext, &ccache)))
+ com_err(argv[0], retval, "while getting default ccache");
+- } else if ((retval = krb5_cc_initialize(kcontext, ccache, me))) {
+- com_err(argv[0], retval, "when initializing cache");
+- } else if ((retval = krb5_cc_store_cred(kcontext, ccache,
+- &my_creds))) {
+- com_err(argv[0], retval, "while storing credentials");
+- } else if (xtra_creds &&
+- (retval = krb5_cc_copy_creds(kcontext, xtra_creds,
+- ccache))) {
+- com_err(argv[0], retval, "while storing credentials");
++ else {
++ if (retval = krb5_cc_initialize(kcontext, ccache, me))
++ com_err(argv[0], retval, "when initializing cache");
++ else {
++ if (retval = krb5_cc_store_cred(kcontext, ccache, &my_creds))
++ com_err(argv[0], retval, "while storing credentials");
++ else {
++ if (xtra_creds &&
++ (retval = krb5_cc_copy_creds(kcontext, xtra_creds, ccache))) {
++ com_err(argv[0], retval, "while storing credentials");
++ krb5_cc_destroy(kcontext, xtra_creds);
++ }
++ }
++ }
+ }
+-
+- if (xtra_creds)
+- krb5_cc_destroy(kcontext, xtra_creds);
+ } else if (forwarded_v5_tickets && rewrite_ccache) {
+ if ((retval = krb5_cc_initialize (kcontext, ccache, me))) {
+ syslog(LOG_ERR,
+@@ -1762,6 +1754,7 @@
+
+ if (ccname)
+ setenv("KRB5CCNAME", ccname, 1);
++ krb5_cc_set_default_name(kcontext, ccname);
+
+ setenv("HOME", pwd->pw_dir, 1);
+ setenv("PATH", LPATH, 1);
diff --git a/security/krb5-beta/files/patch-bb b/security/krb5-beta/files/patch-bb
new file mode 100644
index 000000000000..6545ae682c53
--- /dev/null
+++ b/security/krb5-beta/files/patch-bb
@@ -0,0 +1,10 @@
+--- appl/telnet/telnet/Makefile.in.orig Sat Dec 18 10:47:05 1999
++++ appl/telnet/telnet/Makefile.in Sat Dec 18 10:47:13 1999
+@@ -58,7 +58,6 @@
+ $(INSTALL_DATA) $(srcdir)/$$f.1 \
+ ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \
+ done
+- $(INSTALL_DATA) $(srcdir)/tmac.doc ${DESTDIR}$(CLIENT_MANDIR)/tmac.doc
+
+ authenc.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET)
+ commands.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET)
diff --git a/security/krb5-beta/files/patch-config::pre.in b/security/krb5-beta/files/patch-config::pre.in
new file mode 100644
index 000000000000..fc3ff4c7a047
--- /dev/null
+++ b/security/krb5-beta/files/patch-config::pre.in
@@ -0,0 +1,10 @@
+--- config/pre.in.orig Tue May 27 21:06:28 2003
++++ config/pre.in Wed Aug 6 11:11:54 2003
+@@ -152,6 +152,7 @@
+ INSTALL=@INSTALL@
+ INSTALL_STRIP=
+ INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP)
++INSTALL_SCRIPT=@INSTALL_SCRIPT@
+ INSTALL_DATA=@INSTALL_DATA@
+ INSTALL_SHLIB=@INSTALL_SHLIB@
+ INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755 -o root
diff --git a/security/krb5-beta/files/patch-config::shlib.conf b/security/krb5-beta/files/patch-config::shlib.conf
new file mode 100644
index 000000000000..48d5e9a51f8b
--- /dev/null
+++ b/security/krb5-beta/files/patch-config::shlib.conf
@@ -0,0 +1,19 @@
+--- config/shlib.conf.orig Sun Mar 2 23:09:45 2003
++++ config/shlib.conf Tue Jul 29 18:16:43 2003
+@@ -179,14 +179,15 @@
+ PICFLAGS=-fpic
+ if test "x$objformat" = "xelf" ; then
+ SHLIBVEXT='.so.$(LIBMAJOR)'
++ LDCOMBINE='cc -shared -Wl,-soname,lib$(LIB)$(SHLIBVEXT)'
+ RPATH_FLAG='-Wl,-rpath -Wl,'
+ else
++ LDCOMBINE='ld -Bshareable'
+ RPATH_FLAG=-R
+ SHLIBVEXT='.so.$(LIBMAJOR).$(LIBMINOR)'
+ fi
+ CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) $(RPATH_FLAG)$(PROG_RPATH) $(CFLAGS) $(LDFLAGS)'
+ SHLIBEXT=.so
+- LDCOMBINE='ld -Bshareable'
+ SHLIB_EXPFLAGS='-R$(SHLIB_RDIRS) $(SHLIB_DIRS) $(SHLIB_EXPLIBS)'
+ CC_LINK_STATIC='$(CC) $(PROG_LIBPATH) $(CFLAGS) $(LDFLAGS)'
+ RUN_ENV='LD_LIBRARY_PATH=`echo $(PROG_LIBPATH) | sed -e "s/-L//g" -e "s/ /:/g"`; export LD_LIBRARY_PATH;'
diff --git a/security/krb5-beta/files/patch-kadmin::cli::Makefile.in b/security/krb5-beta/files/patch-kadmin::cli::Makefile.in
new file mode 100644
index 000000000000..266deea90231
--- /dev/null
+++ b/security/krb5-beta/files/patch-kadmin::cli::Makefile.in
@@ -0,0 +1,11 @@
+--- kadmin/cli/Makefile.in.orig Fri Feb 7 13:41:20 2003
++++ kadmin/cli/Makefile.in Tue Aug 5 16:32:02 2003
+@@ -21,7 +21,7 @@
+ install::
+ $(INSTALL_PROGRAM) $(PROG).local ${DESTDIR}$(ADMIN_BINDIR)/$(PROG).local
+ $(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)
+- $(INSTALL_PROGRAM) $(srcdir)/k5srvutil.sh ${DESTDIR}$(ADMIN_BINDIR)/k5srvutil
++ $(INSTALL_SCRIPT) $(srcdir)/k5srvutil.sh ${DESTDIR}$(ADMIN_BINDIR)/k5srvutil
+ $(INSTALL_DATA) $(srcdir)/k5srvutil.M ${DESTDIR}$(ADMIN_MANDIR)/k5srvutil.8
+ $(INSTALL_DATA) $(srcdir)/$(PROG).M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).8
+ $(INSTALL_DATA) $(srcdir)/$(PROG).local.M ${DESTDIR}$(ADMIN_MANDIR)/$(PROG).local.8
diff --git a/security/krb5-beta/files/patch-lib::krb5::krb::srv_rcache.c b/security/krb5-beta/files/patch-lib::krb5::krb::srv_rcache.c
new file mode 100644
index 000000000000..79e16f93110d
--- /dev/null
+++ b/security/krb5-beta/files/patch-lib::krb5::krb::srv_rcache.c
@@ -0,0 +1,12 @@
+--- lib/krb5/krb/srv_rcache.c 1999-09-24 17:19:48.000000000 -0400
++++ lib/krb5/krb/srv_rcache.c 2003-02-03 19:29:32.000000000 -0500
+@@ -48,6 +48,9 @@
+ unsigned long uid = geteuid();
+ #endif
+
++ if (piece == NULL)
++ return ENOMEM;
++
+ rcache = (krb5_rcache) malloc(sizeof(*rcache));
+ if (!rcache)
+ return ENOMEM;
diff --git a/security/krb5-beta/files/patch-lib::krb5::os::hst_realm.c b/security/krb5-beta/files/patch-lib::krb5::os::hst_realm.c
new file mode 100644
index 000000000000..d3caed59fd30
--- /dev/null
+++ b/security/krb5-beta/files/patch-lib::krb5::os::hst_realm.c
@@ -0,0 +1,14 @@
+--- lib/krb5/os/hst_realm.c.orig Tue Oct 15 15:51:50 2002
++++ lib/krb5/os/hst_realm.c Sat Jan 24 20:11:05 2004
+@@ -438,9 +438,11 @@
+ return EAFNOSUPPORT;
+ case EAI_MEMORY:
+ return ENOMEM;
++#ifdef EAI_NODATA
+ #if EAI_NODATA != EAI_NONAME
+ case EAI_NODATA:
+ return KRB5_EAI_NODATA;
++#endif
+ #endif
+ case EAI_NONAME:
+ return KRB5_EAI_NONAME;
diff --git a/security/krb5-beta/files/patch-lib::krb5::os::locate_kdc.c b/security/krb5-beta/files/patch-lib::krb5::os::locate_kdc.c
new file mode 100644
index 000000000000..5cfbbe3553de
--- /dev/null
+++ b/security/krb5-beta/files/patch-lib::krb5::os::locate_kdc.c
@@ -0,0 +1,13 @@
+--- lib/krb5/os/locate_kdc.c.orig Mon Jun 9 14:27:56 2003
++++ lib/krb5/os/locate_kdc.c Sun Jan 25 13:28:01 2004
+@@ -185,8 +185,10 @@
+ #ifdef EAI_ADDRFAMILY
+ case EAI_ADDRFAMILY:
+ #endif
++#ifdef EAI_NODATA
+ #if EAI_NODATA != EAI_NONAME
+ case EAI_NODATA:
++#endif
+ #endif
+ case EAI_NONAME:
+ /* Name not known or no address data, but no error. Do
diff --git a/security/krb5-beta/pkg-descr b/security/krb5-beta/pkg-descr
new file mode 100644
index 000000000000..376a48c52faf
--- /dev/null
+++ b/security/krb5-beta/pkg-descr
@@ -0,0 +1,24 @@
+Kerberos V5 is an authentication system developed at MIT.
+WWW: http://web.mit.edu/kerberos/www/
+
+Abridged from the User Guide:
+ Under Kerberos, a client sends a request for a ticket to the
+ Key Distribution Center (KDC). The KDC creates a ticket-granting
+ ticket (TGT) for the client, encrypts it using the client's
+ password as the key, and sends the encrypted TGT back to the
+ client. The client then attempts to decrypt the TGT, using
+ its password. If the client successfully decrypts the TGT, it
+ keeps the decrypted TGT, which indicates proof of the client's
+ identity. The TGT permits the client to obtain additional tickets,
+ which give permission for specific services.
+ Since Kerberos negotiates authenticated, and optionally encrypted,
+ communications between two points anywhere on the internet, it
+ provides a layer of security that is not dependent on which side of a
+ firewall either client is on.
+ The Kerberos V5 package is designed to be easy to use. Most of the
+ commands are nearly identical to UNIX network programs you are already
+ used to. Kerberos V5 is a single-sign-on system, which means that you
+ have to type your password only once per session, and Kerberos does
+ the authenticating and encrypting transparently.
+
+Jacques Vidrine <n@nectar.com>
diff --git a/security/krb5-beta/pkg-plist b/security/krb5-beta/pkg-plist
new file mode 100644
index 000000000000..55f03d68c13b
--- /dev/null
+++ b/security/krb5-beta/pkg-plist
@@ -0,0 +1,108 @@
+@unexec install-info --delete %D/info/krb425.info %D/info/dir
+@unexec install-info --delete %D/info/krb5-admin.info %D/info/dir
+@unexec install-info --delete %D/info/krb5-install.info %D/info/dir
+@unexec install-info --delete %D/info/krb5-user.info %D/info/dir
+bin/compile_et
+bin/ftp
+bin/gss-client
+bin/kdestroy
+bin/kinit
+bin/klist
+bin/kpasswd
+bin/krb5-config
+%%KRB4%%bin/krb524init
+bin/ksu
+bin/kvno
+bin/rcp
+bin/rlogin
+bin/rsh
+bin/sclient
+bin/sim_client
+bin/telnet
+bin/uuclient
+%%KRB4%%bin/v4rcp
+bin/v5passwd
+include/com_err.h
+include/gssapi/gssapi.h
+include/gssapi/gssapi_generic.h
+include/gssapi/gssapi_krb5.h
+%%KRB4%%include/kerberosIV/des.h
+%%KRB4%%include/kerberosIV/kadm_err.h
+%%KRB4%%include/kerberosIV/krb.h
+%%KRB4%%include/kerberosIV/krb_err.h
+%%KRB4%%include/kerberosIV/mit-copyright.h
+include/krb5.h
+include/profile.h
+info/krb425.info
+info/krb5-admin.info
+info/krb5-admin.info-1
+info/krb5-admin.info-2
+info/krb5-admin.info-3
+info/krb5-install.info
+info/krb5-install.info-1
+info/krb5-install.info-2
+info/krb5-user.info
+lib/libcom_err.a
+lib/libcom_err.so
+lib/libcom_err.so.3
+lib/libdes425.a
+lib/libdes425.so
+lib/libdes425.so.3
+lib/libgssapi_krb5.a
+lib/libgssapi_krb5.so
+lib/libgssapi_krb5.so.2
+lib/libgssrpc.a
+lib/libgssrpc.so
+lib/libgssrpc.so.3
+lib/libk5crypto.a
+lib/libk5crypto.so
+lib/libk5crypto.so.3
+lib/libkadm5clnt.a
+lib/libkadm5clnt.so
+lib/libkadm5clnt.so.5
+lib/libkadm5srv.a
+lib/libkadm5srv.so
+lib/libkadm5srv.so.5
+lib/libkdb5.a
+lib/libkdb5.so
+lib/libkdb5.so.4
+%%KRB4%%lib/libkrb4.a
+%%KRB4%%lib/libkrb4.so
+%%KRB4%%lib/libkrb4.so.2
+lib/libkrb5.a
+lib/libkrb5.so
+lib/libkrb5.so.3
+sbin/ftpd
+sbin/gss-server
+sbin/k5srvutil
+sbin/kadmin
+sbin/kadmin.local
+sbin/kadmind
+%%KRB4%%sbin/kadmind4
+sbin/kdb5_util
+sbin/klogind
+sbin/kprop
+sbin/kpropd
+sbin/krb5-send-pr
+%%KRB4%%sbin/krb524d
+sbin/krb5kdc
+sbin/kshd
+sbin/ktutil
+sbin/login.krb5
+sbin/sim_server
+sbin/sserver
+sbin/telnetd
+sbin/uuserver
+sbin/v5passwdd
+share/doc/krb5/README.FreeBSD
+share/et/et_c.awk
+share/et/et_h.awk
+share/gnats/mit
+@dirrm include/gssapi
+@dirrm include/kerberosIV
+@dirrm share/et
+@dirrm share/gnats
+@exec install-info %D/info/krb425.info %D/info/dir
+@exec install-info %D/info/krb5-admin.info %D/info/dir
+@exec install-info %D/info/krb5-install.info %D/info/dir
+@exec install-info %D/info/krb5-user.info %D/info/dir