From owner-svn-ports-head@FreeBSD.ORG  Wed Nov 12 17:59:35 2014
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 6AF1AF26;
 Wed, 12 Nov 2014 17:59:35 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 56E2C16F;
 Wed, 12 Nov 2014 17:59:35 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sACHxZdU004618;
 Wed, 12 Nov 2014 17:59:35 GMT (envelope-from delphij@FreeBSD.org)
Received: (from delphij@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id sACHxYlk004616;
 Wed, 12 Nov 2014 17:59:34 GMT (envelope-from delphij@FreeBSD.org)
Message-Id: <201411121759.sACHxYlk004616@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: delphij set sender to
 delphij@FreeBSD.org using -f
From: Xin LI <delphij@FreeBSD.org>
Date: Wed, 12 Nov 2014 17:59:34 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r372499 - in head/net/openldap24-server: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Nov 2014 17:59:35 -0000

Author: delphij
Date: Wed Nov 12 17:59:34 2014
New Revision: 372499
URL: https://svnweb.freebsd.org/changeset/ports/372499
QAT: https://qat.redports.org/buildarchive/r372499/

Log:
   - Fix Perl dependency by converting the port from using
     bsd.port.{pre,post}.mk to options.mk. [1]
   - Fix build with LibreSSL. [2] [3]
   - Make LM Password optional and disable by default. [3]
  
  Reported by:	Lorenzo Perone <lorenzo.perone@bytesatwork.com> [1],
  		brd [1]
  Submitted by:	spil.oss@gmail.com [2]
  PR:		194841 [3]

Added:
  head/net/openldap24-server/files/patch-des   (contents, props changed)
Modified:
  head/net/openldap24-server/Makefile

Modified: head/net/openldap24-server/Makefile
==============================================================================
--- head/net/openldap24-server/Makefile	Wed Nov 12 17:48:18 2014	(r372498)
+++ head/net/openldap24-server/Makefile	Wed Nov 12 17:59:34 2014	(r372499)
@@ -58,8 +58,8 @@ WANT_OPENLDAP_VER?=	24
 BROKEN=			incompatible OpenLDAP version: ${WANT_OPENLDAP_VER}
 .endif
 
-PORTREVISION_CLIENT=	0
-PORTREVISION_SERVER=	1
+PORTREVISION_CLIENT=	1
+PORTREVISION_SERVER=	2
 OPENLDAP_SHLIB_MAJOR=	2
 OPENLDAP_SHLIB_MINOR=	10.3
 OPENLDAP_MAJOR=		${DISTVERSION:R}
@@ -76,6 +76,7 @@ OPTIONS_DEFINE+=	ACCESSLOG AUDITLOG COLL
 OPTIONS_DEFINE+=	DEREF DYNGROUP DYNLIST MEMBEROF PPOLICY PROXYCACHE
 OPTIONS_DEFINE+=	REFINT RETCODE RWM SEQMOD SSSVLV SYNCPROV TRANSLUCENT
 OPTIONS_DEFINE+=	UNIQUE VALSORT SMBPWD SHA2 DYNAMIC_BACKENDS SASL
+OPTIONS_DEFINE+=	LMPASSWD
 
 OPTIONS_DEFAULT=	MDB SYNCPROV DYNAMIC_BACKENDS
 
@@ -117,6 +118,7 @@ UNIQUE_DESC=		With attribute Uniqueness 
 VALSORT_DESC=		With Value Sorting overlay
 SMBPWD_DESC=		With Samba Password hashes overlay
 SHA2_DESC=		With SHA2 Password hashes overlay
+LMPASSWD_DESC=		With LM hash password support (DEPRECATED)
 DYNAMIC_BACKENDS_DESC=	Build dynamic backends
 .endif
 
@@ -130,7 +132,7 @@ OPENLDAP_PKGFILESUFX=
 
 CONFIGURE_SED=		-e 's,uuid/uuid.h,xxuuid/uuid.h,g'
 
-.include <bsd.port.pre.mk>
+.include <bsd.port.options.mk>
 
 .if defined(CLIENT_ONLY)
 PORTDOCS=		CHANGES drafts rfc
@@ -244,7 +246,6 @@ OVERLAY_ENABLE=		yes
 
 CONFIGURE_ARGS+=	--localstatedir=${LOCALSTATEDIR} \
 			--enable-crypt \
-			--enable-lmpasswd \
 			--enable-ldap=${BACKEND_ENABLE} \
 			--enable-meta=${BACKEND_ENABLE} \
 			--enable-rewrite \
@@ -285,6 +286,10 @@ CONFIGURE_ARGS+=	--enable-dyngroup=${OVE
 CONFIGURE_ARGS+=	--enable-dynlist=${OVERLAY_ENABLE}
 .endif
 
+.if ${PORT_OPTIONS:MLMPASSWD}
+CONFIGURE_ARGS+=	--enable-lmpasswd
+.endif
+
 .if ${PORT_OPTIONS:MMEMBEROF}
 CONFIGURE_ARGS+=	--enable-memberof=${OVERLAY_ENABLE}
 .endif
@@ -561,4 +566,4 @@ post-install:
 .endif
 .endif # defined(CLIENT_ONLY)
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

Added: head/net/openldap24-server/files/patch-des
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/openldap24-server/files/patch-des	Wed Nov 12 17:59:34 2014	(r372499)
@@ -0,0 +1,204 @@
+--- libraries/liblutil/passwd.c.orig	2014-09-19 03:48:49.000000000 +0200
++++ libraries/liblutil/passwd.c	2014-11-05 19:57:10.807555025 +0100
+@@ -38,11 +38,11 @@
+ #	include <openssl/des.h>
+ 
+ 
+-typedef des_cblock des_key;
+-typedef des_cblock des_data_block;
+-typedef des_key_schedule des_context;
+-#define des_failed(encrypted) 0
+-#define des_finish(key, schedule) 
++typedef DES_cblock DES_key;
++typedef DES_cblock DES_data_block;
++typedef DES_key_schedule DES_context;
++#define DES_failed(encrypted) 0
++#define DES_finish(key, schedule) 
+ 
+ #elif defined(HAVE_MOZNSS)
+ /*
+@@ -53,9 +53,9 @@
+ */
+ #define PROTYPES_H 1
+ #	include <nss/pk11pub.h>
+-typedef PK11SymKey *des_key;
+-typedef unsigned char des_data_block[8];
+-typedef PK11Context *des_context[1];
++typedef PK11SymKey *DES_key;
++typedef unsigned char DES_data_block[8];
++typedef PK11Context *DES_context[1];
+ #define DES_ENCRYPT CKA_ENCRYPT
+ 
+ #endif
+@@ -664,10 +664,10 @@
+  * abstract away setting the parity.
+  */
+ static void
+-des_set_key_and_parity( des_key *key, unsigned char *keyData)
++DES_set_key_and_parity( DES_key *key, unsigned char *keyData)
+ {
+     memcpy(key, keyData, 8);
+-    des_set_odd_parity( key );
++    DES_set_odd_parity( key );
+ }
+ 
+ 
+@@ -677,7 +677,7 @@
+  * implement MozNSS wrappers for the openSSL calls 
+  */
+ static void
+-des_set_key_and_parity( des_key *key, unsigned char *keyData)
++DES_set_key_and_parity( DES_key *key, unsigned char *keyData)
+ {
+     SECItem keyDataItem;
+     PK11SlotInfo *slot;
+@@ -699,7 +699,7 @@
+ }
+ 
+ static void
+-des_set_key_unchecked( des_key *key, des_context ctxt )
++DES_set_key_unchecked( DES_key *key, DES_context ctxt )
+ {
+     ctxt[0] = NULL;
+ 
+@@ -712,37 +712,37 @@
+ }
+ 
+ static void
+-des_ecb_encrypt( des_data_block *plain, des_data_block *encrypted, 
+-			des_context ctxt, int op)
++DES_ecb_encrypt( DES_data_block *plain, DES_data_block *encrypted, 
++			DES_context ctxt, int op)
+ {
+     SECStatus rv;
+     int size;
+ 
+     if (ctxt[0] == NULL) {
+ 	/* need to fail here...  */
+-	memset(encrypted, 0, sizeof(des_data_block));
++	memset(encrypted, 0, sizeof(DES_data_block));
+ 	return;
+     }
+     rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0], 
+-			&size, sizeof(des_data_block),
+-			(unsigned char *)&plain[0], sizeof(des_data_block));
++			&size, sizeof(DES_data_block),
++			(unsigned char *)&plain[0], sizeof(DES_data_block));
+     if (rv != SECSuccess) {
+ 	/* signal failure */
+-	memset(encrypted, 0, sizeof(des_data_block));
++	memset(encrypted, 0, sizeof(DES_data_block));
+ 	return;
+     }
+     return;
+ }
+ 
+ static int
+-des_failed(des_data_block *encrypted)
++DES_failed(DES_data_block *encrypted)
+ {
+-   static const des_data_block zero = { 0 };
++   static const DES_data_block zero = { 0 };
+    return memcmp(encrypted, zero, sizeof(zero)) == 0;
+ }
+ 
+ static void
+-des_finish(des_key *key, des_context ctxt)
++DES_finish(DES_key *key, DES_context ctxt)
+ {
+      if (*key) {
+ 	PK11_FreeSymKey(*key);
+@@ -817,7 +817,7 @@
+ 
+ static void lmPasswd_to_key(
+ 	const char *lmPasswd,
+-	des_key *key)
++	DES_key *key)
+ {
+ 	const unsigned char *lpw = (const unsigned char *) lmPasswd;
+ 	unsigned char k[8];
+@@ -832,7 +832,7 @@
+ 	k[6] = ((lpw[5] & 0x3F) << 2) | (lpw[6] >> 6);
+ 	k[7] = ((lpw[6] & 0x7F) << 1);
+ 		
+-	des_set_key_and_parity( key, k );
++	DES_set_key_and_parity( key, k );
+ }	
+ 
+ static int chk_lanman(
+@@ -843,10 +843,10 @@
+ {
+ 	ber_len_t i;
+ 	char UcasePassword[15];
+-	des_key key;
+-	des_context schedule;
+-	des_data_block StdText = "KGS!@#$%";
+-	des_data_block PasswordHash1, PasswordHash2;
++	DES_key key;
++	DES_context schedule;
++	DES_data_block StdText = "KGS!@#$%";
++	DES_data_block PasswordHash1, PasswordHash2;
+ 	char PasswordHash[33], storedPasswordHash[33];
+ 	
+ 	for( i=0; i<cred->bv_len; i++) {
+@@ -864,21 +864,21 @@
+ 	ldap_pvt_str2upper( UcasePassword );
+ 	
+ 	lmPasswd_to_key( UcasePassword, &key );
+-	des_set_key_unchecked( &key, schedule );
+-	des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT );
++	DES_set_key_unchecked( &key, &schedule );
++	DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT );
+ 
+-	if (des_failed(&PasswordHash1)) {
++	if (DES_failed(&PasswordHash1)) {
+ 	    return LUTIL_PASSWD_ERR;
+ 	}
+ 	
+ 	lmPasswd_to_key( &UcasePassword[7], &key );
+-	des_set_key_unchecked( &key, schedule );
+-	des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT );
+-	if (des_failed(&PasswordHash2)) {
++	DES_set_key_unchecked( &key, &schedule );
++	DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT );
++	if (DES_failed(&PasswordHash2)) {
+ 	    return LUTIL_PASSWD_ERR;
+ 	}
+ 
+-	des_finish( &key, schedule );
++	DES_finish( &key, schedule );
+ 	
+ 	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 
+ 		PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],
+@@ -1139,10 +1139,10 @@
+ 
+ 	ber_len_t i;
+ 	char UcasePassword[15];
+-	des_key key;
+-	des_context schedule;
+-	des_data_block StdText = "KGS!@#$%";
+-	des_data_block PasswordHash1, PasswordHash2;
++	DES_key key;
++	DES_context schedule;
++	DES_data_block StdText = "KGS!@#$%";
++	DES_data_block PasswordHash1, PasswordHash2;
+ 	char PasswordHash[33];
+ 	
+ 	for( i=0; i<passwd->bv_len; i++) {
+@@ -1160,12 +1160,12 @@
+ 	ldap_pvt_str2upper( UcasePassword );
+ 	
+ 	lmPasswd_to_key( UcasePassword, &key );
+-	des_set_key_unchecked( &key, schedule );
+-	des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT );
++	DES_set_key_unchecked( &key, &schedule );
++	DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT );
+ 	
+ 	lmPasswd_to_key( &UcasePassword[7], &key );
+-	des_set_key_unchecked( &key, schedule );
+-	des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT );
++	DES_set_key_unchecked( &key, &schedule );
++	DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT );
+ 	
+ 	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 
+ 		PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],