[pkgsrc/trunk]: pkgsrc/security/ssh2 Update to version 3.2.9.1.

[seb <seb%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/819c14d3936b
branches:  trunk
changeset: 470871:819c14d3936b
user:      seb <seb%pkgsrc.org@localhost>
date:      Fri Mar 12 16:40:08 2004 +0000

description:
Update to version 3.2.9.1.

While here bl3ify.

Changes since previously packaged version (3.2.5):

2003-12-03  Sami J. Lehtinen  <sjl%ssh.com@localhost>

        * ssh-3.2.9.1.

        * non-commercial: removed cert hash compat stuff, which broke
          compilation.

2003-09-26  Sami J. Lehtinen  <sjl%ssh.com@localhost>
        * ssh-3.2.9.
        * ssh2,sshd2: (by Patrick Irwin): Critical security fix: fixed
          several bugs in ASN.1 decoding functionality, which were caused
          by invalid assumptions on the format of input BER data.
          Certificates malformed in certain ways could cause a crash or
          buffer overflow. No known exploits at this time, but you are
          strongly advised to upgrade.

          Admins unwilling or unable to upgrade need to disable
          certificates, but this may not be enough for "hostbased"
          authentication. "publickey" auth should be safe even with the
          old version with certificates disabled. Clients are probably
          vulnerable against malicious servers in the initial key exchange
          regardless of configuration.

          Users of noncommercial version are not affected by this
          vulnerability.

2003-09-25  Sami J. Lehtinen  <sjl%ssh.com@localhost>

        * sshd2, ssh2: Implemented DisableVersionFallback, with which you
          can disable fallback compatibility code for older, or otherwise
          incompatible versions of software. Don't disable unless you know
          what you're doing. See sshd2_config(5) for details. For really
          paranoid people (using this option will probably hurt usability
          somewhat, especially in environments where multiple versions of
          SSH are used from different vendors).

        * sshd2, ssh2: Implemented Cert.RSA.Compat.HashScheme. Older SSH
          Secure Shell clients and servers used hashes in an incoherent
          manner (sometimes MD5, sometimes SHA-1). With this option, you
          can set what hash is used. See sshd2_config(5) for details.

        * Previous: ssh-3.2.8.

2003-08-07  Tomi Salo  <ttsalo%ssh.com@localhost>

        * Added a new general configuration option, MaxCRLSize. This sets
          the maximum size for CRLs and CA certs used in validating
          received certificates. (The size is the total size of all CRLs
          and certs, not the maximum individual size.)

2003-06-11  Sami J. Lehtinen  <sjl%ssh.com@localhost>

        * ssh-3.2.7.

        * ssh-signer2: Fixed a bug, which caused the application to
          intermittently call fatal because the read() operation was
          interrupted by a signal (SIGCHLD).

2003-06-04  Sami J. Lehtinen  <sjl%ssh.com@localhost>

        * ssh-3.2.6.

        * SecurID certified binaries, no code changes.

diffstat:

 security/ssh2/Makefile.common |  13 ++++++-------
 security/ssh2/distinfo        |   6 +++---
 2 files changed, 9 insertions(+), 10 deletions(-)

diffs (59 lines):

diff -r 5c5deb90bc46 -r 819c14d3936b security/ssh2/Makefile.common
--- a/security/ssh2/Makefile.common     Fri Mar 12 16:06:40 2004 +0000
+++ b/security/ssh2/Makefile.common     Fri Mar 12 16:40:08 2004 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.6 2004/01/07 02:21:17 jlam Exp $
+# $NetBSD: Makefile.common,v 1.7 2004/03/12 16:40:08 seb Exp $
 #
 
-DISTNAME=      ssh-3.2.5
+DISTNAME=      ssh-3.2.9.1
 CATEGORIES=    security
 MASTER_SITES=  ftp://ftp.ssh.com/pub/ssh/
 
@@ -11,7 +11,7 @@
 CONFLICTS+=    openssh-[0-9]* ssh6-[0-9]* ssh-[0-9]* sftp-[0-9]*
 CONFLICTS+=    openssh+gssapi-[0-9]*
 
-USE_BUILDLINK2=                YES
+USE_BUILDLINK3=                YES
 USE_PKGINSTALL=                YES
 GNU_CONFIGURE=         YES
 
@@ -82,19 +82,18 @@
 OWN_DIRS=              ${PKG_SYSCONFDIR}/knownhosts
 OWN_DIRS+=             ${PKG_SYSCONFDIR}/hostkeys
 
-DOCSDIR=               ${PREFIX}/share/doc/${PKGBASE}
 DOCS=                  CHANGES FAQ HOWTO.anonymous.sftp INSTALL LICENSE \
                        NEWS README REGEX-SYNTAX SSH2.QUICKSTART \
                        RFC.authorization_program_protocol \
                        RFC.kbdint_plugin_protocol
+INSTALLATION_DIRS+=    share/doc/${PKGBASE}
 
 post-install:
-       ${INSTALL_DATA_DIR} ${DOCSDIR}
 .for FILE in ${DOCS}
-       ${INSTALL_DATA} ${WRKSRC}/${FILE} ${DOCSDIR}
+       ${INSTALL_DATA} ${WRKSRC}/${FILE} ${PREFIX}/share/doc/${PKGBASE}
 .endfor
 .for FILE in ${EGFILES}
        ${INSTALL_DATA} ${WRKSRC}/${FILE} ${EGDIR}
 .endfor
 
-.include "../../security/tcp_wrappers/buildlink2.mk"
+.include "../../security/tcp_wrappers/buildlink3.mk"
diff -r 5c5deb90bc46 -r 819c14d3936b security/ssh2/distinfo
--- a/security/ssh2/distinfo    Fri Mar 12 16:06:40 2004 +0000
+++ b/security/ssh2/distinfo    Fri Mar 12 16:40:08 2004 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.5 2003/08/12 19:08:55 seb Exp $
+$NetBSD: distinfo,v 1.6 2004/03/12 16:40:09 seb Exp $
 
-SHA1 (ssh-3.2.5.tar.gz) = 390023a395a6b4cfd42bf0e37b472f0ca44791ce
-Size (ssh-3.2.5.tar.gz) = 2258425 bytes
+SHA1 (ssh-3.2.9.1.tar.gz) = 22e4589c889aef18e53a8942716084f0d8ede7db
+Size (ssh-3.2.9.1.tar.gz) = 2269281 bytes
 SHA1 (patch-aa) = 34353e23d81916202216dc401e99f17b08f3d6fb
 SHA1 (patch-ab) = 314e2e4165fb1d429297f235c9712ddc0d924865
 SHA1 (patch-ac) = d5b564f88105cc2ac58577d37a1b336ce78c1393