summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSeemant Kulleen <seemant@gentoo.org>2007-04-04 02:46:56 +0000
committerSeemant Kulleen <seemant@gentoo.org>2007-04-04 02:46:56 +0000
commit943d6bb0b3adfa41f02c8e3a2a895df578c87c3f (patch)
tree6f25582b72a4d4a78743054259e0ceb9987b8a0f /app-crypt/mit-krb5
parentVersion bump, bug #166468 (diff)
downloadhistorical-943d6bb0b3adfa41f02c8e3a2a895df578c87c3f.tar.gz
historical-943d6bb0b3adfa41f02c8e3a2a895df578c87c3f.tar.bz2
historical-943d6bb0b3adfa41f02c8e3a2a895df578c87c3f.zip
removed the patches from filesdir and into their own tarballs, otherwise (as the prior cleanup showed) things just die in that director
Package-Manager: portage-2.1.2.3
Diffstat (limited to 'app-crypt/mit-krb5')
-rw-r--r--app-crypt/mit-krb5/ChangeLog13
-rw-r--r--app-crypt/mit-krb5/Manifest80
-rw-r--r--app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r33
-rw-r--r--app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r13
-rw-r--r--app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r23
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch269
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch56
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch857
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch16
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-pthreads.patch29
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch53
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-setupterm.patch20
-rw-r--r--app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild15
-rw-r--r--app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild14
-rw-r--r--app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild14
15 files changed, 72 insertions, 1373 deletions
diff --git a/app-crypt/mit-krb5/ChangeLog b/app-crypt/mit-krb5/ChangeLog
index 383472932d02..ee14c7093a3b 100644
--- a/app-crypt/mit-krb5/ChangeLog
+++ b/app-crypt/mit-krb5/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for app-crypt/mit-krb5
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.148 2007/04/03 20:51:40 seemant Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.149 2007/04/04 02:46:56 seemant Exp $
+
+ 04 Apr 2007; Seemant Kulleen <seemant@gentoo.org>
+ -files/mit-krb5-1.4.3-setuid.patch,
+ -files/mit-krb5-SA-2007-001-telnetd.patch,
+ -files/mit-krb5-SA-2007-002-syslog.patch,
+ -files/mit-krb5-SA-2007-003.patch, -files/mit-krb5-pthreads.patch,
+ -files/mit-krb5-robustgnu.patch, -files/mit-krb5-setupterm.patch,
+ mit-krb5-1.4.3-r3.ebuild, mit-krb5-1.5.2-r1.ebuild,
+ mit-krb5-1.5.2-r2.ebuild:
+ removed the patches from filesdir and into their own tarballs, otherwise (as
+ the prior cleanup showed) things just die in that director
*mit-krb5-1.5.2-r2 (03 Apr 2007)
diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest
index f4075af4c437..d8aeb36b9713 100644
--- a/app-crypt/mit-krb5/Manifest
+++ b/app-crypt/mit-krb5/Manifest
@@ -1,35 +1,7 @@
-AUX mit-krb5-1.4.3-setuid.patch 7066 RMD160 5d9b862ed554cf63d567dbfb4f4308b8771eeb89 SHA1 1135ad0428c92e7be2da2bce6dd0977bad0848e0 SHA256 334f4aeb83f79206829ac588ac2919fa2730a6524c1041fe5a3915c986c1ab3c
-MD5 161af87937e59b10d0d1cb0ab771cb19 files/mit-krb5-1.4.3-setuid.patch 7066
-RMD160 5d9b862ed554cf63d567dbfb4f4308b8771eeb89 files/mit-krb5-1.4.3-setuid.patch 7066
-SHA256 334f4aeb83f79206829ac588ac2919fa2730a6524c1041fe5a3915c986c1ab3c files/mit-krb5-1.4.3-setuid.patch 7066
-AUX mit-krb5-SA-2007-001-telnetd.patch 2089 RMD160 66d230ad48d4a5292520579de63778d06357fbac SHA1 1e1c4c184caf3be7480f7bf4797bedcd05042de1 SHA256 edd4de87ad2f01c6d07f49101ecb6e7853a2979ef23c8496ac833f7dfaedede7
-MD5 60d3143180d1eab444bb5a64bc045420 files/mit-krb5-SA-2007-001-telnetd.patch 2089
-RMD160 66d230ad48d4a5292520579de63778d06357fbac files/mit-krb5-SA-2007-001-telnetd.patch 2089
-SHA256 edd4de87ad2f01c6d07f49101ecb6e7853a2979ef23c8496ac833f7dfaedede7 files/mit-krb5-SA-2007-001-telnetd.patch 2089
-AUX mit-krb5-SA-2007-002-syslog.patch 31119 RMD160 e9ca437400760ea2762b097b215702194c5b93bd SHA1 63e27604500874ff1a1fa4da8d537a0bde15c289 SHA256 0c36a81867c9ff3e761853d4f3d90cdfb41bfa7b665d7da05c5cd713443a4541
-MD5 3d61faafa1c2c44fc1f74fcc8781c059 files/mit-krb5-SA-2007-002-syslog.patch 31119
-RMD160 e9ca437400760ea2762b097b215702194c5b93bd files/mit-krb5-SA-2007-002-syslog.patch 31119
-SHA256 0c36a81867c9ff3e761853d4f3d90cdfb41bfa7b665d7da05c5cd713443a4541 files/mit-krb5-SA-2007-002-syslog.patch 31119
-AUX mit-krb5-SA-2007-003.patch 609 RMD160 bb6dbd8a850a5767e0812429f35acec56fa3084c SHA1 16f034b9044a8e31c7746fb97c05f1405b778f01 SHA256 300f666872407e196e1b2ed86812ddaa44dfd0cd53a4194260b43b88fb8c0133
-MD5 3e1a043cbe0971ab090112e3cc6ce85d files/mit-krb5-SA-2007-003.patch 609
-RMD160 bb6dbd8a850a5767e0812429f35acec56fa3084c files/mit-krb5-SA-2007-003.patch 609
-SHA256 300f666872407e196e1b2ed86812ddaa44dfd0cd53a4194260b43b88fb8c0133 files/mit-krb5-SA-2007-003.patch 609
AUX mit-krb5-lazyldflags.patch 509 RMD160 47515882e93e0db7db6980a4460a01f2cbc3f382 SHA1 db880ff82bd72afd2815a8e8d345c815c2769715 SHA256 272b3a18303b43c64bbcc1da9bcb7cd60d56337700d84c78741c7096c18044d5
MD5 ae7e2bde0b20e580f49d5a3c524b445b files/mit-krb5-lazyldflags.patch 509
RMD160 47515882e93e0db7db6980a4460a01f2cbc3f382 files/mit-krb5-lazyldflags.patch 509
SHA256 272b3a18303b43c64bbcc1da9bcb7cd60d56337700d84c78741c7096c18044d5 files/mit-krb5-lazyldflags.patch 509
-AUX mit-krb5-pthreads.patch 1276 RMD160 33a48c04e887c2067c8a94c431d0140d5138677b SHA1 45ec66393fcf945c7a16450d0c26f3373234d523 SHA256 c9c87efc3c381bc63a86d3d341ceb5413e2b038de9302335e34c1ac743773072
-MD5 6eae177180fe525b127ee90ddff1fefd files/mit-krb5-pthreads.patch 1276
-RMD160 33a48c04e887c2067c8a94c431d0140d5138677b files/mit-krb5-pthreads.patch 1276
-SHA256 c9c87efc3c381bc63a86d3d341ceb5413e2b038de9302335e34c1ac743773072 files/mit-krb5-pthreads.patch 1276
-AUX mit-krb5-robustgnu.patch 2040 RMD160 3955fd028c5b5a4a274105d3f3da8fed1199026e SHA1 6232af38c2911a1ca24d7c78f8a5bebbd975ed0d SHA256 e7c557a727be720e87317cfc257a571437a8f2fa2788e1bc10c314642a48cb51
-MD5 7a258688eeb2150375d30e04a9d49dbe files/mit-krb5-robustgnu.patch 2040
-RMD160 3955fd028c5b5a4a274105d3f3da8fed1199026e files/mit-krb5-robustgnu.patch 2040
-SHA256 e7c557a727be720e87317cfc257a571437a8f2fa2788e1bc10c314642a48cb51 files/mit-krb5-robustgnu.patch 2040
-AUX mit-krb5-setupterm.patch 751 RMD160 26b663f1d13fe50706fc084eb1489ce3fc7b1dbc SHA1 5a4bbe78af977dd4370eca88b10d3e342b5f7e0f SHA256 6ffc82225d3702c5a08688212d034aba95a473a26d2bdd4bd7463b05fff73886
-MD5 672d9fd88c1b5769790b0d025a9a1c7d files/mit-krb5-setupterm.patch 751
-RMD160 26b663f1d13fe50706fc084eb1489ce3fc7b1dbc files/mit-krb5-setupterm.patch 751
-SHA256 6ffc82225d3702c5a08688212d034aba95a473a26d2bdd4bd7463b05fff73886 files/mit-krb5-setupterm.patch 751
AUX mit-krb5kadmind.initd 687 RMD160 7602d12d570e80edf24953befbe4ec03d247e4ba SHA1 753a5875659d3bef63c1a50bb0228f1c3c06bdf9 SHA256 427953b3a2dbe0a8f85bee1294a348c97dbbdac4741f06c2a3768170ba29161a
MD5 61a61d22565605924a06789f9da352bf files/mit-krb5kadmind.initd 687
RMD160 7602d12d570e80edf24953befbe4ec03d247e4ba files/mit-krb5kadmind.initd 687
@@ -40,32 +12,34 @@ RMD160 8c4c508273f9d715ac0e0a8d9c54e36f63526b9b files/mit-krb5kdc.initd 656
SHA256 d813dbf3ee89f0da6b73455fd8759898223529c4cf7c1c2ec64a3128363194e2 files/mit-krb5kdc.initd 656
DIST krb5-1.4.3-signed.tar 7290880 RMD160 838425b59bf37da69c927eb346be78d059fa6db7 SHA1 94bd12d664b1ef32bbf5b8ffe062fe473909f9a7 SHA256 86f246877cc912ae6a82b6bb16217e54ec31fe46ae33a39a42b3f062bb5e6cbe
DIST krb5-1.5.2-signed.tar 10086400 RMD160 b8eca92373155eac0661721f0c65777673d4654e SHA1 2693e31187629fccbcfecf750828f61c69251da6 SHA256 1db46e506fbc0b1a274cb00c3fda5b5e4de832ce40c209e4f6603adcdf2e770e
-EBUILD mit-krb5-1.4.3-r3.ebuild 2826 RMD160 5e84657dc8e4f264d515bca233c352c2749e5575 SHA1 347ea7bdec4272978785c4311557791085ddf39a SHA256 d839ec6b71550060eaa043437bdc979a2eb39fb18ade13bb4f3df203989c0e56
-MD5 ff420d1537baa28bfed277311ab61cd9 mit-krb5-1.4.3-r3.ebuild 2826
-RMD160 5e84657dc8e4f264d515bca233c352c2749e5575 mit-krb5-1.4.3-r3.ebuild 2826
-SHA256 d839ec6b71550060eaa043437bdc979a2eb39fb18ade13bb4f3df203989c0e56 mit-krb5-1.4.3-r3.ebuild 2826
-EBUILD mit-krb5-1.5.2-r1.ebuild 2496 RMD160 df6bd7f33a4bfa228cd2e019b1188c6afe41680a SHA1 86286c0cda66fba6828916a05316d1144770c750 SHA256 4f684d5b07c4227414f95264705a58fb24a8c0ccd14af20391254ecf44f437ab
-MD5 bfd51922172fd06fc0cd48b05f308ae2 mit-krb5-1.5.2-r1.ebuild 2496
-RMD160 df6bd7f33a4bfa228cd2e019b1188c6afe41680a mit-krb5-1.5.2-r1.ebuild 2496
-SHA256 4f684d5b07c4227414f95264705a58fb24a8c0ccd14af20391254ecf44f437ab mit-krb5-1.5.2-r1.ebuild 2496
-EBUILD mit-krb5-1.5.2-r2.ebuild 2538 RMD160 50e700337f01eaf0c1f585973f8e2b654d1b24e2 SHA1 5e349e49858b57118e558f5c7eb8bb461058f426 SHA256 b4deceeb9f7a87c3ed416c111c78438a5b89314057f67ac2eadc5303e27fb335
-MD5 af726c63f5568581ea613934b2170ebe mit-krb5-1.5.2-r2.ebuild 2538
-RMD160 50e700337f01eaf0c1f585973f8e2b654d1b24e2 mit-krb5-1.5.2-r2.ebuild 2538
-SHA256 b4deceeb9f7a87c3ed416c111c78438a5b89314057f67ac2eadc5303e27fb335 mit-krb5-1.5.2-r2.ebuild 2538
-MISC ChangeLog 2487 RMD160 335ae458a80af328c1a287ca55b7f5d4e100c878 SHA1 480b67bc9ef888b2c1bd543a4f5159aa084fa279 SHA256 ae77a9ab43bca145fa8890cd53081c5c2de0b35acfc0beb4aa65c2d11848e24b
-MD5 00e6c02af9d11b317f9d0623f2fbbf18 ChangeLog 2487
-RMD160 335ae458a80af328c1a287ca55b7f5d4e100c878 ChangeLog 2487
-SHA256 ae77a9ab43bca145fa8890cd53081c5c2de0b35acfc0beb4aa65c2d11848e24b ChangeLog 2487
+DIST mit-krb5-1.4.3-patches-0.1.tar.bz2 4271 RMD160 89f4b6bf1d343377e37839d28ac0f401be216e69 SHA1 461b8b968415c0269775d19cd1ea2974c779823a SHA256 e1bd1d4ad64ab34d6eba5a91141a7a0fc94982f0a2db8aa057ae356f7da9c109
+DIST mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 RMD160 53cbce1e71e9c8c58621cf695a57cc7d50af5e52 SHA1 4b385b5db1497579287643051c4b60ebc6f83b43 SHA256 841541f3767af698745f4fde2d492c06880260a72b8f2178d4c0d2ae4ce446b4
+EBUILD mit-krb5-1.4.3-r3.ebuild 2775 RMD160 dd1bd2d8a3c7d8ce01ccf29e8430132a1241ad70 SHA1 fc59220799af53dff8a0c1db303d35a1e4154a11 SHA256 87ef7aff2603ddd3103d3f959cca3df22d6d0e8b4ba7cdd3b1ec4cc6fb15c8c1
+MD5 b4916a6aeedf72cc52be8066e8ff17f6 mit-krb5-1.4.3-r3.ebuild 2775
+RMD160 dd1bd2d8a3c7d8ce01ccf29e8430132a1241ad70 mit-krb5-1.4.3-r3.ebuild 2775
+SHA256 87ef7aff2603ddd3103d3f959cca3df22d6d0e8b4ba7cdd3b1ec4cc6fb15c8c1 mit-krb5-1.4.3-r3.ebuild 2775
+EBUILD mit-krb5-1.5.2-r1.ebuild 2463 RMD160 55d4d766a1538f190636268f22d031b3b0eabea0 SHA1 e1d9ade711d6a311e7c14a24623373eda5dcf21a SHA256 3b755726d45d5417f8100fc65ecc0c42126b21eb17db013027aa9b24ef419e17
+MD5 1435f98d6290507f50a1a6d0d7acd52b mit-krb5-1.5.2-r1.ebuild 2463
+RMD160 55d4d766a1538f190636268f22d031b3b0eabea0 mit-krb5-1.5.2-r1.ebuild 2463
+SHA256 3b755726d45d5417f8100fc65ecc0c42126b21eb17db013027aa9b24ef419e17 mit-krb5-1.5.2-r1.ebuild 2463
+EBUILD mit-krb5-1.5.2-r2.ebuild 2505 RMD160 53542b6db695820b9a5a57465b7eecf664adea56 SHA1 fde5d34b3fb8cb53396b834a5120194cc1c5850f SHA256 f4acff3e3798a6eb7e4037b609c87486b4b3d276352ec85435bfe8b03dd53e2b
+MD5 908e280ca3f4d5ae2e2af45b4071ff4e mit-krb5-1.5.2-r2.ebuild 2505
+RMD160 53542b6db695820b9a5a57465b7eecf664adea56 mit-krb5-1.5.2-r2.ebuild 2505
+SHA256 f4acff3e3798a6eb7e4037b609c87486b4b3d276352ec85435bfe8b03dd53e2b mit-krb5-1.5.2-r2.ebuild 2505
+MISC ChangeLog 3026 RMD160 773074c5a223128f86529e3164b7dee3335856e8 SHA1 e51d0ade62d0793680b7338260c52f77f6a3c083 SHA256 23b9f24564c4f8ab5d25ee2d0d2396856d7e29005fc1df7dd2ff6220ecab2c29
+MD5 ae7646d50f8cd288bc055df46f987a7e ChangeLog 3026
+RMD160 773074c5a223128f86529e3164b7dee3335856e8 ChangeLog 3026
+SHA256 23b9f24564c4f8ab5d25ee2d0d2396856d7e29005fc1df7dd2ff6220ecab2c29 ChangeLog 3026
MISC metadata.xml 241 RMD160 4b15a3aa85942fcbab1c0afa871bd88c85acb001 SHA1 97dc5c2f74beed14ac9e171f36380370afae95be SHA256 119a622b44a5b38856cb9398389cf060f93a077b369161a5ab9a193234af763f
MD5 f3ea9dd1d52f37139fbc4d101044f821 metadata.xml 241
RMD160 4b15a3aa85942fcbab1c0afa871bd88c85acb001 metadata.xml 241
SHA256 119a622b44a5b38856cb9398389cf060f93a077b369161a5ab9a193234af763f metadata.xml 241
-MD5 6ba0d8f5bbf423058a90022e33bd30a4 files/digest-mit-krb5-1.4.3-r3 247
-RMD160 b4c529af7319d39a8ceedc6dd92a3676808acf20 files/digest-mit-krb5-1.4.3-r3 247
-SHA256 6dbbea82aa2ce1f7db8b21fa84eaa99e1fc045e2a4a4b6d175d27267f197c123 files/digest-mit-krb5-1.4.3-r3 247
-MD5 371862c239b5066a8251dbf8ff99b193 files/digest-mit-krb5-1.5.2-r1 250
-RMD160 504add6e5e71afbb372c253d909440badbd342ac files/digest-mit-krb5-1.5.2-r1 250
-SHA256 3ef89096be30b4523fb82ca10ea1405dfe98f5cad6609b441514e878d05b8747 files/digest-mit-krb5-1.5.2-r1 250
-MD5 371862c239b5066a8251dbf8ff99b193 files/digest-mit-krb5-1.5.2-r2 250
-RMD160 504add6e5e71afbb372c253d909440badbd342ac files/digest-mit-krb5-1.5.2-r2 250
-SHA256 3ef89096be30b4523fb82ca10ea1405dfe98f5cad6609b441514e878d05b8747 files/digest-mit-krb5-1.5.2-r2 250
+MD5 90bf96b2ef57fc8849e8b046c400bc9c files/digest-mit-krb5-1.4.3-r3 524
+RMD160 293463bcdff3279351fe15e5910d346b0d8b4eb2 files/digest-mit-krb5-1.4.3-r3 524
+SHA256 8958fdc80b15b327341ebff1a82d1577c76d77d2619503903680d640e1f2c404 files/digest-mit-krb5-1.4.3-r3 524
+MD5 d15f0fd1db54b2def66beeaaae5c7b7e files/digest-mit-krb5-1.5.2-r1 527
+RMD160 ad4cc1a221dbe4a40624a08a6eea5eb9a2579db9 files/digest-mit-krb5-1.5.2-r1 527
+SHA256 0e68565601c0f865e5f0be8bf9718cae7c73394b65a98cae8147b6d102d34445 files/digest-mit-krb5-1.5.2-r1 527
+MD5 d15f0fd1db54b2def66beeaaae5c7b7e files/digest-mit-krb5-1.5.2-r2 527
+RMD160 ad4cc1a221dbe4a40624a08a6eea5eb9a2579db9 files/digest-mit-krb5-1.5.2-r2 527
+SHA256 0e68565601c0f865e5f0be8bf9718cae7c73394b65a98cae8147b6d102d34445 files/digest-mit-krb5-1.5.2-r2 527
diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3
index ecbc87ab159a..5d9882e02c2d 100644
--- a/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3
+++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3
@@ -1,3 +1,6 @@
MD5 6c805139a4108fbb82fa4adba557a448 krb5-1.4.3-signed.tar 7290880
RMD160 838425b59bf37da69c927eb346be78d059fa6db7 krb5-1.4.3-signed.tar 7290880
SHA256 86f246877cc912ae6a82b6bb16217e54ec31fe46ae33a39a42b3f062bb5e6cbe krb5-1.4.3-signed.tar 7290880
+MD5 b369322efbf8387a27d8de67e5b53898 mit-krb5-1.4.3-patches-0.1.tar.bz2 4271
+RMD160 89f4b6bf1d343377e37839d28ac0f401be216e69 mit-krb5-1.4.3-patches-0.1.tar.bz2 4271
+SHA256 e1bd1d4ad64ab34d6eba5a91141a7a0fc94982f0a2db8aa057ae356f7da9c109 mit-krb5-1.4.3-patches-0.1.tar.bz2 4271
diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1
index acc96e7682b6..c73631560ff4 100644
--- a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1
+++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1
@@ -1,3 +1,6 @@
MD5 4d1452f775281f5da62e8fde0b517692 krb5-1.5.2-signed.tar 10086400
RMD160 b8eca92373155eac0661721f0c65777673d4654e krb5-1.5.2-signed.tar 10086400
SHA256 1db46e506fbc0b1a274cb00c3fda5b5e4de832ce40c209e4f6603adcdf2e770e krb5-1.5.2-signed.tar 10086400
+MD5 a3b79173bc8c71d4cd9b60fd508cddb9 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056
+RMD160 53cbce1e71e9c8c58621cf695a57cc7d50af5e52 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056
+SHA256 841541f3767af698745f4fde2d492c06880260a72b8f2178d4c0d2ae4ce446b4 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056
diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2
index acc96e7682b6..c73631560ff4 100644
--- a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2
+++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2
@@ -1,3 +1,6 @@
MD5 4d1452f775281f5da62e8fde0b517692 krb5-1.5.2-signed.tar 10086400
RMD160 b8eca92373155eac0661721f0c65777673d4654e krb5-1.5.2-signed.tar 10086400
SHA256 1db46e506fbc0b1a274cb00c3fda5b5e4de832ce40c209e4f6603adcdf2e770e krb5-1.5.2-signed.tar 10086400
+MD5 a3b79173bc8c71d4cd9b60fd508cddb9 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056
+RMD160 53cbce1e71e9c8c58621cf695a57cc7d50af5e52 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056
+SHA256 841541f3767af698745f4fde2d492c06880260a72b8f2178d4c0d2ae4ce446b4 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch b/app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch
deleted file mode 100644
index b2871c1be9e2..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch
+++ /dev/null
@@ -1,269 +0,0 @@
-Index: appl/gssftp/ftpd/ftpd.c
-===================================================================
-*** appl/gssftp/ftpd/ftpd.c (revision 18419)
---- appl/gssftp/ftpd/ftpd.c (working copy)
-***************
-*** 1368,1374 ****
- goto bad;
- sleep(tries);
- }
-! (void) krb5_seteuid((uid_t)pw->pw_uid);
- #ifdef IP_TOS
- #ifdef IPTOS_THROUGHPUT
- on = IPTOS_THROUGHPUT;
---- 1368,1376 ----
- goto bad;
- sleep(tries);
- }
-! if (krb5_seteuid((uid_t)pw->pw_uid)) {
-! fatal("seteuid user");
-! }
- #ifdef IP_TOS
- #ifdef IPTOS_THROUGHPUT
- on = IPTOS_THROUGHPUT;
-***************
-*** 1378,1384 ****
- #endif
- return (fdopen(s, fmode));
- bad:
-! (void) krb5_seteuid((uid_t)pw->pw_uid);
- (void) close(s);
- return (NULL);
- }
---- 1380,1388 ----
- #endif
- return (fdopen(s, fmode));
- bad:
-! if (krb5_seteuid((uid_t)pw->pw_uid)) {
-! fatal("seteuid user");
-! }
- (void) close(s);
- return (NULL);
- }
-***************
-*** 2187,2193 ****
- (void) krb5_seteuid((uid_t)pw->pw_uid);
- goto pasv_error;
- }
-! (void) krb5_seteuid((uid_t)pw->pw_uid);
- len = sizeof(pasv_addr);
- if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0)
- goto pasv_error;
---- 2191,2199 ----
- (void) krb5_seteuid((uid_t)pw->pw_uid);
- goto pasv_error;
- }
-! if (krb5_seteuid((uid_t)pw->pw_uid)) {
-! fatal("seteuid user");
-! }
- len = sizeof(pasv_addr);
- if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0)
- goto pasv_error;
-Index: appl/bsd/v4rcp.c
-===================================================================
-*** appl/bsd/v4rcp.c (revision 18419)
---- appl/bsd/v4rcp.c (working copy)
-***************
-*** 436,442 ****
- kstream_set_buffer_mode (krem, 0);
- #endif /* KERBEROS && !NOENCRYPTION */
- (void) response();
-! (void) setuid(userid);
- source(--argc, ++argv);
- exit(errs);
-
---- 436,445 ----
- kstream_set_buffer_mode (krem, 0);
- #endif /* KERBEROS && !NOENCRYPTION */
- (void) response();
-! if (setuid(userid)) {
-! error("rcp: can't setuid(user)\n");
-! exit(1);
-! }
- source(--argc, ++argv);
- exit(errs);
-
-***************
-*** 452,458 ****
- krem = kstream_create_from_fd (rem, 0, 0);
- kstream_set_buffer_mode (krem, 0);
- #endif /* KERBEROS && !NOENCRYPTION */
-! (void) setuid(userid);
- sink(--argc, ++argv);
- exit(errs);
-
---- 455,464 ----
- krem = kstream_create_from_fd (rem, 0, 0);
- kstream_set_buffer_mode (krem, 0);
- #endif /* KERBEROS && !NOENCRYPTION */
-! if (setuid(userid)) {
-! error("rcp: can't setuid(user)\n");
-! exit(1);
-! }
- sink(--argc, ++argv);
- exit(errs);
-
-Index: appl/bsd/krcp.c
-===================================================================
-*** appl/bsd/krcp.c (revision 18419)
---- appl/bsd/krcp.c (working copy)
-***************
-*** 620,626 ****
-
- euid = geteuid();
- if (euid == 0) {
-! (void) setuid(0);
- if(krb5_seteuid(userid)) {
- perror("rcp seteuid user"); errs++; exit(errs);
- }
---- 620,628 ----
-
- euid = geteuid();
- if (euid == 0) {
-! if (setuid(0)) {
-! perror("rcp setuid 0"); errs++; exit(errs);
-! }
- if(krb5_seteuid(userid)) {
- perror("rcp seteuid user"); errs++; exit(errs);
- }
-***************
-*** 638,648 ****
- continue;
- rcmd_stream_init_normal();
- #ifdef HAVE_SETREUID
-! (void) setreuid(0, userid);
- sink(1, argv+argc-1);
-! (void) setreuid(userid, 0);
- #else
-! (void) setuid(0);
- if(seteuid(userid)) {
- perror("rcp seteuid user"); errs++; exit(errs);
- }
---- 640,656 ----
- continue;
- rcmd_stream_init_normal();
- #ifdef HAVE_SETREUID
-! if (setreuid(0, userid)) {
-! perror("rcp setreuid 0,user"); errs++; exit(errs);
-! }
- sink(1, argv+argc-1);
-! if (setreuid(userid, 0)) {
-! perror("rcp setreuid user,0"); errs++; exit(errs);
-! }
- #else
-! if (setuid(0)) {
-! perror("rcp setuid 0"); errs++; exit(errs);
-! }
- if(seteuid(userid)) {
- perror("rcp seteuid user"); errs++; exit(errs);
- }
-Index: appl/bsd/login.c
-===================================================================
-*** appl/bsd/login.c (revision 18419)
---- appl/bsd/login.c (working copy)
-***************
-*** 1648,1654 ****
- }
- #endif /* HAVE_SETLUID */
- #ifdef _IBMR2
-! setuidx(ID_LOGIN, pwd->pw_uid);
- #endif
-
- /* This call MUST succeed */
---- 1648,1657 ----
- }
- #endif /* HAVE_SETLUID */
- #ifdef _IBMR2
-! if (setuidx(ID_LOGIN, pwd->pw_uid) < 0) {
-! perror("setuidx");
-! sleepexit(1);
-! };
- #endif
-
- /* This call MUST succeed */
-Index: appl/bsd/krshd.c
-===================================================================
-*** appl/bsd/krshd.c (revision 18419)
---- appl/bsd/krshd.c (working copy)
-***************
-*** 1379,1387 ****
- * If we're on a system which keeps track of login uids, then
- * set the login uid.
- */
-! setluid((uid_t) pwd->pw_uid);
- #endif /* HAVE_SETLUID */
-! (void) setuid((uid_t)pwd->pw_uid);
- /* if TZ is set in the parent, drag it in */
- {
- char **findtz = environ;
---- 1379,1393 ----
- * If we're on a system which keeps track of login uids, then
- * set the login uid.
- */
-! if (setluid((uid_t) pwd->pw_uid) < 0) {
-! perror("setluid");
-! _exit(1);
-! }
- #endif /* HAVE_SETLUID */
-! if (setuid((uid_t)pwd->pw_uid) < 0) {
-! perror("setuid");
-! _exit(1);
-! }
- /* if TZ is set in the parent, drag it in */
- {
- char **findtz = environ;
-Index: clients/ksu/main.c
-===================================================================
-*** clients/ksu/main.c (revision 18419)
---- clients/ksu/main.c (working copy)
-***************
-*** 892,900 ****
- const char * cc_name;
- struct stat st_temp;
-
-! krb5_seteuid(0);
-! krb5_seteuid(target_uid);
-!
- cc_name = krb5_cc_get_name(context, cc);
- if ( ! stat(cc_name, &st_temp)){
- if ((retval = krb5_cc_destroy(context, cc))){
---- 892,903 ----
- const char * cc_name;
- struct stat st_temp;
-
-! if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) {
-! com_err(prog_name, errno,
-! "while returning to source uid for destroying ccache");
-! exit(1);
-! }
-!
- cc_name = krb5_cc_get_name(context, cc);
- if ( ! stat(cc_name, &st_temp)){
- if ((retval = krb5_cc_destroy(context, cc))){
-Index: lib/krb4/kuserok.c
-===================================================================
-*** lib/krb4/kuserok.c (revision 18419)
---- lib/krb4/kuserok.c (working copy)
-***************
-*** 159,167 ****
- */
- if(getuid() == 0) {
- uid_t old_euid = geteuid();
-! seteuid(pwd->pw_uid);
- fp = fopen(pbuf, "r");
-! seteuid(old_euid);
- if ((fp) == NULL) {
- return(NOTOK);
- }
---- 159,169 ----
- */
- if(getuid() == 0) {
- uid_t old_euid = geteuid();
-! if (seteuid(pwd->pw_uid) < 0)
-! return NOTOK;
- fp = fopen(pbuf, "r");
-! if (seteuid(old_euid) < 0)
-! return NOTOK;
- if ((fp) == NULL) {
- return(NOTOK);
- }
diff --git a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch b/app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch
deleted file mode 100644
index a4d361445470..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-diff -urN krb5-1.5.2.orig/src/appl/telnet/telnetd/state.c krb5-1.5.2/src/appl/telnet/telnetd/state.c
---- krb5-1.5.2.orig/src/appl/telnet/telnetd/state.c 2006-06-15 18:42:53.000000000 -0400
-+++ krb5-1.5.2/src/appl/telnet/telnetd/state.c 2007-03-28 18:05:19.000000000 -0400
-@@ -1665,7 +1665,8 @@
- strcmp(varp, "RESOLV_HOST_CONF") && /* linux */
- strcmp(varp, "NLSPATH") && /* locale stuff */
- strncmp(varp, "LC_", strlen("LC_")) && /* locale stuff */
-- strcmp(varp, "IFS")) {
-+ strcmp(varp, "IFS") &&
-+ !strchr(varp, '-')) {
- return 1;
- } else {
- syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp);
-diff -urN krb5-1.5.2.orig/src/appl/telnet/telnetd/sys_term.c krb5-1.5.2/src/appl/telnet/telnetd/sys_term.c
---- krb5-1.5.2.orig/src/appl/telnet/telnetd/sys_term.c 2002-11-15 15:21:51.000000000 -0500
-+++ krb5-1.5.2/src/appl/telnet/telnetd/sys_term.c 2007-03-28 18:10:59.000000000 -0400
-@@ -1287,6 +1287,16 @@
- #endif
- #if defined (AUTHENTICATION)
- if (auth_level >= 0 && autologin == AUTH_VALID) {
-+ if (name[0] == '-') {
-+ /* Authenticated and authorized to log in to an account
-+ * starting with '-'? Even if that unlikely case comes
-+ * to pass, the current program will not patse the
-+ * resulting command line properly.
-+ */
-+ syslog(LOG_ERR, "user name can not start with '-'");
-+ fatal(net, "user name can not start with '-'");
-+ exit(1);
-+ }
- # if !defined(NO_LOGIN_F)
- #if defined(LOGIN_CAP_F)
- argv = addarg(argv, "-F");
-@@ -1377,12 +1387,20 @@
- } else
- #endif
- if (getenv("USER")) {
-- argv = addarg(argv, getenv("USER"));
-+ char *user = getenv("USER");
-+ if (user[0] == '-') {
-+ /* "telnet -l-x ..." */
-+ syslog(LOG_ERR, "user name cannot start with '-'");
-+ fatal(net, "user name cannot start with '-'");
-+ exit(1);
-+ }
-+ argv = addarg(argv, user);
- #if defined(LOGIN_ARGS) && defined(NO_LOGIN_P)
- {
- register char **cpp;
- for (cpp = environ; *cpp; cpp++)
-- argv = addarg(argv, *cpp);
-+ if ((*cpp[0] != '-')
-+ argv = addarg(argv, *cpp);
- }
- #endif
- /*
diff --git a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch b/app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch
deleted file mode 100644
index 3fb2211f657d..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch
+++ /dev/null
@@ -1,857 +0,0 @@
-diff -urN krb5-1.5.2.orig/src/kadmin/server/kadm_rpc_svc.c krb5-1.5.2/src/kadmin/server/kadm_rpc_svc.c
---- krb5-1.5.2.orig/src/kadmin/server/kadm_rpc_svc.c 2006-03-31 22:08:17.000000000 -0500
-+++ krb5-1.5.2/src/kadmin/server/kadm_rpc_svc.c 2007-03-28 18:17:57.000000000 -0400
-@@ -250,6 +250,8 @@
- krb5_data *c1, *c2, *realm;
- gss_buffer_desc gss_str;
- kadm5_server_handle_t handle;
-+ size_t slen;
-+ char *sdots;
-
- success = 0;
- handle = (kadm5_server_handle_t)global_server_handle;
-@@ -274,6 +276,9 @@
- if (ret == 0)
- goto fail_name;
-
-+ slen = gss_str.length;
-+ trunc_name(&slen, &sdots);
-+
- /*
- * Since we accept with GSS_C_NO_NAME, the client can authenticate
- * against the entire kdb. Therefore, ensure that the service
-@@ -296,8 +301,8 @@
-
- fail_princ:
- if (!success) {
-- krb5_klog_syslog(LOG_ERR, "bad service principal %.*s",
-- gss_str.length, gss_str.value);
-+ krb5_klog_syslog(LOG_ERR, "bad service principal %.*s%s",
-+ slen, gss_str.value, sdots);
- }
- gss_release_buffer(&min_stat, &gss_str);
- krb5_free_principal(kctx, princ);
-diff -urN krb5-1.5.2.orig/src/kadmin/server/misc.c krb5-1.5.2/src/kadmin/server/misc.c
---- krb5-1.5.2.orig/src/kadmin/server/misc.c 2006-03-11 17:23:28.000000000 -0500
-+++ krb5-1.5.2/src/kadmin/server/misc.c 2007-03-28 18:19:44.000000000 -0400
-@@ -171,3 +171,12 @@
-
- return kadm5_free_principal_ent(handle->lhandle, &princ);
- }
-+
-+#define MAXPRINCLEN 125
-+
-+void
-+trunc_name(size_t *len, char **dots)
-+{
-+ *dots = *len > MAXPRINCLEN ? "..." : "";
-+ *len = *len > MAXPRINCLEN ? MAXPRINCLEN : *len;
-+}
-diff -urN krb5-1.5.2.orig/src/kadmin/server/misc.h krb5-1.5.2/src/kadmin/server/misc.h
---- krb5-1.5.2.orig/src/kadmin/server/misc.h 2005-10-12 00:09:19.000000000 -0400
-+++ krb5-1.5.2/src/kadmin/server/misc.h 2007-03-28 18:20:15.000000000 -0400
-@@ -45,3 +45,5 @@
- #ifdef SVC_GETARGS
- void kadm_1(struct svc_req *, SVCXPRT *);
- #endif
-+
-+void trunc_name(size_t *len, char **dots);
-diff -urN krb5-1.5.2.orig/src/kadmin/server/ovsec_kadmd.c krb5-1.5.2/src/kadmin/server/ovsec_kadmd.c
---- krb5-1.5.2.orig/src/kadmin/server/ovsec_kadmd.c 2007-01-09 20:08:20.000000000 -0500
-+++ krb5-1.5.2/src/kadmin/server/ovsec_kadmd.c 2007-03-28 18:29:19.000000000 -0400
-@@ -989,6 +989,8 @@
- rpcproc_t proc;
- int i;
- const char *procname;
-+ size_t clen, slen;
-+ char *cdots, *sdots;
-
- client.length = 0;
- client.value = NULL;
-@@ -997,10 +999,20 @@
-
- (void) gss_display_name(&minor, client_name, &client, &gss_type);
- (void) gss_display_name(&minor, server_name, &server, &gss_type);
-- if (client.value == NULL)
-- client.value = "(null)";
-- if (server.value == NULL)
-- server.value = "(null)";
-+ if (client.value == NULL) {
-+ client.value = "(null)";
-+ clen = sizeof("(null)") - 1;
-+ } else {
-+ clen = client.length;
-+ }
-+ trunc_name(&clen, &cdots);
-+ if (server.value == NULL) {
-+ server.value = "(null)";
-+ slen = sizeof("(null)") - 1;
-+ } else {
-+ slen = server.length;
-+ }
-+ trunc_name(&slen, &sdots);
- a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr);
-
- proc = msg->rm_call.cb_proc;
-@@ -1013,14 +1025,14 @@
- }
- if (procname != NULL)
- krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %s, "
-- "claimed client = %s, server = %s, addr = %s",
-- procname, client.value,
-- server.value, a);
-+ "claimed client = %.*s%s, server = %.*s%s, addr = %s",
-+ procname, clen, client.value, cdots,
-+ slen, server.value, sdots, a);
- else
- krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %d, "
-- "claimed client = %s, server = %s, addr = %s",
-- proc, client.value,
-- server.value, a);
-+ "claimed client = %.*s%s, server = %.*s%s, addr = %s",
-+ proc, clen, client.value, cdots,
-+ slen, server.value, sdots, a);
-
- (void) gss_release_buffer(&minor, &client);
- (void) gss_release_buffer(&minor, &server);
-diff -urN krb5-1.5.2.orig/src/kadmin/server/schpw.c krb5-1.5.2/src/kadmin/server/schpw.c
---- krb5-1.5.2.orig/src/kadmin/server/schpw.c 2006-04-13 14:58:56.000000000 -0400
-+++ krb5-1.5.2/src/kadmin/server/schpw.c 2007-03-28 18:29:11.000000000 -0400
-@@ -40,6 +40,8 @@
- int numresult;
- char strresult[1024];
- char *clientstr;
-+ size_t clen;
-+ char *cdots;
-
- ret = 0;
- rep->length = 0;
-@@ -258,9 +260,12 @@
- free(ptr);
- clear.length = 0;
-
-- krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %s: %s",
-+ clen = strlen(clientstr);
-+ trunc_name(&clen, &cdots);
-+ krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %.*s%s: %s",
- inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr),
-- clientstr, ret ? krb5_get_error_message (context, ret) : "success");
-+ clen, clientstr, cdots,
-+ ret ? krb5_get_error_message (context, ret) : "success");
- krb5_free_unparsed_name(context, clientstr);
-
- if (ret) {
-diff -urN krb5-1.5.2.orig/src/kadmin/server/server_stubs.c krb5-1.5.2/src/kadmin/server/server_stubs.c
---- krb5-1.5.2.orig/src/kadmin/server/server_stubs.c 2006-04-13 14:58:56.000000000 -0400
-+++ krb5-1.5.2/src/kadmin/server/server_stubs.c 2007-03-28 21:03:41.000000000 -0400
-@@ -14,6 +14,7 @@
- #include <arpa/inet.h> /* inet_ntoa */
- #include <adm_proto.h> /* krb5_klog_syslog */
- #include "misc.h"
-+#include <string.h>
-
- #define LOG_UNAUTH "Unauthorized request: %s, %s, client=%s, service=%s, addr=%s"
- #define LOG_DONE "Request: %s, %s, %s, client=%s, service=%s, addr=%s"
-@@ -237,6 +238,50 @@
- return 0;
- }
-
-+static int
-+log_unauth(char *op, char *target, gss_buffer_t client, gss_buffer_t server, struct svc_req *rqstp)
-+{
-+ size_t tlen, clen, slen;
-+ char *tdots, *cdots, *sdots;
-+
-+ tlen = strlen(target);
-+ trunc_name(&tlen, &tdots);
-+ clen = client->length;
-+ trunc_name(&clen, &cdots);
-+ slen = server->length;
-+ trunc_name(&slen, &sdots);
-+
-+ return krb5_klog_syslog(LOG_NOTICE,
-+ "Unauthorized request: %s, %.*s%s, "
-+ "client=%.*s%s, service=%.*s%s, addr=%s",
-+ op, tlen, target, tdots,
-+ clen, client->value, cdots,
-+ slen, server->value, sdots,
-+ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+}
-+
-+static int
-+log_done(char *op, char *target, char *errmsg, gss_buffer_t client, gss_buffer_t server, struct svc_req *rqstp)
-+{
-+ size_t tlen, clen, slen;
-+ char *tdots, *cdots, *sdots;
-+
-+ tlen = strlen(target);
-+ trunc_name(&tlen, &tdots);
-+ clen = client->length;
-+ trunc_name(&clen, &cdots);
-+ slen = server->length;
-+ trunc_name(&slen, &sdots);
-+
-+ return krb5_klog_syslog(LOG_NOTICE,
-+ "Request: %s, %.*s%s, %s, "
-+ "client=%.*s%s, service=%.*s%s, addr=%s",
-+ op, tlen, target, tdots, errmsg,
-+ clen, client->value, cdots,
-+ slen, server->value, sdots,
-+ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+}
-+
- generic_ret *
- create_principal_2_svc(cprinc_arg *arg, struct svc_req *rqstp)
- {
-@@ -275,9 +320,8 @@
- || kadm5int_acl_impose_restrictions(handle->context,
- &arg->rec, &arg->mask, rp)) {
- ret.code = KADM5_AUTH_ADD;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_create_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_create_principal((void *)handle,
- &arg->rec, arg->mask,
-@@ -287,10 +331,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_create_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
-
- /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
- }
-@@ -341,9 +383,8 @@
- || kadm5int_acl_impose_restrictions(handle->context,
- &arg->rec, &arg->mask, rp)) {
- ret.code = KADM5_AUTH_ADD;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_create_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_create_principal_3((void *)handle,
- &arg->rec, arg->mask,
-@@ -355,10 +396,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_create_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
-
- /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
- }
-@@ -406,9 +445,8 @@
- || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_DELETE,
- arg->princ, NULL)) {
- ret.code = KADM5_AUTH_DELETE;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_delete_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_delete_principal((void *)handle, arg->princ);
- if( ret.code == 0 )
-@@ -416,10 +454,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_delete_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
-
- /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
- }
-@@ -469,9 +505,8 @@
- || kadm5int_acl_impose_restrictions(handle->context,
- &arg->rec, &arg->mask, rp)) {
- ret.code = KADM5_AUTH_MODIFY;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_modify_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_modify_principal((void *)handle, &arg->rec,
- arg->mask);
-@@ -480,10 +515,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_modify_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
-
- /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
- }
-@@ -546,9 +579,8 @@
- } else
- ret.code = KADM5_AUTH_INSUFFICIENT;
- if (ret.code != KADM5_OK) {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_rename_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_rename_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_rename_principal((void *)handle, arg->src,
- arg->dest);
-@@ -557,10 +589,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_rename_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- free(prime_arg1);
-@@ -614,9 +644,8 @@
- arg->princ,
- NULL))) {
- ret.code = KADM5_AUTH_GET;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth(funcname, prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- if (handle->api_version == KADM5_API_VERSION_1) {
- ret.code = kadm5_get_principal_v1((void *)handle,
-@@ -636,11 +665,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
-- prime_arg,
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done(funcname, prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
-
- }
- free_server_handle(handle);
-@@ -688,9 +714,8 @@
- NULL,
- NULL)) {
- ret.code = KADM5_AUTH_LIST;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_principals",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_get_principals", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_get_principals((void *)handle,
- arg->exp, &ret.princs,
-@@ -700,11 +725,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals",
-- prime_arg,
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_get_principals", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
-
- }
- free_server_handle(handle);
-@@ -755,9 +777,8 @@
- ret.code = kadm5_chpass_principal((void *)handle, arg->princ,
- arg->pass);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_chpass_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_CHANGEPW;
- }
-
-@@ -767,10 +788,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_chpass_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
-
- free_server_handle(handle);
-@@ -828,9 +847,8 @@
- arg->ks_tuple,
- arg->pass);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_chpass_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_CHANGEPW;
- }
-
-@@ -840,10 +858,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_chpass_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
-
- free_server_handle(handle);
-@@ -892,9 +908,8 @@
- ret.code = kadm5_setv4key_principal((void *)handle, arg->princ,
- arg->keyblock);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setv4key_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_setv4key_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_SETKEY;
- }
-
-@@ -904,10 +919,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_setv4key_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
-
- free_server_handle(handle);
-@@ -956,9 +969,8 @@
- ret.code = kadm5_setkey_principal((void *)handle, arg->princ,
- arg->keyblocks, arg->n_keys);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_setkey_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_SETKEY;
- }
-
-@@ -968,10 +980,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_setkey_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
-
- free_server_handle(handle);
-@@ -1023,9 +1033,8 @@
- arg->ks_tuple,
- arg->keyblocks, arg->n_keys);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_setkey_principal", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_SETKEY;
- }
-
-@@ -1035,10 +1044,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal",
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_setkey_principal", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
-
- free_server_handle(handle);
-@@ -1097,9 +1104,8 @@
- ret.code = kadm5_randkey_principal((void *)handle, arg->princ,
- &k, &nkeys);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth(funcname, prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_CHANGEPW;
- }
-
-@@ -1119,10 +1125,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done(funcname, prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- free(prime_arg);
-@@ -1185,9 +1189,8 @@
- arg->ks_tuple,
- &k, &nkeys);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth(funcname, prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_CHANGEPW;
- }
-
-@@ -1207,10 +1210,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
-- prime_arg, errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done(funcname, prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- free(prime_arg);
-@@ -1253,9 +1254,8 @@
- rqst2name(rqstp),
- ACL_ADD, NULL, NULL)) {
- ret.code = KADM5_AUTH_ADD;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_policy",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_create_policy", prime_arg,
-+ &client_name, &service_name, rqstp);
-
- } else {
- ret.code = kadm5_create_policy((void *)handle, &arg->rec,
-@@ -1265,11 +1265,9 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy",
-- ((prime_arg == NULL) ? "(null)" : prime_arg),
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_create_policy",
-+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- gss_release_buffer(&minor_stat, &client_name);
-@@ -1310,9 +1308,8 @@
- if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
- rqst2name(rqstp),
- ACL_DELETE, NULL, NULL)) {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_policy",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_delete_policy", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_DELETE;
- } else {
- ret.code = kadm5_delete_policy((void *)handle, arg->name);
-@@ -1321,11 +1318,9 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy",
-- ((prime_arg == NULL) ? "(null)" : prime_arg),
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_delete_policy",
-+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- gss_release_buffer(&minor_stat, &client_name);
-@@ -1366,9 +1361,8 @@
- if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
- rqst2name(rqstp),
- ACL_MODIFY, NULL, NULL)) {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_policy",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_modify_policy", prime_arg,
-+ &client_name, &service_name, rqstp);
- ret.code = KADM5_AUTH_MODIFY;
- } else {
- ret.code = kadm5_modify_policy((void *)handle, &arg->rec,
-@@ -1378,11 +1372,9 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy",
-- ((prime_arg == NULL) ? "(null)" : prime_arg),
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_modify_policy",
-+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- gss_release_buffer(&minor_stat, &client_name);
-@@ -1464,15 +1456,12 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
-- ((prime_arg == NULL) ? "(null)" : prime_arg),
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done(funcname,
-+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
-+ &client_name, &service_name, rqstp);
- } else {
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth(funcname, prime_arg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- gss_release_buffer(&minor_stat, &client_name);
-@@ -1517,9 +1506,8 @@
- rqst2name(rqstp),
- ACL_LIST, NULL, NULL)) {
- ret.code = KADM5_AUTH_LIST;
-- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_policies",
-- prime_arg, client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_unauth("kadm5_get_policies", prime_arg,
-+ &client_name, &service_name, rqstp);
- } else {
- ret.code = kadm5_get_policies((void *)handle,
- arg->exp, &ret.pols,
-@@ -1529,11 +1517,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies",
-- prime_arg,
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_get_policies", prime_arg, errmsg,
-+ &client_name, &service_name, rqstp);
- }
- free_server_handle(handle);
- gss_release_buffer(&minor_stat, &client_name);
-@@ -1573,11 +1558,8 @@
- else
- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs",
-- client_name.value,
-- errmsg,
-- client_name.value, service_name.value,
-- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
-+ log_done("kadm5_get_privs", client_name.value, errmsg,
-+ &client_name, &service_name, rqstp);
-
- free_server_handle(handle);
- gss_release_buffer(&minor_stat, &client_name);
-@@ -1594,6 +1576,8 @@
- kadm5_server_handle_t handle;
- OM_uint32 minor_stat;
- char *errmsg = 0;
-+ size_t clen, slen;
-+ char *cdots, *sdots;
-
- xdr_free(xdr_generic_ret, &ret);
-
-@@ -1611,13 +1595,21 @@
- }
-
- if (ret.code != 0)
-- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-- krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d",
-+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
-+ else
-+ errmsg = "success";
-+
-+ clen = client_name.length;
-+ trunc_name(&clen, &cdots);
-+ slen = service_name.length;
-+ trunc_name(&slen, &sdots);
-+ krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, "
-+ "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d",
- (ret.api_version == KADM5_API_VERSION_1 ?
- "kadm5_init (V1)" : "kadm5_init"),
-- client_name.value,
-- (ret.code == 0) ? "success" : errmsg,
-- client_name.value, service_name.value,
-+ clen, client_name.value, cdots, errmsg,
-+ clen, client_name.value, cdots,
-+ slen, service_name.value, sdots,
- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr),
- rqstp->rq_cred.oa_flavor);
- gss_release_buffer(&minor_stat, &client_name);
-diff -urN krb5-1.5.2.orig/src/kdc/do_tgs_req.c krb5-1.5.2/src/kdc/do_tgs_req.c
---- krb5-1.5.2.orig/src/kdc/do_tgs_req.c 2006-08-07 15:38:41.000000000 -0400
-+++ krb5-1.5.2/src/kdc/do_tgs_req.c 2007-03-28 21:08:52.000000000 -0400
-@@ -491,30 +491,40 @@
- newtransited = 1;
- }
- if (!isflagset (request->kdc_options, KDC_OPT_DISABLE_TRANSITED_CHECK)) {
-- errcode = krb5_check_transited_list (kdc_context,
-+ unsigned int tlen;
-+ char *tdots;
-+
-+ errcode = krb5_check_transited_list (kdc_context,
- &enc_tkt_reply.transited.tr_contents,
- krb5_princ_realm (kdc_context, header_ticket->enc_part2->client),
- krb5_princ_realm (kdc_context, request->server));
-- if (errcode == 0) {
-- setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED);
-- } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT)
-- krb5_klog_syslog (LOG_INFO,
-- "bad realm transit path from '%s' to '%s' via '%.*s'",
-+ tlen = enc_tkt_reply.transited.tr_contents.length;
-+ tdots = tlen > 125 ? "..." : "";
-+ tlen = tlen > 125 ? 125 : tlen;
-+
-+ if (errcode == 0) {
-+ setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED);
-+ } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT)
-+ krb5_klog_syslog (LOG_INFO,
-+ "bad realm transit path from '%s' to '%s' "
-+ "via '%.*s%s'",
- cname ? cname : "<unknown client>",
- sname ? sname : "<unknown server>",
-- enc_tkt_reply.transited.tr_contents.length,
-- enc_tkt_reply.transited.tr_contents.data);
-- else {
-- char *emsg = krb5_get_error_message(kdc_context, errcode);
-- krb5_klog_syslog (LOG_ERR,
-- "unexpected error checking transit from '%s' to '%s' via '%.*s': %s",
-+ tlen,
-+ enc_tkt_reply.transited.tr_contents.data,
-+ tdots);
-+ else {
-+ const char *emsg = krb5_get_error_message(kdc_context, errcode);
-+ krb5_klog_syslog (LOG_ERR,
-+ "unexpected error checking transit from "
-+ "'%s' to '%s' via '%.*s%s': %s",
- cname ? cname : "<unknown client>",
- sname ? sname : "<unknown server>",
-- enc_tkt_reply.transited.tr_contents.length,
-+ tlen,
- enc_tkt_reply.transited.tr_contents.data,
-- emsg);
-+ tdots, emsg);
- krb5_free_error_message(kdc_context, emsg);
-- }
-+ }
- } else
- krb5_klog_syslog (LOG_INFO, "not checking transit path");
- if (reject_bad_transit
-@@ -542,6 +552,9 @@
- if (!krb5_principal_compare(kdc_context, request->server, client2)) {
- if ((errcode = krb5_unparse_name(kdc_context, client2, &tmp)))
- tmp = 0;
-+ if (tmp != NULL)
-+ limit_string(tmp);
-+
- krb5_klog_syslog(LOG_INFO,
- "TGS_REQ %s: 2ND_TKT_MISMATCH: "
- "authtime %d, %s for %s, 2nd tkt client %s",
-@@ -816,6 +829,7 @@
- krb5_klog_syslog(LOG_INFO,
- "TGS_REQ: issuing alternate <un-unparseable> TGT");
- } else {
-+ limit_string(sname);
- krb5_klog_syslog(LOG_INFO,
- "TGS_REQ: issuing TGT %s", sname);
- free(sname);
-diff -urN krb5-1.5.2.orig/src/kdc/kdc_util.c krb5-1.5.2/src/kdc/kdc_util.c
---- krb5-1.5.2.orig/src/kdc/kdc_util.c 2004-02-12 23:20:56.000000000 -0500
-+++ krb5-1.5.2/src/kdc/kdc_util.c 2007-03-28 19:16:51.000000000 -0400
-@@ -404,6 +404,7 @@
-
- krb5_db_free_principal(kdc_context, &server, nprincs);
- if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) {
-+ limit_string(sname);
- krb5_klog_syslog(LOG_ERR,"TGS_REQ: UNKNOWN SERVER: server='%s'",
- sname);
- free(sname);
-diff -urN krb5-1.5.2.orig/src/lib/kadm5/logger.c krb5-1.5.2/src/lib/kadm5/logger.c
---- krb5-1.5.2.orig/src/lib/kadm5/logger.c 2006-05-31 23:18:19.000000000 -0400
-+++ krb5-1.5.2/src/lib/kadm5/logger.c 2007-03-28 19:20:15.000000000 -0400
-@@ -45,7 +45,7 @@
- #include <varargs.h>
- #endif /* HAVE_STDARG_H */
-
--#define KRB5_KLOG_MAX_ERRMSG_SIZE 1024
-+#define KRB5_KLOG_MAX_ERRMSG_SIZE 2048
- #ifndef MAXHOSTNAMELEN
- #define MAXHOSTNAMELEN 256
- #endif /* MAXHOSTNAMELEN */
-@@ -261,7 +261,9 @@
- #endif /* HAVE_SYSLOG */
-
- /* Now format the actual message */
--#if HAVE_VSPRINTF
-+#if HAVE_VSNPRINTF
-+ vsnprintf(cp, sizeof(outbuf) - (cp - outbuf), actual_format, ap);
-+#elif HAVE_VSPRINTF
- vsprintf(cp, actual_format, ap);
- #else /* HAVE_VSPRINTF */
- sprintf(cp, actual_format, ((int *) ap)[0], ((int *) ap)[1],
-@@ -850,7 +852,9 @@
- syslogp = &outbuf[strlen(outbuf)];
-
- /* Now format the actual message */
--#ifdef HAVE_VSPRINTF
-+#ifdef HAVE_VSNPRINTF
-+ vsnprintf(syslogp, sizeof(outbuf) - (syslogp - outbuf), format, arglist);
-+#elif HAVE_VSPRINTF
- vsprintf(syslogp, format, arglist);
- #else /* HAVE_VSPRINTF */
- sprintf(syslogp, format, ((int *) arglist)[0], ((int *) arglist)[1],
diff --git a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch b/app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch
deleted file mode 100644
index 756a35073a91..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -urN krb5-1.5.2.old/src/lib/gssapi/krb5/k5unseal.c krb5-1.5.2/src/lib/gssapi/krb5/k5unseal.c
---- krb5-1.5.2.old/src/lib/gssapi/krb5/k5unseal.c 2006-05-09 07:31:02.000000000 -0400
-+++ krb5-1.5.2/src/lib/gssapi/krb5/k5unseal.c 2007-03-28 21:13:44.000000000 -0400
-@@ -457,8 +457,11 @@
-
- if ((ctx->initiate && direction != 0xff) ||
- (!ctx->initiate && direction != 0)) {
-- if (toktype == KG_TOK_SEAL_MSG)
-+ if (toktype == KG_TOK_SEAL_MSG) {
- xfree(token.value);
-+ message_buffer->value = NULL;
-+ message_buffer->length = 0;
-+ }
- *minor_status = G_BAD_DIRECTION;
- return(GSS_S_BAD_SIG);
- }
diff --git a/app-crypt/mit-krb5/files/mit-krb5-pthreads.patch b/app-crypt/mit-krb5/files/mit-krb5-pthreads.patch
deleted file mode 100644
index 726dfa4bf323..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-pthreads.patch
+++ /dev/null
@@ -1,29 +0,0 @@
---- krb5-1.4.3/src/aclocal.m4 2006-01-19 18:56:17.000000000 -0500
-+++ krb5-1.4.3/src/aclocal.m4 2006-01-19 18:56:11.000000000 -0500
-@@ -171,7 +171,14 @@
- dnl reference support we can figure out whether or not the pthread library
- dnl has been linked in.
- dnl If we don't add any libraries for thread support, don't bother.
--AC_CHECK_FUNCS(pthread_once pthread_mutexattr_setrobust_np pthread_rwlock_init)
-+for fn in pthread_once pthread_mutexattr_setrobust_np pthread_rwlock_init ; do
-+ AC_CHECK_DECLS($fn,,,[
-+ #ifdef HAVE_PTHREAD
-+ #include <pthread.h>
-+ #endif
-+ ])
-+ AC_CHECK_FUNCS($fn)
-+done
- old_CC="$CC"
- test "$PTHREAD_CC" != "" && test "$ac_cv_c_compiler_gnu" = no && CC=$PTHREAD_CC
- old_CFLAGS="$CFLAGS"
---- krb5-1.4.3/src/util/support/threads.c 2005-08-12 16:57:07.000000000 -0400
-+++ krb5-1.4.3/src/util/support/threads.c 2006-01-19 19:00:59.000000000 -0500
-@@ -141,7 +141,7 @@
- || &pthread_equal == 0
- /* This catches Solaris 9. May be redundant with the above
- tests now. */
--# ifdef HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB
-+# if defined(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB) && HAVE_DECL_PTHREAD_MUTEXATTR_SETROBUST_NP
- || &pthread_mutexattr_setrobust_np == 0
- # endif
- /* Any program that's really multithreaded will have to be
diff --git a/app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch b/app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch
deleted file mode 100644
index 73cafbd1a76d..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-diff -ru krb5-1.4.3.orig/src/aclocal.m4 krb5-1.4.3/src/aclocal.m4
---- krb5-1.4.3.orig/src/aclocal.m4 2005-09-22 13:16:11.000000000 -0400
-+++ krb5-1.4.3/src/aclocal.m4 2006-03-26 09:50:10.000000000 -0500
-@@ -182,7 +182,10 @@
- LIBS="$PTHREAD_LIBS $LIBS"
- AC_MSG_NOTICE(rechecking with PTHREAD_... options)
- AC_CHECK_LIB(c, pthread_mutexattr_setrobust_np,
-- [AC_DEFINE(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB,1,[Define if pthread_mutexattr_setrobust_np is provided in the thread library.])])
-+ [AC_DEFINE(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB,1,[Define if pthread_mutexattr_setrobust_np is provided in the thread library.])
-+# pthread_mutexattr_setrobust_np is declared as a GNU extension on GNU libc
-+ PTHREAD_CFLAGS="$PTHREAD_CFLAGS -D_GNU_SOURCE"
-+ ])
- AC_CHECK_LIB(c, pthread_rwlock_init,
- [AC_DEFINE(HAVE_PTHREAD_RWLOCK_INIT_IN_THREAD_LIB,1,[Define if pthread_rwlock_init is provided in the thread library.])])
- LIBS="$old_LIBS"
-diff -ru krb5-1.4.3.orig/src/configure.in krb5-1.4.3/src/configure.in
---- krb5-1.4.3.orig/src/configure.in 2005-07-18 18:12:43.000000000 -0400
-+++ krb5-1.4.3/src/configure.in 2006-03-26 09:50:16.000000000 -0500
-@@ -66,14 +66,7 @@
- dnl for kdc
- AC_CHECK_HEADERS(syslog.h stdarg.h sys/select.h sys/sockio.h ifaddrs.h unistd.h)
- AC_CHECK_FUNCS(openlog syslog closelog strftime vsprintf)
--KRB5_NEED_PROTO([#include <string.h>
--#ifdef HAVE_UNISTD_H
--#include <unistd.h>
--#endif
--/* Solaris 8 declares swab in stdlib.h. */
--#include <stdlib.h>
--],swab,1)
--dnl
-+
- AC_PROG_AWK
- KRB5_AC_INET6
- KRB5_SOCKADDR_SA_LEN
-@@ -160,6 +153,18 @@
- fi # tsmissing not empty
- fi # enable_thread_support
- dnl
-+# The _GNU_SOURCE for pthread_mutex_attr_setrobust_np creates a clash with
-+# with the swab declaration
-+if echo "$PTHREAD_CFLAGS" | test ! grep _GNU_SOURCE; then
-+KRB5_NEED_PROTO([#include <string.h>
-+#ifdef HAVE_UNISTD_H
-+#include <unistd.h>
-+#endif
-+/* Solaris 8 declares swab in stdlib.h. */
-+#include <stdlib.h>
-+],swab,1)
-+fi
-+dnl
- HOST_TYPE=$krb5_cv_host
- AC_SUBST(HOST_TYPE)
- dnl
diff --git a/app-crypt/mit-krb5/files/mit-krb5-setupterm.patch b/app-crypt/mit-krb5/files/mit-krb5-setupterm.patch
deleted file mode 100644
index 3c81382460c9..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-setupterm.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- krb5-1.4.3/src/appl/telnet/configure.in.orig 2006-05-21 16:28:39.187870750 -0400
-+++ krb5-1.4.3/src/appl/telnet/configure.in 2006-05-21 16:29:26.758843750 -0400
-@@ -50,7 +50,7 @@
- #endif
- ])
- dnl
--AC_CHECK_LIB(termcap,main,AC_DEFINE(TERMCAP)
-+AC_CHECK_LIB(termcap,setupterm,AC_DEFINE(TERMCAP)
- LIBS="$LIBS -ltermcap",
- AC_CHECK_LIB(curses,setupterm,LIBS="$LIBS -lcurses",
- AC_CHECK_LIB(ncurses,setupterm,LIBS="$LIBS -lncurses")
-@@ -96,7 +96,7 @@
- dnl from old telnetd/configure.in
- dnl
- dnl AC_PROG_INSTALL
--AC_CHECK_LIB(termcap,main,AC_DEFINE(TERMCAP)
-+AC_CHECK_LIB(termcap,setupterm,AC_DEFINE(TERMCAP)
- LIBS="$LIBS -ltermcap",
- AC_CHECK_LIB(curses,setupterm,LIBS="$LIBS -lcurses",
- AC_CHECK_LIB(ncurses,setupterm,LIBS="$LIBS -lncurses")
diff --git a/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild
index a8b42d05638f..04dbff965e56 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild
@@ -1,15 +1,19 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild,v 1.12 2007/04/03 20:51:40 seemant Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild,v 1.13 2007/04/04 02:46:56 seemant Exp $
inherit eutils flag-o-matic versionator autotools
+PATCHV="0.1"
MY_P=${P/mit-}
P_DIR=$(get_version_component_range 1-2)
S=${WORKDIR}/${MY_P}/src
DESCRIPTION="MIT Kerberos V"
HOMEPAGE="http://web.mit.edu/kerberos/www/"
-SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar"
+SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar
+ mirror://gentoo/${P}-patches-${PATCHV}.tar.bz2"
+
+PATCHDIR="${WORKDIR}/patch"
LICENSE="as-is"
SLOT="0"
@@ -34,14 +38,11 @@ pkg_setup() {
}
src_unpack() {
- unpack ${MY_P}-signed.tar
+ unpack ${A}
unpack ./${MY_P}.tar.gz
cd "${S}"
epatch "${FILESDIR}"/${PN}-lazyldflags.patch
- epatch "${FILESDIR}"/${PN}-robustgnu.patch
- epatch "${FILESDIR}"/${PN}-pthreads.patch
- epatch "${FILESDIR}"/${PN}-setupterm.patch
- epatch "${FILESDIR}"/${P}-setuid.patch
+ EPATCH_SUFFIX="patch" epatch "${PATCHDIR}"
ebegin "Reconfiguring configure scripts (be patient)"
cd "${S}"/appl/telnet
eautoconf --force -I "${S}"
diff --git a/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild
index 5c6f905dc733..c04a42a5daff 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild
@@ -1,15 +1,19 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild,v 1.1 2007/04/03 20:19:13 seemant Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild,v 1.2 2007/04/04 02:46:56 seemant Exp $
inherit eutils flag-o-matic versionator autotools
+PATCHV="0.1"
MY_P=${P/mit-}
P_DIR=$(get_version_component_range 1-2)
S=${WORKDIR}/${MY_P}/src
DESCRIPTION="MIT Kerberos V"
HOMEPAGE="http://web.mit.edu/kerberos/www/"
-SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar"
+SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar
+ mirror://gentoo/${P}-patches-${PATCHV}.tar.bz2"
+
+PATCHDIR="${WORKDIR}/patch"
LICENSE="as-is"
SLOT="0"
@@ -25,13 +29,11 @@ DEPEND="${RDEPEND}
PROVIDE="virtual/krb5"
src_unpack() {
- unpack ${MY_P}-signed.tar
+ unpack ${A}
unpack ./${MY_P}.tar.gz
cd "${S}"
epatch "${FILESDIR}"/${PN}-lazyldflags.patch
- epatch "${FILESDIR}"/${PN}-SA-2007-001-telnetd.patch
- epatch "${FILESDIR}"/${PN}-SA-2007-002-syslog.patch
- epatch "${FILESDIR}"/${PN}-SA-2007-003.patch
+ EPATCH_SUFFIX="patch" epatch "${PATCHDIR}"
ebegin "Reconfiguring configure scripts (be patient)"
cd "${S}"/appl/telnet
eautoconf --force -I "${S}"
diff --git a/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild b/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild
index 3d15360252d0..f6d9d8a8ed0c 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild
@@ -1,15 +1,19 @@
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild,v 1.1 2007/04/03 20:51:40 seemant Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild,v 1.2 2007/04/04 02:46:56 seemant Exp $
inherit eutils flag-o-matic versionator autotools
+PATCHV="0.1"
MY_P=${P/mit-}
P_DIR=$(get_version_component_range 1-2)
S=${WORKDIR}/${MY_P}/src
DESCRIPTION="MIT Kerberos V"
HOMEPAGE="http://web.mit.edu/kerberos/www/"
-SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar"
+SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar
+ mirror://gentoo/${P}-patches-${PATCHV}.tar.bz2"
+
+PATCHDIR="${WORKDIR}/patch"
LICENSE="as-is"
SLOT="0"
@@ -25,13 +29,11 @@ DEPEND="${RDEPEND}
PROVIDE="virtual/krb5"
src_unpack() {
- unpack ${MY_P}-signed.tar
+ unpack ${A}
unpack ./${MY_P}.tar.gz
cd "${S}"
epatch "${FILESDIR}"/${PN}-lazyldflags.patch
- epatch "${FILESDIR}"/${PN}-SA-2007-001-telnetd.patch
- epatch "${FILESDIR}"/${PN}-SA-2007-002-syslog.patch
- epatch "${FILESDIR}"/${PN}-SA-2007-003.patch
+ EPATCH_SUFFIX="patch" epatch "${PATCHDIR}"
ebegin "Reconfiguring configure scripts (be patient)"
cd "${S}"/appl/telnet
eautoconf --force -I "${S}"