summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Sandall2007-04-10 21:17:44 -0700
committerEric Sandall2007-04-10 21:17:44 -0700
commit7c4c6d6a4931a3ccd97249f7e2f623c2e159273f (patch)
tree46f9b1abeb087830239717dce44fb1c26b0315d1
parentb509cfa9434f4f10ad77df070198f2f3533cc023 (diff)
parentc549bc690f0bc9b5731938322f9a8c2c66db2e00 (diff)
Merge branch 'stable-rc-0.9' of ssh://scm.sourcemage.org/smgl/grimoire into stable-rc-0.9
Diffstat
-rwxr-xr-xarchive/tar/BUILD2
-rw-r--r--archive/tar/HISTORY4
-rwxr-xr-xarchive/tar/INSTALL2
-rwxr-xr-xaudio-players/gxmms2/DETAILS2
-rw-r--r--audio-players/gxmms2/HISTORY3
-rw-r--r--crypto/krb5/2007-001-patch.txt74
-rw-r--r--crypto/krb5/2007-002-patch.txt1273
-rw-r--r--crypto/krb5/2007-003-patch.txt24
-rwxr-xr-xcrypto/krb5/BUILD5
-rwxr-xr-xcrypto/krb5/DETAILS2
-rw-r--r--crypto/krb5/HISTORY4
-rwxr-xr-xgraphics-libs/freetype2/DETAILS3
-rw-r--r--graphics-libs/freetype2/HISTORY9
-rwxr-xr-xkde-apps/ktorrent/DETAILS2
-rw-r--r--kde-apps/ktorrent/HISTORY3
-rw-r--r--kde-core/kdelibs/CVE-2007-1564-kdelibs-3.5.6.diff81
-rwxr-xr-xkde-core/kdelibs/DETAILS2
-rw-r--r--kde-core/kdelibs/HISTORY10
-rwxr-xr-xkde-core/kdelibs/PRE_BUILD1
-rwxr-xr-xmail/dovecot/BUILD9
-rwxr-xr-xmail/dovecot/CONFIGURE5
-rwxr-xr-xmail/dovecot/DETAILS1
-rw-r--r--mail/dovecot/HISTORY11
-rwxr-xr-xmail/dovecot/INSTALL2
-rwxr-xr-xxfce/verve-plugin/DEPENDS3
-rw-r--r--xfce/verve-plugin/HISTORY3
26 files changed, 1518 insertions, 22 deletions
diff --git a/archive/tar/BUILD b/archive/tar/BUILD
index 400f25d395..cef62cc036 100755
--- a/archive/tar/BUILD
+++ b/archive/tar/BUILD
@@ -9,5 +9,5 @@ OPTS="$OPTS --build=${BUILD}"
--mandir=${INSTALL_ROOT}/usr/share/man \
--infodir=${INSTALL_ROOT}/usr/share/info \
$OPTS &&
-make DESTDIR=$INSTALL_ROOT
+make
diff --git a/archive/tar/HISTORY b/archive/tar/HISTORY
index b65d7a8dff..0cc91af7fb 100644
--- a/archive/tar/HISTORY
+++ b/archive/tar/HISTORY
@@ -1,3 +1,7 @@
+2007-04-02 Thomas Orgis <sobukus@sourcemage.org>
+ * BUILD, INSTALL: remove DESTDIR, since that doubled INSTALL_ROOT,
+ bug 13593
+
2007-01-20 Pol Vinogradov <vin.public@gmail.com>
* BUILD: install_rootifying
* CONFIGURE: removed
diff --git a/archive/tar/INSTALL b/archive/tar/INSTALL
index 10a1e28b72..8992ad1b53 100755
--- a/archive/tar/INSTALL
+++ b/archive/tar/INSTALL
@@ -1,2 +1,2 @@
-make install DESTDIR=$INSTALL_ROOT &&
+make install &&
cp $SCRIPT_DIRECTORY/tar.1.gz ${INSTALL_ROOT}/usr/share/man/man1
diff --git a/audio-players/gxmms2/DETAILS b/audio-players/gxmms2/DETAILS
index 6ad01fada9..036c258ac0 100755
--- a/audio-players/gxmms2/DETAILS
+++ b/audio-players/gxmms2/DETAILS
@@ -2,7 +2,7 @@
VERSION=0.6.5
SOURCE=$SPELL-$VERSION.tar.gz
SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION
- SOURCE_URL[0]=http://wejp.k.vu/wejp/xmms2/$SOURCE
+ SOURCE_URL[0]=http://wejp.k.vu/projects/xmms2/$SOURCE
SOURCE_HASH=sha512:a2dad6c4dc51c749ea3b680c74b42034fa29993c4edeb32f8959f802956829b7426e93bdfa9dc99ef8d7bee043504cd66474e940596e5064b28bd0ac06bf7f6b
WEB_SITE=http://wejp.k.vu/
LICENSE[0]=GPL
diff --git a/audio-players/gxmms2/HISTORY b/audio-players/gxmms2/HISTORY
index b839a3dfe9..f821dd09f7 100644
--- a/audio-players/gxmms2/HISTORY
+++ b/audio-players/gxmms2/HISTORY
@@ -1,3 +1,6 @@
+2007-04-06 Elisamuel Resto <ryuji@mages.ath.cx>
+ * DETAILS: SOURCE_URL change. Bug #13684
+
2007-03-14 Andraž "ruskie" Levstik <ruskie@mages.ath.cx>
* DETAILS: forgot to update the hash
diff --git a/crypto/krb5/2007-001-patch.txt b/crypto/krb5/2007-001-patch.txt
new file mode 100644
index 0000000000..741ed35ad4
--- /dev/null
+++ b/crypto/krb5/2007-001-patch.txt
@@ -0,0 +1,74 @@
+*** src/appl/telnet/telnetd/state.c (revision 19480)
+--- src/appl/telnet/telnetd/state.c (local)
+***************
+*** 1665,1671 ****
+ strcmp(varp, "RESOLV_HOST_CONF") && /* linux */
+ strcmp(varp, "NLSPATH") && /* locale stuff */
+ strncmp(varp, "LC_", strlen("LC_")) && /* locale stuff */
+! strcmp(varp, "IFS")) {
+ return 1;
+ } else {
+ syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp);
+--- 1665,1672 ----
+ strcmp(varp, "RESOLV_HOST_CONF") && /* linux */
+ strcmp(varp, "NLSPATH") && /* locale stuff */
+ strncmp(varp, "LC_", strlen("LC_")) && /* locale stuff */
+! strcmp(varp, "IFS") &&
+! !strchr(varp, '-')) {
+ return 1;
+ } else {
+ syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp);
+*** src/appl/telnet/telnetd/sys_term.c (revision 19480)
+--- src/appl/telnet/telnetd/sys_term.c (local)
+***************
+*** 1287,1292 ****
+--- 1287,1302 ----
+ #endif
+ #if defined (AUTHENTICATION)
+ if (auth_level >= 0 && autologin == AUTH_VALID) {
++ if (name[0] == '-') {
++ /* Authenticated and authorized to log in to an
++ account starting with '-'? Even if that
++ unlikely case comes to pass, the current login
++ program will not parse the resulting command
++ line properly. */
++ syslog(LOG_ERR, "user name cannot start with '-'");
++ fatal(net, "user name cannot start with '-'");
++ exit(1);
++ }
+ # if !defined(NO_LOGIN_F)
+ #if defined(LOGIN_CAP_F)
+ argv = addarg(argv, "-F");
+***************
+*** 1377,1387 ****
+ } else
+ #endif
+ if (getenv("USER")) {
+! argv = addarg(argv, getenv("USER"));
+ #if defined(LOGIN_ARGS) && defined(NO_LOGIN_P)
+ {
+ register char **cpp;
+ for (cpp = environ; *cpp; cpp++)
+ argv = addarg(argv, *cpp);
+ }
+ #endif
+--- 1387,1405 ----
+ } else
+ #endif
+ if (getenv("USER")) {
+! char *user = getenv("USER");
+! if (user[0] == '-') {
+! /* "telnet -l-x ..." */
+! syslog(LOG_ERR, "user name cannot start with '-'");
+! fatal(net, "user name cannot start with '-'");
+! exit(1);
+! }
+! argv = addarg(argv, user);
+ #if defined(LOGIN_ARGS) && defined(NO_LOGIN_P)
+ {
+ register char **cpp;
+ for (cpp = environ; *cpp; cpp++)
++ if ((*cpp)[0] != '-')
+ argv = addarg(argv, *cpp);
+ }
+ #endif
diff --git a/crypto/krb5/2007-002-patch.txt b/crypto/krb5/2007-002-patch.txt
new file mode 100644
index 0000000000..69f7d198f7
--- /dev/null
+++ b/crypto/krb5/2007-002-patch.txt
@@ -0,0 +1,1273 @@
+*** src/kadmin/server/kadm_rpc_svc.c (revision 19480)
+--- src/kadmin/server/kadm_rpc_svc.c (local)
+***************
+*** 250,255 ****
+--- 250,257 ----
+ krb5_data *c1, *c2, *realm;
+ gss_buffer_desc gss_str;
+ kadm5_server_handle_t handle;
++ size_t slen;
++ char *sdots;
+
+ success = 0;
+ handle = (kadm5_server_handle_t)global_server_handle;
+***************
+*** 274,279 ****
+--- 276,283 ----
+ if (ret == 0)
+ goto fail_name;
+
++ slen = gss_str.length;
++ trunc_name(&slen, &sdots);
+ /*
+ * Since we accept with GSS_C_NO_NAME, the client can authenticate
+ * against the entire kdb. Therefore, ensure that the service
+***************
+*** 296,303 ****
+
+ fail_princ:
+ if (!success) {
+! krb5_klog_syslog(LOG_ERR, "bad service principal %.*s",
+! gss_str.length, gss_str.value);
+ }
+ gss_release_buffer(&min_stat, &gss_str);
+ krb5_free_principal(kctx, princ);
+--- 300,307 ----
+
+ fail_princ:
+ if (!success) {
+! krb5_klog_syslog(LOG_ERR, "bad service principal %.*s%s",
+! slen, gss_str.value, sdots);
+ }
+ gss_release_buffer(&min_stat, &gss_str);
+ krb5_free_principal(kctx, princ);
+*** src/kadmin/server/misc.c (revision 19480)
+--- src/kadmin/server/misc.c (local)
+***************
+*** 171,173 ****
+--- 171,182 ----
+
+ return kadm5_free_principal_ent(handle->lhandle, &princ);
+ }
++
++ #define MAXPRINCLEN 125
++
++ void
++ trunc_name(size_t *len, char **dots)
++ {
++ *dots = *len > MAXPRINCLEN ? "..." : "";
++ *len = *len > MAXPRINCLEN ? MAXPRINCLEN : *len;
++ }
+*** src/kadmin/server/misc.h (revision 19480)
+--- src/kadmin/server/misc.h (local)
+***************
+*** 45,47 ****
+--- 45,49 ----
+ #ifdef SVC_GETARGS
+ void kadm_1(struct svc_req *, SVCXPRT *);
+ #endif
++
++ void trunc_name(size_t *len, char **dots);
+*** src/kadmin/server/ovsec_kadmd.c (revision 19480)
+--- src/kadmin/server/ovsec_kadmd.c (local)
+***************
+*** 992,997 ****
+--- 992,999 ----
+ rpcproc_t proc;
+ int i;
+ const char *procname;
++ size_t clen, slen;
++ char *cdots, *sdots;
+
+ client.length = 0;
+ client.value = NULL;
+***************
+*** 1000,1009 ****
+
+ (void) gss_display_name(&minor, client_name, &client, &gss_type);
+ (void) gss_display_name(&minor, server_name, &server, &gss_type);
+! if (client.value == NULL)
+ client.value = "(null)";
+! if (server.value == NULL)
+ server.value = "(null)";
+ a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr);
+
+ proc = msg->rm_call.cb_proc;
+--- 1002,1021 ----
+
+ (void) gss_display_name(&minor, client_name, &client, &gss_type);
+ (void) gss_display_name(&minor, server_name, &server, &gss_type);
+! if (client.value == NULL) {
+ client.value = "(null)";
+! clen = sizeof("(null)") -1;
+! } else {
+! clen = client.length;
+! }
+! trunc_name(&clen, &cdots);
+! if (server.value == NULL) {
+ server.value = "(null)";
++ slen = sizeof("(null)") - 1;
++ } else {
++ slen = server.length;
++ }
++ trunc_name(&slen, &sdots);
+ a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr);
+
+ proc = msg->rm_call.cb_proc;
+***************
+*** 1016,1029 ****
+ }
+ if (procname != NULL)
+ krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %s, "
+! "claimed client = %s, server = %s, addr = %s",
+! procname, client.value,
+! server.value, a);
+ else
+ krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %d, "
+! "claimed client = %s, server = %s, addr = %s",
+! proc, client.value,
+! server.value, a);
+
+ (void) gss_release_buffer(&minor, &client);
+ (void) gss_release_buffer(&minor, &server);
+--- 1028,1041 ----
+ }
+ if (procname != NULL)
+ krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %s, "
+! "claimed client = %.*s%s, server = %.*s%s, addr = %s",
+! procname, clen, client.value, cdots,
+! slen, server.value, sdots, a);
+ else
+ krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %d, "
+! "claimed client = %.*s%s, server = %.*s%s, addr = %s",
+! proc, clen, client.value, cdots,
+! slen, server.value, sdots, a);
+
+ (void) gss_release_buffer(&minor, &client);
+ (void) gss_release_buffer(&minor, &server);
+*** src/kadmin/server/schpw.c (revision 19480)
+--- src/kadmin/server/schpw.c (local)
+***************
+*** 40,45 ****
+--- 40,47 ----
+ int numresult;
+ char strresult[1024];
+ char *clientstr;
++ size_t clen;
++ char *cdots;
+
+ ret = 0;
+ rep->length = 0;
+***************
+*** 258,266 ****
+ free(ptr);
+ clear.length = 0;
+
+! krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %s: %s",
+ inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr),
+! clientstr, ret ? krb5_get_error_message (context, ret) : "success");
+ krb5_free_unparsed_name(context, clientstr);
+
+ if (ret) {
+--- 260,271 ----
+ free(ptr);
+ clear.length = 0;
+
+! clen = strlen(clientstr);
+! trunc_name(&clen, &cdots);
+! krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %.*s%s: %s",
+ inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr),
+! clen, clientstr, cdots,
+! ret ? krb5_get_error_message (context, ret) : "success");
+ krb5_free_unparsed_name(context, clientstr);
+
+ if (ret) {
+*** src/kadmin/server/server_stubs.c (revision 19480)
+--- src/kadmin/server/server_stubs.c (local)
+***************
+*** 14,19 ****
+--- 14,20 ----
+ #include <arpa/inet.h> /* inet_ntoa */
+ #include <adm_proto.h> /* krb5_klog_syslog */
+ #include "misc.h"
++ #include <string.h>
+
+ #define LOG_UNAUTH "Unauthorized request: %s, %s, client=%s, service=%s, addr=%s"
+ #define LOG_DONE "Request: %s, %s, %s, client=%s, service=%s, addr=%s"
+***************
+*** 237,242 ****
+--- 238,298 ----
+ return 0;
+ }
+
++ static int
++ log_unauth(
++ char *op,
++ char *target,
++ gss_buffer_t client,
++ gss_buffer_t server,
++ struct svc_req *rqstp)
++ {
++ size_t tlen, clen, slen;
++ char *tdots, *cdots, *sdots;
++
++ tlen = strlen(target);
++ trunc_name(&tlen, &tdots);
++ clen = client->length;
++ trunc_name(&clen, &cdots);
++ slen = server->length;
++ trunc_name(&slen, &sdots);
++
++ return krb5_klog_syslog(LOG_NOTICE,
++ "Unauthorized request: %s, %.*s%s, "
++ "client=%.*s%s, service=%.*s%s, addr=%s",
++ op, tlen, target, tdots,
++ clen, client->value, cdots,
++ slen, server->value, sdots,
++ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
++ }
++
++ static int
++ log_done(
++ char *op,
++ char *target,
++ char *errmsg,
++ gss_buffer_t client,
++ gss_buffer_t server,
++ struct svc_req *rqstp)
++ {
++ size_t tlen, clen, slen;
++ char *tdots, *cdots, *sdots;
++
++ tlen = strlen(target);
++ trunc_name(&tlen, &tdots);
++ clen = client->length;
++ trunc_name(&clen, &cdots);
++ slen = server->length;
++ trunc_name(&slen, &sdots);
++
++ return krb5_klog_syslog(LOG_NOTICE,
++ "Request: %s, %.*s%s, %s, "
++ "client=%.*s%s, service=%.*s%s, addr=%s",
++ op, tlen, target, tdots, errmsg,
++ clen, client->value, cdots,
++ slen, server->value, sdots,
++ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
++ }
++
+ generic_ret *
+ create_principal_2_svc(cprinc_arg *arg, struct svc_req *rqstp)
+ {
+***************
+*** 275,283 ****
+ || kadm5int_acl_impose_restrictions(handle->context,
+ &arg->rec, &arg->mask, rp)) {
+ ret.code = KADM5_AUTH_ADD;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_create_principal((void *)handle,
+ &arg->rec, arg->mask,
+--- 331,338 ----
+ || kadm5int_acl_impose_restrictions(handle->context,
+ &arg->rec, &arg->mask, rp)) {
+ ret.code = KADM5_AUTH_ADD;
+! log_unauth("kadm5_create_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_create_principal((void *)handle,
+ &arg->rec, arg->mask,
+***************
+*** 287,296 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+--- 342,349 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_create_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+***************
+*** 341,349 ****
+ || kadm5int_acl_impose_restrictions(handle->context,
+ &arg->rec, &arg->mask, rp)) {
+ ret.code = KADM5_AUTH_ADD;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_create_principal_3((void *)handle,
+ &arg->rec, arg->mask,
+--- 394,401 ----
+ || kadm5int_acl_impose_restrictions(handle->context,
+ &arg->rec, &arg->mask, rp)) {
+ ret.code = KADM5_AUTH_ADD;
+! log_unauth("kadm5_create_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_create_principal_3((void *)handle,
+ &arg->rec, arg->mask,
+***************
+*** 355,364 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+--- 407,414 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_create_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+***************
+*** 406,414 ****
+ || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_DELETE,
+ arg->princ, NULL)) {
+ ret.code = KADM5_AUTH_DELETE;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_delete_principal((void *)handle, arg->princ);
+ if( ret.code == 0 )
+--- 456,463 ----
+ || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_DELETE,
+ arg->princ, NULL)) {
+ ret.code = KADM5_AUTH_DELETE;
+! log_unauth("kadm5_delete_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_delete_principal((void *)handle, arg->princ);
+ if( ret.code == 0 )
+***************
+*** 416,425 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+--- 465,472 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_delete_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+***************
+*** 469,477 ****
+ || kadm5int_acl_impose_restrictions(handle->context,
+ &arg->rec, &arg->mask, rp)) {
+ ret.code = KADM5_AUTH_MODIFY;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_modify_principal((void *)handle, &arg->rec,
+ arg->mask);
+--- 516,523 ----
+ || kadm5int_acl_impose_restrictions(handle->context,
+ &arg->rec, &arg->mask, rp)) {
+ ret.code = KADM5_AUTH_MODIFY;
+! log_unauth("kadm5_modify_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_modify_principal((void *)handle, &arg->rec,
+ arg->mask);
+***************
+*** 480,489 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+--- 526,533 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_modify_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+***************
+*** 546,554 ****
+ } else
+ ret.code = KADM5_AUTH_INSUFFICIENT;
+ if (ret.code != KADM5_OK) {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_rename_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_rename_principal((void *)handle, arg->src,
+ arg->dest);
+--- 590,597 ----
+ } else
+ ret.code = KADM5_AUTH_INSUFFICIENT;
+ if (ret.code != KADM5_OK) {
+! log_unauth("kadm5_rename_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_rename_principal((void *)handle, arg->src,
+ arg->dest);
+***************
+*** 557,566 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ free(prime_arg1);
+--- 600,607 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_rename_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ free(prime_arg1);
+***************
+*** 614,622 ****
+ arg->princ,
+ NULL))) {
+ ret.code = KADM5_AUTH_GET;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ if (handle->api_version == KADM5_API_VERSION_1) {
+ ret.code = kadm5_get_principal_v1((void *)handle,
+--- 655,662 ----
+ arg->princ,
+ NULL))) {
+ ret.code = KADM5_AUTH_GET;
+! log_unauth(funcname, prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ if (handle->api_version == KADM5_API_VERSION_1) {
+ ret.code = kadm5_get_principal_v1((void *)handle,
+***************
+*** 636,646 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
+! prime_arg,
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ }
+ free_server_handle(handle);
+--- 676,683 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done(funcname, prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+
+ }
+ free_server_handle(handle);
+***************
+*** 688,696 ****
+ NULL,
+ NULL)) {
+ ret.code = KADM5_AUTH_LIST;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_principals",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_get_principals((void *)handle,
+ arg->exp, &ret.princs,
+--- 725,732 ----
+ NULL,
+ NULL)) {
+ ret.code = KADM5_AUTH_LIST;
+! log_unauth("kadm5_get_principals", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_get_principals((void *)handle,
+ arg->exp, &ret.princs,
+***************
+*** 700,710 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals",
+! prime_arg,
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ }
+ free_server_handle(handle);
+--- 736,743 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_get_principals", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+
+ }
+ free_server_handle(handle);
+***************
+*** 755,763 ****
+ ret.code = kadm5_chpass_principal((void *)handle, arg->princ,
+ arg->pass);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+--- 788,795 ----
+ ret.code = kadm5_chpass_principal((void *)handle, arg->princ,
+ arg->pass);
+ } else {
+! log_unauth("kadm5_chpass_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+***************
+*** 767,776 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+
+ free_server_handle(handle);
+--- 799,806 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_chpass_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+
+ free_server_handle(handle);
+***************
+*** 828,836 ****
+ arg->ks_tuple,
+ arg->pass);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+--- 858,865 ----
+ arg->ks_tuple,
+ arg->pass);
+ } else {
+! log_unauth("kadm5_chpass_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+***************
+*** 840,849 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+
+ free_server_handle(handle);
+--- 869,876 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_chpass_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+
+ free_server_handle(handle);
+***************
+*** 892,900 ****
+ ret.code = kadm5_setv4key_principal((void *)handle, arg->princ,
+ arg->keyblock);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setv4key_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_SETKEY;
+ }
+
+--- 919,926 ----
+ ret.code = kadm5_setv4key_principal((void *)handle, arg->princ,
+ arg->keyblock);
+ } else {
+! log_unauth("kadm5_setv4key_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_SETKEY;
+ }
+
+***************
+*** 904,913 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+
+ free_server_handle(handle);
+--- 930,937 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_setv4key_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+
+ free_server_handle(handle);
+***************
+*** 956,964 ****
+ ret.code = kadm5_setkey_principal((void *)handle, arg->princ,
+ arg->keyblocks, arg->n_keys);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_SETKEY;
+ }
+
+--- 980,987 ----
+ ret.code = kadm5_setkey_principal((void *)handle, arg->princ,
+ arg->keyblocks, arg->n_keys);
+ } else {
+! log_unauth("kadm5_setkey_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_SETKEY;
+ }
+
+***************
+*** 968,977 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+
+ free_server_handle(handle);
+--- 991,998 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_setkey_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+
+ free_server_handle(handle);
+***************
+*** 1023,1031 ****
+ arg->ks_tuple,
+ arg->keyblocks, arg->n_keys);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_SETKEY;
+ }
+
+--- 1044,1051 ----
+ arg->ks_tuple,
+ arg->keyblocks, arg->n_keys);
+ } else {
+! log_unauth("kadm5_setkey_principal", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_SETKEY;
+ }
+
+***************
+*** 1035,1044 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal",
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+
+ free_server_handle(handle);
+--- 1055,1062 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_setkey_principal", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+
+ free_server_handle(handle);
+***************
+*** 1097,1105 ****
+ ret.code = kadm5_randkey_principal((void *)handle, arg->princ,
+ &k, &nkeys);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+--- 1115,1122 ----
+ ret.code = kadm5_randkey_principal((void *)handle, arg->princ,
+ &k, &nkeys);
+ } else {
+! log_unauth(funcname, prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+***************
+*** 1119,1128 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ free(prime_arg);
+--- 1136,1143 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done(funcname, prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ free(prime_arg);
+***************
+*** 1185,1193 ****
+ arg->ks_tuple,
+ &k, &nkeys);
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+--- 1200,1207 ----
+ arg->ks_tuple,
+ &k, &nkeys);
+ } else {
+! log_unauth(funcname, prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_CHANGEPW;
+ }
+
+***************
+*** 1207,1216 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
+! prime_arg, errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ free(prime_arg);
+--- 1221,1228 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done(funcname, prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ free(prime_arg);
+***************
+*** 1253,1262 ****
+ rqst2name(rqstp),
+ ACL_ADD, NULL, NULL)) {
+ ret.code = KADM5_AUTH_ADD;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_policy",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+!
+ } else {
+ ret.code = kadm5_create_policy((void *)handle, &arg->rec,
+ arg->mask);
+--- 1265,1273 ----
+ rqst2name(rqstp),
+ ACL_ADD, NULL, NULL)) {
+ ret.code = KADM5_AUTH_ADD;
+! log_unauth("kadm5_create_policy", prime_arg,
+! &client_name, &service_name, rqstp);
+!
+ } else {
+ ret.code = kadm5_create_policy((void *)handle, &arg->rec,
+ arg->mask);
+***************
+*** 1265,1275 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy",
+! ((prime_arg == NULL) ? "(null)" : prime_arg),
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+--- 1276,1284 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_create_policy",
+! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+***************
+*** 1310,1318 ****
+ if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
+ rqst2name(rqstp),
+ ACL_DELETE, NULL, NULL)) {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_policy",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_DELETE;
+ } else {
+ ret.code = kadm5_delete_policy((void *)handle, arg->name);
+--- 1319,1326 ----
+ if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
+ rqst2name(rqstp),
+ ACL_DELETE, NULL, NULL)) {
+! log_unauth("kadm5_delete_policy", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_DELETE;
+ } else {
+ ret.code = kadm5_delete_policy((void *)handle, arg->name);
+***************
+*** 1321,1331 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy",
+! ((prime_arg == NULL) ? "(null)" : prime_arg),
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+--- 1329,1337 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_delete_policy",
+! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+***************
+*** 1366,1374 ****
+ if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
+ rqst2name(rqstp),
+ ACL_MODIFY, NULL, NULL)) {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_policy",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ ret.code = KADM5_AUTH_MODIFY;
+ } else {
+ ret.code = kadm5_modify_policy((void *)handle, &arg->rec,
+--- 1372,1379 ----
+ if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
+ rqst2name(rqstp),
+ ACL_MODIFY, NULL, NULL)) {
+! log_unauth("kadm5_modify_policy", prime_arg,
+! &client_name, &service_name, rqstp);
+ ret.code = KADM5_AUTH_MODIFY;
+ } else {
+ ret.code = kadm5_modify_policy((void *)handle, &arg->rec,
+***************
+*** 1378,1388 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy",
+! ((prime_arg == NULL) ? "(null)" : prime_arg),
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+--- 1383,1391 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_modify_policy",
+! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+***************
+*** 1464,1478 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
+! ((prime_arg == NULL) ? "(null)" : prime_arg),
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+--- 1467,1478 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done(funcname,
+! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg,
+! &client_name, &service_name, rqstp);
+ } else {
+! log_unauth(funcname, prime_arg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+***************
+*** 1517,1525 ****
+ rqst2name(rqstp),
+ ACL_LIST, NULL, NULL)) {
+ ret.code = KADM5_AUTH_LIST;
+! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_policies",
+! prime_arg, client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ } else {
+ ret.code = kadm5_get_policies((void *)handle,
+ arg->exp, &ret.pols,
+--- 1517,1524 ----
+ rqst2name(rqstp),
+ ACL_LIST, NULL, NULL)) {
+ ret.code = KADM5_AUTH_LIST;
+! log_unauth("kadm5_get_policies", prime_arg,
+! &client_name, &service_name, rqstp);
+ } else {
+ ret.code = kadm5_get_policies((void *)handle,
+ arg->exp, &ret.pols,
+***************
+*** 1529,1539 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies",
+! prime_arg,
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+--- 1528,1535 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_get_policies", prime_arg, errmsg,
+! &client_name, &service_name, rqstp);
+ }
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+***************
+*** 1573,1583 ****
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs",
+! client_name.value,
+! errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+--- 1569,1576 ----
+ else
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+
+! log_done("kadm5_get_privs", client_name.value, errmsg,
+! &client_name, &service_name, rqstp);
+
+ free_server_handle(handle);
+ gss_release_buffer(&minor_stat, &client_name);
+***************
+*** 1594,1599 ****
+--- 1587,1594 ----
+ kadm5_server_handle_t handle;
+ OM_uint32 minor_stat;
+ char *errmsg = 0;
++ size_t clen, slen;
++ char *cdots, *sdots;
+
+ xdr_free(xdr_generic_ret, &ret);
+
+***************
+*** 1612,1625 ****
+
+ if (ret.code != 0)
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+! krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d",
+! (ret.api_version == KADM5_API_VERSION_1 ?
+! "kadm5_init (V1)" : "kadm5_init"),
+! client_name.value,
+! (ret.code == 0) ? "success" : errmsg,
+! client_name.value, service_name.value,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr),
+! rqstp->rq_cred.oa_flavor);
+ gss_release_buffer(&minor_stat, &client_name);
+ gss_release_buffer(&minor_stat, &service_name);
+
+--- 1607,1628 ----
+
+ if (ret.code != 0)
+ errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
+! else
+! errmsg = "success";
+!
+! clen = client_name.length;
+! trunc_name(&clen, &cdots);
+! slen = service_name.length;
+! trunc_name(&slen, &sdots);
+! krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, "
+! "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d",
+! (ret.api_version == KADM5_API_VERSION_1 ?
+! "kadm5_init (V1)" : "kadm5_init"),
+! clen, client_name.value, cdots, errmsg,
+! clen, client_name.value, cdots,
+! slen, service_name.value, sdots,
+! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr),
+! rqstp->rq_cred.oa_flavor);
+ gss_release_buffer(&minor_stat, &client_name);
+ gss_release_buffer(&minor_stat, &service_name);
+
+*** src/kdc/do_tgs_req.c (revision 19480)
+--- src/kdc/do_tgs_req.c (local)
+***************
+*** 491,518 ****
+ newtransited = 1;
+ }
+ if (!isflagset (request->kdc_options, KDC_OPT_DISABLE_TRANSITED_CHECK)) {
+ errcode = krb5_check_transited_list (kdc_context,
+ &enc_tkt_reply.transited.tr_contents,
+ krb5_princ_realm (kdc_context, header_ticket->enc_part2->client),
+ krb5_princ_realm (kdc_context, request->server));
+ if (errcode == 0) {
+ setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED);
+ } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT)
+ krb5_klog_syslog (LOG_INFO,
+! "bad realm transit path from '%s' to '%s' via '%.*s'",
+ cname ? cname : "<unknown client>",
+ sname ? sname : "<unknown server>",
+! enc_tkt_reply.transited.tr_contents.length,
+! enc_tkt_reply.transited.tr_contents.data);
+ else {
+ const char *emsg = krb5_get_error_message(kdc_context, errcode);
+ krb5_klog_syslog (LOG_ERR,
+! "unexpected error checking transit from '%s' to '%s' via '%.*s': %s",
+ cname ? cname : "<unknown client>",
+ sname ? sname : "<unknown server>",
+! enc_tkt_reply.transited.tr_contents.length,
+ enc_tkt_reply.transited.tr_contents.data,
+! emsg);
+ krb5_free_error_message(kdc_context, emsg);
+ }
+ } else
+--- 491,528 ----
+ newtransited = 1;
+ }
+ if (!isflagset (request->kdc_options, KDC_OPT_DISABLE_TRANSITED_CHECK)) {
++ unsigned int tlen;
++ char *tdots;
++
+ errcode = krb5_check_transited_list (kdc_context,
+ &enc_tkt_reply.transited.tr_contents,
+ krb5_princ_realm (kdc_context, header_ticket->enc_part2->client),
+ krb5_princ_realm (kdc_context, request->server));
++ tlen = enc_tkt_reply.transited.tr_contents.length;
++ tdots = tlen > 125 ? "..." : "";
++ tlen = tlen > 125 ? 125 : tlen;
++
+ if (errcode == 0) {
+ setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED);
+ } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT)
+ krb5_klog_syslog (LOG_INFO,
+! "bad realm transit path from '%s' to '%s' "
+! "via '%.*s%s'",
+ cname ? cname : "<unknown client>",
+ sname ? sname : "<unknown server>",
+! tlen,
+! enc_tkt_reply.transited.tr_contents.data,
+! tdots);
+ else {
+ const char *emsg = krb5_get_error_message(kdc_context, errcode);
+ krb5_klog_syslog (LOG_ERR,
+! "unexpected error checking transit from "
+! "'%s' to '%s' via '%.*s%s': %s",
+ cname ? cname : "<unknown client>",
+ sname ? sname : "<unknown server>",
+! tlen,
+ enc_tkt_reply.transited.tr_contents.data,
+! tdots, emsg);
+ krb5_free_error_message(kdc_context, emsg);
+ }
+ } else
+***************
+*** 542,547 ****
+--- 552,560 ----
+ if (!krb5_principal_compare(kdc_context, request->server, client2)) {
+ if ((errcode = krb5_unparse_name(kdc_context, client2, &tmp)))
+ tmp = 0;
++ if (tmp != NULL)
++ limit_string(tmp);
++
+ krb5_klog_syslog(LOG_INFO,
+ "TGS_REQ %s: 2ND_TKT_MISMATCH: "
+ "authtime %d, %s for %s, 2nd tkt client %s",
+***************
+*** 816,821 ****
+--- 829,835 ----
+ krb5_klog_syslog(LOG_INFO,
+ "TGS_REQ: issuing alternate <un-unparseable> TGT");
+ } else {
++ limit_string(sname);
+ krb5_klog_syslog(LOG_INFO,
+ "TGS_REQ: issuing TGT %s", sname);
+ free(sname);
+*** src/kdc/kdc_util.c (revision 19480)
+--- src/kdc/kdc_util.c (local)
+***************
+*** 404,409 ****
+--- 404,410 ----
+
+ krb5_db_free_principal(kdc_context, &server, nprincs);
+ if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) {
++ limit_string(sname);
+ krb5_klog_syslog(LOG_ERR,"TGS_REQ: UNKNOWN SERVER: server='%s'",
+ sname);
+ free(sname);
+*** src/lib/kadm5/logger.c (revision 19480)
+--- src/lib/kadm5/logger.c (local)
+***************
+*** 45,51 ****
+ #include <varargs.h>
+ #endif /* HAVE_STDARG_H */
+
+! #define KRB5_KLOG_MAX_ERRMSG_SIZE 1024
+ #ifndef MAXHOSTNAMELEN
+ #define MAXHOSTNAMELEN 256
+ #endif /* MAXHOSTNAMELEN */
+--- 45,51 ----
+ #include <varargs.h>
+ #endif /* HAVE_STDARG_H */
+
+! #define KRB5_KLOG_MAX_ERRMSG_SIZE 2048
+ #ifndef MAXHOSTNAMELEN
+ #define MAXHOSTNAMELEN 256
+ #endif /* MAXHOSTNAMELEN */
+***************
+*** 261,267 ****
+ #endif /* HAVE_SYSLOG */
+
+ /* Now format the actual message */
+! #if HAVE_VSPRINTF
+ vsprintf(cp, actual_format, ap);
+ #else /* HAVE_VSPRINTF */
+ sprintf(cp, actual_format, ((int *) ap)[0], ((int *) ap)[1],
+--- 261,269 ----
+ #endif /* HAVE_SYSLOG */
+
+ /* Now format the actual message */
+! #if HAVE_VSNPRINTF
+! vsnprintf(cp, sizeof(outbuf) - (cp - outbuf), actual_format, ap);
+! #elif HAVE_VSPRINTF
+ vsprintf(cp, actual_format, ap);
+ #else /* HAVE_VSPRINTF */
+ sprintf(cp, actual_format, ((int *) ap)[0], ((int *) ap)[1],
+***************
+*** 850,856 ****
+ syslogp = &outbuf[strlen(outbuf)];
+
+ /* Now format the actual message */
+! #ifdef HAVE_VSPRINTF
+ vsprintf(syslogp, format, arglist);
+ #else /* HAVE_VSPRINTF */
+ sprintf(syslogp, format, ((int *) arglist)[0], ((int *) arglist)[1],
+--- 852,860 ----
+ syslogp = &outbuf[strlen(outbuf)];
+
+ /* Now format the actual message */
+! #ifdef HAVE_VSNPRINTF
+! vsnprintf(syslogp, sizeof(outbuf) - (syslogp - outbuf), format, arglist);
+! #elif HAVE_VSPRINTF
+ vsprintf(syslogp, format, arglist);
+ #else /* HAVE_VSPRINTF */
+ sprintf(syslogp, format, ((int *) arglist)[0], ((int *) arglist)[1],
diff --git a/crypto/krb5/2007-003-patch.txt b/crypto/krb5/2007-003-patch.txt
new file mode 100644
index 0000000000..cefd7247a2
--- /dev/null
+++ b/crypto/krb5/2007-003-patch.txt
@@ -0,0 +1,24 @@
+*** src/lib/gssapi/krb5/k5unseal.c (revision 19510)
+--- src/lib/gssapi/krb5/k5unseal.c (revision 19511)
+***************
+*** 457,464 ****
+
+ if ((ctx->initiate && direction != 0xff) ||
+ (!ctx->initiate && direction != 0)) {
+! if (toktype == KG_TOK_SEAL_MSG)
+ xfree(token.value);
+ *minor_status = G_BAD_DIRECTION;
+ return(GSS_S_BAD_SIG);
+ }
+--- 457,467 ----
+
+ if ((ctx->initiate && direction != 0xff) ||
+ (!ctx->initiate && direction != 0)) {
+! if (toktype == KG_TOK_SEAL_MSG) {
+ xfree(token.value);
++ message_buffer->value = NULL;
++ message_buffer->length = 0;
++ }
+ *minor_status = G_BAD_DIRECTION;
+ return(GSS_S_BAD_SIG);
+ }
diff --git a/crypto/krb5/BUILD b/crypto/krb5/BUILD
index 14d12068f3..3a94233a7d 100755
--- a/crypto/krb5/BUILD
+++ b/crypto/krb5/BUILD
@@ -6,6 +6,11 @@ fi
cd $SPELL-$VERSION/src &&
+# Kerberos Security Advisories
+patch -p1 < $SCRIPT_DIRECTORY/2007-001-patch.txt &&
+patch -p1 < $SCRIPT_DIRECTORY/2007-002-patch.txt &&
+patch -p1 < $SCRIPT_DIRECTORY/2007-003-patch.txt &&
+
./configure --enable-dns-for-kdc \
--enable-dns-for-realm \
--infodir=/usr/share/info \
diff --git a/crypto/krb5/DETAILS b/crypto/krb5/DETAILS
index 8269613f70..fe1e94b29f 100755
--- a/crypto/krb5/DETAILS
+++ b/crypto/krb5/DETAILS
@@ -9,7 +9,7 @@ SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION
ENTERED=20020215
LICENSE[0]=http://web.mit.edu/kerberos/www/krb5-1.6/krb5-1.6/doc/krb5-install.html#Copyright
PATCHLEVEL=0
- SECURITY_PATCH=2
+ SECURITY_PATCH=3
KEYWORDS="security crypto"
SHORT="Kerberos 5 network security protocol"
cat << EOF
diff --git a/crypto/krb5/HISTORY b/crypto/krb5/HISTORY
index 2b94aef9c2..74aac0fadb 100644
--- a/crypto/krb5/HISTORY
+++ b/crypto/krb5/HISTORY
@@ -1,3 +1,7 @@
+2007-04-04 Ladislav Hagara <hgr@vabo.cz>
+ * DETAILS: SECURITY_PATCH=3
+ * BUILD, 2007-00[123]-patch.txt: added security patches
+
2007-01-14 Ladislav Hagara <hgr@vabo.cz>
* DETAILS: 1.6
SECURITY_PATCH=2, http://web.mit.edu/kerberos/www/krb5-1.6/
diff --git a/graphics-libs/freetype2/DETAILS b/graphics-libs/freetype2/DETAILS
index 0933f0aef3..483851f8f2 100755
--- a/graphics-libs/freetype2/DETAILS
+++ b/graphics-libs/freetype2/DETAILS
@@ -1,5 +1,6 @@
SPELL=freetype2
- VERSION=2.3.2
+ VERSION=2.3.3
+ SECURITY_PATCH=1
SOURCE=freetype-$VERSION.tar.bz2
SOURCE2=$SOURCE.sig
SOURCE_DIRECTORY=${BUILD_DIRECTORY}/freetype-${VERSION}
diff --git a/graphics-libs/freetype2/HISTORY b/graphics-libs/freetype2/HISTORY
index d0d99898d1..f476cca864 100644
--- a/graphics-libs/freetype2/HISTORY
+++ b/graphics-libs/freetype2/HISTORY
@@ -1,4 +1,11 @@
-2007-03-09 Treeve Jelbert <treeve@pi.be>
+2007-04-05 Arwed v. Merkatz <v.merkatz@gmx.net>
+ * DETAILS: SECURITY_PATCH++, CVE-2007-1351, heap overflow in BDF font
+ handling
+
+2007-04-05 Martin Spitzbarth <m.spitzbarth@gmx.de>
+ * DETAILS: version 2.3.3
+
+2007-03-09 Treeve Jelbert <treeve@sourcemage.org>
* DETAILS: version 2.3.2
2007-02-23 Arwed v. Merkatz <v.merkatz@gmx.net>
diff --git a/kde-apps/ktorrent/DETAILS b/kde-apps/ktorrent/DETAILS
index 6bad237d90..8b4c35557c 100755
--- a/kde-apps/ktorrent/DETAILS
+++ b/kde-apps/ktorrent/DETAILS
@@ -2,7 +2,7 @@
VERSION=2.1.1
SOURCE=$SPELL-$VERSION.tar.gz
SOURCE_URL=http://ktorrent.org/downloads/$VERSION/$SOURCE
- SOURCE_HASH=sha512:0c8bba0ab07406ecf665fe629f5f0518ef6cc9f7688563fedf23a404f1bbede9ccd8f3cf0a066b7dbdcd0455bcad6e2b72ff970e01ea5a839f260e9c9b5cbf2b
+ SOURCE_HASH=sha512:94f459fe23eb8f32f754deb85cc34fb94289c961326055a3ec99a2fca4296e410c7b4ede0ff6308a4a24f63e93eebfb79c40f0ef61a6b74dad64fcda564191be
SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION
WEB_SITE=http://www.ktorrent.org
ENTERED=20060128
diff --git a/kde-apps/ktorrent/HISTORY b/kde-apps/ktorrent/HISTORY
index 9ba1f41fb7..97cf8cb02c 100644
--- a/kde-apps/ktorrent/HISTORY
+++ b/kde-apps/ktorrent/HISTORY
@@ -1,3 +1,6 @@
+2007-04-07 Jaka Kranjc <lynxlynxlynx@sourcemage.org>
+ * DETAILS: update the hash #13686, they changed to make
+
2007-03-06 Jaka Kranjc <lynxlynxlynx@sourcemage.org>
* BUILD: added to avoid needing unsermake
* DEPENDS: added optional avahi
diff --git a/kde-core/kdelibs/CVE-2007-1564-kdelibs-3.5.6.diff b/kde-core/kdelibs/CVE-2007-1564-kdelibs-3.5.6.diff
new file mode 100644
index 0000000000..b026d67a3d
--- /dev/null
+++ b/kde-core/kdelibs/CVE-2007-1564-kdelibs-3.5.6.diff
@@ -0,0 +1,81 @@
+--- khtml/ecma/kjs_html.cpp
++++ khtml/ecma/kjs_html.cpp
+@@ -1866,9 +1866,11 @@ Value KJS::HTMLElement::getValueProperty
+ getDOMNode(exec, frameElement.contentDocument()) : Undefined();
+ case FrameContentWindow: {
+ KHTMLPart* part = static_cast<DOM::HTMLFrameElementImpl*>(frameElement.handle())->contentPart();
+- if (part)
+- return Value(Window::retrieveWindow(part));
+- else
++ if (part) {
++ Window *w = Window::retrieveWindow(part);
++ if (w)
++ return Value(w);
++ }
+ return Undefined();
+ }
+ case FrameFrameBorder: return String(frameElement.frameBorder());
+@@ -1899,9 +1901,11 @@ Value KJS::HTMLElement::getValueProperty
+ getDOMNode(exec, iFrame.contentDocument()) : Undefined();
+ case IFrameContentWindow: {
+ KHTMLPart* part = static_cast<DOM::HTMLIFrameElementImpl*>(iFrame.handle())->contentPart();
+- if (part)
+- return Value(Window::retrieveWindow(part));
+- else
++ if (part) {
++ Window *w = Window::retrieveWindow(part);
++ if (w)
++ return Value(w);
++ }
+ return Undefined();
+ }
+ case IFrameFrameBorder: return String(iFrame.frameBorder());
+--- kioslave/ftp/ftp.cc
++++ kioslave/ftp/ftp.cc
+@@ -58,6 +58,7 @@
+ #include <kmimemagic.h>
+ #include <kmimetype.h>
+ #include <ksockaddr.h>
++#include <ksocketaddress.h>
+ #include <kio/ioslave_defaults.h>
+ #include <kio/slaveconfig.h>
+ #include <kremoteencoding.h>
+@@ -835,7 +836,6 @@ bool Ftp::ftpSendCmd( const QCString& cm
+ return true;
+ }
+
+-
+ /*
+ * ftpOpenPASVDataConnection - set up data connection, using PASV mode
+ *
+@@ -853,6 +853,8 @@ int Ftp::ftpOpenPASVDataConnection()
+ if (sa != NULL && sa->family() != PF_INET)
+ return ERR_INTERNAL; // no PASV for non-PF_INET connections
+
++ const KInetSocketAddress *sin = static_cast<const KInetSocketAddress*>(sa);
++
+ if (m_extControl & pasvUnknown)
+ return ERR_INTERNAL; // already tried and got "unknown command"
+
+@@ -886,14 +888,17 @@ int Ftp::ftpOpenPASVDataConnection()
+ }
+
+ // Make hostname and port number ...
+- QString host;
+- host.sprintf("%d.%d.%d.%d", i[0], i[1], i[2], i[3]);
+ int port = i[4] << 8 | i[5];
+
++ // we ignore the host part on purpose for two reasons
++ // a) it might be wrong anyway
++ // b) it would make us being suceptible to a port scanning attack
++
+ // now connect the data socket ...
+ m_data = new FtpSocket("PASV");
+- m_data->setAddress(host, port);
+- kdDebug(7102) << "Connecting to " << host << " on port " << port << endl;
++ m_data->setAddress(sin->nodeName(), port);
++
++ kdDebug(7102) << "Connecting to " << sin->nodeName() << " on port " << port << endl;
+ return m_data->connectSocket(connectTimeout(), false);
+ }
+
diff --git a/kde-core/kdelibs/DETAILS b/kde-core/kdelibs/DETAILS
index 2fc3b834df..859f47aefe 100755
--- a/kde-core/kdelibs/DETAILS
+++ b/kde-core/kdelibs/DETAILS
@@ -8,7 +8,7 @@ SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION
SOURCE_URL[0]=$KDE_URL/stable/${VERSION//.0/}/src/$SOURCE
WEB_SITE=http://www.kde.org
ENTERED=20020912
- SECURITY_PATCH=2
+ SECURITY_PATCH=3
LICENSE[0]=GPL
KEYWORDS="kde"
SHORT="Base applications that form the core of KDE."
diff --git a/kde-core/kdelibs/HISTORY b/kde-core/kdelibs/HISTORY
index cbad1a3b1f..b2d32d5e5f 100644
--- a/kde-core/kdelibs/HISTORY
+++ b/kde-core/kdelibs/HISTORY
@@ -1,4 +1,12 @@
-2007-03-08 Treeve Jelbert <treeve01@pi.be>
+2007-04-02 Treeve Jelbert <treeve@sourcemage.org>
+ * DETAILS: SECURITY_PATCH++
+ * CVE-2007-1564-kdelibs-3.5.6.diff: added
+ * PRE_BUILD: apply patch
+ security fix CVE-2007-1564
+ URL: http://www.kde.org/info/security/advisory-20070326-1.txt
+ fixes bug #13672
+
+2007-03-08 Treeve Jelbert <treeve@sourcemage.org>
* DETAILS: SECURITY_PATCH
* PRE_BUILD, post-3.5.6-kdelibs.diff:add
security fix CVE-2007-0537
diff --git a/kde-core/kdelibs/PRE_BUILD b/kde-core/kdelibs/PRE_BUILD
index 13e482626d..cab47ecd48 100755
--- a/kde-core/kdelibs/PRE_BUILD
+++ b/kde-core/kdelibs/PRE_BUILD
@@ -1,3 +1,4 @@
default_pre_build &&
cd $SOURCE_DIRECTORY &&
+patch -p0 < $SPELL_DIRECTORY/CVE-2007-1564-kdelibs-3.5.6.diff &&
patch -p0 < $SPELL_DIRECTORY/post-3.5.6-kdelibs.diff
diff --git a/mail/dovecot/BUILD b/mail/dovecot/BUILD
index 4c1dfe51a6..966460dd7d 100755
--- a/mail/dovecot/BUILD
+++ b/mail/dovecot/BUILD
@@ -1,5 +1,10 @@
#LDFLAGS="$LDFLAGS -lc"
# disableing what we don't have available
+if [[ $DOVECOT_EXT_LDA == y ]]; then
+OPTS="--with-deliver $OPTS"
+else
+OPTS="--without-deliver $OPTS"
+fi &&
OPTS="--without-vpopmail \
--without-sia \
--without-bsdauth \
@@ -7,10 +12,12 @@ OPTS="--without-vpopmail \
$DOVECOT_OPTS \
$OPTS" &&
default_build &&
-pushd dovecot-sieve-1.0.1 &&
+if [[ $DOVECOT_EXT_LDA == y ]]; then
+pushd dovecot-sieve-* &&
OPTS="--with-dovecot=.." &&
default_build &&
popd
+fi
# when the dspam plugin will get updated to work in
# a multiuser environment this will be usefull
#pushd src/plugins/dspam
diff --git a/mail/dovecot/CONFIGURE b/mail/dovecot/CONFIGURE
index e08bdfcf27..5f37e62984 100755
--- a/mail/dovecot/CONFIGURE
+++ b/mail/dovecot/CONFIGURE
@@ -33,11 +33,6 @@ config_query_option DOVECOT_OPTS \
"--with-pop3d" \
"--without-pop3d" &&
config_query_option DOVECOT_OPTS \
- 'Build mail delivery agent' \
- y \
- "--with-deliver" \
- "--without-deliver" &&
-config_query_option DOVECOT_OPTS \
'Install documentation' \
y \
"--with-docs" \
diff --git a/mail/dovecot/DETAILS b/mail/dovecot/DETAILS
index 73d359cfd1..91975db92b 100755
--- a/mail/dovecot/DETAILS
+++ b/mail/dovecot/DETAILS
@@ -22,6 +22,7 @@ fi
SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION
ENTERED=20030224
SECURITY_PATCH=1
+ PATCHLEVEL=1
LICENSE[0]=GPL
WEB_SITE=http://www.dovecot.org/
KEYWORDS="mail"
diff --git a/mail/dovecot/HISTORY b/mail/dovecot/HISTORY
index d774a7ac30..650c435f8f 100644
--- a/mail/dovecot/HISTORY
+++ b/mail/dovecot/HISTORY
@@ -1,9 +1,5 @@
-2007-03-31 Andraž "ruskie" Levstik <ruskie@mages.ath.cx>
- * DETAILS: update to 1.0.rc29
- SECURITY_PATCH=1:Security fix: If zlib plugin was loaded, it was possible
- to open gzipped mbox files outside the user's mail directory.
- added managesieve server patch
- updated lda
+2007-04-01 Andraž "ruskie" Levstik <ruskie@mages.ath.cx>
+ * DETAILS: added managesieve server patch, PATCHLEVEL++
* PREPARE: ask for managesieve if lda is selected
* CONFIGURE: added plenty of options to configure
* BUILD: fixup for extra options, disabled what we don't have
@@ -12,6 +8,9 @@
* PREPARE: ask for managesieve patch
* PRE_BUILD: handle the managesieve patch
+2007-03-31 Andraž "ruskie" Levstik <ruskie@mages.ath.cx>
+ * DETAILS: update to 1.0.rc29, SECURITY_PATCH=1
+
2006-03-14 Bearcat M. Sandor <sourcemage@feline-soul.com>
* DETAILS: update to 1.0.rc26
diff --git a/mail/dovecot/INSTALL b/mail/dovecot/INSTALL
index 1cdd0df924..d2599df331 100755
--- a/mail/dovecot/INSTALL
+++ b/mail/dovecot/INSTALL
@@ -1,4 +1,6 @@
default_install &&
+if [[ $DOVECOT_EXT_LDA == y ]]; then
pushd dovecot-sieve-1.0.1 &&
default_install &&
popd
+fi
diff --git a/xfce/verve-plugin/DEPENDS b/xfce/verve-plugin/DEPENDS
index 45188033fd..108befd71f 100755
--- a/xfce/verve-plugin/DEPENDS
+++ b/xfce/verve-plugin/DEPENDS
@@ -1,2 +1,3 @@
depends xfce4-panel &&
-depends exo
+depends exo &&
+depends pcre
diff --git a/xfce/verve-plugin/HISTORY b/xfce/verve-plugin/HISTORY
index aa113df99d..9f17e018af 100644
--- a/xfce/verve-plugin/HISTORY
+++ b/xfce/verve-plugin/HISTORY
@@ -1,3 +1,6 @@
+2007-04-02 David Brown <dmlb2000@gmail.com>
+ * DEPENDS: needs pcre
+
2007-01-23 George Sherwood <george@beernabeer.com>
* DEPENDS, DETAILS, HISTORY: created the spell
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 14:54:16 +0000