aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/ssh2/files/patch-ac124
-rw-r--r--security/ssh2/files/patch-ad13
-rw-r--r--security/ssh2/files/patch-af108
-rw-r--r--security/ssh2/files/patch-ag286
-rw-r--r--security/ssh2/files/patch-aj40
-rw-r--r--security/ssh2/files/patch-al27
6 files changed, 0 insertions, 598 deletions
diff --git a/security/ssh2/files/patch-ac b/security/ssh2/files/patch-ac
deleted file mode 100644
index 63759def15ab..000000000000
--- a/security/ssh2/files/patch-ac
+++ /dev/null
@@ -1,124 +0,0 @@
---- Makefile.in.orig Wed Jul 8 09:40:39 1998
-+++ Makefile.in Wed Oct 7 19:11:37 1998
-@@ -294,14 +294,19 @@
- SHELL = /bin/sh
-
- GMPDIR = gmp-2.0.2-ssh-2
--GMPLIBS = -L$(GMPDIR) -lgmp
--GMPDEP = $(GMPDIR)/gmp.h $(GMPDIR)/libgmp.a
-+# We have the same libgmp in the system, so use it instead
-+GMPINCDIR = /usr/include
-+GMPLIBDIR = /usr/lib
-+GMPLIBS = -lgmp
-+GMPDEP = $(GMPINCDIR)/gmp.h $(GMPLIBDIR)/libgmp.a
-
- ZLIBDIR = zlib-1.0.4
--ZLIBDEP = $(ZLIBDIR)/libz.a
--ZLIBLIBS = -L$(ZLIBDIR) -lz
-+ZLIBINCDIR = /usr/include
-+ZLIBLIBDIR = /usr/lib
-+ZLIBDEP = $(ZLIBINCDIR)/libz.a
-+ZLIBLIBS = -lz
-
--RSAREFDIR = rsaref2
-+RSAREFDIR = ${PORTSDIR}/security/rsaref/work
- RSAREFSRCDIR = $(RSAREFDIR)/source
-
- X_CFLAGS = @X_CFLAGS@
-@@ -404,7 +409,7 @@
- $(CC) -o rfc-pg rfc-pg.o
-
- .c.o:
-- $(CC) -c -I. $(KERBEROS_INCS) -I$(srcdir)/$(GMPDIR) -I$(srcdir)/$(ZLIBDIR) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" -DSSH_BINDIR=\"$(bindir)\" -DTIS_MAP_FILE=\"$(TIS_MAP_FILE)\" $(CFLAGS) $(X_CFLAGS) $<
-+ $(CC) -c -I. $(KERBEROS_INCS) -I../../../rsaref/work -I$(srcdir)/$(GMPINCDIR) -I$(srcdir)/$(ZLIBINCDIR) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" -DSSH_BINDIR=\"$(bindir)\" -DTIS_MAP_FILE=\"$(TIS_MAP_FILE)\" $(CFLAGS) $(X_CFLAGS) $<
-
- sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
- -rm -f sshd
-@@ -447,19 +452,19 @@
- sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
- chmod +x make-ssh-known-hosts
-
--GMP_COPY_SOURCES = mpz_gcd.c mpz_powm.c mpz_pow_ui.c mpz_add.c mpz_sub.c \
-- mpz_mul.c mpz_cmp.c mpz_sqrtrem.c
--$(GMPDIR)/libgmp.a:
-- cd $(GMPDIR); $(MAKE)
--
--$(ZLIBDEP):
-- -if test '!' -d $(ZLIBDIR); then \
-- mkdir $(ZLIBDIR); \
-- cp $(srcdir)/$(ZLIBDIR)/Makefile $(ZLIBDIR); \
-- fi
-- cd $(ZLIBDIR); $(MAKE) VPATH=$(srcdir)/$(ZLIBDIR):../$(srcdir)/$(ZLIBDIR) \
-- CC="$(CC)" CFLAGS="$(CFLAGS) -I. -I$(srcdir)/$(ZLIBDIR) \
-- -I../$(srcdir)/$(GMPDIR)" RANLIB="$(RANLIB)" libz.a
-+#GMP_COPY_SOURCES = mpz_gcd.c mpz_powm.c mpz_pow_ui.c mpz_add.c mpz_sub.c \
-+# mpz_mul.c mpz_cmp.c mpz_sqrtrem.c
-+#$(GMPDIR)/libgmp.a:
-+# cd $(GMPDIR); $(MAKE)
-+#
-+#$(ZLIBDEP):
-+# -if test '!' -d $(ZLIBDIR); then \
-+# mkdir $(ZLIBDIR); \
-+# cp $(srcdir)/$(ZLIBDIR)/Makefile $(ZLIBDIR); \
-+# fi
-+# cd $(ZLIBDIR); $(MAKE) VPATH=$(srcdir)/$(ZLIBDIR):../$(srcdir)/$(ZLIBDIR) \
-+# CC="$(CC)" CFLAGS="$(CFLAGS) -I. -I$(srcdir)/$(ZLIBDIR) \
-+# -I../$(srcdir)/$(GMPDIR)" RANLIB="$(RANLIB)" libz.a
-
- $(RSAREFSRCDIR)/librsaref.a:
- -if test '!' -d $(RSAREFDIR); then \
-@@ -516,7 +521,7 @@
- # (otherwise it can only log in as the user it runs as, and must be
- # bound to a non-privileged port). Also, password authentication may
- # not be available if non-root and using shadow passwords.
--install: $(PROGRAMS) make-dirs generate-host-key install-configs
-+install: $(PROGRAMS) make-dirs install-configs
- -rm -f $(install_prefix)$(bindir)/ssh1.old
- -chmod 755 $(install_prefix)$(bindir)/ssh1
- -chmod 755 $(install_prefix)$(bindir)/ssh
-@@ -672,15 +677,15 @@
-
- clean:
- -rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
-- cd $(GMPDIR); $(MAKE) clean
-+# cd $(GMPDIR); $(MAKE) clean
- # cd $(RSAREFSRCDIR); rm -f *.o *.a
-- cd $(ZLIBDIR); $(MAKE) clean
-+# cd $(ZLIBDIR); $(MAKE) clean
-
- distclean: clean
- -rm -f Makefile config.status config.cache config.log config.h
- -rm -f ssh.1 sshd.8 make-ssh-known-hosts.1
-- cd $(GMPDIR); $(MAKE) distclean
-- cd $(ZLIBDIR); $(MAKE) distclean
-+# cd $(GMPDIR); $(MAKE) distclean
-+# cd $(ZLIBDIR); $(MAKE) distclean
-
- dist: dist-free
-
-@@ -709,12 +714,12 @@
- -mkdir $(DISTNAME)
- cp $(DISTFILES) $(DISTNAME)
- for i in $(DISTSRCS); do cp $(srcdir)/$$i $(DISTNAME); done
-- (cd $(GMPDIR); make dist)
-- gzip -cd $(GMPDIR)/$(GMPDIR).tar.gz | (cd $(DISTNAME); tar pxf - )
-+# (cd $(GMPDIR); make dist)
-+# gzip -cd $(GMPDIR)/$(GMPDIR).tar.gz | (cd $(DISTNAME); tar pxf - )
- # tar cf - $(RSAREFDIR) | (cd $(DISTNAME); tar xf -)
- # cd $(DISTNAME)/$(RSAREFSRCDIR); rm -f *.o *.a
-- (cd $(srcdir); tar pcf - $(ZLIBDIR) )| (cd $(DISTNAME); tar pxf -)
-- cd $(DISTNAME)/$(ZLIBDIR); rm -f *.o *.a; rm -rf CVS
-+# (cd $(srcdir); tar pcf - $(ZLIBDIR) )| (cd $(DISTNAME); tar pxf -)
-+# cd $(DISTNAME)/$(ZLIBDIR); rm -f *.o *.a; rm -rf CVS
-
- #ifdef F_SECURE_COMMERCIAL
- #
-@@ -742,7 +747,7 @@
- (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
-
- depend:
-- $(MAKEDEP) -I$(srcdir) -I. -I$(GMPDIR) -I$(ZLIBDIR) $(DEFS) $(SRCS)
-+ $(MAKEDEP) -I$(srcdir) -I. $(DEFS) $(SRCS)
-
- tags:
- -rm -f TAGS
diff --git a/security/ssh2/files/patch-ad b/security/ssh2/files/patch-ad
deleted file mode 100644
index 6b4d2646fa91..000000000000
--- a/security/ssh2/files/patch-ad
+++ /dev/null
@@ -1,13 +0,0 @@
-*** auth-passwd.c.bak Tue Jan 20 15:23:48 1998
---- auth-passwd.c Sat Feb 14 00:49:56 1998
-***************
-*** 815,820 ****
---- 815,822 ----
- encrypted_password = crypt(password,
- (correct_passwd[0] && correct_passwd[1]) ?
- correct_passwd : "xx");
-+ if (!password[0] && correct_passwd[0])
-+ encrypted_password = ":";
- #endif /* HAVE_SCO_ETC_SHADOW */
- #endif /* HAVE_OSF1_C2_SECURITY */
-
diff --git a/security/ssh2/files/patch-af b/security/ssh2/files/patch-af
deleted file mode 100644
index f0cea2252274..000000000000
--- a/security/ssh2/files/patch-af
+++ /dev/null
@@ -1,108 +0,0 @@
-*** sshd.c.WAS Thu Jun 11 23:11:47 1998
---- sshd.c Thu Jun 11 23:30:30 1998
-***************
-*** 2014,2020 ****
- pwcopy.pw_class = xstrdup(pw->pw_class);
- pwcopy.pw_change = pw->pw_change;
- pwcopy.pw_expire = pw->pw_expire;
-! #endif /* __bsdi__ && _BSDI_VERSION >= 199510 */
- pwcopy.pw_dir = xstrdup(pw->pw_dir);
- pwcopy.pw_shell = xstrdup(pw->pw_shell);
- pw = &pwcopy;
---- 2014,2020 ----
- pwcopy.pw_class = xstrdup(pw->pw_class);
- pwcopy.pw_change = pw->pw_change;
- pwcopy.pw_expire = pw->pw_expire;
-! #endif /* (__bsdi__ && _BSDI_VERSION >= 199510) || (__FreeBSD__ && HAVE_LOGIN_CAP_H) */
- pwcopy.pw_dir = xstrdup(pw->pw_dir);
- pwcopy.pw_shell = xstrdup(pw->pw_shell);
- pw = &pwcopy;
-***************
-*** 3045,3054 ****
- struct pty_cleanup_context cleanup_context;
- #if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
- login_cap_t *lc;
- #endif
-! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
- struct timeval tp;
-! #endif /* __bsdi__ && _BSDI_VERSION >= 199510 */
-
- #ifdef HAVE_OSF1_C2_SECURITY
- {
---- 3045,3055 ----
- struct pty_cleanup_context cleanup_context;
- #if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
- login_cap_t *lc;
-+ time_t warnpassword, warnexpire;
- #endif
-! #if defined(__FreeBSD__) || (defined (__bsdi__) && _BSDI_VERSION >= 199510)
- struct timeval tp;
-! #endif /* __FreeBSD__ || (__bsdi__ && _BSDI_VERSION >= 199510) */
-
- #ifdef HAVE_OSF1_C2_SECURITY
- {
-***************
-*** 3183,3188 ****
---- 3184,3197 ----
- "The Regents of the University of California. ",
- "All rights reserved.");
- }
-+ #ifdef HAVE_LOGIN_CAP_H
-+ #define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */
-+
-+ warnpassword = login_getcaptime(lc, "warnpassword",
-+ DEFAULT_WARN, DEFAULT_WARN);
-+ warnexpire = login_getcaptime(lc, "warnexpire",
-+ DEFAULT_WARN, DEFAULT_WARN);
-+ #endif
- #endif
-
- /* Print /etc/motd unless a command was specified or printing it was
-***************
-*** 3206,3212 ****
- fputs(line, stdout);
- fclose(f);
- }
-! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
- if (pw->pw_change || pw->pw_expire)
- (void)gettimeofday(&tp, (struct timezone *)NULL);
- if (pw->pw_change)
---- 3215,3221 ----
- fputs(line, stdout);
- fclose(f);
- }
-! #if defined(__FreeBSD__) || (defined(__bsdi__) && _BSDI_VERSION >= 199510)
- if (pw->pw_change || pw->pw_expire)
- (void)gettimeofday(&tp, (struct timezone *)NULL);
- if (pw->pw_change)
-***************
-*** 3575,3581 ****
- while (fgets(buf, sizeof(buf), f))
- fputs(buf, stderr);
- fclose(f);
-! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
- if (pw->pw_uid != UID_ROOT &&
- !login_getcapbool(lc, "ignorenologin", 0))
- exit(254);
---- 3584,3590 ----
- while (fgets(buf, sizeof(buf), f))
- fputs(buf, stderr);
- fclose(f);
-! #if (defined(__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)) || (defined (__bsdi__) && _BSDI_VERSION >= 199510)
- if (pw->pw_uid != UID_ROOT &&
- !login_getcapbool(lc, "ignorenologin", 0))
- exit(254);
-***************
-*** 4121,4127 ****
---- 4130,4140 ----
- struct stat mailbuf;
-
- if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0)
-+ #ifdef __FreeBSD__
-+ ;
-+ #else
- printf("No mail.\n");
-+ #endif
- else if (mailbuf.st_atime > mailbuf.st_mtime)
- printf("You have mail.\n");
- else
diff --git a/security/ssh2/files/patch-ag b/security/ssh2/files/patch-ag
deleted file mode 100644
index c38480580de4..000000000000
--- a/security/ssh2/files/patch-ag
+++ /dev/null
@@ -1,286 +0,0 @@
---- sshconnect.c.orig Wed Jul 8 20:40:38 1998
-+++ sshconnect.c Tue Nov 10 15:43:45 1998
-@@ -282,7 +282,7 @@
-
- /* Child. Permanently give up superuser privileges. */
- if (setuid(getuid()) < 0)
-- fatal("setuid: %s", strerror(errno));
-+ fatal("setuid: %.100s", strerror(errno));
-
- /* Redirect stdin and stdout. */
- close(pin[1]);
-@@ -944,7 +944,7 @@
- if (!ssh_context)
- {
- if ((r = krb5_init_context(&ssh_context)))
-- fatal("Kerberos V5: %s while initializing krb5.", error_message(r));
-+ fatal("Kerberos V5: %.100s while initializing krb5.", error_message(r));
- krb5_init_ets(ssh_context);
- }
-
-@@ -959,14 +959,14 @@
- "host", KRB5_NT_SRV_HST,
- &creds.server)))
- {
-- debug("Kerberos V5: error while constructing service name: %s.",
-+ debug("Kerberos V5: error while constructing service name: %.100s.",
- error_message(r));
- goto cleanup;
- }
- if ((r = krb5_cc_get_principal(ssh_context, ccache,
- &creds.client)))
- {
-- debug("Kerberos V5: failure on principal (%s).",
-+ debug("Kerberos V5: failure on principal (%.100s).",
- error_message(r));
- goto cleanup;
- }
-@@ -975,7 +975,7 @@
- if ((r = krb5_get_credentials(ssh_context, 0,
- ccache, &creds, &new_creds)))
- {
-- debug("Kerberos V5: failure on credentials(%s).",
-+ debug("Kerberos V5: failure on credentials(%.100s).",
- error_message(r));
- goto cleanup;
- }
-@@ -987,7 +987,7 @@
- {
- if ((r = krb5_auth_con_init(ssh_context, &auth_context)))
- {
-- debug("Kerberos V5: failed to init auth_context (%s)",
-+ debug("Kerberos V5: failed to init auth_context (%.100s)",
- error_message(r));
- goto cleanup;
- }
-@@ -998,7 +998,7 @@
- if ((r = krb5_mk_req_extended(ssh_context, &auth_context, ap_opts,
- 0, new_creds, &auth)))
- {
-- debug("Kerberos V5: failed krb5_mk_req_extended (%s)",
-+ debug("Kerberos V5: failed krb5_mk_req_extended (%.100s)",
- error_message(r));
- goto cleanup;
- }
-@@ -1046,7 +1046,7 @@
-
- if (r = krb5_rd_rep(ssh_context, auth_context, &auth, &repl))
- {
-- packet_disconnect("Kerberos V5 Authentication failed: %s",
-+ packet_disconnect("Kerberos V5 Authentication failed: %.100s",
- error_message(r));
- goto cleanup;
- }
-@@ -1090,7 +1090,7 @@
- krb5_data outbuf;
- krb5_error_code r;
- int type;
-- char server_name[128];
-+ char server_name[512];
-
- remotehost = (char *) get_canonical_hostname();
- memset(&outbuf, 0 , sizeof(outbuf));
-@@ -1100,14 +1100,14 @@
- if (!ssh_context)
- {
- if ((r = krb5_init_context(&ssh_context)))
-- fatal("Kerberos V5: %s while initializing krb5.", error_message(r));
-+ fatal("Kerberos V5: %.100s while initializing krb5.", error_message(r));
- krb5_init_ets(ssh_context);
- }
- if (!auth_context)
- {
- if ((r = krb5_auth_con_init(ssh_context, &auth_context)))
- {
-- debug("Kerberos V5: failed to init auth_context (%s)",
-+ debug("Kerberos V5: failed to init auth_context (%.100s)",
- error_message(r));
- return 0 ;
- }
-@@ -1124,7 +1124,7 @@
- if ((r = krb5_cc_get_principal(ssh_context, ccache,
- &client)))
- {
-- debug("Kerberos V5: failure on principal (%s)",
-+ debug("Kerberos V5: failure on principal (%.100s)",
- error_message(r));
- return 0 ;
- }
-@@ -1136,7 +1136,7 @@
- principal and point it to clients realm. This way
- we pass over a TGT of the clients realm. */
-
-- sprintf(server_name,"host/%s@", remotehost);
-+ sprintf(server_name,"host/%.100s@", remotehost);
- strncat(server_name,client->realm.data,client->realm.length);
- krb5_parse_name(ssh_context,server_name, &server);
- server->type = KRB5_NT_SRV_HST;
-@@ -1145,7 +1145,7 @@
- if ((r = krb5_fwd_tgt_creds(ssh_context, auth_context, 0, client,
- server, ccache, 1, &outbuf)))
- {
-- debug("Kerberos V5 krb5_fwd_tgt_creds failure (%s)",
-+ debug("Kerberos V5 krb5_fwd_tgt_creds failure (%.100s)",
- error_message(r));
- krb5_free_principal(ssh_context, client);
- krb5_free_principal(ssh_context, server);
-@@ -1416,7 +1416,7 @@
- error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
- error("It is also possible that the host key has just been changed.");
- error("Please contact your system administrator.");
-- error("Add correct host key in %s to get rid of this message.",
-+ error("Add correct host key in %.100s to get rid of this message.",
- options->user_hostfile);
-
- /* If strict host key checking is in use, the user will have to edit
-@@ -1589,7 +1589,7 @@
- if (!ssh_context)
- {
- if ((problem = krb5_init_context(&ssh_context)))
-- fatal("Kerberos V5: %s while initializing krb5.",
-+ fatal("Kerberos V5: %.100s while initializing krb5.",
- error_message(problem));
- krb5_init_ets(ssh_context);
- }
-@@ -1605,7 +1605,7 @@
- if ((problem = krb5_cc_get_principal(ssh_context, ccache,
- &client)))
- {
-- debug("Kerberos V5: failure on principal (%s).",
-+ debug("Kerberos V5: failure on principal (%.100s).",
- error_message(problem));
- }
- else {
---- auth-kerberos.c.orig Wed Jul 8 20:40:35 1998
-+++ auth-kerberos.c Tue Nov 10 15:50:15 1998
-@@ -63,11 +63,11 @@
- krb5_auth_con_free(ssh_context, auth_context);
- auth_context = 0;
- }
-- log_msg("Kerberos ticket authentication of user %s failed: %s",
-+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
- server_user, error_message(problem));
-
-- debug("Kerberos krb5_auth_con_genaddrs (%s).", error_message(problem));
-- packet_send_debug("Kerberos krb5_auth_con_genaddrs: %s",
-+ debug("Kerberos krb5_auth_con_genaddrs (%.100s).", error_message(problem));
-+ packet_send_debug("Kerberos krb5_auth_con_genaddrs: %.100s",
- error_message(problem));
- return 0;
- }
-@@ -80,11 +80,11 @@
- krb5_auth_con_free(ssh_context, auth_context);
- auth_context = 0;
- }
-- log_msg("Kerberos ticket authentication of user %s failed: %s",
-+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
- server_user, error_message(problem));
-
-- debug("Kerberos V5 rd_req failed (%s).", error_message(problem));
-- packet_send_debug("Kerberos V5 krb5_rd_req: %s", error_message(problem));
-+ debug("Kerberos V5 rd_req failed (%.100s).", error_message(problem));
-+ packet_send_debug("Kerberos V5 krb5_rd_req: %.100s", error_message(problem));
- return 0;
- }
-
-@@ -93,22 +93,22 @@
- if (problem)
- {
- krb5_free_ticket(ssh_context, ticket);
-- log_msg("Kerberos ticket authentication of user %s failed: %s",
-+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
- server_user, error_message(problem));
-
-- debug("Kerberos krb5_unparse_name failed (%s).", error_message(problem));
-- packet_send_debug("Kerberos krb5_unparse_name: %s",
-+ debug("Kerberos krb5_unparse_name failed (%.100s).", error_message(problem));
-+ packet_send_debug("Kerberos krb5_unparse_name: %.100s",
- error_message(problem));
- return 0;
- }
- if (strncmp(server, "host/", strlen("host/")))
- {
- krb5_free_ticket(ssh_context, ticket);
-- log_msg("Kerberos ticket authentication of user %s failed: invalid service name (%s)",
-+ log_msg("Kerberos ticket authentication of user %.100s failed: invalid service name (%.100s)",
- server_user, server);
-
-- debug("Kerberos invalid service name (%s).", server);
-- packet_send_debug("Kerberos invalid service name (%s).", server);
-+ debug("Kerberos invalid service name (%.100s).", server);
-+ packet_send_debug("Kerberos invalid service name (%.100s).", server);
- krb5_xfree(server);
- return 0;
- }
-@@ -122,11 +122,11 @@
-
- if (problem)
- {
-- log_msg("Kerberos ticket authentication of user %s failed: %s",
-+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
- server_user, error_message(problem));
-- debug("Kerberos krb5_copy_principal failed (%s).",
-+ debug("Kerberos krb5_copy_principal failed (%.100s).",
- error_message(problem));
-- packet_send_debug("Kerberos krb5_copy_principal: %s",
-+ packet_send_debug("Kerberos krb5_copy_principal: %.100s",
- error_message(problem));
- return 0;
- }
-@@ -135,11 +135,11 @@
- /* Make the reply - so that mutual authentication can be done */
- if ((problem = krb5_mk_rep(ssh_context, auth_context, &reply)))
- {
-- log_msg("Kerberos ticket authentication of user %s failed: %s",
-+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
- server_user, error_message(problem));
-- debug("Kerberos krb5_mk_rep failed (%s).",
-+ debug("Kerberos krb5_mk_rep failed (%.100s).",
- error_message(problem));
-- packet_send_debug("Kerberos krb5_mk_rep failed: %s",
-+ packet_send_debug("Kerberos krb5_mk_rep failed: %.100s",
- error_message(problem));
- return 0;
- }
-@@ -160,7 +160,7 @@
- {
- krb5_creds **creds;
- krb5_error_code retval;
-- static char ccname[128];
-+ static char ccname[512];
- krb5_ccache ccache = NULL;
- struct passwd *pwd;
- extern char *ticket;
-@@ -208,9 +208,9 @@
-
- if (retval = krb5_rd_cred(ssh_context, auth_context, krb5data, &creds, NULL))
- {
-- log_msg("Kerberos V5 tgt rejected for user %.100s : %s", server_user,
-+ log_msg("Kerberos V5 tgt rejected for user %.100s : %.100s", server_user,
- error_message(retval));
-- packet_send_debug("Kerberos V5 tgt rejected for %.100s : %s",
-+ packet_send_debug("Kerberos V5 tgt rejected for %.100s : %.100s",
- server_user,
- error_message(retval));
- packet_start(SSH_SMSG_FAILURE);
-@@ -234,7 +234,7 @@
- goto errout;
-
- ticket = xmalloc(strlen(ccname) + 1);
-- (void) sprintf(ticket, "%s", ccname);
-+ (void) sprintf(ticket, "%.100s", ccname);
-
- /* Successful */
- packet_start(SSH_SMSG_SUCCESS);
-@@ -244,9 +244,9 @@
-
- errout:
- krb5_free_tgt_creds(ssh_context, creds);
-- log_msg("Kerberos V5 tgt rejected for user %.100s :%s", server_user,
-+ log_msg("Kerberos V5 tgt rejected for user %.100s :%.100s", server_user,
- error_message(retval));
-- packet_send_debug("Kerberos V5 tgt rejected for %.100s : %s", server_user,
-+ packet_send_debug("Kerberos V5 tgt rejected for %.100s : %.100s", server_user,
- error_message(retval));
- packet_start(SSH_SMSG_FAILURE);
- packet_send();
diff --git a/security/ssh2/files/patch-aj b/security/ssh2/files/patch-aj
deleted file mode 100644
index 60f7495697f5..000000000000
--- a/security/ssh2/files/patch-aj
+++ /dev/null
@@ -1,40 +0,0 @@
-*** configure.in.orig Wed Apr 23 08:40:06 1997
---- configure.in Fri Apr 25 12:41:26 1997
-***************
-*** 616,624 ****
-
- export CFLAGS CC
-
-! # Socket pairs appear to be broken on several systems. I don't know exactly
-! # where, so I'll use pipes everywhere for now.
-! AC_DEFINE(USE_PIPES)
-
- AC_MSG_CHECKING([that the compiler works])
- AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
---- 616,624 ----
-
- export CFLAGS CC
-
-! dnl # Socket pairs appear to be broken on several systems. I don't know exactly
-! dnl # where, so I'll use pipes everywhere for now.
-! dnl AC_DEFINE(USE_PIPES)
-
- AC_MSG_CHECKING([that the compiler works])
- AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
-***************
-*** 671,677 ****
-
- AC_HEADER_STDC
- AC_HEADER_SYS_WAIT
-! AC_CHECK_HEADERS(unistd.h rusage.h sys/time.h lastlog.h utmp.h shadow.h)
- AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
- AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
- AC_HEADER_TIME
---- 671,677 ----
-
- AC_HEADER_STDC
- AC_HEADER_SYS_WAIT
-! AC_CHECK_HEADERS(unistd.h rusage.h sys/time.h lastlog.h login_cap.h utmp.h shadow.h)
- AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
- AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
- AC_HEADER_TIME
diff --git a/security/ssh2/files/patch-al b/security/ssh2/files/patch-al
deleted file mode 100644
index 9339ab05185c..000000000000
--- a/security/ssh2/files/patch-al
+++ /dev/null
@@ -1,27 +0,0 @@
-*** sshconnect.c.orig Wed Apr 23 08:40:11 1997
---- sshconnect.c Fri Apr 25 12:41:59 1997
-***************
-*** 311,316 ****
---- 311,322 ----
- {
- struct sockaddr_in sin;
- int p;
-+ #if (defined(__OpenBSD__) || defined(__FreeBSD__)) && !defined(SOCKS)
-+ p = 1023; /* Compat with old FreeBSD */
-+ sock = rresvport(&p);
-+ if (sock < 0)
-+ fatal("rresvport: %.100s", strerror(errno));
-+ #else
- for (p = 1023; p > 512; p--)
- {
- sock = socket(AF_INET, SOCK_STREAM, 0);
-***************
-*** 338,343 ****
---- 344,350 ----
- }
- fatal("bind: %.100s", strerror(errno));
- }
-+ #endif
- debug("Allocated local port %d.", p);
- }
- else