cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import heimdal-1.5.3; aka resurrect security/heimdal.

Browse Source 
Heimdal is an implementation of Kerberos 5 (and some more stuff) largely
written in Sweden.

ok sthen@

Note that it is not enabled yet because none of the requesters for this
port stood up to give me any feedback nor OK. Also this is still a WIP, it
may not even build with all the recent changes in base.
This commit is contained in:
ajacoutot 2014-07-13 14:10:13 +00:00
parent 9867cab152
commit 4308a01205
36 changed files with 2271 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

149
security/heimdal/Makefile Normal file
View File

@ -0,0 +1,149 @@
# $OpenBSD: Makefile,v 1.12 2014/07/13 14:10:13 ajacoutot Exp $
COMMENT-main= Kerberos 5 implementation
COMMENT-devel-docs= Heimdal C functions documentation
COMMENT-libs= Heimdal libraries and headers
V= 1.5.3
DISTNAME= heimdal-${V}
PKGNAME-main= ${DISTNAME}
PKGNAME-devel-docs= heimdal-devel-docs-${V}
PKGNAME-libs= heimdal-libs-${V}
CATEGORIES= security net
SHARED_LIBS += heimbase 1.0 # 1.0
SHARED_LIBS += roken 2.0 # 19.0
SHARED_LIBS += heimedit 0.0 # 0.36
SHARED_LIBS += sl 0.0 # 2.1
SHARED_LIBS += wind 2.0 # 0.0
SHARED_LIBS += asn1 21.0 # 8.0
SHARED_LIBS += heimsqlite 0.0 # unknown
SHARED_LIBS += hx509 0.0 # 5.0
SHARED_LIBS += krb5 21.0 # 26.0
SHARED_LIBS += heimntlm 0.0 # 1.0
SHARED_LIBS += kafs 21.0 # 5.1
SHARED_LIBS += gssapi 8.0 # 3.0
SHARED_LIBS += hdb 2.0 # 11.0
SHARED_LIBS += kadm5srv 2.0 # 8.1
SHARED_LIBS += kadm5clnt 2.0 # 7.1
SHARED_LIBS += kdc 2.0 # 2.0
HOMEPAGE= http://www.h5l.org/
MAINTAINER= Antoine Jacoutot <ajacoutot@openbsd.org>
# BSD
PERMIT_PACKAGE_CDROM= Yes
MULTI_PACKAGES= -main -devel-docs -libs
MASTER_SITES= http://www.h5l.org/dist/src/
BUILD_DEPENDS= devel/bison
SYSCONFDIR= ${BASESYSCONFDIR}/heimdal
WANTLIB += c crypto curses pthread termcap
WANTLIB-main= ${WANTLIB} com_err util
WANTLIB-main += heimdal/lib/asn1
WANTLIB-main += heimdal/lib/gssapi
WANTLIB-main += heimdal/lib/hdb
WANTLIB-main += heimdal/lib/heimbase
WANTLIB-main += heimdal/lib/heimedit
WANTLIB-main += heimdal/lib/heimntlm
WANTLIB-main += heimdal/lib/heimsqlite
WANTLIB-main += heimdal/lib/hx509
WANTLIB-main += heimdal/lib/kadm5clnt
WANTLIB-main += heimdal/lib/kadm5srv
WANTLIB-main += heimdal/lib/kafs
WANTLIB-main += heimdal/lib/kdc
WANTLIB-main += heimdal/lib/krb5
WANTLIB-main += heimdal/lib/roken
WANTLIB-main += heimdal/lib/sl
WANTLIB-main += heimdal/lib/wind
LIB_DEPENDS-main= ${BASE_PKGPATH},-libs=${V}
PKG_ARCH-devel-docs= *
WANTLIB-devel-docs= # empty
WANTLIB-libs= ${WANTLIB} com_err
WANTLIB-libs += com_err
LIB_DEPENDS-libs= sysutils/e2fsprogs
MODGNU_CONFIG_GUESS_DIRS= \
${WRKSRC} \
${WRKSRC}/lib/libedit
CONFIGURE_STYLE= gnu
CONFIGURE_ENV= LDFLAGS="-L${LOCALBASE}/lib" \
CPPFLAGS="-I${LOCALBASE}/include"
CONFIGURE_ARGS= ${CONFIGURE_SHARED} \
--disable-afs-support \
--disable-otp \
--without-x
# make sure we only pickup db from base
CONFIGURE_ENV += ac_cv_funclib_db_create=no \
ac_cv_header_db3_db_h=no \
ac_cv_header_db4_db_h=no \
ac_cv_header_db5_db_h=no
# install bins, libs and includes under a non-default PATH/PREFIX
CONFIGURE_ARGS += --bindir=${PREFIX}/heimdal/bin \
--sbindir=${PREFIX}/heimdal/sbin \
--libexecdir=${PREFIX}/heimdal/libexec \
--libdir=${PREFIX}/heimdal/lib \
--includedir=${PREFIX}/heimdal/include
MAKE_ENV= INSTALL_CATPAGES=no
RM_BIN= bin/afslog \
bin/ftp \
bin/login \
bin/pfrom \
bin/rcp \
bin/rsh \
bin/su \
bin/telnet \
libexec/ftpd \
libexec/popper \
libexec/push \
libexec/rshd \
libexec/telnetd
RM_MAN= man/man1/afslog.1 \
man/man1/ftp.1 \
man/man1/login.1 \
man/man1/pfrom.1 \
man/man1/rcp.1 \
man/man1/rsh.1 \
man/man1/su.1 \
man/man1/rxtelnet.1 \
man/man1/telnet.1 \
man/man5/ftpusers.5 \
man/man5/login.access.5 \
man/man8/ftpd.8 \
man/man8/popper.8 \
man/man8/push.8 \
man/man8/rshd.8 \
man/man8/telnetd.8
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/heimdal
${INSTALL_DATA} ${FILESDIR}/krb5.conf \
${PREFIX}/share/examples/heimdal/
# fix bogus symlink
cd ${PREFIX}/man/man5/ && \
ln -sf mech.5 qop.5
# remove until proven useful
.for i in ${RM_BIN}
rm ${PREFIX}/heimdal/$i
.endfor
.for i in ${RM_MAN}
rm ${PREFIX}/$i
.endfor
.include <bsd.port.mk>

2
security/heimdal/distinfo Normal file
View File

@ -0,0 +1,2 @@
SHA256 (heimdal-1.5.3.tar.gz) = qsJ77bM8NBtq7SAq8HzMgWFGqJMUhyH4Ejq7v5O7/qU=
SIZE (heimdal-1.5.3.tar.gz) = 6798305

26
security/heimdal/files/krb5.conf Normal file
View File

@ -0,0 +1,26 @@
# $OpenBSD: krb5.conf,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
#
# See krb5.conf(5) and the heimdal info(1) page for more information.
[libdefaults]
# local realm(s)
default_realm = DOMAIN.TLD
[realms]
DOMAIN.TLD = {
# list of KDC(s) for this realm
kdc = kerberos.domain.tld
# admin server for this realm
admin_server = kerberos.domain.tld
}
[kadmin]
# default salt string
default_keys = v5
[logging]
# log to syslog(3)
kdc = SYSLOG:INFO:DAEMON
kpasswdd = SYSLOG:INFO:AUTH
default = SYSLOG:INFO:DAEMON

17
security/heimdal/heimdal.port.mk Normal file
View File

@ -0,0 +1,17 @@
# $OpenBSD: heimdal.port.mk,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
MODHEIMDAL_WANTLIB += com_err crypto
MODHEIMDAL_WANTLIB += heimdal/lib/asn1
MODHEIMDAL_WANTLIB += heimdal/lib/heimbase
MODHEIMDAL_WANTLIB += heimdal/lib/heimsqlite
MODHEIMDAL_WANTLIB += heimdal/lib/hx509
MODHEIMDAL_WANTLIB += heimdal/lib/krb5
MODHEIMDAL_WANTLIB += heimdal/lib/roken
MODHEIMDAL_WANTLIB += heimdal/lib/wind
MODHEIMDAL_LIB_DEPENDS= security/kerberos/heimdal,-libs
LIB_DEPENDS += ${MODHEIMDAL_LIB_DEPENDS}
WANTLIB += ${MODHEIMDAL_WANTLIB}
MODHEIMDAL_post-patch= ln -sf ${LOCALBASE}/heimdal/bin/krb5-config ${WRKDIR}/bin/krb5-config

29
security/heimdal/patches/patch-appl_xnlock_xnlock_c Normal file
View File

@ -0,0 +1,29 @@
$OpenBSD: patch-appl_xnlock_xnlock_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- appl/xnlock/xnlock.c.orig Sun Dec 9 23:06:44 2012
+++ appl/xnlock/xnlock.c Thu Apr 24 15:41:58 2014
@@ -377,7 +377,9 @@ walk(int dir)
static long
my_random (void)
{
-#ifdef HAVE_RANDOM
+#if defined (HAVE_ARC4RANDOM)
+ return arc4random();
+#elif defined (HAVE_RANDOM)
return random();
#else
return rand();
@@ -938,7 +940,9 @@ main (int argc, char **argv)
strlcpy(login, pw->pw_name, sizeof(login));
}
-#if defined(HAVE_SRANDOMDEV)
+#if defined(HAVE_ARC4RANDOM)
+ /* do nothing */
+#elif defined(HAVE_SRANDOMDEV)
srandomdev();
#elif defined(HAVE_RANDOM)
srandom(time(NULL));

32
security/heimdal/patches/patch-kadmin_add-random-users_c Normal file
View File

@ -0,0 +1,32 @@
$OpenBSD: patch-kadmin_add-random-users_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- kadmin/add-random-users.c.orig Sun Dec 9 23:06:44 2012
+++ kadmin/add-random-users.c Thu Apr 24 14:15:42 2014
@@ -86,9 +86,13 @@ add_user (krb5_context context, void *kadm_handle,
krb5_error_code ret;
int mask;
+#ifdef HAVE_ARC4RANDOM
+ r1 = arc4random();
+ r2 = arc4random();
+#else
r1 = rand();
r2 = rand();
-
+#endif
snprintf (name, sizeof(name), "%s%d", words[r1 % nwords], r2 % 1000);
mask = KADM5_PRINCIPAL;
@@ -169,7 +173,9 @@ main(int argc, char **argv)
print_version(NULL);
return 0;
}
+#ifndef HAVE_ARC4RANDOM
srand (0);
+#endif
argc -= optidx;
argv += optidx;

40
security/heimdal/patches/patch-kpasswd_kpasswd-generator_c Normal file
View File

@ -0,0 +1,40 @@
$OpenBSD: patch-kpasswd_kpasswd-generator_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- kpasswd/kpasswd-generator.c.orig Sun Dec 9 23:06:44 2012
+++ kpasswd/kpasswd-generator.c Thu Apr 24 14:52:14 2014
@@ -78,7 +78,7 @@ generate_requests (const char *filename, unsigned nreq
{
krb5_context context;
krb5_error_code ret;
- int i;
+ int i, rnd;
char **words;
unsigned nwords;
@@ -89,7 +89,12 @@ generate_requests (const char *filename, unsigned nreq
nwords = read_words (filename, &words);
for (i = 0; i < nreq; ++i) {
- char *name = words[rand() % nwords];
+#ifdef HAVE_ARC4RANDOM
+ rnd = arc4random();
+#else
+ rnd = rand();
+#endif
+ char *name = words[rnd % nwords];
krb5_get_init_creds_opt *opt;
krb5_creds cred;
krb5_principal principal;
@@ -198,7 +203,9 @@ main(int argc, char **argv)
if (argc != 2)
usage (1);
+#ifndef HAVE_ARC4RANDOM
srand (0);
+#endif
nreq = strtol (argv[1], &end, 0);
if (argv[1] == end || *end != '\0')
usage (1);

40
security/heimdal/patches/patch-kuser_generate-requests_c Normal file
View File

@ -0,0 +1,40 @@
$OpenBSD: patch-kuser_generate-requests_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- kuser/generate-requests.c.orig Sun Dec 9 23:06:44 2012
+++ kuser/generate-requests.c Thu Apr 24 14:15:49 2014
@@ -67,7 +67,7 @@ generate_requests (const char *filename, unsigned nreq
krb5_context context;
krb5_error_code ret;
krb5_creds cred;
- int i;
+ int i, rnd;
char **words;
unsigned nwords;
@@ -78,7 +78,12 @@ generate_requests (const char *filename, unsigned nreq
nwords = read_words (filename, &words);
for (i = 0; i < nreq; ++i) {
- char *name = words[rand() % nwords];
+#ifdef HAVE_ARC4RANDOM
+ rnd = arc4random();
+#else
+ rnd = rand();
+#endif
+ char *name = words[rnd % nwords];
memset(&cred, 0, sizeof(cred));
@@ -136,7 +141,9 @@ main(int argc, char **argv)
if (argc != 2)
usage (1);
+#ifndef HAVE_ARC4RANDOM
srand (0);
+#endif
nreq = strtol (argv[1], &end, 0);
if (argv[1] == end || *end != '\0')
usage (1);

16
security/heimdal/patches/patch-kuser_kswitch_1 Normal file
View File

@ -0,0 +1,16 @@
$OpenBSD: patch-kuser_kswitch_1,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
--- kuser/kswitch.1.orig Thu Apr 24 14:18:45 2014
+++ kuser/kswitch.1 Thu Apr 24 14:19:52 2014
@@ -29,9 +29,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd Augusti 25, 2009
-.Dt KSWITCH SECTION
-.Os OPERATING_SYSTEM
+.Dd August 25, 2009
+.Dt KSWITCH 1
+.Os HEIMDAL
.Sh NAME
.Nm kswitch
.Nd switch between default credential caches

14
security/heimdal/patches/patch-lib_com_err_com_right_h Normal file
View File

@ -0,0 +1,14 @@
$OpenBSD: patch-lib_com_err_com_right_h,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
https://github.com/heimdal/heimdal/commit/db85d0998e4a000ed684e62b9fbfcb484adc9ebd
--- lib/com_err/com_right.h.orig Thu Apr 24 14:02:02 2014
+++ lib/com_err/com_right.h Thu Apr 24 14:02:35 2014
@@ -58,6 +58,7 @@
#ifdef __STDC__
#include <stdarg.h>
+#include <stddef.h>
#endif
struct error_table {

16
security/heimdal/patches/patch-lib_gssapi_spnego_external_c Normal file
View File

@ -0,0 +1,16 @@
$OpenBSD: patch-lib_gssapi_spnego_external_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
http://repo.or.cz/w/heimdal.git/blobdiff/5f29169afce289a60805126b7a5a730c1b5ff65e..617f4b7bd589f0c86ebd654fd9bfe4e755b9e3d3:/lib/gssapi/spnego/external.c
(prevents unlocking an already unlocked or non-existent mutex)
--- lib/gssapi/spnego/external.c.orig Sun Dec 9 23:06:44 2012
+++ lib/gssapi/spnego/external.c Tue May 13 11:05:29 2014
@@ -84,7 +84,7 @@ static gssapi_mech_interface_desc spnego_mech = {
_gss_spnego_init_sec_context,
_gss_spnego_accept_sec_context,
_gss_spnego_process_context_token,
- _gss_spnego_internal_delete_sec_context,
+ _gss_spnego_delete_sec_context,
_gss_spnego_context_time,
_gss_spnego_get_mic,
_gss_spnego_verify_mic,

31
security/heimdal/patches/patch-lib_hcrypto_rand_h Normal file
View File

@ -0,0 +1,31 @@
$OpenBSD: patch-lib_hcrypto_rand_h,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Make it build with LibreSSL.
--- lib/hcrypto/rand.h.orig Sun Dec 9 23:06:44 2012
+++ lib/hcrypto/rand.h Thu Apr 24 14:33:58 2014
@@ -56,10 +56,7 @@ typedef struct RAND_METHOD RAND_METHOD;
#define RAND_load_file hc_RAND_load_file
#define RAND_write_file hc_RAND_write_file
#define RAND_status hc_RAND_status
-#define RAND_egd hc_RAND_egd
-#define RAND_egd_bytes hc_RAND_egd_bytes
#define RAND_fortuna_method hc_RAND_fortuna_method
-#define RAND_egd_method hc_RAND_egd_method
#define RAND_unix_method hc_RAND_unix_method
#define RAND_w32crypto_method hc_RAND_w32crypto_method
@@ -97,13 +94,10 @@ const char *
int RAND_load_file(const char *, size_t);
int RAND_write_file(const char *);
int RAND_status(void);
-int RAND_egd(const char *);
-int RAND_egd_bytes(const char *, int);
const RAND_METHOD * RAND_fortuna_method(void);
const RAND_METHOD * RAND_unix_method(void);
-const RAND_METHOD * RAND_egd_method(void);
const RAND_METHOD * RAND_w32crypto_method(void);
#endif /* _HEIM_RAND_H */

14
security/heimdal/patches/patch-lib_hcrypto_randi_h Normal file
View File

@ -0,0 +1,14 @@
$OpenBSD: patch-lib_hcrypto_randi_h,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Make it build with LibreSSL.
--- lib/hcrypto/randi.h.orig Sun Dec 9 23:06:44 2012
+++ lib/hcrypto/randi.h Thu Apr 24 14:34:01 2014
@@ -40,7 +40,6 @@
extern const RAND_METHOD hc_rand_fortuna_method;
extern const RAND_METHOD hc_rand_unix_method;
-extern const RAND_METHOD hc_rand_egd_method;
extern const RAND_METHOD hc_rand_timer_method;
extern const RAND_METHOD hc_rand_w32crypto_method;

32
security/heimdal/patches/patch-lib_hcrypto_test_rsa_c Normal file
View File

@ -0,0 +1,32 @@
$OpenBSD: patch-lib_hcrypto_test_rsa_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
%ld / (long)tv_sec -> %lld / (long long)tv_sec
--- lib/hcrypto/test_rsa.c.orig Sun Dec 9 23:06:44 2012
+++ lib/hcrypto/test_rsa.c Thu Apr 24 14:11:04 2014
@@ -268,9 +268,9 @@ main(int argc, char **argv)
gettimeofday(&tv2, NULL);
timevalsub(&tv2, &tv1);
- printf("time %lu.%06lu\n",
- (unsigned long)tv2.tv_sec,
- (unsigned long)tv2.tv_usec);
+ printf("time %lld.%06ld\n",
+ (long long)tv2.tv_sec,
+ tv2.tv_usec);
BN_free(e);
ENGINE_finish(engine);
@@ -310,9 +310,9 @@ main(int argc, char **argv)
timevalsub(&tv2, &tv1);
- printf("time %lu.%06lu\n",
- (unsigned long)tv2.tv_sec,
- (unsigned long)tv2.tv_usec);
+ printf("time %lld.%06ld\n",
+ (long long)tv2.tv_sec,
+ tv2.tv_usec);
RSA_free(rsa);
ENGINE_finish(engine);

78
security/heimdal/patches/patch-lib_hx509_ref_pkcs11_h Normal file
View File

@ -0,0 +1,78 @@
$OpenBSD: patch-lib_hx509_ref_pkcs11_h,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
cleanup 1 << 31 idioms
--- lib/hx509/ref/pkcs11.h.orig Sun Dec 9 23:06:44 2012
+++ lib/hx509/ref/pkcs11.h Thu Apr 24 14:13:11 2014
@@ -318,7 +318,7 @@ typedef unsigned long ck_object_class_t;
#define CKO_HW_FEATURE (5)
#define CKO_DOMAIN_PARAMETERS (6)
#define CKO_MECHANISM (7)
-#define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKO_VENDOR_DEFINED ((unsigned long) (1U << 31))
typedef unsigned long ck_hw_feature_type_t;
@@ -326,7 +326,7 @@ typedef unsigned long ck_hw_feature_type_t;
#define CKH_MONOTONIC_COUNTER (1)
#define CKH_CLOCK (2)
#define CKH_USER_INTERFACE (3)
-#define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKH_VENDOR_DEFINED ((unsigned long) (1U << 31))
typedef unsigned long ck_key_type_t;
@@ -356,7 +356,7 @@ typedef unsigned long ck_key_type_t;
#define CKK_AES (0x1f)
#define CKK_BLOWFISH (0x20)
#define CKK_TWOFISH (0x21)
-#define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKK_VENDOR_DEFINED ((unsigned long) (1U << 31))
typedef unsigned long ck_certificate_type_t;
@@ -364,7 +364,7 @@ typedef unsigned long ck_certificate_type_t;
#define CKC_X_509 (0)
#define CKC_X_509_ATTR_CERT (1)
#define CKC_WTLS (2)
-#define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKC_VENDOR_DEFINED ((unsigned long) (1U << 31))
typedef unsigned long ck_attribute_type_t;
@@ -453,7 +453,7 @@ typedef unsigned long ck_attribute_type_t;
#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211)
#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212)
#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600)
-#define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKA_VENDOR_DEFINED ((unsigned long) (1U << 31))
struct ck_attribute
@@ -672,7 +672,7 @@ typedef unsigned long ck_mechanism_type_t;
#define CKM_DSA_PARAMETER_GEN (0x2000)
#define CKM_DH_PKCS_PARAMETER_GEN (0x2001)
#define CKM_X9_42_DH_PARAMETER_GEN (0x2002)
-#define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKM_VENDOR_DEFINED ((unsigned long) (1U << 31))
struct ck_mechanism
@@ -703,7 +703,7 @@ struct ck_mechanism_info
#define CKF_WRAP (1 << 17)
#define CKF_UNWRAP (1 << 18)
#define CKF_DERIVE (1 << 19)
-#define CKF_EXTENSION ((unsigned long) (1 << 31))
+#define CKF_EXTENSION ((unsigned long) (1U << 31))
/* Flags for C_WaitForSlotEvent. */
@@ -1179,7 +1179,7 @@ struct ck_c_initialize_args
#define CKR_MUTEX_BAD (0x1a0)
#define CKR_MUTEX_NOT_LOCKED (0x1a1)
#define CKR_FUNCTION_REJECTED (0x200)
-#define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31))
+#define CKR_VENDOR_DEFINED ((unsigned long) (1U << 31))

75
security/heimdal/patches/patch-lib_hx509_softp11_c Normal file
View File

@ -0,0 +1,75 @@
$OpenBSD: patch-lib_hx509_softp11_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- lib/hx509/softp11.c.orig Sun Dec 9 23:06:44 2012
+++ lib/hx509/softp11.c Thu Apr 24 14:15:52 2014
@@ -33,6 +33,7 @@
#define CRYPTOKI_EXPORTS 1
+#include <config.h>
#include "hx_locl.h"
#include "pkcs11.h"
@@ -304,6 +305,7 @@ static struct st_object *
add_st_object(void)
{
struct st_object *o, **objs;
+ u_int32_t rnd;
int i;
o = calloc(1, sizeof(*o));
@@ -326,8 +328,14 @@ add_st_object(void)
soft_token.object.objs = objs;
soft_token.object.objs[soft_token.object.num_objs++] = o;
}
+#ifdef HAVE_ARC4RANDOM
+ rnd = arc4random();
+#else
+ rnd = random();
+#endif
+
soft_token.object.objs[i]->object_handle =
- (random() & (~OBJECT_ID_MASK)) | i;
+ (rnd & (~OBJECT_ID_MASK)) | i;
return o;
}
@@ -868,7 +876,9 @@ C_Initialize(CK_VOID_PTR a)
OpenSSL_add_all_algorithms();
+#ifndef HAVE_ARC4RANDOM
srandom(getpid() ^ (int) time(NULL));
+#endif
for (i = 0; i < MAX_NUM_SESSION; i++) {
soft_token.state[i].session_handle = CK_INVALID_HANDLE;
@@ -1114,6 +1124,7 @@ C_OpenSession(CK_SLOT_ID slotID,
CK_SESSION_HANDLE_PTR phSession)
{
size_t i;
+ u_int32_t rnd;
INIT_CONTEXT();
st_logf("OpenSession: slot: %d\n", (int)slotID);
@@ -1129,10 +1140,15 @@ C_OpenSession(CK_SLOT_ID slotID,
if (i == MAX_NUM_SESSION)
abort();
- soft_token.open_sessions++;
+#ifdef HAVE_ARC4RANDOM
+ rnd = arc4random();
+#else
+ rnd = random();
+#endif
+ soft_token.open_sessions++;
soft_token.state[i].session_handle =
- (CK_SESSION_HANDLE)(random() & 0xfffff);
+ (CK_SESSION_HANDLE)(rnd & 0xfffff);
*phSession = soft_token.state[i].session_handle;
return CKR_OK;

15
security/heimdal/patches/patch-lib_ipc_server_c Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-lib_ipc_server_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
--- lib/ipc/server.c.orig Thu Apr 24 13:55:44 2014
+++ lib/ipc/server.c Thu Apr 24 13:56:02 2014
@@ -528,7 +528,11 @@ update_client_creds(struct client *c)
#ifdef SO_PEERCRED
/* Linux */
{
+#ifndef __OpenBSD__
struct ucred pc;
+#else
+ struct sockpeercred pc;
+#endif
socklen_t pclen = sizeof(pc);
if (getsockopt(c->fd, SOL_SOCKET, SO_PEERCRED, (void *)&pc, &pclen) == 0) {

85
security/heimdal/patches/patch-lib_krb5_crypto-rand_c Normal file
View File

@ -0,0 +1,85 @@
$OpenBSD: patch-lib_krb5_crypto-rand_c,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
Make it build with LibreSSL.
--- lib/krb5/crypto-rand.c.orig Thu Apr 24 14:36:16 2014
+++ lib/krb5/crypto-rand.c Thu Apr 24 14:36:12 2014
@@ -33,77 +33,8 @@
#include "krb5_locl.h"
-#define ENTROPY_NEEDED 128
-
-static HEIMDAL_MUTEX crypto_mutex = HEIMDAL_MUTEX_INITIALIZER;
-
-static int
-seed_something(void)
-{
- char buf[1024], seedfile[256];
-
- /* If there is a seed file, load it. But such a file cannot be trusted,
- so use 0 for the entropy estimate */
- if (RAND_file_name(seedfile, sizeof(seedfile))) {
- int fd;
- fd = open(seedfile, O_RDONLY | O_BINARY | O_CLOEXEC);
- if (fd >= 0) {
- ssize_t ret;
- rk_cloexec(fd);
- ret = read(fd, buf, sizeof(buf));
- if (ret > 0)
- RAND_add(buf, ret, 0.0);
- close(fd);
- } else
- seedfile[0] = '\0';
- } else
- seedfile[0] = '\0';
-
- /* Calling RAND_status() will try to use /dev/urandom if it exists so
- we do not have to deal with it. */
- if (RAND_status() != 1) {
-#ifndef _WIN32
- krb5_context context;
- const char *p;
-
- /* Try using egd */
- if (!krb5_init_context(&context)) {
- p = krb5_config_get_string(context, NULL, "libdefaults",
- "egd_socket", NULL);
- if (p != NULL)
- RAND_egd_bytes(p, ENTROPY_NEEDED);
- krb5_free_context(context);
- }
-#else
- /* TODO: Once a Windows CryptoAPI RAND method is defined, we
- can use that and failover to another method. */
-#endif
- }
-
- if (RAND_status() == 1) {
- /* Update the seed file */
- if (seedfile[0])
- RAND_write_file(seedfile);
-
- return 0;
- } else
- return -1;
-}
-
KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_generate_random_block(void *buf, size_t len)
{
- static int rng_initialized = 0;
-
- HEIMDAL_MUTEX_lock(&crypto_mutex);
- if (!rng_initialized) {
- if (seed_something())
- krb5_abortx(NULL, "Fatal: could not seed the "
- "random number generator");
-
- rng_initialized = 1;
- }
- HEIMDAL_MUTEX_unlock(&crypto_mutex);
- if (RAND_bytes(buf, len) <= 0)
- krb5_abortx(NULL, "Failed to generate random block");
+ arc4random_buf(buf, len);
}

15
security/heimdal/patches/patch-lib_krb5_krb5_h Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-lib_krb5_krb5_h,v 1.1 2014/07/13 14:10:13 ajacoutot Exp $
cleanup 1 << 31 idioms
--- lib/krb5/krb5.h.orig Sun Dec 9 23:06:44 2012
+++ lib/krb5/krb5.h Thu Apr 24 14:14:21 2014
@@ -412,7 +412,7 @@ typedef union {
#define KDC_OPT_RENEWABLE_OK (1 << 27)
#define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28)
#define KDC_OPT_RENEW (1 << 30)
-#define KDC_OPT_VALIDATE (1 << 31)
+#define KDC_OPT_VALIDATE (1U << 31)
typedef union {
KDCOptions b;

29
security/heimdal/patches/patch-lib_krb5_test_crypto_c Normal file
View File

@ -0,0 +1,29 @@
$OpenBSD: patch-lib_krb5_test_crypto_c,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
%ld / (long)tv_sec -> %lld / (long long)tv_sec
--- lib/krb5/test_crypto.c.orig Sun Dec 9 23:06:44 2012
+++ lib/krb5/test_crypto.c Thu Apr 24 14:11:09 2014
@@ -77,9 +77,9 @@ time_encryption(krb5_context context, size_t size,
timevalsub(&tv2, &tv1);
- printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n",
+ printf("%s size: %7lu iterations: %d time: %3lld.%06ld\n",
etype_name, (unsigned long)size, iterations,
- (long)tv2.tv_sec, (long)tv2.tv_usec);
+ (long long)tv2.tv_sec, tv2.tv_usec);
free(buf);
free(etype_name);
@@ -122,8 +122,8 @@ time_s2k(krb5_context context,
timevalsub(&tv2, &tv1);
- printf("%s string2key %d iterations time: %3ld.%06ld\n",
- etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec);
+ printf("%s string2key %d iterations time: %3lld.%06ld\n",
+ etype_name, iterations, (long long)tv2.tv_sec, tv2.tv_usec);
free(etype_name);
}

29
security/heimdal/patches/patch-lib_krb5_test_rfc3961_c Normal file
View File

@ -0,0 +1,29 @@
$OpenBSD: patch-lib_krb5_test_rfc3961_c,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
%ld / (long)tv_sec -> %lld / (long long)tv_sec
--- lib/krb5/test_rfc3961.c.orig Sun Dec 9 23:06:44 2012
+++ lib/krb5/test_rfc3961.c Thu Apr 24 14:11:12 2014
@@ -77,9 +77,9 @@ time_encryption(krb5_context context, size_t size,
timevalsub(&tv2, &tv1);
- printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n",
+ printf("%s size: %7lu iterations: %d time: %3lld.%06ld\n",
etype_name, (unsigned long)size, iterations,
- (long)tv2.tv_sec, (long)tv2.tv_usec);
+ (long long)tv2.tv_sec, tv2.tv_usec);
free(buf);
free(etype_name);
@@ -122,8 +122,8 @@ time_s2k(krb5_context context,
timevalsub(&tv2, &tv1);
- printf("%s string2key %d iterations time: %3ld.%06ld\n",
- etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec);
+ printf("%s string2key %d iterations time: %3lld.%06ld\n",
+ etype_name, iterations, (long long)tv2.tv_sec, tv2.tv_usec);
free(etype_name);
}

14
security/heimdal/patches/patch-lib_libedit_src_unvis_c Normal file
View File

@ -0,0 +1,14 @@
$OpenBSD: patch-lib_libedit_src_unvis_c,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
--- lib/libedit/src/unvis.c.orig Thu Apr 24 13:50:55 2014
+++ lib/libedit/src/unvis.c Thu Apr 24 13:51:01 2014
@@ -46,8 +46,10 @@ __RCSID("$NetBSD: unvis.c,v 1.32 2010/11/27 21:22:11 c
#include <stdio.h>
#include <vis.h>
+#if !defined(__OpenBSD__)
#ifdef __weak_alias
__weak_alias(strunvis,_strunvis)
+#endif
#endif
#if !HAVE_VIS

19
security/heimdal/patches/patch-lib_libedit_src_vis_c Normal file
View File

@ -0,0 +1,19 @@
$OpenBSD: patch-lib_libedit_src_vis_c,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
--- lib/libedit/src/vis.c.orig Thu Apr 24 13:51:29 2014
+++ lib/libedit/src/vis.c Thu Apr 24 13:51:44 2014
@@ -67,6 +67,7 @@ __RCSID("$NetBSD: vis.c,v 1.41 2009/11/23 10:08:47 plu
#include <vis.h>
#include <stdlib.h>
+#if !defined(__OpenBSD__)
#ifdef __weak_alias
__weak_alias(strsvis,_strsvis)
__weak_alias(strsvisx,_strsvisx)
@@ -74,6 +75,7 @@ __weak_alias(strvis,_strvis)
__weak_alias(strvisx,_strvisx)
__weak_alias(svis,_svis)
__weak_alias(vis,_vis)
+#endif
#endif
#if !HAVE_VIS || !HAVE_SVIS

23
security/heimdal/patches/patch-lib_roken_rand_c Normal file
View File

@ -0,0 +1,23 @@
$OpenBSD: patch-lib_roken_rand_c,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- lib/roken/rand.c.orig Sun Dec 9 23:06:44 2012
+++ lib/roken/rand.c Thu Apr 24 14:15:56 2014
@@ -31,13 +31,14 @@
* SUCH DAMAGE.
*/
+#include <config.h>
#include "roken.h"
void ROKEN_LIB_FUNCTION
rk_random_init(void)
{
#if defined(HAVE_ARC4RANDOM)
- arc4random_stir();
+ /* do nothing */
#elif defined(HAVE_SRANDOMDEV)
srandomdev();
#elif defined(HAVE_RANDOM)

19
security/heimdal/patches/patch-lib_sqlite_sqlite3_c Normal file
View File

@ -0,0 +1,19 @@
$OpenBSD: patch-lib_sqlite_sqlite3_c,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
Use HAVE_ARC4RANDOM and choose to call arc4random() instead of srand()
and rand() and friends.
--- lib/sqlite/sqlite3.c.orig Sun Dec 9 23:06:44 2012
+++ lib/sqlite/sqlite3.c Thu Apr 24 14:16:00 2014
@@ -27259,7 +27259,11 @@ static int afpLock(sqlite3_file *id, int eFileLock){
mask = (sizeof(long)==8) ? LARGEST_INT64 : 0x7fffffff;
/* Now get the read-lock SHARED_LOCK */
/* note that the quality of the randomness doesn't matter that much */
+#ifdef HAVE_ARC4RANDOM
+ lk = arc4random();
+#else
lk = random();
+#endif
pInode->sharedByte = (lk & mask)%(SHARED_SIZE - 1);
lrc1 = afpSetLock(context->dbPath, pFile,
SHARED_FIRST+pInode->sharedByte, 1, 1);

4
security/heimdal/pkg/DESCR-devel-docs Executable file
View File

@ -0,0 +1,4 @@
Heimdal is an implementation of Kerberos 5 (and some more stuff) largely
written in Sweden.
This package provides the Heimdal Kerberos C functions documentation.

4
security/heimdal/pkg/DESCR-libs Executable file
View File

@ -0,0 +1,4 @@
Heimdal is an implementation of Kerberos 5 (and some more stuff) largely
written in Sweden.
This package provides the Heimdal Kerberos libraries and headers.

2
security/heimdal/pkg/DESCR-main Executable file
View File

@ -0,0 +1,2 @@
Heimdal is an implementation of Kerberos 5 (and some more stuff) largely
written in Sweden.

1122
security/heimdal/pkg/PLIST-devel-docs Normal file
View File

File diff suppressed because it is too large Load Diff

146
security/heimdal/pkg/PLIST-libs Normal file
View File

@ -0,0 +1,146 @@
@comment $OpenBSD: PLIST-libs,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
heimdal/
heimdal/bin/
heimdal/bin/krb5-config
heimdal/include/
heimdal/include/asn1-common.h
heimdal/include/asn1_err.h
heimdal/include/base64.h
heimdal/include/cms_asn1.h
heimdal/include/crmf_asn1.h
heimdal/include/der-private.h
heimdal/include/der-protos.h
heimdal/include/der.h
heimdal/include/digest_asn1.h
heimdal/include/getarg.h
heimdal/include/gssapi/
heimdal/include/gssapi.h
heimdal/include/gssapi/gkrb5_err.h
heimdal/include/gssapi/gssapi.h
heimdal/include/gssapi/gssapi_krb5.h
heimdal/include/gssapi/gssapi_ntlm.h
heimdal/include/gssapi/gssapi_oid.h
heimdal/include/gssapi/gssapi_spnego.h
heimdal/include/hdb-protos.h
heimdal/include/hdb.h
heimdal/include/hdb_asn1.h
heimdal/include/hdb_err.h
heimdal/include/heim-ipc.h
heimdal/include/heim_asn1.h
heimdal/include/heim_err.h
heimdal/include/heimbase.h
heimdal/include/heimntlm-protos.h
heimdal/include/heimntlm.h
heimdal/include/hex.h
heimdal/include/hx509-protos.h
heimdal/include/hx509.h
heimdal/include/hx509_err.h
heimdal/include/k524_err.h
heimdal/include/kadm5/
heimdal/include/kadm5/admin.h
heimdal/include/kadm5/kadm5-private.h
heimdal/include/kadm5/kadm5-protos.h
heimdal/include/kadm5/kadm5-pwcheck.h
heimdal/include/kadm5/kadm5_err.h
heimdal/include/kadm5/private.h
heimdal/include/kafs.h
heimdal/include/kdc-protos.h
heimdal/include/kdc.h
heimdal/include/krb5/
heimdal/include/krb5-private.h
heimdal/include/krb5-protos.h
heimdal/include/krb5-types.h
heimdal/include/krb5.h
heimdal/include/krb5/ccache_plugin.h
heimdal/include/krb5/locate_plugin.h
heimdal/include/krb5/send_to_kdc_plugin.h
heimdal/include/krb5/windc_plugin.h
heimdal/include/krb5_asn1.h
heimdal/include/krb5_ccapi.h
heimdal/include/krb5_err.h
heimdal/include/kx509_asn1.h
heimdal/include/ntlm_err.h
heimdal/include/ocsp_asn1.h
heimdal/include/parse_bytes.h
heimdal/include/parse_time.h
heimdal/include/parse_units.h
heimdal/include/pkcs10_asn1.h
heimdal/include/pkcs12_asn1.h
heimdal/include/pkcs8_asn1.h
heimdal/include/pkcs9_asn1.h
heimdal/include/pkinit_asn1.h
heimdal/include/resolve.h
heimdal/include/rfc2459_asn1.h
heimdal/include/roken/
heimdal/include/roken-common.h
heimdal/include/roken.h
heimdal/include/roken/vis.h
heimdal/include/rtbl.h
heimdal/include/sl.h
heimdal/include/wind.h
heimdal/include/wind_err.h
heimdal/include/xdbm.h
heimdal/lib/
heimdal/lib/libasn1.a
heimdal/lib/libasn1.la
@lib heimdal/lib/libasn1.so.${LIBasn1_VERSION}
heimdal/lib/libgssapi.a
heimdal/lib/libgssapi.la
@lib heimdal/lib/libgssapi.so.${LIBgssapi_VERSION}
heimdal/lib/libhdb.a
heimdal/lib/libhdb.la
@lib heimdal/lib/libhdb.so.${LIBhdb_VERSION}
heimdal/lib/libheimbase.a
heimdal/lib/libheimbase.la
@lib heimdal/lib/libheimbase.so.${LIBheimbase_VERSION}
heimdal/lib/libheimedit.a
heimdal/lib/libheimedit.la
@lib heimdal/lib/libheimedit.so.${LIBheimedit_VERSION}
heimdal/lib/libheimntlm.a
heimdal/lib/libheimntlm.la
@lib heimdal/lib/libheimntlm.so.${LIBheimntlm_VERSION}
heimdal/lib/libheimsqlite.a
heimdal/lib/libheimsqlite.la
@lib heimdal/lib/libheimsqlite.so.${LIBheimsqlite_VERSION}
heimdal/lib/libhx509.a
heimdal/lib/libhx509.la
@lib heimdal/lib/libhx509.so.${LIBhx509_VERSION}
heimdal/lib/libkadm5clnt.a
heimdal/lib/libkadm5clnt.la
@lib heimdal/lib/libkadm5clnt.so.${LIBkadm5clnt_VERSION}
heimdal/lib/libkadm5srv.a
heimdal/lib/libkadm5srv.la
@lib heimdal/lib/libkadm5srv.so.${LIBkadm5srv_VERSION}
heimdal/lib/libkafs.a
heimdal/lib/libkafs.la
@lib heimdal/lib/libkafs.so.${LIBkafs_VERSION}
heimdal/lib/libkdc.a
heimdal/lib/libkdc.la
@lib heimdal/lib/libkdc.so.${LIBkdc_VERSION}
heimdal/lib/libkrb5.a
heimdal/lib/libkrb5.la
@lib heimdal/lib/libkrb5.so.${LIBkrb5_VERSION}
heimdal/lib/libroken.a
heimdal/lib/libroken.la
@lib heimdal/lib/libroken.so.${LIBroken_VERSION}
heimdal/lib/libsl.a
heimdal/lib/libsl.la
@lib heimdal/lib/libsl.so.${LIBsl_VERSION}
heimdal/lib/libwind.a
heimdal/lib/libwind.la
@lib heimdal/lib/libwind.so.${LIBwind_VERSION}
heimdal/lib/pkgconfig/
heimdal/lib/pkgconfig/heimdal-gssapi.pc
heimdal/lib/windc.a
heimdal/lib/windc.la
heimdal/lib/windc.so.0.0
heimdal/libexec/
heimdal/libexec/heimdal/
@bin heimdal/libexec/heimdal/asn1_compile
@bin heimdal/libexec/heimdal/asn1_print
@bin heimdal/libexec/heimdal/slc
@man man/man1/krb5-config.1
share/examples/heimdal/
@sample ${SYSCONFDIR}/
share/examples/heimdal/krb5.conf
@sample ${SYSCONFDIR}/krb5.conf

77
security/heimdal/pkg/PLIST-main Normal file
View File

@ -0,0 +1,77 @@
@comment $OpenBSD: PLIST-main,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
@bin heimdal/bin/gsstool
@bin heimdal/bin/hxtool
@bin heimdal/bin/idn-lookup
@bin heimdal/bin/kcc
@bin heimdal/bin/kdestroy
@bin heimdal/bin/kf
@bin heimdal/bin/kgetcred
@bin heimdal/bin/kinit
heimdal/bin/klist
@bin heimdal/bin/kpasswd
heimdal/bin/kswitch
@bin heimdal/bin/pagsh
@bin heimdal/bin/string2key
@bin heimdal/bin/verify_krb5_conf
@bin heimdal/libexec/digest-service
@bin heimdal/libexec/hprop
@bin heimdal/libexec/hpropd
@bin heimdal/libexec/ipropd-master
@bin heimdal/libexec/ipropd-slave
@bin heimdal/libexec/kadmind
@bin heimdal/libexec/kcm
@bin heimdal/libexec/kdc
@bin heimdal/libexec/kdigest
@bin heimdal/libexec/kfd
@bin heimdal/libexec/kimpersonate
@bin heimdal/libexec/kpasswdd
heimdal/sbin/
@bin heimdal/sbin/iprop-log
@bin heimdal/sbin/kadmin
@bin heimdal/sbin/kstash
@bin heimdal/sbin/ktutil
@info info/heimdal.info
@info info/hx509.info
@man man/man1/kdestroy.1
@man man/man1/kf.1
@man man/man1/kgetcred.1
@man man/man1/kinit.1
@man man/man1/klist.1
@man man/man1/kpasswd.1
@man man/man1/kswitch.1
@man man/man1/kx.1
@man man/man1/pagsh.1
@man man/man1/rxterm.1
@man man/man1/tenletxr.1
@man man/man1/xnlock.1
@man man/man5/krb5.conf.5
@man man/man5/mech.5
@man man/man5/qop.5
@man man/man8/hprop.8
@man man/man8/hpropd.8
@man man/man8/iprop-log.8
@man man/man8/iprop.8
@man man/man8/ipropd-master.8
@man man/man8/ipropd-slave.8
@man man/man8/kadmin.8
@man man/man8/kadmind.8
@man man/man8/kcm.8
@man man/man8/kdc.8
@man man/man8/kdigest.8
@man man/man8/kerberos.8
@man man/man8/kfd.8
@man man/man8/kimpersonate.8
@man man/man8/kpasswdd.8
@man man/man8/kstash.8
@man man/man8/ktutil.8
@man man/man8/kxd.8
@man man/man8/string2key.8
@man man/man8/verify_krb5_conf.8
@mode 0700
@sample /var/heimdal/
@mode
@rcscript ${RCDIR}/ipropd_master
@rcscript ${RCDIR}/ipropd_slave
@rcscript ${RCDIR}/kadmind
@rcscript ${RCDIR}/kdc
@rcscript ${RCDIR}/kpasswdd

11
security/heimdal/pkg/ipropd_master.rc Normal file
View File

@ -0,0 +1,11 @@
#!/bin/sh
#
# $OpenBSD: ipropd_master.rc,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
daemon="${TRUEPREFIX}/heimdal/libexec/ipropd-master --detach"
. /etc/rc.d/rc.subr
rc_reload=NO
rc_cmd $1

11
security/heimdal/pkg/ipropd_slave.rc Normal file
View File

@ -0,0 +1,11 @@
#!/bin/sh
#
# $OpenBSD: ipropd_slave.rc,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
daemon="${TRUEPREFIX}/heimdal/libexec/ipropd-slave --detach"
. /etc/rc.d/rc.subr
rc_reload=NO
rc_cmd $1

12
security/heimdal/pkg/kadmind.rc Normal file
View File

@ -0,0 +1,12 @@
#!/bin/sh
#
# $OpenBSD: kadmind.rc,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
daemon="${TRUEPREFIX}/heimdal/libexec/kadmind"
. /etc/rc.d/rc.subr
rc_bg=YES
rc_reload=NO
rc_cmd $1

11
security/heimdal/pkg/kdc.rc Normal file
View File

@ -0,0 +1,11 @@
#!/bin/sh
#
# $OpenBSD: kdc.rc,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
daemon="${TRUEPREFIX}/heimdal/libexec/kdc --detach"
. /etc/rc.d/rc.subr
rc_reload=NO
rc_cmd $1

12
security/heimdal/pkg/kpasswdd.rc Normal file
View File

@ -0,0 +1,12 @@
#!/bin/sh
#
# $OpenBSD: kpasswdd.rc,v 1.1 2014/07/13 14:10:14 ajacoutot Exp $
daemon="${TRUEPREFIX}/heimdal/libexec/kpasswdd"
. /etc/rc.d/rc.subr
rc_bg=YES
rc_reload=NO
rc_cmd $1