aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorache <ache@FreeBSD.org>1997-04-17 03:48:30 +0800
committerache <ache@FreeBSD.org>1997-04-17 03:48:30 +0800
commit4873712f71d4edb031ce34b13fae3ec575a0e5ca (patch)
treec6ef78891cef7acbb0ea340d6dd78e6c8b4ad659
parent9aea73282d0b577ced451d5d9e11260c371a4e30 (diff)
downloadfreebsd-ports-gnome-4873712f71d4edb031ce34b13fae3ec575a0e5ca.tar.gz
freebsd-ports-gnome-4873712f71d4edb031ce34b13fae3ec575a0e5ca.tar.zst
freebsd-ports-gnome-4873712f71d4edb031ce34b13fae3ec575a0e5ca.zip
Upgrade to 1.2.19
-rw-r--r--security/ssh/Makefile6
-rw-r--r--security/ssh/distinfo2
-rw-r--r--security/ssh/files/patch-ac40
-rw-r--r--security/ssh/files/patch-ad13
-rw-r--r--security/ssh/files/patch-af156
-rw-r--r--security/ssh/files/patch-al12
-rw-r--r--security/ssh2/Makefile6
-rw-r--r--security/ssh2/distinfo2
-rw-r--r--security/ssh2/files/patch-ab12
-rw-r--r--security/ssh2/files/patch-ac40
-rw-r--r--security/ssh2/files/patch-ad13
-rw-r--r--security/ssh2/files/patch-af156
-rw-r--r--security/ssh2/files/patch-aj12
-rw-r--r--security/ssh2/files/patch-al12
14 files changed, 314 insertions, 168 deletions
diff --git a/security/ssh/Makefile b/security/ssh/Makefile
index fd8320fbc049..faed91eeb44c 100644
--- a/security/ssh/Makefile
+++ b/security/ssh/Makefile
@@ -1,15 +1,15 @@
# New ports collection makefile for: ssh
-# Version required: 1.2.18
+# Version required: 1.2.19
# Date created: 30 Jul 1995
# Whom: torstenb@FreeBSD.ORG
#
-# $Id: Makefile,v 1.36 1996/11/20 12:45:41 adam Exp $
+# $Id: Makefile,v 1.37 1997/03/28 23:30:12 ache Exp $
#
# Maximal ssh package requires YES values for
# USE_PERL, USE_TCPWRAP
#
-DISTNAME= ssh-1.2.18
+DISTNAME= ssh-1.2.19
CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
diff --git a/security/ssh/distinfo b/security/ssh/distinfo
index 6faa4f65b675..b921c3e7c359 100644
--- a/security/ssh/distinfo
+++ b/security/ssh/distinfo
@@ -1,2 +1,2 @@
-MD5 (ssh-1.2.18.tar.gz) = 3ed9c159f1ab843966fb705168a69a8f
+MD5 (ssh-1.2.19.tar.gz) = a7a1b400788173b548f1c04642a52396
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
diff --git a/security/ssh/files/patch-ac b/security/ssh/files/patch-ac
index 31084324b943..6823f8a5bd28 100644
--- a/security/ssh/files/patch-ac
+++ b/security/ssh/files/patch-ac
@@ -1,7 +1,7 @@
-*** Makefile.in.orig Thu Mar 27 09:04:06 1997
---- Makefile.in Fri Mar 28 15:36:08 1997
+*** Makefile.in.orig Sun Apr 6 03:56:58 1997
+--- Makefile.in Wed Apr 16 22:59:17 1997
***************
-*** 225,236 ****
+*** 229,240 ****
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -14,7 +14,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
---- 225,242 ----
+--- 229,246 ----
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -34,7 +34,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
***************
-*** 324,330 ****
+*** 328,334 ****
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -42,7 +42,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
---- 330,336 ----
+--- 334,340 ----
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -51,7 +51,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
***************
-*** 361,379 ****
+*** 365,383 ****
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -71,7 +71,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
---- 367,385 ----
+--- 371,389 ----
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -92,24 +92,24 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
***************
-*** 430,436 ****
+*** 434,440 ****
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
! install: $(PROGRAMS) make-dirs generate-host-key install-configs
- $(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh
- -if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \
- rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \
---- 436,442 ----
+ -rm -f $(install_prefix)$(bindir)/ssh.old
+ -mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
+ -chmod 755 $(install_prefix)$(bindir)/ssh.old
+--- 440,446 ----
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
! install: $(PROGRAMS) make-dirs install-configs
- $(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh
- -if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \
- rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \
+ -rm -f $(install_prefix)$(bindir)/ssh.old
+ -mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
+ -chmod 755 $(install_prefix)$(bindir)/ssh.old
***************
-*** 531,557 ****
+*** 543,569 ****
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -137,7 +137,7 @@
tar pcf $(DISTNAME).tar $(DISTNAME)
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
---- 537,563 ----
+--- 549,575 ----
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -166,7 +166,7 @@
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
***************
-*** 563,569 ****
+*** 575,581 ****
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
@@ -174,7 +174,7 @@
tags:
-rm -f TAGS
---- 569,575 ----
+--- 581,587 ----
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
diff --git a/security/ssh/files/patch-ad b/security/ssh/files/patch-ad
deleted file mode 100644
index 536cf9cf642a..000000000000
--- a/security/ssh/files/patch-ad
+++ /dev/null
@@ -1,13 +0,0 @@
-*** ssh-agent.c.bak Thu Mar 27 09:04:12 1997
---- ssh-agent.c Tue Apr 1 08:08:06 1997
-***************
-*** 586,591 ****
---- 586,593 ----
- av++;
- ac--;
- }
-+ else
-+ break;
- }
- if (erflg)
- {
diff --git a/security/ssh/files/patch-af b/security/ssh/files/patch-af
index bd1982e6e60a..81068869685f 100644
--- a/security/ssh/files/patch-af
+++ b/security/ssh/files/patch-af
@@ -1,8 +1,8 @@
-*** sshd.c.orig Thu Mar 27 09:04:08 1997
---- sshd.c Sat Mar 29 02:11:03 1997
+*** sshd.c.orig Sun Apr 6 03:57:00 1997
+--- sshd.c Wed Apr 16 23:27:28 1997
***************
-*** 370,375 ****
---- 370,379 ----
+*** 379,384 ****
+--- 379,388 ----
#include "firewall.h" /* TIS authsrv authentication */
#endif
@@ -14,18 +14,76 @@
#define DEFAULT_SHELL _PATH_BSHELL
#else
***************
-*** 2697,2702 ****
---- 2701,2716 ----
+*** 2617,2622 ****
+--- 2621,2629 ----
+ struct sockaddr_in from;
+ int fromlen;
+ struct pty_cleanup_context cleanup_context;
++ #ifdef HAVE_LOGIN_CAP_H
++ login_cap_t *lc;
++ #endif
+
+ /* We no longer need the child running on user's privileges. */
+ userfile_uninit();
+***************
+*** 2688,2698 ****
+ record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
+ &from);
+
+ /* Check if .hushlogin exists. Note that we cannot use userfile
+ here because we are in the child. */
+ sprintf(line, "%.200s/.hushlogin", pw->pw_dir);
+ quiet_login = stat(line, &st) >= 0;
+!
+ /* If the user has logged in before, display the time of last login.
+ However, don't display anything extra if a command has been
+ specified (so that ssh can be used to execute commands on a remote
+--- 2695,2713 ----
+ record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
+ &from);
+
++ #ifdef HAVE_LOGIN_CAP_H
++ lc = login_getclass(pw);
++ #endif
++
+ /* Check if .hushlogin exists. Note that we cannot use userfile
+ here because we are in the child. */
+ sprintf(line, "%.200s/.hushlogin", pw->pw_dir);
+ quiet_login = stat(line, &st) >= 0;
+!
+! #ifdef HAVE_LOGIN_CAP_H
+! quiet_login = login_getcapbool(lc, "hushlogin", quiet_login);
+! #endif
+!
+ /* If the user has logged in before, display the time of last login.
+ However, don't display anything extra if a command has been
+ specified (so that ssh can be used to execute commands on a remote
+***************
+*** 2712,2717 ****
+--- 2727,2755 ----
printf("Last login: %s from %s\r\n", time_string, buf);
}
+ #ifdef __FreeBSD__
+ if (command == NULL && !quiet_login)
+ {
-+ printf("%s\n\t%s %s\n\n",
++ #ifdef HAVE_LOGIN_CAP_H
++ char *cw;
++ FILE *f;
++
++ cw = login_getcapstr(lc, "copyright", NULL, NULL);
++ if (cw != NULL && (f = fopen(cw, "r")) != NULL)
++ {
++ while (fgets(line, sizeof(line), f))
++ fputs(line, stdout);
++ fclose(f);
++ }
++ else
++ #endif
++ printf("%s\n\t%s %s\n\n",
+ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994",
-+ "The Regents of the University of California. ",
-+ "All rights reserved.");
++ "The Regents of the University of California. ",
++ "All rights reserved.");
+ }
+ #endif
+
@@ -33,25 +91,53 @@
disabled in server options. Note that some machines appear to
print it in /etc/profile or similar. */
***************
-*** 2714,2719 ****
---- 2728,2742 ----
+*** 2721,2727 ****
+--- 2759,2769 ----
+ FILE *f;
+
+ /* Print /etc/motd if it exists. */
++ #ifdef HAVE_LOGIN_CAP_H
++ f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", "/etc/motd"), "r");
++ #else
+ f = fopen("/etc/motd", "r");
++ #endif
+ if (f)
+ {
+ while (fgets(line, sizeof(line), f))
+***************
+*** 2729,2734 ****
+--- 2771,2799 ----
fclose(f);
}
}
+ #ifdef __FreeBSD__
+ if (command == NULL && !quiet_login)
+ {
++ #ifdef HAVE_LOGIN_CAP_H
++ char *mp = getenv("MAIL");
++
++ if (mp != NULL)
++ {
++ strncpy(line, mp, sizeof line);
++ line[sizeof line - 1] = '\0';
++ }
++ else
++ #endif
+ sprintf(line, "%s/%.200s", _PATH_MAILDIR, pw->pw_name);
+ if (stat(line, &st) == 0 && st.st_size != 0)
+ printf("You have %smail.\n",
+ (st.st_mtime > st.st_atime) ? "new " : "");
+ }
+ #endif
++
++ #ifdef HAVE_LOGIN_CAP_H
++ login_close(lc);
++ #endif
/* Do common processing for the child, such as execing the command. */
do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
***************
-*** 2969,2975 ****
+*** 2986,2992 ****
char *user_shell;
char *remote_ip;
int remote_port;
@@ -59,7 +145,7 @@
/* Check /etc/nologin. */
f = fopen("/etc/nologin", "r");
if (f)
---- 2992,3004 ----
+--- 3051,3063 ----
char *user_shell;
char *remote_ip;
int remote_port;
@@ -74,8 +160,8 @@
f = fopen("/etc/nologin", "r");
if (f)
***************
-*** 2983,2988 ****
---- 3012,3018 ----
+*** 3000,3005 ****
+--- 3071,3077 ----
if (pw->pw_uid != UID_ROOT)
exit(254);
}
@@ -84,7 +170,7 @@
if (command != NULL)
{
***************
-*** 2995,3001 ****
+*** 3012,3018 ****
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -92,7 +178,7 @@
#ifdef HAVE_SETLOGIN
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
---- 3025,3032 ----
+--- 3084,3091 ----
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -102,8 +188,8 @@
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
***************
-*** 3016,3021 ****
---- 3047,3053 ----
+*** 3033,3038 ****
+--- 3106,3112 ----
if (setpcred((char *)pw->pw_name, NULL))
log_msg("setpcred %.100s: %.100s", strerror(errno));
#endif /* HAVE_USERSEC_H */
@@ -112,8 +198,8 @@
/* Save some data that will be needed so that we can do certain cleanups
before we switch to user's uid. (We must clear all sensitive data
***************
-*** 3086,3091 ****
---- 3118,3181 ----
+*** 3103,3108 ****
+--- 3177,3240 ----
if (command != NULL || !options.use_login)
#endif /* USELOGIN */
{
@@ -179,8 +265,8 @@
if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
{
***************
-*** 3117,3122 ****
---- 3207,3213 ----
+*** 3134,3139 ****
+--- 3266,3272 ----
if (getuid() != user_uid || geteuid() != user_uid)
fatal("Failed to set uids to %d.", (int)user_uid);
@@ -189,8 +275,8 @@
/* Reset signals to their default settings before starting the user
***************
-*** 3127,3137 ****
---- 3218,3233 ----
+*** 3144,3154 ****
+--- 3277,3292 ----
and means /bin/sh. */
shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell;
@@ -208,8 +294,8 @@
#ifdef USELOGIN
if (command != NULL || !options.use_login)
***************
-*** 3141,3146 ****
---- 3237,3244 ----
+*** 3158,3163 ****
+--- 3296,3303 ----
child_set_env(&env, &envsize, "HOME", user_dir);
child_set_env(&env, &envsize, "USER", user_name);
child_set_env(&env, &envsize, "LOGNAME", user_name);
@@ -219,8 +305,8 @@
#ifdef MAIL_SPOOL_DIRECTORY
***************
-*** 3152,3157 ****
---- 3250,3256 ----
+*** 3169,3174 ****
+--- 3309,3315 ----
child_set_env(&env, &envsize, "MAIL", buf);
#endif /* MAIL_SPOOL_FILE */
#endif /* MAIL_SPOOL_DIRECTORY */
@@ -229,8 +315,8 @@
#ifdef HAVE_ETC_DEFAULT_LOGIN
/* Read /etc/default/login; this exists at least on Solaris 2.x. Note
***************
-*** 3167,3175 ****
---- 3266,3276 ----
+*** 3184,3192 ****
+--- 3325,3335 ----
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);
@@ -243,8 +329,8 @@
/* Set custom environment options from RSA authentication. */
while (custom_environment)
***************
-*** 3389,3395 ****
---- 3490,3500 ----
+*** 3406,3412 ****
+--- 3549,3559 ----
/* Execute the shell. */
argv[0] = buf;
argv[1] = NULL;
@@ -257,8 +343,8 @@
perror(shell);
exit(1);
***************
-*** 3410,3416 ****
---- 3515,3525 ----
+*** 3427,3433 ****
+--- 3574,3584 ----
argv[1] = "-c";
argv[2] = (char *)command;
argv[3] = NULL;
diff --git a/security/ssh/files/patch-al b/security/ssh/files/patch-al
index 7ca297bc9ea7..9b8ef9f85303 100644
--- a/security/ssh/files/patch-al
+++ b/security/ssh/files/patch-al
@@ -1,8 +1,8 @@
-*** sshconnect.c.orig Thu Mar 27 09:04:10 1997
---- sshconnect.c Sat Mar 29 01:16:51 1997
+*** sshconnect.c.orig Sun Apr 6 03:57:04 1997
+--- sshconnect.c Wed Apr 16 23:04:17 1997
***************
-*** 298,303 ****
---- 298,309 ----
+*** 302,307 ****
+--- 302,313 ----
{
struct sockaddr_in sin;
int p;
@@ -16,8 +16,8 @@
{
sock = socket(AF_INET, SOCK_STREAM, 0);
***************
-*** 325,330 ****
---- 331,337 ----
+*** 329,334 ****
+--- 335,341 ----
}
fatal("bind: %.100s", strerror(errno));
}
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile
index fd8320fbc049..faed91eeb44c 100644
--- a/security/ssh2/Makefile
+++ b/security/ssh2/Makefile
@@ -1,15 +1,15 @@
# New ports collection makefile for: ssh
-# Version required: 1.2.18
+# Version required: 1.2.19
# Date created: 30 Jul 1995
# Whom: torstenb@FreeBSD.ORG
#
-# $Id: Makefile,v 1.36 1996/11/20 12:45:41 adam Exp $
+# $Id: Makefile,v 1.37 1997/03/28 23:30:12 ache Exp $
#
# Maximal ssh package requires YES values for
# USE_PERL, USE_TCPWRAP
#
-DISTNAME= ssh-1.2.18
+DISTNAME= ssh-1.2.19
CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
diff --git a/security/ssh2/distinfo b/security/ssh2/distinfo
index 6faa4f65b675..b921c3e7c359 100644
--- a/security/ssh2/distinfo
+++ b/security/ssh2/distinfo
@@ -1,2 +1,2 @@
-MD5 (ssh-1.2.18.tar.gz) = 3ed9c159f1ab843966fb705168a69a8f
+MD5 (ssh-1.2.19.tar.gz) = a7a1b400788173b548f1c04642a52396
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
diff --git a/security/ssh2/files/patch-ab b/security/ssh2/files/patch-ab
index caa40dcd89fb..fb3ded791e3f 100644
--- a/security/ssh2/files/patch-ab
+++ b/security/ssh2/files/patch-ab
@@ -1,5 +1,5 @@
-*** configure.orig Thu Mar 27 09:04:06 1997
---- configure Fri Mar 28 15:18:56 1997
+*** configure.orig Sun Apr 6 03:56:58 1997
+--- configure Wed Apr 16 22:52:47 1997
***************
*** 1634,1645 ****
@@ -33,7 +33,7 @@
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
***************
-*** 6696,6702 ****
+*** 6749,6755 ****
cat >> $CONFIG_STATUS <<EOF
@@ -41,7 +41,7 @@
EOF
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
---- 6690,6696 ----
+--- 6743,6749 ----
cat >> $CONFIG_STATUS <<EOF
@@ -50,8 +50,8 @@
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
***************
-*** 6900,6905 ****
---- 6894,6901 ----
+*** 6953,6958 ****
+--- 6947,6954 ----
done
for ac_config_dir in gmp-2.0.2-ssh-2; do
diff --git a/security/ssh2/files/patch-ac b/security/ssh2/files/patch-ac
index 31084324b943..6823f8a5bd28 100644
--- a/security/ssh2/files/patch-ac
+++ b/security/ssh2/files/patch-ac
@@ -1,7 +1,7 @@
-*** Makefile.in.orig Thu Mar 27 09:04:06 1997
---- Makefile.in Fri Mar 28 15:36:08 1997
+*** Makefile.in.orig Sun Apr 6 03:56:58 1997
+--- Makefile.in Wed Apr 16 22:59:17 1997
***************
-*** 225,236 ****
+*** 229,240 ****
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -14,7 +14,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
---- 225,242 ----
+--- 229,246 ----
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@@ -34,7 +34,7 @@
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
***************
-*** 324,330 ****
+*** 328,334 ****
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -42,7 +42,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
---- 330,336 ----
+--- 334,340 ----
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@@ -51,7 +51,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
***************
-*** 361,379 ****
+*** 365,383 ****
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -71,7 +71,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
---- 367,385 ----
+--- 371,389 ----
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -92,24 +92,24 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
***************
-*** 430,436 ****
+*** 434,440 ****
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
! install: $(PROGRAMS) make-dirs generate-host-key install-configs
- $(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh
- -if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \
- rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \
---- 436,442 ----
+ -rm -f $(install_prefix)$(bindir)/ssh.old
+ -mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
+ -chmod 755 $(install_prefix)$(bindir)/ssh.old
+--- 440,446 ----
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
! install: $(PROGRAMS) make-dirs install-configs
- $(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh
- -if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \
- rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \
+ -rm -f $(install_prefix)$(bindir)/ssh.old
+ -mv $(install_prefix)$(bindir)/ssh $(install_prefix)$(bindir)/ssh.old
+ -chmod 755 $(install_prefix)$(bindir)/ssh.old
***************
-*** 531,557 ****
+*** 543,569 ****
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -137,7 +137,7 @@
tar pcf $(DISTNAME).tar $(DISTNAME)
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
---- 537,563 ----
+--- 549,575 ----
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -166,7 +166,7 @@
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
***************
-*** 563,569 ****
+*** 575,581 ****
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
@@ -174,7 +174,7 @@
tags:
-rm -f TAGS
---- 569,575 ----
+--- 581,587 ----
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
diff --git a/security/ssh2/files/patch-ad b/security/ssh2/files/patch-ad
deleted file mode 100644
index 536cf9cf642a..000000000000
--- a/security/ssh2/files/patch-ad
+++ /dev/null
@@ -1,13 +0,0 @@
-*** ssh-agent.c.bak Thu Mar 27 09:04:12 1997
---- ssh-agent.c Tue Apr 1 08:08:06 1997
-***************
-*** 586,591 ****
---- 586,593 ----
- av++;
- ac--;
- }
-+ else
-+ break;
- }
- if (erflg)
- {
diff --git a/security/ssh2/files/patch-af b/security/ssh2/files/patch-af
index bd1982e6e60a..81068869685f 100644
--- a/security/ssh2/files/patch-af
+++ b/security/ssh2/files/patch-af
@@ -1,8 +1,8 @@
-*** sshd.c.orig Thu Mar 27 09:04:08 1997
---- sshd.c Sat Mar 29 02:11:03 1997
+*** sshd.c.orig Sun Apr 6 03:57:00 1997
+--- sshd.c Wed Apr 16 23:27:28 1997
***************
-*** 370,375 ****
---- 370,379 ----
+*** 379,384 ****
+--- 379,388 ----
#include "firewall.h" /* TIS authsrv authentication */
#endif
@@ -14,18 +14,76 @@
#define DEFAULT_SHELL _PATH_BSHELL
#else
***************
-*** 2697,2702 ****
---- 2701,2716 ----
+*** 2617,2622 ****
+--- 2621,2629 ----
+ struct sockaddr_in from;
+ int fromlen;
+ struct pty_cleanup_context cleanup_context;
++ #ifdef HAVE_LOGIN_CAP_H
++ login_cap_t *lc;
++ #endif
+
+ /* We no longer need the child running on user's privileges. */
+ userfile_uninit();
+***************
+*** 2688,2698 ****
+ record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
+ &from);
+
+ /* Check if .hushlogin exists. Note that we cannot use userfile
+ here because we are in the child. */
+ sprintf(line, "%.200s/.hushlogin", pw->pw_dir);
+ quiet_login = stat(line, &st) >= 0;
+!
+ /* If the user has logged in before, display the time of last login.
+ However, don't display anything extra if a command has been
+ specified (so that ssh can be used to execute commands on a remote
+--- 2695,2713 ----
+ record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
+ &from);
+
++ #ifdef HAVE_LOGIN_CAP_H
++ lc = login_getclass(pw);
++ #endif
++
+ /* Check if .hushlogin exists. Note that we cannot use userfile
+ here because we are in the child. */
+ sprintf(line, "%.200s/.hushlogin", pw->pw_dir);
+ quiet_login = stat(line, &st) >= 0;
+!
+! #ifdef HAVE_LOGIN_CAP_H
+! quiet_login = login_getcapbool(lc, "hushlogin", quiet_login);
+! #endif
+!
+ /* If the user has logged in before, display the time of last login.
+ However, don't display anything extra if a command has been
+ specified (so that ssh can be used to execute commands on a remote
+***************
+*** 2712,2717 ****
+--- 2727,2755 ----
printf("Last login: %s from %s\r\n", time_string, buf);
}
+ #ifdef __FreeBSD__
+ if (command == NULL && !quiet_login)
+ {
-+ printf("%s\n\t%s %s\n\n",
++ #ifdef HAVE_LOGIN_CAP_H
++ char *cw;
++ FILE *f;
++
++ cw = login_getcapstr(lc, "copyright", NULL, NULL);
++ if (cw != NULL && (f = fopen(cw, "r")) != NULL)
++ {
++ while (fgets(line, sizeof(line), f))
++ fputs(line, stdout);
++ fclose(f);
++ }
++ else
++ #endif
++ printf("%s\n\t%s %s\n\n",
+ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994",
-+ "The Regents of the University of California. ",
-+ "All rights reserved.");
++ "The Regents of the University of California. ",
++ "All rights reserved.");
+ }
+ #endif
+
@@ -33,25 +91,53 @@
disabled in server options. Note that some machines appear to
print it in /etc/profile or similar. */
***************
-*** 2714,2719 ****
---- 2728,2742 ----
+*** 2721,2727 ****
+--- 2759,2769 ----
+ FILE *f;
+
+ /* Print /etc/motd if it exists. */
++ #ifdef HAVE_LOGIN_CAP_H
++ f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", "/etc/motd"), "r");
++ #else
+ f = fopen("/etc/motd", "r");
++ #endif
+ if (f)
+ {
+ while (fgets(line, sizeof(line), f))
+***************
+*** 2729,2734 ****
+--- 2771,2799 ----
fclose(f);
}
}
+ #ifdef __FreeBSD__
+ if (command == NULL && !quiet_login)
+ {
++ #ifdef HAVE_LOGIN_CAP_H
++ char *mp = getenv("MAIL");
++
++ if (mp != NULL)
++ {
++ strncpy(line, mp, sizeof line);
++ line[sizeof line - 1] = '\0';
++ }
++ else
++ #endif
+ sprintf(line, "%s/%.200s", _PATH_MAILDIR, pw->pw_name);
+ if (stat(line, &st) == 0 && st.st_size != 0)
+ printf("You have %smail.\n",
+ (st.st_mtime > st.st_atime) ? "new " : "");
+ }
+ #endif
++
++ #ifdef HAVE_LOGIN_CAP_H
++ login_close(lc);
++ #endif
/* Do common processing for the child, such as execing the command. */
do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
***************
-*** 2969,2975 ****
+*** 2986,2992 ****
char *user_shell;
char *remote_ip;
int remote_port;
@@ -59,7 +145,7 @@
/* Check /etc/nologin. */
f = fopen("/etc/nologin", "r");
if (f)
---- 2992,3004 ----
+--- 3051,3063 ----
char *user_shell;
char *remote_ip;
int remote_port;
@@ -74,8 +160,8 @@
f = fopen("/etc/nologin", "r");
if (f)
***************
-*** 2983,2988 ****
---- 3012,3018 ----
+*** 3000,3005 ****
+--- 3071,3077 ----
if (pw->pw_uid != UID_ROOT)
exit(254);
}
@@ -84,7 +170,7 @@
if (command != NULL)
{
***************
-*** 2995,3001 ****
+*** 3012,3018 ****
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -92,7 +178,7 @@
#ifdef HAVE_SETLOGIN
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
---- 3025,3032 ----
+--- 3084,3091 ----
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -102,8 +188,8 @@
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
***************
-*** 3016,3021 ****
---- 3047,3053 ----
+*** 3033,3038 ****
+--- 3106,3112 ----
if (setpcred((char *)pw->pw_name, NULL))
log_msg("setpcred %.100s: %.100s", strerror(errno));
#endif /* HAVE_USERSEC_H */
@@ -112,8 +198,8 @@
/* Save some data that will be needed so that we can do certain cleanups
before we switch to user's uid. (We must clear all sensitive data
***************
-*** 3086,3091 ****
---- 3118,3181 ----
+*** 3103,3108 ****
+--- 3177,3240 ----
if (command != NULL || !options.use_login)
#endif /* USELOGIN */
{
@@ -179,8 +265,8 @@
if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
{
***************
-*** 3117,3122 ****
---- 3207,3213 ----
+*** 3134,3139 ****
+--- 3266,3272 ----
if (getuid() != user_uid || geteuid() != user_uid)
fatal("Failed to set uids to %d.", (int)user_uid);
@@ -189,8 +275,8 @@
/* Reset signals to their default settings before starting the user
***************
-*** 3127,3137 ****
---- 3218,3233 ----
+*** 3144,3154 ****
+--- 3277,3292 ----
and means /bin/sh. */
shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell;
@@ -208,8 +294,8 @@
#ifdef USELOGIN
if (command != NULL || !options.use_login)
***************
-*** 3141,3146 ****
---- 3237,3244 ----
+*** 3158,3163 ****
+--- 3296,3303 ----
child_set_env(&env, &envsize, "HOME", user_dir);
child_set_env(&env, &envsize, "USER", user_name);
child_set_env(&env, &envsize, "LOGNAME", user_name);
@@ -219,8 +305,8 @@
#ifdef MAIL_SPOOL_DIRECTORY
***************
-*** 3152,3157 ****
---- 3250,3256 ----
+*** 3169,3174 ****
+--- 3309,3315 ----
child_set_env(&env, &envsize, "MAIL", buf);
#endif /* MAIL_SPOOL_FILE */
#endif /* MAIL_SPOOL_DIRECTORY */
@@ -229,8 +315,8 @@
#ifdef HAVE_ETC_DEFAULT_LOGIN
/* Read /etc/default/login; this exists at least on Solaris 2.x. Note
***************
-*** 3167,3175 ****
---- 3266,3276 ----
+*** 3184,3192 ****
+--- 3325,3335 ----
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);
@@ -243,8 +329,8 @@
/* Set custom environment options from RSA authentication. */
while (custom_environment)
***************
-*** 3389,3395 ****
---- 3490,3500 ----
+*** 3406,3412 ****
+--- 3549,3559 ----
/* Execute the shell. */
argv[0] = buf;
argv[1] = NULL;
@@ -257,8 +343,8 @@
perror(shell);
exit(1);
***************
-*** 3410,3416 ****
---- 3515,3525 ----
+*** 3427,3433 ****
+--- 3574,3584 ----
argv[1] = "-c";
argv[2] = (char *)command;
argv[3] = NULL;
diff --git a/security/ssh2/files/patch-aj b/security/ssh2/files/patch-aj
index 008d4dec5cdc..2227e00716f2 100644
--- a/security/ssh2/files/patch-aj
+++ b/security/ssh2/files/patch-aj
@@ -1,7 +1,7 @@
-*** configure.in.orig Thu Mar 27 09:04:06 1997
---- configure.in Sat Mar 29 01:16:51 1997
+*** configure.in.orig Sun Apr 6 03:56:58 1997
+--- configure.in Wed Apr 16 23:04:16 1997
***************
-*** 574,582 ****
+*** 579,587 ****
export CFLAGS CC
@@ -11,7 +11,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
---- 574,582 ----
+--- 579,587 ----
export CFLAGS CC
@@ -22,7 +22,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
***************
-*** 628,634 ****
+*** 633,639 ****
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
@@ -30,7 +30,7 @@
AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
AC_HEADER_TIME
---- 628,634 ----
+--- 633,639 ----
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
diff --git a/security/ssh2/files/patch-al b/security/ssh2/files/patch-al
index 7ca297bc9ea7..9b8ef9f85303 100644
--- a/security/ssh2/files/patch-al
+++ b/security/ssh2/files/patch-al
@@ -1,8 +1,8 @@
-*** sshconnect.c.orig Thu Mar 27 09:04:10 1997
---- sshconnect.c Sat Mar 29 01:16:51 1997
+*** sshconnect.c.orig Sun Apr 6 03:57:04 1997
+--- sshconnect.c Wed Apr 16 23:04:17 1997
***************
-*** 298,303 ****
---- 298,309 ----
+*** 302,307 ****
+--- 302,313 ----
{
struct sockaddr_in sin;
int p;
@@ -16,8 +16,8 @@
{
sock = socket(AF_INET, SOCK_STREAM, 0);
***************
-*** 325,330 ****
---- 331,337 ----
+*** 329,334 ****
+--- 335,341 ----
}
fatal("bind: %.100s", strerror(errno));
}