summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorpeter <peter@FreeBSD.org>1997-04-25 05:01:06 +0000
committerpeter <peter@FreeBSD.org>1997-04-25 05:01:06 +0000
commit41086c704391ae15bfb78fb30d1187f0c1433342 (patch)
tree9f56711a06d44fe6024fffc541b1303cb43f613f /security
parent49cc230a234daf65f3662bcc80bf1d951e338e8a (diff)
downloadFreeBSD-ports-41086c704391ae15bfb78fb30d1187f0c1433342.zip
FreeBSD-ports-41086c704391ae15bfb78fb30d1187f0c1433342.tar.gz
Update from ssh-1.2.19 to ssh-1.2.20. All patches applied still, I just
regenerated them to fix the line numbers. Also, I added two commented out options in Makefile, one to tell sshd that a group writeable homedir is OK because all users are in their own group, and the other is to allow an unencrypted connection (which is dangerous since it can lead to compromise of keys), but on a secure network it's damn useful for backups etc.
Diffstat (limited to 'security')
-rw-r--r--security/ssh/Makefile17
-rw-r--r--security/ssh/distinfo2
-rw-r--r--security/ssh/files/patch-aa8
-rw-r--r--security/ssh/files/patch-ac28
-rw-r--r--security/ssh/files/patch-af76
-rw-r--r--security/ssh/files/patch-al12
-rw-r--r--security/ssh2/Makefile17
-rw-r--r--security/ssh2/distinfo2
-rw-r--r--security/ssh2/files/patch-aa8
-rw-r--r--security/ssh2/files/patch-ab22
-rw-r--r--security/ssh2/files/patch-ac28
-rw-r--r--security/ssh2/files/patch-af76
-rw-r--r--security/ssh2/files/patch-aj12
-rw-r--r--security/ssh2/files/patch-al12
14 files changed, 169 insertions, 151 deletions
diff --git a/security/ssh/Makefile b/security/ssh/Makefile
index f06d971..d00ccc3 100644
--- a/security/ssh/Makefile
+++ b/security/ssh/Makefile
@@ -1,16 +1,16 @@
# New ports collection makefile for: ssh
-# Version required: 1.2.19
+# Version required: 1.2.20
# Date created: 30 Jul 1995
# Whom: torstenb@FreeBSD.ORG
#
-# $Id: Makefile,v 1.38 1997/04/16 19:48:09 ache Exp $
+# $Id: Makefile,v 1.39 1997/04/20 13:53:01 wosch Exp $
#
# Maximal ssh package requires YES values for
# USE_PERL, USE_TCPWRAP
#
-DISTNAME= ssh-1.2.19
-CATEGORIES= security net perl5
+DISTNAME= ssh-1.2.20
+CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
MAINTAINER= torstenb@FreeBSD.ORG
@@ -35,6 +35,15 @@ GNU_CONFIGURE= YES
CONFIGURE_ARGS= --prefix=${PREFIX} --with-etcdir=${PREFIX}/etc
+#Uncomment if all your users are in their own group and their homedir
+#is writeable by that group. Beware the security implications!
+#CONFIGURE_ARGS+= --enable-group-writeability
+
+#Uncomment if you want to allow ssh to emulate an unencrypted rsh connection
+#over a secure medium. This is normally dangerous since it can lead to the
+#disclosure keys and passwords.
+#CONFIGURE_ARGS+= --with-none
+
.if defined(USA_RESIDENT) && ${USA_RESIDENT} == YES
CONFIGURE_ARGS+= --with-rsaref
.endif
diff --git a/security/ssh/distinfo b/security/ssh/distinfo
index b921c3e..b41c04c 100644
--- a/security/ssh/distinfo
+++ b/security/ssh/distinfo
@@ -1,2 +1,2 @@
-MD5 (ssh-1.2.19.tar.gz) = a7a1b400788173b548f1c04642a52396
+MD5 (ssh-1.2.20.tar.gz) = 11d88175e5d6d9d59bea0a70330bcab4
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
diff --git a/security/ssh/files/patch-aa b/security/ssh/files/patch-aa
index 3ef8ce9..83e9968 100644
--- a/security/ssh/files/patch-aa
+++ b/security/ssh/files/patch-aa
@@ -1,7 +1,7 @@
-*** make-ssh-known-hosts.pl.in.orig Thu Mar 27 09:04:06 1997
---- make-ssh-known-hosts.pl.in Fri Mar 28 15:11:19 1997
+*** make-ssh-known-hosts.pl.in.orig Wed Apr 23 08:40:05 1997
+--- make-ssh-known-hosts.pl.in Fri Apr 25 12:38:21 1997
***************
-*** 84,90 ****
+*** 87,93 ****
$debug = 5;
$defserver = '';
$bell='\a';
@@ -9,7 +9,7 @@
$private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
$timeout = 60;
$ping_timeout = 3;
---- 84,90 ----
+--- 87,93 ----
$debug = 5;
$defserver = '';
$bell='\a';
diff --git a/security/ssh/files/patch-ac b/security/ssh/files/patch-ac
index 6823f8a..90cc133 100644
--- a/security/ssh/files/patch-ac
+++ b/security/ssh/files/patch-ac
@@ -1,7 +1,7 @@
-*** Makefile.in.orig Sun Apr 6 03:56:58 1997
---- Makefile.in Wed Apr 16 22:59:17 1997
+*** Makefile.in.orig Wed Apr 23 08:40:06 1997
+--- Makefile.in Fri Apr 25 12:39:38 1997
***************
-*** 229,240 ****
+*** 237,248 ****
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -14,7 +14,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
---- 229,246 ----
+--- 237,254 ----
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -34,7 +34,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
***************
-*** 328,334 ****
+*** 336,342 ****
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -42,7 +42,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
---- 334,340 ----
+--- 342,348 ----
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -51,7 +51,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
***************
-*** 365,383 ****
+*** 373,391 ****
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -71,7 +71,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
---- 371,389 ----
+--- 379,397 ----
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -92,7 +92,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
***************
-*** 434,440 ****
+*** 442,448 ****
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
@@ -100,7 +100,7 @@
-rm -f $(install_prefix)$(bindir)/ssh.old
-mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
-chmod 755 $(install_prefix)$(bindir)/ssh.old
---- 440,446 ----
+--- 448,454 ----
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
@@ -109,7 +109,7 @@
-mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
-chmod 755 $(install_prefix)$(bindir)/ssh.old
***************
-*** 543,569 ****
+*** 551,577 ****
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -137,7 +137,7 @@
tar pcf $(DISTNAME).tar $(DISTNAME)
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
---- 549,575 ----
+--- 557,583 ----
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -166,7 +166,7 @@
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
***************
-*** 575,581 ****
+*** 583,589 ****
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
@@ -174,7 +174,7 @@
tags:
-rm -f TAGS
---- 581,587 ----
+--- 589,595 ----
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
diff --git a/security/ssh/files/patch-af b/security/ssh/files/patch-af
index 94bfa15..5e3eb7c 100644
--- a/security/ssh/files/patch-af
+++ b/security/ssh/files/patch-af
@@ -1,8 +1,8 @@
-*** sshd.c.orig Sun Apr 6 03:57:00 1997
---- sshd.c Wed Apr 16 23:27:28 1997
+*** sshd.c.orig Wed Apr 23 08:40:08 1997
+--- sshd.c Fri Apr 25 12:40:20 1997
***************
-*** 379,384 ****
---- 379,388 ----
+*** 400,405 ****
+--- 400,409 ----
#include "firewall.h" /* TIS authsrv authentication */
#endif
@@ -14,8 +14,8 @@
#define DEFAULT_SHELL _PATH_BSHELL
#else
***************
-*** 2617,2622 ****
---- 2621,2629 ----
+*** 2654,2659 ****
+--- 2658,2666 ----
struct sockaddr_in from;
int fromlen;
struct pty_cleanup_context cleanup_context;
@@ -26,7 +26,7 @@
/* We no longer need the child running on user's privileges. */
userfile_uninit();
***************
-*** 2688,2698 ****
+*** 2725,2735 ****
record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
&from);
@@ -38,7 +38,7 @@
/* If the user has logged in before, display the time of last login.
However, don't display anything extra if a command has been
specified (so that ssh can be used to execute commands on a remote
---- 2695,2713 ----
+--- 2732,2750 ----
record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
&from);
@@ -59,8 +59,8 @@
However, don't display anything extra if a command has been
specified (so that ssh can be used to execute commands on a remote
***************
-*** 2712,2717 ****
---- 2727,2755 ----
+*** 2749,2754 ****
+--- 2764,2792 ----
printf("Last login: %s from %s\r\n", time_string, buf);
}
@@ -91,8 +91,8 @@
disabled in server options. Note that some machines appear to
print it in /etc/profile or similar. */
***************
-*** 2721,2727 ****
---- 2759,2769 ----
+*** 2758,2764 ****
+--- 2796,2806 ----
FILE *f;
/* Print /etc/motd if it exists. */
@@ -105,8 +105,8 @@
{
while (fgets(line, sizeof(line), f))
***************
-*** 2729,2734 ****
---- 2771,2799 ----
+*** 2766,2771 ****
+--- 2808,2836 ----
fclose(f);
}
}
@@ -137,7 +137,7 @@
/* Do common processing for the child, such as execing the command. */
do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
***************
-*** 2986,2992 ****
+*** 3017,3023 ****
char *user_shell;
char *remote_ip;
int remote_port;
@@ -145,7 +145,7 @@
/* Check /etc/nologin. */
f = fopen("/etc/nologin", "r");
if (f)
---- 3051,3063 ----
+--- 3082,3094 ----
char *user_shell;
char *remote_ip;
int remote_port;
@@ -160,8 +160,8 @@
f = fopen("/etc/nologin", "r");
if (f)
***************
-*** 3000,3005 ****
---- 3071,3077 ----
+*** 3031,3036 ****
+--- 3102,3108 ----
if (pw->pw_uid != UID_ROOT)
exit(254);
}
@@ -170,7 +170,7 @@
if (command != NULL)
{
***************
-*** 3012,3018 ****
+*** 3043,3049 ****
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -178,7 +178,7 @@
#ifdef HAVE_SETLOGIN
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
---- 3084,3091 ----
+--- 3115,3122 ----
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -188,8 +188,8 @@
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
***************
-*** 3033,3038 ****
---- 3106,3112 ----
+*** 3064,3069 ****
+--- 3137,3143 ----
if (setpcred((char *)pw->pw_name, NULL))
log_msg("setpcred %.100s: %.100s", strerror(errno));
#endif /* HAVE_USERSEC_H */
@@ -198,8 +198,8 @@
/* Save some data that will be needed so that we can do certain cleanups
before we switch to user's uid. (We must clear all sensitive data
***************
-*** 3103,3108 ****
---- 3177,3240 ----
+*** 3134,3139 ****
+--- 3208,3271 ----
if (command != NULL || !options.use_login)
#endif /* USELOGIN */
{
@@ -265,8 +265,8 @@
if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
{
***************
-*** 3134,3139 ****
---- 3266,3272 ----
+*** 3165,3170 ****
+--- 3297,3303 ----
if (getuid() != user_uid || geteuid() != user_uid)
fatal("Failed to set uids to %d.", (int)user_uid);
@@ -275,8 +275,8 @@
/* Reset signals to their default settings before starting the user
***************
-*** 3144,3154 ****
---- 3277,3292 ----
+*** 3175,3185 ****
+--- 3308,3323 ----
and means /bin/sh. */
shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell;
@@ -294,8 +294,8 @@
#ifdef USELOGIN
if (command != NULL || !options.use_login)
***************
-*** 3158,3163 ****
---- 3296,3303 ----
+*** 3189,3194 ****
+--- 3327,3334 ----
child_set_env(&env, &envsize, "HOME", user_dir);
child_set_env(&env, &envsize, "USER", user_name);
child_set_env(&env, &envsize, "LOGNAME", user_name);
@@ -305,8 +305,8 @@
#ifdef MAIL_SPOOL_DIRECTORY
***************
-*** 3169,3174 ****
---- 3309,3315 ----
+*** 3200,3205 ****
+--- 3340,3346 ----
child_set_env(&env, &envsize, "MAIL", buf);
#endif /* MAIL_SPOOL_FILE */
#endif /* MAIL_SPOOL_DIRECTORY */
@@ -315,8 +315,8 @@
#ifdef HAVE_ETC_DEFAULT_LOGIN
/* Read /etc/default/login; this exists at least on Solaris 2.x. Note
***************
-*** 3184,3192 ****
---- 3325,3335 ----
+*** 3215,3223 ****
+--- 3356,3366 ----
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);
@@ -329,8 +329,8 @@
/* Set custom environment options from RSA authentication. */
while (custom_environment)
***************
-*** 3406,3412 ****
---- 3549,3559 ----
+*** 3437,3443 ****
+--- 3580,3590 ----
/* Execute the shell. */
argv[0] = buf;
argv[1] = NULL;
@@ -343,8 +343,8 @@
perror(shell);
exit(1);
***************
-*** 3427,3433 ****
---- 3574,3584 ----
+*** 3458,3464 ****
+--- 3605,3615 ----
argv[1] = "-c";
argv[2] = (char *)command;
argv[3] = NULL;
diff --git a/security/ssh/files/patch-al b/security/ssh/files/patch-al
index 9b8ef9f..1da799c 100644
--- a/security/ssh/files/patch-al
+++ b/security/ssh/files/patch-al
@@ -1,8 +1,8 @@
-*** sshconnect.c.orig Sun Apr 6 03:57:04 1997
---- sshconnect.c Wed Apr 16 23:04:17 1997
+*** sshconnect.c.orig Wed Apr 23 08:40:11 1997
+--- sshconnect.c Fri Apr 25 12:41:59 1997
***************
-*** 302,307 ****
---- 302,313 ----
+*** 311,316 ****
+--- 311,322 ----
{
struct sockaddr_in sin;
int p;
@@ -16,8 +16,8 @@
{
sock = socket(AF_INET, SOCK_STREAM, 0);
***************
-*** 329,334 ****
---- 335,341 ----
+*** 338,343 ****
+--- 344,350 ----
}
fatal("bind: %.100s", strerror(errno));
}
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile
index f06d971..d00ccc3 100644
--- a/security/ssh2/Makefile
+++ b/security/ssh2/Makefile
@@ -1,16 +1,16 @@
# New ports collection makefile for: ssh
-# Version required: 1.2.19
+# Version required: 1.2.20
# Date created: 30 Jul 1995
# Whom: torstenb@FreeBSD.ORG
#
-# $Id: Makefile,v 1.38 1997/04/16 19:48:09 ache Exp $
+# $Id: Makefile,v 1.39 1997/04/20 13:53:01 wosch Exp $
#
# Maximal ssh package requires YES values for
# USE_PERL, USE_TCPWRAP
#
-DISTNAME= ssh-1.2.19
-CATEGORIES= security net perl5
+DISTNAME= ssh-1.2.20
+CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
MAINTAINER= torstenb@FreeBSD.ORG
@@ -35,6 +35,15 @@ GNU_CONFIGURE= YES
CONFIGURE_ARGS= --prefix=${PREFIX} --with-etcdir=${PREFIX}/etc
+#Uncomment if all your users are in their own group and their homedir
+#is writeable by that group. Beware the security implications!
+#CONFIGURE_ARGS+= --enable-group-writeability
+
+#Uncomment if you want to allow ssh to emulate an unencrypted rsh connection
+#over a secure medium. This is normally dangerous since it can lead to the
+#disclosure keys and passwords.
+#CONFIGURE_ARGS+= --with-none
+
.if defined(USA_RESIDENT) && ${USA_RESIDENT} == YES
CONFIGURE_ARGS+= --with-rsaref
.endif
diff --git a/security/ssh2/distinfo b/security/ssh2/distinfo
index b921c3e..b41c04c 100644
--- a/security/ssh2/distinfo
+++ b/security/ssh2/distinfo
@@ -1,2 +1,2 @@
-MD5 (ssh-1.2.19.tar.gz) = a7a1b400788173b548f1c04642a52396
+MD5 (ssh-1.2.20.tar.gz) = 11d88175e5d6d9d59bea0a70330bcab4
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
diff --git a/security/ssh2/files/patch-aa b/security/ssh2/files/patch-aa
index 3ef8ce9..83e9968 100644
--- a/security/ssh2/files/patch-aa
+++ b/security/ssh2/files/patch-aa
@@ -1,7 +1,7 @@
-*** make-ssh-known-hosts.pl.in.orig Thu Mar 27 09:04:06 1997
---- make-ssh-known-hosts.pl.in Fri Mar 28 15:11:19 1997
+*** make-ssh-known-hosts.pl.in.orig Wed Apr 23 08:40:05 1997
+--- make-ssh-known-hosts.pl.in Fri Apr 25 12:38:21 1997
***************
-*** 84,90 ****
+*** 87,93 ****
$debug = 5;
$defserver = '';
$bell='\a';
@@ -9,7 +9,7 @@
$private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
$timeout = 60;
$ping_timeout = 3;
---- 84,90 ----
+--- 87,93 ----
$debug = 5;
$defserver = '';
$bell='\a';
diff --git a/security/ssh2/files/patch-ab b/security/ssh2/files/patch-ab
index fb3ded7..0456b49 100644
--- a/security/ssh2/files/patch-ab
+++ b/security/ssh2/files/patch-ab
@@ -1,7 +1,7 @@
-*** configure.orig Sun Apr 6 03:56:58 1997
---- configure Wed Apr 16 22:52:47 1997
+*** configure.orig Wed Apr 23 08:40:06 1997
+--- configure Fri Apr 25 12:38:54 1997
***************
-*** 1634,1645 ****
+*** 1757,1768 ****
export CFLAGS CC
@@ -13,10 +13,10 @@
-
echo $ac_n "checking that the compiler works""... $ac_c" 1>&6
- echo "configure:1646: checking that the compiler works" >&5
---- 1634,1639 ----
+ echo "configure:1769: checking that the compiler works" >&5
+--- 1757,1762 ----
***************
-*** 2632,2638 ****
+*** 2759,2765 ****
fi
@@ -24,7 +24,7 @@
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
---- 2626,2632 ----
+--- 2753,2759 ----
fi
@@ -33,7 +33,7 @@
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
***************
-*** 6749,6755 ****
+*** 7031,7037 ****
cat >> $CONFIG_STATUS <<EOF
@@ -41,7 +41,7 @@
EOF
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
---- 6743,6749 ----
+--- 7025,7031 ----
cat >> $CONFIG_STATUS <<EOF
@@ -50,8 +50,8 @@
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
***************
-*** 6953,6958 ****
---- 6947,6954 ----
+*** 7235,7240 ****
+--- 7229,7236 ----
done
for ac_config_dir in gmp-2.0.2-ssh-2; do
diff --git a/security/ssh2/files/patch-ac b/security/ssh2/files/patch-ac
index 6823f8a..90cc133 100644
--- a/security/ssh2/files/patch-ac
+++ b/security/ssh2/files/patch-ac
@@ -1,7 +1,7 @@
-*** Makefile.in.orig Sun Apr 6 03:56:58 1997
---- Makefile.in Wed Apr 16 22:59:17 1997
+*** Makefile.in.orig Wed Apr 23 08:40:06 1997
+--- Makefile.in Fri Apr 25 12:39:38 1997
***************
-*** 229,240 ****
+*** 237,248 ****
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -14,7 +14,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
---- 229,246 ----
+--- 237,254 ----
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -34,7 +34,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
***************
-*** 328,334 ****
+*** 336,342 ****
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -42,7 +42,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
---- 334,340 ----
+--- 342,348 ----
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -51,7 +51,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
***************
-*** 365,383 ****
+*** 373,391 ****
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -71,7 +71,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
---- 371,389 ----
+--- 379,397 ----
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -92,7 +92,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
***************
-*** 434,440 ****
+*** 442,448 ****
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
@@ -100,7 +100,7 @@
-rm -f $(install_prefix)$(bindir)/ssh.old
-mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
-chmod 755 $(install_prefix)$(bindir)/ssh.old
---- 440,446 ----
+--- 448,454 ----
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
@@ -109,7 +109,7 @@
-mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
-chmod 755 $(install_prefix)$(bindir)/ssh.old
***************
-*** 543,569 ****
+*** 551,577 ****
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -137,7 +137,7 @@
tar pcf $(DISTNAME).tar $(DISTNAME)
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
---- 549,575 ----
+--- 557,583 ----
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -166,7 +166,7 @@
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
***************
-*** 575,581 ****
+*** 583,589 ****
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
@@ -174,7 +174,7 @@
tags:
-rm -f TAGS
---- 581,587 ----
+--- 589,595 ----
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
diff --git a/security/ssh2/files/patch-af b/security/ssh2/files/patch-af
index 94bfa15..5e3eb7c 100644
--- a/security/ssh2/files/patch-af
+++ b/security/ssh2/files/patch-af
@@ -1,8 +1,8 @@
-*** sshd.c.orig Sun Apr 6 03:57:00 1997
---- sshd.c Wed Apr 16 23:27:28 1997
+*** sshd.c.orig Wed Apr 23 08:40:08 1997
+--- sshd.c Fri Apr 25 12:40:20 1997
***************
-*** 379,384 ****
---- 379,388 ----
+*** 400,405 ****
+--- 400,409 ----
#include "firewall.h" /* TIS authsrv authentication */
#endif
@@ -14,8 +14,8 @@
#define DEFAULT_SHELL _PATH_BSHELL
#else
***************
-*** 2617,2622 ****
---- 2621,2629 ----
+*** 2654,2659 ****
+--- 2658,2666 ----
struct sockaddr_in from;
int fromlen;
struct pty_cleanup_context cleanup_context;
@@ -26,7 +26,7 @@
/* We no longer need the child running on user's privileges. */
userfile_uninit();
***************
-*** 2688,2698 ****
+*** 2725,2735 ****
record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
&from);
@@ -38,7 +38,7 @@
/* If the user has logged in before, display the time of last login.
However, don't display anything extra if a command has been
specified (so that ssh can be used to execute commands on a remote
---- 2695,2713 ----
+--- 2732,2750 ----
record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
&from);
@@ -59,8 +59,8 @@
However, don't display anything extra if a command has been
specified (so that ssh can be used to execute commands on a remote
***************
-*** 2712,2717 ****
---- 2727,2755 ----
+*** 2749,2754 ****
+--- 2764,2792 ----
printf("Last login: %s from %s\r\n", time_string, buf);
}
@@ -91,8 +91,8 @@
disabled in server options. Note that some machines appear to
print it in /etc/profile or similar. */
***************
-*** 2721,2727 ****
---- 2759,2769 ----
+*** 2758,2764 ****
+--- 2796,2806 ----
FILE *f;
/* Print /etc/motd if it exists. */
@@ -105,8 +105,8 @@
{
while (fgets(line, sizeof(line), f))
***************
-*** 2729,2734 ****
---- 2771,2799 ----
+*** 2766,2771 ****
+--- 2808,2836 ----
fclose(f);
}
}
@@ -137,7 +137,7 @@
/* Do common processing for the child, such as execing the command. */
do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
***************
-*** 2986,2992 ****
+*** 3017,3023 ****
char *user_shell;
char *remote_ip;
int remote_port;
@@ -145,7 +145,7 @@
/* Check /etc/nologin. */
f = fopen("/etc/nologin", "r");
if (f)
---- 3051,3063 ----
+--- 3082,3094 ----
char *user_shell;
char *remote_ip;
int remote_port;
@@ -160,8 +160,8 @@
f = fopen("/etc/nologin", "r");
if (f)
***************
-*** 3000,3005 ****
---- 3071,3077 ----
+*** 3031,3036 ****
+--- 3102,3108 ----
if (pw->pw_uid != UID_ROOT)
exit(254);
}
@@ -170,7 +170,7 @@
if (command != NULL)
{
***************
-*** 3012,3018 ****
+*** 3043,3049 ****
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -178,7 +178,7 @@
#ifdef HAVE_SETLOGIN
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
---- 3084,3091 ----
+--- 3115,3122 ----
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -188,8 +188,8 @@
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
***************
-*** 3033,3038 ****
---- 3106,3112 ----
+*** 3064,3069 ****
+--- 3137,3143 ----
if (setpcred((char *)pw->pw_name, NULL))
log_msg("setpcred %.100s: %.100s", strerror(errno));
#endif /* HAVE_USERSEC_H */
@@ -198,8 +198,8 @@
/* Save some data that will be needed so that we can do certain cleanups
before we switch to user's uid. (We must clear all sensitive data
***************
-*** 3103,3108 ****
---- 3177,3240 ----
+*** 3134,3139 ****
+--- 3208,3271 ----
if (command != NULL || !options.use_login)
#endif /* USELOGIN */
{
@@ -265,8 +265,8 @@
if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
{
***************
-*** 3134,3139 ****
---- 3266,3272 ----
+*** 3165,3170 ****
+--- 3297,3303 ----
if (getuid() != user_uid || geteuid() != user_uid)
fatal("Failed to set uids to %d.", (int)user_uid);
@@ -275,8 +275,8 @@
/* Reset signals to their default settings before starting the user
***************
-*** 3144,3154 ****
---- 3277,3292 ----
+*** 3175,3185 ****
+--- 3308,3323 ----
and means /bin/sh. */
shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell;
@@ -294,8 +294,8 @@
#ifdef USELOGIN
if (command != NULL || !options.use_login)
***************
-*** 3158,3163 ****
---- 3296,3303 ----
+*** 3189,3194 ****
+--- 3327,3334 ----
child_set_env(&env, &envsize, "HOME", user_dir);
child_set_env(&env, &envsize, "USER", user_name);
child_set_env(&env, &envsize, "LOGNAME", user_name);
@@ -305,8 +305,8 @@
#ifdef MAIL_SPOOL_DIRECTORY
***************
-*** 3169,3174 ****
---- 3309,3315 ----
+*** 3200,3205 ****
+--- 3340,3346 ----
child_set_env(&env, &envsize, "MAIL", buf);
#endif /* MAIL_SPOOL_FILE */
#endif /* MAIL_SPOOL_DIRECTORY */
@@ -315,8 +315,8 @@
#ifdef HAVE_ETC_DEFAULT_LOGIN
/* Read /etc/default/login; this exists at least on Solaris 2.x. Note
***************
-*** 3184,3192 ****
---- 3325,3335 ----
+*** 3215,3223 ****
+--- 3356,3366 ----
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);
@@ -329,8 +329,8 @@
/* Set custom environment options from RSA authentication. */
while (custom_environment)
***************
-*** 3406,3412 ****
---- 3549,3559 ----
+*** 3437,3443 ****
+--- 3580,3590 ----
/* Execute the shell. */
argv[0] = buf;
argv[1] = NULL;
@@ -343,8 +343,8 @@
perror(shell);
exit(1);
***************
-*** 3427,3433 ****
---- 3574,3584 ----
+*** 3458,3464 ****
+--- 3605,3615 ----
argv[1] = "-c";
argv[2] = (char *)command;
argv[3] = NULL;
diff --git a/security/ssh2/files/patch-aj b/security/ssh2/files/patch-aj
index 2227e00..60f7495 100644
--- a/security/ssh2/files/patch-aj
+++ b/security/ssh2/files/patch-aj
@@ -1,7 +1,7 @@
-*** configure.in.orig Sun Apr 6 03:56:58 1997
---- configure.in Wed Apr 16 23:04:16 1997
+*** configure.in.orig Wed Apr 23 08:40:06 1997
+--- configure.in Fri Apr 25 12:41:26 1997
***************
-*** 579,587 ****
+*** 616,624 ****
export CFLAGS CC
@@ -11,7 +11,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
---- 579,587 ----
+--- 616,624 ----
export CFLAGS CC
@@ -22,7 +22,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
***************
-*** 633,639 ****
+*** 671,677 ****
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
@@ -30,7 +30,7 @@
AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
AC_HEADER_TIME
---- 633,639 ----
+--- 671,677 ----
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
diff --git a/security/ssh2/files/patch-al b/security/ssh2/files/patch-al
index 9b8ef9f..1da799c 100644
--- a/security/ssh2/files/patch-al
+++ b/security/ssh2/files/patch-al
@@ -1,8 +1,8 @@
-*** sshconnect.c.orig Sun Apr 6 03:57:04 1997
---- sshconnect.c Wed Apr 16 23:04:17 1997
+*** sshconnect.c.orig Wed Apr 23 08:40:11 1997
+--- sshconnect.c Fri Apr 25 12:41:59 1997
***************
-*** 302,307 ****
---- 302,313 ----
+*** 311,316 ****
+--- 311,322 ----
{
struct sockaddr_in sin;
int p;
@@ -16,8 +16,8 @@
{
sock = socket(AF_INET, SOCK_STREAM, 0);
***************
-*** 329,334 ****
---- 335,341 ----
+*** 338,343 ****
+--- 344,350 ----
}
fatal("bind: %.100s", strerror(errno));
}
OpenPOWER on IntegriCloud