pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/dropbear update to 0.48.1
details: https://anonhg.NetBSD.org/pkgsrc/rev/f1d7db4c73f9
branches: trunk
changeset: 509808:f1d7db4c73f9
user: drochner <drochner%pkgsrc.org@localhost>
date: Tue Mar 14 20:03:43 2006 +0000
description:
update to 0.48.1
changes:
-a security fix which was already in pkgsrc (0.46nb1)
-bugfixes
-zlib compression for dbclient
-Set "low delay" TOS bit
-client keyboard-interactive mode support
-logging improvements
-Added aes-256 cipher and sha1-96 hmac
-allow connections to listening forwarded ports from remote machines
diffstat:
security/dropbear/Makefile | 6 ++----
security/dropbear/distinfo | 14 ++++++--------
security/dropbear/patches/patch-ab | 12 ++++++------
security/dropbear/patches/patch-ac | 35 ++++++++++++-----------------------
security/dropbear/patches/patch-ad | 15 ---------------
security/dropbear/patches/patch-ae | 16 ----------------
6 files changed, 26 insertions(+), 72 deletions(-)
diffs (151 lines):
diff -r 470a2ae42fcf -r f1d7db4c73f9 security/dropbear/Makefile
--- a/security/dropbear/Makefile Tue Mar 14 19:50:42 2006 +0000
+++ b/security/dropbear/Makefile Tue Mar 14 20:03:43 2006 +0000
@@ -1,10 +1,8 @@
-# $NetBSD: Makefile,v 1.17 2006/03/04 21:30:33 jlam Exp $
+# $NetBSD: Makefile,v 1.18 2006/03/14 20:03:43 drochner Exp $
-DISTNAME= dropbear-0.46
-PKGREVISION= 2
+DISTNAME= dropbear-0.48.1
CATEGORIES= security
MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/
-EXTRACT_SUFX= .tar.bz2
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
HOMEPAGE= http://matt.ucc.asn.au/dropbear/dropbear.html
diff -r 470a2ae42fcf -r f1d7db4c73f9 security/dropbear/distinfo
--- a/security/dropbear/distinfo Tue Mar 14 19:50:42 2006 +0000
+++ b/security/dropbear/distinfo Tue Mar 14 20:03:43 2006 +0000
@@ -1,10 +1,8 @@
-$NetBSD: distinfo,v 1.11 2006/01/19 23:53:54 joerg Exp $
+$NetBSD: distinfo,v 1.12 2006/03/14 20:03:43 drochner Exp $
-SHA1 (dropbear-0.46.tar.bz2) = 2b6d2083ec0294fde55c75e4080c06637cbcf833
-RMD160 (dropbear-0.46.tar.bz2) = f7c61b021705362f55209bc0f383d0bf3336841e
-Size (dropbear-0.46.tar.bz2) = 1413918 bytes
+SHA1 (dropbear-0.48.1.tar.gz) = 4dd349b5e3c1aa1b627c52a27f17f5eb7e85c146
+RMD160 (dropbear-0.48.1.tar.gz) = 055740e5978f91ca34d318e6a6f8052d182e8d7c
+Size (dropbear-0.48.1.tar.gz) = 1473114 bytes
SHA1 (patch-aa) = 3246fce39551e97f0b9ecd3397479ea2f3e22abd
-SHA1 (patch-ab) = 7096feb1f8cc7372410f2e94d7961190a6974fad
-SHA1 (patch-ac) = 5a8bc0ccaba26fcf497de554a5c3a9478203adb1
-SHA1 (patch-ad) = 4dd93da76596411dadb731e85208c07baf707d03
-SHA1 (patch-ae) = 9300c096cd498a1628bef960bdaccda4345c9a3c
+SHA1 (patch-ab) = bca3abf2505852e4a25505e505afcf2cb52aa823
+SHA1 (patch-ac) = 69b1349bb47ad6a6ae02096f1ebde87a1461dd9b
diff -r 470a2ae42fcf -r f1d7db4c73f9 security/dropbear/patches/patch-ab
--- a/security/dropbear/patches/patch-ab Tue Mar 14 19:50:42 2006 +0000
+++ b/security/dropbear/patches/patch-ab Tue Mar 14 20:03:43 2006 +0000
@@ -1,21 +1,21 @@
-$NetBSD: patch-ab,v 1.3 2005/08/09 17:31:06 drochner Exp $
+$NetBSD: patch-ab,v 1.4 2006/03/14 20:03:43 drochner Exp $
---- options.h.orig 2005-07-08 21:20:58.000000000 +0200
+--- options.h.orig 2006-03-12 05:52:51.000000000 +0100
+++ options.h
-@@ -122,8 +122,11 @@ etc) slower (perhaps by 50%). Recommende
+@@ -127,8 +127,11 @@ etc) slower (perhaps by 50%). Recommende
* but there's an interface via a PAM module - don't bother using it otherwise.
* You can't enable both PASSWORD and PAM. */
+#ifdef DISABLE_PAM
#define ENABLE_SVR_PASSWORD_AUTH
--/*#define ENABLE_SVR_PAM_AUTH*/
+-/* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
+#else
-+#define ENABLE_SVR_PAM_AUTH
++#define ENABLE_SVR_PAM_AUTH /* requires ./configure --enable-pam */
+#endif
#define ENABLE_SVR_PUBKEY_AUTH
#define ENABLE_CLI_PASSWORD_AUTH
-@@ -148,7 +151,7 @@ etc) slower (perhaps by 50%). Recommende
+@@ -154,7 +157,7 @@ etc) slower (perhaps by 50%). Recommende
* however significantly reduce the security of your ssh connections
* if the PRNG state becomes guessable - make sure you know what you are
* doing if you change this. */
diff -r 470a2ae42fcf -r f1d7db4c73f9 security/dropbear/patches/patch-ac
--- a/security/dropbear/patches/patch-ac Tue Mar 14 19:50:42 2006 +0000
+++ b/security/dropbear/patches/patch-ac Tue Mar 14 20:03:43 2006 +0000
@@ -1,29 +1,18 @@
-$NetBSD: patch-ac,v 1.1 2005/08/09 17:31:06 drochner Exp $
+$NetBSD: patch-ac,v 1.2 2006/03/14 20:03:43 drochner Exp $
---- svr-authpam.c.orig 2005-08-09 19:13:13.000000000 +0200
+--- svr-authpam.c.orig 2006-03-12 05:52:52.000000000 +0100
+++ svr-authpam.c
-@@ -78,7 +78,8 @@ pamConvFunc(int num_msg,
-
- case PAM_PROMPT_ECHO_OFF:
+@@ -124,7 +124,8 @@ pamConvFunc(int num_msg,
+ case PAM_PROMPT_ECHO_ON:
-- if (strcmp(message, "Password:") != 0) {
-+ if ((strcmp(message, "Password:") != 0)
-+ && (strcmp(message, "Password: ") != 0)) {
- TRACE(("PAM_PROMPT_ECHO_OFF: unrecognized prompt"))
- rc = PAM_CONV_ERR;
- break;
-@@ -101,7 +102,9 @@ pamConvFunc(int num_msg,
-
- if ((strcmp(message, "login: " ) != 0)
- && (strcmp(message, "login:" ) != 0)
-- && (strcmp(message, "Please enter username: " ) != 0)) {
-+ && (strcmp(message, "Please enter username: " ) != 0)
-+ && (strcmp(message, "Login:" ) != 0)
-+ && (strcmp(message, "Username:" ) != 0)) {
- TRACE(("PAM_PROMPT_ECHO_ON: unrecognized prompt"))
- rc = PAM_CONV_ERR;
- break;
-@@ -184,7 +187,9 @@ void svr_auth_pam() {
+ if (!((strcmp(compare_message, "login:" ) == 0)
+- || (strcmp(compare_message, "please enter username:") == 0))) {
++ || (strcmp(compare_message, "please enter username:") == 0)
++ || (strcmp(compare_message, "username:" ) == 0))) {
+ /* We don't recognise the prompt as asking for a username,
+ so can't handle it. Add more above as required for
+ different pam modules/implementations */
+@@ -212,7 +213,9 @@ void svr_auth_pam() {
goto cleanup;
}
diff -r 470a2ae42fcf -r f1d7db4c73f9 security/dropbear/patches/patch-ad
--- a/security/dropbear/patches/patch-ad Tue Mar 14 19:50:42 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-ad,v 1.1 2005/12/14 18:00:12 reed Exp $
-
-security patch from http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html
-
---- svr-chansession.c.orig 2005-12-14 09:32:29.056688256 -0800
-+++ svr-chansession.c 2005-12-14 09:33:13.361952832 -0800
-@@ -810,7 +810,7 @@
- /* need to increase size */
- if (i == svr_ses.childpidsize) {
- svr_ses.childpids = (struct ChildPid*)m_realloc(svr_ses.childpids,
-- sizeof(struct ChildPid) * svr_ses.childpidsize+1);
-+ sizeof(struct ChildPid) * (svr_ses.childpidsize+1));
- svr_ses.childpidsize++;
- }
-
diff -r 470a2ae42fcf -r f1d7db4c73f9 security/dropbear/patches/patch-ae
--- a/security/dropbear/patches/patch-ae Tue Mar 14 19:50:42 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-ae,v 1.1 2006/01/19 23:53:54 joerg Exp $
-
---- svr-tcpfwd.c.orig 2006-01-19 23:47:43.000000000 +0000
-+++ svr-tcpfwd.c
-@@ -80,7 +80,11 @@ void recv_msg_global_request_remotetcp()
- reqname = buf_getstring(ses.payload, &namelen);
- wantreply = buf_getbool(ses.payload);
-
-+#if defined(NAME_MAX)
-+ if (namelen > NAME_MAX) {
-+#else
- if (namelen > MAXNAMLEN) {
-+#endif
- TRACE(("name len is wrong: %d", namelen))
- goto out;
- }
Home |
Main Index |
Thread Index |
Old Index