Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 13 Apr 2013 10:46:11 GMT
From:      Mike Stupalov <landy2005@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/177833: Update version of port tac_plus to 4.0.4.26
Message-ID:  <201304131046.r3DAkBAe084212@red.freebsd.org>
Resent-Message-ID: <201304131050.r3DAo0Gf043575@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         177833
>Category:       ports
>Synopsis:       Update version of port tac_plus to 4.0.4.26
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Apr 13 10:50:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Mike Stupalov
>Release:        
>Organization:
>Environment:
FreeBSD ice 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec  4 09:23:10 UTC 2012     root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
Subj.
Patch included.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN tac_plus4.orig/Makefile tac_plus4/Makefile
--- tac_plus4.orig/Makefile	2013-03-08 15:32:11.000000000 +0400
+++ tac_plus4/Makefile	2013-04-13 14:29:56.000000000 +0400
@@ -2,10 +2,10 @@
 # $FreeBSD: net/tac_plus4/Makefile 313635 2013-03-08 11:32:11Z bapt $
 
 PORTNAME=	tac_plus
-PORTVERSION=	F4.0.4.19
+PORTVERSION=	F4.0.4.26
 CATEGORIES=	net security
 MASTER_SITES=	ftp://ftp.shrubbery.net/pub/tac_plus/
-DISTNAME=	tacacs+-F4.0.4.19
+DISTNAME=	tacacs+-F4.0.4.26
 
 MAINTAINER=	marcus@FreeBSD.org
 COMMENT=	The Cisco remote authentication/authorization/accounting server
diff -ruN tac_plus4.orig/distinfo tac_plus4/distinfo
--- tac_plus4.orig/distinfo	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/distinfo	2013-04-13 13:13:50.000000000 +0400
@@ -1,2 +1,2 @@
-SHA256 (tacacs+-F4.0.4.19.tar.gz) = 582dcdb5723c844e50036b1ed9eaee53239e7791d0ac5e5c22fba8ac4790596b
-SIZE (tacacs+-F4.0.4.19.tar.gz) = 500593
+SHA256 (tacacs+-F4.0.4.26.tar.gz) = 9051824e8ddc164001f80ec2a723c904d8382aadb5b29a951909761b3d42d6ec
+SIZE (tacacs+-F4.0.4.26.tar.gz) = 519796
diff -ruN tac_plus4.orig/files/extra-patch-bb tac_plus4/files/extra-patch-bb
--- tac_plus4.orig/files/extra-patch-bb	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/extra-patch-bb	2013-04-13 13:30:56.000000000 +0400
@@ -13,9 +13,9 @@
 
 ------------------------------ cut here ---------------------------
 
---- pwlib.c.orig	Fri Dec  1 15:07:03 2000
-+++ pwlib.c	Fri Dec  1 15:07:48 2000
-@@ -195,7 +195,7 @@
+--- pwlib.c.orig	2012-06-07 02:54:23.000000000 +0400
++++ pwlib.c	2013-04-13 13:26:17.000000000 +0400
+@@ -303,7 +303,7 @@
      struct passwd *pw;
      char *exp_date;
      char *cfg_passwd;
@@ -24,8 +24,8 @@
      char buf[12];
  #endif /* SHADOW_PASSWORDS */
  
-@@ -217,7 +217,20 @@
- 	return (0);
+@@ -325,7 +325,20 @@
+ 	return(0);
      }
      cfg_passwd = pw->pw_passwd;
 +#ifdef FREEBSD
diff -ruN tac_plus4.orig/files/patch-Makefile.in tac_plus4/files/patch-Makefile.in
--- tac_plus4.orig/files/patch-Makefile.in	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-Makefile.in	2013-04-13 13:43:52.000000000 +0400
@@ -1,33 +1,24 @@
---- Makefile.in.orig	2009-07-28 15:18:02.000000000 -0400
-+++ Makefile.in	2009-10-10 16:24:28.000000000 -0400
-@@ -97,7 +97,7 @@ am__tac_plus_SOURCES_DIST = acct.c authe
+--- Makefile.in.orig	2012-04-17 02:56:54.000000000 +0400
++++ Makefile.in	2013-04-13 13:43:18.000000000 +0400
+@@ -98,7 +98,7 @@
  	config.c default_fn.c default_v0_fn.c do_acct.c do_author.c \
- 	dump.c enable.c encrypt.c expire.c hash.c maxsess.c parse.c \
- 	programs.c pw.c pwlib.c regexp.c report.c sendauth.c \
--	sendpass.c tac_plus.c utils.c skey_fn.c
-+	sendpass.c tac_plus.c utils.c skey_fn.c opie_fn.c
+ 	dump.c enable.c encrypt.c expire.c hash.c maxsessint.c parse.c \
+ 	programs.c pw.c pwlib.c report.c sendauth.c sendpass.c \
+-	tac_plus.c utils.c skey_fn.c aceclnt_fn.c
++	tac_plus.c utils.c skey_fn.c aceclnt_fn.c opie_fn.c
  @TACSKEY_TRUE@am__objects_1 = skey_fn.$(OBJEXT)
+ @TACACECLNT_TRUE@am__objects_2 = aceclnt_fn.$(OBJEXT)
  am_tac_plus_OBJECTS = acct.$(OBJEXT) authen.$(OBJEXT) author.$(OBJEXT) \
- 	choose_authen.$(OBJEXT) config.$(OBJEXT) default_fn.$(OBJEXT) \
-@@ -107,7 +107,7 @@ am_tac_plus_OBJECTS = acct.$(OBJEXT) aut
+@@ -109,7 +109,7 @@
  	parse.$(OBJEXT) programs.$(OBJEXT) pw.$(OBJEXT) \
- 	pwlib.$(OBJEXT) regexp.$(OBJEXT) report.$(OBJEXT) \
- 	sendauth.$(OBJEXT) sendpass.$(OBJEXT) tac_plus.$(OBJEXT) \
--	utils.$(OBJEXT) $(am__objects_1)
-+	utils.$(OBJEXT) opie_fn.$(OBJEXT) $(am__objects_1)
+ 	pwlib.$(OBJEXT) report.$(OBJEXT) sendauth.$(OBJEXT) \
+ 	sendpass.$(OBJEXT) tac_plus.$(OBJEXT) utils.$(OBJEXT) \
+-	$(am__objects_1) $(am__objects_2)
++	opie_fn.$(OBJEXT) $(am__objects_1) $(am__objects_2)
  tac_plus_OBJECTS = $(am_tac_plus_OBJECTS)
  am__DEPENDENCIES_1 =
  tac_plus_DEPENDENCIES = $(am__DEPENDENCIES_1)
-@@ -326,7 +326,7 @@ noinst_HEADERS = md4.h mschap.h regexp.h
- 		expire.h md5.h parse.h pathsl.h regmagic.h
- 
- man_gen_MANS = tac_plus.8 tac_plus.conf.5
--man_nogen_MANS = regexp.3 tac_pwd.8
-+man_nogen_MANS = tac_pwd.8
- man_MANS = $(man_gen_MANS) $(man_nogen_MANS)
- 
- # scripts that are built
-@@ -581,6 +581,7 @@ distclean-compile:
+@@ -592,6 +592,7 @@
  @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sendauth.Po@am__quote@
  @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sendpass.Po@am__quote@
  @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/skey_fn.Po@am__quote@
@@ -35,7 +26,7 @@
  @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tac_plus.Po@am__quote@
  @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tac_pwd.Po@am__quote@
  @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@
-@@ -1061,8 +1062,7 @@ info: info-am
+@@ -1049,8 +1050,7 @@
  
  info-am:
  
diff -ruN tac_plus4.orig/files/patch-ab tac_plus4/files/patch-ab
--- tac_plus4.orig/files/patch-ab	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-ab	1970-01-01 03:00:00.000000000 +0300
@@ -1,30 +0,0 @@
---- tac_plus.h.orig	2009-07-27 20:11:53.000000000 -0400
-+++ tac_plus.h	2010-02-12 18:13:49.000000000 -0500
-@@ -86,6 +86,7 @@
- #ifdef FREEBSD
- #define CONST_SYSERRLIST
- #define NO_PWAGE
-+#include <sys/param.h>
- #endif
- 
- #ifdef BSDI
-@@ -138,7 +139,11 @@
- # include <sys/syslog.h>
- #endif
- 
-+#if defined(FREEBSD) && __FreeBSD_version >= 900007
-+#include <utmpx.h>
-+#else
- #include <utmp.h>
-+#endif
- 
- #include <unistd.h>
- 
-@@ -655,6 +660,7 @@ int sendpass_fn(struct authen_data *data
- int enable_fn(struct authen_data *data);
- int default_v0_fn(struct authen_data *data);
- int skey_fn(struct authen_data *data);
-+int opie_fn(struct authen_data *data);
- 
- #ifdef MAXSESS
- void loguser(struct acct_rec *);
diff -ruN tac_plus4.orig/files/patch-choose_authen.c tac_plus4/files/patch-choose_authen.c
--- tac_plus4.orig/files/patch-choose_authen.c	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-choose_authen.c	2013-04-13 13:57:04.000000000 +0400
@@ -1,8 +1,8 @@
---- choose_authen.c.orig	Sun Jun 18 13:26:53 2000
-+++ choose_authen.c	Sun Dec  8 15:26:08 2002
-@@ -118,10 +118,27 @@
+--- choose_authen.c.orig	2012-04-17 01:42:55.000000000 +0400
++++ choose_authen.c	2013-04-13 13:55:20.000000000 +0400
+@@ -130,12 +130,29 @@
  #else /* SKEY */
- 	    report(LOG_ERR, 
+ 	    report(LOG_ERR,
  		   "%s %s: user %s s/key support has not been compiled in",
 -		   name ? name : "<unknown>",
 -		   session.peer, session.port);
@@ -10,8 +10,8 @@
 +		   name ? name : "<unknown>");
  	    return(CHOOSE_FAILED);
  #endif	/* SKEY */
-+	}
-+
+ 	}
+ 
 +	if (cfg_passwd && STREQ(cfg_passwd, "opie")) {
 +	    if (debug & DEBUG_PASSWD_FLAG)
 +		report(LOG_DEBUG, "%s %s: user %s requires opie",
@@ -27,6 +27,8 @@
 +			name ? name : "<unknown>");
 +		return(CHOOSE_FAILED);
 +#endif /* OPIE */
- 	}
- 
- 	/* Not an skey user. Must be none, des, cleartext or file password */
++	}
++
+ 	/* Does this user require aceclnt */
+ 	cfg_passwd = cfg_get_login_secret(name, TAC_PLUS_RECURSE);
+ 	if (cfg_passwd && STREQ(cfg_passwd, "aceclnt")) {
diff -ruN tac_plus4.orig/files/patch-do_acct.c tac_plus4/files/patch-do_acct.c
--- tac_plus4.orig/files/patch-do_acct.c	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-do_acct.c	1970-01-01 03:00:00.000000000 +0300
@@ -1,78 +0,0 @@
---- do_acct.c.orig	2010-01-23 16:17:36.000000000 -0500
-+++ do_acct.c	2010-02-12 18:19:44.000000000 -0500
-@@ -202,23 +202,42 @@ do_acct_syslog(struct acct_rec *rec)
- int
- wtmp_entry(char *line, char *name, char *host, time_t utime)
- {
-+#if defined(FREEBSD) && __FreeBSD_version >= 900007
-+#define HAVE_UTMPX_H 1
-+    struct utmpx entry;
-+    struct timeval tv;
-+#else
-     struct utmp entry;
-+#endif
- 
-+#ifndef HAVE_UTMPX_H
-     if (!wtmpfile) {
- 	return(1);
-     }
-+#endif
- 
-     memset(&entry, 0, sizeof entry);
-+#ifdef HAVE_UTMPX_H
-+    entry.ut_type = *name != '\0' ? USER_PROCESS : DEAD_PROCESS;
-+    snprintf(entry.ut_id, sizeof entry.ut_id, "%xtac", getpid());
-+#endif
- 
-     if (strlen(line) < sizeof entry.ut_line)
- 	strcpy(entry.ut_line, line);
-     else
- 	memcpy(entry.ut_line, line, sizeof(entry.ut_line));
- 
-+#ifdef HAVE_UTMPX_H
-+    if (strlen(name) < sizeof entry.ut_user)
-+	strcpy(entry.ut_user, name);
-+    else
-+	memcpy(entry.ut_user, name, sizeof(entry.ut_user));
-+#else
-     if (strlen(name) < sizeof entry.ut_name)
- 	strcpy(entry.ut_name, name);
-     else
- 	memcpy(entry.ut_name, name, sizeof(entry.ut_name));
-+#endif
- 
- #ifndef SOLARIS
-     if (strlen(host) < sizeof entry.ut_host)
-@@ -226,13 +245,24 @@ wtmp_entry(char *line, char *name, char 
-     else
- 	memcpy(entry.ut_host, host, sizeof(entry.ut_host));
- #endif
-+#ifdef HAVE_UTMPX_H
-+    memset(&entry.ut_tv, 0, sizeof(entry.ut_tv));
-+    tv.tv_sec = utime;
-+    memcpy(&entry.ut_tv, &tv, sizeof(entry.ut_tv));
-+#else
-     entry.ut_time = utime;
-+#endif
- 
- #ifdef FREEBSD
-+#ifdef HAVE_UTMPX_H
-+    pututxline(&entry);
-+#else
-     wtmpfd = open(wtmpfile, O_CREAT | O_WRONLY | O_APPEND, 0644);
-+#endif
- #else
-     wtmpfd = open(wtmpfile, O_CREAT | O_WRONLY | O_APPEND | O_SYNC, 0644);
- #endif
-+#ifndef HAVE_UTMPX_H
-     if (wtmpfd < 0) {
- 	report(LOG_ERR, "Can't open wtmp file %s -- %s",
- 	       wtmpfile, strerror(errno));
-@@ -251,6 +281,7 @@ wtmp_entry(char *line, char *name, char 
-     }
- 
-     close(wtmpfd);
-+#endif
- 
-     if (debug & DEBUG_ACCT_FLAG) {
- 	report(LOG_DEBUG, "wtmp: %s, %s %s %d", line, name, host, utime);
diff -ruN tac_plus4.orig/files/patch-parse.h tac_plus4/files/patch-parse.h
--- tac_plus4.orig/files/patch-parse.h	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-parse.h	2013-04-13 14:06:52.000000000 +0400
@@ -1,7 +1,10 @@
---- parse.h.orig	Sun Dec  8 15:22:51 2002
-+++ parse.h	Sun Dec  8 15:23:26 2002
-@@ -76,3 +76,4 @@
+--- parse.h.orig	2012-04-10 22:34:40.000000000 +0400
++++ parse.h	2013-04-13 14:02:27.000000000 +0400
+@@ -74,6 +74,7 @@
  #ifdef MSCHAP
  #define S_mschap          42
  #endif /* MSCHAP */
 +#define S_opie            43
+ #define S_enable	43
+ #ifdef ACLS
+ # define S_acl		44
diff -ruN tac_plus4.orig/files/patch-skey_fn.c tac_plus4/files/patch-skey_fn.c
--- tac_plus4.orig/files/patch-skey_fn.c	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-skey_fn.c	2013-04-13 14:09:28.000000000 +0400
@@ -1,11 +1,11 @@
---- skey_fn.c.orig	Sun Apr  3 01:41:00 2005
-+++ skey_fn.c	Sun Apr  3 01:41:08 2005
-@@ -168,7 +168,7 @@
+--- skey_fn.c.orig	2012-06-06 22:34:55.000000000 +0400
++++ skey_fn.c	2013-04-13 14:08:31.000000000 +0400
+@@ -164,7 +164,7 @@
  		return(1);
  	    }
  
 -	    if (skeychallenge(&p->skey, name, skeyprompt, 80) == 0) {
 +	    if (skeychallenge(&p->skey, name, skeyprompt) == 0) {
  		char buf[256];
- 		sprintf(buf, "%s\nPassword: ", skeyprompt);
+ 		snprintf(buf, sizeof(buf), "%s\nS/Key challenge: ", skeyprompt);
  		data->server_msg = tac_strdup(buf);
diff -ruN tac_plus4.orig/files/patch-tac_plus.h tac_plus4/files/patch-tac_plus.h
--- tac_plus4.orig/files/patch-tac_plus.h	1970-01-01 03:00:00.000000000 +0300
+++ tac_plus4/files/patch-tac_plus.h	2013-04-13 13:50:44.000000000 +0400
@@ -0,0 +1,10 @@
+--- tac_plus.h.orig	2013-04-13 13:45:20.000000000 +0400
++++ tac_plus.h	2013-04-13 13:50:14.000000000 +0400
+@@ -452,6 +452,7 @@
+ int sendauth_fn(struct authen_data *data);
+ int sendpass_fn(struct authen_data *data);
+ int skey_fn(struct authen_data *data);
++int opie_fn(struct authen_data *data);
+ 
+ /* tac_plus.c */
+ void open_logfile(void);
diff -ruN tac_plus4.orig/files/patch-tacacs.h tac_plus4/files/patch-tacacs.h
--- tac_plus4.orig/files/patch-tacacs.h	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-tacacs.h	1970-01-01 03:00:00.000000000 +0300
@@ -1,25 +0,0 @@
---- tacacs.h.orig	2010-02-12 18:13:56.000000000 -0500
-+++ tacacs.h	2010-02-12 18:14:51.000000000 -0500
-@@ -83,6 +83,10 @@ XXX unknown
- #define MSCHAP_DIGEST_LEN 49
- #endif /* MSCHAP */
- 
-+#ifdef FREEBSD
-+#include <sys/param.h>
-+#endif
-+
- #if HAVE_STRING_H
- # include <string.h>
- #endif
-@@ -124,7 +128,11 @@ XXX unknown
- # include <sys/syslog.h>
- #endif
- 
-+#if defined(FREEBSD) && __FreeBSD_version >= 900007
-+#include <utmpx.h>
-+#else
- #include <utmp.h>
-+#endif
- 
- #include <unistd.h>
- 
diff -ruN tac_plus4.orig/files/patch-users_guide.in tac_plus4/files/patch-users_guide.in
--- tac_plus4.orig/files/patch-users_guide.in	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/patch-users_guide.in	2013-04-13 14:17:05.000000000 +0400
@@ -1,6 +1,6 @@
---- users_guide.in.orig	2008-08-20 00:34:57.000000000 -0400
-+++ users_guide.in	2009-07-08 22:32:17.000000000 -0400
-@@ -164,7 +164,10 @@ for S/KEY in the Makefile.  I got my S/K
+--- users_guide.in.orig	2011-05-28 02:11:57.000000000 +0400
++++ users_guide.in	2013-04-13 14:16:37.000000000 +0400
+@@ -164,7 +164,10 @@
  crimelab.com but now it appears the only source is ftp.bellcore.com. I
  suggest you try a web search for s/key source code.
  
@@ -12,11 +12,12 @@
  
  Should you need them, there are routines for accessing password files
  (getpwnam,setpwent,endpwent,setpwfile) in pw.c.
-@@ -454,6 +457,15 @@ be that for each authentiction that is a
- to be wrong whether it was typed correctly or not.
+@@ -414,7 +417,16 @@
+       login = skey
+     }
  
- 
-+4. Authentication using opie.
+-4). Authentication using PAM (Pluggable Authentication Modules)
++4). Authentication using opie.
 +
 +If you have successfully built tac_plus with opie support, you can specify
 +a user be authenticated via opie, as follows:
@@ -25,6 +26,7 @@
 +      login = opie
 +    }
 +
- RECURSIVE PASSWORD LOOKUPS
- ---------------------------
++5). Authentication using PAM (Pluggable Authentication Modules)
  
+ Assuming that your OS supports it, tac_plus can be configured to use PAM
+ for authentication, which may make it possible to use LDAP, SecureID, etc
diff -ruN tac_plus4.orig/files/tac_plus.in tac_plus4/files/tac_plus.in
--- tac_plus4.orig/files/tac_plus.in	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/files/tac_plus.in	2012-01-14 12:56:29.000000000 +0400
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $FreeBSD: net/tac_plus4/files/tac_plus.in 300897 2012-07-14 14:29:18Z beat $
+# $FreeBSD: ports/net/tac_plus4/files/tac_plus.in,v 1.4 2012/01/14 08:56:29 dougb Exp $
 #
 # PROVIDE: tac_plus
 # REQUIRE: DAEMON
diff -ruN tac_plus4.orig/pkg-descr tac_plus4/pkg-descr
--- tac_plus4.orig/pkg-descr	2012-07-14 18:29:18.000000000 +0400
+++ tac_plus4/pkg-descr	2013-04-13 14:19:12.000000000 +0400
@@ -9,4 +9,4 @@
 To enable MSCHAP you need to optain a key from Microsoft, see the FAQ
 section in the users guide. Therefore this isn't enabled by default.
 
-WWW: http://www.cisco.com/warp/public/480/tacplus.shtml
+WWW: http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800946a3.shtml


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304131046.r3DAkBAe084212>