main/heimdal: upgrade to 7.1.0

1 files changed, 0 insertions, 163 deletions

diff --git a/main/heimdal/heimdal-remove-broken-auth.patch b/main/heimdal/heimdal-remove-broken-auth.patch
deleted file mode 100644
index 97e272bd06..0000000000
--- a/main/heimdal/heimdal-remove-broken-auth.patch
+++ /dev/null
@@ -1,163 +0,0 @@
---- appl/rsh/rsh.c.orig
-+++ b/appl/rsh/rsh.c
-@@ -399,6 +399,8 @@
- 
- #endif /* KRB5 */
- 
-+#ifdef BROKEN_AUTH
-+
- static int
- send_broken_auth(int s,
- 		 struct sockaddr *thisaddr,
-@@ -428,6 +430,8 @@
-     return 0;
- }
- 
-+#endif /* BROKEN_AUTH */
-+
- static int
- proto (int s, int errsock,
-        const char *hostname, const char *local_user, const char *remote_user,
-@@ -629,6 +633,8 @@
-     return res;
- }
- 
-+#ifdef BROKEN_AUTH
-+
- static int
- doit_broken (int argc,
- 	     char **argv,
-@@ -702,6 +708,8 @@
-     }
- }
- 
-+#endif
-+
- #if defined(KRB5)
- static int
- doit (const char *hostname,
-@@ -796,7 +804,9 @@
-     { "protocol", 'P', arg_string,      &protocol_version_str,
-       "Protocol version [krb5]", "protocol" },
- #endif
-+#ifdef BROKEN_AUTH
-     { "broken", 'K', arg_flag,		&use_only_broken, "Use only priv port" },
-+#endif
- #if defined(KRB5)
-     { "encrypt", 'x', arg_flag,		&do_encrypt,	"Encrypt connection" },
-     { NULL, 	'z', arg_negative_flag,      &do_encrypt,
-@@ -831,8 +841,10 @@
- int
- main(int argc, char **argv)
- {
-+#ifdef BROKEN_AUTH
-     int priv_port1, priv_port2;
-     int priv_socket1, priv_socket2;
-+#endif
-     int argindex = 0;
-     int error;
-     struct addrinfo hints, *ai;
-@@ -848,9 +860,11 @@
- #endif
-     uid_t uid;
- 
-+#ifdef BROKEN_AUTH
-     priv_port1 = priv_port2 = IPPORT_RESERVED-1;
-     priv_socket1 = rresvport(&priv_port1);
-     priv_socket2 = rresvport(&priv_port2);
-+#endif
-     uid = getuid ();
-     if (setuid (uid) || (uid != 0 && setuid(0) == 0))
- 	err (1, "setuid");
-@@ -907,6 +921,7 @@
- 
- #endif
- 
-+#ifdef BROKEN_AUTH
-     if (use_only_broken) {
- #ifdef KRB5
- 	use_v5 = 0;
-@@ -918,6 +933,7 @@
- 	    errx (1, "unable to bind reserved port: is rsh setuid root?");
- 	use_broken = 0;
-     }
-+#endif
- 
- #if defined(KRB5)
-     if (do_encrypt == 1 && use_only_broken)
-@@ -956,8 +972,10 @@
-     }
- 
-     if (argindex == argc) {
-+#ifdef BROKEN_AUTH
- 	close (priv_socket1);
- 	close (priv_socket2);
-+#endif
- 	argv[0] = "rlogin";
- 	execvp ("rlogin", argv);
- 	err (1, "execvp rlogin");
-@@ -1004,6 +1022,7 @@
- 	freeaddrinfo(ai);
-     }
- #endif
-+#ifdef BROKEN_AUTH
-     if (ret && use_broken) {
- 	memset (&hints, 0, sizeof(hints));
- 	hints.ai_socktype = SOCK_STREAM;
-@@ -1027,6 +1046,7 @@
- 			   cmd, cmd_len);
- 	freeaddrinfo(ai);
-     }
-+#endif
-     free(cmd);
-     return ret;
- }
---- appl/rsh/rshd.c.orig
-+++ b/appl/rsh/rshd.c
-@@ -131,6 +131,7 @@
-     fatal(s, NULL, "%s too long", expl);
- }
- 
-+#ifdef BROKEN_AUTH
- static int
- recv_bsd_auth (int s, u_char *buf,
- 	       struct sockaddr_in *thisaddr,
-@@ -152,6 +153,7 @@
- 	fatal(s, NULL, "Login incorrect.");
-     return 0;
- }
-+#endif
- 
- #ifdef KRB5
- static int
-@@ -658,10 +660,11 @@
- 	/*
- 	 * we only do reserved port for IPv4
- 	 */
--
-+#ifdef BROKEN_AUTH
- 	if (erraddr->sa_family == AF_INET)
- 	    errsock = rresvport (&priv_port);
- 	else
-+#endif
- 	    errsock = socket (erraddr->sa_family, SOCK_STREAM, 0);
- 	if (errsock < 0)
- 	    syslog_and_die ("socket: %s", strerror(errno));
-@@ -689,6 +692,7 @@
- 		syslog_and_die ("unrecognized auth protocol: %x %x %x %x",
- 				buf[0], buf[1], buf[2], buf[3]);
-     } else {
-+#ifdef BROKEN_AUTH
- 	if(recv_bsd_auth (s, buf,
- 			  (struct sockaddr_in *)thisaddr,
- 			  (struct sockaddr_in *)thataddr,
-@@ -702,6 +706,9 @@
- 	    }
- 	} else
- 	    syslog_and_die("recv_bsd_auth failed");
-+#else
-+	syslog_and_die("recv_bsd_auth is disabled for security reasons");
-+#endif
-     }
- 
-     if (client_user == NULL || server_user == NULL || cmd == NULL)