From 64e68af6e266bad0bf9679c994da249922c793dc Mon Sep 17 00:00:00 2001 From: Brian Feldman Date: Tue, 27 Jun 2000 21:30:39 +0000 Subject: Update to OpenSSH 2.1.1 and fix SSHv2 serving (passwd botch). --- security/openssh/Makefile | 4 ++-- security/openssh/distinfo | 2 +- security/openssh/files/patch-ad | 13 +++++------ security/openssh/files/patch-ak | 17 ++++----------- security/openssh/files/patch-au | 48 ++++++++++++++++++++++------------------- security/openssh/files/patch-ay | 14 ++++++++++++ 6 files changed, 54 insertions(+), 44 deletions(-) create mode 100644 security/openssh/files/patch-ay (limited to 'security') diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 41511c74b4b0..9be0d009e818 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -6,12 +6,12 @@ # PORTNAME= OpenSSH -PORTVERSION= 2.1.0 +PORTVERSION= 2.1.1 CATEGORIES= security MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/ \ ftp://ftp.usa.openbsd.org/pub/OpenBSD/OpenSSH/ \ ftp://ftp1.se.openbsd.org/pub/OpenBSD/OpenSSH/ -DISTNAME= openssh-2.1.0 +DISTNAME= openssh-${PORTVERSION} EXTRACT_SUFX= .tgz MAINTAINER= green@FreeBSD.org diff --git a/security/openssh/distinfo b/security/openssh/distinfo index 78012e985857..f01380f39a67 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1 +1 @@ -MD5 (openssh-2.1.0.tgz) = e931cba4d47f98a55e32d061a43b96c4 +MD5 (openssh-2.1.1.tgz) = ed323003ae30bfb9bd1e2a899a32e765 diff --git a/security/openssh/files/patch-ad b/security/openssh/files/patch-ad index e1ed1433b178..165f5ae2379e 100644 --- a/security/openssh/files/patch-ad +++ b/security/openssh/files/patch-ad @@ -1,11 +1,12 @@ ---- lib/Makefile.orig Thu Apr 27 05:56:30 2000 -+++ lib/Makefile Fri May 12 07:07:30 2000 -@@ -5,7 +5,11 @@ +--- lib/Makefile.orig Wed May 17 01:20:16 2000 ++++ lib/Makefile Tue Jun 20 16:14:06 2000 +@@ -5,7 +5,12 @@ cipher.c compat.c compress.c crc32.c deattack.c fingerprint.c \ hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ -- key.c dispatch.c dsa.c kex.c hmac.c uuencode.c -+ key.c dispatch.c dsa.c kex.c hmac.c uuencode.c strlcat.c strlcpy.c +- key.c dispatch.c dsa.c kex.c hmac.c uuencode.c aux.c ++ key.c dispatch.c dsa.c kex.c hmac.c uuencode.c aux.c \ ++ strlcat.c strlcpy.c + +.if defined(COMPAT_GETADDRINFO) +SRCS+= getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c @@ -13,7 +14,7 @@ NOPROFILE= yes NOPIC= yes -@@ -14,6 +18,7 @@ +@@ -14,6 +19,7 @@ @echo -n .include diff --git a/security/openssh/files/patch-ak b/security/openssh/files/patch-ak index 3358914a71aa..d139441788fd 100644 --- a/security/openssh/files/patch-ak +++ b/security/openssh/files/patch-ak @@ -1,6 +1,6 @@ ---- ssh.c.orig Mon May 8 13:12:15 2000 -+++ ssh.c Sat May 20 01:02:44 2000 -@@ -154,6 +154,9 @@ +--- ssh.c.orig Tue May 30 23:36:40 2000 ++++ ssh.c Tue Jun 20 16:15:29 2000 +@@ -156,6 +156,9 @@ log("Using rsh. WARNING: Connection will not be encrypted."); /* Build argument list for rsh. */ i = 0; @@ -10,16 +10,7 @@ args[i++] = _PATH_RSH; /* host may have to come after user on some systems */ args[i++] = host; -@@ -422,7 +425,7 @@ - if (!host) - usage(); - -- OpenSSL_add_all_algorithms(); -+ SSLeay_add_all_algorithms(); - - /* Initialize the command to execute on remote host. */ - buffer_init(&command); -@@ -477,6 +480,11 @@ +@@ -482,6 +485,11 @@ pwcopy.pw_gid = pw->pw_gid; pwcopy.pw_dir = xstrdup(pw->pw_dir); pwcopy.pw_shell = xstrdup(pw->pw_shell); diff --git a/security/openssh/files/patch-au b/security/openssh/files/patch-au index 6686795ef790..f0076dd0e146 100644 --- a/security/openssh/files/patch-au +++ b/security/openssh/files/patch-au @@ -1,5 +1,5 @@ ---- session.c.orig Wed May 3 14:03:07 2000 -+++ session.c Sat May 13 15:43:38 2000 +--- session.c.orig Mon Jun 5 12:53:40 2000 ++++ session.c Tue Jun 20 16:20:37 2000 @@ -27,6 +27,18 @@ #include "ssh2.h" #include "auth.h" @@ -19,7 +19,7 @@ /* types */ #define TTYSZ 64 -@@ -403,6 +415,13 @@ +@@ -401,6 +413,13 @@ log_init(__progname, options.log_level, options.log_facility, log_stderr); /* @@ -33,7 +33,7 @@ * Create a new session and process group since the 4.4BSD * setlogin() affects the entire process group. */ -@@ -504,6 +523,10 @@ +@@ -502,6 +521,10 @@ struct sockaddr_storage from; struct stat st; time_t last_login_time; @@ -44,7 +44,7 @@ if (s == NULL) fatal("do_exec_pty: no session"); -@@ -513,15 +536,6 @@ +@@ -511,15 +534,6 @@ /* Get remote host name. */ hostname = get_canonical_hostname(); @@ -60,7 +60,7 @@ /* Fork the child. */ if ((pid = fork()) == 0) { pid = getpid(); -@@ -530,6 +544,22 @@ +@@ -528,6 +542,22 @@ changed. */ log_init(__progname, options.log_level, options.log_facility, log_stderr); @@ -83,7 +83,7 @@ /* Close the master side of the pseudo tty. */ close(ptyfd); -@@ -573,6 +603,12 @@ +@@ -571,6 +601,12 @@ /* Check if .hushlogin exists. */ snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); quiet_login = stat(line, &st) >= 0; @@ -96,7 +96,7 @@ /* * If the user has logged in before, display the time of last -@@ -596,6 +632,20 @@ +@@ -594,6 +630,20 @@ else printf("Last login: %s from %s\r\n", time_string, buf); } @@ -117,7 +117,7 @@ /* * Print /etc/motd unless a command was specified or printing * it was disabled in server options or login(1) will be -@@ -605,7 +655,18 @@ +@@ -603,7 +653,18 @@ if (command == NULL && options.print_motd && !quiet_login && !options.use_login) { /* Print /etc/motd if it exists. */ @@ -136,17 +136,21 @@ if (f) { while (fgets(line, sizeof(line), f)) fputs(line, stdout); -@@ -743,9 +804,25 @@ +@@ -746,13 +807,29 @@ extern char **environ; struct stat st; char *argv[10]; +#ifdef LOGIN_CAP -+ login_cap_t *lc; -+ -+ lc = login_getpwclass(pw); -+ if (lc == NULL) -+ lc = login_getclassbyname(NULL, pw); -+#endif /* LOGIN_CAP */ ++ login_cap_t *lc; ++ ++ lc = login_getpwclass(pw); ++ if (lc == NULL) ++ lc = login_getclassbyname(NULL, pw); ++ #endif /* LOGIN_CAP */ + + /* login(1) is only called if we execute the login shell */ + if (options.use_login && command != NULL) + options.use_login = 0; f = fopen("/etc/nologin", "r"); +#ifdef __FreeBSD__ @@ -162,7 +166,7 @@ /* /etc/nologin exists. Print its contents and exit. */ while (fgets(buf, sizeof(buf), f)) fputs(buf, stderr); -@@ -761,6 +838,13 @@ +@@ -768,6 +845,13 @@ /* Login(1) does this as well, and it needs uid 0 for the "-h" switch, so we let login(1) to this for us. */ if (!options.use_login) { @@ -176,7 +180,7 @@ if (getuid() == 0 || geteuid() == 0) { if (setgid(pw->pw_gid) < 0) { perror("setgid"); -@@ -783,7 +867,14 @@ +@@ -790,7 +874,14 @@ * Get the shell from the password data. An empty shell field is * legal, and means /bin/sh. */ @@ -191,7 +195,7 @@ #ifdef AFS /* Try to get AFS tokens for the local cell. */ -@@ -807,7 +898,12 @@ +@@ -814,7 +905,12 @@ child_set_env(&env, &envsize, "USER", pw->pw_name); child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); child_set_env(&env, &envsize, "HOME", pw->pw_dir); @@ -204,7 +208,7 @@ snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name); -@@ -896,6 +992,9 @@ +@@ -904,6 +1000,9 @@ * descriptors left by system functions. They will be closed later. */ endpwent(); @@ -214,7 +218,7 @@ /* * Close any extra open file descriptors so that we don\'t have them -@@ -903,7 +1002,7 @@ +@@ -911,7 +1010,7 @@ * initgroups, because at least on Solaris 2.3 it leaves file * descriptors open. */ @@ -223,7 +227,7 @@ close(i); /* Change current directory to the user\'s home directory. */ -@@ -922,7 +1021,27 @@ +@@ -930,7 +1029,27 @@ * in this order). */ if (!options.use_login) { diff --git a/security/openssh/files/patch-ay b/security/openssh/files/patch-ay new file mode 100644 index 000000000000..2b16a5b1eb73 --- /dev/null +++ b/security/openssh/files/patch-ay @@ -0,0 +1,14 @@ +--- auth2.c.orig Tue Jun 27 14:20:06 2000 ++++ auth2.c Tue Jun 27 14:21:20 2000 +@@ -357,6 +357,11 @@ + copy->pw_gid = pw->pw_gid; + copy->pw_dir = xstrdup(pw->pw_dir); + copy->pw_shell = xstrdup(pw->pw_shell); ++#ifdef __FreeBSD__ ++ copy->pw_class = xstrdup(pw->pw_class); ++ copy->pw_expire = pw->pw_expire; ++ copy->pw_change = pw->pw_change; ++#endif /* __FreeBSD__ */ + authctxt->valid = 1; + } else { + if (strcmp(u, authctxt->user) != 0 || -- cgit v1.2.3