diff options
author | leeym <leeym@FreeBSD.org> | 2004-09-21 20:37:18 +0000 |
---|---|---|
committer | leeym <leeym@FreeBSD.org> | 2004-09-21 20:37:18 +0000 |
commit | 7a90fe53561a4137574d257a6594583ad6e3a73d (patch) | |
tree | 8040c5f421bc4a8216a49de7a49a903889d12a54 /shells/rssh | |
parent | 000a09ae89fc3eb79e1699cdf30b0a7df6187fba (diff) | |
download | FreeBSD-ports-7a90fe53561a4137574d257a6594583ad6e3a73d.zip FreeBSD-ports-7a90fe53561a4137574d257a6594583ad6e3a73d.tar.gz |
- rssh < 2.2.1 has information disclosure vulnerability, so update to 2.2.1
- rssh depends on rsync and rdist (optionally)
PR: 71472
Submitted by: leeym
Approved by: portmgr (marcus)
Diffstat (limited to 'shells/rssh')
-rw-r--r-- | shells/rssh/Makefile | 19 | ||||
-rw-r--r-- | shells/rssh/distinfo | 4 | ||||
-rw-r--r-- | shells/rssh/files/patch-util.c | 94 |
3 files changed, 20 insertions, 97 deletions
diff --git a/shells/rssh/Makefile b/shells/rssh/Makefile index 19c4d38..2eafc12 100644 --- a/shells/rssh/Makefile +++ b/shells/rssh/Makefile @@ -6,7 +6,7 @@ # PORTNAME= rssh -PORTVERSION= 2.1.1 +PORTVERSION= 2.2.1 CATEGORIES= shells security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -15,11 +15,28 @@ MAINTAINER= enigmatyc@laposte.net COMMENT= A Restricted Secure SHell only for sftp or/and scp GNU_CONFIGURE= yes + MAN1= rssh.1 +MAN5= rssh.conf.5 PLIST_FILES= bin/rssh etc/rssh.conf.dist libexec/rssh_chroot_helper +OPTIONS= RSYNC "rsync support" off \ + RDIST "rdist support" off + .include <bsd.port.pre.mk> + .if ${OSVERSION} < 500000 IGNORE= wordexp() is not supported on 4.x .endif + +.if defined(WITH_RSYNC) +RUN_DEPENDS+= ${LOCALBASE}/bin/rsync:${PORTSDIR}/net/rsync +CONFIGURE_ARGS+=--with-rsync=${LOCALBASE}/bin/rsync +.endif + +.if defined(WITH_RSYNC) +RUN_DEPENDS+= ${LOCALBASE}/bin/rdist6:${PORTSDIR}/net/rdist6 +CONFIGURE_ARGS+=--with-rdist=${LOCALBASE}/bin/rdist6 +.endif + .include <bsd.port.post.mk> diff --git a/shells/rssh/distinfo b/shells/rssh/distinfo index 5ac9df4..50b868c 100644 --- a/shells/rssh/distinfo +++ b/shells/rssh/distinfo @@ -1,2 +1,2 @@ -MD5 (rssh-2.1.1.tar.gz) = d5260ad91fe71ba28ecb310892cc4139 -SIZE (rssh-2.1.1.tar.gz) = 88858 +MD5 (rssh-2.2.1.tar.gz) = 2d427ee7f4ea46b075fa0ab3f39b4089 +SIZE (rssh-2.2.1.tar.gz) = 95552 diff --git a/shells/rssh/files/patch-util.c b/shells/rssh/files/patch-util.c deleted file mode 100644 index 46474e8..0000000 --- a/shells/rssh/files/patch-util.c +++ /dev/null @@ -1,94 +0,0 @@ ---- util.c.orig Mon Jul 7 20:41:29 2003 -+++ util.c Fri Apr 16 01:28:16 2004 -@@ -1,9 +1,9 @@ - /* - * util.c - utility functions for rssh -- * -+ * - * Copyright 2003 Derek D. Martin ( code at pizzashack dot org ). - * -- * This program is licensed under a BSD-style license, as follows: -+ * This program is licensed under a BSD-style license, as follows: - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions -@@ -66,10 +66,10 @@ - extern char *username; - extern char *progname; - --/* -+/* - * build_arg_vector() - return a pointer to a vector of strings which - * represent the arguments of the command to execv(). -- */ -+ */ - char **build_arg_vector( char *str, size_t reserve ) - { - -@@ -77,18 +77,18 @@ - int retc; - - result.we_offs = reserve; -- if ( (retc = wordexp(str, &result, WRDE_NOCMD|WRDE_DOOFFS)) ){ -+ if ( (retc = wordexp(str, &result, WRDE_NOCMD|WRDE_DOOFS)) ){ - log_set_priority(LOG_ERR); - switch( retc ){ - case WRDE_BADCHAR: - case WRDE_CMDSUB: -- fprintf(stderr, "%s: bad characters in arguments\n", -+ fprintf(stderr, "%s: bad characters in arguments\n", - progname); - log_msg("user %s used bad chars in command", - username); - break; - default: -- fprintf(stderr, "%s: error expanding arguments\n", -+ fprintf(stderr, "%s: error expanding arguments\n", - progname); - log_msg("error expanding arguments for user %s", - username); -@@ -105,7 +105,7 @@ - - log_set_priority(LOG_ERR); - /* determine which commands are usable for error message */ -- if ( (flags & (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP)) == -+ if ( (flags & (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP)) == - (RSSH_ALLOW_SCP | RSSH_ALLOW_SFTP) ) - cmd = " to scp or sftp"; - else if ( flags & RSSH_ALLOW_SCP ) -@@ -147,7 +147,7 @@ - len = strlen(PATH_SFTP_SERVER); - if ( cl_len < len ) len = cl_len; - /* check to see if cl starts with an allowed command */ -- if ( !(strncmp(cl, PATH_SFTP_SERVER, len)) && -+ if ( !(strncmp(cl, PATH_SFTP_SERVER, len)) && - (isspace(cl[len]) || cl[len] == '\0') && - opts->shell_flags & RSSH_ALLOW_SFTP ) - return PATH_SFTP_SERVER; -@@ -155,7 +155,7 @@ - len = 3; - /* if cl_len is less than 3, then it's not a valid command */ - if ( cl_len < 3 ) return NULL; -- if ( !(strncmp(cl, "scp", len)) && -+ if ( !(strncmp(cl, "scp", len)) && - (isspace(cl[len])) && - opts->shell_flags & RSSH_ALLOW_SCP ){ - return PATH_SCP; -@@ -183,7 +183,7 @@ - len--; - } - if ( (strncmp(root, path, len)) ) return NULL; -- -+ - /* - * path[len] is the first character of path which is not part of root. - * If it is not '/' then we chopped path off in the middle of a path -@@ -223,7 +223,7 @@ - * them. Returns the bits in the bool pointers of the - * same name, and returns FALSE if the bits are not valid - */ --int validate_access( const char *temp, bool *allow_sftp, -+int validate_access( const char *temp, bool *allow_sftp, - bool *allow_scp ) - { - char scp[2]; |