diff options
author | christos <christos@pkgsrc.org> | 2000-01-17 05:34:32 +0000 |
---|---|---|
committer | christos <christos@pkgsrc.org> | 2000-01-17 05:34:32 +0000 |
commit | bc7de9ae5c95371ca23659efb376a2d57d635a1f (patch) | |
tree | f932aa993b93ad9e9e928a2597fcb185bea4d709 /security/openssh | |
parent | 0112fd40b384d8512af34de053b8ba4782653982 (diff) | |
download | pkgsrc-bc7de9ae5c95371ca23659efb376a2d57d635a1f.tar.gz |
New openssh package [needs some cleanup]
- it is not enabled by default (need to think what to do with the ssh conflict)
- only tested under 1.4.1 so far
Diffstat (limited to 'security/openssh')
-rw-r--r-- | security/openssh/Makefile | 36 | ||||
-rw-r--r-- | security/openssh/files/md5 | 1 | ||||
-rw-r--r-- | security/openssh/files/patch-sum | 10 | ||||
-rw-r--r-- | security/openssh/patches/patch-aa | 13 | ||||
-rw-r--r-- | security/openssh/patches/patch-ab | 59 | ||||
-rw-r--r-- | security/openssh/patches/patch-ac | 23 | ||||
-rw-r--r-- | security/openssh/patches/patch-ad | 38 | ||||
-rw-r--r-- | security/openssh/patches/patch-ae | 19 | ||||
-rw-r--r-- | security/openssh/patches/patch-af | 21 | ||||
-rw-r--r-- | security/openssh/patches/patch-ag | 15 | ||||
-rw-r--r-- | security/openssh/patches/patch-ah | 36 | ||||
-rw-r--r-- | security/openssh/pkg/COMMENT | 1 | ||||
-rw-r--r-- | security/openssh/pkg/DESCR | 68 | ||||
-rw-r--r-- | security/openssh/pkg/PLIST | 17 |
14 files changed, 357 insertions, 0 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile new file mode 100644 index 00000000000..06b5e580f9c --- /dev/null +++ b/security/openssh/Makefile @@ -0,0 +1,36 @@ +# $NetBSD: Makefile,v 1.1 2000/01/17 05:34:32 christos Exp $ +# + +DISTNAME= openssh-1.2.1pre26 +PKGNAME= openssh-1.2.1-26 +CATEGORIES= security +MASTER_SITES= ftp://thermo.stat.ncsu.edu/pub/openssh/files + +MAINTAINER= packages@netbsd.org +HOMEPAGE= http://www.openssh.org/ + +CONFLICTS= ssh-* + +USE_PERL5= yes + +RESTRICTED= "Crypto; export-controlled" +MIRROR_DISTFILE= no + +# matches what's in `Configure' (except sparc64) +ONLY_FOR_PLATFORM= NetBSD-*-alpha NetBSD-*-arm32 NetBSD-*-i386 \ + NetBSD-*-m68k NetBSD-*-mips NetBSD-*-mipseb \ + NetBSD-*-mipsel NetBSD-*-ns32k NetBSD-*-powerpc \ + NetBSD-*-sparc NetBSD-*-vax + +GNU_CONFIGURE= yes + +.include "../../mk/bsd.prefs.mk" + +# from mk.conf +SSH_CONF_DIR?= /etc +CONFIGURE_ARGS= --prefix=${PREFIX} --sysconfdir=${SSH_CONF_DIR} + +DEPENDS= openssl-0.9.4 +CONFIGURE_ARGS+= openssl + +.include "../../mk/bsd.pkg.mk" diff --git a/security/openssh/files/md5 b/security/openssh/files/md5 new file mode 100644 index 00000000000..b6faaffddde --- /dev/null +++ b/security/openssh/files/md5 @@ -0,0 +1 @@ +MD5 (openssh-1.2.1pre26.tar.gz) = 75501f28adcca30aeb965596a5dc0326 diff --git a/security/openssh/files/patch-sum b/security/openssh/files/patch-sum new file mode 100644 index 00000000000..9ca8a246602 --- /dev/null +++ b/security/openssh/files/patch-sum @@ -0,0 +1,10 @@ +$NetBSD: patch-sum,v 1.1 2000/01/17 05:34:33 christos Exp $ + +MD5 (patch-aa) = 95183ca577840e5bb48b877e93ae25e4 +MD5 (patch-ab) = b1be98743ffb76d3e0401dda3a420f25 +MD5 (patch-ac) = 33cece26534692f25fca101e2a5f9340 +MD5 (patch-ad) = affe7f6d4df103015cb788cac15d2670 +MD5 (patch-ae) = 60bdd814e2305bd2f70d5728344ad85f +MD5 (patch-af) = 5944fcd4ff8e95f38af74bca6cf6c97d +MD5 (patch-ag) = 4f4487055339564aca2c495456645919 +MD5 (patch-ah) = 9923ffcb1636a92de6b94069bd5fb4bf diff --git a/security/openssh/patches/patch-aa b/security/openssh/patches/patch-aa new file mode 100644 index 00000000000..6bf7373fa57 --- /dev/null +++ b/security/openssh/patches/patch-aa @@ -0,0 +1,13 @@ +$NetBSD: patch-aa,v 1.1 2000/01/17 05:34:34 christos Exp $ + +--- configure.orig Sat Jan 15 20:22:59 2000 ++++ configure Sun Jan 16 23:51:58 2000 +@@ -1321,7 +1321,7 @@ + + if test "$ssldir" != "/usr"; then + CFLAGS="$CFLAGS -I$ssldir/include" +- LDFLAGS="$LDFLAGS -L$ssldir/lib" ++ LDFLAGS="$LDFLAGS -L$ssldir/lib -R$ssldir/lib" + fi + echo "$ac_t""$ssldir" 1>&6 + diff --git a/security/openssh/patches/patch-ab b/security/openssh/patches/patch-ab new file mode 100644 index 00000000000..12af0e999d6 --- /dev/null +++ b/security/openssh/patches/patch-ab @@ -0,0 +1,59 @@ +$NetBSD: patch-ab,v 1.1 2000/01/17 05:34:34 christos Exp $ + +--- fake-getaddrinfo.c.orig Sun Jan 16 23:45:39 2000 ++++ fake-getaddrinfo.c Sun Jan 16 23:47:45 2000 +@@ -41,7 +41,7 @@ + do { + next = ai->ai_next; + free(ai); +- } while (ai = next); ++ } while ((ai = next) != NULL); + } + #endif /* !HAVE_FREEADDRINFO */ + +@@ -53,8 +53,8 @@ + { + struct addrinfo *ai; + +- if (ai = (struct addrinfo *)malloc(sizeof(struct addrinfo) + +- sizeof(struct sockaddr_in))) { ++ if ((ai = (struct addrinfo *)malloc(sizeof(struct addrinfo) + ++ sizeof(struct sockaddr_in))) != NULL) { + memset(ai, 0, sizeof(struct addrinfo) + sizeof(struct sockaddr_in)); + ai->ai_addr = (struct sockaddr *)(ai + 1); + /* XXX -- ssh doesn't use sa_len */ +@@ -83,25 +83,27 @@ + else + port = 0; + if (hints && hints->ai_flags & AI_PASSIVE) +- if (*res = malloc_ai(port, htonl(0x00000000))) ++ if ((*res = malloc_ai(port, htonl(0x00000000))) != NULL) + return 0; + else + return EAI_MEMORY; +- if (!hostname) +- if (*res = malloc_ai(port, htonl(0x7f000001))) ++ if (!hostname) { ++ if ((*res = malloc_ai(port, htonl(0x7f000001))) != NULL) + return 0; + else + return EAI_MEMORY; +- if (inet_addr(hostname) != -1) +- if (*res = malloc_ai(port, inet_addr(hostname))) ++ } ++ if (inet_addr(hostname) != -1) { ++ if ((*res = malloc_ai(port, inet_addr(hostname))) != NULL) + return 0; + else + return EAI_MEMORY; ++ } + if ((hp = gethostbyname(hostname)) && + hp->h_name && hp->h_name[0] && hp->h_addr_list[0]) { + for (i = 0; hp->h_addr_list[i]; i++) +- if (cur = malloc_ai(port, +- ((struct in_addr *)hp->h_addr_list[i])->s_addr)) { ++ if ((cur = malloc_ai(port, ++ ((struct in_addr *)hp->h_addr_list[i])->s_addr)) != NULL) { + if (prev) + prev->ai_next = cur; + else diff --git a/security/openssh/patches/patch-ac b/security/openssh/patches/patch-ac new file mode 100644 index 00000000000..a16ffaa78d9 --- /dev/null +++ b/security/openssh/patches/patch-ac @@ -0,0 +1,23 @@ +$NetBSD: patch-ac,v 1.1 2000/01/17 05:34:34 christos Exp $ + +--- fake-getaddrinfo.h.orig Thu Jan 13 23:45:49 2000 ++++ fake-getaddrinfo.h Sun Jan 16 23:49:53 2000 +@@ -5,6 +5,9 @@ + + #include "fake-gai-errnos.h" + ++#ifndef AI_CANONNAME ++# define AI_CANONNAME 0 ++#endif + #ifndef AI_PASSIVE + # define AI_PASSIVE 1 + #endif +@@ -25,7 +28,7 @@ + char *ai_canonname; /* canonical name for hostname */ + struct sockaddr *ai_addr; /* binary address */ + struct addrinfo *ai_next; /* next structure in linked list */ +-} ++}; + #endif /* !HAVE_STRUCT_ADDRINFO */ + + #ifndef HAVE_GETADDRINFO diff --git a/security/openssh/patches/patch-ad b/security/openssh/patches/patch-ad new file mode 100644 index 00000000000..96a2ebc7d93 --- /dev/null +++ b/security/openssh/patches/patch-ad @@ -0,0 +1,38 @@ +$NetBSD: patch-ad,v 1.1 2000/01/17 05:34:34 christos Exp $ + +--- fake-getnameinfo.c.orig Sun Jan 16 23:45:45 2000 ++++ fake-getnameinfo.c Sun Jan 16 23:48:01 2000 +@@ -37,25 +37,27 @@ + else + strcpy(serv, tmpserv); + } +- if (host) +- if (flags & NI_NUMERICHOST) ++ if (host) { ++ if (flags & NI_NUMERICHOST) { + if (strlen(inet_ntoa(sin->sin_addr)) > hostlen) + return EAI_MEMORY; + else { + strcpy(host, inet_ntoa(sin->sin_addr)); + return 0; + } +- else +- if (hp = gethostbyaddr((char *)&sin->sin_addr, sizeof(struct in_addr), +- AF_INET)) ++ } else { ++ if ((hp = gethostbyaddr((char *)&sin->sin_addr, sizeof(struct in_addr), ++ AF_INET)) != NULL) { + if (strlen(hp->h_name) > hostlen) + return EAI_MEMORY; + else { + strcpy(host, hp->h_name); + return 0; + } +- else ++ } else + return EAI_NODATA; ++ } ++ } + return 0; + } + #endif /* !HAVE_GETNAMEINFO */ diff --git a/security/openssh/patches/patch-ae b/security/openssh/patches/patch-ae new file mode 100644 index 00000000000..aedfe6ccd06 --- /dev/null +++ b/security/openssh/patches/patch-ae @@ -0,0 +1,19 @@ +$NetBSD: patch-ae,v 1.1 2000/01/17 05:34:34 christos Exp $ + +--- log-client.c.orig Wed Nov 24 08:26:22 1999 ++++ log-client.c Sun Jan 16 23:50:22 2000 +@@ -45,12 +45,12 @@ + } + } + +-#define MSGBUFSIZE 1024 ++#define SSH_MSGBUFSIZE 1024 + + void + do_log(LogLevel level, const char *fmt, va_list args) + { +- char msgbuf[MSGBUFSIZE]; ++ char msgbuf[SSH_MSGBUFSIZE]; + + if (level > log_level) + return; diff --git a/security/openssh/patches/patch-af b/security/openssh/patches/patch-af new file mode 100644 index 00000000000..121bf2b0952 --- /dev/null +++ b/security/openssh/patches/patch-af @@ -0,0 +1,21 @@ +$NetBSD: patch-af,v 1.1 2000/01/17 05:34:34 christos Exp $ + +--- log-server.c.orig Wed Nov 24 08:26:22 1999 ++++ log-server.c Sun Jan 16 23:50:54 2000 +@@ -97,13 +97,13 @@ + log_on_stderr = on_stderr; + } + +-#define MSGBUFSIZE 1024 ++#define SSH_MSGBUFSIZE 1024 + + void + do_log(LogLevel level, const char *fmt, va_list args) + { +- char msgbuf[MSGBUFSIZE]; +- char fmtbuf[MSGBUFSIZE]; ++ char msgbuf[SSH_MSGBUFSIZE]; ++ char fmtbuf[SSH_MSGBUFSIZE]; + char *txt = NULL; + int pri = LOG_INFO; + diff --git a/security/openssh/patches/patch-ag b/security/openssh/patches/patch-ag new file mode 100644 index 00000000000..b1158792f4e --- /dev/null +++ b/security/openssh/patches/patch-ag @@ -0,0 +1,15 @@ +$NetBSD: patch-ag,v 1.1 2000/01/17 05:34:35 christos Exp $ + +--- uidswap.c.orig Wed Nov 24 19:55:00 1999 ++++ uidswap.c Sun Jan 16 23:48:54 2000 +@@ -27,8 +27,10 @@ + #define SAVED_IDS_WORK_WITH_SETEUID + #endif /* _POSIX_SAVED_IDS */ + ++#ifdef SAVED_IDS_WORK_WITH_SETEUID + /* Saved effective uid. */ + static uid_t saved_euid = 0; ++#endif + + /* + * Temporarily changes to the given uid. If the effective user diff --git a/security/openssh/patches/patch-ah b/security/openssh/patches/patch-ah new file mode 100644 index 00000000000..ba1be47a482 --- /dev/null +++ b/security/openssh/patches/patch-ah @@ -0,0 +1,36 @@ +$NetBSD: patch-ah,v 1.1 2000/01/17 05:34:35 christos Exp $ + +--- Makefile.in.orig Thu Jan 13 23:45:46 2000 ++++ Makefile.in Mon Jan 17 00:24:48 2000 +@@ -5,6 +5,7 @@ + libexecdir=@libexecdir@ + mandir=@mandir@ + sysconfdir=@sysconfdir@ ++examplesdir=@prefix@/share/examples/ssh + + srcdir = @srcdir@ + top_srcdir = @top_srcdir@ +@@ -137,16 +138,16 @@ + $(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_LOCATION} ; \ + fi + +- if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \ +- $(INSTALL) -d $(sysconfdir); \ +- $(INSTALL) -m 644 ssh_config $(sysconfdir)/ssh_config; \ +- $(INSTALL) -m 644 sshd_config $(sysconfdir)/sshd_config; \ ++ if [ ! -f $(examplesdir)/ssh_config -a ! -f $(examplesdir)/sshd_config ]; then \ ++ $(INSTALL) -d $(examplesdir); \ ++ $(INSTALL) -m 644 ssh_config $(examplesdir)/ssh_config; \ ++ $(INSTALL) -m 644 sshd_config $(examplesdir)/sshd_config; \ + fi + + uninstallall: uninstall +- -rm -f $(sysconfdir)/ssh_config +- -rm -f $(sysconfdir)/sshd_config +- -rmdir $(sysconfdir) ++ -rm -f $(examplesdir)/ssh_config ++ -rm -f $(examplesdir)/sshd_config ++ -rmdir $(examplesdir) + -rmdir $(bindir) + -rmdir $(sbindir) + -rmdir $(mandir)/man1 diff --git a/security/openssh/pkg/COMMENT b/security/openssh/pkg/COMMENT new file mode 100644 index 00000000000..1621ad7026a --- /dev/null +++ b/security/openssh/pkg/COMMENT @@ -0,0 +1 @@ +Open Source Secure shell client and server (remote login program). diff --git a/security/openssh/pkg/DESCR b/security/openssh/pkg/DESCR new file mode 100644 index 00000000000..6827f64a327 --- /dev/null +++ b/security/openssh/pkg/DESCR @@ -0,0 +1,68 @@ +This is the port of OpenBSD's excellent OpenSSH to Linux and other +Unices. + +OpenSSH is based on the last free version of Tatu Ylonen's SSH with +all patent-encumbered algorithms removed (to external libraries), all +known security bugs fixed, new features reintroduced and many other +clean-ups. More information about SSH itself can be found in the file +README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck, +Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a +homepage at http://www.openssh.com/ + +This port consists of the re-introduction of autoconf support, PAM +support (for Linux and Solaris), EGD[1] support, SOCKS support (using +the Dante [6] libraries and replacements for OpenBSD library functions +that are (regrettably) absent from other unices. This port has been +best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX, +SCO, NeXT and other Unices is underway. This version actively tracks +changes in the OpenBSD CVS repository. + +The PAM support is now more functional than the popular packages of +commercial ssh-1.2.x. It checks "account" and "session" modules for +all logins, not just when using password authentication. + +All new code is released under a XFree style license, which is very +liberal. Please refer to the source files for details. The code in +bsd-*.[ch] is from the OpenBSD project and has its own license (again, +see the source files for details). + +OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4] and +Dante[6]. To build the GNOME[5] pass-phrase requester +(--with-gnome-askpass), you will need the GNOME libraries installed. +If you are building OpenSSH on a Unix which lacks a kernel random +number pool (/dev/random), you will need to install EGD[1]. + +There is now several mailing lists for this port of OpenSSH. Please +refer to http://violet.ibs.com.au/openssh/list.html for details on how +to join. + +Please send bug reports and patches to the mailing list +openssh-unix-dev@mindrot.org. The list is currently open to posting by +unsubscribed users. + +Please refer to the INSTALL document for information on how to install +OpenSSH on your system. The UPGRADING document details differences +between this port of OpenSSH and F-Secure SSH 1.x. + +Damien Miller <djm@ibs.com.au> +Internet Business Solutions + +Miscellania - + +This version of SSH is based upon code retrieved from the OpenBSD CVS +repository which in turn was based on the last free +version of SSH released by Tatu Ylonen. + +Code in bsd-misc.[ch] and gnome-ssh-askpass.c is Copyright 1999 Damien +Miller & Internet Business Solutions and is released under a X11-style +license (see source files for details). + +References - + +[1] http://www.lothar.com/tech/crypto/ +[2] http://www.cdrom.com/pub/infozip/zlib/ +[3] http://www.openssl.org/ +[4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) +[5] http://www.gnome.org/ +[6] http://www.inet.no/dante + diff --git a/security/openssh/pkg/PLIST b/security/openssh/pkg/PLIST new file mode 100644 index 00000000000..c71d513d55e --- /dev/null +++ b/security/openssh/pkg/PLIST @@ -0,0 +1,17 @@ +@comment $NetBSD: PLIST,v 1.1 2000/01/17 05:34:35 christos Exp $ +bin/ssh +bin/scp +bin/slogin +bin/ssh-add +bin/ssh-agent +bin/ssh-keygen +sbin/sshd +man/man1/ssh.1 +man/man1/scp.1 +man/man1/slogin.1 +man/man1/ssh-add.1 +man/man1/ssh-agent.1 +man/man1/ssh-keygen.1 +man/man8/sshd.8 +share/examples/ssh/ssh_config +share/examples/ssh/sshd_config |