diff options
| author | nectar <nectar@FreeBSD.org> | 2001-10-29 21:02:43 +0800 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2001-10-29 21:02:43 +0800 |
| commit | 7f7a26a635c90df84eb9c43078547879f813f584 (patch) | |
| tree | ba0801c8cf10dc0cba5db7002126747fffe2eb0c /security/heimdal | |
| parent | 84ef03482393ff4b1718111838d07d3896ef4765 (diff) | |
| download | freebsd-ports-graphics-7f7a26a635c90df84eb9c43078547879f813f584.tar.gz freebsd-ports-graphics-7f7a26a635c90df84eb9c43078547879f813f584.tar.zst freebsd-ports-graphics-7f7a26a635c90df84eb9c43078547879f813f584.zip | |
= Add support for using cracklib with kpasswdd, the password changing
daemon.
= Fix a bug in `ktutil get' which was causing a segfault.
= Bump PORTREVISION.
Diffstat (limited to 'security/heimdal')
| -rw-r--r-- | security/heimdal/Makefile | 29 | ||||
| -rw-r--r-- | security/heimdal/files/kdc.sh | 4 | ||||
| -rw-r--r-- | security/heimdal/files/kpasswdd-cracklib.c.in | 21 | ||||
| -rw-r--r-- | security/heimdal/files/patch-admin::get.c | 12 |
4 files changed, 64 insertions, 2 deletions
diff --git a/security/heimdal/Makefile b/security/heimdal/Makefile index 5b6aa8bcf7a..67d065ccc7d 100644 --- a/security/heimdal/Makefile +++ b/security/heimdal/Makefile @@ -7,6 +7,7 @@ PORTNAME= heimdal PORTVERSION= 0.4e +PORTREVISION= 1 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.pdc.kth.se/pub/heimdal/src/ \ ftp://ftp.replay.com/pub/replay/crypto/APPS/kerberos/heimdal/ \ @@ -16,8 +17,12 @@ MASTER_SITES= ftp://ftp.pdc.kth.se/pub/heimdal/src/ \ MAINTAINER= nectar@FreeBSD.ORG .if defined(WITH_LDAP) -LIB_DEPENDS= ldap.2:${PORTSDIR}/net/openldap2 +LIB_DEPENDS+= ldap.2:${PORTSDIR}/net/openldap2 .endif +.if defined(WITH_CRACKLIB) +BUILD_DEPENDS+= ${LOCALBASE}/lib/libcrack.a:${PORTSDIR}/security/cracklib +.endif + RESTRICTED= "Crypto; export-controlled" @@ -60,6 +65,24 @@ OPENSSL_IN_BASE= YES PLIST:= ${WRKDIR}/PLIST +pre-configure: +.if !defined(WITH_CRACKLIB) + @${ECHO_MSG} + @${ECHO_MSG} You can utilize CrackLib for the kpasswdd by defining + @${ECHO_MSG} WITH_CRACKLIB and uncommenting the appropriate lines in + @${ECHO_MSG} ${PREFIX}/etc/rc.d/kdc.sh. + @${ECHO_MSG} +.endif + +post-build: +.if defined(WITH_CRACKLIB) + sed -e "s;%%LOCALBASE%%;${LOCALBASE};g" \ + ${FILESDIR}/kpasswdd-cracklib.c.in > ${WRKSRC}/kpasswdd-cracklib.c + (cd ${WRKSRC} && \ + ${CC} ${CFLAGS} -fPIC -shared -I${LOCALBASE}/include -I./include \ + -L${LOCALBASE}/lib -o ./kpasswdd-cracklib.so ./kpasswdd-cracklib.c -lcrack) +.endif + pre-install: @${CP} ${PKGDIR}/pkg-plist ${PLIST} .if exists(/usr/lib/libkrb.a) && !defined(WITHOUT_KRB4) @@ -74,6 +97,10 @@ pre-install: .if !exists(/usr/include/ifaddrs.h) @${ECHO} include/ifaddrs.h >> ${PLIST} .endif +.if defined(WITH_CRACKLIB) + ${INSTALL_PROGRAM} ${WRKSRC}/kpasswdd-cracklib.so ${PREFIX}/lib/ + @${ECHO} lib/kpasswdd-cracklib.so >> ${PLIST} +.endif .include "Makefile.man" diff --git a/security/heimdal/files/kdc.sh b/security/heimdal/files/kdc.sh index 13aa415fdab..53bb5d4cf26 100644 --- a/security/heimdal/files/kdc.sh +++ b/security/heimdal/files/kdc.sh @@ -10,6 +10,8 @@ IPROP_MASTER_HOST="" KDC="${PREFIX}/libexec/kdc" KPASSWDD="${PREFIX}/libexec/kpasswdd" +# Uncomment to use CrackLib +#KPASSWDD_FLAGS="--check-library=${PREFIX}/lib/kpasswdd-cracklib.so" IPROPD_MASTER="${PREFIX}/libexec/ipropd-master" IPROPD_SLAVE="${PREFIX}/libexec/ipropd-slave" @@ -25,7 +27,7 @@ esac do_start() { if test "${run_kdc}" -eq "1"; then ${KDC} ${KDC_FLAGS} & - test "${run_master}" -eq "1" && ${KPASSWDD} & + test "${run_master}" -eq "1" && ${KPASSWDD} ${KPASSWDD_FLAGS} & test "${run_master}" -eq "1" && ${IPROPD_MASTER} & test "${run_slave}" -eq "1" && ${IPROPD_SLAVE} ${IPROP_MASTER_HOST} & fi diff --git a/security/heimdal/files/kpasswdd-cracklib.c.in b/security/heimdal/files/kpasswdd-cracklib.c.in new file mode 100644 index 00000000000..6f73c2cdc46 --- /dev/null +++ b/security/heimdal/files/kpasswdd-cracklib.c.in @@ -0,0 +1,21 @@ +#include <stdlib.h> +#include <krb5.h> +#include <packer.h> + +int version = 0; + +const char * +passwd_check(krb5_context context, krb5_principal principal, + krb5_data *password) +{ + char *p, *result; + + p = malloc(password->length + 1); + if (p == NULL) + return "out of memory"; + memcpy(p, password->data, password->length); + p[password->length] = '\0'; + result = FascistCheck(p, "%%LOCALBASE%%/libdata/cracklib/pw_dict"); + free(p); + return result; +} diff --git a/security/heimdal/files/patch-admin::get.c b/security/heimdal/files/patch-admin::get.c new file mode 100644 index 00000000000..934c28677a1 --- /dev/null +++ b/security/heimdal/files/patch-admin::get.c @@ -0,0 +1,12 @@ +--- admin/get.c.orig Sun Oct 28 18:41:42 2001 ++++ admin/get.c Sun Oct 28 18:43:13 2001 +@@ -41,8 +41,8 @@ + char *admin_server, + int server_port) + { ++ static kadm5_config_params conf; + krb5_error_code ret; +- kadm5_config_params conf; + void *kadm_handle; + memset(&conf, 0, sizeof(conf)); + |