Subject: pkg/15358: SUBMISSION: new pkgsrc module for security/ssh2-3.1.0
To: None <gnats-bugs@gnats.netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: netbsd-bugs
Date: 01/24/2002 21:57:16
>Number: 15358
>Category: pkg
>Synopsis: SUBMISSION: new pkgsrc module for security/ssh2-3.1.0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Thu Jan 24 18:58:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Greg A. Woods
>Release: 2002/01/24
>Organization:
Planix, Inc.; Toronto, Ontario; Canada
>Environment:
System: NetBSD 1.5W, 1.3.3, and 1.32
Architecture: i386 & sparc
>Description:
Enclosed is a pkgsrc module for SSH-v2 release 3.1.0. I call it
ssh2-3.1.0 because it's for protocol v.2, and is release 3.1.0.
It is derrived from an earlier port I did of the FreeBSD
security/ssh2 "port".
It works with autoconf-2.52 and automake-1.4-p5, but has not
been tested with the older autoconf still commonly used by
pkgsrc (though it should still work with it).
It has been successfully tested on 1.5W/sparc, 1.5W/i386,
1.3.3/i386, and 1.3.2/sparc. It has been successfully tested as
a binary package on 1.5W/i386.
It seems to interoperate fine with SSH-1.2.17 (using the 3.1.0
client only), OpenSSH-2.9p2 and 3.0.2p1 (client and server), as
well as SecureCRT version 3.3 (using the 3.1.0 server only).
Sorry about the concatenated patch, but I'm maintaining the
diffs with CVS and I'm not going to manually diff a whole bunch
of files individually just to satisfy some arbitrary style
guideline that makes little sense.
>How-To-Repeat:
>Fix:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# DESCR
# Makefile
# PLIST
# DESCR
# files/
# files/md5
# files/patch-sum
# files/sshd2.sh
# patches/
# patches/patch-one
#
echo x - DESCR
sed 's/^X//' >DESCR << 'END-of-DESCR'
XSSH Protocols and Secure Shell
X
XSecure Shell is a program to log into another computer over a network,
Xto execute commands in a remote machine, and to move files from one
Xmachine to another. It provides strong authentication and secure
Xcommunications over insecure channels. It is intended as a replacement
Xfor rlogin, rsh, rcp, and rdist. Optionally SSH will compress the data
Xit transfers. Tunneling of arbitrary TCP connections is possible,
Xincluding for X11 and FTP (with temprary forwarding for the FTP data
Xchannels).
X
XWWW: http://www.ssh.com/
END-of-DESCR
echo x - Makefile
sed 's/^X//' >Makefile << 'END-of-Makefile'
X# $NetBSD$
X# FreeBSD Id: ports/security/ssh2/Makefile,v 1.102 2001/02/17 01:40:35 obrien Exp
X
XDISTNAME= ssh-3.1.0
XPKGNAME= ssh2-3.1.0 # it's protocol-v.2, release 3.1.0
XCATEGORIES= security
XMASTER_SITES= ftp://ftp.ssh.com/pub/ssh/ \
X ftp://sunsite.unc.edu/pub/packages/security/ssh/
X
XMAINTAINER= packages@netbsd.org
XHOMEPAGE= http://www.ssh.com/
XCOMMENT= Secure Shell client and server w/support for V.2 SSH protocol
X
XCONFLICTS= openssh-[0-9]* ssh6-[0-9]* ssh-[0-9]* ssh2-2.[0-9]*
X
XCRYPTO= YES
XLICENSE= no-commercial-use
X
XBUILD_DEPENDS+= automake>=1.4.5:../../devel/automake
XBUILD_DEPENDS+= autoconf>=2.52:../../devel/autoconf
X
XUSE_GMAKE= YES
XGNU_CONFIGURE= YES
X
X# this will allow internal client compatability by default
XCONFIGURE_ARGS+= --without-ssh-agent1-compat --without-ssh1-compat
X
X# we have no PAM, we want no PAM, PAM is evil and ugly.
XCONFIGURE_ARRG+= --without-daemonpam --without-clientpam
X
X# this is necessary to support anonymous sftp, and other chrooted users
X# and of course it's a damn good idea for every program run by root anyway....
XCONFIGURE_ARGS+= --enable-static
X
XPKG_SYSCONFSUBDIR?= ssh2
X
X.include "../../mk/bsd.prefs.mk"
X
X# yes, this really should include the subdirectory name....
XCONFIGURE_ARGS+= --with-etcdir=${PKG_SYSCONFDIR}
XCONFIGURE_ARGS+= --includedir=${PREFIX}/include/ssh2
X
X.if ${OPSYS} == "NetBSD"
XCONFIGURE_ARGS+= --with-libwrap
X.endif
X
X.if ${OPSYS} == "SunOS"
XDEPENDS+= zlib-*:../../devel/zlib
XCONFIGURE_ENV+= X_CFLAGS="-I${LOCALBASE}/include"
X.endif
X
XCONFIGURE_ARGS+= --with-x
X
X# Include support for the SecureID card
X# Warning: untested !
X.if defined(USE_SECUREID) && ${USE_SECUREID} == YES
XCONFIGURE_ARGS+= --with-clientsecureid --with-serversecurid
X.endif
X
X# XXX KERBEROS 5 SUPPORT BROKEN WITH HEIMDAL, and still EXPERIMENTAL in ssh2
X#.if defined(KERBEROS) && ${KERBEROS} == 5
X#USE_KERBEROS= yes
X#CONFIGURE_ARGS+=--with-kerberos5=/usr
X#.else
X#CONFIGURE_ARGS+=--without-kerberos5
X#.endif
X
XPLIST_SUBST+= INSTALL="${INSTALL}" \
X ROOT_GROUP="${ROOT_GROUP}" \
X PKG_SYSCONFDIR="${PKG_SYSCONFDIR}"
X
X# XXX we should be adding these to ${PLIST} ourselves....
X#
XPKGDOCS= BUG.REPORT CHANGES FAQ HOWTO.anonymous.sftp INSTALL LICENSE \
X README REGEX-SYNTAX SSH2.QUICKSTART
X
XPKGCONFIGS= ssh2_config sshd2_config ssh_dummy_shell.out
X
XEGDIR= ${PREFIX}/share/examples/ssh2
X
Xpre-configure:
X cd ${WRKSRC} && ${LOCALBASE}/bin/autoreconf --force
X
Xpost-build:
X @-rm -f ${WRKDIR}/sshd2.rc
X ${SED} -e 's+@PREFIX@+${PREFIX}+' \
X -e 's+@PKG_SYSCONFDIR@+${PKG_SYSCONFDIR}+' \
X ${FILESDIR}/sshd2.sh > ${WRKDIR}/sshd2.rc
X ${CHMOD} 555 ${WRKDIR}/sshd2.rc
X
X.if target(reinstall)
X# XXX hopefully this happens last
XINSTALL_TARGET+= clean-up-old
X.endif
X
X# XXX The handling of sample configs is also done as @exec's in PLIST,
X# but should really be in a proper INSTALL script, if for no other
X# reason than so we don't have to maintain to slightly different
X# copies of the procedure.
X#
Xpost-install:
X -${MKDIR} ${PREFIX}/share/doc/ssh2
X.for i in ${PKGDOCS}
X ${INSTALL_DATA} ${WRKSRC}/$i ${PREFIX}/share/doc/ssh2
X.endfor
X ${INSTALL_SCRIPT} -m 555 ${WRKDIR}/sshd2.rc ${PREFIX}/etc/rc.d/sshd2
X @if [ ! -d ${PKG_SYSCONFDIR} ]; then \
X echo "Creating directory ${PKG_SYSCONFDIR} for ssh config files.." ; \
X mkdir -p ${PKG_SYSCONFDIR}; \
X fi
X.for i in ${PKGCONFIGS}
X @if [ ! -f ${PKG_SYSCONFDIR}/$i ]; then \
X echo "Installing example $i in ${PKG_SYSCONFDIR}..." ; \
X ${INSTALL} -c -o root -g ${ROOT_GROUP} -m 0644 ${EGDIR}/$i ${PKG_SYSCONFDIR} ; \
X fi
X.endfor
X @if [ ! -f ${PKG_SYSCONFDIR}/hostkey ]; then \
X ${PREFIX}/bin/ssh-keygen2 -P -b 1024 -t dsa -c "1024-bit dsa hostkey" ${PKG_SYSCONFDIR}/hostkey ; \
X fi
X
X.include "../../mk/x11.buildlink.mk"
X.include "../../mk/bsd.pkg.mk"
END-of-Makefile
echo x - PLIST
sed 's/^X//' >PLIST << 'END-of-PLIST'
X@comment $NetBSD$
X@comment bin files next, in order installed
Xbin/ssh2
Xbin/scp2
Xbin/sftp2
Xbin/ssh-agent2
Xbin/ssh-keygen2
Xbin/ssh-add2
Xbin/ssh-signer2
Xbin/ssh-probe2
Xbin/ssh-askpass2
Xbin/ssh-dummy-shell.static
Xbin/sftp-server2.static
Xbin/sftp-server2
Xbin/ssh-dummy-shell
Xbin/ssh-pubkeymgr
Xbin/ssh-chrootmgr
X@comment bin symlinks next
Xbin/ssh
Xbin/slogin
Xbin/ssh-agent
Xbin/ssh-add
Xbin/ssh-askpass
Xbin/ssh-keygen
Xbin/scp
Xbin/sftp
Xbin/sftp-server
Xbin/ssh-signer
Xbin/ssh-probe
X@comment etc stuff....
Xetc/rc.d/sshd2
X@comment include files next
Xinclude/ssh2/bufzip.h
Xinclude/ssh2/libmonitor.h
Xinclude/ssh2/namelist.h
Xinclude/ssh2/sigchld.h
Xinclude/ssh2/ssh1encode.h
Xinclude/ssh2/ssh2pubkeyencode.h
Xinclude/ssh2/sshadt.h
Xinclude/ssh2/sshadt_array.h
Xinclude/ssh2/sshadt_assoc.h
Xinclude/ssh2/sshadt_avltree.h
Xinclude/ssh2/sshadt_bag.h
Xinclude/ssh2/sshadt_conv.h
Xinclude/ssh2/sshadt_impls.h
Xinclude/ssh2/sshadt_intmap.h
Xinclude/ssh2/sshadt_list.h
Xinclude/ssh2/sshadt_map.h
Xinclude/ssh2/sshadt_priority_heap.h
Xinclude/ssh2/sshadt_priority_queue.h
Xinclude/ssh2/sshadt_ranges.h
Xinclude/ssh2/sshadt_shortcuts.h
Xinclude/ssh2/sshadt_strmap.h
Xinclude/ssh2/sshadt_structs.h
Xinclude/ssh2/sshadt_xmap.h
Xinclude/ssh2/sshasn1.h
Xinclude/ssh2/sshasn1i.h
Xinclude/ssh2/sshbase16.h
Xinclude/ssh2/sshbase64.h
Xinclude/ssh2/sshber.h
Xinclude/ssh2/sshbitvector.h
Xinclude/ssh2/sshbprintf.h
Xinclude/ssh2/sshbufaux.h
Xinclude/ssh2/sshbuffer.h
Xinclude/ssh2/sshcipherlist.h
Xinclude/ssh2/sshcondition.h
Xinclude/ssh2/sshcrc32.h
Xinclude/ssh2/sshcrypt.h
Xinclude/ssh2/sshcstack.h
Xinclude/ssh2/sshdebug.h
Xinclude/ssh2/sshdecay.h
Xinclude/ssh2/sshdirectory.h
Xinclude/ssh2/sshdistdefs.h
Xinclude/ssh2/sshdlex.h
Xinclude/ssh2/sshdlib.h
Xinclude/ssh2/sshdllist.h
Xinclude/ssh2/sshdsprintf.h
Xinclude/ssh2/ssheloop.h
Xinclude/ssh2/sshencode.h
Xinclude/ssh2/sshenum.h
Xinclude/ssh2/sshfastalloc.h
Xinclude/ssh2/sshfdstream.h
Xinclude/ssh2/sshfilebuffer.h
Xinclude/ssh2/sshfileio.h
Xinclude/ssh2/sshfilelock.h
Xinclude/ssh2/sshfilexfer.h
Xinclude/ssh2/sshfilterstream.h
Xinclude/ssh2/sshfingerprint.h
Xinclude/ssh2/sshfsm.h
Xinclude/ssh2/sshfsm_internal.h
Xinclude/ssh2/sshfsmstreams.h
Xinclude/ssh2/sshgenmp.h
Xinclude/ssh2/sshgenutils.h
Xinclude/ssh2/sshgetopt.h
Xinclude/ssh2/sshgetput.h
Xinclude/ssh2/sshhostkey.h
Xinclude/ssh2/sshincludes.h
Xinclude/ssh2/sshincludes_unix.h
Xinclude/ssh2/sshinet.h
Xinclude/ssh2/sshinetencode.h
Xinclude/ssh2/sshkeyblob1.h
Xinclude/ssh2/sshkeyblob2.h
Xinclude/ssh2/sshkeyfile.h
Xinclude/ssh2/sshlocalstream.h
Xinclude/ssh2/sshmalloc.h
Xinclude/ssh2/sshmalloc_i.h
Xinclude/ssh2/sshmapping.h
Xinclude/ssh2/sshmatch.h
Xinclude/ssh2/sshmempool.h
Xinclude/ssh2/sshmempoolgen.h
Xinclude/ssh2/sshmiscstring.h
Xinclude/ssh2/sshmp-2adic.h
Xinclude/ssh2/sshmp-arithmetic.h
Xinclude/ssh2/sshmp-compat.h
Xinclude/ssh2/sshmp-convabs.h
Xinclude/ssh2/sshmp-integer.h
Xinclude/ssh2/sshmp-intmod.h
Xinclude/ssh2/sshmp-kernel.h
Xinclude/ssh2/sshmp-montgomery.h
Xinclude/ssh2/sshmp-powm.h
Xinclude/ssh2/sshmp-types.h
Xinclude/ssh2/sshmp.h
Xinclude/ssh2/sshmutex.h
Xinclude/ssh2/sshobstack.h
Xinclude/ssh2/ssholdfsm.h
Xinclude/ssh2/ssholdfsmstreams.h
Xinclude/ssh2/ssholdfsmstreams_states.h
Xinclude/ssh2/sshoperation.h
Xinclude/ssh2/sshpacketstream.h
Xinclude/ssh2/sshpgp.h
Xinclude/ssh2/sshproxykey.h
Xinclude/ssh2/sshprvkey.h
Xinclude/ssh2/sshpubkey.h
Xinclude/ssh2/sshrand.h
Xinclude/ssh2/sshreadline.h
Xinclude/ssh2/sshrefcnt.h
Xinclude/ssh2/sshregex.h
Xinclude/ssh2/sshregression.h
Xinclude/ssh2/sshrgf.h
Xinclude/ssh2/sshrotate.h
Xinclude/ssh2/sshsessionincludes.h
Xinclude/ssh2/sshsia.h
Xinclude/ssh2/sshsieve.h
Xinclude/ssh2/sshsignals.h
Xinclude/ssh2/sshsnlist.h
Xinclude/ssh2/sshsnprintf.h
Xinclude/ssh2/sshsocks.h
Xinclude/ssh2/sshstream.h
Xinclude/ssh2/sshstreampair.h
Xinclude/ssh2/sshstrmapping.h
Xinclude/ssh2/sshtcp.h
Xinclude/ssh2/sshthread.h
Xinclude/ssh2/sshthreadedmbox.h
Xinclude/ssh2/sshthreadpool.h
Xinclude/ssh2/sshticks.h
Xinclude/ssh2/sshtime.h
Xinclude/ssh2/sshtimemeasure.h
Xinclude/ssh2/sshtimeouts.h
Xinclude/ssh2/sshtty.h
Xinclude/ssh2/sshttymodes.h
Xinclude/ssh2/sshudp.h
Xinclude/ssh2/sshunixpipestream.h
Xinclude/ssh2/sshunixptystream.h
Xinclude/ssh2/sshurl.h
Xinclude/ssh2/sshuser.h
Xinclude/ssh2/sshuserfile.h
Xinclude/ssh2/sshuserfilebuf.h
Xinclude/ssh2/sshutf8.h
Xinclude/ssh2/sshzlibrename.h
Xinclude/ssh2/zconf.h
Xinclude/ssh2/zlib.h
X@comment sbin binaries next
Xsbin/sshd2
Xsbin/sshd-check-conf
X@comment sbin symlinks next
Xsbin/sshd
X@comment post-install docs
Xshare/doc/ssh2/BUG.REPORT
Xshare/doc/ssh2/CHANGES
Xshare/doc/ssh2/FAQ
Xshare/doc/ssh2/HOWTO.anonymous.sftp
Xshare/doc/ssh2/INSTALL
Xshare/doc/ssh2/LICENSE
Xshare/doc/ssh2/README
Xshare/doc/ssh2/REGEX-SYNTAX
Xshare/doc/ssh2/SSH2.QUICKSTART
X@comment example config files
Xshare/examples/ssh2/ssh2_config
Xshare/examples/ssh2/ssh_dummy_shell.out
Xshare/examples/ssh2/sshd2_config
X@comment manual pages
Xshare/man/man1/ssh2.1
Xshare/man/man1/ssh-keygen2.1
Xshare/man/man1/ssh-add2.1
Xshare/man/man1/ssh-agent2.1
Xshare/man/man1/scp2.1
Xshare/man/man1/sftp2.1
Xshare/man/man1/sshregex.1
Xshare/man/man1/ssh-probe2.1
Xshare/man/man1/ssh-dummy-shell.1
Xshare/man/man1/ssh-pubkeymgr.1
Xshare/man/man1/ssh-chrootmgr.1
Xshare/man/man5/ssh2_config.5
Xshare/man/man5/sshd-check-conf.5
Xshare/man/man5/sshd2_config.5
Xshare/man/man8/sshd2.8
X@comment share/man/man1 symlinks next
Xshare/man/man1/ssh.1
Xshare/man/man1/slogin.1
Xshare/man/man1/ssh-add.1
Xshare/man/man1/ssh-agent.1
Xshare/man/man1/ssh-keygen.1
Xshare/man/man1/scp.1
Xshare/man/man1/sftp.1
Xshare/man/man1/ssh-probe.1
X@comment share/man/man8 symlinks next
Xshare/man/man8/sshd.8
X@comment initial config procedures
X@comment XXX these @exec statements should be in an INSTALL script....
X@exec if [ ! -d ${PKG_SYSCONFDIR} ]; then echo "Creating directory ${PKG_SYSCONFDIR} for ssh config files.." ; mkdir -p ${PKG_SYSCONFDIR}; fi
X@exec if [ ! -f ${PKG_SYSCONFDIR}/ssh2_config ]; then echo "Installing example ssh2_config in ${PKG_SYSCONFDIR}.." ; ${INSTALL} -c -o root -g ${ROOT_GROUP} -m 0644 %D/share/examples/ssh2/ssh2_config ${PKG_SYSCONFDIR}; fi
X@exec if [ ! -f ${PKG_SYSCONFDIR}/sshd2_config ]; then echo "Installing example sshd2_config in ${PKG_SYSCONFDIR}.." ; ${INSTALL} -c -o root -g ${ROOT_GROUP} -m 0644 %D/share/examples/ssh2/sshd2_config ${PKG_SYSCONFDIR}; fi
X@exec if [ ! -f ${PKG_SYSCONFDIR}/ssh_dummy_shell.out ]; then echo "Installing example ssh_dummy_shell.out in ${PKG_SYSCONFDIR}.." ; ${INSTALL} -c -o root -g ${ROOT_GROUP} -m 0644 %D/share/examples/ssh2/ssh_dummy_shell.out ${PKG_SYSCONFDIR}; fi
X@exec if [ ! -f ${PKG_SYSCONFDIR}/hostkey ]; then echo "Generating a secret host key in ${PKG_SYSCONFDIR}.." ; %D/bin/ssh-keygen2 -P -b 1024 -t dsa -c "1024-bit dsa hostkey" ${PKG_SYSCONFDIR}/hostkey; fi
X@comment cleanup stuff:
X@dirrm share/doc/ssh2
X@dirrm share/examples/ssh2
END-of-PLIST
echo x - DESCR
sed 's/^X//' >DESCR << 'END-of-DESCR'
XSSH Protocols and Secure Shell
X
XSecure Shell is a program to log into another computer over a network,
Xto execute commands in a remote machine, and to move files from one
Xmachine to another. It provides strong authentication and secure
Xcommunications over insecure channels. It is intended as a replacement
Xfor rlogin, rsh, rcp, and rdist. Optionally SSH will compress the data
Xit transfers. Tunneling of arbitrary TCP connections is possible,
Xincluding for X11 and FTP (with temprary forwarding for the FTP data
Xchannels).
X
XWWW: http://www.ssh.com/
END-of-DESCR
echo c - files/
mkdir -p files/ > /dev/null 2>&1
echo x - files/md5
sed 's/^X//' >files/md5 << 'END-of-files/md5'
X$NetBSD$
X
XMD5 (ssh-2.4.0.tar.gz) = 5dd7b36334baf08afa5c637875f59d4a
END-of-files/md5
echo x - files/patch-sum
sed 's/^X//' >files/patch-sum << 'END-of-files/patch-sum'
X$NetBSD$
X
XMD5 (patch-one) = b537f6d65f1ff21752ea3468a3369fff
END-of-files/patch-sum
echo x - files/sshd2.sh
sed 's/^X//' >files/sshd2.sh << 'END-of-files/sshd2.sh'
X#! /bin/sh
X#
X# $NetBSD$
X#
X
X# PROVIDE: sshd
X# REQUIRE: LOGIN
X
X. /etc/rc.subr
X
Xname="sshd2"
Xrcvar=$name
Xcommand="@PREFIX@/sbin/${name}"
Xrequired_files="@PKG_SYSCONFDIR@/${name}_config"
XPORT=$(grep Port ${required_files} | awk '{ x = $2 } END {print x}' -)
Xpidfile="/var/run/${name}_${PORT}.pid"
Xextra_commands="keygen reload"
X
X
Xsshd_keygen2()
X{
X if [ -f @PKG_SYSCONFDIR@/hostkey ]; then
X echo "You already have a DSA host key in @PKG_SYSCONFDIR@/hostkey"
X echo "Skipping DSA Key Generation"
X else
X umask 022
X @PREFIX@/bin/ssh-keygen2 -P -b 1024 -t dsa -c "1024-bit dsa hostkey" @PKG_SYSCONFDIR@/hostkey
X fi
X
X}
X
Xsshd_precmd2()
X{
X if [ ! -f @PKG_SYSCONFDIR@/hostkey ]; then
X sshd_keygen2
X fi
X}
X
X# in 1.5 or newer we could just do:
X#
X#load_rc_config $name
X
X. /etc/rc.conf
Xif [ -f /etc/rc.conf.d/${name} ]; then
X . /etc/rc.conf.d/${name}
Xfi
Xif [ -f @PREFIX@/etc/rc.conf.d/${name} ]; then
X . @PREFIX@/etc/rc.conf.d/${name}
Xfi
X
X# in 1.5 or newer we could just do:
X#
X#run_rc_command "$1"
X
Xif ! checkyesno $rcvar; then
X echo "\$${rcvar} is not set."
X exit 1
Xfi
X
Xcase "$1" in
Xstart)
X echo -n " "
X sshd_precmd2
X ${command}
X ;;
Xstop)
X if [ -f ${pidfile} ]; then
X echo -n " ${name}"
X pid=$(head -1 ${pidfile})
X kill -15 $pid
X else
X echo -n " ${name} is not running."
X fi
X ;;
Xrestart)
X $0 stop
X $0 start
X ;;
Xreload)
X if [ -f ${pidfile} ]; then
X echo -n " ${name}"
X pid=$(head -1 ${pidfile})
X kill -1 $pid
X else
X echo -n " ${name} is not running."
X fi
X ;;
Xstatus)
X if [ -f ${pidfile} ]; then
X pid=$(head -1 ${pidfile})
X echo "${name} is running as PID ${pid}."
X else
X echo "${name} is not running."
X fi
X ;;
X*)
X echo "Usage: $0 {start|stop|restart|status}" 1>&2
X exit 1
Xesac
X
Xexit 0
END-of-files/sshd2.sh
echo c - patches/
mkdir -p patches/ > /dev/null 2>&1
echo x - patches/patch-one
sed 's/^X//' >patches/patch-one << 'END-of-patches/patch-one'
XIndex: configure.in
X===================================================================
XRCS file: /cvs/misc/ssh3/configure.in,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 configure.in
X*** configure.in 17 Jan 2002 20:15:31 -0000 1.1.1.2
X***************
X*** 9,15 ****
X #
X
X AC_INIT(lib/sshutil/sshcore/sshbuffer.c)
X! AC_PREREQ(2.10)
X
X # Check that all files in MANIFEST exist (if MANIFEST exists, of course :-)
X if test -f $srcdir/MANIFEST
X--- 9,15 ----
X #
X
X AC_INIT(lib/sshutil/sshcore/sshbuffer.c)
X! AC_PREREQ(2.52)
X
X # Check that all files in MANIFEST exist (if MANIFEST exists, of course :-)
X if test -f $srcdir/MANIFEST
X***************
X*** 57,79 ****
X fi
X fi
X
X- # Compilation environment requires autoconf to be at least 2.13
X- if test "x$AUTOCONF" = "xautoconf"
X- then
X- # this should match any 2.2* (2.3* etc..) and 2.1x where x >= 3.
X- if ($AUTOCONF --version | egrep 'Autoconf version.* [[23456789]]\.([[23456789]]|1[[3456789]])') 2>/dev/null >/dev/null
X- then
X- else
X- dnl
X- dnl
X- dnl
X- AC_MSG_WARN(autoconf is not (at least) version 2.13, not using autoconf)
X- AUTOCONF="$missing_dir/missing autoconf"
X- dnl
X- fi
X- fi
X-
X # XXX temporarily force no optimization unless explicitly requested to
X # ease debugging.
X if test '!' -n "$CFLAGS"; then
X--- 57,62 ----
X***************
X*** 387,393 ****
X
X AC_C_CONST
X AC_C_INLINE
X! AC_SSH_BIGENDIAN
X
X if test -z "$no_termios"; then
X AC_CHECK_HEADERS(termios.h)
X--- 370,376 ----
X
X AC_C_CONST
X AC_C_INLINE
X! AC_C_BIGENDIAN
X
X if test -z "$no_termios"; then
X AC_CHECK_HEADERS(termios.h)
X***************
X*** 724,730 ****
X AC_CHECK_LIB(socket, socket)
X fi
X
X! AC_CHECK_FUNCS(strchr memcpy gethostname gettimeofday ctime signal)
X AC_CHECK_FUNCS(getservbyname getservbyport)
X AC_CHECK_FUNCS(popen lockf getrusage uname)
X AC_CHECK_FUNCS(getpid getppid getuid getgid getpgrp)
X--- 707,713 ----
X AC_CHECK_LIB(socket, socket)
X fi
X
X! AC_CHECK_FUNCS(strchr memcpy gethostname getdomainname gettimeofday ctime signal)
X AC_CHECK_FUNCS(getservbyname getservbyport)
X AC_CHECK_FUNCS(popen lockf getrusage uname)
X AC_CHECK_FUNCS(getpid getppid getuid getgid getpgrp)
X***************
X*** 1458,1464 ****
X AC_CHECK_LIB(sec, getspnam,,[AC_CHECK_LIB(gen, getspnam)])
X AC_CHECK_LIB(seq, get_process_stats)
X
X! AC_CHECK_FUNCS(getspnam daemon setspent)
X
X # check for minor
X AC_CHECK_FUNCS(minor)
X--- 1441,1447 ----
X AC_CHECK_LIB(sec, getspnam,,[AC_CHECK_LIB(gen, getspnam)])
X AC_CHECK_LIB(seq, get_process_stats)
X
X! AC_CHECK_FUNCS(getspnam login_getuserclass login_getuser daemon setspent)
X
X # check for minor
X AC_CHECK_FUNCS(minor)
X***************
X*** 2591,2618 ****
X
X # Check ssh1 compatibility
X
X! MSG_SSH1_FALLBACK_CAPABILITY="yes"
X! AC_PATH_PROG(SSH1_PATH, ssh1, no-ssh1)
X! AC_MSG_CHECKING(for compatible ssh1)
X! if test "$SSH1_PATH" = "no-ssh1"; then
X! AC_MSG_RESULT(no ssh1 installed- COMPATIBILITY DISABLED)
X! MSG_SSH1_FALLBACK_CAPABILITY="no"
X else
X! AC_MSG_RESULT(yes)
X! AC_DEFINE(SSH1_COMPATIBILITY)
X! SSHD1_PATH=`echo $SSH1_PATH | sed 's@/bin/ssh1$@/sbin/sshd1@'`
X! SCP1_PATH=`echo $SSH1_PATH | sed 's@/bin/ssh1$@/bin/scp1@'`
X! AC_DEFINE_UNQUOTED(SSH1_PATH, "$SSH1_PATH")
X! AC_DEFINE_UNQUOTED(SSHD1_PATH, "$SSHD1_PATH")
X! AC_DEFINE_UNQUOTED(SCP1_PATH, "$SCP1_PATH")
X fi
X
X dnl
X MSG_SSH1_INTERNAL_EMULATION="yes"
X! AC_MSG_CHECKING(whether to include internal ssh1 compatibility)
X AC_ARG_WITH(internal-ssh1-compat,
X [ --without-internal-ssh1-compat
X! Leave out internal ssh1 compatibility.],
X [ case "$withval" in
X no)
X AC_MSG_RESULT(no)
X--- 2574,2619 ----
X
X # Check ssh1 compatibility
X
X! SSH1_COMPAT=
X! AC_MSG_CHECKING(whether to enable SSH1 compatability)
X! AC_ARG_WITH(ssh1-compat,
X! [ --with-ssh1-compat Include ssh1 compatibility. (default if ssh1 installed)
X! --without-ssh1-compat Leave out ssh1 compatibility.],
X! [ case "$withval" in
X! no)
X! ;;
X! *)
X! SSH1_COMPAT="yes"
X! ;;
X! esac ],[SSH1_COMPAT="yes"])
X!
X! if test "X$SSH1_COMPAT" = "Xyes"; then
X! MSG_SSH1_FALLBACK_CAPABILITY="yes"
X! AC_PATH_PROG(SSH1_PATH, ssh1, no-ssh1)
X! AC_MSG_CHECKING(for compatible ssh1)
X! if test "$SSH1_PATH" = "no-ssh1"; then
X! AC_MSG_RESULT(no ssh1 installed- COMPATIBILITY DISABLED)
X! MSG_SSH1_FALLBACK_CAPABILITY="no"
X! else
X! AC_MSG_RESULT(yes)
X! AC_DEFINE(SSH1_COMPATIBILITY)
X! SSHD1_PATH=`echo $SSH1_PATH | sed 's@/bin/ssh1$@/sbin/sshd1@'`
X! SCP1_PATH=`echo $SSH1_PATH | sed 's@/bin/ssh1$@/bin/scp1@'`
X! AC_DEFINE_UNQUOTED(SSH1_PATH, "$SSH1_PATH")
X! AC_DEFINE_UNQUOTED(SSHD1_PATH, "$SSHD1_PATH")
X! AC_DEFINE_UNQUOTED(SCP1_PATH, "$SCP1_PATH")
X! fi
X else
X! AC_MSG_RESULT(no)
X! MSG_SSH1_FALLBACK_CAPABILITY="no"
X fi
X
X dnl
X MSG_SSH1_INTERNAL_EMULATION="yes"
X! AC_MSG_CHECKING(whether to include internal ssh1 (client-only) compatibility)
X AC_ARG_WITH(internal-ssh1-compat,
X [ --without-internal-ssh1-compat
X! Leave out internal ssh1 (client-only) compatibility.],
X [ case "$withval" in
X no)
X AC_MSG_RESULT(no)
XIndex: apps/ssh/Makefile.am
X===================================================================
XRCS file: /cvs/misc/ssh3/apps/ssh/Makefile.am,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 Makefile.am
X*** apps/ssh/Makefile.am 17 Jan 2002 20:15:55 -0000 1.1.1.2
X***************
X*** 554,559 ****
X--- 554,560 ----
X includes:
X
X make-install-dirs:
X+ -if test '!' -d $(DESTDIR)$(datadir)/examples/ssh2; then mkdir -p $(DESTDIR)$(datadir)/examples/ssh2; fi
X -if test '!' -d $(DESTDIR)$(etcdir); then mkdir -p $(DESTDIR)$(etcdir); fi
X -if test '!' -d $(DESTDIR)$(known_hosts_dir); then mkdir -p $(DESTDIR)$(known_hosts_dir); fi
X -if test '!' -d $(DESTDIR)$(host_keys_dir); then mkdir -p $(DESTDIR)$(host_keys_dir); fi
X***************
X*** 568,573 ****
X--- 569,575 ----
X
X install-symlinks:
X -mv -f $(DESTDIR)$(bindir)/ssh $(DESTDIR)$(bindir)/ssh.old
X+ -mv -f $(DESTDIR)$(bindir)/slogin $(DESTDIR)$(bindir)/slogin.old
X -mv -f $(DESTDIR)$(bindir)/ssh-agent $(DESTDIR)$(bindir)/ssh-agent.old
X -mv -f $(DESTDIR)$(bindir)/ssh-add $(DESTDIR)$(bindir)/ssh-add.old
X -mv -f $(DESTDIR)$(bindir)/ssh-askpass $(DESTDIR)$(bindir)/ssh-askpass.old
X***************
X*** 577,584 ****
X -mv -f $(DESTDIR)$(bindir)/sftp-server $(DESTDIR)$(bindir)/sftp-server.old
X -mv -f $(DESTDIR)$(bindir)/ssh-signer $(DESTDIR)$(bindir)/ssh-signer.old
X -mv -f $(DESTDIR)$(bindir)/ssh-probe $(DESTDIR)$(bindir)/ssh-probe.old
X-
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh2 ssh)
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-agent2 ssh-agent)
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-add2 ssh-add)
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-askpass2 ssh-askpass)
X--- 579,586 ----
X -mv -f $(DESTDIR)$(bindir)/sftp-server $(DESTDIR)$(bindir)/sftp-server.old
X -mv -f $(DESTDIR)$(bindir)/ssh-signer $(DESTDIR)$(bindir)/ssh-signer.old
X -mv -f $(DESTDIR)$(bindir)/ssh-probe $(DESTDIR)$(bindir)/ssh-probe.old
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh2 ssh)
X+ (cd $(DESTDIR)$(bindir) && $(LN_S) ssh2 slogin)
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-agent2 ssh-agent)
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-add2 ssh-add)
X (cd $(DESTDIR)$(bindir) && $(LN_S) ssh-askpass2 ssh-askpass)
X***************
X*** 591,596 ****
X--- 593,599 ----
X -mv -f $(DESTDIR)$(sbindir)/sshd $(DESTDIR)$(sbindir)/sshd.old
X (cd $(DESTDIR)$(sbindir) && $(LN_S) sshd2 sshd)
X -mv -f $(DESTDIR)$(mandir)/man1/ssh.1 $(DESTDIR)$(mandir)/man1/ssh.old.1
X+ -mv -f $(DESTDIR)$(mandir)/man1/slogin.1 $(DESTDIR)$(mandir)/man1/slogin.old.1
X -mv -f $(DESTDIR)$(mandir)/man1/ssh-add.1 $(DESTDIR)$(mandir)/man1/ssh-add.old.1
X -mv -f $(DESTDIR)$(mandir)/man1/ssh-agent.1 $(DESTDIR)$(mandir)/man1/ssh-agent.old.1
X -mv -f $(DESTDIR)$(mandir)/man1/ssh-keygen.1 $(DESTDIR)$(mandir)/man1/ssh-keygen.old.1
X***************
X*** 598,603 ****
X--- 601,607 ----
X -mv -f $(DESTDIR)$(mandir)/man1/sftp.1 $(DESTDIR)$(mandir)/man1/sftp.old.1
X -mv -f $(DESTDIR)$(mandir)/man1/ssh-probe.1 $(DESTDIR)$(mandir)/man1/ssh-probe.old.1
X (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh2.1 ssh.1)
X+ (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh2.1 slogin.1)
X (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-add2.1 ssh-add.1)
X (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-agent2.1 ssh-agent.1)
X (cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-keygen2.1 ssh-keygen.1)
X***************
X*** 608,620 ****
X (cd $(DESTDIR)$(mandir)/man8 && $(LN_S) sshd2.8 sshd.8)
X
X clean-up-old:
X! -rm -f $(DESTDIR)$(bindir)/ssh.old $(DESTDIR)$(bindir)/ssh-agent.old \
X $(DESTDIR)$(bindir)/ssh-add.old $(DESTDIR)$(bindir)/ssh-askpass.old \
X $(DESTDIR)$(bindir)/ssh-keygen.old $(DESTDIR)$(bindir)/scp.old \
X $(DESTDIR)$(bindir)/sftp.old $(DESTDIR)$(bindir)/sftp-server.old \
X $(DESTDIR)$(bindir)/ssh-signer.old $(DESTDIR)$(bindir)/ssh-probe.old \
X $(sbindir)/sshd.old
X! -rm -f $(DESTDIR)$(mandir)/man1/ssh-add.old.1 $(DESTDIR)$(mandir)/man1/ssh.old.1 \
X $(DESTDIR)$(mandir)/man1/ssh-agent.old.1 $(DESTDIR)$(mandir)/man1/ssh-keygen.old.1 \
X $(DESTDIR)$(mandir)/man1/scp.old.1 $(DESTDIR)$(mandir)/man1/sftp.old.1 \
X $(DESTDIR)$(mandir)/man8/sshd.old.8
X--- 612,624 ----
X (cd $(DESTDIR)$(mandir)/man8 && $(LN_S) sshd2.8 sshd.8)
X
X clean-up-old:
X! -rm -f $(DESTDIR)$(bindir)/ssh.old $(DESTDIR)$(bindir)/slogin.old $(DESTDIR)$(bindir)/ssh-agent.old \
X $(DESTDIR)$(bindir)/ssh-add.old $(DESTDIR)$(bindir)/ssh-askpass.old \
X $(DESTDIR)$(bindir)/ssh-keygen.old $(DESTDIR)$(bindir)/scp.old \
X $(DESTDIR)$(bindir)/sftp.old $(DESTDIR)$(bindir)/sftp-server.old \
X $(DESTDIR)$(bindir)/ssh-signer.old $(DESTDIR)$(bindir)/ssh-probe.old \
X $(sbindir)/sshd.old
X! -rm -f $(DESTDIR)$(mandir)/man1/ssh-add.old.1 $(DESTDIR)$(mandir)/man1/ssh.old.1 $(DESTDIR)$(mandir)/man1/slogin.old.1 \
X $(DESTDIR)$(mandir)/man1/ssh-agent.old.1 $(DESTDIR)$(mandir)/man1/ssh-keygen.old.1 \
X $(DESTDIR)$(mandir)/man1/scp.old.1 $(DESTDIR)$(mandir)/man1/sftp.old.1 \
X $(DESTDIR)$(mandir)/man8/sshd.old.8
X***************
X*** 624,638 ****
X chmod $(SSH_SIGNER_INSTALL_MODE) $(DESTDIR)$(bindir)/ssh-signer2
X
X install-data-hook: make-install-dirs generate-host-key install-symlinks
X! -@if test '!' -f $(DESTDIR)$(etcdir)/sshd2_config ; then \
X! echo Installing $(DESTDIR)$(etcdir)/sshd2_config ; \
X! $(INSTALL_DATA) $(srcdir)/sshd2_config $(DESTDIR)$(etcdir)/sshd2_config ; \
X! fi
X! -@if test '!' -f $(DESTDIR)$(etcdir)/ssh2_config ; then \
X! echo Installing $(DESTDIR)$(etcdir)/ssh2_config ; \
X! $(INSTALL_DATA) $(srcdir)/ssh2_config $(DESTDIR)$(etcdir)/ssh2_config ; \
X! fi
X! -@if test '!' -f $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; then \
X! echo Installing $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; \
X! $(INSTALL_DATA) $(srcdir)/ssh_dummy_shell.out $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; \
X! fi
X--- 628,633 ----
X chmod $(SSH_SIGNER_INSTALL_MODE) $(DESTDIR)$(bindir)/ssh-signer2
X
X install-data-hook: make-install-dirs generate-host-key install-symlinks
X! $(INSTALL_DATA) $(srcdir)/sshd2_config $(DESTDIR)$(datadir)/examples/ssh2/sshd2_config
X! $(INSTALL_DATA) $(srcdir)/ssh2_config $(DESTDIR)$(datadir)/examples/ssh2/ssh2_config
X! $(INSTALL_DATA) $(srcdir)/ssh_dummy_shell.out $(DESTDIR)$(datadir)/examples/ssh2/ssh_dummy_shell.out
XIndex: apps/ssh/ssh2.c
X===================================================================
XRCS file: /cvs/misc/ssh3/apps/ssh/ssh2.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 ssh2.c
X*** apps/ssh/ssh2.c 17 Jan 2002 20:15:55 -0000 1.1.1.2
X***************
X*** 344,350 ****
X {
X SshClientData data = (SshClientData)context;
X
X! fprintf(stderr, "Received signal %d. (no core)\r\n", sig);
X if (data && data->client && data->client->rl)
X {
X ssh_readline_eloop_unitialize(data->client->rl);
X--- 344,351 ----
X {
X SshClientData data = (SshClientData)context;
X
X! if (sig != SIGPIPE)
X! fprintf(stderr, "Received signal %d. (no core)\r\n", sig);
X if (data && data->client && data->client->rl)
X {
X ssh_readline_eloop_unitialize(data->client->rl);
X***************
X*** 353,359 ****
X
X ssh_leave_non_blocking(-1);
X ssh_leave_raw_mode(-1);
X! exit(255);
X }
X
X void sigpipe_nonfatal_cb(int sig, void *context)
X--- 354,360 ----
X
X ssh_leave_non_blocking(-1);
X ssh_leave_raw_mode(-1);
X! exit(sig == SIGPIPE ? 0 : 255);
X }
X
X void sigpipe_nonfatal_cb(int sig, void *context)
X***************
X*** 681,687 ****
X else
X {
X if (isatty(fileno(stdout)) && data->config->auth_success_msg)
X! ssh_informational("Authentication successful.\r\n");
X
X
X /* If we are requested to go to background, do it now. */
X--- 682,688 ----
X else
X {
X if (isatty(fileno(stdout)) && data->config->auth_success_msg)
X! ssh_debug("Authentication successful.\r\n");
X
X
X /* If we are requested to go to background, do it now. */
X***************
X*** 1056,1062 ****
X INFO("SSH is a registered trademark and Secure Shell is a trademark of\n"
X "SSH Communications Security Corp (www.ssh.com).\n");
X
X! INFO("All rights reserved. See LICENSE file for usage and distribution "
X "terms.\n");
X
X
X--- 1057,1063 ----
X INFO("SSH is a registered trademark and Secure Shell is a trademark of\n"
X "SSH Communications Security Corp (www.ssh.com).\n");
X
X! INFO("All rights reserved. See LICENSE file for distribution "
X "terms.\n");
X
X
XIndex: apps/ssh/sshchx11.c
X===================================================================
XRCS file: /cvs/misc/ssh3/apps/ssh/sshchx11.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshchx11.c
X*** apps/ssh/sshchx11.c 17 Jan 2002 20:16:12 -0000 1.1.1.2
X***************
X*** 509,515 ****
X size_t len)
X {
X int display_number;
X! char buf[512], hostname[257];
X struct stat st;
X SshChannelX11Session session;
X SshChannelTypeX11 ct;
X--- 509,515 ----
X size_t len)
X {
X int display_number;
X! char buf[512], hostname[MAXHOSTNAMELEN+1];
X struct stat st;
X SshChannelX11Session session;
X SshChannelTypeX11 ct;
X***************
X*** 598,609 ****
X appears to be enabled if the host name matches that of the local machine.
X However, it can be circumvented by using the IP address of the local
X machine instead. */
X! if (gethostname(buf, sizeof(buf)) < 0)
X ssh_fatal("gethostname: %s", strerror(errno));
X {
X struct hostent *hp;
X struct in_addr addr;
X! hp = gethostbyname(buf);
X if (hp == NULL || !hp->h_addr_list[0])
X {
X ssh_warning("Could not get server IP address for %.200s.", buf);
X--- 598,609 ----
X appears to be enabled if the host name matches that of the local machine.
X However, it can be circumvented by using the IP address of the local
X machine instead. */
X! if (gethostname(buf, sizeof(buf)) < 0) /* XXX bogus! */
X ssh_fatal("gethostname: %s", strerror(errno));
X {
X struct hostent *hp;
X struct in_addr addr;
X! hp = gethostbyname(buf); /* XXX bogus! */
X if (hp == NULL || !hp->h_addr_list[0])
X {
X ssh_warning("Could not get server IP address for %.200s.", buf);
XIndex: apps/ssh/sshconfig.c
X===================================================================
XRCS file: /cvs/misc/ssh3/apps/ssh/sshconfig.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshconfig.c
X*** apps/ssh/sshconfig.c 17 Jan 2002 20:16:11 -0000 1.1.1.2
X***************
X*** 481,487 ****
X O_RDONLY, 0755)) != NULL)
X {
X SshBuffer buf;
X! char linebuf[1024];
X
X buf = ssh_xbuffer_allocate();
X
X--- 481,487 ----
X O_RDONLY, 0755)) != NULL)
X {
X SshBuffer buf;
X! char linebuf[8192]; /* XXX this is stupid */
X
X buf = ssh_xbuffer_allocate();
X
XIndex: apps/ssh/sshd2_config
X===================================================================
XRCS file: /cvs/misc/ssh3/apps/ssh/sshd2_config,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshd2_config
X*** apps/ssh/sshd2_config 17 Jan 2002 20:16:14 -0000 1.1.1.2
X***************
X*** 10,15 ****
X--- 10,16 ----
X
X # VerboseMode no
X # QuietMode yes
X+ QuietMode no
X # ForcePTTYAllocation no
X # SyslogFacility AUTH
X # SyslogFacility LOCAL7
X***************
X*** 63,70 ****
X
X ## User public key authentication
X
X! # HostKeyFile hostkey
X! # PublicHostKeyFile hostkey.pub
X # RandomSeedFile random_seed
X # IdentityFile identification
X # AuthorizationFile authorization
X--- 64,71 ----
X
X ## User public key authentication
X
X! HostKeyFile hostkey
X! PublicHostKeyFile hostkey.pub
X # RandomSeedFile random_seed
X # IdentityFile identification
X # AuthorizationFile authorization
X***************
X*** 81,97 ****
X # DenyTcpForwardingForGroups coming_from_outside
X
X
X! ## Authentication
X! ## Hostbased and PAM are not enabled by default.
X
X # BannerMessageFile /etc/ssh2/ssh_banner_message
X # BannerMessageFile /etc/issue.net
X! # PasswordGuesses 3
X! # AllowedAuthentications hostbased,publickey,password
X # AllowedAuthentications publickey,pam-1@ssh.com
X # AllowedAuthentications publickey,password
X # RequiredAuthentications publickey,password
X! # HostbasedAuthForceClientHostnameDNSMatch no
X # SshPAMClientPath ssh-pam-client
X
X ## Host restrictions
X--- 82,107 ----
X # DenyTcpForwardingForGroups coming_from_outside
X
X
X! ## Note BannerMessageFile doesn't work well with older OpenSSH-2.x
X
X # BannerMessageFile /etc/ssh2/ssh_banner_message
X # BannerMessageFile /etc/issue.net
X! # BannerMessageFile /etc/issue
X!
X! ## Authentication
X! ##
X! ## Hostbased auth is enabled by default since public keys add little
X! ## additional security. You have to implicitly trust the remote
X! ## client host anyway.
X! ##
X! ## PAM is not enabled by default.
X!
X! PasswordGuesses 3
X! AllowedAuthentications hostbased,publickey,password
X # AllowedAuthentications publickey,pam-1@ssh.com
X # AllowedAuthentications publickey,password
X # RequiredAuthentications publickey,password
X! HostbasedAuthForceClientHostnameDNSMatch yes
X # SshPAMClientPath ssh-pam-client
X
X ## Host restrictions
X***************
X*** 145,150 ****
X--- 155,161 ----
X # DenyGroups guest
X # PermitRootLogin nopwd
X # PermitRootLogin yes
X+ PermitRootLogin no
X
X ## SSH1 compatibility
X
XIndex: apps/ssh/sshstdiofilter.c
X===================================================================
XRCS file: /cvs/misc/ssh3/apps/ssh/sshstdiofilter.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshstdiofilter.c
X*** apps/ssh/sshstdiofilter.c 17 Jan 2002 20:16:11 -0000 1.1.1.2
X***************
X*** 300,306 ****
X
X #endif /* SSHDIST_SSH2_INTERNAL_SSH1_EMULATION */
X
X! ssh_tcp_get_host_name(local_host_name, MAXHOSTNAMELEN);
X
X if (client->config->host_to_connect)
X fprintf(stderr, "remote host: %s\n", client->config->host_to_connect);
X--- 300,306 ----
X
X #endif /* SSHDIST_SSH2_INTERNAL_SSH1_EMULATION */
X
X! ssh_tcp_get_host_name(local_host_name, sizeof(local_host_name));
X
X if (client->config->host_to_connect)
X fprintf(stderr, "remote host: %s\n", client->config->host_to_connect);
XIndex: lib/sshapputil/sshuserfile.c
X===================================================================
XRCS file: /cvs/misc/ssh3/lib/sshapputil/sshuserfile.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshuserfile.c
X*** lib/sshapputil/sshuserfile.c 17 Jan 2002 20:15:49 -0000 1.1.1.2
X***************
X*** 339,347 ****
X #include <rpc/rpc.h>
X #endif /* SECURE_RPC */
X
X! #if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
X #include <login_cap.h>
X! #endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */
X
X #ifdef HAVE_GRP_H
X #include <grp.h>
X--- 339,347 ----
X #include <rpc/rpc.h>
X #endif /* SECURE_RPC */
X
X! #if defined(HAVE_LOGIN_CAP_H)
X #include <login_cap.h>
X! #endif /* HAVE_LOGIN_CAP_H */
X
X #ifdef HAVE_GRP_H
X #include <grp.h>
X***************
X*** 907,920 ****
X
X if (uid != geteuid() || uid != getuid())
X {
X! #if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
X struct passwd * pw = getpwuid(uid);
X login_cap_t * lc = login_getuserclass(pw);
X if (setusercontext(lc, pw, uid,
X LOGIN_SETALL & ~(LOGIN_SETLOGIN | LOGIN_SETPATH |
X LOGIN_SETENV)) < 0)
X ssh_fatal("setusercontext: %s", strerror(errno));
X! #else /* ! (__FreeBSD && HAVE_LOGIN_CAP_H) */
X if (setgid(gid) < 0)
X ssh_fatal("setgid: %s", strerror(errno));
X
X--- 907,925 ----
X
X if (uid != geteuid() || uid != getuid())
X {
X! #if defined(HAVE_LOGIN_CAP_H) && (defined(HAVE_LOGIN_GETUSERCLASS) || defined(HAVE_LOGIN_GETUSER))
X struct passwd * pw = getpwuid(uid);
X+ # ifdef HAVE_LOGIN_GETUSERCLASS
X login_cap_t * lc = login_getuserclass(pw);
X+ # endif
X+ # ifdef HAVE_LOGIN_GETUSER
X+ login_cap_t * lc = login_getuser(pw);
X+ # endif
X if (setusercontext(lc, pw, uid,
X LOGIN_SETALL & ~(LOGIN_SETLOGIN | LOGIN_SETPATH |
X LOGIN_SETENV)) < 0)
X ssh_fatal("setusercontext: %s", strerror(errno));
X! #else /* ! (HAVE_LOGIN_CAP_H) */
X if (setgid(gid) < 0)
X ssh_fatal("setgid: %s", strerror(errno));
X
XIndex: lib/sshsession/pty-bsd.c
X===================================================================
XRCS file: /cvs/misc/ssh3/lib/sshsession/pty-bsd.c,v
Xretrieving revision 1.1.1.1
Xdiff -c -r1.1.1.1 pty-bsd.c
X*** lib/sshsession/pty-bsd.c 17 Aug 2001 18:46:51 -0000 1.1.1.1
X***************
X*** 27,35 ****
X--- 27,40 ----
X const char *ptymajors = "pqrsPQRS";
X const char *ptyminors = "0123456789abcdefghijklmnopqrstuv";
X #else
X+ # ifdef __NetBSD__
X+ const char *ptymajors = "pqrstuwxyzPQRST";
X+ const char *ptyminors = "0123456789abcdef";
X+ # else
X const char *ptymajors =
X "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
X const char *ptyminors = "0123456789abcdef";
X+ # endif
X #endif
X int num_minors = strlen(ptyminors);
X int num_ptys = strlen(ptymajors) * num_minors;
XIndex: lib/sshsession/sshunixuser.c
X===================================================================
XRCS file: /cvs/misc/ssh3/lib/sshsession/sshunixuser.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshunixuser.c
X*** lib/sshsession/sshunixuser.c 17 Jan 2002 20:15:50 -0000 1.1.1.2
X***************
X*** 1812,1817 ****
X--- 1812,1826 ----
X }
X
X endgrent();
X+
X+ /* groups array is assumed to end in a NULL pointer, so make sure we have
X+ room for it... */
X+ if (count >= allocated)
X+ {
X+ allocated += 1;
X+ groups = ssh_xrealloc(groups,
X+ allocated*sizeof(SshGroup));
X+ }
X groups[count] = NULL;
X uc->groups = groups;
X #else /* HAVE_GETGRENT */
X***************
X*** 1821,1826 ****
X--- 1830,1836 ----
X uc->groups[0] = ssh_xcalloc(1, sizeof(struct SshGroupRec));
X uc->groups[0]->gid = ssh_user_gid(uc);
X uc->groups[0]->name = ssh_xstrdup(ssh_group_name(uc));
X+ uc->groups[1] = NULL; /* not strictly necessary due to ssh_xcalloc() */
X #endif /* HAVE_GETGRENT */
X }
X return uc->groups;
XIndex: lib/sshutil/sshcore/strerror.c
X===================================================================
XRCS file: /cvs/misc/ssh3/lib/sshutil/sshcore/strerror.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 strerror.c
X*** lib/sshutil/sshcore/strerror.c 17 Jan 2002 20:15:43 -0000 1.1.1.2
X***************
X*** 45,50 ****
X--- 45,51 ----
X */
X
X #ifndef VXWORKS
X+ # ifndef HAVE_STRERROR
X #include <stdio.h>
X #include <errno.h>
X
X***************
X*** 58,61 ****
X--- 59,63 ----
X else
X return "Bad error code";
X }
X+ # endif
X #endif /* VXWORKS */
XIndex: lib/sshutil/sshnet/sshunixtcp.c
X===================================================================
XRCS file: /cvs/misc/ssh3/lib/sshutil/sshnet/sshunixtcp.c,v
Xretrieving revision 1.1.1.2
Xdiff -c -r1.1.1.2 sshunixtcp.c
X*** lib/sshutil/sshnet/sshunixtcp.c 17 Jan 2002 20:15:41 -0000 1.1.1.2
X***************
X*** 1035,1040 ****
X--- 1035,1043 ----
X #if !defined(HAVE_GETHOSTNAME) && defined(HAVE_UNAME)
X struct utsname uts;
X #endif
X+ #ifdef HAVE_GETDOMAINNAME
X+ size_t curlen;
X+ #endif
X
X #ifdef HAVE_GETHOSTNAME
X if (gethostname(buf, buflen) < 0)
X***************
X*** 1042,1047 ****
X--- 1045,1066 ----
X ssh_debug("gethostname failed, buflen %u, errno %d", buflen, errno);
X strncpy(buf, "UNKNOWN", buflen);
X }
X+ # ifdef HAVE_GETDOMAINNAME
X+ curlen = strlen(buf);
X+ if (! strchr(buf, '.') && curlen < (MAXHOSTNAMELEN - 2))
X+ {
X+ strcat(buf, ".");
X+ if (getdomainname(buf + curlen + 1, buflen - curlen - 1) < 0)
X+ {
X+ ssh_debug("getdomainname failed, buflen %u: %s", buflen - curlen - 1, strerror(errno));
X+ }
X+ /* if domain name already started with a period, shift it back one */
X+ if (*(buf + curlen + 1) == '.')
X+ {
X+ strcpy(buf + curlen + 1, buf + curlen + 2);
X+ }
X+ }
X+ # endif /* HAVE_GETDOMAINNAME */
X #else /* HAVE_GETHOSTNAME */
X # ifdef HAVE_UNAME
X if (uname(&uts) < 0)
END-of-patches/patch-one
exit
>Release-Note:
>Audit-Trail:
>Unformatted: