From 44dc4fd2002019e5c5c2be1a757853b894593677 Mon Sep 17 00:00:00 2001 From: Dirk Meyer Date: Sun, 18 Nov 2001 08:43:00 +0000 Subject: Update to openssh-3.0.1 and openssh-portable-3.0.1p1 - now in protocol2: Background ssh at logout when waiting for forwarded connection / X11 sessions to terminate disabled -DSKEY from Changelog (not complete): 20011115 - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian Fix from markus@ - (djm) Release 3.0.1p1 20011113 - (djm) Fix early (and double) free of remote user when using Kerberos. Patch from Simon Wilkinson - (djm) AIX login{success,failed} changes. Move loginsuccess call to do_authenticated. Call loginfailed for protocol 2 failures > MAX like we do for protocol 1. Reports from Ralf Wenk , K.Wolkersdorfer@fz-juelich.de and others - (djm) OpenBSD CVS Sync - dugsong@cvs.openbsd.org 2001/11/11 18:47:10 [auth-krb5.c] fix krb5 authorization check. found by . from art@, deraadt@ ok - markus@cvs.openbsd.org 2001/11/12 11:17:07 [servconf.c] enable authorized_keys2 again. tested by fries@ 20011112 - OpenBSD CVS Sync - markus@cvs.openbsd.org 2001/10/24 08:41:41 [sshd.c] mention remote port in debug message - markus@cvs.openbsd.org 2001/10/24 08:51:35 [clientloop.c ssh.c] ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@ - markus@cvs.openbsd.org 2001/10/24 19:57:40 [clientloop.c] make ~& (backgrounding) work again for proto v1; add support ~& for v2, too - markus@cvs.openbsd.org 2001/10/25 21:14:32 [ssh-keygen.1 ssh-keygen.c] better docu for fingerprinting, ok deraadt@ - markus@cvs.openbsd.org 2001/10/29 19:27:15 [sshconnect2.c] hostbased: check for client hostkey before building chost - markus@cvs.openbsd.org 2001/11/07 16:03:17 [packet.c packet.h sshconnect2.c] pad using the padding field from the ssh2 packet instead of sending extra ignore messages. tested against several other ssh servers. - markus@cvs.openbsd.org 2001/11/07 21:40:21 [ssh-rsa.c] ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported - markus@cvs.openbsd.org 2001/11/07 22:10:28 [ssh-dss.c ssh-rsa.c] missing free and sync dss/rsa code. - markus@cvs.openbsd.org 2001/11/07 22:53:21 [channels.h] crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com - markus@cvs.openbsd.org 2001/11/08 10:51:08 [readpass.c] don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. - markus@cvs.openbsd.org 2001/11/10 13:22:42 [ssh-rsa.c] KNF (unexpand) - markus@cvs.openbsd.org 2001/11/11 13:02:31 [servconf.c] make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified. 20011109 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) if permit_empty_passwd == 0 so null password check cannot be bypassed. jayaraj@amritapuri.com OpenBSD bug 2168 --- security/openssh/files/patch-ad | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'security/openssh/files/patch-ad') diff --git a/security/openssh/files/patch-ad b/security/openssh/files/patch-ad index 7dcdab138466..f3bbcbbe37d3 100644 --- a/security/openssh/files/patch-ad +++ b/security/openssh/files/patch-ad @@ -1,22 +1,19 @@ ---- lib/Makefile.orig Mon Sep 24 22:34:07 2001 -+++ lib/Makefile Wed Oct 3 13:45:40 2001 -@@ -9,10 +9,14 @@ +--- lib/Makefile.orig Tue Jun 26 19:52:41 2001 ++++ lib/Makefile Thu Nov 15 06:10:43 2001 +@@ -9,7 +9,11 @@ rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ key.c dispatch.c kex.c mac.c uuencode.c misc.c \ rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \ - scard.c + scard.c strlcpy.c strlcat.c - - SRCS+= readpassphrase.c - ++ +.if defined(COMPAT_GETADDRINFO) +SRCS+= getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c +.endif -+ + NOPROFILE= yes NOPIC= yes - -@@ -20,6 +24,8 @@ +@@ -18,6 +22,8 @@ @echo -n .include -- cgit v1.2.3