aboutsummaryrefslogtreecommitdiff
path: root/security/ssh2
diff options
context:
space:
mode:
authorAndrey A. Chernov <ache@FreeBSD.org>1997-03-28 23:30:39 +0000
committerAndrey A. Chernov <ache@FreeBSD.org>1997-03-28 23:30:39 +0000
commit797920ff495ca74bc81dfdeeba311a7815d669f3 (patch)
treec40578853dc42c17bf228e976d0e8f37cc5bbef9 /security/ssh2
parent3a3bd81f8a763504dd2a69161412c15d6b70587b (diff)
downloadports-797920ff495ca74bc81dfdeeba311a7815d669f3.tar.gz
ports-797920ff495ca74bc81dfdeeba311a7815d669f3.zip
Notes
Diffstat (limited to 'security/ssh2')
-rw-r--r--security/ssh2/Makefile6
-rw-r--r--security/ssh2/distinfo2
-rw-r--r--security/ssh2/files/patch-aa8
-rw-r--r--security/ssh2/files/patch-ab35
-rw-r--r--security/ssh2/files/patch-ac90
-rw-r--r--security/ssh2/files/patch-ad32
-rw-r--r--security/ssh2/files/patch-af223
-rw-r--r--security/ssh2/files/patch-aj12
-rw-r--r--security/ssh2/files/patch-al12
9 files changed, 209 insertions, 211 deletions
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile
index bd7c2a4c4bf0..fd8320fbc049 100644
--- a/security/ssh2/Makefile
+++ b/security/ssh2/Makefile
@@ -1,15 +1,15 @@
# New ports collection makefile for: ssh
-# Version required: 1.2.17
+# Version required: 1.2.18
# Date created: 30 Jul 1995
# Whom: torstenb@FreeBSD.ORG
#
-# $Id: Makefile,v 1.35 1996/11/18 11:39:31 asami Exp $
+# $Id: Makefile,v 1.36 1996/11/20 12:45:41 adam Exp $
#
# Maximal ssh package requires YES values for
# USE_PERL, USE_TCPWRAP
#
-DISTNAME= ssh-1.2.17
+DISTNAME= ssh-1.2.18
CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
diff --git a/security/ssh2/distinfo b/security/ssh2/distinfo
index 55e0a4c6104b..6faa4f65b675 100644
--- a/security/ssh2/distinfo
+++ b/security/ssh2/distinfo
@@ -1,2 +1,2 @@
-MD5 (ssh-1.2.17.tar.gz) = f38c5bdce93e81c33176f95c6e635dc7
+MD5 (ssh-1.2.18.tar.gz) = 3ed9c159f1ab843966fb705168a69a8f
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
diff --git a/security/ssh2/files/patch-aa b/security/ssh2/files/patch-aa
index 468a7fc1e9cd..3ef8ce98cc1e 100644
--- a/security/ssh2/files/patch-aa
+++ b/security/ssh2/files/patch-aa
@@ -1,7 +1,7 @@
-*** make-ssh-known-hosts.pl.in.orig Wed Oct 30 15:27:47 1996
---- make-ssh-known-hosts.pl.in Thu Jan 30 23:00:02 1997
+*** make-ssh-known-hosts.pl.in.orig Thu Mar 27 09:04:06 1997
+--- make-ssh-known-hosts.pl.in Fri Mar 28 15:11:19 1997
***************
-*** 81,87 ****
+*** 84,90 ****
$debug = 5;
$defserver = '';
$bell='\a';
@@ -9,7 +9,7 @@
$private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
$timeout = 60;
$ping_timeout = 3;
---- 81,87 ----
+--- 84,90 ----
$debug = 5;
$defserver = '';
$bell='\a';
diff --git a/security/ssh2/files/patch-ab b/security/ssh2/files/patch-ab
index 665e48789afa..caa40dcd89fb 100644
--- a/security/ssh2/files/patch-ab
+++ b/security/ssh2/files/patch-ab
@@ -1,7 +1,7 @@
-*** configure.orig Wed Oct 30 15:27:56 1996
---- configure Thu Jan 30 23:03:12 1997
+*** configure.orig Thu Mar 27 09:04:06 1997
+--- configure Fri Mar 28 15:18:56 1997
***************
-*** 1331,1342 ****
+*** 1634,1645 ****
export CFLAGS CC
@@ -13,36 +13,36 @@
-
echo $ac_n "checking that the compiler works""... $ac_c" 1>&6
- if test "$cross_compiling" = yes; then
---- 1331,1336 ----
+ echo "configure:1646: checking that the compiler works" >&5
+--- 1634,1639 ----
***************
-*** 2264,2270 ****
+*** 2632,2638 ****
fi
! for ac_hdr in unistd.h rusage.h sys/time.h lastlog.h utmp.h shadow.h
do
- ac_safe=`echo "$ac_hdr" | tr './\055' '___'`
+ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
---- 2258,2264 ----
+--- 2626,2632 ----
fi
! for ac_hdr in unistd.h rusage.h sys/time.h lastlog.h login_cap.h utmp.h shadow.h
do
- ac_safe=`echo "$ac_hdr" | tr './\055' '___'`
+ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
***************
-*** 5140,5146 ****
- EOF
+*** 6696,6702 ****
+
cat >> $CONFIG_STATUS <<EOF
-! CONFIG_FILES=\${CONFIG_FILES-"Makefile sshd.8 ssh.1 make-ssh-known-hosts.1 zlib-1.0.3/Makefile"}
+! CONFIG_FILES=\${CONFIG_FILES-"Makefile sshd.8 ssh.1 make-ssh-known-hosts.1 zlib-1.0.4/Makefile"}
EOF
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
---- 5134,5140 ----
- EOF
+--- 6690,6696 ----
+
cat >> $CONFIG_STATUS <<EOF
! CONFIG_FILES=\${CONFIG_FILES-"Makefile sshd.8 ssh.1 make-ssh-known-hosts.1 make-ssh-known-hosts.pl"}
@@ -50,16 +50,13 @@
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
***************
-*** 5332,5338 ****
---- 5326,5336 ----
+*** 6900,6905 ****
+--- 6894,6901 ----
done
for ac_config_dir in gmp-2.0.2-ssh-2; do
+
+ continue # XXX don't configure gmp
-+ # Do not complain, so a configure script can configure whichever
-+ # parts of a large source tree are present.
# Do not complain, so a configure script can configure whichever
# parts of a large source tree are present.
- if test ! -d $srcdir/$ac_config_dir; then
diff --git a/security/ssh2/files/patch-ac b/security/ssh2/files/patch-ac
index 7c43f51d805e..31084324b943 100644
--- a/security/ssh2/files/patch-ac
+++ b/security/ssh2/files/patch-ac
@@ -1,57 +1,57 @@
-*** Makefile.in.orig Wed Oct 30 15:27:56 1996
---- Makefile.in Thu Jan 30 23:00:03 1997
+*** Makefile.in.orig Thu Mar 27 09:04:06 1997
+--- Makefile.in Fri Mar 28 15:36:08 1997
***************
-*** 188,199 ****
+*** 225,236 ****
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
! GMPLIBS = -L$(GMPDIR) -lgmp
! GMPDEP = $(GMPDIR)/gmp.h $(GMPDIR)/libgmp.a
- ZLIBDIR = zlib-1.0.3
+ ZLIBDIR = zlib-1.0.4
! ZLIBDEP = $(ZLIBDIR)/libz.a
! ZLIBLIBS = -L$(ZLIBDIR) -lz
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
---- 188,205 ----
+--- 225,242 ----
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
! # We have the same libgmp in the system, so use it instead
! GMPINCDIR = /usr/include
! GMPLIBDIR = /usr/lib
-! GMPDEP = $(GMPINCDIR)/gmp.h $(GMPLIBDIR)/libgmp.a
-! GMPLIBS = -L$(GMPLIBDIR) -lgmp
+! GMPDEP = $(GMPINCDIR)/gmp.h $(GMPLIBDIR)/libgmp.a
+! GMPLIBS = -L$(GMPLIBDIR) -lgmp
- ZLIBDIR = zlib-1.0.3
-! # We have newer libz in the system, so use it instead
-! ZLIBINCDIR = /usr/include
-! ZLIBLIBDIR = /usr/lib
-! ZLIBDEP = $(ZLIBINCDIR)/zlib.h $(ZLIBLIBDIR)/libz.a
-! ZLIBLIBS = -L$(ZLIBLIBDIR) -lz
+ ZLIBDIR = zlib-1.0.4
+! # We have the same libz in the system, so use it instead
+! ZLIBINCDIR = /usr/include
+! ZLIBLIBDIR = /usr/lib
+! ZLIBDEP = $(ZLIBINCDIR)/zlib.h $(ZLIBLIBDIR)/libz.a
+! ZLIBLIBS = -L$(ZLIBLIBDIR) -lz
RSAREFDIR = rsaref2
RSAREFSRCDIR = $(RSAREFDIR)/source
***************
-*** 275,281 ****
- $(CC) -o rfc-pg rfc-pg.c
+*** 324,330 ****
+ $(CC) -o rfc-pg rfc-pg.o
.c.o:
-! $(CC) -c -I. -I$(srcdir)/$(GMPDIR) -I$(srcdir)/$(ZLIBDIR) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" -DSSH_BINDIR=\"$(bindir)\" $(CFLAGS) $(X_CFLAGS) $<
+! $(CC) -c -I. $(KERBEROS_INCS) -I$(srcdir)/$(GMPDIR) -I$(srcdir)/$(ZLIBDIR) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" -DSSH_BINDIR=\"$(bindir)\" -DTIS_MAP_FILE=\"$(TIS_MAP_FILE)\" $(CFLAGS) $(X_CFLAGS) $<
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
---- 281,287 ----
- $(CC) -o rfc-pg rfc-pg.c
+--- 330,336 ----
+ $(CC) -o rfc-pg rfc-pg.o
.c.o:
-! $(CC) -c -I. -I$(GMPINCDIR) -I$(ZLIBINCDIR) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" -DSSH_BINDIR=\"$(bindir)\" $(CFLAGS) $(X_CFLAGS) $<
+! $(CC) -c -I. $(KERBEROS_INCS) -I$(GMPINCDIR) -I$(ZLIBINCDIR) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" -DSSH_BINDIR=\"$(bindir)\" -DTIS_MAP_FILE=\"$(TIS_MAP_FILE)\" $(CFLAGS) $(X_CFLAGS) $<
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
***************
-*** 310,328 ****
+*** 361,379 ****
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -71,7 +71,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
---- 316,334 ----
+--- 367,385 ----
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@@ -92,24 +92,24 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
***************
-*** 379,385 ****
+*** 430,436 ****
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
! install: $(PROGRAMS) make-dirs generate-host-key install-configs
- $(INSTALL_PROGRAM) -o root -m 04711 ssh $(install_prefix)$(bindir)/ssh
+ $(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh
-if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \
rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \
---- 385,391 ----
+--- 436,442 ----
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
! install: $(PROGRAMS) make-dirs install-configs
- $(INSTALL_PROGRAM) -o root -m 04711 ssh $(install_prefix)$(bindir)/ssh
+ $(INSTALL_PROGRAM) -o root -m $(SSH_INSTALL_MODE) ssh $(install_prefix)$(bindir)/ssh
-if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \
rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \
***************
-*** 480,506 ****
+*** 531,557 ****
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@@ -127,58 +127,58 @@
-rm -rf $(DISTNAME)
-mkdir $(DISTNAME)
cp $(DISTFILES) $(DISTNAME)
- -rm $(DISTNAME)/config.h
-! tar pcf - $(GMPDIR) | (cd $(DISTNAME); tar pxf -)
-! cd $(DISTNAME)/$(GMPDIR); $(MAKE) distclean
+ for i in $(DISTSRCS); do cp $(srcdir)/$$i $(DISTNAME); done
+! (cd $(GMPDIR); make dist)
+! gzip -cd $(GMPDIR)/$(GMPDIR).tar.gz | (cd $(DISTNAME); tar pxf - )
# tar cf - $(RSAREFDIR) | (cd $(DISTNAME); tar xf -)
# cd $(DISTNAME)/$(RSAREFSRCDIR); rm -f *.o *.a
-! tar pcf - $(ZLIBDIR) | (cd $(DISTNAME); tar pxf -)
-! cd $(DISTNAME)/$(ZLIBDIR); rm -f *.o *.a
+! (cd $(srcdir); tar pcf - $(ZLIBDIR) )| (cd $(DISTNAME); tar pxf -)
+! cd $(DISTNAME)/$(ZLIBDIR); rm -f *.o *.a; rm -rf CVS
tar pcf $(DISTNAME).tar $(DISTNAME)
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
---- 486,512 ----
+--- 537,563 ----
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
-! # cd $(GMPDIR); $(MAKE) clean
+! # cd $(GMPDIR); $(MAKE) clean
# cd $(RSAREFSRCDIR); rm -f *.o *.a
! # cd $(ZLIBDIR); $(MAKE) clean
distclean: clean
-rm -f Makefile config.status config.cache config.log config.h
-rm -f ssh.1 sshd.8 make-ssh-known-hosts.1
-! # cd $(GMPDIR); $(MAKE) distclean
+! # cd $(GMPDIR); $(MAKE) distclean
! # cd $(ZLIBDIR); $(MAKE) distclean
dist:
-rm -rf $(DISTNAME)
-mkdir $(DISTNAME)
cp $(DISTFILES) $(DISTNAME)
- -rm $(DISTNAME)/config.h
-! # tar pcf - $(GMPDIR) | (cd $(DISTNAME); tar pxf -)
-! # cd $(DISTNAME)/$(GMPDIR); $(MAKE) distclean
+ for i in $(DISTSRCS); do cp $(srcdir)/$$i $(DISTNAME); done
+! # (cd $(GMPDIR); make dist)
+! # gzip -cd $(GMPDIR)/$(GMPDIR).tar.gz | (cd $(DISTNAME); tar pxf - )
# tar cf - $(RSAREFDIR) | (cd $(DISTNAME); tar xf -)
# cd $(DISTNAME)/$(RSAREFSRCDIR); rm -f *.o *.a
-! # tar pcf - $(ZLIBDIR) | (cd $(DISTNAME); tar pxf -)
-! # cd $(DISTNAME)/$(ZLIBDIR); rm -f *.o *.a
+! # (cd $(srcdir); tar pcf - $(ZLIBDIR) )| (cd $(DISTNAME); tar pxf -)
+! # cd $(DISTNAME)/$(ZLIBDIR); rm -f *.o *.a; rm -rf CVS
tar pcf $(DISTNAME).tar $(DISTNAME)
-rm -f $(DISTNAME).tar.gz
gzip $(DISTNAME).tar
***************
-*** 512,518 ****
- (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed version.h >/dev/null
+*** 563,569 ****
+ (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
! $(MAKEDEP) -I$(srcdir) -I. -I$(GMPDIR) -I$(ZLIBDIR) $(DEFS) $(SRCS)
tags:
- find config.h $(srcdir) -name '*.[chly]' -print | xargs etags -a
---- 518,524 ----
- (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed version.h >/dev/null
+ -rm -f TAGS
+--- 569,575 ----
+ (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:
! $(MAKEDEP) -I$(srcdir) -I. $(DEFS) $(SRCS)
tags:
- find config.h $(srcdir) -name '*.[chly]' -print | xargs etags -a
+ -rm -f TAGS
diff --git a/security/ssh2/files/patch-ad b/security/ssh2/files/patch-ad
deleted file mode 100644
index 5eeb34a2e22e..000000000000
--- a/security/ssh2/files/patch-ad
+++ /dev/null
@@ -1,32 +0,0 @@
-*** sshconnect.c.orig Wed Oct 16 10:10:26 1996
---- sshconnect.c Wed Oct 16 10:23:49 1996
-***************
-*** 797,802 ****
---- 797,803 ----
- char buf[256], remote_version[256]; /* must be same size! */
- int remote_major, remote_minor, i;
- int my_major, my_minor;
-+ int len;
- int connection_in = packet_get_connection_in();
- int connection_out = packet_get_connection_out();
-
-***************
-*** 803,809 ****
- /* Read other side\'s version identification. */
- for (i = 0; i < sizeof(buf) - 1; i++)
- {
-! if (read(connection_in, &buf[i], 1) != 1)
- fatal("read: %.100s", strerror(errno));
- if (buf[i] == '\r')
- {
---- 804,813 ----
- /* Read other side\'s version identification. */
- for (i = 0; i < sizeof(buf) - 1; i++)
- {
-! len = read(connection_in, &buf[i], 1);
-! if (len == 0)
-! fatal("Connection closed by foreign host.");
-! else if (len < 0)
- fatal("read: %.100s", strerror(errno));
- if (buf[i] == '\r')
- { \ No newline at end of file
diff --git a/security/ssh2/files/patch-af b/security/ssh2/files/patch-af
index cd99b4fcd418..bd1982e6e60a 100644
--- a/security/ssh2/files/patch-af
+++ b/security/ssh2/files/patch-af
@@ -1,9 +1,9 @@
-*** sshd.c.orig Wed Oct 30 15:27:55 1996
---- sshd.c Fri Jan 31 00:36:15 1997
+*** sshd.c.orig Thu Mar 27 09:04:08 1997
+--- sshd.c Sat Mar 29 02:11:03 1997
***************
-*** 298,303 ****
---- 298,307 ----
- extern char *setlimits();
+*** 370,375 ****
+--- 370,379 ----
+ #include "firewall.h" /* TIS authsrv authentication */
#endif
+ #ifdef HAVE_LOGIN_CAP_H
@@ -14,8 +14,8 @@
#define DEFAULT_SHELL _PATH_BSHELL
#else
***************
-*** 2108,2113 ****
---- 2112,2127 ----
+*** 2697,2702 ****
+--- 2701,2716 ----
printf("Last login: %s from %s\r\n", time_string, buf);
}
@@ -33,8 +33,8 @@
disabled in server options. Note that some machines appear to
print it in /etc/profile or similar. */
***************
-*** 2124,2129 ****
---- 2138,2152 ----
+*** 2714,2719 ****
+--- 2728,2742 ----
fclose(f);
}
}
@@ -51,7 +51,7 @@
/* Do common processing for the child, such as execing the command. */
do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
***************
-*** 2376,2382 ****
+*** 2969,2975 ****
char *user_shell;
char *remote_ip;
int remote_port;
@@ -59,13 +59,12 @@
/* Check /etc/nologin. */
f = fopen("/etc/nologin", "r");
if (f)
---- 2399,2412 ----
+--- 2992,3004 ----
char *user_shell;
char *remote_ip;
int remote_port;
! #ifdef HAVE_LOGIN_CAP_H
! login_cap_t *lc;
-! char **tmpenv;
! char *real_shell;
!
! lc = login_getuserclass(pw);
@@ -75,9 +74,9 @@
f = fopen("/etc/nologin", "r");
if (f)
***************
-*** 2390,2395 ****
---- 2420,2426 ----
- if (pw->pw_uid != 0)
+*** 2983,2988 ****
+--- 3012,3018 ----
+ if (pw->pw_uid != UID_ROOT)
exit(254);
}
+ #endif /* HAVE_LOGIN_CAP_H */
@@ -85,7 +84,7 @@
if (command != NULL)
{
***************
-*** 2402,2408 ****
+*** 2995,3001 ****
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -93,7 +92,7 @@
#ifdef HAVE_SETLOGIN
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
---- 2433,2440 ----
+--- 3025,3032 ----
else
log_msg("executing remote command as user %.200s", pw->pw_name);
}
@@ -103,83 +102,101 @@
/* Set login name in the kernel. Warning: setsid() must be called before
this. */
***************
-*** 2417,2422 ****
---- 2449,2455 ----
+*** 3016,3021 ****
+--- 3047,3053 ----
if (setpcred((char *)pw->pw_name, NULL))
log_msg("setpcred %.100s: %.100s", strerror(errno));
#endif /* HAVE_USERSEC_H */
-+ #endif /* HAVE_LOGIN_CAP_H */
++ #endif /* !HAVE_LOGIN_CAP_H */
/* Save some data that will be needed so that we can do certain cleanups
before we switch to user's uid. (We must clear all sensitive data
***************
-*** 2474,2479 ****
---- 2507,2553 ----
- close(i);
- }
-
+*** 3086,3091 ****
+--- 3118,3181 ----
+ if (command != NULL || !options.use_login)
+ #endif /* USELOGIN */
+ {
+ #ifdef HAVE_LOGIN_CAP_H
-+ /* Save previous environment array
-+ */
-+ tmpenv = environ;
-+ /* Initialize the new environment.
-+ */
-+ envsize = 64;
-+ environ = env = xmalloc(envsize * sizeof(char *));
-+ env[0] = NULL;
++ char *p, *s, **tmpenv;
+
-+ child_set_env(&env, &envsize, "PATH", DEFAULT_PATH ":" SSH_BINDIR);
++ /* Save previous environment array
++ */
++ tmpenv = environ;
++ /* Initialize the new environment.
++ */
++ envsize = 64;
++ environ = env = xmalloc(envsize * sizeof(char *));
++ env[0] = NULL;
+
-+ /* Let it inherit timezone if we have one. */
-+ if (getenv("TZ"))
-+ child_set_env(&env, &envsize, "TZ", getenv("TZ"));
++ child_set_env(&env, &envsize, "PATH", DEFAULT_PATH);
+
+ #ifdef MAIL_SPOOL_DIRECTORY
-+ sprintf(buf, "%.200s/%.50s", MAIL_SPOOL_DIRECTORY, user_name);
-+ child_set_env(&env, &envsize, "MAIL", buf);
++ sprintf(buf, "%.200s/%.50s", MAIL_SPOOL_DIRECTORY, user_name);
++ child_set_env(&env, &envsize, "MAIL", buf);
+ #else /* MAIL_SPOOL_DIRECTORY */
+ #ifdef MAIL_SPOOL_FILE
-+ sprintf(buf, "%.200s/%.50s", user_dir, MAIL_SPOOL_FILE);
-+ child_set_env(&env, &envsize, "MAIL", buf);
++ sprintf(buf, "%.200s/%.50s", user_dir, MAIL_SPOOL_FILE);
++ child_set_env(&env, &envsize, "MAIL", buf);
+ #endif /* MAIL_SPOOL_FILE */
+ #endif /* MAIL_SPOOL_DIRECTORY */
+
-+ /* Set the user's login environment
-+ */
-+ if (setusercontext(lc, pw, user_uid, LOGIN_SETALL) < 0)
-+ {
-+ perror("setgid");
-+ exit(1);
-+ }
-+ env = environ;
-+ environ = tmpenv; /* Restore parent environment */
-+ for (envsize = 0; env[envsize] != NULL; ++envsize)
-+ ;
-+ /* Reallocate this to what is expected */
-+ envsize = (envsize < 100) ? 100 : envsize + 16;
-+ env = xrealloc(env, envsize * sizeof(char *));
++ /* Let it inherit timezone if we have one. */
++ if (getenv("TZ"))
++ child_set_env(&env, &envsize, "TZ", getenv("TZ"));
++
++ /* Set the user's login environment
++ */
++ if (setusercontext(lc, pw, user_uid, LOGIN_SETALL) < 0)
++ {
++ perror("setusercontext");
++ exit(1);
++ }
++
++ p = getenv("PATH");
++ s = xmalloc((p != NULL ? strlen(p) + 1 : 0) + sizeof(SSH_BINDIR));
++ *s = '\0';
++ if (p != NULL)
++ {
++ strcat(s, p);
++ strcat(s, ":");
++ }
++ strcat(s, SSH_BINDIR);
++
++ env = environ;
++ environ = tmpenv; /* Restore parent environment */
++ for (envsize = 0; env[envsize] != NULL; ++envsize)
++ ;
++ /* Reallocate this to what is expected */
++ envsize = (envsize < 100) ? 100 : envsize + 16;
++ env = xrealloc(env, envsize * sizeof(char *));
++
++ child_set_env(&env, &envsize, "PATH", s);
++ xfree(s);
++
+ #else /* !HAVE_LOGIN_CAP_H */
- /* At this point, this process should no longer be holding any confidential
- information, as changing uid below will permit the user to attach with
- a debugger on some machines. */
+ /* Set uid, gid, and groups. */
+ if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
+ {
***************
-*** 2514,2519 ****
---- 2588,2594 ----
-
- if (getuid() != user_uid || geteuid() != user_uid)
- fatal("Failed to set uids to %d.", (int)user_uid);
+*** 3117,3122 ****
+--- 3207,3213 ----
+
+ if (getuid() != user_uid || geteuid() != user_uid)
+ fatal("Failed to set uids to %d.", (int)user_uid);
+ #endif /* HAVE_LOGIN_CAP_H */
-
+ }
+
/* Reset signals to their default settings before starting the user
- process. */
***************
-*** 2523,2538 ****
---- 2598,2621 ----
+*** 3127,3137 ****
+--- 3218,3233 ----
and means /bin/sh. */
shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell;
+ #ifdef HAVE_LOGIN_CAP_H
+ real_shell = login_getcapstr(lc, "shell", (char*)shell, (char*)shell);
++ login_close(lc);
+ #else /* !HAVE_LOGIN_CAP_H */
/* Initialize the environment. In the first part we allocate space for
all environment variables. */
@@ -188,44 +205,60 @@
env[0] = NULL;
+ #endif /* HAVE_LOGIN_CAP_H */
- /* Set basic environment. */
- child_set_env(&env, &envsize, "USER", user_name);
- child_set_env(&env, &envsize, "LOGNAME", user_name);
- child_set_env(&env, &envsize, "HOME", user_dir);
+ #ifdef USELOGIN
+ if (command != NULL || !options.use_login)
+***************
+*** 3141,3146 ****
+--- 3237,3244 ----
+ child_set_env(&env, &envsize, "HOME", user_dir);
+ child_set_env(&env, &envsize, "USER", user_name);
+ child_set_env(&env, &envsize, "LOGNAME", user_name);
+
-+ #ifdef HAVE_LOGIN_CAP_H
-+ login_close(lc);
-+ #else /* !HAVE_LOGIN_CAP_H */
- child_set_env(&env, &envsize, "PATH", DEFAULT_PATH ":" SSH_BINDIR);
-
- /* Let it inherit timezone if we have one. */
++ #ifndef HAVE_LOGIN_CAP_H
+ child_set_env(&env, &envsize, "PATH", DEFAULT_PATH ":" SSH_BINDIR);
+
+ #ifdef MAIL_SPOOL_DIRECTORY
***************
-*** 2548,2553 ****
---- 2631,2637 ----
- child_set_env(&env, &envsize, "MAIL", buf);
+*** 3152,3157 ****
+--- 3250,3256 ----
+ child_set_env(&env, &envsize, "MAIL", buf);
#endif /* MAIL_SPOOL_FILE */
#endif /* MAIL_SPOOL_DIRECTORY */
-+ #endif /* HAVE_LOGIN_CAP_H */
-
++ #endif /* !HAVE_LOGIN_CAP_H */
+
#ifdef HAVE_ETC_DEFAULT_LOGIN
- /* Read /etc/default/login; this exists at least on Solaris 2.x. Note
+ /* Read /etc/default/login; this exists at least on Solaris 2.x. Note
+***************
+*** 3167,3175 ****
+--- 3266,3276 ----
+ child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
+ original_command);
+
++ #ifndef HAVE_LOGIN_CAP_H
+ /* Let it inherit timezone if we have one. */
+ if (getenv("TZ"))
+ child_set_env(&env, &envsize, "TZ", getenv("TZ"));
++ #endif /* !HAVE_LOGIN_CAP_H */
+
+ /* Set custom environment options from RSA authentication. */
+ while (custom_environment)
***************
-*** 2710,2716 ****
---- 2794,2804 ----
- /* Execute the shell. */
- argv[0] = buf;
- argv[1] = NULL;
+*** 3389,3395 ****
+--- 3490,3500 ----
+ /* Execute the shell. */
+ argv[0] = buf;
+ argv[1] = NULL;
+ #ifdef HAVE_LOGIN_CAP_H
-+ execve(real_shell, argv, env);
++ execve(real_shell, argv, env);
+ #else
- execve(shell, argv, env);
+ execve(shell, argv, env);
+ #endif /* HAVE_LOGIN_CAP_H */
- /* Executing the shell failed. */
- perror(shell);
- exit(1);
+ /* Executing the shell failed. */
+ perror(shell);
+ exit(1);
***************
-*** 2722,2728 ****
---- 2810,2820 ----
+*** 3410,3416 ****
+--- 3515,3525 ----
argv[1] = "-c";
argv[2] = (char *)command;
argv[3] = NULL;
diff --git a/security/ssh2/files/patch-aj b/security/ssh2/files/patch-aj
index 74821f010661..008d4dec5cdc 100644
--- a/security/ssh2/files/patch-aj
+++ b/security/ssh2/files/patch-aj
@@ -1,7 +1,7 @@
-*** configure.in.orig Wed Oct 30 15:27:56 1996
---- configure.in Thu Jan 30 23:00:38 1997
+*** configure.in.orig Thu Mar 27 09:04:06 1997
+--- configure.in Sat Mar 29 01:16:51 1997
***************
-*** 469,477 ****
+*** 574,582 ****
export CFLAGS CC
@@ -11,7 +11,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
---- 469,477 ----
+--- 574,582 ----
export CFLAGS CC
@@ -22,7 +22,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
***************
-*** 523,529 ****
+*** 628,634 ****
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
@@ -30,7 +30,7 @@
AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
AC_HEADER_TIME
---- 523,529 ----
+--- 628,634 ----
AC_HEADER_STDC
AC_HEADER_SYS_WAIT
diff --git a/security/ssh2/files/patch-al b/security/ssh2/files/patch-al
index 9fd18168138a..7ca297bc9ea7 100644
--- a/security/ssh2/files/patch-al
+++ b/security/ssh2/files/patch-al
@@ -1,8 +1,8 @@
-*** sshconnect.c.orig Thu Jan 30 23:00:03 1997
---- sshconnect.c Thu Jan 30 23:00:04 1997
+*** sshconnect.c.orig Thu Mar 27 09:04:10 1997
+--- sshconnect.c Sat Mar 29 01:16:51 1997
***************
-*** 239,244 ****
---- 239,250 ----
+*** 298,303 ****
+--- 298,309 ----
{
struct sockaddr_in sin;
int p;
@@ -16,8 +16,8 @@
{
sock = socket(AF_INET, SOCK_STREAM, 0);
***************
-*** 266,271 ****
---- 272,278 ----
+*** 325,330 ****
+--- 331,337 ----
}
fatal("bind: %.100s", strerror(errno));
}