diff options
author | dinoex <dinoex@FreeBSD.org> | 2003-09-27 02:13:52 +0800 |
---|---|---|
committer | dinoex <dinoex@FreeBSD.org> | 2003-09-27 02:13:52 +0800 |
commit | 4eab04811294efc0cd3c903357e6ceca2417ee03 (patch) | |
tree | d00df161c3ec682cb5f0c69bb28aab64b4d71788 /security/hpn-ssh | |
parent | c296481974bcdae841f33e447a8116da1fad1f4a (diff) | |
download | freebsd-ports-gnome-4eab04811294efc0cd3c903357e6ceca2417ee03.tar.gz freebsd-ports-gnome-4eab04811294efc0cd3c903357e6ceca2417ee03.tar.zst freebsd-ports-gnome-4eab04811294efc0cd3c903357e6ceca2417ee03.zip |
- update to 3.7.1p2
more regressions tests successfull
Diffstat (limited to 'security/hpn-ssh')
24 files changed, 84 insertions, 1426 deletions
diff --git a/security/hpn-ssh/Makefile b/security/hpn-ssh/Makefile index a6927bc37185..5a8a09698c26 100644 --- a/security/hpn-ssh/Makefile +++ b/security/hpn-ssh/Makefile @@ -6,8 +6,7 @@ # PORTNAME= openssh -PORTVERSION= 3.6.1p2 -PORTREVISION= 5 +PORTVERSION= 3.7.1p2 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/ @@ -31,7 +30,6 @@ PRECIOUS= ssh_config sshd_config \ ssh_host_rsa_key ssh_host_rsa_key.pub \ ssh_host_dsa_key ssh_host_dsa_key.pub ETCOLD= ${PREFIX}/etc -ADDME+= auth2-pam-freebsd.c .if exists(/usr/include/security/pam_modules.h) CONFIGURE_ARGS+= --with-pam @@ -74,11 +72,6 @@ CONFIGURE_ARGS+= --with-privsep-path=${EMPTYDIR} EXTRA_PATCHES+= ${FILESDIR}/batch.patch .endif -post-extract: -.for i in ${ADDME} - @${CP} ${FILESDIR}/${i} ${WRKSRC}/ -.endfor - .if defined(KRB5_HOME) && exists(${KRB5_HOME}) PKGNAMESUFFIX= -gssapi GSSAPI_PATCH= ${PORTNAME}-3.6.1p2-gssapi-20030430.diff diff --git a/security/hpn-ssh/distinfo b/security/hpn-ssh/distinfo index 3a548c2820e2..f54782c9f80e 100644 --- a/security/hpn-ssh/distinfo +++ b/security/hpn-ssh/distinfo @@ -1,2 +1,2 @@ -MD5 (openssh-3.6.1p2.tar.gz) = f3879270bffe479e1bd057aa36258696 +MD5 (openssh-3.7.1p2.tar.gz) = 61cf5b059938718308836d00f6764a94 MD5 (openssh-3.6.1p2-gssapi-20030430.diff) = 520e15f541398efed2763aaf8ac08e6a diff --git a/security/hpn-ssh/files/auth2-pam-freebsd.c b/security/hpn-ssh/files/auth2-pam-freebsd.c deleted file mode 100644 index 7a13140b3ac8..000000000000 --- a/security/hpn-ssh/files/auth2-pam-freebsd.c +++ /dev/null @@ -1,626 +0,0 @@ -/*- - * Copyright (c) 2002 Networks Associates Technology, Inc. - * All rights reserved. - * - * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "includes.h" -RCSID("$FreeBSD: /tmp/pcvs/ports/security/hpn-ssh/files/Attic/auth2-pam-freebsd.c,v 1.5 2003-09-26 02:42:39 dinoex Exp $"); - -#ifdef USE_PAM -#include <security/pam_appl.h> - -#include "auth.h" -#include "auth-pam.h" -#include "buffer.h" -#include "bufaux.h" -#include "canohost.h" -#include "log.h" -#include "monitor_wrap.h" -#include "msg.h" -#include "packet.h" -#include "readpass.h" -#include "servconf.h" -#include "ssh2.h" -#include "xmalloc.h" - -#ifdef USE_POSIX_THREADS -#include <pthread.h> -#else -/* - * Simulate threads with processes. - */ -typedef pid_t pthread_t; - -static void -pthread_exit(void *value __unused) -{ - _exit(0); -} - -static int -pthread_create(pthread_t *thread, const void *attr __unused, - void *(*thread_start)(void *), void *arg) -{ - pid_t pid; - - switch ((pid = fork())) { - case -1: - error("fork(): %s", strerror(errno)); - return (-1); - case 0: - thread_start(arg); - _exit(1); - default: - *thread = pid; - return (0); - } -} - -static int -pthread_cancel(pthread_t thread) -{ - return (kill(thread, SIGTERM)); -} - -static int -pthread_join(pthread_t thread, void **value __unused) -{ - int status; - - waitpid(thread, &status, 0); - return (status); -} -#endif - - -static pam_handle_t *pam_handle; -static int pam_err; -static int pam_authenticated; -static int pam_new_authtok_reqd; -static int pam_session_open; -static int pam_cred_established; - -struct pam_ctxt { - pthread_t pam_thread; - int pam_psock; - int pam_csock; - int pam_done; -}; - -static void pam_free_ctx(void *); - -/* - * Conversation function for authentication thread. - */ -static int -pam_thread_conv(int n, - const struct pam_message **msg, - struct pam_response **resp, - void *data) -{ - Buffer buffer; - struct pam_ctxt *ctxt; - int i; - - ctxt = data; - if (n <= 0 || n > PAM_MAX_NUM_MSG) - return (PAM_CONV_ERR); - *resp = xmalloc(n * sizeof **resp); - buffer_init(&buffer); - for (i = 0; i < n; ++i) { - (*resp)[i].resp_retcode = 0; - (*resp)[i].resp = NULL; - switch (msg[i]->msg_style) { - case PAM_PROMPT_ECHO_OFF: - buffer_put_cstring(&buffer, msg[i]->msg); - ssh_msg_send(ctxt->pam_csock, msg[i]->msg_style, &buffer); - ssh_msg_recv(ctxt->pam_csock, &buffer); - if (buffer_get_char(&buffer) != PAM_AUTHTOK) - goto fail; - (*resp)[i].resp = buffer_get_string(&buffer, NULL); - break; - case PAM_PROMPT_ECHO_ON: - buffer_put_cstring(&buffer, msg[i]->msg); - ssh_msg_send(ctxt->pam_csock, msg[i]->msg_style, &buffer); - ssh_msg_recv(ctxt->pam_csock, &buffer); - if (buffer_get_char(&buffer) != PAM_AUTHTOK) - goto fail; - (*resp)[i].resp = buffer_get_string(&buffer, NULL); - break; - case PAM_ERROR_MSG: - buffer_put_cstring(&buffer, msg[i]->msg); - ssh_msg_send(ctxt->pam_csock, msg[i]->msg_style, &buffer); - break; - case PAM_TEXT_INFO: - buffer_put_cstring(&buffer, msg[i]->msg); - ssh_msg_send(ctxt->pam_csock, msg[i]->msg_style, &buffer); - break; - default: - goto fail; - } - buffer_clear(&buffer); - } - buffer_free(&buffer); - return (PAM_SUCCESS); - fail: - xfree(*resp); - *resp = NULL; - buffer_free(&buffer); - return (PAM_CONV_ERR); -} - -/* - * Authentication thread. - */ -static void * -pam_thread(void *ctxtp) -{ - struct pam_ctxt *ctxt = ctxtp; - Buffer buffer; - struct pam_conv pam_conv = { pam_thread_conv, ctxt }; - -#ifndef USE_POSIX_THREADS - { - const char *pam_user; - - pam_get_item(pam_handle, PAM_USER, (const void **)&pam_user); - setproctitle("%s [pam]", pam_user); - } -#endif - buffer_init(&buffer); - pam_err = pam_set_item(pam_handle, PAM_CONV, (const void *)&pam_conv); - if (pam_err != PAM_SUCCESS) - goto auth_fail; - pam_err = pam_authenticate(pam_handle, 0); - if (pam_err != PAM_SUCCESS) - goto auth_fail; - pam_err = pam_acct_mgmt(pam_handle, 0); - if (pam_err != PAM_SUCCESS && pam_err != PAM_NEW_AUTHTOK_REQD) - goto auth_fail; - buffer_put_cstring(&buffer, "OK"); - ssh_msg_send(ctxt->pam_csock, pam_err, &buffer); - buffer_free(&buffer); - pthread_exit(NULL); - auth_fail: - buffer_put_cstring(&buffer, - pam_strerror(pam_handle, pam_err)); - ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer); - buffer_free(&buffer); - pthread_exit(NULL); -} - -static void -pam_thread_cleanup(void *ctxtp) -{ - struct pam_ctxt *ctxt = ctxtp; - - pthread_cancel(ctxt->pam_thread); - pthread_join(ctxt->pam_thread, NULL); - close(ctxt->pam_psock); - close(ctxt->pam_csock); -} - -static int -pam_null_conv(int n, - const struct pam_message **msg, - struct pam_response **resp, - void *data) -{ - - return (PAM_CONV_ERR); -} - -static struct pam_conv null_conv = { pam_null_conv, NULL }; - -static void -pam_cleanup(void *arg) -{ - (void)arg; - debug("PAM: cleanup"); - pam_set_item(pam_handle, PAM_CONV, (const void *)&null_conv); - if (pam_cred_established) { - pam_setcred(pam_handle, PAM_DELETE_CRED); - pam_cred_established = 0; - } - if (pam_session_open) { - pam_close_session(pam_handle, PAM_SILENT); - pam_session_open = 0; - } - pam_authenticated = pam_new_authtok_reqd = 0; - pam_end(pam_handle, pam_err); - pam_handle = NULL; -} - -static int -pam_init(const char *user) -{ - extern ServerOptions options; - extern u_int utmp_len; - const char *pam_rhost, *pam_user; - - if (pam_handle != NULL) { - /* We already have a PAM context; check if the user matches */ - pam_err = pam_get_item(pam_handle, - PAM_USER, (const void **)&pam_user); - if (pam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) - return (0); - fatal_remove_cleanup(pam_cleanup, NULL); - pam_end(pam_handle, pam_err); - pam_handle = NULL; - } - debug("PAM: initializing for \"%s\"", user); - pam_err = pam_start("sshd", user, &null_conv, &pam_handle); - if (pam_err != PAM_SUCCESS) - return (-1); - pam_rhost = get_remote_name_or_ip(utmp_len, - options.verify_reverse_mapping); - debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost); - pam_err = pam_set_item(pam_handle, PAM_RHOST, pam_rhost); - if (pam_err != PAM_SUCCESS) { - pam_end(pam_handle, pam_err); - pam_handle = NULL; - return (-1); - } - fatal_add_cleanup(pam_cleanup, NULL); - return (0); -} - -static void * -pam_init_ctx(Authctxt *authctxt) -{ - struct pam_ctxt *ctxt; - int socks[2]; - - /* Initialize PAM */ - if (pam_init(authctxt->user) == -1) { - error("PAM: initialization failed"); - return (NULL); - } - - ctxt = xmalloc(sizeof *ctxt); - ctxt->pam_done = 0; - - /* Start the authentication thread */ - if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { - error("PAM: failed create sockets: %s", strerror(errno)); - xfree(ctxt); - return (NULL); - } - ctxt->pam_psock = socks[0]; - ctxt->pam_csock = socks[1]; - if (pthread_create(&ctxt->pam_thread, NULL, pam_thread, ctxt) == -1) { - error("PAM: failed to start authentication thread: %s", - strerror(errno)); - close(socks[0]); - close(socks[1]); - xfree(ctxt); - return (NULL); - } - fatal_add_cleanup(pam_thread_cleanup, ctxt); - return (ctxt); -} - -static int -pam_query(void *ctx, char **name, char **info, - u_int *num, char ***prompts, u_int **echo_on) -{ - Buffer buffer; - struct pam_ctxt *ctxt = ctx; - size_t plen; - u_char type; - char *msg; - - buffer_init(&buffer); - *name = xstrdup(""); - *info = xstrdup(""); - *prompts = xmalloc(sizeof(char *)); - **prompts = NULL; - plen = 0; - *echo_on = xmalloc(sizeof(u_int)); - while (ssh_msg_recv(ctxt->pam_psock, &buffer) == 0) { - type = buffer_get_char(&buffer); - msg = buffer_get_string(&buffer, NULL); - switch (type) { - case PAM_PROMPT_ECHO_ON: - case PAM_PROMPT_ECHO_OFF: - *num = 1; - **prompts = xrealloc(**prompts, plen + strlen(msg) + 1); - plen += sprintf(**prompts + plen, "%s", msg); - **echo_on = (type == PAM_PROMPT_ECHO_ON); - xfree(msg); - return (0); - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: - /* accumulate messages */ - **prompts = xrealloc(**prompts, plen + strlen(msg) + 1); - plen += sprintf(**prompts + plen, "%s", msg); - xfree(msg); - break; - case PAM_NEW_AUTHTOK_REQD: - pam_new_authtok_reqd = 1; - /* FALLTHROUGH */ - case PAM_SUCCESS: - case PAM_AUTH_ERR: - if (**prompts != NULL) { - /* drain any accumulated messages */ -#if 0 /* not compatible with privsep */ - packet_start(SSH2_MSG_USERAUTH_BANNER); - packet_put_cstring(**prompts); - packet_put_cstring(""); - packet_send(); - packet_write_wait(); -#endif - xfree(**prompts); - **prompts = NULL; - } - if (type == PAM_SUCCESS) { - *num = 0; - **echo_on = 0; - ctxt->pam_done = 1; - xfree(msg); - return (0); - } - error("PAM: %s", msg); - default: - *num = 0; - **echo_on = 0; - xfree(msg); - ctxt->pam_done = -1; - return (-1); - } - } - return (-1); -} - -static int -pam_respond(void *ctx, u_int num, char **resp) -{ - Buffer buffer; - struct pam_ctxt *ctxt = ctx; - char *msg; - - debug2("PAM: %s", __func__); - switch (ctxt->pam_done) { - case 1: - pam_authenticated = 1; - return (0); - case 0: - break; - default: - return (-1); - } - if (num != 1) { - error("PAM: expected one response, got %u", num); - return (-1); - } - buffer_init(&buffer); - buffer_put_cstring(&buffer, *resp); - ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer); - buffer_free(&buffer); - return (1); -} - -static void -pam_free_ctx(void *ctxtp) -{ - struct pam_ctxt *ctxt = ctxtp; - - fatal_remove_cleanup(pam_thread_cleanup, ctxt); - pam_thread_cleanup(ctxtp); - xfree(ctxt); - /* - * We don't call pam_cleanup() here because we may need the PAM - * handle at a later stage, e.g. when setting up a session. It's - * still on the cleanup list, so pam_end() *will* be called before - * the server process terminates. - */ -} - -KbdintDevice pam_device = { - "pam", - pam_init_ctx, - pam_query, - pam_respond, - pam_free_ctx -}; - -KbdintDevice mm_pam_device = { - "pam", - mm_pam_init_ctx, - mm_pam_query, - mm_pam_respond, - mm_pam_free_ctx -}; - -/* - * This replaces auth-pam.c - */ -void -start_pam(const char *user) -{ - if (pam_init(user) == -1) - fatal("PAM: initialisation failed"); -} - -void -finish_pam(void) -{ - fatal_remove_cleanup(pam_cleanup, NULL); - pam_cleanup(NULL); -} - -int -do_pam_account(const char *user, const char *ruser) -{ - /* XXX */ - return (1); -} - -void -do_pam_session(const char *user, const char *tty) -{ - pam_err = pam_set_item(pam_handle, PAM_CONV, (const void *)&null_conv); - if (pam_err != PAM_SUCCESS) - fatal("PAM: failed to set PAM_CONV: %s", - pam_strerror(pam_handle, pam_err)); - debug("PAM: setting PAM_TTY to \"%s\"", tty); - pam_err = pam_set_item(pam_handle, PAM_TTY, tty); - if (pam_err != PAM_SUCCESS) - fatal("PAM: failed to set PAM_TTY: %s", - pam_strerror(pam_handle, pam_err)); - pam_err = pam_open_session(pam_handle, 0); - if (pam_err != PAM_SUCCESS) - fatal("PAM: pam_open_session(): %s", - pam_strerror(pam_handle, pam_err)); - pam_session_open = 1; -} - -void -do_pam_setcred(int init) -{ - pam_err = pam_set_item(pam_handle, PAM_CONV, (const void *)&null_conv); - if (pam_err != PAM_SUCCESS) - fatal("PAM: failed to set PAM_CONV: %s", - pam_strerror(pam_handle, pam_err)); - if (init) { - debug("PAM: establishing credentials"); - pam_err = pam_setcred(pam_handle, PAM_ESTABLISH_CRED); - } else { - debug("PAM: reinitializing credentials"); - pam_err = pam_setcred(pam_handle, PAM_REINITIALIZE_CRED); - } - if (pam_err == PAM_SUCCESS) { - pam_cred_established = 1; - return; - } - if (pam_authenticated) - fatal("PAM: pam_setcred(): %s", - pam_strerror(pam_handle, pam_err)); - else - debug("PAM: pam_setcred(): %s", - pam_strerror(pam_handle, pam_err)); -} - -int -is_pam_password_change_required(void) -{ - return (pam_new_authtok_reqd); -} - -static int -pam_chauthtok_conv(int n, - const struct pam_message **msg, - struct pam_response **resp, - void *data) -{ - char input[PAM_MAX_MSG_SIZE]; - int i; - - if (n <= 0 || n > PAM_MAX_NUM_MSG) - return (PAM_CONV_ERR); - *resp = xmalloc(n * sizeof **resp); - for (i = 0; i < n; ++i) { - switch (msg[i]->msg_style) { - case PAM_PROMPT_ECHO_OFF: - (*resp)[i].resp = - read_passphrase(msg[i]->msg, RP_ALLOW_STDIN); - (*resp)[i].resp_retcode = PAM_SUCCESS; - break; - case PAM_PROMPT_ECHO_ON: - fputs(msg[i]->msg, stderr); - fgets(input, sizeof input, stdin); - (*resp)[i].resp = xstrdup(input); - (*resp)[i].resp_retcode = PAM_SUCCESS; - break; - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: - fputs(msg[i]->msg, stderr); - (*resp)[i].resp_retcode = PAM_SUCCESS; - break; - default: - goto fail; - } - } - return (PAM_SUCCESS); - fail: - xfree(*resp); - *resp = NULL; - return (PAM_CONV_ERR); -} - -/* - * XXX this should be done in the authentication phase, but ssh1 doesn't - * support that - */ -void -do_pam_chauthtok(void) -{ - struct pam_conv pam_conv = { pam_chauthtok_conv, NULL }; - - if (use_privsep) - fatal("PAM: chauthtok not supprted with privsep"); - pam_err = pam_set_item(pam_handle, PAM_CONV, (const void *)&pam_conv); - if (pam_err != PAM_SUCCESS) - fatal("PAM: failed to set PAM_CONV: %s", - pam_strerror(pam_handle, pam_err)); - debug("PAM: changing password"); - pam_err = pam_chauthtok(pam_handle, PAM_CHANGE_EXPIRED_AUTHTOK); - if (pam_err != PAM_SUCCESS) - fatal("PAM: pam_chauthtok(): %s", - pam_strerror(pam_handle, pam_err)); -} - -void -print_pam_messages(void) -{ - /* XXX */ -} - -char ** -fetch_pam_environment(void) -{ -#ifdef HAVE_PAM_GETENVLIST - debug("PAM: retrieving environment"); - return (pam_getenvlist(pam_handle)); -#else - return (NULL); -#endif -} - -void -free_pam_environment(char **env) -{ - char **envp; - - for (envp = env; *envp; envp++) - xfree(*envp); - xfree(env); -} - -#endif /* USE_PAM */ diff --git a/security/hpn-ssh/files/patch-Makefile.in b/security/hpn-ssh/files/patch-Makefile.in deleted file mode 100644 index d354787aeee4..000000000000 --- a/security/hpn-ssh/files/patch-Makefile.in +++ /dev/null @@ -1,11 +0,0 @@ ---- Makefile.in.orig Wed Jun 26 01:45:42 2002 -+++ Makefile.in Mon Jul 22 07:24:41 2002 -@@ -70,6 +70,8 @@ - MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 - MANTYPE = @MANTYPE@ - -+SSHDOBJS+= auth2-pam-freebsd.o -+ - CONFIGFILES=sshd_config.out ssh_config.out moduli.out - CONFIGFILES_IN=sshd_config ssh_config moduli - diff --git a/security/hpn-ssh/files/patch-auth-chall.c b/security/hpn-ssh/files/patch-auth-chall.c deleted file mode 100644 index 067fd559451b..000000000000 --- a/security/hpn-ssh/files/patch-auth-chall.c +++ /dev/null @@ -1,36 +0,0 @@ ---- auth-chall.c Tue Jun 5 20:56:17 2001 -+++ cvs-current/auth-chall.c Wed Sep 24 20:24:27 2003 -@@ -76,7 +77,33 @@ - return 0; - resp[0] = (char *)response; - res = device->respond(authctxt->kbdintctxt, 1, resp); -+ if (res == 1) { -+ /* postponed - send a null query just in case */ -+ char *name, *info, **prompts; -+ u_int i, numprompts, *echo_on; -+ -+ res = device->query(authctxt->kbdintctxt, &name, &info, -+ &numprompts, &prompts, &echo_on); -+ if (res == 0) { -+ for (i = 0; i < numprompts; i++) -+ xfree(prompts[i]); -+ xfree(prompts); -+ xfree(name); -+ xfree(echo_on); -+ xfree(info); -+ } -+ /* if we received more prompts, we're screwed */ -+ res = (res == 0 && numprompts == 0) ? 0 : -1; -+ } - device->free_ctx(authctxt->kbdintctxt); - authctxt->kbdintctxt = NULL; - return res ? 0 : 1; -+} -+void -+abandon_challenge_response(Authctxt *authctxt) -+{ -+ if (authctxt->kbdintctxt != NULL) { -+ device->free_ctx(authctxt->kbdintctxt); -+ authctxt->kbdintctxt = NULL; -+ } - } diff --git a/security/hpn-ssh/files/patch-auth-pam.c b/security/hpn-ssh/files/patch-auth-pam.c deleted file mode 100644 index 70f9e9053e15..000000000000 --- a/security/hpn-ssh/files/patch-auth-pam.c +++ /dev/null @@ -1,91 +0,0 @@ ---- auth-pam.c.orig Tue Apr 29 11:12:08 2003 -+++ auth-pam.c Thu Sep 25 22:42:45 2003 -@@ -228,7 +228,7 @@ - } - - /* Do account management using PAM */ --int do_pam_account(char *username, char *remote_user) -+int old_do_pam_account(const char *username, const char *remote_user) - { - int pam_retval; - -@@ -271,7 +271,7 @@ - } - - /* Do PAM-specific session initialisation */ --void do_pam_session(char *username, const char *ttyname) -+void old_do_pam_session(const char *username, const char *ttyname) - { - int pam_retval; - -@@ -294,7 +294,7 @@ - } - - /* Set PAM credentials */ --void do_pam_setcred(int init) -+void old_do_pam_setcred(int init) - { - int pam_retval; - -@@ -318,7 +318,7 @@ - } - - /* accessor function for file scope static variable */ --int is_pam_password_change_required(void) -+int old_is_pam_password_change_required(void) - { - return password_change_required; - } -@@ -329,7 +329,7 @@ - * session is established and the user's pty is connected to - * stdin/stdout/stderr. - */ --void do_pam_chauthtok(void) -+void old_do_pam_chauthtok(void) - { - int pam_retval; - -@@ -357,14 +357,14 @@ - } - - /* Cleanly shutdown PAM */ --void finish_pam(void) -+void old_finish_pam(void) - { - do_pam_cleanup_proc(NULL); - fatal_remove_cleanup(&do_pam_cleanup_proc, NULL); - } - - /* Start PAM authentication for specified account */ --void start_pam(const char *user) -+void old_start_pam(const char *user) - { - int pam_retval; - extern ServerOptions options; -@@ -404,7 +404,7 @@ - } - - /* Return list of PAM environment strings */ --char **fetch_pam_environment(void) -+char **old_fetch_pam_environment(void) - { - #ifdef HAVE_PAM_GETENVLIST - return(pam_getenvlist(__pamh)); -@@ -413,7 +413,7 @@ - #endif /* HAVE_PAM_GETENVLIST */ - } - --void free_pam_environment(char **env) -+void old_free_pam_environment(char **env) - { - int i; - -@@ -425,7 +425,7 @@ - - /* Print any messages that have been generated during authentication */ - /* or account checking to stderr */ --void print_pam_messages(void) -+void old_print_pam_messages(void) - { - if (__pam_msg != NULL) - fputs(__pam_msg, stderr); diff --git a/security/hpn-ssh/files/patch-auth-pam.h b/security/hpn-ssh/files/patch-auth-pam.h deleted file mode 100644 index efa2803ed0c1..000000000000 --- a/security/hpn-ssh/files/patch-auth-pam.h +++ /dev/null @@ -1,13 +0,0 @@ ---- auth-pam.h Tue Jul 23 02:44:07 2002 -+++ cvs-current/auth-pam.h Sat Dec 14 14:52:39 2002 -@@ -37,8 +38,8 @@ - char **fetch_pam_environment(void); - void free_pam_environment(char **env); - int do_pam_authenticate(int flags); --int do_pam_account(char *username, char *remote_user); --void do_pam_session(char *username, const char *ttyname); -+int do_pam_account(const char *username, const char *remote_user); -+void do_pam_session(const char *username, const char *ttyname); - void do_pam_setcred(int init); - void print_pam_messages(void); - int is_pam_password_change_required(void); diff --git a/security/hpn-ssh/files/patch-auth.c b/security/hpn-ssh/files/patch-auth.c index e8f640a16936..76103d45cad0 100644 --- a/security/hpn-ssh/files/patch-auth.c +++ b/security/hpn-ssh/files/patch-auth.c @@ -1,6 +1,6 @@ ---- auth.c.orig Tue Mar 5 02:42:43 2002 -+++ auth.c Sun Mar 17 20:53:15 2002 -@@ -193,6 +193,17 @@ +--- auth.c.orig Tue Sep 2 23:32:46 2003 ++++ auth.c Tue Sep 16 20:05:44 2003 +@@ -259,6 +259,17 @@ } #endif /* WITH_AIXAUTHENTICATE */ @@ -18,8 +18,8 @@ /* We found no reason not to let this user try to log on... */ return 1; } -@@ -490,7 +480,7 @@ - if (pw == NULL || !allowed_user(pw)) +@@ -531,7 +542,7 @@ + if (!allowed_user(pw)) return (NULL); #ifdef HAVE_LOGIN_CAP - if ((lc = login_getclass(pw->pw_class)) == NULL) { diff --git a/security/hpn-ssh/files/patch-auth1.c b/security/hpn-ssh/files/patch-auth1.c index e8ecdbef3917..95d8d1a627b5 100644 --- a/security/hpn-ssh/files/patch-auth1.c +++ b/security/hpn-ssh/files/patch-auth1.c @@ -1,5 +1,5 @@ ---- auth1.c.orig Fri Jun 21 08:21:11 2002 -+++ auth1.c Fri Jun 28 06:57:42 2002 +--- auth1.c.orig Tue Sep 2 23:32:46 2003 ++++ auth1.c Tue Sep 16 20:05:44 2003 @@ -26,6 +26,7 @@ #include "session.h" #include "uidswap.h" @@ -8,9 +8,9 @@ /* import */ extern ServerOptions options; -@@ -75,6 +76,18 @@ +@@ -71,6 +72,18 @@ u_int ulen; - int type = 0; + int prev, type = 0; struct passwd *pw = authctxt->pw; +#ifdef HAVE_LOGIN_CAP + login_cap_t *lc; @@ -21,14 +21,14 @@ +#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) + const char *from_host, *from_ip; + -+ from_host = get_canonical_hostname(options.verify_reverse_mapping); ++ from_host = get_canonical_hostname(options.use_dns); + from_ip = get_remote_ipaddr(); +#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ debug("Attempting authentication for %s%.100s.", authctxt->valid ? "" : "illegal user ", authctxt->user); -@@ -282,6 +295,34 @@ - log("Unknown message during authentication: type %d", type); +@@ -214,6 +227,34 @@ + logit("Unknown message during authentication: type %d", type); break; } + @@ -38,12 +38,12 @@ + if (lc == NULL) + lc = login_getclassbyname(NULL, pw); + if (!auth_hostok(lc, from_host, from_ip)) { -+ log("Denied connection for %.200s from %.200s [%.200s].", ++ logit("Denied connection for %.200s from %.200s [%.200s].", + pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } + if (!auth_timeok(lc, time(NULL))) { -+ log("LOGIN %.200s REFUSED (TIME) FROM %.200s", ++ logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", + pw->pw_name, from_host); + packet_disconnect("Logins not available right now."); + } @@ -53,7 +53,7 @@ +#endif /* HAVE_LOGIN_CAP */ +#ifdef LOGIN_ACCESS + if (pw != NULL && !login_access(pw->pw_name, from_host)) { -+ log("Denied connection for %.200s from %.200s [%.200s].", ++ logit("Denied connection for %.200s from %.200s [%.200s].", + pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } diff --git a/security/hpn-ssh/files/patch-auth2-chall.c b/security/hpn-ssh/files/patch-auth2-chall.c deleted file mode 100644 index 77b5778ac6af..000000000000 --- a/security/hpn-ssh/files/patch-auth2-chall.c +++ /dev/null @@ -1,48 +0,0 @@ ---- auth2-chall.c.orig Wed Jun 26 15:58:40 2002 -+++ auth2-chall.c Sun Jun 30 07:12:43 2002 -@@ -41,6 +42,9 @@ - #ifdef BSD_AUTH - extern KbdintDevice bsdauth_device; - #else -+#ifdef USE_PAM -+extern KbdintDevice pam_device; -+#endif - #ifdef SKEY - extern KbdintDevice skey_device; - #endif -@@ -50,6 +54,9 @@ - #ifdef BSD_AUTH - &bsdauth_device, - #else -+#ifdef USE_PAM -+ &pam_device, -+#endif - #ifdef SKEY - &skey_device, - #endif -@@ -323,15 +330,22 @@ - #ifdef BSD_AUTH - extern KbdintDevice mm_bsdauth_device; - #endif -+#ifdef USE_PAM -+ extern KbdintDevice mm_pam_device; -+#endif - #ifdef SKEY - extern KbdintDevice mm_skey_device; - #endif -- /* As long as SSHv1 has devices[0] hard coded this is fine */ -+ int n = 0; -+ - #ifdef BSD_AUTH -- devices[0] = &mm_bsdauth_device; -+ devices[n++] = &mm_bsdauth_device; - #else -+#ifdef USE_PAM -+ devices[n++] = &mm_pam_device; -+#endif - #ifdef SKEY -- devices[0] = &mm_skey_device; -+ devices[n++] = &mm_skey_device; - #endif - #endif - } diff --git a/security/hpn-ssh/files/patch-auth2.c b/security/hpn-ssh/files/patch-auth2.c index 8d999bf1bbd9..6012ce39d7b8 100644 --- a/security/hpn-ssh/files/patch-auth2.c +++ b/security/hpn-ssh/files/patch-auth2.c @@ -1,14 +1,14 @@ ---- auth2.c.orig Fri Jun 21 08:21:11 2002 -+++ auth2.c Fri Jun 28 06:57:56 2002 +--- auth2.c.orig Tue Sep 2 23:32:46 2003 ++++ auth2.c Tue Sep 16 20:05:44 2003 @@ -35,6 +35,7 @@ #include "dispatch.h" #include "pathnames.h" #include "monitor_wrap.h" +#include "canohost.h" - /* import */ - extern ServerOptions options; -@@ -137,6 +138,15 @@ + #ifdef GSSAPI + #include "ssh-gss.h" +@@ -143,6 +144,15 @@ Authmethod *m = NULL; char *user, *service, *method, *style = NULL; int authenticated = 0; @@ -18,13 +18,13 @@ +#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS) + const char *from_host, *from_ip; + -+ from_host = get_canonical_hostname(options.verify_reverse_mapping); ++ from_host = get_canonical_hostname(options.use_dns); + from_ip = get_remote_ipaddr(); +#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ if (authctxt == NULL) fatal("input_userauth_request: no authctxt"); -@@ -178,6 +188,41 @@ +@@ -187,6 +197,41 @@ "(%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } @@ -35,12 +35,12 @@ + if (lc == NULL) + lc = login_getclassbyname(NULL, authctxt->pw); + if (!auth_hostok(lc, from_host, from_ip)) { -+ log("Denied connection for %.200s from %.200s [%.200s].", ++ logit("Denied connection for %.200s from %.200s [%.200s].", + authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } + if (!auth_timeok(lc, time(NULL))) { -+ log("LOGIN %.200s REFUSED (TIME) FROM %.200s", ++ logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", + authctxt->pw->pw_name, from_host); + packet_disconnect("Logins not available right now."); + } @@ -51,7 +51,7 @@ +#ifdef LOGIN_ACCESS + if (authctxt->pw != NULL && + !login_access(authctxt->pw->pw_name, from_host)) { -+ log("Denied connection for %.200s from %.200s [%.200s].", ++ logit("Denied connection for %.200s from %.200s [%.200s].", + authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } @@ -65,4 +65,4 @@ + /* reset state */ auth2_challenge_stop(authctxt); - authctxt->postponed = 0; + diff --git a/security/hpn-ssh/files/patch-buffer.c b/security/hpn-ssh/files/patch-buffer.c deleted file mode 100644 index 3bb0201df46a..000000000000 --- a/security/hpn-ssh/files/patch-buffer.c +++ /dev/null @@ -1,111 +0,0 @@ -Subject: OpenSSH Security Advisory: buffer.adv - -This is the 2nd revision of the Advisory. - -This document can be found at: http://www.openssh.com/txt/buffer.adv - -1. Versions affected: - - All versions of OpenSSH's sshd prior to 3.7.1 contain buffer - management errors. It is uncertain whether these errors are - potentially exploitable, however, we prefer to see bugs - fixed proactively. - - Other implementations sharing common origin may also have - these issues. - -2. Solution: - - Upgrade to OpenSSH 3.7.1 or apply the following patch. - -=================================================================== -Appendix A: patch for OpenSSH 3.6.1 and earlier - -Index: buffer.c -=================================================================== -RCS file: /cvs/src/usr.bin/ssh/buffer.c,v -retrieving revision 1.16 -retrieving revision 1.18 -diff -u -r1.16 -r1.18 ---- buffer.c 26 Jun 2002 08:54:18 -0000 1.16 -+++ buffer.c 16 Sep 2003 21:02:39 -0000 1.18 -@@ -23,8 +23,11 @@ - void - buffer_init(Buffer *buffer) - { -- buffer->alloc = 4096; -- buffer->buf = xmalloc(buffer->alloc); -+ const u_int len = 4096; -+ -+ buffer->alloc = 0; -+ buffer->buf = xmalloc(len); -+ buffer->alloc = len; - buffer->offset = 0; - buffer->end = 0; - } -@@ -34,8 +37,11 @@ - void - buffer_free(Buffer *buffer) - { -- memset(buffer->buf, 0, buffer->alloc); -- xfree(buffer->buf); -+ if (buffer->alloc > 0) { -+ memset(buffer->buf, 0, buffer->alloc); -+ buffer->alloc = 0; -+ xfree(buffer->buf); -+ } - } - - /* -@@ -69,6 +75,7 @@ - void * - buffer_append_space(Buffer *buffer, u_int len) - { -+ u_int newlen; - void *p; - - if (len > 0x100000) -@@ -98,11 +105,13 @@ - goto restart; - } - /* Increase the size of the buffer and retry. */ -- buffer->alloc += len + 32768; -- if (buffer->alloc > 0xa00000) -+ -+ newlen = buffer->alloc + len + 32768; -+ if (newlen > 0xa00000) - fatal("buffer_append_space: alloc %u not supported", -- buffer->alloc); -- buffer->buf = xrealloc(buffer->buf, buffer->alloc); -+ newlen); -+ buffer->buf = xrealloc(buffer->buf, newlen); -+ buffer->alloc = newlen; - goto restart; - /* NOTREACHED */ - } -Index: channels.c -=================================================================== -RCS file: /cvs/src/usr.bin/ssh/channels.c,v -retrieving revision 1.194 -retrieving revision 1.195 -diff -u -r1.194 -r1.195 ---- channels.c 29 Aug 2003 10:04:36 -0000 1.194 -+++ channels.c 16 Sep 2003 21:02:40 -0000 1.195 -@@ -228,12 +228,13 @@ - if (found == -1) { - /* There are no free slots. Take last+1 slot and expand the array. */ - found = channels_alloc; -- channels_alloc += 10; - if (channels_alloc > 10000) - fatal("channel_new: internal error: channels_alloc %d " - "too big.", channels_alloc); -+ channels = xrealloc(channels, -+ (channels_alloc + 10) * sizeof(Channel *)); -+ channels_alloc += 10; - debug2("channel: expanding %d", channels_alloc); -- channels = xrealloc(channels, channels_alloc * sizeof(Channel *)); - for (i = found; i < channels_alloc; i++) - channels[i] = NULL; - } - - diff --git a/security/hpn-ssh/files/patch-deattack.c b/security/hpn-ssh/files/patch-deattack.c deleted file mode 100644 index 987f1d2f959b..000000000000 --- a/security/hpn-ssh/files/patch-deattack.c +++ /dev/null @@ -1,17 +0,0 @@ ---- deattack.c Tue Mar 5 01:53:05 2002 -+++ deattack.c Wed Sep 17 00:18:30 2003 -@@ -100,12 +100,12 @@ detect_attack(u_char *buf, u_int32_t len - - if (h == NULL) { - debug("Installing crc compensation attack detector."); -+ h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE); - n = l; -- h = (u_int16_t *) xmalloc(n * HASH_ENTRYSIZE); - } else { - if (l > n) { -+ h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE); - n = l; -- h = (u_int16_t *) xrealloc(h, n * HASH_ENTRYSIZE); - } - } - diff --git a/security/hpn-ssh/files/patch-misc.c b/security/hpn-ssh/files/patch-misc.c deleted file mode 100644 index b40e6d62ba4c..000000000000 --- a/security/hpn-ssh/files/patch-misc.c +++ /dev/null @@ -1,28 +0,0 @@ ---- misc.c Mon Dec 23 02:44:36 2002 -+++ misc.c Wed Sep 17 00:50:27 2003 -@@ -308,18 +308,21 @@ addargs(arglist *args, char *fmt, ...) - { - va_list ap; - char buf[1024]; -+ int nalloc; - - va_start(ap, fmt); - vsnprintf(buf, sizeof(buf), fmt, ap); - va_end(ap); - -+ nalloc = args->nalloc; - if (args->list == NULL) { -- args->nalloc = 32; -+ nalloc = 32; - args->num = 0; -- } else if (args->num+2 >= args->nalloc) -- args->nalloc *= 2; -+ } else if (args->num+2 >= nalloc) -+ nalloc *= 2; - -- args->list = xrealloc(args->list, args->nalloc * sizeof(char *)); -+ args->list = xrealloc(args->list, nalloc * sizeof(char *)); -+ args->nalloc = nalloc; - args->list[args->num++] = xstrdup(buf); - args->list[args->num] = NULL; - } diff --git a/security/hpn-ssh/files/patch-monitor.c b/security/hpn-ssh/files/patch-monitor.c deleted file mode 100644 index cca169c55f02..000000000000 --- a/security/hpn-ssh/files/patch-monitor.c +++ /dev/null @@ -1,137 +0,0 @@ ---- monitor.c.orig Wed Jun 26 15:27:11 2002 -+++ monitor.c Mon Jul 15 21:33:45 2002 -@@ -118,6 +118,10 @@ - - #ifdef USE_PAM - int mm_answer_pam_start(int, Buffer *); -+int mm_answer_pam_init_ctx(int, Buffer *); -+int mm_answer_pam_query(int, Buffer *); -+int mm_answer_pam_respond(int, Buffer *); -+int mm_answer_pam_free_ctx(int, Buffer *); - #endif - - static Authctxt *authctxt; -@@ -156,6 +160,10 @@ - {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, - #ifdef USE_PAM - {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, -+ {MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx}, -+ {MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query}, -+ {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, -+ {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, - #endif - #ifdef BSD_AUTH - {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, -@@ -198,6 +206,10 @@ - #endif - #ifdef USE_PAM - {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, -+ {MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx}, -+ {MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query}, -+ {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, -+ {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, - #endif - {0, 0, NULL} - }; -@@ -732,6 +744,101 @@ - xfree(user); - - return (0); -+} -+ -+static void *pam_ctxt, *pam_authok; -+extern KbdintDevice pam_device; -+ -+int -+mm_answer_pam_init_ctx(int socket, Buffer *m) -+{ -+ -+ debug3("%s", __func__); -+ authctxt->user = buffer_get_string(m, NULL); -+ pam_ctxt = (pam_device.init_ctx)(authctxt); -+ pam_authok = NULL; -+ buffer_clear(m); -+ if (pam_ctxt != NULL) { -+ monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); -+ buffer_put_int(m, 1); -+ } else { -+ buffer_put_int(m, 0); -+ } -+ mm_request_send(socket, MONITOR_ANS_PAM_INIT_CTX, m); -+ return (0); -+} -+ -+int -+mm_answer_pam_query(int socket, Buffer *m) -+{ -+ char *name, *info, **prompts; -+ u_int num, *echo_on; -+ int i, ret; -+ -+ debug3("%s", __func__); -+ pam_authok = NULL; -+ ret = (pam_device.query)(pam_ctxt, &name, &info, &num, &prompts, &echo_on); -+ if (num > 1 || name == NULL || info == NULL) -+ ret = -1; -+ buffer_clear(m); -+ buffer_put_int(m, ret); -+ buffer_put_cstring(m, name); -+ xfree(name); -+ buffer_put_cstring(m, info); -+ xfree(info); -+ buffer_put_int(m, num); -+ for (i = 0; i < num; ++i) { -+ buffer_put_cstring(m, prompts[i]); -+ xfree(prompts[i]); -+ buffer_put_int(m, echo_on[i]); -+ } -+ if (prompts != NULL) -+ xfree(prompts); -+ if (echo_on != NULL) -+ xfree(echo_on); -+ mm_request_send(socket, MONITOR_ANS_PAM_QUERY, m); -+ return (0); -+} -+ -+int -+mm_answer_pam_respond(int socket, Buffer *m) -+{ -+ char **resp; -+ u_int num; -+ int i, ret; -+ -+ debug3("%s", __func__); -+ pam_authok = NULL; -+ num = buffer_get_int(m); -+ if (num > 0) { -+ resp = xmalloc(num * sizeof(char *)); -+ for (i = 0; i < num; ++i) -+ resp[i] = buffer_get_string(m, NULL); -+ ret = (pam_device.respond)(pam_ctxt, num, resp); -+ for (i = 0; i < num; ++i) -+ xfree(resp[i]); -+ xfree(resp); -+ } else { -+ ret = (pam_device.respond)(pam_ctxt, num, NULL); -+ } -+ buffer_clear(m); -+ buffer_put_int(m, ret); -+ mm_request_send(socket, MONITOR_ANS_PAM_RESPOND, m); -+ auth_method = "keyboard-interactive/pam"; -+ if (ret == 0) -+ pam_authok = pam_ctxt; -+ return (0); -+} -+ -+int -+mm_answer_pam_free_ctx(int socket, Buffer *m) -+{ -+ -+ debug3("%s", __func__); -+ (pam_device.free_ctx)(pam_ctxt); -+ buffer_clear(m); -+ mm_request_send(socket, MONITOR_ANS_PAM_FREE_CTX, m); -+ return (pam_authok == pam_ctxt); - } - #endif - diff --git a/security/hpn-ssh/files/patch-monitor.h b/security/hpn-ssh/files/patch-monitor.h deleted file mode 100644 index 2c42831b40ab..000000000000 --- a/security/hpn-ssh/files/patch-monitor.h +++ /dev/null @@ -1,13 +0,0 @@ ---- monitor.h.orig Tue Jun 11 18:42:49 2002 -+++ monitor.h Sun Jun 30 07:13:09 2002 -@@ -50,6 +51,10 @@ - MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE, - MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE, - MONITOR_REQ_PAM_START, -+ MONITOR_REQ_PAM_INIT_CTX, MONITOR_ANS_PAM_INIT_CTX, -+ MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY, -+ MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND, -+ MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX, - MONITOR_REQ_TERM - }; - diff --git a/security/hpn-ssh/files/patch-monitor_wrap.c b/security/hpn-ssh/files/patch-monitor_wrap.c index 99ad633a6028..7e89d3a40883 100644 --- a/security/hpn-ssh/files/patch-monitor_wrap.c +++ b/security/hpn-ssh/files/patch-monitor_wrap.c @@ -1,95 +1,6 @@ ---- monitor_wrap.c.orig Fri Jun 21 02:43:43 2002 -+++ monitor_wrap.c Sun Jun 30 07:13:18 2002 -@@ -664,6 +665,88 @@ - - buffer_free(&m); - } -+ -+void * -+mm_pam_init_ctx(Authctxt *authctxt) -+{ -+ Buffer m; -+ int success; -+ -+ debug3("%s", __func__); -+ buffer_init(&m); -+ buffer_put_cstring(&m, authctxt->user); -+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m); -+ debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); -+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m); -+ success = buffer_get_int(&m); -+ if (success == 0) { -+ debug3("%s: pam_init_ctx failed", __func__); -+ buffer_free(&m); -+ return (NULL); -+ } -+ buffer_free(&m); -+ return (authctxt); -+} -+ -+int -+mm_pam_query(void *ctx, char **name, char **info, -+ u_int *num, char ***prompts, u_int **echo_on) -+{ -+ Buffer m; -+ int i, ret; -+ -+ debug3("%s", __func__); -+ buffer_init(&m); -+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, &m); -+ debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__); -+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, &m); -+ ret = buffer_get_int(&m); -+ debug3("%s: pam_query returned %d", __func__, ret); -+ *name = buffer_get_string(&m, NULL); -+ *info = buffer_get_string(&m, NULL); -+ *num = buffer_get_int(&m); -+ *prompts = xmalloc((*num + 1) * sizeof(char *)); -+ *echo_on = xmalloc((*num + 1) * sizeof(u_int)); -+ for (i = 0; i < *num; ++i) { -+ (*prompts)[i] = buffer_get_string(&m, NULL); -+ (*echo_on)[i] = buffer_get_int(&m); -+ } -+ buffer_free(&m); -+ return (ret); -+} -+ -+int -+mm_pam_respond(void *ctx, u_int num, char **resp) -+{ -+ Buffer m; -+ int i, ret; -+ -+ debug3("%s", __func__); -+ buffer_init(&m); -+ buffer_put_int(&m, num); -+ for (i = 0; i < num; ++i) -+ buffer_put_cstring(&m, resp[i]); -+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, &m); -+ debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__); -+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_RESPOND, &m); -+ ret = buffer_get_int(&m); -+ debug3("%s: pam_respond returned %d", __func__, ret); -+ buffer_free(&m); -+ return (ret); -+} -+ -+void -+mm_pam_free_ctx(void *ctxtp) -+{ -+ Buffer m; -+ -+ debug3("%s", __func__); -+ buffer_init(&m); -+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, &m); -+ debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__); -+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_FREE_CTX, &m); -+ buffer_free(&m); -+} - #endif /* USE_PAM */ - - /* Request process termination */ -@@ -767,6 +850,7 @@ +--- monitor_wrap.c.orig Tue Sep 2 14:51:17 2003 ++++ monitor_wrap.c Tue Sep 16 20:05:44 2003 +@@ -894,6 +894,7 @@ return ((authok == 0) ? -1 : 0); } @@ -97,7 +8,7 @@ int mm_skey_query(void *ctx, char **name, char **infotxt, u_int *numprompts, char ***prompts, u_int **echo_on) -@@ -829,6 +913,7 @@ +@@ -957,6 +958,7 @@ return ((authok == 0) ? -1 : 0); } diff --git a/security/hpn-ssh/files/patch-monitor_wrap.h b/security/hpn-ssh/files/patch-monitor_wrap.h deleted file mode 100644 index e4495c7ba12e..000000000000 --- a/security/hpn-ssh/files/patch-monitor_wrap.h +++ /dev/null @@ -1,13 +0,0 @@ ---- monitor_wrap.h.orig Mon May 13 03:07:42 2002 -+++ monitor_wrap.h Sun Jun 30 07:13:18 2002 -@@ -57,6 +58,10 @@ - - #ifdef USE_PAM - void mm_start_pam(char *); -+void *mm_pam_init_ctx(struct Authctxt *); -+int mm_pam_query(void *, char **, char **, u_int *, char ***, u_int **); -+int mm_pam_respond(void *, u_int, char **); -+void mm_pam_free_ctx(void *); - #endif - - void mm_terminate(void); diff --git a/security/hpn-ssh/files/patch-regress-Makefile b/security/hpn-ssh/files/patch-regress-Makefile deleted file mode 100644 index 1c22e2d7446e..000000000000 --- a/security/hpn-ssh/files/patch-regress-Makefile +++ /dev/null @@ -1,19 +0,0 @@ ---- regress/Makefile.orig Wed Jan 22 07:53:17 2003 -+++ regress/Makefile Tue Apr 1 05:28:43 2003 -@@ -1,6 +1,6 @@ - # $OpenBSD: Makefile,v 1.20 2003/01/08 23:54:22 djm Exp $ - --REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 -+REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7 - - CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 - -@@ -71,7 +71,7 @@ - ssh-keygen -Bf t7.out > /dev/null - - .for t in ${LTESTS} --REGRESS_TARGETS+=t-${t} -+REGRESSTARGETS+=t-${t} - t-${t}: - sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh - .endfor diff --git a/security/hpn-ssh/files/patch-regress-test-exec.sh b/security/hpn-ssh/files/patch-regress-test-exec.sh index 4632f3bb78c7..4abc87c3d4da 100644 --- a/security/hpn-ssh/files/patch-regress-test-exec.sh +++ b/security/hpn-ssh/files/patch-regress-test-exec.sh @@ -1,9 +1,9 @@ ---- regress/test-exec.sh.orig Wed May 1 05:17:35 2002 -+++ regress/test-exec.sh Tue Apr 1 06:03:11 2003 -@@ -130,6 +130,8 @@ - PidFile $PIDFILE +--- regress/test-exec.sh.orig Fri Sep 12 07:32:17 2003 ++++ regress/test-exec.sh Tue Sep 16 19:56:13 2003 +@@ -163,6 +163,8 @@ AuthorizedKeysFile $OBJ/authorized_keys_%u LogLevel QUIET + StrictModes no + PermitRootLogin yes + UsePrivilegeSeparation no EOF diff --git a/security/hpn-ssh/files/patch-session.c b/security/hpn-ssh/files/patch-session.c index c8baec2e3163..1f038e37cebe 100644 --- a/security/hpn-ssh/files/patch-session.c +++ b/security/hpn-ssh/files/patch-session.c @@ -1,7 +1,7 @@ ---- session.c.orig Thu Mar 20 19:18:09 2003 -+++ session.c Wed Sep 17 11:05:26 2003 -@@ -64,6 +64,11 @@ - #define is_winnt (GetVersion() < 0x80000000) +--- session.c.orig Tue Sep 23 10:59:08 2003 ++++ session.c Tue Sep 23 17:29:31 2003 +@@ -62,6 +62,11 @@ + #include "ssh-gss.h" #endif +#ifdef __FreeBSD__ @@ -12,7 +12,7 @@ /* func */ Session *session_new(void); -@@ -471,6 +476,13 @@ +@@ -411,6 +416,13 @@ log_init(__progname, options.log_level, options.log_facility, log_stderr); /* @@ -26,7 +26,7 @@ * Create a new session and process group since the 4.4BSD * setlogin() affects the entire process group. */ -@@ -576,6 +588,9 @@ +@@ -516,6 +528,9 @@ { int fdout, ptyfd, ttyfd, ptymaster; pid_t pid; @@ -36,25 +36,7 @@ if (s == NULL) fatal("do_exec_pty: no session"); -@@ -583,7 +598,16 @@ - ttyfd = s->ttyfd; - - #if defined(USE_PAM) -- do_pam_session(s->pw->pw_name, s->tty); -+ /* check if we have a pathname in the ttyname */ -+ shorttty = rindex( s->tty, '/' ); -+ if (shorttty != NULL ) { -+ /* use only the short filename to check */ -+ shorttty ++; -+ } else { -+ /* nothing found, use the whole name found */ -+ shorttty = s->tty; -+ } -+ do_pam_session(s->pw->pw_name, shorttty); - do_pam_setcred(1); - #endif - -@@ -593,6 +617,14 @@ +@@ -535,6 +550,14 @@ /* Child. Reinitialize the log because the pid has changed. */ log_init(__progname, options.log_level, options.log_facility, log_stderr); @@ -69,7 +51,7 @@ /* Close the master side of the pseudo tty. */ close(ptyfd); -@@ -726,6 +758,18 @@ +@@ -676,6 +699,18 @@ struct sockaddr_storage from; struct passwd * pw = s->pw; pid_t pid = getpid(); @@ -88,7 +70,7 @@ /* * Get IP address of client. If the connection is not a socket, let -@@ -759,6 +803,72 @@ +@@ -710,6 +745,72 @@ } #endif @@ -107,7 +89,7 @@ + if (tv.tv_sec >= pw->pw_change) { + (void)printf( + "Sorry -- your password has expired.\n"); -+ log("%s Password expired - forcing change", ++ logit("%s Password expired - forcing change", + pw->pw_name); + if (newcommand != NULL) + xfree(newcommand); @@ -124,10 +106,10 @@ + if (tv.tv_sec >= pw->pw_expire) { + (void)printf( + "Sorry -- your account has expired.\n"); -+ log( ++ logit( + "LOGIN %.200s REFUSED (EXPIRED) FROM %.200s ON TTY %.200s", + pw->pw_name, get_remote_name_or_ip(utmp_len, -+ options.verify_reverse_mapping), s->tty); ++ options.use_dns), s->tty); + exit(254); + } else if (pw->pw_expire - tv.tv_sec < warntime && + !check_quietlogin(s, command)) @@ -150,10 +132,10 @@ + } + if (!auth_ttyok(lc, shorttty)) { + (void)printf("Permission denied.\n"); -+ log( ++ logit( + "LOGIN %.200s REFUSED (TTY) FROM %.200s ON TTY %.200s", + pw->pw_name, get_remote_name_or_ip(utmp_len, -+ options.verify_reverse_mapping), s->tty); ++ options.use_dns), s->tty); + exit(254); + } +#endif /* HAVE_LOGIN_CAP */ @@ -161,8 +143,8 @@ if (check_quietlogin(s, command)) return; -@@ -772,7 +882,17 @@ - #endif /* WITH_AIXAUTHENTICATE */ +@@ -726,7 +827,17 @@ + buffer_free(&loginmsg); #ifndef NO_SSH_LASTLOG - if (options.print_lastlog && s->last_login_time != 0) { @@ -180,7 +162,7 @@ time_string = ctime(&s->last_login_time); if (strchr(time_string, '\n')) *strchr(time_string, '\n') = 0; -@@ -784,7 +904,30 @@ +@@ -738,7 +849,30 @@ } #endif /* NO_SSH_LASTLOG */ @@ -212,7 +194,7 @@ } /* -@@ -800,9 +943,9 @@ +@@ -754,9 +888,9 @@ #ifdef HAVE_LOGIN_CAP f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", "/etc/motd"), "r"); @@ -224,7 +206,7 @@ if (f) { while (fgets(buf, sizeof(buf), f)) fputs(buf, stdout); -@@ -829,10 +972,10 @@ +@@ -783,10 +917,10 @@ #ifdef HAVE_LOGIN_CAP if (login_getcapbool(lc, "hushlogin", 0) || stat(buf, &st) >= 0) return 1; @@ -237,38 +219,10 @@ return 0; } -@@ -844,7 +987,7 @@ - child_set_env(char ***envp, u_int *envsizep, const char *name, - const char *value) - { -- u_int i, namelen; -+ u_int i, namelen, envsize; - char **env; - - /* -@@ -862,12 +1005,14 @@ - xfree(env[i]); - } else { - /* New variable. Expand if necessary. */ -- if (i >= (*envsizep) - 1) { -- if (*envsizep >= 1000) -+ envsize = *envsizep; -+ if (i >= envsize - 1) { -+ if (envsize >= 1000) - fatal("child_set_env: too many env vars," - " skipping: %.100s", name); -- (*envsizep) += 50; -- env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); -+ envsize += 50; -+ env = (*envp) = xrealloc(env, envsize * sizeof(char *)); -+ *envsizep = envsize; - } - /* Need to set the NULL pointer at end of array beyond the new slot. */ - env[i + 1] = NULL; -@@ -952,6 +1097,10 @@ +@@ -973,6 +1107,10 @@ char buf[256]; u_int i, envsize; - char **env, *laddr; + char **env, *laddr, *path = NULL; +#ifdef HAVE_LOGIN_CAP + extern char **environ; + char **senv, **var; @@ -276,7 +230,7 @@ struct passwd *pw = s->pw; /* Initialize the environment. */ -@@ -959,6 +1108,9 @@ +@@ -980,6 +1118,9 @@ env = xmalloc(envsize * sizeof(char *)); env[0] = NULL; @@ -286,7 +240,7 @@ #ifdef HAVE_CYGWIN /* * The Windows environment contains some setting which are -@@ -1003,9 +1155,21 @@ +@@ -1034,9 +1175,21 @@ /* Normal systems set SHELL by default. */ child_set_env(&env, &envsize, "SHELL", shell); @@ -310,7 +264,7 @@ /* Set custom environment options from RSA authentication. */ if (!options.use_login) { -@@ -1219,7 +1383,7 @@ +@@ -1245,7 +1398,7 @@ setpgid(0, 0); # endif if (setusercontext(lc, pw, pw->pw_uid, @@ -319,7 +273,25 @@ perror("unable to set user context"); exit(1); } -@@ -1382,7 +1546,7 @@ +@@ -1275,7 +1428,16 @@ + * Reestablish them here. + */ + if (options.use_pam) { +- do_pam_session(); ++ /* check if we have a pathname in the ttyname */ ++ shorttty = rindex( s->tty, '/' ); ++ if (shorttty != NULL ) { ++ /* use only the short filename to check */ ++ shorttty ++; ++ } else { ++ /* nothing found, use the whole name found */ ++ shorttty = s->tty; ++ } ++ do_pam_session(s->pw->pw_name, shorttty); + do_pam_setcred(0); + } + # endif /* USE_PAM */ +@@ -1411,7 +1573,7 @@ * initgroups, because at least on Solaris 2.3 it leaves file * descriptors open. */ @@ -328,7 +300,7 @@ close(i); /* -@@ -1412,6 +1576,31 @@ +@@ -1429,6 +1591,31 @@ exit(1); #endif } diff --git a/security/hpn-ssh/files/patch-ssh-agent.c b/security/hpn-ssh/files/patch-ssh-agent.c deleted file mode 100644 index f50ae308e03c..000000000000 --- a/security/hpn-ssh/files/patch-ssh-agent.c +++ /dev/null @@ -1,44 +0,0 @@ ---- ssh-agent.c Sat Mar 15 00:37:09 2003 -+++ ssh-agent.c Wed Sep 17 00:42:15 2003 -@@ -767,7 +767,7 @@ process_message(SocketEntry *e) - static void - new_socket(sock_type type, int fd) - { -- u_int i, old_alloc; -+ u_int i, old_alloc, new_alloc; - - if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %s", strerror(errno)); -@@ -778,25 +778,26 @@ new_socket(sock_type type, int fd) - for (i = 0; i < sockets_alloc; i++) - if (sockets[i].type == AUTH_UNUSED) { - sockets[i].fd = fd; -- sockets[i].type = type; - buffer_init(&sockets[i].input); - buffer_init(&sockets[i].output); - buffer_init(&sockets[i].request); -+ sockets[i].type = type; - return; - } - old_alloc = sockets_alloc; -- sockets_alloc += 10; -+ new_alloc = sockets_alloc + 10; - if (sockets) -- sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); -+ sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0])); - else -- sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); -- for (i = old_alloc; i < sockets_alloc; i++) -+ sockets = xmalloc(new_alloc * sizeof(sockets[0])); -+ for (i = old_alloc; i < new_alloc; i++) - sockets[i].type = AUTH_UNUSED; -- sockets[old_alloc].type = type; -+ sockets_alloc = new_alloc; - sockets[old_alloc].fd = fd; - buffer_init(&sockets[old_alloc].input); - buffer_init(&sockets[old_alloc].output); - buffer_init(&sockets[old_alloc].request); -+ sockets[old_alloc].type = type; - } - - static int diff --git a/security/hpn-ssh/files/patch-sshd_config b/security/hpn-ssh/files/patch-sshd_config index 3d84a8c64d0f..ca7fe10a0234 100644 --- a/security/hpn-ssh/files/patch-sshd_config +++ b/security/hpn-ssh/files/patch-sshd_config @@ -1,14 +1,14 @@ ---- sshd_config.orig Fri Jun 21 03:11:36 2002 -+++ sshd_config Wed Jul 3 06:20:47 2002 +--- sshd_config.orig Tue Sep 2 14:51:18 2003 ++++ sshd_config Tue Sep 16 20:05:44 2003 @@ -34,6 +34,7 @@ - #LoginGraceTime 600 + #LoginGraceTime 2m #PermitRootLogin yes +PermitRootLogin no #StrictModes yes #RSAAuthentication yes -@@ -58,6 +59,7 @@ +@@ -56,6 +57,7 @@ # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes diff --git a/security/hpn-ssh/files/patch-stderr-after-eof.sh b/security/hpn-ssh/files/patch-stderr-after-eof.sh deleted file mode 100644 index 38969b8d51a3..000000000000 --- a/security/hpn-ssh/files/patch-stderr-after-eof.sh +++ /dev/null @@ -1,11 +0,0 @@ ---- regress/stderr-after-eof.sh.orig Wed May 1 05:17:35 2002 -+++ regress/stderr-after-eof.sh Fri Jul 19 07:22:18 2002 -@@ -7,7 +7,7 @@ - DATA=${OBJ}/data - COPY=${OBJ}/copy - --MD5=md5sum -+MD5=md5 - - # setup data - rm -f ${DATA} ${COPY} |