public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] dev/ulm:master commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
@ 2015-09-04  8:29 ` Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:motif-2.3.4-patches-1 " Ulrich Müller
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:29 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:motif-2.3.4-patches-1 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
  2015-09-04  8:29 ` [gentoo-commits] dev/ulm:master " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:openmotif-2.2.3-patches-5 " Ulrich Müller
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:openmotif-2.2.3-patches-5 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-6 " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  0 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     2946ef3ecc0b56c19d9e6edec8be94eb3b669137
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Wed Jan  4 21:16:06 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=2946ef3e

Patchset for skey-1.1.5

 patchsets/skey/1.1.5/01_all_gentoo.patch          | 5358 +++++++++++++++++++++
 patchsets/skey/1.1.5/02_all_login_name_max.patch  |   18 +
 patchsets/skey/1.1.5/03_all_fPIC.patch            |   12 +
 patchsets/skey/1.1.5/04_all_bind-now.patch        |   15 +
 patchsets/skey/1.1.5/05_all_otp.patch             |   53 +
 patchsets/skey/1.1.5/06_all_binary-search.patch   |   36 +
 patchsets/skey/1.1.5/07_all_skeyprune-dir.patch   |   13 +
 patchsets/skey/1.1.5/08_all_skeyprune-regex.patch |   13 +
 patchsets/skey/1.1.5/09_all_man_default-md5.patch |   26 +
 patchsets/skey/1.1.5/10_all_man_libpath.patch     |   16 +
 patchsets/skey/1.1.5/11_all_strncat-warning.patch |   11 +
 11 files changed, 5571 insertions(+)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
new file mode 100644
index 0000000..270fe6b
--- /dev/null
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -0,0 +1,5358 @@
+porting some updates to this skey implementation from the
+NetBSD project, some other updates and fixes, and the addition
+of some new features like shadow password and cracklib support.
+	(05 Nov 2003) -taviso@gentoo.org
+
+--- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
+@@ -1,6 +1,19 @@
+ *** Changes in version 1.1.5
+ 
+ -  Bug fixes for errx/warnx
++(05/11/2003) taviso@gentoo.org
++	- ported some updates from the NetBSD project to Linux.
++	- removed a load of cast to voids.
++	- syntax changes.
++	- killing skeyaudit, using a shell script modified from NetBSD.
++	- cleanups to stop warnings with gcc.
++	- building a library for dynamic linking.
++	- swapping some str{cat,cpy} for strn{cat,cpy}
++	- killing rmd160 support.
++	- removing strlcpy function, not useful.
++	- quick hack for shadow support.
++	- quick hack for cracklib support.
++	- various other stuff.
+ 
+ *** Changes in version 1.1.4
+ 
+--- skey-1.1.5.orig/config.h.in	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/config.h.in	2003-11-06 17:46:45.000000000 +0000
+@@ -109,6 +109,9 @@
+ /* Define if you have the strtol function.  */
+ #undef HAVE_STRTOL
+ 
++/* Define if you have the <crack.h> header file.  */
++#undef HAVE_CRACK_H
++
+ /* Define if you have the <crypt.h> header file.  */
+ #undef HAVE_CRYPT_H
+ 
+@@ -130,12 +133,12 @@
+ /* Define if you have the <md5global.h> header file.  */
+ #undef HAVE_MD5GLOBAL_H
+ 
+-/* Define if you have the <rmd160.h> header file.  */
+-#undef HAVE_RMD160_H
+-
+ /* Define if you have the <sha1.h> header file.  */
+ #undef HAVE_SHA1_H
+ 
++/* Define if you have the <shadow.h> header file.  */
++#undef HAVE_SHADOW_H
++
+ /* Define if you have the <sys/cdefs.h> header file.  */
+ #undef HAVE_SYS_CDEFS_H
+ 
+--- skey-1.1.5.orig/configure	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/configure	2003-11-06 17:47:49.000000000 +0000
+@@ -960,47 +960,11 @@
+   echo "$ac_t""no" 1>&6
+ fi
+ 
+-# Extract the first word of "sendmail", so it can be a program name with args.
+-set dummy sendmail; ac_word=$2
+-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+-echo "configure:967: checking for $ac_word" >&5
+-if eval "test \"`echo '$''{'ac_cv_path_SENDMAIL'+set}'`\" = set"; then
+-  echo $ac_n "(cached) $ac_c" 1>&6
+-else
+-  case "$SENDMAIL" in
+-  /*)
+-  ac_cv_path_SENDMAIL="$SENDMAIL" # Let the user override the test with a path.
+-  ;;
+-  ?:/*)			 
+-  ac_cv_path_SENDMAIL="$SENDMAIL" # Let the user override the test with a dos path.
+-  ;;
+-  *)
+-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+-  ac_dummy="$PATH:/usr/sbin:/usr/lib:/usr/bin"
+-  for ac_dir in $ac_dummy; do 
+-    test -z "$ac_dir" && ac_dir=.
+-    if test -f $ac_dir/$ac_word; then
+-      ac_cv_path_SENDMAIL="$ac_dir/$ac_word"
+-      break
+-    fi
+-  done
+-  IFS="$ac_save_ifs"
+-  test -z "$ac_cv_path_SENDMAIL" && ac_cv_path_SENDMAIL="/usr/lib/sendmail"
+-  ;;
+-esac
+-fi
+-SENDMAIL="$ac_cv_path_SENDMAIL"
+-if test -n "$SENDMAIL"; then
+-  echo "$ac_t""$SENDMAIL" 1>&6
+-else
+-  echo "$ac_t""no" 1>&6
+-fi
+-
+ 
+ 
+ 
+ echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
+-echo "configure:1004: checking for crypt in -lcrypt" >&5
++echo "configure:968: checking for crypt in -lcrypt" >&5
+ ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'`
+ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+@@ -1008,7 +972,7 @@
+   ac_save_LIBS="$LIBS"
+ LIBS="-lcrypt  $LIBS"
+ cat > conftest.$ac_ext <<EOF
+-#line 1012 "configure"
++#line 976 "configure"
+ #include "confdefs.h"
+ /* Override any gcc2 internal prototype to avoid an error.  */
+ /* We use char because int might match the return type of a gcc2
+@@ -1019,7 +983,7 @@
+ crypt()
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1023: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:987: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_lib_$ac_lib_var=yes"
+ else
+@@ -1040,7 +1004,7 @@
+ fi
+ 
+ echo $ac_n "checking for flock in -lucb""... $ac_c" 1>&6
+-echo "configure:1044: checking for flock in -lucb" >&5
++echo "configure:1008: checking for flock in -lucb" >&5
+ ac_lib_var=`echo ucb'_'flock | sed 'y%./+-%__p_%'`
+ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+@@ -1048,7 +1012,7 @@
+   ac_save_LIBS="$LIBS"
+ LIBS="-lucb  $LIBS"
+ cat > conftest.$ac_ext <<EOF
+-#line 1052 "configure"
++#line 1016 "configure"
+ #include "confdefs.h"
+ /* Override any gcc2 internal prototype to avoid an error.  */
+ /* We use char because int might match the return type of a gcc2
+@@ -1059,7 +1023,7 @@
+ flock()
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1063: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:1027: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_lib_$ac_lib_var=yes"
+ else
+@@ -1079,10 +1043,50 @@
+   echo "$ac_t""no" 1>&6
+ fi
+ 
++echo $ac_n "checking for FascistCheck in -lcrack""... $ac_c" 1>&6
++echo "configure:1048: checking for FascistCheck in -lcrack" >&5
++ac_lib_var=`echo crack'_'FascistCheck | sed 'y%./+-%__p_%'`
++if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
++  echo $ac_n "(cached) $ac_c" 1>&6
++else
++  ac_save_LIBS="$LIBS"
++LIBS="-lcrack  $LIBS"
++cat > conftest.$ac_ext <<EOF
++#line 1056 "configure"
++#include "confdefs.h"
++/* Override any gcc2 internal prototype to avoid an error.  */
++/* We use char because int might match the return type of a gcc2
++    builtin and then its argument prototype would still apply.  */
++char FascistCheck();
++
++int main() {
++FascistCheck()
++; return 0; }
++EOF
++if { (eval echo configure:1067: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++  rm -rf conftest*
++  eval "ac_cv_lib_$ac_lib_var=yes"
++else
++  echo "configure: failed program was:" >&5
++  cat conftest.$ac_ext >&5
++  rm -rf conftest*
++  eval "ac_cv_lib_$ac_lib_var=no"
++fi
++rm -f conftest*
++LIBS="$ac_save_LIBS"
++
++fi
++if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
++  echo "$ac_t""yes" 1>&6
++  LIBS="$LIBS -lcrack"
++else
++  echo "$ac_t""no" 1>&6
++fi
++
+ 
+ 
+ echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
+-echo "configure:1086: checking how to run the C preprocessor" >&5
++echo "configure:1090: checking how to run the C preprocessor" >&5
+ # On Suns, sometimes $CPP names a directory.
+ if test -n "$CPP" && test -d "$CPP"; then
+   CPP=
+@@ -1097,13 +1101,13 @@
+   # On the NeXT, cc -E runs the code through the compiler's parser,
+   # not just through cpp.
+   cat > conftest.$ac_ext <<EOF
+-#line 1101 "configure"
++#line 1105 "configure"
+ #include "confdefs.h"
+ #include <assert.h>
+ Syntax Error
+ EOF
+ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+-{ (eval echo configure:1107: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
++{ (eval echo configure:1111: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+ if test -z "$ac_err"; then
+   :
+@@ -1114,13 +1118,13 @@
+   rm -rf conftest*
+   CPP="${CC-cc} -E -traditional-cpp"
+   cat > conftest.$ac_ext <<EOF
+-#line 1118 "configure"
++#line 1122 "configure"
+ #include "confdefs.h"
+ #include <assert.h>
+ Syntax Error
+ EOF
+ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+-{ (eval echo configure:1124: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
++{ (eval echo configure:1128: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+ if test -z "$ac_err"; then
+   :
+@@ -1131,13 +1135,13 @@
+   rm -rf conftest*
+   CPP="${CC-cc} -nologo -E"
+   cat > conftest.$ac_ext <<EOF
+-#line 1135 "configure"
++#line 1139 "configure"
+ #include "confdefs.h"
+ #include <assert.h>
+ Syntax Error
+ EOF
+ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+-{ (eval echo configure:1141: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
++{ (eval echo configure:1145: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+ if test -z "$ac_err"; then
+   :
+@@ -1162,12 +1166,12 @@
+ echo "$ac_t""$CPP" 1>&6
+ 
+ echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
+-echo "configure:1166: checking for ANSI C header files" >&5
++echo "configure:1170: checking for ANSI C header files" >&5
+ if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1171 "configure"
++#line 1175 "configure"
+ #include "confdefs.h"
+ #include <stdlib.h>
+ #include <stdarg.h>
+@@ -1175,7 +1179,7 @@
+ #include <float.h>
+ EOF
+ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+-{ (eval echo configure:1179: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
++{ (eval echo configure:1183: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+ if test -z "$ac_err"; then
+   rm -rf conftest*
+@@ -1192,7 +1196,7 @@
+ if test $ac_cv_header_stdc = yes; then
+   # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+ cat > conftest.$ac_ext <<EOF
+-#line 1196 "configure"
++#line 1200 "configure"
+ #include "confdefs.h"
+ #include <string.h>
+ EOF
+@@ -1210,7 +1214,7 @@
+ if test $ac_cv_header_stdc = yes; then
+   # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+ cat > conftest.$ac_ext <<EOF
+-#line 1214 "configure"
++#line 1218 "configure"
+ #include "confdefs.h"
+ #include <stdlib.h>
+ EOF
+@@ -1231,7 +1235,7 @@
+   :
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1235 "configure"
++#line 1239 "configure"
+ #include "confdefs.h"
+ #include <ctype.h>
+ #define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+@@ -1242,7 +1246,7 @@
+ exit (0); }
+ 
+ EOF
+-if { (eval echo configure:1246: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1250: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   :
+ else
+@@ -1266,12 +1270,12 @@
+ fi
+ 
+ echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6
+-echo "configure:1270: checking for sys/wait.h that is POSIX.1 compatible" >&5
++echo "configure:1274: checking for sys/wait.h that is POSIX.1 compatible" >&5
+ if eval "test \"`echo '$''{'ac_cv_header_sys_wait_h'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1275 "configure"
++#line 1279 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #include <sys/wait.h>
+@@ -1287,7 +1291,7 @@
+ s = WIFEXITED (s) ? WEXITSTATUS (s) : 1;
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1291: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1295: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   ac_cv_header_sys_wait_h=yes
+ else
+@@ -1307,21 +1311,21 @@
+ 
+ fi
+ 
+-for ac_hdr in fcntl.h limits.h sys/file.h sys/time.h sys/cdefs.h syslog.h unistd.h sha1.h rmd160.h md4.h md5.h md5global.h err.h crypt.h
++for ac_hdr in fcntl.h limits.h sys/file.h sys/time.h sys/cdefs.h syslog.h unistd.h sha1.h md4.h md5.h md5global.h err.h crypt.h shadow.h crack.h
+ do
+ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
+ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
+-echo "configure:1315: checking for $ac_hdr" >&5
++echo "configure:1319: checking for $ac_hdr" >&5
+ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1320 "configure"
++#line 1324 "configure"
+ #include "confdefs.h"
+ #include <$ac_hdr>
+ EOF
+ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+-{ (eval echo configure:1325: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
++{ (eval echo configure:1329: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+ if test -z "$ac_err"; then
+   rm -rf conftest*
+@@ -1349,12 +1353,12 @@
+ 
+ 
+ echo $ac_n "checking for working const""... $ac_c" 1>&6
+-echo "configure:1353: checking for working const" >&5
++echo "configure:1357: checking for working const" >&5
+ if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1358 "configure"
++#line 1362 "configure"
+ #include "confdefs.h"
+ 
+ int main() {
+@@ -1403,7 +1407,7 @@
+ 
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1407: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1411: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   ac_cv_c_const=yes
+ else
+@@ -1424,14 +1428,14 @@
+ fi
+ 
+ echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6
+-echo "configure:1428: checking whether byte ordering is bigendian" >&5
++echo "configure:1432: checking whether byte ordering is bigendian" >&5
+ if eval "test \"`echo '$''{'ac_cv_c_bigendian'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   ac_cv_c_bigendian=unknown
+ # See if sys/param.h defines the BYTE_ORDER macro.
+ cat > conftest.$ac_ext <<EOF
+-#line 1435 "configure"
++#line 1439 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #include <sys/param.h>
+@@ -1442,11 +1446,11 @@
+ #endif
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1446: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1450: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   # It does; now see whether it defined to BIG_ENDIAN or not.
+ cat > conftest.$ac_ext <<EOF
+-#line 1450 "configure"
++#line 1454 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #include <sys/param.h>
+@@ -1457,7 +1461,7 @@
+ #endif
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1461: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1465: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   ac_cv_c_bigendian=yes
+ else
+@@ -1477,7 +1481,7 @@
+     { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1481 "configure"
++#line 1485 "configure"
+ #include "confdefs.h"
+ main () {
+   /* Are we little or big endian?  From Harbison&Steele.  */
+@@ -1490,7 +1494,7 @@
+   exit (u.c[sizeof (long) - 1] == 1);
+ }
+ EOF
+-if { (eval echo configure:1494: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1498: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_c_bigendian=no
+ else
+@@ -1514,12 +1518,12 @@
+ fi
+ 
+ echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6
+-echo "configure:1518: checking for uid_t in sys/types.h" >&5
++echo "configure:1522: checking for uid_t in sys/types.h" >&5
+ if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1523 "configure"
++#line 1527 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ EOF
+@@ -1548,12 +1552,12 @@
+ fi
+ 
+ echo $ac_n "checking for off_t""... $ac_c" 1>&6
+-echo "configure:1552: checking for off_t" >&5
++echo "configure:1556: checking for off_t" >&5
+ if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1557 "configure"
++#line 1561 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #if STDC_HEADERS
+@@ -1581,12 +1585,12 @@
+ fi
+ 
+ echo $ac_n "checking for size_t""... $ac_c" 1>&6
+-echo "configure:1585: checking for size_t" >&5
++echo "configure:1589: checking for size_t" >&5
+ if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1590 "configure"
++#line 1594 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #if STDC_HEADERS
+@@ -1614,12 +1618,12 @@
+ fi
+ 
+ echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6
+-echo "configure:1618: checking whether struct tm is in sys/time.h or time.h" >&5
++echo "configure:1622: checking whether struct tm is in sys/time.h or time.h" >&5
+ if eval "test \"`echo '$''{'ac_cv_struct_tm'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1623 "configure"
++#line 1627 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #include <time.h>
+@@ -1627,7 +1631,7 @@
+ struct tm *tp; tp->tm_sec;
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1631: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1635: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   ac_cv_struct_tm=time.h
+ else
+@@ -1649,7 +1653,7 @@
+ 
+ 
+ echo $ac_n "checking size of char""... $ac_c" 1>&6
+-echo "configure:1653: checking size of char" >&5
++echo "configure:1657: checking size of char" >&5
+ if eval "test \"`echo '$''{'ac_cv_sizeof_char'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+@@ -1657,7 +1661,7 @@
+   ac_cv_sizeof_char=1
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1661 "configure"
++#line 1665 "configure"
+ #include "confdefs.h"
+ #include <stdio.h>
+ main()
+@@ -1668,7 +1672,7 @@
+   exit(0);
+ }
+ EOF
+-if { (eval echo configure:1672: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1676: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_sizeof_char=`cat conftestval`
+ else
+@@ -1688,7 +1692,7 @@
+ 
+ 
+ echo $ac_n "checking size of short int""... $ac_c" 1>&6
+-echo "configure:1692: checking size of short int" >&5
++echo "configure:1696: checking size of short int" >&5
+ if eval "test \"`echo '$''{'ac_cv_sizeof_short_int'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+@@ -1696,7 +1700,7 @@
+   ac_cv_sizeof_short_int=2
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1700 "configure"
++#line 1704 "configure"
+ #include "confdefs.h"
+ #include <stdio.h>
+ main()
+@@ -1707,7 +1711,7 @@
+   exit(0);
+ }
+ EOF
+-if { (eval echo configure:1711: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1715: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_sizeof_short_int=`cat conftestval`
+ else
+@@ -1727,7 +1731,7 @@
+ 
+ 
+ echo $ac_n "checking size of int""... $ac_c" 1>&6
+-echo "configure:1731: checking size of int" >&5
++echo "configure:1735: checking size of int" >&5
+ if eval "test \"`echo '$''{'ac_cv_sizeof_int'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+@@ -1735,7 +1739,7 @@
+   ac_cv_sizeof_int=4
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1739 "configure"
++#line 1743 "configure"
+ #include "confdefs.h"
+ #include <stdio.h>
+ main()
+@@ -1746,7 +1750,7 @@
+   exit(0);
+ }
+ EOF
+-if { (eval echo configure:1750: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1754: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_sizeof_int=`cat conftestval`
+ else
+@@ -1766,7 +1770,7 @@
+ 
+ 
+ echo $ac_n "checking size of long int""... $ac_c" 1>&6
+-echo "configure:1770: checking size of long int" >&5
++echo "configure:1774: checking size of long int" >&5
+ if eval "test \"`echo '$''{'ac_cv_sizeof_long_int'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+@@ -1774,7 +1778,7 @@
+   ac_cv_sizeof_long_int=4
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1778 "configure"
++#line 1782 "configure"
+ #include "confdefs.h"
+ #include <stdio.h>
+ main()
+@@ -1785,7 +1789,7 @@
+   exit(0);
+ }
+ EOF
+-if { (eval echo configure:1789: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1793: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_sizeof_long_int=`cat conftestval`
+ else
+@@ -1805,7 +1809,7 @@
+ 
+ 
+ echo $ac_n "checking size of long long int""... $ac_c" 1>&6
+-echo "configure:1809: checking size of long long int" >&5
++echo "configure:1813: checking size of long long int" >&5
+ if eval "test \"`echo '$''{'ac_cv_sizeof_long_long_int'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+@@ -1813,7 +1817,7 @@
+   ac_cv_sizeof_long_long_int=8
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 1817 "configure"
++#line 1821 "configure"
+ #include "confdefs.h"
+ #include <stdio.h>
+ main()
+@@ -1824,7 +1828,7 @@
+   exit(0);
+ }
+ EOF
+-if { (eval echo configure:1828: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:1832: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_sizeof_long_long_int=`cat conftestval`
+ else
+@@ -1854,7 +1858,7 @@
+         fi
+         CFLAGS="$CFLAGS -D_HPUX_SOURCE"
+         echo $ac_n "checking for HPUX trusted system password database""... $ac_c" 1>&6
+-echo "configure:1858: checking for HPUX trusted system password database" >&5
++echo "configure:1862: checking for HPUX trusted system password database" >&5
+         if test -f /tcb/files/auth/system/default; then
+                 echo "$ac_t""yes" 1>&6
+                 cat >> confdefs.h <<\EOF
+@@ -1903,16 +1907,16 @@
+ 
+ 
+ echo $ac_n "checking for intXX_t types""... $ac_c" 1>&6
+-echo "configure:1907: checking for intXX_t types" >&5
++echo "configure:1911: checking for intXX_t types" >&5
+ cat > conftest.$ac_ext <<EOF
+-#line 1909 "configure"
++#line 1913 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ int main() {
+ int16_t a; int32_t b; a = 1235; b = 1235;
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1916: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1920: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   
+                 cat >> confdefs.h <<\EOF
+@@ -1932,16 +1936,16 @@
+ rm -f conftest* 
+ 
+ echo $ac_n "checking for u_intXX_t types""... $ac_c" 1>&6
+-echo "configure:1936: checking for u_intXX_t types" >&5
++echo "configure:1940: checking for u_intXX_t types" >&5
+ cat > conftest.$ac_ext <<EOF
+-#line 1938 "configure"
++#line 1942 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ int main() {
+ u_int16_t c; u_int32_t d; c = 1235; d = 1235;
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1945: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1949: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   
+                 cat >> confdefs.h <<\EOF
+@@ -1964,9 +1968,9 @@
+            "x$ac_cv_header_sys_bitypes_h" = "xyes"
+ then
+         echo $ac_n "checking for intXX_t and u_intXX_t types in sys/bitypes.h""... $ac_c" 1>&6
+-echo "configure:1968: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5
++echo "configure:1972: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5
+         cat > conftest.$ac_ext <<EOF
+-#line 1970 "configure"
++#line 1974 "configure"
+ #include "confdefs.h"
+ #include <sys/bitypes.h>
+ int main() {
+@@ -1978,7 +1982,7 @@
+                 
+ ; return 0; }
+ EOF
+-if { (eval echo configure:1982: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:1986: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   
+                         cat >> confdefs.h <<\EOF
+@@ -2002,16 +2006,16 @@
+ fi
+ 
+ echo $ac_n "checking for uintXX_t types""... $ac_c" 1>&6
+-echo "configure:2006: checking for uintXX_t types" >&5
++echo "configure:2010: checking for uintXX_t types" >&5
+ cat > conftest.$ac_ext <<EOF
+-#line 2008 "configure"
++#line 2012 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ int main() {
+ uint16_t c; uint32_t d; c = 1235; d = 1235;
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2015: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:2019: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   
+                 cat >> confdefs.h <<\EOF
+@@ -2054,7 +2058,7 @@
+ 
+ 
+ echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6
+-echo "configure:2058: checking for 8-bit clean memcmp" >&5
++echo "configure:2062: checking for 8-bit clean memcmp" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_memcmp_clean'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+@@ -2062,7 +2066,7 @@
+   ac_cv_func_memcmp_clean=no
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 2066 "configure"
++#line 2070 "configure"
+ #include "confdefs.h"
+ 
+ main()
+@@ -2072,7 +2076,7 @@
+ }
+ 
+ EOF
+-if { (eval echo configure:2076: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
++if { (eval echo configure:2080: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+ then
+   ac_cv_func_memcmp_clean=yes
+ else
+@@ -2090,12 +2094,12 @@
+ test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}"
+ 
+ echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
+-echo "configure:2094: checking return type of signal handlers" >&5
++echo "configure:2098: checking return type of signal handlers" >&5
+ if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 2099 "configure"
++#line 2103 "configure"
+ #include "confdefs.h"
+ #include <sys/types.h>
+ #include <signal.h>
+@@ -2112,7 +2116,7 @@
+ int i;
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2116: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
++if { (eval echo configure:2120: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+   rm -rf conftest*
+   ac_cv_type_signal=void
+ else
+@@ -2131,12 +2135,12 @@
+ 
+ 
+ echo $ac_n "checking for strftime""... $ac_c" 1>&6
+-echo "configure:2135: checking for strftime" >&5
++echo "configure:2139: checking for strftime" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_strftime'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 2140 "configure"
++#line 2144 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+     which can conflict with char strftime(); below.  */
+@@ -2159,7 +2163,7 @@
+ 
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2163: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2167: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_func_strftime=yes"
+ else
+@@ -2181,7 +2185,7 @@
+   echo "$ac_t""no" 1>&6
+ # strftime is in -lintl on SCO UNIX.
+ echo $ac_n "checking for strftime in -lintl""... $ac_c" 1>&6
+-echo "configure:2185: checking for strftime in -lintl" >&5
++echo "configure:2189: checking for strftime in -lintl" >&5
+ ac_lib_var=`echo intl'_'strftime | sed 'y%./+-%__p_%'`
+ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+@@ -2189,7 +2193,7 @@
+   ac_save_LIBS="$LIBS"
+ LIBS="-lintl  $LIBS"
+ cat > conftest.$ac_ext <<EOF
+-#line 2193 "configure"
++#line 2197 "configure"
+ #include "confdefs.h"
+ /* Override any gcc2 internal prototype to avoid an error.  */
+ /* We use char because int might match the return type of a gcc2
+@@ -2200,7 +2204,7 @@
+ strftime()
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2204: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2208: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_lib_$ac_lib_var=yes"
+ else
+@@ -2227,12 +2231,12 @@
+ fi
+ 
+ echo $ac_n "checking for vprintf""... $ac_c" 1>&6
+-echo "configure:2231: checking for vprintf" >&5
++echo "configure:2235: checking for vprintf" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_vprintf'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 2236 "configure"
++#line 2240 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+     which can conflict with char vprintf(); below.  */
+@@ -2255,7 +2259,7 @@
+ 
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2259: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2263: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_func_vprintf=yes"
+ else
+@@ -2279,12 +2283,12 @@
+ 
+ if test "$ac_cv_func_vprintf" != yes; then
+ echo $ac_n "checking for _doprnt""... $ac_c" 1>&6
+-echo "configure:2283: checking for _doprnt" >&5
++echo "configure:2287: checking for _doprnt" >&5
+ if eval "test \"`echo '$''{'ac_cv_func__doprnt'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 2288 "configure"
++#line 2292 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+     which can conflict with char _doprnt(); below.  */
+@@ -2307,7 +2311,7 @@
+ 
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2311: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_func__doprnt=yes"
+ else
+@@ -2334,12 +2338,12 @@
+ for ac_func in gethostname strcspn strdup strerror strspn strtol flock fcntl lockf strlcpy setusercontext
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+-echo "configure:2338: checking for $ac_func" >&5
++echo "configure:2342: checking for $ac_func" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
+ else
+   cat > conftest.$ac_ext <<EOF
+-#line 2343 "configure"
++#line 2347 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+     which can conflict with char $ac_func(); below.  */
+@@ -2362,7 +2366,7 @@
+ 
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2366: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2370: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+   rm -rf conftest*
+   eval "ac_cv_func_$ac_func=yes"
+ else
+--- skey-1.1.5.orig/configure.in	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/configure.in	2003-11-06 17:47:14.000000000 +0000
+@@ -9,19 +9,19 @@
+ AC_CHECK_PROG(AR, ar, ar)
+ AC_PATH_PROG(PERL, perl)
+ AC_PATH_PROG(TOUCH, touch)
+-AC_PATH_PROG(SENDMAIL, sendmail, /usr/lib/sendmail, $PATH:/usr/sbin:/usr/lib:/usr/bin)
+ AC_SUBST(PERL)
+ AC_SUBST(SENDMAIL)
+ 
+ dnl Checks for libraries.
+ AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
+ AC_CHECK_LIB(ucb, flock, LIBS="$LIBS -lucb" LDFLAGS="$LDFLAGS -L/usr/ucblib")
++AC_CHECK_LIB(crack, FascistCheck, LIBS="$LIBS -lcrack")
+ 
+ 
+ dnl Checks for header files.
+ AC_HEADER_STDC
+ AC_HEADER_SYS_WAIT
+-AC_CHECK_HEADERS(fcntl.h limits.h sys/file.h sys/time.h sys/cdefs.h syslog.h unistd.h sha1.h rmd160.h md4.h md5.h md5global.h err.h crypt.h)
++AC_CHECK_HEADERS(fcntl.h limits.h sys/file.h sys/time.h sys/cdefs.h syslog.h unistd.h sha1.h md4.h md5.h md5global.h err.h crypt.h shadow.h crack.h)
+ 
+ dnl Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+--- skey-1.1.5.orig/login_cap.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/login_cap.c	2003-11-06 17:46:45.000000000 +0000
+@@ -37,6 +37,7 @@
+ #include <errno.h>
+ #include <unistd.h>
+ #include <pwd.h>
++#include <grp.h>
+ #include <syslog.h>
+ 
+ /* 
+--- skey-1.1.5.orig/Makefile.in	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/Makefile.in	2003-11-06 17:47:42.000000000 +0000
+@@ -27,12 +27,11 @@
+ TOUCH=@TOUCH@
+ LDFLAGS=-L. @LDFLAGS@
+ 
+-TARGETS=skey skeyinit skeyinfo skeyaudit
+-LIBOBJS=skeylogin.o skeysubr.o put.o errx.o md4c.o md5c.o rmd160.o rmd160hl.o sha1.o sha1hl.o flock.o strlcpy.o login_cap.o
++TARGETS=skey skeyinit skeyinfo libskey.a
++LIBOBJS=skeylogin.o skeysubr.o put.o errx.o md4c.o md5c.o sha1.o sha1hl.o flock.o login_cap.o
+ SKEYOBJS=skey.o
+ SKEYINITOBJS=skeyinit.o
+ SKEYINFOOBJS=skeyinfo.o
+-SKEYAUDITOBJS=skeyaudit.o
+ 
+ 
+ SCRIPTS=skeyprune.pl
+@@ -41,11 +40,11 @@
+ CATMAN		= skey.0 skeyinit.0 skeyinfo.0 skeyaudit.0 skeyprune.0
+ MANPAGES	= @MANTYPE@
+ 
+-PATHSUBS	= -D/etc/skeykeys=${sysconfdir}/skeykeys -D/usr/bin/perl=${PERL} -D/usr/lib/sendmail=${SENDMAIL}
++PATHSUBS	= -D/etc/skeykeys=${sysconfdir}/skeykeys -D/usr/bin/perl=${PERL}
+ 
+ FIXPATHSCMD     = $(PERL) $(srcdir)/fixpaths $(PATHSUBS)
+ 
+-HDRS=	skey.h sha1.h rmd160.h
++HDRS=	skey.h sha1.h
+ 
+ all: ${TARGETS} ${MANPAGES}
+ 
+@@ -55,24 +54,27 @@
+ 	${AR} rv $@ ${LIBOBJS}
+ 	${RANLIB} $@
+ 
+-skey: libskey.a ${SKEYOBJS}
++libskey.so: ${LIBOBJS}
++	${CC} ${LDFLAGS} -shared -Wl,-soname,libskey.so.1 -o libskey.so.1.1.5 ${LIBOBJS}
++	ln -fs libskey.so.1.1.5 libskey.so
++	ln -fs libskey.so.1.1.5 libskey.so.1
++	ln -fs libskey.so.1.1.5 libskey.so.1.1
++
++skey: libskey.so ${SKEYOBJS}
+ 	${CC} -o $@ ${SKEYOBJS} ${LDFLAGS} -lskey ${LIBS}
+ 
+-skeyinit: libskey.a ${SKEYINITOBJS}
++skeyinit: libskey.so ${SKEYINITOBJS}
+ 	${CC} -o $@ ${SKEYINITOBJS} ${LDFLAGS} -lskey ${LIBS} 
+ 
+-skeyinfo: libskey.a ${SKEYINFOOBJS}
++skeyinfo: libskey.so ${SKEYINFOOBJS}
+ 	${CC} -o $@ ${SKEYINFOOBJS} ${LDFLAGS} -lskey ${LIBS}
+ 
+-skeyaudit: libskey.a ${SKEYAUDITOBJS}
+-	${CC} -o $@ ${SKEYAUDITOBJS} ${LDFLAGS} -lskey ${LIBS}
+-
+ ${MANPAGES} ${SCRIPTS}::
+ 	${FIXPATHSCMD} ${srcdir}/$@
+ 
+ clean:
+ 	rm -f *.o *.a ${TARGETS} config.status config.cache config.log
+-	rm -f *.out core
++	rm -f *.out core *.so *.so.*
+ 
+ distclean: clean
+ 	rm -f Makefile config.h core *~
+@@ -97,6 +99,10 @@
+ 	$(INSTALL) -d $(DESTDIR)$(includedir)
+ 	$(INSTALL) -d $(DESTDIR)$(sysconfdir)
+ 	${INSTALL_DATA} libskey.a $(DESTDIR)$(libdir)
++	${INSTALL_DATA} libskey.so.1.1.5 $(DESTDIR)$(libdir)
++	${INSTALL_DATA} libskey.so.1.1 $(DESTDIR)$(libdir)
++	${INSTALL_DATA} libskey.so.1 $(DESTDIR)$(libdir)
++	${INSTALL_DATA} libskey.so $(DESTDIR)$(libdir)
+ 	${INSTALL_DATA} ${HDRS} $(DESTDIR)$(includedir)
+ 	@for target in ${TARGETS}; do \
+ 		${INSTALL_PROGRAM} $$target $(DESTDIR)$(bindir); \
+@@ -119,9 +125,9 @@
+ 	-rm -f $(DESTDIR)$(bindir)/skeyaudit
+ 	-rm -f $(DESTDIR)$(bindir)/skeyprune
+ 	-rm -f $(DESTDIR)$(libdir)/libskey.a
++	-rm -f $(DESTDIR)$(libdir)/libskey.so*
+ 	-rm -f $(DESTDIR)$(includedir)/skey.h
+ 	-rm -f $(DESTDIR)$(includedir)/sha1.h
+-	-rm -f $(DESTDIR)$(includedir)/rmd160.h
+ 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/skey.1
+ 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/skeyinfo.1
+ 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/skeyinit.1
+--- skey-1.1.5.orig/put.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/put.c	2003-11-06 17:46:45.000000000 +0000
+@@ -14,7 +14,7 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <assert.h>
+-/*#include <ctype.h>*/
++#include <ctype.h>
+ #include "config.h"
+ 
+ #include "skey.h"
+@@ -22,10 +22,10 @@
+ static unsigned int extract __P ((char *s, int start, int length));
+ static void standard __P ((char *word));
+ static void insert __P ((char *s, int x, int start, int length));
+-static int wsrch __P ((char *w, int low, int high));
++static int wsrch __P ((const char *w, int low, int high));
+ 
+ /* Dictionary for integer-word translations */
+-static char Wp[2048][4] = {
++char Wp[2048][4] = {
+ 	"A",
+ 	"ABE",
+ 	"ACE",
+@@ -2079,19 +2079,13 @@
+ /* Encode 8 bytes in 'c' as a string of English words.
+  * Returns a pointer to a static buffer
+  */
+-char *
+-btoe(engout, c)
+-	char *c;
+-	char *engout;
++char *btoe(char *engout, const char *c)
+ {
+-	char cp[10];	/* add in room for the parity 2 bits + extract() slop */
++	char cp[9];	/* add in room for the parity 2 bits */
+ 	int p, i;
+ 
+ 	engout[0] = '\0';
+-
+-	/* workaround for extract() reads beyond end of data */
+-	(void)memset(cp, 0, sizeof(cp));
+-	(void)memcpy(cp, c, 8);
++	memcpy(cp, c, 8);
+ 
+ 	/* compute parity */
+ 	for (p = 0, i = 0; i < 64; i += 2)
+@@ -2099,20 +2093,20 @@
+ 
+ 	cp[8] = (char)p << 6;
+ 
+-	(void)strncat(engout, &Wp[extract (cp, 0, 11)][0], 4);
+-	(void)strcat(engout, " ");
+-	(void)strncat(engout, &Wp[extract (cp, 11, 11)][0], 4);
+-	(void)strcat(engout, " ");
+-	(void)strncat(engout, &Wp[extract (cp, 22, 11)][0], 4);
+-	(void)strcat(engout, " ");
+-	(void)strncat(engout, &Wp[extract (cp, 33, 11)][0], 4);
+-	(void)strcat(engout, " ");
+-	(void)strncat(engout, &Wp[extract (cp, 44, 11)][0], 4);
+-	(void)strcat(engout, " ");
+-	(void)strncat(engout, &Wp[extract (cp, 55, 11)][0], 4);
++	strncat(engout, &Wp[extract (cp, 0, 11)][0], 4);
++	strcat(engout, " ");
++	strncat(engout, &Wp[extract (cp, 11, 11)][0], 4);
++	strcat(engout, " ");
++	strncat(engout, &Wp[extract (cp, 22, 11)][0], 4);
++	strcat(engout, " ");
++	strncat(engout, &Wp[extract (cp, 33, 11)][0], 4);
++	strcat(engout, " ");
++	strncat(engout, &Wp[extract (cp, 44, 11)][0], 4);
++	strcat(engout, " ");
++	strncat(engout, &Wp[extract (cp, 55, 11)][0], 4);
+ 
+ #ifdef	notdef
+-	(void)fprintf(stderr, "engout is %s\n\r", engout);
++	printf ("engout is %s\n\r", engout);
+ #endif
+ 	return(engout);
+ }
+@@ -2123,41 +2117,42 @@
+  *        -1 badly formed in put ie > 4 char word
+  *        -2 words OK but parity is wrong
+  */
+-int
+-etob(out, e)
+-	char *out;
+-	char *e;
++int etob(char *out, const char *e)
+ {
+ 	char *word;
+ 	int i, p, v, l, low, high;
+-	char b[SKEY_BINKEY_SIZE+1];
++	char b[9];
+ 	char input[36];
++	char *last;
+ 
+ 	if (e == NULL)
+-		return(-1);
++		return -1;
+ 
+-	(void)strncpy(input, e, sizeof(input) - 1);
+-	input[sizeof(input) - 1] = '\0';
+-	(void)memset(b, 0, sizeof(b));
+-	(void)memset(out, 0, SKEY_BINKEY_SIZE);
+-	for (i = 0, p = 0; i < 6; i++, p += 11) {
+-		if ((word = strtok(i == 0 ? input : NULL, " ")) == NULL) 
+-			return(-1);
+-
+-		l = strlen(word);
+-		if (l > 4 || l < 1) {
+-			return(-1);
+-		} else if (l < 4) {
++	strncpy (input, e, sizeof(input));
++	memset(b, 0, sizeof(b));
++	memset(out, 0, 8);
++	for (i = 0, p = 0; i < 6; i++, p += 11) 
++	{
++		if ((word = strtok_r(i == 0 ? input : NULL, " ", &last)) == NULL) 
++			return -1;
++
++		l = strlen (word);
++		if (l > 4 || l < 1)
++			return -1;
++		else if (l < 4) 
++		{
+ 			low = 0;
+ 			high = 570;
+-		} else {
++		} 
++		else 
++		{
+ 			low = 571;
+ 			high = 2047;
+ 		}
+ 		standard(word);
+ 
+ 		if ((v = wsrch(word, low, high)) < 0) 
+-			return(0);
++			return 0;
+ 
+ 		insert(b, v, p, 11);
+ 	}
+@@ -2167,55 +2162,47 @@
+ 		p += extract (b, i, 2);
+ 
+ 	if ((p & 3) != extract (b, 64, 2)) 
+-		return(-2);
++		return -2;
+ 
+-	(void)memcpy(out, b, SKEY_BINKEY_SIZE);
++	memcpy(out, b, 8);
+ 
+-	return(1);
++	return 1;
+ }
+ 
+ /* Display 8 bytes as a series of 16-bit hex digits */
+-char *
+-put8(out, s)
+-	char *out;
+-	char *s;
++char *put8(char *out, const char *s)
+ {
+-	(void)sprintf(out, "%02X%02X %02X%02X %02X%02X %02X%02X",
++	sprintf(out, "%02X%02X %02X%02X %02X%02X %02X%02X",
+ 			s[0] & 0xff, s[1] & 0xff, s[2] & 0xff,
+ 			s[3] & 0xff, s[4] & 0xff, s[5] & 0xff,
+ 			s[6] & 0xff, s[7] & 0xff);
+-	return(out);
++	return out;
+ }
+ 
+ #ifdef	notdef
+ /* Encode 8 bytes in 'cp' as stream of ascii letters.
+  * Provided as a possible alternative to btoe()
+  */
+-char *
+-btoc(cp)
+-	char *cp;
++char *btoc(char *cp)
+ {
+ 	int i;
+ 	static char out[31];
+ 
+ 	/* code out put by characters 6 bits each added to 0x21 (!) */
+-	for (i = 0; i <= 10; i++) {
++	for (i = 0; i <= 10; i++) 
++	{
+ 		/* last one is only 4 bits not 6 */
+ 		out[i] = '!' + extract (cp, 6 * i, i >= 10 ? 4 : 6);
+ 	}
+ 	out[i] = '\0';
+-	return(out);
++	return out;
+ }
+ #endif
+ 
+ /* Internal subroutines for word encoding/decoding */
+ 
+ /* Dictionary binary search */
+-static int
+-wsrch(w, low, high)
+-	char *w;
+-	int low;
+-	int high;
++static int wsrch(const char *w, int low, int high)
+ {
+ 	int i, j;
+ 
+@@ -2223,18 +2210,18 @@
+ 		i = (low + high) / 2;
+ 
+ 		if ((j = strncmp(w, Wp[i], 4)) == 0)
+-			return(i);			/* Found it */
+-
+-		if (high == low + 1) {
++			return i;			/* Found it */
++		if (high == low + 1) 
++		{
+ 			/* Avoid effects of integer truncation in /2 */
+ 			if (strncmp(w, Wp[high], 4) == 0)
+-				return(high);
++				return high;
+ 			else
+-				return(-1);
++				return -1;
+ 		}
+ 
+ 		if (low >= high)
+-			return(-1);	/* I don't *think* this can happen... */
++			return -1;	/* I don't *think* this can happen... */
+ 		if (j < 0)
+ 			high = i;	/* Search lower half */
+ 		else
+@@ -2242,12 +2229,7 @@
+ 	}
+ }
+ 
+-static void
+-insert(s, x, start, length)
+-	char *s;
+-	int x;
+-	int start;
+-	int length;
++static void insert(char *s, int x, int start, int length)
+ {
+ 	unsigned char cl;
+ 	unsigned char cc;
+@@ -2261,25 +2243,28 @@
+ 	assert(start + length <= 66);
+ 
+ 	shift = ((8 - ((start + length) % 8)) % 8);
+-	y = x << shift;
++	y = (int) x << shift;
+ 	cl = (y >> 16) & 0xff;
+ 	cc = (y >> 8) & 0xff;
+ 	cr = y & 0xff;
+-	if (shift + length > 16) {
++	if (shift + length > 16) 
++	{
+ 		s[start / 8] |= cl;
+ 		s[start / 8 + 1] |= cc;
+ 		s[start / 8 + 2] |= cr;
+-	} else if (shift + length > 8) {
++	} 
++	else if (shift + length > 8) 
++	{
+ 		s[start / 8] |= cc;
+ 		s[start / 8 + 1] |= cr;
+-	} else {
++	} 
++	else 
++	{
+ 		s[start / 8] |= cr;
+  	}
+ }
+ 
+-static void
+-standard(word)
+-	register char *word;
++static void standard(char *word)
+ {
+ 	while (*word) {
+ 		if (!isascii(*word))
+@@ -2297,11 +2282,7 @@
+ }
+ 
+ /* Extract 'length' bits from the char array 's' starting with bit 'start' */
+-static unsigned int
+-extract(s, start, length)
+-	char *s;
+-	int start;
+-	int length;
++static unsigned int extract(char *s, int start, int length)
+ {
+ 	unsigned char cl;
+ 	unsigned char cc;
+@@ -2320,5 +2301,5 @@
+ 	x = x >> (24 - (length + (start % 8)));
+ 	x = (x & (0xffff >> (16 - length)));
+ 
+-	return(x);
++	return x;
+ }
+--- skey-1.1.5.orig/rmd160.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/rmd160.c	1970-01-01 01:00:00.000000000 +0100
+@@ -1,428 +0,0 @@
+-/********************************************************************\
+- *
+- *      FILE:     rmd160.c
+- *
+- *      CONTENTS: A sample C-implementation of the RIPEMD-160
+- *		  hash-function.
+- *      TARGET:   any computer with an ANSI C compiler
+- *
+- *      AUTHOR:   Antoon Bosselaers, ESAT-COSIC
+- *		  (Arranged for libc by Todd C. Miller)
+- *      DATE:     1 March 1996
+- *      VERSION:  1.0
+- *
+- *      Copyright (c) Katholieke Universiteit Leuven
+- *      1996, All Rights Reserved
+- *
+-\********************************************************************/
+-#ifndef HAVE_RMD160_H
+-
+-/* header files */
+-#include <stdio.h>
+-#include <stdlib.h>
+-#include <string.h>
+-#include <sys/types.h>
+-#include "config.h"
+-#include "rmd160.h"
+-
+-/********************************************************************/
+-
+-/* macro definitions */
+-
+-/* collect four bytes into one word: */
+-#define BYTES_TO_DWORD(strptr)			\
+-    (((u_int32_t) *((strptr)+3) << 24) |	\
+-    ((u_int32_t) *((strptr)+2) << 16) |		\
+-    ((u_int32_t) *((strptr)+1) <<  8) |		\
+-    ((u_int32_t) *(strptr)))
+-
+-/* ROL(x, n) cyclically rotates x over n bits to the left */
+-/* x must be of an unsigned 32 bits type and 0 <= n < 32. */
+-#define ROL(x, n)	(((x) << (n)) | ((x) >> (32-(n))))
+-
+-/* the three basic functions F(), G() and H() */
+-#define F(x, y, z)	((x) ^ (y) ^ (z))
+-#define G(x, y, z)	(((x) & (y)) | (~(x) & (z)))
+-#define H(x, y, z)	(((x) | ~(y)) ^ (z))
+-#define I(x, y, z)	(((x) & (z)) | ((y) & ~(z)))
+-#define J(x, y, z)	((x) ^ ((y) | ~(z)))
+-
+-/* the eight basic operations FF() through III() */
+-#define FF(a, b, c, d, e, x, s)	{			\
+-      (a) += F((b), (c), (d)) + (x);			\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define GG(a, b, c, d, e, x, s)	{			\
+-      (a) += G((b), (c), (d)) + (x) + 0x5a827999U;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define HH(a, b, c, d, e, x, s)	{			\
+-      (a) += H((b), (c), (d)) + (x) + 0x6ed9eba1U;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define II(a, b, c, d, e, x, s)	{			\
+-      (a) += I((b), (c), (d)) + (x) + 0x8f1bbcdcU;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define JJ(a, b, c, d, e, x, s)	{			\
+-      (a) += J((b), (c), (d)) + (x) + 0xa953fd4eU;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define FFF(a, b, c, d, e, x, s)	{		\
+-      (a) += F((b), (c), (d)) + (x);			\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define GGG(a, b, c, d, e, x, s)	{		\
+-      (a) += G((b), (c), (d)) + (x) + 0x7a6d76e9U;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define HHH(a, b, c, d, e, x, s)	{		\
+-      (a) += H((b), (c), (d)) + (x) + 0x6d703ef3U;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define III(a, b, c, d, e, x, s)	{		\
+-      (a) += I((b), (c), (d)) + (x) + 0x5c4dd124U;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-#define JJJ(a, b, c, d, e, x, s)	{		\
+-      (a) += J((b), (c), (d)) + (x) + 0x50a28be6U;	\
+-      (a) = ROL((a), (s)) + (e);			\
+-      (c) = ROL((c), 10);				\
+-}
+-
+-/********************************************************************/
+-
+-void
+-RMD160Init(context)
+-	RMD160_CTX *context;
+-{
+-
+-	/* ripemd-160 initialization constants */
+-	context->state[0] = 0x67452301U;
+-	context->state[1] = 0xefcdab89U;
+-	context->state[2] = 0x98badcfeU;
+-	context->state[3] = 0x10325476U;
+-	context->state[4] = 0xc3d2e1f0U;
+-	context->length[0] = context->length[1] = 0;
+-	context->buflen = 0;
+-}
+-
+-/********************************************************************/
+-
+-void
+-RMD160Transform(state, block)
+-	u_int32_t state[5];
+-	const u_int32_t block[16];
+-{
+-	u_int32_t aa = state[0],  bb = state[1],  cc = state[2],
+-	    dd = state[3],  ee = state[4];
+-	u_int32_t aaa = state[0], bbb = state[1], ccc = state[2],
+-	    ddd = state[3], eee = state[4];
+-
+-	/* round 1 */
+-	FF(aa, bb, cc, dd, ee, block[ 0], 11);
+-	FF(ee, aa, bb, cc, dd, block[ 1], 14);
+-	FF(dd, ee, aa, bb, cc, block[ 2], 15);
+-	FF(cc, dd, ee, aa, bb, block[ 3], 12);
+-	FF(bb, cc, dd, ee, aa, block[ 4],  5);
+-	FF(aa, bb, cc, dd, ee, block[ 5],  8);
+-	FF(ee, aa, bb, cc, dd, block[ 6],  7);
+-	FF(dd, ee, aa, bb, cc, block[ 7],  9);
+-	FF(cc, dd, ee, aa, bb, block[ 8], 11);
+-	FF(bb, cc, dd, ee, aa, block[ 9], 13);
+-	FF(aa, bb, cc, dd, ee, block[10], 14);
+-	FF(ee, aa, bb, cc, dd, block[11], 15);
+-	FF(dd, ee, aa, bb, cc, block[12],  6);
+-	FF(cc, dd, ee, aa, bb, block[13],  7);
+-	FF(bb, cc, dd, ee, aa, block[14],  9);
+-	FF(aa, bb, cc, dd, ee, block[15],  8);
+-
+-	/* round 2 */
+-	GG(ee, aa, bb, cc, dd, block[ 7],  7);
+-	GG(dd, ee, aa, bb, cc, block[ 4],  6);
+-	GG(cc, dd, ee, aa, bb, block[13],  8);
+-	GG(bb, cc, dd, ee, aa, block[ 1], 13);
+-	GG(aa, bb, cc, dd, ee, block[10], 11);
+-	GG(ee, aa, bb, cc, dd, block[ 6],  9);
+-	GG(dd, ee, aa, bb, cc, block[15],  7);
+-	GG(cc, dd, ee, aa, bb, block[ 3], 15);
+-	GG(bb, cc, dd, ee, aa, block[12],  7);
+-	GG(aa, bb, cc, dd, ee, block[ 0], 12);
+-	GG(ee, aa, bb, cc, dd, block[ 9], 15);
+-	GG(dd, ee, aa, bb, cc, block[ 5],  9);
+-	GG(cc, dd, ee, aa, bb, block[ 2], 11);
+-	GG(bb, cc, dd, ee, aa, block[14],  7);
+-	GG(aa, bb, cc, dd, ee, block[11], 13);
+-	GG(ee, aa, bb, cc, dd, block[ 8], 12);
+-
+-	/* round 3 */
+-	HH(dd, ee, aa, bb, cc, block[ 3], 11);
+-	HH(cc, dd, ee, aa, bb, block[10], 13);
+-	HH(bb, cc, dd, ee, aa, block[14],  6);
+-	HH(aa, bb, cc, dd, ee, block[ 4],  7);
+-	HH(ee, aa, bb, cc, dd, block[ 9], 14);
+-	HH(dd, ee, aa, bb, cc, block[15],  9);
+-	HH(cc, dd, ee, aa, bb, block[ 8], 13);
+-	HH(bb, cc, dd, ee, aa, block[ 1], 15);
+-	HH(aa, bb, cc, dd, ee, block[ 2], 14);
+-	HH(ee, aa, bb, cc, dd, block[ 7],  8);
+-	HH(dd, ee, aa, bb, cc, block[ 0], 13);
+-	HH(cc, dd, ee, aa, bb, block[ 6],  6);
+-	HH(bb, cc, dd, ee, aa, block[13],  5);
+-	HH(aa, bb, cc, dd, ee, block[11], 12);
+-	HH(ee, aa, bb, cc, dd, block[ 5],  7);
+-	HH(dd, ee, aa, bb, cc, block[12],  5);
+-
+-	/* round 4 */
+-	II(cc, dd, ee, aa, bb, block[ 1], 11);
+-	II(bb, cc, dd, ee, aa, block[ 9], 12);
+-	II(aa, bb, cc, dd, ee, block[11], 14);
+-	II(ee, aa, bb, cc, dd, block[10], 15);
+-	II(dd, ee, aa, bb, cc, block[ 0], 14);
+-	II(cc, dd, ee, aa, bb, block[ 8], 15);
+-	II(bb, cc, dd, ee, aa, block[12],  9);
+-	II(aa, bb, cc, dd, ee, block[ 4],  8);
+-	II(ee, aa, bb, cc, dd, block[13],  9);
+-	II(dd, ee, aa, bb, cc, block[ 3], 14);
+-	II(cc, dd, ee, aa, bb, block[ 7],  5);
+-	II(bb, cc, dd, ee, aa, block[15],  6);
+-	II(aa, bb, cc, dd, ee, block[14],  8);
+-	II(ee, aa, bb, cc, dd, block[ 5],  6);
+-	II(dd, ee, aa, bb, cc, block[ 6],  5);
+-	II(cc, dd, ee, aa, bb, block[ 2], 12);
+-
+-	/* round 5 */
+-	JJ(bb, cc, dd, ee, aa, block[ 4],  9);
+-	JJ(aa, bb, cc, dd, ee, block[ 0], 15);
+-	JJ(ee, aa, bb, cc, dd, block[ 5],  5);
+-	JJ(dd, ee, aa, bb, cc, block[ 9], 11);
+-	JJ(cc, dd, ee, aa, bb, block[ 7],  6);
+-	JJ(bb, cc, dd, ee, aa, block[12],  8);
+-	JJ(aa, bb, cc, dd, ee, block[ 2], 13);
+-	JJ(ee, aa, bb, cc, dd, block[10], 12);
+-	JJ(dd, ee, aa, bb, cc, block[14],  5);
+-	JJ(cc, dd, ee, aa, bb, block[ 1], 12);
+-	JJ(bb, cc, dd, ee, aa, block[ 3], 13);
+-	JJ(aa, bb, cc, dd, ee, block[ 8], 14);
+-	JJ(ee, aa, bb, cc, dd, block[11], 11);
+-	JJ(dd, ee, aa, bb, cc, block[ 6],  8);
+-	JJ(cc, dd, ee, aa, bb, block[15],  5);
+-	JJ(bb, cc, dd, ee, aa, block[13],  6);
+-
+-	/* parallel round 1 */
+-	JJJ(aaa, bbb, ccc, ddd, eee, block[ 5],  8);
+-	JJJ(eee, aaa, bbb, ccc, ddd, block[14],  9);
+-	JJJ(ddd, eee, aaa, bbb, ccc, block[ 7],  9);
+-	JJJ(ccc, ddd, eee, aaa, bbb, block[ 0], 11);
+-	JJJ(bbb, ccc, ddd, eee, aaa, block[ 9], 13);
+-	JJJ(aaa, bbb, ccc, ddd, eee, block[ 2], 15);
+-	JJJ(eee, aaa, bbb, ccc, ddd, block[11], 15);
+-	JJJ(ddd, eee, aaa, bbb, ccc, block[ 4],  5);
+-	JJJ(ccc, ddd, eee, aaa, bbb, block[13],  7);
+-	JJJ(bbb, ccc, ddd, eee, aaa, block[ 6],  7);
+-	JJJ(aaa, bbb, ccc, ddd, eee, block[15],  8);
+-	JJJ(eee, aaa, bbb, ccc, ddd, block[ 8], 11);
+-	JJJ(ddd, eee, aaa, bbb, ccc, block[ 1], 14);
+-	JJJ(ccc, ddd, eee, aaa, bbb, block[10], 14);
+-	JJJ(bbb, ccc, ddd, eee, aaa, block[ 3], 12);
+-	JJJ(aaa, bbb, ccc, ddd, eee, block[12],  6);
+-
+-	/* parallel round 2 */
+-	III(eee, aaa, bbb, ccc, ddd, block[ 6],  9);
+-	III(ddd, eee, aaa, bbb, ccc, block[11], 13);
+-	III(ccc, ddd, eee, aaa, bbb, block[ 3], 15);
+-	III(bbb, ccc, ddd, eee, aaa, block[ 7],  7);
+-	III(aaa, bbb, ccc, ddd, eee, block[ 0], 12);
+-	III(eee, aaa, bbb, ccc, ddd, block[13],  8);
+-	III(ddd, eee, aaa, bbb, ccc, block[ 5],  9);
+-	III(ccc, ddd, eee, aaa, bbb, block[10], 11);
+-	III(bbb, ccc, ddd, eee, aaa, block[14],  7);
+-	III(aaa, bbb, ccc, ddd, eee, block[15],  7);
+-	III(eee, aaa, bbb, ccc, ddd, block[ 8], 12);
+-	III(ddd, eee, aaa, bbb, ccc, block[12],  7);
+-	III(ccc, ddd, eee, aaa, bbb, block[ 4],  6);
+-	III(bbb, ccc, ddd, eee, aaa, block[ 9], 15);
+-	III(aaa, bbb, ccc, ddd, eee, block[ 1], 13);
+-	III(eee, aaa, bbb, ccc, ddd, block[ 2], 11);
+-
+-	/* parallel round 3 */
+-	HHH(ddd, eee, aaa, bbb, ccc, block[15],  9);
+-	HHH(ccc, ddd, eee, aaa, bbb, block[ 5],  7);
+-	HHH(bbb, ccc, ddd, eee, aaa, block[ 1], 15);
+-	HHH(aaa, bbb, ccc, ddd, eee, block[ 3], 11);
+-	HHH(eee, aaa, bbb, ccc, ddd, block[ 7],  8);
+-	HHH(ddd, eee, aaa, bbb, ccc, block[14],  6);
+-	HHH(ccc, ddd, eee, aaa, bbb, block[ 6],  6);
+-	HHH(bbb, ccc, ddd, eee, aaa, block[ 9], 14);
+-	HHH(aaa, bbb, ccc, ddd, eee, block[11], 12);
+-	HHH(eee, aaa, bbb, ccc, ddd, block[ 8], 13);
+-	HHH(ddd, eee, aaa, bbb, ccc, block[12],  5);
+-	HHH(ccc, ddd, eee, aaa, bbb, block[ 2], 14);
+-	HHH(bbb, ccc, ddd, eee, aaa, block[10], 13);
+-	HHH(aaa, bbb, ccc, ddd, eee, block[ 0], 13);
+-	HHH(eee, aaa, bbb, ccc, ddd, block[ 4],  7);
+-	HHH(ddd, eee, aaa, bbb, ccc, block[13],  5);
+-
+-	/* parallel round 4 */
+-	GGG(ccc, ddd, eee, aaa, bbb, block[ 8], 15);
+-	GGG(bbb, ccc, ddd, eee, aaa, block[ 6],  5);
+-	GGG(aaa, bbb, ccc, ddd, eee, block[ 4],  8);
+-	GGG(eee, aaa, bbb, ccc, ddd, block[ 1], 11);
+-	GGG(ddd, eee, aaa, bbb, ccc, block[ 3], 14);
+-	GGG(ccc, ddd, eee, aaa, bbb, block[11], 14);
+-	GGG(bbb, ccc, ddd, eee, aaa, block[15],  6);
+-	GGG(aaa, bbb, ccc, ddd, eee, block[ 0], 14);
+-	GGG(eee, aaa, bbb, ccc, ddd, block[ 5],  6);
+-	GGG(ddd, eee, aaa, bbb, ccc, block[12],  9);
+-	GGG(ccc, ddd, eee, aaa, bbb, block[ 2], 12);
+-	GGG(bbb, ccc, ddd, eee, aaa, block[13],  9);
+-	GGG(aaa, bbb, ccc, ddd, eee, block[ 9], 12);
+-	GGG(eee, aaa, bbb, ccc, ddd, block[ 7],  5);
+-	GGG(ddd, eee, aaa, bbb, ccc, block[10], 15);
+-	GGG(ccc, ddd, eee, aaa, bbb, block[14],  8);
+-
+-	/* parallel round 5 */
+-	FFF(bbb, ccc, ddd, eee, aaa, block[12] ,  8);
+-	FFF(aaa, bbb, ccc, ddd, eee, block[15] ,  5);
+-	FFF(eee, aaa, bbb, ccc, ddd, block[10] , 12);
+-	FFF(ddd, eee, aaa, bbb, ccc, block[ 4] ,  9);
+-	FFF(ccc, ddd, eee, aaa, bbb, block[ 1] , 12);
+-	FFF(bbb, ccc, ddd, eee, aaa, block[ 5] ,  5);
+-	FFF(aaa, bbb, ccc, ddd, eee, block[ 8] , 14);
+-	FFF(eee, aaa, bbb, ccc, ddd, block[ 7] ,  6);
+-	FFF(ddd, eee, aaa, bbb, ccc, block[ 6] ,  8);
+-	FFF(ccc, ddd, eee, aaa, bbb, block[ 2] , 13);
+-	FFF(bbb, ccc, ddd, eee, aaa, block[13] ,  6);
+-	FFF(aaa, bbb, ccc, ddd, eee, block[14] ,  5);
+-	FFF(eee, aaa, bbb, ccc, ddd, block[ 0] , 15);
+-	FFF(ddd, eee, aaa, bbb, ccc, block[ 3] , 13);
+-	FFF(ccc, ddd, eee, aaa, bbb, block[ 9] , 11);
+-	FFF(bbb, ccc, ddd, eee, aaa, block[11] , 11);
+-
+-	/* combine results */
+-	ddd += cc + state[1];		/* final result for state[0] */
+-	state[1] = state[2] + dd + eee;
+-	state[2] = state[3] + ee + aaa;
+-	state[3] = state[4] + aa + bbb;
+-	state[4] = state[0] + bb + ccc;
+-	state[0] = ddd;
+-}
+-
+-/********************************************************************/
+-
+-void
+-RMD160Update(context, data, nbytes)
+-	RMD160_CTX *context;
+-	const u_char *data;
+-	u_int32_t nbytes;
+-{
+-	u_int32_t X[16];
+-	u_int32_t ofs = 0;
+-	u_int32_t i;
+-#ifdef WORDS_BIGENDIAN
+-	u_int32_t j;
+-#endif
+-
+-	/* update length[] */
+-	if (context->length[0] + nbytes < context->length[0])
+-		context->length[1]++;		/* overflow to msb of length */
+-	context->length[0] += nbytes;
+-
+-	(void)memset(X, 0, sizeof(X));
+-
+-        if ( context->buflen + nbytes < 64 )
+-        {
+-                (void)memcpy(context->bbuffer + context->buflen, data, nbytes);
+-                context->buflen += nbytes;
+-        }
+-        else
+-        {
+-                /* process first block */
+-                ofs = 64 - context->buflen;
+-                (void)memcpy(context->bbuffer + context->buflen, data, ofs);
+-#ifndef WORDS_BIGENDIAN
+-                (void)memcpy(X, context->bbuffer, sizeof(X));
+-#else
+-                for (j=0; j < 16; j++)
+-                        X[j] = BYTES_TO_DWORD(context->bbuffer + (4 * j));
+-#endif
+-                RMD160Transform(context->state, X);
+-                nbytes -= ofs;
+-
+-                /* process remaining complete blocks */
+-                for (i = 0; i < (nbytes >> 6); i++) {
+-#ifndef WORDS_BIGENDIAN
+-                        (void)memcpy(X, data + (64 * i) + ofs, sizeof(X));
+-#else
+-                        for (j=0; j < 16; j++)
+-                                X[j] = BYTES_TO_DWORD(data + (64 * i) + (4 * j) + ofs);
+-#endif
+-                        RMD160Transform(context->state, X);
+-                }
+-
+-                /*
+-                 * Put last bytes from data into context's buffer
+-                 */
+-                context->buflen = nbytes & 63;
+-                memcpy(context->bbuffer, data + (64 * i) + ofs, context->buflen);
+-        }
+-}
+-
+-/********************************************************************/
+-
+-void
+-RMD160Final(digest, context)
+-	u_char digest[20];
+-	RMD160_CTX *context;
+-{
+-	u_int32_t i;
+-	u_int32_t X[16];
+-#ifdef WORDS_BIGENDIAN
+-	u_int32_t j;
+-#endif
+-
+-	/* append the bit m_n == 1 */
+-	context->bbuffer[context->buflen] = '\200';
+-
+-	(void)memset(context->bbuffer + context->buflen + 1, 0,
+-		63 - context->buflen);
+-#ifndef WORDS_BIGENDIAN
+-	(void)memcpy(X, context->bbuffer, sizeof(X));
+-#else
+-	for (j=0; j < 16; j++)
+-		X[j] = BYTES_TO_DWORD(context->bbuffer + (4 * j));
+-#endif
+-	if ((context->buflen) > 55) {
+-		/* length goes to next block */
+-		RMD160Transform(context->state, X);
+-		(void)memset(X, 0, sizeof(X));
+-	}
+-
+-	/* append length in bits */
+-	X[14] = context->length[0] << 3;
+-	X[15] = (context->length[0] >> 29) |
+-	    (context->length[1] << 3);
+-	RMD160Transform(context->state, X);
+-
+-	if (digest != NULL) {
+-		for (i = 0; i < 20; i += 4) {
+-			/* extracts the 8 least significant bits. */
+-			digest[i]     =  context->state[i>>2];
+-			digest[i + 1] = (context->state[i>>2] >>  8);
+-			digest[i + 2] = (context->state[i>>2] >> 16);
+-			digest[i + 3] = (context->state[i>>2] >> 24);
+-		}
+-	}
+-}
+-
+-/************************ end of file rmd160.c **********************/
+-#endif
+--- skey-1.1.5.orig/rmd160.h	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/rmd160.h	1970-01-01 01:00:00.000000000 +0100
+@@ -1,48 +0,0 @@
+-/*	$OpenBSD: rmd160.h,v 1.4 1999/08/16 09:59:04 millert Exp $	*/
+-
+-/********************************************************************\
+- *
+- *      FILE:     rmd160.h
+- *
+- *      CONTENTS: Header file for a sample C-implementation of the
+- *                RIPEMD-160 hash-function. 
+- *      TARGET:   any computer with an ANSI C compiler
+- *
+- *      AUTHOR:   Antoon Bosselaers, ESAT-COSIC
+- *      DATE:     1 March 1996
+- *      VERSION:  1.0
+- *
+- *      Copyright (c) Katholieke Universiteit Leuven
+- *      1996, All Rights Reserved
+- *
+-\********************************************************************/
+-
+-#ifndef  _RMD160_H	/* make sure this file is read only once */
+-#define  _RMD160_H
+-
+-/********************************************************************/
+-
+-/* structure definitions */
+-
+-typedef struct {
+-	u_int32_t state[5];	/* state (ABCDE) */
+-	u_int32_t length[2];	/* number of bits */
+-	u_char	bbuffer[64];    /* overflow buffer */
+-	u_int32_t buflen;	/* number of chars in bbuffer */
+-} RMD160_CTX;
+-
+-/********************************************************************/
+-
+-/* function prototypes */
+-
+-void RMD160Init __P((RMD160_CTX *context));
+-void RMD160Transform __P((u_int32_t state[5], const u_int32_t block[16]));
+-void RMD160Update __P((RMD160_CTX *context, const u_char *data, u_int32_t nbytes));
+-void RMD160Final __P((u_char digest[20], RMD160_CTX *context));
+-char *RMD160End __P((RMD160_CTX *, char *));
+-char *RMD160File __P((char *, char *));
+-char *RMD160Data __P((const u_char *, size_t, char *));
+-
+-#endif  /* _RMD160_H */
+-
+-/*********************** end of file rmd160.h ***********************/
+--- skey-1.1.5.orig/rmd160hl.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/rmd160hl.c	1970-01-01 01:00:00.000000000 +0100
+@@ -1,85 +0,0 @@
+-/* rmd160hl.c
+- * ----------------------------------------------------------------------------
+- * "THE BEER-WARE LICENSE" (Revision 42):
+- * <phk@login.dkuug.dk> wrote this file.  As long as you retain this notice you
+- * can do whatever you want with this stuff. If we meet some day, and you think
+- * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
+- * ----------------------------------------------------------------------------
+- */
+-
+-#if defined(LIBC_SCCS) && !defined(lint)
+-static char rcsid[] = "$OpenBSD: rmd160hl.c,v 1.2 1999/08/17 09:13:12 millert Exp $";
+-#endif /* LIBC_SCCS and not lint */
+-
+-#include <stdlib.h>
+-#include <stdio.h>
+-#include <errno.h>
+-#include <fcntl.h>
+-#include <sys/types.h>
+-#include <sys/uio.h>
+-#include <unistd.h>
+-#include "config.h"
+-#ifdef HAVE_RMD160_H
+-#include <rmd160.h>
+-#else
+-#include "rmd160.h"
+-#endif
+-
+-/* ARGSUSED */
+-char *
+-RMD160End(ctx, buf)
+-    RMD160_CTX *ctx;
+-    char *buf;
+-{
+-    int i;
+-    char *p = buf;
+-    u_char digest[20];
+-    static const char hex[]="0123456789abcdef";
+-
+-    if (p == NULL && (p = malloc(41)) == NULL)
+-	return 0;
+-
+-    RMD160Final(digest,ctx);
+-    for (i = 0; i < 20; i++) {
+-	p[i + i] = hex[digest[i] >> 4];
+-	p[i + i + 1] = hex[digest[i] & 0x0f];
+-    }
+-    p[i + i] = '\0';
+-    return(p);
+-}
+-
+-char *
+-RMD160File (filename, buf)
+-    char *filename;
+-    char *buf;
+-{
+-    u_char buffer[BUFSIZ];
+-    RMD160_CTX ctx;
+-    int fd, num, oerrno;
+-
+-    RMD160Init(&ctx);
+-
+-    if ((fd = open(filename, O_RDONLY)) < 0)
+-	return(0);
+-
+-    while ((num = read(fd, buffer, sizeof(buffer))) > 0)
+-	RMD160Update(&ctx, buffer, num);
+-
+-    oerrno = errno;
+-    close(fd);
+-    errno = oerrno;
+-    return(num < 0 ? 0 : RMD160End(&ctx, buf));
+-}
+-
+-char *
+-RMD160Data (data, len, buf)
+-    const u_char *data;
+-    size_t len;
+-    char *buf;
+-{
+-    RMD160_CTX ctx;
+-
+-    RMD160Init(&ctx);
+-    RMD160Update(&ctx, data, len);
+-    return(RMD160End(&ctx, buf));
+-}
+--- skey-1.1.5.orig/skey.1	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skey.1	2003-11-06 17:46:45.000000000 +0000
+@@ -1,95 +1,165 @@
+-.\" $OpenBSD: skey.1,v 1.21 2000/11/09 17:52:38 aaron Exp $
+-.\"	@(#)skey.1	1.1 	10/28/93
++.\"	$NetBSD: skey.1,v 1.21 2003/09/07 16:22:24 wiz Exp $
+ .\"
+-.Dd October 28, 1993
++.\"	from: @(#)skey.1	1.1 	10/28/93
++.\"
++.Dd July 25, 2001
+ .Dt SKEY 1
+ .Os
+ .Sh NAME
+-.Nm skey, otp-md4, otp-md5, otp-sha1, otp-rmd160
++.Nm skey
+ .Nd respond to an OTP challenge
+ .Sh SYNOPSIS
+-.Nm skey
+-.Op Fl x
+-.Oo
+-.Fl md4 | Fl md5 | Fl sha1 |
+-.Fl rmd160
+-.Oc
++.Nm
+ .Op Fl n Ar count
+-.Op Fl p Ar passwd
+-<sequence#>[/] key
++.Op Fl p Ar password
++.Op Fl t Ar hash
++.Op Fl x
++.Ar sequence#
++.Op /
++.Ar key
+ .Sh DESCRIPTION
+-.Nm S/key
+-is a procedure for using one-time passwords to authenticate access to
+-computer systems.
+-It uses 64 bits of information transformed by the
+-MD4, MD5, SHA1, or RIPEMD-160 algorithms.
+-The user supplies the 64 bits
+-in the form of 6 English words that are generated by a secure computer.
+-This implementation of
+-.Nm s/key
+-is RFC 1938 compliant.
++.Em S/Key
++is a One Time Password (OTP) authentication system.
++It is intended to be used when the communication channel between
++a user and host is not secure (e.g. not encrypted or hardwired).
++Since each password is used only once, even if it is "seen" by a
++hostile third party, it cannot be used again to gain access to the host.
+ .Pp
+-When
+-.Nm skey
+-is invoked as
+-.Nm otp-method ,
+-.Nm skey
+-will use
+-.Ar method
+-as the hash function where
+-.Ar method
+-is currently one of md4, md5, sha1, or rmd160.
++.Em S/Key
++uses 64 bits of information, transformed by the
++.Tn MD4
++algorithm into 6 English words.
++The user supplies the words to authenticate himself to programs like
++.Xr login 1
++or
++.Xr ftpd 8 .
++.Pp
++Example use of the
++.Em S/Key
++program
++.Nm :
++.Bd -literal -offset indent
++% skey  99  th91334
++Enter password: \*[Lt]your secret password is entered here\*[Gt]
++OMEN US HORN OMIT BACK AHOY
++%
++.Ed
++.Pp
++The string that is given back by
++.Nm
++can then be used to log into a system.
++.Pp
++The programs that are part of the
++.Em S/Key
++system are:
++.Bl -tag -width skeyauditxxx
++.It Xr skeyinit 1
++used to set up your
++.Em S/Key .
++.It Nm
++used to get the one time password(s).
++.It Xr skeyinfo 1
++used to initialize the
++.Em S/Key
++database for the specified user.
++It also tells the user what the next challenge will be.
++.It Xr skeyaudit 1
++used to inform users that they will soon have to rerun
++.Xr skeyinit 1 .
++.El
+ .Pp
+-If you misspell your password while running
+-.Nm skey ,
++When you run
++.Xr skeyinit 1
++you inform the system of your
++secret password.
++Running
++.Nm
++then generates the
++one-time password(s), after requiring your secret password.
++If however, you misspell your secret password that you have given to
++.Xr skeyinit 1
++while running
++.Xr skey 1
+ you will get a list of passwords
+-that will not work, and no indication of the problem.
++that will not work, and no indication about the problem.
+ .Pp
+-Password sequence numbers count backwards.
++Password sequence numbers count backward from 99.
+ You can enter the passwords using small letters, even though
+-.Nm skey
++.Xr skey 1
+ prints them capitalized.
+ .Pp
+-The options are as follows:
+-.Bl -tag -width Ds
+-.It Fl n Ar count
+-Prints out
++The
++.Fl n Ar count
++argument asks for
+ .Ar count
+-one-time passwords.
+-The default is to print one.
+-.It Fl p Ar password
+-Uses
+-.Ar password
+-as the secret password.
+-Use of this option is discouraged as
+-your secret password could be visible in a process listing.
+-.It Fl x
+-Causes output to be in hexadecimal instead of ASCII.
+-.It Fl md4
+-Selects MD4 as the hash algorithm.
+-.It Fl md5
+-Selects MD5 as the hash algorithm.
+-.It Fl sha1
+-Selects SHA-1 (NIST Secure Hash Algorithm Revision 1) as the hash algorithm.
+-.It Fl rmd160
+-Selects RMD-160 (160 bit Ripe Message Digest) as the hash algorithm.
+-.El
++password sequences to be printed out ending with the requested
++sequence number.
++.Pp
++The hash algorithm is selected using the
++.Fl t Ar hash
++option, possible choices here are md4, md5 or sha1.
++.Pp
++The
++.Fl p Ar password
++allows the user to specify the
++.Em S/Key
++password on the command line.
++.Pp
++To output the S/Key list in hexadecimal instead of words,
++use the
++.Fl x
++option.
+ .Sh EXAMPLES
+-.sp 0
+-    % skey 99 th91334
+-.sp 0
+-    Enter secret password: <your secret password is entered here>
+-.sp 0
+-    OMEN US HORN OMIT BACK AHOY
+-.sp 0
+-    %
++Initialize generation of one time passwords:
++.Bd -literal -offset indent
++host% skeyinit
++Password: \*[Lt]normal login password\*[Gt]
++[Adding username]
++Enter secret password: \*[Lt]new secret password\*[Gt]
++Again secret password: \*[Lt]new secret password again\*[Gt]
++ID username s/key is 99 host12345
++Next login password: SOME SIX WORDS THAT WERE COMPUTED
++.Ed
++.Pp
++Produce a list of one time passwords to take with to a conference:
++.Bd -literal -offset indent
++host% skey -n 3 99 host12345
++Enter secret password: \*[Lt]secret password as used with skeyinit\*[Gt]
++97: NOSE FOOT RUSH FEAR GREY JUST
++98: YAWN LEO DEED BIND WACK BRAE
++99: SOME SIX WORDS THAT WERE COMPUTED
++.Ed
++.Pp
++Logging in to a host where
++.Nm
++is installed:
++.Bd -literal -offset indent
++host% telnet host
++
++login: \*[Lt]username\*[Gt]
++Password [s/key 97 host12345]:
++.Ed
++.Pp
++Note that the user can use either his/her
++.Em S/Key
++password at the prompt but also the normal one unless the
++.Fl s
++flag is given to
++.Xr login 1 .
+ .Sh SEE ALSO
+ .Xr login 1 ,
++.Xr skeyaudit 1 ,
+ .Xr skeyinfo 1 ,
+-.Xr skeyinit 1
++.Xr skeyinit 1 ,
++.Xr ftpd 8
+ .Pp
+-.Em RFC1938
++.Em RFC 2289
+ .Sh TRADEMARKS AND PATENTS
+-S/Key is a Trademark of Bellcore.
++.Em S/Key
++is a trademark of
++.Tn Bellcore .
+ .Sh AUTHORS
+-Phil Karn, Neil M. Haller, John S. Walden, Scott Chasin
++Phil Karn,
++Neil M. Haller,
++John S. Walden,
++Scott Chasin
+--- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
++++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
+@@ -0,0 +1,264 @@
++.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++.\"
++.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
++.\" All rights reserved.
++.\"
++.\" This code is derived from software contributed to The NetBSD Foundation
++.\" by Gregory McGarry.
++.\"
++.\" Redistribution and use in source and binary forms, with or without
++.\" modification, are permitted provided that the following conditions
++.\" are met:
++.\" 1. Redistributions of source code must retain the above copyright
++.\"    notice, this list of conditions and the following disclaimer.
++.\" 2. Redistributions in binary form must reproduce the above copyright
++.\"    notice, this list of conditions and the following disclaimer in the
++.\"    documentation and/or other materials provided with the distribution.
++.\" 3. All advertising materials mentioning features or use of this software
++.\"    must display the following acknowledgement:
++.\"        This product includes software developed by the NetBSD
++.\"        Foundation, Inc. and its contributors.
++.\" 4. Neither the name of The NetBSD Foundation nor the names of its
++.\"    contributors may be used to endorse or promote products derived
++.\"    from this software without specific prior written permission.
++.\"
++.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
++.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
++.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
++.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
++.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
++.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
++.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
++.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++.\" POSSIBILITY OF SUCH DAMAGE.
++.\"
++.Dd November 10, 2001
++.Dt SKEY 3
++.Os
++.Sh NAME
++.Nm skey ,
++.Nm skeychallenge ,
++.Nm skeylookup ,
++.Nm skeygetnext ,
++.Nm skeyverify ,
++.Nm skeyzero ,
++.Nm getskeyprompt ,
++.Nm skey_set_algorithm ,
++.Nm skey_get_algorithm ,
++.Nm skey_haskey ,
++.Nm skey_keyinfo ,
++.Nm skey_passcheck ,
++.Nm skey_authenticate
++.Nd one-time password (OTP) library
++.Sh LIBRARY
++S/key One-Time Password Library (libskey, -lskey)
++.Sh SYNOPSIS
++.In skey.h
++.Ft int
++.Fn skeychallenge "struct skey *mp" "const char *name" "char *ss" \
++"size_t sslen"
++.Ft int
++.Fn skeylookup "struct skey *mp" "const char *name"
++.Ft int
++.Fn skeygetnext "struct skey *mp"
++.Ft int
++.Fn skeyverify "struct skey *mp" "char *response"
++.Ft int
++.Fn skeyzero "struct skey *mp" "char *response"
++.Ft int
++.Fn getskeyprompt "struct skey *mp" "char *name" "char *prompt"
++.Ft const char *
++.Fn skey_set_algorithm "const char *new"
++.Ft const char *
++.Fn skey_get_algorithm "void"
++.Ft int
++.Fn skey_haskey "const char *username"
++.Ft const char *
++.Fn skey_keyinfo "const char *username"
++.Ft int
++.Fn skey_passcheck "const char *username" "char *passwd"
++.Ft int
++.Fn skey_authenticate "const char *username"
++.Ft void
++.Fn f "char *x"
++.Ft int
++.Fn keycrunch "char *result" "const char *seed" "const char *passwd"
++.Ft void
++.Fn rip "char *buf"
++.Ft char *
++.Fn readpass "char *buf " "int n"
++.Ft char *
++.Fn readskey "char *buf" "int n"
++.Ft int
++.Fn atob8 "char *out" "const char *in"
++.Ft int
++.Fn btoa8 "char *out" "const char *in"
++.Ft int
++.Fn htoi "int c"
++.Ft const char *
++.Fn skipspace "const char *cp"
++.Ft void
++.Fn backspace "char *buf"
++.Ft void
++.Fn sevenbit "char *buf"
++.Ft char *
++.Fn btoe "char *engout" "const char *c"
++.Ft int
++.Fn etob "char *out" "const char *e"
++.Ft char *
++.Fn put8 "char *out" "const char *s"
++.Sh DESCRIPTION
++The
++.Nm
++library provides routines for accessing
++.Nx Ns 's
++one-time password (OTP) authentication system.
++.Pp
++Most S/Key operations take a pointer to a
++.Em struct skey ,
++which should be considered as an opaque identifier.
++.Sh FUNCTIONS
++The following high-level functions are available:
++.Bl -tag -width compact
++.It Fn skeychallenge "mp" "name" "ss" "sslen"
++Return a S/Key challenge for user
++.Fa name .
++If successful, the caller's skey structure
++.Fa mp
++is filled and 0 is returned.
++If unsuccessful (e.g. if name is unknown),
++\-1 is returned.
++.It Fn skeylookup "mp" "name"
++Find an entry for user
++.Fa name
++in the one-time password database.
++Returns 0 if the entry is found and 1 if the entry is not found.
++If an error occurs accessing the database, \-1 is returned.
++.It Fn skeygetnext "mp"
++Get the next entry in the one-time password database.
++Returns 0 on success and the entry is stored in
++.Ar mp
++and 1 if no more entries are available.
++If an error occurs accessing the database, \-1 is returned.
++.It Fn skeyverify "mp" "response"
++Verify response
++.Fa response
++to a S/Key challenge.
++Returns 0 if the verification is successful and 1 if the verification failed.
++If an error occurs accessing the database, \-1 is returned.
++.It Fn skeyzero "mp" "response"
++Comment out user's entry in the S/Key database.
++Returns 0 on success and the database is updated,
++otherwise \-1 is returned and the database remains unchanged.
++.It Fn getskeyprompt "mp" "name" "prompt"
++Issue a S/Key challenge for user
++.Ar name .
++If successful, fill in the caller's skey structure
++.Fa mp
++and return 0.
++If unsuccessful (e.g. if name is unknown) \-1 is returned.
++.El
++.Pp
++The following lower-level functions are available:
++.Bl -tag -width compact
++.It Fn skey_set_algorithm "new"
++Set hash algorithm type.
++Valid values for
++.Fa new
++are "md4", "md5" and "sha1".
++.It Fn skey_get_algorithm "void"
++Get current hash type.
++.It Fn skey_haskey "username"
++Returns 0 if the user
++.Fa username
++exists and 1 if the user doesn't exist.
++Returns \-1 on file error.
++.It Fn skey_keyinfo "username"
++Returns the current sequence number and seed for user
++.Ar username .
++.It Fn skey_passcheck "username" "passwd"
++Checks to see if answer is the correct one to the current challenge.
++.It Fn skey_authenticate "username"
++Used when calling program will allow input of the user's response to
++the challenge.
++Returns zero on success or \-1 on failure.
++.El
++.Pp
++The following miscellaneous functions are available:
++.Bl -tag -width compact
++.It Fn f "x"
++One-way function to take 8 bytes pointed to by
++.Fa x
++and return 8 bytes in place.
++.It Fn keycrunch "char *result" "const char *seed" "const char *passwd"
++Crunch a key.
++.It Fn rip "buf"
++Strip trailing CR/LF characters from a line of text
++.Fa buf .
++.It Fn readpass "buf" "n"
++Read in secret passwd (turns off echo).
++.It Fn readskey "buf" "n"
++Read in an s/key OTP (does not turn off echo).
++.It Fn atob8 "out" "in"
++Convert 8-byte hex-ascii string
++.Fa in
++to binary array
++.Fa out .
++Returns 0 on success, \-1 on error.
++.It Fn btoa8 "out" "in"
++Convert 8-byte binary array
++.Fa in
++to hex-ascii string
++.Fa out .
++Returns 0 on success, \-1 on error.
++.It Fn htoi "int c"
++Convert hex digit to binary integer.
++.It Fn skipspace "cp"
++Skip leading spaces from the string
++.Fa cp .
++.It Fn backspace "buf"
++Remove backspaced over characters from the string
++.Fa buf .
++.It Fn sevenbit "buf"
++Ensure line
++.Fa buf
++is all seven bits.
++.It Fn btoe "engout" "c"
++Encode 8 bytes in
++.Ar c
++as a string of English words.
++Returns a pointer to a static buffer in
++.Fa engout .
++.It Fn etob "out" "e"
++Convert English to binary.
++Returns 0 if the word is not in the database, 1 if all good words and
++parity is valid, \-1 if badly formed input (i.e. \*[Gt] 4 char word)
++and -2 if words are valid but parity is wrong.
++.It Fn put8 "out" "s"
++Display 8 bytes
++.Fa s
++as a series of 16-bit hex digits.
++.El
++.Sh FILES
++.Bl -tag -width /usr/lib/libskey_p.a -compact
++.It Pa /usr/lib/libskey.a
++static skey library
++.It Pa /usr/lib/libskey.so
++dynamic skey library
++.It Pa /usr/lib/libskey_p.a
++static skey library compiled for profiling
++.El
++.Sh SEE ALSO
++.Xr skey 1 ,
++.Xr skeyaudit 1 ,
++.Xr skeyinfo 1
++.Sh BUGS
++The
++.Nm
++library functions are not re-entrant or thread-safe.
++.Pp
++The
++.Nm
++library defines many poorly named functions which pollute the name space.
+--- skey-1.1.5.orig/skeyaudit.1	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyaudit.1	2003-11-06 17:46:45.000000000 +0000
+@@ -1,46 +1,29 @@
+-.\" $OpenBSD: skeyaudit.1,v 1.8 2000/11/09 17:52:38 aaron Exp $
++.\"	$NetBSD: skeyaudit.1,v 1.6 2001/04/09 12:34:14 wiz Exp $
+ .\"
+-.Dd 22 July 1997
++.Dd June 9, 1994
+ .Dt SKEYAUDIT 1
+ .Os
+ .Sh NAME
+ .Nm skeyaudit
+ .Nd warn users if their S/Key will soon expire
+ .Sh SYNOPSIS
+-.Nm skeyaudit
+-.Op Fl a
+-.Op Fl i
+-.Op Fl l Ar limit
++.Nm
++.Op Ar limit
+ .Sh DESCRIPTION
+ .Nm
+ searches through the file
+-.Pa /etc/skeykeys
++.Dq Pa /etc/skey/skeykeys
+ for users whose S/Key sequence number is less than
+ .Ar limit ,
+-and mails them a reminder to run
++and sends them a reminder to run
+ .Xr skeyinit 1
+-soon.
+-.Pp
+-The options are as follows:
+-.Bl -tag -width Ds
+-.It Fl a
+-Check all keys in
+-.Pa /etc/skeykeys .
+-This option is only available to the superuser and
+-is useful to run regularly via
+-.Xr cron 8 .
+-.It Fl i
+-Interactive mode.
+-Don't send mail, just print to the standard output.
+-.It Fl l Ar limit
+-The limit used to determine whether or not a user should be notified.
+-The default is to notify if there are fewer than 12 keys left.
+-.El
++soon. If no limit is specified a default of 12 is used.
+ .Sh FILES
+-.Bl -tag -width /etc/skeykeys -compact
+-.It Pa /etc/skeykeys
+-S/Key key information database
++.Bl -tag -width /etc/skey/skeykeys -compact
++.It Pa /etc/skey/skeykeys
++The S/Key key information database
+ .El
+ .Sh SEE ALSO
+ .Xr skey 1 ,
++.Xr skeyinfo 1 ,
+ .Xr skeyinit 1
+--- skey-1.1.5.orig/skeyaudit.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyaudit.c	1970-01-01 01:00:00.000000000 +0100
+@@ -1,236 +0,0 @@
+-/*	$OpenBSD: skeyaudit.c,v 1.10 2000/09/20 21:53:49 pjanzen Exp $	*/
+-
+-/*
+- * Copyright (c) 1997, 2000 Todd C. Miller <Todd.Miller@courtesan.com>
+- * All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the above copyright
+- *    notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- *    notice, this list of conditions and the following disclaimer in the
+- *    documentation and/or other materials provided with the distribution.
+- * 3. The name of the author may not be used to endorse or promote products
+- *    derived from this software without specific prior written permission.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+- * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+- * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
+- * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+- * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+- */
+-
+-#include <errno.h>
+-/*#include <limits.h>*/
+-#include <pwd.h>
+-#include <stdio.h>
+-#include <stdlib.h>
+-#include <string.h>
+-#include <unistd.h>
+-#include <netdb.h>
+-#include "config.h"
+-#ifdef HAVE_ERR_H
+-#include <err.h>
+-#else
+-#include "err.h"
+-#endif
+-#include "skey.h"
+-
+-#include <sys/types.h>
+-#include <sys/param.h>
+-#include <sys/wait.h>
+-
+-#ifdef HAVE_LOGIN_CAP_H
+-#   include <login_cap.h>
+-#else
+-#   include "login_cap.h"
+-#endif
+-
+-char *__progname;
+-
+-void notify __P((struct passwd *, int, int));
+-FILE *runsendmail __P((struct passwd *, int *));
+-void usage __P((void));
+-
+-int
+-main(argc, argv)
+-	int argc;
+-	char **argv;
+-{
+-	struct passwd *pw;
+-	struct skey key;
+-	int ch, errs = 0, left = 0, aflag = 0, iflag = 0, limit = 12;
+-	char *name;
+-
+-	__progname = argv[0];
+-
+-	if (geteuid() != 0)
+-		errx(1, "must be setuid root");
+-
+-	while ((ch = getopt(argc, argv, "ail:")) != -1)
+-		switch(ch) {
+-		case 'a':
+-			aflag = 1;
+-			if (getuid() != 0)
+-				errx(1, "only root may use the -a flag");
+-			break;
+-		case 'i':
+-			iflag = 1;
+-			break;
+-		case 'l':
+-			errno = 0;
+-			if ((limit = (int)strtol(optarg, NULL, 10)) == 0)
+-				errno = ERANGE;
+-			if (errno) {
+-				warn("key limit");
+-				usage();
+-			}
+-			break;
+-		default:
+-			usage();
+-	}
+-
+-	if (argc - optind > 0)
+-		usage();
+-
+-	/* Need key.keyfile zero'd at the very least */
+-	(void)memset(&key, 0, sizeof(key));
+-
+-	if (aflag) {
+-		while ((ch = skeygetnext(&key)) == 0) {
+-			left = key.n - 1;
+-			if ((pw = getpwnam(key.logname)) == NULL)
+-				continue;
+-			if (left >= limit)
+-				continue;
+-			notify(pw, left, iflag);
+-		}
+-		if (ch == -1)
+-			errx(-1, "cannot open %s", SKEYKEYS);
+-		else
+-			(void)fclose(key.keyfile);
+-	} else {
+-		if ((pw = getpwuid(getuid())) == NULL)
+-			errx(1, "no passwd entry for uid %u", getuid());
+-		if ((name = strdup(pw->pw_name)) == NULL)
+-			err(1, "cannot allocate memory");
+-		sevenbit(name);
+-
+-		errs = skeylookup(&key, name);
+-		switch (errs) {
+-			case 0:		/* Success! */
+-				left = key.n - 1;
+-				break;
+-			case -1:	/* File error */
+-				errx(errs, "cannot open %s", SKEYKEYS);
+-				break;
+-			case 1:		/* Unknown user */
+-				warnx("%s is not listed in %s", name,
+-				    SKEYKEYS);
+-		}
+-		(void)fclose(key.keyfile);
+-
+-		if (!errs && left < limit)
+-			notify(pw, left, iflag);
+-	}
+-		
+-	exit(errs);
+-}
+-
+-void
+-notify(pw, seq, interactive)
+-	struct passwd *pw;
+-	int seq;
+-	int interactive;
+-{
+-	static char hostname[MAXHOSTNAMELEN];
+-	int pid;
+-	FILE *out;
+-
+-	/* Only set this once */
+-	if (hostname[0] == '\0' && gethostname(hostname, sizeof(hostname)) == -1)
+-		strcpy(hostname, "unknown");
+-
+-	if (interactive)
+-		out = stdout;
+-	else
+-		out = runsendmail(pw, &pid);
+-
+-	if (!interactive)
+-		(void)fprintf(out,
+-		   "To: %s\nSubject: IMPORTANT action required\n", pw->pw_name);
+-
+-	if (seq)
+-		(void)fprintf(out,
+-"\nYou are nearing the end of your current S/Key sequence for account\n\
+-%s on system %s.\n\n\
+-Your S/Key sequence number is now %d.  When it reaches zero\n\
+-you will no longer be able to use S/Key to log into the system.\n\n",
+-pw->pw_name, hostname, seq);
+-	else
+-		(void)fprintf(out,
+-"\nYou are at the end of your current S/Key sequence for account\n\
+-%s on system %s.\n\n\
+-At this point you can no longer use S/Key to log into the system.\n\n",
+-pw->pw_name, hostname);
+-	(void)fprintf(out,
+-"Type \"skeyinit -s\" to reinitialize your sequence number.\n\n");
+-
+-	(void)fclose(out);
+-	if (!interactive)
+-		(void)waitpid(pid, NULL, 0);
+-}
+-
+-FILE *
+-runsendmail(pw, pidp)
+-	struct passwd *pw;
+-	int *pidp;
+-{
+-	FILE *fp;
+-	int pfd[2], pid;
+-
+-	if (pipe(pfd) < 0)
+-		return(NULL);
+-
+-	switch (pid = fork()) {
+-	case -1:			/* fork(2) failed */
+-		(void)close(pfd[0]);
+-		(void)close(pfd[1]);
+-		return(NULL);
+-	case 0:				/* In child */
+-		(void)close(pfd[1]);
+-		(void)dup2(pfd[0], STDIN_FILENO);
+-		(void)close(pfd[0]);
+-
+-		/* Run sendmail as target user not root */
+-		if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0) {
+-			warn("cannot set user context");
+-			_exit(127);
+-		}
+-
+-		execl(SENDMAIL, "sendmail", "-t", NULL);
+-		warn("cannot run \"%s -t\"", SENDMAIL);
+-		_exit(127);
+-	}
+-
+-	/* In parent */
+-	*pidp = pid;
+-	fp = fdopen(pfd[1], "w");
+-	(void)close(pfd[0]);
+-
+-	return(fp);
+-}
+-void
+-usage()
+-{
+-	(void)fprintf(stderr, "Usage: %s [-i] [-l limit]\n",
+-	    __progname);
+-	exit(1);
+-}
+--- skey-1.1.5.orig/skeyaudit.sh	1970-01-01 01:00:00.000000000 +0100
++++ skey-1.1.5/skeyaudit.sh	2003-11-06 17:46:45.000000000 +0000
+@@ -0,0 +1,58 @@
++#!/bin/sh
++#
++#	$NetBSD: skeyaudit.sh,v 1.2.12.2 2000/07/28 12:42:59 mjl Exp $
++#
++# This script will look thru the skeykeys file for
++# people with sequence numbers less than LOWLIMIT=12
++# and send them an e-mail reminder to use skeyinit soon
++# 
++
++KEYDB=/etc/skey/skeykeys
++LOWLIMIT=12
++ADMIN=root
++SUBJECT="Reminder: Run skeyinit"
++HOST=`/bin/hostname`
++
++
++if [ "$1" != "" ]
++then
++ LOWLIMIT=$1
++fi
++
++if [ ! -s "${KEYDB}" ]; then
++  exit 0
++fi
++
++# an skeykeys entry looks like
++#   jsw 0076 la13079          ba20a75528de9d3a
++#   #oot md5 0005 aspa26398        9432d570ff4421f0  Jul 07,2000 01:36:43
++#   mjl sha1 0099 alpha2           459a5dac23d20a90  Jul 07,2000 02:14:17
++# the sequence number is the second (or third) entry
++#
++
++SKEYS=`awk '/^#/ {next} {if($2 ~ /^[0-9]+$/) print $1,$2,$3; else print $1,$3,$4; }' $KEYDB`
++
++set -- ${SKEYS}
++
++while [ "X$1" != "X" ]; do
++  USER=$1
++  SEQ=$2
++  KEY=$3
++  shift 3
++  # echo "$USER -- $SEQ -- $KEY"
++  if [ $SEQ -lt $LOWLIMIT ]; then
++    if [ $SEQ -lt  3 ]; then
++      SUBJECT="IMPORTANT action required"
++    fi
++    (
++    echo "You are nearing the end of your current S/Key sequence for account $i"
++    echo "on system $HOST."
++    echo ""
++    echo "Your S/key sequence number is now $SEQ.  When it reaches zero you"
++    echo "will no longer be able to use S/Key to login into the system.  "
++    echo " "
++    echo "Use \"skeyinit -s\" to reinitialize your sequence number."
++    echo ""
++    ) | mail -s "$SUBJECT"  $USER $ADMIN
++  fi
++done
+--- skey-1.1.5.orig/skey.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skey.c	2003-11-06 17:46:45.000000000 +0000
+@@ -25,6 +25,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <unistd.h>
++#include <ctype.h>
+ #include "config.h"
+ 
+ #ifdef HAVE_ERR_H
+@@ -35,102 +36,93 @@
+ 
+ #include "skey.h"
+ 
+-void    usage __P((char *));
++int		main(int, char **);
++void	usage(char *);
+ 
+ int
+-main(argc, argv)
+-	int	argc;
+-	char	*argv[];
++main(int	argc, char	**argv)
+ {
+-	int     n, i, cnt = 1, pass = 0, hexmode = 0;
+-	char    passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
+-	char	buf[33], *seed, *slash;
+-
+-	/* If we were called as otp-METHOD, set algorithm based on that */
+-	if ((slash = strrchr(argv[0], '/')))
+-	    slash++;
+-	else
+-	    slash = argv[0];
+-	if (strncmp(slash, "otp-", 4) == 0) {
+-		slash += 4;
+-		if (skey_set_algorithm(slash) == NULL)
+-			errx(1, "Unknown hash algorithm %s", slash);
+-	}
+-
+-	for (i = 1; i < argc && argv[i][0] == '-' && strcmp(argv[i], "--");) {
+-		if (argv[i][2] == '\0') {
+-			/* Single character switch */
+-			switch (argv[i][1]) {
++	int		n, cnt = 1, i, pass = 0, hexmode = 0;
++	char	passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
++	char	buf[33], *seed, *slash, *t;
++
++	while ((i = getopt(argc, argv, "fn:p:t:x")) != -1) {
++		switch(i) {
++			case 'f':
++				break; /* unused */
+ 			case 'n':
+-				if (i + 1 == argc)
+-					usage(argv[0]);
+-				cnt = atoi(argv[++i]);
++				cnt = atoi(optarg);
+ 				break;
+ 			case 'p':
+-				if (i + 1 == argc)
+-					usage(argv[0]);
+-				if (strlcpy(passwd, argv[++i], sizeof(passwd)) >=
+-				    sizeof(passwd))
+-					errx(1, "Password too long");
++				if (strncpy(passwd, optarg, sizeof(passwd)) == NULL)
++						errx(1, "Password too long");
+ 				pass = 1;
+ 				break;
++			case 't':
++				if (skey_set_algorithm(optarg) == NULL)
++					errx(1, "Unknown hash algorithm %s", optarg);
++				break;
+ 			case 'x':
+ 				hexmode = 1;
+ 				break;
+ 			default:
+ 				usage(argv[0]);
+-			}
+-		} else {
+-			/* Multi character switches are hash types */
+-			if (skey_set_algorithm(&argv[i][1]) == NULL) {
+-				warnx("Unknown hash algorithm %s", &argv[i][1]);
+-				usage(argv[0]);
+-			}
++				break;
+ 		}
+-		i++;
+ 	}
+ 
+-	if (argc > i + 2)
+-		usage(argv[0]);
+-
+-	/* Could be in the form <number>/<seed> */
+-	if (argc <= i + 1) {
++	/* could be in the form <number>/<seed> */
++	if (argc <= optind + 1) {
+ 		/* look for / in it */
+-		if (argc <= i)
++		if (argc <= optind)
+ 			usage(argv[0]);
+-		slash = strchr(argv[i], '/');
++		slash = strchr(argv[optind], '/');
+ 		if (slash == NULL)
+ 			usage(argv[0]);
+ 		*slash++ = '\0';
+ 		seed = slash;
+ 
+-		if ((n = atoi(argv[i])) < 0) {
+-			warnx("%d not positive", n);
++		if ((n = atoi(argv[optind])) < 0) {
++			fprintf(stderr, "%s is not positive\n", argv[optind]);
+ 			usage(argv[0]);
+ 		} else if (n > SKEY_MAX_SEQ) {
+ 			warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ);
+ 			usage(argv[0]);
+ 		}
+ 	} else {
+-		if ((n = atoi(argv[i])) < 0) {
+-			warnx("%d not positive", n);
++		if ((n = atoi(argv[optind])) < 0) {
++			fprintf(stderr, "%s not positive\n", argv[optind]);
+ 			usage(argv[0]);
+ 		} else if (n > SKEY_MAX_SEQ) {
+ 			warnx("%d is larger than max (%d)", n, SKEY_MAX_SEQ);
+ 			usage(argv[0]);
+ 		}
+-		seed = argv[++i];
++		seed = argv[++optind];
++	}
++
++	for (t = seed; *t; t++) {
++		if (!isalnum(*t))
++			errx(1, "seed must be alphanumeric");
+ 	}
+ 
++	if (!*seed || strlen(seed) > SKEY_MAX_SEED_LEN)
++		errx(1, "seed must be between 1 and %d long", SKEY_MAX_SEED_LEN);
++
+ 	/* Get user's secret password */
+ 	if (!pass) {
+-		(void)fputs("Reminder - Do not use this program while logged in via telnet or rlogin.\n", stderr);
+-		(void)fputs("Enter secret password: ", stderr);
++		fputs("Reminder - Do not use this program while "
++					"logged in via telnet or rlogin.\n", stderr);
++		fprintf(stderr, "Enter secret password: ");
+ 		readpass(passwd, sizeof(passwd));
+ 		if (passwd[0] == '\0') 
+ 			exit(1);
+ 	}
+ 
++	if (strlen(passwd) < SKEY_MIN_PW_LEN)
++		warnx(
++	"RFC2289 states that password should be at least %d characters long",
++	SKEY_MIN_PW_LEN);
++
+ 	/* Crunch seed and password into starting key */
+ 	if (keycrunch(key, seed, passwd) != 0)
+ 		errx(1, "key crunch failed");
+@@ -138,16 +130,15 @@
+ 	if (cnt == 1) {
+ 		while (n-- != 0)
+ 			f(key);
+-		(void)puts(hexmode ? put8(buf, key) : btoe(buf, key));
++			puts(hexmode ? put8(buf, key) : btoe(buf, key));
+ 	} else {
+ 		for (i = 0; i <= n - cnt; i++)
+ 			f(key);
+ 		for (; i <= n; i++) {
++			printf("%3d: %-29s", i, btoe(buf, key));
+ 			if (hexmode)
+-				(void)printf("%d: %-29s  %s\n", i,
+-				    btoe(buf, key), put8(buf, key));
+-			else
+-				(void)printf("%d: %-29s\n", i, btoe(buf, key));
++				printf("\t%s", put8(buf, key));
++			puts("");
+ 			f(key);
+ 		}
+ 	}
+@@ -155,9 +146,10 @@
+ }
+ 
+ void
+-usage(s)
+-	char   *s;
++usage(char *s)
+ {
+-	(void)fprintf(stderr, "Usage: %s [-x] [-md4|-md5|-sha1|-rmd160] [-n count] [-p password] <sequence#>[/] key\n", s);
++	fprintf(stderr, 
++"Usage: %s [-n count] [-p password] [-t hash] [-x] sequence# [/] key\n",
++	s);
+ 	exit(1);
+ }
+--- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
+@@ -1,3 +1,5 @@
++/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
++
+ /*
+  * S/KEY v1.1b (skey.h)
+  *
+@@ -11,86 +13,86 @@
+  *          Todd C. Miller <Todd.Miller@courtesan.com>
+  *
+  * Main client header
+- *
+- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
+  */
+ 
+ /* Server-side data structure for reading keys file during login */
+-struct skey {
+-	FILE *keyfile;
+-	char buf[256];
+-	char *logname;
+-	int n;
+-	char *seed;
+-	char *val;
+-	long recstart;		/* needed so reread of buffer is efficient */
++struct skey
++{
++  FILE *keyfile;
++  char buf[256];
++  char *logname;
++  int n;
++  char *seed;
++  char *val;
++  long recstart;		/* needed so reread of buffer is efficient */
+ };
+ 
+ /* Client-side structure for scanning data stream for challenge */
+-struct mc {
+-	char buf[256];
+-	int skip;
+-	int cnt;
++struct mc
++{
++  char buf[256];
++  int skip;
++  int cnt;
+ };
+ 
+ /* Maximum sequence number we allow */
+ #ifndef SKEY_MAX_SEQ
+-#define SKEY_MAX_SEQ		10000
++#define SKEY_MAX_SEQ           10000
+ #endif
+ 
+-/* Minimum secret password length (rfc1938) */
++/* Minimum secret password length (rfc2289) */
+ #ifndef SKEY_MIN_PW_LEN
+-#define SKEY_MIN_PW_LEN		10
++#define SKEY_MIN_PW_LEN                10
+ #endif
+ 
+-/* Max secret password length (rfc1938 says 63 but allows more) */
++/* Max secret password length (rfc2289 says 63 but allows more) */
+ #ifndef SKEY_MAX_PW_LEN
+-#define SKEY_MAX_PW_LEN		255
++#define SKEY_MAX_PW_LEN                255
+ #endif
+ 
+-/* Max length of an S/Key seed (rfc1938) */
++/* Max length of an S/Key seed (rfc2289) */
+ #ifndef SKEY_MAX_SEED_LEN
+-#define SKEY_MAX_SEED_LEN	16
++#define SKEY_MAX_SEED_LEN  	 16
+ #endif
+ 
+ /* Max length of S/Key challenge (otp-???? 9999 seed) */
+ #ifndef SKEY_MAX_CHALLENGE
+-#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
++#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
+ #endif
+ 
+ /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
+-#define SKEY_MAX_HASHNAME_LEN	6
++#define SKEY_MAX_HASHNAME_LEN  6
+ 
+ /* Size of a binary key (not NULL-terminated) */
+-#define SKEY_BINKEY_SIZE	8
++#define SKEY_BINKEY_SIZE		 8
+ 
+ /* Location of random file for bogus challenges */
+-#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
++#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+ 
+ /* Prototypes */
+-void f(char *x);
+-int keycrunch(char *result, char *seed, char *passwd);
+-char *btoe(char *engout, char *c);
+-char *put8(char *out, char *s);
+-int etob(char *out, char *e);
+-void rip(char *buf);
+-int skeychallenge(struct skey * mp, char *name, char *ss);
+-int skeylookup (struct skey * mp, char *name);
+-int skeyverify (struct skey * mp, char *response);
+-int skeyzero (struct skey * mp, char *response);
+-void sevenbit (char *s);
+-void backspace (char *s);
+-char *skipspace (char *s);
+-char *readpass (char *buf, int n);
+-char *readskey (char *buf, int n);
+-int skey_authenticate (char *username);
+-int skey_passcheck (char *username, char *passwd);
+-char *skey_keyinfo (char *username);
+-int skey_haskey (char *username);
+-int getskeyprompt (struct skey *mp, char *name, char *prompt);
+-int atob8 (char *out, char *in);
+-int btoa8 (char *out, char *in);
+-int htoi (int c);
+-const char *skey_get_algorithm (void);
+-char *skey_set_algorithm (char *new);
+-int skeygetnext (struct skey *mp);
++void f __P ((char *));
++int keycrunch __P ((char *, const char *, const char *));
++char *btoe __P ((char *, const char *));
++char *put8 __P ((char *, const char *));
++int etob __P ((char *, const char *));
++void rip __P ((char *));
++int skeychallenge __P ((struct skey *, const char *, char *, size_t));
++int skeylookup __P ((struct skey *, const char *));
++int skeyverify __P ((struct skey *, char *));
++void sevenbit __P ((char *));
++void backspace __P ((char *));
++const char *skipspace __P ((const char *));
++char *readpass __P ((char *, int));
++char *readskey __P ((char *, int));
++int skey_authenticate __P ((const char *));
++int skey_passcheck __P ((const char *, char *));
++const char *skey_keyinfo __P ((const char *));
++int skey_haskey __P ((const char *));
++int getskeyprompt __P ((struct skey *, char *, char *));
++int atob8 __P((char *, const char *));
++int btoa8 __P((char *, const char *));
++int htoi __P((int));
++const char *skey_get_algorithm __P((void));
++const char *skey_set_algorithm __P((const char *));
++int skeygetnext __P((struct skey *));
++int skeyzero __P((struct skey *, char *));
+--- skey-1.1.5.orig/skeyinfo.1	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyinfo.1	2003-11-06 17:46:45.000000000 +0000
+@@ -1,30 +1,19 @@
+-.\" $OpenBSD: skeyinfo.1,v 1.3 2000/03/11 21:40:02 aaron Exp $
++.\"	$NetBSD: skeyinfo.1,v 1.5 2001/04/09 12:34:44 wiz Exp $
+ .\"
+-.Dd 22 July 1997
++.Dd June 9, 1994
+ .Dt SKEYINFO 1
+ .Os
+ .Sh NAME
+ .Nm skeyinfo
+ .Nd obtain the next S/Key challenge for a user
+ .Sh SYNOPSIS
+-.Nm skeyinfo
+-.Op Fl v
++.Nm
+ .Op Ar user
+ .Sh DESCRIPTION
+ .Nm
+ prints out the next S/Key challenge for the specified user or for the
+ current user if no user is specified.
+-.Pp
+-The options are as follows:
+-.Bl -tag -width Ds
+-.It Fl v
+-Print the hash algorithm as well.
+-.El
+-.Sh EXAMPLES
+-% skey -n <number of passwords to print> `skeyinfo` | lpr
+-.Pp
+-This would print out a list of S/Key passwords for use over
+-an untrusted network (perhaps for use at a conference).
+ .Sh SEE ALSO
+ .Xr skey 1 ,
++.Xr skeyaudit 1 ,
+ .Xr skeyinit 1
+--- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
+@@ -1,9 +1,12 @@
+-/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
++/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
+ 
+-/*
+- * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
++/*-
++ * Copyright (c) 1997 The NetBSD Foundation, Inc.
+  * All rights reserved.
+  *
++ * This code is derived from software contributed to The NetBSD Foundation
++ * by Andrew Brown.
++ *
+  * Redistribution and use in source and binary forms, with or without
+  * modification, are permitted provided that the following conditions
+  * are met:
+@@ -12,104 +15,79 @@
+  * 2. Redistributions in binary form must reproduce the above copyright
+  *    notice, this list of conditions and the following disclaimer in the
+  *    documentation and/or other materials provided with the distribution.
+- * 3. The name of the author may not be used to endorse or promote products
+- *    derived from this software without specific prior written permission.
++ * 3. All advertising materials mentioning features or use of this software
++ *    must display the following acknowledgement:
++ *	This product includes software developed by the NetBSD
++ *	Foundation, Inc. and its contributors.
++ * 4. Neither the name of The NetBSD Foundation nor the names of its
++ *    contributors may be used to endorse or promote products derived
++ *    from this software without specific prior written permission.
+  *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+- * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+- * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
+- * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+- * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
++ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
++ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
++ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++ * POSSIBILITY OF SUCH DAMAGE.
+  */
+ 
+-/*#include <limits.h>*/
+-#include <pwd.h>
+ #include <stdio.h>
+-#include <stdlib.h>
++#include <pwd.h>
++#include <err.h>
+ #include <string.h>
+ #include <unistd.h>
+-#include "config.h"
+-#include "skey.h"
+-/*#include "defines.h"*/
+ 
+-char *__progname;
++#include "skey.h"
+ 
+-void usage(void);
++int main __P((int, char *[]));
+ 
+-int
+-main(argc, argv)
+-	int argc;
+-	char **argv;
++int main(int argc, char **argv)
+ {
+-	struct passwd *pw;
+-	struct skey key;
+-	char *name = NULL;
+-	int error, ch, verbose = 0;
+-
+- 	__progname=argv[0];
+-
+-	if (geteuid() != 0)
+-		errx(1, "must be setuid root");
+-
+-	while ((ch = getopt(argc, argv, "v")) != -1)
+-		switch(ch) {
+-		case 'v':
+-			verbose = 1;
+-			break;
+-		default:
+-			usage();
++	struct skey     skey;
++	char            name[100], prompt[1024];
++	int             uid;
++	struct passwd  *pw = NULL;
++
++	argc--;
++	argv++;
++
++	if (geteuid())
++		errx(1, "must be root to read %s", SKEYKEYS);
++
++	uid = getuid();
++
++	if (!argc)
++		pw = getpwuid(uid);
++	else if (!uid)
++		pw = getpwnam(argv[0]);
++	else
++		errx(1, "permission denied to look other users skeys");
++
++	if (!pw) {
++		if (argc)
++			errx(1, "%s: no such user", argv[0]);
++		else
++			errx(1, "who are you?");
+ 	}
+-	argc -= optind;
+-	argv += optind;
+ 
+-	if (argc == 1)
+-		name = argv[0];
+-	else if (argc > 1)
+-		usage();
+-
+-	if (name && getuid() != 0)
+-		errx(1, "only root may specify an alternate user");
+-
+-	if (name) {
+-		if (strlen(name) > PASS_MAX)
+-			errx(1, "username too long (%d chars max)", PASS_MAX);
+-		if ((pw = getpwnam(name)) == NULL)
+-			errx(1, "no passwd entry for %s", name);
+-	} else {
+-		if ((pw = getpwuid(getuid())) == NULL)
+-			errx(1, "no passwd entry for uid %u", getuid());
+-	}
++	strncpy(name, pw->pw_name, sizeof(name));
+ 
+-	if ((name = strdup(pw->pw_name)) == NULL)
+-		err(1, "cannot allocate memory");
+-	sevenbit(name);
+-
+-	error = skeylookup(&key, name);
+-	switch (error) {
+-		case 0:		/* Success! */
+-			if (verbose)
+-				(void)printf("otp-%s ", skey_get_algorithm());
+-			(void)printf("%d %s\n", key.n - 1, key.seed);
+-			break;
+-		case -1:	/* File error */
+-			warnx("cannot open %s", SKEYKEYS);
+-			break;
+-		case 1:		/* Unknown user */
+-			warnx("%s is not listed in %s", name, SKEYKEYS);
++	if (getskeyprompt(&skey, name, prompt) == -1) {
++		printf("%s %s no s/key\n",
++		       argc ? name : "You",
++		       argc ? "has" : "have");
+ 	}
+-	(void)fclose(key.keyfile);
+-
+-	exit(error);
+-}
+-
+-void
+-usage()
+-{
+-	(void)fprintf(stderr, "Usage: %s [-v] [user]\n", __progname);
+-	exit(1);
++	else {
++		if (argc)
++			printf("%s's ", pw->pw_name);
++		else
++			printf("Your ");
++		printf("next %s", prompt);
++	}
++	return 0;
+ }
+--- skey-1.1.5.orig/skeyinit.1	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyinit.1	2003-11-06 17:46:45.000000000 +0000
+@@ -1,22 +1,18 @@
+-.\"	$OpenBSD: skeyinit.1,v 1.19 2000/11/09 17:52:39 aaron Exp $
+-.\"	$NetBSD: skeyinit.1,v 1.4 1995/07/07 22:24:09 jtc Exp $
++.\"	$NetBSD: skeyinit.1,v 1.11 2001/04/09 12:35:00 wiz Exp $
+ .\"	@(#)skeyinit.1	1.1 	10/28/93
+ .\"
+-.Dd February 24, 1998
++.Dd June 7, 2000
+ .Dt SKEYINIT 1
+ .Os
+ .Sh NAME
+ .Nm skeyinit
+ .Nd change password or add user to S/Key authentication system
+ .Sh SYNOPSIS
+-.Nm skeyinit
++.Nm
++.Op Fl n Ar count
+ .Op Fl s
++.Op Fl t Ar hash
+ .Op Fl z
+-.Op Fl n Ar count
+-.Oo
+-.Fl md4 | Fl md5 | Fl sha1 |
+-.Fl rmd160
+-.Oc
+ .Op Ar user
+ .Sh DESCRIPTION
+ .Nm
+@@ -30,52 +26,17 @@
+ .Nm
+ requires you to type a secret password, so it should be used
+ only on a secure terminal.
+-For example, on the console of a
+-workstation or over an encrypted network session.
+-If you are using
+-.Nm
+-while logged in over an untrusted network, follow the instructions
+-given below with the
+-.Fl s
+-option.
+-.Pp
+-Before initializing an S/Key entry, the user must authenticate
+-using either a standard password or an S/Key challenge.
+-When used over an untrusted network, a password of
+-.Sq s/key
+-should be used.
+-The user will then be presented with the standard
+-S/Key challenge and allowed to proceed if it is correct.
+-.Pp
+-The options are as follows:
++.Sh OPTIONS
+ .Bl -tag -width Ds
+-.It Fl x
+-Displays pass phrase in hexadecimal instead of ASCII.
+ .It Fl s
+-Set secure mode where the user is expected to have used a secure
+-machine to generate the first one-time password.
+-Without the
+-.Fl s
+-option the system will assume you are directly connected over secure
+-communications and prompt you for your secret password.
+-The
+-.Fl s
+-option also allows one to set the seed and count for complete
+-control of the parameters.
+-You can use
+-.Ic skeyinit -s
+-in combination with the
+-.Nm skey
+-command to set the seed and count if you do not like the defaults.
+-To do this run
+-.Nm
+-in one window and put in your count and seed, then run
+-.Nm skey
+-in another window to generate the correct 6 English words for that
+-count and seed.
+-You can then "cut-and-paste" or type the words into the
+-.Nm
+-window.
++allows the user to set the seed and count for complete control
++of the parameters.
++To do this run skeyinit in one window and put in your count and seed;
++then run
++.Xr skey 1
++in another window to generate the correct 6 english words
++for that count and seed.
++You can then "cut-and-paste" or type the words into the skeyinit window.
+ .It Fl z
+ Allows the user to zero their S/Key entry.
+ .It Fl n Ar count
+@@ -84,30 +45,22 @@
+ sequence at
+ .Ar count
+ (default is 100).
+-.It Fl md4
+-Selects MD4 as the hash algorithm.
+-.It Fl md5
+-Selects MD5 as the hash algorithm.
+-.It Fl sha1
+-Selects SHA (NIST Secure Hash Algorithm Revision 1) as the hash algorithm.
+-.It Fl rmd160
+-Selects RMD-160 (160 bit Ripe Message Digest) as the hash algorithm.
++.It Fl t Ar hash
++Selects the hash algorithm to use.
++Available choices are md4 (the default), md5 or sha1.
+ .It Ar user
+ The username to be changed/added.
+-By default the current user is operated on.
++By default the current user is operated on, only root may
++change other user's entries.
+ .El
+-.Sh ERRORS
+-.Bl -tag -width "skey disabled"
+-.It skey disabled
+-.Pa /etc/skeykeys
+-does not exist.
+-It must be created by the superuser in order to use
+-.Nm skeyinit .
+ .Sh FILES
+-.Bl -tag -width /etc/skeykeys
+-.It Pa /etc/skeykeys
+-database of information for S/Key system
++.Bl -tag -width /etc/skey/skeykeys
++.It Pa /etc/skey/skeykeys
++data base of information for S/Key system.
++.El
+ .Sh SEE ALSO
+-.Xr skey 1
++.Xr skey 1 ,
++.Xr skeyaudit 1 ,
++.Xr skeyinfo 1
+ .Sh AUTHORS
+ Phil Karn, Neil M. Haller, John S. Walden, Scott Chasin
+--- skey-1.1.5.orig/skeyinit.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyinit.c	2003-11-06 17:46:45.000000000 +0000
+@@ -43,6 +43,18 @@
+ 
+ #include <netdb.h>
+ 
++#ifdef HAVE_SHADOW_H
++#include <shadow.h>
++#endif
++
++#ifdef HAVE_CRACK_H
++#include <crack.h>
++#ifndef CRACKLIB_DICTPATH
++#define CRACKLIB_DICTPATH "/usr/lib/cracklib_dict"
++#endif
++#endif
++
++#include "err.h"
+ #include "skey.h"
+ 
+ 
+@@ -50,62 +62,80 @@
+ #define SKEY_NAMELEN    4
+ #endif
+ 
+-void	usage __P((char *));
++int	main __P((int, char **));
+ 
+-int
+-main(argc, argv)
+-	int     argc;
+-	char   *argv[];
++int main(int argc, char **argv)
+ {
+-	int     rval, nn, i, l, n=0, defaultsetup=1, zerokey=0, hexmode=0;
++	int     rval, nn, i, l, n=0, defaultsetup=1, c, zerokey=0, hexmode=0;
+ 	time_t  now;
+-	struct utmp old_ut;
+-
+-#ifndef UT_LINESIZE
+-#  define UT_LINESIZE (sizeof(old_ut.ut_line))
+-#  define UT_NAMESIZE (sizeof(old_ut.ut_name))
+-#  define UT_HOSTSIZE (sizeof(old_ut.ut_host))
+-# endif
+-
+-	char	hostname[MAXHOSTNAMELEN];
++	char	hostname[MAXHOSTNAMELEN+1];
++	char	seed[SKEY_MAX_PW_LEN+2], key[SKEY_BINKEY_SIZE];
++	char	defaultseed[SKEY_MAX_SEED_LEN+1];
+ 	char    passwd[SKEY_MAX_PW_LEN+2], passwd2[SKEY_MAX_PW_LEN+2];
+-	char	seed[SKEY_MAX_SEED_LEN+2], defaultseed[SKEY_MAX_SEED_LEN+1];
+-	char    tbuf[27], buf[80], key[SKEY_BINKEY_SIZE];
+-	char    lastc, me[UT_NAMESIZE+1], *salt, *p, *pw, *ht=NULL;
+-	struct skey skey;
+-	struct passwd *pp;
+-	struct tm *tm;
++	char    tbuf[27], buf[80];
++	char    lastc, me[LOGIN_NAME_MAX+1], *p, *pw, *ht=NULL, *msg;
++	const 	char *salt;
++	struct	skey skey;
++	struct	passwd *pp;
++	struct	tm *tm;
++#ifdef HAVE_SHADOW_H
++	struct	spwd *sp;
++#endif
++
++	i = open(_PATH_DEVNULL, O_RDWR);
++	while (i >= 0 && i < 2)
++		i = dup(i);
++	if (i > 2)
++		close(i);
+ 
+ 	if (geteuid() != 0)
+ 		errx(1, "must be setuid root.");
+ 
+ 	if (gethostname(hostname, sizeof(hostname)) < 0)
+-		err(1, "gethostname");
+-	for (i = 0, p = defaultseed; hostname[i] && i < SKEY_NAMELEN; i++) {
+-		if (isalpha(hostname[i])) {
+-			if (isupper(hostname[i]))
+-				hostname[i] = tolower(hostname[i]);
+-			*p++ = hostname[i];
+-		} else if (isdigit(hostname[i]))
+-			*p++ = hostname[i];
++		err(1, "gethostname() error");
++
++	for (i = 0, l = 0; l < sizeof(defaultseed); i++) {
++		if (hostname[i] == '\0') {
++			defaultseed[l] = hostname[i];
++			break;
++		}
++		if (isalnum(hostname[i]))
++			defaultseed[l++] = hostname[i];
+ 	}
+-	*p = '\0';
+-	(void)time(&now);
+-	(void)sprintf(tbuf, "%05ld", (long) (now % 100000));
+-	(void)strncat(defaultseed, tbuf, sizeof(defaultseed) - 5);
++
++	defaultseed[SKEY_NAMELEN] = '\0';
++	time(&now);
++	snprintf(tbuf, sizeof(tbuf), "%05ld", (long) (now % 100000));
++	strncat(defaultseed, tbuf, sizeof(defaultseed));
+ 
+ 	if ((pp = getpwuid(getuid())) == NULL)
+-		err(1, "no user with uid %d", getuid());
+-	(void)strcpy(me, pp->pw_name);
++		err(1, "no user with uid %ld", (u_long)getuid());
++	strncpy(me, pp->pw_name, sizeof(me));
+ 
+ 	if ((pp = getpwnam(me)) == NULL)
+-		err(1, "Who are you?");
++		err(1, "getpwnam() returned NULL, Who are you?");
++#ifdef HAVE_SHADOW_H
++	/* hacking in shadow support... */
++	else if (strcmp(pp->pw_passwd, "x") == 0) {
++		if ((sp = getspnam(me)) == NULL)
++		      err(1, "Unable to verify Password");
++		pp->pw_passwd = sp->sp_pwdp;
++	}
++#endif
+ 	salt = pp->pw_passwd;
+ 
+-	for (i = 1; i < argc && argv[i][0] == '-' && strcmp(argv[i], "--");) {
+-		if (argv[i][2] == '\0') {
+-			/* Single character switch */
+-			switch (argv[i][1]) {
++	while((c = getopt(argc, argv, "n:t:sxz")) != -1) {
++		switch(c) {
++			case 'n':
++				n = atoi(optarg);
++				if (n < 1 || n > SKEY_MAX_SEQ)
++					errx(1, "count must be between 1 and %d", SKEY_MAX_SEQ);
++				break;
++			case 't':
++				if(skey_set_algorithm(optarg) == NULL)
++					errx(1, "Unknown hash algorithm %s", optarg);
++				ht = optarg;
++				break;
+ 			case 's':
+ 				defaultsetup = 0;
+ 				break;
+@@ -115,105 +145,51 @@
+ 			case 'z':
+ 				zerokey = 1;
+ 				break;
+-			case 'n':
+-				if (argv[++i] == NULL || argv[i][0] == '\0')
+-					usage(argv[0]);
+-				if ((n = atoi(argv[i])) < 1 || n >= SKEY_MAX_SEQ)
+-					errx(1, "count must be > 0 and < %d",
+-					     SKEY_MAX_SEQ);
+-				break;
+ 			default:
+-				usage(argv[0]);
+-			}
+-		} else {
+-			/* Multi character switches are hash types */
+-			if ((ht = skey_set_algorithm(&argv[i][1])) == NULL) {
+-				warnx("Unknown hash algorithm %s", &argv[i][1]);
+-				usage(argv[0]);
++				errx(1, "Usage: %s [-n count] [-t md4|md5|sha1] [-s] [-x] [-z] [user]", argv[0]);
+ 			}
+ 		}
+-		i++;
+-	}
++		
++		if (argc > optind) {
++			pp = getpwnam(argv[optind]);
++			if (pp == NULL)
++				errx(1, "User %s unknown", argv[optind]);
++		}
+ 
+-	/* check for optional user string */
+-	if (argc - i  > 1) {
+-		usage(argv[0]);
+-	} else if (argv[i]) {
+-		if ((pp = getpwnam(argv[i])) == NULL) {
+-			if (getuid() == 0) {
+-				static struct passwd _pp;
+-
+-				_pp.pw_name = argv[i];
+-				pp = &_pp;
+-				warnx("Warning, user unknown: %s", argv[i]);
+-			} else {
+-				errx(1, "User unknown: %s", argv[i]);
+-			}
+-		} else if (strcmp(pp->pw_name, me) != 0) {
++		if (strcmp(pp->pw_name, me) != 0) {
+ 			if (getuid() != 0) {
+ 				/* Only root can change other's passwds */
+ 				errx(1, "Permission denied.");
+ 			}
+ 		}
+-	}
+ 
+ 	if (getuid() != 0) {
+-		pw = getpass("Password (or `s/key'):");
+-		if (strcasecmp(pw, "s/key") == 0) {
+-			if (skey_haskey(me))
+-				exit(1);
+-			if (skey_authenticate(me))
+-				errx(1, "Password incorrect.");
+-		} else {
+-			p = crypt(pw, salt);
+-			if (strcmp(p, pp->pw_passwd))
+-				errx(1, "Password incorrect.");
+-		}
++		pw = getpass("Password: ");
++		p = crypt(pw, salt);
++		if (strcmp(p, pp->pw_passwd))
++			errx(1, "Password incorrect.");
+ 	}
+ 
+ 	rval = skeylookup(&skey, pp->pw_name);
+ 	switch (rval) {
+ 		case -1:
+-			if (errno == ENOENT)
+-				errx(1, "S/Key disabled");
+-			else
+-				err(1, "cannot open database");
+-			break;
++			err(1, "cannot open database");
+ 		case 0:
+-			/* comment out user if asked to */
+ 			if (zerokey)
+-				exit(skeyzero(&skey, pp->pw_name));
++				exit (skeyzero(&skey, pp->pw_name));
++			printf("[Updating %s]\n", pp->pw_name);
++			printf("Old key: [%s] %s\n", skey_get_algorithm(), skey.seed);
+ 
+-			(void)printf("[Updating %s]\n", pp->pw_name);
+-			(void)printf("Old key: [%s] %s\n", skey_get_algorithm(),
+-				     skey.seed);
+-
+-			/*
+-			 * Sanity check old seed.
+-			 */
+ 			l = strlen(skey.seed);
+-			for (p = skey.seed; *p; p++) {
+-				if (isalpha(*p)) {
+-					if (isupper(*p))
+-						*p = tolower(*p);
+-				} else if (!isdigit(*p)) {
+-					memmove(p, p + 1, l - (p - skey.seed));
+-					l--;
+-				}
+-			}
+-
+-			/*
+-			 * Let's be nice if they have an skey.seed that
+-			 * ends in 0-8 just add one
+-			 */
+ 			if (l > 0) {
+ 				lastc = skey.seed[l - 1];
+-				if (isdigit(lastc) && lastc != '9') {
+-					(void)strcpy(defaultseed, skey.seed);
++				if (isdigit((unsigned char)lastc) && lastc != '9') {
++					strncpy(defaultseed, skey.seed, sizeof(defaultseed));
+ 					defaultseed[l - 1] = lastc + 1;
+ 				}
+-				if (isdigit(lastc) && lastc == '9' && l < 16) {
+-					(void)strcpy(defaultseed, skey.seed);
++				if (isdigit((unsigned char)lastc) && lastc == '9' && 
++					l < 16) {
++					strncpy(defaultseed, skey.seed, sizeof(defaultseed));
+ 					defaultseed[l - 1] = '0';
+ 					defaultseed[l] = '0';
+ 					defaultseed[l + 1] = '\0';
+@@ -223,7 +199,7 @@
+ 		case 1:
+ 			if (zerokey)
+ 				errx(1, "You have no entry to zero.");
+-			(void)printf("[Adding %s]\n", pp->pw_name);
++			printf("[Adding %s]\n", pp->pw_name);
+ 			break;
+ 	}
+ 	if (n == 0)
+@@ -237,37 +213,33 @@
+ 	}
+ 
+ 	if (!defaultsetup) {
+-		(void)printf("You need the 6 english words generated from the \"skey\" command.\n");
++		printf("You need the 6 english words generated from the \"skey\" command.\n");
+ 		for (i = 0; ; i++) {
+ 			if (i >= 2)
+ 				exit(1);
+ 
+-			(void)printf("Enter sequence count from 1 to %d: ",
+-				     SKEY_MAX_SEQ);
+-			(void)fgets(buf, sizeof(buf), stdin);
++			printf("Enter sequence count from 1 to %d: ", SKEY_MAX_SEQ);
++			fgets(buf, sizeof(buf), stdin);
+ 			n = atoi(buf);
+ 			if (n > 0 && n < SKEY_MAX_SEQ)
+ 				break;	/* Valid range */
+-			(void)printf("Error: Count must be > 0 and < %d\n",
+-				     SKEY_MAX_SEQ);
++			printf("\nError: Count must be between 0 and %d\n", SKEY_MAX_SEQ);
+ 		}
+ 
+ 		for (i = 0;; i++) {
+ 			if (i >= 2)
+ 				exit(1);
+ 
+-			(void)printf("Enter new key [default %s]: ",
+-				     defaultseed);
+-			(void)fgets(seed, sizeof(seed), stdin);
++			printf("Enter new seed [default %s]: ", defaultseed);
++			fflush(stdout);
++			fgets(seed, sizeof(seed), stdin);
+ 			rip(seed);
+-			if (seed[0] == '\0')
+-				(void)strcpy(seed, defaultseed);
+ 			for (p = seed; *p; p++) {
+ 				if (isalpha(*p)) {
+ 					if (isupper(*p))
+ 						*p = tolower(*p);
+ 				} else if (!isdigit(*p)) {
+-					(void)puts("Error: seed may only contain alpha numeric characters");
++					puts("Error: seed may only contain alpha numeric characters");
+ 					break;
+ 				}
+ 			}
+@@ -275,66 +247,75 @@
+ 				break;  /* Valid seed */
+ 		}
+ 		if (strlen(seed) > SKEY_MAX_SEED_LEN) {
+-			(void)printf("Notice: Seed truncated to %d characters.\n",
+-				     SKEY_MAX_SEED_LEN);
++			printf("Notice: Seed truncated to %d characters.\n", SKEY_MAX_SEED_LEN);
+ 			seed[SKEY_MAX_SEED_LEN] = '\0';
+ 		} 
++		if (seed[0] == '\0')
++			strncpy(seed, defaultseed, sizeof(seed));
+ 
+ 		for (i = 0;; i++) {
+ 			if (i >= 2)
+ 				exit(1);
+ 
+-			(void)printf("otp-%s %d %s\nS/Key access password: ",
++			printf("otp-%s %d %s\ns/key access password: ",
+ 				     skey_get_algorithm(), n, seed);
+-			(void)fgets(buf, sizeof(buf), stdin);
++			fgets(buf, sizeof(buf), stdin);
+ 			rip(buf);
+ 			backspace(buf);
+ 
+ 			if (buf[0] == '?') {
+-				(void)puts("Enter 6 English words from secure S/Key calculation.");
++				puts("Enter 6 English words from secure s/key calculation.");
+ 				continue;
+ 			} else if (buf[0] == '\0')
+ 				exit(1);
+ 			if (etob(key, buf) == 1 || atob8(key, buf) == 0)
+ 				break;	/* Valid format */
+-			(void)puts("Invalid format - try again with 6 English words.");
++			puts("Invalid format - try again with 6 English words.");
+ 		}
+ 	} else {
+ 		/* Get user's secret password */
+-		fputs("Reminder - Only use this method if you are directly connected\n           or have an encrypted channel.  If you are using telnet\n           or rlogin, exit with no password and use skeyinit -s.\n", stderr);
++		puts("Reminder - Only use this method if you are directly connected\n"
++			"or have an encrypted channel.  If you are using telnet\n"
++			"or rlogin, exit with no password and use skeyinit -s.\n");
+ 
+ 		for (i = 0;; i++) {
+-			if (i > 2)
++			if (i >= 3)
+ 				exit(1);
+ 
+-			(void)fputs("Enter secret password: ", stderr);
++			printf("Enter secret password: ");
+ 			readpass(passwd, sizeof(passwd));
+ 			if (passwd[0] == '\0')
+ 				exit(1);
+ 
+ 			if (strlen(passwd) < SKEY_MIN_PW_LEN) {
+-				(void)fprintf(stderr,
+-				    "Your password must be at least %d characters long.\n", SKEY_MIN_PW_LEN);
++				fprintf(stderr,
++	"Your password must be at least %d characters long.\n", SKEY_MIN_PW_LEN);
+ 				continue;
+ 			} else if (strcmp(passwd, pp->pw_name) == 0) {
+-				(void)fputs("Your password may not be the same as your user name.\n", stderr);
+-				continue;
+-			} else if (strspn(passwd, "abcdefghijklmnopqrstuvwxyz") == strlen(passwd)) {
+-				(void)fputs("Your password must contain more than just lower case letters.\nWhitespace, numbers, and puctuation are suggested.\n", stderr);
++				fputs("Your password may not be the same as your user name.\n", stderr);
+ 				continue;
++			} 
++#ifdef HAVE_CRACK_H
++			if (msg = (char *) FascistCheck(passwd, CRACKLIB_DICTPATH)) {
++				warnx("Warning: %s", msg);
++				/* if (!i) */ /* reject passwords cracklib doesnt like the first time its entered... */
++				/*	continue; */
+ 			}
++#endif
+ 
+-			(void)fputs("Again secret password: ", stderr);
++			printf("Again secret password: ");
+ 			readpass(passwd2, sizeof(passwd));
++			if (passwd2[0] == '\0')
++				exit(1);
+ 
+ 			if (strcmp(passwd, passwd2) == 0)
+ 				break;
+ 
+-			(void)fputs("Passwords do not match.\n", stderr);
++			puts("Passwords do not match.");
+ 		}
+ 
+ 		/* Crunch seed and password into starting key */
+-		(void)strcpy(seed, defaultseed);
++		strncpy(seed, defaultseed, sizeof(seed));
+ 		if (keycrunch(key, seed, passwd) != 0)
+ 			err(2, "key crunch failed");
+ 
+@@ -342,16 +323,16 @@
+ 		while (nn-- != 0)
+ 			f(key);
+ 	}
+-	(void)time(&now);
++	time(&now);
+ 	tm = localtime(&now);
+-	(void)strftime(tbuf, sizeof(tbuf), " %b %d,%Y %T", tm);
++	strftime(tbuf, sizeof(tbuf), " %b %d,%Y %T", tm);
+ 
+ 	if ((skey.val = (char *)malloc(16 + 1)) == NULL)
+ 		err(1, "Can't allocate memory");
+ 
+-	/* Zero out old key if necesary (entry would change size) */
++	/* Zero out old key if necessary (entry would change size) */
+ 	if (zerokey) {
+-		(void)skeyzero(&skey, pp->pw_name);
++		skeyzero(&skey, pp->pw_name);
+ 		/* Re-open keys file and seek to the end */
+ 		if (skeylookup(&skey, pp->pw_name) == -1)
+ 			err(1, "cannot open database");
+@@ -376,26 +357,17 @@
+ 
+ 	/* Don't save algorithm type for md4 (keep record length same) */
+ 	if (strcmp(skey_get_algorithm(), "md4") == 0)
+-		(void)fprintf(skey.keyfile, "%s %04d %-16s %s %-21s\n",
++		fprintf(skey.keyfile, "%s %04d %-16s %s %-21s\n",
+ 		    pp->pw_name, n, seed, skey.val, tbuf);
+ 	else
+-		(void)fprintf(skey.keyfile, "%s %s %04d %-16s %s %-21s\n",
++		fprintf(skey.keyfile, "%s %s %04d %-16s %s %-21s\n",
+ 		    pp->pw_name, skey_get_algorithm(), n, seed, skey.val, tbuf);
+ 
+-	(void)fclose(skey.keyfile);
++	fclose(skey.keyfile);
+ 
+-	(void)printf("\nID %s skey is otp-%s %d %s\n", pp->pw_name,
++	printf("\nID %s skey is otp-%s %d %s\n", pp->pw_name,
+ 		     skey_get_algorithm(), n, seed);
+-	(void)printf("Next login password: %s\n\n",
++	printf("Next login password: %s\n\n",
+ 		     hexmode ? put8(buf, key) : btoe(buf, key));
+-	exit(0);
+-}
+-
+-void
+-usage(s)
+-	char *s;
+-{
+-	(void)fprintf(stderr,
+-		"Usage: %s [-s] [-x] [-z] [-n count] [-md4|-md5|-sha1|-rmd160] [user]\n", s);
+-	exit(1);
++	return 0;
+ }
+--- skey-1.1.5.orig/skeylogin.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeylogin.c	2003-11-06 17:46:45.000000000 +0000
+@@ -20,6 +20,7 @@
+ #include <sys/quota.h>
+ #endif
+ #include <sys/stat.h>
++#include <sys/file.h>
+ #include <sys/time.h>
+ #include <sys/resource.h>
+ #include <sys/types.h>
+@@ -32,6 +33,7 @@
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
++#include <grp.h>
+ 
+ #include "config.h"
+ 
+@@ -45,73 +47,85 @@
+ #include "sha1.h"
+ #endif
+ 
++#include "err.h"
+ #include "skey.h"
+ 
+-char *skipspace __P((char *));
+-int skeylookup __P((struct skey *, char *));
++#define OTP_FMT "otp-%.*s %d %.*s"
+ 
+ /* Issue a skey challenge for user 'name'. If successful,
+- * fill in the caller's skey structure and return(0). If unsuccessful
+- * (e.g., if name is unknown) return(-1).
++ * fill in the caller's skey structure and return 0. If unsuccessful
++ * (e.g., if name is unknown) return -1.
+  *
+  * The file read/write pointer is left at the start of the
+  * record.
+  */
+-int
+-getskeyprompt(mp, name, prompt)
+-	struct skey *mp;
+-	char *name;
+-	char *prompt;
++int getskeyprompt(struct skey *mp, char *name, char *prompt)
+ {
+ 	int rval;
+ 
+ 	sevenbit(name);
+ 	rval = skeylookup(mp, name);
+-	(void)strcpy(prompt, "otp-md0 55 latour1\n");
++
++	*prompt = '\0';
+ 	switch (rval) {
+-	case -1:	/* File error */
+-		return(-1);
+-	case 0:		/* Lookup succeeded, return challenge */
+-		(void)sprintf(prompt, "otp-%.*s %d %.*s\n",
+-			      SKEY_MAX_HASHNAME_LEN, skey_get_algorithm(),
++		case -1:	/* File error */
++			return -1;
++		case 0:		/* Lookup succeeded, return challenge */
++			sprintf(prompt, OTP_FMT "\n",
++				SKEY_MAX_HASHNAME_LEN, skey_get_algorithm(),
+ 			      mp->n - 1, SKEY_MAX_SEED_LEN, mp->seed);
+-		return(0);
+-	case 1:		/* User not found */
+-		(void)fclose(mp->keyfile);
+-		return(-1);
++			return 0;
++		case 1:		/* User not found */
++			fclose(mp->keyfile);
++			mp->keyfile = NULL;
++			return -1;
+ 	}
+-	return(-1);	/* Can't happen */
++	return -1;	/* Can't happen, never ever ever. ever. I'm serious. */
+ }
+ 
+ /* Return  a skey challenge string for user 'name'. If successful,
+- * fill in the caller's skey structure and return(0). If unsuccessful
+- * (e.g., if name is unknown) return(-1).
++ * fill in the caller's skey structure and return 0. If unsuccessful
++ * (e.g., if name is unknown) return -1.
+  *
+  * The file read/write pointer is left at the start of the
+  * record.
+  */
+-int
+-skeychallenge(mp, name, ss)
+-	struct skey *mp;
+-	char *name;
+-	char *ss;
++int skeychallenge(struct skey *mp, const char *name, char *ss, size_t sslen)
+ {
+ 	int rval;
+ 
+ 	rval = skeylookup(mp,name);
++	*ss = '\0';
+ 	switch(rval){
+-	case -1:	/* File error */
+-		return(-1);
+-	case 0:		/* Lookup succeeded, issue challenge */
+-		(void)sprintf(ss, "otp-%.*s %d %.*s", SKEY_MAX_HASHNAME_LEN,
++		case -1:	/* File error */
++			return -1;
++		case 0:		/* Lookup succeeded, issue challenge */
++			snprintf(ss, sslen, OTP_FMT, SKEY_MAX_HASHNAME_LEN,
+ 			      skey_get_algorithm(), mp->n - 1,
+ 			      SKEY_MAX_SEED_LEN, mp->seed);
+-		return(0);
+-	case 1:		/* User not found */
+-		(void)fclose(mp->keyfile);
+-		return(-1);
++			return 0;
++		case 1:		/* User not found */
++			fclose(mp->keyfile);
++			mp->keyfile = NULL;
++			return -1;
++	}
++	return -1;	/* Can't happen - or your money back */
++}
++
++static FILE *openskey(void)
++{
++	struct stat statbuf;
++	FILE *keyfile = NULL;
++
++	if (stat(SKEYKEYS, &statbuf) == 0 &&
++		(keyfile = fopen(SKEYKEYS, "r+"))) {
++			if ((statbuf.st_mode & 0007777) != 0600)
++				fchmod(fileno(keyfile), 0600);
++	} else {
++		keyfile = NULL;
+ 	}
+-	return(-1);	/* Can't happen */
++
++	return keyfile;
+ }
+ 
+ /* Find an entry in the One-time Password database.
+@@ -120,27 +134,19 @@
+  *  0: entry found, file R/W pointer positioned at beginning of record
+  *  1: entry not found, file R/W pointer positioned at EOF
+  */
+-int
+-skeylookup(mp, name)
+-	struct skey *mp;
+-	char *name;
++int skeylookup(struct skey *mp, const char *name)
+ {
+ 	int found = 0;
+ 	long recstart = 0;
+-	char *cp, *ht = NULL;
+-	struct stat statbuf;
+-
+-	/* Open SKEYKEYS if it exists, else return an error */
+-	if (stat(SKEYKEYS, &statbuf) == 0 &&
+-	    (mp->keyfile = fopen(SKEYKEYS, "r+")) != NULL) {
+-		if ((statbuf.st_mode & 0007777) != 0600)
+-			fchmod(fileno(mp->keyfile), 0600);
+-	} else {
+-		return(-1);
+-	}
++	const char *ht = NULL;
++	char *last;
+ 
++	if(!(mp->keyfile = openskey()))
++		return -1;
++	
+ 	/* Look up user name in database */
+ 	while (!feof(mp->keyfile)) {
++		char *cp;
+ 		recstart = ftell(mp->keyfile);
+ 		mp->recstart = recstart;
+ 		if (fgets(mp->buf, sizeof(mp->buf), mp->keyfile) != mp->buf)
+@@ -148,22 +154,22 @@
+ 		rip(mp->buf);
+ 		if (mp->buf[0] == '#')
+ 			continue;	/* Comment */
+-		if ((mp->logname = strtok(mp->buf, " \t")) == NULL)
++		if ((mp->logname = strtok_r(mp->buf, " \t", &last)) == NULL)
+ 			continue;
+-		if ((cp = strtok(NULL, " \t")) == NULL)
++		if ((cp = strtok_r(NULL, " \t", &last)) == NULL)
+ 			continue;
+ 		/* Save hash type if specified, else use md4 */
+-		if (isalpha(*cp)) {
++		if (isalpha((u_char) *cp)) {
+ 			ht = cp;
+-			if ((cp = strtok(NULL, " \t")) == NULL)
++			if ((cp = strtok_r(NULL, " \t", &last)) == NULL)
+ 				continue;
+ 		} else {
+ 			ht = "md4";
+ 		}
+ 		mp->n = atoi(cp);
+-		if ((mp->seed = strtok(NULL, " \t")) == NULL)
++		if ((mp->seed = strtok_r(NULL, " \t", &last)) == NULL)
+ 			continue;
+-		if ((mp->val = strtok(NULL, " \t")) == NULL)
++		if ((mp->val = strtok_r(NULL, " \t", &last)) == NULL)
+ 			continue;
+ 		if (strcmp(mp->logname, name) == 0) {
+ 			found = 1;
+@@ -171,7 +177,7 @@
+ 		}
+ 	}
+ 	if (found) {
+-		(void)fseek(mp->keyfile, recstart, SEEK_SET);
++		fseek(mp->keyfile, recstart, SEEK_SET);
+ 		/* Set hash type */
+ 		if (ht && skey_set_algorithm(ht) == NULL) {
+ 			warnx("Unknown hash algorithm %s, using %s", ht,
+@@ -189,27 +195,21 @@
+  *  0: next entry found and stored in mp
+  *  1: no more entries, file R/W pointer positioned at EOF
+  */
+-int
+-skeygetnext(mp)
+-	struct skey *mp;
++int skeygetnext(struct skey *mp)
+ {
+ 	long recstart = 0;
+-	char *cp;
+-	struct stat statbuf;
++	char *last;
+ 
+ 	/* Open SKEYKEYS if it exists, else return an error */
+ 	if (mp->keyfile == NULL) {
+-		if (stat(SKEYKEYS, &statbuf) == 0 &&
+-		    (mp->keyfile = fopen(SKEYKEYS, "r+")) != NULL) {
+-			if ((statbuf.st_mode & 0007777) != 0600)
+-				fchmod(fileno(mp->keyfile), 0600);
+-		} else {
+-			return(-1);
+-		}
++		if(!(mp->keyfile = openskey()))
++			return -1;
+ 	}
+ 
+ 	/* Look up next user in database */
+ 	while (!feof(mp->keyfile)) {
++		char *cp;
++
+ 		recstart = ftell(mp->keyfile);
+ 		mp->recstart = recstart;
+ 		if (fgets(mp->buf, sizeof(mp->buf), mp->keyfile) != mp->buf)
+@@ -217,19 +217,19 @@
+ 		rip(mp->buf);
+ 		if (mp->buf[0] == '#')
+ 			continue;	/* Comment */
+-		if ((mp->logname = strtok(mp->buf, " \t")) == NULL)
++		if ((mp->logname = strtok_r(mp->buf, " \t", &last)) == NULL)
+ 			continue;
+-		if ((cp = strtok(NULL, " \t")) == NULL)
++		if ((cp = strtok_r(NULL, " \t", &last)) == NULL)
+ 			continue;
+ 		/* Save hash type if specified, else use md4 */
+-		if (isalpha(*cp)) {
+-			if ((cp = strtok(NULL, " \t")) == NULL)
++		if (isalpha((u_char) *cp)) {
++			if ((cp = strtok_r(NULL, " \t", &last)) == NULL)
+ 				continue;
+ 		}
+ 		mp->n = atoi(cp);
+-		if ((mp->seed = strtok(NULL, " \t")) == NULL)
++		if ((mp->seed = strtok_r(NULL, " \t", &last)) == NULL)
+ 			continue;
+-		if ((mp->val = strtok(NULL, " \t")) == NULL)
++		if ((mp->val = strtok_r(NULL, " \t", &last)) == NULL)
+ 			continue;
+ 		/* Got a real entry */
+ 		break;
+@@ -246,10 +246,7 @@
+  *
+  * The database file is always closed by this call.
+  */
+-int
+-skeyverify(mp, response)
+-	struct skey *mp;
+-	char *response;
++int skeyverify(struct skey *mp, char *response)
+ {
+ 	char key[SKEY_BINKEY_SIZE];
+ 	char fkey[SKEY_BINKEY_SIZE];
+@@ -257,29 +254,31 @@
+ 	time_t now;
+ 	struct tm *tm;
+ 	char tbuf[27];
+-	char *cp;
++	char *cp, *last;
+ 	int i, rval;
+ 
+ 	time(&now);
+ 	tm = localtime(&now);
+-	(void)strftime(tbuf, sizeof(tbuf), " %b %d,%Y %T", tm);
++	strftime(tbuf, sizeof(tbuf), " %b %d,%Y %T", tm);
+ 
+ 	if (response == NULL) {
+-		(void)fclose(mp->keyfile);
+-		return(-1);
++		fclose(mp->keyfile);
++		mp->keyfile = NULL;
++		return -1;
+ 	}
+ 	rip(response);
+ 
+ 	/* Convert response to binary */
+ 	if (etob(key, response) != 1 && atob8(key, response) != 0) {
+ 		/* Neither english words or ascii hex */
+-		(void)fclose(mp->keyfile);
+-		return(-1);
++		fclose(mp->keyfile);
++		mp->keyfile = NULL;
++		return -1;
+ 	}
+ 
+ 	/* Compute fkey = f(key) */
+-	(void)memcpy(fkey, key, sizeof(key));
+-        (void)fflush(stdout);
++	memcpy(fkey, key, sizeof(key));
++    fflush(stdout);
+ 	f(fkey);
+ 
+ 	/*
+@@ -298,26 +297,33 @@
+ 	}
+ 
+ 	/* Reread the file record NOW */
+-	(void)fseek(mp->keyfile, mp->recstart, SEEK_SET);
++	fseek(mp->keyfile, mp->recstart, SEEK_SET);
+ 	if (fgets(mp->buf, sizeof(mp->buf), mp->keyfile) != mp->buf) {
+-		(void)fclose(mp->keyfile);
+-		return(-1);
++		fclose(mp->keyfile);
++		mp->keyfile = NULL;
++		return -1;
+ 	}
+ 	rip(mp->buf);
+-	mp->logname = strtok(mp->buf, " \t");
+-	cp = strtok(NULL, " \t") ;
+-	if (isalpha(*cp))
+-		cp = strtok(NULL, " \t") ;
+-	mp->seed = strtok(NULL, " \t");
+-	mp->val = strtok(NULL, " \t");
++	if ((mp->logname = strtok_r(mp->buf, " \t", &last)) == NULL)
++		goto verify_failure;
++	if ((cp = strtok_r(NULL, " \t", &last)) == NULL)
++		goto verify_failure;
++	if (isalpha((u_char) *cp))
++		if ((cp = strtok_r(NULL, " \t", &last)) == NULL)
++			goto verify_failure;
++	if ((mp->seed = strtok_r(NULL, " \t", &last)) == NULL)
++		goto verify_failure;
++	if ((mp->val = strtok_r(NULL, " \t", &last)) == NULL)
++		goto verify_failure;
+ 	/* And convert file value to hex for comparison */
+ 	atob8(filekey, mp->val);
+ 
+ 	/* Do actual comparison */
+ 	if (memcmp(filekey, fkey, SKEY_BINKEY_SIZE) != 0){
+ 		/* Wrong response */
+-		(void)fclose(mp->keyfile);
+-		return(1);
++		fclose(mp->keyfile);
++		mp->keyfile = NULL;
++		return 1;
+ 	}
+ 
+ 	/*
+@@ -327,19 +333,24 @@
+ 	 */
+ 	btoa8(mp->val,key);
+ 	mp->n--;
+-	(void)fseek(mp->keyfile, mp->recstart, SEEK_SET);
++	fseek(mp->keyfile, mp->recstart, SEEK_SET);
+ 	/* Don't save algorithm type for md4 (keep record length same) */
+ 	if (strcmp(skey_get_algorithm(), "md4") == 0)
+-		(void)fprintf(mp->keyfile, "%s %04d %-16s %s %-21s\n",
++		fprintf(mp->keyfile, "%s %04d %-16s %s %-21s\n",
+ 			      mp->logname, mp->n, mp->seed, mp->val, tbuf);
+ 	else
+-		(void)fprintf(mp->keyfile, "%s %s %04d %-16s %s %-21s\n",
++		fprintf(mp->keyfile, "%s %s %04d %-16s %s %-21s\n",
+ 			      mp->logname, skey_get_algorithm(), mp->n,
+ 			      mp->seed, mp->val, tbuf);
+ 
+-	(void)fclose(mp->keyfile);
+-	
+-	return(0);
++	fclose(mp->keyfile);
++	mp->keyfile = NULL;
++	return 0;
++
++	verify_failure:
++		fclose(mp->keyfile);
++		mp->keyfile = NULL;
++		return -1;
+ }
+ 
+ /*
+@@ -348,13 +359,18 @@
+  * Returns: 1 user doesnt exist, -1 fle error, 0 user exists.
+  *
+  */
+-int
+-skey_haskey(username)
+-	char *username;
++int skey_haskey(const char *username)
+ {
+ 	struct skey skey;
++	int i;
++
++	i = skeylookup(&skey, username);
+  
+-	return(skeylookup(&skey, username));
++ 	if (skey.keyfile != NULL) {
++		fclose(skey.keyfile);
++		skey.keyfile = NULL;
++	}
++	return i;
+ }
+  
+ /*
+@@ -364,19 +380,21 @@
+  * seed for the passed user.
+  *
+  */
+-char *
+-skey_keyinfo(username)
+-	char *username;
++const char *skey_keyinfo(const char *username)
+ {
+ 	int i;
+ 	static char str[SKEY_MAX_CHALLENGE];
+ 	struct skey skey;
+ 
+-	i = skeychallenge(&skey, username, str);
++	i = skeychallenge(&skey, username, str, sizeof str);
+ 	if (i == -1)
+-		return(0);
++		return 0;
+ 
+-	return(str);
++	if (skey.keyfile != NULL) {
++		fclose(skey.keyfile);
++		skey.keyfile = NULL;
++	}
++	return str;
+ }
+  
+ /*
+@@ -388,40 +406,38 @@
+  * Returns: 0 success, -1 failure
+  *
+  */
+-int
+-skey_passcheck(username, passwd)
+-	char *username, *passwd;
++int skey_passcheck(const char *username, char *passwd)
+ {
+ 	int i;
+ 	struct skey skey;
+ 
+ 	i = skeylookup(&skey, username);
+ 	if (i == -1 || i == 1)
+-		return(-1);
++		return -1;
+ 
+ 	if (skeyverify(&skey, passwd) == 0)
+-		return(skey.n);
++		return skey.n;
+ 
+-	return(-1);
++	return -1;
+ }
+ 
++#if DO_FAKE_CHALLENGE
+ #define ROUND(x)   (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \
+ 		    ((x)[3]))
+ 
+ /*
+  * hash_collapse()
+  */
+-static u_int32_t
+-hash_collapse(s)
+-        u_char *s;
++static u_int32_t hash_collapse(u_char *s)
+ {
+-        int len, target;
++    int len, target, slen;
+ 	u_int32_t i;
+-	
+-	if ((strlen(s) % sizeof(u_int32_t)) == 0)
+-  		target = strlen(s);    /* Multiple of 4 */
++
++	slen = strlen((char *)s);
++	if ((slen % sizeof(u_int32_t)) == 0)
++  		target = slen;    /* Multiple of 4 */
+ 	else
+-		target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
++		target = slen - slen % sizeof(u_int32_t);
+   
+ 	for (i = 0, len = 0; len < target; len += 4)
+         	i ^= ROUND(s + len);
+@@ -429,6 +445,8 @@
+ 	return i;
+ }
+ 
++#endif 
++
+ /*
+  * skey_authenticate()
+  *
+@@ -438,22 +456,22 @@
+  * Returns: 0 success, -1 failure
+  *
+  */
+-int
+-skey_authenticate(username)
+-	char *username;
++int skey_authenticate(const char *username)
+ {
+ 	int i;
++	char pbuf[SKEY_MAX_PW_LEN+1], skeyprompt[SKEY_MAX_CHALLENGE+1];
++	struct skey skey;
++#if DO_FAKE_CHALLENGE
+ 	u_int ptr;
+ 	u_char hseed[SKEY_MAX_SEED_LEN], flg = 1, *up;
+-	char pbuf[SKEY_MAX_PW_LEN+1], skeyprompt[SKEY_MAX_CHALLENGE+1];
+-	char *secret;
+ 	size_t secretlen;
+-	struct skey skey;
+ 	SHA1_CTX ctx;
+-	
++#endif
++
+ 	/* Attempt an S/Key challenge */
+-	i = skeychallenge(&skey, username, skeyprompt);
++	i = skeychallenge(&skey, username, skeyprompt, sizeof skeyprompt);
+ 
++#if DO_FAKE_CHALLENGE
+ 	/* Cons up a fake prompt if no entry in keys file */
+ 	if (i != 0) {
+ 		char *p, *u;
+@@ -465,11 +483,11 @@
+ 		if (gethostname(pbuf, sizeof(pbuf)) == -1)
+ 			*(p = pbuf) = '.';
+ 		else
+-			for (p = pbuf; *p && isalnum(*p); p++)
+-				if (isalpha(*p) && isupper(*p))
+-					*p = tolower(*p);
++			for (p = pbuf; *p && isalnum((u_char)*p); p++)
++				if (isalpha((u_char)*p) && isupper((u_char)*p))
++					*p = tolower((u_char)*p);
+ 		if (*p && pbuf - p < 4)
+-			(void)strncpy(p, "asjd", 4 - (pbuf - p));
++			strncpy(p, "asjd", 4 - (pbuf - p));
+ 		pbuf[4] = '\0';
+ 
+ 		/* Hash the username if possible */
+@@ -490,6 +508,7 @@
+ 			    SEEK_SET) != -1 && read(fd, hseed,
+ 			    SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) {
+ 				close(fd);
++				fd = -1;
+ 				secret = hseed;
+ 				secretlen = SKEY_MAX_SEED_LEN;
+ 				flg = 0;
+@@ -499,6 +518,8 @@
+ 				secretlen = strlen(secret);
+ 				flg = 0;
+ 			}
++			if (fd != -1)
++				close(fd);
+ 		}
+ 
+ 		/* Put that in your pipe and smoke it */
+@@ -531,7 +552,7 @@
+ 			memset(up, 0, 20); /* SHA1 specific */
+ 			free(up);
+ 
+-			(void)sprintf(skeyprompt,
++			sprintf(skeyprompt,
+ 				      "otp-%.*s %d %.*s",
+ 				      SKEY_MAX_HASHNAME_LEN,
+ 				      skey_get_algorithm(),
+@@ -554,29 +575,30 @@
+ 			} while (--i != 0);
+ 			pbuf[12] = '\0';
+ 
+-			(void)sprintf(skeyprompt, "otp-%.*s %d %.*s",
++			sprintf(skeyprompt, "otp-%.*s %d %.*s",
+ 				      SKEY_MAX_HASHNAME_LEN,
+ 				      skey_get_algorithm(),
+ 				      99, SKEY_MAX_SEED_LEN, pbuf);
+ 		}
+ 	}
++#endif
+ 
+-	(void)fprintf(stderr, "%s\n", skeyprompt);
+-	(void)fflush(stderr);
++	fprintf(stderr, "[%s]\n", skeyprompt);
++	fflush(stderr);
+ 
+-	(void)fputs("Response: ", stderr);
++	fputs("Response: ", stderr);
+ 	readskey(pbuf, sizeof(pbuf));
+ 
+ 	/* Is it a valid response? */
+ 	if (i == 0 && skeyverify(&skey, pbuf) == 0) {
+ 		if (skey.n < 5) {
+-			(void)fprintf(stderr,
++			fprintf(stderr,
+ 			    "\nWarning! Key initialization needed soon.  (%d logins left)\n",
+ 			    skey.n);
+ 		}
+-		return(0);
++		return 0;
+ 	}
+-	return(-1);
++	return -1;
+ }
+ 
+ /* Comment out user's entry in the s/key database
+@@ -587,22 +609,21 @@
+  *
+  * The database file is always closed by this call.
+  */
+-int
+-skeyzero(mp, response)
+-	struct skey *mp;
+-	char *response;
++int skeyzero(struct skey *mp, char *response)
+ {
+ 	/*
+ 	 * Seek to the right place and write comment character
+ 	 * which effectively zero's out the entry.
+ 	 */
+-	(void)fseek(mp->keyfile, mp->recstart, SEEK_SET);
++	fseek(mp->keyfile, mp->recstart, SEEK_SET);
+ 	if (fputc('#', mp->keyfile) == EOF) {
+ 		fclose(mp->keyfile);
+-		return(-1);
++		mp->keyfile = NULL;
++		return -1;
+ 	}
+ 
+-	(void)fclose(mp->keyfile);
++	fclose(mp->keyfile);
++	mp->keyfile = NULL;
+ 	
+-	return(0);
++	return 0;
+ }
+--- skey-1.1.5.orig/skeyprune.8	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeyprune.8	2003-11-06 17:46:45.000000000 +0000
+@@ -13,7 +13,7 @@
+ .Sh DESCRIPTION
+ .Nm skeyprune
+ searches through the file
+-.Dq Pa /etc/skeykeys
++.Dq Pa /etc/skey/skeykeys
+ and prunes out users who have zeroed their entries via
+ .Xr skeyinit 1
+ as well as entries that have not been modified in
+@@ -22,8 +22,8 @@
+ .Ar days
+ is not specified only commented out entries are pruned.
+ .Sh FILES
+-.Bl -tag -width /etc/skeykeys -compact
+-.It Pa /etc/skeykeys
++.Bl -tag -width /etc/skey/skeykeys -compact
++.It Pa /etc/skey/skeykeys
+ S/Key key information database
+ .El
+ .Sh SEE ALSO
+@@ -33,7 +33,7 @@
+ Since
+ .Nm skeyprune
+ rewrites
+-.Dq Pa /etc/skeykeys ,
++.Dq Pa /etc/skey/skeykeys ,
+ there is a window where S/Key changes could get lost.
+ It is therefore suggested that
+ .Nm skeyprune
+--- skey-1.1.5.orig/skeysubr.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/skeysubr.c	2003-11-06 17:46:45.000000000 +0000
+@@ -40,11 +40,6 @@
+ #else
+ #include "sha1.h"
+ #endif
+-#ifdef HAVE_RMD160_H
+-#include <rmd160.h>
+-#else
+-#include "rmd160.h"
+-#endif
+ 
+ #include "skey.h"
+ 
+@@ -53,17 +48,18 @@
+ #define SKEY_HASH_DEFAULT	1
+ #endif
+ 
+-static void f_md4 __P((char *x));
+-static void f_md5 __P((char *x));
+-static void f_sha1 __P((char *x));
+-static void f_rmd160 __P((char *x));
+-static int keycrunch_md4 __P((char *result, char *seed, char *passwd));
+-static int keycrunch_md5 __P((char *result, char *seed, char *passwd));
+-static int keycrunch_sha1 __P((char *result, char *seed, char *passwd));
+-static int keycrunch_rmd160 __P((char *result, char *seed, char *passwd));
+-static void lowcase __P((char *s));
+-static void skey_echo __P((int action));
+-static void trapped __P((int sig));
++static void f_md4 __P((char *));
++static void f_md5 __P((char *));
++static void f_sha1 __P((char *));
++/* static void f_rmd160 __P((char *x)); */
++static int keycrunch_md4 __P((char *, const char *, const char *));
++static int keycrunch_md5 __P((char *, const char *, const char *));
++static int keycrunch_sha1 __P((char *, const char *, const char *));
++/* static int keycrunch_rmd160 __P((char *result, char *seed, char *passwd)); */
++static void lowcase __P((char *));
++static void skey_echo __P((int));
++static void trapped __P((int));
++static char *mkseedpassword(const char *, const char *, size_t *);
+ 
+ /* Current hash type (index into skey_hash_types array) */
+ static int skey_hash_type = SKEY_HASH_DEFAULT;
+@@ -72,17 +68,16 @@
+  * Hash types we support.
+  * Each has an associated keycrunch() and f() function.
+  */
+-#define SKEY_ALGORITH_LAST	4
+ struct skey_algorithm_table {
+ 	const char *name;
+-	int (*keycrunch) (char *, char *, char *);
+-	void (*f) (char *);
++	int (*keycrunch) __P((char *, const char *, const char *));
++	void (*f) __P((char *));
+ };
+ static struct skey_algorithm_table skey_algorithm_table[] = {
+ 	{ "md4", keycrunch_md4, f_md4 },
+ 	{ "md5", keycrunch_md5, f_md5 },
+ 	{ "sha1", keycrunch_sha1, f_sha1 },
+-	{ "rmd160", keycrunch_rmd160, f_rmd160 }
++	{ NULL }
+ };
+ 
+ 
+@@ -91,242 +86,172 @@
+  * concatenate the seed and the password, run through MD4/5 and
+  * collapse to 64 bits. This is defined as the user's starting key.
+  */
+-int
+-keycrunch(result, seed, passwd)
+-	char *result;	/* SKEY_BINKEY_SIZE result */
+-	char *seed;	/* Seed, any length */
+-	char *passwd;	/* Password, any length */
++int keycrunch(char *result, const char *seed, const char *passwd)
+ {
+ 	return(skey_algorithm_table[skey_hash_type].keycrunch(result, seed, passwd));
+ }
+ 
+-static int
+-keycrunch_md4(result, seed, passwd)
+-	char *result;	/* SKEY_BINKEY_SIZE result */
+-	char *seed;	/* Seed, any length */
+-	char *passwd;	/* Password, any length */
++static char *mkseedpassword(const char *seed, const char *passwd, size_t *buflen)
+ {
+ 	char *buf;
+-	MD4_CTX md;
+-	u_int32_t results[4];
+-	unsigned int buflen;
+ 
+-	buflen = strlen(seed) + strlen(passwd);
+-	if ((buf = (char *)malloc(buflen+1)) == NULL)
+-		return(-1);
+-	(void)strcpy(buf, seed);
++	*buflen = strlen(seed) + strlen(passwd);
++	if ((buf = (char *) malloc(*buflen + 1)) == NULL)
++		return NULL;
++	strcpy(buf, seed);
+ 	lowcase(buf);
+-	(void)strcat(buf, passwd);
++	strcat(buf, passwd);
++	sevenbit(buf);
++
++	return buf;
++}
+ 
++static int keycrunch_md4(char *result, const char *seed, const char *passwd)
++{
++	char *buf;
++	MD4_CTX md;
++	size_t buflen;
++	u_int32_t results[4];
++
++	if ((buf = mkseedpassword(seed, passwd, &buflen)) == NULL)
++		return -1;
++	
+ 	/* Crunch the key through MD4 */
+-	sevenbit(buf);
+ 	MD4Init(&md);
+ 	MD4Update(&md, (unsigned char *)buf, buflen);
+-	MD4Final((unsigned char *)results, &md);
+-	(void)free(buf);
++	MD4Final((unsigned char *) (void *) results, &md);
++	free(buf);
+ 
+ 	/* Fold result from 128 to 64 bits */
+ 	results[0] ^= results[2];
+ 	results[1] ^= results[3];
+ 
+-	(void)memcpy((void *)result, (void *)results, SKEY_BINKEY_SIZE);
++	memcpy(result, results, SKEY_BINKEY_SIZE);
+ 
+-	return(0);
++	return 0;
+ }
+ 
+-static int
+-keycrunch_md5(result, seed, passwd)
+-	char *result;	/* SKEY_BINKEY_SIZE result */
+-	char *seed;	/* Seed, any length */
+-	char *passwd;	/* Password, any length */
++static int keycrunch_md5(char *result, const char *seed, const char *passwd)
+ {
+ 	char *buf;
+ 	MD5_CTX md;
+ 	u_int32_t results[4];
+-	unsigned int buflen;
++	size_t buflen;
+ 
+-	buflen = strlen(seed) + strlen(passwd);
+-	if ((buf = (char *)malloc(buflen+1)) == NULL)
+-		return(-1);
+-	(void)strcpy(buf, seed);
+-	lowcase(buf);
+-	(void)strcat(buf, passwd);
++	if ((buf = mkseedpassword(seed, passwd, &buflen)) == NULL)
++		return -1;
+ 
+ 	/* Crunch the key through MD5 */
+-	sevenbit(buf);
+ 	MD5Init(&md);
+ 	MD5Update(&md, (unsigned char *)buf, buflen);
+-	MD5Final((unsigned char *)results, &md);
+-	(void)free(buf);
++	MD5Final((unsigned char *) (void *)results, &md);
++	free(buf);
+ 
+ 	/* Fold result from 128 to 64 bits */
+ 	results[0] ^= results[2];
+ 	results[1] ^= results[3];
+ 
+-	(void)memcpy((void *)result, (void *)results, SKEY_BINKEY_SIZE);
++	memcpy((void *)result, (void *)results, SKEY_BINKEY_SIZE);
+ 
+ 	return(0);
+ }
+ 
+-static int
+-keycrunch_sha1(result, seed, passwd)
+-	char *result;	/* SKEY_BINKEY_SIZE result */
+-	char *seed;	/* Seed, any length */
+-	char *passwd;	/* Password, any length */
++static int keycrunch_sha1(char *result, const char *seed, const char *passwd)
+ {
+ 	char *buf;
+ 	SHA1_CTX sha;
+-	u_int32_t results[5];
+-	unsigned int buflen;
+-
+-	buflen = strlen(seed) + strlen(passwd);
+-	if ((buf = (char *)malloc(buflen+1)) == NULL)
+-		return(-1);
+-	(void)strcpy(buf, seed);
+-	lowcase(buf);
+-	(void)strcat(buf, passwd);
++	size_t buflen;
++	int i, j;
+ 
++	if ((buf = mkseedpassword(seed, passwd, &buflen)) == NULL)
++		return -1;
++	
+ 	/* Crunch the key through SHA1 */
+-	sevenbit(buf);
+ 	SHA1Init(&sha);
+ 	SHA1Update(&sha, (unsigned char *)buf, buflen);
+-	SHA1Final((unsigned char *)results, &sha);
+-	(void)free(buf);
++	SHA1Final(NULL, &sha);
++	free(buf);
+ 
+ 	/* Fold 160 to 64 bits */
+-	results[0] ^= results[2];
+-	results[1] ^= results[3];
+-	results[0] ^= results[4];
+-
+-	(void)memcpy((void *)result, (void *)results, SKEY_BINKEY_SIZE);
+-
+-	return(0);
+-}
+-
+-static int
+-keycrunch_rmd160(result, seed, passwd)
+-	char *result;	/* SKEY_BINKEY_SIZE result */
+-	char *seed;	/* Seed, any length */
+-	char *passwd;	/* Password, any length */
+-{
+-	char *buf;
+-	RMD160_CTX rmd;
+-	u_int32_t results[5];
+-	unsigned int buflen;
+-
+-	buflen = strlen(seed) + strlen(passwd);
+-	if ((buf = (char *)malloc(buflen+1)) == NULL)
+-		return(-1);
+-	(void)strcpy(buf, seed);
+-	lowcase(buf);
+-	(void)strcat(buf, passwd);
+-
+-	/* Crunch the key through RMD-160 */
+-	sevenbit(buf);
+-	RMD160Init(&rmd);
+-	RMD160Update(&rmd, (unsigned char *)buf, buflen);
+-	RMD160Final((unsigned char *)results, &rmd);
+-	(void)free(buf);
+-
+-	/* Fold 160 to 64 bits */
+-	results[0] ^= results[2];
+-	results[1] ^= results[3];
+-	results[0] ^= results[4];
+-
+-	(void)memcpy((void *)result, (void *)results, SKEY_BINKEY_SIZE);
++	sha.state[0] ^= sha.state[2];
++	sha.state[1] ^= sha.state[3];
++	sha.state[0] ^= sha.state[4];
++
++	for (i=j=0; j<8; i++, j+=4) {
++		result[j] = (unsigned char)(sha.state[i] & 0xff);
++		result[j+1] = (unsigned char)((sha.state[i] >> 8) & 0xff);
++		result[j+2] = (unsigned char)((sha.state[i] >> 16) & 0xff);
++		result[j+3] = (unsigned char)((sha.state[i] >> 24) & 0xff);
++	}
+ 
+-	return(0);
++	return 0;
+ }
+ 
+ /*
+  * The one-way function f().
+  * Takes SKEY_BINKEY_SIZE bytes and returns SKEY_BINKEY_SIZE bytes in place.
+  */
+-void
+-f(x)
+-	char *x;
++void f(char *x)
+ {
+ 	skey_algorithm_table[skey_hash_type].f(x);
+ }
+ 
+-static void
+-f_md4(x)
+-	char *x;
++static void f_md4(char *x)
+ {
+ 	MD4_CTX md;
+ 	u_int32_t results[4];
+ 
+ 	MD4Init(&md);
+ 	MD4Update(&md, (unsigned char *)x, SKEY_BINKEY_SIZE);
+-	MD4Final((unsigned char *)results, &md);
++	MD4Final((unsigned char *) (void *) results, &md);
+ 
+ 	/* Fold 128 to 64 bits */
+ 	results[0] ^= results[2];
+ 	results[1] ^= results[3];
+ 
+-	(void)memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
++	memcpy(x, results, SKEY_BINKEY_SIZE);
+ }
+ 
+-static void
+-f_md5(x)
+-	char *x;
++static void f_md5(char *x)
+ {
+ 	MD5_CTX md;
+ 	u_int32_t results[4];
+ 
+ 	MD5Init(&md);
+ 	MD5Update(&md, (unsigned char *)x, SKEY_BINKEY_SIZE);
+-	MD5Final((unsigned char *)results, &md);
++	MD5Final((unsigned char *) (void *) results, &md);
+ 
+ 	/* Fold 128 to 64 bits */
+ 	results[0] ^= results[2];
+ 	results[1] ^= results[3];
+ 
+-	(void)memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
++	memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
+ }
+ 
+-static void
+-f_sha1(x)
+-	char *x;
++static void f_sha1(char *x)
+ {
+ 	SHA1_CTX sha;
+-	u_int32_t results[5];
++	int i, j;
+ 
+ 	SHA1Init(&sha);
+ 	SHA1Update(&sha, (unsigned char *)x, SKEY_BINKEY_SIZE);
+-	SHA1Final((unsigned char *)results, &sha);
++	SHA1Final(NULL, &sha);
+ 
+ 	/* Fold 160 to 64 bits */
+-	results[0] ^= results[2];
+-	results[1] ^= results[3];
+-	results[0] ^= results[4];
+-
+-	(void)memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
+-}
+-
+-static void
+-f_rmd160(x)
+-	char *x;
+-{
+-	RMD160_CTX rmd;
+-	u_int32_t results[5];
+-
+-	RMD160Init(&rmd);
+-	RMD160Update(&rmd, (unsigned char *)x, SKEY_BINKEY_SIZE);
+-	RMD160Final((unsigned char *)results, &rmd);
+-
+-	/* Fold 160 to 64 bits */
+-	results[0] ^= results[2];
+-	results[1] ^= results[3];
+-	results[0] ^= results[4];
+-
+-	(void)memcpy((void *)x, (void *)results, SKEY_BINKEY_SIZE);
++	sha.state[0] ^= sha.state[2];
++	sha.state[1] ^= sha.state[3];
++	sha.state[0] ^= sha.state[4];
++
++	for (i=j=0; j<8; i++, j+=4) {
++		x[j]	= (unsigned char)(sha.state[i] & 0xff);
++		x[j+1]	= (unsigned char)((sha.state[i] >> 8) & 0xff);
++		x[j+2]	= (unsigned char)((sha.state[i] >> 16) & 0xff);
++		x[j+3]	= (unsigned char)((sha.state[i] >> 24) & 0xff);
++	}
+ }
+ 
+ /* Strip trailing cr/lf from a line of text */
+-void
+-rip(buf)
+-	char *buf;
++void rip(char *buf)
+ {
+ 	buf += strcspn(buf, "\r\n");
+ 
+@@ -335,12 +260,9 @@
+ }
+ 
+ /* Read in secret password (turns off echo) */
+-char *
+-readpass(buf, n)
+-	char *buf;
+-	int n;
++char *readpass(char *buf, int n)
+ {
+-	void (*old_handler) ();
++	void *old_handler;
+ 
+ 	/* Turn off echoing */
+ 	skey_echo(0);
+@@ -348,131 +270,114 @@
+ 	/* Catch SIGINT and save old signal handler */
+ 	old_handler = signal(SIGINT, trapped);
+ 
+-	(void)fgets(buf, n, stdin);
++	fgets(buf, n, stdin);
+ 	rip(buf);
+ 
+-	(void)putc('\n', stderr);
+-	(void)fflush(stderr);
++	putc('\n', stderr);
++	fflush(stderr);
+ 
+ 	/* Restore signal handler and turn echo back on */
+ 	if (old_handler != SIG_ERR)
+-		(void)signal(SIGINT, old_handler);
++		signal(SIGINT, old_handler);
+ 	skey_echo(1);
+ 
+ 	sevenbit(buf);
+ 
+-	return(buf);
++	return buf;
+ }
+ 
+ /* Read in an s/key OTP (does not turn off echo) */
+-char *
+-readskey(buf, n)
+-	char *buf;
+-	int n;
++char *readskey(char *buf, int n)
+ {
+-	(void)fgets(buf, n, stdin);
++	fgets(buf, n, stdin);
+ 	rip(buf);
+ 
+ 	sevenbit(buf);
+ 
+-	return(buf);
++	return buf;
+ }
+ 
+ /* Signal handler for trapping ^C */
+-static void
+-trapped(sig)
+-	int sig;
++static void trapped(int sig)
+ {
+-	(void)fputs("^C\n", stderr);
+-	(void)fflush(stderr);
++	fputs("^C\n", stderr);
++	fflush(stderr);
+ 
+-	/* Turn on echo if necesary */
++	/* Turn on echo if necemassary */
+ 	skey_echo(1);
+ 
+-	exit(-1);
++	exit(1);
+ }
+ 
+ /*
+  * Convert 8-byte hex-ascii string to binary array
+  * Returns 0 on success, -1 on error
+  */
+-int
+-atob8(out, in)
+-	register char *out;
+-	register char *in;
++int atob8(char *out, const char *in)
+ {
+-	register int i;
+-	register int val;
++	int i;
++	int val;
+ 
+ 	if (in == NULL || out == NULL)
+-		return(-1);
++		return -1;
+ 
+ 	for (i=0; i < 8; i++) {
+ 		if ((in = skipspace(in)) == NULL)
+-			return(-1);
++			return -1;
+ 		if ((val = htoi(*in++)) == -1)
+-			return(-1);
++			return -1;
+ 		*out = val << 4;
+ 
+ 		if ((in = skipspace(in)) == NULL)
+-			return(-1);
++			return -1;
+ 		if ((val = htoi(*in++)) == -1)
+-			return(-1);
++			return -1;
+ 		*out++ |= val;
+ 	}
+-	return(0);
++	return 0;
+ }
+ 
+ /* Convert 8-byte binary array to hex-ascii string */
+-int
+-btoa8(out, in)
+-	register char *out;
+-	register char *in;
++int btoa8(char *out, const char *in)
+ {
+-	register int i;
++	int i;
+ 
+ 	if (in == NULL || out == NULL)
+-		return(-1);
++		return -1;
+ 
+ 	for (i=0; i < 8; i++) {
+-		(void)sprintf(out, "%02x", *in++ & 0xff);
++		sprintf(out, "%02x", *in++ & 0xff);
+ 		out += 2;
+ 	}
+-	return(0);
++	return 0;
+ }
+ 
+ /* Convert hex digit to binary integer */
+-int
+-htoi(c)
+-	register int c;
++int htoi(int c)
+ {
+ 	if ('0' <= c && c <= '9')
+-		return(c - '0');
++		return c - '0';
+ 	if ('a' <= c && c <= 'f')
+-		return(10 + c - 'a');
++		return 10 + c - 'a';
+ 	if ('A' <= c && c <= 'F')
+-		return(10 + c - 'A');
+-	return(-1);
++		return 10 + c - 'A';
++	return -1;
+ }
+ 
+ /* Skip leading spaces from the string */
+-char *
+-skipspace(cp)
+-	register char *cp;
++const char *skipspace(const char *cp)
+ {
+ 	while (*cp == ' ' || *cp == '\t')
+ 		cp++;
+ 
+ 	if (*cp == '\0')
+-		return(NULL);
++		return NULL;
+ 	else
+-		return(cp);
++		return cp;
+ }
+ 
+ /* Remove backspaced over characters from the string */
+-void
+-backspace(buf)
+-	char *buf;
++void backspace(char *buf)
+ {
+ 	char bs = 0x8;
+ 	char *cp = buf;
+@@ -496,77 +401,68 @@
+ }
+ 
+ /* Make sure line is all seven bits */
+-void
+-sevenbit(s)
+-	char *s;
++void sevenbit(char *s)
+ {
+ 	while (*s)
+ 		*s++ &= 0x7f;
+ }
+ 
+ /* Set hash algorithm type */
+-char *
+-skey_set_algorithm(new)
+-	char *new;
++const char *skey_set_algorithm(const char *new)
+ {
+ 	int i;
+ 
+-	for (i = 0; i < SKEY_ALGORITH_LAST; i++) {
++	for (i = 0; skey_algorithm_table[i].name; i++) {
+ 		if (strcmp(new, skey_algorithm_table[i].name) == 0) {
+ 			skey_hash_type = i;
+-			return(new);
++			return new;
+ 		}
+ 	}
+ 
+-	return(NULL);
++	return NULL;
+ }
+ 
+ /* Get current hash type */
+-const char *
+-skey_get_algorithm()
++const char *skey_get_algorithm()
+ {
+ 	return(skey_algorithm_table[skey_hash_type].name);
+ }
+ 
+ /* Turn echo on/off */
+-static void
+-skey_echo(action)
+-	int action;
++static void skey_echo(int action)
+ {
+ 	static struct termios term;
+ 	static int echo = 0;
+ 
+ 	if (action == 0) {
+ 		/* Turn echo off */
+-		(void) tcgetattr(fileno(stdin), &term);
++		tcgetattr(fileno(stdin), &term);
+ 		if ((echo = (term.c_lflag & ECHO))) {
+ 			term.c_lflag &= ~ECHO;
+ #ifdef TCSASOFT
+-			(void) tcsetattr(fileno(stdin), TCSAFLUSH|TCSASOFT, &term);
++			tcsetattr(fileno(stdin), TCSAFLUSH|TCSASOFT, &term);
+ #else
+-			(void) tcsetattr(fileno(stdin), TCSAFLUSH, &term);
++			tcsetattr(fileno(stdin), TCSAFLUSH, &term);
+ #endif
+ 		}
+ 	} else if (action && echo) {
+ 		/* Turn echo on */
+ 		term.c_lflag |= ECHO;
+ #ifdef TCSASOFT
+-		(void) tcsetattr(fileno(stdin), TCSAFLUSH|TCSASOFT, &term);
++		tcsetattr(fileno(stdin), TCSAFLUSH|TCSASOFT, &term);
+ #else
+-		(void) tcsetattr(fileno(stdin), TCSAFLUSH, &term);
++		tcsetattr(fileno(stdin), TCSAFLUSH, &term);
+ #endif	       
+ 		echo = 0;
+ 	}
+ }
+ 
+ /* Convert string to lower case */
+-static void
+-lowcase(s)
+-	char *s;
++static void lowcase(char *s)
+ {
+-	char *p;
++	u_char *p;
+ 
+-	for (p = s; *p; p++)
++	for (p = (u_char *) s; *p; p++)
+ 		if (isupper(*p))
+ 			*p = tolower(*p);
+ }
+--- skey-1.1.5.orig/strlcpy.c	2001-05-10 17:10:49.000000000 +0100
++++ skey-1.1.5/strlcpy.c	1970-01-01 01:00:00.000000000 +0100
+@@ -1,72 +0,0 @@
+-/*	$OpenBSD: strlcpy.c,v 1.4 1999/05/01 18:56:41 millert Exp $	*/
+-
+-/*
+- * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+- * All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the above copyright
+- *    notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- *    notice, this list of conditions and the following disclaimer in the
+- *    documentation and/or other materials provided with the distribution.
+- * 3. The name of the author may not be used to endorse or promote products
+- *    derived from this software without specific prior written permission.
+- *
+- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+- * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+- * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
+- * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+- * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+- */
+-#include "config.h"
+-#ifndef HAVE_STRLCPY
+-
+-#if defined(LIBC_SCCS) && !defined(lint)
+-static char *rcsid = "$OpenBSD: strlcpy.c,v 1.4 1999/05/01 18:56:41 millert Exp $";
+-#endif /* LIBC_SCCS and not lint */
+-
+-#include <sys/types.h>
+-#include <string.h>
+-
+-/*
+- * Copy src to string dst of size siz.  At most siz-1 characters
+- * will be copied.  Always NUL terminates (unless siz == 0).
+- * Returns strlen(src); if retval >= siz, truncation occurred.
+- */
+-size_t strlcpy(dst, src, siz)
+-	char *dst;
+-	const char *src;
+-	size_t siz;
+-{
+-	register char *d = dst;
+-	register const char *s = src;
+-	register size_t n = siz;
+-
+-	/* Copy as many bytes as will fit */
+-	if (n != 0 && --n != 0) {
+-		do {
+-			if ((*d++ = *s++) == 0)
+-				break;
+-		} while (--n != 0);
+-	}
+-
+-	/* Not enough room in dst, add NUL and traverse rest of src */
+-	if (n == 0) {
+-		if (siz != 0)
+-			*d = '\0';		/* NUL-terminate dst */
+-		while (*s++)
+-			;
+-	}
+-
+-	return(s - src - 1);	/* count does not include NUL */
+-}
+-
+-#endif

diff --git a/patchsets/skey/1.1.5/02_all_login_name_max.patch b/patchsets/skey/1.1.5/02_all_login_name_max.patch
new file mode 100644
index 0000000..55bd36b
--- /dev/null
+++ b/patchsets/skey/1.1.5/02_all_login_name_max.patch
@@ -0,0 +1,18 @@
+https://bugs.gentoo.org/33315
+glibc 2.2.x does not define LOGIN_NAME_MAX
+	(12 Nov 2003) -taviso@gentoo.org
+
+--- skey-1.1.5.orig/skeyinit.c
++++ skey-1.1.5/skeyinit.c
+@@ -62,6 +62,11 @@
+ #define SKEY_NAMELEN    4
+ #endif
+ 
++/* #33315 */
++#ifndef LOGIN_NAME_MAX
++#define LOGIN_NAME_MAX 256
++#endif
++
+ int	main __P((int, char **));
+ 
+ int main(int argc, char **argv)

diff --git a/patchsets/skey/1.1.5/03_all_fPIC.patch b/patchsets/skey/1.1.5/03_all_fPIC.patch
new file mode 100644
index 0000000..8a91192
--- /dev/null
+++ b/patchsets/skey/1.1.5/03_all_fPIC.patch
@@ -0,0 +1,12 @@
+--- skey-1.1.5-orig/Makefile.in
++++ skey-1.1.5/Makefile.in
+@@ -50,6 +50,9 @@
+ 
+ ${LIBOBJS}: config.h
+ 
++${LIBOBJS}: %.o: %.c
++	${CC} ${CFLAGS} -fPIC -c $< -o $@
++
+ libskey.a: ${LIBOBJS}
+ 	${AR} rv $@ ${LIBOBJS}
+ 	${RANLIB} $@

diff --git a/patchsets/skey/1.1.5/04_all_bind-now.patch b/patchsets/skey/1.1.5/04_all_bind-now.patch
new file mode 100644
index 0000000..3a1062d
--- /dev/null
+++ b/patchsets/skey/1.1.5/04_all_bind-now.patch
@@ -0,0 +1,15 @@
+--- skey-1.1.5-orig/Makefile.in
++++ skey-1.1.5/Makefile.in
+@@ -67,10 +67,10 @@
+ 	${CC} -o $@ ${SKEYOBJS} ${LDFLAGS} -lskey ${LIBS}
+ 
+ skeyinit: libskey.so ${SKEYINITOBJS}
+-	${CC} -o $@ ${SKEYINITOBJS} ${LDFLAGS} -lskey ${LIBS} 
++	${CC} -o $@ ${SKEYINITOBJS} ${LDFLAGS} -lskey ${LIBS} -Wl,-z,now
+ 
+ skeyinfo: libskey.so ${SKEYINFOOBJS}
+-	${CC} -o $@ ${SKEYINFOOBJS} ${LDFLAGS} -lskey ${LIBS}
++	${CC} -o $@ ${SKEYINFOOBJS} ${LDFLAGS} -lskey ${LIBS} -Wl,-z,now
+ 
+ ${MANPAGES} ${SCRIPTS}::
+ 	${FIXPATHSCMD} ${srcdir}/$@

diff --git a/patchsets/skey/1.1.5/05_all_otp.patch b/patchsets/skey/1.1.5/05_all_otp.patch
new file mode 100644
index 0000000..6f80f74
--- /dev/null
+++ b/patchsets/skey/1.1.5/05_all_otp.patch
@@ -0,0 +1,53 @@
+https://bugs.gentoo.org/71015
+allow invokation as otp-foo.
+	(03 Mar 2005) -taviso.
+
+--- skey-1.1.5.orig/skey.c
++++ skey-1.1.5/skey.c
+@@ -46,6 +46,17 @@
+ 	char	passwd[SKEY_MAX_PW_LEN+1], key[SKEY_BINKEY_SIZE];
+ 	char	buf[33], *seed, *slash, *t;
+ 
++	/* If we were called as otp-METHOD, set algorithm based on that */
++	if ((slash = strrchr(argv[0], '/')))
++	    slash++;
++	else
++	    slash = argv[0];
++	if (strncmp(slash, "otp-", 4) == 0) {
++		slash += 4;
++		if (skey_set_algorithm(slash) == NULL)
++			errx(1, "Unknown hash algorithm %s", slash);
++	}
++
+ 	while ((i = getopt(argc, argv, "fn:p:t:x")) != -1) {
+ 		switch(i) {
+ 			case 'f':
+--- skey-1.1.5.orig/skey.1
++++ skey-1.1.5/skey.1
+@@ -6,7 +6,7 @@
+ .Dt SKEY 1
+ .Os
+ .Sh NAME
+-.Nm skey
++.Nm skey, otp-md4, otp-md5, otp-sha1
+ .Nd respond to an OTP challenge
+ .Sh SYNOPSIS
+ .Nm
+@@ -34,6 +34,17 @@
+ or
+ .Xr ftpd 8 .
+ .Pp
++When
++.Nm skey
++is invoked as
++.Nm otp-method ,
++.Nm skey
++will use
++.Ar method
++as the hash function where
++.Ar method
++is currently one of md4, md5, or sha1.
++.Pp
+ Example use of the
+ .Em S/Key
+ program

diff --git a/patchsets/skey/1.1.5/06_all_binary-search.patch b/patchsets/skey/1.1.5/06_all_binary-search.patch
new file mode 100644
index 0000000..90e399c
--- /dev/null
+++ b/patchsets/skey/1.1.5/06_all_binary-search.patch
@@ -0,0 +1,36 @@
+Fix binary search.
+
+--- skey-1.1.5-orig/put.c
++++ skey-1.1.5/put.c
+@@ -2206,27 +2206,17 @@
+ {
+ 	int i, j;
+ 
+-	for (;;) {
++	while (low <= high) {
+ 		i = (low + high) / 2;
+ 
+ 		if ((j = strncmp(w, Wp[i], 4)) == 0)
+ 			return i;			/* Found it */
+-		if (high == low + 1) 
+-		{
+-			/* Avoid effects of integer truncation in /2 */
+-			if (strncmp(w, Wp[high], 4) == 0)
+-				return high;
+-			else
+-				return -1;
+-		}
+-
+-		if (low >= high)
+-			return -1;	/* I don't *think* this can happen... */
+ 		if (j < 0)
+-			high = i;	/* Search lower half */
++			high = i - 1;	/* Search lower half */
+ 		else
+-			low = i;	/* Search upper half */
++			low = i + 1;	/* Search upper half */
+ 	}
++	return -1;
+ }
+ 
+ static void insert(char *s, int x, int start, int length)

diff --git a/patchsets/skey/1.1.5/07_all_skeyprune-dir.patch b/patchsets/skey/1.1.5/07_all_skeyprune-dir.patch
new file mode 100644
index 0000000..967eb70
--- /dev/null
+++ b/patchsets/skey/1.1.5/07_all_skeyprune-dir.patch
@@ -0,0 +1,13 @@
+skeyprune won't honour @sysconfdir@
+
+--- skey-1.1.5-orig/skeyprune.pl
++++ skey-1.1.5/skeyprune.pl
+@@ -14,7 +14,7 @@
+ die "Usage: $0 [days]\n" if $#ARGC > 0;
+ 
+ # Pathnames
+-$keyfile = '/etc/skeykeys';
++$keyfile = '/etc/skey/skeykeys';
+ $temp = "$keyfile.tmp$$";
+ 
+ # Quick mapping of month name -> number

diff --git a/patchsets/skey/1.1.5/08_all_skeyprune-regex.patch b/patchsets/skey/1.1.5/08_all_skeyprune-regex.patch
new file mode 100644
index 0000000..b5039fa
--- /dev/null
+++ b/patchsets/skey/1.1.5/08_all_skeyprune-regex.patch
@@ -0,0 +1,13 @@
+skeyprune uses a case sensitive regex to check for zeroed entries
+
+--- skey-1.1.5-orig/skeyprune.pl
++++ skey-1.1.5/skeyprune.pl
+@@ -37,7 +37,7 @@
+ 
+ while (<OLD>) {
+     # Ignore commented out entries
+-    if ( ! /^#[^\s#]+\s+(MD[0-9]+\s+)?[0-9]+\s+[A-z0-9_-]+\s+[a-f0-9]+\s+(Jan|Feb|Mar|Apr|May|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+[0-9]+,\s*[0-9]+\s+[0-9]+:[0-9]+:[0-9]+$/ ) {
++    if ( ! /^#[^\s#]+\s+(MD[0-9]+\s+)?[0-9]+\s+[A-z0-9_-]+\s+[a-f0-9]+\s+(Jan|Feb|Mar|Apr|May|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+[0-9]+,\s*[0-9]+\s+[0-9]+:[0-9]+:[0-9]+$/i ) {
+ 	/((Jan|Feb|Mar|Apr|May|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+[0-9]+,\s*[0-9]+\s+[0-9]+:[0-9]+:[0-9]+)$/;
+ 
+ 	# Prune out old entries if asked to

diff --git a/patchsets/skey/1.1.5/09_all_man_default-md5.patch b/patchsets/skey/1.1.5/09_all_man_default-md5.patch
new file mode 100644
index 0000000..02bf45c
--- /dev/null
+++ b/patchsets/skey/1.1.5/09_all_man_default-md5.patch
@@ -0,0 +1,26 @@
+https://bugs.gentoo.org/64971
+skey(1) and skeyinit(1) describe md4 as the default hash algorithm,
+which is no longer the case.
+
+--- skey-1.1.5-orig/skey.1
++++ skey-1.1.5/skey.1
+@@ -27,7 +27,7 @@
+ .Pp
+ .Em S/Key
+ uses 64 bits of information, transformed by the
+-.Tn MD4
++.Tn MD5
+ algorithm into 6 English words.
+ The user supplies the words to authenticate himself to programs like
+ .Xr login 1
+--- skey-1.1.5-orig/skeyinit.1	2012-01-04 20:24:22.000000000 +0100
++++ skey-1.1.5/skeyinit.1	2012-01-04 20:31:13.000000000 +0100
+@@ -47,7 +47,7 @@
+ (default is 100).
+ .It Fl t Ar hash
+ Selects the hash algorithm to use.
+-Available choices are md4 (the default), md5 or sha1.
++Available choices are md4, md5 (the default) or sha1.
+ .It Ar user
+ The username to be changed/added.
+ By default the current user is operated on, only root may

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
new file mode 100644
index 0000000..4892645
--- /dev/null
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -0,0 +1,16 @@
+skey(3): shared library is in /lib; we don't install a profiling library
+
+--- skey-1.1.5-orig/skey.3
++++ skey-1.1.5/skey.3
+@@ -245,10 +245,8 @@
+ .Bl -tag -width /usr/lib/libskey_p.a -compact
+ .It Pa /usr/lib/libskey.a
+ static skey library
+-.It Pa /usr/lib/libskey.so
++.It Pa /lib/libskey.so
+ dynamic skey library
+-.It Pa /usr/lib/libskey_p.a
+-static skey library compiled for profiling
+ .El
+ .Sh SEE ALSO
+ .Xr skey 1 ,

diff --git a/patchsets/skey/1.1.5/11_all_strncat-warning.patch b/patchsets/skey/1.1.5/11_all_strncat-warning.patch
new file mode 100644
index 0000000..6eeefdd
--- /dev/null
+++ b/patchsets/skey/1.1.5/11_all_strncat-warning.patch
@@ -0,0 +1,11 @@
+--- skey-1.1.5-orig/skeyinit.c
++++ skey-1.1.5/skeyinit.c
+@@ -111,7 +111,7 @@
+ 	defaultseed[SKEY_NAMELEN] = '\0';
+ 	time(&now);
+ 	snprintf(tbuf, sizeof(tbuf), "%05ld", (long) (now % 100000));
+-	strncat(defaultseed, tbuf, sizeof(defaultseed));
++	strncat(defaultseed, tbuf, sizeof(defaultseed) - SKEY_NAMELEN - 1);
+ 
+ 	if ((pp = getpwuid(getuid())) == NULL)
+ 		err(1, "no user with uid %ld", (u_long)getuid());


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:openmotif-2.2.3-patches-5 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
  2015-09-04  8:29 ` [gentoo-commits] dev/ulm:master " Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:motif-2.3.4-patches-1 " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-4 " Ulrich Müller
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-4 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
                   ` (2 preceding siblings ...)
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:openmotif-2.2.3-patches-5 " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-6 " Ulrich Müller
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/
@ 2015-09-04  8:33 Ulrich Müller
  2015-09-04  8:29 ` [gentoo-commits] dev/ulm:master " Ulrich Müller
                   ` (6 more replies)
  0 siblings, 7 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-6 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
                   ` (3 preceding siblings ...)
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-4 " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:skey-1.1.5-patches-2 " Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:skey-1.1.5-patches-3 " Ulrich Müller
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:skey-1.1.5-patches-2 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
                   ` (4 preceding siblings ...)
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-6 " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:skey-1.1.5-patches-3 " Ulrich Müller
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] dev/ulm:skey-1.1.5-patches-3 commit in: patchsets/skey/1.1.5/
  2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
                   ` (5 preceding siblings ...)
  2015-09-04  8:33 ` [gentoo-commits] dev/ulm:skey-1.1.5-patches-2 " Ulrich Müller
@ 2015-09-04  8:33 ` Ulrich Müller
  6 siblings, 0 replies; 9+ messages in thread
From: Ulrich Müller @ 2015-09-04  8:33 UTC (permalink / raw
  To: gentoo-commits

commit:     fd88e0e70d84492a943ec9f68ab42e101f80788f
Author:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 13:03:19 2012 +0000
Commit:     Ulrich Müller <ulm <AT> gentoo <DOT> org>
CommitDate: Fri Feb 15 10:58:08 2013 +0000
URL:        https://gitweb.gentoo.org/dev/ulm.git/commit/?id=fd88e0e7

Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
under a 2-clause BSD license. Removed some whitespace changes.

 patchsets/skey/1.1.5/01_all_gentoo.patch      | 111 ++++----------------------
 patchsets/skey/1.1.5/10_all_man_libpath.patch |   2 +-
 2 files changed, 18 insertions(+), 95 deletions(-)

diff --git a/patchsets/skey/1.1.5/01_all_gentoo.patch b/patchsets/skey/1.1.5/01_all_gentoo.patch
index 270fe6b..0576ae2 100644
--- a/patchsets/skey/1.1.5/01_all_gentoo.patch
+++ b/patchsets/skey/1.1.5/01_all_gentoo.patch
@@ -3,6 +3,10 @@ NetBSD project, some other updates and fixes, and the addition
 of some new features like shadow password and cracklib support.
 	(05 Nov 2003) -taviso@gentoo.org
 
+Updated skeyinfo.c and skey.3 from newer NetBSD version, which is
+under a 2-clause BSD license. Removed some whitespace changes.
+	(05 Jan 2012) -ulm@gentoo.org
+
 --- skey-1.1.5.orig/CHANGES	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/CHANGES	2003-11-06 17:46:45.000000000 +0000
 @@ -1,6 +1,19 @@
@@ -2147,9 +2151,9 @@ of some new features like shadow password and cracklib support.
 +John S. Walden,
 +Scott Chasin
 --- skey-1.1.5.orig/skey.3	1970-01-01 01:00:00.000000000 +0100
-+++ skey-1.1.5/skey.3	2003-11-06 17:46:45.000000000 +0000
-@@ -0,0 +1,264 @@
-+.\"     $NetBSD: skey.3,v 1.8 2003/06/06 13:42:50 wiz Exp $
++++ skey-1.1.5/skey.3	2008-04-30 14:10:52.000000000 +0100
+@@ -0,0 +1,257 @@
++.\"     $NetBSD: skey.3,v 1.9 2008/04/30 13:10:52 martin Exp $
 +.\"
 +.\" Copyright (c) 2001 The NetBSD Foundation, Inc.
 +.\" All rights reserved.
@@ -2165,13 +2169,6 @@ of some new features like shadow password and cracklib support.
 +.\" 2. Redistributions in binary form must reproduce the above copyright
 +.\"    notice, this list of conditions and the following disclaimer in the
 +.\"    documentation and/or other materials provided with the distribution.
-+.\" 3. All advertising materials mentioning features or use of this software
-+.\"    must display the following acknowledgement:
-+.\"        This product includes software developed by the NetBSD
-+.\"        Foundation, Inc. and its contributors.
-+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
-+.\"    contributors may be used to endorse or promote products derived
-+.\"    from this software without specific prior written permission.
 +.\"
 +.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 +.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
@@ -2967,96 +2964,29 @@ of some new features like shadow password and cracklib support.
  }
 --- skey-1.1.5.orig/skey.h	2001-05-10 17:10:49.000000000 +0100
 +++ skey-1.1.5/skey.h	2003-11-06 17:46:45.000000000 +0000
-@@ -1,3 +1,5 @@
-+/*	$NetBSD: skey.h,v 1.8 2000/07/28 16:35:11 thorpej Exp $	*/
-+
- /*
-  * S/KEY v1.1b (skey.h)
-  *
-@@ -11,86 +13,86 @@
-  *          Todd C. Miller <Todd.Miller@courtesan.com>
-  *
-  * Main client header
-- *
-- * $OpenBSD: skey.h,v 1.13 1999/07/15 14:33:48 provos Exp $
-  */
- 
- /* Server-side data structure for reading keys file during login */
--struct skey {
--	FILE *keyfile;
--	char buf[256];
--	char *logname;
--	int n;
--	char *seed;
--	char *val;
--	long recstart;		/* needed so reread of buffer is efficient */
-+struct skey
-+{
-+  FILE *keyfile;
-+  char buf[256];
-+  char *logname;
-+  int n;
-+  char *seed;
-+  char *val;
-+  long recstart;		/* needed so reread of buffer is efficient */
- };
- 
- /* Client-side structure for scanning data stream for challenge */
--struct mc {
--	char buf[256];
--	int skip;
--	int cnt;
-+struct mc
-+{
-+  char buf[256];
-+  int skip;
-+  int cnt;
- };
- 
- /* Maximum sequence number we allow */
- #ifndef SKEY_MAX_SEQ
--#define SKEY_MAX_SEQ		10000
-+#define SKEY_MAX_SEQ           10000
+@@ -38,17 +38,17 @@
+ #define SKEY_MAX_SEQ		10000
  #endif
  
 -/* Minimum secret password length (rfc1938) */
 +/* Minimum secret password length (rfc2289) */
  #ifndef SKEY_MIN_PW_LEN
--#define SKEY_MIN_PW_LEN		10
-+#define SKEY_MIN_PW_LEN                10
+ #define SKEY_MIN_PW_LEN		10
  #endif
  
 -/* Max secret password length (rfc1938 says 63 but allows more) */
 +/* Max secret password length (rfc2289 says 63 but allows more) */
  #ifndef SKEY_MAX_PW_LEN
--#define SKEY_MAX_PW_LEN		255
-+#define SKEY_MAX_PW_LEN                255
+ #define SKEY_MAX_PW_LEN		255
  #endif
  
 -/* Max length of an S/Key seed (rfc1938) */
 +/* Max length of an S/Key seed (rfc2289) */
  #ifndef SKEY_MAX_SEED_LEN
--#define SKEY_MAX_SEED_LEN	16
-+#define SKEY_MAX_SEED_LEN  	 16
+ #define SKEY_MAX_SEED_LEN	16
  #endif
- 
- /* Max length of S/Key challenge (otp-???? 9999 seed) */
- #ifndef SKEY_MAX_CHALLENGE
--#define SKEY_MAX_CHALLENGE	(11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
-+#define SKEY_MAX_CHALLENGE 	 (11 + SKEY_MAX_HASHNAME_LEN + SKEY_MAX_SEED_LEN)
- #endif
- 
- /* Max length of hash algorithm name (md4/md5/sha1/rmd160) */
--#define SKEY_MAX_HASHNAME_LEN	6
-+#define SKEY_MAX_HASHNAME_LEN  6
- 
- /* Size of a binary key (not NULL-terminated) */
--#define SKEY_BINKEY_SIZE	8
-+#define SKEY_BINKEY_SIZE		 8
- 
- /* Location of random file for bogus challenges */
--#define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
-+#define _SKEY_RAND_FILE_PATH_  "/var/db/host.random"
+@@ -68,29 +68,29 @@
+ #define _SKEY_RAND_FILE_PATH_	"/var/db/host.random"
  
  /* Prototypes */
 -void f(char *x);
@@ -3149,10 +3079,10 @@ of some new features like shadow password and cracklib support.
 +.Xr skeyaudit 1 ,
  .Xr skeyinit 1
 --- skey-1.1.5.orig/skeyinfo.c	2001-05-10 17:10:49.000000000 +0100
-+++ skey-1.1.5/skeyinfo.c	2003-11-06 17:46:45.000000000 +0000
++++ skey-1.1.5/skeyinfo.c	2012-01-05 11:24:15.000000000 +0000
 @@ -1,9 +1,12 @@
 -/*    $OpenBSD: skeyinfo.c,v 1.6 2001/02/05 16:58:11 millert Exp $    */
-+/*	$NetBSD: skeyinfo.c,v 1.4 2003/07/23 04:11:50 itojun Exp $	*/
++/*	$NetBSD: skeyinfo.c,v 1.5 2008/04/28 20:24:15 martin Exp $	*/
  
 -/*
 - * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -3166,19 +3096,12 @@ of some new features like shadow password and cracklib support.
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
-@@ -12,104 +15,79 @@
+@@ -12,104 +15,72 @@
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in the
   *    documentation and/or other materials provided with the distribution.
 - * 3. The name of the author may not be used to endorse or promote products
 - *    derived from this software without specific prior written permission.
-+ * 3. All advertising materials mentioning features or use of this software
-+ *    must display the following acknowledgement:
-+ *	This product includes software developed by the NetBSD
-+ *	Foundation, Inc. and its contributors.
-+ * 4. Neither the name of The NetBSD Foundation nor the names of its
-+ *    contributors may be used to endorse or promote products derived
-+ *    from this software without specific prior written permission.
   *
 - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

diff --git a/patchsets/skey/1.1.5/10_all_man_libpath.patch b/patchsets/skey/1.1.5/10_all_man_libpath.patch
index 4892645..acaef16 100644
--- a/patchsets/skey/1.1.5/10_all_man_libpath.patch
+++ b/patchsets/skey/1.1.5/10_all_man_libpath.patch
@@ -2,7 +2,7 @@ skey(3): shared library is in /lib; we don't install a profiling library
 
 --- skey-1.1.5-orig/skey.3
 +++ skey-1.1.5/skey.3
-@@ -245,10 +245,8 @@
+@@ -238,10 +238,8 @@
  .Bl -tag -width /usr/lib/libskey_p.a -compact
  .It Pa /usr/lib/libskey.a
  static skey library


^ permalink raw reply related	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2015-09-04  8:37 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/skey/1.1.5/ Ulrich Müller
2015-09-04  8:29 ` [gentoo-commits] dev/ulm:master " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:motif-2.3.4-patches-1 " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:openmotif-2.2.3-patches-5 " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-4 " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-6 " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:skey-1.1.5-patches-2 " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:skey-1.1.5-patches-3 " Ulrich Müller
  -- strict thread matches above, loose matches on Subject: below --
2015-09-04  8:33 [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-6 " Ulrich Müller
2015-09-04  8:33 ` [gentoo-commits] dev/ulm:openmotif-2.2.3-patches-5 " Ulrich Müller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox