pkgsrc-WIP-changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kermit: Update to pre-alpha03



Module Name:	pkgsrc-wip
Committed By:	Greg Troxel <gdt%lexort.com@localhost>
Pushed By:	gdt
Date:		Sun Oct 18 11:36:41 2020 -0400
Changeset:	72db3b5d9e405a11210e31eddcca28bce2dfe4a4

Modified Files:
	kermit/Makefile
	kermit/PLIST
	kermit/distinfo
	kermit/patches/patch-ckuath.c
	kermit/patches/patch-ckupty.c
	kermit/patches/patch-ckuusx.c
Removed Files:
	kermit/patches-dont/patch-ae
	kermit/patches-dont/patch-ckcpro.w
	kermit/patches/patch-ck_ssl.c
	kermit/patches/patch-ckcdeb.h
	kermit/patches/patch-ckcfns.c
	kermit/patches/patch-ckcmai.c
	kermit/patches/patch-ckuus3.c
	kermit/patches/patch-ckuus4.c
	kermit/patches/patch-ckuus5.c
	kermit/patches/patch-ckuus6.c
	kermit/patches/patch-ckuus7.c
	kermit/patches/patch-ckuusr.c

Log Message:
kermit: Update to pre-alpha03

This is very very WIP-y, more so than usual.

Besides the update:

* delete ancient patch with no effect

We added this in 2012, and the issue has apparently been addressed in
some other way.  Upstream has opined that it's not necessary, and
building without it did not exhibit the warning for which it was
added.

* Document a patch better

Note that the TERMIO regularizaiton is not appropriate for upstream.

* Drop patches Overtaken By Upstream

Upstream has revamped the strategy for declartion of errno, and thus
these are no longer needed.

* Drop errno-declaring patch

Upstream addressed this more broadly and our patch is not longer
needed.

* Drop errno.h include, rather than adding one

Likely will be applied upstream.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=72db3b5d9e405a11210e31eddcca28bce2dfe4a4

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 kermit/Makefile                    |   5 +-
 kermit/PLIST                       |   1 -
 kermit/distinfo                    |  24 +-
 kermit/patches-dont/patch-ae       |  65 -----
 kermit/patches-dont/patch-ckcpro.w |  19 --
 kermit/patches/patch-ck_ssl.c      | 513 -------------------------------------
 kermit/patches/patch-ckcdeb.h      |  12 -
 kermit/patches/patch-ckcfns.c      |  14 -
 kermit/patches/patch-ckcmai.c      |  12 -
 kermit/patches/patch-ckuath.c      | 389 +---------------------------
 kermit/patches/patch-ckupty.c      |   6 +
 kermit/patches/patch-ckuus3.c      |  15 --
 kermit/patches/patch-ckuus4.c      |  29 ---
 kermit/patches/patch-ckuus5.c      |  13 -
 kermit/patches/patch-ckuus6.c      |  16 --
 kermit/patches/patch-ckuus7.c      |  24 --
 kermit/patches/patch-ckuusr.c      |  13 -
 kermit/patches/patch-ckuusx.c      |  18 +-
 18 files changed, 31 insertions(+), 1157 deletions(-)

diffs:
diff --git a/kermit/Makefile b/kermit/Makefile
index aec5ee91b1..850d482bed 100644
--- a/kermit/Makefile
+++ b/kermit/Makefile
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.93 2020/04/08 15:22:07 rhialto Exp $
 
-DISTNAME=	ckucku305-alpha02
-PKGNAME=	kermit-9.0.305a2
+DISTNAME=	pre-alpha03
+PKGNAME=	kermit-9.0.305a2bis
 CATEGORIES=	comms
 #MASTER_SITES=	ftp://ftp.kermitproject.org/kermit/archives/
 MASTER_SITES=	http://www.kermitproject.org/ftp/kermit/test/tar/
@@ -34,7 +34,6 @@ INSTALLATION_DIRS=	bin ${PKGMANDIR}/man1 share/doc/kermit
 
 do-install:
 	${INSTALL_PROGRAM} ${WRKSRC}/wermit ${DESTDIR}${PREFIX}/bin/kermit
-	${INSTALL_DATA} ${WRKSRC}/*.txt ${DESTDIR}${PREFIX}/share/doc/kermit
 	${INSTALL_MAN} ${WRKSRC}/ckuker.nr \
 		${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/kermit.1
 
diff --git a/kermit/PLIST b/kermit/PLIST
index fb63794053..a282724781 100644
--- a/kermit/PLIST
+++ b/kermit/PLIST
@@ -1,4 +1,3 @@
 @comment $NetBSD: PLIST,v 1.9 2011/08/25 14:54:06 hans Exp $
 bin/kermit
 man/man1/kermit.1
-share/doc/kermit/android.txt
diff --git a/kermit/distinfo b/kermit/distinfo
index 696d3ef949..ddf0bd83f4 100644
--- a/kermit/distinfo
+++ b/kermit/distinfo
@@ -1,20 +1,10 @@
 $NetBSD: distinfo,v 1.28 2020/07/30 03:03:07 gutteridge Exp $
 
-SHA1 (kermit-9.0.305a2/ckucku305-alpha02.tar.gz) = 90a3cdc9d5112d752a8637b6a76f6aef7da8a00c
-RMD160 (kermit-9.0.305a2/ckucku305-alpha02.tar.gz) = 4cd3cc02f6f5367b158f2fabc910e3ab7ffcee6a
-SHA512 (kermit-9.0.305a2/ckucku305-alpha02.tar.gz) = 017c742d53fa847b844554ce46708a32bee76af2efb092c3149b92f9ef50e0aa03ce52ffe99fc46ebfb7eeda1f4660b9f936d92c48625eda92369496070dd3a1
-Size (kermit-9.0.305a2/ckucku305-alpha02.tar.gz) = 2545990 bytes
-SHA1 (patch-ck_ssl.c) = ad074be2191f907ce7d8069e4b128c64c1a3ef1e
-SHA1 (patch-ckcdeb.h) = 62cc9e92f2413a42312d9f6d168ee85664b6aab9
-SHA1 (patch-ckcfns.c) = 5b2098dfd57f8bd4d107acafaabe1a2c9b97d037
-SHA1 (patch-ckcmai.c) = 414f61c19185e4a82a8326121c2d9dacfba48077
-SHA1 (patch-ckuath.c) = 616ad10e65b24a04d24ff2556d6362ef3cc64b78
-SHA1 (patch-ckupty.c) = fd8966627f3642550750ccd42e3add64a36dae09
-SHA1 (patch-ckuus3.c) = 557e938b36931f7948783116d1c5c2224d51bcbb
-SHA1 (patch-ckuus4.c) = 2204f4c95f8266358b66ac0936ac83ab27bec0c9
-SHA1 (patch-ckuus5.c) = 6468e2139639f601de4609db8dff07b8b3a82d82
-SHA1 (patch-ckuus6.c) = cae37680ea5af85f4d2c774fe230f73a1f0be48c
-SHA1 (patch-ckuus7.c) = 983583d79abc4fcee1b7e9bf8ae46f184aa7011d
-SHA1 (patch-ckuusr.c) = 2a09f9f933d3c1e6860983d8138ac61f33306ef7
-SHA1 (patch-ckuusx.c) = 8c5acbfefe7b7d11825cc32c4449582b51f6cad9
+SHA1 (kermit-9.0.305a2bis/pre-alpha03.tar.gz) = 6595ed5c8e525a2ab3ab8311340c05c5bb60d9cd
+RMD160 (kermit-9.0.305a2bis/pre-alpha03.tar.gz) = e9d09fa9a9f532262a6a52b7bbdf9e24f80b15f2
+SHA512 (kermit-9.0.305a2bis/pre-alpha03.tar.gz) = 24dd9f9e63209f4d9dcf3d12f1989b7617af7de2f05256794275f4bc050ad75c8447a96924a951106c8391c1f9c08e8c9a6e9c4a3b08936eb295dca130ff0059
+Size (kermit-9.0.305a2bis/pre-alpha03.tar.gz) = 2278371 bytes
+SHA1 (patch-ckuath.c) = 494e9f5dc9edc2b8738129bb53de2d5affa8cca2
+SHA1 (patch-ckupty.c) = 97cb6cca9b90d4c9a3a2faf9161310cb51fd2a58
+SHA1 (patch-ckuusx.c) = d92471b5f2b1e0444a9498052ec768f5d1bacef7
 SHA1 (patch-makefile) = 67754adea3116a8bab45870adbb8166d8cbac32f
diff --git a/kermit/patches-dont/patch-ae b/kermit/patches-dont/patch-ae
deleted file mode 100644
index db3302538d..0000000000
--- a/kermit/patches-dont/patch-ae
+++ /dev/null
@@ -1,65 +0,0 @@
-$NetBSD: patch-ae,v 1.8 2020/07/30 03:03:07 gutteridge Exp $
-
-Portability fixes for DragonFly, SunOS, and Linux.
-
-The Linux fix is taken from upstream's 9.0.305 Alpha.01 release, and is
-noted to be a temporary workaround, so it may change in form in a
-pending release.
-
---- ckucmd.c.orig	2011-07-14 12:14:37.000000000 +0000
-+++ ckucmd.c
-@@ -7370,7 +7370,11 @@ cmdconchk() {
- 
- /* Here we must look inside the stdin buffer - highly platform dependent */
- 
--#ifdef _IO_file_flags			/* Linux */
-+#ifdef __FILE_defined                   /* glibc 2.28 1 Aug 2018 */
-+    x = (int) ((stdin->_IO_read_end) - (stdin->_IO_read_ptr));
-+    debug(F101,"cmdconchk __FILE_defined","",x);
-+#else /* __FILE_defined */ 
-+#ifdef _IO_file_flags              /* Linux (glibc 2.28 removed this symbol */
-     x = (int) ((stdin->_IO_read_end) - (stdin->_IO_read_ptr));
-     debug(F101,"cmdconchk _IO_file_flags","",x);
- #else  /* _IO_file_flags */
-@@ -7382,8 +7386,19 @@ cmdconchk() {
- #ifdef NOARROWKEYS
-     debug(F101,"cmdconchk NOARROWKEYS x","",0);
- #else
-+#if defined(__sun) && (defined(__amd64) || defined(__sparcv9))
-+    struct sun_64_FILE {
-+	unsigned char	*_ptr;  /* next character from/to here in buffer */
-+	unsigned char	*_base; /* the buffer */
-+	unsigned char	*_end;  /* the end of the buffer */
-+	ssize_t		_cnt;   /* number of available characters in buffer */
-+    } *sun_64_stdin = (struct sun_64_FILE *)stdin;
-+    debug(F101,"cmdconchk sun_64_stdin->_cnt","",sun_64_stdin->_cnt);
-+    x = sun_64_stdin->_cnt;
-+#else
-     debug(F101,"cmdconchk stdin->_cnt","",stdin->_cnt);
-     x = stdin->_cnt;
-+#endif
- #endif /* NOARROWKEYS */
- #endif /* VMS */
-     if (x == 0) x = conchk();
-@@ -7395,7 +7410,12 @@ cmdconchk() {
-     if (x == 0) x = conchk();
-     if (x < 0) x = 0;
- #else  /* USE_FILE_CNT */
--#ifdef USE_FILE_R			/* FreeBSD, OpenBSD, etc */
-+#if defined(__DragonFly__) && defined(feof_unlocked)
-+    debug(F101,"cmdconchk stdin->_r","",((struct __FILE_public *)stdin)->_r);
-+    x = ((struct __FILE_public *)stdin)->_r;
-+    if (x == 0) x = conchk();
-+    if (x < 0) x = 0;
-+#elif defined(USE_FILE_R)			/* FreeBSD, OpenBSD, etc */
-     debug(F101,"cmdconchk stdin->_r","",stdin->_r);
-     x = stdin->_r;
-     if (x == 0) x = conchk();
-@@ -7407,6 +7427,7 @@ cmdconchk() {
- #endif /* USE_FILE__CNT */
- #endif /* USE_FILE_CNT */
- #endif /* _IO_file_flags */
-+#endif /* __FILE_defined */
- #endif /* CMD_CONINC */
- #endif /* OS2 */
-     return(x + y);
diff --git a/kermit/patches-dont/patch-ckcpro.w b/kermit/patches-dont/patch-ckcpro.w
deleted file mode 100644
index 0b801fdb5b..0000000000
--- a/kermit/patches-dont/patch-ckcpro.w
+++ /dev/null
@@ -1,19 +0,0 @@
-$NetBSD: patch-ckcpro.w,v 1.1 2019/04/11 02:21:09 mrg Exp $
-
-dest is an int.
-ffc and calibrate are CK_OFF_Ts.
-
---- ckcpro.w.orig	2011-06-07 11:39:21.000000000 -0700
-+++ ckcpro.w	2019-04-10 19:15:37.736900735 -0700
-@@ -151,8 +151,9 @@
-   extern int quiet, tsecs, parity, backgrd, nakstate, atcapu, wslotn, winlo;
-   extern int wslots, success, xitsta, rprintf, discard, cdtimo, keep, fdispla;
-   extern int timef, stdinf, rscapu, sendmode, epktflg, epktrcvd, epktsent;
--  extern int binary, fncnv;
--  extern long speed, ffc, crc16, calibrate, dest;
-+  extern int binary, fncnv, dest;
-+  extern CK_OFF_T ffc, calibrate;
-+  extern long speed, crc16;
- #ifdef COMMENT
-   extern char *TYPCMD, *DIRCMD, *DIRCM2;
- #endif /* COMMENT */
diff --git a/kermit/patches/patch-ck_ssl.c b/kermit/patches/patch-ck_ssl.c
deleted file mode 100644
index 3c4d8b8417..0000000000
--- a/kermit/patches/patch-ck_ssl.c
+++ /dev/null
@@ -1,513 +0,0 @@
-$NetBSD: patch-ab,v 1.8 2020/04/08 15:22:07 rhialto Exp $
-
-- Update for openssl 1.1.1e.
-- Kermit tries to keep SSL and TLS contexts (since in old openssl, the
-  *v23* methods were not version-flexible enough). Now afer simplification
-  there is lots of duplicate code left over that could be simplified more.
-
---- ck_ssl.c.orig	2017-04-26 15:56:23.000000000 +0000
-+++ ck_ssl.c
-@@ -303,7 +303,7 @@ X509_STORE_CTX *ctx;
-                 break;
-             default:
-                 printf("Error %d while verifying certificate.\r\n",
--                       ctx->error);
-+                       error);
-                 break;
-             }
-         }
-@@ -806,6 +806,17 @@ ssl_client_cert_callback(s, x509, pkey)
- #define MS_CALLBACK
- #endif /* MS_CALLBACK */
- 
-+static BIGNUM *get_RSA_F4()
-+{
-+    static BIGNUM *bn;
-+
-+    if (!bn) {
-+	bn = BN_new();
-+        BN_add_word(bn, RSA_F4);
-+    }
-+    return bn;
-+}
-+
- static RSA MS_CALLBACK *
- #ifdef CK_ANSIC
- tmp_rsa_cb(SSL * s, int export, int keylength)
-@@ -824,7 +835,16 @@ int keylength;
-         if (ssl_debug_flag)
-             printf("Generating temporary (%d bit) RSA key...\r\n",keylength);
- 
--        rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL);
-+        rsa_tmp = RSA_new();
-+	if (rsa_tmp) {
-+	    int error = RSA_generate_key_ex(rsa_tmp, keylength, get_RSA_F4(),NULL);
-+	    if (error) {
-+		if (ssl_debug_flag)
-+		    printf(" error %d", error);
-+		RSA_free(rsa_tmp);
-+		rsa_tmp = NULL;
-+	    }
-+	}
- 
-         if (ssl_debug_flag)
-             printf("\r\n");
-@@ -938,10 +958,26 @@ get_dh512()
- 
-     if ((dh=DH_new()) == NULL)
-         return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L    
-+    BIGNUM *p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-+    BIGNUM *g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-+    if ((p == NULL) || (g == NULL)) {
-+	BN_free(g);
-+	BN_free(p);
-+	DH_free(dh);
-+        return(NULL);
-+    }
-+    DH_set0_pqg(dh, p, NULL, g);
-+#else
-     dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-     dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
--    if ((dh->p == NULL) || (dh->g == NULL))
-+    if ((dh->p == NULL) || (dh->g == NULL)) {
-+        BN_free(dh->g);
-+        BN_free(dh->p);
-+        DH_free(dh);
-         return(NULL);
-+   }
-+#endif
-     return(dh);
- }
- 
-@@ -952,10 +988,26 @@ get_dh768()
- 
-     if ((dh=DH_new()) == NULL)
-         return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L    
-+    BIGNUM *p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL);
-+    BIGNUM *g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL);
-+    if ((p == NULL) || (g == NULL)) {
-+	BN_free(g);
-+	BN_free(p);
-+	DH_free(dh);
-+        return(NULL);
-+    }
-+    DH_set0_pqg(dh, p, NULL, g);
-+#else
-     dh->p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL);
-     dh->g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL);
--    if ((dh->p == NULL) || (dh->g == NULL))
-+    if ((dh->p == NULL) || (dh->g == NULL)) {
-+        BN_free(dh->g);
-+        BN_free(dh->p);
-+        DH_free(dh);
-         return(NULL);
-+   }
-+#endif
-     return(dh);
- }
- 
-@@ -966,10 +1018,26 @@ get_dh1024()
- 
-     if ((dh=DH_new()) == NULL)
-         return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L    
-+    BIGNUM *p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-+    BIGNUM *g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
-+    if ((p == NULL) || (g == NULL)) {
-+	BN_free(g);
-+	BN_free(p);
-+	DH_free(dh);
-+        return(NULL);
-+    }
-+    DH_set0_pqg(dh, p, NULL, g);
-+#else
-     dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-     dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
--    if ((dh->p == NULL) || (dh->g == NULL))
-+    if ((dh->p == NULL) || (dh->g == NULL)) {
-+        BN_free(dh->g);
-+        BN_free(dh->p);
-+        DH_free(dh);
-         return(NULL);
-+   }
-+#endif
-     return(dh);
- }
- 
-@@ -980,10 +1048,26 @@ get_dh1536()
- 
-     if ((dh=DH_new()) == NULL)
-         return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L    
-+    BIGNUM *p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL);
-+    BIGNUM *g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL);
-+    if ((p == NULL) || (g == NULL)) {
-+	BN_free(g);
-+	BN_free(p);
-+	DH_free(dh);
-+        return(NULL);
-+    }
-+    DH_set0_pqg(dh, p, NULL, g);
-+#else
-     dh->p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL);
-     dh->g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL);
--    if ((dh->p == NULL) || (dh->g == NULL))
-+    if ((dh->p == NULL) || (dh->g == NULL)) {
-+        BN_free(dh->g);
-+        BN_free(dh->p);
-+        DH_free(dh);
-         return(NULL);
-+   }
-+#endif
-     return(dh);
- }
- 
-@@ -994,10 +1078,26 @@ get_dh2048()
- 
-     if ((dh=DH_new()) == NULL)
-         return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L    
-+    BIGNUM *p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
-+    BIGNUM *g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
-+    if ((p == NULL) || (g == NULL)) {
-+	BN_free(g);
-+	BN_free(p);
-+	DH_free(dh);
-+        return(NULL);
-+    }
-+    DH_set0_pqg(dh, p, NULL, g);
-+#else
-     dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
-     dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
--    if ((dh->p == NULL) || (dh->g == NULL))
-+    if ((dh->p == NULL) || (dh->g == NULL)) {
-+        BN_free(dh->g);
-+        BN_free(dh->p);
-+        DH_free(dh);
-         return(NULL);
-+   }
-+#endif
-     return(dh);
- }
- #endif /* NO_DH */
-@@ -1057,13 +1157,14 @@ ssl_display_comp(SSL * ssl)
-         return;
- 
- #ifndef OPENSSL_NO_COMP                  /* ifdefs Bernard Spil 12/2015 */
--    if (ssl->expand == NULL || ssl->expand->meth == NULL)
-+    const COMP_METHOD *method = SSL_get_current_compression(ssl);
-+    if (method == NULL)
- #endif /* OPENSSL_NO_COMP */
-         printf("Compression: None\r\n");
- 
- #ifndef OPENSSL_NO_COMP                  /* ifdefs Bernard Spil 12/2015 */
-     else {
--        printf("Compression: %s\r\n",ssl->expand->meth->name);
-+        printf("Compression: %s\r\n",SSL_COMP_get_name(method));
-     }
- #endif /* OPENSSL_NO_COMP */
- }
-@@ -1079,7 +1180,7 @@ int verbose;
- #endif /* CK_ANSIC */
- {
-     X509 *peer;
--    SSL_CIPHER * cipher;
-+    const SSL_CIPHER * cipher;
-     const char *cipher_list;
-     char buf[512]="";
- 
-@@ -1489,13 +1590,23 @@ the build.\r\n\r\n");
- 
- #ifdef ZLIB
-     cm = COMP_zlib();
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+    if (cm != NULL && COMP_get_type(cm) != NID_undef) {
-+#else
-     if (cm != NULL && cm->type != NID_undef) {
-+#endif
-         SSL_COMP_add_compression_method(0xe0, cm); /* EAY's ZLIB ID */
-     }
- #endif /* ZLIB */
-+#ifdef NID_rle_compression
-     cm = COMP_rle();
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+    if (cm != NULL && COMP_get_type(cm) != NID_undef)
-+#else
-     if (cm != NULL && cm->type != NID_undef)
-+#endif
-         SSL_COMP_add_compression_method(0xe1, cm); /* EAY's RLE ID */
-+#endif /* NID_rle_compression */
- 
-     /* Ensure the Random number generator has enough entropy */
-     if ( !RAND_status() ) {
-@@ -1613,12 +1724,6 @@ ssl_tn_init(mode) int mode;
-             /* This can fail because we do not have RSA available */
-             if ( !ssl_ctx ) {
-                 debug(F110,"ssl_tn_init","SSLv23_client_method failed",0);
--#ifndef OPENSSL_NO_SSL3                  /* ifdef Bernard Spil 12/2015 */
--                ssl_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
--#endif /* OPENSSL_NO_SSL3 */
--            }
--            if ( !ssl_ctx ) {
--                debug(F110,"ssl_tn_init","SSLv3_client_method failed",0);
-                 last_ssl_mode = -1;
-                 return(0);
-             }
-@@ -1664,12 +1769,6 @@ ssl_tn_init(mode) int mode;
-             /* This can fail because we do not have RSA available */
-             if ( !ssl_ctx ) {
-                 debug(F110,"ssl_tn_init","SSLv23_server_method failed",0);
--#ifndef OPENSSL_NO_SSL3           /* ifdef Bernard Spil 12/2015 */
--                ssl_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_server_method());
--#endif /* OPENSSL_NO_SSL3 */
--            }
--            if ( !ssl_ctx ) {
--                debug(F110,"ssl_tn_init","SSLv3_server_method failed",0);
-                 last_ssl_mode = -1;
-                 return(0);
-             }
-@@ -1710,7 +1809,6 @@ ssl_tn_init(mode) int mode;
-         SSL_CTX_set_info_callback(ssl_ctx,ssl_client_info_callback);
-         SSL_CTX_set_info_callback(tls_ctx,ssl_client_info_callback);
- 
--#ifndef COMMENT
-         /* Set the proper caching mode */
-         if ( mode == SSL_SERVER ) {
-             SSL_CTX_set_session_cache_mode(ssl_ctx,SSL_SESS_CACHE_SERVER);
-@@ -1721,10 +1819,6 @@ ssl_tn_init(mode) int mode;
-         }
-         SSL_CTX_set_session_id_context(ssl_ctx,(CHAR *)"1",1);
-         SSL_CTX_set_session_id_context(tls_ctx,(CHAR *)"2",1);
--#else /* COMMENT */
--        SSL_CTX_set_session_cache_mode(ssl_ctx,SSL_SESS_CACHE_OFF);
--        SSL_CTX_set_session_cache_mode(tls_ctx,SSL_SESS_CACHE_OFF);
--#endif /* COMMENT */
-     }
- 
-     /* The server uses defaults for the certificate files. */
-@@ -1832,7 +1926,14 @@ ssl_tn_init(mode) int mode;
- 
-                 if ( ssl_debug_flag )
-                     printf("Generating temp (512 bit) RSA key ...\r\n");
--                rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
-+		rsa = RSA_new();
-+		if (rsa) {
-+		    int error = RSA_generate_key_ex(rsa,512,get_RSA_F4(),NULL);
-+		    if (error) {
-+		    	RSA_free(rsa);
-+			rsa = NULL;
-+		    }
-+		}
-                 if ( ssl_debug_flag )
-                     printf("Generation of temp (512 bit) RSA key done\r\n");
- 
-@@ -2230,7 +2331,7 @@ ssl_http_init(hostname) char * hostname;
-      * for TLS be sure to prevent use of SSLv2
-      */
-     SSL_CTX_set_options(tls_http_ctx,
--            SSL_OP_NO_SSLv2|SSL_OP_SINGLE_DH_USE|SSL_OP_EPHEMERAL_RSA);
-+            SSL_OP_NO_SSLv2/*|SSL_OP_NO_SSLv3*/|SSL_OP_SINGLE_DH_USE|SSL_OP_EPHEMERAL_RSA);
- 
-     SSL_CTX_set_info_callback(tls_http_ctx,ssl_client_info_callback);
- 
-@@ -2623,7 +2724,11 @@ ssl_anonymous_cipher(ssl) SSL * ssl;
- int
- ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- {
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+    X509_OBJECT *obj;
-+#else
-     X509_OBJECT obj;
-+#endif
-     X509_NAME *subject = NULL;
-     X509_NAME *issuer = NULL;
-     X509 *xs = NULL;
-@@ -2643,6 +2748,14 @@ ssl_verify_crl(int ok, X509_STORE_CTX *c
-     if (!crl_store)
-         return ok;
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+    obj = X509_OBJECT_new();
-+    if (!obj)
-+        return(ok);
-+#else
-+    memset((char *)&obj, 0, sizeof(obj));
-+#endif
-+
-     store_ctx = X509_STORE_CTX_new();
-     if ( !store_ctx )
-         return(ok);
-@@ -2689,11 +2802,16 @@ ssl_verify_crl(int ok, X509_STORE_CTX *c
-      * Try to retrieve a CRL corresponding to the _subject_ of
-      * the current certificate in order to verify it's integrity.
-      */
--    memset((char *)&obj, 0, sizeof(obj));
-     X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+    rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, obj);
-+    X509_STORE_CTX_cleanup(store_ctx);
-+    crl = X509_OBJECT_get0_X509_CRL(obj);
-+#else
-     rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, &obj);
-     X509_STORE_CTX_cleanup(store_ctx);
-     crl = obj.data.crl;
-+#endif
-     if (rc > 0 && crl != NULL) {
-         /*
-          * Verify the signature on this CRL
-@@ -2701,7 +2819,11 @@ ssl_verify_crl(int ok, X509_STORE_CTX *c
-         if (X509_CRL_verify(crl, X509_get_pubkey(xs)) <= 0) {
-             fprintf(stderr, "Invalid signature on CRL!\n");
-             X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+            X509_OBJECT_free(obj);
-+#else
-             X509_OBJECT_free_contents(&obj);
-+#endif
-             X509_STORE_CTX_free(store_ctx);
-             return 0;
-         }
-@@ -2709,12 +2831,16 @@ ssl_verify_crl(int ok, X509_STORE_CTX *c
-         /*
-          * Check date of CRL to make sure it's not expired
-          */
--        i = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl));
-+        i = X509_cmp_current_time(X509_CRL_get0_nextUpdate(crl));
-         if (i == 0) {
-             fprintf(stderr, "Found CRL has invalid nextUpdate field.\n");
-             X509_STORE_CTX_set_error(ctx,
-                                     X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+            X509_OBJECT_free(obj);
-+#else
-             X509_OBJECT_free_contents(&obj);
-+#endif
-             X509_STORE_CTX_free(store_ctx);
-             return 0;
-         }
-@@ -2723,22 +2849,38 @@ ssl_verify_crl(int ok, X509_STORE_CTX *c
- "Found CRL is expired - revoking all certificates until you get updated CRL.\n"
-                     );
-             X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_HAS_EXPIRED);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+            X509_OBJECT_free(obj);
-+#else
-             X509_OBJECT_free_contents(&obj);
-+#endif
-             X509_STORE_CTX_free(store_ctx);
-             return 0;
-         }
--        X509_OBJECT_free_contents(&obj);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+	X509_OBJECT_free(obj);
-+#else
-+	X509_OBJECT_free_contents(&obj);
-+#endif
-     }
- 
-     /*
-      * Try to retrieve a CRL corresponding to the _issuer_ of
-      * the current certificate in order to check for revocation.
-      */
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
-     memset((char *)&obj, 0, sizeof(obj));
-+#endif
-     X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+    rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, obj);
-+    X509_STORE_CTX_free(store_ctx);            /* calls X509_STORE_CTX_cleanup() */
-+    crl = X509_OBJECT_get0_X509_CRL(obj);
-+#else
-     rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, &obj);
-     X509_STORE_CTX_free(store_ctx);		/* calls X509_STORE_CTX_cleanup() */
-     crl = obj.data.crl;
-+#endif
-     if (rc > 0 && crl != NULL) {
-         /*
-          * Check if the current certificate is revoked by this CRL
-@@ -2746,19 +2888,34 @@ ssl_verify_crl(int ok, X509_STORE_CTX *c
-         n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
-         for (i = 0; i < n; i++) {
-             revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+            if (ASN1_INTEGER_cmp(X509_REVOKED_get0_serialNumber(revoked),
-+                                 X509_get_serialNumber(xs)) == 0) { // }
-+
-+                serial = ASN1_INTEGER_get(X509_REVOKED_get0_serialNumber(revoked));
-+#else
-             if (ASN1_INTEGER_cmp(revoked->serialNumber,
-                                  X509_get_serialNumber(xs)) == 0) {
- 
-                 serial = ASN1_INTEGER_get(revoked->serialNumber);
-+#endif
-                 cp = X509_NAME_oneline(issuer, NULL, 0);
-                 free(cp);
- 
-                 X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+                X509_OBJECT_free(obj);
-+#else
-                 X509_OBJECT_free_contents(&obj);
-+#endif
-                 return 0;
-             }
-         }
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+	X509_OBJECT_free(obj);
-+#else
-         X509_OBJECT_free_contents(&obj);
-+#endif
-     }
-     return ok;
- }
-@@ -2929,6 +3086,7 @@ show_hostname_warning(char *s1, char *s2
- #ifndef OpenBSD
- #ifndef FREEBSD4
- #ifndef NETBSD15
-+#ifndef __DragonFly__
- #ifndef LINUX
- #ifndef AIX41
- #ifndef UW7
-@@ -2971,6 +3129,7 @@ inet_aton(char * ipaddress, struct in_ad
- #endif /* UW7 */
- #endif /* AIX41 */
- #endif /* LINUX */
-+#endif /* __DragonFly__ */
- #endif /* NETBSD15 */
- #endif /* FREEBSD4 */
- #endif /* OpenBSD */
-@@ -3113,7 +3272,7 @@ int
- tls_is_anon(int x)
- {
-     char buf[128];
--    SSL_CIPHER * cipher;
-+    const SSL_CIPHER * cipher;
-     SSL * ssl = NULL;
- 
-     switch ( x ) {
-@@ -3157,7 +3316,7 @@ int
- tls_is_krb5(int x)
- {
-     char buf[128];
--    SSL_CIPHER * cipher;
-+    const SSL_CIPHER * cipher;
-     SSL * ssl = NULL;
- 
-     switch ( x ) {
-@@ -4399,7 +4558,14 @@ X509_userok(X509 * peer_cert, const char
-     if (!(fp = fopen(buf, "r")))
-         return 0;
-     while (!r && (file_cert = PEM_read_X509(fp, NULL, NULL, NULL))) {
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+        const ASN1_BIT_STRING *peer_cert_sig, *file_cert_sig;
-+        X509_get0_signature(&peer_cert_sig, NULL, peer_cert);
-+        X509_get0_signature(&file_cert_sig, NULL, file_cert);
-+        if (!ASN1_STRING_cmp(peer_cert_sig, file_cert_sig))
-+#else
-         if (!ASN1_STRING_cmp(peer_cert->signature, file_cert->signature))
-+#endif
-             r = 1;
-         X509_free(file_cert);
-     }
diff --git a/kermit/patches/patch-ckcdeb.h b/kermit/patches/patch-ckcdeb.h
deleted file mode 100644
index 8e15ccee12..0000000000
--- a/kermit/patches/patch-ckcdeb.h
+++ /dev/null
@@ -1,12 +0,0 @@
-$NetBSD: patch-ac,v 1.9 2011/08/25 14:54:06 hans Exp $
-
---- ckcdeb.h.orig	2010-08-23 15:30:56.000000000 +0200
-+++ ckcdeb.h	2011-08-23 10:31:55.103102070 +0200
-@@ -4532,7 +4532,6 @@ extern int errno;
-   following is an anachronism and should be the execption rather than the
-   rule.
- */
--extern int errno;
- #endif /* __GLIBC__ */
- #endif /* OS2 */
- #endif /* VMS */
diff --git a/kermit/patches/patch-ckcfns.c b/kermit/patches/patch-ckcfns.c
deleted file mode 100644
index 906ee4ab09..0000000000
--- a/kermit/patches/patch-ckcfns.c
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-ah,v 1.1 2005/12/18 23:15:43 joerg Exp $
-
---- ckcfns.c.orig	2005-12-18 23:06:48.000000000 +0000
-+++ ckcfns.c
-@@ -93,9 +93,7 @@ _PROTOTYP( long zfsize, (char *) );
- #endif /* OS2ONLY */
- #endif /* OS2 */
- 
--#ifdef VMS
- #include <errno.h>
--#endif /* VMS */
- 
- /* Externals from ckcmai.c */
- 
diff --git a/kermit/patches/patch-ckcmai.c b/kermit/patches/patch-ckcmai.c
deleted file mode 100644
index 2cb7cdc88a..0000000000
--- a/kermit/patches/patch-ckcmai.c
+++ /dev/null
@@ -1,12 +0,0 @@
-$NetBSD: patch-ad,v 1.10 2012/05/17 20:29:13 christos Exp $
-
---- ckcmai.c.orig	2012-05-17 16:22:58.000000000 -0400
-+++ ckcmai.c	2012-05-17 16:23:53.000000000 -0400
-@@ -540,6 +540,7 @@
- 
- #include "ckcker.h"                     /* Kermit symbols */
- #include "ckcnet.h"                     /* Network symbols */
-+#include "ckupty.h"			/* time.h */
- 
- #ifdef CK_SSL
- #include "ck_ssl.h"
diff --git a/kermit/patches/patch-ckuath.c b/kermit/patches/patch-ckuath.c
index 6205aca788..73b869e99a 100644
--- a/kermit/patches/patch-ckuath.c
+++ b/kermit/patches/patch-ckuath.c
@@ -1,391 +1,16 @@
 $NetBSD: patch-al,v 1.3 2014/06/23 22:24:24 christos Exp $
 
---- ckuath.c.orig	2011-06-13 13:26:54.000000000 -0400
-+++ ckuath.c	2014-06-23 18:20:26.000000000 -0400
-@@ -117,19 +117,6 @@
- #include <time.h>
- #include <fcntl.h>
- #include <errno.h>
--#ifndef malloc
--#ifndef VMS
--#ifndef FREEBSD4
--#ifndef OpenBSD
--#ifdef MACOSX
--#include <sys/malloc.h>
--#else /* MACOSX */
--#include <malloc.h>
--#endif /* MACOSX */
--#endif /* OpenBSD */
--#endif /* FREEBSD4 */
--#endif /* VMS */
--#endif /* malloc */
- #ifdef OS2
- #include <io.h>
- #endif /* OS2 */
-@@ -149,7 +136,9 @@
- #endif /* saveprintf */
- #else /* HEIMDAL */
- #include "krb5.h"
-+#ifdef BETATEST
- #include "profile.h"
-+#endif
- #include "com_err.h"
- #ifdef KRB5_GET_INIT_CREDS_OPT_TKT_LIFE
- #define KRB5_HAVE_GET_INIT_CREDS
-@@ -417,7 +406,6 @@
- char des_outpkt[2*RLOG_BUFSIZ+4];    /* needs to be > largest write size */
- #ifdef KRB5
- krb5_data desinbuf,desoutbuf;
--krb5_encrypt_block eblock;             /* eblock for encrypt/decrypt */
- static krb5_data encivec_i[2], encivec_o[2];
- 
- enum krb5_kcmd_proto {
-@@ -3145,8 +3133,13 @@
-             data.data = k4_session_key;
-             data.length = 8;
- 
--            code = krb5_c_decrypt(k5_context, &k4_krbkey, 0, 0,
--                                   &encdata, &data);
-+            code = krb5_c_decrypt(k5_context,
-+#ifdef HEIMDAL
-+				  k4_krbkey,
-+#else
-+				  &k4_krbkey,
-+#endif
-+				  0, 0, &encdata, &data);
- 
-             krb5_free_keyblock_contents(k5_context, &random_key);
- 
-@@ -3162,8 +3155,13 @@
-             data.data = k4_challenge;
-             data.length = 8;
- 
--            code = krb5_c_decrypt(k5_context, &k4_krbkey, 0, 0,
--                                   &encdata, &data);
-+            code = krb5_c_decrypt(k5_context,
-+#ifdef HEIMDAL
-+				  k4_krbkey,
-+#else
-+				  &k4_krbkey,
-+#endif
-+				  0, 0, &encdata, &data);
- #else /* MIT_CURRENT */
-             memset(k4_sched,0,sizeof(Schedule));
-             ckhexdump("auth_send",cred.session,8);
-@@ -3295,7 +3293,7 @@
-     case AUTHTYPE_KERBEROS_V5:
-         debug(F111,"auth_send KRB5","k5_auth.length",k5_auth.length);
-         for ( i=0 ; i<k5_auth.length ; i++ ) {
--            if ( (char *)k5_auth.data[i] == IAC )
-+            if ( ((char *)k5_auth.data)[i] == IAC )
-                 iaccnt++;
-         }
-         if ( k5_auth.length + iaccnt + 10 < sizeof(buf) ) {
-@@ -4250,8 +4248,13 @@
-         kdata.data = k4_challenge;
-         kdata.length = 8;
- 
--        if (code = krb5_c_decrypt(k5_context, &k4_krbkey, 0, 0,
--                                   &encdata, &kdata)) {
-+        if (code = krb5_c_decrypt(k5_context,
-+#ifdef HEIMDAL
-+				  k4_krbkey,
-+#else
-+				  &k4_krbkey,
-+#endif
-+				  0, 0, &encdata, &kdata)) {
-             com_err("k4_auth_is", code, "while decrypting challenge");
-             auth_finished(AUTH_REJECT);
-             return AUTH_FAILURE;
-@@ -4752,9 +4755,11 @@
-         ap_opts |= AP_OPTS_MUTUAL_REQUIRED;
- 
- #ifdef HEIMDAL
-+#ifdef notdef
-     r = krb5_auth_setkeytype(k5_context, auth_context, KEYTYPE_DES);
-     if (r)
-         com_err(NULL, r, "while setting auth keytype");
-+#endif
-     r = krb5_auth_con_setaddrs_from_fd(k5_context,auth_context, &ttyfd);
-     if (r)
-         com_err(NULL, r, "while setting auth addrs");
-@@ -4924,7 +4929,6 @@
-                     skey.data = k5_session_key->contents;
- #endif /* HEIMDAL */
-                 } else {
--#ifdef HEIMDAL
-                     switch ( k5_session_key->keytype ) {
-                     case ETYPE_DES_CBC_CRC:
-                     case ETYPE_DES_CBC_MD5:
-@@ -4934,24 +4938,17 @@
-                         break;
-                     default:
-                         skey.type = SK_GENERIC;
-+#ifdef HEIMDAL
-+                        skey.length = k5_session_key->keyvalue.length;
-+#else /* HEIMDAL */
-                         skey.length = k5_session_key->length;
-+#endif /* HEIMDAL */
-                         encrypt_dont_support(ENCTYPE_DES_CFB64);
-                         encrypt_dont_support(ENCTYPE_DES_OFB64);
-                     }
-+#ifdef HEIMDAL
-                     skey.data = k5_session_key->keyvalue.data;
- #else /* HEIMDAL */
--                    switch ( k5_session_key->enctype ) {
--                    case ENCTYPE_DES_CBC_CRC:
--                    case ENCTYPE_DES_CBC_MD5:
--                    case ENCTYPE_DES_CBC_MD4:
--                        skey.type = SK_DES;
--                        skey.length = 8;
--                    default:
--                        skey.type = SK_GENERIC;
--                        skey.length = k5_session_key->length;
--                        encrypt_dont_support(ENCTYPE_DES_CFB64);
--                        encrypt_dont_support(ENCTYPE_DES_OFB64);
--                    }
-                     skey.data = k5_session_key->contents;
- #endif /* HEIMDAL */
-                 }
-@@ -5038,7 +5035,6 @@
-                     skey.data = k5_session_key->contents;
- #endif /* HEIMDAL */
-                 } else {
--#ifdef HEIMDAL
-                     switch ( k5_session_key->keytype ) {
-                     case ETYPE_DES_CBC_CRC:
-                     case ETYPE_DES_CBC_MD5:
-@@ -5047,21 +5043,15 @@
-                         skey.length = 8;
-                     default:
-                         skey.type = SK_GENERIC;
-+#ifdef HEIMDAL
-+                        skey.length = k5_session_key->keyvalue.length;
-+#else /* HEIMDAL */
-                         skey.length = k5_session_key->length;
-+#endif /* HEIMDAL */
-                     }
-+#ifdef HEIMDAL
-                     skey.data = k5_session_key->keyvalue.data;
- #else /* HEIMDAL */
--                    switch ( k5_session_key->enctype ) {
--                    case ENCTYPE_DES_CBC_CRC:
--                    case ENCTYPE_DES_CBC_MD5:
--                    case ENCTYPE_DES_CBC_MD4:
--                        skey.type = SK_DES;
--                        skey.length = 8;
--                        break;
--                    default:
--                        skey.type = SK_GENERIC;
--                        skey.length = k5_session_key->length;
--                    }
-                     skey.data = k5_session_key->contents;
- #endif /* HEIMDAL */
-                 }
-@@ -5138,7 +5128,11 @@
-             }
-             if ( msg.length == 24 && !memcmp(msg.data,tls_verify,24) )
-                  krb5_tls_verified = 1;
-+#ifdef HEIMDAL
-+            krb5_data_free(&msg);
-+#else /* HEIMDAL */
-             krb5_free_data_contents(k5_context,&msg);
-+#endif /* HEIMDAL */
-             if (krb5_tls_verified)
-                 return(AUTH_SUCCESS);
-         }
-@@ -5166,7 +5160,7 @@
-     krb5_context context;
-     krb5_auth_context auth_context;
-     krb5_data *inbuf;
--    krb5_const_principal client;
-+    krb5_principal client;
- {
-     krb5_creds ** creds=NULL;
-     krb5_error_code retval;
-@@ -5197,7 +5191,7 @@
-     if ((retval = krb5_cc_initialize(context, ccache, client)))
-         return(retval);
- 
--    if ((retval = krb5_rd_cred(context, auth_context, ccache, inbuf)))
-+    if ((retval = krb5_rd_cred2(context, auth_context, ccache, inbuf)))
-         return(retval);
- #else /* HEIMDAL */
-     if ((retval = krb5_rd_cred(context, auth_context, inbuf, &creds, NULL)))
-@@ -5472,17 +5466,17 @@
-                 goto errout;
-             }
-             SendK5AuthSB(KRB5_TLS_VERIFY, msg.data, msg.length);
-+#ifdef HEIMDAL
-+            krb5_data_free(&msg);
-+#else
-             krb5_free_data_contents(k5_context,&msg);
-+#endif
-         }
- #endif /* CK_SSL */
+--- ckuath.c.orig	2020-10-08 19:37:25.000000000 +0000
++++ ckuath.c
+@@ -5476,7 +5476,11 @@ k5_auth_is(how,data,cnt) int how; unsign
          if ((how & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
              /* do ap_rep stuff here */
              if ((r = krb5_mk_rep(k5_context,
--#ifdef HEIMDAL
--                                  &auth_context,
--#else /* HEIMDAL */
++#ifdef HEIMDAL
++                                  &auth_context,
++#else /* HEIMDAL */
                                    auth_context,
--#endif /* HEIMDAL */
++#endif /* HEIMDAL */
                                    &outbuf))) {
                  debug(F111,"k5_auth_is","krb5_mk_rep",r);
                  (void) ckstrncpy(errbuf, "Make reply failed: ",sizeof(errbuf));
-@@ -5503,7 +5497,7 @@
-             {
-                 szUserNameAuthenticated[0] = '\0';
-             } else {
--                ckstrncpy(szUserNameAuthenticated,UIDBUFLEN,name);
-+                ckstrncpy(szUserNameAuthenticated,name,UIDBUFLEN);
-                 free(name);
-             }
-         }
-@@ -9687,6 +9681,7 @@
-     return(-1);
- }
- 
-+int
- #ifdef CK_ANSIC
- ck_krb4_destroy(struct krb_op_data * op)
- #else
-@@ -11228,7 +11223,12 @@
- 
-     use_ivecs = 1;
- 
--    if (status = krb5_c_block_size(k5_context, k5_session_key->enctype,
-+    if (status = krb5_c_block_size(k5_context,
-+#ifdef HEIMDAL
-+    k5_session_key->keytype,
-+#else
-+    k5_session_key->enctype,
-+#endif
-                                    &blocksize)) {
-         /* XXX what do I do? */
-         printf("fatal kerberos 5 crypto library error\n");
-@@ -11309,8 +11309,7 @@
-         krb5_ap_rep_enc_part *rep_ret = NULL;
-         krb5_data outbuf;
-         int rc;
--        krb5_int32 seqno=0;
--        krb5_int32 server_seqno=0;
-+        int server_seqno=0;
-         char ** realmlist=NULL;
-         int buflen;
-         char tgt[256];
-@@ -11388,7 +11387,11 @@
-         }
- 
-         if (krb5_rlog_ver == KCMD_OLD_PROTOCOL)
-+#ifdef HEIMDAL
-+            get_cred->session.keytype=ETYPE_DES_CBC_CRC;
-+#else
-             get_cred->keyblock.enctype=ENCTYPE_DES_CBC_CRC;
-+#endif
- 
-         /* Get ticket from credentials cache or kdc */
-         status = krb5_get_credentials(k5_context,
-@@ -11429,10 +11432,11 @@
-             krb5_boolean is_des;
- 
-             if (status = krb5_c_enctype_compare( k5_context,
--                                                 ENCTYPE_DES_CBC_CRC,
- #ifdef HEIMDAL
-+						 ETYPE_DES_CBC_CRC,
-                                                  ret_cred->session.keytype,
- #else /* HEIMDAL */
-+                                                 ENCTYPE_DES_CBC_CRC,
-                                                  ret_cred->keyblock.enctype,
- #endif /* HEIMDAL */
-                                                  &is_des)) {
-@@ -11482,7 +11486,11 @@
-                                &rep_ret,
-                                NULL
-                                );
-+#ifdef HEIMDAL
-+        krb5_data_free(&cksumdat);
-+#else
-         krb5_free_data_contents(k5_context,&cksumdat);
-+#endif
- 
-         if (status) {
-             if ( !quiet )
-@@ -11490,12 +11498,17 @@
-                         error_message(status));
-             if (error) {
-                 if ( !quiet ) {
--                    printf("Server returned error code %d (%s)\r\n",
--                        error->error,
--                        error_message(ERROR_TABLE_BASE_krb5 + error->error));
--                    if (error->text.length) {
--                        printf("Error text sent from server: %s\r\n",
--                                error->text.data);
-+#ifdef HEIMDAL
-+		    int xerror = error->error_code;
-+		    char *xtext = *error->e_text;
-+#else
-+		    int xerror = error->error;
-+		    char *xtext = error->text.length ? error->text.data : NULL;
-+#endif
-+                    printf("Server returned error code %d (%s)\r\n", xerror,
-+                        error_message(ERROR_TABLE_BASE_krb5 + xerror));
-+                    if (xtext) {
-+                        printf("Error text sent from server: %s\r\n", xtext);
-                     }
-                 }
-                 krb5_free_error(k5_context, error);
-@@ -11505,7 +11518,11 @@
-         }
- 
-         if (rep_ret) {
-+#ifdef HEIMDAL
-+            server_seqno = *rep_ret->seq_number;
-+#else
-             server_seqno = rep_ret->seq_number;
-+#endif
-             krb5_free_ap_rep_enc_part(k5_context, rep_ret);
-         }
- 
-@@ -11834,7 +11851,11 @@
-     rd_len = (rd_len << 8) | c;
- 
-     if (status = krb5_c_encrypt_length(k5_context, 
-+#ifdef HEIMDAL
-+                                    k5_session_key->keytype,
-+#else
-                                     k5_session_key->enctype,
-+#endif
-                                     use_ivecs ? rd_len + 4 : rd_len,
- 				    (size_t *)&net_len)) {
-         errno = status;
-@@ -11865,9 +11886,15 @@
-     plain.length = sizeof(storage);
-     plain.data = storage;
- 
--    if ( status = krb5_c_decrypt(k5_context, k5_session_key, KCMD_KEYUSAGE,
-+    if ( status = krb5_c_decrypt(k5_context,
-+#ifdef HEIMDAL
-+				 *k5_session_key,
-+#else
-+				 k5_session_key,
-+#endif
-+				 KCMD_KEYUSAGE,
-                                  use_ivecs ? encivec_i + secondary : 0,
--                                  &cipher,&plain) ) {
-+                                 &cipher,&plain) ) {
-         /* probably out of sync */
-         printf("Cannot decrypt data from network: %s\r\n",
-                  error_message(status));
-@@ -12759,8 +12786,8 @@
- 
- static int
- binaryEqual (a, b, len)
--register char   *a, *b;
--register int    len;
-+char   *a, *b;
-+int    len;
- {
-     while (len--)
-         if (*a++ != *b++)
diff --git a/kermit/patches/patch-ckupty.c b/kermit/patches/patch-ckupty.c
index bffc5c4f77..c2e576ed88 100644
--- a/kermit/patches/patch-ckupty.c
+++ b/kermit/patches/patch-ckupty.c
@@ -1,6 +1,12 @@
 $NetBSD: patch-ckupty.c,v 1.1 2015/11/07 23:20:59 dholland Exp $
 
 Always use termios, never sgtty.h.
+\todo Explain this more clearly.
+
+This patch appears to be regularizing the use of TERMIO, following the
+package's inclusion of mk/termcap.buildlink3.mk.  This is contrary to
+upstream's approach which uses each systems's native libs.  Therefore,
+this patch should not be submitted to upstream.
 
 --- ckupty.c~	2011-06-13 15:34:13.000000000 +0000
 +++ ckupty.c
diff --git a/kermit/patches/patch-ckuus3.c b/kermit/patches/patch-ckuus3.c
deleted file mode 100644
index 0ae8106030..0000000000
--- a/kermit/patches/patch-ckuus3.c
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-ckuus3.c,v 1.1 2020/04/08 15:22:07 rhialto Exp $
-
-Use version-flexible method.
-
---- ckuus3.c.orig	2011-06-26 18:20:07.000000000 +0000
-+++ ckuus3.c
-@@ -13048,7 +13048,7 @@ case XYDEBU:                            
-                       if (ssl_con == NULL) {
-                           SSL_library_init();
-                           ssl_ctx = (SSL_CTX *)
--                            SSL_CTX_new((SSL_METHOD *)TLSv1_method());
-+                            SSL_CTX_new((SSL_METHOD *)SSLv23_method());
-                           if (ssl_ctx != NULL)
-                             ssl_con= (SSL *) SSL_new(ssl_ctx);
-                       }
diff --git a/kermit/patches/patch-ckuus4.c b/kermit/patches/patch-ckuus4.c
deleted file mode 100644
index 1dd7c8eb57..0000000000
--- a/kermit/patches/patch-ckuus4.c
+++ /dev/null
@@ -1,29 +0,0 @@
-$NetBSD: patch-ckuus4.c,v 1.1 2019/04/11 02:21:09 mrg Exp $
-
-Always include errno.h.
-crc16 is a long.
-
---- ckuus4.c.orig	2011-06-24 11:58:10.000000000 -0700
-+++ ckuus4.c	2019-04-10 18:25:09.650654615 -0700
-@@ -34,8 +34,9 @@
- #include "ck_ssl.h"
- #endif /* CK_SSL */
- 
-+#include <errno.h>
-+
- #ifdef VMS
--#include <errno.h>                      /* For \v(errno) */
- extern char * ckvmserrstr(unsigned long);
- #ifndef OLD_VMS
- #include <lib$routines.h>               /* Not for VAX C 2.4 */
-@@ -409,7 +410,9 @@
-   npad, pkttim, bigrbsiz, bigsbsiz, keep, atcapr, autopar, bctr, bctu,
-   crunched, ckdelay, ebq, ebqflg, pktlog, retrans, rpackets, rptflg, rptq,
-   rtimo, spackets, spsiz, spsizf, spsizr, timeouts, fncact, fncnv, urpsiz,
--  wmax, wslotn, wslotr, fdispla, spmax, fnrpath, fnspath, crc16;
-+  wmax, wslotn, wslotr, fdispla, spmax, fnrpath, fnspath;
-+extern long
-+  crc16;
- #endif /* NOXFER */
- 
- #ifdef OS2
diff --git a/kermit/patches/patch-ckuus5.c b/kermit/patches/patch-ckuus5.c
deleted file mode 100644
index 0ff718fa12..0000000000
--- a/kermit/patches/patch-ckuus5.c
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-aj,v 1.1 2006/06/28 23:13:18 dbj Exp $
-
---- ckuus5.c.orig	2006-06-27 19:22:53.000000000 -0400
-+++ ckuus5.c	2006-06-27 19:23:30.000000000 -0400
-@@ -28,6 +28,8 @@
- #include "ckcker.h"
- #include "ckuusr.h"
- 
-+#include <errno.h>
-+
- #ifdef DCMDBUF
- char *line;                             /* Character buffer for anything */
- char *tmpbuf;
diff --git a/kermit/patches/patch-ckuus6.c b/kermit/patches/patch-ckuus6.c
deleted file mode 100644
index aa5dad9677..0000000000
--- a/kermit/patches/patch-ckuus6.c
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ag,v 1.2 2011/08/25 14:54:06 hans Exp $
-
---- ckuus6.c.orig	2011-06-07 17:27:51.000000000 +0200
-+++ ckuus6.c	2011-08-23 10:34:29.697605882 +0200
-@@ -33,11 +33,7 @@
- #endif /* def VMS [else] */
- #endif /* NOSTAT */
- 
--#ifdef VMS
--#ifndef TCPSOCKET
- #include <errno.h>
--#endif /* TCPSOCKET */
--#endif /* VMS */
- 
- #ifdef datageneral
- #define fgets(stringbuf,max,fd) dg_fgets(stringbuf,max,fd)
diff --git a/kermit/patches/patch-ckuus7.c b/kermit/patches/patch-ckuus7.c
deleted file mode 100644
index 55430e3f1e..0000000000
--- a/kermit/patches/patch-ckuus7.c
+++ /dev/null
@@ -1,24 +0,0 @@
-$NetBSD: patch-ak,v 1.2 2020/04/08 15:22:07 rhialto Exp $
-
-- Use version-flexible SSL/TLS method.
-
---- ckuus7.c.orig	2011-06-23 16:13:11.000000000 +0000
-+++ ckuus7.c
-@@ -32,6 +32,8 @@
- #include "ckucmd.h"
- #include "ckclib.h"
- 
-+#include <errno.h>
-+
- #ifdef VMS
- #ifndef TCPSOCKET
- #include <errno.h>
-@@ -14340,7 +14342,7 @@ sho_auth(cx) int cx; {
-             if (ssl_con == NULL) {
-                 SSL_library_init();
-                 ssl_ctx = (SSL_CTX *)
--                  SSL_CTX_new((SSL_METHOD *)TLSv1_method());
-+                  SSL_CTX_new((SSL_METHOD *)SSLv23_method());
-                 if (ssl_ctx != NULL)
-                   ssl_con= (SSL *) SSL_new(ssl_ctx);
-             }
diff --git a/kermit/patches/patch-ckuusr.c b/kermit/patches/patch-ckuusr.c
deleted file mode 100644
index 6547c595be..0000000000
--- a/kermit/patches/patch-ckuusr.c
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-af,v 1.1 2005/12/18 23:15:43 joerg Exp $
-
---- ckuusr.c.orig	2005-12-18 23:04:34.000000000 +0000
-+++ ckuusr.c
-@@ -87,6 +87,8 @@ char *userv = "User Interface 8.0.278, 1
- #define MULTINET_OLD_STYLE		/* Leave select prototype undefined */
- #endif /* MULTINET */
- 
-+#include <errno.h>
-+
- #include "ckcdeb.h"
- #include "ckcasc.h"
- #include "ckcker.h"
diff --git a/kermit/patches/patch-ckuusx.c b/kermit/patches/patch-ckuusx.c
index 244ff9dee2..555d210d85 100644
--- a/kermit/patches/patch-ckuusx.c
+++ b/kermit/patches/patch-ckuusx.c
@@ -1,14 +1,14 @@
 $NetBSD: patch-am,v 1.1 2011/05/14 19:27:53 hans Exp $
 
---- ckuusx.c.orig	2004-03-14 18:13:23.000000000 +0100
-+++ ckuusx.c	2009-12-26 23:23:19.652637206 +0100
-@@ -70,6 +70,9 @@ _PROTOTYP(char * os2_gethostname, (void)
- #ifdef BSD44
- #include <errno.h>
- #endif /* BSD44 */
-+#ifdef SOLARIS
-+#include <errno.h>
-+#endif
+--- ckuusx.c.orig	2020-09-19 19:52:28.000000000 +0000
++++ ckuusx.c
+@@ -79,9 +79,6 @@ char * tgoto (const char *, int, int);
+ _PROTOTYP(char * os2_gethostname, (void));
+ #define getpid _getpid
+ #endif /* OS2 */
+-#ifdef BSD44
+-#include <errno.h>
+-#endif /* BSD44 */
  
  extern xx_strp xxstring;
  



Home | Main Index | Thread Index | Old Index