Security update with following changes:

Makefile: PLIST_SUB added (CONF_DIR), fix ${NOPORTDOCS}, bump ${PORTREVISION}
pkg-plist: etc -> %%CONF_DIR%%, utilize ${DOCSDIR}
Setuid misplaced (security fix) for main.c
Thanks to cyrill@econ.krasnoyarsk.su for submitting this patch.

Also makes portlint happy.

Submitted by:	Clement Laforet <sheepkiller@cultdeadsheep.org> (maintainer)
PR:		56614

security/op/Makefile

@@ -7,10 +7,11 @@
 
 PORTNAME=	op
 PORTVERSION=	1.11
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.cerias.purdue.edu/pub/tools/%SUBDIR%/ \
 		ftp://ftp.rge.com/pub/security/cerias/tools/%SUBDIR%/ \
-	ftp://ftp.hacktic.nl/pub/security/coast.cs.purdue.edu/%SUBDIR%/ \
+		ftp://ftp.hacktic.nl/pub/security/coast.cs.purdue.edu/%SUBDIR%/ \
 		ftp://ftp.nask.pl/pub/mirror/coast.cs.purdue.edu/%SUBDIR%/
 MASTER_SITE_SUBDIR=	unix/sysutils/${PORTNAME}
 
@@ -29,6 +30,8 @@ MAKE_ARGS=	BASE="${PREFIX}" \
 		MANOWN=${MANOWN} MANGRP=${MANGRP} MANMODE=${MANMODE}
 ALL_TARGET=	${PORTNAME}
 
+PLIST_SUB=	CONF_DIR="${CONF_DIR:S,^${PREFIX}/,,}"
+
 MAN8=		op.8
 
 PKGDEINSTALL=	${PKGINSTALL}
@@ -82,10 +85,10 @@ install-conf-file:
 		${PKGINSTALL} ${PKGNAME} POST-INSTALL
 
 install-doc-files:
-.if !defined(NOPORTSDOC)
+.if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
-.for file in ${DOC_FILES}
-	@${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}/${file}
+.for f in ${DOC_FILES}
+	@${INSTALL_DATA} ${WRKSRC}/${f} ${DOCSDIR}
 .endfor
 .endif
 

security/op/files/patch-main.c

@@ -0,0 +1,53 @@
+--- main.c.orig	Tue Sep  9 01:24:31 2003
++++ main.c	Tue Sep  9 01:29:26 2003
+@@ -448,29 +448,17 @@
+ 	char		*cp, *np;
+ 	struct passwd	*pw;
+ 	struct group	*gr;
+-	int		ngroups, gidset[256];
++	int		ngroups = 0, gidset[256];
+ 	int		curenv = 0, curarg = 0;
+ 	char		*new_envp[MAXENV];
+ 	char		*new_argv[MAXARG];
+ 	char		str[MAXSTRLEN], buf[4*MAXSTRLEN];
+ 
+-	if ((cp = FindOpt(cmd, "uid")) == NULL) {
+-		if (setuid(0) < 0)
+-			fatal("Unable to set uid to default", cp);
+-	} else {
+-		if ((pw = getpwnam(cp)) == NULL) {
+-			if (setuid(atoi(cp)) < 0)
+-				fatal("Unable to set uid to %s", cp);
+-		}
+-		if (setuid(pw->pw_uid) < 0)
+-			fatal("Unable to set uid to %s", cp);
+-	}
+-
+ 	if ((cp = FindOpt(cmd, "gid")) == NULL) {
+ 		;		/* don't have a default */
+ 	} else {
+ 		for (cp=GetField(cp, str); cp!=NULL; cp=GetField(cp, str)) {
+-			if ((gr = getgrnam(cp)) != NULL)
++			if ((gr = getgrnam(str)) != NULL)
+ 				gidset[ngroups++] = gr->gr_gid;
+ 		}
+ 		if (ngroups == 0) 
+@@ -533,6 +521,18 @@
+ 			new_envp[curenv++] = environ[i];
+ 	}
+ 	new_envp[curenv] = NULL;
++
++	if ((cp = FindOpt(cmd, "uid")) == NULL) {
++		if (setuid(0) < 0)
++			fatal("Unable to set uid to default", cp);
++	} else {
++		if ((pw = getpwnam(cp)) == NULL) {
++			if (setuid(atoi(cp)) < 0)
++				fatal("Unable to set uid to %s", cp);
++		}
++		if (setuid(pw->pw_uid) < 0)
++			fatal("Unable to set uid to %s", cp);
++	}
+ 
+ 	if (strcmp("MAGIC_SHELL", cmd->args[0]) == 0) {
+ 		for (i = 0; environ[i] != NULL; i++) 

security/op/pkg-plist

@@ -1,6 +1,6 @@
 @comment $FreeBSD$
 bin/op
-etc/op.access.sample
-%%PORTDOCS%%share/doc/op/README
-%%PORTDOCS%%share/doc/op/op.paper
-%%PORTDOCS%%@dirrm share/doc/op
+%%CONF_DIR%%/op.access.sample
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/op.paper
+%%PORTDOCS%%@dirrm %%DOCSDIR%%