summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorcy <cy@FreeBSD.org>2002-01-16 03:17:24 +0000
committercy <cy@FreeBSD.org>2002-01-16 03:17:24 +0000
commit98783834957f8844c5d80c6f7c1ccc04d131d63a (patch)
tree544490bb4c2820bc67b7b1b2d41698e157543b1d /security
parent959862ce30e2bce05bcc286e7a9c273355ce1657 (diff)
downloadFreeBSD-ports-98783834957f8844c5d80c6f7c1ccc04d131d63a.zip
FreeBSD-ports-98783834957f8844c5d80c6f7c1ccc04d131d63a.tar.gz
Update 1.2.2 -> 1.2.3
Diffstat (limited to 'security')
-rw-r--r--security/krb5-16/Makefile3
-rw-r--r--security/krb5-16/distinfo2
-rw-r--r--security/krb5-16/files/patch-ai279
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c12
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::ext.h24
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::slc.c11
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::state.c134
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c169
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c74
-rw-r--r--security/krb5-16/files/patch-appl::telnet::telnetd::utility.c905
-rw-r--r--security/krb5-16/files/patch-ay20
-rw-r--r--security/krb5-16/files/patch-bd19
-rw-r--r--security/krb5-16/pkg-plist4
-rw-r--r--security/krb5-17/Makefile3
-rw-r--r--security/krb5-17/distinfo2
-rw-r--r--security/krb5-17/files/patch-ai279
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c12
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::ext.h24
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::slc.c11
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::state.c134
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c169
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c74
-rw-r--r--security/krb5-17/files/patch-appl::telnet::telnetd::utility.c905
-rw-r--r--security/krb5-17/files/patch-ay20
-rw-r--r--security/krb5-17/files/patch-bd19
-rw-r--r--security/krb5-17/pkg-plist4
-rw-r--r--security/krb5-appl/Makefile3
-rw-r--r--security/krb5-appl/distinfo2
-rw-r--r--security/krb5-appl/files/patch-ai279
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c12
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h24
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c11
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::state.c134
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c169
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c74
-rw-r--r--security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c905
-rw-r--r--security/krb5-appl/files/patch-ay20
-rw-r--r--security/krb5-appl/files/patch-bd19
-rw-r--r--security/krb5-appl/pkg-plist4
-rw-r--r--security/krb5/Makefile3
-rw-r--r--security/krb5/distinfo2
-rw-r--r--security/krb5/files/patch-ai279
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::authenc.c12
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::ext.h24
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::slc.c11
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::state.c134
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::telnetd.c169
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::termstat.c74
-rw-r--r--security/krb5/files/patch-appl::telnet::telnetd::utility.c905
-rw-r--r--security/krb5/files/patch-ay20
-rw-r--r--security/krb5/files/patch-bd19
-rw-r--r--security/krb5/pkg-plist4
52 files changed, 224 insertions, 6400 deletions
diff --git a/security/krb5-16/Makefile b/security/krb5-16/Makefile
index 3a0bf18..e9c8235 100644
--- a/security/krb5-16/Makefile
+++ b/security/krb5-16/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= krb5
-PORTVERSION= 1.2.2
-PORTREVISION= 5
+PORTVERSION= 1.2.3
CATEGORIES= security
MASTER_SITES= # manual download
diff --git a/security/krb5-16/distinfo b/security/krb5-16/distinfo
index e8159e5..3af0278 100644
--- a/security/krb5-16/distinfo
+++ b/security/krb5-16/distinfo
@@ -1 +1 @@
-MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c
+MD5 (krb5-1.2.3.tar.gz) = 1e93aed5e6ae13eb4b5b5278b1a6ab46
diff --git a/security/krb5-16/files/patch-ai b/security/krb5-16/files/patch-ai
index 634db6c..f5b7331 100644
--- a/security/krb5-16/files/patch-ai
+++ b/security/krb5-16/files/patch-ai
@@ -1,6 +1,6 @@
---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001
-@@ -485,7 +485,13 @@
+--- appl/gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002
++++ appl/gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002
+@@ -487,7 +487,13 @@
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
@@ -15,273 +15,14 @@
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
-@@ -761,7 +767,16 @@
- int result;
- #ifdef GSSAPI
- if (auth_type && strcmp(auth_type, "GSSAPI") == 0) {
-+ int len;
- authorized = ftpd_gss_userok(&client_name, name) == 0;
-+ len = sizeof("GSSAPI user is not authorized as "
-+ "; Password required.")
-+ + strlen(client_name.value)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "GSSAPI user %s is%s authorized as %s",
- client_name.value, authorized ? "" : " not",
- name);
-@@ -772,7 +787,18 @@
- #endif /* GSSAPI */
- #ifdef KRB5_KRB4_COMPAT
- if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) {
-+ int len;
- authorized = kuserok(&kdata,name) == 0;
-+ len = sizeof("Kerberos user .@ is not authorized as "
-+ "; Password required.")
-+ + strlen(kdata.pname)
-+ + strlen(kdata.pinst)
-+ + strlen(kdata.prealm)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s",
- kdata.pname, *kdata.pinst ? "." : "",
- kdata.pinst, kdata.prealm,
-@@ -1179,6 +1205,11 @@
- } else {
- char line[FTP_BUFSIZ];
-
-+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) {
-+ syslog(LOG_ERR, "retrieve: filename too long");
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, cmd, name), name = line;
- fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose;
- st.st_size = -1;
-@@ -1417,6 +1448,10 @@
- return (file);
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- secure_error(char *fmt, ...)
- #else
-@@ -1616,13 +1651,19 @@
- {
- char line[FTP_BUFSIZ];
- FILE *fin;
-- int c;
-+ int c, n;
- char str[FTP_BUFSIZ], *p;
-
-+ if (strlen(filename) + sizeof("/bin/ls -lgA ")
-+ >= sizeof(line)) {
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, "/bin/ls -lgA %s", filename);
- fin = ftpd_popen(line, "r");
- lreply(211, "status of %s:", filename);
- p = str;
-+ n = 0;
- while ((c = getc(fin)) != EOF) {
- if (c == '\n') {
- if (ferror(stdout)){
-@@ -1639,7 +1680,16 @@
- *p = '\0';
- reply(0, "%s", str);
- p = str;
-- } else *p++ = c;
-+ n = 0;
-+ } else {
-+ *p++ = c;
-+ n++;
-+ if (n >= sizeof(str)) {
-+ reply(551, "output line too long");
-+ (void) ftpd_pclose(fin);
-+ return;
-+ }
-+ }
- }
- if (p != str) {
- *p = '\0';
-@@ -1723,6 +1773,10 @@
-
- char cont_char = ' ';
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ bytes for now.
-+ */
- #ifdef STDARG
- reply(int n, char *fmt, ...)
- #else
-@@ -1744,22 +1798,32 @@
- #endif
-
- if (auth_type) {
-- char in[FTP_BUFSIZ], out[FTP_BUFSIZ];
-+ /*
-+ * Deal with expansion in mk_{safe,priv},
-+ * radix_encode, gss_seal, plus slop.
-+ */
-+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
- int length, kerror;
- if (n) sprintf(in, "%d%c", n, cont_char);
- else in[0] = '\0';
- strncat(in, buf, sizeof (in) - strlen(in) - 1);
- #ifdef KRB5_KRB4_COMPAT
- if (strcmp(auth_type, "KERBEROS_V4") == 0) {
-- if ((length = clevel == PROT_P ?
-- krb_mk_priv((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), schedule, &kdata.session,
-- &ctrl_addr, &his_addr)
-- : krb_mk_safe((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), &kdata.session,
-- &ctrl_addr, &his_addr)) == -1) {
-+ if (clevel == PROT_P)
-+ length = krb_mk_priv((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ schedule, &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ else
-+ length = krb_mk_safe((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ if (length == -1) {
- syslog(LOG_ERR,
- "krb_mk_%s failed for KERBEROS_V4",
- clevel == PROT_P ? "priv" : "safe");
-@@ -1803,13 +1867,16 @@
- }
- #endif /* GSSAPI */
- /* Other auth types go here ... */
-- if (kerror = radix_encode(out, in, &length, 0)) {
-+ if (length >= sizeof(in) / 4 * 3) {
-+ syslog(LOG_ERR, "input to radix_encode too long");
-+ fputs(in, stdout);
-+ } else if (kerror = radix_encode(out, in, &length, 0)) {
- syslog(LOG_ERR, "Couldn't encode reply (%s)",
- radix_error(kerror));
- fputs(in,stdout);
- } else
-- printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-- n ? cont_char : '-', in);
-+ printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-+ n ? cont_char : '-', in);
- } else {
- if (n) printf("%d%c", n, cont_char);
- fputs(buf, stdout);
-@@ -1822,6 +1889,10 @@
- }
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- lreply(int n, char *fmt, ...)
- #else
-@@ -1866,7 +1937,8 @@
-
- if (cp = strchr(cbuf,'\n'))
- *cp = '\0';
-- reply(500, "'%s': command not understood.", cbuf);
-+ reply(500, "'%.*s': command not understood.",
-+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf);
- }
-
- delete_file(name)
-@@ -2143,7 +2215,21 @@
- int code;
- char *string;
- {
-- reply(code, "%s: %s.", string, strerror(errno));
-+ char *err_string;
-+ size_t extra_len;
-+ err_string = strerror(errno);
-+ if (err_string == NULL)
-+ err_string = "(unknown error)";
-+ extra_len = strlen(err_string) + sizeof("(truncated): .");
-+ /*
-+ * XXX knows about FTP_BUFSIZ in reply()
-+ */
-+ if (strlen(string) + extra_len > FTP_BUFSIZ) {
-+ reply(code, "(truncated)%.*s: %s.",
-+ FTP_BUFSIZ - extra_len, string, err_string);
-+ } else {
-+ reply(code, "%s: %s.", string, err_string);
-+ }
- }
-
- auth(type)
-@@ -2226,6 +2312,10 @@
+@@ -2312,6 +2318,10 @@
+ if ((length = krb_mk_safe((u_char *)&cksum, out_buf, sizeof(cksum),
+ &kdata.session,&ctrl_addr, &his_addr)) == -1) {
secure_error("ADAT: krb_mk_safe failed");
- return(0);
- }
-+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
-+ secure_error("ADAT: reply too long");
+ return(0);
+ }
- if (kerror = radix_encode(out_buf, buf, &length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2360,6 +2450,16 @@
++ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
++ secure_error("ADAT: reply too long");
+ return(0);
}
-
- if (out_tok.length) {
-+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT="))
-+ / 4 * 3)) {
-+ secure_error("ADAT: reply too long");
-+ syslog(LOG_ERR, "ADAT: reply too long");
-+ (void) gss_release_cred(&stat_min, &server_creds);
-+ if (ret_flags & GSS_C_DELEG_FLAG)
-+ (void) gss_release_cred(&stat_min,
-+ &deleg_creds);
-+ return(0);
-+ }
- if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2458,6 +2558,9 @@
- * n>=0 on success
- * -1 on error
- * -2 on security error
-+ *
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
- */
- #ifdef STDARG
- secure_fprintf(FILE *stream, char *fmt, ...)
-@@ -2575,6 +2678,15 @@
- dir->d_name[2] == '\0')
- continue;
-
-+ if (strlen(dirname) + strlen(dir->d_name)
-+ + 1 /* slash */
-+ + 2 /* CRLF */
-+ + 1 > sizeof(nbuf)) {
-+ syslog(LOG_ERR,
-+ "send_file_list: pathname too long");
-+ ret = -2; /* XXX */
-+ goto data_err;
-+ }
- sprintf(nbuf, "%s/%s", dirname, dir->d_name);
-
- /*
+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c
deleted file mode 100644
index 9a19ab9..0000000
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::authenc.c
+++ /dev/null
@@ -1,12 +0,0 @@
---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001
-@@ -43,8 +43,7 @@
- int len;
- {
- if (nfrontp + len < netobuf + BUFSIZ) {
-- memcpy((void *)nfrontp, (void *)str, len);
-- nfrontp += len;
-+ output_datalen(str, len);
- return(len);
- }
- return(0);
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h
deleted file mode 100644
index 38fd6ac..0000000
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::ext.h
+++ /dev/null
@@ -1,24 +0,0 @@
---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001
-@@ -75,7 +75,7 @@
-
- extern char netibuf[BUFSIZ], *netip;
-
--extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
-+extern char netobuf[BUFSIZ], *nfrontp, *nbackp;
- extern char *neturg; /* one past last bye of urgent data */
-
- extern int pcc, ncc;
-@@ -187,8 +187,10 @@
- tty_setsofttab P((int)),
- tty_tspeed P((int)),
- willoption P((int)),
-- wontoption P((int)),
-- writenet P((unsigned char *, int));
-+ wontoption P((int));
-+
-+extern int output_data __P((const char *, ...)) __printflike(1, 2);
-+extern int output_datalen __P((const char *, size_t));
-
- #ifdef ENCRYPTION
- extern char *nclearto;
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::slc.c b/security/krb5-16/files/patch-appl::telnet::telnetd::slc.c
deleted file mode 100644
index f4e7d41..0000000
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::slc.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001
-@@ -198,7 +198,7 @@
- (void) sprintf((char *)slcptr, "%c%c", IAC, SE);
- slcptr += 2;
- len = slcptr - slcbuf;
-- writenet(slcbuf, len);
-+ output_datalen(slcbuf, len);
- netflush(); /* force it out immediately */
- DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2););
- }
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::state.c b/security/krb5-16/files/patch-appl::telnet::telnetd::state.c
deleted file mode 100644
index baf2073..0000000
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::state.c
+++ /dev/null
@@ -1,134 +0,0 @@
---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001
-@@ -33,6 +33,7 @@
-
- /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */
-
-+#include <stdarg.h>
- #include "telnetd.h"
- #if defined(AUTHENTICATION)
- #include <libtelnet/auth.h>
-@@ -86,7 +87,7 @@
- if (!auth_negotiated) {
- static char *error =
- "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n";
-- writenet(error, strlen(error));
-+ output_datalen(error, strlen(error));
- netflush();
- exit(1);
- }
-@@ -209,8 +210,7 @@
- }
-
- netclear(); /* clear buffer back */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- DIAG(TD_OPTIONS,
- printoption("td: send IAC", DM));
-@@ -463,8 +463,7 @@
- set_his_want_state_will(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)doopt, option);
-- nfrontp += sizeof (dont) - 2;
-+ output_data((const char *)doopt, option);
-
- DIAG(TD_OPTIONS, printoption("td: send do", option));
- }
-@@ -683,8 +682,7 @@
- set_his_want_state_wont(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)dont, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)dont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send dont", option));
- }
-@@ -833,8 +831,7 @@
- set_my_want_state_will(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)will, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)will, option);
-
- DIAG(TD_OPTIONS, printoption("td: send will", option));
- }
-@@ -993,8 +990,7 @@
- set_my_want_state_wont(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)wont, option);
-- nfrontp += sizeof (wont) - 2;
-+ output_data((const char *)wont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send wont", option));
- }
-@@ -1393,9 +1389,8 @@
- env_ovar_wrong:
- env_ovar = OLD_ENV_VALUE;
- env_ovalue = OLD_ENV_VAR;
-- DIAG(TD_OPTIONS, {sprintf(nfrontp,
-- "ENVIRON VALUE and VAR are reversed!\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS,
-+ output_data("ENVIRON VALUE and VAR are reversed!\r\n"));
-
- }
- }
-@@ -1633,11 +1628,51 @@
- ADD(IAC);
- ADD(SE);
-
-- writenet(statusbuf, ncp - statusbuf);
-+ output_datalen(statusbuf, ncp - statusbuf);
- netflush(); /* Send it on its way */
-
- DIAG(TD_OPTIONS,
- {printsub('>', statusbuf, ncp - statusbuf); netflush();});
-+}
-+
-+/*
-+ * This function appends data to nfrontp and advances nfrontp.
-+ */
-+
-+int
-+output_data(const char *format, ...)
-+{
-+ va_list args;
-+ size_t remaining, ret;
-+
-+ va_start(args, format);
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ /* try a netflush() if the room is too low */
-+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ ret = vsnprintf(nfrontp, remaining, format, args);
-+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1);
-+ va_end(args);
-+ return ret;
-+}
-+
-+int
-+output_datalen(const char *buf, size_t len)
-+{
-+ size_t remaining;
-+
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ if (remaining < len) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ if (remaining < len)
-+ return -1;
-+ memmove(nfrontp, buf, len);
-+ nfrontp += len;
-+ return (len);
- }
-
- static int envvarok(varp)
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c
deleted file mode 100644
index 9eef170..0000000
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::telnetd.c
+++ /dev/null
@@ -1,169 +0,0 @@
---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001
-@@ -693,7 +693,7 @@
- char *error_message =
- "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
-
-- writenet(error_message, strlen(error_message));
-+ output_datalen(error_message, strlen(error_message));
- netflush();
- exit(1);
- }
-@@ -782,9 +782,7 @@
- { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_XDISPLOC)) {
-@@ -792,9 +790,7 @@
- { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
-@@ -802,9 +798,7 @@
- { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- else if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
-@@ -812,17 +806,13 @@
- { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_TTYPE)) {
-
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- }
- if (his_state_is_will(TELOPT_TSPEED)) {
-@@ -902,9 +892,7 @@
- return;
- settimer(baseline);
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- while (sequenceIs(ttypesubopt, baseline))
- ttloop();
-@@ -1177,9 +1165,7 @@
- * mode, which we do not want.
- */
- if (his_want_state_is_will(TELOPT_ECHO)) {
-- DIAG(TD_OPTIONS,
-- {sprintf(nfrontp, "td: simulating recv\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n"));
- willoption(TELOPT_ECHO);
- }
-
-@@ -1308,9 +1294,7 @@
- localstat();
- #endif /* LINEMODE */
-
-- DIAG(TD_REPORT,
-- {sprintf(nfrontp, "td: Entering processing loop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n"));
-
- #ifdef convex
- startslave(host);
-@@ -1435,8 +1419,7 @@
- netip = netibuf;
- }
- DIAG((TD_REPORT | TD_NETDATA),
-- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ output_data("td: netread %d chars\r\n", ncc));
- DIAG(TD_NETDATA, printdata("nd", netip, ncc));
- }
-
-@@ -1483,8 +1466,7 @@
- * royally if we send them urgent
- * mode data.
- */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- #endif
- }
-@@ -1495,13 +1477,11 @@
- ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
- if (newflow != flowmode) {
- flowmode = newflow;
-- (void) sprintf(nfrontp,
-- "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON
- : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- pcc--;
-@@ -1524,19 +1504,19 @@
- break;
- c = *ptyip++ & 0377, pcc--;
- if (c == IAC)
-- *nfrontp++ = c;
-+ output_data("%c", c);
- #if defined(CRAY2) && defined(UNICOS5)
- else if (c == '\n' &&
- my_state_is_wont(TELOPT_BINARY) && newmap)
-- *nfrontp++ = '\r';
-+ output_data("\r");
- #endif /* defined(CRAY2) && defined(UNICOS5) */
-- *nfrontp++ = c;
-+ output_data("%c", c);
- if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) {
- if (pcc > 0 && ((*ptyip & 0377) == '\n')) {
-- *nfrontp++ = *ptyip++ & 0377;
-+ output_data("%c", *ptyip++ & 0377);
- pcc--;
- } else
-- *nfrontp++ = '\0';
-+ output_data("%c", '\0');
- }
- }
- #if defined(CRAY2) && defined(UNICOS5)
-@@ -1707,10 +1687,7 @@
- return;
- }
- #endif
-- (void) strncpy(nfrontp, "\r\n[Yes]\r\n",
-- sizeof(netobuf) - 1 - (nfrontp - netobuf));
-- nfrontp += 9;
-- *nfrontp = '\0';
-+ output_data("\r\n[Yes]\r\n");
- }
-
- void
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c
deleted file mode 100644
index 422f1c8..0000000
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::termstat.c
+++ /dev/null
@@ -1,74 +0,0 @@
---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001
-@@ -283,10 +283,9 @@
- # endif /* KLUDGELINEMODE */
- send_do(TELOPT_LINEMODE, 1);
- /* send along edit modes */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- # ifdef KLUDGELINEMODE
- }
-@@ -312,10 +311,9 @@
- /*
- * Send along appropriate edit mode mask.
- */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -359,20 +357,18 @@
- if (his_state_is_will(TELOPT_LFLOW)) {
- if (tty_flowmode() != flowmode) {
- flowmode = tty_flowmode();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- if (tty_restartany() != restartany) {
- restartany = tty_restartany();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- restartany ? LFLOW_RESTART_ANY
- : LFLOW_RESTART_XON,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- }
-@@ -445,10 +441,9 @@
- useeditmode |= MODE_SOFT_TAB;
- if (tty_islitecho())
- useeditmode |= MODE_LIT_ECHO;
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode, IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -504,11 +499,10 @@
- set_termbuf();
-
- if (!ack) {
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode|MODE_ACK,
- IAC, SE);
-- nfrontp += 7;
- }
-
- editmode = useeditmode;
diff --git a/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c
index d49598c..8bb656d 100644
--- a/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c
+++ b/security/krb5-16/files/patch-appl::telnet::telnetd::utility.c
@@ -1,879 +1,38 @@
---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001
-+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001
-@@ -58,8 +58,7 @@
+--- appl/telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002
++++ appl/telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002
+@@ -408,18 +408,25 @@
+ int
+ netwrite(const char *buf, size_t len)
{
- void netflush();
-
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop\r\n"));
- if (nfrontp-nbackp) {
- netflush();
- }
-@@ -74,8 +73,7 @@
- syslog(LOG_INFO, "ttloop: peer died: %m");
- exit(1);
- }
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc));
- netip = netibuf;
- telrcv(); /* state machine */
- if (ncc > 0) {
-@@ -117,9 +115,8 @@
- int n;
-
- if ((n = pfrontp - pbackp) > 0) {
-- DIAG((TD_REPORT | TD_PTYDATA),
-- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n);
-- nfrontp += strlen(nfrontp); });
-+ DIAG(TD_REPORT | TD_PTYDATA,
-+ output_data("td: ptyflush %d chars\r\n", n));
- DIAG(TD_PTYDATA, printdata("pd", pbackp, n));
- n = write(pty, pbackp, n);
- }
-@@ -251,11 +248,9 @@
- extern int not42;
-
- if ((n = nfrontp - nbackp) > 0) {
-- DIAG(TD_REPORT,
-- { sprintf(nfrontp, "td: netflush %d chars\r\n", n);
-- n += strlen(nfrontp); /* get count first */
-- nfrontp += strlen(nfrontp); /* then move pointer */
-- });
-+ DIAG(TD_REPORT, {
-+ n += output_data("td: netflush %d chars\r\n", n);
-+ });
- #ifdef ENCRYPTION
- if (encrypt_output) {
- char *s = nclearto ? nclearto : nbackp;
-@@ -314,33 +309,6 @@
-
-
- /*
-- * writenet
-- *
-- * Just a handy little function to write a bit of raw data to the net.
-- * It will force a transmit of the buffer if necessary
-- *
-- * arguments
-- * ptr - A pointer to a character string to write
-- * len - How many bytes to write
-- */
-- void
--writenet(ptr, len)
-- register unsigned char *ptr;
-- register int len;
--{
-- /* flush buffer if no room for new data) */
-- if ((&netobuf[BUFSIZ] - nfrontp) < len) {
-- /* if this fails, don't worry, buffer is a little big */
+- size_t remain;
++ int remaining, copied;
++
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ while (len > 0) {
++ /* Free up enough space if the room is too low*/
++ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
++ netflush();
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ }
+
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
+- if (remain < len) {
- netflush();
-- }
--
-- memcpy(nfrontp, ptr, len);
-- nfrontp += len;
--
--} /* end of writenet */
--
--
--/*
- * miscellaneous functions doing a variety of little jobs follow ...
- */
-
-@@ -528,12 +496,11 @@
- register int option;
- {
- if (TELOPT_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option));
-+ output_data("%s %s\r\n", fmt, TELOPT(option));
- else if (TELCMD_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option));
-+ output_data("%s %s\r\n", fmt, TELCMD(option));
- else
-- sprintf(nfrontp, "%s %d\r\n", fmt, option);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s %d\r\n", fmt, option);
- return;
- }
-
-@@ -550,9 +517,8 @@
- return;
-
- if (direction) {
-- sprintf(nfrontp, "td: %s suboption ",
-+ output_data("td: %s suboption ",
- direction == '<' ? "recv" : "send");
-- nfrontp += strlen(nfrontp);
- if (length >= 3) {
- register int j;
-
-@@ -560,232 +526,192 @@
- j = pointer[length-1];
-
- if (i != IAC || j != SE) {
-- sprintf(nfrontp, "(terminated by ");
-- nfrontp += strlen(nfrontp);
-+ output_data("(terminated by ");
- if (TELOPT_OK(i))
-- sprintf(nfrontp, "%s ", TELOPT(i));
-+ output_data("%s ", TELOPT(i));
- else if (TELCMD_OK(i))
-- sprintf(nfrontp, "%s ", TELCMD(i));
-+ output_data("%s ", TELCMD(i));
- else
-- sprintf(nfrontp, "%d ", i);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", i);
- if (TELOPT_OK(j))
-- sprintf(nfrontp, "%s", TELOPT(j));
-+ output_data("%s", TELOPT(j));
- else if (TELCMD_OK(j))
-- sprintf(nfrontp, "%s", TELCMD(j));
-+ output_data("%s", TELCMD(j));
- else
-- sprintf(nfrontp, "%d", j);
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, ", not IAC SE!) ");
-- nfrontp += strlen(nfrontp);
-+ output_data("%d", j);
-+ output_data(", not IAC SE!) ");
- }
- }
- length -= 2;
- }
- if (length < 1) {
-- sprintf(nfrontp, "(Empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(Empty suboption??\?)");
- return;
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
++ /* Copy out as much as will fit */
++ copied = remaining > len ? len : remaining;
++ memmove(nfrontp, buf, copied);
++ nfrontp += copied;
++ len -= copied;
++ remaining -= copied;
++ buf += copied;
}
- switch (pointer[0]) {
- case TELOPT_TTYPE:
-- sprintf(nfrontp, "TERMINAL-TYPE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-TYPE ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp,
-+ output_data(
- "- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
- case TELOPT_TSPEED:
-- sprintf(nfrontp, "TERMINAL-SPEED");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-SPEED");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2);
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS %.*s", length-2, (char *)pointer+2);
- break;
- default:
- if (pointer[1] == 1)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
- break;
-
- case TELOPT_LFLOW:
-- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL");
-- nfrontp += strlen(nfrontp);
-+ output_data("TOGGLE-FLOW-CONTROL");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case LFLOW_OFF:
-- sprintf(nfrontp, " OFF"); break;
-+ output_data(" OFF"); break;
- case LFLOW_ON:
-- sprintf(nfrontp, " ON"); break;
-+ output_data(" ON"); break;
- case LFLOW_RESTART_ANY:
-- sprintf(nfrontp, " RESTART-ANY"); break;
-+ output_data(" RESTART-ANY"); break;
- case LFLOW_RESTART_XON:
-- sprintf(nfrontp, " RESTART-XON"); break;
-+ output_data(" RESTART-XON"); break;
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-+ output_data(" %d (unknown)", pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_NAWS:
-- sprintf(nfrontp, "NAWS");
-- nfrontp += strlen(nfrontp);
-+ output_data("NAWS");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- if (length == 2) {
-- sprintf(nfrontp, " ?%d?", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[1]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[1], pointer[2],
- (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
-- nfrontp += strlen(nfrontp);
- if (length == 4) {
-- sprintf(nfrontp, " ?%d?", pointer[3]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[3]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[3], pointer[4],
- (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
-- nfrontp += strlen(nfrontp);
- for (i = 5; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_LINEMODE:
-- sprintf(nfrontp, "LINEMODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("LINEMODE ");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case WILL:
-- sprintf(nfrontp, "WILL ");
-+ output_data("WILL ");
- goto common;
- case WONT:
-- sprintf(nfrontp, "WONT ");
-+ output_data("WONT ");
- goto common;
- case DO:
-- sprintf(nfrontp, "DO ");
-+ output_data("DO ");
- goto common;
- case DONT:
-- sprintf(nfrontp, "DONT ");
-+ output_data("DONT ");
- common:
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, "(no option??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no option??\?)");
- break;
- }
- switch (pointer[2]) {
- case LM_FORWARDMASK:
-- sprintf(nfrontp, "Forward Mask");
-- nfrontp += strlen(nfrontp);
-+ output_data("Forward Mask");
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %x", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %x", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[2]);
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
- break;
-
- case LM_SLC:
-- sprintf(nfrontp, "SLC");
-- nfrontp += strlen(nfrontp);
-+ output_data("SLC");
- for (i = 2; i < length - 2; i += 3) {
- if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
-- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
-+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC]));
- else
-- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i+SLC_FUNC]);
- switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
- case SLC_NOSUPPORT:
-- sprintf(nfrontp, " NOSUPPORT"); break;
-+ output_data(" NOSUPPORT"); break;
- case SLC_CANTCHANGE:
-- sprintf(nfrontp, " CANTCHANGE"); break;
-+ output_data(" CANTCHANGE"); break;
- case SLC_VARIABLE:
-- sprintf(nfrontp, " VARIABLE"); break;
-+ output_data(" VARIABLE"); break;
- case SLC_DEFAULT:
-- sprintf(nfrontp, " DEFAULT"); break;
-+ output_data(" DEFAULT"); break;
- }
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, "%s%s%s",
-+ output_data("%s%s%s",
- pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
-- nfrontp += strlen(nfrontp);
- if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
- SLC_FLUSHOUT| SLC_LEVELBITS)) {
-- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]);
-- nfrontp += strlen(nfrontp);
-+ output_data("(0x%x)", pointer[i+SLC_FLAGS]);
- }
-- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d;", pointer[i+SLC_VALUE]);
- if ((pointer[i+SLC_VALUE] == IAC) &&
- (pointer[i+SLC_VALUE+1] == IAC))
- i++;
- }
- for (; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case LM_MODE:
-- sprintf(nfrontp, "MODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("MODE ");
- if (length < 3) {
-- sprintf(nfrontp, "(no mode??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no mode??\?)");
- break;
- }
- {
-@@ -796,24 +722,19 @@
- pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
- pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
- pointer[2]&MODE_ACK ? "|ACK" : "");
-- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0");
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", tbuf[1] ? &tbuf[1] : "0");
- }
- if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) {
-- sprintf(nfrontp, " (0x%x)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" (0x%x)", pointer[2]);
- }
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " ?0x%x?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?0x%x?", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- }
- break;
-@@ -822,24 +743,20 @@
- register char *cp;
- register int j, k;
-
-- sprintf(nfrontp, "STATUS");
-- nfrontp += strlen(nfrontp);
-+ output_data("STATUS");
-
- switch (pointer[1]) {
- default:
- if (pointer[1] == TELQUAL_SEND)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS\r\n");
-
- for (i = 2; i < length; i++) {
- switch(pointer[i]) {
-@@ -850,18 +767,15 @@
- common2:
- i++;
- if (TELOPT_OK(pointer[i]))
-- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i]));
-+ output_data(" %s %s", cp, TELOPT(pointer[i]));
- else
-- sprintf(nfrontp, " %s %d", cp, pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s %d", cp, pointer[i]);
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
- break;
-
- case SB:
-- sprintf(nfrontp, " SB ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SB ");
- i++;
- j = k = i;
- while (j < length) {
-@@ -877,20 +791,17 @@
- }
- printsub(0, &pointer[i], k - i);
- if (i < length) {
-- sprintf(nfrontp, " SE");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SE");
- i = j;
- } else
- i = j - 1;
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
-
- break;
-
- default:
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- break;
- }
- }
-@@ -900,86 +811,77 @@
- }
-
- case TELOPT_XDISPLOC:
-- sprintf(nfrontp, "X-DISPLAY-LOCATION ");
-- nfrontp += strlen(nfrontp);
-+ output_data("X-DISPLAY-LOCATION ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp, "- unknown qualifier %d (0x%x).",
-+ output_data("- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
-
- case TELOPT_NEW_ENVIRON:
-- sprintf(nfrontp, "NEW-ENVIRON ");
-+ output_data("NEW-ENVIRON ");
- goto env_common1;
- case TELOPT_OLD_ENVIRON:
-- sprintf(nfrontp, "OLD-ENVIRON");
-+ output_data("OLD-ENVIRON");
- env_common1:
-- nfrontp += strlen(nfrontp);
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS ");
-+ output_data("IS ");
- goto env_common;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND ");
-+ output_data("SEND ");
- goto env_common;
- case TELQUAL_INFO:
-- sprintf(nfrontp, "INFO ");
-+ output_data("INFO ");
- env_common:
-- nfrontp += strlen(nfrontp);
- {
- register int noquote = 2;
- for (i = 2; i < length; i++ ) {
- switch (pointer[i]) {
- case NEW_ENV_VAR:
-- sprintf(nfrontp, "\" VAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VAR " + noquote);
- noquote = 2;
- break;
-
- case NEW_ENV_VALUE:
-- sprintf(nfrontp, "\" VALUE " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VALUE " + noquote);
- noquote = 2;
- break;
-
- case ENV_ESC:
-- sprintf(nfrontp, "\" ESC " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" ESC " + noquote);
- noquote = 2;
- break;
-
- case ENV_USERVAR:
-- sprintf(nfrontp, "\" USERVAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" USERVAR " + noquote);
- noquote = 2;
- break;
-
- default:
- if (isprint(pointer[i]) && pointer[i] != '"') {
- if (noquote) {
-- *nfrontp++ = '"';
-+ output_data("\"");
- noquote = 0;
- }
-- *nfrontp++ = pointer[i];
-+ output_data("%c", pointer[i]);
- } else {
-- sprintf(nfrontp, "\" %03o " + noquote,
-+ output_data("\" %03o " + noquote,
- pointer[i]);
-- nfrontp += strlen(nfrontp);
- noquote = 2;
- }
- break;
- }
- }
- if (!noquote)
-- *nfrontp++ = '"';
-+ output_data("\"");
- break;
- }
- }
-@@ -987,90 +889,69 @@
-
- #if defined(AUTHENTICATION)
- case TELOPT_AUTHENTICATION:
-- sprintf(nfrontp, "AUTHENTICATION");
-- nfrontp += strlen(nfrontp);
-+ output_data("AUTHENTICATION");
-
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_REPLY:
- case TELQUAL_IS:
-- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ?
-+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (AUTHTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, "%d ", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[2]);
- if (length < 3) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s",
-+ output_data("%s|%s",
- ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
-
- auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case TELQUAL_SEND:
- i = 2;
-- sprintf(nfrontp, " SEND ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SEND ");
- while (i < length) {
- if (AUTHTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- if (++i >= length) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s ",
-+ output_data( "%s|%s%s ",
- ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
- ++i;
- }
- break;
-
- case TELQUAL_NAME:
-- i = 2;
-- sprintf(nfrontp, " NAME \"");
-- nfrontp += strlen(nfrontp);
-- while (i < length) {
-- if (isprint(pointer[i]))
-- *nfrontp++ = pointer[i++];
-- else {
-- sprintf(nfrontp, "\"%03o",pointer[i++]);
-- nfrontp += strlen(nfrontp);
-- }
-- }
-- *nfrontp++ = '"';
-+ output_data(" NAME \"%.*s\"",
-+ length - 2,
-+ pointer + 2);
- break;
-
- default:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
-@@ -1079,86 +960,70 @@
-
- #ifdef ENCRYPTION
- case TELOPT_ENCRYPT:
-- sprintf(nfrontp, "ENCRYPT");
-- nfrontp += strlen(nfrontp);
-+ output_data("ENCRYPT");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case ENCRYPT_START:
-- sprintf(nfrontp, " START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" START");
- break;
-
- case ENCRYPT_END:
-- sprintf(nfrontp, " END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" END");
- break;
-
- case ENCRYPT_REQSTART:
-- sprintf(nfrontp, " REQUEST-START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-START");
- break;
-
- case ENCRYPT_REQEND:
-- sprintf(nfrontp, " REQUEST-END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-END");
- break;
-
- case ENCRYPT_IS:
- case ENCRYPT_REPLY:
-- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ?
-+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, " (partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (partial suboption??\?)");
- break;
- }
- if (ENCTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[2]);
-
- encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case ENCRYPT_SUPPORT:
- i = 2;
-- sprintf(nfrontp, " SUPPORT ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SUPPORT ");
- while (i < length) {
- if (ENCTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- i++;
- }
- break;
-
- case ENCRYPT_ENC_KEYID:
-- sprintf(nfrontp, " ENC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ENC_KEYID");
- goto encommon;
-
- case ENCRYPT_DEC_KEYID:
-- sprintf(nfrontp, " DEC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" DEC_KEYID");
- goto encommon;
-
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- encommon:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
-@@ -1167,18 +1032,15 @@
-
- default:
- if (TELOPT_OK(pointer[0]))
-- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0]));
-+ output_data( "%s (unknown)", TELOPT(pointer[0]));
- else
-- sprintf(nfrontp, "%d (unknown)", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( "%d (unknown)", pointer[i]);
- for (i = 1; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( " %d", pointer[i]);
- }
- break;
- }
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data( "\r\n");
+- if (remain < len)
+- return 0;
+- memcpy(nfrontp, buf, len);
+- nfrontp += len;
+- return len;
++ return copied;
}
/*
-@@ -1200,26 +1062,22 @@
- }
-
- /* add a line of output */
-- sprintf(nfrontp, "%s: ", tag);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s: ", tag);
- for (i = 0; i < 20 && cnt; i++) {
-- sprintf(nfrontp, "%02x", *ptr);
-- nfrontp += strlen(nfrontp);
-+ output_data("%02x", *ptr);
- if (isprint(*ptr)) {
- xbuf[i] = *ptr;
- } else {
- xbuf[i] = '.';
- }
- if (i % 2) {
-- *nfrontp = ' ';
-- nfrontp++;
-+ output_data(" ");
- }
- cnt--;
- ptr++;
- }
- xbuf[i] = '\0';
-- sprintf(nfrontp, " %s\r\n", xbuf );
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s\r\n", xbuf );
- }
- }
- #endif /* DIAGNOSTICS */
diff --git a/security/krb5-16/files/patch-ay b/security/krb5-16/files/patch-ay
index 4ed0c9e..54c041e 100644
--- a/security/krb5-16/files/patch-ay
+++ b/security/krb5-16/files/patch-ay
@@ -1,6 +1,6 @@
---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998
-+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999
-@@ -21,13 +21,26 @@
+--- util/pty/getpty.c.orig Wed Jan 9 14:28:37 2002
++++ util/pty/getpty.c Thu Jan 10 21:30:40 2002
+@@ -24,13 +24,26 @@
#include "libpty.h"
#include "pty-int.h"
@@ -17,19 +17,19 @@
+#define PTYCHARS2 "0123456789abcdef"
+#endif
+
- long pty_getpty (fd, slave, slavelength)
- int slavelength;
- int *fd; char *slave;
+ long
+ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt)
{
-- char *cp;
++ int ptynum;
+ char *cp1, *cp2;
+ #if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY)
+- char *cp;
char *p;
- int i,ptynum;
-+ int ptynum;
struct stat stb;
char slavebuf[1024];
- #ifdef HAVE__GETPTY
-@@ -109,14 +122,14 @@
+ #endif
+@@ -115,14 +128,14 @@
strncpy(slave, slavebuf, slavelength);
return 0;
} else {
diff --git a/security/krb5-16/files/patch-bd b/security/krb5-16/files/patch-bd
deleted file mode 100644
index b2bf412..0000000
--- a/security/krb5-16/files/patch-bd
+++ /dev/null
@@ -1,19 +0,0 @@
---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001
-@@ -805,11 +805,13 @@
- * This is a valid reply in some cases but not in others.
- */
- if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) {
-- *(char **)&($$) = *ftpglob((char *) $1);
-- if (globerr != NULL) {
-+ char **vv;
-+ vv = ftpglob((char *) $1);
-+ if (vv == NULL || globerr != NULL) {
- reply(550, globerr);
- $$ = NULL;
-- }
-+ } else
-+ $$ = *vv;
- free((char *) $1);
- } else
- $$ = $1;
diff --git a/security/krb5-16/pkg-plist b/security/krb5-16/pkg-plist
index 5170610..01977cd 100644
--- a/security/krb5-16/pkg-plist
+++ b/security/krb5-16/pkg-plist
@@ -63,10 +63,10 @@ lib/libk5crypto.so
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
-lib/libkadm5clnt.so.4
+lib/libkadm5clnt.so.5
lib/libkadm5srv.a
lib/libkadm5srv.so
-lib/libkadm5srv.so.4
+lib/libkadm5srv.so.5
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
diff --git a/security/krb5-17/Makefile b/security/krb5-17/Makefile
index 3a0bf18..e9c8235 100644
--- a/security/krb5-17/Makefile
+++ b/security/krb5-17/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= krb5
-PORTVERSION= 1.2.2
-PORTREVISION= 5
+PORTVERSION= 1.2.3
CATEGORIES= security
MASTER_SITES= # manual download
diff --git a/security/krb5-17/distinfo b/security/krb5-17/distinfo
index e8159e5..3af0278 100644
--- a/security/krb5-17/distinfo
+++ b/security/krb5-17/distinfo
@@ -1 +1 @@
-MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c
+MD5 (krb5-1.2.3.tar.gz) = 1e93aed5e6ae13eb4b5b5278b1a6ab46
diff --git a/security/krb5-17/files/patch-ai b/security/krb5-17/files/patch-ai
index 634db6c..f5b7331 100644
--- a/security/krb5-17/files/patch-ai
+++ b/security/krb5-17/files/patch-ai
@@ -1,6 +1,6 @@
---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001
-@@ -485,7 +485,13 @@
+--- appl/gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002
++++ appl/gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002
+@@ -487,7 +487,13 @@
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
@@ -15,273 +15,14 @@
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
-@@ -761,7 +767,16 @@
- int result;
- #ifdef GSSAPI
- if (auth_type && strcmp(auth_type, "GSSAPI") == 0) {
-+ int len;
- authorized = ftpd_gss_userok(&client_name, name) == 0;
-+ len = sizeof("GSSAPI user is not authorized as "
-+ "; Password required.")
-+ + strlen(client_name.value)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "GSSAPI user %s is%s authorized as %s",
- client_name.value, authorized ? "" : " not",
- name);
-@@ -772,7 +787,18 @@
- #endif /* GSSAPI */
- #ifdef KRB5_KRB4_COMPAT
- if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) {
-+ int len;
- authorized = kuserok(&kdata,name) == 0;
-+ len = sizeof("Kerberos user .@ is not authorized as "
-+ "; Password required.")
-+ + strlen(kdata.pname)
-+ + strlen(kdata.pinst)
-+ + strlen(kdata.prealm)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s",
- kdata.pname, *kdata.pinst ? "." : "",
- kdata.pinst, kdata.prealm,
-@@ -1179,6 +1205,11 @@
- } else {
- char line[FTP_BUFSIZ];
-
-+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) {
-+ syslog(LOG_ERR, "retrieve: filename too long");
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, cmd, name), name = line;
- fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose;
- st.st_size = -1;
-@@ -1417,6 +1448,10 @@
- return (file);
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- secure_error(char *fmt, ...)
- #else
-@@ -1616,13 +1651,19 @@
- {
- char line[FTP_BUFSIZ];
- FILE *fin;
-- int c;
-+ int c, n;
- char str[FTP_BUFSIZ], *p;
-
-+ if (strlen(filename) + sizeof("/bin/ls -lgA ")
-+ >= sizeof(line)) {
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, "/bin/ls -lgA %s", filename);
- fin = ftpd_popen(line, "r");
- lreply(211, "status of %s:", filename);
- p = str;
-+ n = 0;
- while ((c = getc(fin)) != EOF) {
- if (c == '\n') {
- if (ferror(stdout)){
-@@ -1639,7 +1680,16 @@
- *p = '\0';
- reply(0, "%s", str);
- p = str;
-- } else *p++ = c;
-+ n = 0;
-+ } else {
-+ *p++ = c;
-+ n++;
-+ if (n >= sizeof(str)) {
-+ reply(551, "output line too long");
-+ (void) ftpd_pclose(fin);
-+ return;
-+ }
-+ }
- }
- if (p != str) {
- *p = '\0';
-@@ -1723,6 +1773,10 @@
-
- char cont_char = ' ';
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ bytes for now.
-+ */
- #ifdef STDARG
- reply(int n, char *fmt, ...)
- #else
-@@ -1744,22 +1798,32 @@
- #endif
-
- if (auth_type) {
-- char in[FTP_BUFSIZ], out[FTP_BUFSIZ];
-+ /*
-+ * Deal with expansion in mk_{safe,priv},
-+ * radix_encode, gss_seal, plus slop.
-+ */
-+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
- int length, kerror;
- if (n) sprintf(in, "%d%c", n, cont_char);
- else in[0] = '\0';
- strncat(in, buf, sizeof (in) - strlen(in) - 1);
- #ifdef KRB5_KRB4_COMPAT
- if (strcmp(auth_type, "KERBEROS_V4") == 0) {
-- if ((length = clevel == PROT_P ?
-- krb_mk_priv((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), schedule, &kdata.session,
-- &ctrl_addr, &his_addr)
-- : krb_mk_safe((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), &kdata.session,
-- &ctrl_addr, &his_addr)) == -1) {
-+ if (clevel == PROT_P)
-+ length = krb_mk_priv((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ schedule, &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ else
-+ length = krb_mk_safe((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ if (length == -1) {
- syslog(LOG_ERR,
- "krb_mk_%s failed for KERBEROS_V4",
- clevel == PROT_P ? "priv" : "safe");
-@@ -1803,13 +1867,16 @@
- }
- #endif /* GSSAPI */
- /* Other auth types go here ... */
-- if (kerror = radix_encode(out, in, &length, 0)) {
-+ if (length >= sizeof(in) / 4 * 3) {
-+ syslog(LOG_ERR, "input to radix_encode too long");
-+ fputs(in, stdout);
-+ } else if (kerror = radix_encode(out, in, &length, 0)) {
- syslog(LOG_ERR, "Couldn't encode reply (%s)",
- radix_error(kerror));
- fputs(in,stdout);
- } else
-- printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-- n ? cont_char : '-', in);
-+ printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-+ n ? cont_char : '-', in);
- } else {
- if (n) printf("%d%c", n, cont_char);
- fputs(buf, stdout);
-@@ -1822,6 +1889,10 @@
- }
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- lreply(int n, char *fmt, ...)
- #else
-@@ -1866,7 +1937,8 @@
-
- if (cp = strchr(cbuf,'\n'))
- *cp = '\0';
-- reply(500, "'%s': command not understood.", cbuf);
-+ reply(500, "'%.*s': command not understood.",
-+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf);
- }
-
- delete_file(name)
-@@ -2143,7 +2215,21 @@
- int code;
- char *string;
- {
-- reply(code, "%s: %s.", string, strerror(errno));
-+ char *err_string;
-+ size_t extra_len;
-+ err_string = strerror(errno);
-+ if (err_string == NULL)
-+ err_string = "(unknown error)";
-+ extra_len = strlen(err_string) + sizeof("(truncated): .");
-+ /*
-+ * XXX knows about FTP_BUFSIZ in reply()
-+ */
-+ if (strlen(string) + extra_len > FTP_BUFSIZ) {
-+ reply(code, "(truncated)%.*s: %s.",
-+ FTP_BUFSIZ - extra_len, string, err_string);
-+ } else {
-+ reply(code, "%s: %s.", string, err_string);
-+ }
- }
-
- auth(type)
-@@ -2226,6 +2312,10 @@
+@@ -2312,6 +2318,10 @@
+ if ((length = krb_mk_safe((u_char *)&cksum, out_buf, sizeof(cksum),
+ &kdata.session,&ctrl_addr, &his_addr)) == -1) {
secure_error("ADAT: krb_mk_safe failed");
- return(0);
- }
-+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
-+ secure_error("ADAT: reply too long");
+ return(0);
+ }
- if (kerror = radix_encode(out_buf, buf, &length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2360,6 +2450,16 @@
++ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
++ secure_error("ADAT: reply too long");
+ return(0);
}
-
- if (out_tok.length) {
-+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT="))
-+ / 4 * 3)) {
-+ secure_error("ADAT: reply too long");
-+ syslog(LOG_ERR, "ADAT: reply too long");
-+ (void) gss_release_cred(&stat_min, &server_creds);
-+ if (ret_flags & GSS_C_DELEG_FLAG)
-+ (void) gss_release_cred(&stat_min,
-+ &deleg_creds);
-+ return(0);
-+ }
- if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2458,6 +2558,9 @@
- * n>=0 on success
- * -1 on error
- * -2 on security error
-+ *
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
- */
- #ifdef STDARG
- secure_fprintf(FILE *stream, char *fmt, ...)
-@@ -2575,6 +2678,15 @@
- dir->d_name[2] == '\0')
- continue;
-
-+ if (strlen(dirname) + strlen(dir->d_name)
-+ + 1 /* slash */
-+ + 2 /* CRLF */
-+ + 1 > sizeof(nbuf)) {
-+ syslog(LOG_ERR,
-+ "send_file_list: pathname too long");
-+ ret = -2; /* XXX */
-+ goto data_err;
-+ }
- sprintf(nbuf, "%s/%s", dirname, dir->d_name);
-
- /*
+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c
deleted file mode 100644
index 9a19ab9..0000000
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::authenc.c
+++ /dev/null
@@ -1,12 +0,0 @@
---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001
-@@ -43,8 +43,7 @@
- int len;
- {
- if (nfrontp + len < netobuf + BUFSIZ) {
-- memcpy((void *)nfrontp, (void *)str, len);
-- nfrontp += len;
-+ output_datalen(str, len);
- return(len);
- }
- return(0);
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-17/files/patch-appl::telnet::telnetd::ext.h
deleted file mode 100644
index 38fd6ac..0000000
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::ext.h
+++ /dev/null
@@ -1,24 +0,0 @@
---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001
-@@ -75,7 +75,7 @@
-
- extern char netibuf[BUFSIZ], *netip;
-
--extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
-+extern char netobuf[BUFSIZ], *nfrontp, *nbackp;
- extern char *neturg; /* one past last bye of urgent data */
-
- extern int pcc, ncc;
-@@ -187,8 +187,10 @@
- tty_setsofttab P((int)),
- tty_tspeed P((int)),
- willoption P((int)),
-- wontoption P((int)),
-- writenet P((unsigned char *, int));
-+ wontoption P((int));
-+
-+extern int output_data __P((const char *, ...)) __printflike(1, 2);
-+extern int output_datalen __P((const char *, size_t));
-
- #ifdef ENCRYPTION
- extern char *nclearto;
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::slc.c b/security/krb5-17/files/patch-appl::telnet::telnetd::slc.c
deleted file mode 100644
index f4e7d41..0000000
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::slc.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001
-@@ -198,7 +198,7 @@
- (void) sprintf((char *)slcptr, "%c%c", IAC, SE);
- slcptr += 2;
- len = slcptr - slcbuf;
-- writenet(slcbuf, len);
-+ output_datalen(slcbuf, len);
- netflush(); /* force it out immediately */
- DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2););
- }
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::state.c b/security/krb5-17/files/patch-appl::telnet::telnetd::state.c
deleted file mode 100644
index baf2073..0000000
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::state.c
+++ /dev/null
@@ -1,134 +0,0 @@
---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001
-@@ -33,6 +33,7 @@
-
- /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */
-
-+#include <stdarg.h>
- #include "telnetd.h"
- #if defined(AUTHENTICATION)
- #include <libtelnet/auth.h>
-@@ -86,7 +87,7 @@
- if (!auth_negotiated) {
- static char *error =
- "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n";
-- writenet(error, strlen(error));
-+ output_datalen(error, strlen(error));
- netflush();
- exit(1);
- }
-@@ -209,8 +210,7 @@
- }
-
- netclear(); /* clear buffer back */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- DIAG(TD_OPTIONS,
- printoption("td: send IAC", DM));
-@@ -463,8 +463,7 @@
- set_his_want_state_will(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)doopt, option);
-- nfrontp += sizeof (dont) - 2;
-+ output_data((const char *)doopt, option);
-
- DIAG(TD_OPTIONS, printoption("td: send do", option));
- }
-@@ -683,8 +682,7 @@
- set_his_want_state_wont(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)dont, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)dont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send dont", option));
- }
-@@ -833,8 +831,7 @@
- set_my_want_state_will(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)will, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)will, option);
-
- DIAG(TD_OPTIONS, printoption("td: send will", option));
- }
-@@ -993,8 +990,7 @@
- set_my_want_state_wont(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)wont, option);
-- nfrontp += sizeof (wont) - 2;
-+ output_data((const char *)wont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send wont", option));
- }
-@@ -1393,9 +1389,8 @@
- env_ovar_wrong:
- env_ovar = OLD_ENV_VALUE;
- env_ovalue = OLD_ENV_VAR;
-- DIAG(TD_OPTIONS, {sprintf(nfrontp,
-- "ENVIRON VALUE and VAR are reversed!\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS,
-+ output_data("ENVIRON VALUE and VAR are reversed!\r\n"));
-
- }
- }
-@@ -1633,11 +1628,51 @@
- ADD(IAC);
- ADD(SE);
-
-- writenet(statusbuf, ncp - statusbuf);
-+ output_datalen(statusbuf, ncp - statusbuf);
- netflush(); /* Send it on its way */
-
- DIAG(TD_OPTIONS,
- {printsub('>', statusbuf, ncp - statusbuf); netflush();});
-+}
-+
-+/*
-+ * This function appends data to nfrontp and advances nfrontp.
-+ */
-+
-+int
-+output_data(const char *format, ...)
-+{
-+ va_list args;
-+ size_t remaining, ret;
-+
-+ va_start(args, format);
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ /* try a netflush() if the room is too low */
-+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ ret = vsnprintf(nfrontp, remaining, format, args);
-+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1);
-+ va_end(args);
-+ return ret;
-+}
-+
-+int
-+output_datalen(const char *buf, size_t len)
-+{
-+ size_t remaining;
-+
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ if (remaining < len) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ if (remaining < len)
-+ return -1;
-+ memmove(nfrontp, buf, len);
-+ nfrontp += len;
-+ return (len);
- }
-
- static int envvarok(varp)
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c
deleted file mode 100644
index 9eef170..0000000
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::telnetd.c
+++ /dev/null
@@ -1,169 +0,0 @@
---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001
-@@ -693,7 +693,7 @@
- char *error_message =
- "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
-
-- writenet(error_message, strlen(error_message));
-+ output_datalen(error_message, strlen(error_message));
- netflush();
- exit(1);
- }
-@@ -782,9 +782,7 @@
- { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_XDISPLOC)) {
-@@ -792,9 +790,7 @@
- { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
-@@ -802,9 +798,7 @@
- { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- else if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
-@@ -812,17 +806,13 @@
- { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_TTYPE)) {
-
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- }
- if (his_state_is_will(TELOPT_TSPEED)) {
-@@ -902,9 +892,7 @@
- return;
- settimer(baseline);
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- while (sequenceIs(ttypesubopt, baseline))
- ttloop();
-@@ -1177,9 +1165,7 @@
- * mode, which we do not want.
- */
- if (his_want_state_is_will(TELOPT_ECHO)) {
-- DIAG(TD_OPTIONS,
-- {sprintf(nfrontp, "td: simulating recv\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n"));
- willoption(TELOPT_ECHO);
- }
-
-@@ -1308,9 +1294,7 @@
- localstat();
- #endif /* LINEMODE */
-
-- DIAG(TD_REPORT,
-- {sprintf(nfrontp, "td: Entering processing loop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n"));
-
- #ifdef convex
- startslave(host);
-@@ -1435,8 +1419,7 @@
- netip = netibuf;
- }
- DIAG((TD_REPORT | TD_NETDATA),
-- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ output_data("td: netread %d chars\r\n", ncc));
- DIAG(TD_NETDATA, printdata("nd", netip, ncc));
- }
-
-@@ -1483,8 +1466,7 @@
- * royally if we send them urgent
- * mode data.
- */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- #endif
- }
-@@ -1495,13 +1477,11 @@
- ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
- if (newflow != flowmode) {
- flowmode = newflow;
-- (void) sprintf(nfrontp,
-- "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON
- : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- pcc--;
-@@ -1524,19 +1504,19 @@
- break;
- c = *ptyip++ & 0377, pcc--;
- if (c == IAC)
-- *nfrontp++ = c;
-+ output_data("%c", c);
- #if defined(CRAY2) && defined(UNICOS5)
- else if (c == '\n' &&
- my_state_is_wont(TELOPT_BINARY) && newmap)
-- *nfrontp++ = '\r';
-+ output_data("\r");
- #endif /* defined(CRAY2) && defined(UNICOS5) */
-- *nfrontp++ = c;
-+ output_data("%c", c);
- if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) {
- if (pcc > 0 && ((*ptyip & 0377) == '\n')) {
-- *nfrontp++ = *ptyip++ & 0377;
-+ output_data("%c", *ptyip++ & 0377);
- pcc--;
- } else
-- *nfrontp++ = '\0';
-+ output_data("%c", '\0');
- }
- }
- #if defined(CRAY2) && defined(UNICOS5)
-@@ -1707,10 +1687,7 @@
- return;
- }
- #endif
-- (void) strncpy(nfrontp, "\r\n[Yes]\r\n",
-- sizeof(netobuf) - 1 - (nfrontp - netobuf));
-- nfrontp += 9;
-- *nfrontp = '\0';
-+ output_data("\r\n[Yes]\r\n");
- }
-
- void
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c
deleted file mode 100644
index 422f1c8..0000000
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::termstat.c
+++ /dev/null
@@ -1,74 +0,0 @@
---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001
-@@ -283,10 +283,9 @@
- # endif /* KLUDGELINEMODE */
- send_do(TELOPT_LINEMODE, 1);
- /* send along edit modes */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- # ifdef KLUDGELINEMODE
- }
-@@ -312,10 +311,9 @@
- /*
- * Send along appropriate edit mode mask.
- */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -359,20 +357,18 @@
- if (his_state_is_will(TELOPT_LFLOW)) {
- if (tty_flowmode() != flowmode) {
- flowmode = tty_flowmode();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- if (tty_restartany() != restartany) {
- restartany = tty_restartany();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- restartany ? LFLOW_RESTART_ANY
- : LFLOW_RESTART_XON,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- }
-@@ -445,10 +441,9 @@
- useeditmode |= MODE_SOFT_TAB;
- if (tty_islitecho())
- useeditmode |= MODE_LIT_ECHO;
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode, IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -504,11 +499,10 @@
- set_termbuf();
-
- if (!ack) {
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode|MODE_ACK,
- IAC, SE);
-- nfrontp += 7;
- }
-
- editmode = useeditmode;
diff --git a/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c
index d49598c..8bb656d 100644
--- a/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c
+++ b/security/krb5-17/files/patch-appl::telnet::telnetd::utility.c
@@ -1,879 +1,38 @@
---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001
-+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001
-@@ -58,8 +58,7 @@
+--- appl/telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002
++++ appl/telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002
+@@ -408,18 +408,25 @@
+ int
+ netwrite(const char *buf, size_t len)
{
- void netflush();
-
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop\r\n"));
- if (nfrontp-nbackp) {
- netflush();
- }
-@@ -74,8 +73,7 @@
- syslog(LOG_INFO, "ttloop: peer died: %m");
- exit(1);
- }
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc));
- netip = netibuf;
- telrcv(); /* state machine */
- if (ncc > 0) {
-@@ -117,9 +115,8 @@
- int n;
-
- if ((n = pfrontp - pbackp) > 0) {
-- DIAG((TD_REPORT | TD_PTYDATA),
-- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n);
-- nfrontp += strlen(nfrontp); });
-+ DIAG(TD_REPORT | TD_PTYDATA,
-+ output_data("td: ptyflush %d chars\r\n", n));
- DIAG(TD_PTYDATA, printdata("pd", pbackp, n));
- n = write(pty, pbackp, n);
- }
-@@ -251,11 +248,9 @@
- extern int not42;
-
- if ((n = nfrontp - nbackp) > 0) {
-- DIAG(TD_REPORT,
-- { sprintf(nfrontp, "td: netflush %d chars\r\n", n);
-- n += strlen(nfrontp); /* get count first */
-- nfrontp += strlen(nfrontp); /* then move pointer */
-- });
-+ DIAG(TD_REPORT, {
-+ n += output_data("td: netflush %d chars\r\n", n);
-+ });
- #ifdef ENCRYPTION
- if (encrypt_output) {
- char *s = nclearto ? nclearto : nbackp;
-@@ -314,33 +309,6 @@
-
-
- /*
-- * writenet
-- *
-- * Just a handy little function to write a bit of raw data to the net.
-- * It will force a transmit of the buffer if necessary
-- *
-- * arguments
-- * ptr - A pointer to a character string to write
-- * len - How many bytes to write
-- */
-- void
--writenet(ptr, len)
-- register unsigned char *ptr;
-- register int len;
--{
-- /* flush buffer if no room for new data) */
-- if ((&netobuf[BUFSIZ] - nfrontp) < len) {
-- /* if this fails, don't worry, buffer is a little big */
+- size_t remain;
++ int remaining, copied;
++
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ while (len > 0) {
++ /* Free up enough space if the room is too low*/
++ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
++ netflush();
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ }
+
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
+- if (remain < len) {
- netflush();
-- }
--
-- memcpy(nfrontp, ptr, len);
-- nfrontp += len;
--
--} /* end of writenet */
--
--
--/*
- * miscellaneous functions doing a variety of little jobs follow ...
- */
-
-@@ -528,12 +496,11 @@
- register int option;
- {
- if (TELOPT_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option));
-+ output_data("%s %s\r\n", fmt, TELOPT(option));
- else if (TELCMD_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option));
-+ output_data("%s %s\r\n", fmt, TELCMD(option));
- else
-- sprintf(nfrontp, "%s %d\r\n", fmt, option);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s %d\r\n", fmt, option);
- return;
- }
-
-@@ -550,9 +517,8 @@
- return;
-
- if (direction) {
-- sprintf(nfrontp, "td: %s suboption ",
-+ output_data("td: %s suboption ",
- direction == '<' ? "recv" : "send");
-- nfrontp += strlen(nfrontp);
- if (length >= 3) {
- register int j;
-
-@@ -560,232 +526,192 @@
- j = pointer[length-1];
-
- if (i != IAC || j != SE) {
-- sprintf(nfrontp, "(terminated by ");
-- nfrontp += strlen(nfrontp);
-+ output_data("(terminated by ");
- if (TELOPT_OK(i))
-- sprintf(nfrontp, "%s ", TELOPT(i));
-+ output_data("%s ", TELOPT(i));
- else if (TELCMD_OK(i))
-- sprintf(nfrontp, "%s ", TELCMD(i));
-+ output_data("%s ", TELCMD(i));
- else
-- sprintf(nfrontp, "%d ", i);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", i);
- if (TELOPT_OK(j))
-- sprintf(nfrontp, "%s", TELOPT(j));
-+ output_data("%s", TELOPT(j));
- else if (TELCMD_OK(j))
-- sprintf(nfrontp, "%s", TELCMD(j));
-+ output_data("%s", TELCMD(j));
- else
-- sprintf(nfrontp, "%d", j);
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, ", not IAC SE!) ");
-- nfrontp += strlen(nfrontp);
-+ output_data("%d", j);
-+ output_data(", not IAC SE!) ");
- }
- }
- length -= 2;
- }
- if (length < 1) {
-- sprintf(nfrontp, "(Empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(Empty suboption??\?)");
- return;
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
++ /* Copy out as much as will fit */
++ copied = remaining > len ? len : remaining;
++ memmove(nfrontp, buf, copied);
++ nfrontp += copied;
++ len -= copied;
++ remaining -= copied;
++ buf += copied;
}
- switch (pointer[0]) {
- case TELOPT_TTYPE:
-- sprintf(nfrontp, "TERMINAL-TYPE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-TYPE ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp,
-+ output_data(
- "- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
- case TELOPT_TSPEED:
-- sprintf(nfrontp, "TERMINAL-SPEED");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-SPEED");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2);
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS %.*s", length-2, (char *)pointer+2);
- break;
- default:
- if (pointer[1] == 1)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
- break;
-
- case TELOPT_LFLOW:
-- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL");
-- nfrontp += strlen(nfrontp);
-+ output_data("TOGGLE-FLOW-CONTROL");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case LFLOW_OFF:
-- sprintf(nfrontp, " OFF"); break;
-+ output_data(" OFF"); break;
- case LFLOW_ON:
-- sprintf(nfrontp, " ON"); break;
-+ output_data(" ON"); break;
- case LFLOW_RESTART_ANY:
-- sprintf(nfrontp, " RESTART-ANY"); break;
-+ output_data(" RESTART-ANY"); break;
- case LFLOW_RESTART_XON:
-- sprintf(nfrontp, " RESTART-XON"); break;
-+ output_data(" RESTART-XON"); break;
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-+ output_data(" %d (unknown)", pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_NAWS:
-- sprintf(nfrontp, "NAWS");
-- nfrontp += strlen(nfrontp);
-+ output_data("NAWS");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- if (length == 2) {
-- sprintf(nfrontp, " ?%d?", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[1]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[1], pointer[2],
- (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
-- nfrontp += strlen(nfrontp);
- if (length == 4) {
-- sprintf(nfrontp, " ?%d?", pointer[3]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[3]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[3], pointer[4],
- (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
-- nfrontp += strlen(nfrontp);
- for (i = 5; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_LINEMODE:
-- sprintf(nfrontp, "LINEMODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("LINEMODE ");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case WILL:
-- sprintf(nfrontp, "WILL ");
-+ output_data("WILL ");
- goto common;
- case WONT:
-- sprintf(nfrontp, "WONT ");
-+ output_data("WONT ");
- goto common;
- case DO:
-- sprintf(nfrontp, "DO ");
-+ output_data("DO ");
- goto common;
- case DONT:
-- sprintf(nfrontp, "DONT ");
-+ output_data("DONT ");
- common:
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, "(no option??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no option??\?)");
- break;
- }
- switch (pointer[2]) {
- case LM_FORWARDMASK:
-- sprintf(nfrontp, "Forward Mask");
-- nfrontp += strlen(nfrontp);
-+ output_data("Forward Mask");
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %x", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %x", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[2]);
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
- break;
-
- case LM_SLC:
-- sprintf(nfrontp, "SLC");
-- nfrontp += strlen(nfrontp);
-+ output_data("SLC");
- for (i = 2; i < length - 2; i += 3) {
- if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
-- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
-+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC]));
- else
-- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i+SLC_FUNC]);
- switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
- case SLC_NOSUPPORT:
-- sprintf(nfrontp, " NOSUPPORT"); break;
-+ output_data(" NOSUPPORT"); break;
- case SLC_CANTCHANGE:
-- sprintf(nfrontp, " CANTCHANGE"); break;
-+ output_data(" CANTCHANGE"); break;
- case SLC_VARIABLE:
-- sprintf(nfrontp, " VARIABLE"); break;
-+ output_data(" VARIABLE"); break;
- case SLC_DEFAULT:
-- sprintf(nfrontp, " DEFAULT"); break;
-+ output_data(" DEFAULT"); break;
- }
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, "%s%s%s",
-+ output_data("%s%s%s",
- pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
-- nfrontp += strlen(nfrontp);
- if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
- SLC_FLUSHOUT| SLC_LEVELBITS)) {
-- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]);
-- nfrontp += strlen(nfrontp);
-+ output_data("(0x%x)", pointer[i+SLC_FLAGS]);
- }
-- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d;", pointer[i+SLC_VALUE]);
- if ((pointer[i+SLC_VALUE] == IAC) &&
- (pointer[i+SLC_VALUE+1] == IAC))
- i++;
- }
- for (; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case LM_MODE:
-- sprintf(nfrontp, "MODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("MODE ");
- if (length < 3) {
-- sprintf(nfrontp, "(no mode??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no mode??\?)");
- break;
- }
- {
-@@ -796,24 +722,19 @@
- pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
- pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
- pointer[2]&MODE_ACK ? "|ACK" : "");
-- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0");
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", tbuf[1] ? &tbuf[1] : "0");
- }
- if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) {
-- sprintf(nfrontp, " (0x%x)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" (0x%x)", pointer[2]);
- }
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " ?0x%x?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?0x%x?", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- }
- break;
-@@ -822,24 +743,20 @@
- register char *cp;
- register int j, k;
-
-- sprintf(nfrontp, "STATUS");
-- nfrontp += strlen(nfrontp);
-+ output_data("STATUS");
-
- switch (pointer[1]) {
- default:
- if (pointer[1] == TELQUAL_SEND)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS\r\n");
-
- for (i = 2; i < length; i++) {
- switch(pointer[i]) {
-@@ -850,18 +767,15 @@
- common2:
- i++;
- if (TELOPT_OK(pointer[i]))
-- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i]));
-+ output_data(" %s %s", cp, TELOPT(pointer[i]));
- else
-- sprintf(nfrontp, " %s %d", cp, pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s %d", cp, pointer[i]);
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
- break;
-
- case SB:
-- sprintf(nfrontp, " SB ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SB ");
- i++;
- j = k = i;
- while (j < length) {
-@@ -877,20 +791,17 @@
- }
- printsub(0, &pointer[i], k - i);
- if (i < length) {
-- sprintf(nfrontp, " SE");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SE");
- i = j;
- } else
- i = j - 1;
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
-
- break;
-
- default:
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- break;
- }
- }
-@@ -900,86 +811,77 @@
- }
-
- case TELOPT_XDISPLOC:
-- sprintf(nfrontp, "X-DISPLAY-LOCATION ");
-- nfrontp += strlen(nfrontp);
-+ output_data("X-DISPLAY-LOCATION ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp, "- unknown qualifier %d (0x%x).",
-+ output_data("- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
-
- case TELOPT_NEW_ENVIRON:
-- sprintf(nfrontp, "NEW-ENVIRON ");
-+ output_data("NEW-ENVIRON ");
- goto env_common1;
- case TELOPT_OLD_ENVIRON:
-- sprintf(nfrontp, "OLD-ENVIRON");
-+ output_data("OLD-ENVIRON");
- env_common1:
-- nfrontp += strlen(nfrontp);
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS ");
-+ output_data("IS ");
- goto env_common;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND ");
-+ output_data("SEND ");
- goto env_common;
- case TELQUAL_INFO:
-- sprintf(nfrontp, "INFO ");
-+ output_data("INFO ");
- env_common:
-- nfrontp += strlen(nfrontp);
- {
- register int noquote = 2;
- for (i = 2; i < length; i++ ) {
- switch (pointer[i]) {
- case NEW_ENV_VAR:
-- sprintf(nfrontp, "\" VAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VAR " + noquote);
- noquote = 2;
- break;
-
- case NEW_ENV_VALUE:
-- sprintf(nfrontp, "\" VALUE " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VALUE " + noquote);
- noquote = 2;
- break;
-
- case ENV_ESC:
-- sprintf(nfrontp, "\" ESC " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" ESC " + noquote);
- noquote = 2;
- break;
-
- case ENV_USERVAR:
-- sprintf(nfrontp, "\" USERVAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" USERVAR " + noquote);
- noquote = 2;
- break;
-
- default:
- if (isprint(pointer[i]) && pointer[i] != '"') {
- if (noquote) {
-- *nfrontp++ = '"';
-+ output_data("\"");
- noquote = 0;
- }
-- *nfrontp++ = pointer[i];
-+ output_data("%c", pointer[i]);
- } else {
-- sprintf(nfrontp, "\" %03o " + noquote,
-+ output_data("\" %03o " + noquote,
- pointer[i]);
-- nfrontp += strlen(nfrontp);
- noquote = 2;
- }
- break;
- }
- }
- if (!noquote)
-- *nfrontp++ = '"';
-+ output_data("\"");
- break;
- }
- }
-@@ -987,90 +889,69 @@
-
- #if defined(AUTHENTICATION)
- case TELOPT_AUTHENTICATION:
-- sprintf(nfrontp, "AUTHENTICATION");
-- nfrontp += strlen(nfrontp);
-+ output_data("AUTHENTICATION");
-
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_REPLY:
- case TELQUAL_IS:
-- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ?
-+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (AUTHTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, "%d ", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[2]);
- if (length < 3) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s",
-+ output_data("%s|%s",
- ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
-
- auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case TELQUAL_SEND:
- i = 2;
-- sprintf(nfrontp, " SEND ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SEND ");
- while (i < length) {
- if (AUTHTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- if (++i >= length) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s ",
-+ output_data( "%s|%s%s ",
- ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
- ++i;
- }
- break;
-
- case TELQUAL_NAME:
-- i = 2;
-- sprintf(nfrontp, " NAME \"");
-- nfrontp += strlen(nfrontp);
-- while (i < length) {
-- if (isprint(pointer[i]))
-- *nfrontp++ = pointer[i++];
-- else {
-- sprintf(nfrontp, "\"%03o",pointer[i++]);
-- nfrontp += strlen(nfrontp);
-- }
-- }
-- *nfrontp++ = '"';
-+ output_data(" NAME \"%.*s\"",
-+ length - 2,
-+ pointer + 2);
- break;
-
- default:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
-@@ -1079,86 +960,70 @@
-
- #ifdef ENCRYPTION
- case TELOPT_ENCRYPT:
-- sprintf(nfrontp, "ENCRYPT");
-- nfrontp += strlen(nfrontp);
-+ output_data("ENCRYPT");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case ENCRYPT_START:
-- sprintf(nfrontp, " START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" START");
- break;
-
- case ENCRYPT_END:
-- sprintf(nfrontp, " END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" END");
- break;
-
- case ENCRYPT_REQSTART:
-- sprintf(nfrontp, " REQUEST-START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-START");
- break;
-
- case ENCRYPT_REQEND:
-- sprintf(nfrontp, " REQUEST-END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-END");
- break;
-
- case ENCRYPT_IS:
- case ENCRYPT_REPLY:
-- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ?
-+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, " (partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (partial suboption??\?)");
- break;
- }
- if (ENCTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[2]);
-
- encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case ENCRYPT_SUPPORT:
- i = 2;
-- sprintf(nfrontp, " SUPPORT ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SUPPORT ");
- while (i < length) {
- if (ENCTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- i++;
- }
- break;
-
- case ENCRYPT_ENC_KEYID:
-- sprintf(nfrontp, " ENC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ENC_KEYID");
- goto encommon;
-
- case ENCRYPT_DEC_KEYID:
-- sprintf(nfrontp, " DEC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" DEC_KEYID");
- goto encommon;
-
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- encommon:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
-@@ -1167,18 +1032,15 @@
-
- default:
- if (TELOPT_OK(pointer[0]))
-- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0]));
-+ output_data( "%s (unknown)", TELOPT(pointer[0]));
- else
-- sprintf(nfrontp, "%d (unknown)", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( "%d (unknown)", pointer[i]);
- for (i = 1; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( " %d", pointer[i]);
- }
- break;
- }
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data( "\r\n");
+- if (remain < len)
+- return 0;
+- memcpy(nfrontp, buf, len);
+- nfrontp += len;
+- return len;
++ return copied;
}
/*
-@@ -1200,26 +1062,22 @@
- }
-
- /* add a line of output */
-- sprintf(nfrontp, "%s: ", tag);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s: ", tag);
- for (i = 0; i < 20 && cnt; i++) {
-- sprintf(nfrontp, "%02x", *ptr);
-- nfrontp += strlen(nfrontp);
-+ output_data("%02x", *ptr);
- if (isprint(*ptr)) {
- xbuf[i] = *ptr;
- } else {
- xbuf[i] = '.';
- }
- if (i % 2) {
-- *nfrontp = ' ';
-- nfrontp++;
-+ output_data(" ");
- }
- cnt--;
- ptr++;
- }
- xbuf[i] = '\0';
-- sprintf(nfrontp, " %s\r\n", xbuf );
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s\r\n", xbuf );
- }
- }
- #endif /* DIAGNOSTICS */
diff --git a/security/krb5-17/files/patch-ay b/security/krb5-17/files/patch-ay
index 4ed0c9e..54c041e 100644
--- a/security/krb5-17/files/patch-ay
+++ b/security/krb5-17/files/patch-ay
@@ -1,6 +1,6 @@
---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998
-+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999
-@@ -21,13 +21,26 @@
+--- util/pty/getpty.c.orig Wed Jan 9 14:28:37 2002
++++ util/pty/getpty.c Thu Jan 10 21:30:40 2002
+@@ -24,13 +24,26 @@
#include "libpty.h"
#include "pty-int.h"
@@ -17,19 +17,19 @@
+#define PTYCHARS2 "0123456789abcdef"
+#endif
+
- long pty_getpty (fd, slave, slavelength)
- int slavelength;
- int *fd; char *slave;
+ long
+ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt)
{
-- char *cp;
++ int ptynum;
+ char *cp1, *cp2;
+ #if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY)
+- char *cp;
char *p;
- int i,ptynum;
-+ int ptynum;
struct stat stb;
char slavebuf[1024];
- #ifdef HAVE__GETPTY
-@@ -109,14 +122,14 @@
+ #endif
+@@ -115,14 +128,14 @@
strncpy(slave, slavebuf, slavelength);
return 0;
} else {
diff --git a/security/krb5-17/files/patch-bd b/security/krb5-17/files/patch-bd
deleted file mode 100644
index b2bf412..0000000
--- a/security/krb5-17/files/patch-bd
+++ /dev/null
@@ -1,19 +0,0 @@
---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001
-@@ -805,11 +805,13 @@
- * This is a valid reply in some cases but not in others.
- */
- if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) {
-- *(char **)&($$) = *ftpglob((char *) $1);
-- if (globerr != NULL) {
-+ char **vv;
-+ vv = ftpglob((char *) $1);
-+ if (vv == NULL || globerr != NULL) {
- reply(550, globerr);
- $$ = NULL;
-- }
-+ } else
-+ $$ = *vv;
- free((char *) $1);
- } else
- $$ = $1;
diff --git a/security/krb5-17/pkg-plist b/security/krb5-17/pkg-plist
index 5170610..01977cd 100644
--- a/security/krb5-17/pkg-plist
+++ b/security/krb5-17/pkg-plist
@@ -63,10 +63,10 @@ lib/libk5crypto.so
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
-lib/libkadm5clnt.so.4
+lib/libkadm5clnt.so.5
lib/libkadm5srv.a
lib/libkadm5srv.so
-lib/libkadm5srv.so.4
+lib/libkadm5srv.so.5
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile
index 3a0bf18..e9c8235 100644
--- a/security/krb5-appl/Makefile
+++ b/security/krb5-appl/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= krb5
-PORTVERSION= 1.2.2
-PORTREVISION= 5
+PORTVERSION= 1.2.3
CATEGORIES= security
MASTER_SITES= # manual download
diff --git a/security/krb5-appl/distinfo b/security/krb5-appl/distinfo
index e8159e5..3af0278 100644
--- a/security/krb5-appl/distinfo
+++ b/security/krb5-appl/distinfo
@@ -1 +1 @@
-MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c
+MD5 (krb5-1.2.3.tar.gz) = 1e93aed5e6ae13eb4b5b5278b1a6ab46
diff --git a/security/krb5-appl/files/patch-ai b/security/krb5-appl/files/patch-ai
index 634db6c..f5b7331 100644
--- a/security/krb5-appl/files/patch-ai
+++ b/security/krb5-appl/files/patch-ai
@@ -1,6 +1,6 @@
---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001
-@@ -485,7 +485,13 @@
+--- appl/gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002
++++ appl/gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002
+@@ -487,7 +487,13 @@
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
@@ -15,273 +15,14 @@
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
-@@ -761,7 +767,16 @@
- int result;
- #ifdef GSSAPI
- if (auth_type && strcmp(auth_type, "GSSAPI") == 0) {
-+ int len;
- authorized = ftpd_gss_userok(&client_name, name) == 0;
-+ len = sizeof("GSSAPI user is not authorized as "
-+ "; Password required.")
-+ + strlen(client_name.value)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "GSSAPI user %s is%s authorized as %s",
- client_name.value, authorized ? "" : " not",
- name);
-@@ -772,7 +787,18 @@
- #endif /* GSSAPI */
- #ifdef KRB5_KRB4_COMPAT
- if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) {
-+ int len;
- authorized = kuserok(&kdata,name) == 0;
-+ len = sizeof("Kerberos user .@ is not authorized as "
-+ "; Password required.")
-+ + strlen(kdata.pname)
-+ + strlen(kdata.pinst)
-+ + strlen(kdata.prealm)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s",
- kdata.pname, *kdata.pinst ? "." : "",
- kdata.pinst, kdata.prealm,
-@@ -1179,6 +1205,11 @@
- } else {
- char line[FTP_BUFSIZ];
-
-+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) {
-+ syslog(LOG_ERR, "retrieve: filename too long");
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, cmd, name), name = line;
- fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose;
- st.st_size = -1;
-@@ -1417,6 +1448,10 @@
- return (file);
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- secure_error(char *fmt, ...)
- #else
-@@ -1616,13 +1651,19 @@
- {
- char line[FTP_BUFSIZ];
- FILE *fin;
-- int c;
-+ int c, n;
- char str[FTP_BUFSIZ], *p;
-
-+ if (strlen(filename) + sizeof("/bin/ls -lgA ")
-+ >= sizeof(line)) {
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, "/bin/ls -lgA %s", filename);
- fin = ftpd_popen(line, "r");
- lreply(211, "status of %s:", filename);
- p = str;
-+ n = 0;
- while ((c = getc(fin)) != EOF) {
- if (c == '\n') {
- if (ferror(stdout)){
-@@ -1639,7 +1680,16 @@
- *p = '\0';
- reply(0, "%s", str);
- p = str;
-- } else *p++ = c;
-+ n = 0;
-+ } else {
-+ *p++ = c;
-+ n++;
-+ if (n >= sizeof(str)) {
-+ reply(551, "output line too long");
-+ (void) ftpd_pclose(fin);
-+ return;
-+ }
-+ }
- }
- if (p != str) {
- *p = '\0';
-@@ -1723,6 +1773,10 @@
-
- char cont_char = ' ';
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ bytes for now.
-+ */
- #ifdef STDARG
- reply(int n, char *fmt, ...)
- #else
-@@ -1744,22 +1798,32 @@
- #endif
-
- if (auth_type) {
-- char in[FTP_BUFSIZ], out[FTP_BUFSIZ];
-+ /*
-+ * Deal with expansion in mk_{safe,priv},
-+ * radix_encode, gss_seal, plus slop.
-+ */
-+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
- int length, kerror;
- if (n) sprintf(in, "%d%c", n, cont_char);
- else in[0] = '\0';
- strncat(in, buf, sizeof (in) - strlen(in) - 1);
- #ifdef KRB5_KRB4_COMPAT
- if (strcmp(auth_type, "KERBEROS_V4") == 0) {
-- if ((length = clevel == PROT_P ?
-- krb_mk_priv((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), schedule, &kdata.session,
-- &ctrl_addr, &his_addr)
-- : krb_mk_safe((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), &kdata.session,
-- &ctrl_addr, &his_addr)) == -1) {
-+ if (clevel == PROT_P)
-+ length = krb_mk_priv((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ schedule, &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ else
-+ length = krb_mk_safe((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ if (length == -1) {
- syslog(LOG_ERR,
- "krb_mk_%s failed for KERBEROS_V4",
- clevel == PROT_P ? "priv" : "safe");
-@@ -1803,13 +1867,16 @@
- }
- #endif /* GSSAPI */
- /* Other auth types go here ... */
-- if (kerror = radix_encode(out, in, &length, 0)) {
-+ if (length >= sizeof(in) / 4 * 3) {
-+ syslog(LOG_ERR, "input to radix_encode too long");
-+ fputs(in, stdout);
-+ } else if (kerror = radix_encode(out, in, &length, 0)) {
- syslog(LOG_ERR, "Couldn't encode reply (%s)",
- radix_error(kerror));
- fputs(in,stdout);
- } else
-- printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-- n ? cont_char : '-', in);
-+ printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-+ n ? cont_char : '-', in);
- } else {
- if (n) printf("%d%c", n, cont_char);
- fputs(buf, stdout);
-@@ -1822,6 +1889,10 @@
- }
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- lreply(int n, char *fmt, ...)
- #else
-@@ -1866,7 +1937,8 @@
-
- if (cp = strchr(cbuf,'\n'))
- *cp = '\0';
-- reply(500, "'%s': command not understood.", cbuf);
-+ reply(500, "'%.*s': command not understood.",
-+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf);
- }
-
- delete_file(name)
-@@ -2143,7 +2215,21 @@
- int code;
- char *string;
- {
-- reply(code, "%s: %s.", string, strerror(errno));
-+ char *err_string;
-+ size_t extra_len;
-+ err_string = strerror(errno);
-+ if (err_string == NULL)
-+ err_string = "(unknown error)";
-+ extra_len = strlen(err_string) + sizeof("(truncated): .");
-+ /*
-+ * XXX knows about FTP_BUFSIZ in reply()
-+ */
-+ if (strlen(string) + extra_len > FTP_BUFSIZ) {
-+ reply(code, "(truncated)%.*s: %s.",
-+ FTP_BUFSIZ - extra_len, string, err_string);
-+ } else {
-+ reply(code, "%s: %s.", string, err_string);
-+ }
- }
-
- auth(type)
-@@ -2226,6 +2312,10 @@
+@@ -2312,6 +2318,10 @@
+ if ((length = krb_mk_safe((u_char *)&cksum, out_buf, sizeof(cksum),
+ &kdata.session,&ctrl_addr, &his_addr)) == -1) {
secure_error("ADAT: krb_mk_safe failed");
- return(0);
- }
-+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
-+ secure_error("ADAT: reply too long");
+ return(0);
+ }
- if (kerror = radix_encode(out_buf, buf, &length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2360,6 +2450,16 @@
++ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
++ secure_error("ADAT: reply too long");
+ return(0);
}
-
- if (out_tok.length) {
-+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT="))
-+ / 4 * 3)) {
-+ secure_error("ADAT: reply too long");
-+ syslog(LOG_ERR, "ADAT: reply too long");
-+ (void) gss_release_cred(&stat_min, &server_creds);
-+ if (ret_flags & GSS_C_DELEG_FLAG)
-+ (void) gss_release_cred(&stat_min,
-+ &deleg_creds);
-+ return(0);
-+ }
- if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2458,6 +2558,9 @@
- * n>=0 on success
- * -1 on error
- * -2 on security error
-+ *
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
- */
- #ifdef STDARG
- secure_fprintf(FILE *stream, char *fmt, ...)
-@@ -2575,6 +2678,15 @@
- dir->d_name[2] == '\0')
- continue;
-
-+ if (strlen(dirname) + strlen(dir->d_name)
-+ + 1 /* slash */
-+ + 2 /* CRLF */
-+ + 1 > sizeof(nbuf)) {
-+ syslog(LOG_ERR,
-+ "send_file_list: pathname too long");
-+ ret = -2; /* XXX */
-+ goto data_err;
-+ }
- sprintf(nbuf, "%s/%s", dirname, dir->d_name);
-
- /*
+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c
deleted file mode 100644
index 9a19ab9..0000000
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::authenc.c
+++ /dev/null
@@ -1,12 +0,0 @@
---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001
-@@ -43,8 +43,7 @@
- int len;
- {
- if (nfrontp + len < netobuf + BUFSIZ) {
-- memcpy((void *)nfrontp, (void *)str, len);
-- nfrontp += len;
-+ output_datalen(str, len);
- return(len);
- }
- return(0);
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h b/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h
deleted file mode 100644
index 38fd6ac..0000000
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::ext.h
+++ /dev/null
@@ -1,24 +0,0 @@
---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001
-@@ -75,7 +75,7 @@
-
- extern char netibuf[BUFSIZ], *netip;
-
--extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
-+extern char netobuf[BUFSIZ], *nfrontp, *nbackp;
- extern char *neturg; /* one past last bye of urgent data */
-
- extern int pcc, ncc;
-@@ -187,8 +187,10 @@
- tty_setsofttab P((int)),
- tty_tspeed P((int)),
- willoption P((int)),
-- wontoption P((int)),
-- writenet P((unsigned char *, int));
-+ wontoption P((int));
-+
-+extern int output_data __P((const char *, ...)) __printflike(1, 2);
-+extern int output_datalen __P((const char *, size_t));
-
- #ifdef ENCRYPTION
- extern char *nclearto;
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c
deleted file mode 100644
index f4e7d41..0000000
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::slc.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001
-@@ -198,7 +198,7 @@
- (void) sprintf((char *)slcptr, "%c%c", IAC, SE);
- slcptr += 2;
- len = slcptr - slcbuf;
-- writenet(slcbuf, len);
-+ output_datalen(slcbuf, len);
- netflush(); /* force it out immediately */
- DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2););
- }
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c
deleted file mode 100644
index baf2073..0000000
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::state.c
+++ /dev/null
@@ -1,134 +0,0 @@
---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001
-@@ -33,6 +33,7 @@
-
- /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */
-
-+#include <stdarg.h>
- #include "telnetd.h"
- #if defined(AUTHENTICATION)
- #include <libtelnet/auth.h>
-@@ -86,7 +87,7 @@
- if (!auth_negotiated) {
- static char *error =
- "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n";
-- writenet(error, strlen(error));
-+ output_datalen(error, strlen(error));
- netflush();
- exit(1);
- }
-@@ -209,8 +210,7 @@
- }
-
- netclear(); /* clear buffer back */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- DIAG(TD_OPTIONS,
- printoption("td: send IAC", DM));
-@@ -463,8 +463,7 @@
- set_his_want_state_will(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)doopt, option);
-- nfrontp += sizeof (dont) - 2;
-+ output_data((const char *)doopt, option);
-
- DIAG(TD_OPTIONS, printoption("td: send do", option));
- }
-@@ -683,8 +682,7 @@
- set_his_want_state_wont(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)dont, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)dont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send dont", option));
- }
-@@ -833,8 +831,7 @@
- set_my_want_state_will(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)will, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)will, option);
-
- DIAG(TD_OPTIONS, printoption("td: send will", option));
- }
-@@ -993,8 +990,7 @@
- set_my_want_state_wont(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)wont, option);
-- nfrontp += sizeof (wont) - 2;
-+ output_data((const char *)wont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send wont", option));
- }
-@@ -1393,9 +1389,8 @@
- env_ovar_wrong:
- env_ovar = OLD_ENV_VALUE;
- env_ovalue = OLD_ENV_VAR;
-- DIAG(TD_OPTIONS, {sprintf(nfrontp,
-- "ENVIRON VALUE and VAR are reversed!\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS,
-+ output_data("ENVIRON VALUE and VAR are reversed!\r\n"));
-
- }
- }
-@@ -1633,11 +1628,51 @@
- ADD(IAC);
- ADD(SE);
-
-- writenet(statusbuf, ncp - statusbuf);
-+ output_datalen(statusbuf, ncp - statusbuf);
- netflush(); /* Send it on its way */
-
- DIAG(TD_OPTIONS,
- {printsub('>', statusbuf, ncp - statusbuf); netflush();});
-+}
-+
-+/*
-+ * This function appends data to nfrontp and advances nfrontp.
-+ */
-+
-+int
-+output_data(const char *format, ...)
-+{
-+ va_list args;
-+ size_t remaining, ret;
-+
-+ va_start(args, format);
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ /* try a netflush() if the room is too low */
-+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ ret = vsnprintf(nfrontp, remaining, format, args);
-+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1);
-+ va_end(args);
-+ return ret;
-+}
-+
-+int
-+output_datalen(const char *buf, size_t len)
-+{
-+ size_t remaining;
-+
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ if (remaining < len) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ if (remaining < len)
-+ return -1;
-+ memmove(nfrontp, buf, len);
-+ nfrontp += len;
-+ return (len);
- }
-
- static int envvarok(varp)
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c
deleted file mode 100644
index 9eef170..0000000
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::telnetd.c
+++ /dev/null
@@ -1,169 +0,0 @@
---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001
-@@ -693,7 +693,7 @@
- char *error_message =
- "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
-
-- writenet(error_message, strlen(error_message));
-+ output_datalen(error_message, strlen(error_message));
- netflush();
- exit(1);
- }
-@@ -782,9 +782,7 @@
- { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_XDISPLOC)) {
-@@ -792,9 +790,7 @@
- { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
-@@ -802,9 +798,7 @@
- { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- else if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
-@@ -812,17 +806,13 @@
- { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_TTYPE)) {
-
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- }
- if (his_state_is_will(TELOPT_TSPEED)) {
-@@ -902,9 +892,7 @@
- return;
- settimer(baseline);
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- while (sequenceIs(ttypesubopt, baseline))
- ttloop();
-@@ -1177,9 +1165,7 @@
- * mode, which we do not want.
- */
- if (his_want_state_is_will(TELOPT_ECHO)) {
-- DIAG(TD_OPTIONS,
-- {sprintf(nfrontp, "td: simulating recv\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n"));
- willoption(TELOPT_ECHO);
- }
-
-@@ -1308,9 +1294,7 @@
- localstat();
- #endif /* LINEMODE */
-
-- DIAG(TD_REPORT,
-- {sprintf(nfrontp, "td: Entering processing loop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n"));
-
- #ifdef convex
- startslave(host);
-@@ -1435,8 +1419,7 @@
- netip = netibuf;
- }
- DIAG((TD_REPORT | TD_NETDATA),
-- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ output_data("td: netread %d chars\r\n", ncc));
- DIAG(TD_NETDATA, printdata("nd", netip, ncc));
- }
-
-@@ -1483,8 +1466,7 @@
- * royally if we send them urgent
- * mode data.
- */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- #endif
- }
-@@ -1495,13 +1477,11 @@
- ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
- if (newflow != flowmode) {
- flowmode = newflow;
-- (void) sprintf(nfrontp,
-- "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON
- : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- pcc--;
-@@ -1524,19 +1504,19 @@
- break;
- c = *ptyip++ & 0377, pcc--;
- if (c == IAC)
-- *nfrontp++ = c;
-+ output_data("%c", c);
- #if defined(CRAY2) && defined(UNICOS5)
- else if (c == '\n' &&
- my_state_is_wont(TELOPT_BINARY) && newmap)
-- *nfrontp++ = '\r';
-+ output_data("\r");
- #endif /* defined(CRAY2) && defined(UNICOS5) */
-- *nfrontp++ = c;
-+ output_data("%c", c);
- if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) {
- if (pcc > 0 && ((*ptyip & 0377) == '\n')) {
-- *nfrontp++ = *ptyip++ & 0377;
-+ output_data("%c", *ptyip++ & 0377);
- pcc--;
- } else
-- *nfrontp++ = '\0';
-+ output_data("%c", '\0');
- }
- }
- #if defined(CRAY2) && defined(UNICOS5)
-@@ -1707,10 +1687,7 @@
- return;
- }
- #endif
-- (void) strncpy(nfrontp, "\r\n[Yes]\r\n",
-- sizeof(netobuf) - 1 - (nfrontp - netobuf));
-- nfrontp += 9;
-- *nfrontp = '\0';
-+ output_data("\r\n[Yes]\r\n");
- }
-
- void
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c
deleted file mode 100644
index 422f1c8..0000000
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::termstat.c
+++ /dev/null
@@ -1,74 +0,0 @@
---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001
-@@ -283,10 +283,9 @@
- # endif /* KLUDGELINEMODE */
- send_do(TELOPT_LINEMODE, 1);
- /* send along edit modes */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- # ifdef KLUDGELINEMODE
- }
-@@ -312,10 +311,9 @@
- /*
- * Send along appropriate edit mode mask.
- */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -359,20 +357,18 @@
- if (his_state_is_will(TELOPT_LFLOW)) {
- if (tty_flowmode() != flowmode) {
- flowmode = tty_flowmode();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- if (tty_restartany() != restartany) {
- restartany = tty_restartany();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- restartany ? LFLOW_RESTART_ANY
- : LFLOW_RESTART_XON,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- }
-@@ -445,10 +441,9 @@
- useeditmode |= MODE_SOFT_TAB;
- if (tty_islitecho())
- useeditmode |= MODE_LIT_ECHO;
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode, IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -504,11 +499,10 @@
- set_termbuf();
-
- if (!ack) {
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode|MODE_ACK,
- IAC, SE);
-- nfrontp += 7;
- }
-
- editmode = useeditmode;
diff --git a/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c b/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c
index d49598c..8bb656d 100644
--- a/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c
+++ b/security/krb5-appl/files/patch-appl::telnet::telnetd::utility.c
@@ -1,879 +1,38 @@
---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001
-+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001
-@@ -58,8 +58,7 @@
+--- appl/telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002
++++ appl/telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002
+@@ -408,18 +408,25 @@
+ int
+ netwrite(const char *buf, size_t len)
{
- void netflush();
-
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop\r\n"));
- if (nfrontp-nbackp) {
- netflush();
- }
-@@ -74,8 +73,7 @@
- syslog(LOG_INFO, "ttloop: peer died: %m");
- exit(1);
- }
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc));
- netip = netibuf;
- telrcv(); /* state machine */
- if (ncc > 0) {
-@@ -117,9 +115,8 @@
- int n;
-
- if ((n = pfrontp - pbackp) > 0) {
-- DIAG((TD_REPORT | TD_PTYDATA),
-- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n);
-- nfrontp += strlen(nfrontp); });
-+ DIAG(TD_REPORT | TD_PTYDATA,
-+ output_data("td: ptyflush %d chars\r\n", n));
- DIAG(TD_PTYDATA, printdata("pd", pbackp, n));
- n = write(pty, pbackp, n);
- }
-@@ -251,11 +248,9 @@
- extern int not42;
-
- if ((n = nfrontp - nbackp) > 0) {
-- DIAG(TD_REPORT,
-- { sprintf(nfrontp, "td: netflush %d chars\r\n", n);
-- n += strlen(nfrontp); /* get count first */
-- nfrontp += strlen(nfrontp); /* then move pointer */
-- });
-+ DIAG(TD_REPORT, {
-+ n += output_data("td: netflush %d chars\r\n", n);
-+ });
- #ifdef ENCRYPTION
- if (encrypt_output) {
- char *s = nclearto ? nclearto : nbackp;
-@@ -314,33 +309,6 @@
-
-
- /*
-- * writenet
-- *
-- * Just a handy little function to write a bit of raw data to the net.
-- * It will force a transmit of the buffer if necessary
-- *
-- * arguments
-- * ptr - A pointer to a character string to write
-- * len - How many bytes to write
-- */
-- void
--writenet(ptr, len)
-- register unsigned char *ptr;
-- register int len;
--{
-- /* flush buffer if no room for new data) */
-- if ((&netobuf[BUFSIZ] - nfrontp) < len) {
-- /* if this fails, don't worry, buffer is a little big */
+- size_t remain;
++ int remaining, copied;
++
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ while (len > 0) {
++ /* Free up enough space if the room is too low*/
++ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
++ netflush();
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ }
+
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
+- if (remain < len) {
- netflush();
-- }
--
-- memcpy(nfrontp, ptr, len);
-- nfrontp += len;
--
--} /* end of writenet */
--
--
--/*
- * miscellaneous functions doing a variety of little jobs follow ...
- */
-
-@@ -528,12 +496,11 @@
- register int option;
- {
- if (TELOPT_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option));
-+ output_data("%s %s\r\n", fmt, TELOPT(option));
- else if (TELCMD_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option));
-+ output_data("%s %s\r\n", fmt, TELCMD(option));
- else
-- sprintf(nfrontp, "%s %d\r\n", fmt, option);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s %d\r\n", fmt, option);
- return;
- }
-
-@@ -550,9 +517,8 @@
- return;
-
- if (direction) {
-- sprintf(nfrontp, "td: %s suboption ",
-+ output_data("td: %s suboption ",
- direction == '<' ? "recv" : "send");
-- nfrontp += strlen(nfrontp);
- if (length >= 3) {
- register int j;
-
-@@ -560,232 +526,192 @@
- j = pointer[length-1];
-
- if (i != IAC || j != SE) {
-- sprintf(nfrontp, "(terminated by ");
-- nfrontp += strlen(nfrontp);
-+ output_data("(terminated by ");
- if (TELOPT_OK(i))
-- sprintf(nfrontp, "%s ", TELOPT(i));
-+ output_data("%s ", TELOPT(i));
- else if (TELCMD_OK(i))
-- sprintf(nfrontp, "%s ", TELCMD(i));
-+ output_data("%s ", TELCMD(i));
- else
-- sprintf(nfrontp, "%d ", i);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", i);
- if (TELOPT_OK(j))
-- sprintf(nfrontp, "%s", TELOPT(j));
-+ output_data("%s", TELOPT(j));
- else if (TELCMD_OK(j))
-- sprintf(nfrontp, "%s", TELCMD(j));
-+ output_data("%s", TELCMD(j));
- else
-- sprintf(nfrontp, "%d", j);
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, ", not IAC SE!) ");
-- nfrontp += strlen(nfrontp);
-+ output_data("%d", j);
-+ output_data(", not IAC SE!) ");
- }
- }
- length -= 2;
- }
- if (length < 1) {
-- sprintf(nfrontp, "(Empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(Empty suboption??\?)");
- return;
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
++ /* Copy out as much as will fit */
++ copied = remaining > len ? len : remaining;
++ memmove(nfrontp, buf, copied);
++ nfrontp += copied;
++ len -= copied;
++ remaining -= copied;
++ buf += copied;
}
- switch (pointer[0]) {
- case TELOPT_TTYPE:
-- sprintf(nfrontp, "TERMINAL-TYPE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-TYPE ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp,
-+ output_data(
- "- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
- case TELOPT_TSPEED:
-- sprintf(nfrontp, "TERMINAL-SPEED");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-SPEED");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2);
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS %.*s", length-2, (char *)pointer+2);
- break;
- default:
- if (pointer[1] == 1)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
- break;
-
- case TELOPT_LFLOW:
-- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL");
-- nfrontp += strlen(nfrontp);
-+ output_data("TOGGLE-FLOW-CONTROL");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case LFLOW_OFF:
-- sprintf(nfrontp, " OFF"); break;
-+ output_data(" OFF"); break;
- case LFLOW_ON:
-- sprintf(nfrontp, " ON"); break;
-+ output_data(" ON"); break;
- case LFLOW_RESTART_ANY:
-- sprintf(nfrontp, " RESTART-ANY"); break;
-+ output_data(" RESTART-ANY"); break;
- case LFLOW_RESTART_XON:
-- sprintf(nfrontp, " RESTART-XON"); break;
-+ output_data(" RESTART-XON"); break;
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-+ output_data(" %d (unknown)", pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_NAWS:
-- sprintf(nfrontp, "NAWS");
-- nfrontp += strlen(nfrontp);
-+ output_data("NAWS");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- if (length == 2) {
-- sprintf(nfrontp, " ?%d?", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[1]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[1], pointer[2],
- (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
-- nfrontp += strlen(nfrontp);
- if (length == 4) {
-- sprintf(nfrontp, " ?%d?", pointer[3]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[3]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[3], pointer[4],
- (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
-- nfrontp += strlen(nfrontp);
- for (i = 5; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_LINEMODE:
-- sprintf(nfrontp, "LINEMODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("LINEMODE ");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case WILL:
-- sprintf(nfrontp, "WILL ");
-+ output_data("WILL ");
- goto common;
- case WONT:
-- sprintf(nfrontp, "WONT ");
-+ output_data("WONT ");
- goto common;
- case DO:
-- sprintf(nfrontp, "DO ");
-+ output_data("DO ");
- goto common;
- case DONT:
-- sprintf(nfrontp, "DONT ");
-+ output_data("DONT ");
- common:
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, "(no option??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no option??\?)");
- break;
- }
- switch (pointer[2]) {
- case LM_FORWARDMASK:
-- sprintf(nfrontp, "Forward Mask");
-- nfrontp += strlen(nfrontp);
-+ output_data("Forward Mask");
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %x", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %x", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[2]);
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
- break;
-
- case LM_SLC:
-- sprintf(nfrontp, "SLC");
-- nfrontp += strlen(nfrontp);
-+ output_data("SLC");
- for (i = 2; i < length - 2; i += 3) {
- if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
-- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
-+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC]));
- else
-- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i+SLC_FUNC]);
- switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
- case SLC_NOSUPPORT:
-- sprintf(nfrontp, " NOSUPPORT"); break;
-+ output_data(" NOSUPPORT"); break;
- case SLC_CANTCHANGE:
-- sprintf(nfrontp, " CANTCHANGE"); break;
-+ output_data(" CANTCHANGE"); break;
- case SLC_VARIABLE:
-- sprintf(nfrontp, " VARIABLE"); break;
-+ output_data(" VARIABLE"); break;
- case SLC_DEFAULT:
-- sprintf(nfrontp, " DEFAULT"); break;
-+ output_data(" DEFAULT"); break;
- }
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, "%s%s%s",
-+ output_data("%s%s%s",
- pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
-- nfrontp += strlen(nfrontp);
- if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
- SLC_FLUSHOUT| SLC_LEVELBITS)) {
-- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]);
-- nfrontp += strlen(nfrontp);
-+ output_data("(0x%x)", pointer[i+SLC_FLAGS]);
- }
-- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d;", pointer[i+SLC_VALUE]);
- if ((pointer[i+SLC_VALUE] == IAC) &&
- (pointer[i+SLC_VALUE+1] == IAC))
- i++;
- }
- for (; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case LM_MODE:
-- sprintf(nfrontp, "MODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("MODE ");
- if (length < 3) {
-- sprintf(nfrontp, "(no mode??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no mode??\?)");
- break;
- }
- {
-@@ -796,24 +722,19 @@
- pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
- pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
- pointer[2]&MODE_ACK ? "|ACK" : "");
-- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0");
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", tbuf[1] ? &tbuf[1] : "0");
- }
- if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) {
-- sprintf(nfrontp, " (0x%x)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" (0x%x)", pointer[2]);
- }
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " ?0x%x?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?0x%x?", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- }
- break;
-@@ -822,24 +743,20 @@
- register char *cp;
- register int j, k;
-
-- sprintf(nfrontp, "STATUS");
-- nfrontp += strlen(nfrontp);
-+ output_data("STATUS");
-
- switch (pointer[1]) {
- default:
- if (pointer[1] == TELQUAL_SEND)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS\r\n");
-
- for (i = 2; i < length; i++) {
- switch(pointer[i]) {
-@@ -850,18 +767,15 @@
- common2:
- i++;
- if (TELOPT_OK(pointer[i]))
-- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i]));
-+ output_data(" %s %s", cp, TELOPT(pointer[i]));
- else
-- sprintf(nfrontp, " %s %d", cp, pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s %d", cp, pointer[i]);
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
- break;
-
- case SB:
-- sprintf(nfrontp, " SB ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SB ");
- i++;
- j = k = i;
- while (j < length) {
-@@ -877,20 +791,17 @@
- }
- printsub(0, &pointer[i], k - i);
- if (i < length) {
-- sprintf(nfrontp, " SE");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SE");
- i = j;
- } else
- i = j - 1;
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
-
- break;
-
- default:
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- break;
- }
- }
-@@ -900,86 +811,77 @@
- }
-
- case TELOPT_XDISPLOC:
-- sprintf(nfrontp, "X-DISPLAY-LOCATION ");
-- nfrontp += strlen(nfrontp);
-+ output_data("X-DISPLAY-LOCATION ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp, "- unknown qualifier %d (0x%x).",
-+ output_data("- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
-
- case TELOPT_NEW_ENVIRON:
-- sprintf(nfrontp, "NEW-ENVIRON ");
-+ output_data("NEW-ENVIRON ");
- goto env_common1;
- case TELOPT_OLD_ENVIRON:
-- sprintf(nfrontp, "OLD-ENVIRON");
-+ output_data("OLD-ENVIRON");
- env_common1:
-- nfrontp += strlen(nfrontp);
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS ");
-+ output_data("IS ");
- goto env_common;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND ");
-+ output_data("SEND ");
- goto env_common;
- case TELQUAL_INFO:
-- sprintf(nfrontp, "INFO ");
-+ output_data("INFO ");
- env_common:
-- nfrontp += strlen(nfrontp);
- {
- register int noquote = 2;
- for (i = 2; i < length; i++ ) {
- switch (pointer[i]) {
- case NEW_ENV_VAR:
-- sprintf(nfrontp, "\" VAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VAR " + noquote);
- noquote = 2;
- break;
-
- case NEW_ENV_VALUE:
-- sprintf(nfrontp, "\" VALUE " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VALUE " + noquote);
- noquote = 2;
- break;
-
- case ENV_ESC:
-- sprintf(nfrontp, "\" ESC " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" ESC " + noquote);
- noquote = 2;
- break;
-
- case ENV_USERVAR:
-- sprintf(nfrontp, "\" USERVAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" USERVAR " + noquote);
- noquote = 2;
- break;
-
- default:
- if (isprint(pointer[i]) && pointer[i] != '"') {
- if (noquote) {
-- *nfrontp++ = '"';
-+ output_data("\"");
- noquote = 0;
- }
-- *nfrontp++ = pointer[i];
-+ output_data("%c", pointer[i]);
- } else {
-- sprintf(nfrontp, "\" %03o " + noquote,
-+ output_data("\" %03o " + noquote,
- pointer[i]);
-- nfrontp += strlen(nfrontp);
- noquote = 2;
- }
- break;
- }
- }
- if (!noquote)
-- *nfrontp++ = '"';
-+ output_data("\"");
- break;
- }
- }
-@@ -987,90 +889,69 @@
-
- #if defined(AUTHENTICATION)
- case TELOPT_AUTHENTICATION:
-- sprintf(nfrontp, "AUTHENTICATION");
-- nfrontp += strlen(nfrontp);
-+ output_data("AUTHENTICATION");
-
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_REPLY:
- case TELQUAL_IS:
-- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ?
-+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (AUTHTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, "%d ", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[2]);
- if (length < 3) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s",
-+ output_data("%s|%s",
- ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
-
- auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case TELQUAL_SEND:
- i = 2;
-- sprintf(nfrontp, " SEND ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SEND ");
- while (i < length) {
- if (AUTHTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- if (++i >= length) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s ",
-+ output_data( "%s|%s%s ",
- ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
- ++i;
- }
- break;
-
- case TELQUAL_NAME:
-- i = 2;
-- sprintf(nfrontp, " NAME \"");
-- nfrontp += strlen(nfrontp);
-- while (i < length) {
-- if (isprint(pointer[i]))
-- *nfrontp++ = pointer[i++];
-- else {
-- sprintf(nfrontp, "\"%03o",pointer[i++]);
-- nfrontp += strlen(nfrontp);
-- }
-- }
-- *nfrontp++ = '"';
-+ output_data(" NAME \"%.*s\"",
-+ length - 2,
-+ pointer + 2);
- break;
-
- default:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
-@@ -1079,86 +960,70 @@
-
- #ifdef ENCRYPTION
- case TELOPT_ENCRYPT:
-- sprintf(nfrontp, "ENCRYPT");
-- nfrontp += strlen(nfrontp);
-+ output_data("ENCRYPT");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case ENCRYPT_START:
-- sprintf(nfrontp, " START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" START");
- break;
-
- case ENCRYPT_END:
-- sprintf(nfrontp, " END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" END");
- break;
-
- case ENCRYPT_REQSTART:
-- sprintf(nfrontp, " REQUEST-START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-START");
- break;
-
- case ENCRYPT_REQEND:
-- sprintf(nfrontp, " REQUEST-END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-END");
- break;
-
- case ENCRYPT_IS:
- case ENCRYPT_REPLY:
-- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ?
-+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, " (partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (partial suboption??\?)");
- break;
- }
- if (ENCTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[2]);
-
- encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case ENCRYPT_SUPPORT:
- i = 2;
-- sprintf(nfrontp, " SUPPORT ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SUPPORT ");
- while (i < length) {
- if (ENCTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- i++;
- }
- break;
-
- case ENCRYPT_ENC_KEYID:
-- sprintf(nfrontp, " ENC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ENC_KEYID");
- goto encommon;
-
- case ENCRYPT_DEC_KEYID:
-- sprintf(nfrontp, " DEC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" DEC_KEYID");
- goto encommon;
-
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- encommon:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
-@@ -1167,18 +1032,15 @@
-
- default:
- if (TELOPT_OK(pointer[0]))
-- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0]));
-+ output_data( "%s (unknown)", TELOPT(pointer[0]));
- else
-- sprintf(nfrontp, "%d (unknown)", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( "%d (unknown)", pointer[i]);
- for (i = 1; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( " %d", pointer[i]);
- }
- break;
- }
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data( "\r\n");
+- if (remain < len)
+- return 0;
+- memcpy(nfrontp, buf, len);
+- nfrontp += len;
+- return len;
++ return copied;
}
/*
-@@ -1200,26 +1062,22 @@
- }
-
- /* add a line of output */
-- sprintf(nfrontp, "%s: ", tag);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s: ", tag);
- for (i = 0; i < 20 && cnt; i++) {
-- sprintf(nfrontp, "%02x", *ptr);
-- nfrontp += strlen(nfrontp);
-+ output_data("%02x", *ptr);
- if (isprint(*ptr)) {
- xbuf[i] = *ptr;
- } else {
- xbuf[i] = '.';
- }
- if (i % 2) {
-- *nfrontp = ' ';
-- nfrontp++;
-+ output_data(" ");
- }
- cnt--;
- ptr++;
- }
- xbuf[i] = '\0';
-- sprintf(nfrontp, " %s\r\n", xbuf );
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s\r\n", xbuf );
- }
- }
- #endif /* DIAGNOSTICS */
diff --git a/security/krb5-appl/files/patch-ay b/security/krb5-appl/files/patch-ay
index 4ed0c9e..54c041e 100644
--- a/security/krb5-appl/files/patch-ay
+++ b/security/krb5-appl/files/patch-ay
@@ -1,6 +1,6 @@
---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998
-+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999
-@@ -21,13 +21,26 @@
+--- util/pty/getpty.c.orig Wed Jan 9 14:28:37 2002
++++ util/pty/getpty.c Thu Jan 10 21:30:40 2002
+@@ -24,13 +24,26 @@
#include "libpty.h"
#include "pty-int.h"
@@ -17,19 +17,19 @@
+#define PTYCHARS2 "0123456789abcdef"
+#endif
+
- long pty_getpty (fd, slave, slavelength)
- int slavelength;
- int *fd; char *slave;
+ long
+ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt)
{
-- char *cp;
++ int ptynum;
+ char *cp1, *cp2;
+ #if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY)
+- char *cp;
char *p;
- int i,ptynum;
-+ int ptynum;
struct stat stb;
char slavebuf[1024];
- #ifdef HAVE__GETPTY
-@@ -109,14 +122,14 @@
+ #endif
+@@ -115,14 +128,14 @@
strncpy(slave, slavebuf, slavelength);
return 0;
} else {
diff --git a/security/krb5-appl/files/patch-bd b/security/krb5-appl/files/patch-bd
deleted file mode 100644
index b2bf412..0000000
--- a/security/krb5-appl/files/patch-bd
+++ /dev/null
@@ -1,19 +0,0 @@
---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001
-@@ -805,11 +805,13 @@
- * This is a valid reply in some cases but not in others.
- */
- if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) {
-- *(char **)&($$) = *ftpglob((char *) $1);
-- if (globerr != NULL) {
-+ char **vv;
-+ vv = ftpglob((char *) $1);
-+ if (vv == NULL || globerr != NULL) {
- reply(550, globerr);
- $$ = NULL;
-- }
-+ } else
-+ $$ = *vv;
- free((char *) $1);
- } else
- $$ = $1;
diff --git a/security/krb5-appl/pkg-plist b/security/krb5-appl/pkg-plist
index 5170610..01977cd 100644
--- a/security/krb5-appl/pkg-plist
+++ b/security/krb5-appl/pkg-plist
@@ -63,10 +63,10 @@ lib/libk5crypto.so
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
-lib/libkadm5clnt.so.4
+lib/libkadm5clnt.so.5
lib/libkadm5srv.a
lib/libkadm5srv.so
-lib/libkadm5srv.so.4
+lib/libkadm5srv.so.5
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
diff --git a/security/krb5/Makefile b/security/krb5/Makefile
index 3a0bf18..e9c8235 100644
--- a/security/krb5/Makefile
+++ b/security/krb5/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= krb5
-PORTVERSION= 1.2.2
-PORTREVISION= 5
+PORTVERSION= 1.2.3
CATEGORIES= security
MASTER_SITES= # manual download
diff --git a/security/krb5/distinfo b/security/krb5/distinfo
index e8159e5..3af0278 100644
--- a/security/krb5/distinfo
+++ b/security/krb5/distinfo
@@ -1 +1 @@
-MD5 (krb5-1.2.2.tar.gz) = 57d1bf3a3c68ee8af64e31a46799551c
+MD5 (krb5-1.2.3.tar.gz) = 1e93aed5e6ae13eb4b5b5278b1a6ab46
diff --git a/security/krb5/files/patch-ai b/security/krb5/files/patch-ai
index 634db6c..f5b7331 100644
--- a/security/krb5/files/patch-ai
+++ b/security/krb5/files/patch-ai
@@ -1,6 +1,6 @@
---- appl/gssftp/ftpd/ftpd.c.orig Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpd.c Fri Apr 27 10:18:01 2001
-@@ -485,7 +485,13 @@
+--- appl/gssftp/ftpd/ftpd.c.orig Wed Jan 9 14:26:51 2002
++++ appl/gssftp/ftpd/ftpd.c Thu Jan 10 19:00:13 2002
+@@ -487,7 +487,13 @@
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
@@ -15,273 +15,14 @@
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
-@@ -761,7 +767,16 @@
- int result;
- #ifdef GSSAPI
- if (auth_type && strcmp(auth_type, "GSSAPI") == 0) {
-+ int len;
- authorized = ftpd_gss_userok(&client_name, name) == 0;
-+ len = sizeof("GSSAPI user is not authorized as "
-+ "; Password required.")
-+ + strlen(client_name.value)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "GSSAPI user %s is%s authorized as %s",
- client_name.value, authorized ? "" : " not",
- name);
-@@ -772,7 +787,18 @@
- #endif /* GSSAPI */
- #ifdef KRB5_KRB4_COMPAT
- if (auth_type && strcmp(auth_type, "KERBEROS_V4") == 0) {
-+ int len;
- authorized = kuserok(&kdata,name) == 0;
-+ len = sizeof("Kerberos user .@ is not authorized as "
-+ "; Password required.")
-+ + strlen(kdata.pname)
-+ + strlen(kdata.pinst)
-+ + strlen(kdata.prealm)
-+ + strlen(name);
-+ if (len >= sizeof(buf)) {
-+ syslog(LOG_ERR, "user: username too long");
-+ name = "[username too long]";
-+ }
- sprintf(buf, "Kerberos user %s%s%s@%s is%s authorized as %s",
- kdata.pname, *kdata.pinst ? "." : "",
- kdata.pinst, kdata.prealm,
-@@ -1179,6 +1205,11 @@
- } else {
- char line[FTP_BUFSIZ];
-
-+ if (strlen(cmd) + strlen(name) + 1 >= sizeof(line)) {
-+ syslog(LOG_ERR, "retrieve: filename too long");
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, cmd, name), name = line;
- fin = ftpd_popen(line, "r"), closefunc = ftpd_pclose;
- st.st_size = -1;
-@@ -1417,6 +1448,10 @@
- return (file);
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- secure_error(char *fmt, ...)
- #else
-@@ -1616,13 +1651,19 @@
- {
- char line[FTP_BUFSIZ];
- FILE *fin;
-- int c;
-+ int c, n;
- char str[FTP_BUFSIZ], *p;
-
-+ if (strlen(filename) + sizeof("/bin/ls -lgA ")
-+ >= sizeof(line)) {
-+ reply(501, "filename too long");
-+ return;
-+ }
- (void) sprintf(line, "/bin/ls -lgA %s", filename);
- fin = ftpd_popen(line, "r");
- lreply(211, "status of %s:", filename);
- p = str;
-+ n = 0;
- while ((c = getc(fin)) != EOF) {
- if (c == '\n') {
- if (ferror(stdout)){
-@@ -1639,7 +1680,16 @@
- *p = '\0';
- reply(0, "%s", str);
- p = str;
-- } else *p++ = c;
-+ n = 0;
-+ } else {
-+ *p++ = c;
-+ n++;
-+ if (n >= sizeof(str)) {
-+ reply(551, "output line too long");
-+ (void) ftpd_pclose(fin);
-+ return;
-+ }
-+ }
- }
- if (p != str) {
- *p = '\0';
-@@ -1723,6 +1773,10 @@
-
- char cont_char = ' ';
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ bytes for now.
-+ */
- #ifdef STDARG
- reply(int n, char *fmt, ...)
- #else
-@@ -1744,22 +1798,32 @@
- #endif
-
- if (auth_type) {
-- char in[FTP_BUFSIZ], out[FTP_BUFSIZ];
-+ /*
-+ * Deal with expansion in mk_{safe,priv},
-+ * radix_encode, gss_seal, plus slop.
-+ */
-+ char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
- int length, kerror;
- if (n) sprintf(in, "%d%c", n, cont_char);
- else in[0] = '\0';
- strncat(in, buf, sizeof (in) - strlen(in) - 1);
- #ifdef KRB5_KRB4_COMPAT
- if (strcmp(auth_type, "KERBEROS_V4") == 0) {
-- if ((length = clevel == PROT_P ?
-- krb_mk_priv((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), schedule, &kdata.session,
-- &ctrl_addr, &his_addr)
-- : krb_mk_safe((unsigned char *)in,
-- (unsigned char *)out,
-- strlen(in), &kdata.session,
-- &ctrl_addr, &his_addr)) == -1) {
-+ if (clevel == PROT_P)
-+ length = krb_mk_priv((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ schedule, &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ else
-+ length = krb_mk_safe((unsigned char *)in,
-+ (unsigned char *)out,
-+ strlen(in),
-+ &kdata.session,
-+ &ctrl_addr,
-+ &his_addr);
-+ if (length == -1) {
- syslog(LOG_ERR,
- "krb_mk_%s failed for KERBEROS_V4",
- clevel == PROT_P ? "priv" : "safe");
-@@ -1803,13 +1867,16 @@
- }
- #endif /* GSSAPI */
- /* Other auth types go here ... */
-- if (kerror = radix_encode(out, in, &length, 0)) {
-+ if (length >= sizeof(in) / 4 * 3) {
-+ syslog(LOG_ERR, "input to radix_encode too long");
-+ fputs(in, stdout);
-+ } else if (kerror = radix_encode(out, in, &length, 0)) {
- syslog(LOG_ERR, "Couldn't encode reply (%s)",
- radix_error(kerror));
- fputs(in,stdout);
- } else
-- printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-- n ? cont_char : '-', in);
-+ printf("%s%c%s", clevel == PROT_P ? "632" : "631",
-+ n ? cont_char : '-', in);
- } else {
- if (n) printf("%d%c", n, cont_char);
- fputs(buf, stdout);
-@@ -1822,6 +1889,10 @@
- }
- }
-
-+/*
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
-+ */
- #ifdef STDARG
- lreply(int n, char *fmt, ...)
- #else
-@@ -1866,7 +1937,8 @@
-
- if (cp = strchr(cbuf,'\n'))
- *cp = '\0';
-- reply(500, "'%s': command not understood.", cbuf);
-+ reply(500, "'%.*s': command not understood.",
-+ FTP_BUFSIZ - sizeof("'': command not understood."), cbuf);
- }
-
- delete_file(name)
-@@ -2143,7 +2215,21 @@
- int code;
- char *string;
- {
-- reply(code, "%s: %s.", string, strerror(errno));
-+ char *err_string;
-+ size_t extra_len;
-+ err_string = strerror(errno);
-+ if (err_string == NULL)
-+ err_string = "(unknown error)";
-+ extra_len = strlen(err_string) + sizeof("(truncated): .");
-+ /*
-+ * XXX knows about FTP_BUFSIZ in reply()
-+ */
-+ if (strlen(string) + extra_len > FTP_BUFSIZ) {
-+ reply(code, "(truncated)%.*s: %s.",
-+ FTP_BUFSIZ - extra_len, string, err_string);
-+ } else {
-+ reply(code, "%s: %s.", string, err_string);
-+ }
- }
-
- auth(type)
-@@ -2226,6 +2312,10 @@
+@@ -2312,6 +2318,10 @@
+ if ((length = krb_mk_safe((u_char *)&cksum, out_buf, sizeof(cksum),
+ &kdata.session,&ctrl_addr, &his_addr)) == -1) {
secure_error("ADAT: krb_mk_safe failed");
- return(0);
- }
-+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
-+ secure_error("ADAT: reply too long");
+ return(0);
+ }
- if (kerror = radix_encode(out_buf, buf, &length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2360,6 +2450,16 @@
++ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
++ secure_error("ADAT: reply too long");
+ return(0);
}
-
- if (out_tok.length) {
-+ if (out_tok.length >= ((FTP_BUFSIZ - sizeof("ADAT="))
-+ / 4 * 3)) {
-+ secure_error("ADAT: reply too long");
-+ syslog(LOG_ERR, "ADAT: reply too long");
-+ (void) gss_release_cred(&stat_min, &server_creds);
-+ if (ret_flags & GSS_C_DELEG_FLAG)
-+ (void) gss_release_cred(&stat_min,
-+ &deleg_creds);
-+ return(0);
-+ }
- if (kerror = radix_encode(out_tok.value, gbuf, &out_tok.length, 0)) {
- secure_error("Couldn't encode ADAT reply (%s)",
- radix_error(kerror));
-@@ -2458,6 +2558,9 @@
- * n>=0 on success
- * -1 on error
- * -2 on security error
-+ *
-+ * XXX callers need to limit total length of output string to
-+ * FTP_BUFSIZ
- */
- #ifdef STDARG
- secure_fprintf(FILE *stream, char *fmt, ...)
-@@ -2575,6 +2678,15 @@
- dir->d_name[2] == '\0')
- continue;
-
-+ if (strlen(dirname) + strlen(dir->d_name)
-+ + 1 /* slash */
-+ + 2 /* CRLF */
-+ + 1 > sizeof(nbuf)) {
-+ syslog(LOG_ERR,
-+ "send_file_list: pathname too long");
-+ ret = -2; /* XXX */
-+ goto data_err;
-+ }
- sprintf(nbuf, "%s/%s", dirname, dir->d_name);
-
- /*
+ if (length >= (FTP_BUFSIZ - sizeof("ADAT=")) / 4 * 3) {
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::authenc.c b/security/krb5/files/patch-appl::telnet::telnetd::authenc.c
deleted file mode 100644
index 9a19ab9..0000000
--- a/security/krb5/files/patch-appl::telnet::telnetd::authenc.c
+++ /dev/null
@@ -1,12 +0,0 @@
---- appl/telnet/telnetd/authenc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/authenc.c Thu Jul 19 19:14:29 2001
-@@ -43,8 +43,7 @@
- int len;
- {
- if (nfrontp + len < netobuf + BUFSIZ) {
-- memcpy((void *)nfrontp, (void *)str, len);
-- nfrontp += len;
-+ output_datalen(str, len);
- return(len);
- }
- return(0);
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::ext.h b/security/krb5/files/patch-appl::telnet::telnetd::ext.h
deleted file mode 100644
index 38fd6ac..0000000
--- a/security/krb5/files/patch-appl::telnet::telnetd::ext.h
+++ /dev/null
@@ -1,24 +0,0 @@
---- appl/telnet/telnetd/ext.h.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/ext.h Mon Jul 23 16:44:35 2001
-@@ -75,7 +75,7 @@
-
- extern char netibuf[BUFSIZ], *netip;
-
--extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
-+extern char netobuf[BUFSIZ], *nfrontp, *nbackp;
- extern char *neturg; /* one past last bye of urgent data */
-
- extern int pcc, ncc;
-@@ -187,8 +187,10 @@
- tty_setsofttab P((int)),
- tty_tspeed P((int)),
- willoption P((int)),
-- wontoption P((int)),
-- writenet P((unsigned char *, int));
-+ wontoption P((int));
-+
-+extern int output_data __P((const char *, ...)) __printflike(1, 2);
-+extern int output_datalen __P((const char *, size_t));
-
- #ifdef ENCRYPTION
- extern char *nclearto;
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::slc.c b/security/krb5/files/patch-appl::telnet::telnetd::slc.c
deleted file mode 100644
index f4e7d41..0000000
--- a/security/krb5/files/patch-appl::telnet::telnetd::slc.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- appl/telnet/telnetd/slc.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/slc.c Mon Jul 23 16:45:51 2001
-@@ -198,7 +198,7 @@
- (void) sprintf((char *)slcptr, "%c%c", IAC, SE);
- slcptr += 2;
- len = slcptr - slcbuf;
-- writenet(slcbuf, len);
-+ output_datalen(slcbuf, len);
- netflush(); /* force it out immediately */
- DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2););
- }
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::state.c b/security/krb5/files/patch-appl::telnet::telnetd::state.c
deleted file mode 100644
index baf2073..0000000
--- a/security/krb5/files/patch-appl::telnet::telnetd::state.c
+++ /dev/null
@@ -1,134 +0,0 @@
---- appl/telnet/telnetd/state.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/state.c Mon Jul 23 17:48:48 2001
-@@ -33,6 +33,7 @@
-
- /* based on @(#)state.c 8.1 (Berkeley) 6/4/93 */
-
-+#include <stdarg.h>
- #include "telnetd.h"
- #if defined(AUTHENTICATION)
- #include <libtelnet/auth.h>
-@@ -86,7 +87,7 @@
- if (!auth_negotiated) {
- static char *error =
- "An environment option was sent before authentication negotiation completed.\r\nThis may create a security hazard. Connection dropped.\r\n";
-- writenet(error, strlen(error));
-+ output_datalen(error, strlen(error));
- netflush();
- exit(1);
- }
-@@ -209,8 +210,7 @@
- }
-
- netclear(); /* clear buffer back */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- DIAG(TD_OPTIONS,
- printoption("td: send IAC", DM));
-@@ -463,8 +463,7 @@
- set_his_want_state_will(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)doopt, option);
-- nfrontp += sizeof (dont) - 2;
-+ output_data((const char *)doopt, option);
-
- DIAG(TD_OPTIONS, printoption("td: send do", option));
- }
-@@ -683,8 +682,7 @@
- set_his_want_state_wont(option);
- do_dont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)dont, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)dont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send dont", option));
- }
-@@ -833,8 +831,7 @@
- set_my_want_state_will(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)will, option);
-- nfrontp += sizeof (doopt) - 2;
-+ output_data((const char *)will, option);
-
- DIAG(TD_OPTIONS, printoption("td: send will", option));
- }
-@@ -993,8 +990,7 @@
- set_my_want_state_wont(option);
- will_wont_resp[option]++;
- }
-- (void) sprintf(nfrontp, (char *)wont, option);
-- nfrontp += sizeof (wont) - 2;
-+ output_data((const char *)wont, option);
-
- DIAG(TD_OPTIONS, printoption("td: send wont", option));
- }
-@@ -1393,9 +1389,8 @@
- env_ovar_wrong:
- env_ovar = OLD_ENV_VALUE;
- env_ovalue = OLD_ENV_VAR;
-- DIAG(TD_OPTIONS, {sprintf(nfrontp,
-- "ENVIRON VALUE and VAR are reversed!\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS,
-+ output_data("ENVIRON VALUE and VAR are reversed!\r\n"));
-
- }
- }
-@@ -1633,11 +1628,51 @@
- ADD(IAC);
- ADD(SE);
-
-- writenet(statusbuf, ncp - statusbuf);
-+ output_datalen(statusbuf, ncp - statusbuf);
- netflush(); /* Send it on its way */
-
- DIAG(TD_OPTIONS,
- {printsub('>', statusbuf, ncp - statusbuf); netflush();});
-+}
-+
-+/*
-+ * This function appends data to nfrontp and advances nfrontp.
-+ */
-+
-+int
-+output_data(const char *format, ...)
-+{
-+ va_list args;
-+ size_t remaining, ret;
-+
-+ va_start(args, format);
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ /* try a netflush() if the room is too low */
-+ if (strlen(format) > remaining || BUFSIZ / 4 > remaining) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ ret = vsnprintf(nfrontp, remaining, format, args);
-+ nfrontp += ((ret < remaining - 1) ? ret : remaining - 1);
-+ va_end(args);
-+ return ret;
-+}
-+
-+int
-+output_datalen(const char *buf, size_t len)
-+{
-+ size_t remaining;
-+
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ if (remaining < len) {
-+ netflush();
-+ remaining = BUFSIZ - (nfrontp - netobuf);
-+ }
-+ if (remaining < len)
-+ return -1;
-+ memmove(nfrontp, buf, len);
-+ nfrontp += len;
-+ return (len);
- }
-
- static int envvarok(varp)
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::telnetd.c b/security/krb5/files/patch-appl::telnet::telnetd::telnetd.c
deleted file mode 100644
index 9eef170..0000000
--- a/security/krb5/files/patch-appl::telnet::telnetd::telnetd.c
+++ /dev/null
@@ -1,169 +0,0 @@
---- appl/telnet/telnetd/telnetd.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/telnetd.c Mon Jul 23 17:27:05 2001
-@@ -693,7 +693,7 @@
- char *error_message =
- "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
-
-- writenet(error_message, strlen(error_message));
-+ output_datalen(error_message, strlen(error_message));
- netflush();
- exit(1);
- }
-@@ -782,9 +782,7 @@
- { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_XDISPLOC)) {
-@@ -792,9 +790,7 @@
- { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
-@@ -802,9 +798,7 @@
- { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- else if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
-@@ -812,17 +806,13 @@
- { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE };
-
- if(nfrontp - netobuf + sizeof(sb) < sizeof(netobuf)) {
-- memcpy(nfrontp, sb, sizeof(sb));
-- nfrontp += sizeof(sb);
-- *nfrontp = '\0';
-+ output_datalen(sb, sizeof sb);
- }
- }
- if (his_state_is_will(TELOPT_TTYPE)) {
-
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf) < sizeof(netobuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- }
- if (his_state_is_will(TELOPT_TSPEED)) {
-@@ -902,9 +892,7 @@
- return;
- settimer(baseline);
- if(nfrontp - netobuf + sizeof(ttytype_sbbuf)) {
-- memcpy(nfrontp, ttytype_sbbuf, sizeof(ttytype_sbbuf));
-- nfrontp += sizeof(ttytype_sbbuf);
-- *nfrontp = '\0';
-+ output_datalen(ttytype_sbbuf, sizeof ttytype_sbbuf);
- }
- while (sequenceIs(ttypesubopt, baseline))
- ttloop();
-@@ -1177,9 +1165,7 @@
- * mode, which we do not want.
- */
- if (his_want_state_is_will(TELOPT_ECHO)) {
-- DIAG(TD_OPTIONS,
-- {sprintf(nfrontp, "td: simulating recv\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_OPTIONS, output_data("td: simulating recv\r\n"));
- willoption(TELOPT_ECHO);
- }
-
-@@ -1308,9 +1294,7 @@
- localstat();
- #endif /* LINEMODE */
-
-- DIAG(TD_REPORT,
-- {sprintf(nfrontp, "td: Entering processing loop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: Entering processing loop\r\n"));
-
- #ifdef convex
- startslave(host);
-@@ -1435,8 +1419,7 @@
- netip = netibuf;
- }
- DIAG((TD_REPORT | TD_NETDATA),
-- {sprintf(nfrontp, "td: netread %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ output_data("td: netread %d chars\r\n", ncc));
- DIAG(TD_NETDATA, printdata("nd", netip, ncc));
- }
-
-@@ -1483,8 +1466,7 @@
- * royally if we send them urgent
- * mode data.
- */
-- *nfrontp++ = IAC;
-- *nfrontp++ = DM;
-+ output_data("%c%c", IAC, DM);
- neturg = nfrontp-1; /* off by one XXX */
- #endif
- }
-@@ -1495,13 +1477,11 @@
- ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
- if (newflow != flowmode) {
- flowmode = newflow;
-- (void) sprintf(nfrontp,
-- "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON
- : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- pcc--;
-@@ -1524,19 +1504,19 @@
- break;
- c = *ptyip++ & 0377, pcc--;
- if (c == IAC)
-- *nfrontp++ = c;
-+ output_data("%c", c);
- #if defined(CRAY2) && defined(UNICOS5)
- else if (c == '\n' &&
- my_state_is_wont(TELOPT_BINARY) && newmap)
-- *nfrontp++ = '\r';
-+ output_data("\r");
- #endif /* defined(CRAY2) && defined(UNICOS5) */
-- *nfrontp++ = c;
-+ output_data("%c", c);
- if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) {
- if (pcc > 0 && ((*ptyip & 0377) == '\n')) {
-- *nfrontp++ = *ptyip++ & 0377;
-+ output_data("%c", *ptyip++ & 0377);
- pcc--;
- } else
-- *nfrontp++ = '\0';
-+ output_data("%c", '\0');
- }
- }
- #if defined(CRAY2) && defined(UNICOS5)
-@@ -1707,10 +1687,7 @@
- return;
- }
- #endif
-- (void) strncpy(nfrontp, "\r\n[Yes]\r\n",
-- sizeof(netobuf) - 1 - (nfrontp - netobuf));
-- nfrontp += 9;
-- *nfrontp = '\0';
-+ output_data("\r\n[Yes]\r\n");
- }
-
- void
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::termstat.c b/security/krb5/files/patch-appl::telnet::telnetd::termstat.c
deleted file mode 100644
index 422f1c8..0000000
--- a/security/krb5/files/patch-appl::telnet::telnetd::termstat.c
+++ /dev/null
@@ -1,74 +0,0 @@
---- appl/telnet/telnetd/termstat.c.orig Wed Feb 28 14:06:51 2001
-+++ appl/telnet/telnetd/termstat.c Thu Jul 19 19:22:54 2001
-@@ -283,10 +283,9 @@
- # endif /* KLUDGELINEMODE */
- send_do(TELOPT_LINEMODE, 1);
- /* send along edit modes */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- # ifdef KLUDGELINEMODE
- }
-@@ -312,10 +311,9 @@
- /*
- * Send along appropriate edit mode mask.
- */
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-+ output_data("%c%c%c%c%c%c%c", IAC, SB,
- TELOPT_LINEMODE, LM_MODE, useeditmode,
- IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -359,20 +357,18 @@
- if (his_state_is_will(TELOPT_LFLOW)) {
- if (tty_flowmode() != flowmode) {
- flowmode = tty_flowmode();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- flowmode ? LFLOW_ON : LFLOW_OFF,
- IAC, SE);
-- nfrontp += 6;
- }
- if (tty_restartany() != restartany) {
- restartany = tty_restartany();
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c",
-+ output_data("%c%c%c%c%c%c",
- IAC, SB, TELOPT_LFLOW,
- restartany ? LFLOW_RESTART_ANY
- : LFLOW_RESTART_XON,
- IAC, SE);
-- nfrontp += 6;
- }
- }
- }
-@@ -445,10 +441,9 @@
- useeditmode |= MODE_SOFT_TAB;
- if (tty_islitecho())
- useeditmode |= MODE_LIT_ECHO;
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode, IAC, SE);
-- nfrontp += 7;
- editmode = useeditmode;
- }
-
-@@ -504,11 +499,10 @@
- set_termbuf();
-
- if (!ack) {
-- (void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-+ output_data("%c%c%c%c%c%c%c", IAC,
- SB, TELOPT_LINEMODE, LM_MODE,
- useeditmode|MODE_ACK,
- IAC, SE);
-- nfrontp += 7;
- }
-
- editmode = useeditmode;
diff --git a/security/krb5/files/patch-appl::telnet::telnetd::utility.c b/security/krb5/files/patch-appl::telnet::telnetd::utility.c
index d49598c..8bb656d 100644
--- a/security/krb5/files/patch-appl::telnet::telnetd::utility.c
+++ b/security/krb5/files/patch-appl::telnet::telnetd::utility.c
@@ -1,879 +1,38 @@
---- appl/telnet/telnetd/utility.c.orig Wed Feb 28 14:06:52 2001
-+++ appl/telnet/telnetd/utility.c Mon Jul 23 17:16:27 2001
-@@ -58,8 +58,7 @@
+--- appl/telnet/telnetd/utility.c.orig Wed Jan 9 14:26:59 2002
++++ appl/telnet/telnetd/utility.c Fri Jan 11 13:10:33 2002
+@@ -408,18 +408,25 @@
+ int
+ netwrite(const char *buf, size_t len)
{
- void netflush();
-
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n");
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop\r\n"));
- if (nfrontp-nbackp) {
- netflush();
- }
-@@ -74,8 +73,7 @@
- syslog(LOG_INFO, "ttloop: peer died: %m");
- exit(1);
- }
-- DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc);
-- nfrontp += strlen(nfrontp);});
-+ DIAG(TD_REPORT, output_data("td: ttloop read %d chars\r\n", ncc));
- netip = netibuf;
- telrcv(); /* state machine */
- if (ncc > 0) {
-@@ -117,9 +115,8 @@
- int n;
-
- if ((n = pfrontp - pbackp) > 0) {
-- DIAG((TD_REPORT | TD_PTYDATA),
-- { sprintf(nfrontp, "td: ptyflush %d chars\r\n", n);
-- nfrontp += strlen(nfrontp); });
-+ DIAG(TD_REPORT | TD_PTYDATA,
-+ output_data("td: ptyflush %d chars\r\n", n));
- DIAG(TD_PTYDATA, printdata("pd", pbackp, n));
- n = write(pty, pbackp, n);
- }
-@@ -251,11 +248,9 @@
- extern int not42;
-
- if ((n = nfrontp - nbackp) > 0) {
-- DIAG(TD_REPORT,
-- { sprintf(nfrontp, "td: netflush %d chars\r\n", n);
-- n += strlen(nfrontp); /* get count first */
-- nfrontp += strlen(nfrontp); /* then move pointer */
-- });
-+ DIAG(TD_REPORT, {
-+ n += output_data("td: netflush %d chars\r\n", n);
-+ });
- #ifdef ENCRYPTION
- if (encrypt_output) {
- char *s = nclearto ? nclearto : nbackp;
-@@ -314,33 +309,6 @@
-
-
- /*
-- * writenet
-- *
-- * Just a handy little function to write a bit of raw data to the net.
-- * It will force a transmit of the buffer if necessary
-- *
-- * arguments
-- * ptr - A pointer to a character string to write
-- * len - How many bytes to write
-- */
-- void
--writenet(ptr, len)
-- register unsigned char *ptr;
-- register int len;
--{
-- /* flush buffer if no room for new data) */
-- if ((&netobuf[BUFSIZ] - nfrontp) < len) {
-- /* if this fails, don't worry, buffer is a little big */
+- size_t remain;
++ int remaining, copied;
++
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ while (len > 0) {
++ /* Free up enough space if the room is too low*/
++ if ((len > BUFSIZ ? BUFSIZ : len) > remaining) {
++ netflush();
++ remaining = BUFSIZ - (nfrontp - netobuf);
++ }
+
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
+- if (remain < len) {
- netflush();
-- }
--
-- memcpy(nfrontp, ptr, len);
-- nfrontp += len;
--
--} /* end of writenet */
--
--
--/*
- * miscellaneous functions doing a variety of little jobs follow ...
- */
-
-@@ -528,12 +496,11 @@
- register int option;
- {
- if (TELOPT_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option));
-+ output_data("%s %s\r\n", fmt, TELOPT(option));
- else if (TELCMD_OK(option))
-- sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option));
-+ output_data("%s %s\r\n", fmt, TELCMD(option));
- else
-- sprintf(nfrontp, "%s %d\r\n", fmt, option);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s %d\r\n", fmt, option);
- return;
- }
-
-@@ -550,9 +517,8 @@
- return;
-
- if (direction) {
-- sprintf(nfrontp, "td: %s suboption ",
-+ output_data("td: %s suboption ",
- direction == '<' ? "recv" : "send");
-- nfrontp += strlen(nfrontp);
- if (length >= 3) {
- register int j;
-
-@@ -560,232 +526,192 @@
- j = pointer[length-1];
-
- if (i != IAC || j != SE) {
-- sprintf(nfrontp, "(terminated by ");
-- nfrontp += strlen(nfrontp);
-+ output_data("(terminated by ");
- if (TELOPT_OK(i))
-- sprintf(nfrontp, "%s ", TELOPT(i));
-+ output_data("%s ", TELOPT(i));
- else if (TELCMD_OK(i))
-- sprintf(nfrontp, "%s ", TELCMD(i));
-+ output_data("%s ", TELCMD(i));
- else
-- sprintf(nfrontp, "%d ", i);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", i);
- if (TELOPT_OK(j))
-- sprintf(nfrontp, "%s", TELOPT(j));
-+ output_data("%s", TELOPT(j));
- else if (TELCMD_OK(j))
-- sprintf(nfrontp, "%s", TELCMD(j));
-+ output_data("%s", TELCMD(j));
- else
-- sprintf(nfrontp, "%d", j);
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, ", not IAC SE!) ");
-- nfrontp += strlen(nfrontp);
-+ output_data("%d", j);
-+ output_data(", not IAC SE!) ");
- }
- }
- length -= 2;
- }
- if (length < 1) {
-- sprintf(nfrontp, "(Empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(Empty suboption??\?)");
- return;
+- remain = sizeof(netobuf) - (nfrontp - netobuf);
++ /* Copy out as much as will fit */
++ copied = remaining > len ? len : remaining;
++ memmove(nfrontp, buf, copied);
++ nfrontp += copied;
++ len -= copied;
++ remaining -= copied;
++ buf += copied;
}
- switch (pointer[0]) {
- case TELOPT_TTYPE:
-- sprintf(nfrontp, "TERMINAL-TYPE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-TYPE ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp,
-+ output_data(
- "- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
- case TELOPT_TSPEED:
-- sprintf(nfrontp, "TERMINAL-SPEED");
-- nfrontp += strlen(nfrontp);
-+ output_data("TERMINAL-SPEED");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2);
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS %.*s", length-2, (char *)pointer+2);
- break;
- default:
- if (pointer[1] == 1)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
- break;
-
- case TELOPT_LFLOW:
-- sprintf(nfrontp, "TOGGLE-FLOW-CONTROL");
-- nfrontp += strlen(nfrontp);
-+ output_data("TOGGLE-FLOW-CONTROL");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case LFLOW_OFF:
-- sprintf(nfrontp, " OFF"); break;
-+ output_data(" OFF"); break;
- case LFLOW_ON:
-- sprintf(nfrontp, " ON"); break;
-+ output_data(" ON"); break;
- case LFLOW_RESTART_ANY:
-- sprintf(nfrontp, " RESTART-ANY"); break;
-+ output_data(" RESTART-ANY"); break;
- case LFLOW_RESTART_XON:
-- sprintf(nfrontp, " RESTART-XON"); break;
-+ output_data(" RESTART-XON"); break;
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-+ output_data(" %d (unknown)", pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_NAWS:
-- sprintf(nfrontp, "NAWS");
-- nfrontp += strlen(nfrontp);
-+ output_data("NAWS");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- if (length == 2) {
-- sprintf(nfrontp, " ?%d?", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[1]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[1], pointer[2],
- (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
-- nfrontp += strlen(nfrontp);
- if (length == 4) {
-- sprintf(nfrontp, " ?%d?", pointer[3]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[3]);
- break;
- }
-- sprintf(nfrontp, " %d %d (%d)",
-+ output_data(" %d %d (%d)",
- pointer[3], pointer[4],
- (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
-- nfrontp += strlen(nfrontp);
- for (i = 5; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case TELOPT_LINEMODE:
-- sprintf(nfrontp, "LINEMODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("LINEMODE ");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case WILL:
-- sprintf(nfrontp, "WILL ");
-+ output_data("WILL ");
- goto common;
- case WONT:
-- sprintf(nfrontp, "WONT ");
-+ output_data("WONT ");
- goto common;
- case DO:
-- sprintf(nfrontp, "DO ");
-+ output_data("DO ");
- goto common;
- case DONT:
-- sprintf(nfrontp, "DONT ");
-+ output_data("DONT ");
- common:
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, "(no option??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no option??\?)");
- break;
- }
- switch (pointer[2]) {
- case LM_FORWARDMASK:
-- sprintf(nfrontp, "Forward Mask");
-- nfrontp += strlen(nfrontp);
-+ output_data("Forward Mask");
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %x", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %x", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[2]);
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
- break;
-
- case LM_SLC:
-- sprintf(nfrontp, "SLC");
-- nfrontp += strlen(nfrontp);
-+ output_data("SLC");
- for (i = 2; i < length - 2; i += 3) {
- if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
-- sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
-+ output_data(" %s", SLC_NAME(pointer[i+SLC_FUNC]));
- else
-- sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i+SLC_FUNC]);
- switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
- case SLC_NOSUPPORT:
-- sprintf(nfrontp, " NOSUPPORT"); break;
-+ output_data(" NOSUPPORT"); break;
- case SLC_CANTCHANGE:
-- sprintf(nfrontp, " CANTCHANGE"); break;
-+ output_data(" CANTCHANGE"); break;
- case SLC_VARIABLE:
-- sprintf(nfrontp, " VARIABLE"); break;
-+ output_data(" VARIABLE"); break;
- case SLC_DEFAULT:
-- sprintf(nfrontp, " DEFAULT"); break;
-+ output_data(" DEFAULT"); break;
- }
-- nfrontp += strlen(nfrontp);
-- sprintf(nfrontp, "%s%s%s",
-+ output_data("%s%s%s",
- pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
- pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
-- nfrontp += strlen(nfrontp);
- if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
- SLC_FLUSHOUT| SLC_LEVELBITS)) {
-- sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]);
-- nfrontp += strlen(nfrontp);
-+ output_data("(0x%x)", pointer[i+SLC_FLAGS]);
- }
-- sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d;", pointer[i+SLC_VALUE]);
- if ((pointer[i+SLC_VALUE] == IAC) &&
- (pointer[i+SLC_VALUE+1] == IAC))
- i++;
- }
- for (; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
-
- case LM_MODE:
-- sprintf(nfrontp, "MODE ");
-- nfrontp += strlen(nfrontp);
-+ output_data("MODE ");
- if (length < 3) {
-- sprintf(nfrontp, "(no mode??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(no mode??\?)");
- break;
- }
- {
-@@ -796,24 +722,19 @@
- pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
- pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
- pointer[2]&MODE_ACK ? "|ACK" : "");
-- sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0");
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", tbuf[1] ? &tbuf[1] : "0");
- }
- if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) {
-- sprintf(nfrontp, " (0x%x)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" (0x%x)", pointer[2]);
- }
- for (i = 3; i < length; i++) {
-- sprintf(nfrontp, " ?0x%x?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?0x%x?", pointer[i]);
- }
- break;
- default:
-- sprintf(nfrontp, "%d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- }
- break;
-@@ -822,24 +743,20 @@
- register char *cp;
- register int j, k;
-
-- sprintf(nfrontp, "STATUS");
-- nfrontp += strlen(nfrontp);
-+ output_data("STATUS");
-
- switch (pointer[1]) {
- default:
- if (pointer[1] == TELQUAL_SEND)
-- sprintf(nfrontp, " SEND");
-+ output_data(" SEND");
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- case TELQUAL_IS:
-- sprintf(nfrontp, " IS\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data(" IS\r\n");
-
- for (i = 2; i < length; i++) {
- switch(pointer[i]) {
-@@ -850,18 +767,15 @@
- common2:
- i++;
- if (TELOPT_OK(pointer[i]))
-- sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i]));
-+ output_data(" %s %s", cp, TELOPT(pointer[i]));
- else
-- sprintf(nfrontp, " %s %d", cp, pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s %d", cp, pointer[i]);
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
- break;
-
- case SB:
-- sprintf(nfrontp, " SB ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SB ");
- i++;
- j = k = i;
- while (j < length) {
-@@ -877,20 +791,17 @@
- }
- printsub(0, &pointer[i], k - i);
- if (i < length) {
-- sprintf(nfrontp, " SE");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SE");
- i = j;
- } else
- i = j - 1;
-
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data("\r\n");
-
- break;
-
- default:
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- break;
- }
- }
-@@ -900,86 +811,77 @@
- }
-
- case TELOPT_XDISPLOC:
-- sprintf(nfrontp, "X-DISPLAY-LOCATION ");
-- nfrontp += strlen(nfrontp);
-+ output_data("X-DISPLAY-LOCATION ");
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-+ output_data("IS \"%.*s\"", length-2, (char *)pointer+2);
- break;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND");
-+ output_data("SEND");
- break;
- default:
-- sprintf(nfrontp, "- unknown qualifier %d (0x%x).",
-+ output_data("- unknown qualifier %d (0x%x).",
- pointer[1], pointer[1]);
- }
-- nfrontp += strlen(nfrontp);
- break;
-
- case TELOPT_NEW_ENVIRON:
-- sprintf(nfrontp, "NEW-ENVIRON ");
-+ output_data("NEW-ENVIRON ");
- goto env_common1;
- case TELOPT_OLD_ENVIRON:
-- sprintf(nfrontp, "OLD-ENVIRON");
-+ output_data("OLD-ENVIRON");
- env_common1:
-- nfrontp += strlen(nfrontp);
- switch (pointer[1]) {
- case TELQUAL_IS:
-- sprintf(nfrontp, "IS ");
-+ output_data("IS ");
- goto env_common;
- case TELQUAL_SEND:
-- sprintf(nfrontp, "SEND ");
-+ output_data("SEND ");
- goto env_common;
- case TELQUAL_INFO:
-- sprintf(nfrontp, "INFO ");
-+ output_data("INFO ");
- env_common:
-- nfrontp += strlen(nfrontp);
- {
- register int noquote = 2;
- for (i = 2; i < length; i++ ) {
- switch (pointer[i]) {
- case NEW_ENV_VAR:
-- sprintf(nfrontp, "\" VAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VAR " + noquote);
- noquote = 2;
- break;
-
- case NEW_ENV_VALUE:
-- sprintf(nfrontp, "\" VALUE " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" VALUE " + noquote);
- noquote = 2;
- break;
-
- case ENV_ESC:
-- sprintf(nfrontp, "\" ESC " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" ESC " + noquote);
- noquote = 2;
- break;
-
- case ENV_USERVAR:
-- sprintf(nfrontp, "\" USERVAR " + noquote);
-- nfrontp += strlen(nfrontp);
-+ output_data("\" USERVAR " + noquote);
- noquote = 2;
- break;
-
- default:
- if (isprint(pointer[i]) && pointer[i] != '"') {
- if (noquote) {
-- *nfrontp++ = '"';
-+ output_data("\"");
- noquote = 0;
- }
-- *nfrontp++ = pointer[i];
-+ output_data("%c", pointer[i]);
- } else {
-- sprintf(nfrontp, "\" %03o " + noquote,
-+ output_data("\" %03o " + noquote,
- pointer[i]);
-- nfrontp += strlen(nfrontp);
- noquote = 2;
- }
- break;
- }
- }
- if (!noquote)
-- *nfrontp++ = '"';
-+ output_data("\"");
- break;
- }
- }
-@@ -987,90 +889,69 @@
-
- #if defined(AUTHENTICATION)
- case TELOPT_AUTHENTICATION:
-- sprintf(nfrontp, "AUTHENTICATION");
-- nfrontp += strlen(nfrontp);
-+ output_data("AUTHENTICATION");
-
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case TELQUAL_REPLY:
- case TELQUAL_IS:
-- sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ?
-+ output_data(" %s ", (pointer[1] == TELQUAL_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (AUTHTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, "%d ", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[2]);
- if (length < 3) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s",
-+ output_data("%s|%s",
- ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
-
- auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case TELQUAL_SEND:
- i = 2;
-- sprintf(nfrontp, " SEND ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SEND ");
- while (i < length) {
- if (AUTHTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i]));
-+ output_data("%s ", AUTHTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- if (++i >= length) {
-- sprintf(nfrontp, "(partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data("(partial suboption??\?)");
- break;
- }
-- sprintf(nfrontp, "%s|%s%s ",
-+ output_data( "%s|%s%s ",
- ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
- "CLIENT" : "SERVER",
- ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
- "MUTUAL" : "ONE-WAY",
- ((pointer[3] & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON) ?
- "|ENCRYPT" : "");
-- nfrontp += strlen(nfrontp);
- ++i;
- }
- break;
-
- case TELQUAL_NAME:
-- i = 2;
-- sprintf(nfrontp, " NAME \"");
-- nfrontp += strlen(nfrontp);
-- while (i < length) {
-- if (isprint(pointer[i]))
-- *nfrontp++ = pointer[i++];
-- else {
-- sprintf(nfrontp, "\"%03o",pointer[i++]);
-- nfrontp += strlen(nfrontp);
-- }
-- }
-- *nfrontp++ = '"';
-+ output_data(" NAME \"%.*s\"",
-+ length - 2,
-+ pointer + 2);
- break;
-
- default:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " ?%d?", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ?%d?", pointer[i]);
- }
- break;
- }
-@@ -1079,86 +960,70 @@
-
- #ifdef ENCRYPTION
- case TELOPT_ENCRYPT:
-- sprintf(nfrontp, "ENCRYPT");
-- nfrontp += strlen(nfrontp);
-+ output_data("ENCRYPT");
- if (length < 2) {
-- sprintf(nfrontp, " (empty suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (empty suboption??\?)");
- break;
- }
- switch (pointer[1]) {
- case ENCRYPT_START:
-- sprintf(nfrontp, " START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" START");
- break;
-
- case ENCRYPT_END:
-- sprintf(nfrontp, " END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" END");
- break;
-
- case ENCRYPT_REQSTART:
-- sprintf(nfrontp, " REQUEST-START");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-START");
- break;
-
- case ENCRYPT_REQEND:
-- sprintf(nfrontp, " REQUEST-END");
-- nfrontp += strlen(nfrontp);
-+ output_data(" REQUEST-END");
- break;
-
- case ENCRYPT_IS:
- case ENCRYPT_REPLY:
-- sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ?
-+ output_data(" %s ", (pointer[1] == ENCRYPT_IS) ?
- "IS" : "REPLY");
-- nfrontp += strlen(nfrontp);
- if (length < 3) {
-- sprintf(nfrontp, " (partial suboption??\?)");
-- nfrontp += strlen(nfrontp);
-+ output_data(" (partial suboption??\?)");
- break;
- }
- if (ENCTYPE_NAME_OK(pointer[2]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[2]));
- else
-- sprintf(nfrontp, " %d (unknown)", pointer[2]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[2]);
-
- encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-- sprintf(nfrontp, "%s", buf);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s", buf);
- break;
-
- case ENCRYPT_SUPPORT:
- i = 2;
-- sprintf(nfrontp, " SUPPORT ");
-- nfrontp += strlen(nfrontp);
-+ output_data(" SUPPORT ");
- while (i < length) {
- if (ENCTYPE_NAME_OK(pointer[i]))
-- sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i]));
-+ output_data("%s ", ENCTYPE_NAME(pointer[i]));
- else
-- sprintf(nfrontp, "%d ", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data("%d ", pointer[i]);
- i++;
- }
- break;
-
- case ENCRYPT_ENC_KEYID:
-- sprintf(nfrontp, " ENC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" ENC_KEYID");
- goto encommon;
-
- case ENCRYPT_DEC_KEYID:
-- sprintf(nfrontp, " DEC_KEYID", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" DEC_KEYID");
- goto encommon;
-
- default:
-- sprintf(nfrontp, " %d (unknown)", pointer[1]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d (unknown)", pointer[1]);
- encommon:
- for (i = 2; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data(" %d", pointer[i]);
- }
- break;
- }
-@@ -1167,18 +1032,15 @@
-
- default:
- if (TELOPT_OK(pointer[0]))
-- sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0]));
-+ output_data( "%s (unknown)", TELOPT(pointer[0]));
- else
-- sprintf(nfrontp, "%d (unknown)", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( "%d (unknown)", pointer[i]);
- for (i = 1; i < length; i++) {
-- sprintf(nfrontp, " %d", pointer[i]);
-- nfrontp += strlen(nfrontp);
-+ output_data( " %d", pointer[i]);
- }
- break;
- }
-- sprintf(nfrontp, "\r\n");
-- nfrontp += strlen(nfrontp);
-+ output_data( "\r\n");
+- if (remain < len)
+- return 0;
+- memcpy(nfrontp, buf, len);
+- nfrontp += len;
+- return len;
++ return copied;
}
/*
-@@ -1200,26 +1062,22 @@
- }
-
- /* add a line of output */
-- sprintf(nfrontp, "%s: ", tag);
-- nfrontp += strlen(nfrontp);
-+ output_data("%s: ", tag);
- for (i = 0; i < 20 && cnt; i++) {
-- sprintf(nfrontp, "%02x", *ptr);
-- nfrontp += strlen(nfrontp);
-+ output_data("%02x", *ptr);
- if (isprint(*ptr)) {
- xbuf[i] = *ptr;
- } else {
- xbuf[i] = '.';
- }
- if (i % 2) {
-- *nfrontp = ' ';
-- nfrontp++;
-+ output_data(" ");
- }
- cnt--;
- ptr++;
- }
- xbuf[i] = '\0';
-- sprintf(nfrontp, " %s\r\n", xbuf );
-- nfrontp += strlen(nfrontp);
-+ output_data(" %s\r\n", xbuf );
- }
- }
- #endif /* DIAGNOSTICS */
diff --git a/security/krb5/files/patch-ay b/security/krb5/files/patch-ay
index 4ed0c9e..54c041e 100644
--- a/security/krb5/files/patch-ay
+++ b/security/krb5/files/patch-ay
@@ -1,6 +1,6 @@
---- util/pty/getpty.c.orig Fri Feb 6 19:46:42 1998
-+++ util/pty/getpty.c Mon Apr 5 14:00:07 1999
-@@ -21,13 +21,26 @@
+--- util/pty/getpty.c.orig Wed Jan 9 14:28:37 2002
++++ util/pty/getpty.c Thu Jan 10 21:30:40 2002
+@@ -24,13 +24,26 @@
#include "libpty.h"
#include "pty-int.h"
@@ -17,19 +17,19 @@
+#define PTYCHARS2 "0123456789abcdef"
+#endif
+
- long pty_getpty (fd, slave, slavelength)
- int slavelength;
- int *fd; char *slave;
+ long
+ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt)
{
-- char *cp;
++ int ptynum;
+ char *cp1, *cp2;
+ #if !defined(HAVE__GETPTY) && !defined(HAVE_OPENPTY)
+- char *cp;
char *p;
- int i,ptynum;
-+ int ptynum;
struct stat stb;
char slavebuf[1024];
- #ifdef HAVE__GETPTY
-@@ -109,14 +122,14 @@
+ #endif
+@@ -115,14 +128,14 @@
strncpy(slave, slavebuf, slavelength);
return 0;
} else {
diff --git a/security/krb5/files/patch-bd b/security/krb5/files/patch-bd
deleted file mode 100644
index b2bf412..0000000
--- a/security/krb5/files/patch-bd
+++ /dev/null
@@ -1,19 +0,0 @@
---- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001
-+++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001
-@@ -805,11 +805,13 @@
- * This is a valid reply in some cases but not in others.
- */
- if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) {
-- *(char **)&($$) = *ftpglob((char *) $1);
-- if (globerr != NULL) {
-+ char **vv;
-+ vv = ftpglob((char *) $1);
-+ if (vv == NULL || globerr != NULL) {
- reply(550, globerr);
- $$ = NULL;
-- }
-+ } else
-+ $$ = *vv;
- free((char *) $1);
- } else
- $$ = $1;
diff --git a/security/krb5/pkg-plist b/security/krb5/pkg-plist
index 5170610..01977cd 100644
--- a/security/krb5/pkg-plist
+++ b/security/krb5/pkg-plist
@@ -63,10 +63,10 @@ lib/libk5crypto.so
lib/libk5crypto.so.3
lib/libkadm5clnt.a
lib/libkadm5clnt.so
-lib/libkadm5clnt.so.4
+lib/libkadm5clnt.so.5
lib/libkadm5srv.a
lib/libkadm5srv.so
-lib/libkadm5srv.so.4
+lib/libkadm5srv.so.5
lib/libkdb5.a
lib/libkdb5.so
lib/libkdb5.so.3
OpenPOWER on IntegriCloud