From 002a77a68f5cd89fce887734fcbb341a5a09e832 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@FreeBSD.org>
Date: Tue, 24 Mar 2015 02:23:30 +0000
Subject: Restore lost changes to patch-src-parser-attack_scanner.l

PR:		197854
---
 security/sshguard/Makefile                           |  2 +-
 .../sshguard/files/patch-src-parser-attack_scanner.l | 20 +++++++++++++++++++-
 2 files changed, 20 insertions(+), 2 deletions(-)

(limited to 'security/sshguard')

diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile
index 178dd885042f..06098e7daebd 100644
--- a/security/sshguard/Makefile
+++ b/security/sshguard/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	sshguard
 PORTVERSION=	1.5
-PORTREVISION=	11
+PORTREVISION=	12
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/sshguard-${PORTVERSION}
 
diff --git a/security/sshguard/files/patch-src-parser-attack_scanner.l b/security/sshguard/files/patch-src-parser-attack_scanner.l
index 3c90ec17ef8f..939dff3582f2 100644
--- a/security/sshguard/files/patch-src-parser-attack_scanner.l
+++ b/security/sshguard/files/patch-src-parser-attack_scanner.l
@@ -1,4 +1,4 @@
---- src/parser/attack_scanner.l.orig	2015-03-24 02:08:55 UTC
+--- src/parser/attack_scanner.l.orig	2015-03-24 02:18:57 UTC
 +++ src/parser/attack_scanner.l
 @@ -78,6 +78,7 @@ MINPS       [0-5][0-9]
  WORD        [a-zA-Z0-9][-_a-zA-Z0-9]+
@@ -24,3 +24,21 @@
  
   /* syslog style  "last message repeated N times" */
  "last message repeated "([1-9][0-9]*)" times"                   {
+@@ -127,7 +128,7 @@ IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0
+ 
+ 
+  /* SSH: invalid or rejected user (cross platform [generated by openssh]) */
+-"Invalid user ".+" from "                         { return SSH_INVALUSERPREF; }
++[Ii]"nvalid user ".+" from "                         { return SSH_INVALUSERPREF; }
+  /* match disallowed user (not in AllowUsers/AllowGroups or in DenyUsers/DenyGroups) on Linux Ubuntu/FreeBSD */
+  /* "User tinydns from 1.2.3.4 not allowed because not listed in AllowUsers" */
+ "User ".+" from "                                               { BEGIN(ssh_notallowed); return SSH_NOTALLOWEDPREF; }
+@@ -175,7 +176,7 @@ IPV4MAPPED6 ((:(:0{1,4}){0,4}|0{1,4}:(:0
+ 
+  /* cyrus-imap login error */
+ "badlogin: "[^\[]*"["                                           { BEGIN(cyrusimap_loginerr); return CYRUSIMAP_SASL_LOGINERR_PREF; }
+-<cyrusimap_loginerr>"] ".*"SASL".*"checkpass failed"            { BEGIN(INITIAL); return CYRUSIMAP_SASL_LOGINERR_SUFF; }
++<cyrusimap_loginerr>"] ".*"SASL".*"failed".?$                   { BEGIN(INITIAL); return CYRUSIMAP_SASL_LOGINERR_SUFF; }
+ 
+  /* FreeBSD's ftpd login errors */
+ "FTP LOGIN FAILED FROM "                                        { BEGIN(freebsdftpd_loginerr); return FREEBSDFTPD_LOGINERR_PREF; }
-- 
cgit v1.2.3