| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
/etc/make.conf.
Submitted by: <skrueger@europe.com>
|
| | |
|
| |
|
|
|
| |
proper nmapfe port. I do as one that created and maintained this port
for 4 years.
|
| | |
|
| |
|
|
|
|
|
| |
traffic.
PR: 38300
Submitted by: Dominic Marks <dominic_marks@btinternet.com>
|
| |
|
|
|
|
| |
- new master site & www page
Prodded by: Steffen Leich (the author)
|
| |
|
|
| |
Poked by: fozzy@kievweb.net.ua
|
| |
|
|
|
|
| |
package
Submitted by: Martin Matuska <matuska@wu-wien.ac.at>
|
| |
|
|
|
|
|
| |
A distinfo file may contain multiple hashes for the same distfile.
A checksum mismatch was logged by bento last Saturday.
PR: 37901
|
| | |
|
| |
|
|
|
| |
PR: 38526
Submitted by: Oliver Braun <obraun@informatik.unibw-muenchen.de>
|
| | |
|
| |
|
|
| |
Submitted by: maintainer
|
| |
|
|
| |
Requested by: Tobias Henoeckl <hoeni@Space.Net>
|
| |
|
|
|
|
|
|
|
|
|
| |
installed, not both.
2. change MASTER_SITES / add MASTER_SITE_SUBDIR
3. amavisd depends on Net::SMTP, not Net::Telnet
4. bump PORTREVISION
PR: 38469
Submitted by: Yen-Ming Lee <leeym@utopia.leeym.com>
Approved by: maintainer
|
| |
|
|
|
| |
PR: 38434
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 38235
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 38369
Submitted by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 38415
Submitted by: Anton Voronin <anton@chelcom.ru>
|
| | |
|
| |
|
|
|
| |
PR: 38305
Submitted by: maintainer
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 38363
Submitted by: maintainer
|
| |
|
|
|
|
|
|
|
| |
Due to APM dependancies, its preventing the port from building on
alpha. Since I can't see what use its features would be on a
platform which doesn't support power mgmnt, it seems simplest to
just yank it.
Approved by: will
|
| |
|
|
|
| |
PR: 38368
Submitted by: MAINTAINER: Udo Schweigert <udo.schweigert@siemens.com>
|
| |
|
|
|
| |
PR: 38311
Submitted by: Dominic Marks <dominic_marks@btinternet.com>
|
| |
|
|
| |
Reported by: fenner's survey
|
| |
|
|
|
|
|
| |
fix startup script
PR: 38297
Submitted by: Martin Matuska <matuska@wu-wien.ac.at>, maintainer
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: ports/37112
Submitted by: maintainer
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Note: The PR includes diffs to cope with WITHOUT_X11 env,
but this was already committed by knu-san.
So I just added CONFIGURE_ARGS line, please verify it.
PR: ports/35385
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Submitted by: gen02@xtremedev.com
|
| |
|
|
|
| |
PR: 29638
Submitted by: Scott Renfro <scott@renfro.org>
|
| | |
|
| |
|
|
|
|
|
| |
minor Update of the Readme
PR: 37607,37913
Submitted by: hetzels@westbend.net
|
| | |
|
| |
|
|
|
|
|
|
| |
* fix to use vscan:vscan to scan virus
* add a dependency of p5-Net-Telnet
PR: 38084
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 38100
Submitted by: Alan Batie
|
| |
|
|
| |
Pointy hat to: cy
|
| | |
|
| |
|
|
| |
is not relevant at this time.
|
| |
|
|
| |
Approved by: knu (mentor)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
See:
http://www.openssl.org/source/exp/CHANGES
Port improvements:
proccessor type is now detected
Add option: OPENSSL_WITH_386
This set as default for package generation on bento
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The daemonized version of amavis-perl
PR: 37993
Submitted by: Gea-Suan Lin <gslin@infomath.math.nctu.edu.tw>
|
| | |
|
| |
|
|
|
|
| |
Add another WWW to the pkg-descr.
Woken up by: Andrey Pevnev
|
| |
|
|
| |
Submitted by: Jack Lloyd <lloyd@acm.jhu.edu>
|
| |
|
|
| |
Approved by: knu (mentor)
|
| |
|
|
| |
Approved by: knu (mentor)
|
| |
|
|
| |
Submitted by: ijliao
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Maintainer requested maintainership drop.
PR: 37916
Submitted by: MAINTAINER
|
| |
|
|
|
| |
PR: 37907
Submitted by: Dominic Marks
|
| |
|
|
|
|
|
| |
+# LICENSE: http://www.bluesine.com/license.html
PR: 37901
Submitted by: Oliver Braun <obraun@informatik.unibw-muenchen.de>
|
| | |
|
| |
|
|
| |
To keep consistent with USE_SSL in bsd.port.mk
|
| |
|
|
| |
zlib.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
use that instead of the old autoconf. Add a pre-configure target
to run autoconf, because bsd.port.mk only supports the old autoconf.
Left to its own devices, the program now installs files with strange
names such as /usr/local/man/man1/i386-portbld-freebsd4.4-mcrypt.1
and /usr/local/bin/i386-portbld-freebsd4.4-mcrypt. To avoid this,
the whole installation now happens in a do-install target in the
port's Makefile, which also does the former post-install tasks.
Install supplementary documentation, unless NOPORTDOCS is defined.
Use EXAMPLESDIR.
The mdecrypt utility was removed. It has been replaced by a -d
option to mcrypt.
Drop USE_LIBTOOL and add back GNU_CONFIGURE.
PORTVERSION remains nil, since this did not build.
Add a warning about my laziness.
|
| |
|
|
|
| |
Reported by: Mario Pranjic and Valentin Zahariev
PR: 37790 and 37856
|
| | |
|
| | |
|
| |
|
|
|
| |
Submitted by: Cyrille Lefevre <cyrille.lefevre@laposte.net>
PR: 37850
|
| | |
|
| |
|
|
| |
A file and string hashing utility
|
| | |
|
| |
|
|
| |
Error reported by: so many people
|
| |
|
|
| |
Submitted by: Sergii Laskavyi <ls@gambit.com.ru>
|
| |
|
|
| |
Pointy hat to: dinoex
|
| |
|
|
|
|
| |
maintainer at his request.
Noticed by: bento
|
| |
|
|
| |
Approved by: trevor (maintainer)
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 37700
Submitted by: MAINTAINER: Kimura Fuyuki <fuyuki@mj.0038.net>
|
| |
|
|
|
|
|
|
|
| |
- some configure scripts check the version of the lib
so we need to update SHLIBVER
- bump PORTREVISION
openssh:
- build ports with local openssl, if it exists
|
| |
|
|
| |
* Update update_dat to support their slightly changed format
|
| |
|
|
|
|
|
| |
<URL:http://online.securityfocus.com/archive/1/269356> and
<URL:http://www.freeweb.hu/mantra/04_2002/KRB4.htm>.
Obtained from: Heimdal repository
|
| |
|
|
|
| |
- fetch and use openssh-3.1-adv.token.patch to build.
- bump PORTREVISION
|
| |
|
|
|
|
|
| |
up on their website again, reimplementation of the Makefile patch that
fetched the the tarball from their site for users outside of the US
(originally in Makefile rev 1.29). USA_RESIDENT=YES still supports
manual fetching from web.mit.edu.
|
| | |
|
| | |
|
| |
|
|
| |
PR: ports/37621
|
| |
|
|
| |
See http://www.gnupg.org/whatsnew.html#rn20020429 for changelog.
|
| |
|
|
| |
Pointy hat to: ijliao
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
4199 Emergency Dat Release due to Exploit-BackCSS False Positive
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
original versions of these ports, so some PORTREVISIONs were bumped. See
http://freebsd.kde.org/ and mailing lists linked to from there for info
on the packages generated to test these ports.
bsd.kde.mk has already been updated a few days ago to work with these.
Some patches applied to fix a few bugs were:
deskutils/kdepim3:
[1] Remove kpilot from build because it wasn't ready at release.
editors/koffice-kde3:
[2] Fix compile time bugs for FreeBSD.
misc/kdeedu3:
[3] Fix compile problem with kvoctrain.
x11/kdebase3:
[4] Fix KDM CPU usage and login bug.
Some caveats:
* All PLISTs are broken for deinstall due to script bug that I
didn't notice until very recently. This will be fixed when I
commit an update tomorrow. These ports should still install
perfectly fine though. They should also deinstall without
giving errors, but will leave directories behind.
* You can't install this with any other version of QT or KDE
already installed. I am not sure the checks are 100% working,
but fixes for these will be forthcoming. This is mainly due
to a policy decision made by kde@ to make QT/KDE ports install
the way the rest of the world expects it to while also still
conforming to FreeBSD's hier(7). For reference on this decision,
please consult the KDE/FreeBSD mailing list archives. This
decision fixes 2-year-old bug reports relating to how we handled
this for KDE2 vs KDE1.
Submitted by: [1] Adrian de Groot <adridg@cs.kun.nl>,
[2] David Faure <faure@kde.org>,
Andy Fawcett <andy@athame.co.uk>
Lauri Watts <lauri@kde.org>
[3] Lauri Watts <lauri@kde.org>
[4] Alan Eldridge <alane@geeksrus.net>
Oswald Buddenhagen <ossi@kde.org>
Reviewed by: kde
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- more manpages
- shift FORBIDDEN
Excerpt of Changes between 0.9.6b and 0.9.6c [21 dec 2001]
*) Fix BN_rand_range bug pointed out by Dominikus Scherkl
*) Only add signing time to PKCS7 structures if it is not already present.
*) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce", OBJ_ld_ce
should be OBJ_id_ce. Also some ip-pda OIDs in crypto/objects/objects.txt
were incorrect (cf. RFC 3039).
*) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
returns early because it has nothing to do.
*) Fix mutex callback return values in crypto/engine/hw_ncipher.c.
*) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
messages are stored in a single piece (fixed-length part and
variable-length part combined) and fix various bugs found on the way.
*) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
instead. BIO_gethostbyname() does not know what timeouts are
appropriate, so entries would stay in cache even when they have
become invalid.
*) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
faced with a pathologically small ClientHello fragment that does
not contain client_version: Instead of aborting with an error,
simply choose the highest available protocol version (i.e.,
TLS 1.0 unless it is disabled).
*) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
*) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
(sent using the client's version number) if client_version is
smaller than the protocol version in use. Also change
ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
the client will at least see that alert.
*) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
correctly.
*) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
client receives HelloRequest while in a handshake.
*) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
should end in 'break', not 'goto end' which circuments various
cleanups done in state SSL_ST_OK. But session related stuff
must be disabled for SSL_ST_OK in the case that we just sent a
HelloRequest. Also avoid some overhead by not calling
ssl_init_wbio_buffer() before just sending a HelloRequest.
*) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
reveal whether illegal block cipher padding was found or a MAC
verification error occured. (Neither SSLerr() codes nor alerts
are directly visible to potential attackers, but the information
may leak via logfiles.) ssl/s2_pkt.c failed to verify that the
purported number of padding bytes is in the legal range.
*) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
'wristwatch attack' using huge encoding parameters (cf.
James H. Manger's CRYPTO 2001 paper). Note that the
RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
encoding parameters and hence was not vulnerable.
*) BN_sqr() bug fix.
*) Rabin-Miller test analyses assume uniformly distributed witnesses,
so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
followed by modular reduction.
*) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
equivalent based on BN_pseudo_rand() instead of BN_rand().
*) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
This function was broken, as the check for a new client hello message
to handle SGC did not allow these large messages.
*) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
*) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
*) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
with the same message size as in ssl3_get_certificate_request().
Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
messages might inadvertently be reject as too long.
*) Modified SSL library such that the verify_callback that has been set
specificly for an SSL object with SSL_set_verify() is actually being
used. Before the change, a verify_callback set with this function was
ignored and the verify_callback() set in the SSL_CTX at the time of
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
to allow the necessary settings.
*) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
dh->length and always used
BN_rand_range(priv_key, dh->p).
So switch back to
BN_rand(priv_key, l, ...)
where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
otherwise.
*) In RSA_eay_public_encrypt, RSA_eay_private_decrypt, RSA_eay_private_encrypt
RSA_eay_public_decrypt always reject numbers >= n.
*) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
to synchronize access to 'locking_thread'.
*) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
*before* setting the 'crypto_lock_rand' flag. The previous code had
a race condition if 0 is a valid thread ID.
|
| |
|
|
|
| |
PR: 37294
Submitted by: maintainer
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* HKP (WWW) key submissions disabled by default, enabled via
configuration file
* nicer formatting of long (SHA-1) fingerprints
* pksdctl usage() shows available commands/arguments
* manual page fixes
Bump PORTREVISION.
PR: ports/34970
Submitted by: Jason Harris <jharris@widomaker.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
which probably isn't supposed to be removed is misc/instant-workstation,
which had a dependency on audio/xamp (being removed), so I removed that
dependency and bumped PORTREVISION. All other ports are real dependents
upon Qt 1.x, including KDE 1.x stuff.
Code in bsd.kde.mk supporting these ports is also removed or adjusted.
Also, some adjustments made to accomodate Qt3/KDE3 ports, which will be
committed Real Soon Now (TM), pending repo-copies.
This commit made in impending view of Qt3/KDE3 entering ports tree.
|
| |
|
|
|
| |
PR: 37237
Submitted by: Udo Schweigert <udo.schweigert@siemens.com>
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 37191
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Pointed out by: Neil Darlow <neil@darlow.co.uk>
|
| |
|
|
| |
buggy and short-lived; hopefully this one is better.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
- switch devel/gettext (0.11.1) on, installing full package
- flip devel/gettext-old (0.10.35) to installing only static binaries
with a "-old" suffix -- gettext-old will have its deorbit burn
sequence initiated just after 4.6-RELEASE
- fix up ports for the new world order
Reviewed by: portmgr
|
| |
|
|
|
|
| |
PR: 36687
Submitted by: Kimura Fuyuki <fuyuki@mj.0038.net>
Approved by: maintainer
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 35758
Submitted by: Kimura Fuyuki <fuyuki@mj.0038.net>
|
| |
|
|
| |
Pointy hat to: myself
|
| |
|
|
| |
Approved by: sobomax
|
| | |
|
| |
|
|
|
| |
PR: 36742
Submitted by: maintainer
|
| | |
|
| |
|
|
|
| |
PR: 36693
Submitted by: Martti Kuparinen <martti.kuparinen@iki.fi>
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 36616
Submitted by: hannes sowa <satbran@web.de>
|
| |
|
|
|
|
|
| |
{WITH,WITHOUT}_X11 and detect ${X11BASE}/lib/libX11.a.
Reported by: bento
Obtained from: security/ssh (partly)
|
| |
|
|
| |
in the base system is more up-to-date and is being actively maintained.
|
| |
|
|
|
| |
PR: 36613
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
for quality
PR: 36597
Submitted by: Dominic Marks <dominic_marks@btinernet.com>
|
| |
|
|
|
| |
PR: 36595
Submitted by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 36514
Submitted by: ago <a.go@wish.net>
|
| |
|
|
|
| |
PR: 36548
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
not tested other than for syntax, but should DTRT from what I understand
of the problem.
Submitted by: bento
|
| | |
|
| |
|
|
| |
Reported by: bento
|
| |
|
|
|
|
|
|
| |
-currents with OpenPAM because functionality is broken.
- touch -> ${TOUCH}
PR: 36469
Submitted by: maintainer
|
| |
|
|
| |
Maintainer timeout: 6 months, 17 days
|
| |
|
|
|
| |
PR: 36442
Submitted by: ago <a.go@wish.net>
|
| | |
|
| | |
|
| |
|
|
| |
patch openssh/files/patch-cipher.c is now obsolete.
|
| |
|
|
|
| |
PR: 36358
Submitted by: Kimura Fuyuki <fuyuki@mj.0038.net>
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
- Make KERBEROS patch build with heimdal port
|
| | |
|
| | |
|
| |
|
|
|
| |
Pointy hat to: cy
Submitted by: bento
|
| |
|
|
| |
Submitted by: Anders Nordby
|
| |
|
|
|
| |
PR: 36029
Submitted by: maintainer
|
| |
|
|
|
| |
openssh-3.1p1-gssapi-20020321.diff
openssh-mit-krb5-20020319.diff
|
| | |
|
| |
|
|
|
| |
PR: 36192
Submitted by: MAINTAINER: Udo Schweigert <udo.schweigert@siemens.com>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
that contains the distribution itself, in a tar.gz file, and a signature
certificate, contained in a detached .tar.gz.asc file. Prior to this
patch, users installing MIT KRB5 had to extract the tarball into
/usr/ports/distfiles, then proceed with the installation. This caused
confusion among those installing the port. This patch addresses the
problem by extracting the .tar.gz file from the tarball, then unpacking
the .tar.gz file before continuing with the build.
|
| | |
|
| |
|
|
| |
libiconv.
|
| |
|
|
| |
PR: 35904
|
| |
|
|
|
|
| |
Bump PORTREVISION
PR: 35904
|
| |
|
|
|
| |
PR: 35976
Submitted by: Kimura Fuyuki <fuyuki@mj.0038.net>
|
| |
|
|
| |
A Cryptographic Toolkit for Python
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Move gettext (0.10.35) with gettext-old
Update gettext from gettext-devel (0.10.40)
Remove gettext-devel
Fix dependencies
Stage 2 will involve upgraded gettext to 0.11 and fixing issues
Stage 3 involves a de-orbit burn sequence for gettext-old
Reviewed by: portmgr
|
| |
|
|
|
| |
Add correct Version of OPENSSL in dependencies if older than 4.3
(bsd.ports.mk) is still not sufficent.
|
| | |
|
| |
|
|
| |
No One Fears GPG
|
| |
|
|
| |
files.
|
| |
|
|
|
| |
PR: 35888
Submitted by: Peter J. Avalos <pavalos@theshell.com>
|
| |
|
|
|
|
|
| |
Perl5 interface to a implementing 3-DES EDE encryption and decryption
PR: 35891
Submitted by: jesper
|
| |
|
|
|
|
|
| |
Perl5 interface to a Diffie-Hellman key exchange system
PR: 35890
Submitted by: jesper
|
| |
|
|
|
|
|
| |
Perl5 interface to a fingerprint in "bubble babble" format
PR: 35889
Submitted by: jesper
|
| |
|
|
| |
4191 Emergency Dat release due to W32/Fbound.c@MM
|
| | |
|
| | |
|
| |
|
|
| |
Noticed by: bento
|
| | |
|
| |
|
|
|
|
|
|
|
| |
make sure that package install and deinstall
don't temper existing configuration files.
install sshd.sh now as sample.
Package changed, but no need to update
if you have PORTREVISION=2
|
| |
|
|
| |
sshd complainied about it.
|
| |
|
|
|
| |
PR: 35734
Submitted by: Patrik Backlund <pbacklun@cc.hut.fi>
|
| |
|
|
| |
Fix description for openssh
|
| | |
|
| |
|
|
|
| |
PR: 35701
Submitted by: Kimura Fuyuki <fuyuki@mj.0038.net>
|
| |
|
|
| |
Submitted by: ume
|
| |
|
|
|
| |
- Patch from openssh-portable, which works fine.
- bump PORTREVISION
|
| | |
|
| |
|
|
|
|
|
| |
SHUT_RD, SHUT_WR, SHUT_RDWR
INET_ADDRSTRLEN
- add dirname() from FreeBSD 4.5
- use utimes instead of futimes fore FreeBSD < 4.x
|
| |
|
|
| |
- builds now for FreeBSD 2.2.8
|
| |
|
|
| |
make command line even if KRB5_HOME is set in make.conf.
|
| |
|
|
| |
updated patches yet. (I hope dinoex doesn't mind my committing this.)
|
| |
|
|
|
|
|
| |
- Suggested patch modified and extended
PR: 35673
Submitted by: scheidell@secnap.net
|
| |
|
|
|
| |
PR: 35676
Submitted by: sysadmin@alexdupre.com
|
| |
|
|
|
|
| |
PR: ports/35665
Submitted by: Kimura Fuyuki <fuyuki@mj.0038.net>
Some part by: me
|
| |
|
|
|
|
| |
the opportunity to use/test the upcoming krb5 before it is released.
Krb5-1.2.4 was released over a week ago superceeding this port. This port
will be resurrected when a new krb5-beta becomes available.
|
| |
|
|
|
| |
PR: 35663
Submitted by: maintainer
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- update patch-au,patch-session.c for password changes.
- patch-channel.c is now integrated
Excerpt from Changelog:
20020304
- OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2002/02/26 18:52:32
[sftp.1]
Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org
- mouring@cvs.openbsd.org 2002/02/26 19:04:37
[sftp.1]
> Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org
Last Ic on the first line should not have a space between it and the final
comma.
- deraadt@cvs.openbsd.org 2002/02/26 19:06:43
[sftp.1]
no, look closely. the comma was highlighted. split .Ic even more
- stevesk@cvs.openbsd.org 2002/02/26 20:03:51
[misc.c]
use socklen_t
- stevesk@cvs.openbsd.org 2002/02/27 21:23:13
[canohost.c channels.c packet.c sshd.c]
remove unneeded casts in [gs]etsockopt(); ok markus@
- markus@cvs.openbsd.org 2002/02/28 15:46:33
[authfile.c kex.c kexdh.c kexgex.c key.c ssh-dss.c]
add some const EVP_MD for openssl-0.9.7
- stevesk@cvs.openbsd.org 2002/02/28 19:36:28
[auth.c match.c match.h]
delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsers
for sshd -u0; ok markus@
- stevesk@cvs.openbsd.org 2002/02/28 20:36:42
[sshd.8]
DenyUsers allows user@host pattern also
- stevesk@cvs.openbsd.org 2002/02/28 20:46:10
[sshd.8]
-u0 DNS for user@host
- stevesk@cvs.openbsd.org 2002/02/28 20:56:00
[auth.c]
log user not allowed details, from dwd@bell-labs.com; ok markus@
- markus@cvs.openbsd.org 2002/03/01 13:12:10
[auth.c match.c match.h]
undo the 'delay hostname lookup' change
match.c must not use compress.c (via canonhost.c/packet.c)
thanks to wilfried@
- markus@cvs.openbsd.org 2002/03/04 12:43:06
[auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
- markus@cvs.openbsd.org 2002/03/04 13:10:46
[misc.c]
error-> debug, because O_NONBLOCK for /dev/null causes too many different
errnos; ok stevesk@, deraadt@
unused include
- stevesk@cvs.openbsd.org 2002/03/04 17:27:39
[auth-krb5.c auth-options.h auth.h authfd.h authfile.h bufaux.h buffer.h
channels.h cipher.h compat.h compress.h crc32.h deattack.c getput.h
groupaccess.c misc.c mpaux.h packet.h readconf.h rsa.h scard.h
servconf.h ssh-agent.c ssh.h ssh2.h sshpty.h sshtty.c ttymodes.h
uuencode.c xmalloc.h]
$OpenBSD$ and RCSID() cleanup: don't use RCSID() in .h files; add
missing RCSID() to .c files and remove dup /*$OpenBSD$*/ from .c
files. ok markus@
- stevesk@cvs.openbsd.org 2002/03/04 18:30:23
[ssh-keyscan.c]
handle connection close during read of protocol version string.
fixes erroneous "bad greeting". ok markus@
- markus@cvs.openbsd.org 2002/03/04 19:37:58
[channels.c]
off by one; thanks to joost@pine.nl
20020226
- (tim) Bug 12 [configure.ac] add sys/bitypes.h to int64_t tests
based on patch by mooney@dogbert.cc.ndsu.nodak.edu (Tim Mooney)
Bug 45 [configure.ac] modify skey test to work around conflict with autoconf
reported by nolan@naic.edu (Michael Nolan)
patch by Pekka Savola <pekkas@netcore.fi>
Bug 74 [configure.ac defines.h] add sig_atomic_t test
reported by dwd@bell-labs.com (Dave Dykstra)
Bug 102 [defines.h] UNICOS fixes. patch by wendyp@cray.com
[configure.ac Makefile.in] link libwrap only with sshd
based on patch by Maciej W. Rozycki <macro@ds2.pg.gda.pl>
Bug 123 link libpam only with sshd
reported by peak@argo.troja.mff.cuni.cz (Pavel Kankovsky)
[configure.ac defines.h] modify previous SCO3 fix to not break Solaris 7
[acconfig.h] remove unused HAVE_REGCOMP
[configure.ac] put back in search for prngd-socket
- (stevesk) openbsd-compat/base64.h: typo in comment
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/02/15 23:54:10
[auth-krb5.c]
krb5_get_err_text() does not like context==NULL; he@nordu.net via google;
ok provos@
- markus@cvs.openbsd.org 2002/02/22 12:20:34
[log.c log.h ssh-keyscan.c]
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@
- markus@cvs.openbsd.org 2002/02/23 17:59:02
[kex.c kexdh.c kexgex.c]
don't allow garbage after payload.
- stevesk@cvs.openbsd.org 2002/02/24 16:09:52
[sshd.c]
use u_char* here; ok markus@
- markus@cvs.openbsd.org 2002/02/24 16:57:19
[sftp-client.c]
early close(), missing free; ok stevesk@
- markus@cvs.openbsd.org 2002/02/24 16:58:32
[packet.c]
make 'cp' unsigned and merge with 'ucp'; ok stevesk@
- markus@cvs.openbsd.org 2002/02/24 18:31:09
[uuencode.c]
typo in comment
- markus@cvs.openbsd.org 2002/02/24 19:14:59
[auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h
ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c]
signed vs. unsigned: make size arguments u_int, ok stevesk@
- stevesk@cvs.openbsd.org 2002/02/24 19:59:42
[channels.c misc.c]
disable Nagle in connect_to() and channel_post_port_listener() (port
forwarding endpoints). the intention is to preserve the on-the-wire
appearance to applications at either end; the applications can then
enable TCP_NODELAY according to their requirements. ok markus@
- markus@cvs.openbsd.org 2002/02/25 16:33:27
[ssh-keygen.c sshconnect2.c uuencode.c uuencode.h]
more u_* fixes
- (bal) Imported missing fatal.c and fixed up Makefile.in
- (tim) [configure.ac] correction to Bug 123 fix
[configure.ac] correction to sig_atomic_t test
20020224
- (tim) [loginrec.c session.c sshlogin.c sshlogin.h] Bug 84
patch by wknox@mitre.org (William Knox).
[sshlogin.h] declare record_utmp_only for session.c
20020219
- (djm) OpenBSD CVS Sync
- mpech@cvs.openbsd.org 2002/02/13 08:33:47
[ssh-keyscan.1]
When you give command examples and etc., in a manual page prefix them with: $ command
or
# command
- markus@cvs.openbsd.org 2002/02/14 23:27:59
[channels.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
- markus@cvs.openbsd.org 2002/02/14 23:28:00
[channels.h session.c ssh.c]
increase the SSH v2 window size to 4 packets. comsumes a little
bit more memory for slow receivers but increases througput.
- markus@cvs.openbsd.org 2002/02/14 23:41:01
[authfile.c cipher.c cipher.h kex.c kex.h packet.c]
hide some more implementation details of cipher.[ch] and prepares for move
to EVP, ok deraadt@
- stevesk@cvs.openbsd.org 2002/02/16 14:53:37
[ssh-keygen.1]
-t required now for key generation
- stevesk@cvs.openbsd.org 2002/02/16 20:40:08
[ssh-keygen.c]
default to rsa keyfile path for non key generation operations where
keyfile not specified. fixes core dump in those cases. ok markus@
- millert@cvs.openbsd.org 2002/02/16 21:27:53
[auth.h]
Part one of userland __P removal. Done with a simple regexp with
some minor hand editing to make comments line up correctly. Another
pass is forthcoming that handles the cases that could not be done
automatically.
- millert@cvs.openbsd.org 2002/02/17 19:42:32
[auth.h]
Manual cleanup of remaining userland __P use (excluding packages
maintained outside the tree)
- markus@cvs.openbsd.org 2002/02/18 13:05:32
[cipher.c cipher.h]
switch to EVP, ok djm@ deraadt@
- markus@cvs.openbsd.org 2002/02/18 17:55:20
[ssh.1]
-q: Fatal errors are _not_ displayed.
- deraadt@cvs.openbsd.org 2002/02/19 02:50:59
[sshd_config]
stategy is not an english word
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/02/15 23:11:26
[session.c]
split do_child(), ok mouring@
- markus@cvs.openbsd.org 2002/02/16 00:51:44
[session.c]
typo
20020218
- (tim) newer config.guess from ftp://ftp.gnu.org/gnu/config/config.guess
20020213
- (djm) Bug #114 - not starting PAM for SSH protocol 1 invalid users
20020213
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/02/11 16:10:15
[kex.c]
restore kexinit handler if we reset the dispatcher, this unbreaks
rekeying s/kex_clear_dispatch/kex_reset_dispatch/
- markus@cvs.openbsd.org 2002/02/11 16:15:46
[sshconnect1.c]
include md5.h, not evp.h
- markus@cvs.openbsd.org 2002/02/11 16:17:55
[sshd.c]
do not complain about port > 1024 if rhosts-auth is disabled
- markus@cvs.openbsd.org 2002/02/11 16:19:39
[sshd.c]
include md5.h not hmac.h
- markus@cvs.openbsd.org 2002/02/11 16:21:42
[match.c]
support up to 40 algorithms per proposal
- djm@cvs.openbsd.org 2002/02/12 12:32:27
[sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
Perform multiple overlapping read/write requests in file transfer. Mostly
done by Tobias Ringstrom <tori@ringstrom.mine.nu>; ok markus@
- djm@cvs.openbsd.org 2002/02/12 12:44:46
[sftp-client.c]
Let overlapped upload path handle servers which reorder ACKs. This may be
permitted by the protocol spec; ok markus@
- markus@cvs.openbsd.org 2002/02/13 00:28:13
[sftp-server.c]
handle SSH2_FILEXFER_ATTR_SIZE in SSH2_FXP_(F)SETSTAT; ok djm@
- markus@cvs.openbsd.org 2002/02/13 00:39:15
[readpass.c]
readpass.c is not longer from UCB, since we now use readpassphrase(3)
- djm@cvs.openbsd.org 2002/02/13 00:59:23
[sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp.h]
[sftp-int.c sftp-int.h]
API cleanup and backwards compat for filexfer v.0 servers; ok markus@
- (djm) Sync openbsd-compat with OpenBSD CVS too
- (djm) Bug #106: Add --without-rpath configure option. Patch from
Nicolas.Williams@ubsw.com
20020210
- (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2002/02/09 17:37:34
[pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1]
move ssh config files to /etc/ssh
- (djm) Adjust portable Makefile.in tnd ssh-rand-helper.c o match
- deraadt@cvs.openbsd.org 2002/02/10 01:07:05
[readconf.h sshd.8]
more /etc/ssh; openbsd@davidkrause.com
20020208
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/02/04 12:15:25
[sshd.c]
add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
- stevesk@cvs.openbsd.org 2002/02/04 20:41:16
[ssh-agent.1]
more sync for default ssh-add identities; ok markus@
- djm@cvs.openbsd.org 2002/02/05 00:00:46
[sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
Add "-B" option to specify copy buffer length (default 32k); ok markus@
- markus@cvs.openbsd.org 2002/02/05 14:32:55
[channels.c channels.h ssh.c]
merge channel_request() into channel_request_start()
- markus@cvs.openbsd.org 2002/02/06 14:22:42
[sftp.1]
sort options; ok mpech@, stevesk@
- mpech@cvs.openbsd.org 2002/02/06 14:27:23
[sftp.c]
sync usage() with manual.
- markus@cvs.openbsd.org 2002/02/06 14:37:22
[session.c]
minor KNF
- markus@cvs.openbsd.org 2002/02/06 14:55:16
[channels.c clientloop.c serverloop.c ssh.c]
channel_new never returns NULL, mouring@; ok djm@
- markus@cvs.openbsd.org 2002/02/07 09:35:39
[ssh.c]
remove bogus comments
20020205
- (djm) Cleanup after sync:
- :%s/reverse_mapping_check/verify_reverse_mapping/g
- (djm) OpenBSD CVS Sync
- stevesk@cvs.openbsd.org 2002/01/24 21:09:25
[channels.c misc.c misc.h packet.c]
add set_nodelay() to set TCP_NODELAY on a socket (prep for nagle tuning).
no nagle changes just yet; ok djm@ markus@
- stevesk@cvs.openbsd.org 2002/01/24 21:13:23
[packet.c]
need misc.h for set_nodelay()
- markus@cvs.openbsd.org 2002/01/25 21:00:24
[sshconnect2.c]
unused include
- markus@cvs.openbsd.org 2002/01/25 21:42:11
[ssh-dss.c ssh-rsa.c]
use static EVP_MAX_MD_SIZE buffers for EVP_DigestFinal; ok stevesk@
don't use evp_md->md_size, it's not public.
- markus@cvs.openbsd.org 2002/01/25 22:07:40
[kex.c kexdh.c kexgex.c key.c mac.c]
use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@
- stevesk@cvs.openbsd.org 2002/01/26 16:44:22
[includes.h session.c]
revert code to add x11 localhost display authorization entry for
hostname/unix:d and uts.nodename/unix:d if nodename was different than
hostname. just add entry for unix:d instead. ok markus@
- stevesk@cvs.openbsd.org 2002/01/27 14:57:46
[channels.c servconf.c servconf.h session.c sshd.8 sshd_config]
add X11UseLocalhost; ok markus@
- stevesk@cvs.openbsd.org 2002/01/27 18:08:17
[ssh.c]
handle simple case to identify FamilyLocal display; ok markus@
- markus@cvs.openbsd.org 2002/01/29 14:27:57
[ssh-add.c]
exit 2 if no agent, exit 1 if list fails; debian#61078; ok djm@
- markus@cvs.openbsd.org 2002/01/29 14:32:03
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c]
[servconf.c servconf.h session.c sshd.8 sshd_config]
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion;
ok stevesk@
- stevesk@cvs.openbsd.org 2002/01/29 16:29:02
[session.c]
limit subsystem length in log; ok markus@
- markus@cvs.openbsd.org 2002/01/29 16:41:19
[ssh-add.1]
add DIAGNOSTICS; ok stevesk@
- markus@cvs.openbsd.org 2002/01/29 22:46:41
[session.c]
don't depend on servconf.c; ok djm@
- markus@cvs.openbsd.org 2002/01/29 23:50:37
[scp.1 ssh.1]
mention exit status; ok stevesk@
- markus@cvs.openbsd.org 2002/01/31 13:35:11
[kexdh.c kexgex.c]
cross check announced key type and type from key blob
- markus@cvs.openbsd.org 2002/01/31 15:00:05
[serverloop.c]
no need for WNOHANG; ok stevesk@
- markus@cvs.openbsd.org 2002/02/03 17:53:25
[auth1.c serverloop.c session.c session.h]
don't use channel_input_channel_request and callback
use new server_input_channel_req() instead:
server_input_channel_req does generic request parsing on server side
session_input_channel_req handles just session specific things now
ok djm@
- markus@cvs.openbsd.org 2002/02/03 17:55:55
[channels.c channels.h]
remove unused channel_input_channel_request
- markus@cvs.openbsd.org 2002/02/03 17:58:21
[channels.c channels.h ssh.c]
generic callbacks are not really used, remove and
add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
ok djm@
- markus@cvs.openbsd.org 2002/02/03 17:59:23
[sshconnect2.c]
more cross checking if announced vs. used key type; ok stevesk@
- stevesk@cvs.openbsd.org 2002/02/03 22:35:57
[ssh.1 sshd.8]
some KeepAlive cleanup/clarify; ok markus@
- stevesk@cvs.openbsd.org 2002/02/03 23:22:59
[ssh-agent.1]
ssh-add also adds $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa now.
- stevesk@cvs.openbsd.org 2002/02/04 00:53:39
[ssh-agent.c]
unneeded includes
- markus@cvs.openbsd.org 2002/02/04 11:58:10
[auth2.c]
cross checking of announced vs actual pktype in pubkey/hostbaed auth;
ok stevesk@
- markus@cvs.openbsd.org 2002/02/04 12:15:25
[log.c log.h readconf.c servconf.c]
add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
- stevesk@cvs.openbsd.org 2002/02/04 20:41:16
[ssh-add.1]
more sync for default ssh-add identities; ok markus@
- djm@cvs.openbsd.org 2002/02/04 21:53:12
[sftp.1 sftp.c]
Add "-P" option to directly connect to a local sftp-server. Should be
useful for regression testing; ok markus@
- djm@cvs.openbsd.org 2002/02/05 00:00:46
[sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
Add "-B" option to specify copy buffer length (default 32k); ok markus@
20020130
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
- (tim) [configure.ac] fix logic on when ssh-rand-helper is installed.
[sshd_config] put back in line that tells what PATH was compiled into sshd.
20020125
- (djm) Don't grab Xserver or pointer by default. x11-ssh-askpass doesn't
and grabbing can cause deadlocks with kinput2.
20020124
- (stevesk) Makefile.in: bug #61; delete commented line for now.
20020123
- (djm) Fix non-standard shell syntax in autoconf. Patch from
Dave Dykstra <dwd@bell-labs.com>
- (stevesk) fix --with-zlib=
- (djm) Use case statements in autoconf to clean up some tests
20020122
- (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
- Add OpenSSL sanity check: verify that header version matches version
reported by library
- (djm) Fix some bugs I introduced into ssh-rand-helper yesterday
- OpenBSD CVS Sync
- djm@cvs.openbsd.org 2001/12/21 08:52:22
[ssh-keygen.1 ssh-keygen.c]
Remove default (rsa1) key type; ok markus@
- djm@cvs.openbsd.org 2001/12/21 08:53:45
[readpass.c]
Avoid interruptable passphrase read; ok markus@
- djm@cvs.openbsd.org 2001/12/21 10:06:43
[ssh-add.1 ssh-add.c]
Try all standard key files (id_rsa, id_dsa, identity) when invoked with
no arguments; ok markus@
- markus@cvs.openbsd.org 2001/12/21 12:17:33
[serverloop.c]
remove ifdef for USE_PIPES since fdin != fdout; ok djm@
- deraadt@cvs.openbsd.org 2001/12/24 07:29:43
[ssh-add.c]
try all listed keys.. how did this get broken?
- markus@cvs.openbsd.org 2001/12/25 18:49:56
[key.c]
be more careful on allocation
- markus@cvs.openbsd.org 2001/12/25 18:53:00
[auth1.c]
be more carefull on allocation
- markus@cvs.openbsd.org 2001/12/27 18:10:29
[ssh-keygen.c]
-t is only needed for key generation (unbreaks -i, -e, etc).
- markus@cvs.openbsd.org 2001/12/27 18:22:16
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c]
[scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
call fatal() for openssl allocation failures
- stevesk@cvs.openbsd.org 2001/12/27 18:22:53
[sshd.8]
clarify -p; ok markus@
- markus@cvs.openbsd.org 2001/12/27 18:26:13
[authfile.c]
missing include
- markus@cvs.openbsd.org 2001/12/27 19:37:23
[dh.c kexdh.c kexgex.c]
always use BN_clear_free instead of BN_free
- markus@cvs.openbsd.org 2001/12/27 19:54:53
[auth1.c auth.h auth-rh-rsa.c]
auth_rhosts_rsa now accept generic keys.
- markus@cvs.openbsd.org 2001/12/27 20:39:58
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h]
[serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
- markus@cvs.openbsd.org 2001/12/28 12:14:27
[auth1.c auth2.c auth2-chall.c auth-rsa.c channels.c clientloop.c]
[kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c]
[ssh.c sshconnect1.c sshconnect2.c sshd.c]
s/packet_done/packet_check_eom/ (end-of-message); ok djm@
- markus@cvs.openbsd.org 2001/12/28 13:57:33
[auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c]
packet_get_bignum* no longer returns a size
- markus@cvs.openbsd.org 2001/12/28 14:13:13
[bufaux.c bufaux.h packet.c]
buffer_get_bignum: int -> void
- markus@cvs.openbsd.org 2001/12/28 14:50:54
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c]
[packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c]
[sshconnect2.c sshd.c]
packet_read* no longer return the packet length, since it's not used.
- markus@cvs.openbsd.org 2001/12/28 15:06:00
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
remove plen from the dispatch fn. it's no longer used.
- stevesk@cvs.openbsd.org 2001/12/28 22:37:48
[ssh.1 sshd.8]
document LogLevel DEBUG[123]; ok markus@
- stevesk@cvs.openbsd.org 2001/12/29 21:56:01
[authfile.c channels.c compress.c packet.c sftp-server.c]
[ssh-agent.c ssh-keygen.c]
remove unneeded casts and some char->u_char cleanup; ok markus@
- stevesk@cvs.openbsd.org 2002/01/03 04:11:08
[ssh_config]
grammar in comment
- stevesk@cvs.openbsd.org 2002/01/04 17:59:17
[readconf.c servconf.c]
remove #ifdef _PATH_XAUTH/#endif; ok markus@
- stevesk@cvs.openbsd.org 2002/01/04 18:14:16
[servconf.c sshd.8]
protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and
/etc/ssh_host_dsa_key like we have in sshd_config. ok markus@
- markus@cvs.openbsd.org 2002/01/05 10:43:40
[channels.c]
fix hanging x11 channels for rejected cookies (e.g.
XAUTHORITY=/dev/null xbiff) bug #36, based on patch from
djast@cs.toronto.edu
- stevesk@cvs.openbsd.org 2002/01/05 21:51:56
[ssh.1 sshd.8]
some missing and misplaced periods
- markus@cvs.openbsd.org 2002/01/09 13:49:27
[ssh-keygen.c]
append \n only for public keys
- markus@cvs.openbsd.org 2002/01/09 17:16:00
[channels.c]
merge channel_pre_open_15/channel_pre_open_20; ok provos@
- markus@cvs.openbsd.org 2002/01/09 17:26:35
[channels.c nchan.c]
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b);
ok provos@
- markus@cvs.openbsd.org 2002/01/10 11:13:29
[serverloop.c]
skip client_alive_check until there are channels; ok beck@
- markus@cvs.openbsd.org 2002/01/10 11:24:04
[clientloop.c]
handle SSH2_MSG_GLOBAL_REQUEST (just reply with failure); ok djm@
- markus@cvs.openbsd.org 2002/01/10 12:38:26
[nchan.c]
remove dead code (skip drain)
- markus@cvs.openbsd.org 2002/01/10 12:47:59
[nchan.c]
more unused code (with channels.c:1.156)
- markus@cvs.openbsd.org 2002/01/11 10:31:05
[packet.c]
handle received SSH2_MSG_UNIMPLEMENTED messages; ok djm@
- markus@cvs.openbsd.org 2002/01/11 13:36:43
[ssh2.h]
add defines for msg type ranges
- markus@cvs.openbsd.org 2002/01/11 13:39:36
[auth2.c dispatch.c dispatch.h kex.c]
a single dispatch_protocol_error() that sends a message of
type 'UNIMPLEMENTED'
dispatch_range(): set handler for a ranges message types
use dispatch_protocol_ignore() for authentication requests after
successful authentication (the drafts requirement).
serverloop/clientloop now send a 'UNIMPLEMENTED' message instead
of exiting.
- markus@cvs.openbsd.org 2002/01/11 20:14:11
[auth2-chall.c auth-skey.c]
use strlcpy not strlcat; mouring@
- markus@cvs.openbsd.org 2002/01/11 23:02:18
[readpass.c]
use _PATH_TTY
- markus@cvs.openbsd.org 2002/01/11 23:02:51
[auth2-chall.c]
use snprintf; mouring@
- markus@cvs.openbsd.org 2002/01/11 23:26:30
[auth-skey.c]
use snprintf; mouring@
- markus@cvs.openbsd.org 2002/01/12 13:10:29
[auth-skey.c]
undo local change
- provos@cvs.openbsd.org 2002/01/13 17:27:07
[ssh-agent.c]
change to use queue.h macros; okay markus@
- markus@cvs.openbsd.org 2002/01/13 17:57:37
[auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
use buffer API and avoid static strings of fixed size;
ok provos@/mouring@
- markus@cvs.openbsd.org 2002/01/13 21:31:20
[channels.h nchan.c]
add chan_set_[io]state(), order states, state is now an u_int,
simplifies debugging messages; ok provos@
- markus@cvs.openbsd.org 2002/01/14 13:22:35
[nchan.c]
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
- markus@cvs.openbsd.org 2002/01/14 13:34:07
[nchan.c]
merge chan_[io]buf_empty[12]; ok provos@
- markus@cvs.openbsd.org 2002/01/14 13:40:10
[nchan.c]
correct fn names for ssh2, do not switch from closed to closed;
ok provos@
- markus@cvs.openbsd.org 2002/01/14 13:41:13
[nchan.c]
remove duplicated code; ok provos@
- markus@cvs.openbsd.org 2002/01/14 13:55:55
[channels.c channels.h nchan.c]
remove function pointers for events, remove chan_init*; ok provos@
- markus@cvs.openbsd.org 2002/01/14 13:57:03
[channels.h nchan.c]
(c) 2002
- markus@cvs.openbsd.org 2002/01/16 13:17:51
[channels.c channels.h serverloop.c ssh.c]
wrapper for channel_setup_fwd_listener
- stevesk@cvs.openbsd.org 2002/01/16 17:40:23
[sshd_config]
The stategy now used for options in the default sshd_config shipped
with OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options change a
default value. Subsystem is currently the only default option
changed. ok markus@
- stevesk@cvs.openbsd.org 2002/01/16 17:42:33
[ssh.1]
correct defaults for -i/IdentityFile; ok markus@
- stevesk@cvs.openbsd.org 2002/01/16 17:55:33
[ssh_config]
correct some commented defaults. add Ciphers default. ok markus@
- stevesk@cvs.openbsd.org 2002/01/17 04:27:37
[log.c]
casts to silence enum type warnings for bugzilla bug 37; ok markus@
- stevesk@cvs.openbsd.org 2002/01/18 17:14:16
[sshd.8]
correct Ciphers default; paola.mannaro@ubs.com
- stevesk@cvs.openbsd.org 2002/01/18 18:14:17
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
unneeded cast cleanup; ok markus@
- stevesk@cvs.openbsd.org 2002/01/18 20:46:34
[sshd.8]
clarify Allow(Groups|Users) and Deny(Groups|Users); suggestion from
allard@oceanpark.com; ok markus@
- markus@cvs.openbsd.org 2002/01/21 15:13:51
[sshconnect.c]
use read_passphrase+ECHO in confirm(), allows use of ssh-askpass
for hostkey confirm.
- markus@cvs.openbsd.org 2002/01/21 22:30:12
[cipher.c compat.c myproposal.h]
remove "rijndael-*", just use "aes-" since this how rijndael is called
in the drafts; ok stevesk@
- markus@cvs.openbsd.org 2002/01/21 23:27:10
[channels.c nchan.c]
cleanup channels faster if the are empty and we are in drain-state;
ok deraadt@
- stevesk@cvs.openbsd.org 2002/01/22 02:52:41
[servconf.c]
typo in error message; from djast@cs.toronto.edu
- (djm) Make auth2-pam.c compile again after dispatch.h and packet.h
changes
- (djm) Recent Glibc includes an incompatible sys/queue.h. Treat it as
bogus in configure
- (djm) Use local sys/queue.h if necessary in ssh-agent.c
20020121
- (djm) Rework ssh-rand-helper:
- Reduce quantity of ifdef code, in preparation for ssh_rand_conf
- Always seed from system calls, even when doing PRNGd seeding
- Tidy and comment #define knobs
- Remove unused facility for multiple runs through command list
- KNF, cleanup, update copyright
20020114
- (djm) Bug #50 - make autoconf entropy path checks more robust
20020108
- (djm) Merge Cygwin copy_environment with do_pam_environment, removing
fixed env var size limit in the process. Report from Corinna Vinschen
<vinschen@redhat.com>
- (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does
not depend on transition links. from Lutz Jaenicke.
20020106
- (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u"
for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u".
20020103
- (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from
Roger Cornelius <rac@tenzing.org>
|
| | |
|
| |
|
|
|
| |
PR: 35630
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Submitted by: will
|
| |
|
|
| |
This PAM module provides authorization based on a user already being currently logged in already.
|
| |
|
|
|
|
| |
distfile for the previous version disappeared within hours of the port
being committed, I'll just pretend that the previous commit never
happened.
|
| | |
|
| |
|
|
|
|
| |
Obtained from: OpenBSD
Bump PORTREVISION.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: ports/35313
Submitted by: MAINTAINER: Udo Schweigert <udo.schweigert@siemens.com>
|
| |
|
|
|
| |
PR: 35499
Submitted by: KATO Tsuguru <tkato@prontomail.com>
|
| | |
|
| |
|
|
|
|
|
| |
release). In relation to Tripwire 1.x, 2.x is a complete rewrite.
PR: ports/29137
Submitted by: nectar (first review), cjc (second review)
|
| |
|
|
|
| |
PR: 35423
Submitted by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 34978, 35122
Submitted by: Seamus Venasse <svenasse@polaris.ca>, Jason Harris <jharris@widomaker.com>
|
| |
|
|
|
| |
PR: ports/35275
Submitted by: MAINTAINER: Stephane Legrand <stephane.legrand@bigfoot.com>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
pkg-plist.
Approved by: obrien
|
| |
|
|
|
|
|
|
|
| |
a separate port for nmapfe. Even though the attempt in the nmap port
mostly fails since no nmapfe executable would have been built, files
not appearing in the pkg-plist were being added to the system.
PR: ports/35207
Approved by: obrien
|
| |
|
|
|
|
|
|
| |
uses this make file. It should not try to strip the ${PREFIX}/bin/nmap
executable. The install of nmapfe would fail if nmap did not exist.
PR: ports/35207
Approved by: obrien
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Add the TWCONFIG variable to install a user defined tw.config instead
of the one supplied with the port.
- Add the NO_DB_BUILD variable to skip the database build during install
for users upgrading or reinstalling the port who wish to use an existing
or previously installed Tripwire database.
PR: ports/35127
Submitted by: cjc
Approved by: jgreco@ns.sol.net
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Add the TWCONFIG variable to install a user defined tw.config instead
of the one supplied with the port.
- Add the NO_DB_BUILD variable to skip the database build during install
for users upgrading or reinstalling the port who wish to use an existing
or previously installed Tripwire database.
PR: ports/35127
Submitted by: cjc
Approved by: jgreco@ns.sol.net
|
| |
|
|
|
|
|
|
|
|
|
| |
PR: ports/34740
Submitted by: larse@ISI.EDU
- Add %%PORTDOCS%% to pkg-plist.
- Assign MAINTAINER to the submitter.
Requested by: issei (previous MAINTAINER)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem: logging in to a remote system with a cryptographic
solution such as lsh or ssh takes time, due to the computationally
expensive key exchanges that occur when the connection is
established. It is common to trigger a lot of remote logins while
using remote CVS, which makes it painfully slow compared to having the
repository locally.
The solution: reuse the secure tunnel once it has been
established. fsh is a drop-in rsh-compatible replacement for ssh that
automatically resuses ssh tunnels.
WWW: http://www.lysator.liu.se/fsh/
|
