From 44dc4fd2002019e5c5c2be1a757853b894593677 Mon Sep 17 00:00:00 2001 From: Dirk Meyer Date: Sun, 18 Nov 2001 08:43:00 +0000 Subject: Update to openssh-3.0.1 and openssh-portable-3.0.1p1 - now in protocol2: Background ssh at logout when waiting for forwarded connection / X11 sessions to terminate disabled -DSKEY from Changelog (not complete): 20011115 - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian Fix from markus@ - (djm) Release 3.0.1p1 20011113 - (djm) Fix early (and double) free of remote user when using Kerberos. Patch from Simon Wilkinson - (djm) AIX login{success,failed} changes. Move loginsuccess call to do_authenticated. Call loginfailed for protocol 2 failures > MAX like we do for protocol 1. Reports from Ralf Wenk , K.Wolkersdorfer@fz-juelich.de and others - (djm) OpenBSD CVS Sync - dugsong@cvs.openbsd.org 2001/11/11 18:47:10 [auth-krb5.c] fix krb5 authorization check. found by . from art@, deraadt@ ok - markus@cvs.openbsd.org 2001/11/12 11:17:07 [servconf.c] enable authorized_keys2 again. tested by fries@ 20011112 - OpenBSD CVS Sync - markus@cvs.openbsd.org 2001/10/24 08:41:41 [sshd.c] mention remote port in debug message - markus@cvs.openbsd.org 2001/10/24 08:51:35 [clientloop.c ssh.c] ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@ - markus@cvs.openbsd.org 2001/10/24 19:57:40 [clientloop.c] make ~& (backgrounding) work again for proto v1; add support ~& for v2, too - markus@cvs.openbsd.org 2001/10/25 21:14:32 [ssh-keygen.1 ssh-keygen.c] better docu for fingerprinting, ok deraadt@ - markus@cvs.openbsd.org 2001/10/29 19:27:15 [sshconnect2.c] hostbased: check for client hostkey before building chost - markus@cvs.openbsd.org 2001/11/07 16:03:17 [packet.c packet.h sshconnect2.c] pad using the padding field from the ssh2 packet instead of sending extra ignore messages. tested against several other ssh servers. - markus@cvs.openbsd.org 2001/11/07 21:40:21 [ssh-rsa.c] ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported - markus@cvs.openbsd.org 2001/11/07 22:10:28 [ssh-dss.c ssh-rsa.c] missing free and sync dss/rsa code. - markus@cvs.openbsd.org 2001/11/07 22:53:21 [channels.h] crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com - markus@cvs.openbsd.org 2001/11/08 10:51:08 [readpass.c] don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. - markus@cvs.openbsd.org 2001/11/10 13:22:42 [ssh-rsa.c] KNF (unexpand) - markus@cvs.openbsd.org 2001/11/11 13:02:31 [servconf.c] make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified. 20011109 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) if permit_empty_passwd == 0 so null password check cannot be bypassed. jayaraj@amritapuri.com OpenBSD bug 2168 --- security/openssh/files/patch-am | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'security/openssh/files/patch-am') diff --git a/security/openssh/files/patch-am b/security/openssh/files/patch-am index 8c88701f8682..1cf6fe09175c 100644 --- a/security/openssh/files/patch-am +++ b/security/openssh/files/patch-am @@ -1,6 +1,6 @@ ---- sshd/Makefile.orig Sun Aug 20 14:42:41 2000 -+++ sshd/Makefile Sat Nov 4 17:08:36 2000 -@@ -3,8 +3,8 @@ +--- sshd/Makefile.orig Fri Nov 16 06:02:09 2001 ++++ sshd/Makefile Fri Nov 16 06:03:51 2001 +@@ -5,8 +5,8 @@ PROG= sshd BINOWN= root BINMODE=555 @@ -9,17 +9,17 @@ +BINDIR= /sbin +MAN8= sshd.8 CFLAGS+=-DHAVE_LOGIN_CAP + #CFLAGS+=-DBSD_AUTH - SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ -@@ -12,6 +12,7 @@ - auth.c auth1.c auth2.c auth-options.c session.c +@@ -17,6 +17,7 @@ + auth-skey.c auth-bsdauth.c .include # for KERBEROS and AFS +.include "../Makefile.inc" - .if (${KERBEROS} == "yes") - .if (${AFS} == "yes") -@@ -19,9 +20,9 @@ + .if (${KERBEROS5:L} == "yes") + CFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/kerberosV +@@ -31,15 +32,15 @@ LDADD+= -lkafs DPADD+= ${LIBKRBAFS} .endif # AFS @@ -31,12 +31,10 @@ DPADD+= ${LIBKRB} .endif # KERBEROS -@@ -31,7 +32,7 @@ - .include -LDADD+= -lcrypto -lutil -lz +LDADD+= ${CRYPTOLIBS} -lcrypt -lutil -lz DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} - .if (${TCP_WRAPPERS} == "yes") + .if (${TCP_WRAPPERS:L} == "yes") -- cgit v1.2.3