diff options
| author | Brian Feldman <green@FreeBSD.org> | 1999-11-24 03:36:23 +0000 |
|---|---|---|
| committer | Brian Feldman <green@FreeBSD.org> | 1999-11-24 03:36:23 +0000 |
| commit | f0ca59b2b5e3ec904210d8c0a010cbd5fe3909b6 (patch) | |
| tree | f83627ec33084e9d6b259693d33ee39310cca441 | |
| parent | Upgrade to 0.94, portlint, PREFIX (diff) | |
Update the CVS_DATE. This brings in support for TIS authentication,
obsoleting a couple patches (it's the same code, though, except for
additions).
This also brings in KNFization of everything (please hold the cheering
down :) and made me reroll all my patches.
My patches have been almost entirely rewritten. The places are the
same, but the code's rewritten. It fits with the style (KNF) now,
and looks better.
I've also added strlcat.c to the build, which, just like strlcpy.c, is
necessary for compatibility with older libcs. After strlcat() snuck
into the OpenSSH code recently, this would prevent OpenSSH from
building on (e.g.) FreeBSD 3.2. Adding it to ssh/lib/ makes it work
yet again :)
Notes
Notes:
svn path=/head/; revision=23296
21 files changed, 578 insertions, 298 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 7d1089a4ab6b..2900b46c85e5 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,5 +1,5 @@ # New ports collection makefile for: OpenSSH -# Version required: 19991107 +# Version required: 1.2 # Date created: 7 October 1999 # Whom: green # @@ -22,9 +22,9 @@ RESTRICTED= "Links with cryptographic code." CAT?= /bin/cat DISTFILES!= ${CAT} ${FILESDIR}/distfiles -CFLAGS+= -DHAVE_OPENPTY +CFLAGS+= -DHAVE_OPENPTY -I${PREFIX}/include CVS_CMD?= cvs -z3 -CVS_DATE= Sun Nov 21 11:22:08 EST 1999 +CVS_DATE= Tue Nov 23 18:52:21 EST 1999 SED?= /usr/bin/sed CVS_DATE_!= ${ECHO} -n ${CVS_DATE} | ${SED} 's/[ \t:]/_/g' CVS_SITES= anoncvs@anoncvs1.ca.openbsd.org:/cvs \ @@ -107,7 +107,7 @@ fetchsrctarball: do-extract: @${MKDIR} ${WRKDIR} @${CP} -r ${DISTDIR}/${PKGNAME}/${DISTNAME} ${WRKDIR} - @${CP} ${FILESDIR}/strlcpy.c ${WRKSRC}/lib/ + @${CP} ${FILESDIR}/strlcat.c ${FILESDIR}/strlcpy.c ${WRKSRC}/lib/ post-patch: @${PERL} -pi.orig -e 's:__PREFIX__:${PREFIX}:g' ${WRKSRC}/ssh.h diff --git a/security/openssh/distinfo b/security/openssh/distinfo index 5de326697aea..da231b351963 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -4,89 +4,89 @@ MD5 (OpenSSH-1.2/src/usr.bin/ssh/Makefile.inc) = 8f096d4d5a830efe7dde5674b482cd2 MD5 (OpenSSH-1.2/src/usr.bin/ssh/OVERVIEW) = 5def77be758d9e4aa2390c3825ed7cb2 MD5 (OpenSSH-1.2/src/usr.bin/ssh/README) = e54fb9189053db5ad25892054c8d0989 MD5 (OpenSSH-1.2/src/usr.bin/ssh/RFC.nroff) = 1615f30810a3d47716883b2eaddd712c -MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-krb4.c) = 5e49fb727617e55f95c66246d3c90843 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-passwd.c) = dd6381fb76a253e47e423dd1034f0cb4 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-rh-rsa.c) = 01b63ab1fa245f1aa9a14f3b8b60ef12 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-rhosts.c) = b819f4792c7b48f4e846fe083eef3d3e -MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-rsa.c) = 3c7dc36c88628146942b05d326845268 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-skey.c) = b06ddb3c15f79fc3f566e384db648b62 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/authfd.c) = d54efb22325c80df98bee4c0e4b265c2 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-krb4.c) = afb4f094a0377bf941132d699133061e +MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-passwd.c) = 8b5bc717a6bf9e4d2902303e02e93c66 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-rh-rsa.c) = b0db15995763bc8d73e3fe3d2b7c480b +MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-rhosts.c) = 77f41a35c345e90bb6fc2bd64df703a7 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-rsa.c) = 0c7332ede8b134d4ebb3acb361e6c197 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/auth-skey.c) = 7e0247aa6636cbb8cd5998941a757040 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/authfd.c) = d71787a9c2c2ca31b206646f770c2629 MD5 (OpenSSH-1.2/src/usr.bin/ssh/authfd.h) = fb324de954d588249db26709b6c1cc05 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/authfile.c) = 83796ca9b5c914d0a29a58adc13816db -MD5 (OpenSSH-1.2/src/usr.bin/ssh/bufaux.c) = b9c43d1b9fb421e6b737f420b94076ab +MD5 (OpenSSH-1.2/src/usr.bin/ssh/authfile.c) = 0c68fc47e6cfd2e34c4b9e21deaec8cc +MD5 (OpenSSH-1.2/src/usr.bin/ssh/bufaux.c) = 8c0b7731009cf11cb9a000746e81003e MD5 (OpenSSH-1.2/src/usr.bin/ssh/bufaux.h) = e4f6b704a67973170d44695f3b566f05 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/buffer.c) = 865053f2a0255aded2599461618d76e5 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/buffer.c) = 8dc56b33f83178b347628653f9c468a1 MD5 (OpenSSH-1.2/src/usr.bin/ssh/buffer.h) = ad31925577a5b090b36afc0858ee4ef8 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/canohost.c) = 7abfb8e99c3441ec76bd962ecfdde8cf -MD5 (OpenSSH-1.2/src/usr.bin/ssh/channels.c) = eece086b67de0d839a4a428f93071a8b +MD5 (OpenSSH-1.2/src/usr.bin/ssh/canohost.c) = 2fd9f1687a94eeb1d5c612e666f4713b +MD5 (OpenSSH-1.2/src/usr.bin/ssh/channels.c) = f0b98fb8bb451e793521f252e8eaa0bb MD5 (OpenSSH-1.2/src/usr.bin/ssh/channels.h) = 72d03b7b023c7d794c28b38ce43d9e5b -MD5 (OpenSSH-1.2/src/usr.bin/ssh/cipher.c) = 346796f428b6d87ad8c307b0f17827a0 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/cipher.c) = 96ce2a2d600f7b420d4d8a796380f3f4 MD5 (OpenSSH-1.2/src/usr.bin/ssh/cipher.h) = e8167ec15b1da0a2c6015fe5751b8034 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/clientloop.c) = 4ebf60d61fe8c894f7289601796fb33d -MD5 (OpenSSH-1.2/src/usr.bin/ssh/compat.c) = 6bac0ff0847f26f16b3f11f47d56c367 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/clientloop.c) = a1fef42b6e993b297fb60188263384ef +MD5 (OpenSSH-1.2/src/usr.bin/ssh/compat.c) = bd8c95e51f91b958282bec3ec1b64d54 MD5 (OpenSSH-1.2/src/usr.bin/ssh/compat.h) = 8d4063d6eb22bd9b9aba4f768a96ce65 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/compress.c) = ce3d346cb5e9a894196c8447bfc60e14 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/compress.c) = 1dcf1a183369c45f3c052414419e6f41 MD5 (OpenSSH-1.2/src/usr.bin/ssh/compress.h) = 47384fb71f7411a8367fc2ab92bc60cf -MD5 (OpenSSH-1.2/src/usr.bin/ssh/crc32.c) = dd58bbe867cfe914f37a39c757ccd4b5 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/crc32.c) = f8e255b74718e9cdb9031ddf31248daa MD5 (OpenSSH-1.2/src/usr.bin/ssh/crc32.h) = ca822d3b56144b7f3ebf23505696df64 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/deattack.c) = 688e2300af960a6b88cc7af582276b77 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/deattack.c) = 5a0b0f9f1865059a7cbecbb34f570454 MD5 (OpenSSH-1.2/src/usr.bin/ssh/deattack.h) = 84cd5fc5ab5857659c337495f13e97af -MD5 (OpenSSH-1.2/src/usr.bin/ssh/fingerprint.c) = 31addc595d424e074cd1820c4f3f687e +MD5 (OpenSSH-1.2/src/usr.bin/ssh/fingerprint.c) = 53cd4c63d2f870b7ef46743f2d0b311e MD5 (OpenSSH-1.2/src/usr.bin/ssh/fingerprint.h) = a3a4ab65be79f9b26015131290493b3b MD5 (OpenSSH-1.2/src/usr.bin/ssh/getput.h) = 564761caa67f9c507e73b2383f86dc0c -MD5 (OpenSSH-1.2/src/usr.bin/ssh/hostfile.c) = 1c18dcfc56c007b0cf51490e9a7398cf +MD5 (OpenSSH-1.2/src/usr.bin/ssh/hostfile.c) = 0d6ed37ca0a42a94568909736041f042 MD5 (OpenSSH-1.2/src/usr.bin/ssh/includes.h) = 21a803e66cf63001eaf3fd22bf6c2b54 MD5 (OpenSSH-1.2/src/usr.bin/ssh/lib/Makefile) = fcf2c95b795ebb2c3ef37eee749e0bc3 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/log-client.c) = 68418f7939765d0abee948d5cc169ab5 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/log-server.c) = 7e7091fe67d498832c79b93b6de38a24 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/log.c) = 8e2d4ca7dd138b663851d3bca7e13074 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/login.c) = b9700635ffbdcc489613eabf26e93214 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/match.c) = 559b73caeb055519cab5f403e412b099 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/mpaux.c) = fb1b916a31c47f83d65b0f1c3f9d90c2 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/log-client.c) = 9de8fc9adfaf0c1689546a88e84cc409 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/log-server.c) = fc2a720ab65781702824b9575bfe8589 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/log.c) = 1ead2b24677b8c841a4aba29514a7b2a +MD5 (OpenSSH-1.2/src/usr.bin/ssh/login.c) = 519c0213c9fec007ad0e908e17328dff +MD5 (OpenSSH-1.2/src/usr.bin/ssh/match.c) = 9fb0e688f9dacc80b3d080ab62ecbdf0 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/mpaux.c) = 9de92d0e83814e8532738c1d011eb557 MD5 (OpenSSH-1.2/src/usr.bin/ssh/mpaux.h) = 2e3c5530ecd7972373baf7d23da49d51 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/nchan.c) = a4ec43de3e4b9687e76e14b22d701ba2 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/nchan.c) = 808a455e877608436ae429d60349fa48 MD5 (OpenSSH-1.2/src/usr.bin/ssh/nchan.h) = fc559438a23bf1c4f6e7faaaf5f581a4 MD5 (OpenSSH-1.2/src/usr.bin/ssh/nchan.ms) = 6a168c05b13aed9a6c9b9d384edcf2c2 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/packet.c) = 696c161ba50d95826ac4e9b7bdd36165 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/packet.c) = 5428b751bbc62455cbe2251ddbf1cee3 MD5 (OpenSSH-1.2/src/usr.bin/ssh/packet.h) = 5de24b8ab5947434366bb18e20437f68 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/pty.c) = 0f62619cb5f1622a1d0940993b6bb5e9 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/pty.c) = 19b157680946dbb1de818e479e9c0006 MD5 (OpenSSH-1.2/src/usr.bin/ssh/pty.h) = c42c8189284dfe0d34125b77446bd062 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/radix.c) = 0e98d49a6f27cb09480f38c9dfce9b62 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/readconf.c) = 3d1447a81ff6e4dcc78a7492b3afa953 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/readconf.h) = 4c6b924be22bb41913b67cd523725b5e -MD5 (OpenSSH-1.2/src/usr.bin/ssh/readpass.c) = 88a5e2a41c43d53d3dac739f7110e3db -MD5 (OpenSSH-1.2/src/usr.bin/ssh/rsa.c) = 60f3f3aa33911742feb13032e06fb6a1 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/radix.c) = e7cf9f687b866f00523440ea4699ea73 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/readconf.c) = b99672ec3c96010654d5ee2a8abcabc1 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/readconf.h) = 99f7e607724b941a62fb27e09965fa5a +MD5 (OpenSSH-1.2/src/usr.bin/ssh/readpass.c) = 17802a659dcf815d16c59090810e4aff +MD5 (OpenSSH-1.2/src/usr.bin/ssh/rsa.c) = 9e85c3eec42dedd666dd1b3ad73ae9e6 MD5 (OpenSSH-1.2/src/usr.bin/ssh/rsa.h) = b4175dcd58022ac6961ac57a255718a7 MD5 (OpenSSH-1.2/src/usr.bin/ssh/scp.1) = a9144b2b272d8ac656b1d63c71644999 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/scp.c) = 034c71d912a5524f781aefb4569a7685 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/scp.c) = 735113a94b57ce1ecf47bef01d8ff2eb MD5 (OpenSSH-1.2/src/usr.bin/ssh/scp/Makefile) = 5cb4c5fcabde5ccc4f9ca475ac3452f4 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/servconf.c) = 5f27aacac3fc97fe87d0e6276dfc8fd4 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/servconf.c) = 6efc02e63b2d185745ce8fd97ce01447 MD5 (OpenSSH-1.2/src/usr.bin/ssh/servconf.h) = 468c25070e4afbccf948730311690a34 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/serverloop.c) = c5365d9daa1af8d0b6dbfaa5692b3296 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/serverloop.c) = 96f7f11223f15c6b093282b7ce38d020 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-add.1) = 4b97d6fbe61628569dfc12dad1fe3228 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-add.c) = 0e51e4ece3a96e2400f369813e9ee0d9 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-add.c) = 91f325ce167d28d582b9af04eec177b3 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-add/Makefile) = f780e2e9fb5c32d2118ba0e612d681e0 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-agent.1) = 33b62903d3aa452fa106b484b016bbc5 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-agent.c) = 2d3bc7ef09dc7b21866eb03da34100f9 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-agent.c) = 096ccd483df21da9b4eca4c29ada3616 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-agent/Makefile) = c7ec7c4e61b4da3369980f197fdcb501 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-keygen.1) = 746734eab948fff84a44c3383f5a1701 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-keygen.c) = 29198d94ca51be42214d2c7931ed78eb +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-keygen.c) = c8cf1a6b060815ef8766ae880fc8e480 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh-keygen/Makefile) = 2d597b6e6458d0c0246ba2563dd2498b -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh.1) = 287e6df9dcbecadcda91ac2d9e842116 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh.c) = cea39462d5846a2fc799a6e7551a8d45 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh.h) = dea24d4daef79b2dd6f44f0a4cade43d +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh.1) = 94066f50daf11f97deded744d85cf9a4 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh.c) = d6376fdbfddf79ced260cf9e4115c395 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh.h) = aaf0802fc67c5f5da9e5ec6876b0b64b MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh/Makefile) = 41b006d3c04b599619990b47da60f81e MD5 (OpenSSH-1.2/src/usr.bin/ssh/ssh_config) = 9658715526aeaf0bc43528d3159b475f -MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshconnect.c) = 6dc88619d579b1e7abfb1c2611a1faa1 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshd.8) = 5bdc27ad21f71a3dfac06cff380e8fd6 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshd.c) = 2620dd27e868ecedece3b7dbaf1ed037 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshconnect.c) = 16bce755e0cfbf6123d7fe1c94b032b4 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshd.8) = e08d1683e931a4b30e0e411d4d3576c8 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshd.c) = 00032b5bc0e592bf320e3a31e8a17ed0 MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshd/Makefile) = d1d83d1ece775d3a5cbf8cfaaf2330f3 MD5 (OpenSSH-1.2/src/usr.bin/ssh/sshd_config) = e78b81c34da5c97eee1359cccda908d6 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/tildexpand.c) = 6f797f65e32fe1022ee20f291611a6e2 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/ttymodes.c) = b11079749fc93e0a8337af4afb3ebc43 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/tildexpand.c) = 2c7b2e407be9fa9839f2058952703de3 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/ttymodes.c) = 7b72e228fc88888577fb101c09043ce2 MD5 (OpenSSH-1.2/src/usr.bin/ssh/ttymodes.h) = 4fbb0096420efed3228d92e1576242d1 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/uidswap.c) = 9caf5b2cd7e5535dde520fd40ad732e0 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/uidswap.c) = 43fd1c6217828f5a9cabb82a34abcb1c MD5 (OpenSSH-1.2/src/usr.bin/ssh/uidswap.h) = 5af5b193e6325f20e7de4ee15877b877 MD5 (OpenSSH-1.2/src/usr.bin/ssh/version.h) = 6ac6f1622b0ce6f24f608f0bb340e207 -MD5 (OpenSSH-1.2/src/usr.bin/ssh/xmalloc.c) = 46e87856bb156c71e91403580a330480 +MD5 (OpenSSH-1.2/src/usr.bin/ssh/xmalloc.c) = a2e86fd60e9397c5b8b48d7872ec9c06 MD5 (OpenSSH-1.2/src/usr.bin/ssh/xmalloc.h) = 5ec9a25c413bf89488fe3140d2e06d7d diff --git a/security/openssh/files/patch-aa b/security/openssh/files/patch-aa index ff267ded9258..4797fe4d70a2 100644 --- a/security/openssh/files/patch-aa +++ b/security/openssh/files/patch-aa @@ -1,5 +1,5 @@ ---- Makefile.orig Tue Oct 26 03:31:00 1999 -+++ Makefile Mon Nov 8 00:28:19 1999 +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/Makefile Mon Oct 25 16:27:26 1999 ++++ ./Makefile Tue Nov 23 19:18:22 1999 @@ -1,6 +1,7 @@ # $OpenBSD: Makefile,v 1.5 1999/10/25 20:27:26 markus Exp $ diff --git a/security/openssh/files/patch-ab b/security/openssh/files/patch-ab index a65c47f7601c..277f63f225b6 100644 --- a/security/openssh/files/patch-ab +++ b/security/openssh/files/patch-ab @@ -1,11 +1,9 @@ ---- Makefile.inc.orig Tue Oct 26 03:31:00 1999 -+++ Makefile.inc Tue Nov 9 06:45:18 1999 -@@ -1,11 +1,8 @@ --CFLAGS+= -I${.CURDIR}/.. -+CFLAGS+= -I${.CURDIR}/.. -I${PREFIX}/include +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/Makefile.inc Mon Oct 25 16:27:26 1999 ++++ ./Makefile.inc Tue Nov 23 19:19:33 1999 +@@ -2,10 +2,9 @@ + + .include <bsd.obj.mk> --.include <bsd.obj.mk> -- -.if exists(${.CURDIR}/../lib/${__objdir}) -LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh -DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a diff --git a/security/openssh/files/patch-ac b/security/openssh/files/patch-ac index f03c0f6c88c2..f6ad51c27c10 100644 --- a/security/openssh/files/patch-ac +++ b/security/openssh/files/patch-ac @@ -1,10 +1,24 @@ ---- readconf.h.dist Fri Nov 19 23:32:48 1999 -+++ readconf.h Fri Nov 19 23:48:22 1999 -@@ -54,6 +54,7 @@ - int compression; /* Compress packets in both directions. */ - int compression_level; /* Compression level 1 (fast) to 9 (best). */ - int keepalives; /* Set SO_KEEPALIVE. */ -+ int tis_authentication; /* TIS client-side authentication */ - LogLevel log_level; /* Level for logging. */ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/includes.h Tue Nov 2 16:21:02 1999 ++++ ./includes.h Tue Nov 23 19:20:38 1999 +@@ -24,12 +24,12 @@ + #include <sys/select.h> + #include <sys/param.h> + #include <sys/ioctl.h> +-#include <sys/endian.h> + #include <sys/stat.h> + #include <sys/wait.h> + #include <sys/time.h> + #include <sys/un.h> + #include <sys/resource.h> ++#include <machine/endian.h> - int port; /* Port to connect. */ + #include <netinet/in.h> + #include <netinet/in_systm.h> +@@ -38,7 +38,6 @@ + #include <arpa/inet.h> + #include <netdb.h> + +-#include <netgroup.h> + #include <stdio.h> + #include <ctype.h> + #include <errno.h> diff --git a/security/openssh/files/patch-ad b/security/openssh/files/patch-ad index b99d16d2c0d1..fc17693d6e5e 100644 --- a/security/openssh/files/patch-ad +++ b/security/openssh/files/patch-ad @@ -1,35 +1,20 @@ ---- readconf.c.dist Fri Nov 19 23:32:48 1999 -+++ readconf.c Fri Nov 19 23:41:27 1999 -@@ -369,13 +369,8 @@ - goto parse_int; - - case oTISAuthentication: -- cp = strtok(NULL, WHITESPACE); -- if (cp != 0 && (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)) -- fprintf(stderr, -- "%.99s line %d: Warning, TIS is not supported.\n", -- filename, -- linenum); -- break; -+ intptr = &options->tis_authentication; -+ goto parse_flag; +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/lib/Makefile Tue Nov 16 17:49:29 1999 ++++ ./lib/Makefile Tue Nov 23 19:21:19 1999 +@@ -5,6 +5,7 @@ + cipher.c compat.c compress.c crc32.c deattack.c fingerprint.c \ + hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ + rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c ++SRCS+= strlcat.c strlcpy.c - case oCompressionLevel: - intptr = &options->compression_level; -@@ -655,6 +650,7 @@ - options->num_local_forwards = 0; - options->num_remote_forwards = 0; - options->log_level = (LogLevel)-1; -+ options->tis_authentication = -1; - } + NOPROFILE= yes + NOPIC= yes +@@ -13,6 +14,7 @@ + @echo -n - /* Called after processing other sources of option data, this fills those -@@ -727,6 +723,8 @@ - options->user_hostfile = SSH_USER_HOSTFILE; - if (options->log_level == (LogLevel)-1) - options->log_level = SYSLOG_LEVEL_INFO; -+ if (options->tis_authentication == -1) -+ options->tis_authentication = 0; - /* options->proxy_command should not be set by default */ - /* options->user will be set in the main program if appropriate */ - /* options->hostname will be set in the main program if appropriate */ + .include <bsd.own.mk> ++.include "../Makefile.inc" + + .if (${KERBEROS} == "yes") + CFLAGS+= -DKRB4 -I/usr/include/kerberosIV +Only in ./lib: strlcat.c +Only in ./lib: strlcpy.c diff --git a/security/openssh/files/patch-ae b/security/openssh/files/patch-ae index f0692ec9487c..33c57f42e6fc 100644 --- a/security/openssh/files/patch-ae +++ b/security/openssh/files/patch-ae @@ -1,43 +1,14 @@ ---- sshconnect.c.orig Fri Nov 19 23:54:54 1999 -+++ sshconnect.c Fri Nov 19 23:56:22 1999 -@@ -1496,6 +1496,40 @@ - return; /* Successful connection. */ - } - -+ /* Support for TIS authentication server obtained from -+ Andre April <Andre.April@cediti.be>. */ -+ if ((supported_authentications & (1 << SSH_AUTH_TIS)) && -+ options.tis_authentication && !options.batch_mode) -+ { -+ char *prompt; -+ debug("Doing TIS authentication."); -+ if (options.cipher == SSH_CIPHER_NONE) -+ log("WARNING: Encryption is disabled! Password will be transmitted in clear text."); -+ packet_start(SSH_CMSG_AUTH_TIS); -+ packet_send(); -+ packet_write_wait(); -+ type = packet_read(&payload_len); -+ if (type == SSH_SMSG_FAILURE) -+ debug("User cannot be identifier on authentication server."); -+ else { -+ if (type != SSH_SMSG_AUTH_TIS_CHALLENGE) -+ packet_disconnect("Protocol error: got %d in response to TIS auth request", type); -+ prompt = packet_get_string(NULL); -+ password = read_passphrase(prompt, 0); -+ packet_start(SSH_CMSG_AUTH_TIS_RESPONSE); -+ packet_put_string(password, strlen(password)); -+ memset(password, 0, strlen(password)); -+ xfree(password); -+ packet_send(); -+ packet_write_wait(); -+ type = packet_read(&payload_len); -+ if (type == SSH_SMSG_SUCCESS) -+ return; -+ if (type != SSH_SMSG_FAILURE) -+ packet_disconnect("Protocol error: got %d in response to TIS auth", type); -+ } -+ } -+ - /* Try password authentication if the server supports it. */ - if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) && - options.password_authentication && !options.batch_mode) +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/login.c Tue Nov 23 18:55:14 1999 ++++ ./login.c Tue Nov 23 19:35:08 1999 +@@ -20,7 +20,11 @@ + #include "includes.h" + RCSID("$Id: login.c,v 1.8 1999/11/23 22:25:54 markus Exp $"); + ++#ifdef __FreeBSD__ ++#include <libutil.h> ++#else + #include <util.h> ++#endif /* __FreeBSD__ */ + #include <utmp.h> + #include "ssh.h" + diff --git a/security/openssh/files/patch-af b/security/openssh/files/patch-af index 6eadf2eafb68..4e7ebf6d6cba 100644 --- a/security/openssh/files/patch-af +++ b/security/openssh/files/patch-af @@ -1,11 +1,22 @@ ---- ssh.h.dist Fri Nov 19 23:50:37 1999 -+++ ssh.h Fri Nov 19 23:50:22 1999 -@@ -141,7 +141,7 @@ - #define SSH_AUTH_RSA 2 - #define SSH_AUTH_PASSWORD 3 - #define SSH_AUTH_RHOSTS_RSA 4 -- /* 5 is TIS */ -+#define SSH_AUTH_TIS 5 - #define SSH_AUTH_KERBEROS 6 - #define SSH_PASS_KERBEROS_TGT 7 - /* 8 to 15 are reserved */ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/scp/Makefile Mon Oct 25 16:27:26 1999 ++++ ./scp/Makefile Tue Nov 23 19:23:58 1999 +@@ -2,16 +2,9 @@ + + PROG= scp + BINOWN= root +- +-.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ +- ${MACHINE_ARCH} == "hppa") +-BINMODE=0000 +-.else +-BINMODE?=555 +-.endif +- +-BINDIR= /usr/bin +-MAN= scp.1 ++BINMODE=555 ++BINDIR= /bin ++MAN1= scp.1 + + SRCS= scp.c + diff --git a/security/openssh/files/patch-ap b/security/openssh/files/patch-ag index db9c3f7d8a0a..09a17b96aa87 100644 --- a/security/openssh/files/patch-ap +++ b/security/openssh/files/patch-ag @@ -1,11 +1,10 @@ ---- ssh/Makefile.orig Tue Oct 26 03:31:00 1999 -+++ ssh/Makefile Tue Nov 9 06:56:24 1999 -@@ -2,22 +2,17 @@ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/ssh/Makefile Wed Nov 17 20:52:33 1999 ++++ ./ssh/Makefile Tue Nov 23 19:26:08 1999 +@@ -2,22 +2,16 @@ PROG= ssh BINOWN= root -+BINMODE=4555 - +- -.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ - ${MACHINE_ARCH} == "hppa") -BINMODE=0000 @@ -15,6 +14,7 @@ - -BINDIR= /usr/bin -MAN= ssh.1 ++BINMODE=4555 +BINDIR= /bin +MAN1= ssh.1 LINKS= ${BINDIR}/ssh ${BINDIR}/slogin @@ -27,7 +27,7 @@ .if (${KERBEROS} == "yes") CFLAGS+= -DKRB4 -I/usr/include/kerberosIV -@@ -32,5 +27,5 @@ +@@ -32,5 +26,5 @@ .include <bsd.prog.mk> diff --git a/security/openssh/files/patch-ah b/security/openssh/files/patch-ah new file mode 100644 index 000000000000..95b32a341276 --- /dev/null +++ b/security/openssh/files/patch-ah @@ -0,0 +1,27 @@ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/ssh-add/Makefile Wed Oct 27 12:54:48 1999 ++++ ./ssh-add/Makefile Tue Nov 23 19:26:48 1999 +@@ -2,20 +2,13 @@ + + PROG= ssh-add + BINOWN= root +- +-.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ +- ${MACHINE_ARCH} == "hppa") +-BINMODE=0000 +-.else +-BINMODE?=555 +-.endif +- +-BINDIR= /usr/bin +-MAN= ssh-add.1 ++BINMODE=555 ++BINDIR= /bin ++MAN1= ssh-add.1 + + SRCS= ssh-add.c log-client.c + + .include <bsd.prog.mk> + +-LDADD+= -lcrypto -lutil -lz ++LDADD+= ${CRYPTOLIBS} -lutil -lz + DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-ai b/security/openssh/files/patch-ai index fd676782c3d2..519c4e727f15 100644 --- a/security/openssh/files/patch-ai +++ b/security/openssh/files/patch-ai @@ -1,21 +1,26 @@ -diff -ru /home/green/ssh/includes.h ./includes.h ---- /home/green/ssh/includes.h Wed Nov 3 03:36:00 1999 -+++ ./includes.h Mon Nov 8 00:06:40 1999 -@@ -24,7 +24,6 @@ - #include <sys/select.h> - #include <sys/param.h> - #include <sys/ioctl.h> --#include <sys/endian.h> - #include <sys/stat.h> - #include <sys/wait.h> - #include <sys/time.h> -@@ -38,7 +37,8 @@ - #include <arpa/inet.h> - #include <netdb.h> +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/ssh-agent/Makefile Wed Oct 27 12:54:49 1999 ++++ ./ssh-agent/Makefile Tue Nov 23 19:27:38 1999 +@@ -2,20 +2,13 @@ --#include <netgroup.h> -+#include <machine/endian.h> -+ - #include <stdio.h> - #include <ctype.h> - #include <errno.h> + PROG= ssh-agent + BINOWN= root +- +-.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ +- ${MACHINE_ARCH} == "hppa") +-BINMODE=0000 +-.else +-BINMODE?=555 +-.endif +- +-BINDIR= /usr/bin ++BINMODE=555 ++BINDIR= /bin + MAN= ssh-agent.1 + + SRCS= ssh-agent.c log-client.c + + .include <bsd.prog.mk> + +-LDADD+= -lcrypto -lutil -lz ++LDADD+= ${CRYPTOLIBS} -lutil -lz + DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-aj b/security/openssh/files/patch-aj index 2b51018f9bc7..9f9c0fcd64da 100644 --- a/security/openssh/files/patch-aj +++ b/security/openssh/files/patch-aj @@ -1,19 +1,26 @@ ---- ./lib/Makefile.orig Tue Nov 16 16:50:53 1999 -+++ ./lib/Makefile Tue Nov 16 16:52:01 1999 -@@ -4,7 +4,7 @@ - SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \ - cipher.c compat.c compress.c crc32.c deattack.c fingerprint.c \ - hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ -- rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c -+ rsa.c strlcpy.c tildexpand.c ttymodes.c uidswap.c xmalloc.c +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/ssh-keygen/Makefile Wed Oct 27 12:54:49 1999 ++++ ./ssh-keygen/Makefile Tue Nov 23 19:28:07 1999 +@@ -2,20 +2,13 @@ - NOPROFILE= yes - NOPIC= yes -@@ -13,6 +13,7 @@ - @echo -n + PROG= ssh-keygen + BINOWN= root +- +-.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ +- ${MACHINE_ARCH} == "hppa") +-BINMODE=0000 +-.else +-BINMODE?=555 +-.endif +- +-BINDIR= /usr/bin ++BINMODE=555 ++BINDIR= /bin + MAN= ssh-keygen.1 - .include <bsd.own.mk> -+.include "../Makefile.inc" + SRCS= ssh-keygen.c log-client.c - .if (${KERBEROS} == "yes") - CFLAGS+= -DKRB4 -I/usr/include/kerberosIV + .include <bsd.prog.mk> + +-LDADD+= -lcrypto -lutil -lz ++LDADD+= ${CRYPTOLIBS} -lutil -lz + DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-ak b/security/openssh/files/patch-ak index 7248dbab9bed..f76d52056c2e 100644 --- a/security/openssh/files/patch-ak +++ b/security/openssh/files/patch-ak @@ -1,14 +1,12 @@ ---- ./login.c.orig Sat Nov 13 16:50:45 1999 -+++ ./login.c Sat Nov 13 17:59:23 1999 -@@ -20,7 +20,11 @@ - #include "includes.h" - RCSID("$Id: login.c,v 1.7 1999/09/30 16:55:06 deraadt Exp $"); - -+#if defined(__FreeBSD__) -+#include <libutil.h> -+#else - #include <util.h> +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/ssh.c Tue Nov 23 18:57:50 1999 ++++ ./ssh.c Tue Nov 23 19:28:33 1999 +@@ -123,6 +123,9 @@ + log("Using rsh. WARNING: Connection will not be encrypted."); + /* Build argument list for rsh. */ + i = 0; ++#ifndef _PATH_RSH ++#define _PATH_RSH "/usr/bin/rsh" +#endif - #include <utmp.h> - #include "ssh.h" - + args[i++] = _PATH_RSH; + /* host may have to come after user on some systems */ + args[i++] = host; diff --git a/security/openssh/files/patch-al b/security/openssh/files/patch-al new file mode 100644 index 000000000000..365a45928036 --- /dev/null +++ b/security/openssh/files/patch-al @@ -0,0 +1,27 @@ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/ssh.h Tue Nov 23 18:58:02 1999 ++++ ./ssh.h Tue Nov 23 19:31:00 1999 +@@ -51,7 +51,7 @@ + port if present. */ + #define SSH_SERVICE_NAME "ssh" + +-#define ETCDIR "/etc" ++#define ETCDIR "__PREFIX__/etc" + #define PIDDIR "/var/run" + + /* System-wide file containing host keys of known hosts. This file should be +@@ -64,11 +64,11 @@ + are all defined in Makefile.in. Of these, ssh_host_key should be readable + only by root, whereas ssh_config should be world-readable. */ + +-#define HOST_KEY_FILE "/etc/ssh_host_key" +-#define SERVER_CONFIG_FILE "/etc/sshd_config" +-#define HOST_CONFIG_FILE "/etc/ssh_config" ++#define HOST_KEY_FILE "__PREFIX__/etc/ssh_host_key" ++#define SERVER_CONFIG_FILE "__PREFIX__/etc/sshd_config" ++#define HOST_CONFIG_FILE "__PREFIX__/etc/ssh_config" + +-#define SSH_PROGRAM "/usr/bin/ssh" ++#define SSH_PROGRAM "__PREFIX__/usr/bin/ssh" + + /* The process id of the daemon listening for connections is saved + here to make it easier to kill the correct daemon when necessary. */ diff --git a/security/openssh/files/patch-aw b/security/openssh/files/patch-am index 946b865ec625..22106d6e39ef 100644 --- a/security/openssh/files/patch-aw +++ b/security/openssh/files/patch-am @@ -1,6 +1,5 @@ -diff -ru /home/green/ssh/sshd/Makefile ./sshd/Makefile ---- /home/green/ssh/sshd/Makefile Tue Oct 26 03:31:00 1999 -+++ ./sshd/Makefile Mon Nov 8 00:14:02 1999 +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/sshd/Makefile Mon Oct 25 16:27:27 1999 ++++ ./sshd/Makefile Tue Nov 23 19:29:25 1999 @@ -3,13 +3,14 @@ PROG= sshd BINOWN= root @@ -23,7 +22,7 @@ diff -ru /home/green/ssh/sshd/Makefile ./sshd/Makefile .include <bsd.prog.mk> -LDADD+= -lcrypto -lutil -lz -+LDADD+= -lutil -lz -lcrypt ${CRYPTOLIBS} ++LDADD+= ${CRYPTOLIBS} -lcrypt -lutil -lz DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} .if (${TCP_WRAPPERS} == "yes") diff --git a/security/openssh/files/patch-an b/security/openssh/files/patch-an new file mode 100644 index 000000000000..8dfdf115c932 --- /dev/null +++ b/security/openssh/files/patch-an @@ -0,0 +1,232 @@ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/sshd.c Tue Nov 23 18:59:05 1999 ++++ ./sshd.c Tue Nov 23 20:33:18 1999 +@@ -39,6 +39,16 @@ + int deny_severity = LOG_WARNING; + #endif /* LIBWRAP */ + ++#ifdef __FreeBSD__ ++#include <libutil.h> ++#include <syslog.h> ++#define LOGIN_CAP ++#endif /* __FreeBSD__ */ ++ ++#ifdef LOGIN_CAP ++#include <login_cap.h> ++#endif /* LOGIN_CAP */ ++ + #ifndef O_NOCTTY + #define O_NOCTTY 0 + #endif +@@ -1008,6 +1018,14 @@ + return 0; + } + } ++ /* Fail if the account's expiration time has passed. */ ++ if (pw->pw_expire != 0) { ++ struct timeval tv; ++ ++ (void)gettimeofday(&tv, NULL); ++ if (tv.tv_sec >= pw->pw_expire) ++ return 0; ++ } + /* We found no reason not to let this user try to log on... */ + return 1; + } +@@ -1042,6 +1060,9 @@ + pwcopy.pw_gid = pw->pw_gid; + pwcopy.pw_dir = xstrdup(pw->pw_dir); + pwcopy.pw_shell = xstrdup(pw->pw_shell); ++ pwcopy.pw_class = xstrdup(pw->pw_class); ++ pwcopy.pw_expire = pw->pw_expire; ++ pwcopy.pw_change = pw->pw_change; + pw = &pwcopy; + + /* If we are not running as root, the user must have the same uid +@@ -1790,6 +1811,10 @@ + struct sockaddr_in from; + int fromlen; + struct pty_cleanup_context cleanup_context; ++#ifdef LOGIN_CAP ++ login_cap_t *lc; ++ char *fname; ++#endif /* LOGIN_CAP */ + + /* Get remote host name. */ + hostname = get_canonical_hostname(); +@@ -1850,6 +1875,12 @@ + /* Check if .hushlogin exists. */ + snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); + quiet_login = stat(line, &st) >= 0; ++#ifdef LOGIN_CAP ++ lc = login_getpwclass(pw); ++ if (lc == NULL) ++ lc = login_getclassbyname(NULL, pw); ++ quiet_login = login_getcapbool(lc, "hushlogin", quiet_login); ++#endif /* LOGIN_CAP */ + + /* If the user has logged in before, display the time of + last login. However, don't display anything extra if a +@@ -1871,12 +1902,31 @@ + else + printf("Last login: %s from %s\r\n", time_string, buf); + } ++#ifdef LOGIN_CAP ++ if (command == NULL && !quiet_login && !options.use_login) { ++ fname = login_getcapstr(lc, "copyright", NULL, NULL); ++ if (fname != NULL && (f = fopen(fname, "r")) != NULL) { ++ while (fgets(line, sizeof(line), f)) ++ fputs(line, stdout); ++ fclose(f); ++ } else ++ (void)printf("%s\n\t%s %s\n", ++ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", ++ "The Regents of the University of California. ", ++ "All rights reserved."); ++ } ++#endif /* LOGIN_CAP */ + /* Print /etc/motd unless a command was specified or + printing it was disabled in server options or login(1) + will be used. Note that some machines appear to print + it in /etc/profile or similar. */ + if (command == NULL && options.print_motd && !quiet_login && + !options.use_login) { ++#ifdef LOGIN_CAP ++ fname = login_getcapstr(lc, "welcome", NULL, NULL); ++ login_close(lc); ++ if (fname == NULL || (f = fopen(fname, "r")) == NULL) ++#endif /* LOGIN_CAP */ + /* Print /etc/motd if it exists. */ + f = fopen("/etc/motd", "r"); + if (f) { +@@ -1885,6 +1935,7 @@ + fclose(f); + } + } ++ + /* Do common processing for the child, such as execing the command. */ + do_child(command, pw, term, display, auth_proto, auth_data, ttyname); + /* NOTREACHED */ +@@ -2030,17 +2081,38 @@ + extern char **environ; + struct stat st; + char *argv[10]; ++#ifdef LOGIN_CAP ++ login_cap_t *lc; ++ ++ lc = login_getpwclass(pw); ++ if (lc == NULL) ++ lc = login_getclassbyname(NULL, pw); ++#endif /* LOGIN_CAP */ + + /* Check /etc/nologin. */ + f = fopen("/etc/nologin", "r"); ++#ifdef __FreeBSD__ ++ if (f == NULL) ++ f = fopen("/var/run/nologin", "r"); ++#endif /* __FreeBSD__ */ + if (f) { +- /* /etc/nologin exists. Print its contents and exit. */ +- while (fgets(buf, sizeof(buf), f)) +- fputs(buf, stderr); +- fclose(f); +- if (pw->pw_uid != 0) +- exit(254); +- } ++ /* /etc/nologin exists. */ ++#ifdef LOGIN_CAP ++ /* ++ * If the user doesn't have "ignorenologin" set, print ++ * its contents and exit. ++ */ ++ if (!login_getcapbool(lc, "ignorenologin", 0)) { ++#endif /* LOGIN_CAP */ ++ while (fgets(buf, sizeof(buf), f)) ++ fputs(buf, stderr); ++ fclose(f); ++ if (pw->pw_uid != 0) ++ exit(254); ++#ifdef LOGIN_CAP ++ } ++#endif /* LOGIN_CAP */ ++ } + /* Set login name in the kernel. */ + if (setlogin(pw->pw_name) < 0) + error("setlogin failed: %s", strerror(errno)); +@@ -2049,6 +2121,13 @@ + /* Login(1) does this as well, and it needs uid 0 for the "-h" + switch, so we let login(1) to this for us. */ + if (!options.use_login) { ++#ifdef LOGIN_CAP ++ if (setclasscontext(pw->pw_class, LOGIN_SETPRIORITY | ++ LOGIN_SETRESOURCES | LOGIN_SETUMASK) == -1) { ++ perror("setclasscontext"); ++ exit(1); ++ } ++#endif /* LOGIN_CAP */ + if (getuid() == 0 || geteuid() == 0) { + if (setgid(pw->pw_gid) < 0) { + perror("setgid"); +@@ -2069,7 +2148,13 @@ + } + /* Get the shell from the password data. An empty shell field is + legal, and means /bin/sh. */ ++#ifdef LOGIN_CAP ++ shell = login_getcapstr(lc, "shell", pw->pw_shell, pw->pw_shell); ++ if (shell[0] == '\0') ++ shell = _PATH_BSHELL; ++#else /* LOGIN_CAP */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; ++#endif /* LOGIN_CAP */ + + #ifdef AFS + /* Try to get AFS tokens for the local cell. */ +@@ -2094,7 +2179,12 @@ + child_set_env(&env, &envsize, "USER", pw->pw_name); + child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); + child_set_env(&env, &envsize, "HOME", pw->pw_dir); ++#ifdef LOGIN_CAP ++ child_set_env(&env, &envsize, "PATH", ++ login_getpath(lc, "path", _PATH_STDPATH)); ++#else /* LOGIN_CAP */ + child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); ++#endif /* LOGIN_CAP */ + + snprintf(buf, sizeof buf, "%.200s/%.50s", + _PATH_MAILDIR, pw->pw_name); +@@ -2189,13 +2279,35 @@ + later. */ + endpwent(); + endhostent(); ++#ifdef LOGIN_CAP ++ login_close(lc); ++#endif /* LOGIN_CAP */ + + /* Close any extra open file descriptors so that we don\'t have + them hanging around in clients. Note that we want to do this + after initgroups, because at least on Solaris 2.3 it leaves + file descriptors open. */ +- for (i = 3; i < 64; i++) ++ for (i = 3; i < getdtablesize(); i++) + close(i); ++ ++#ifdef __FreeBSD__ ++ /* ++ * If the password change time is set and has passed, give the ++ * user a password expiry notice and chance to change it. ++ */ ++ if (pw->pw_change != 0) { ++ struct timeval tv; ++ ++ (void)gettimeofday(&tv, NULL); ++ if (tv.tv_sec >= pw->pw_change) { ++ (void)printf("Sorry -- your password has expired.\n"); ++ syslog(LOG_INFO, "%s Password expired - forcing change", ++ pw->pw_name); ++ if (system("/usr/bin/passwd") != 0) ++ perror("/usr/bin/passwd"); ++ } ++ } ++#endif /* __FreeBSD__ */ + + /* Change current directory to the user\'s home directory. */ + if (chdir(pw->pw_dir) < 0) diff --git a/security/openssh/files/patch-ao b/security/openssh/files/patch-ao index 21f9247a72e7..a728a10616d5 100644 --- a/security/openssh/files/patch-ao +++ b/security/openssh/files/patch-ao @@ -1,14 +1,16 @@ -diff -ru /home/green/ssh/scp/Makefile ./scp/Makefile ---- /home/green/ssh/scp/Makefile Tue Oct 26 03:31:00 1999 -+++ ./scp/Makefile Mon Nov 8 00:13:21 1999 -@@ -10,8 +10,8 @@ - BINMODE?=555 - .endif - --BINDIR= /usr/bin --MAN= scp.1 -+BINDIR= /bin -+MAN1= scp.1 - - SRCS= scp.c +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/sshd_config Thu Nov 11 17:58:39 1999 ++++ ./sshd_config Tue Nov 23 19:31:58 1999 +@@ -2,11 +2,11 @@ + Port 22 + ListenAddress 0.0.0.0 +-HostKey /etc/ssh_host_key ++HostKey __PREFIX__/etc/ssh_host_key + ServerKeyBits 768 + LoginGraceTime 600 + KeyRegenerationInterval 3600 +-PermitRootLogin yes ++PermitRootLogin no + # + # Don't read ~/.rhosts and ~/.shosts files + IgnoreRhosts yes diff --git a/security/openssh/files/patch-ar b/security/openssh/files/patch-ar deleted file mode 100644 index 0fca0fb71c85..000000000000 --- a/security/openssh/files/patch-ar +++ /dev/null @@ -1,27 +0,0 @@ ---- ssh-agent/Makefile.orig Thu Oct 28 03:32:00 1999 -+++ ssh-agent/Makefile Tue Nov 9 06:41:50 1999 -@@ -2,20 +2,14 @@ - - PROG= ssh-agent - BINOWN= root -+BINMODE=555 - --.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ -- ${MACHINE_ARCH} == "hppa") --BINMODE=0000 --.else --BINMODE?=555 --.endif -- --BINDIR= /usr/bin --MAN= ssh-agent.1 -+BINDIR= /bin -+MAN1= ssh-agent.1 - - SRCS= ssh-agent.c log-client.c - - .include <bsd.prog.mk> - --LDADD+= -lcrypto -lutil -lz -+LDADD+= -lutil -lz ${CRYPTOLIBS} - DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-at b/security/openssh/files/patch-at deleted file mode 100644 index 861e84136ae6..000000000000 --- a/security/openssh/files/patch-at +++ /dev/null @@ -1,27 +0,0 @@ ---- ssh-keygen/Makefile.orig Thu Oct 28 03:32:00 1999 -+++ ssh-keygen/Makefile Tue Nov 9 06:42:34 1999 -@@ -2,20 +2,14 @@ - - PROG= ssh-keygen - BINOWN= root -+BINMODE=555 - --.if (${MACHINE_ARCH} == "alpha" || ${MACHINE_ARCH} == "powerpc" || \ -- ${MACHINE_ARCH} == "hppa") --BINMODE=0000 --.else --BINMODE?=555 --.endif -- --BINDIR= /usr/bin --MAN= ssh-keygen.1 -+BINDIR= /bin -+MAN1= ssh-keygen.1 - - SRCS= ssh-keygen.c log-client.c - - .include <bsd.prog.mk> - --LDADD+= -lcrypto -lutil -lz -+LDADD+= -lutil -lz ${CRYPTOLIBS} - DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-au b/security/openssh/files/patch-au deleted file mode 100644 index 45b30014d990..000000000000 --- a/security/openssh/files/patch-au +++ /dev/null @@ -1,13 +0,0 @@ -diff -ru /home/green/ssh/ssh.c ./ssh.c ---- /home/green/ssh/ssh.c Sat Oct 30 03:43:00 1999 -+++ ./ssh.c Mon Nov 8 00:06:40 1999 -@@ -128,6 +128,9 @@ - log("Using rsh. WARNING: Connection will not be encrypted."); - /* Build argument list for rsh. */ - i = 0; -+#ifndef _PATH_RSH -+#define _PATH_RSH "/usr/bin/rsh" -+#endif - args[i++] = _PATH_RSH; - args[i++] = host; /* may have to come after user on some systems */ - if (user) diff --git a/security/openssh/files/strlcat.c b/security/openssh/files/strlcat.c new file mode 100644 index 000000000000..599994edf5af --- /dev/null +++ b/security/openssh/files/strlcat.c @@ -0,0 +1,71 @@ +/* $OpenBSD: strlcat.c,v 1.2 1999/06/17 16:28:58 millert Exp $ */ + +/* + * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char *rcsid = "$OpenBSD: strlcat.c,v 1.2 1999/06/17 16:28:58 millert Exp $"; +#endif /* LIBC_SCCS and not lint */ + +#include <sys/types.h> +#include <string.h> + +/* + * Appends src to string dst of size siz (unlike strncat, siz is the + * full size of dst, not space left). At most siz-1 characters + * will be copied. Always NUL terminates (unless siz == 0). + * Returns strlen(src); if retval >= siz, truncation occurred. + */ +size_t strlcat(dst, src, siz) + char *dst; + const char *src; + size_t siz; +{ + register char *d = dst; + register const char *s = src; + register size_t n = siz; + size_t dlen; + + /* Find the end of dst and adjust bytes left but don't go past end */ + while (*d != '\0' && n-- != 0) + d++; + dlen = d - dst; + n = siz - dlen; + + if (n == 0) + return(dlen + strlen(s)); + while (*s != '\0') { + if (n != 1) { + *d++ = *s; + n--; + } + s++; + } + *d = '\0'; + + return(dlen + (s - src)); /* count does not include NUL */ +} |