Update 0.3d -> 0.3e.

The vendor says: ``We suggest those running a ftpd to update
immediately.''

Changes in release 0.3e:
 * rcp program included
 * fix buffer overrun in ftpd
 * handle omitted sequence numbers as zeroes to handle MIT krb5 that
   cannot generate zero sequence numbers
 * handle v4 /.k files better
 * configure/portability fixes
 * fixes in parsing of options to kadmin (sub-)commands
 * handle errors in kadmin load better
 * bug fixes

security/heimdal/Makefile

@@ -6,8 +6,7 @@
 #
 
 PORTNAME=		heimdal
-PORTVERSION=	0.3d
-PORTREVISION=	2
+PORTVERSION=	0.3e
 CATEGORIES=		security ipv6
 MASTER_SITES=	ftp://ftp.pdc.kth.se/pub/heimdal/src/ \
 				ftp://ftp.replay.com/pub/replay/crypto/APPS/kerberos/heimdal/ \
@@ -25,10 +24,13 @@ RESTRICTED=		"Crypto; export-controlled"
 MAN1=			ftp.1 kdestroy.1 kf.1 kgetcred.1 kinit.1 klist.1 kpasswd.1 \
 				krb5-config.1 kx.1 otp.1 otpprint.1 pfrom.1 rxtelnet.1 \
 				rxterm.1 telnet.1 tenletxr.1 xnlock.1
-MAN3=			editline.3 kafs.3 krb5_425_conv_principal.3 krb5_appdefault.3 \
-				krb5_build_principal.3 krb5_config.3 krb5_free_principal.3 \
-				krb5_openlog.3 krb5_parse_name.3 krb5_sname_to_principal.3 \
-				krb5_unparse_name.3 krb5_warn.3
+MAN3=			editline.3 kafs.3 krb5_425_conv_principal.3		\
+				krb5_appdefault.3 krb5_auth_context.3 \
+				krb5_build_principal.3 krb5_config.3 krb5_context.3 \
+				krb5_free_principal.3 krb5_init_context.3 \
+				krb5_openlog.3 krb5_parse_name.3 \
+				krb5_sname_to_principal.3 krb5_unparse_name.3 \
+				krb5_warn.3
 MAN5=			ftpusers.5 krb5.conf.5
 MAN8=			ftpd.8 hprop.8 hpropd.8 kadmin.8 kadmind.8 kdc.8 kerberos.8 \
 				kfd.8 kpasswdd.8 kstash.8 ktutil.8 kxd.8 push.8 string2key.8 \
@@ -40,7 +42,6 @@ MAN8=			ftpd.8 hprop.8 hpropd.8 kadmin.8 kadmind.8 kdc.8 kerberos.8 \
 GNU_CONFIGURE=		yes
 CONFIGURE_TARGET=	--build=${MACHINE_ARCH}--freebsd${OSREL}
 INSTALLS_SHLIB=		yes
-CONFIGURE_ENV=		CPPFLAGS="${OPENSSL_INCLUDE}"
 CONFIGURE_ARGS=		--prefix=${PREFIX} --enable-shared
 .if defined(WITH_LDAP)
 CONFIGURE_ARGS+=	--with-openldap=${LOCALBASE}
@@ -67,34 +68,18 @@ CONFIGURE_ARGS+=	--without-krb4
 .endif
 
 # OpenSSL 0.9.6 and later have MD4 and can be used in the build
-.if exists(/usr/include/openssl/md4.h) && exists(/usr/lib/libdes.a)
-OPENSSL_INCLUDE=	-I/usr/include/openssl
+.if exists(/usr/include/openssl/md4.h) && exists(/usr/lib/libcrypto.a)
 OPENSSL_IN_BASE=	YES
 .endif
 
 PLIST:=				${WRKDIR}/PLIST
 
-# The crypto APIs in the included libdes are trivially different from
-# those in OpenSSL, e.g. MD5Init versus MD5_Init.  To make things simpler,
-# we normalize the API to use the latter naming convention.  These are a
-# list of the files that must be munged.
-CRYPTO_FIXUP=		lib/des/fcrypt.c lib/des/md4.c lib/des/md4.h \
-					lib/des/md5.c lib/des/md5.h lib/des/mdtest.c \
-					lib/des/sha.c lib/des/sha.h lib/gssapi/8003.c \
-					lib/gssapi/get_mic.c lib/gssapi/unwrap.c \
-					lib/gssapi/verify_mic.c lib/gssapi/wrap.c \
-					lib/krb5/crypto.c lib/krb5/replay.c lib/otp/otp_md.c
-
+# Nuke com_err stuff, it is in the base system.
 pre-configure:
 	@(set -e; \
 	cd ${CONFIGURE_WRKSRC}; \
 	find . -type f -name 'Makefile.in' -print | xargs perl -i -pe \
 	's,\$$\(top_builddir\)/lib/com_err/compile_et,compile_et,';)
-	(cd ${WRKSRC} && ${PERL} -i.orig -p \
-		-e 's/(SHA1|MD5|MD4)(Init|Update|Final)/$$1_$$2/g;' \
-		-e 's/SHA1_CTX/SHA_CTX/g;' \
-		-e 's/des_set_odd_parity/des_fixup_key_parity/g;' \
-		${CRYPTO_FIXUP})
 
 pre-install:
 	@${CP} ${PKGDIR}/pkg-plist ${PLIST}

security/heimdal/distinfo

@@ -1 +1 @@
-MD5 (heimdal-0.3d.tar.gz) = 59bcfcd7cd6ef8786b958f06bf198556
+MD5 (heimdal-0.3e.tar.gz) = 139cb6a45f4b68b4d6d80ded078933ae

security/heimdal/files/patch-cb

@@ -1,7 +1,7 @@
---- configure.in.orig	Sun Dec 10 21:19:36 2000
-+++ configure.in	Thu Jan  4 08:49:14 2001
+--- configure.in.orig	Mon Feb  5 08:26:49 2001
++++ configure.in	Mon Feb  5 08:28:07 2001
 @@ -83,6 +83,10 @@
- 	LIB_openldap="-rpath $openldap_libdir $LIB_openldap"
+ 	LIB_openldap="-R $openldap_libdir $LIB_openldap"
  fi
  
 +dnl Kerberos 4 libraries are quite likely to need to link against
@@ -11,17 +11,3 @@
  AC_TEST_PACKAGE_NEW(krb4,[#include <krb.h>],-lkrb,-ldes,/usr/athena, KRB4)
  
  LIB_kdb=
-@@ -561,7 +565,12 @@
- \( "$ac_cv_func_SHA1Init" = "yes" -o "$ac_cv_func_SHA1_Init" = "yes" \) -a \
- "$ac_cv_func_RC4" = "yes"; then
-   DIR_des=''
--  LIB_des="-rpath $krb4_libdir -L$krb4_libdir $ac_cv_funclib_MD4Init"
-+  LIB_des="-rpath $krb4_libdir -L$krb4_libdir"
-+  if test "$ac_cv_func_MD4Init" = "yes"; then
-+    LIB_des="$LIB_des $ac_cv_funclib_MD4Init"
-+  else
-+    LIB_des="$LIB_des $ac_cv_funclib_MD4_Init"
-+  fi
- else
-   DIR_des='des'
-   LIB_des='$(top_builddir)/lib/des/libdes.la'

security/heimdal/files/patch-cc

@@ -1,7 +1,7 @@
---- configure.orig	Sun Dec 10 21:21:14 2000
-+++ configure	Thu Jan  4 08:53:33 2001
-@@ -9511,6 +9511,10 @@
- 	LIB_openldap="-rpath $openldap_libdir $LIB_openldap"
+--- configure.orig	Mon Feb  5 02:03:23 2001
++++ configure	Mon Feb  5 08:29:21 2001
+@@ -11827,6 +11827,10 @@
+ 	LIB_openldap="-R $openldap_libdir $LIB_openldap"
  fi
  
 +# Kerberos IV on FreeBSD depends on libcom_err
@@ -11,17 +11,3 @@
  # Check whether --with-krb4 or --without-krb4 was given.
  if test "${with_krb4+set}" = set; then
    withval="$with_krb4"
-@@ -18164,7 +18168,12 @@
- \( "$ac_cv_func_SHA1Init" = "yes" -o "$ac_cv_func_SHA1_Init" = "yes" \) -a \
- "$ac_cv_func_RC4" = "yes"; then
-   DIR_des=''
--  LIB_des="-rpath $krb4_libdir -L$krb4_libdir $ac_cv_funclib_MD4Init"
-+  LIB_des="-rpath $krb4_libdir -L$krb4_libdir"
-+  if test "$ac_cv_func_MD4Init" = "yes"; then
-+    LIB_des="$LIB_des $ac_cv_funclib_MD4Init"
-+  else
-+    LIB_des="$LIB_des $ac_cv_funclib_MD4_Init"
-+  fi
- else
-   DIR_des='des'
-   LIB_des='$(top_builddir)/lib/des/libdes.la'

security/heimdal/files/patch-cd

@@ -1,13 +0,0 @@
---- Makefile.in.ORIG	Thu Mar 30 22:23:32 2000
-+++ Makefile.in	Thu Mar 30 22:23:50 2000
-@@ -197,8 +197,8 @@
- all: all-redirect
- .SUFFIXES:
- .SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x
--$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
--	cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile
-+#$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
-+#	cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile
- 
- Makefile: $(srcdir)/Makefile.in  $(top_builddir)/config.status
- 	cd $(top_builddir) \

security/heimdal/files/patch-cg

@@ -1,11 +0,0 @@
---- lib/45/mk_req.c.orig	Mon Apr 17 20:38:38 2000
-+++ lib/45/mk_req.c	Mon Apr 17 20:38:50 2000
-@@ -63,7 +63,7 @@
- 
- int
- krb_mk_req(KTEXT authent,
--	   const char *service, const char *instance, const char *realm, 
-+	   char *service, char *instance, char *realm, 
- 	   int32_t checksum)
- {
-     CREDENTIALS cr;

security/heimdal/files/patch-cr

@@ -1,13 +0,0 @@
---- lib/hdb/hdb-ldap.c.orig	Wed Nov  8 14:42:11 2000
-+++ lib/hdb/hdb-ldap.c	Wed Nov  8 15:39:50 2000
-@@ -583,8 +583,8 @@
-     rc = 1;
-     (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, (void *) &rc);
- 
--    rc = ldap_search_s((LDAP *) db->db, db->name,
--		       LDAP_SCOPE_ONELEVEL, filter, NULL, 0, msg);
-+    rc = ldap_search_s((LDAP *) db->db, db->name, LDAP_SCOPE_ONELEVEL, filter,
-+	krb5kdcentry_attrs, 0, msg);
-     if (rc != LDAP_SUCCESS) {
- 	ret = HDB_ERR_NOENTRY;
- 	goto out;

security/heimdal/files/patch-cs

@@ -1,38 +0,0 @@
---- lib/otp/otp_md.c.orig	Tue Jul 11 19:26:43 2000
-+++ lib/otp/otp_md.c	Thu Jan  4 09:38:17 2001
-@@ -212,7 +212,7 @@
-  */
- 
- static void
--SHA1Final_little_endian (void *res, struct sha1 *m)
-+SHA1Final_little_endian (void *res, SHA_CTX *m)
- {
-   unsigned char tmp[20];
-   unsigned char *p = res;
-@@ -231,7 +231,7 @@
- otp_sha_init (OtpKey key, const char *pwd, const char *seed)
- {
-   unsigned char res[20];
--  struct sha1 sha1;
-+  SHA_CTX sha1;
- 
-   return otp_md_init (key, pwd, seed, 
- 		      (void (*)(void *))SHA1Init, 
-@@ -245,7 +245,7 @@
- 	      size_t len,
- 	      unsigned char *res)
- {
--  struct sha1 sha1;
-+  SHA_CTX sha1;
- 
-   return otp_md_hash (data, len,
- 		      (void (*)(void *))SHA1Init,
-@@ -258,7 +258,7 @@
- otp_sha_next (OtpKey key)
- {
-   unsigned char res[20];
--  struct sha1 sha1;
-+  SHA_CTX sha1;
- 
-   return otp_md_next (key, 
- 		      (void (*)(void *))SHA1Init, 

security/heimdal/pkg-plist

@@ -12,6 +12,7 @@ bin/mk_cmds
 bin/otp
 bin/otpprint
 bin/pfrom
+bin/rcp
 bin/rsh
 bin/string2key
 bin/su
@@ -57,14 +58,14 @@ info/heimdal.info
 @exec install-info %D/info/heimdal.info %D/info/dir
 lib/libasn1.a
 lib/libasn1.so
-lib/libasn1.so.3
+lib/libasn1.so.4
 lib/libeditline.a
 lib/libgssapi.a
 lib/libgssapi.so
-lib/libgssapi.so.2
+lib/libgssapi.so.3
 lib/libhdb.a
 lib/libhdb.so
-lib/libhdb.so.6
+lib/libhdb.so.7
 lib/libkadm5clnt.a
 lib/libkadm5clnt.so
 lib/libkadm5clnt.so.6
@@ -73,7 +74,7 @@ lib/libkadm5srv.so
 lib/libkadm5srv.so.7
 lib/libkrb5.a
 lib/libkrb5.so
-lib/libkrb5.so.14
+lib/libkrb5.so.15
 lib/libotp.a
 lib/libotp.so
 lib/libotp.so.1

security/heimdal/pkg-plist.des

@@ -6,4 +6,4 @@ include/rc4.h
 include/sha.h
 lib/libdes.a
 lib/libdes.so
-lib/libdes.so.2
+lib/libdes.so.3