aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirk Meyer <dinoex@FreeBSD.org>2002-06-26 15:21:27 +0000
committerDirk Meyer <dinoex@FreeBSD.org>2002-06-26 15:21:27 +0000
commit6e92b681172f0b572e7431589d5f0146f1eecc51 (patch)
tree5b56fee9afd3790f6331df3ff44aabbf157bc65b
parente5e7ae144edca709d343fe5420e331a8287b3444 (diff)
downloadports-6e92b681172f0b572e7431589d5f0146f1eecc51.tar.gz
ports-6e92b681172f0b572e7431589d5f0146f1eecc51.zip
Notes
-rw-r--r--security/hpn-ssh/Makefile7
-rw-r--r--security/hpn-ssh/files/patch-auth2-chall.c61
-rw-r--r--security/hpn-ssh/pkg-plist1
-rw-r--r--security/openssh-portable/Makefile7
-rw-r--r--security/openssh-portable/files/patch-auth2-chall.c61
-rw-r--r--security/openssh-portable/pkg-plist1
-rw-r--r--security/openssh/Makefile2
-rw-r--r--security/openssh/files/patch-auth2-chall.c66
8 files changed, 200 insertions, 6 deletions
diff --git a/security/hpn-ssh/Makefile b/security/hpn-ssh/Makefile
index d4f6705dfbb8..9bb3895c0126 100644
--- a/security/hpn-ssh/Makefile
+++ b/security/hpn-ssh/Makefile
@@ -7,7 +7,7 @@
PORTNAME= openssh
PORTVERSION= 3.3p1
-PORTREVISION= 3
+PORTREVISION= 5
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \
@@ -51,6 +51,8 @@ CONFIGURE_ARGS+= --mandir=${MANPREFIX}/man --localstatedir=/var
EMPTYDIR= /var/empty
ETCSSH= /etc/ssh
PLIST_SUB+= NOTBASE="@comment "
+PLIST_SUB+= BASE=""
+PKGMESSAGE= pkg-message.empty
.else
.if exists(/var/empty)
EMPTYDIR= /var/empty
@@ -59,6 +61,7 @@ EMPTYDIR= ${PREFIX}/empty
.endif
ETCSSH= ${PREFIX}/etc/ssh
PLIST_SUB+= NOTBASE=""
+PLIST_SUB+= BASE="@comment "
.endif
PLIST_SUB+= EMPTYDIR=${EMPTYDIR}
CONFIGURE_ARGS+= --sysconfdir=${ETCSSH}
@@ -119,7 +122,9 @@ post-install:
.endif
${INSTALL_DATA} -c ${WRKSRC}/ssh_config.out ${ETCSSH}/ssh_config-dist
${INSTALL_DATA} -c ${WRKSRC}/sshd_config.out ${ETCSSH}/sshd_config-dist
+.if !defined(OPENSSH_OVERWRITE_BASE)
@${CAT} ${PKGMESSAGE}
+.endif
.include <bsd.port.pre.mk>
diff --git a/security/hpn-ssh/files/patch-auth2-chall.c b/security/hpn-ssh/files/patch-auth2-chall.c
new file mode 100644
index 000000000000..a596ee778e81
--- /dev/null
+++ b/security/hpn-ssh/files/patch-auth2-chall.c
@@ -0,0 +1,61 @@
+--- auth2-chall.c 2002/06/19 00:27:55 1.18
++++ auth2-chall.c 2002/06/26 13:55:37 1.19
+@@ -63,6 +63,7 @@
+ char *devices;
+ void *ctxt;
+ KbdintDevice *device;
++ u_int nreq;
+ };
+
+ static KbdintAuthctxt *
+@@ -90,6 +91,7 @@
+ debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
+ kbdintctxt->ctxt = NULL;
+ kbdintctxt->device = NULL;
++ kbdintctxt->nreq = 0;
+
+ return kbdintctxt;
+ }
+@@ -209,26 +211,26 @@
+ KbdintAuthctxt *kbdintctxt;
+ char *name, *instr, **prompts;
+ int i;
+- u_int numprompts, *echo_on;
++ u_int *echo_on;
+
+ kbdintctxt = authctxt->kbdintctxt;
+ if (kbdintctxt->device->query(kbdintctxt->ctxt,
+- &name, &instr, &numprompts, &prompts, &echo_on))
++ &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
+ return 0;
+
+ packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
+ packet_put_cstring(name);
+ packet_put_cstring(instr);
+ packet_put_cstring(""); /* language not used */
+- packet_put_int(numprompts);
+- for (i = 0; i < numprompts; i++) {
++ packet_put_int(kbdintctxt->nreq);
++ for (i = 0; i < kbdintctxt->nreq; i++) {
+ packet_put_cstring(prompts[i]);
+ packet_put_char(echo_on[i]);
+ }
+ packet_send();
+ packet_write_wait();
+
+- for (i = 0; i < numprompts; i++)
++ for (i = 0; i < kbdintctxt->nreq; i++)
+ xfree(prompts[i]);
+ xfree(prompts);
+ xfree(echo_on);
+@@ -256,6 +258,10 @@
+
+ authctxt->postponed = 0; /* reset */
+ nresp = packet_get_int();
++ if (nresp != kbdintctxt->nreq)
++ fatal("input_userauth_info_response: wrong number of replies");
++ if (nresp > 100)
++ fatal("input_userauth_info_response: too many replies");
+ if (nresp > 0) {
+ response = xmalloc(nresp * sizeof(char*));
+ for (i = 0; i < nresp; i++)
diff --git a/security/hpn-ssh/pkg-plist b/security/hpn-ssh/pkg-plist
index b2df58c55ca3..a20e02c1426b 100644
--- a/security/hpn-ssh/pkg-plist
+++ b/security/hpn-ssh/pkg-plist
@@ -33,5 +33,6 @@ libexec/ssh-keysign
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_dsa_key ]; then echo ">> Generating a secret DSA host key."; %D/bin/ssh-keygen -t dsa -N "" -f %D/etc/ssh/ssh_host_dsa_key; fi
%%NOTBASE%%@exec mkdir -p %D/empty
%%NOTBASE%%@dirrm empty
+%%BASE%%@exec mkdir -p %%EMPTYDIR%%
@exec if ! pw groupshow sshd 2>/dev/null; then pw groupadd sshd -g 22; fi
@exec if ! pw usershow sshd 2>/dev/null; then pw useradd sshd -g sshd -u 22 -h - -d %%EMPTYDIR%% -s /nonexistent -c "sshd privilege separation"; fi
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile
index d4f6705dfbb8..9bb3895c0126 100644
--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -7,7 +7,7 @@
PORTNAME= openssh
PORTVERSION= 3.3p1
-PORTREVISION= 3
+PORTREVISION= 5
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \
@@ -51,6 +51,8 @@ CONFIGURE_ARGS+= --mandir=${MANPREFIX}/man --localstatedir=/var
EMPTYDIR= /var/empty
ETCSSH= /etc/ssh
PLIST_SUB+= NOTBASE="@comment "
+PLIST_SUB+= BASE=""
+PKGMESSAGE= pkg-message.empty
.else
.if exists(/var/empty)
EMPTYDIR= /var/empty
@@ -59,6 +61,7 @@ EMPTYDIR= ${PREFIX}/empty
.endif
ETCSSH= ${PREFIX}/etc/ssh
PLIST_SUB+= NOTBASE=""
+PLIST_SUB+= BASE="@comment "
.endif
PLIST_SUB+= EMPTYDIR=${EMPTYDIR}
CONFIGURE_ARGS+= --sysconfdir=${ETCSSH}
@@ -119,7 +122,9 @@ post-install:
.endif
${INSTALL_DATA} -c ${WRKSRC}/ssh_config.out ${ETCSSH}/ssh_config-dist
${INSTALL_DATA} -c ${WRKSRC}/sshd_config.out ${ETCSSH}/sshd_config-dist
+.if !defined(OPENSSH_OVERWRITE_BASE)
@${CAT} ${PKGMESSAGE}
+.endif
.include <bsd.port.pre.mk>
diff --git a/security/openssh-portable/files/patch-auth2-chall.c b/security/openssh-portable/files/patch-auth2-chall.c
new file mode 100644
index 000000000000..a596ee778e81
--- /dev/null
+++ b/security/openssh-portable/files/patch-auth2-chall.c
@@ -0,0 +1,61 @@
+--- auth2-chall.c 2002/06/19 00:27:55 1.18
++++ auth2-chall.c 2002/06/26 13:55:37 1.19
+@@ -63,6 +63,7 @@
+ char *devices;
+ void *ctxt;
+ KbdintDevice *device;
++ u_int nreq;
+ };
+
+ static KbdintAuthctxt *
+@@ -90,6 +91,7 @@
+ debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
+ kbdintctxt->ctxt = NULL;
+ kbdintctxt->device = NULL;
++ kbdintctxt->nreq = 0;
+
+ return kbdintctxt;
+ }
+@@ -209,26 +211,26 @@
+ KbdintAuthctxt *kbdintctxt;
+ char *name, *instr, **prompts;
+ int i;
+- u_int numprompts, *echo_on;
++ u_int *echo_on;
+
+ kbdintctxt = authctxt->kbdintctxt;
+ if (kbdintctxt->device->query(kbdintctxt->ctxt,
+- &name, &instr, &numprompts, &prompts, &echo_on))
++ &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
+ return 0;
+
+ packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
+ packet_put_cstring(name);
+ packet_put_cstring(instr);
+ packet_put_cstring(""); /* language not used */
+- packet_put_int(numprompts);
+- for (i = 0; i < numprompts; i++) {
++ packet_put_int(kbdintctxt->nreq);
++ for (i = 0; i < kbdintctxt->nreq; i++) {
+ packet_put_cstring(prompts[i]);
+ packet_put_char(echo_on[i]);
+ }
+ packet_send();
+ packet_write_wait();
+
+- for (i = 0; i < numprompts; i++)
++ for (i = 0; i < kbdintctxt->nreq; i++)
+ xfree(prompts[i]);
+ xfree(prompts);
+ xfree(echo_on);
+@@ -256,6 +258,10 @@
+
+ authctxt->postponed = 0; /* reset */
+ nresp = packet_get_int();
++ if (nresp != kbdintctxt->nreq)
++ fatal("input_userauth_info_response: wrong number of replies");
++ if (nresp > 100)
++ fatal("input_userauth_info_response: too many replies");
+ if (nresp > 0) {
+ response = xmalloc(nresp * sizeof(char*));
+ for (i = 0; i < nresp; i++)
diff --git a/security/openssh-portable/pkg-plist b/security/openssh-portable/pkg-plist
index b2df58c55ca3..a20e02c1426b 100644
--- a/security/openssh-portable/pkg-plist
+++ b/security/openssh-portable/pkg-plist
@@ -33,5 +33,6 @@ libexec/ssh-keysign
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_dsa_key ]; then echo ">> Generating a secret DSA host key."; %D/bin/ssh-keygen -t dsa -N "" -f %D/etc/ssh/ssh_host_dsa_key; fi
%%NOTBASE%%@exec mkdir -p %D/empty
%%NOTBASE%%@dirrm empty
+%%BASE%%@exec mkdir -p %%EMPTYDIR%%
@exec if ! pw groupshow sshd 2>/dev/null; then pw groupadd sshd -g 22; fi
@exec if ! pw usershow sshd 2>/dev/null; then pw useradd sshd -g sshd -u 22 -h - -d %%EMPTYDIR%% -s /nonexistent -c "sshd privilege separation"; fi
diff --git a/security/openssh/Makefile b/security/openssh/Makefile
index 484c77d5a24b..59b89f77f19f 100644
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@@ -7,7 +7,7 @@
PORTNAME= openssh
PORTVERSION= 3.3
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= security
MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/ \
ftp://ftp.usa.openbsd.org/pub/OpenBSD/OpenSSH/ \
diff --git a/security/openssh/files/patch-auth2-chall.c b/security/openssh/files/patch-auth2-chall.c
index 488bdf9d036e..80470f799fd8 100644
--- a/security/openssh/files/patch-auth2-chall.c
+++ b/security/openssh/files/patch-auth2-chall.c
@@ -1,6 +1,6 @@
--- auth2-chall.c.orig Wed Jun 19 02:27:55 2002
-+++ auth2-chall.c Mon Jun 24 06:54:04 2002
-@@ -40,19 +40,19 @@
++++ auth2-chall.c Wed Jun 26 16:59:05 2002
+@@ -40,20 +40,20 @@
#ifdef BSD_AUTH
extern KbdintDevice bsdauth_device;
@@ -22,7 +22,67 @@
+ &pam_device,
+#elif defined(SKEY)
&skey_device,
--#endif
#endif
+-#endif
NULL
};
+
+@@ -63,6 +63,7 @@
+ char *devices;
+ void *ctxt;
+ KbdintDevice *device;
++ u_int nreq;
+ };
+
+ static KbdintAuthctxt *
+@@ -90,6 +91,7 @@
+ debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
+ kbdintctxt->ctxt = NULL;
+ kbdintctxt->device = NULL;
++ kbdintctxt->nreq = 0;
+
+ return kbdintctxt;
+ }
+@@ -209,26 +211,26 @@
+ KbdintAuthctxt *kbdintctxt;
+ char *name, *instr, **prompts;
+ int i;
+- u_int numprompts, *echo_on;
++ u_int *echo_on;
+
+ kbdintctxt = authctxt->kbdintctxt;
+ if (kbdintctxt->device->query(kbdintctxt->ctxt,
+- &name, &instr, &numprompts, &prompts, &echo_on))
++ &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
+ return 0;
+
+ packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
+ packet_put_cstring(name);
+ packet_put_cstring(instr);
+ packet_put_cstring(""); /* language not used */
+- packet_put_int(numprompts);
+- for (i = 0; i < numprompts; i++) {
++ packet_put_int(kbdintctxt->nreq);
++ for (i = 0; i < kbdintctxt->nreq; i++) {
+ packet_put_cstring(prompts[i]);
+ packet_put_char(echo_on[i]);
+ }
+ packet_send();
+ packet_write_wait();
+
+- for (i = 0; i < numprompts; i++)
++ for (i = 0; i < kbdintctxt->nreq; i++)
+ xfree(prompts[i]);
+ xfree(prompts);
+ xfree(echo_on);
+@@ -256,6 +258,10 @@
+
+ authctxt->postponed = 0; /* reset */
+ nresp = packet_get_int();
++ if (nresp != kbdintctxt->nreq)
++ fatal("input_userauth_info_response: wrong number of replies");
++ if (nresp > 100)
++ fatal("input_userauth_info_response: too many replies");
+ if (nresp > 0) {
+ response = xmalloc(nresp * sizeof(char*));
+ for (i = 0; i < nresp; i++)