[pkgsrc/trunk]: pkgsrc/security/openssh+gssapi Apply security patch for OpenS...

[jwise <jwise%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/3d6347fd9385
branches:  trunk
changeset: 461473:3d6347fd9385
user:      jwise <jwise%pkgsrc.org@localhost>
date:      Tue Sep 16 18:15:26 2003 +0000

description:
Apply security patch for OpenSSH-3.6.1p2 recently released by openssh team.

PKGREVISION bump, and BROKEN= removed.

While there, fix Solaris short pkg name.

diffstat:

 security/openssh+gssapi/Makefile         |   7 +++----
 security/openssh+gssapi/distinfo         |   3 ++-
 security/openssh+gssapi/patches/patch-ai |  28 ++++++++++++++++++++++++++++
 3 files changed, 33 insertions(+), 5 deletions(-)

diffs (67 lines):

diff -r 263d4d2f1946 -r 3d6347fd9385 security/openssh+gssapi/Makefile
--- a/security/openssh+gssapi/Makefile  Tue Sep 16 17:21:36 2003 +0000
+++ b/security/openssh+gssapi/Makefile  Tue Sep 16 18:15:26 2003 +0000
@@ -1,14 +1,13 @@
-# $NetBSD: Makefile,v 1.7 2003/09/16 14:05:47 jwise Exp $
+# $NetBSD: Makefile,v 1.8 2003/09/16 18:15:26 jwise Exp $
 
 # NOTE:  This package is modeled on ../openssh, but does not share
 # files with it as that package may update faster than the gssapi
 # patches do.
 
-BROKEN=                        OpenSSH 3.6.1p2 contains a buffer overflow, and updated version of patch is not yet available.
-
 DISTNAME=              openssh-3.6.1p2
 PKGNAME=               openssh+gssapi-3.6.1.2.20030430
-SVR4_PKGNAME=          ossh
+PKGREVISION=           1
+SVR4_PKGNAME=          osshgss
 CATEGORIES=            security
 MASTER_SITES=          ftp://ftp7.usa.openbsd.org/pub/os/OpenBSD/OpenSSH/portable/ \
                        ftp://ftp.stealth.net/pub/mirrors/ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
diff -r 263d4d2f1946 -r 3d6347fd9385 security/openssh+gssapi/distinfo
--- a/security/openssh+gssapi/distinfo  Tue Sep 16 17:21:36 2003 +0000
+++ b/security/openssh+gssapi/distinfo  Tue Sep 16 18:15:26 2003 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $
+$NetBSD: distinfo,v 1.2 2003/09/16 18:15:27 jwise Exp $
 
 SHA1 (openssh-3.6.1p2.tar.gz) = dafe5b6ee2c8ced12c2ee8961530b4e51c2f0bcf
 Size (openssh-3.6.1p2.tar.gz) = 879629 bytes
@@ -7,3 +7,4 @@
 SHA1 (patch-aa) = 20abe6938aba07ab7b6c7eab5d24a303f0cd2298
 SHA1 (patch-ab) = 1069fe256b7925fcf404781ef14e5c492f52c21e
 SHA1 (patch-ah) = 9913c868bde5d318915b1dee2c05dcf454a0f506
+SHA1 (patch-ai) = 863ddd5f85a8b436912605314cc2f7b8bfde5ec4
diff -r 263d4d2f1946 -r 3d6347fd9385 security/openssh+gssapi/patches/patch-ai
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/patches/patch-ai  Tue Sep 16 18:15:26 2003 +0000
@@ -0,0 +1,28 @@
+--- buffer.c.orig      2003-09-16 13:45:48.000000000 -0400
++++ buffer.c   2003-09-16 13:50:49.000000000 -0400
+@@ -69,6 +69,7 @@
+ void *
+ buffer_append_space(Buffer *buffer, u_int len)
+ {
++      u_int newlen;
+       void *p;
+ 
+       if (len > 0x100000)
+@@ -98,11 +99,13 @@
+               goto restart;
+       }
+       /* Increase the size of the buffer and retry. */
+-      buffer->alloc += len + 32768;
+-      if (buffer->alloc > 0xa00000)
++
++      newlen = buffer->alloc + len + 32768;
++      if (newlen > 0xa00000)
+               fatal("buffer_append_space: alloc %u not supported",
+-                  buffer->alloc);
+-      buffer->buf = xrealloc(buffer->buf, buffer->alloc);
++                      newlen);
++      buffer->buf = xrealloc(buffer->buf, newlen);
++      buffer->alloc = newlen;
+       goto restart;
+       /* NOTREACHED */
+ }