diff options
| -rw-r--r-- | security/openssh/Makefile | 4 | ||||
| -rw-r--r-- | security/openssh/distinfo | 288 | ||||
| -rw-r--r-- | security/openssh/files/patch-ad | 17 | ||||
| -rw-r--r-- | security/openssh/files/patch-am | 13 | ||||
| -rw-r--r-- | security/openssh/files/patch-an | 284 | ||||
| -rw-r--r-- | security/openssh/files/patch-ap | 121 | ||||
| -rw-r--r-- | security/openssh/files/patch-au | 201 | ||||
| -rw-r--r-- | security/openssh/files/patch-av | 39 |
8 files changed, 454 insertions, 513 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 8dd5f67e466e..d825bd1149d4 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -6,7 +6,7 @@ # PORTNAME= OpenSSH -PORTVERSION= 1.2.2 +PORTVERSION= 1.2.3 CATEGORIES= security net ipv6 # ${MASTER_SITES} is only for if CVS won't work, period. MASTER_SITES= ftp://internat.FreeBSD.org/pub/Crypto/OpenSSH/ @@ -24,7 +24,7 @@ IGNOREFILES!= ${SED} 's:^\(.*\)$$:${PKGNAME}/\1:g' ${FILESDIR}/ignorefiles DISTFILES+= ${IGNOREFILES} CVS_CMD?= cvs -z3 -CVS_DATE= Fri Mar 3 00:37:20 EST 2000 +CVS_DATE= Thu Apr 20 17:00:39 EDT 2000 SED?= /usr/bin/sed CVS_DATE_!= ${ECHO} -n "${CVS_DATE}" | ${SED} 's/[ \t:]/_/g' CVS_SITES?= anoncvs@anoncvs1.ca.openbsd.org:/cvs \ diff --git a/security/openssh/distinfo b/security/openssh/distinfo index ca28bc2ffd08..0a61068eabb2 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,134 +1,154 @@ -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/COPYING.Ylonen) = d8416f438a512281d230790c8487ce0b -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/Makefile) = 7f10222699e8a34758fe63d0c7df6806 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/Makefile.inc) = 8f096d4d5a830efe7dde5674b482cd2b -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/OVERVIEW) = 5def77be758d9e4aa2390c3825ed7cb2 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/README) = e54fb9189053db5ad25892054c8d0989 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/RFC.nroff) = 1615f30810a3d47716883b2eaddd712c -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/atomicio.c) = 9a5c994c7ecdb7ebf875037b7cc70f37 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/auth-krb4.c) = e9f588343a4954004ecbf7ba805edde2 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/auth-passwd.c) = 176629d0f658f24120a5710c9b5a84d8 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/auth-rh-rsa.c) = a1c4177fb07f7dcc4dbe6c468bab608e -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/auth-rhosts.c) = 2df099d85d31d7346cba663a45592c91 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/auth-rsa.c) = c63d62200ea033bbc0f97264e57fb512 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/auth-skey.c) = 1c003cb98aea4e771a9ec3e67dd99096 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/authfd.c) = 08ebd5cb6fd9521ead44475a59880ea9 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/authfd.h) = 84826e6490812a490bb07b97dfeef085 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/authfile.c) = 1bcc8b9b06dfbd1a974efd14659c91c0 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/bufaux.c) = 877a21dbdd68ef04a1e39a0e6d34450e -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/bufaux.h) = 46caf1274857d0bdc5eabe60d56f6aaf -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/buffer.c) = 6cea321387c23d5cfaefca38bc167c1f -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/buffer.h) = c284a258593ae4d8905d94ddae45f4b1 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/canohost.c) = 4ebd799aac04aa6c0e23d0c1e27e9ea6 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/channels.c) = a1d2901a30b86a02a12fea83b3112e21 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/channels.h) = e597ecd2255e0f92fb5a92c40c99d8b4 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/cipher.c) = cbceaaa4261bbd5d1109510cd9a8eab5 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/cipher.h) = e1b48bd7a4e37c1b106f968d8377b843 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/clientloop.c) = 35f80aaf2f0796a25a54140f65731f07 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/compat.c) = 08c12cb64c7bc91f90ff6480e53097b9 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/compat.h) = c4228db03a5cb0b46a7aa4f11d046564 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/compress.c) = 50d1d17fec498f13d65327a5f98398b2 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/compress.h) = 1dc8f39d85e998b083968d2ddb675caa -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/crc32.c) = 9b71f48256fcdf65dd965679718b39cd -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/crc32.h) = 01f49f92aead5091b3d9416858fb45da -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/deattack.c) = 4f21abf0398edd93ffba792b90029aa6 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/deattack.h) = db63f71b6c19484dd8ce5041cc6b646d -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/fingerprint.c) = 782318f23ec96a679f140a475ee38638 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/fingerprint.h) = 17d73906c4f0c1cddb3c1c7e98d02785 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/getput.h) = bf729289671363abc3882e1e0c34d270 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/hostfile.c) = 9103a4ee3c59637516599ca8fa02393f -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/includes.h) = 1dc9df93b0be59b6351755ea7817be09 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/lib/Makefile) = 66b181f50f06eb76ecc6c59acf0f3068 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/log-client.c) = e312007400dea60e00ca36678dcceb81 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/log-server.c) = 04e8a5f18b5f23c9c0ca1c361bde61dd -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/log.c) = 40cc9c89526c10ef6cb2c46c0258727e -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/login.c) = ab361f9b7f5bccae2ca67c55445353a0 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/match.c) = facc507e6b48d09f9df77c2a77b365c3 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/mpaux.c) = 50ebda88832e2852c1bab39e5e5ac5bb -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/mpaux.h) = 3dd5ddaa6baccf7f38964e69cd2f9e1c -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/nchan.c) = 0e73a88c8609432113d26f46ef6f5a8b -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/nchan.h) = 884bb0c2b62f274ccbf9c0eafc9d37c2 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/nchan.ms) = 854123795358a9aa6005cd1e69309cfb -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/packet.c) = 118b0601641c75e8df0168e778901143 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/packet.h) = a2889cb1db9ae9e8833a8746e7e3cc18 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/pty.c) = 07863e9203fd2be22f79a24b04fc5029 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/pty.h) = 8118b38a8ac83aca08697f0af0375ce7 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/radix.c) = 599f6349035451d48e36334b21696963 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/readconf.c) = 7f4addf8a7e1db663b2f4f5b82d8dca8 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/readconf.h) = 9f40c6fa01b174149efbaad4bf21c334 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/readpass.c) = c34101348efcacbdbadaa63a98736e55 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/rsa.c) = 3c7310a68b6ad41d18097aaa57158bd7 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/rsa.h) = ee65e38f1fcc22328c5d5f07b57d6e5f -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp.1) = 939fd8b3eb1965e081e557fcd069b89e -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp.c) = 45a32c046e4c796237b090bee70834a2 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp/Makefile) = 5cb4c5fcabde5ccc4f9ca475ac3452f4 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/servconf.c) = d83776a1cc4470b1183c961df27b1902 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/servconf.h) = 70595ee9c1fb106695343787e1696bce -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/serverloop.c) = b2282cf4f899b132134d783f691a2fca -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add.1) = 27dc45bd1de670387eb40eeb8376a3db -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add.c) = b2bcb9fcac8725699faaf8f2d8e6894c -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add/Makefile) = f780e2e9fb5c32d2118ba0e612d681e0 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent.1) = 77cfce4f00bf81ad0a94826ec282df03 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent.c) = 5bdf7f32d33ceb9dab8f3b0516e3b012 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent/Makefile) = c7ec7c4e61b4da3369980f197fdcb501 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen.1) = 82cd3ead37718cf5d5b7091f0c18fe2c -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen.c) = 6c9eea3bcb9fc9100e7d510133bd62d0 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen/Makefile) = 2d597b6e6458d0c0246ba2563dd2498b -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh.1) = a16d0cfbcd673288933dd6e18bd29e7e -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh.c) = 845acac60210c29706d48c0a0bb1725d -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh.h) = d686342b58a0b9266f811a40cd472a5c -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh/Makefile) = 41b006d3c04b599619990b47da60f81e -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh_config) = 9658715526aeaf0bc43528d3159b475f -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshconnect.c) = fe87f5f195aec789a5461e00e1339882 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd.8) = 2903c2b7d21d12c9d7314367dceffd3d -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd.c) = c246cc5f1a368db3e704eab431c12378 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd/Makefile) = cf75ee12082a0b63fa9510dcbaa32126 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd_config) = f48bdabb5094cb6aaa1f398987cbf9b4 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/tildexpand.c) = 65ba9200404da3a094823605f57bca12 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ttymodes.c) = 570810b08bdb8bc962630c2fbb425a00 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ttymodes.h) = a08ab0789c979c7942423e2ab3df79dd -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/uidswap.c) = a850da3d0fabd4a6c6cf7484c1105071 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/uidswap.h) = 8d855b827d8e81417d0b2e7692617c35 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/version.h) = f44936b17688136de5375eb156def641 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/xmalloc.c) = 5d67cda10b34bc467eac083f1e0fb198 -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/xmalloc.h) = 0614fab05a7974c8761069b38054753e -MD5 (OpenSSH-1.2.2/.stamp) = IGNORE -MD5 (OpenSSH-1.2.2/src/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/CVS/Entries.Static) = IGNORE -MD5 (OpenSSH-1.2.2/src/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/CVS/Entries.Static) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/lib/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/lib/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/lib/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/lib/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/scp/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-add/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-agent/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh-keygen/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/ssh/CVS/Tag) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd/CVS/Entries) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd/CVS/Repository) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd/CVS/Root) = IGNORE -MD5 (OpenSSH-1.2.2/src/usr.bin/ssh/sshd/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/COPYING.Ylonen) = d8416f438a512281d230790c8487ce0b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/Makefile) = 7f10222699e8a34758fe63d0c7df6806 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/Makefile.inc) = 8f096d4d5a830efe7dde5674b482cd2b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/OVERVIEW) = 5def77be758d9e4aa2390c3825ed7cb2 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/README) = 52a85d862e62f86085f88ed122ee42db +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/README.openssh2) = cd38f6aa19d40a6332e819cda89b834f +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/RFC.nroff) = 1615f30810a3d47716883b2eaddd712c +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/atomicio.c) = d37759586f991f95656d8007098a4bcb +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth-krb4.c) = 595f30dea85fbca889c06e2201e3046f +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth-passwd.c) = 5409b8b72cf3d423007f7c16bb239798 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth-rh-rsa.c) = ec52302ac3f659eafc2fe3759512927b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth-rhosts.c) = df9fc790aa6be504ed8ac06563b31ece +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth-rsa.c) = 56ed162c272723ec87637d7d9c18452f +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth-skey.c) = 7305b8e6123cd53c8e7f0fb91a513900 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth.c) = ae1b6b7614f73245b89d281760458f40 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/auth.h) = c75a7aac7d3cbdd9b9d2a94f377716c2 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/authfd.c) = 3c20ef4094c04751e981e7aa1c9c165b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/authfd.h) = 81c00ae99e699dcbf0aaf66be890f031 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/authfile.c) = ab75372bf2a6147e1a633753c9813431 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/bufaux.c) = 65d028bd747ee7570d39ea1f2bf4c515 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/bufaux.h) = eaa7da5a9d4e377a338d995d2f9e6de1 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/buffer.c) = 1c74016ee6d05286da765fe1cffe6854 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/buffer.h) = cfdaee8c202afcafe5dfb5de4dbd3767 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/canohost.c) = 047411062df07cc484c08718dfd58a47 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/channels.c) = 36d57c5d540ec506c7c8cc4bb11f7ee0 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/channels.h) = c515fffd18a3efc8ae3143876971e465 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/cipher.c) = 98524ba57d3b5f8d917d357bb0be68a4 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/cipher.h) = cb95753bf4ebb9960e79799dd1558dd7 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/clientloop.c) = 362717fb66a4e820f316ad13b3987a8e +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/compat.c) = f17356cb5cdd78403e0603506410803b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/compat.h) = ec656c019ea9c7b3ef54d28a7b3780b1 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/compress.c) = 7cb42f5c64c2083eeafb4043b47a6f67 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/compress.h) = 26e3866b56499d350abbafb751581dc2 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/crc32.c) = 9b71f48256fcdf65dd965679718b39cd +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/crc32.h) = b575d2ec47d6de53615f397eb7ada86a +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/deattack.c) = 4f21abf0398edd93ffba792b90029aa6 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/deattack.h) = db63f71b6c19484dd8ce5041cc6b646d +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/dispatch.c) = fa60ac6e01eae273c931716d46f8d35c +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/dispatch.h) = 0dc38de5d11df46cf6867eed1b1c0ee4 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/dsa.c) = 3de535ed264363dc825ef48fe06f392d +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/dsa.h) = 494b2f2a7a654b0ff511b4ff473e2289 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/fingerprint.c) = 41f0081f454e03e67a60c6d8da00ba6e +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/fingerprint.h) = 17d73906c4f0c1cddb3c1c7e98d02785 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/getput.h) = 23db3320a5239a9b61818832e41d3557 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/hmac.c) = 852572de0929d4c0426656e3d6a4140f +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/hmac.h) = 1a306507aca93777dfc9c18d2eb5fd80 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/hostfile.c) = 1606db3724e823f7b690973a6812b187 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/hostfile.h) = cfddf2caa764e9744010e4c91956072d +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/includes.h) = 2632efa39f3a4b4cc72d7cfaa736ec5b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/kex.c) = e300045b36c3afe3acd9ca5eed76f7cd +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/kex.h) = 16e7517f3cb28f75c26ccd4bcb0e20bf +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/key.c) = ca0a07c56c5a961dec0a51b9e81f80cd +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/key.h) = 2eeac69e942f7b479d114e0605d3ff7a +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/lib/Makefile) = 2ef0317a1bf1da8da5711fda3e8c2c17 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/log-client.c) = 2a72579b9d281827743655c43e9c3123 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/log-server.c) = 0724a19d77cc09b24ebbf3e098681acf +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/log.c) = 40cc9c89526c10ef6cb2c46c0258727e +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/login.c) = 6efda7f91d48b63eccf147d4362bf083 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/match.c) = e27632c0f950af7b2bac42edd20b03d6 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/match.h) = 6a2e2766f54f54d78870c925f0fc6196 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/mpaux.c) = 02746c81807d32b5046765e2eed13f04 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/mpaux.h) = 6b2bf055263974655a4657bddd129e96 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/myproposal.h) = 2b25c6b4ae9a43ff7f35aa52f20f3f6b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/nchan.c) = a758300229199c290a906b8b934217de +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/nchan.h) = 597daae5b9302498d2f413aa5228e435 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/nchan.ms) = 854123795358a9aa6005cd1e69309cfb +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/nchan2.ms) = 1dc8babfa4c61456027017588276eae3 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/packet.c) = 9fe76c84a12407e85fc149a2f9332dfc +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/packet.h) = 0628b57aa84040e85606468bfccc268b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/pty.c) = 2a78078be474239e5d96266327cfa1df +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/pty.h) = 438560d1601fce25df036feb6f09f156 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/radix.c) = acc40845a51e50c3083b35ff1bb241bd +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/readconf.c) = d506391e407b5f735f0c6ff3d9a7b5e8 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/readconf.h) = 21a948290cb9afebbb1257653a721c80 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/readpass.c) = d5570f3a4c3d92cf3fb5fd1d19593370 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/rsa.c) = da67a0b2eab5b3c4a4cdcd6cbeedb288 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/rsa.h) = 3adbb7cad2c32d846fcb6063b497ab63 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp.1) = ac989a8aab89b3f7a242d6f6ae6a1f44 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp.c) = 1f1b7f713dcbc4b1b5fbb6666557ac22 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp/Makefile) = 5cb4c5fcabde5ccc4f9ca475ac3452f4 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/servconf.c) = 89f58c67bac11646386a43a4f9631bd4 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/servconf.h) = 31ef2eb7954f46c1157c32141c3425e5 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/serverloop.c) = 7a8e0a37edaef938ea23f6c472059e24 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/session.c) = bf99a38f7d6d48c7693af15659c65cf9 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/session.h) = 28c6f813a7039ac0c64a339b9e95f6bd +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add.1) = 4210627da70b1aa8b92253b70bd1b407 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add.c) = b2bcb9fcac8725699faaf8f2d8e6894c +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add/Makefile) = f780e2e9fb5c32d2118ba0e612d681e0 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent.1) = 5fcc83c0683752fcceb0696883efb296 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent.c) = 1b242352894fad1d839630940a41f1b8 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent/Makefile) = c7ec7c4e61b4da3369980f197fdcb501 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen.1) = 111b521c797e389119d3bbde7febc7c2 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen.c) = 796c6250f943f401eab2d7004c2fda6b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen/Makefile) = 2d597b6e6458d0c0246ba2563dd2498b +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh.1) = 42d1a8a45b994dfe9358164dbb9488c1 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh.c) = cbfd08aaca45d23b3b2d8844b6ffed3e +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh.h) = 05166fbda1320fb87c8d8d8972f256c4 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh/Makefile) = d9beccc62312aeefe153b49826e98213 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh2.h) = d77578769de63b92f4f27513a77d122d +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh_config) = 886c6bc555fcf2ae192989617d4ce0e6 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshconnect.c) = 8037975847d3579ff12d6f1fa5a7e5bf +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd.8) = 0f09ca7915538a622b7eccf479db77ca +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd.c) = 062def3293f8bd06ede4eaaf47413cab +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd/Makefile) = 06b2854fb3b42ffefc7c7104b0ed5191 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd_config) = 3d55a0d01d2b2110c73e5d00117bee19 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/tildexpand.c) = 65ba9200404da3a094823605f57bca12 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ttymodes.c) = 82049e550049ffec666f20590ea2e9ce +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ttymodes.h) = 4681e2d211d91319e9d340c27e73f39f +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/uidswap.c) = 7fe79d09f4bd3d889b4386cb0dc1ca02 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/uidswap.h) = 9217d879b02724af8ef56f308c174851 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/version.h) = 94112c25434ead1e7d43df7e19c01428 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/xmalloc.c) = 3c1ad55eb9e7d077870b9f6b473de882 +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/xmalloc.h) = 3c5f787ef5e900028b5865323979c833 +MD5 (OpenSSH-1.2.3/.stamp) = IGNORE +MD5 (OpenSSH-1.2.3/src/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/CVS/Entries.Static) = IGNORE +MD5 (OpenSSH-1.2.3/src/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/CVS/Entries.Static) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/lib/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/lib/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/lib/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/lib/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/scp/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-add/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-agent/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh-keygen/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/ssh/CVS/Tag) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd/CVS/Entries) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd/CVS/Repository) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd/CVS/Root) = IGNORE +MD5 (OpenSSH-1.2.3/src/usr.bin/ssh/sshd/CVS/Tag) = IGNORE diff --git a/security/openssh/files/patch-ad b/security/openssh/files/patch-ad index fe07d2c0ee29..f26905adf0f3 100644 --- a/security/openssh/files/patch-ad +++ b/security/openssh/files/patch-ad @@ -1,12 +1,11 @@ ---- lib/Makefile.orig Sun Jan 16 07:10:10 2000 -+++ lib/Makefile Tue Jan 18 14:56:00 2000 -@@ -4,7 +4,12 @@ - SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \ +--- /usr/ports/distfiles/OpenSSH-1.2.3/src/usr.bin/ssh/lib/Makefile Thu Apr 20 17:02:17 2000 ++++ lib/Makefile Thu Apr 20 17:08:05 2000 +@@ -5,7 +5,11 @@ cipher.c compat.c compress.c crc32.c deattack.c fingerprint.c \ hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ -- rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c -+ rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ -+ strlcat.c strlcpy.c + rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ +- key.c dispatch.c dsa.c kex.c hmac.c ++ key.c dispatch.c dsa.c kex.c hmac.c strlcat.c strlcpy.c + +.if defined(COMPAT_GETADDRINFO) +SRCS+= getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c @@ -14,11 +13,11 @@ NOPROFILE= yes NOPIC= yes -@@ -13,6 +18,7 @@ +@@ -14,6 +18,7 @@ @echo -n .include <bsd.own.mk> +.include "../Makefile.inc" .if (${KERBEROS} == "yes") - CFLAGS+= -DKRB4 -I/usr/include/kerberosIV + CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV diff --git a/security/openssh/files/patch-am b/security/openssh/files/patch-am index 22106d6e39ef..25e196b0120e 100644 --- a/security/openssh/files/patch-am +++ b/security/openssh/files/patch-am @@ -1,6 +1,6 @@ ---- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/sshd/Makefile Mon Oct 25 16:27:27 1999 -+++ ./sshd/Makefile Tue Nov 23 19:29:25 1999 -@@ -3,13 +3,14 @@ +--- /usr/ports/distfiles/OpenSSH-1.2.3/src/usr.bin/ssh/sshd/Makefile Thu Apr 20 17:02:17 2000 ++++ sshd/Makefile Thu Apr 20 17:10:39 2000 +@@ -3,14 +3,15 @@ PROG= sshd BINOWN= root BINMODE=555 @@ -10,14 +10,15 @@ +MAN8= sshd.8 SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ - pty.c log-server.c login.c servconf.c serverloop.c + pty.c log-server.c login.c servconf.c serverloop.c session.c \ + auth.c .include <bsd.own.mk> # for KERBEROS and AFS +.include "../Makefile.inc" .if (${KERBEROS} == "yes") - CFLAGS+= -DKRB4 -I/usr/include/kerberosIV -@@ -29,7 +30,7 @@ + .if (${AFS} == "yes") +@@ -30,7 +31,7 @@ .include <bsd.prog.mk> diff --git a/security/openssh/files/patch-an b/security/openssh/files/patch-an index 0a3e98efec74..e09752e8b65e 100644 --- a/security/openssh/files/patch-an +++ b/security/openssh/files/patch-an @@ -1,34 +1,22 @@ ---- sshd.c.orig Fri Jan 7 01:32:03 2000 -+++ sshd.c Fri Jan 7 01:40:05 2000 -@@ -26,6 +26,8 @@ - #include "servconf.h" - #include "uidswap.h" - #include "compat.h" -+#include <poll.h> -+#include <time.h> - - #ifdef LIBWRAP - #include <tcpd.h> -@@ -34,6 +36,16 @@ +--- sshd.c.orig Thu Apr 20 17:11:24 2000 ++++ sshd.c Thu Apr 20 17:17:12 2000 +@@ -48,6 +48,13 @@ int deny_severity = LOG_WARNING; #endif /* LIBWRAP */ +#ifdef __FreeBSD__ +#include <libutil.h> ++#include <poll.h> +#include <syslog.h> -+#define LOGIN_CAP ++#include <time.h> +#endif /* __FreeBSD__ */ + -+#ifdef LOGIN_CAP -+#include <login_cap.h> -+#endif /* LOGIN_CAP */ -+ #ifndef O_NOCTTY #define O_NOCTTY 0 #endif -@@ -128,6 +140,32 @@ - the private key. */ - RSA *public_key; +@@ -128,6 +135,32 @@ + /* session identifier, used by RSA-auth */ + unsigned char session_id[16]; +/* These are used to implement connections_per_period. */ +struct magic_connection { @@ -57,19 +45,19 @@ +} + /* Prototypes for various functions defined later in this file. */ - void do_connection(); - void do_authentication(char *user); -@@ -301,6 +339,7 @@ - extern int optind; - int opt, sock_in = 0, sock_out = 0, newsock, i, fdsetsz, pid, on = 1; + void do_ssh1_kex(); + void do_ssh2_kex(); +@@ -395,6 +428,7 @@ + int opt, sock_in = 0, sock_out = 0, newsock, i, fdsetsz, on = 1; + pid_t pid; socklen_t fromlen; -+ int connections_per_period_exceeded = 0; - int remote_major, remote_minor; ++ int connections_per_period_exceeded = 0; int silentrsa = 0; fd_set *fdset; -@@ -620,6 +659,12 @@ - fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask); - fdset = (fd_set *)xmalloc(fdsetsz); + struct sockaddr_storage from; +@@ -709,6 +743,12 @@ + fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask); + fdset = (fd_set *)xmalloc(fdsetsz); + /* Initialize the magic_connections table. It's magical! */ + magic_connections = calloc(MAGIC_CONNECTIONS_SIZE, @@ -80,7 +68,7 @@ /* * Stay listening for connections until the system crashes or * the daemon is killed with a signal. -@@ -651,9 +696,31 @@ +@@ -740,9 +780,31 @@ error("newsock del O_NONBLOCK: %s", strerror(errno)); continue; } @@ -114,7 +102,7 @@ */ if (debug_flag) { /* -@@ -667,6 +734,12 @@ +@@ -756,6 +818,12 @@ sock_out = newsock; pid = getpid(); break; @@ -127,235 +115,3 @@ } else { /* * Normal production daemon. Fork, and have -@@ -1152,6 +1225,14 @@ - return 0; - } - } -+ /* Fail if the account's expiration time has passed. */ -+ if (pw->pw_expire != 0) { -+ struct timeval tv; -+ -+ (void)gettimeofday(&tv, NULL); -+ if (tv.tv_sec >= pw->pw_expire) -+ return 0; -+ } - /* We found no reason not to let this user try to log on... */ - return 1; - } -@@ -1187,6 +1268,9 @@ - pwcopy.pw_gid = pw->pw_gid; - pwcopy.pw_dir = xstrdup(pw->pw_dir); - pwcopy.pw_shell = xstrdup(pw->pw_shell); -+ pwcopy.pw_class = xstrdup(pw->pw_class); -+ pwcopy.pw_expire = pw->pw_expire; -+ pwcopy.pw_change = pw->pw_change; - pw = &pwcopy; - - /* -@@ -1983,6 +2067,10 @@ - struct sockaddr_storage from; - socklen_t fromlen; - struct pty_cleanup_context cleanup_context; -+#ifdef LOGIN_CAP -+ login_cap_t *lc; -+ char *fname; -+#endif /* LOGIN_CAP */ - - /* Get remote host name. */ - hostname = get_canonical_hostname(); -@@ -2047,6 +2135,12 @@ - /* Check if .hushlogin exists. */ - snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); - quiet_login = stat(line, &st) >= 0; -+#ifdef LOGIN_CAP -+ lc = login_getpwclass(pw); -+ if (lc == NULL) -+ lc = login_getclassbyname(NULL, pw); -+ quiet_login = login_getcapbool(lc, "hushlogin", quiet_login); -+#endif /* LOGIN_CAP */ - - /* - * If the user has logged in before, display the time of last -@@ -2070,6 +2164,20 @@ - else - printf("Last login: %s from %s\r\n", time_string, buf); - } -+#ifdef LOGIN_CAP -+ if (command == NULL && !quiet_login && !options.use_login) { -+ fname = login_getcapstr(lc, "copyright", NULL, NULL); -+ if (fname != NULL && (f = fopen(fname, "r")) != NULL) { -+ while (fgets(line, sizeof(line), f) != NULL) -+ fputs(line, stdout); -+ fclose(f); -+ } else -+ (void)printf("%s\n\t%s %s\n", -+ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", -+ "The Regents of the University of California. ", -+ "All rights reserved."); -+ } -+#endif /* LOGIN_CAP */ - /* - * Print /etc/motd unless a command was specified or printing - * it was disabled in server options or login(1) will be -@@ -2078,14 +2186,22 @@ - */ - if (command == NULL && options.print_motd && !quiet_login && - !options.use_login) { -- /* Print /etc/motd if it exists. */ -+#ifdef LOGIN_CAP -+ fname = login_getcapstr(lc, "welcome", NULL, NULL); -+ login_close(lc); -+ if (fname == NULL || (f = fopen(fname, "r")) == NULL) -+ f = fopen("/etc/motd", "r"); -+#else /* LOGIN_CAP */ - f = fopen("/etc/motd", "r"); -+#endif /* LOGIN_CAP */ -+ /* Print /etc/motd if it exists. */ - if (f) { - while (fgets(line, sizeof(line), f)) - fputs(line, stdout); - fclose(f); - } - } -+ - /* Do common processing for the child, such as execing the command. */ - do_child(command, pw, term, display, auth_proto, auth_data, ttyname); - /* NOTREACHED */ -@@ -2221,7 +2337,8 @@ - const char *display, const char *auth_proto, - const char *auth_data, const char *ttyname) - { -- const char *shell, *cp = NULL; -+ char *shell; -+ const char *cp = NULL; - char buf[256]; - FILE *f; - unsigned int envsize, i; -@@ -2229,15 +2346,34 @@ - extern char **environ; - struct stat st; - char *argv[10]; -+#ifdef LOGIN_CAP -+ login_cap_t *lc; -+ -+ lc = login_getpwclass(pw); -+ if (lc == NULL) -+ lc = login_getclassbyname(NULL, pw); -+#endif /* LOGIN_CAP */ - - f = fopen("/etc/nologin", "r"); -+#ifdef __FreeBSD__ -+ if (f == NULL) -+ f = fopen("/var/run/nologin", "r"); -+#endif /* __FreeBSD__ */ - if (f) { - /* /etc/nologin exists. Print its contents and exit. */ -- while (fgets(buf, sizeof(buf), f)) -- fputs(buf, stderr); -- fclose(f); -- if (pw->pw_uid != 0) -- exit(254); -+#ifdef LOGIN_CAP -+ /* On FreeBSD, etc., allow overriding nologin via login.conf. */ -+ if (!login_getcapbool(lc, "ignorenologin", 0)) { -+#else /* LOGIN_CAP */ -+ if (1) { -+#endif /* LOGIN_CAP */ -+ while (fgets(buf, sizeof(buf), f)) -+ fputs(buf, stderr); -+ fclose(f); -+ if (pw->pw_uid != 0) -+ exit(254); -+ } -+ - } - /* Set login name in the kernel. */ - if (setlogin(pw->pw_name) < 0) -@@ -2247,6 +2383,13 @@ - /* Login(1) does this as well, and it needs uid 0 for the "-h" - switch, so we let login(1) to this for us. */ - if (!options.use_login) { -+#ifdef LOGIN_CAP -+ if (setclasscontext(pw->pw_class, LOGIN_SETPRIORITY | -+ LOGIN_SETRESOURCES | LOGIN_SETUMASK) == -1) { -+ perror("setclasscontext"); -+ exit(1); -+ } -+#endif /* LOGIN_CAP */ - if (getuid() == 0 || geteuid() == 0) { - if (setgid(pw->pw_gid) < 0) { - perror("setgid"); -@@ -2269,7 +2412,14 @@ - * Get the shell from the password data. An empty shell field is - * legal, and means /bin/sh. - */ -+#ifdef LOGIN_CAP -+ shell = pw->pw_shell; -+ shell = login_getcapstr(lc, "shell", shell, shell); -+ if (shell[0] == '\0') -+ shell = _PATH_BSHELL; -+#else /* LOGIN_CAP */ - shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; -+#endif /* LOGIN_CAP */ - - #ifdef AFS - /* Try to get AFS tokens for the local cell. */ -@@ -2293,7 +2443,12 @@ - child_set_env(&env, &envsize, "USER", pw->pw_name); - child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); - child_set_env(&env, &envsize, "HOME", pw->pw_dir); -+#ifdef LOGIN_CAP -+ child_set_env(&env, &envsize, "PATH", -+ login_getpath(lc, "path", _PATH_STDPATH)); -+#else /* LOGIN_CAP */ - child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); -+#endif /* LOGIN_CAP */ - - snprintf(buf, sizeof buf, "%.200s/%.50s", - _PATH_MAILDIR, pw->pw_name); -@@ -2383,13 +2538,17 @@ - */ - endpwent(); - -+#ifdef LOGIN_CAP -+ login_close(lc); -+#endif /* LOGIN_CAP */ -+ - /* - * Close any extra open file descriptors so that we don\'t have them - * hanging around in clients. Note that we want to do this after - * initgroups, because at least on Solaris 2.3 it leaves file - * descriptors open. - */ -- for (i = 3; i < 64; i++) -+ for (i = 3; i < getdtablesize(); i++) - close(i); - - /* Change current directory to the user\'s home directory. */ -@@ -2408,6 +2567,26 @@ - * in this order). - */ - if (!options.use_login) { -+#ifdef __FreeBSD__ -+ /* -+ * If the password change time is set and has passed, give the -+ * user a password expiry notice and chance to change it. -+ */ -+ if (pw->pw_change != 0) { -+ struct timeval tv; -+ -+ (void)gettimeofday(&tv, NULL); -+ if (tv.tv_sec >= pw->pw_change) { -+ (void)printf( -+ "Sorry -- your password has expired.\n"); -+ syslog(LOG_INFO, -+ "%s Password expired - forcing change", -+ pw->pw_name); -+ if (system("/usr/bin/passwd") != 0) -+ perror("/usr/bin/passwd"); -+ } -+ } -+#endif /* __FreeBSD__ */ - if (stat(SSH_USER_RC, &st) >= 0) { - if (debug_flag) - fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC); diff --git a/security/openssh/files/patch-ap b/security/openssh/files/patch-ap index 101b456fbafc..f0026846addb 100644 --- a/security/openssh/files/patch-ap +++ b/security/openssh/files/patch-ap @@ -1,32 +1,32 @@ ---- servconf.c.orig Sun Dec 5 01:48:12 1999 -+++ servconf.c Sun Dec 5 01:57:57 1999 -@@ -63,6 +63,8 @@ - options->num_deny_users = 0; - options->num_allow_groups = 0; +--- servconf.c.orig Thu Apr 20 17:55:11 2000 ++++ servconf.c Thu Apr 20 18:00:08 2000 +@@ -71,6 +71,8 @@ options->num_deny_groups = 0; + options->ciphers = NULL; + options->protocol = SSH_PROTO_UNKNOWN; + options->connections_per_period = 0; + options->connections_period = 0; } - void -@@ -161,7 +163,7 @@ + void +@@ -163,7 +165,7 @@ + #ifdef SKEY + sSkeyAuthentication, + #endif +- sPasswordAuthentication, sListenAddress, ++ sPasswordAuthentication, sListenAddress, sConnectionsPerPeriod, sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, -- sIgnoreUserKnownHosts -+ sIgnoreUserKnownHosts, sConnectionsPerPeriod - } ServerOpCodes; - - /* Textual representation of the tokens. */ -@@ -209,6 +211,7 @@ - { "denyusers", sDenyUsers }, - { "allowgroups", sAllowGroups }, +@@ -218,6 +220,7 @@ { "denygroups", sDenyGroups }, + { "ciphers", sCiphers }, + { "protocol", sProtocol }, + { "connectionsperperiod", sConnectionsPerPeriod }, { NULL, 0 } }; -@@ -270,7 +273,11 @@ +@@ -327,7 +330,11 @@ filename, linenum); exit(1); } @@ -39,64 +39,12 @@ if (*intptr == -1) *intptr = value; break; -@@ -466,63 +473,65 @@ - - case sAllowUsers: - while ((cp = strtok(NULL, WHITESPACE))) { -- if (options->num_allow_users >= MAX_ALLOW_USERS) { -- fprintf(stderr, "%s line %d: too many allow users.\n", -- filename, linenum); -- exit(1); -- } -+ if (options->num_allow_users >= MAX_ALLOW_USERS) -+ fatal("%.200s line %d: too many allow users.\n", filename, -+ linenum); - options->allow_users[options->num_allow_users++] = xstrdup(cp); - } - break; - - case sDenyUsers: - while ((cp = strtok(NULL, WHITESPACE))) { -- if (options->num_deny_users >= MAX_DENY_USERS) { -- fprintf(stderr, "%s line %d: too many deny users.\n", -- filename, linenum); -- exit(1); -- } -+ if (options->num_deny_users >= MAX_DENY_USERS) -+ fatal("%.200s line %d: too many deny users.\n", filename, -+ linenum); - options->deny_users[options->num_deny_users++] = xstrdup(cp); - } - break; - - case sAllowGroups: - while ((cp = strtok(NULL, WHITESPACE))) { -- if (options->num_allow_groups >= MAX_ALLOW_GROUPS) { -- fprintf(stderr, "%s line %d: too many allow groups.\n", -- filename, linenum); -- exit(1); -- } -+ if (options->num_allow_groups >= MAX_ALLOW_GROUPS) -+ fatal("%.200s line %d: too many allow groups.\n", filename, -+ linenum); - options->allow_groups[options->num_allow_groups++] = xstrdup(cp); - } - break; - - case sDenyGroups: - while ((cp = strtok(NULL, WHITESPACE))) { -- if (options->num_deny_groups >= MAX_DENY_GROUPS) { -- fprintf(stderr, "%s line %d: too many deny groups.\n", -- filename, linenum); -- exit(1); -- } -+ if (options->num_deny_groups >= MAX_DENY_GROUPS) -+ fatal("%.200s line %d: too many deny groups.\n", filename, -+ linenum); +@@ -551,6 +558,21 @@ + filename, linenum); options->deny_groups[options->num_deny_groups++] = xstrdup(cp); } - break; - ++ break; ++ + case sConnectionsPerPeriod: + cp = strtok(NULL, WHITESPACE); + if (cp == NULL) @@ -110,29 +58,6 @@ + options->connections_period == 0) + fatal("%.200s line %d: invalid connections period.\n", + filename, linenum); -+ break; -+ - default: -- fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", -+ fatal("%.200s line %d: Missing handler for opcode %s (%d)\n", - filename, linenum, cp, opcode); -- exit(1); -- } -- if (strtok(NULL, WHITESPACE) != NULL) { -- fprintf(stderr, "%s line %d: garbage at end of line.\n", -- filename, linenum); -- exit(1); - } -+ if (strtok(NULL, WHITESPACE) != NULL) -+ fatal("%.200s line %d: garbage at end of line.\n", filename, -+ linenum); - } - fclose(f); -- if (bad_options > 0) { -- fprintf(stderr, "%s: terminating, %d bad configuration options\n", -+ if (bad_options > 0) -+ fatal("%.200s: terminating, %d bad configuration options\n", - filename, bad_options); -- exit(1); -- } - } + break; + + case sCiphers: diff --git a/security/openssh/files/patch-au b/security/openssh/files/patch-au new file mode 100644 index 000000000000..9c728ca4fff7 --- /dev/null +++ b/security/openssh/files/patch-au @@ -0,0 +1,201 @@ +--- session.c.orig Thu Apr 20 18:05:07 2000 ++++ session.c Thu Apr 20 18:12:07 2000 +@@ -27,6 +27,18 @@ + #include "ssh2.h" + #include "auth.h" + ++#ifdef __FreeBSD__ ++#include <libutil.h> ++#include <poll.h> ++#include <syslog.h> ++#include <time.h> ++#define LOGIN_CAP ++#endif /* __FreeBSD__ */ ++ ++#ifdef LOGIN_CAP ++#include <login_cap.h> ++#endif /* LOGIN_CAP */ ++ + /* types */ + + #define TTYSZ 64 +@@ -497,6 +509,10 @@ + struct sockaddr_storage from; + struct stat st; + time_t last_login_time; ++#ifdef LOGIN_CAP ++ login_cap_t *lc; ++ char *fname; ++#endif /* LOGIN_CAP */ + + if (s == NULL) + fatal("do_exec_pty: no session"); +@@ -567,6 +583,12 @@ + /* Check if .hushlogin exists. */ + snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); + quiet_login = stat(line, &st) >= 0; ++#ifdef LOGIN_CAP ++ lc = login_getpwclass(pw); ++ if (lc == NULL) ++ lc = login_getclassbyname(NULL, pw); ++ quiet_login = login_getcapbool(lc, "hushlogin", quiet_login); ++#endif /* LOGIN_CAP */ + + /* + * If the user has logged in before, display the time of last +@@ -590,6 +612,20 @@ + else + printf("Last login: %s from %s\r\n", time_string, buf); + } ++#ifdef LOGIN_CAP ++ if (command == NULL && !quiet_login && !options.use_login) { ++ fname = login_getcapstr(lc, "copyright", NULL, NULL); ++ if (fname != NULL && (f = fopen(fname, "r")) != NULL) { ++ while (fgets(line, sizeof(line), f) != NULL) ++ fputs(line, stdout); ++ fclose(f); ++ } else ++ (void)printf("%s\n\t%s %s\n", ++ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", ++ "The Regents of the University of California. ", ++ "All rights reserved."); ++ } ++#endif /* LOGIN_CAP */ + /* + * Print /etc/motd unless a command was specified or printing + * it was disabled in server options or login(1) will be +@@ -599,7 +635,18 @@ + if (command == NULL && options.print_motd && !quiet_login && + !options.use_login) { + /* Print /etc/motd if it exists. */ ++#ifdef LOGIN_CAP ++ fname = login_getcapstr(lc, "welcome", NULL, NULL); ++ login_close(lc); ++ if (fname != NULL) { ++ f = fopen(fname, "r"); ++ if (f == NULL) ++ f = fopen("/etc/motd", "r"); ++ } else ++ f = fopen("/etc/motd", "r"); ++#else /* LOGIN_CAP */ + f = fopen("/etc/motd", "r"); ++#endif /* LOGIN_CAP */ + if (f) { + while (fgets(line, sizeof(line), f)) + fputs(line, stdout); +@@ -737,9 +784,25 @@ + extern char **environ; + struct stat st; + char *argv[10]; ++#ifdef LOGIN_CAP ++ login_cap_t *lc; ++ ++ lc = login_getpwclass(pw); ++ if (lc == NULL) ++ lc = login_getclassbyname(NULL, pw); ++#endif /* LOGIN_CAP */ + + f = fopen("/etc/nologin", "r"); ++#ifdef __FreeBSD__ ++ if (f == NULL) ++ f = fopen("/var/run/nologin", "r"); ++#endif /* __FreeBSD__ */ ++#ifdef LOGIN_CAP ++ /* on FreeBSD, etc., allow overriding nologin via login.conf. */ ++ if (f != NULL && !login_getcapbool(lc, "ignorenologin", 0)) { ++#else /* LOGIN_CAP */ + if (f) { ++#endif /* LOGIN_CAP */ + /* /etc/nologin exists. Print its contents and exit. */ + while (fgets(buf, sizeof(buf), f)) + fputs(buf, stderr); +@@ -755,6 +818,13 @@ + /* Login(1) does this as well, and it needs uid 0 for the "-h" + switch, so we let login(1) to this for us. */ + if (!options.use_login) { ++#ifdef LOGIN_CAP ++ if (setclasscontext(pw->pw_class, LOGIN_SETPRIORITY | ++ LOGIN_SETRESOURCES | LOGIN_SETUMASK) == -1) { ++ perror("setclasscontext"); ++ exit(1); ++ } ++#endif /* LOGIN_CAP */ + if (getuid() == 0 || geteuid() == 0) { + if (setgid(pw->pw_gid) < 0) { + perror("setgid"); +@@ -777,7 +847,14 @@ + * Get the shell from the password data. An empty shell field is + * legal, and means /bin/sh. + */ ++#ifdef LOGIN_CAP ++ shell = pw->pw_shell; ++ shell = login_getcapstr(lc, "shell", shell, shell); ++ if (shell[0] == '\0') ++ shell = _PATH_BSHELL; ++#else /* LOGIN_CAP */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; ++#endif /* LOGIN_CAP */ + + #ifdef AFS + /* Try to get AFS tokens for the local cell. */ +@@ -801,7 +878,12 @@ + child_set_env(&env, &envsize, "USER", pw->pw_name); + child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); + child_set_env(&env, &envsize, "HOME", pw->pw_dir); ++#ifdef LOGIN_CAP ++ child_set_env(&env, &envsize, "PATH", ++ login_getpath(lc, "path", _PATH_STDPATH)); ++#else /* LOGIN_CAP */ + child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); ++#endif /* LOGIN_CAP */ + + snprintf(buf, sizeof buf, "%.200s/%.50s", + _PATH_MAILDIR, pw->pw_name); +@@ -890,6 +972,9 @@ + * descriptors left by system functions. They will be closed later. + */ + endpwent(); ++#ifdef LOGIN_CAP ++ login_close(lc); ++#endif /* LOGIN_CAP */ + + /* + * Close any extra open file descriptors so that we don\'t have them +@@ -897,7 +982,7 @@ + * initgroups, because at least on Solaris 2.3 it leaves file + * descriptors open. + */ +- for (i = 3; i < 64; i++) ++ for (i = 3; i < getdtablesize(); i++) + close(i); + + /* Change current directory to the user\'s home directory. */ +@@ -916,7 +1001,27 @@ + * in this order). + */ + if (!options.use_login) { +- if (stat(SSH_USER_RC, &st) >= 0) { ++#ifdef __FreeBSD__ ++ /* ++ * If the password change time is set and has passed, give the ++ * user a password expiry notice and chance to change it. ++ */ ++ if (pw->pw_change != 0) { ++ struct timeval tv; ++ ++ (void)gettimeofday(&tv, NULL); ++ if (tv.tv_sec >= pw->pw_change) { ++ (void)printf( ++ "Sorry -- your password has expired.\n"); ++ syslog(LOG_INFO, ++ "%s Password expired - forcing change", ++ pw->pw_name); ++ if (system("/usr/bin/passwd") != 0) ++ perror("/usr/bin/passwd"); ++ } ++ } ++#endif /* __FreeBSD__ */ ++ if (stat(SSH_USER_RC, &st) >= 0) { + if (debug_flag) + fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC); + diff --git a/security/openssh/files/patch-av b/security/openssh/files/patch-av new file mode 100644 index 000000000000..88cc6a43fd68 --- /dev/null +++ b/security/openssh/files/patch-av @@ -0,0 +1,39 @@ +--- auth.c.orif Thu Apr 20 17:21:58 2000 ++++ auth.c Thu Apr 20 17:50:06 2000 +@@ -26,7 +26,6 @@ + #include "session.h" + #include "dispatch.h" + +- + /* import */ + extern ServerOptions options; + extern char *forced_command; +@@ -106,6 +105,16 @@ + return 0; + } + } ++#ifdef __FreeBSD__ ++ /* Fail if the account's expiration time has passed. */ ++ if (pw->pw_expire != 0) { ++ struct timeval tv; ++ ++ (void)gettimeofday(&tv, NULL); ++ if (tv.tv_sec >= pw->pw_expire) ++ return 0; ++ } ++#endif /* __FreeBSD__ */ + /* We found no reason not to let this user try to log on... */ + return 1; + } +@@ -523,6 +532,11 @@ + pwcopy.pw_gid = pw->pw_gid; + pwcopy.pw_dir = xstrdup(pw->pw_dir); + pwcopy.pw_shell = xstrdup(pw->pw_shell); ++#ifdef __FreeBSD__ ++ pwcopy.pw_class = xstrdup(pw->pw_class); ++ pwcopy.pw_expire = pw->pw_expire; ++ pwcopy.pw_change = pw->pw_change; ++#endif /* __FreeBSD__ */ + pw = &pwcopy; + + /* |