From: Seemant Kulleen Date: Wed, 4 Apr 2007 02:46:56 +0000 (+0000) Subject: removed the patches from filesdir and into their own tarballs, otherwise (as the... X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=943d6bb0b3adfa41f02c8e3a2a895df578c87c3f;p=gentoo.git removed the patches from filesdir and into their own tarballs, otherwise (as the prior cleanup showed) things just die in that director Package-Manager: portage-2.1.2.3 --- diff --git a/app-crypt/mit-krb5/ChangeLog b/app-crypt/mit-krb5/ChangeLog index 383472932d02..ee14c7093a3b 100644 --- a/app-crypt/mit-krb5/ChangeLog +++ b/app-crypt/mit-krb5/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for app-crypt/mit-krb5 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.148 2007/04/03 20:51:40 seemant Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.149 2007/04/04 02:46:56 seemant Exp $ + + 04 Apr 2007; Seemant Kulleen + -files/mit-krb5-1.4.3-setuid.patch, + -files/mit-krb5-SA-2007-001-telnetd.patch, + -files/mit-krb5-SA-2007-002-syslog.patch, + -files/mit-krb5-SA-2007-003.patch, -files/mit-krb5-pthreads.patch, + -files/mit-krb5-robustgnu.patch, -files/mit-krb5-setupterm.patch, + mit-krb5-1.4.3-r3.ebuild, mit-krb5-1.5.2-r1.ebuild, + mit-krb5-1.5.2-r2.ebuild: + removed the patches from filesdir and into their own tarballs, otherwise (as + the prior cleanup showed) things just die in that director *mit-krb5-1.5.2-r2 (03 Apr 2007) diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest index f4075af4c437..d8aeb36b9713 100644 --- a/app-crypt/mit-krb5/Manifest +++ b/app-crypt/mit-krb5/Manifest @@ -1,35 +1,7 @@ -AUX mit-krb5-1.4.3-setuid.patch 7066 RMD160 5d9b862ed554cf63d567dbfb4f4308b8771eeb89 SHA1 1135ad0428c92e7be2da2bce6dd0977bad0848e0 SHA256 334f4aeb83f79206829ac588ac2919fa2730a6524c1041fe5a3915c986c1ab3c -MD5 161af87937e59b10d0d1cb0ab771cb19 files/mit-krb5-1.4.3-setuid.patch 7066 -RMD160 5d9b862ed554cf63d567dbfb4f4308b8771eeb89 files/mit-krb5-1.4.3-setuid.patch 7066 -SHA256 334f4aeb83f79206829ac588ac2919fa2730a6524c1041fe5a3915c986c1ab3c files/mit-krb5-1.4.3-setuid.patch 7066 -AUX mit-krb5-SA-2007-001-telnetd.patch 2089 RMD160 66d230ad48d4a5292520579de63778d06357fbac SHA1 1e1c4c184caf3be7480f7bf4797bedcd05042de1 SHA256 edd4de87ad2f01c6d07f49101ecb6e7853a2979ef23c8496ac833f7dfaedede7 -MD5 60d3143180d1eab444bb5a64bc045420 files/mit-krb5-SA-2007-001-telnetd.patch 2089 -RMD160 66d230ad48d4a5292520579de63778d06357fbac files/mit-krb5-SA-2007-001-telnetd.patch 2089 -SHA256 edd4de87ad2f01c6d07f49101ecb6e7853a2979ef23c8496ac833f7dfaedede7 files/mit-krb5-SA-2007-001-telnetd.patch 2089 -AUX mit-krb5-SA-2007-002-syslog.patch 31119 RMD160 e9ca437400760ea2762b097b215702194c5b93bd SHA1 63e27604500874ff1a1fa4da8d537a0bde15c289 SHA256 0c36a81867c9ff3e761853d4f3d90cdfb41bfa7b665d7da05c5cd713443a4541 -MD5 3d61faafa1c2c44fc1f74fcc8781c059 files/mit-krb5-SA-2007-002-syslog.patch 31119 -RMD160 e9ca437400760ea2762b097b215702194c5b93bd files/mit-krb5-SA-2007-002-syslog.patch 31119 -SHA256 0c36a81867c9ff3e761853d4f3d90cdfb41bfa7b665d7da05c5cd713443a4541 files/mit-krb5-SA-2007-002-syslog.patch 31119 -AUX mit-krb5-SA-2007-003.patch 609 RMD160 bb6dbd8a850a5767e0812429f35acec56fa3084c SHA1 16f034b9044a8e31c7746fb97c05f1405b778f01 SHA256 300f666872407e196e1b2ed86812ddaa44dfd0cd53a4194260b43b88fb8c0133 -MD5 3e1a043cbe0971ab090112e3cc6ce85d files/mit-krb5-SA-2007-003.patch 609 -RMD160 bb6dbd8a850a5767e0812429f35acec56fa3084c files/mit-krb5-SA-2007-003.patch 609 -SHA256 300f666872407e196e1b2ed86812ddaa44dfd0cd53a4194260b43b88fb8c0133 files/mit-krb5-SA-2007-003.patch 609 AUX mit-krb5-lazyldflags.patch 509 RMD160 47515882e93e0db7db6980a4460a01f2cbc3f382 SHA1 db880ff82bd72afd2815a8e8d345c815c2769715 SHA256 272b3a18303b43c64bbcc1da9bcb7cd60d56337700d84c78741c7096c18044d5 MD5 ae7e2bde0b20e580f49d5a3c524b445b files/mit-krb5-lazyldflags.patch 509 RMD160 47515882e93e0db7db6980a4460a01f2cbc3f382 files/mit-krb5-lazyldflags.patch 509 SHA256 272b3a18303b43c64bbcc1da9bcb7cd60d56337700d84c78741c7096c18044d5 files/mit-krb5-lazyldflags.patch 509 -AUX mit-krb5-pthreads.patch 1276 RMD160 33a48c04e887c2067c8a94c431d0140d5138677b SHA1 45ec66393fcf945c7a16450d0c26f3373234d523 SHA256 c9c87efc3c381bc63a86d3d341ceb5413e2b038de9302335e34c1ac743773072 -MD5 6eae177180fe525b127ee90ddff1fefd files/mit-krb5-pthreads.patch 1276 -RMD160 33a48c04e887c2067c8a94c431d0140d5138677b files/mit-krb5-pthreads.patch 1276 -SHA256 c9c87efc3c381bc63a86d3d341ceb5413e2b038de9302335e34c1ac743773072 files/mit-krb5-pthreads.patch 1276 -AUX mit-krb5-robustgnu.patch 2040 RMD160 3955fd028c5b5a4a274105d3f3da8fed1199026e SHA1 6232af38c2911a1ca24d7c78f8a5bebbd975ed0d SHA256 e7c557a727be720e87317cfc257a571437a8f2fa2788e1bc10c314642a48cb51 -MD5 7a258688eeb2150375d30e04a9d49dbe files/mit-krb5-robustgnu.patch 2040 -RMD160 3955fd028c5b5a4a274105d3f3da8fed1199026e files/mit-krb5-robustgnu.patch 2040 -SHA256 e7c557a727be720e87317cfc257a571437a8f2fa2788e1bc10c314642a48cb51 files/mit-krb5-robustgnu.patch 2040 -AUX mit-krb5-setupterm.patch 751 RMD160 26b663f1d13fe50706fc084eb1489ce3fc7b1dbc SHA1 5a4bbe78af977dd4370eca88b10d3e342b5f7e0f SHA256 6ffc82225d3702c5a08688212d034aba95a473a26d2bdd4bd7463b05fff73886 -MD5 672d9fd88c1b5769790b0d025a9a1c7d files/mit-krb5-setupterm.patch 751 -RMD160 26b663f1d13fe50706fc084eb1489ce3fc7b1dbc files/mit-krb5-setupterm.patch 751 -SHA256 6ffc82225d3702c5a08688212d034aba95a473a26d2bdd4bd7463b05fff73886 files/mit-krb5-setupterm.patch 751 AUX mit-krb5kadmind.initd 687 RMD160 7602d12d570e80edf24953befbe4ec03d247e4ba SHA1 753a5875659d3bef63c1a50bb0228f1c3c06bdf9 SHA256 427953b3a2dbe0a8f85bee1294a348c97dbbdac4741f06c2a3768170ba29161a MD5 61a61d22565605924a06789f9da352bf files/mit-krb5kadmind.initd 687 RMD160 7602d12d570e80edf24953befbe4ec03d247e4ba files/mit-krb5kadmind.initd 687 @@ -40,32 +12,34 @@ RMD160 8c4c508273f9d715ac0e0a8d9c54e36f63526b9b files/mit-krb5kdc.initd 656 SHA256 d813dbf3ee89f0da6b73455fd8759898223529c4cf7c1c2ec64a3128363194e2 files/mit-krb5kdc.initd 656 DIST krb5-1.4.3-signed.tar 7290880 RMD160 838425b59bf37da69c927eb346be78d059fa6db7 SHA1 94bd12d664b1ef32bbf5b8ffe062fe473909f9a7 SHA256 86f246877cc912ae6a82b6bb16217e54ec31fe46ae33a39a42b3f062bb5e6cbe DIST krb5-1.5.2-signed.tar 10086400 RMD160 b8eca92373155eac0661721f0c65777673d4654e SHA1 2693e31187629fccbcfecf750828f61c69251da6 SHA256 1db46e506fbc0b1a274cb00c3fda5b5e4de832ce40c209e4f6603adcdf2e770e -EBUILD mit-krb5-1.4.3-r3.ebuild 2826 RMD160 5e84657dc8e4f264d515bca233c352c2749e5575 SHA1 347ea7bdec4272978785c4311557791085ddf39a SHA256 d839ec6b71550060eaa043437bdc979a2eb39fb18ade13bb4f3df203989c0e56 -MD5 ff420d1537baa28bfed277311ab61cd9 mit-krb5-1.4.3-r3.ebuild 2826 -RMD160 5e84657dc8e4f264d515bca233c352c2749e5575 mit-krb5-1.4.3-r3.ebuild 2826 -SHA256 d839ec6b71550060eaa043437bdc979a2eb39fb18ade13bb4f3df203989c0e56 mit-krb5-1.4.3-r3.ebuild 2826 -EBUILD mit-krb5-1.5.2-r1.ebuild 2496 RMD160 df6bd7f33a4bfa228cd2e019b1188c6afe41680a SHA1 86286c0cda66fba6828916a05316d1144770c750 SHA256 4f684d5b07c4227414f95264705a58fb24a8c0ccd14af20391254ecf44f437ab -MD5 bfd51922172fd06fc0cd48b05f308ae2 mit-krb5-1.5.2-r1.ebuild 2496 -RMD160 df6bd7f33a4bfa228cd2e019b1188c6afe41680a mit-krb5-1.5.2-r1.ebuild 2496 -SHA256 4f684d5b07c4227414f95264705a58fb24a8c0ccd14af20391254ecf44f437ab mit-krb5-1.5.2-r1.ebuild 2496 -EBUILD mit-krb5-1.5.2-r2.ebuild 2538 RMD160 50e700337f01eaf0c1f585973f8e2b654d1b24e2 SHA1 5e349e49858b57118e558f5c7eb8bb461058f426 SHA256 b4deceeb9f7a87c3ed416c111c78438a5b89314057f67ac2eadc5303e27fb335 -MD5 af726c63f5568581ea613934b2170ebe mit-krb5-1.5.2-r2.ebuild 2538 -RMD160 50e700337f01eaf0c1f585973f8e2b654d1b24e2 mit-krb5-1.5.2-r2.ebuild 2538 -SHA256 b4deceeb9f7a87c3ed416c111c78438a5b89314057f67ac2eadc5303e27fb335 mit-krb5-1.5.2-r2.ebuild 2538 -MISC ChangeLog 2487 RMD160 335ae458a80af328c1a287ca55b7f5d4e100c878 SHA1 480b67bc9ef888b2c1bd543a4f5159aa084fa279 SHA256 ae77a9ab43bca145fa8890cd53081c5c2de0b35acfc0beb4aa65c2d11848e24b -MD5 00e6c02af9d11b317f9d0623f2fbbf18 ChangeLog 2487 -RMD160 335ae458a80af328c1a287ca55b7f5d4e100c878 ChangeLog 2487 -SHA256 ae77a9ab43bca145fa8890cd53081c5c2de0b35acfc0beb4aa65c2d11848e24b ChangeLog 2487 +DIST mit-krb5-1.4.3-patches-0.1.tar.bz2 4271 RMD160 89f4b6bf1d343377e37839d28ac0f401be216e69 SHA1 461b8b968415c0269775d19cd1ea2974c779823a SHA256 e1bd1d4ad64ab34d6eba5a91141a7a0fc94982f0a2db8aa057ae356f7da9c109 +DIST mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 RMD160 53cbce1e71e9c8c58621cf695a57cc7d50af5e52 SHA1 4b385b5db1497579287643051c4b60ebc6f83b43 SHA256 841541f3767af698745f4fde2d492c06880260a72b8f2178d4c0d2ae4ce446b4 +EBUILD mit-krb5-1.4.3-r3.ebuild 2775 RMD160 dd1bd2d8a3c7d8ce01ccf29e8430132a1241ad70 SHA1 fc59220799af53dff8a0c1db303d35a1e4154a11 SHA256 87ef7aff2603ddd3103d3f959cca3df22d6d0e8b4ba7cdd3b1ec4cc6fb15c8c1 +MD5 b4916a6aeedf72cc52be8066e8ff17f6 mit-krb5-1.4.3-r3.ebuild 2775 +RMD160 dd1bd2d8a3c7d8ce01ccf29e8430132a1241ad70 mit-krb5-1.4.3-r3.ebuild 2775 +SHA256 87ef7aff2603ddd3103d3f959cca3df22d6d0e8b4ba7cdd3b1ec4cc6fb15c8c1 mit-krb5-1.4.3-r3.ebuild 2775 +EBUILD mit-krb5-1.5.2-r1.ebuild 2463 RMD160 55d4d766a1538f190636268f22d031b3b0eabea0 SHA1 e1d9ade711d6a311e7c14a24623373eda5dcf21a SHA256 3b755726d45d5417f8100fc65ecc0c42126b21eb17db013027aa9b24ef419e17 +MD5 1435f98d6290507f50a1a6d0d7acd52b mit-krb5-1.5.2-r1.ebuild 2463 +RMD160 55d4d766a1538f190636268f22d031b3b0eabea0 mit-krb5-1.5.2-r1.ebuild 2463 +SHA256 3b755726d45d5417f8100fc65ecc0c42126b21eb17db013027aa9b24ef419e17 mit-krb5-1.5.2-r1.ebuild 2463 +EBUILD mit-krb5-1.5.2-r2.ebuild 2505 RMD160 53542b6db695820b9a5a57465b7eecf664adea56 SHA1 fde5d34b3fb8cb53396b834a5120194cc1c5850f SHA256 f4acff3e3798a6eb7e4037b609c87486b4b3d276352ec85435bfe8b03dd53e2b +MD5 908e280ca3f4d5ae2e2af45b4071ff4e mit-krb5-1.5.2-r2.ebuild 2505 +RMD160 53542b6db695820b9a5a57465b7eecf664adea56 mit-krb5-1.5.2-r2.ebuild 2505 +SHA256 f4acff3e3798a6eb7e4037b609c87486b4b3d276352ec85435bfe8b03dd53e2b mit-krb5-1.5.2-r2.ebuild 2505 +MISC ChangeLog 3026 RMD160 773074c5a223128f86529e3164b7dee3335856e8 SHA1 e51d0ade62d0793680b7338260c52f77f6a3c083 SHA256 23b9f24564c4f8ab5d25ee2d0d2396856d7e29005fc1df7dd2ff6220ecab2c29 +MD5 ae7646d50f8cd288bc055df46f987a7e ChangeLog 3026 +RMD160 773074c5a223128f86529e3164b7dee3335856e8 ChangeLog 3026 +SHA256 23b9f24564c4f8ab5d25ee2d0d2396856d7e29005fc1df7dd2ff6220ecab2c29 ChangeLog 3026 MISC metadata.xml 241 RMD160 4b15a3aa85942fcbab1c0afa871bd88c85acb001 SHA1 97dc5c2f74beed14ac9e171f36380370afae95be SHA256 119a622b44a5b38856cb9398389cf060f93a077b369161a5ab9a193234af763f MD5 f3ea9dd1d52f37139fbc4d101044f821 metadata.xml 241 RMD160 4b15a3aa85942fcbab1c0afa871bd88c85acb001 metadata.xml 241 SHA256 119a622b44a5b38856cb9398389cf060f93a077b369161a5ab9a193234af763f metadata.xml 241 -MD5 6ba0d8f5bbf423058a90022e33bd30a4 files/digest-mit-krb5-1.4.3-r3 247 -RMD160 b4c529af7319d39a8ceedc6dd92a3676808acf20 files/digest-mit-krb5-1.4.3-r3 247 -SHA256 6dbbea82aa2ce1f7db8b21fa84eaa99e1fc045e2a4a4b6d175d27267f197c123 files/digest-mit-krb5-1.4.3-r3 247 -MD5 371862c239b5066a8251dbf8ff99b193 files/digest-mit-krb5-1.5.2-r1 250 -RMD160 504add6e5e71afbb372c253d909440badbd342ac files/digest-mit-krb5-1.5.2-r1 250 -SHA256 3ef89096be30b4523fb82ca10ea1405dfe98f5cad6609b441514e878d05b8747 files/digest-mit-krb5-1.5.2-r1 250 -MD5 371862c239b5066a8251dbf8ff99b193 files/digest-mit-krb5-1.5.2-r2 250 -RMD160 504add6e5e71afbb372c253d909440badbd342ac files/digest-mit-krb5-1.5.2-r2 250 -SHA256 3ef89096be30b4523fb82ca10ea1405dfe98f5cad6609b441514e878d05b8747 files/digest-mit-krb5-1.5.2-r2 250 +MD5 90bf96b2ef57fc8849e8b046c400bc9c files/digest-mit-krb5-1.4.3-r3 524 +RMD160 293463bcdff3279351fe15e5910d346b0d8b4eb2 files/digest-mit-krb5-1.4.3-r3 524 +SHA256 8958fdc80b15b327341ebff1a82d1577c76d77d2619503903680d640e1f2c404 files/digest-mit-krb5-1.4.3-r3 524 +MD5 d15f0fd1db54b2def66beeaaae5c7b7e files/digest-mit-krb5-1.5.2-r1 527 +RMD160 ad4cc1a221dbe4a40624a08a6eea5eb9a2579db9 files/digest-mit-krb5-1.5.2-r1 527 +SHA256 0e68565601c0f865e5f0be8bf9718cae7c73394b65a98cae8147b6d102d34445 files/digest-mit-krb5-1.5.2-r1 527 +MD5 d15f0fd1db54b2def66beeaaae5c7b7e files/digest-mit-krb5-1.5.2-r2 527 +RMD160 ad4cc1a221dbe4a40624a08a6eea5eb9a2579db9 files/digest-mit-krb5-1.5.2-r2 527 +SHA256 0e68565601c0f865e5f0be8bf9718cae7c73394b65a98cae8147b6d102d34445 files/digest-mit-krb5-1.5.2-r2 527 diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3 index ecbc87ab159a..5d9882e02c2d 100644 --- a/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3 +++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.4.3-r3 @@ -1,3 +1,6 @@ MD5 6c805139a4108fbb82fa4adba557a448 krb5-1.4.3-signed.tar 7290880 RMD160 838425b59bf37da69c927eb346be78d059fa6db7 krb5-1.4.3-signed.tar 7290880 SHA256 86f246877cc912ae6a82b6bb16217e54ec31fe46ae33a39a42b3f062bb5e6cbe krb5-1.4.3-signed.tar 7290880 +MD5 b369322efbf8387a27d8de67e5b53898 mit-krb5-1.4.3-patches-0.1.tar.bz2 4271 +RMD160 89f4b6bf1d343377e37839d28ac0f401be216e69 mit-krb5-1.4.3-patches-0.1.tar.bz2 4271 +SHA256 e1bd1d4ad64ab34d6eba5a91141a7a0fc94982f0a2db8aa057ae356f7da9c109 mit-krb5-1.4.3-patches-0.1.tar.bz2 4271 diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1 index acc96e7682b6..c73631560ff4 100644 --- a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1 +++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r1 @@ -1,3 +1,6 @@ MD5 4d1452f775281f5da62e8fde0b517692 krb5-1.5.2-signed.tar 10086400 RMD160 b8eca92373155eac0661721f0c65777673d4654e krb5-1.5.2-signed.tar 10086400 SHA256 1db46e506fbc0b1a274cb00c3fda5b5e4de832ce40c209e4f6603adcdf2e770e krb5-1.5.2-signed.tar 10086400 +MD5 a3b79173bc8c71d4cd9b60fd508cddb9 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 +RMD160 53cbce1e71e9c8c58621cf695a57cc7d50af5e52 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 +SHA256 841541f3767af698745f4fde2d492c06880260a72b8f2178d4c0d2ae4ce446b4 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 diff --git a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2 b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2 index acc96e7682b6..c73631560ff4 100644 --- a/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2 +++ b/app-crypt/mit-krb5/files/digest-mit-krb5-1.5.2-r2 @@ -1,3 +1,6 @@ MD5 4d1452f775281f5da62e8fde0b517692 krb5-1.5.2-signed.tar 10086400 RMD160 b8eca92373155eac0661721f0c65777673d4654e krb5-1.5.2-signed.tar 10086400 SHA256 1db46e506fbc0b1a274cb00c3fda5b5e4de832ce40c209e4f6603adcdf2e770e krb5-1.5.2-signed.tar 10086400 +MD5 a3b79173bc8c71d4cd9b60fd508cddb9 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 +RMD160 53cbce1e71e9c8c58621cf695a57cc7d50af5e52 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 +SHA256 841541f3767af698745f4fde2d492c06880260a72b8f2178d4c0d2ae4ce446b4 mit-krb5-1.5.2-patches-0.1.tar.bz2 7056 diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch b/app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch deleted file mode 100644 index b2871c1be9e2..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-1.4.3-setuid.patch +++ /dev/null @@ -1,269 +0,0 @@ -Index: appl/gssftp/ftpd/ftpd.c -=================================================================== -*** appl/gssftp/ftpd/ftpd.c (revision 18419) ---- appl/gssftp/ftpd/ftpd.c (working copy) -*************** -*** 1368,1374 **** - goto bad; - sleep(tries); - } -! (void) krb5_seteuid((uid_t)pw->pw_uid); - #ifdef IP_TOS - #ifdef IPTOS_THROUGHPUT - on = IPTOS_THROUGHPUT; ---- 1368,1376 ---- - goto bad; - sleep(tries); - } -! if (krb5_seteuid((uid_t)pw->pw_uid)) { -! fatal("seteuid user"); -! } - #ifdef IP_TOS - #ifdef IPTOS_THROUGHPUT - on = IPTOS_THROUGHPUT; -*************** -*** 1378,1384 **** - #endif - return (fdopen(s, fmode)); - bad: -! (void) krb5_seteuid((uid_t)pw->pw_uid); - (void) close(s); - return (NULL); - } ---- 1380,1388 ---- - #endif - return (fdopen(s, fmode)); - bad: -! if (krb5_seteuid((uid_t)pw->pw_uid)) { -! fatal("seteuid user"); -! } - (void) close(s); - return (NULL); - } -*************** -*** 2187,2193 **** - (void) krb5_seteuid((uid_t)pw->pw_uid); - goto pasv_error; - } -! (void) krb5_seteuid((uid_t)pw->pw_uid); - len = sizeof(pasv_addr); - if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0) - goto pasv_error; ---- 2191,2199 ---- - (void) krb5_seteuid((uid_t)pw->pw_uid); - goto pasv_error; - } -! if (krb5_seteuid((uid_t)pw->pw_uid)) { -! fatal("seteuid user"); -! } - len = sizeof(pasv_addr); - if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0) - goto pasv_error; -Index: appl/bsd/v4rcp.c -=================================================================== -*** appl/bsd/v4rcp.c (revision 18419) ---- appl/bsd/v4rcp.c (working copy) -*************** -*** 436,442 **** - kstream_set_buffer_mode (krem, 0); - #endif /* KERBEROS && !NOENCRYPTION */ - (void) response(); -! (void) setuid(userid); - source(--argc, ++argv); - exit(errs); - ---- 436,445 ---- - kstream_set_buffer_mode (krem, 0); - #endif /* KERBEROS && !NOENCRYPTION */ - (void) response(); -! if (setuid(userid)) { -! error("rcp: can't setuid(user)\n"); -! exit(1); -! } - source(--argc, ++argv); - exit(errs); - -*************** -*** 452,458 **** - krem = kstream_create_from_fd (rem, 0, 0); - kstream_set_buffer_mode (krem, 0); - #endif /* KERBEROS && !NOENCRYPTION */ -! (void) setuid(userid); - sink(--argc, ++argv); - exit(errs); - ---- 455,464 ---- - krem = kstream_create_from_fd (rem, 0, 0); - kstream_set_buffer_mode (krem, 0); - #endif /* KERBEROS && !NOENCRYPTION */ -! if (setuid(userid)) { -! error("rcp: can't setuid(user)\n"); -! exit(1); -! } - sink(--argc, ++argv); - exit(errs); - -Index: appl/bsd/krcp.c -=================================================================== -*** appl/bsd/krcp.c (revision 18419) ---- appl/bsd/krcp.c (working copy) -*************** -*** 620,626 **** - - euid = geteuid(); - if (euid == 0) { -! (void) setuid(0); - if(krb5_seteuid(userid)) { - perror("rcp seteuid user"); errs++; exit(errs); - } ---- 620,628 ---- - - euid = geteuid(); - if (euid == 0) { -! if (setuid(0)) { -! perror("rcp setuid 0"); errs++; exit(errs); -! } - if(krb5_seteuid(userid)) { - perror("rcp seteuid user"); errs++; exit(errs); - } -*************** -*** 638,648 **** - continue; - rcmd_stream_init_normal(); - #ifdef HAVE_SETREUID -! (void) setreuid(0, userid); - sink(1, argv+argc-1); -! (void) setreuid(userid, 0); - #else -! (void) setuid(0); - if(seteuid(userid)) { - perror("rcp seteuid user"); errs++; exit(errs); - } ---- 640,656 ---- - continue; - rcmd_stream_init_normal(); - #ifdef HAVE_SETREUID -! if (setreuid(0, userid)) { -! perror("rcp setreuid 0,user"); errs++; exit(errs); -! } - sink(1, argv+argc-1); -! if (setreuid(userid, 0)) { -! perror("rcp setreuid user,0"); errs++; exit(errs); -! } - #else -! if (setuid(0)) { -! perror("rcp setuid 0"); errs++; exit(errs); -! } - if(seteuid(userid)) { - perror("rcp seteuid user"); errs++; exit(errs); - } -Index: appl/bsd/login.c -=================================================================== -*** appl/bsd/login.c (revision 18419) ---- appl/bsd/login.c (working copy) -*************** -*** 1648,1654 **** - } - #endif /* HAVE_SETLUID */ - #ifdef _IBMR2 -! setuidx(ID_LOGIN, pwd->pw_uid); - #endif - - /* This call MUST succeed */ ---- 1648,1657 ---- - } - #endif /* HAVE_SETLUID */ - #ifdef _IBMR2 -! if (setuidx(ID_LOGIN, pwd->pw_uid) < 0) { -! perror("setuidx"); -! sleepexit(1); -! }; - #endif - - /* This call MUST succeed */ -Index: appl/bsd/krshd.c -=================================================================== -*** appl/bsd/krshd.c (revision 18419) ---- appl/bsd/krshd.c (working copy) -*************** -*** 1379,1387 **** - * If we're on a system which keeps track of login uids, then - * set the login uid. - */ -! setluid((uid_t) pwd->pw_uid); - #endif /* HAVE_SETLUID */ -! (void) setuid((uid_t)pwd->pw_uid); - /* if TZ is set in the parent, drag it in */ - { - char **findtz = environ; ---- 1379,1393 ---- - * If we're on a system which keeps track of login uids, then - * set the login uid. - */ -! if (setluid((uid_t) pwd->pw_uid) < 0) { -! perror("setluid"); -! _exit(1); -! } - #endif /* HAVE_SETLUID */ -! if (setuid((uid_t)pwd->pw_uid) < 0) { -! perror("setuid"); -! _exit(1); -! } - /* if TZ is set in the parent, drag it in */ - { - char **findtz = environ; -Index: clients/ksu/main.c -=================================================================== -*** clients/ksu/main.c (revision 18419) ---- clients/ksu/main.c (working copy) -*************** -*** 892,900 **** - const char * cc_name; - struct stat st_temp; - -! krb5_seteuid(0); -! krb5_seteuid(target_uid); -! - cc_name = krb5_cc_get_name(context, cc); - if ( ! stat(cc_name, &st_temp)){ - if ((retval = krb5_cc_destroy(context, cc))){ ---- 892,903 ---- - const char * cc_name; - struct stat st_temp; - -! if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) { -! com_err(prog_name, errno, -! "while returning to source uid for destroying ccache"); -! exit(1); -! } -! - cc_name = krb5_cc_get_name(context, cc); - if ( ! stat(cc_name, &st_temp)){ - if ((retval = krb5_cc_destroy(context, cc))){ -Index: lib/krb4/kuserok.c -=================================================================== -*** lib/krb4/kuserok.c (revision 18419) ---- lib/krb4/kuserok.c (working copy) -*************** -*** 159,167 **** - */ - if(getuid() == 0) { - uid_t old_euid = geteuid(); -! seteuid(pwd->pw_uid); - fp = fopen(pbuf, "r"); -! seteuid(old_euid); - if ((fp) == NULL) { - return(NOTOK); - } ---- 159,169 ---- - */ - if(getuid() == 0) { - uid_t old_euid = geteuid(); -! if (seteuid(pwd->pw_uid) < 0) -! return NOTOK; - fp = fopen(pbuf, "r"); -! if (seteuid(old_euid) < 0) -! return NOTOK; - if ((fp) == NULL) { - return(NOTOK); - } diff --git a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch b/app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch deleted file mode 100644 index a4d361445470..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-001-telnetd.patch +++ /dev/null @@ -1,56 +0,0 @@ -diff -urN krb5-1.5.2.orig/src/appl/telnet/telnetd/state.c krb5-1.5.2/src/appl/telnet/telnetd/state.c ---- krb5-1.5.2.orig/src/appl/telnet/telnetd/state.c 2006-06-15 18:42:53.000000000 -0400 -+++ krb5-1.5.2/src/appl/telnet/telnetd/state.c 2007-03-28 18:05:19.000000000 -0400 -@@ -1665,7 +1665,8 @@ - strcmp(varp, "RESOLV_HOST_CONF") && /* linux */ - strcmp(varp, "NLSPATH") && /* locale stuff */ - strncmp(varp, "LC_", strlen("LC_")) && /* locale stuff */ -- strcmp(varp, "IFS")) { -+ strcmp(varp, "IFS") && -+ !strchr(varp, '-')) { - return 1; - } else { - syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp); -diff -urN krb5-1.5.2.orig/src/appl/telnet/telnetd/sys_term.c krb5-1.5.2/src/appl/telnet/telnetd/sys_term.c ---- krb5-1.5.2.orig/src/appl/telnet/telnetd/sys_term.c 2002-11-15 15:21:51.000000000 -0500 -+++ krb5-1.5.2/src/appl/telnet/telnetd/sys_term.c 2007-03-28 18:10:59.000000000 -0400 -@@ -1287,6 +1287,16 @@ - #endif - #if defined (AUTHENTICATION) - if (auth_level >= 0 && autologin == AUTH_VALID) { -+ if (name[0] == '-') { -+ /* Authenticated and authorized to log in to an account -+ * starting with '-'? Even if that unlikely case comes -+ * to pass, the current program will not patse the -+ * resulting command line properly. -+ */ -+ syslog(LOG_ERR, "user name can not start with '-'"); -+ fatal(net, "user name can not start with '-'"); -+ exit(1); -+ } - # if !defined(NO_LOGIN_F) - #if defined(LOGIN_CAP_F) - argv = addarg(argv, "-F"); -@@ -1377,12 +1387,20 @@ - } else - #endif - if (getenv("USER")) { -- argv = addarg(argv, getenv("USER")); -+ char *user = getenv("USER"); -+ if (user[0] == '-') { -+ /* "telnet -l-x ..." */ -+ syslog(LOG_ERR, "user name cannot start with '-'"); -+ fatal(net, "user name cannot start with '-'"); -+ exit(1); -+ } -+ argv = addarg(argv, user); - #if defined(LOGIN_ARGS) && defined(NO_LOGIN_P) - { - register char **cpp; - for (cpp = environ; *cpp; cpp++) -- argv = addarg(argv, *cpp); -+ if ((*cpp[0] != '-') -+ argv = addarg(argv, *cpp); - } - #endif - /* diff --git a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch b/app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch deleted file mode 100644 index 3fb2211f657d..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-002-syslog.patch +++ /dev/null @@ -1,857 +0,0 @@ -diff -urN krb5-1.5.2.orig/src/kadmin/server/kadm_rpc_svc.c krb5-1.5.2/src/kadmin/server/kadm_rpc_svc.c ---- krb5-1.5.2.orig/src/kadmin/server/kadm_rpc_svc.c 2006-03-31 22:08:17.000000000 -0500 -+++ krb5-1.5.2/src/kadmin/server/kadm_rpc_svc.c 2007-03-28 18:17:57.000000000 -0400 -@@ -250,6 +250,8 @@ - krb5_data *c1, *c2, *realm; - gss_buffer_desc gss_str; - kadm5_server_handle_t handle; -+ size_t slen; -+ char *sdots; - - success = 0; - handle = (kadm5_server_handle_t)global_server_handle; -@@ -274,6 +276,9 @@ - if (ret == 0) - goto fail_name; - -+ slen = gss_str.length; -+ trunc_name(&slen, &sdots); -+ - /* - * Since we accept with GSS_C_NO_NAME, the client can authenticate - * against the entire kdb. Therefore, ensure that the service -@@ -296,8 +301,8 @@ - - fail_princ: - if (!success) { -- krb5_klog_syslog(LOG_ERR, "bad service principal %.*s", -- gss_str.length, gss_str.value); -+ krb5_klog_syslog(LOG_ERR, "bad service principal %.*s%s", -+ slen, gss_str.value, sdots); - } - gss_release_buffer(&min_stat, &gss_str); - krb5_free_principal(kctx, princ); -diff -urN krb5-1.5.2.orig/src/kadmin/server/misc.c krb5-1.5.2/src/kadmin/server/misc.c ---- krb5-1.5.2.orig/src/kadmin/server/misc.c 2006-03-11 17:23:28.000000000 -0500 -+++ krb5-1.5.2/src/kadmin/server/misc.c 2007-03-28 18:19:44.000000000 -0400 -@@ -171,3 +171,12 @@ - - return kadm5_free_principal_ent(handle->lhandle, &princ); - } -+ -+#define MAXPRINCLEN 125 -+ -+void -+trunc_name(size_t *len, char **dots) -+{ -+ *dots = *len > MAXPRINCLEN ? "..." : ""; -+ *len = *len > MAXPRINCLEN ? MAXPRINCLEN : *len; -+} -diff -urN krb5-1.5.2.orig/src/kadmin/server/misc.h krb5-1.5.2/src/kadmin/server/misc.h ---- krb5-1.5.2.orig/src/kadmin/server/misc.h 2005-10-12 00:09:19.000000000 -0400 -+++ krb5-1.5.2/src/kadmin/server/misc.h 2007-03-28 18:20:15.000000000 -0400 -@@ -45,3 +45,5 @@ - #ifdef SVC_GETARGS - void kadm_1(struct svc_req *, SVCXPRT *); - #endif -+ -+void trunc_name(size_t *len, char **dots); -diff -urN krb5-1.5.2.orig/src/kadmin/server/ovsec_kadmd.c krb5-1.5.2/src/kadmin/server/ovsec_kadmd.c ---- krb5-1.5.2.orig/src/kadmin/server/ovsec_kadmd.c 2007-01-09 20:08:20.000000000 -0500 -+++ krb5-1.5.2/src/kadmin/server/ovsec_kadmd.c 2007-03-28 18:29:19.000000000 -0400 -@@ -989,6 +989,8 @@ - rpcproc_t proc; - int i; - const char *procname; -+ size_t clen, slen; -+ char *cdots, *sdots; - - client.length = 0; - client.value = NULL; -@@ -997,10 +999,20 @@ - - (void) gss_display_name(&minor, client_name, &client, &gss_type); - (void) gss_display_name(&minor, server_name, &server, &gss_type); -- if (client.value == NULL) -- client.value = "(null)"; -- if (server.value == NULL) -- server.value = "(null)"; -+ if (client.value == NULL) { -+ client.value = "(null)"; -+ clen = sizeof("(null)") - 1; -+ } else { -+ clen = client.length; -+ } -+ trunc_name(&clen, &cdots); -+ if (server.value == NULL) { -+ server.value = "(null)"; -+ slen = sizeof("(null)") - 1; -+ } else { -+ slen = server.length; -+ } -+ trunc_name(&slen, &sdots); - a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr); - - proc = msg->rm_call.cb_proc; -@@ -1013,14 +1025,14 @@ - } - if (procname != NULL) - krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %s, " -- "claimed client = %s, server = %s, addr = %s", -- procname, client.value, -- server.value, a); -+ "claimed client = %.*s%s, server = %.*s%s, addr = %s", -+ procname, clen, client.value, cdots, -+ slen, server.value, sdots, a); - else - krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %d, " -- "claimed client = %s, server = %s, addr = %s", -- proc, client.value, -- server.value, a); -+ "claimed client = %.*s%s, server = %.*s%s, addr = %s", -+ proc, clen, client.value, cdots, -+ slen, server.value, sdots, a); - - (void) gss_release_buffer(&minor, &client); - (void) gss_release_buffer(&minor, &server); -diff -urN krb5-1.5.2.orig/src/kadmin/server/schpw.c krb5-1.5.2/src/kadmin/server/schpw.c ---- krb5-1.5.2.orig/src/kadmin/server/schpw.c 2006-04-13 14:58:56.000000000 -0400 -+++ krb5-1.5.2/src/kadmin/server/schpw.c 2007-03-28 18:29:11.000000000 -0400 -@@ -40,6 +40,8 @@ - int numresult; - char strresult[1024]; - char *clientstr; -+ size_t clen; -+ char *cdots; - - ret = 0; - rep->length = 0; -@@ -258,9 +260,12 @@ - free(ptr); - clear.length = 0; - -- krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %s: %s", -+ clen = strlen(clientstr); -+ trunc_name(&clen, &cdots); -+ krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %.*s%s: %s", - inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr), -- clientstr, ret ? krb5_get_error_message (context, ret) : "success"); -+ clen, clientstr, cdots, -+ ret ? krb5_get_error_message (context, ret) : "success"); - krb5_free_unparsed_name(context, clientstr); - - if (ret) { -diff -urN krb5-1.5.2.orig/src/kadmin/server/server_stubs.c krb5-1.5.2/src/kadmin/server/server_stubs.c ---- krb5-1.5.2.orig/src/kadmin/server/server_stubs.c 2006-04-13 14:58:56.000000000 -0400 -+++ krb5-1.5.2/src/kadmin/server/server_stubs.c 2007-03-28 21:03:41.000000000 -0400 -@@ -14,6 +14,7 @@ - #include /* inet_ntoa */ - #include /* krb5_klog_syslog */ - #include "misc.h" -+#include - - #define LOG_UNAUTH "Unauthorized request: %s, %s, client=%s, service=%s, addr=%s" - #define LOG_DONE "Request: %s, %s, %s, client=%s, service=%s, addr=%s" -@@ -237,6 +238,50 @@ - return 0; - } - -+static int -+log_unauth(char *op, char *target, gss_buffer_t client, gss_buffer_t server, struct svc_req *rqstp) -+{ -+ size_t tlen, clen, slen; -+ char *tdots, *cdots, *sdots; -+ -+ tlen = strlen(target); -+ trunc_name(&tlen, &tdots); -+ clen = client->length; -+ trunc_name(&clen, &cdots); -+ slen = server->length; -+ trunc_name(&slen, &sdots); -+ -+ return krb5_klog_syslog(LOG_NOTICE, -+ "Unauthorized request: %s, %.*s%s, " -+ "client=%.*s%s, service=%.*s%s, addr=%s", -+ op, tlen, target, tdots, -+ clen, client->value, cdots, -+ slen, server->value, sdots, -+ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+} -+ -+static int -+log_done(char *op, char *target, char *errmsg, gss_buffer_t client, gss_buffer_t server, struct svc_req *rqstp) -+{ -+ size_t tlen, clen, slen; -+ char *tdots, *cdots, *sdots; -+ -+ tlen = strlen(target); -+ trunc_name(&tlen, &tdots); -+ clen = client->length; -+ trunc_name(&clen, &cdots); -+ slen = server->length; -+ trunc_name(&slen, &sdots); -+ -+ return krb5_klog_syslog(LOG_NOTICE, -+ "Request: %s, %.*s%s, %s, " -+ "client=%.*s%s, service=%.*s%s, addr=%s", -+ op, tlen, target, tdots, errmsg, -+ clen, client->value, cdots, -+ slen, server->value, sdots, -+ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+} -+ - generic_ret * - create_principal_2_svc(cprinc_arg *arg, struct svc_req *rqstp) - { -@@ -275,9 +320,8 @@ - || kadm5int_acl_impose_restrictions(handle->context, - &arg->rec, &arg->mask, rp)) { - ret.code = KADM5_AUTH_ADD; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_create_principal", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_create_principal((void *)handle, - &arg->rec, arg->mask, -@@ -287,10 +331,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_create_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - - /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ - } -@@ -341,9 +383,8 @@ - || kadm5int_acl_impose_restrictions(handle->context, - &arg->rec, &arg->mask, rp)) { - ret.code = KADM5_AUTH_ADD; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_create_principal", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_create_principal_3((void *)handle, - &arg->rec, arg->mask, -@@ -355,10 +396,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_create_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - - /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ - } -@@ -406,9 +445,8 @@ - || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_DELETE, - arg->princ, NULL)) { - ret.code = KADM5_AUTH_DELETE; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_delete_principal", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_delete_principal((void *)handle, arg->princ); - if( ret.code == 0 ) -@@ -416,10 +454,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_delete_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - - /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ - } -@@ -469,9 +505,8 @@ - || kadm5int_acl_impose_restrictions(handle->context, - &arg->rec, &arg->mask, rp)) { - ret.code = KADM5_AUTH_MODIFY; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_modify_principal", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_modify_principal((void *)handle, &arg->rec, - arg->mask); -@@ -480,10 +515,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_modify_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - - /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ - } -@@ -546,9 +579,8 @@ - } else - ret.code = KADM5_AUTH_INSUFFICIENT; - if (ret.code != KADM5_OK) { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_rename_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_rename_principal", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_rename_principal((void *)handle, arg->src, - arg->dest); -@@ -557,10 +589,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_rename_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - free(prime_arg1); -@@ -614,9 +644,8 @@ - arg->princ, - NULL))) { - ret.code = KADM5_AUTH_GET; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth(funcname, prime_arg, -+ &client_name, &service_name, rqstp); - } else { - if (handle->api_version == KADM5_API_VERSION_1) { - ret.code = kadm5_get_principal_v1((void *)handle, -@@ -636,11 +665,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, -- prime_arg, -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done(funcname, prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - - } - free_server_handle(handle); -@@ -688,9 +714,8 @@ - NULL, - NULL)) { - ret.code = KADM5_AUTH_LIST; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_principals", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_get_principals", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_get_principals((void *)handle, - arg->exp, &ret.princs, -@@ -700,11 +725,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals", -- prime_arg, -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_get_principals", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - - } - free_server_handle(handle); -@@ -755,9 +777,8 @@ - ret.code = kadm5_chpass_principal((void *)handle, arg->princ, - arg->pass); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_chpass_principal", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_CHANGEPW; - } - -@@ -767,10 +788,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_chpass_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - - free_server_handle(handle); -@@ -828,9 +847,8 @@ - arg->ks_tuple, - arg->pass); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_chpass_principal", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_CHANGEPW; - } - -@@ -840,10 +858,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_chpass_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - - free_server_handle(handle); -@@ -892,9 +908,8 @@ - ret.code = kadm5_setv4key_principal((void *)handle, arg->princ, - arg->keyblock); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setv4key_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_setv4key_principal", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_SETKEY; - } - -@@ -904,10 +919,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_setv4key_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - - free_server_handle(handle); -@@ -956,9 +969,8 @@ - ret.code = kadm5_setkey_principal((void *)handle, arg->princ, - arg->keyblocks, arg->n_keys); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_setkey_principal", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_SETKEY; - } - -@@ -968,10 +980,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_setkey_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - - free_server_handle(handle); -@@ -1023,9 +1033,8 @@ - arg->ks_tuple, - arg->keyblocks, arg->n_keys); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_setkey_principal", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_SETKEY; - } - -@@ -1035,10 +1044,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_setkey_principal", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - - free_server_handle(handle); -@@ -1097,9 +1104,8 @@ - ret.code = kadm5_randkey_principal((void *)handle, arg->princ, - &k, &nkeys); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth(funcname, prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_CHANGEPW; - } - -@@ -1119,10 +1125,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done(funcname, prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - free(prime_arg); -@@ -1185,9 +1189,8 @@ - arg->ks_tuple, - &k, &nkeys); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth(funcname, prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_CHANGEPW; - } - -@@ -1207,10 +1210,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, -- prime_arg, errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done(funcname, prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - free(prime_arg); -@@ -1253,9 +1254,8 @@ - rqst2name(rqstp), - ACL_ADD, NULL, NULL)) { - ret.code = KADM5_AUTH_ADD; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_policy", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_create_policy", prime_arg, -+ &client_name, &service_name, rqstp); - - } else { - ret.code = kadm5_create_policy((void *)handle, &arg->rec, -@@ -1265,11 +1265,9 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy", -- ((prime_arg == NULL) ? "(null)" : prime_arg), -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_create_policy", -+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - gss_release_buffer(&minor_stat, &client_name); -@@ -1310,9 +1308,8 @@ - if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, - rqst2name(rqstp), - ACL_DELETE, NULL, NULL)) { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_policy", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_delete_policy", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_DELETE; - } else { - ret.code = kadm5_delete_policy((void *)handle, arg->name); -@@ -1321,11 +1318,9 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy", -- ((prime_arg == NULL) ? "(null)" : prime_arg), -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_delete_policy", -+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - gss_release_buffer(&minor_stat, &client_name); -@@ -1366,9 +1361,8 @@ - if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, - rqst2name(rqstp), - ACL_MODIFY, NULL, NULL)) { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_policy", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_modify_policy", prime_arg, -+ &client_name, &service_name, rqstp); - ret.code = KADM5_AUTH_MODIFY; - } else { - ret.code = kadm5_modify_policy((void *)handle, &arg->rec, -@@ -1378,11 +1372,9 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy", -- ((prime_arg == NULL) ? "(null)" : prime_arg), -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_modify_policy", -+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - gss_release_buffer(&minor_stat, &client_name); -@@ -1464,15 +1456,12 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, -- ((prime_arg == NULL) ? "(null)" : prime_arg), -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done(funcname, -+ ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, -+ &client_name, &service_name, rqstp); - } else { -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth(funcname, prime_arg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - gss_release_buffer(&minor_stat, &client_name); -@@ -1517,9 +1506,8 @@ - rqst2name(rqstp), - ACL_LIST, NULL, NULL)) { - ret.code = KADM5_AUTH_LIST; -- krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_policies", -- prime_arg, client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_unauth("kadm5_get_policies", prime_arg, -+ &client_name, &service_name, rqstp); - } else { - ret.code = kadm5_get_policies((void *)handle, - arg->exp, &ret.pols, -@@ -1529,11 +1517,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies", -- prime_arg, -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_get_policies", prime_arg, errmsg, -+ &client_name, &service_name, rqstp); - } - free_server_handle(handle); - gss_release_buffer(&minor_stat, &client_name); -@@ -1573,11 +1558,8 @@ - else - errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); - -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs", -- client_name.value, -- errmsg, -- client_name.value, service_name.value, -- inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); -+ log_done("kadm5_get_privs", client_name.value, errmsg, -+ &client_name, &service_name, rqstp); - - free_server_handle(handle); - gss_release_buffer(&minor_stat, &client_name); -@@ -1594,6 +1576,8 @@ - kadm5_server_handle_t handle; - OM_uint32 minor_stat; - char *errmsg = 0; -+ size_t clen, slen; -+ char *cdots, *sdots; - - xdr_free(xdr_generic_ret, &ret); - -@@ -1611,13 +1595,21 @@ - } - - if (ret.code != 0) -- errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); -- krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d", -+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); -+ else -+ errmsg = "success"; -+ -+ clen = client_name.length; -+ trunc_name(&clen, &cdots); -+ slen = service_name.length; -+ trunc_name(&slen, &sdots); -+ krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, " -+ "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d", - (ret.api_version == KADM5_API_VERSION_1 ? - "kadm5_init (V1)" : "kadm5_init"), -- client_name.value, -- (ret.code == 0) ? "success" : errmsg, -- client_name.value, service_name.value, -+ clen, client_name.value, cdots, errmsg, -+ clen, client_name.value, cdots, -+ slen, service_name.value, sdots, - inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr), - rqstp->rq_cred.oa_flavor); - gss_release_buffer(&minor_stat, &client_name); -diff -urN krb5-1.5.2.orig/src/kdc/do_tgs_req.c krb5-1.5.2/src/kdc/do_tgs_req.c ---- krb5-1.5.2.orig/src/kdc/do_tgs_req.c 2006-08-07 15:38:41.000000000 -0400 -+++ krb5-1.5.2/src/kdc/do_tgs_req.c 2007-03-28 21:08:52.000000000 -0400 -@@ -491,30 +491,40 @@ - newtransited = 1; - } - if (!isflagset (request->kdc_options, KDC_OPT_DISABLE_TRANSITED_CHECK)) { -- errcode = krb5_check_transited_list (kdc_context, -+ unsigned int tlen; -+ char *tdots; -+ -+ errcode = krb5_check_transited_list (kdc_context, - &enc_tkt_reply.transited.tr_contents, - krb5_princ_realm (kdc_context, header_ticket->enc_part2->client), - krb5_princ_realm (kdc_context, request->server)); -- if (errcode == 0) { -- setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED); -- } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT) -- krb5_klog_syslog (LOG_INFO, -- "bad realm transit path from '%s' to '%s' via '%.*s'", -+ tlen = enc_tkt_reply.transited.tr_contents.length; -+ tdots = tlen > 125 ? "..." : ""; -+ tlen = tlen > 125 ? 125 : tlen; -+ -+ if (errcode == 0) { -+ setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED); -+ } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT) -+ krb5_klog_syslog (LOG_INFO, -+ "bad realm transit path from '%s' to '%s' " -+ "via '%.*s%s'", - cname ? cname : "", - sname ? sname : "", -- enc_tkt_reply.transited.tr_contents.length, -- enc_tkt_reply.transited.tr_contents.data); -- else { -- char *emsg = krb5_get_error_message(kdc_context, errcode); -- krb5_klog_syslog (LOG_ERR, -- "unexpected error checking transit from '%s' to '%s' via '%.*s': %s", -+ tlen, -+ enc_tkt_reply.transited.tr_contents.data, -+ tdots); -+ else { -+ const char *emsg = krb5_get_error_message(kdc_context, errcode); -+ krb5_klog_syslog (LOG_ERR, -+ "unexpected error checking transit from " -+ "'%s' to '%s' via '%.*s%s': %s", - cname ? cname : "", - sname ? sname : "", -- enc_tkt_reply.transited.tr_contents.length, -+ tlen, - enc_tkt_reply.transited.tr_contents.data, -- emsg); -+ tdots, emsg); - krb5_free_error_message(kdc_context, emsg); -- } -+ } - } else - krb5_klog_syslog (LOG_INFO, "not checking transit path"); - if (reject_bad_transit -@@ -542,6 +552,9 @@ - if (!krb5_principal_compare(kdc_context, request->server, client2)) { - if ((errcode = krb5_unparse_name(kdc_context, client2, &tmp))) - tmp = 0; -+ if (tmp != NULL) -+ limit_string(tmp); -+ - krb5_klog_syslog(LOG_INFO, - "TGS_REQ %s: 2ND_TKT_MISMATCH: " - "authtime %d, %s for %s, 2nd tkt client %s", -@@ -816,6 +829,7 @@ - krb5_klog_syslog(LOG_INFO, - "TGS_REQ: issuing alternate TGT"); - } else { -+ limit_string(sname); - krb5_klog_syslog(LOG_INFO, - "TGS_REQ: issuing TGT %s", sname); - free(sname); -diff -urN krb5-1.5.2.orig/src/kdc/kdc_util.c krb5-1.5.2/src/kdc/kdc_util.c ---- krb5-1.5.2.orig/src/kdc/kdc_util.c 2004-02-12 23:20:56.000000000 -0500 -+++ krb5-1.5.2/src/kdc/kdc_util.c 2007-03-28 19:16:51.000000000 -0400 -@@ -404,6 +404,7 @@ - - krb5_db_free_principal(kdc_context, &server, nprincs); - if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) { -+ limit_string(sname); - krb5_klog_syslog(LOG_ERR,"TGS_REQ: UNKNOWN SERVER: server='%s'", - sname); - free(sname); -diff -urN krb5-1.5.2.orig/src/lib/kadm5/logger.c krb5-1.5.2/src/lib/kadm5/logger.c ---- krb5-1.5.2.orig/src/lib/kadm5/logger.c 2006-05-31 23:18:19.000000000 -0400 -+++ krb5-1.5.2/src/lib/kadm5/logger.c 2007-03-28 19:20:15.000000000 -0400 -@@ -45,7 +45,7 @@ - #include - #endif /* HAVE_STDARG_H */ - --#define KRB5_KLOG_MAX_ERRMSG_SIZE 1024 -+#define KRB5_KLOG_MAX_ERRMSG_SIZE 2048 - #ifndef MAXHOSTNAMELEN - #define MAXHOSTNAMELEN 256 - #endif /* MAXHOSTNAMELEN */ -@@ -261,7 +261,9 @@ - #endif /* HAVE_SYSLOG */ - - /* Now format the actual message */ --#if HAVE_VSPRINTF -+#if HAVE_VSNPRINTF -+ vsnprintf(cp, sizeof(outbuf) - (cp - outbuf), actual_format, ap); -+#elif HAVE_VSPRINTF - vsprintf(cp, actual_format, ap); - #else /* HAVE_VSPRINTF */ - sprintf(cp, actual_format, ((int *) ap)[0], ((int *) ap)[1], -@@ -850,7 +852,9 @@ - syslogp = &outbuf[strlen(outbuf)]; - - /* Now format the actual message */ --#ifdef HAVE_VSPRINTF -+#ifdef HAVE_VSNPRINTF -+ vsnprintf(syslogp, sizeof(outbuf) - (syslogp - outbuf), format, arglist); -+#elif HAVE_VSPRINTF - vsprintf(syslogp, format, arglist); - #else /* HAVE_VSPRINTF */ - sprintf(syslogp, format, ((int *) arglist)[0], ((int *) arglist)[1], diff --git a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch b/app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch deleted file mode 100644 index 756a35073a91..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-SA-2007-003.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -urN krb5-1.5.2.old/src/lib/gssapi/krb5/k5unseal.c krb5-1.5.2/src/lib/gssapi/krb5/k5unseal.c ---- krb5-1.5.2.old/src/lib/gssapi/krb5/k5unseal.c 2006-05-09 07:31:02.000000000 -0400 -+++ krb5-1.5.2/src/lib/gssapi/krb5/k5unseal.c 2007-03-28 21:13:44.000000000 -0400 -@@ -457,8 +457,11 @@ - - if ((ctx->initiate && direction != 0xff) || - (!ctx->initiate && direction != 0)) { -- if (toktype == KG_TOK_SEAL_MSG) -+ if (toktype == KG_TOK_SEAL_MSG) { - xfree(token.value); -+ message_buffer->value = NULL; -+ message_buffer->length = 0; -+ } - *minor_status = G_BAD_DIRECTION; - return(GSS_S_BAD_SIG); - } diff --git a/app-crypt/mit-krb5/files/mit-krb5-pthreads.patch b/app-crypt/mit-krb5/files/mit-krb5-pthreads.patch deleted file mode 100644 index 726dfa4bf323..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-pthreads.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- krb5-1.4.3/src/aclocal.m4 2006-01-19 18:56:17.000000000 -0500 -+++ krb5-1.4.3/src/aclocal.m4 2006-01-19 18:56:11.000000000 -0500 -@@ -171,7 +171,14 @@ - dnl reference support we can figure out whether or not the pthread library - dnl has been linked in. - dnl If we don't add any libraries for thread support, don't bother. --AC_CHECK_FUNCS(pthread_once pthread_mutexattr_setrobust_np pthread_rwlock_init) -+for fn in pthread_once pthread_mutexattr_setrobust_np pthread_rwlock_init ; do -+ AC_CHECK_DECLS($fn,,,[ -+ #ifdef HAVE_PTHREAD -+ #include -+ #endif -+ ]) -+ AC_CHECK_FUNCS($fn) -+done - old_CC="$CC" - test "$PTHREAD_CC" != "" && test "$ac_cv_c_compiler_gnu" = no && CC=$PTHREAD_CC - old_CFLAGS="$CFLAGS" ---- krb5-1.4.3/src/util/support/threads.c 2005-08-12 16:57:07.000000000 -0400 -+++ krb5-1.4.3/src/util/support/threads.c 2006-01-19 19:00:59.000000000 -0500 -@@ -141,7 +141,7 @@ - || &pthread_equal == 0 - /* This catches Solaris 9. May be redundant with the above - tests now. */ --# ifdef HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB -+# if defined(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB) && HAVE_DECL_PTHREAD_MUTEXATTR_SETROBUST_NP - || &pthread_mutexattr_setrobust_np == 0 - # endif - /* Any program that's really multithreaded will have to be diff --git a/app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch b/app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch deleted file mode 100644 index 73cafbd1a76d..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-robustgnu.patch +++ /dev/null @@ -1,53 +0,0 @@ -diff -ru krb5-1.4.3.orig/src/aclocal.m4 krb5-1.4.3/src/aclocal.m4 ---- krb5-1.4.3.orig/src/aclocal.m4 2005-09-22 13:16:11.000000000 -0400 -+++ krb5-1.4.3/src/aclocal.m4 2006-03-26 09:50:10.000000000 -0500 -@@ -182,7 +182,10 @@ - LIBS="$PTHREAD_LIBS $LIBS" - AC_MSG_NOTICE(rechecking with PTHREAD_... options) - AC_CHECK_LIB(c, pthread_mutexattr_setrobust_np, -- [AC_DEFINE(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB,1,[Define if pthread_mutexattr_setrobust_np is provided in the thread library.])]) -+ [AC_DEFINE(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB,1,[Define if pthread_mutexattr_setrobust_np is provided in the thread library.]) -+# pthread_mutexattr_setrobust_np is declared as a GNU extension on GNU libc -+ PTHREAD_CFLAGS="$PTHREAD_CFLAGS -D_GNU_SOURCE" -+ ]) - AC_CHECK_LIB(c, pthread_rwlock_init, - [AC_DEFINE(HAVE_PTHREAD_RWLOCK_INIT_IN_THREAD_LIB,1,[Define if pthread_rwlock_init is provided in the thread library.])]) - LIBS="$old_LIBS" -diff -ru krb5-1.4.3.orig/src/configure.in krb5-1.4.3/src/configure.in ---- krb5-1.4.3.orig/src/configure.in 2005-07-18 18:12:43.000000000 -0400 -+++ krb5-1.4.3/src/configure.in 2006-03-26 09:50:16.000000000 -0500 -@@ -66,14 +66,7 @@ - dnl for kdc - AC_CHECK_HEADERS(syslog.h stdarg.h sys/select.h sys/sockio.h ifaddrs.h unistd.h) - AC_CHECK_FUNCS(openlog syslog closelog strftime vsprintf) --KRB5_NEED_PROTO([#include --#ifdef HAVE_UNISTD_H --#include --#endif --/* Solaris 8 declares swab in stdlib.h. */ --#include --],swab,1) --dnl -+ - AC_PROG_AWK - KRB5_AC_INET6 - KRB5_SOCKADDR_SA_LEN -@@ -160,6 +153,18 @@ - fi # tsmissing not empty - fi # enable_thread_support - dnl -+# The _GNU_SOURCE for pthread_mutex_attr_setrobust_np creates a clash with -+# with the swab declaration -+if echo "$PTHREAD_CFLAGS" | test ! grep _GNU_SOURCE; then -+KRB5_NEED_PROTO([#include -+#ifdef HAVE_UNISTD_H -+#include -+#endif -+/* Solaris 8 declares swab in stdlib.h. */ -+#include -+],swab,1) -+fi -+dnl - HOST_TYPE=$krb5_cv_host - AC_SUBST(HOST_TYPE) - dnl diff --git a/app-crypt/mit-krb5/files/mit-krb5-setupterm.patch b/app-crypt/mit-krb5/files/mit-krb5-setupterm.patch deleted file mode 100644 index 3c81382460c9..000000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-setupterm.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- krb5-1.4.3/src/appl/telnet/configure.in.orig 2006-05-21 16:28:39.187870750 -0400 -+++ krb5-1.4.3/src/appl/telnet/configure.in 2006-05-21 16:29:26.758843750 -0400 -@@ -50,7 +50,7 @@ - #endif - ]) - dnl --AC_CHECK_LIB(termcap,main,AC_DEFINE(TERMCAP) -+AC_CHECK_LIB(termcap,setupterm,AC_DEFINE(TERMCAP) - LIBS="$LIBS -ltermcap", - AC_CHECK_LIB(curses,setupterm,LIBS="$LIBS -lcurses", - AC_CHECK_LIB(ncurses,setupterm,LIBS="$LIBS -lncurses") -@@ -96,7 +96,7 @@ - dnl from old telnetd/configure.in - dnl - dnl AC_PROG_INSTALL --AC_CHECK_LIB(termcap,main,AC_DEFINE(TERMCAP) -+AC_CHECK_LIB(termcap,setupterm,AC_DEFINE(TERMCAP) - LIBS="$LIBS -ltermcap", - AC_CHECK_LIB(curses,setupterm,LIBS="$LIBS -lcurses", - AC_CHECK_LIB(ncurses,setupterm,LIBS="$LIBS -lncurses") diff --git a/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild index a8b42d05638f..04dbff965e56 100644 --- a/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild +++ b/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild @@ -1,15 +1,19 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild,v 1.12 2007/04/03 20:51:40 seemant Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.4.3-r3.ebuild,v 1.13 2007/04/04 02:46:56 seemant Exp $ inherit eutils flag-o-matic versionator autotools +PATCHV="0.1" MY_P=${P/mit-} P_DIR=$(get_version_component_range 1-2) S=${WORKDIR}/${MY_P}/src DESCRIPTION="MIT Kerberos V" HOMEPAGE="http://web.mit.edu/kerberos/www/" -SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar" +SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar + mirror://gentoo/${P}-patches-${PATCHV}.tar.bz2" + +PATCHDIR="${WORKDIR}/patch" LICENSE="as-is" SLOT="0" @@ -34,14 +38,11 @@ pkg_setup() { } src_unpack() { - unpack ${MY_P}-signed.tar + unpack ${A} unpack ./${MY_P}.tar.gz cd "${S}" epatch "${FILESDIR}"/${PN}-lazyldflags.patch - epatch "${FILESDIR}"/${PN}-robustgnu.patch - epatch "${FILESDIR}"/${PN}-pthreads.patch - epatch "${FILESDIR}"/${PN}-setupterm.patch - epatch "${FILESDIR}"/${P}-setuid.patch + EPATCH_SUFFIX="patch" epatch "${PATCHDIR}" ebegin "Reconfiguring configure scripts (be patient)" cd "${S}"/appl/telnet eautoconf --force -I "${S}" diff --git a/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild index 5c6f905dc733..c04a42a5daff 100644 --- a/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild +++ b/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild @@ -1,15 +1,19 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild,v 1.1 2007/04/03 20:19:13 seemant Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r1.ebuild,v 1.2 2007/04/04 02:46:56 seemant Exp $ inherit eutils flag-o-matic versionator autotools +PATCHV="0.1" MY_P=${P/mit-} P_DIR=$(get_version_component_range 1-2) S=${WORKDIR}/${MY_P}/src DESCRIPTION="MIT Kerberos V" HOMEPAGE="http://web.mit.edu/kerberos/www/" -SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar" +SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar + mirror://gentoo/${P}-patches-${PATCHV}.tar.bz2" + +PATCHDIR="${WORKDIR}/patch" LICENSE="as-is" SLOT="0" @@ -25,13 +29,11 @@ DEPEND="${RDEPEND} PROVIDE="virtual/krb5" src_unpack() { - unpack ${MY_P}-signed.tar + unpack ${A} unpack ./${MY_P}.tar.gz cd "${S}" epatch "${FILESDIR}"/${PN}-lazyldflags.patch - epatch "${FILESDIR}"/${PN}-SA-2007-001-telnetd.patch - epatch "${FILESDIR}"/${PN}-SA-2007-002-syslog.patch - epatch "${FILESDIR}"/${PN}-SA-2007-003.patch + EPATCH_SUFFIX="patch" epatch "${PATCHDIR}" ebegin "Reconfiguring configure scripts (be patient)" cd "${S}"/appl/telnet eautoconf --force -I "${S}" diff --git a/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild b/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild index 3d15360252d0..f6d9d8a8ed0c 100644 --- a/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild +++ b/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild @@ -1,15 +1,19 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild,v 1.1 2007/04/03 20:51:40 seemant Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.5.2-r2.ebuild,v 1.2 2007/04/04 02:46:56 seemant Exp $ inherit eutils flag-o-matic versionator autotools +PATCHV="0.1" MY_P=${P/mit-} P_DIR=$(get_version_component_range 1-2) S=${WORKDIR}/${MY_P}/src DESCRIPTION="MIT Kerberos V" HOMEPAGE="http://web.mit.edu/kerberos/www/" -SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar" +SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar + mirror://gentoo/${P}-patches-${PATCHV}.tar.bz2" + +PATCHDIR="${WORKDIR}/patch" LICENSE="as-is" SLOT="0" @@ -25,13 +29,11 @@ DEPEND="${RDEPEND} PROVIDE="virtual/krb5" src_unpack() { - unpack ${MY_P}-signed.tar + unpack ${A} unpack ./${MY_P}.tar.gz cd "${S}" epatch "${FILESDIR}"/${PN}-lazyldflags.patch - epatch "${FILESDIR}"/${PN}-SA-2007-001-telnetd.patch - epatch "${FILESDIR}"/${PN}-SA-2007-002-syslog.patch - epatch "${FILESDIR}"/${PN}-SA-2007-003.patch + EPATCH_SUFFIX="patch" epatch "${PATCHDIR}" ebegin "Reconfiguring configure scripts (be patient)" cd "${S}"/appl/telnet eautoconf --force -I "${S}"