diff options
| -rw-r--r-- | sysutils/tmate/Makefile | 3 | ||||
| -rw-r--r-- | sysutils/tmate/distinfo | 6 | ||||
| -rw-r--r-- | sysutils/tmate/files/patch-options-table.c | 43 | ||||
| -rw-r--r-- | sysutils/tmate/files/patch-tmate-session.c | 10 | ||||
| -rw-r--r-- | sysutils/tmate/files/patch-tmate-ssh-client.c | 102 |
5 files changed, 18 insertions, 146 deletions
diff --git a/sysutils/tmate/Makefile b/sysutils/tmate/Makefile index b6b336daa0a4..cb3d14f14b4a 100644 --- a/sysutils/tmate/Makefile +++ b/sysutils/tmate/Makefile @@ -1,8 +1,7 @@ # $FreeBSD$ PORTNAME= tmate -PORTVERSION= 2.2.1 -PORTREVISION= 4 +PORTVERSION= 2.4.0 CATEGORIES= sysutils MAINTAINER= swills@FreeBSD.org diff --git a/sysutils/tmate/distinfo b/sysutils/tmate/distinfo index c9ce93242bb7..0ec06727e3a9 100644 --- a/sysutils/tmate/distinfo +++ b/sysutils/tmate/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1463695696 -SHA256 (tmate-io-tmate-2.2.1_GH0.tar.gz) = d9c2ac59f42e65aac5f500f0548ea8056fd79c9c5285e5af324d833e2a84c305 -SIZE (tmate-io-tmate-2.2.1_GH0.tar.gz) = 610745 +TIMESTAMP = 1594953998 +SHA256 (tmate-io-tmate-2.4.0_GH0.tar.gz) = 62b61eb12ab394012c861f6b48ba0bc04ac8765abca13bdde5a4d9105cb16138 +SIZE (tmate-io-tmate-2.4.0_GH0.tar.gz) = 614179 diff --git a/sysutils/tmate/files/patch-options-table.c b/sysutils/tmate/files/patch-options-table.c index 4400b5c98455..ce8ac2caa94d 100644 --- a/sysutils/tmate/files/patch-options-table.c +++ b/sysutils/tmate/files/patch-options-table.c @@ -1,40 +1,25 @@ ---- options-table.c.orig 2016-03-29 03:30:07 UTC +--- options-table.c.orig 2020-07-17 03:22:27 UTC +++ options-table.c -@@ -925,15 +925,34 @@ const struct options_table_entry options_table[] = { +@@ -925,19 +925,19 @@ const struct options_table_entry options_table[] = { { .name = "tmate-server-rsa-fingerprint", .type = OPTIONS_TABLE_STRING, .scope = OPTIONS_TABLE_SERVER, -- .default_str = "af:2d:81:c1:fe:49:70:2d:7f:09:a9:d7:4b:32:e3:be" -+ .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" +- .default_str = "SHA256:Hthk2T/M/Ivqfk1YYUn5ijC2Att3+UPzD7Rn72P5VWs" ++ .default_str = "SHA256:0000000000000000000000000000000000000000000" }, { .name = "tmate-server-ecdsa-fingerprint", .type = OPTIONS_TABLE_STRING, .scope = OPTIONS_TABLE_SERVER, -- .default_str = "c7:a1:51:36:d2:bb:35:4b:0a:1a:c0:43:97:74:ea:42" -+ .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" +- .default_str = "SHA256:8GmKHYHEJ6n0TEdciHeEGkKOigQfCFuBULdt6vZIhDc" ++ .default_str = "SHA256:0000000000000000000000000000000000000000000" }, -- -+ { .name = "tmate-server-dss-fingerprint", -+ .type = OPTIONS_TABLE_STRING, -+ .scope = OPTIONS_TABLE_SERVER, -+ .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" -+ }, -+ { .name = "tmate-server-ed25519-fingerprint", -+ .type = OPTIONS_TABLE_STRING, -+ .scope = OPTIONS_TABLE_SERVER, -+ .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" -+ }, -+ { .name = "tmate-server-dss-cert01-fingerprint", -+ .type = OPTIONS_TABLE_STRING, -+ .scope = OPTIONS_TABLE_SERVER, -+ .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" -+ }, -+ { .name = "tmate-server-rsa-cert01-fingerprint", -+ .type = OPTIONS_TABLE_STRING, -+ .scope = OPTIONS_TABLE_SERVER, -+ .default_str = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" -+ }, + + { .name = "tmate-server-ed25519-fingerprint", + .type = OPTIONS_TABLE_STRING, + .scope = OPTIONS_TABLE_SERVER, +- .default_str = "SHA256:jfttvoypkHiQYUqUCwKeqd9d1fJj/ZiQlFOHVl6E9sI" ++ .default_str = "SHA256:0000000000000000000000000000000000000000000" + }, + { .name = "tmate-display-time", - .type = OPTIONS_TABLE_NUMBER, - .scope = OPTIONS_TABLE_SESSION, diff --git a/sysutils/tmate/files/patch-tmate-session.c b/sysutils/tmate/files/patch-tmate-session.c deleted file mode 100644 index dbf7cfef2808..000000000000 --- a/sysutils/tmate/files/patch-tmate-session.c +++ /dev/null @@ -1,10 +0,0 @@ ---- tmate-session.c.orig 2016-03-29 03:30:07 UTC -+++ tmate-session.c -@@ -8,6 +8,7 @@ - #include <stdlib.h> - #include <string.h> - #include <assert.h> -+#include <netinet/in.h> - - #include "tmate.h" - diff --git a/sysutils/tmate/files/patch-tmate-ssh-client.c b/sysutils/tmate/files/patch-tmate-ssh-client.c deleted file mode 100644 index 0e6b0d88a27b..000000000000 --- a/sysutils/tmate/files/patch-tmate-ssh-client.c +++ /dev/null @@ -1,102 +0,0 @@ ---- tmate-ssh-client.c.orig 2016-03-29 03:30:07 UTC -+++ tmate-ssh-client.c -@@ -3,6 +3,7 @@ - #include <stdio.h> - #include <event.h> - #include <assert.h> -+#include <netinet/in.h> - - #include "tmate.h" - #include "window-copy.h" -@@ -195,6 +196,7 @@ static void on_ssh_client_event(struct tmate_ssh_clien - ssize_t hash_len; - char *hash_str; - const char *server_hash_str; -+ const char *key_type_name; - int match; - - int verbosity = SSH_LOG_NOLOG + log_get_level(); -@@ -257,43 +259,80 @@ static void on_ssh_client_event(struct tmate_ssh_clien - } - - case SSH_AUTH_SERVER: -+ tmate_debug("Starting SSH_AUTH_SERVER"); - if (ssh_get_publickey(session, &pubkey) < 0) - tmate_fatal("ssh_get_publickey"); - -- if (ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5, &hash, &hash_len) < 0) { -+ if (ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_SHA1, &hash, &hash_len) < 0) { -+ tmate_debug("failed to get public key hash"); - kill_ssh_client(client, "Cannot authenticate server"); - return; - } -+ tmate_debug("got public key hash"); - - hash_str = ssh_get_hexa(hash, hash_len); - if (!hash_str) - tmate_fatal("malloc failed"); - - key_type = ssh_key_type(pubkey); -+ key_type_name = ssh_key_type_to_char(key_type); -+ if (key_type_name == NULL) { -+ tmate_debug("failed to get public key type name"); -+ return; -+ } - - switch (key_type) { - case SSH_KEYTYPE_RSA: - server_hash_str = options_get_string(global_options, - "tmate-server-rsa-fingerprint"); -+ tmate_debug("found rsa fingerprint"); - break; - case SSH_KEYTYPE_ECDSA: - server_hash_str = options_get_string(global_options, - "tmate-server-ecdsa-fingerprint"); -+ tmate_debug("found ecdsa fingerprint"); - break; -+ case SSH_KEYTYPE_DSS: -+ server_hash_str = options_get_string(global_options, -+ "tmate-server-dss-fingerprint"); -+ tmate_debug("found dss fingerprint"); -+ break; -+ case SSH_KEYTYPE_ED25519: -+ server_hash_str = options_get_string(global_options, -+ "tmate-server-ed25519-fingerprint"); -+ tmate_debug("found ed25519 fingerprint"); -+ break; -+ case SSH_KEYTYPE_DSS_CERT01: -+ server_hash_str = options_get_string(global_options, -+ "tmate-server-dss-cert01-fingerprint"); -+ tmate_debug("found dss_cert01 fingerprint"); -+ break; -+ case SSH_KEYTYPE_RSA_CERT01: -+ server_hash_str = options_get_string(global_options, -+ "tmate-server-rsa-cert01-fingerprint"); -+ tmate_debug("found rsa_cert01 fingerprint"); -+ break; -+ case SSH_KEYTYPE_UNKNOWN: -+ tmate_debug("found unknown fingerprint?"); -+ break; - default: - server_hash_str = ""; -+ tmate_debug("found no fingerprint?"); - } - - match = !strcmp(hash_str, server_hash_str); - - ssh_key_free(pubkey); - ssh_clean_pubkey_hash(&hash); -- free(hash_str); - - if (!match) { -- kill_ssh_client(client, "Cannot authenticate server"); -+ tmate_debug("Key mismatch: type: %s expected: %s found: %s", key_type_name, server_hash_str, hash_str); -+ kill_ssh_client(client, "Cannot authenticate server: Key mismatch: type: %s expected: %s found: %s", key_type_name, server_hash_str, hash_str); -+ free(hash_str); - return; - } -+ -+ free(hash_str); - - /* - * At this point, we abort other connection attempts to the |