svn commit: r316768 - in head/net/tac_plus4: . files
Joe Marcus Clarke
marcus at FreeBSD.org
Sun Apr 28 23:03:19 UTC 2013
Author: marcus
Date: Sun Apr 28 23:03:17 2013
New Revision: 316768
URL: http://svnweb.freebsd.org/changeset/ports/316768
Log:
Update to 4.0.4.26
PR: 177833
Submitted by: Mike Stupalov <landy2005 at gmail.com>
Added:
head/net/tac_plus4/files/patch-tac_plus.h (contents, props changed)
Deleted:
head/net/tac_plus4/files/patch-ab
head/net/tac_plus4/files/patch-do_acct.c
head/net/tac_plus4/files/patch-tacacs.h
Modified:
head/net/tac_plus4/Makefile
head/net/tac_plus4/distinfo
head/net/tac_plus4/files/extra-patch-bb
head/net/tac_plus4/files/patch-Makefile.in
head/net/tac_plus4/files/patch-choose_authen.c
head/net/tac_plus4/files/patch-parse.h
head/net/tac_plus4/files/patch-skey_fn.c
head/net/tac_plus4/files/patch-users_guide.in
head/net/tac_plus4/pkg-descr
Modified: head/net/tac_plus4/Makefile
==============================================================================
--- head/net/tac_plus4/Makefile Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/Makefile Sun Apr 28 23:03:17 2013 (r316768)
@@ -2,10 +2,10 @@
# $FreeBSD$
PORTNAME= tac_plus
-PORTVERSION= F4.0.4.19
+PORTVERSION= F4.0.4.26
CATEGORIES= net security
MASTER_SITES= ftp://ftp.shrubbery.net/pub/tac_plus/
-DISTNAME= tacacs+-F4.0.4.19
+DISTNAME= tacacs+-F4.0.4.26
MAINTAINER= marcus at FreeBSD.org
COMMENT= The Cisco remote authentication/authorization/accounting server
Modified: head/net/tac_plus4/distinfo
==============================================================================
--- head/net/tac_plus4/distinfo Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/distinfo Sun Apr 28 23:03:17 2013 (r316768)
@@ -1,2 +1,2 @@
-SHA256 (tacacs+-F4.0.4.19.tar.gz) = 582dcdb5723c844e50036b1ed9eaee53239e7791d0ac5e5c22fba8ac4790596b
-SIZE (tacacs+-F4.0.4.19.tar.gz) = 500593
+SHA256 (tacacs+-F4.0.4.26.tar.gz) = 9051824e8ddc164001f80ec2a723c904d8382aadb5b29a951909761b3d42d6ec
+SIZE (tacacs+-F4.0.4.26.tar.gz) = 519796
Modified: head/net/tac_plus4/files/extra-patch-bb
==============================================================================
--- head/net/tac_plus4/files/extra-patch-bb Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/files/extra-patch-bb Sun Apr 28 23:03:17 2013 (r316768)
@@ -13,9 +13,9 @@ Sergey Levov (serg at informika.ru)
------------------------------ cut here ---------------------------
---- pwlib.c.orig Fri Dec 1 15:07:03 2000
-+++ pwlib.c Fri Dec 1 15:07:48 2000
-@@ -195,7 +195,7 @@
+--- pwlib.c.orig 2012-06-07 02:54:23.000000000 +0400
++++ pwlib.c 2013-04-13 13:26:17.000000000 +0400
+@@ -303,7 +303,7 @@
struct passwd *pw;
char *exp_date;
char *cfg_passwd;
@@ -24,8 +24,8 @@ Sergey Levov (serg at informika.ru)
char buf[12];
#endif /* SHADOW_PASSWORDS */
-@@ -217,7 +217,20 @@
- return (0);
+@@ -325,7 +325,20 @@
+ return(0);
}
cfg_passwd = pw->pw_passwd;
+#ifdef FREEBSD
Modified: head/net/tac_plus4/files/patch-Makefile.in
==============================================================================
--- head/net/tac_plus4/files/patch-Makefile.in Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/files/patch-Makefile.in Sun Apr 28 23:03:17 2013 (r316768)
@@ -1,33 +1,24 @@
---- Makefile.in.orig 2009-07-28 15:18:02.000000000 -0400
-+++ Makefile.in 2009-10-10 16:24:28.000000000 -0400
-@@ -97,7 +97,7 @@ am__tac_plus_SOURCES_DIST = acct.c authe
+--- Makefile.in.orig 2012-04-17 02:56:54.000000000 +0400
++++ Makefile.in 2013-04-13 13:43:18.000000000 +0400
+@@ -98,7 +98,7 @@
config.c default_fn.c default_v0_fn.c do_acct.c do_author.c \
- dump.c enable.c encrypt.c expire.c hash.c maxsess.c parse.c \
- programs.c pw.c pwlib.c regexp.c report.c sendauth.c \
-- sendpass.c tac_plus.c utils.c skey_fn.c
-+ sendpass.c tac_plus.c utils.c skey_fn.c opie_fn.c
+ dump.c enable.c encrypt.c expire.c hash.c maxsessint.c parse.c \
+ programs.c pw.c pwlib.c report.c sendauth.c sendpass.c \
+- tac_plus.c utils.c skey_fn.c aceclnt_fn.c
++ tac_plus.c utils.c skey_fn.c aceclnt_fn.c opie_fn.c
@TACSKEY_TRUE at am__objects_1 = skey_fn.$(OBJEXT)
+ @TACACECLNT_TRUE at am__objects_2 = aceclnt_fn.$(OBJEXT)
am_tac_plus_OBJECTS = acct.$(OBJEXT) authen.$(OBJEXT) author.$(OBJEXT) \
- choose_authen.$(OBJEXT) config.$(OBJEXT) default_fn.$(OBJEXT) \
-@@ -107,7 +107,7 @@ am_tac_plus_OBJECTS = acct.$(OBJEXT) aut
+@@ -109,7 +109,7 @@
parse.$(OBJEXT) programs.$(OBJEXT) pw.$(OBJEXT) \
- pwlib.$(OBJEXT) regexp.$(OBJEXT) report.$(OBJEXT) \
- sendauth.$(OBJEXT) sendpass.$(OBJEXT) tac_plus.$(OBJEXT) \
-- utils.$(OBJEXT) $(am__objects_1)
-+ utils.$(OBJEXT) opie_fn.$(OBJEXT) $(am__objects_1)
+ pwlib.$(OBJEXT) report.$(OBJEXT) sendauth.$(OBJEXT) \
+ sendpass.$(OBJEXT) tac_plus.$(OBJEXT) utils.$(OBJEXT) \
+- $(am__objects_1) $(am__objects_2)
++ opie_fn.$(OBJEXT) $(am__objects_1) $(am__objects_2)
tac_plus_OBJECTS = $(am_tac_plus_OBJECTS)
am__DEPENDENCIES_1 =
tac_plus_DEPENDENCIES = $(am__DEPENDENCIES_1)
-@@ -326,7 +326,7 @@ noinst_HEADERS = md4.h mschap.h regexp.h
- expire.h md5.h parse.h pathsl.h regmagic.h
-
- man_gen_MANS = tac_plus.8 tac_plus.conf.5
--man_nogen_MANS = regexp.3 tac_pwd.8
-+man_nogen_MANS = tac_pwd.8
- man_MANS = $(man_gen_MANS) $(man_nogen_MANS)
-
- # scripts that are built
-@@ -581,6 +581,7 @@ distclean-compile:
+@@ -592,6 +592,7 @@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/sendauth.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/sendpass.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/skey_fn.Po at am__quote@
@@ -35,7 +26,7 @@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/tac_plus.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/tac_pwd.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/utils.Po at am__quote@
-@@ -1061,8 +1062,7 @@ info: info-am
+@@ -1049,8 +1050,7 @@
info-am:
Modified: head/net/tac_plus4/files/patch-choose_authen.c
==============================================================================
--- head/net/tac_plus4/files/patch-choose_authen.c Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/files/patch-choose_authen.c Sun Apr 28 23:03:17 2013 (r316768)
@@ -1,8 +1,8 @@
---- choose_authen.c.orig Sun Jun 18 13:26:53 2000
-+++ choose_authen.c Sun Dec 8 15:26:08 2002
-@@ -118,10 +118,27 @@
+--- choose_authen.c.orig 2012-04-17 01:42:55.000000000 +0400
++++ choose_authen.c 2013-04-13 13:55:20.000000000 +0400
+@@ -130,12 +130,29 @@
#else /* SKEY */
- report(LOG_ERR,
+ report(LOG_ERR,
"%s %s: user %s s/key support has not been compiled in",
- name ? name : "<unknown>",
- session.peer, session.port);
@@ -10,8 +10,8 @@
+ name ? name : "<unknown>");
return(CHOOSE_FAILED);
#endif /* SKEY */
-+ }
-+
+ }
+
+ if (cfg_passwd && STREQ(cfg_passwd, "opie")) {
+ if (debug & DEBUG_PASSWD_FLAG)
+ report(LOG_DEBUG, "%s %s: user %s requires opie",
@@ -27,6 +27,8 @@
+ name ? name : "<unknown>");
+ return(CHOOSE_FAILED);
+#endif /* OPIE */
- }
-
- /* Not an skey user. Must be none, des, cleartext or file password */
++ }
++
+ /* Does this user require aceclnt */
+ cfg_passwd = cfg_get_login_secret(name, TAC_PLUS_RECURSE);
+ if (cfg_passwd && STREQ(cfg_passwd, "aceclnt")) {
Modified: head/net/tac_plus4/files/patch-parse.h
==============================================================================
--- head/net/tac_plus4/files/patch-parse.h Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/files/patch-parse.h Sun Apr 28 23:03:17 2013 (r316768)
@@ -1,7 +1,10 @@
---- parse.h.orig Sun Dec 8 15:22:51 2002
-+++ parse.h Sun Dec 8 15:23:26 2002
-@@ -76,3 +76,4 @@
+--- parse.h.orig 2012-04-10 22:34:40.000000000 +0400
++++ parse.h 2013-04-13 14:02:27.000000000 +0400
+@@ -74,6 +74,7 @@
#ifdef MSCHAP
#define S_mschap 42
#endif /* MSCHAP */
+#define S_opie 43
+ #define S_enable 43
+ #ifdef ACLS
+ # define S_acl 44
Modified: head/net/tac_plus4/files/patch-skey_fn.c
==============================================================================
--- head/net/tac_plus4/files/patch-skey_fn.c Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/files/patch-skey_fn.c Sun Apr 28 23:03:17 2013 (r316768)
@@ -1,11 +1,11 @@
---- skey_fn.c.orig Sun Apr 3 01:41:00 2005
-+++ skey_fn.c Sun Apr 3 01:41:08 2005
-@@ -168,7 +168,7 @@
+--- skey_fn.c.orig 2012-06-06 22:34:55.000000000 +0400
++++ skey_fn.c 2013-04-13 14:08:31.000000000 +0400
+@@ -164,7 +164,7 @@
return(1);
}
- if (skeychallenge(&p->skey, name, skeyprompt, 80) == 0) {
+ if (skeychallenge(&p->skey, name, skeyprompt) == 0) {
char buf[256];
- sprintf(buf, "%s\nPassword: ", skeyprompt);
+ snprintf(buf, sizeof(buf), "%s\nS/Key challenge: ", skeyprompt);
data->server_msg = tac_strdup(buf);
Added: head/net/tac_plus4/files/patch-tac_plus.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/tac_plus4/files/patch-tac_plus.h Sun Apr 28 23:03:17 2013 (r316768)
@@ -0,0 +1,10 @@
+--- tac_plus.h.orig 2013-04-13 13:45:20.000000000 +0400
++++ tac_plus.h 2013-04-13 13:50:14.000000000 +0400
+@@ -452,6 +452,7 @@
+ int sendauth_fn(struct authen_data *data);
+ int sendpass_fn(struct authen_data *data);
+ int skey_fn(struct authen_data *data);
++int opie_fn(struct authen_data *data);
+
+ /* tac_plus.c */
+ void open_logfile(void);
Modified: head/net/tac_plus4/files/patch-users_guide.in
==============================================================================
--- head/net/tac_plus4/files/patch-users_guide.in Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/files/patch-users_guide.in Sun Apr 28 23:03:17 2013 (r316768)
@@ -1,6 +1,6 @@
---- users_guide.in.orig 2008-08-20 00:34:57.000000000 -0400
-+++ users_guide.in 2009-07-08 22:32:17.000000000 -0400
-@@ -164,7 +164,10 @@ for S/KEY in the Makefile. I got my S/K
+--- users_guide.in.orig 2011-05-28 02:11:57.000000000 +0400
++++ users_guide.in 2013-04-13 14:16:37.000000000 +0400
+@@ -164,7 +164,10 @@
crimelab.com but now it appears the only source is ftp.bellcore.com. I
suggest you try a web search for s/key source code.
@@ -12,11 +12,12 @@
Should you need them, there are routines for accessing password files
(getpwnam,setpwent,endpwent,setpwfile) in pw.c.
-@@ -454,6 +457,15 @@ be that for each authentiction that is a
- to be wrong whether it was typed correctly or not.
+@@ -414,7 +417,16 @@
+ login = skey
+ }
-
-+4. Authentication using opie.
+-4). Authentication using PAM (Pluggable Authentication Modules)
++4). Authentication using opie.
+
+If you have successfully built tac_plus with opie support, you can specify
+a user be authenticated via opie, as follows:
@@ -25,6 +26,7 @@
+ login = opie
+ }
+
- RECURSIVE PASSWORD LOOKUPS
- ---------------------------
++5). Authentication using PAM (Pluggable Authentication Modules)
+ Assuming that your OS supports it, tac_plus can be configured to use PAM
+ for authentication, which may make it possible to use LDAP, SecureID, etc
Modified: head/net/tac_plus4/pkg-descr
==============================================================================
--- head/net/tac_plus4/pkg-descr Sun Apr 28 23:01:27 2013 (r316767)
+++ head/net/tac_plus4/pkg-descr Sun Apr 28 23:03:17 2013 (r316768)
@@ -9,4 +9,4 @@ Improved features among others and bugfi
To enable MSCHAP you need to optain a key from Microsoft, see the FAQ
section in the users guide. Therefore this isn't enabled by default.
-WWW: http://www.cisco.com/warp/public/480/tacplus.shtml
+WWW: http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800946a3.shtml
More information about the svn-ports-all
mailing list