summaryrefslogtreecommitdiffstats
path: root/shells/rssh
diff options
context:
space:
mode:
authorleeym <leeym@FreeBSD.org>2004-09-21 20:37:18 +0000
committerleeym <leeym@FreeBSD.org>2004-09-21 20:37:18 +0000
commit7a90fe53561a4137574d257a6594583ad6e3a73d (patch)
tree8040c5f421bc4a8216a49de7a49a903889d12a54 /shells/rssh
parent000a09ae89fc3eb79e1699cdf30b0a7df6187fba (diff)
downloadFreeBSD-ports-7a90fe53561a4137574d257a6594583ad6e3a73d.zip
FreeBSD-ports-7a90fe53561a4137574d257a6594583ad6e3a73d.tar.gz
- rssh < 2.2.1 has information disclosure vulnerability, so update to 2.2.1
- rssh depends on rsync and rdist (optionally) PR: 71472 Submitted by: leeym Approved by: portmgr (marcus)
Diffstat (limited to 'shells/rssh')
-rw-r--r--shells/rssh/Makefile19
-rw-r--r--shells/rssh/distinfo4
-rw-r--r--shells/rssh/files/patch-util.c94
3 files changed, 20 insertions, 97 deletions
diff --git a/shells/rssh/Makefile b/shells/rssh/Makefile
index 19c4d38..2eafc12 100644
--- a/shells/rssh/Makefile
+++ b/shells/rssh/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= rssh
-PORTVERSION= 2.1.1
+PORTVERSION= 2.2.1
CATEGORIES= shells security
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
@@ -15,11 +15,28 @@ MAINTAINER= enigmatyc@laposte.net
COMMENT= A Restricted Secure SHell only for sftp or/and scp
GNU_CONFIGURE= yes
+
MAN1= rssh.1
+MAN5= rssh.conf.5
PLIST_FILES= bin/rssh etc/rssh.conf.dist libexec/rssh_chroot_helper
+OPTIONS= RSYNC "rsync support" off \
+ RDIST "rdist support" off
+
.include <bsd.port.pre.mk>
+
.if ${OSVERSION} < 500000
IGNORE= wordexp() is not supported on 4.x
.endif
+
+.if defined(WITH_RSYNC)
+RUN_DEPENDS+= ${LOCALBASE}/bin/rsync:${PORTSDIR}/net/rsync
+CONFIGURE_ARGS+=--with-rsync=${LOCALBASE}/bin/rsync
+.endif
+
+.if defined(WITH_RSYNC)
+RUN_DEPENDS+= ${LOCALBASE}/bin/rdist6:${PORTSDIR}/net/rdist6
+CONFIGURE_ARGS+=--with-rdist=${LOCALBASE}/bin/rdist6
+.endif
+
.include <bsd.port.post.mk>
diff --git a/shells/rssh/distinfo b/shells/rssh/distinfo
index 5ac9df4..50b868c 100644
--- a/shells/rssh/distinfo
+++ b/shells/rssh/distinfo
@@ -1,2 +1,2 @@
-MD5 (rssh-2.1.1.tar.gz) = d5260ad91fe71ba28ecb310892cc4139
-SIZE (rssh-2.1.1.tar.gz) = 88858
+MD5 (rssh-2.2.1.tar.gz) = 2d427ee7f4ea46b075fa0ab3f39b4089
+SIZE (rssh-2.2.1.tar.gz) = 95552
diff --git a/shells/rssh/files/patch-util.c b/shells/rssh/files/patch-util.c
deleted file mode 100644
index 46474e8..0000000
--- a/shells/rssh/files/patch-util.c
+++ /dev/null
@@ -1,94 +0,0 @@
---- util.c.orig Mon Jul 7 20:41:29 2003
-+++ util.c Fri Apr 16 01:28:16 2004
-@@ -1,9 +1,9 @@
- /*
- * util.c - utility functions for rssh
-- *
-+ *
- * Copyright 2003 Derek D. Martin ( code at pizzashack dot org ).
- *
-- * This program is licensed under a BSD-style license, as follows:
-+ * This program is licensed under a BSD-style license, as follows:
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
-@@ -66,10 +66,10 @@
- extern char *username;
- extern char *progname;
-
--/*
-+/*
- * build_arg_vector() - return a pointer to a vector of strings which
- * represent the arguments of the command to execv().
-- */
-+ */
- char **build_arg_vector( char *str, size_t reserve )
- {
-
-@@ -77,18 +77,18 @@
- int retc;
-
- result.we_offs = reserve;
-- if ( (retc = wordexp(str, &result, WRDE_NOCMD|WRDE_DOOFFS)) ){
-+ if ( (retc = wordexp(str, &result, WRDE_NOCMD|WRDE_DOOFS)) ){
- log_set_priority(LOG_ERR);
- switch( retc ){
- case WRDE_BADCHAR:
- case WRDE_CMDSUB:
-- fprintf(stderr, "%s: bad characters in arguments\n",
-+ fprintf(stderr, "%s: bad characters in arguments\n",
- progname);
- log_msg("user %s used bad chars in command",
- username);
- break;
- default:
-- fprintf(stderr, "%s: error expanding arguments\n",
-+ fprintf(stderr, "%s: error expanding arguments\n",
- progname);
- log_msg("error expanding arguments for user %s",
- username);
-@@ -105,7 +105,7 @@
-
- log_set_priority(LOG_ERR);
- /* determine which commands are usable for error message */
-- if ( (flags & (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP)) ==
-+ if ( (flags & (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP)) ==
- (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP) )
- cmd = " to scp or sftp";
- else if ( flags & RSSH_ALLOW_SCP )
-@@ -147,7 +147,7 @@
- len = strlen(PATH_SFTP_SERVER);
- if ( cl_len < len ) len = cl_len;
- /* check to see if cl starts with an allowed command */
-- if ( !(strncmp(cl, PATH_SFTP_SERVER, len)) &&
-+ if ( !(strncmp(cl, PATH_SFTP_SERVER, len)) &&
- (isspace(cl[len]) || cl[len] == '\0') &&
- opts->shell_flags & RSSH_ALLOW_SFTP )
- return PATH_SFTP_SERVER;
-@@ -155,7 +155,7 @@
- len = 3;
- /* if cl_len is less than 3, then it's not a valid command */
- if ( cl_len < 3 ) return NULL;
-- if ( !(strncmp(cl, "scp", len)) &&
-+ if ( !(strncmp(cl, "scp", len)) &&
- (isspace(cl[len])) &&
- opts->shell_flags & RSSH_ALLOW_SCP ){
- return PATH_SCP;
-@@ -183,7 +183,7 @@
- len--;
- }
- if ( (strncmp(root, path, len)) ) return NULL;
--
-+
- /*
- * path[len] is the first character of path which is not part of root.
- * If it is not '/' then we chopped path off in the middle of a path
-@@ -223,7 +223,7 @@
- * them. Returns the bits in the bool pointers of the
- * same name, and returns FALSE if the bits are not valid
- */
--int validate_access( const char *temp, bool *allow_sftp,
-+int validate_access( const char *temp, bool *allow_sftp,
- bool *allow_scp )
- {
- char scp[2];
OpenPOWER on IntegriCloud