diff options
author | dinoex <dinoex@FreeBSD.org> | 2004-08-18 11:35:53 +0000 |
---|---|---|
committer | dinoex <dinoex@FreeBSD.org> | 2004-08-18 11:35:53 +0000 |
commit | ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb (patch) | |
tree | 81743e5e6b631d1967298757bf02ee748bed4855 /security/hpn-ssh | |
parent | 81bcec16de4a612151e564a8a36b822109aafaac (diff) | |
download | FreeBSD-ports-ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb.zip FreeBSD-ports-ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb.tar.gz |
- update to 3.9p1
set PORTVERSION 3.9.0.1 to avoid another
bump of PORTEPOCH if 3.9.1p1 come out.
- new option OPENSSH_SNAPSHOT
Diffstat (limited to 'security/hpn-ssh')
-rw-r--r-- | security/hpn-ssh/Makefile | 26 | ||||
-rw-r--r-- | security/hpn-ssh/distinfo | 4 | ||||
-rw-r--r-- | security/hpn-ssh/files/patch-auth1.c | 28 | ||||
-rw-r--r-- | security/hpn-ssh/files/patch-monitor_wrap.c | 18 | ||||
-rw-r--r-- | security/hpn-ssh/files/patch-regress-test-exec.sh | 14 | ||||
-rw-r--r-- | security/hpn-ssh/files/patch-session.c | 19 |
6 files changed, 46 insertions, 63 deletions
diff --git a/security/hpn-ssh/Makefile b/security/hpn-ssh/Makefile index ff013ce..0a642dd 100644 --- a/security/hpn-ssh/Makefile +++ b/security/hpn-ssh/Makefile @@ -6,16 +6,33 @@ # PORTNAME= openssh -PORTVERSION= 3.8.1p1 +PORTVERSION= 3.9.0.1 +.if defined(OPENSSH_SNAPSHOT) +PORTREVISION!= date -v-1d +%Y%m%d +.endif PORTEPOCH= 1 CATEGORIES= security ipv6 -MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ - ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/ +MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%SUBDIR%/ \ + ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/%SUBDIR%/ PKGNAMESUFFIX?= ${PORTABLE_SUFFIX}${GSSAPI_SUFFIX}${BASE_SUFFIX}${PKGNAMESUFFIX2} +MASTER_SITE_SUBDIR= ${MASTER_SITE_SUBDIR2} +DISTNAME= ${DISTNAME2} MAINTAINER= dinoex@FreeBSD.org COMMENT= The portable version of OpenBSD's OpenSSH +OPENSSHVERSION= 3.9p1 +.if defined(OPENSSH_SNAPSHOT) +MASTER_SITE_SUBDIR2= snapshot/ +DISTNAME2= ${PORTNAME}-SNAP-${PORTREVISION} +NO_CHECKSUM= yes +WRKSRC= ${WRKDIR}/${PORTNAME} +.else +MASTER_SITE_SUBDIR2= +DISTNAME2= ${PORTNAME}-${OPENSSHVERSION} +WRKSRC= ${WRKDIR}/${PORTNAME}-${OPENSSHVERSION} +.endif + MAN1= sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1 MLINKS= ssh.1 slogin.1 MAN5= ssh_config.5 sshd_config.5 @@ -130,6 +147,9 @@ test: .include <bsd.port.pre.mk> +SUDO?= +MAKE_ENV+= SUDO="${SUDO}" + .if defined(KRB5_HOME) && exists(${KRB5_HOME}) || defined(WITH_GSSAPI) .if ${OPENSSLBASE} == "/usr" CONFIGURE_ARGS+= --without-rpath diff --git a/security/hpn-ssh/distinfo b/security/hpn-ssh/distinfo index 0fca737..f65062a 100644 --- a/security/hpn-ssh/distinfo +++ b/security/hpn-ssh/distinfo @@ -1,2 +1,2 @@ -MD5 (openssh-3.8.1p1.tar.gz) = 1dbfd40ae683f822ae917eebf171ca42 -SIZE (openssh-3.8.1p1.tar.gz) = 817932 +MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e +SIZE (openssh-3.9p1.tar.gz) = 854027 diff --git a/security/hpn-ssh/files/patch-auth1.c b/security/hpn-ssh/files/patch-auth1.c index 95d8d1a..2308a0d 100644 --- a/security/hpn-ssh/files/patch-auth1.c +++ b/security/hpn-ssh/files/patch-auth1.c @@ -1,6 +1,6 @@ ---- auth1.c.orig Tue Sep 2 23:32:46 2003 -+++ auth1.c Tue Sep 16 20:05:44 2003 -@@ -26,6 +26,7 @@ +--- auth1.c.orig Thu Aug 12 14:40:25 2004 ++++ auth1.c Tue Aug 17 05:40:29 2004 +@@ -25,6 +25,7 @@ #include "session.h" #include "uidswap.h" #include "monitor_wrap.h" @@ -8,10 +8,10 @@ /* import */ extern ServerOptions options; -@@ -71,6 +72,18 @@ +@@ -69,6 +70,18 @@ + u_int dlen; u_int ulen; int prev, type = 0; - struct passwd *pw = authctxt->pw; +#ifdef HAVE_LOGIN_CAP + login_cap_t *lc; +#endif @@ -26,25 +26,25 @@ +#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ debug("Attempting authentication for %s%.100s.", - authctxt->valid ? "" : "illegal user ", authctxt->user); -@@ -214,6 +227,34 @@ + authctxt->valid ? "" : "invalid user ", authctxt->user); +@@ -217,6 +230,34 @@ logit("Unknown message during authentication: type %d", type); break; } + +#ifdef HAVE_LOGIN_CAP -+ if (pw != NULL) { -+ lc = login_getpwclass(pw); ++ if (authctxt->pw != NULL) { ++ lc = login_getpwclass(authctxt->pw); + if (lc == NULL) -+ lc = login_getclassbyname(NULL, pw); ++ lc = login_getclassbyname(NULL, authctxt->pw); + if (!auth_hostok(lc, from_host, from_ip)) { + logit("Denied connection for %.200s from %.200s [%.200s].", -+ pw->pw_name, from_host, from_ip); ++ authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } + if (!auth_timeok(lc, time(NULL))) { + logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", -+ pw->pw_name, from_host); ++ authctxt->pw->pw_name, from_host); + packet_disconnect("Logins not available right now."); + } + login_close(lc); @@ -52,9 +52,9 @@ + } +#endif /* HAVE_LOGIN_CAP */ +#ifdef LOGIN_ACCESS -+ if (pw != NULL && !login_access(pw->pw_name, from_host)) { ++ if (authctxt->pw != NULL && !login_access(authctxt->pw->pw_name, from_host)) { + logit("Denied connection for %.200s from %.200s [%.200s].", -+ pw->pw_name, from_host, from_ip); ++ authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } +#endif /* LOGIN_ACCESS */ diff --git a/security/hpn-ssh/files/patch-monitor_wrap.c b/security/hpn-ssh/files/patch-monitor_wrap.c deleted file mode 100644 index 7e89d3a..0000000 --- a/security/hpn-ssh/files/patch-monitor_wrap.c +++ /dev/null @@ -1,18 +0,0 @@ ---- monitor_wrap.c.orig Tue Sep 2 14:51:17 2003 -+++ monitor_wrap.c Tue Sep 16 20:05:44 2003 -@@ -894,6 +894,7 @@ - return ((authok == 0) ? -1 : 0); - } - -+#ifdef SKEY - int - mm_skey_query(void *ctx, char **name, char **infotxt, - u_int *numprompts, char ***prompts, u_int **echo_on) -@@ -957,6 +958,7 @@ - - return ((authok == 0) ? -1 : 0); - } -+#endif - - void - mm_ssh1_session_id(u_char session_id[16]) diff --git a/security/hpn-ssh/files/patch-regress-test-exec.sh b/security/hpn-ssh/files/patch-regress-test-exec.sh index 4abc87c..5fbf834 100644 --- a/security/hpn-ssh/files/patch-regress-test-exec.sh +++ b/security/hpn-ssh/files/patch-regress-test-exec.sh @@ -1,11 +1,11 @@ ---- regress/test-exec.sh.orig Fri Sep 12 07:32:17 2003 -+++ regress/test-exec.sh Tue Sep 16 19:56:13 2003 -@@ -163,6 +163,8 @@ - AuthorizedKeysFile $OBJ/authorized_keys_%u - LogLevel QUIET - StrictModes no +--- regress/test-exec.sh.orig Fri Jun 25 05:46:09 2004 ++++ regress/test-exec.sh Tue Aug 17 05:27:49 2004 +@@ -178,6 +178,8 @@ + AcceptEnv _XXX_TEST_* + AcceptEnv _XXX_TEST + Subsystem sftp $SFTPSERVER + PermitRootLogin yes + UsePrivilegeSeparation no EOF - # server config for proxy connects + if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then diff --git a/security/hpn-ssh/files/patch-session.c b/security/hpn-ssh/files/patch-session.c index 1f038e3..61c1b45 100644 --- a/security/hpn-ssh/files/patch-session.c +++ b/security/hpn-ssh/files/patch-session.c @@ -143,25 +143,6 @@ if (check_quietlogin(s, command)) return; -@@ -726,7 +827,17 @@ - buffer_free(&loginmsg); - - #ifndef NO_SSH_LASTLOG -- if (options.print_lastlog && s->last_login_time != 0) { -+ /* -+ * If the user has logged in before, display the time of last -+ * login. However, don't display anything extra if a command -+ * has been specified (so that ssh can be used to execute -+ * commands on a remote machine without users knowing they -+ * are going to another machine). Login(1) will do this for -+ * us as well, so check if login(1) is used -+ */ -+ if (command == NULL && options.print_lastlog && -+ s->last_login_time != 0 && -+ !options.use_login) { - time_string = ctime(&s->last_login_time); - if (strchr(time_string, '\n')) - *strchr(time_string, '\n') = 0; @@ -738,7 +849,30 @@ } #endif /* NO_SSH_LASTLOG */ |