diff options
author | dinoex <dinoex@FreeBSD.org> | 2004-08-18 19:35:53 +0800 |
---|---|---|
committer | dinoex <dinoex@FreeBSD.org> | 2004-08-18 19:35:53 +0800 |
commit | ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb (patch) | |
tree | 81743e5e6b631d1967298757bf02ee748bed4855 /security/openssh-portable/files | |
parent | 81bcec16de4a612151e564a8a36b822109aafaac (diff) | |
download | freebsd-ports-gnome-ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb.tar.gz freebsd-ports-gnome-ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb.tar.zst freebsd-ports-gnome-ed67dbf2ef6cb36b1a16ebc9f1818f28652558cb.zip |
- update to 3.9p1
set PORTVERSION 3.9.0.1 to avoid another
bump of PORTEPOCH if 3.9.1p1 come out.
- new option OPENSSH_SNAPSHOT
Diffstat (limited to 'security/openssh-portable/files')
-rw-r--r-- | security/openssh-portable/files/patch-auth1.c | 28 | ||||
-rw-r--r-- | security/openssh-portable/files/patch-monitor_wrap.c | 18 | ||||
-rw-r--r-- | security/openssh-portable/files/patch-regress-test-exec.sh | 14 | ||||
-rw-r--r-- | security/openssh-portable/files/patch-session.c | 19 |
4 files changed, 21 insertions, 58 deletions
diff --git a/security/openssh-portable/files/patch-auth1.c b/security/openssh-portable/files/patch-auth1.c index 95d8d1a627b5..2308a0db7d27 100644 --- a/security/openssh-portable/files/patch-auth1.c +++ b/security/openssh-portable/files/patch-auth1.c @@ -1,6 +1,6 @@ ---- auth1.c.orig Tue Sep 2 23:32:46 2003 -+++ auth1.c Tue Sep 16 20:05:44 2003 -@@ -26,6 +26,7 @@ +--- auth1.c.orig Thu Aug 12 14:40:25 2004 ++++ auth1.c Tue Aug 17 05:40:29 2004 +@@ -25,6 +25,7 @@ #include "session.h" #include "uidswap.h" #include "monitor_wrap.h" @@ -8,10 +8,10 @@ /* import */ extern ServerOptions options; -@@ -71,6 +72,18 @@ +@@ -69,6 +70,18 @@ + u_int dlen; u_int ulen; int prev, type = 0; - struct passwd *pw = authctxt->pw; +#ifdef HAVE_LOGIN_CAP + login_cap_t *lc; +#endif @@ -26,25 +26,25 @@ +#endif /* HAVE_LOGIN_CAP || LOGIN_ACCESS */ debug("Attempting authentication for %s%.100s.", - authctxt->valid ? "" : "illegal user ", authctxt->user); -@@ -214,6 +227,34 @@ + authctxt->valid ? "" : "invalid user ", authctxt->user); +@@ -217,6 +230,34 @@ logit("Unknown message during authentication: type %d", type); break; } + +#ifdef HAVE_LOGIN_CAP -+ if (pw != NULL) { -+ lc = login_getpwclass(pw); ++ if (authctxt->pw != NULL) { ++ lc = login_getpwclass(authctxt->pw); + if (lc == NULL) -+ lc = login_getclassbyname(NULL, pw); ++ lc = login_getclassbyname(NULL, authctxt->pw); + if (!auth_hostok(lc, from_host, from_ip)) { + logit("Denied connection for %.200s from %.200s [%.200s].", -+ pw->pw_name, from_host, from_ip); ++ authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } + if (!auth_timeok(lc, time(NULL))) { + logit("LOGIN %.200s REFUSED (TIME) FROM %.200s", -+ pw->pw_name, from_host); ++ authctxt->pw->pw_name, from_host); + packet_disconnect("Logins not available right now."); + } + login_close(lc); @@ -52,9 +52,9 @@ + } +#endif /* HAVE_LOGIN_CAP */ +#ifdef LOGIN_ACCESS -+ if (pw != NULL && !login_access(pw->pw_name, from_host)) { ++ if (authctxt->pw != NULL && !login_access(authctxt->pw->pw_name, from_host)) { + logit("Denied connection for %.200s from %.200s [%.200s].", -+ pw->pw_name, from_host, from_ip); ++ authctxt->pw->pw_name, from_host, from_ip); + packet_disconnect("Sorry, you are not allowed to connect."); + } +#endif /* LOGIN_ACCESS */ diff --git a/security/openssh-portable/files/patch-monitor_wrap.c b/security/openssh-portable/files/patch-monitor_wrap.c deleted file mode 100644 index 7e89d3a40883..000000000000 --- a/security/openssh-portable/files/patch-monitor_wrap.c +++ /dev/null @@ -1,18 +0,0 @@ ---- monitor_wrap.c.orig Tue Sep 2 14:51:17 2003 -+++ monitor_wrap.c Tue Sep 16 20:05:44 2003 -@@ -894,6 +894,7 @@ - return ((authok == 0) ? -1 : 0); - } - -+#ifdef SKEY - int - mm_skey_query(void *ctx, char **name, char **infotxt, - u_int *numprompts, char ***prompts, u_int **echo_on) -@@ -957,6 +958,7 @@ - - return ((authok == 0) ? -1 : 0); - } -+#endif - - void - mm_ssh1_session_id(u_char session_id[16]) diff --git a/security/openssh-portable/files/patch-regress-test-exec.sh b/security/openssh-portable/files/patch-regress-test-exec.sh index 4abc87c3d4da..5fbf834f3c0c 100644 --- a/security/openssh-portable/files/patch-regress-test-exec.sh +++ b/security/openssh-portable/files/patch-regress-test-exec.sh @@ -1,11 +1,11 @@ ---- regress/test-exec.sh.orig Fri Sep 12 07:32:17 2003 -+++ regress/test-exec.sh Tue Sep 16 19:56:13 2003 -@@ -163,6 +163,8 @@ - AuthorizedKeysFile $OBJ/authorized_keys_%u - LogLevel QUIET - StrictModes no +--- regress/test-exec.sh.orig Fri Jun 25 05:46:09 2004 ++++ regress/test-exec.sh Tue Aug 17 05:27:49 2004 +@@ -178,6 +178,8 @@ + AcceptEnv _XXX_TEST_* + AcceptEnv _XXX_TEST + Subsystem sftp $SFTPSERVER + PermitRootLogin yes + UsePrivilegeSeparation no EOF - # server config for proxy connects + if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then diff --git a/security/openssh-portable/files/patch-session.c b/security/openssh-portable/files/patch-session.c index 1f038e37cebe..61c1b45791b0 100644 --- a/security/openssh-portable/files/patch-session.c +++ b/security/openssh-portable/files/patch-session.c @@ -143,25 +143,6 @@ if (check_quietlogin(s, command)) return; -@@ -726,7 +827,17 @@ - buffer_free(&loginmsg); - - #ifndef NO_SSH_LASTLOG -- if (options.print_lastlog && s->last_login_time != 0) { -+ /* -+ * If the user has logged in before, display the time of last -+ * login. However, don't display anything extra if a command -+ * has been specified (so that ssh can be used to execute -+ * commands on a remote machine without users knowing they -+ * are going to another machine). Login(1) will do this for -+ * us as well, so check if login(1) is used -+ */ -+ if (command == NULL && options.print_lastlog && -+ s->last_login_time != 0 && -+ !options.use_login) { - time_string = ctime(&s->last_login_time); - if (strchr(time_string, '\n')) - *strchr(time_string, '\n') = 0; @@ -738,7 +849,30 @@ } #endif /* NO_SSH_LASTLOG */ |