New port:

OpenSSH portable, which has GNU-configure and more.
Diffs to OpenSSH-OPenBSD are huge.
So this is here a complete diffrent branch, no repro-copy
- Did a bit cleanup in the Makefile

Submitted by:	dwcjr@inethouston.net

5 files changed, 159 insertions, 0 deletions

diff --git a/security/openssh-portable/files/patch-auth.c b/security/openssh-portable/files/patch-auth.c
new file mode 100644
index 000000000000..99c9d0c1550e
--- /dev/null
+++ b/security/openssh-portable/files/patch-auth.c
@@ -0,0 +1,20 @@
+--- auth.c.orig	Mon Mar 19 23:15:57 2001
++++ auth.c	Fri Jun  1 07:59:43 2001
+@@ -158,6 +158,17 @@
+ 	}
+ #endif /* WITH_AIXAUTHENTICATE */
+ 
++#ifdef __FreeBSD__  
++	/* Fail if the account's expiration time has passed. */
++	if (pw->pw_expire != 0) {
++		struct timeval tv;
++
++		(void)gettimeofday(&tv, NULL);
++		if (tv.tv_sec >= pw->pw_expire)
++			return 0;
++	}
++#endif /* __FreeBSD__ */
++
+ 	/* We found no reason not to let this user try to log on... */
+ 	return 1;
+ }
diff --git a/security/openssh-portable/files/patch-clientloop.c b/security/openssh-portable/files/patch-clientloop.c
new file mode 100644
index 000000000000..67fc4dcb4f6b
--- /dev/null
+++ b/security/openssh-portable/files/patch-clientloop.c
@@ -0,0 +1,11 @@
+--- clientloop.c.orig	Fri Apr 20 09:17:51 2001
++++ clientloop.c	Sat May 26 15:18:51 2001
+@@ -1131,7 +1131,7 @@
+ 
+ 	if (strcmp(ctype, "forwarded-tcpip") == 0) {
+ 		c = client_request_forwarded_tcpip(ctype, rchan);
+-	} else if (strcmp(ctype, "x11") == 0) {
++	} else if (strcmp(ctype, "x11") == 0 && options.forward_x11) {
+ 		c = client_request_x11(ctype, rchan);
+ 	} else if (strcmp(ctype, "auth-agent@openssh.com") == 0) {
+ 		c = client_request_agent(ctype, rchan);
diff --git a/security/openssh-portable/files/patch-misc.c b/security/openssh-portable/files/patch-misc.c
new file mode 100644
index 000000000000..0f8ef065fec0
--- /dev/null
+++ b/security/openssh-portable/files/patch-misc.c
@@ -0,0 +1,13 @@
+--- misc.c.orig	Thu Apr 12 22:09:37 2001
++++ misc.c	Sat May 26 15:39:25 2001
+@@ -111,6 +111,10 @@
+ 	copy->pw_class = xstrdup(pw->pw_class);
+ 	copy->pw_dir = xstrdup(pw->pw_dir);
+ 	copy->pw_shell = xstrdup(pw->pw_shell);
++#ifdef __FreeBSD__
++	copy->pw_expire = pw->pw_expire;
++	copy->pw_change = pw->pw_change;
++#endif /* __FreeBSD__ */
+ 	return copy;
+ }
+ 
diff --git a/security/openssh-portable/files/patch-session.c b/security/openssh-portable/files/patch-session.c
new file mode 100644
index 000000000000..2fbf15d43128
--- /dev/null
+++ b/security/openssh-portable/files/patch-session.c
@@ -0,0 +1,100 @@
+--- session.c.orig	Tue Apr 17 21:34:25 2001
++++ session.c	Sat May 26 15:45:15 2001
+@@ -461,6 +467,13 @@
+ 		log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ 
+ 		/*
++		 * Using login and executing a specific "command" are mutually
++		 * exclusive, so turn off use_login if there's a command.
++		 */
++		if (command != NULL)
++			options.use_login = 0;
++
++		/*
+ 		 * Create a new session and process group since the 4.4BSD
+ 		 * setlogin() affects the entire process group.
+ 		 */
+@@ -566,6 +579,13 @@
+ 		/* Child.  Reinitialize the log because the pid has changed. */
+ 		log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ 
++		/*
++		 * Using login and executing a specific "command" are mutually
++		 * exclusive, so turn off use_login if there's a command.
++		 */
++		if (command != NULL)
++			options.use_login = 0;
++
+ 		/* Close the master side of the pseudo tty. */
+ 		close(ptyfd);
+ 
+@@ -639,6 +659,11 @@
+ 	time_t last_login_time;
+ 	struct passwd * pw = s->pw;
+ 	pid_t pid = getpid();
++#ifdef HAVE_LOGIN_CAP
++	FILE *f;
++	char buf[256];
++	char *fname;
++#endif /* HAVE_LOGIN_CAP */
+ 
+ 	/*
+ 	 * Get IP address of client. If the connection is not a socket, let
+@@ -679,6 +704,21 @@
+ 			printf("Last login: %s from %s\r\n", time_string, hostname);
+ 	}
+ 
++#ifdef HAVE_LOGIN_CAP
++	if (!options.use_login) {
++		fname = login_getcapstr(lc, "copyright", NULL, NULL);
++		if (fname != NULL && (f = fopen(fname, "r")) != NULL) {
++			while (fgets(buf, sizeof(buf), f) != NULL)
++				fputs(buf, stdout);
++			fclose(f);
++		} else
++			(void)printf("%s\n\t%s %s\n",
++	"Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994",
++	    "The Regents of the University of California. ",
++	    "All rights reserved.");
++	}
++#endif /* HAVE_LOGIN_CAP */
++
+ 	do_motd();
+ }
+ 
+@@ -1027,7 +1067,7 @@
+ 	 * initgroups, because at least on Solaris 2.3 it leaves file
+ 	 * descriptors open.
+ 	 */
+-	for (i = 3; i < 64; i++)
++	for (i = 3; i < getdtablesize(); i++)
+ 		close(i);
+ 
+ 	/* Change current directory to the user\'s home directory. */
+@@ -1051,6 +1091,26 @@
+ 	 * in this order).
+ 	 */
+ 	if (!options.use_login) {
++#ifdef __FreeBSD__
++		/*
++		 * If the password change time is set and has passed, give the
++		 * user a password expiry notice and chance to change it.
++		 */
++		if (pw->pw_change != 0) {
++			struct timeval tv;
++
++			(void)gettimeofday(&tv, NULL);
++			if (tv.tv_sec >= pw->pw_change) {
++				(void)printf(
++				    "Sorry -- your password has expired.\n");
++				syslog(LOG_INFO,
++				    "%s Password expired - forcing change",
++				    pw->pw_name);
++				if (system("/usr/bin/passwd") != 0)
++					perror("/usr/bin/passwd");
++			}
++		}
++#endif /* __FreeBSD__ */
+ 		/* ignore _PATH_SSH_USER_RC for subsystems */
+ 		if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {
+ 			if (debug_flag)
diff --git a/security/openssh-portable/files/patch-sshconnect.c b/security/openssh-portable/files/patch-sshconnect.c
new file mode 100644
index 000000000000..0d2e317b7147
--- /dev/null
+++ b/security/openssh-portable/files/patch-sshconnect.c
@@ -0,0 +1,15 @@
+--- sshconnect.c.orig	Fri Apr 13 01:34:36 2001
++++ sshconnect.c	Fri Jun  1 08:01:05 2001
+@@ -504,10 +504,12 @@
+ 		local = (ntohl(((struct sockaddr_in *)hostaddr)->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
+ 		salen = sizeof(struct sockaddr_in);
+ 		break;
++#ifdef INET6
+ 	case AF_INET6:
+ 		local = IN6_IS_ADDR_LOOPBACK(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr));
+ 		salen = sizeof(struct sockaddr_in6);
+ 		break;
++#endif
+ 	default:
+ 		local = 0;
+ 		salen = sizeof(struct sockaddr_storage);