diff options
Diffstat (limited to 'security/ssh2/files')
| -rw-r--r-- | security/ssh2/files/patch-ab | 12 | ||||
| -rw-r--r-- | security/ssh2/files/patch-ac | 40 | ||||
| -rw-r--r-- | security/ssh2/files/patch-ad | 13 | ||||
| -rw-r--r-- | security/ssh2/files/patch-af | 156 | ||||
| -rw-r--r-- | security/ssh2/files/patch-aj | 12 | ||||
| -rw-r--r-- | security/ssh2/files/patch-al | 12 | 
6 files changed, 159 insertions, 86 deletions
| diff --git a/security/ssh2/files/patch-ab b/security/ssh2/files/patch-ab index caa40dcd89fb..fb3ded791e3f 100644 --- a/security/ssh2/files/patch-ab +++ b/security/ssh2/files/patch-ab @@ -1,5 +1,5 @@ -*** configure.orig	Thu Mar 27 09:04:06 1997 ---- configure	Fri Mar 28 15:18:56 1997 +*** configure.orig	Sun Apr  6 03:56:58 1997 +--- configure	Wed Apr 16 22:52:47 1997  ***************  *** 1634,1645 **** @@ -33,7 +33,7 @@    ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`    echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6  *************** -*** 6696,6702 **** +*** 6749,6755 ****    cat >> $CONFIG_STATUS <<EOF @@ -41,7 +41,7 @@    EOF    cat >> $CONFIG_STATUS <<\EOF    for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then ---- 6690,6696 ---- +--- 6743,6749 ----    cat >> $CONFIG_STATUS <<EOF @@ -50,8 +50,8 @@    cat >> $CONFIG_STATUS <<\EOF    for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then  *************** -*** 6900,6905 **** ---- 6894,6901 ---- +*** 6953,6958 **** +--- 6947,6954 ----      done      for ac_config_dir in gmp-2.0.2-ssh-2; do diff --git a/security/ssh2/files/patch-ac b/security/ssh2/files/patch-ac index 31084324b943..6823f8a5bd28 100644 --- a/security/ssh2/files/patch-ac +++ b/security/ssh2/files/patch-ac @@ -1,7 +1,7 @@ -*** Makefile.in.orig	Thu Mar 27 09:04:06 1997 ---- Makefile.in	Fri Mar 28 15:36:08 1997 +*** Makefile.in.orig	Sun Apr  6 03:56:58 1997 +--- Makefile.in	Wed Apr 16 22:59:17 1997  *************** -*** 225,236 **** +*** 229,240 ****    SHELL = /bin/sh    GMPDIR 		= gmp-2.0.2-ssh-2 @@ -14,7 +14,7 @@    RSAREFDIR	= rsaref2    RSAREFSRCDIR 	= $(RSAREFDIR)/source ---- 225,242 ---- +--- 229,246 ----    SHELL = /bin/sh    GMPDIR 		= gmp-2.0.2-ssh-2 @@ -34,7 +34,7 @@    RSAREFDIR	= rsaref2    RSAREFSRCDIR 	= $(RSAREFDIR)/source  *************** -*** 324,330 **** +*** 328,334 ****    	$(CC) -o rfc-pg rfc-pg.o    .c.o: @@ -42,7 +42,7 @@    sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)    	-rm -f sshd ---- 330,336 ---- +--- 334,340 ----    	$(CC) -o rfc-pg rfc-pg.o    .c.o: @@ -51,7 +51,7 @@    sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)    	-rm -f sshd  *************** -*** 361,379 **** +*** 365,383 ****    	sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts    	chmod +x make-ssh-known-hosts @@ -71,7 +71,7 @@    $(RSAREFSRCDIR)/librsaref.a:    	-if test '!' -d $(RSAREFDIR); then \ ---- 367,385 ---- +--- 371,389 ----    	sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts    	chmod +x make-ssh-known-hosts @@ -92,24 +92,24 @@    $(RSAREFSRCDIR)/librsaref.a:    	-if test '!' -d $(RSAREFDIR); then \  *************** -*** 430,436 **** +*** 434,440 ****    # (otherwise it can only log in as the user it runs as, and must be    # bound to a non-privileged port).  Also, password authentication may    # not be available if non-root and using shadow passwords.  ! install: $(PROGRAMS) make-dirs generate-host-key install-configs -  	$(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh -  	-if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \ -  	  rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \ ---- 436,442 ---- +  	-rm -f $(install_prefix)$(bindir)/ssh.old +  	-mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old +  	-chmod 755 $(install_prefix)$(bindir)/ssh.old +--- 440,446 ----    # (otherwise it can only log in as the user it runs as, and must be    # bound to a non-privileged port).  Also, password authentication may    # not be available if non-root and using shadow passwords.  ! install: $(PROGRAMS) make-dirs install-configs -  	$(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh -  	-if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \ -  	  rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \ +  	-rm -f $(install_prefix)$(bindir)/ssh.old +  	-mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old +  	-chmod 755 $(install_prefix)$(bindir)/ssh.old  *************** -*** 531,557 **** +*** 543,569 ****    clean:    	-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg @@ -137,7 +137,7 @@    	tar pcf $(DISTNAME).tar $(DISTNAME)    	-rm -f $(DISTNAME).tar.gz    	gzip $(DISTNAME).tar ---- 537,563 ---- +--- 549,575 ----    clean:    	-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg @@ -166,7 +166,7 @@    	-rm -f $(DISTNAME).tar.gz    	gzip $(DISTNAME).tar  *************** -*** 563,569 **** +*** 575,581 ****    	 (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null    depend: @@ -174,7 +174,7 @@    tags:    	-rm -f TAGS ---- 569,575 ---- +--- 581,587 ----    	 (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null    depend: diff --git a/security/ssh2/files/patch-ad b/security/ssh2/files/patch-ad deleted file mode 100644 index 536cf9cf642a..000000000000 --- a/security/ssh2/files/patch-ad +++ /dev/null @@ -1,13 +0,0 @@ -*** ssh-agent.c.bak	Thu Mar 27 09:04:12 1997 ---- ssh-agent.c	Tue Apr  1 08:08:06 1997 -*************** -*** 586,591 **** ---- 586,593 ---- -  	av++; -  	ac--; -        } -+     else -+       break; -    } -    if (erflg) -      { diff --git a/security/ssh2/files/patch-af b/security/ssh2/files/patch-af index bd1982e6e60a..81068869685f 100644 --- a/security/ssh2/files/patch-af +++ b/security/ssh2/files/patch-af @@ -1,8 +1,8 @@ -*** sshd.c.orig	Thu Mar 27 09:04:08 1997 ---- sshd.c	Sat Mar 29 02:11:03 1997 +*** sshd.c.orig	Sun Apr  6 03:57:00 1997 +--- sshd.c	Wed Apr 16 23:27:28 1997  *************** -*** 370,375 **** ---- 370,379 ---- +*** 379,384 **** +--- 379,388 ----    #include "firewall.h"	/* TIS authsrv authentication */    #endif @@ -14,18 +14,76 @@    #define DEFAULT_SHELL		_PATH_BSHELL    #else  *************** -*** 2697,2702 **** ---- 2701,2716 ---- +*** 2617,2622 **** +--- 2621,2629 ---- +    struct sockaddr_in from; +    int fromlen; +    struct pty_cleanup_context cleanup_context; ++ #ifdef HAVE_LOGIN_CAP_H ++   login_cap_t *lc; ++ #endif +   +    /* We no longer need the child running on user's privileges. */ +    userfile_uninit(); +*************** +*** 2688,2698 **** +        record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,  +  		   &from); +   +        /* Check if .hushlogin exists.  Note that we cannot use userfile +           here because we are in the child. */ +        sprintf(line, "%.200s/.hushlogin", pw->pw_dir); +        quiet_login = stat(line, &st) >= 0; +!        +        /* If the user has logged in before, display the time of last login.  +           However, don't display anything extra if a command has been  +  	 specified (so that ssh can be used to execute commands on a remote +--- 2695,2713 ---- +        record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,  +  		   &from); +   ++ #ifdef HAVE_LOGIN_CAP_H ++       lc = login_getclass(pw); ++ #endif ++  +        /* Check if .hushlogin exists.  Note that we cannot use userfile +           here because we are in the child. */ +        sprintf(line, "%.200s/.hushlogin", pw->pw_dir); +        quiet_login = stat(line, &st) >= 0; +!  +! #ifdef HAVE_LOGIN_CAP_H +!       quiet_login = login_getcapbool(lc, "hushlogin", quiet_login); +! #endif +!  +        /* If the user has logged in before, display the time of last login.  +           However, don't display anything extra if a command has been  +  	 specified (so that ssh can be used to execute commands on a remote +*************** +*** 2712,2717 **** +--- 2727,2755 ----    	    printf("Last login: %s from %s\r\n", time_string, buf);    	}  + #ifdef __FreeBSD__  +       if (command == NULL && !quiet_login)  + 	{ -+ 	  printf("%s\n\t%s  %s\n\n", ++ #ifdef HAVE_LOGIN_CAP_H ++ 	  char *cw; ++ 	  FILE *f; ++  ++ 	  cw = login_getcapstr(lc, "copyright", NULL, NULL); ++ 	  if (cw != NULL && (f = fopen(cw, "r")) != NULL) ++ 	    { ++ 	      while (fgets(line, sizeof(line), f)) ++ 		fputs(line, stdout); ++ 	      fclose(f); ++ 	    } ++ 	  else ++ #endif ++ 	    printf("%s\n\t%s  %s\n\n",  + 	    "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", -+ 		    "The Regents of the University of California. ", -+ 		    "All rights reserved."); ++ 	    "The Regents of the University of California. ", ++ 	    "All rights reserved.");  + 	}  + #endif  +        @@ -33,25 +91,53 @@    	 disabled in server options.  Note that some machines appear to    	 print it in /etc/profile or similar. */  *************** -*** 2714,2719 **** ---- 2728,2742 ---- +*** 2721,2727 **** +--- 2759,2769 ---- +  	  FILE *f; +   +  	  /* Print /etc/motd if it exists. */ ++ #ifdef HAVE_LOGIN_CAP_H ++ 	  f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", "/etc/motd"), "r"); ++ #else +  	  f = fopen("/etc/motd", "r"); ++ #endif +  	  if (f) +  	    { +  	      while (fgets(line, sizeof(line), f)) +*************** +*** 2729,2734 **** +--- 2771,2799 ----    	      fclose(f);    	    }    	}  + #ifdef __FreeBSD__  +       if (command == NULL && !quiet_login)  + 	{ ++ #ifdef HAVE_LOGIN_CAP_H ++ 	  char *mp = getenv("MAIL"); ++  ++ 	  if (mp != NULL) ++ 	    { ++ 		strncpy(line, mp, sizeof line); ++ 		line[sizeof line - 1] = '\0'; ++ 	    } ++ 	  else ++ #endif  + 	  sprintf(line, "%s/%.200s", _PATH_MAILDIR, pw->pw_name);  + 	  if (stat(line, &st) == 0 && st.st_size != 0)  + 	    printf("You have %smail.\n",  + 		   (st.st_mtime > st.st_atime) ? "new " : "");  + 	}  + #endif ++  ++ #ifdef HAVE_LOGIN_CAP_H ++       login_close(lc); ++ #endif          /* Do common processing for the child, such as execing the command. */          do_child(command, pw, term, display, auth_proto, auth_data, ttyname);  *************** -*** 2969,2975 **** +*** 2986,2992 ****      char *user_shell;      char *remote_ip;      int remote_port; @@ -59,7 +145,7 @@      /* Check /etc/nologin. */      f = fopen("/etc/nologin", "r");      if (f) ---- 2992,3004 ---- +--- 3051,3063 ----      char *user_shell;      char *remote_ip;      int remote_port; @@ -74,8 +160,8 @@      f = fopen("/etc/nologin", "r");      if (f)  *************** -*** 2983,2988 **** ---- 3012,3018 ---- +*** 3000,3005 **** +--- 3071,3077 ----          if (pw->pw_uid != UID_ROOT)    	exit(254);        } @@ -84,7 +170,7 @@      if (command != NULL)        {  *************** -*** 2995,3001 **** +*** 3012,3018 ****          else    	log_msg("executing remote command as user %.200s", pw->pw_name);        } @@ -92,7 +178,7 @@    #ifdef HAVE_SETLOGIN      /* Set login name in the kernel.  Warning: setsid() must be called before         this. */ ---- 3025,3032 ---- +--- 3084,3091 ----          else    	log_msg("executing remote command as user %.200s", pw->pw_name);        } @@ -102,8 +188,8 @@      /* Set login name in the kernel.  Warning: setsid() must be called before         this. */  *************** -*** 3016,3021 **** ---- 3047,3053 ---- +*** 3033,3038 **** +--- 3106,3112 ----      if (setpcred((char *)pw->pw_name, NULL))        log_msg("setpcred %.100s: %.100s", strerror(errno));    #endif /* HAVE_USERSEC_H */ @@ -112,8 +198,8 @@      /* Save some data that will be needed so that we can do certain cleanups         before we switch to user's uid.  (We must clear all sensitive data   *************** -*** 3086,3091 **** ---- 3118,3181 ---- +*** 3103,3108 **** +--- 3177,3240 ----      if (command != NULL || !options.use_login)    #endif /* USELOGIN */        { @@ -179,8 +265,8 @@          if (getuid() == UID_ROOT || geteuid() == UID_ROOT)    	{   *************** -*** 3117,3122 **** ---- 3207,3213 ---- +*** 3134,3139 **** +--- 3266,3272 ----          if (getuid() != user_uid || geteuid() != user_uid)    	fatal("Failed to set uids to %d.", (int)user_uid); @@ -189,8 +275,8 @@      /* Reset signals to their default settings before starting the user  *************** -*** 3127,3137 **** ---- 3218,3233 ---- +*** 3144,3154 **** +--- 3277,3292 ----         and means /bin/sh. */      shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell; @@ -208,8 +294,8 @@    #ifdef USELOGIN      if (command != NULL || !options.use_login)  *************** -*** 3141,3146 **** ---- 3237,3244 ---- +*** 3158,3163 **** +--- 3296,3303 ----          child_set_env(&env, &envsize, "HOME", user_dir);          child_set_env(&env, &envsize, "USER", user_name);          child_set_env(&env, &envsize, "LOGNAME", user_name); @@ -219,8 +305,8 @@    #ifdef MAIL_SPOOL_DIRECTORY  *************** -*** 3152,3157 **** ---- 3250,3256 ---- +*** 3169,3174 **** +--- 3309,3315 ----          child_set_env(&env, &envsize, "MAIL", buf);    #endif /* MAIL_SPOOL_FILE */    #endif /* MAIL_SPOOL_DIRECTORY */ @@ -229,8 +315,8 @@    #ifdef HAVE_ETC_DEFAULT_LOGIN          /* Read /etc/default/login; this exists at least on Solaris 2.x.  Note  *************** -*** 3167,3175 **** ---- 3266,3276 ---- +*** 3184,3192 **** +--- 3325,3335 ----        child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",    		  original_command); @@ -243,8 +329,8 @@      /* Set custom environment options from RSA authentication. */      while (custom_environment)   *************** -*** 3389,3395 **** ---- 3490,3500 ---- +*** 3406,3412 **** +--- 3549,3559 ----    	  /* Execute the shell. */    	  argv[0] = buf;    	  argv[1] = NULL; @@ -257,8 +343,8 @@    	  perror(shell);    	  exit(1);  *************** -*** 3410,3416 **** ---- 3515,3525 ---- +*** 3427,3433 **** +--- 3574,3584 ----      argv[1] = "-c";      argv[2] = (char *)command;      argv[3] = NULL; diff --git a/security/ssh2/files/patch-aj b/security/ssh2/files/patch-aj index 008d4dec5cdc..2227e00716f2 100644 --- a/security/ssh2/files/patch-aj +++ b/security/ssh2/files/patch-aj @@ -1,7 +1,7 @@ -*** configure.in.orig	Thu Mar 27 09:04:06 1997 ---- configure.in	Sat Mar 29 01:16:51 1997 +*** configure.in.orig	Sun Apr  6 03:56:58 1997 +--- configure.in	Wed Apr 16 23:04:16 1997  *************** -*** 574,582 **** +*** 579,587 ****    export CFLAGS CC @@ -11,7 +11,7 @@    AC_MSG_CHECKING([that the compiler works])    AC_TRY_RUN([ main(int ac, char **av) { return 0; } ], ---- 574,582 ---- +--- 579,587 ----    export CFLAGS CC @@ -22,7 +22,7 @@    AC_MSG_CHECKING([that the compiler works])    AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],  *************** -*** 628,634 **** +*** 633,639 ****    AC_HEADER_STDC    AC_HEADER_SYS_WAIT @@ -30,7 +30,7 @@    AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)    AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)    AC_HEADER_TIME ---- 628,634 ---- +--- 633,639 ----    AC_HEADER_STDC    AC_HEADER_SYS_WAIT diff --git a/security/ssh2/files/patch-al b/security/ssh2/files/patch-al index 7ca297bc9ea7..9b8ef9f85303 100644 --- a/security/ssh2/files/patch-al +++ b/security/ssh2/files/patch-al @@ -1,8 +1,8 @@ -*** sshconnect.c.orig	Thu Mar 27 09:04:10 1997 ---- sshconnect.c	Sat Mar 29 01:16:51 1997 +*** sshconnect.c.orig	Sun Apr  6 03:57:04 1997 +--- sshconnect.c	Wed Apr 16 23:04:17 1997  *************** -*** 298,303 **** ---- 298,309 ---- +*** 302,307 **** +--- 302,313 ----        {          struct sockaddr_in sin;          int p; @@ -16,8 +16,8 @@    	{    	  sock = socket(AF_INET, SOCK_STREAM, 0);  *************** -*** 325,330 **** ---- 331,337 ---- +*** 329,334 **** +--- 335,341 ----    	    }    	  fatal("bind: %.100s", strerror(errno));    	} | 
