diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2010-10-15 17:40:31 +0000 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2010-10-15 17:40:31 +0000 |
| commit | 31ecf3c3a56888a664f90607d7be054b1f284a47 (patch) | |
| tree | f5898169753c987ee855a487d91169ee3ddfa19e /security/ssh2 | |
| parent | cd2afe1c1e11a1730d83f3eb0dc86edffa87a04f (diff) | |
| download | ports-31ecf3c3a56888a664f90607d7be054b1f284a47.tar.gz ports-31ecf3c3a56888a664f90607d7be054b1f284a47.zip | |
Notes
Diffstat (limited to 'security/ssh2')
31 files changed, 0 insertions, 1279 deletions
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile deleted file mode 100644 index 8c3918201bf9..000000000000 --- a/security/ssh2/Makefile +++ /dev/null @@ -1,175 +0,0 @@ -# New ports collection makefile for: ssh2 -# Date created: 5 Oct 1998 -# Whom: Issei Suzuki <issei@jp.FreeBSD.org> -# -# $FreeBSD$ -# - -PORTNAME= ssh2 -PORTVERSION= 3.2.9.1 -PORTREVISION= 8 -CATEGORIES= security ipv6 -# The list of official mirror sites is at: -# http://www.ssh.com/support/downloads/secureshellserver/non-commercial.html -MASTER_SITES= ftp://ftp.ssh.com/pub/ssh/ \ - ftp://ftp.wiretapped.net/pub/security/cryptography/apps/ssh/SSH/ \ - http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/SSH/ \ - ftp://gd.tuwien.ac.at/utils/shells/ssh/ \ - ftp://ftp.ut.ee/pub/unix/security/ssh/ \ - ftp://ftp.funet.fi/pub/mirrors/ftp.ssh.com/pub/ssh/ \ - ftp://ftp.crihan.fr/mirrors/ftp.ssh.com/ \ - http://ftp.crihan.fr/mirrors/ftp.ssh.com/ \ - ftp://ftp.cert.dfn.de/pub/tools/net/ssh/ \ - ftp://ftp.ntua.gr/pub/security/ssh/ \ - ftp://ftp.unina.it/pub/Unix/ssh/ \ - ftp://core.ring.gr.jp/pub/net/ssh/ \ - http://core.ring.gr.jp/archives/net/ssh/ \ - ftp://ftp.ring.gr.jp/pub/net/ssh/ \ - http://www.ring.gr.jp/archives/net/ssh/ \ - ftp://ftp.wsisiz.edu.pl/pub/Unix/ssh/ \ - ftp://ftp.ulak.net.tr/ssh/ \ - ftp://metalab.unc.edu/pub/packages/security/ssh/ \ - ftp://ftp.keystealth.org/pub/ssh/ \ - ftp://ftp.epix.net/pub/ssh/ \ - ftp://mirror.pa.msu.edu/ssh/ -DISTNAME= ssh-${PORTVERSION} - -MAINTAINER= marius@FreeBSD.org -COMMENT= Secure shell client and server for V.2 SSH protocol - -DEPRECATED= abandoned upstream -EXPIRATION_DATE=2010-10-15 - -.if !defined(WITHOUT_X11) -CONFLICTS= openssh-* ssh-* ssh2-nox11-* -.else -PKGNAMESUFFIX= -nox11 -CONFLICTS= openssh-* ssh-* ssh2-[0-9]* -.endif - -GNU_CONFIGURE= yes -MANCOMPRESSED= no -USE_RC_SUBR= sshd2.sh - -MAN1= ssh2.1 ssh-keygen2.1 ssh-add2.1 ssh-agent2.1 scp2.1 sftp2.1 \ - sshregex.1 ssh-probe2.1 ssh-dummy-shell.1 -MAN5= ssh2_config.5 sshd-check-conf.5 sshd2_config.5 \ - sshd2_subconfig.5 -MAN8= sshd2.8 -MLINKS= ssh2.1 ssh.1 ssh-add2.1 ssh-add.1 ssh-agent2.1 ssh-agent.1 \ - ssh-keygen2.1 ssh-keygen.1 scp2.1 scp.1 sftp2.1 sftp.1 \ - ssh-probe2.1 ssh-probe.1 sshd2.8 sshd.8 -DOCS= CHANGES FAQ HOWTO.anonymous.sftp LICENSE NEWS README \ - REGEX-SYNTAX SSH2.QUICKSTART \ - RFC.authorization_program_protocol RFC.kbdint_plugin_protocol -EXAMPLES= ext_authorization_example.sh kbdint_plugin_example.sh - -.include <bsd.port.pre.mk> - -CONFIGURE_ARGS+= --disable-debug --with-foreign-etcdir=${PREFIX}/etc \ - --with-libwrap -PKGMESSAGE= ${WRKDIR}/pkg-message - -# Define if all your users are in their own group and their homedir -# is writeable by that group. Beware the security implications! -# -.if defined(WITH_GROUP_WRITEABILITY) -CONFIGURE_ARGS+= --enable-group-writeability -.endif - -# Kerberos5 support in ssh2 is EXPERIMENTAL and requires MIT Kerberos, -# Heimdal is unsupported. -# -.if !defined(WITHOUT_KERBEROS) && defined(KRB5_HOME) && \ - exists(${KRB5_HOME}/lib/libk5crypto.a) -LIB_DEPENDS+= krb5.3:${PORTSDIR}/security/krb5 -CONFIGURE_ARGS+= --with-kerberos5=${KRB5_HOME} --disable-suid-ssh-signer -EXTRA_PATCHES+= ${FILESDIR}/kerberos-patch-apps::ssh::ssh2_config \ - ${FILESDIR}/kerberos-patch-apps::ssh::sshd2_config -.endif - -.if !defined(WITHOUT_X11) -BUILD_DEPENDS+= xauth:${PORTSDIR}/x11/xauth -RUN_DEPENDS+= xauth:${PORTSDIR}/x11/xauth -USE_XORG= x11 -PLIST_SUB+= WITH_X11:="" -.else -CONFIGURE_ARGS+= --without-x -PLIST_SUB+= WITH_X11:="@comment " -.endif - -pre-everything:: -.if !defined(WITH_GROUP_WRITEABILITY) || (!defined(WITHOUT_KERBEROS) && \ - defined(KRB5_HOME) && exists(${KRB5_HOME}/lib/libk5crypto.a)) || \ - !defined(WITHOUT_X11) - @${ECHO_MSG} "" - @${ECHO_MSG} "You may use the following build option(s):" - @${ECHO_MSG} "" -.if !defined(WITH_GROUP_WRITEABILITY) - @${ECHO_MSG} "WITH_GROUP_WRITEABILITY=yes builds with widened permissions check of home" - @${ECHO_MSG} " directories in hostbased- and publickey-" - @${ECHO_MSG} " authentication. May be usefull if all users" - @${ECHO_MSG} " are in their own group." - @${ECHO_MSG} " Beware the security implications!" -.endif -.if !defined(WITHOUT_KERBEROS) && defined(KRB5_HOME) && \ - exists(${KRB5_HOME}/lib/libk5crypto.a) - @${ECHO_MSG} "WITHOUT_KERBEROS=yes builds without MIT Kerberos support even when" - @${ECHO_MSG} " security/krb5 is installed." -.endif -.if !defined(WITHOUT_X11) - @${ECHO_MSG} "WITHOUT_X11=yes builds without X11 support. Setting this is" - @${ECHO_MSG} " the same as compiling security/ssh2-nox11." -.endif - @${ECHO_MSG} "" -.endif - -post-patch: -.for i in ${MAN1} ${MAN5} ${MAN8} ssh2_config sshd2_config - @${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g; \ - s|\/usr\/local|${LOCALBASE}|g' \ - ${WRKSRC}/apps/ssh/${i} -.endfor -.for i in anonymous.example host_ext.example host_int.example - @${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g' \ - ${WRKSRC}/apps/ssh/subconfig/${i} -.endfor - @${FIND} ${WRKSRC} -name Makefile.in -print0 -type f | \ - ${XARGS} -0 ${REINPLACE_CMD} -E -e \ - 's|-I\$$\(top_srcdir\)\/lib\/zlib||g; \ - s|\$$\(top_builddir\)\/lib\/zlib\/libz.a||g' - @${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g' \ - ${WRKSRC}/HOWTO.anonymous.sftp - @${REINPLACE_CMD} -e \ - 's|$$PATH:\/usr\/X11R6\/bin:\/usr\/X11\/bin|${LOCALBASE}\/bin|' \ - ${WRKSRC}/configure - @${REINPLACE_CMD} -E -e 's|\$$\(ETCDIR\)|${PREFIX}\/etc|g' \ - ${WRKSRC}/apps/ssh/ssh_dummy_shell.out - @${REINPLACE_CMD} -E -e 's|(^TESTS.+)(t-filecopy)|\1|g' \ - ${WRKSRC}/apps/ssh/tests/Makefile.in - @${SED} 's|%%PREFIX%%|${PREFIX}|g' \ - ${PKGDIR}/pkg-message > ${WRKDIR}/pkg-message - -pre-install: -# Make sure there's no startup script left over from a previous installation. - @${RM} -f ${PREFIX}/etc/rc.d/sshd2.sh - -post-install: - @${MKDIR} ${EXAMPLESDIR} -.for i in ${EXAMPLES} - @${INSTALL_DATA} ${WRKSRC}/$i ${EXAMPLESDIR} -.endfor -.if !defined(NOPORTDOCS) - @${MKDIR} ${DOCSDIR} -.for i in ${DOCS} - @${INSTALL_DATA} ${WRKSRC}/$i ${DOCSDIR} -.endfor -.endif - @${CAT} ${WRKDIR}/pkg-message - -test: build - @-cd ${WRKSRC}/lib/sshcrypto/tests && ${MAKE} check-TESTS - @-cd ${WRKSRC}/apps/ssh/lib/sshproto/tests && ${MAKE} check-TESTS - @-cd ${WRKSRC}/apps/ssh/tests && ${MAKE} check-TESTS - -.include <bsd.port.post.mk> diff --git a/security/ssh2/distinfo b/security/ssh2/distinfo deleted file mode 100644 index 801034756f90..000000000000 --- a/security/ssh2/distinfo +++ /dev/null @@ -1,3 +0,0 @@ -MD5 (ssh-3.2.9.1.tar.gz) = f3ed49f13419d97dc1d0d3bfb4bb99bf -SHA256 (ssh-3.2.9.1.tar.gz) = 9d989fa1d99e2c95bd8a9dbf73b9495fc831061b8b6a951effd4c1bb1902a373 -SIZE (ssh-3.2.9.1.tar.gz) = 2269281 diff --git a/security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config b/security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config deleted file mode 100644 index 895d04dde0b6..000000000000 --- a/security/ssh2/files/kerberos-patch-apps::ssh::ssh2_config +++ /dev/null @@ -1,10 +0,0 @@ ---- apps/ssh/ssh2_config.orig Wed Jan 21 19:14:28 2004 -+++ apps/ssh/ssh2_config Wed Jan 21 19:26:01 2004 -@@ -76,6 +76,7 @@ - - # AllowedAuthentications publickey,keyboard-interactive,password - # AllowedAuthentications hostbased,publickey,keyboard-interactive,password -+ AllowedAuthentications kerberos-tgt-2@ssh.com,kerberos-2@ssh.com,password - - - # For ssh-signer2 (only effective if set in the global configuration diff --git a/security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config b/security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config deleted file mode 100644 index 089ccc5ba36f..000000000000 --- a/security/ssh2/files/kerberos-patch-apps::ssh::sshd2_config +++ /dev/null @@ -1,19 +0,0 @@ ---- apps/ssh/sshd2_config.orig Wed Jan 21 19:12:25 2004 -+++ apps/ssh/sshd2_config Wed Jan 21 19:24:11 2004 -@@ -101,6 +101,7 @@ - # AllowedAuthentications publickey,password - # AllowedAuthentications hostbased,publickey,password - # AllowedAuthentications hostbased,publickey,keyboard-interactive -+ AllowedAuthentications kerberos-tgt-2@ssh.com,kerberos-2@ssh.com,password - # RequiredAuthentications publickey,password - # LoginGraceTime 600 - # AuthInteractiveFailureTimeout 2 -@@ -169,7 +170,7 @@ - # AllowGroups staff,users - # DenyGroups guest,anonymous - # PermitRootLogin yes --# PermitRootLogin nopwd -+ PermitRootLogin nopwd - - ## Chrooted environment - diff --git a/security/ssh2/files/patch-HOWTO.anonymous.sftp b/security/ssh2/files/patch-HOWTO.anonymous.sftp deleted file mode 100644 index 64208861668d..000000000000 --- a/security/ssh2/files/patch-HOWTO.anonymous.sftp +++ /dev/null @@ -1,117 +0,0 @@ ---- HOWTO.anonymous.sftp.orig Wed Dec 3 14:17:17 2003 -+++ HOWTO.anonymous.sftp Thu Jan 1 19:18:54 2004 -@@ -3,57 +3,27 @@ - Author: Sami Lehtinen <sjl@ssh.com> - Created: Thu Oct 18 18:21:56 2001 - --1. Follow the standard build process otherwise, except for the following -+1. Create a dedicated user account for the guest user (e.g. "ssh-guest"). - -- % ./configure --enable-static <your-flags-here> -- -- If your system doesn't support fully static binaries (atleast newer -- Solarises), you have to copy extra files after step 5, so that the -- necessary shared libraries and system configuration files can be -- found by ssh-dummy-shell and sftp-server in the chrooted -- environment. -- -- With internal sftp-server: -- You may also use the internal sftp-server. It simplifies logging and -- chrooting considerably. You don't need to build the static binaries. -- --2. Create a dedicated user account for the guest user (e.g. "ssh-guest"). -- -- In RH Linux: -- -- % useradd [-d home_dir] [-u uid] [-g group] [-s default-shell] ssh-guest -+ % pw useradd ssh-guest -m -s /nonexistent [-d homedir] [-u uid] [-g group] - - Remember that the home directory will be the root ("/") of the - chrooted environment, so choose wisely (you can change it later, of - course). - --3. Set some known password (e.g. "guest") for the account with "passwd". -+2. Set some known password (e.g. "guest") for the account with "passwd". - --4. Change the user's shell to "ssh-dummy-shell" with "vipw". -+ % passwd ssh-guest - -- With internal sftp-server: -- If you're using the internal sftp-server, you can use /bin/false or -- whatever as the user's shell. The sftp service isn't executed with -- the shell in this case. The user's shell doesn't even need to exist. -- --5. Run -- -- % ssh-chrootmgr -v ssh-guest # (or the account you created) -- -- This will copy necessary static binaries to the user's home directory. -- -- With internal sftp-server: -- You don't need this step if you don't need the static -- ssh-dummy-shell. -- --6. Modify /etc/ssh2/sshd2_config. Add the following line: -+3. Modify /etc/ssh2/sshd2_config. Add the following line: - - ChRootUsers ssh-guest - --7. If you wish, you may announce the existence of this account in your -- login banner message. The file /etc/ssh2/ssh_banner_message, if not -- empty, will be displayed to incoming users before they authenticate. Or -- you can change the default by modifying the sshd2_config: -+4. If you wish, you may announce the existence of this account in your -+ login banner message. The file /etc/ssh2/ssh_banner_message, -+ if not empty, will be displayed to incoming users before they -+ authenticate. Or you can change the default by modifying the -+ /etc/ssh2/sshd2_config: - - BannerMessageFile /etc/ssh2/some_other_ssh_banner_message - -@@ -74,7 +44,7 @@ - Remember that you may use subconfiguration files to change a banner - message based on e.g. user name (xxx example file). - --8. You most probably want to restrict access to read-only. For this, -+5. You most probably want to restrict access to read-only. For this, - change the accounts owner to something else (e.g. root): - - % chown -R root:root ~ssh-guest -@@ -82,7 +52,7 @@ - If you want to give some directories write access, change ownership of - those to "ssh-guest". - --9. To enable logging, you have to add the following line to sshd2_config -+6. To enable logging, you have to add the following line to sshd2_config - (or possibly to a subconfig file (see sshd2_subconfig(5))): - - SftpSysLogFacility <facility> -@@ -90,26 +60,11 @@ - <facility> could be LOCAL7, or whatever you wish. See sshd2_config(5) - for additional documentation. - -- Note, that logging in the chrooted environment with a separate -- binary for sftp-server is tricky. Most likely you have to create a -- /dev/log device under the chrooted jail, and add that to the listened -- devices (with the full path) of your syslogd. See the documentation of -- syslog daemon for this. However, see below. -- -- With internal sftp-server: -- Logging in the chrooted jail is much simpler with the internal -- sftp-server. Just specify the correct SftpSysLogFacility, and you are -- set. -- --10. Add your sftp-server to sshd2_config (if not already there): -- -- subsystem-sftp sftp-server -- -- With internal sftp-server: -+7. Add your sftp-server to sshd2_config (if not already there): - - subsystem-sftp internal://sftp-server - --11. Remember to restart the sshd2 daemon after you modify the configuration -+8. Remember to restart the sshd2 daemon after you modify the configuration - file for the changes to take effect! - - Have fun. diff --git a/security/ssh2/files/patch-apps::ssh::Makefile.in b/security/ssh2/files/patch-apps::ssh::Makefile.in deleted file mode 100644 index 9b927d7ca9f2..000000000000 --- a/security/ssh2/files/patch-apps::ssh::Makefile.in +++ /dev/null @@ -1,60 +0,0 @@ ---- apps/ssh/Makefile.in.orig Wed Dec 3 14:17:48 2003 -+++ apps/ssh/Makefile.in Fri Jan 2 09:23:14 2004 -@@ -1019,36 +1019,20 @@ - fi - - install-symlinks: -- -mv -f $(DESTDIR)$(bindir)/ssh $(DESTDIR)$(bindir)/ssh.old -- -mv -f $(DESTDIR)$(bindir)/ssh-agent $(DESTDIR)$(bindir)/ssh-agent.old -- -mv -f $(DESTDIR)$(bindir)/ssh-add $(DESTDIR)$(bindir)/ssh-add.old -- -mv -f $(DESTDIR)$(bindir)/ssh-askpass $(DESTDIR)$(bindir)/ssh-askpass.old -- -mv -f $(DESTDIR)$(bindir)/ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen.old -- -mv -f $(DESTDIR)$(bindir)/scp $(DESTDIR)$(bindir)/scp.old -- -mv -f $(DESTDIR)$(bindir)/sftp $(DESTDIR)$(bindir)/sftp.old -- -mv -f $(DESTDIR)$(bindir)/sftp-server $(DESTDIR)$(bindir)/sftp-server.old -- -mv -f $(DESTDIR)$(bindir)/ssh-signer $(DESTDIR)$(bindir)/ssh-signer.old -- -mv -f $(DESTDIR)$(bindir)/ssh-probe $(DESTDIR)$(bindir)/ssh-probe.old -- - (cd $(DESTDIR)$(bindir) && $(LN_S) ssh2 ssh) - (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-agent2 ssh-agent) - (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-add2 ssh-add) -- (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-askpass2 ssh-askpass) -+ case x"@CONFPROGRAMS@" in \ -+ x*askpass*) \ -+ (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-askpass2 ssh-askpass) ;; \ -+ esac - (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-keygen2 ssh-keygen) - (cd $(DESTDIR)$(bindir) && $(LN_S) scp2 scp) - (cd $(DESTDIR)$(bindir) && $(LN_S) sftp2 sftp) - (cd $(DESTDIR)$(bindir) && $(LN_S) sftp-server2 sftp-server) - (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-signer2 ssh-signer) - (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-probe2 ssh-probe) -- -mv -f $(DESTDIR)$(sbindir)/sshd $(DESTDIR)$(sbindir)/sshd.old - (cd $(DESTDIR)$(sbindir) && $(LN_S) sshd2 sshd) -- -mv -f $(DESTDIR)$(mandir)/man1/ssh.1 $(DESTDIR)$(mandir)/man1/ssh.old.1 -- -mv -f $(DESTDIR)$(mandir)/man1/ssh-add.1 $(DESTDIR)$(mandir)/man1/ssh-add.old.1 -- -mv -f $(DESTDIR)$(mandir)/man1/ssh-agent.1 $(DESTDIR)$(mandir)/man1/ssh-agent.old.1 -- -mv -f $(DESTDIR)$(mandir)/man1/ssh-keygen.1 $(DESTDIR)$(mandir)/man1/ssh-keygen.old.1 -- -mv -f $(DESTDIR)$(mandir)/man1/scp.1 $(DESTDIR)$(mandir)/man1/scp.old.1 -- -mv -f $(DESTDIR)$(mandir)/man1/sftp.1 $(DESTDIR)$(mandir)/man1/sftp.old.1 -- -mv -f $(DESTDIR)$(mandir)/man1/ssh-probe.1 $(DESTDIR)$(mandir)/man1/ssh-probe.old.1 - (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh2.1 ssh.1) - (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-add2.1 ssh-add.1) - (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-agent2.1 ssh-agent.1) -@@ -1056,7 +1040,6 @@ - (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) scp2.1 scp.1) - (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) sftp2.1 sftp.1) - (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-probe2.1 ssh-probe.1) -- -mv -f $(DESTDIR)$(mandir)/man8/sshd.8 $(DESTDIR)$(mandir)/man8/sshd.old.8 - (cd $(DESTDIR)$(mandir)/man8 && $(LN_S) sshd2.8 sshd.8) - - clean-up-old: -@@ -1075,7 +1058,7 @@ - -chown root $(DESTDIR)$(bindir)/ssh-signer2 - -chmod $(SSH_SIGNER_INSTALL_MODE) $(DESTDIR)$(bindir)/ssh-signer2 - --install-data-hook: make-install-dirs generate-host-key install-symlinks -+install-data-hook: make-install-dirs install-symlinks - -@if test '!' -f $(DESTDIR)$(etcdir)/sshd2_config ; then \ - echo Installing $(DESTDIR)$(etcdir)/sshd2_config ; \ - $(INSTALL_DATA) $(srcdir)/sshd2_config \ diff --git a/security/ssh2/files/patch-apps::ssh::lib::sshproto::sshconn.c b/security/ssh2/files/patch-apps::ssh::lib::sshproto::sshconn.c deleted file mode 100644 index cd744448a77f..000000000000 --- a/security/ssh2/files/patch-apps::ssh::lib::sshproto::sshconn.c +++ /dev/null @@ -1,22 +0,0 @@ ---- apps/ssh/lib/sshproto/sshconn.c.orig 2003-12-03 15:17:34.000000000 +0200 -+++ apps/ssh/lib/sshproto/sshconn.c -@@ -452,7 +452,8 @@ Boolean ssh_conn_send_channel_data_type( - (unsigned int) SSH_MSG_CHANNEL_DATA, - SSH_FORMAT_UINT32, (SshUInt32) - channel->remote_id, -- SSH_FORMAT_UINT32_STR, buf, len, -+ SSH_FORMAT_UINT32_STR, buf, -+ (size_t) len, - SSH_FORMAT_END); - } - else -@@ -465,7 +466,8 @@ Boolean ssh_conn_send_channel_data_type( - SSH_FORMAT_UINT32, (SshUInt32) - channel->remote_id, - SSH_FORMAT_UINT32, (SshUInt32) i, -- SSH_FORMAT_UINT32_STR, buf, len, -+ SSH_FORMAT_UINT32_STR, buf, -+ (size_t) len, - SSH_FORMAT_END); - } - diff --git a/security/ssh2/files/patch-apps::ssh::lib::sshproto::trcommon.c b/security/ssh2/files/patch-apps::ssh::lib::sshproto::trcommon.c deleted file mode 100644 index bcf60cdce113..000000000000 --- a/security/ssh2/files/patch-apps::ssh::lib::sshproto::trcommon.c +++ /dev/null @@ -1,20 +0,0 @@ ---- apps/ssh/lib/sshproto/trcommon.c.orig 2003-12-03 15:17:33.000000000 +0200 -+++ apps/ssh/lib/sshproto/trcommon.c -@@ -555,7 +555,7 @@ void ssh_tr_send_packet(SshTransportComm - SSH_DEBUG(5, ("Outgoing empty, sending empty ignore packet.")); - ret = ssh_encode_buffer(&new_packet, - SSH_FORMAT_CHAR, (unsigned int) SSH_MSG_IGNORE, -- SSH_FORMAT_UINT32, 0L, -+ SSH_FORMAT_UINT32, (SshUInt32) 0, - SSH_FORMAT_END); - SSH_VERIFY(ret > 0); - ssh_tr_encode_packet(tr, ssh_buffer_ptr(&new_packet), -@@ -3171,7 +3171,7 @@ void ssh_tr_process_up_incoming_packet(S - - ssh_encode_buffer(new_packet, - SSH_FORMAT_CHAR, (unsigned int) SSH_MSG_IGNORE, -- SSH_FORMAT_UINT32, ignore_len, -+ SSH_FORMAT_UINT32, (SshUInt32) ignore_len, - SSH_FORMAT_END); - - ssh_xbuffer_append_space(new_packet, &datap, ignore_len); diff --git a/security/ssh2/files/patch-apps::ssh::ssh-agent2.c b/security/ssh2/files/patch-apps::ssh::ssh-agent2.c deleted file mode 100644 index 5ca8b5130566..000000000000 --- a/security/ssh2/files/patch-apps::ssh::ssh-agent2.c +++ /dev/null @@ -1,11 +0,0 @@ ---- apps/ssh/ssh-agent2.c.orig 2003-12-03 15:17:27.000000000 +0200 -+++ apps/ssh/ssh-agent2.c -@@ -1802,7 +1802,7 @@ void ssh_agenti_ssh1_encode_mp(SshBuffer - num_buf = ssh_xmalloc(num_buf_len); - ssh_mp_get_buf(num_buf, num_buf_len, n); - ssh_encode_buffer(buffer, -- SSH_FORMAT_DATA, len_buf, 2, -+ SSH_FORMAT_DATA, len_buf, (size_t) 2, - SSH_FORMAT_DATA, num_buf, num_buf_len, - SSH_FORMAT_END); - ssh_xfree(num_buf); diff --git a/security/ssh2/files/patch-apps::ssh::ssh-signer2.c b/security/ssh2/files/patch-apps::ssh::ssh-signer2.c deleted file mode 100644 index 0dec00a86547..000000000000 --- a/security/ssh2/files/patch-apps::ssh::ssh-signer2.c +++ /dev/null @@ -1,11 +0,0 @@ ---- apps/ssh/ssh-signer2.c.orig 2003-12-03 15:17:26.000000000 +0200 -+++ apps/ssh/ssh-signer2.c -@@ -264,7 +264,7 @@ SSH_FSM_STEP(signer_send_error) - (unsigned int) gdata->error_code_to_ssh2, - SSH_FORMAT_UINT32_STR, gdata->error_message_to_ssh2, - strlen(gdata->error_message_to_ssh2), -- SSH_FORMAT_UINT32_STR, "en", 2, -+ SSH_FORMAT_UINT32_STR, "en", (size_t) 2, - SSH_FORMAT_END); - - ssh_packet_wrapper_can_receive(gdata->wrapper, FALSE); diff --git a/security/ssh2/files/patch-apps::ssh::ssh1proto.c b/security/ssh2/files/patch-apps::ssh::ssh1proto.c deleted file mode 100644 index 5e912e7e814c..000000000000 --- a/security/ssh2/files/patch-apps::ssh::ssh1proto.c +++ /dev/null @@ -1,11 +0,0 @@ ---- apps/ssh/ssh1proto.c.orig 2003-12-03 15:17:26.000000000 +0200 -+++ apps/ssh/ssh1proto.c -@@ -3918,7 +3918,7 @@ void ssh1_handle_packet_smsg_auth_rsa_ch - SSH_FORMAT_UINT32_STR, - challenge_buf, challenge_len, - SSH_FORMAT_UINT32_STR, -- ssh1->session_id, 16, -+ ssh1->session_id, (size_t) 16, - SSH_FORMAT_END); - ssh_xfree(challenge_buf); - ssh1->mode = SSH1_AGENT_OPERATION_IN_PROGRESS; diff --git a/security/ssh2/files/patch-apps::ssh::ssh2_config.5 b/security/ssh2/files/patch-apps::ssh::ssh2_config.5 deleted file mode 100644 index 49c11e4cc85f..000000000000 --- a/security/ssh2/files/patch-apps::ssh::ssh2_config.5 +++ /dev/null @@ -1,17 +0,0 @@ ---- apps/ssh/ssh2_config.5.orig Wed Dec 3 17:05:48 2003 -+++ apps/ssh/ssh2_config.5 Wed Dec 3 17:06:25 2003 -@@ -136,14 +136,6 @@ - .ne 3 - - .TP --.B Cert.RSA.Compat.HashScheme --Older SSH Secure Shell clients and servers used hashes in an incoherent --manner (sometimes MD5, sometimes SHA-1). With this option, you can set --what hash is used. Valid values are "\fBmd5\fR" and "\fBsha1\fR". The --default is "\fBmd5\fR" (works in most cases). --.ne 3 -- --.TP - .B Ciphers - Specifies the ciphers to use for encrypting the - session. Currently, diff --git a/security/ssh2/files/patch-apps::ssh::sshchsession.c b/security/ssh2/files/patch-apps::ssh::sshchsession.c deleted file mode 100644 index f7da16e72e1e..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshchsession.c +++ /dev/null @@ -1,289 +0,0 @@ ---- apps/ssh/sshchsession.c.orig Thu Jul 3 00:19:57 2003 -+++ apps/ssh/sshchsession.c Thu Jul 3 00:21:12 2003 -@@ -122,6 +122,11 @@ - - - -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+#include <login_cap.h> -+#include <sys/copyright.h> -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ -+ - #define SSH_DEBUG_MODULE "Ssh2ChannelSession" - - #define SSH_SESSION_INTERACTIVE_WINDOW 10000 -@@ -487,6 +492,14 @@ - char *user_conf_dir = NULL; - int i; - -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ extern char **environ; -+ char *path, *newpath, **saveenv; -+ struct passwd *pw; -+ -+ pw = getpwuid(ssh_user_uid(session->common->user_data)); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ -+ - user_name = session->common->user; - - if (ssh_user_needs_chroot(session->common->user_data, session->common)) -@@ -502,7 +515,11 @@ - ssh_child_set_env(envp, envsizep, "HOME", user_dir); - ssh_child_set_env(envp, envsizep, "USER", user_name); - ssh_child_set_env(envp, envsizep, "LOGNAME", user_name); -+#ifdef __FreeBSD__ -+ ssh_child_set_env(envp, envsizep, "PATH", _PATH_STDPATH SSH_BINDIR); -+#else - ssh_child_set_env(envp, envsizep, "PATH", DEFAULT_PATH ":" SSH_BINDIR); -+#endif - - #ifdef MAIL_SPOOL_DIRECTORY - ssh_snprintf(buf, sizeof(buf), "%s/%s", MAIL_SPOOL_DIRECTORY, user_name); -@@ -529,6 +546,39 @@ - if (getenv("TZ")) - ssh_child_set_env(envp, envsizep, "TZ", getenv("TZ")); - -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ saveenv = environ; -+ environ = *envp; -+ -+ if (setusercontext(NULL, pw, ssh_user_uid(session->common->user_data), -+ LOGIN_SETPATH | LOGIN_SETENV) == 0) -+ { -+ if ((path = getenv("PATH")) == NULL) -+ newpath = ssh_xstrdup(SSH_BINDIR); -+ else if (strstr(path, SSH_BINDIR) == NULL) -+ ssh_dsprintf(&newpath, "%s:%s", path, SSH_BINDIR); -+ else -+ newpath = ssh_xstrdup(path); -+ -+ *envp = environ; -+ environ = saveenv; -+ for (*envsizep = 0; (*envp)[*envsizep] != NULL; (*envsizep)++) -+ ; /* nothing */ -+ *envsizep += 51; -+ (*envp) = ssh_xrealloc(*envp, (*envsizep) * sizeof(char *)); -+ -+ ssh_child_set_env(envp, envsizep, "PATH", newpath); -+ ssh_xfree(newpath); -+ } -+ else -+ { -+ *envp = environ; -+ environ = saveenv; -+ ssh_debug("setusercontext: unable to set user context"); -+ } -+ endpwent(); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ -+ - /* Set SSH_CLIENT. */ - ssh_snprintf(buf, sizeof(buf), "%s %s %s %s", - session->common->remote_ip, session->common->remote_port, -@@ -632,6 +682,11 @@ - FILE *f; - char *user_conf_dir = NULL; - -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ struct passwd *pw; -+ login_cap_t *lc; -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ -+ - #ifdef SSH_CHANNEL_X11 - const char *auth_protocol; - const char *auth_cookie; -@@ -643,6 +698,18 @@ - #endif /* SSH_CHANNEL_X11 */ - - shell = ssh_user_shell(session->common->user_data); -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ pw = getpwuid(ssh_user_uid(session->common->user_data)); -+ lc = login_getpwclass(pw); -+ if (lc == NULL) -+ ssh_debug("Unable to get login class: %s", session->common->user); -+ else -+ { -+ shell = login_getcapstr(lc, "shell", (char *) shell, (char *) shell); -+ login_close(lc); -+ } -+ endpwent(); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - user_conf_dir = ssh_user_conf_dir(session->common->user_data, - session->common->config); - -@@ -844,12 +911,24 @@ - extern char **environ; - unsigned int envsize; - int i; -- FILE *f; -+ FILE *f = NULL; - char *subsystem_path = NULL; - Boolean needs_chroot = FALSE, run_internal_sftp_server = FALSE; - const char *chroot_dir = NULL; - SshUserFDCloseCB close_fds = NULL_FNPTR; - SshConfig config = session->common->config; -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ struct passwd *pw; -+ login_cap_t *lc; -+ -+ pw = getpwuid(ssh_user_uid(session->common->user_data)); -+ lc = login_getpwclass(pw); -+ if (lc == NULL) -+ { -+ ssh_debug("Unable to get login class: %s", session->common->user); -+ exit(254); -+ } -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - - - -@@ -865,6 +944,11 @@ - #endif /* HAVE_IF */ - - /* Check /etc/nologin. */ -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ if (pw->pw_uid != UID_ROOT && !login_getcapbool(lc, "ignorenologin", 0)) -+ f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN, _PATH_NOLOGIN), -+ "r"); -+#else /* ! (__FreeBSD && HAVE_LOGIN_CAP_H) */ - if ((f = fopen("/etc/nologin", "r")) == NULL) - { - char hname[MAXHOSTNAMELEN]; -@@ -877,12 +961,17 @@ - ssh_debug("%s %s.", nologin_path, f ? "exists" : "does not exist"); - ssh_xfree(nologin_path); - } -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - - if (f) - { /* /etc/nologin exists. Print its contents and exit. */ - /* Print a message about /etc/nologin existing; I am getting - questions because of this every week. */ -+#ifdef __FreeBSD__ -+ ssh_warning("Logins are currently denied with " _PATH_NOLOGIN ":"); -+#else - ssh_warning("Logins are currently denied with /etc/nologin:"); -+#endif - while (fgets(buf, sizeof(buf), f)) - fputs(buf, stderr); - fclose(f); -@@ -963,8 +1052,8 @@ - { - if (chdir("/") < 0) - { -- ssh_debug("Chroot to user '%s' home directory failed!", -- session->common->user); -+ ssh_debug("Chroot to user '%s' home directory failed: %s", -+ session->common->user, strerror(errno)); - exit(254); - } - } -@@ -975,6 +1064,10 @@ - ssh_warning("Could not chdir to home directory %s: %s", - ssh_user_dir(session->common->user_data), - strerror(errno)); -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ if (login_getcapbool(lc, "requirehome", 0)) -+ exit(254); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - chdir("/"); - } - } -@@ -1128,6 +1221,12 @@ - - - shell = ssh_user_shell(session->common->user_data); -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ shell = login_getcapstr(lc, "shell", (char *) shell, (char *) shell); -+ login_close(lc); -+ endpwent(); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ -+ - argv[0] = (char *)shell; - argv[1] = "-c"; - argv[2] = (char *)session->common->forced_command; -@@ -1158,6 +1257,9 @@ - - /* Get the user's shell, and the last component of it. */ - shell = ssh_user_shell(session->common->user_data); -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ shell = login_getcapstr(lc, "shell", (char *) shell, (char *) shell); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - - shell_no_path = strrchr(shell, '/'); - if (shell_no_path) -@@ -1188,6 +1290,9 @@ - (needs_chroot ? "" : - ssh_user_dir(session->common->user_data))); - quiet_login = stat(linebuf, &st) >= 0; -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ quiet_login |= login_getcapbool(lc, "hushlogin", 0); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - - if (!quiet_login) - { -@@ -1217,11 +1322,28 @@ - ssh_xfree(time_string); - } - #endif /* HAVE_SIA */ -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ SSH_DEBUG(7, ("Printing copyright.")); -+ f = fopen(login_getcapstr(lc, "copyright", NULL, NULL), "r"); -+ if (f) -+ { -+ while (fgets(linebuf, sizeof(linebuf), f) != NULL) -+ fputs(linebuf, stdout); -+ fclose(f); -+ } -+ else -+ fputs(COPYRIGHT_UCB "\n", stdout); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - /* print motd, if "PrintMotd yes" and it exists */ - if (config->print_motd) - { - SSH_DEBUG(7, ("Printing MOTD.")); -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", -+ "/etc/motd"), "r"); -+#else /* ! (__FreeBSD && HAVE_LOGIN_CAP_H) */ - f = fopen("/etc/motd", "r"); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ - if (f) - { - while (fgets(linebuf, sizeof(linebuf), f)) -@@ -1239,7 +1361,11 @@ - { - struct stat mailbuf; - if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0) -+#ifndef __FreeBSD__ - printf("No mail.\n"); -+#else -+ ; /* nothing */ -+#endif - else if (mailbuf.st_atime > mailbuf.st_mtime) - printf("You have mail.\n"); - else -@@ -1249,6 +1375,11 @@ - } - } - -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ login_close(lc); -+ endpwent(); -+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */ -+ - execve(shell, argv, env); - /* Executing the shell failed. */ - perror(shell); -@@ -2315,9 +2446,9 @@ - { - ssh_encode_buffer(&buffer, - SSH_FORMAT_UINT32, (SshUInt32) -exit_status, -- SSH_FORMAT_BOOLEAN, FALSE, -- SSH_FORMAT_UINT32_STR, NULL, 0, -- SSH_FORMAT_UINT32_STR, NULL, 0, -+ SSH_FORMAT_BOOLEAN, (Boolean) FALSE, -+ SSH_FORMAT_UINT32_STR, NULL, (size_t) 0, -+ SSH_FORMAT_UINT32_STR, NULL, (size_t) 0, - SSH_FORMAT_END); - - diff --git a/security/ssh2/files/patch-apps::ssh::sshd2.8 b/security/ssh2/files/patch-apps::ssh::sshd2.8 deleted file mode 100644 index 98c3ddaf29dc..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshd2.8 +++ /dev/null @@ -1,24 +0,0 @@ ---- apps/ssh/sshd2.8.orig Wed Dec 3 14:17:23 2003 -+++ apps/ssh/sshd2.8 Sun Dec 28 17:09:32 2003 -@@ -241,20 +241,11 @@ - login time, message of the day and mailcheck.) - - .TP --.I /etc/nologin -+.I /var/run/nologin - If this file exists, - .B sshd2 - refuses to let anyone except root log in. The contents of the file - is displayed to anyone trying to log in. The file should be world-readable. -- --.TP --.I /etc/nologin_<hostname> --As above, but the filename is constructed from the name of the --host. Check output of --.B hostname --to see what name you should use in the filename. This functionality is --supposed to be used by clustered machines (which share --.IR /etc ). - - .TP - .I \&$HOME/\s+2.\s0rhosts diff --git a/security/ssh2/files/patch-apps::ssh::sshd2_config b/security/ssh2/files/patch-apps::ssh::sshd2_config deleted file mode 100644 index 7660d00c7973..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshd2_config +++ /dev/null @@ -1,26 +0,0 @@ ---- apps/ssh/sshd2_config.orig Wed Dec 3 14:17:28 2003 -+++ apps/ssh/sshd2_config Thu Jan 1 19:33:35 2004 -@@ -22,9 +22,8 @@ - - ## Network - --# Port is not commented out, as it is needed by the example startup --# scripts. Well, the default won't likely change. -- Port 22 -+# Port is commented out as it is specified by the startup script. -+# Port 22 - # ListenAddress any - # ResolveClientHostName yes - # RequireReverseMapping no -@@ -188,9 +187,9 @@ - ## subsystem definitions - - # Subsystems don't have defaults, so this is needed here (uncommented). -- subsystem-sftp sftp-server -+# subsystem-sftp sftp-server - # Also internal sftp-server subsystem can be used. --# subsystem-sftp internal://sftp-server -+ subsystem-sftp internal://sftp-server - - ## Subconfiguration - # There are no default subconfiguration files. When specified the last diff --git a/security/ssh2/files/patch-apps::ssh::sshd2_config.5 b/security/ssh2/files/patch-apps::ssh::sshd2_config.5 deleted file mode 100644 index a9c3be0414b9..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshd2_config.5 +++ /dev/null @@ -1,23 +0,0 @@ ---- apps/ssh/sshd2_config.5.orig Wed Dec 3 17:08:53 2003 -+++ apps/ssh/sshd2_config.5 Wed Dec 3 17:09:35 2003 -@@ -288,20 +288,6 @@ - .ne 3 - - .TP --.B Cert.RSA.Compat.HashScheme --Older SSH Secure Shell clients and servers used hashes in an incoherent --manner (sometimes MD5, sometimes SHA-1). With this option, you can set --what hash is used. This option can be set in --.BR HostSpecificConfig , --and then reset in --.BR UserSpecificConfig , --in which case the value set in host-specific configuration will apply to --the initial key exchange and during authentication the value in the --user-specific configuration will be used. Valid values are "\fBmd5\fR" --and "\fBsha1\fR". The default is "\fBmd5\fR" (works in most cases). --.ne 3 -- --.TP - .B CheckMail - Makes \fBsshd2\fR print information whether there is new mail or not - when a user logs in interactively. (On some systems this information diff --git a/security/ssh2/files/patch-apps::ssh::sshd2_subconfig.5 b/security/ssh2/files/patch-apps::ssh::sshd2_subconfig.5 deleted file mode 100644 index 53bdc2f25536..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshd2_subconfig.5 +++ /dev/null @@ -1,11 +0,0 @@ ---- apps/ssh/sshd2_subconfig.5.orig Wed Dec 3 17:13:11 2003 -+++ apps/ssh/sshd2_subconfig.5 Wed Dec 3 17:13:31 2003 -@@ -136,8 +136,6 @@ - .LP - .B AuthPublicKey.MinSize - .LP --.B Cert.RSA.Compat.HashScheme --.LP - .B CheckMail - .LP - .B DenyShosts diff --git a/security/ssh2/files/patch-apps::ssh::sshfilecopy.c b/security/ssh2/files/patch-apps::ssh::sshfilecopy.c deleted file mode 100644 index cf13d41c657f..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshfilecopy.c +++ /dev/null @@ -1,10 +0,0 @@ ---- apps/ssh/sshfilecopy.c.orig Wed Dec 3 14:17:25 2003 -+++ apps/ssh/sshfilecopy.c Sun Feb 19 20:33:18 2006 -@@ -915,6 +915,7 @@ - /* This file is at it's end. */ - fprintf(stdout, "\r\n"); - } -+ fflush(stdout); - } - - diff --git a/security/ssh2/files/patch-apps::ssh::sshpamserver.c b/security/ssh2/files/patch-apps::ssh::sshpamserver.c deleted file mode 100644 index b8b95a3833a5..000000000000 --- a/security/ssh2/files/patch-apps::ssh::sshpamserver.c +++ /dev/null @@ -1,12 +0,0 @@ ---- apps/ssh/sshpamserver.c.orig 2003-12-03 15:17:26.000000000 +0200 -+++ apps/ssh/sshpamserver.c -@@ -306,7 +306,8 @@ int send_packet(int fd, SshPacketType pa - - buffer = ssh_xbuffer_allocate(); - ssh_encode_buffer(buffer, -- SSH_FORMAT_UINT32, ssh_buffer_len(packet) + 1, -+ SSH_FORMAT_UINT32, -+ (SshUInt32) (ssh_buffer_len(packet) + 1), - SSH_FORMAT_CHAR, (unsigned int)packet_type, - SSH_FORMAT_DATA, ssh_buffer_ptr(packet), - ssh_buffer_len(packet), diff --git a/security/ssh2/files/patch-configure b/security/ssh2/files/patch-configure deleted file mode 100644 index f465ed4a3042..000000000000 --- a/security/ssh2/files/patch-configure +++ /dev/null @@ -1,49 +0,0 @@ ---- configure.orig Wed Dec 3 14:17:42 2003 -+++ configure Mon Dec 29 01:43:15 2003 -@@ -3773,7 +3773,7 @@ - # - - # So many systems seem to need this that it is better do it here automatically. --LIBS="-L/usr/local/lib $LIBS" -+#LIBS="-L/usr/local/lib $LIBS" - - # Platform-specific stuff. - case "$target" in -@@ -9731,6 +9731,9 @@ - no_ranlib=yes - CFLAGS="$CFLAGS -UM_I86SM" - ;; -+ *-*-freebsd*) -+ os_freebsd=yes -+ ;; - *) - ;; - esac -@@ -10994,7 +10997,7 @@ - fi - if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 -- X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" -+# X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" - else - echo "$ac_t""no" 1>&6 - fi -@@ -11112,7 +11115,7 @@ - #include "confdefs.h" - #include <$ac_hdr> - EOF --ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -+ac_try="$ac_cpp -I$x_includes conftest.$ac_ext >/dev/null 2>conftest.out" - { (eval echo configure:11117: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then -@@ -13011,6 +13014,9 @@ - fi - else - ssh2_ldadd_options="-L. -Llib/sshkeyutil -Llib/sshproto -L../../lib -lssh2 -lsshproto -lsshkeyutil $SCM_LDADD $ssh2_toolkit_ldadd -lssh" -+ if test -n "$os_freebsd"; then -+ ssh2_ldadd_options="$ssh2_ldadd_options -lz" -+ fi - fi - - diff --git a/security/ssh2/files/patch-lib::Makefile.in b/security/ssh2/files/patch-lib::Makefile.in deleted file mode 100644 index 64c2eb1d0209..000000000000 --- a/security/ssh2/files/patch-lib::Makefile.in +++ /dev/null @@ -1,23 +0,0 @@ ---- lib/Makefile.in.orig Wed Dec 3 14:17:43 2003 -+++ lib/Makefile.in Sun Jul 30 14:39:00 2006 -@@ -124,7 +124,7 @@ - - AUTOMAKE_OPTIONS = 1.0 foreign dist-zip no-dependencies - --SUBDIRS = sshutil zlib sshmath sshasn1 sshreadline sshcrypto sshsession sshpgp sshapputil sshfilexfer -+SUBDIRS = sshutil sshmath sshasn1 sshreadline sshcrypto sshsession sshpgp sshapputil sshfilexfer - - - # -@@ -449,11 +449,6 @@ - - local-includes: - -if test '!' -d ../include; then mkdir ../include; fi -- for i in zlib/zlib.h zlib/zconf.h; do \ -- if test -f $(srcdir)/$$i; then \ -- $(COPY_INCLUDE) $(srcdir)/$$i ../include; \ -- fi; \ -- done - - includes: local-includes - for d in $(SUBDIRS); do (cd $$d && $(MAKE) includes); done diff --git a/security/ssh2/files/patch-lib::sshapputil::sshuserfile.c b/security/ssh2/files/patch-lib::sshapputil::sshuserfile.c deleted file mode 100644 index 9886bee1a3ca..000000000000 --- a/security/ssh2/files/patch-lib::sshapputil::sshuserfile.c +++ /dev/null @@ -1,20 +0,0 @@ ---- lib/sshapputil/sshuserfile.c.orig Wed Dec 3 14:17:21 2003 -+++ lib/sshapputil/sshuserfile.c Mon Dec 29 20:58:27 2003 -@@ -742,12 +742,13 @@ - if (uid != geteuid() || uid != getuid()) - { - #if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -- struct passwd * pw = getpwuid(uid); -- login_cap_t * lc = login_getuserclass(pw); -- if (setusercontext(lc, pw, uid, -+ struct passwd *pw; -+ -+ pw = getpwuid(uid); -+ if (setusercontext(NULL, pw, uid, - LOGIN_SETALL & ~(LOGIN_SETLOGIN | LOGIN_SETPATH | - LOGIN_SETENV)) < 0) -- ssh_fatal("setusercontext: %s", strerror(errno)); -+ ssh_fatal("setusercontext: unable to set user context"); - #else /* ! (__FreeBSD && HAVE_LOGIN_CAP_H) */ - if (setgid(gid) < 0) - ssh_fatal("setgid: %s", strerror(errno)); diff --git a/security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c b/security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c deleted file mode 100644 index cb6133c7bebf..000000000000 --- a/security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c +++ /dev/null @@ -1,21 +0,0 @@ ---- lib/sshfilexfer/sshfilexfers.c.orig 2003-12-03 15:17:22.000000000 +0200 -+++ lib/sshfilexfer/sshfilexfers.c 2006-02-22 10:44:25.000000000 +0200 -@@ -5,7 +5,7 @@ - Authors: Tatu Ylonen <ylo@ssh.com> - Sami Lehtinen <sjl@ssh.com> - -- Copyright (c) 1998-2001 SSH Communications Security Corp, Finland -+ Copyright (c) 1998-2001, 2006 SSH Communications Security Corp, Finland - All rights reserved - - Generic file transfer module, server side. -@@ -115,7 +115,8 @@ - if (server->log_facility >= 0) \ - { \ - char *msg = ssh_debug_format varcall; \ -- ssh_log_event(det_fac(category, server->log_facility), severity, msg); \ -+ ssh_log_event(det_fac(category, server->log_facility), severity, \ -+ "%s", msg); \ - ssh_xfree(msg); \ - } \ - } while (0) diff --git a/security/ssh2/files/patch-lib::sshreadline::sshreadline.c b/security/ssh2/files/patch-lib::sshreadline::sshreadline.c deleted file mode 100644 index cdc59b4605ee..000000000000 --- a/security/ssh2/files/patch-lib::sshreadline::sshreadline.c +++ /dev/null @@ -1,32 +0,0 @@ ---- lib/sshreadline/sshreadline.c.orig Wed Dec 3 14:17:20 2003 -+++ lib/sshreadline/sshreadline.c Fri Aug 18 20:58:55 2006 -@@ -500,8 +500,13 @@ - new_term.c_lflag &= ~(ECHO | ICANON); - new_term.c_cc[VMIN] = 1; - new_term.c_cc[VTIME] = 1; -- if (tcsetattr(fd, TCSAFLUSH, &new_term) < 0) -+ while (tcsetattr(fd, TCSAFLUSH, &new_term) < 0) - { -+ if (errno == EINTR) -+ { -+ errno = 0; /* For Solaris; just to make sure. */ -+ continue; -+ } - ssh_warning("tcsetattr failed in ssh_rl_set_tty_modes_for_fd: " - "fd %d: %.200s", fd, strerror(errno)); - return -1; -@@ -561,8 +566,13 @@ - { - fcntl(fd, F_SETFL, fcntl_flags); - -- if (tcsetattr(fd, TCSAFLUSH, saved_tio) < 0) -+ while (tcsetattr(fd, TCSAFLUSH, saved_tio) < 0) - { -+ if (errno == EINTR) -+ { -+ errno = 0; /* For Solaris; just to make sure. */ -+ continue; -+ } - ssh_warning("tcsetattr failed in ssh_rl_restore_tty_modes_for_fd: " - "fd %d: %.200s", fd, strerror(errno)); - return -1; diff --git a/security/ssh2/files/patch-lib::sshsession::sshunixuser.c b/security/ssh2/files/patch-lib::sshsession::sshunixuser.c deleted file mode 100644 index ddd2a1b79b03..000000000000 --- a/security/ssh2/files/patch-lib::sshsession::sshunixuser.c +++ /dev/null @@ -1,69 +0,0 @@ ---- lib/sshsession/sshunixuser.c.orig Wed Dec 3 14:17:21 2003 -+++ lib/sshsession/sshunixuser.c Mon Dec 29 20:57:45 2003 -@@ -104,6 +104,10 @@ - - #define SSH_DEBUG_MODULE "SshUnixUser" - -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+#include <login_cap.h> -+#endif /* __FreeBSD && HAVE_LOGIN_CAP_H */ -+ - extern char *crypt(const char *key, const char *salt); - - /* Group structure. */ -@@ -1477,6 +1481,37 @@ - /* Set uid, gid, and groups. */ - if (getuid() == UID_ROOT || geteuid() == UID_ROOT) - { -+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H) -+ struct passwd *pw; -+ -+ pw = getpwuid(ssh_user_uid(uc)); -+ if (setusercontext(NULL, pw, ssh_user_uid(uc), -+ LOGIN_SETALL & ~(LOGIN_SETLOGIN | LOGIN_SETUSER | -+ LOGIN_SETPATH | LOGIN_SETENV)) < 0) -+ { -+ SSH_DEBUG(2, ("setusercontext: unable to set user context")); -+ return FALSE; -+ } -+ endgrent(); -+ -+ /* chrooting at this point. */ -+ if (chroot_dir) -+ { -+ if (chroot(chroot_dir) < 0) -+ { -+ ssh_warning("Chroot to '%s' failed: %s", chroot_dir, -+ strerror(errno)); -+ return FALSE; -+ } -+ } -+ -+ if (setusercontext(NULL, pw, ssh_user_uid(uc), LOGIN_SETUSER) < 0) -+ { -+ SSH_DEBUG(2, ("setusercontext: unable to set user context")); -+ return FALSE; -+ } -+ endpwent(); -+#else /* ! (__FreeBSD && HAVE_LOGIN_CAP_H) */ - if (setgid(ssh_user_gid(uc)) < 0) - { - SSH_DEBUG(2, ("setgid: %s", strerror(errno))); -@@ -1524,7 +1559,8 @@ - { - if (chroot(chroot_dir) < 0) - { -- ssh_warning("Chroot to '%s' failed!", chroot_dir); -+ ssh_warning("Chroot to '%s' failed: %s", chroot_dir, -+ strerror(errno)); - return FALSE; - } - } -@@ -1578,6 +1614,7 @@ - return FALSE; - } - #endif /* HAVE_SIA */ -+#endif /* __FreeBSD && HAVE_LOGIN_CAP_H */ - } - - #ifdef KERBEROS diff --git a/security/ssh2/files/patch-lib::sshutil::sshincludes.h b/security/ssh2/files/patch-lib::sshutil::sshincludes.h deleted file mode 100644 index dd11710709e8..000000000000 --- a/security/ssh2/files/patch-lib::sshutil::sshincludes.h +++ /dev/null @@ -1,20 +0,0 @@ ---- lib/sshutil/sshincludes.h.orig Wed Dec 3 14:17:18 2003 -+++ lib/sshutil/sshincludes.h Sun Jul 30 15:27:37 2006 -@@ -331,7 +331,7 @@ - #define UID_ROOT 0 - #endif /* UID_ROOT */ - --#ifdef SSHDIST_ZLIB -+#if defined(SSHDIST_ZLIB) && !defined(__FreeBSD__) - /* Define zlib to have ssh prefix, so we will not care if there is another zlib - in the kernel */ - #define deflateInit_ ssh_z_deflateInit_ -@@ -367,7 +367,7 @@ - #define uLongf ssh_z_uLongf - #define voidpf ssh_z_voidpf - #define voidp ssh_z_voidp --#endif /* SSHDIST_ZLIB */ -+#endif /* SSHDIST_ZLIB && !__FreeBSD__ */ - - - diff --git a/security/ssh2/files/patch-sshdistdefs.h b/security/ssh2/files/patch-sshdistdefs.h deleted file mode 100644 index a9db85ac1e48..000000000000 --- a/security/ssh2/files/patch-sshdistdefs.h +++ /dev/null @@ -1,12 +0,0 @@ ---- sshdistdefs.h.orig Wed Dec 3 14:17:34 2003 -+++ sshdistdefs.h Sun Jul 30 15:29:21 2006 -@@ -12,7 +12,9 @@ - #ifndef SSHDISTDEFS_H - #define SSHDISTDEFS_H - -+#if !defined(__FreeBSD__) - #define SSHDIST_ZLIB_LEVEL_DETECTION -+#endif - #define SSHDIST_CRYPT_HMAC - #define SSHDIST_SESSION_SIA - #define SSHDIST_SSH2_SOCKS_FILTER diff --git a/security/ssh2/files/sshd2.sh.in b/security/ssh2/files/sshd2.sh.in deleted file mode 100644 index 56d28572ee4a..000000000000 --- a/security/ssh2/files/sshd2.sh.in +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -# PROVIDE: sshd2 -# REQUIRE: LOGIN -# -# Available configuration variables for sshd2 are: -# -# sshd2_enable (bool): Set to "YES" to enable sshd2. Defaults to "NO". -# sshd2_flags (flags): Extra flags to sshd2 (see sshd2(8)). Defaults to "". -# sshd2_port (port): Listening port of sshd2. Defaults to "22". -# -# Add at least the following line to /etc/rc.conf or /etc/rc.conf.local to -# enable sshd2: -# -# sshd2_enable="YES" -# - -. /etc/rc.subr - -name="sshd2" -rcvar=${name}_enable - -command=%%PREFIX%%/sbin/${name} -command_args="2> /dev/null" -required_files=/usr/local/etc/ssh2/${name}_config -keygen_cmd="sshd2_keygen" -start_precmd="sshd2_precmd" -extra_commands="keygen reload" - -sshd2_keygen() -{ - ( - umask 022 - if [ -f %%PREFIX%%/etc/ssh2/hostkey ]; then - echo "You already have a host key in" \ - "%%PREFIX%%/etc/ssh2/hostkey." - echo "Skipping key generation." - else - %%PREFIX%%/bin/ssh-keygen2 -P -t dsa -c "DSA hostkey" \ - %%PREFIX%%/etc/ssh2/hostkey - fi - ) -} - -sshd2_precmd() -{ - if [ ! -f %%PREFIX%%/etc/ssh2/hostkey ]; then - run_rc_command keygen - fi - - rc_flags="${rc_flags} -p ${sshd2_port}" -} - -load_rc_config $name - -: ${sshd2_enable="NO"} -: ${sshd2_port="22"} - -pidfile=/var/run/${name}_${sshd2_port}.pid - -run_rc_command "$1" diff --git a/security/ssh2/pkg-descr b/security/ssh2/pkg-descr deleted file mode 100644 index 339fa422e0b2..000000000000 --- a/security/ssh2/pkg-descr +++ /dev/null @@ -1,23 +0,0 @@ -SSH Protocols and Secure Shell - - Secure Shell is the secure login program that revolutionized remote -management of networks hosts over the Internet. It is a powerful, -very easy-to-use program that uses strong cryptography for protecting -all transmitted confidential data, including passwords, binary files, -and administrative commands. - -The benefits of SSH include: - -o Automatic authentication of users, no passwords sent in cleartext to - prevent the stealing of passwords. -o Multiple strong authentication methods that prevent such security - threats as spoofing identity. -o Authentication of both ends of connection, the server and the client - are authenticated to prevent identity spoofing, trojan horses, etc. -o Automatic authentication using agents to enable strong - authentication to multiple systems with a single-sign-on. -o Encryption and compression of data for security and speed. -o Secure file transfer. -o Tunneling and encryption of arbitrary connections. - -WWW: http://www.ssh.com/ diff --git a/security/ssh2/pkg-message b/security/ssh2/pkg-message deleted file mode 100644 index 64d2d8ebab54..000000000000 --- a/security/ssh2/pkg-message +++ /dev/null @@ -1,20 +0,0 @@ -=========================================================================== - -Depending on how you would like to start sshd2(8) you have two choices: -1) Add the following line to /etc/rc.conf or /etc/rc.conf.local: - -sshd2_enable="YES" - -For further available configuration variables when using this method see -%%PREFIX%%/etc/rc.d/sshd2{,.sh}. - -2) Add the following entries to your /etc/inetd.conf: - -ssh stream tcp nowait root %%PREFIX%%/sbin/sshd2 sshd -i -ssh stream tcp6 nowait root %%PREFIX%%/sbin/sshd2 sshd -i - -Using this method requires to manually generate a host key by either -executing `%%PREFIX%%/etc/rc.d/sshd2{,.sh} keygen` or by issuing -ssh-keygen2(1) directly. - -=========================================================================== diff --git a/security/ssh2/pkg-plist b/security/ssh2/pkg-plist deleted file mode 100644 index dd26ef582f34..000000000000 --- a/security/ssh2/pkg-plist +++ /dev/null @@ -1,55 +0,0 @@ -bin/scp -bin/scp2 -bin/sftp -bin/sftp2 -bin/sftp-server -bin/sftp-server2 -bin/ssh -bin/ssh-add -bin/ssh-add2 -bin/ssh-agent -bin/ssh-agent2 -%%WITH_X11:%%bin/ssh-askpass -%%WITH_X11:%%bin/ssh-askpass2 -bin/ssh-dummy-shell -bin/ssh-keygen -bin/ssh-keygen2 -bin/ssh-probe -bin/ssh-probe2 -bin/ssh-signer -bin/ssh-signer2 -bin/ssh2 -@unexec if cmp -s %D/etc/ssh2/sshd2_config %D/etc/ssh2/sshd2_config.example; then rm -f %D/etc/ssh2/sshd2_config; fi -etc/ssh2/sshd2_config.example -@exec [ -f %B/sshd2_config ] || cp %B/%f %B/sshd2_config -@unexec if cmp -s %D/etc/ssh2/ssh2_config %D/etc/ssh2/ssh2_config.example; then rm -f %D/etc/ssh2/ssh2_config; fi -etc/ssh2/ssh2_config.example -@exec [ -f %B/ssh2_config ] || cp %B/%f %B/ssh2_config -etc/ssh2/ssh_dummy_shell.out -etc/ssh2/subconfig/anonymous.example -etc/ssh2/subconfig/host_ext.example -etc/ssh2/subconfig/host_int.example -etc/ssh2/subconfig/user.example -@exec [ -d %D/etc/ssh2/hostkeys ] || mkdir %D/etc/ssh2/hostkeys -@exec [ -d %D/etc/ssh2/knownhosts ] || mkdir %D/etc/ssh2/knownhosts -sbin/sshd -sbin/sshd-check-conf -sbin/sshd2 -%%PORTDOCS%%%%DOCSDIR%%/CHANGES -%%PORTDOCS%%%%DOCSDIR%%/FAQ -%%PORTDOCS%%%%DOCSDIR%%/HOWTO.anonymous.sftp -%%PORTDOCS%%%%DOCSDIR%%/LICENSE -%%PORTDOCS%%%%DOCSDIR%%/NEWS -%%PORTDOCS%%%%DOCSDIR%%/README -%%PORTDOCS%%%%DOCSDIR%%/REGEX-SYNTAX -%%PORTDOCS%%%%DOCSDIR%%/SSH2.QUICKSTART -%%PORTDOCS%%%%DOCSDIR%%/RFC.authorization_program_protocol -%%PORTDOCS%%%%DOCSDIR%%/RFC.kbdint_plugin_protocol -%%PORTDOCS%%@dirrm %%DOCSDIR%% -%%EXAMPLESDIR%%/ext_authorization_example.sh -%%EXAMPLESDIR%%/kbdint_plugin_example.sh -@dirrm %%EXAMPLESDIR%% -@dirrmtry etc/ssh2/hostkeys -@dirrmtry etc/ssh2/knownhosts -@dirrmtry etc/ssh2/subconfig -@unexec rmdir %D/etc/ssh2 2> /dev/null || echo "If permanently deleting this package, %D/etc/ssh2 and its contents must be removed manually." |