From 5b2b1d78087f359682131bd6d150db0b610ca073 Mon Sep 17 00:00:00 2001 From: Dirk Meyer Date: Tue, 12 Mar 2002 17:54:07 +0000 Subject: Rename Patches to make navigation much more easier. --- security/openssh/files/patch-Makefile | 10 ++ security/openssh/files/patch-Makefile.inc | 23 ++++ security/openssh/files/patch-aa | 20 --- security/openssh/files/patch-ab | 23 ---- security/openssh/files/patch-ac | 71 ---------- security/openssh/files/patch-ad | 24 ---- security/openssh/files/patch-ae | 14 -- security/openssh/files/patch-af | 13 -- security/openssh/files/patch-ag | 40 ------ security/openssh/files/patch-ah | 18 --- security/openssh/files/patch-ai | 18 --- security/openssh/files/patch-aj | 18 --- security/openssh/files/patch-ak | 12 -- security/openssh/files/patch-al | 20 --- security/openssh/files/patch-am | 44 ------- security/openssh/files/patch-an | 15 --- security/openssh/files/patch-ao | 23 ---- security/openssh/files/patch-ap | 11 -- security/openssh/files/patch-ar | 14 -- security/openssh/files/patch-as | 14 -- security/openssh/files/patch-at | 49 ------- security/openssh/files/patch-au | 157 ----------------------- security/openssh/files/patch-auth.c | 97 ++++++++++++++ security/openssh/files/patch-av | 97 -------------- security/openssh/files/patch-clientloop.c | 11 ++ security/openssh/files/patch-includes.h | 71 ++++++++++ security/openssh/files/patch-lib-Makefile | 24 ++++ security/openssh/files/patch-pathnames.h | 20 +++ security/openssh/files/patch-scp-Makefile | 13 ++ security/openssh/files/patch-session.c | 157 +++++++++++++++++++++++ security/openssh/files/patch-ssh-Makefile | 40 ++++++ security/openssh/files/patch-ssh-add-Makefile | 18 +++ security/openssh/files/patch-ssh-agent-Makefile | 18 +++ security/openssh/files/patch-ssh-keygen-Makefile | 18 +++ security/openssh/files/patch-ssh.c | 12 ++ security/openssh/files/patch-sshconnect.c | 49 +++++++ security/openssh/files/patch-sshd-Makefile | 44 +++++++ security/openssh/files/patch-sshd.8 | 14 ++ security/openssh/files/patch-sshd.c | 15 +++ security/openssh/files/patch-sshd_config | 23 ++++ security/openssh/files/patch-sshlogin.c | 14 ++ security/openssh/files/patch-sshpty.c | 14 ++ 42 files changed, 705 insertions(+), 715 deletions(-) create mode 100644 security/openssh/files/patch-Makefile create mode 100644 security/openssh/files/patch-Makefile.inc delete mode 100644 security/openssh/files/patch-aa delete mode 100644 security/openssh/files/patch-ab delete mode 100644 security/openssh/files/patch-ac delete mode 100644 security/openssh/files/patch-ad delete mode 100644 security/openssh/files/patch-ae delete mode 100644 security/openssh/files/patch-af delete mode 100644 security/openssh/files/patch-ag delete mode 100644 security/openssh/files/patch-ah delete mode 100644 security/openssh/files/patch-ai delete mode 100644 security/openssh/files/patch-aj delete mode 100644 security/openssh/files/patch-ak delete mode 100644 security/openssh/files/patch-al delete mode 100644 security/openssh/files/patch-am delete mode 100644 security/openssh/files/patch-an delete mode 100644 security/openssh/files/patch-ao delete mode 100644 security/openssh/files/patch-ap delete mode 100644 security/openssh/files/patch-ar delete mode 100644 security/openssh/files/patch-as delete mode 100644 security/openssh/files/patch-at delete mode 100644 security/openssh/files/patch-au create mode 100644 security/openssh/files/patch-auth.c delete mode 100644 security/openssh/files/patch-av create mode 100644 security/openssh/files/patch-clientloop.c create mode 100644 security/openssh/files/patch-includes.h create mode 100644 security/openssh/files/patch-lib-Makefile create mode 100644 security/openssh/files/patch-pathnames.h create mode 100644 security/openssh/files/patch-scp-Makefile create mode 100644 security/openssh/files/patch-session.c create mode 100644 security/openssh/files/patch-ssh-Makefile create mode 100644 security/openssh/files/patch-ssh-add-Makefile create mode 100644 security/openssh/files/patch-ssh-agent-Makefile create mode 100644 security/openssh/files/patch-ssh-keygen-Makefile create mode 100644 security/openssh/files/patch-ssh.c create mode 100644 security/openssh/files/patch-sshconnect.c create mode 100644 security/openssh/files/patch-sshd-Makefile create mode 100644 security/openssh/files/patch-sshd.8 create mode 100644 security/openssh/files/patch-sshd.c create mode 100644 security/openssh/files/patch-sshd_config create mode 100644 security/openssh/files/patch-sshlogin.c create mode 100644 security/openssh/files/patch-sshpty.c (limited to 'security/openssh') diff --git a/security/openssh/files/patch-Makefile b/security/openssh/files/patch-Makefile new file mode 100644 index 000000000000..9eb818815b35 --- /dev/null +++ b/security/openssh/files/patch-Makefile @@ -0,0 +1,10 @@ +--- Makefile.orig Tue Mar 12 08:36:18 2002 ++++ Makefile Tue Mar 12 08:52:48 2002 +@@ -1,6 +1,7 @@ + # $OpenBSD: Makefile,v 1.10 2002/02/09 17:37:34 deraadt Exp $ + + .include ++.include "Makefile.inc" + + SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server \ + ssh-keyscan sftp scard diff --git a/security/openssh/files/patch-Makefile.inc b/security/openssh/files/patch-Makefile.inc new file mode 100644 index 000000000000..d4874c8b85c7 --- /dev/null +++ b/security/openssh/files/patch-Makefile.inc @@ -0,0 +1,23 @@ +--- Makefile.inc.orig Sun Jul 29 16:00:07 2001 ++++ Makefile.inc Wed Oct 3 13:49:31 2001 +@@ -17,10 +17,16 @@ + + .include + +-.if exists(${.CURDIR}/../lib/${__objdir}) +-LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh +-DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a +-.else ++AFS?= no ++KERBEROS?= no ++KERBEROS5?= no ++PAM?= no ++SKEY?= no ++TCP_WRAPPERS?= yes ++ ++CFLAGS+= -I${OPENSSLINC} ${INET6FLAGS} ++ ++.if !defined(IGNORE_LIBSSH) + LDADD+= -L${.CURDIR}/../lib -lssh + DPADD+= ${.CURDIR}/../lib/libssh.a + .endif diff --git a/security/openssh/files/patch-aa b/security/openssh/files/patch-aa deleted file mode 100644 index f3ef9a1aac9d..000000000000 --- a/security/openssh/files/patch-aa +++ /dev/null @@ -1,20 +0,0 @@ ---- Makefile.orig Thu Jun 28 23:55:27 2001 -+++ Makefile Wed Oct 3 12:17:35 2001 -@@ -1,14 +1,15 @@ - # $OpenBSD: Makefile,v 1.9 2001/06/28 21:55:27 markus Exp $ - - .include -+.include "Makefile.inc" - - SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server \ - ssh-keyscan sftp scard - - distribution: -- install -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \ -+ install -c -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \ - ${DESTDIR}/etc/ssh_config -- install -C -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \ -+ install -c -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \ - ${DESTDIR}/etc/sshd_config - - .include diff --git a/security/openssh/files/patch-ab b/security/openssh/files/patch-ab deleted file mode 100644 index d4874c8b85c7..000000000000 --- a/security/openssh/files/patch-ab +++ /dev/null @@ -1,23 +0,0 @@ ---- Makefile.inc.orig Sun Jul 29 16:00:07 2001 -+++ Makefile.inc Wed Oct 3 13:49:31 2001 -@@ -17,10 +17,16 @@ - - .include - --.if exists(${.CURDIR}/../lib/${__objdir}) --LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh --DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a --.else -+AFS?= no -+KERBEROS?= no -+KERBEROS5?= no -+PAM?= no -+SKEY?= no -+TCP_WRAPPERS?= yes -+ -+CFLAGS+= -I${OPENSSLINC} ${INET6FLAGS} -+ -+.if !defined(IGNORE_LIBSSH) - LDADD+= -L${.CURDIR}/../lib -lssh - DPADD+= ${.CURDIR}/../lib/libssh.a - .endif diff --git a/security/openssh/files/patch-ac b/security/openssh/files/patch-ac deleted file mode 100644 index f110376005d8..000000000000 --- a/security/openssh/files/patch-ac +++ /dev/null @@ -1,71 +0,0 @@ ---- includes.h.orig Sat Jan 26 17:44:22 2002 -+++ includes.h Fri Mar 8 20:59:17 2002 -@@ -24,12 +24,12 @@ - #include - #include - #include --#include - #include - #include - #include - #include - #include -+#include - - #include - #include -@@ -38,7 +38,6 @@ - #include - #include - --#include - #include - #include - #include -@@ -62,5 +61,46 @@ - * client program. Socketpairs do not seem to work on all systems. - */ - #define USE_PIPES 1 -+ -+#if defined(__FreeBSD__) && __FreeBSD__ <= 3 -+/* -+ * Data types. -+ */ -+typedef u_char sa_family_t; -+typedef int socklen_t; -+ -+/* -+ * bsd-api-new-02a: protocol-independent placeholder for socket addresses -+ */ -+#define _SS_MAXSIZE 128 -+#define _SS_ALIGNSIZE (sizeof(int64_t)) -+#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof(u_char) * 2) -+#define _SS_PAD2SIZE (_SS_MAXSIZE - sizeof(u_char) * 2 - \ -+ _SS_PAD1SIZE - _SS_ALIGNSIZE) -+ -+struct sockaddr_storage { -+ u_char ss_len; /* address length */ -+ sa_family_t ss_family; /* address family */ -+ char __ss_pad1[_SS_PAD1SIZE]; -+ int64_t __ss_align; /* force desired structure storage alignment */ -+ char __ss_pad2[_SS_PAD2SIZE]; -+}; -+ -+/* defines for comatibility with older FreeBSD releases */ -+#ifndef SHUT_RD -+#define SHUT_RD 0 -+#endif -+#ifndef SHUT_WR -+#define SHUT_WR 1 -+#endif -+#ifndef SHUT_RDWR -+#define SHUT_RDWR 2 -+#endif -+ -+#ifndef INET_ADDRSTRLEN -+#define INET_ADDRSTRLEN 46 -+#endif -+ -+#endif - - #endif /* INCLUDES_H */ diff --git a/security/openssh/files/patch-ad b/security/openssh/files/patch-ad deleted file mode 100644 index f3bbcbbe37d3..000000000000 --- a/security/openssh/files/patch-ad +++ /dev/null @@ -1,24 +0,0 @@ ---- lib/Makefile.orig Tue Jun 26 19:52:41 2001 -+++ lib/Makefile Thu Nov 15 06:10:43 2001 -@@ -9,7 +9,11 @@ - rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ - key.c dispatch.c kex.c mac.c uuencode.c misc.c \ - rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \ -- scard.c -+ scard.c strlcpy.c strlcat.c -+ -+.if defined(COMPAT_GETADDRINFO) -+SRCS+= getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c -+.endif - - NOPROFILE= yes - NOPIC= yes -@@ -18,6 +22,8 @@ - @echo -n - - .include -+IGNORE_LIBSSH=yes -+.include "../Makefile.inc" - - .if (${KERBEROS:L} == "yes") - CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV diff --git a/security/openssh/files/patch-ae b/security/openssh/files/patch-ae deleted file mode 100644 index 91b4d3f1ebdd..000000000000 --- a/security/openssh/files/patch-ae +++ /dev/null @@ -1,14 +0,0 @@ ---- sshlogin.c.orig Sat Mar 24 17:43:27 2001 -+++ sshlogin.c Sat May 26 14:42:30 2001 -@@ -41,7 +41,11 @@ - #include "includes.h" - RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $"); - -+#ifdef __FreeBSD__ -+#include -+#else - #include -+#endif /* __FreeBSD__ */ - #include - #include "sshlogin.h" - #include "log.h" diff --git a/security/openssh/files/patch-af b/security/openssh/files/patch-af deleted file mode 100644 index 0c181dd81cd0..000000000000 --- a/security/openssh/files/patch-af +++ /dev/null @@ -1,13 +0,0 @@ ---- scp/Makefile.orig Thu Jun 29 14:35:46 2000 -+++ scp/Makefile Sat Nov 4 16:44:18 2000 -@@ -5,8 +5,8 @@ - - BINMODE?=555 - --BINDIR= /usr/bin --MAN= scp.1 -+BINDIR= /bin -+MAN1= scp.1 - - SRCS= scp.c - diff --git a/security/openssh/files/patch-ag b/security/openssh/files/patch-ag deleted file mode 100644 index 6971b0cfacf1..000000000000 --- a/security/openssh/files/patch-ag +++ /dev/null @@ -1,40 +0,0 @@ ---- ssh/Makefile.orig Tue Sep 11 00:44:47 2001 -+++ ssh/Makefile Wed Oct 3 13:54:47 2001 -@@ -7,8 +7,8 @@ - - BINMODE?=4555 - --BINDIR= /usr/bin --MAN= ssh.1 -+BINDIR= /bin -+MAN1= ssh.1 - LINKS= ${BINDIR}/ssh ${BINDIR}/slogin - MLINKS= ssh.1 slogin.1 - -@@ -16,6 +16,7 @@ - sshconnect.c sshconnect1.c sshconnect2.c - - .include # for AFS -+.include "../Makefile.inc" - - .if (${KERBEROS5:L} == "yes") - CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV -@@ -24,8 +25,8 @@ - .endif # KERBEROS5 - - .if (${KERBEROS:L} == "yes") --CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV --LDADD+= -lkrb -+CFLAGS+= -DKRB4 -I/usr/include/kerberosIV -+LDADD+= -lkrb -lcom_err - DPADD+= ${LIBKRB} - .if (${AFS:L} == "yes") - CFLAGS+= -DAFS -@@ -36,5 +37,5 @@ - - .include - --LDADD+= -lcrypto -lz --DPADD+= ${LIBCRYPTO} ${LIBZ} -+LDADD+= ${CRYPTOLIBS} -lcrypt -lutil -lz -+DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-ah b/security/openssh/files/patch-ah deleted file mode 100644 index e8998f956c92..000000000000 --- a/security/openssh/files/patch-ah +++ /dev/null @@ -1,18 +0,0 @@ ---- ssh-add/Makefile.orig Sun Mar 4 01:51:25 2001 -+++ ssh-add/Makefile Sat May 26 14:56:29 2001 -@@ -7,12 +7,12 @@ - - BINMODE?=555 - --BINDIR= /usr/bin --MAN= ssh-add.1 -+BINDIR= /bin -+MAN1= ssh-add.1 - - SRCS= ssh-add.c - - .include - --LDADD+= -lcrypto -+LDADD+= ${CRYPTOLIBS} - DPADD+= ${LIBCRYPTO} diff --git a/security/openssh/files/patch-ai b/security/openssh/files/patch-ai deleted file mode 100644 index c1a75662404e..000000000000 --- a/security/openssh/files/patch-ai +++ /dev/null @@ -1,18 +0,0 @@ ---- ssh-agent/Makefile.orig Sun Mar 4 01:51:25 2001 -+++ ssh-agent/Makefile Sat May 26 14:58:48 2001 -@@ -7,12 +7,12 @@ - - BINMODE?=555 - --BINDIR= /usr/bin --MAN= ssh-agent.1 -+BINDIR= /bin -+MAN1= ssh-agent.1 - - SRCS= ssh-agent.c - - .include - --LDADD+= -lcrypto -+LDADD+= ${CRYPTOLIBS} - DPADD+= ${LIBCRYPTO} diff --git a/security/openssh/files/patch-aj b/security/openssh/files/patch-aj deleted file mode 100644 index 1ed89ae0966e..000000000000 --- a/security/openssh/files/patch-aj +++ /dev/null @@ -1,18 +0,0 @@ ---- ssh-keygen/Makefile.orig Sun Mar 4 01:51:26 2001 -+++ ssh-keygen/Makefile Sat May 26 15:02:25 2001 -@@ -7,12 +7,12 @@ - - BINMODE?=555 - --BINDIR= /usr/bin --MAN= ssh-keygen.1 -+BINDIR= /bin -+MAN1= ssh-keygen.1 - - SRCS= ssh-keygen.c - - .include - --LDADD+= -lcrypto -+LDADD+= ${CRYPTOLIBS} - DPADD+= ${LIBCRYPTO} diff --git a/security/openssh/files/patch-ak b/security/openssh/files/patch-ak deleted file mode 100644 index a55517683cfa..000000000000 --- a/security/openssh/files/patch-ak +++ /dev/null @@ -1,12 +0,0 @@ ---- ssh.c.orig Tue Apr 17 14:55:04 2001 -+++ ssh.c Sat May 26 15:05:28 2001 -@@ -199,6 +199,9 @@ - log("Using rsh. WARNING: Connection will not be encrypted."); - /* Build argument list for rsh. */ - i = 0; -+#ifndef _PATH_RSH -+#define _PATH_RSH "/usr/bin/rsh" -+#endif - args[i++] = _PATH_RSH; - /* host may have to come after user on some systems */ - args[i++] = host; diff --git a/security/openssh/files/patch-al b/security/openssh/files/patch-al deleted file mode 100644 index 0eb763623833..000000000000 --- a/security/openssh/files/patch-al +++ /dev/null @@ -1,20 +0,0 @@ ---- pathnames.h.orig Fri Mar 8 05:51:08 2002 -+++ pathnames.h Fri Mar 8 05:52:57 2002 -@@ -12,7 +12,7 @@ - * called by a name other than "ssh" or "Secure Shell". - */ - --#define ETCDIR "/etc" -+#define ETCDIR "__PREFIX__/etc" - #define SSHDIR ETCDIR - #define _PATH_SSH_PIDDIR "/var/run" - -@@ -37,7 +37,7 @@ - /* Backwards compatibility */ - #define _PATH_DH_PRIMES ETCDIR "/primes" - --#define _PATH_SSH_PROGRAM "/usr/bin/ssh" -+#define _PATH_SSH_PROGRAM "__PREFIX__/bin/ssh" - - /* - * The process id of the daemon listening for connections is saved here to diff --git a/security/openssh/files/patch-am b/security/openssh/files/patch-am deleted file mode 100644 index 07528232bb5a..000000000000 --- a/security/openssh/files/patch-am +++ /dev/null @@ -1,44 +0,0 @@ ---- sshd/Makefile.orig Fri Mar 8 05:54:03 2002 -+++ sshd/Makefile Fri Mar 8 06:00:30 2002 -@@ -5,8 +5,8 @@ - PROG= sshd - BINOWN= root - BINMODE=555 --BINDIR= /usr/sbin --MAN= sshd.8 -+BINDIR= /sbin -+MAN8= sshd.8 - CFLAGS+=-DHAVE_LOGIN_CAP - #CFLAGS+=-DBSD_AUTH - -@@ -17,9 +17,10 @@ - auth-skey.c auth-bsdauth.c - - .include # for KERBEROS and AFS -+.include "../Makefile.inc" - - .if (${KERBEROS5:L} == "yes") --CFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/kerberosV -+CFLAGS+=-DKRB5 -I/usr/include/kerberosV - SRCS+= auth-krb5.c - LDADD+= -lkrb5 -lkafs -lasn1 -lcom_err - DPADD+= ${LIBKRB5} ${LIBKAFS} ${LIBASN1} -@@ -31,15 +32,15 @@ - LDADD+= -lkafs - DPADD+= ${LIBKRBAFS} - .endif # AFS --CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV -+CFLAGS+= -DKRB4 -I/usr/include/kerberosIV - SRCS+= auth-krb4.c --LDADD+= -lkrb -+LDADD+= -lkrb -lcom_err - DPADD+= ${LIBKRB} - .endif # KERBEROS - - .include - --LDADD+= -lcrypto -lutil -lz -ldes -+LDADD+= ${CRYPTOLIBS} -lcrypt -lutil -lz - DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} - - .if (${TCP_WRAPPERS:L} == "yes") diff --git a/security/openssh/files/patch-an b/security/openssh/files/patch-an deleted file mode 100644 index e5f14e469d89..000000000000 --- a/security/openssh/files/patch-an +++ /dev/null @@ -1,15 +0,0 @@ ---- /home/bright/ssh/ssh/sshd.c Thu Aug 17 13:06:34 2000 -+++ sshd.c Fri Feb 9 11:19:08 2001 -@@ -49,6 +49,12 @@ - int deny_severity = LOG_WARNING; - #endif /* LIBWRAP */ - -+#ifdef __FreeBSD__ -+#include -+#include -+#include -+#endif /* __FreeBSD__ */ -+ - #ifndef O_NOCTTY - #define O_NOCTTY 0 - #endif diff --git a/security/openssh/files/patch-ao b/security/openssh/files/patch-ao deleted file mode 100644 index 13df05806802..000000000000 --- a/security/openssh/files/patch-ao +++ /dev/null @@ -1,23 +0,0 @@ ---- sshd_config.orig Fri Mar 8 06:01:02 2002 -+++ sshd_config Fri Mar 8 06:03:06 2002 -@@ -30,8 +30,10 @@ - - # Authentication: - --#LoginGraceTime 600 --#PermitRootLogin yes -+#LoginGraceTime 300 -+LoginGraceTime 600 -+#PermitRootLogin no -+PermitRootLogin yes - #StrictModes yes - - #RSAAuthentication yes -@@ -76,6 +78,7 @@ - #PrintLastLog yes - #KeepAlive yes - #UseLogin no -+UseLogin yes - - #MaxStartups 10 - # no default banner path diff --git a/security/openssh/files/patch-ap b/security/openssh/files/patch-ap deleted file mode 100644 index 67fc4dcb4f6b..000000000000 --- a/security/openssh/files/patch-ap +++ /dev/null @@ -1,11 +0,0 @@ ---- clientloop.c.orig Fri Apr 20 09:17:51 2001 -+++ clientloop.c Sat May 26 15:18:51 2001 -@@ -1131,7 +1131,7 @@ - - if (strcmp(ctype, "forwarded-tcpip") == 0) { - c = client_request_forwarded_tcpip(ctype, rchan); -- } else if (strcmp(ctype, "x11") == 0) { -+ } else if (strcmp(ctype, "x11") == 0 && options.forward_x11) { - c = client_request_x11(ctype, rchan); - } else if (strcmp(ctype, "auth-agent@openssh.com") == 0) { - c = client_request_agent(ctype, rchan); diff --git a/security/openssh/files/patch-ar b/security/openssh/files/patch-ar deleted file mode 100644 index 18d5e5dd73f6..000000000000 --- a/security/openssh/files/patch-ar +++ /dev/null @@ -1,14 +0,0 @@ ---- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/sshd.8 Tue Nov 23 18:58:38 1999 -+++ sshd.8 Sun Dec 5 22:59:58 1999 -@@ -453,8 +478,9 @@ - If the login is on a tty, records login time. - .It - Checks --.Pa /etc/nologin ; --if it exists, prints contents and quits -+.Pa /etc/nologin and -+.Pa /var/run/nologin ; -+if one exists, it prints the contents and quits - (unless root). - .It - Changes to run with normal user privileges. diff --git a/security/openssh/files/patch-as b/security/openssh/files/patch-as deleted file mode 100644 index 779f890a1493..000000000000 --- a/security/openssh/files/patch-as +++ /dev/null @@ -1,14 +0,0 @@ ---- sshpty.c.orig Sun Mar 4 02:46:30 2001 -+++ sshpty.c Sat May 26 15:21:34 2001 -@@ -14,7 +14,11 @@ - #include "includes.h" - RCSID("$OpenBSD: sshpty.c,v 1.1 2001/03/04 01:46:30 djm Exp $"); - -+#ifdef __FreeBSD__ -+#include -+#else - #include -+#endif - #include "sshpty.h" - #include "log.h" - diff --git a/security/openssh/files/patch-at b/security/openssh/files/patch-at deleted file mode 100644 index 3b0017faab5b..000000000000 --- a/security/openssh/files/patch-at +++ /dev/null @@ -1,49 +0,0 @@ ---- sshconnect.c.orig Mon Jan 21 16:13:51 2002 -+++ sshconnect.c Fri Mar 8 18:14:50 2002 -@@ -43,15 +43,21 @@ - sockaddr_ntop(struct sockaddr *sa) - { - void *addr; -+#ifdef INET6 - static char addrbuf[INET6_ADDRSTRLEN]; -+#else -+ static char addrbuf[INET_ADDRSTRLEN]; -+#endif - - switch (sa->sa_family) { - case AF_INET: - addr = &((struct sockaddr_in *)sa)->sin_addr; - break; -+#ifdef INET6 - case AF_INET6: - addr = &((struct sockaddr_in6 *)sa)->sin6_addr; - break; -+#endif - default: - /* This case should be protected against elsewhere */ - abort(); /* XXX abort is bad -- do something else */ -@@ -291,7 +297,11 @@ - /* Loop through addresses for this host, and try each one in - sequence until the connection succeeds. */ - for (ai = aitop; ai; ai = ai->ai_next) { -+#ifdef INET6 - if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) -+#else -+ if (ai->ai_family != AF_INET) -+#endif - continue; - if (getnameinfo(ai->ai_addr, ai->ai_addrlen, - ntop, sizeof(ntop), strport, sizeof(strport), -@@ -537,10 +547,12 @@ - local = (ntohl(((struct sockaddr_in *)hostaddr)-> - sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; - break; -+#ifdef INET6 - case AF_INET6: - local = IN6_IS_ADDR_LOOPBACK( - &(((struct sockaddr_in6 *)hostaddr)->sin6_addr)); - break; -+#endif - default: - local = 0; - break; diff --git a/security/openssh/files/patch-au b/security/openssh/files/patch-au deleted file mode 100644 index abb20c8ac770..000000000000 --- a/security/openssh/files/patch-au +++ /dev/null @@ -1,157 +0,0 @@ ---- session.c.orig Fri Mar 8 06:11:56 2002 -+++ session.c Fri Mar 8 06:15:32 2002 -@@ -57,6 +57,12 @@ - #include "canohost.h" - #include "session.h" - -+#ifdef __FreeBSD__ -+#include -+#include -+#include -+#endif /* __FreeBSD__ */ -+ - /* types */ - - #define TTYSZ 64 -@@ -394,6 +400,13 @@ - log_init(__progname, options.log_level, options.log_facility, log_stderr); - - /* -+ * Using login and executing a specific "command" are mutually -+ * exclusive, so turn off use_login if there's a command. -+ */ -+ if (command != NULL) -+ options.use_login = 0; -+ -+ /* - * Create a new session and process group since the 4.4BSD - * setlogin() affects the entire process group. - */ -@@ -499,6 +512,14 @@ - - /* Child. Reinitialize the log because the pid has changed. */ - log_init(__progname, options.log_level, options.log_facility, log_stderr); -+ -+ /* -+ * Using login and executing a specific "command" are mutually -+ * exclusive, so turn off use_login if there's a command. -+ */ -+ if (command != NULL) -+ options.use_login = 0; -+ - /* Close the master side of the pseudo tty. */ - close(ptyfd); - -@@ -589,6 +610,11 @@ - time_t last_login_time; - struct passwd * pw = s->pw; - pid_t pid = getpid(); -+#ifdef HAVE_LOGIN_CAP -+ FILE *f; -+ char buf[256]; -+ char *fname; -+#endif /* HAVE_LOGIN_CAP */ - - /* - * Get IP address of client. If the connection is not a socket, let -@@ -629,6 +655,21 @@ - printf("Last login: %s from %s\r\n", time_string, hostname); - } - -+#ifdef HAVE_LOGIN_CAP -+ if (!options.use_login) { -+ fname = login_getcapstr(lc, "copyright", NULL, NULL); -+ if (fname != NULL && (f = fopen(fname, "r")) != NULL) { -+ while (fgets(buf, sizeof(buf), f) != NULL) -+ fputs(buf, stdout); -+ fclose(f); -+ } else -+ (void)printf("%s\n\t%s %s\n", -+ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", -+ "The Regents of the University of California. ", -+ "All rights reserved."); -+ } -+#endif /* HAVE_LOGIN_CAP */ -+ - do_motd(); - } - -@@ -775,6 +816,10 @@ - env[0] = NULL; - - if (!options.use_login) { -+#ifdef HAVE_LOGIN_CAP -+ char *var; -+#endif /* HAVE_LOGIN_CAP */ -+ - /* Set basic environment. */ - child_set_env(&env, &envsize, "USER", pw->pw_name); - child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); -@@ -782,6 +827,12 @@ - #ifdef HAVE_LOGIN_CAP - (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH); - child_set_env(&env, &envsize, "PATH", getenv("PATH")); -+ var= login_getcapstr(lc, "lang", NULL, NULL); -+ if ( var ) child_set_env(&env, &envsize, "LANG", var); -+ var= login_getcapstr(lc, "charset", NULL, NULL); -+ if ( var ) child_set_env(&env, &envsize, "MM_CHARSET", var); -+ var= login_getcapstr(lc, "timezone", NULL, NULL); -+ if ( var ) child_set_env(&env, &envsize, "TZ", var); - #else - child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); - #endif -@@ -793,8 +844,13 @@ - /* Normal systems set SHELL by default. */ - child_set_env(&env, &envsize, "SHELL", shell); - } -+#ifdef HAVE_LOGIN_CAP -+#else /* HAVE_LOGIN_CAP */ -+ if (getenv("TZ")) -+ child_set_env(&env, &envsize, "TZ", getenv("TZ")); - if (getenv("TZ")) - child_set_env(&env, &envsize, "TZ", getenv("TZ")); -+#endif /* HAVE_LOGIN_CAP */ - - /* Set custom environment options from RSA authentication. */ - if (!options.use_login) { -@@ -1057,7 +1113,7 @@ - * initgroups, because at least on Solaris 2.3 it leaves file - * descriptors open. - */ -- for (i = 3; i < 64; i++) -+ for (i = 3; i < getdtablesize(); i++) - close(i); - - /* -@@ -1087,6 +1143,31 @@ - exit(1); - #endif - } -+ -+#ifdef __FreeBSD__ -+ if (!options.use_login) { -+ /* -+ * If the password change time is set and has passed, give the -+ * user a password expiry notice and chance to change it. -+ */ -+ if (pw->pw_change != 0) { -+ struct timeval tv; -+ -+ (void)gettimeofday(&tv, NULL); -+ if (tv.tv_sec >= pw->pw_change) { -+ (void)printf( -+ "Sorry -- your password has expired.\n"); -+ syslog(LOG_INFO, -+ "%s Password expired - forcing change", -+ pw->pw_name); -+ if (system("/usr/bin/passwd") != 0) { -+ perror("/usr/bin/passwd"); -+ exit(1); -+ } -+ } -+ } -+ } -+#endif /* __FreeBSD__ */ - - if (!options.use_login) - do_rc_files(s, shell); diff --git a/security/openssh/files/patch-auth.c b/security/openssh/files/patch-auth.c new file mode 100644 index 000000000000..446b88f8c8a3 --- /dev/null +++ b/security/openssh/files/patch-auth.c @@ -0,0 +1,97 @@ +--- auth.c.orig Fri Mar 1 14:12:10 2002 ++++ auth.c Fri Mar 8 20:57:17 2002 +@@ -25,7 +25,77 @@ + #include "includes.h" + RCSID("$OpenBSD: auth.c,v 1.35 2002/03/01 13:12:10 markus Exp $"); + ++#if defined(__FreeBSD__) && __FreeBSD__ <= 3 ++/* ++ * Copyright (c) 1997 Todd C. Miller ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. The name of the author may not be used to endorse or promote products ++ * derived from this software without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, ++ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ++ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, ++ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, ++ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; ++ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ++ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR ++ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ++ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ */ ++ ++char * ++dirname(path) ++ const char *path; ++{ ++ static char bname[MAXPATHLEN]; ++ register const char *endp; ++ ++ /* Empty or NULL string gets treated as "." */ ++ if (path == NULL || *path == '\0') { ++ (void)strcpy(bname, "."); ++ return(bname); ++ } ++ ++ /* Strip trailing slashes */ ++ endp = path + strlen(path) - 1; ++ while (endp > path && *endp == '/') ++ endp--; ++ ++ /* Find the start of the dir */ ++ while (endp > path && *endp != '/') ++ endp--; ++ ++ /* Either the dir is "/" or there are no slashes */ ++ if (endp == path) { ++ (void)strcpy(bname, *endp == '/' ? "/" : "."); ++ return(bname); ++ } else { ++ do { ++ endp--; ++ } while (endp > path && *endp == '/'); ++ } ++ ++ if (endp - path + 2 > sizeof(bname)) { ++ errno = ENAMETOOLONG; ++ return(NULL); ++ } ++ (void)strncpy(bname, path, endp - path + 1); ++ bname[endp - path + 1] = '\0'; ++ return(bname); ++} ++#else + #include ++#endif + + #include "xmalloc.h" + #include "match.h" +@@ -141,6 +211,16 @@ + } + ga_free(); + } ++#ifdef __FreeBSD__ ++ /* Fail if the account's expiration time has passed. */ ++ if (pw->pw_expire != 0) { ++ struct timeval tv; ++ ++ (void)gettimeofday(&tv, NULL); ++ if (tv.tv_sec >= pw->pw_expire) ++ return 0; ++ } ++#endif /* __FreeBSD__ */ + /* We found no reason not to let this user try to log on... */ + return 1; + } diff --git a/security/openssh/files/patch-av b/security/openssh/files/patch-av deleted file mode 100644 index 446b88f8c8a3..000000000000 --- a/security/openssh/files/patch-av +++ /dev/null @@ -1,97 +0,0 @@ ---- auth.c.orig Fri Mar 1 14:12:10 2002 -+++ auth.c Fri Mar 8 20:57:17 2002 -@@ -25,7 +25,77 @@ - #include "includes.h" - RCSID("$OpenBSD: auth.c,v 1.35 2002/03/01 13:12:10 markus Exp $"); - -+#if defined(__FreeBSD__) && __FreeBSD__ <= 3 -+/* -+ * Copyright (c) 1997 Todd C. Miller -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote products -+ * derived from this software without specific prior written permission. -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY -+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL -+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+char * -+dirname(path) -+ const char *path; -+{ -+ static char bname[MAXPATHLEN]; -+ register const char *endp; -+ -+ /* Empty or NULL string gets treated as "." */ -+ if (path == NULL || *path == '\0') { -+ (void)strcpy(bname, "."); -+ return(bname); -+ } -+ -+ /* Strip trailing slashes */ -+ endp = path + strlen(path) - 1; -+ while (endp > path && *endp == '/') -+ endp--; -+ -+ /* Find the start of the dir */ -+ while (endp > path && *endp != '/') -+ endp--; -+ -+ /* Either the dir is "/" or there are no slashes */ -+ if (endp == path) { -+ (void)strcpy(bname, *endp == '/' ? "/" : "."); -+ return(bname); -+ } else { -+ do { -+ endp--; -+ } while (endp > path && *endp == '/'); -+ } -+ -+ if (endp - path + 2 > sizeof(bname)) { -+ errno = ENAMETOOLONG; -+ return(NULL); -+ } -+ (void)strncpy(bname, path, endp - path + 1); -+ bname[endp - path + 1] = '\0'; -+ return(bname); -+} -+#else - #include -+#endif - - #include "xmalloc.h" - #include "match.h" -@@ -141,6 +211,16 @@ - } - ga_free(); - } -+#ifdef __FreeBSD__ -+ /* Fail if the account's expiration time has passed. */ -+ if (pw->pw_expire != 0) { -+ struct timeval tv; -+ -+ (void)gettimeofday(&tv, NULL); -+ if (tv.tv_sec >= pw->pw_expire) -+ return 0; -+ } -+#endif /* __FreeBSD__ */ - /* We found no reason not to let this user try to log on... */ - return 1; - } diff --git a/security/openssh/files/patch-clientloop.c b/security/openssh/files/patch-clientloop.c new file mode 100644 index 000000000000..67fc4dcb4f6b --- /dev/null +++ b/security/openssh/files/patch-clientloop.c @@ -0,0 +1,11 @@ +--- clientloop.c.orig Fri Apr 20 09:17:51 2001 ++++ clientloop.c Sat May 26 15:18:51 2001 +@@ -1131,7 +1131,7 @@ + + if (strcmp(ctype, "forwarded-tcpip") == 0) { + c = client_request_forwarded_tcpip(ctype, rchan); +- } else if (strcmp(ctype, "x11") == 0) { ++ } else if (strcmp(ctype, "x11") == 0 && options.forward_x11) { + c = client_request_x11(ctype, rchan); + } else if (strcmp(ctype, "auth-agent@openssh.com") == 0) { + c = client_request_agent(ctype, rchan); diff --git a/security/openssh/files/patch-includes.h b/security/openssh/files/patch-includes.h new file mode 100644 index 000000000000..f110376005d8 --- /dev/null +++ b/security/openssh/files/patch-includes.h @@ -0,0 +1,71 @@ +--- includes.h.orig Sat Jan 26 17:44:22 2002 ++++ includes.h Fri Mar 8 20:59:17 2002 +@@ -24,12 +24,12 @@ + #include + #include + #include +-#include + #include + #include + #include + #include + #include ++#include + + #include + #include +@@ -38,7 +38,6 @@ + #include + #include + +-#include + #include + #include + #include +@@ -62,5 +61,46 @@ + * client program. Socketpairs do not seem to work on all systems. + */ + #define USE_PIPES 1 ++ ++#if defined(__FreeBSD__) && __FreeBSD__ <= 3 ++/* ++ * Data types. ++ */ ++typedef u_char sa_family_t; ++typedef int socklen_t; ++ ++/* ++ * bsd-api-new-02a: protocol-independent placeholder for socket addresses ++ */ ++#define _SS_MAXSIZE 128 ++#define _SS_ALIGNSIZE (sizeof(int64_t)) ++#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof(u_char) * 2) ++#define _SS_PAD2SIZE (_SS_MAXSIZE - sizeof(u_char) * 2 - \ ++ _SS_PAD1SIZE - _SS_ALIGNSIZE) ++ ++struct sockaddr_storage { ++ u_char ss_len; /* address length */ ++ sa_family_t ss_family; /* address family */ ++ char __ss_pad1[_SS_PAD1SIZE]; ++ int64_t __ss_align; /* force desired structure storage alignment */ ++ char __ss_pad2[_SS_PAD2SIZE]; ++}; ++ ++/* defines for comatibility with older FreeBSD releases */ ++#ifndef SHUT_RD ++#define SHUT_RD 0 ++#endif ++#ifndef SHUT_WR ++#define SHUT_WR 1 ++#endif ++#ifndef SHUT_RDWR ++#define SHUT_RDWR 2 ++#endif ++ ++#ifndef INET_ADDRSTRLEN ++#define INET_ADDRSTRLEN 46 ++#endif ++ ++#endif + + #endif /* INCLUDES_H */ diff --git a/security/openssh/files/patch-lib-Makefile b/security/openssh/files/patch-lib-Makefile new file mode 100644 index 000000000000..f3bbcbbe37d3 --- /dev/null +++ b/security/openssh/files/patch-lib-Makefile @@ -0,0 +1,24 @@ +--- lib/Makefile.orig Tue Jun 26 19:52:41 2001 ++++ lib/Makefile Thu Nov 15 06:10:43 2001 +@@ -9,7 +9,11 @@ + rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ + key.c dispatch.c kex.c mac.c uuencode.c misc.c \ + rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \ +- scard.c ++ scard.c strlcpy.c strlcat.c ++ ++.if defined(COMPAT_GETADDRINFO) ++SRCS+= getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c ++.endif + + NOPROFILE= yes + NOPIC= yes +@@ -18,6 +22,8 @@ + @echo -n + + .include ++IGNORE_LIBSSH=yes ++.include "../Makefile.inc" + + .if (${KERBEROS:L} == "yes") + CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV diff --git a/security/openssh/files/patch-pathnames.h b/security/openssh/files/patch-pathnames.h new file mode 100644 index 000000000000..0eb763623833 --- /dev/null +++ b/security/openssh/files/patch-pathnames.h @@ -0,0 +1,20 @@ +--- pathnames.h.orig Fri Mar 8 05:51:08 2002 ++++ pathnames.h Fri Mar 8 05:52:57 2002 +@@ -12,7 +12,7 @@ + * called by a name other than "ssh" or "Secure Shell". + */ + +-#define ETCDIR "/etc" ++#define ETCDIR "__PREFIX__/etc" + #define SSHDIR ETCDIR + #define _PATH_SSH_PIDDIR "/var/run" + +@@ -37,7 +37,7 @@ + /* Backwards compatibility */ + #define _PATH_DH_PRIMES ETCDIR "/primes" + +-#define _PATH_SSH_PROGRAM "/usr/bin/ssh" ++#define _PATH_SSH_PROGRAM "__PREFIX__/bin/ssh" + + /* + * The process id of the daemon listening for connections is saved here to diff --git a/security/openssh/files/patch-scp-Makefile b/security/openssh/files/patch-scp-Makefile new file mode 100644 index 000000000000..0c181dd81cd0 --- /dev/null +++ b/security/openssh/files/patch-scp-Makefile @@ -0,0 +1,13 @@ +--- scp/Makefile.orig Thu Jun 29 14:35:46 2000 ++++ scp/Makefile Sat Nov 4 16:44:18 2000 +@@ -5,8 +5,8 @@ + + BINMODE?=555 + +-BINDIR= /usr/bin +-MAN= scp.1 ++BINDIR= /bin ++MAN1= scp.1 + + SRCS= scp.c + diff --git a/security/openssh/files/patch-session.c b/security/openssh/files/patch-session.c new file mode 100644 index 000000000000..abb20c8ac770 --- /dev/null +++ b/security/openssh/files/patch-session.c @@ -0,0 +1,157 @@ +--- session.c.orig Fri Mar 8 06:11:56 2002 ++++ session.c Fri Mar 8 06:15:32 2002 +@@ -57,6 +57,12 @@ + #include "canohost.h" + #include "session.h" + ++#ifdef __FreeBSD__ ++#include ++#include ++#include ++#endif /* __FreeBSD__ */ ++ + /* types */ + + #define TTYSZ 64 +@@ -394,6 +400,13 @@ + log_init(__progname, options.log_level, options.log_facility, log_stderr); + + /* ++ * Using login and executing a specific "command" are mutually ++ * exclusive, so turn off use_login if there's a command. ++ */ ++ if (command != NULL) ++ options.use_login = 0; ++ ++ /* + * Create a new session and process group since the 4.4BSD + * setlogin() affects the entire process group. + */ +@@ -499,6 +512,14 @@ + + /* Child. Reinitialize the log because the pid has changed. */ + log_init(__progname, options.log_level, options.log_facility, log_stderr); ++ ++ /* ++ * Using login and executing a specific "command" are mutually ++ * exclusive, so turn off use_login if there's a command. ++ */ ++ if (command != NULL) ++ options.use_login = 0; ++ + /* Close the master side of the pseudo tty. */ + close(ptyfd); + +@@ -589,6 +610,11 @@ + time_t last_login_time; + struct passwd * pw = s->pw; + pid_t pid = getpid(); ++#ifdef HAVE_LOGIN_CAP ++ FILE *f; ++ char buf[256]; ++ char *fname; ++#endif /* HAVE_LOGIN_CAP */ + + /* + * Get IP address of client. If the connection is not a socket, let +@@ -629,6 +655,21 @@ + printf("Last login: %s from %s\r\n", time_string, hostname); + } + ++#ifdef HAVE_LOGIN_CAP ++ if (!options.use_login) { ++ fname = login_getcapstr(lc, "copyright", NULL, NULL); ++ if (fname != NULL && (f = fopen(fname, "r")) != NULL) { ++ while (fgets(buf, sizeof(buf), f) != NULL) ++ fputs(buf, stdout); ++ fclose(f); ++ } else ++ (void)printf("%s\n\t%s %s\n", ++ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", ++ "The Regents of the University of California. ", ++ "All rights reserved."); ++ } ++#endif /* HAVE_LOGIN_CAP */ ++ + do_motd(); + } + +@@ -775,6 +816,10 @@ + env[0] = NULL; + + if (!options.use_login) { ++#ifdef HAVE_LOGIN_CAP ++ char *var; ++#endif /* HAVE_LOGIN_CAP */ ++ + /* Set basic environment. */ + child_set_env(&env, &envsize, "USER", pw->pw_name); + child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); +@@ -782,6 +827,12 @@ + #ifdef HAVE_LOGIN_CAP + (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH); + child_set_env(&env, &envsize, "PATH", getenv("PATH")); ++ var= login_getcapstr(lc, "lang", NULL, NULL); ++ if ( var ) child_set_env(&env, &envsize, "LANG", var); ++ var= login_getcapstr(lc, "charset", NULL, NULL); ++ if ( var ) child_set_env(&env, &envsize, "MM_CHARSET", var); ++ var= login_getcapstr(lc, "timezone", NULL, NULL); ++ if ( var ) child_set_env(&env, &envsize, "TZ", var); + #else + child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); + #endif +@@ -793,8 +844,13 @@ + /* Normal systems set SHELL by default. */ + child_set_env(&env, &envsize, "SHELL", shell); + } ++#ifdef HAVE_LOGIN_CAP ++#else /* HAVE_LOGIN_CAP */ ++ if (getenv("TZ")) ++ child_set_env(&env, &envsize, "TZ", getenv("TZ")); + if (getenv("TZ")) + child_set_env(&env, &envsize, "TZ", getenv("TZ")); ++#endif /* HAVE_LOGIN_CAP */ + + /* Set custom environment options from RSA authentication. */ + if (!options.use_login) { +@@ -1057,7 +1113,7 @@ + * initgroups, because at least on Solaris 2.3 it leaves file + * descriptors open. + */ +- for (i = 3; i < 64; i++) ++ for (i = 3; i < getdtablesize(); i++) + close(i); + + /* +@@ -1087,6 +1143,31 @@ + exit(1); + #endif + } ++ ++#ifdef __FreeBSD__ ++ if (!options.use_login) { ++ /* ++ * If the password change time is set and has passed, give the ++ * user a password expiry notice and chance to change it. ++ */ ++ if (pw->pw_change != 0) { ++ struct timeval tv; ++ ++ (void)gettimeofday(&tv, NULL); ++ if (tv.tv_sec >= pw->pw_change) { ++ (void)printf( ++ "Sorry -- your password has expired.\n"); ++ syslog(LOG_INFO, ++ "%s Password expired - forcing change", ++ pw->pw_name); ++ if (system("/usr/bin/passwd") != 0) { ++ perror("/usr/bin/passwd"); ++ exit(1); ++ } ++ } ++ } ++ } ++#endif /* __FreeBSD__ */ + + if (!options.use_login) + do_rc_files(s, shell); diff --git a/security/openssh/files/patch-ssh-Makefile b/security/openssh/files/patch-ssh-Makefile new file mode 100644 index 000000000000..6971b0cfacf1 --- /dev/null +++ b/security/openssh/files/patch-ssh-Makefile @@ -0,0 +1,40 @@ +--- ssh/Makefile.orig Tue Sep 11 00:44:47 2001 ++++ ssh/Makefile Wed Oct 3 13:54:47 2001 +@@ -7,8 +7,8 @@ + + BINMODE?=4555 + +-BINDIR= /usr/bin +-MAN= ssh.1 ++BINDIR= /bin ++MAN1= ssh.1 + LINKS= ${BINDIR}/ssh ${BINDIR}/slogin + MLINKS= ssh.1 slogin.1 + +@@ -16,6 +16,7 @@ + sshconnect.c sshconnect1.c sshconnect2.c + + .include # for AFS ++.include "../Makefile.inc" + + .if (${KERBEROS5:L} == "yes") + CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV +@@ -24,8 +25,8 @@ + .endif # KERBEROS5 + + .if (${KERBEROS:L} == "yes") +-CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV +-LDADD+= -lkrb ++CFLAGS+= -DKRB4 -I/usr/include/kerberosIV ++LDADD+= -lkrb -lcom_err + DPADD+= ${LIBKRB} + .if (${AFS:L} == "yes") + CFLAGS+= -DAFS +@@ -36,5 +37,5 @@ + + .include + +-LDADD+= -lcrypto -lz +-DPADD+= ${LIBCRYPTO} ${LIBZ} ++LDADD+= ${CRYPTOLIBS} -lcrypt -lutil -lz ++DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} diff --git a/security/openssh/files/patch-ssh-add-Makefile b/security/openssh/files/patch-ssh-add-Makefile new file mode 100644 index 000000000000..e8998f956c92 --- /dev/null +++ b/security/openssh/files/patch-ssh-add-Makefile @@ -0,0 +1,18 @@ +--- ssh-add/Makefile.orig Sun Mar 4 01:51:25 2001 ++++ ssh-add/Makefile Sat May 26 14:56:29 2001 +@@ -7,12 +7,12 @@ + + BINMODE?=555 + +-BINDIR= /usr/bin +-MAN= ssh-add.1 ++BINDIR= /bin ++MAN1= ssh-add.1 + + SRCS= ssh-add.c + + .include + +-LDADD+= -lcrypto ++LDADD+= ${CRYPTOLIBS} + DPADD+= ${LIBCRYPTO} diff --git a/security/openssh/files/patch-ssh-agent-Makefile b/security/openssh/files/patch-ssh-agent-Makefile new file mode 100644 index 000000000000..c1a75662404e --- /dev/null +++ b/security/openssh/files/patch-ssh-agent-Makefile @@ -0,0 +1,18 @@ +--- ssh-agent/Makefile.orig Sun Mar 4 01:51:25 2001 ++++ ssh-agent/Makefile Sat May 26 14:58:48 2001 +@@ -7,12 +7,12 @@ + + BINMODE?=555 + +-BINDIR= /usr/bin +-MAN= ssh-agent.1 ++BINDIR= /bin ++MAN1= ssh-agent.1 + + SRCS= ssh-agent.c + + .include + +-LDADD+= -lcrypto ++LDADD+= ${CRYPTOLIBS} + DPADD+= ${LIBCRYPTO} diff --git a/security/openssh/files/patch-ssh-keygen-Makefile b/security/openssh/files/patch-ssh-keygen-Makefile new file mode 100644 index 000000000000..1ed89ae0966e --- /dev/null +++ b/security/openssh/files/patch-ssh-keygen-Makefile @@ -0,0 +1,18 @@ +--- ssh-keygen/Makefile.orig Sun Mar 4 01:51:26 2001 ++++ ssh-keygen/Makefile Sat May 26 15:02:25 2001 +@@ -7,12 +7,12 @@ + + BINMODE?=555 + +-BINDIR= /usr/bin +-MAN= ssh-keygen.1 ++BINDIR= /bin ++MAN1= ssh-keygen.1 + + SRCS= ssh-keygen.c + + .include + +-LDADD+= -lcrypto ++LDADD+= ${CRYPTOLIBS} + DPADD+= ${LIBCRYPTO} diff --git a/security/openssh/files/patch-ssh.c b/security/openssh/files/patch-ssh.c new file mode 100644 index 000000000000..a55517683cfa --- /dev/null +++ b/security/openssh/files/patch-ssh.c @@ -0,0 +1,12 @@ +--- ssh.c.orig Tue Apr 17 14:55:04 2001 ++++ ssh.c Sat May 26 15:05:28 2001 +@@ -199,6 +199,9 @@ + log("Using rsh. WARNING: Connection will not be encrypted."); + /* Build argument list for rsh. */ + i = 0; ++#ifndef _PATH_RSH ++#define _PATH_RSH "/usr/bin/rsh" ++#endif + args[i++] = _PATH_RSH; + /* host may have to come after user on some systems */ + args[i++] = host; diff --git a/security/openssh/files/patch-sshconnect.c b/security/openssh/files/patch-sshconnect.c new file mode 100644 index 000000000000..3b0017faab5b --- /dev/null +++ b/security/openssh/files/patch-sshconnect.c @@ -0,0 +1,49 @@ +--- sshconnect.c.orig Mon Jan 21 16:13:51 2002 ++++ sshconnect.c Fri Mar 8 18:14:50 2002 +@@ -43,15 +43,21 @@ + sockaddr_ntop(struct sockaddr *sa) + { + void *addr; ++#ifdef INET6 + static char addrbuf[INET6_ADDRSTRLEN]; ++#else ++ static char addrbuf[INET_ADDRSTRLEN]; ++#endif + + switch (sa->sa_family) { + case AF_INET: + addr = &((struct sockaddr_in *)sa)->sin_addr; + break; ++#ifdef INET6 + case AF_INET6: + addr = &((struct sockaddr_in6 *)sa)->sin6_addr; + break; ++#endif + default: + /* This case should be protected against elsewhere */ + abort(); /* XXX abort is bad -- do something else */ +@@ -291,7 +297,11 @@ + /* Loop through addresses for this host, and try each one in + sequence until the connection succeeds. */ + for (ai = aitop; ai; ai = ai->ai_next) { ++#ifdef INET6 + if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) ++#else ++ if (ai->ai_family != AF_INET) ++#endif + continue; + if (getnameinfo(ai->ai_addr, ai->ai_addrlen, + ntop, sizeof(ntop), strport, sizeof(strport), +@@ -537,10 +547,12 @@ + local = (ntohl(((struct sockaddr_in *)hostaddr)-> + sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; + break; ++#ifdef INET6 + case AF_INET6: + local = IN6_IS_ADDR_LOOPBACK( + &(((struct sockaddr_in6 *)hostaddr)->sin6_addr)); + break; ++#endif + default: + local = 0; + break; diff --git a/security/openssh/files/patch-sshd-Makefile b/security/openssh/files/patch-sshd-Makefile new file mode 100644 index 000000000000..07528232bb5a --- /dev/null +++ b/security/openssh/files/patch-sshd-Makefile @@ -0,0 +1,44 @@ +--- sshd/Makefile.orig Fri Mar 8 05:54:03 2002 ++++ sshd/Makefile Fri Mar 8 06:00:30 2002 +@@ -5,8 +5,8 @@ + PROG= sshd + BINOWN= root + BINMODE=555 +-BINDIR= /usr/sbin +-MAN= sshd.8 ++BINDIR= /sbin ++MAN8= sshd.8 + CFLAGS+=-DHAVE_LOGIN_CAP + #CFLAGS+=-DBSD_AUTH + +@@ -17,9 +17,10 @@ + auth-skey.c auth-bsdauth.c + + .include # for KERBEROS and AFS ++.include "../Makefile.inc" + + .if (${KERBEROS5:L} == "yes") +-CFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/kerberosV ++CFLAGS+=-DKRB5 -I/usr/include/kerberosV + SRCS+= auth-krb5.c + LDADD+= -lkrb5 -lkafs -lasn1 -lcom_err + DPADD+= ${LIBKRB5} ${LIBKAFS} ${LIBASN1} +@@ -31,15 +32,15 @@ + LDADD+= -lkafs + DPADD+= ${LIBKRBAFS} + .endif # AFS +-CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV ++CFLAGS+= -DKRB4 -I/usr/include/kerberosIV + SRCS+= auth-krb4.c +-LDADD+= -lkrb ++LDADD+= -lkrb -lcom_err + DPADD+= ${LIBKRB} + .endif # KERBEROS + + .include + +-LDADD+= -lcrypto -lutil -lz -ldes ++LDADD+= ${CRYPTOLIBS} -lcrypt -lutil -lz + DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} + + .if (${TCP_WRAPPERS:L} == "yes") diff --git a/security/openssh/files/patch-sshd.8 b/security/openssh/files/patch-sshd.8 new file mode 100644 index 000000000000..18d5e5dd73f6 --- /dev/null +++ b/security/openssh/files/patch-sshd.8 @@ -0,0 +1,14 @@ +--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/sshd.8 Tue Nov 23 18:58:38 1999 ++++ sshd.8 Sun Dec 5 22:59:58 1999 +@@ -453,8 +478,9 @@ + If the login is on a tty, records login time. + .It + Checks +-.Pa /etc/nologin ; +-if it exists, prints contents and quits ++.Pa /etc/nologin and ++.Pa /var/run/nologin ; ++if one exists, it prints the contents and quits + (unless root). + .It + Changes to run with normal user privileges. diff --git a/security/openssh/files/patch-sshd.c b/security/openssh/files/patch-sshd.c new file mode 100644 index 000000000000..e5f14e469d89 --- /dev/null +++ b/security/openssh/files/patch-sshd.c @@ -0,0 +1,15 @@ +--- /home/bright/ssh/ssh/sshd.c Thu Aug 17 13:06:34 2000 ++++ sshd.c Fri Feb 9 11:19:08 2001 +@@ -49,6 +49,12 @@ + int deny_severity = LOG_WARNING; + #endif /* LIBWRAP */ + ++#ifdef __FreeBSD__ ++#include ++#include ++#include ++#endif /* __FreeBSD__ */ ++ + #ifndef O_NOCTTY + #define O_NOCTTY 0 + #endif diff --git a/security/openssh/files/patch-sshd_config b/security/openssh/files/patch-sshd_config new file mode 100644 index 000000000000..13df05806802 --- /dev/null +++ b/security/openssh/files/patch-sshd_config @@ -0,0 +1,23 @@ +--- sshd_config.orig Fri Mar 8 06:01:02 2002 ++++ sshd_config Fri Mar 8 06:03:06 2002 +@@ -30,8 +30,10 @@ + + # Authentication: + +-#LoginGraceTime 600 +-#PermitRootLogin yes ++#LoginGraceTime 300 ++LoginGraceTime 600 ++#PermitRootLogin no ++PermitRootLogin yes + #StrictModes yes + + #RSAAuthentication yes +@@ -76,6 +78,7 @@ + #PrintLastLog yes + #KeepAlive yes + #UseLogin no ++UseLogin yes + + #MaxStartups 10 + # no default banner path diff --git a/security/openssh/files/patch-sshlogin.c b/security/openssh/files/patch-sshlogin.c new file mode 100644 index 000000000000..91b4d3f1ebdd --- /dev/null +++ b/security/openssh/files/patch-sshlogin.c @@ -0,0 +1,14 @@ +--- sshlogin.c.orig Sat Mar 24 17:43:27 2001 ++++ sshlogin.c Sat May 26 14:42:30 2001 +@@ -41,7 +41,11 @@ + #include "includes.h" + RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $"); + ++#ifdef __FreeBSD__ ++#include ++#else + #include ++#endif /* __FreeBSD__ */ + #include + #include "sshlogin.h" + #include "log.h" diff --git a/security/openssh/files/patch-sshpty.c b/security/openssh/files/patch-sshpty.c new file mode 100644 index 000000000000..779f890a1493 --- /dev/null +++ b/security/openssh/files/patch-sshpty.c @@ -0,0 +1,14 @@ +--- sshpty.c.orig Sun Mar 4 02:46:30 2001 ++++ sshpty.c Sat May 26 15:21:34 2001 +@@ -14,7 +14,11 @@ + #include "includes.h" + RCSID("$OpenBSD: sshpty.c,v 1.1 2001/03/04 01:46:30 djm Exp $"); + ++#ifdef __FreeBSD__ ++#include ++#else + #include ++#endif + #include "sshpty.h" + #include "log.h" + -- cgit v1.2.3