summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authormrg <mrg@pkgsrc.org>1997-12-18 02:44:51 +0000
committermrg <mrg@pkgsrc.org>1997-12-18 02:44:51 +0000
commit4b22a3b69915c9fa0acdd1400072c2dfe8e1e013 (patch)
treecbd0e149feaf85c381286d4b421dd3a071c44da8 /security
parentb9c6b88b30f2103739aed0271d1af3a3104d209e (diff)
downloadpkgsrc-4b22a3b69915c9fa0acdd1400072c2dfe8e1e013.tar.gz
remove unnecessary patches, own to me, etcir=/etc.
Diffstat (limited to 'security')
-rw-r--r--security/ssh/Makefile8
-rw-r--r--security/ssh/patches/patch-aa19
-rw-r--r--security/ssh/patches/patch-ab35
-rw-r--r--security/ssh/patches/patch-ac1
-rw-r--r--security/ssh/patches/patch-ae1
-rw-r--r--security/ssh/patches/patch-af423
-rw-r--r--security/ssh/patches/patch-ah14
-rw-r--r--security/ssh/patches/patch-ai40
-rw-r--r--security/ssh/patches/patch-aj35
-rw-r--r--security/ssh/patches/patch-al27
-rw-r--r--security/ssh/patches/patch-ao1
-rw-r--r--security/ssh/pkg/PLIST4
12 files changed, 41 insertions, 567 deletions
diff --git a/security/ssh/Makefile b/security/ssh/Makefile
index 58cb00c1556..2a149062653 100644
--- a/security/ssh/Makefile
+++ b/security/ssh/Makefile
@@ -3,7 +3,7 @@
# Date created: 19971214
# Whom: hubertf@netbsd.org
#
-# $NetBSD: Makefile,v 1.1.1.1 1997/12/14 16:17:14 hubertf Exp $
+# $NetBSD: Makefile,v 1.2 1997/12/18 02:44:51 mrg Exp $
# FreeBSD Id: Makefile,v 1.47 1997/11/10 22:04:42 dima Exp
#
# Maximal ssh package requires YES values for
@@ -14,9 +14,9 @@ DISTNAME= ssh-1.2.21
CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
-MAINTAINER= hubertf@netbsd.org
+MAINTAINER= mrg@eterna.com.au
-# You can set USA_RESIDENT appropriately in /etc/make.conf if this bugs you..
+# You can set USA_RESIDENT appropriately in /etc/mk.conf if this bugs you..
.if !defined(USA_RESIDENT)
USA_RESIDENT= NO
.endif
@@ -37,7 +37,7 @@ IS_INTERACTIVE= YES
GNU_CONFIGURE= YES
-CONFIGURE_ARGS= --prefix=${PREFIX} --with-etcdir=${PREFIX}/etc
+CONFIGURE_ARGS= --prefix=${PREFIX} --with-etcdir=/etc
#Uncomment if all your users are in their own group and their homedir
#is writeable by that group. Beware the security implications!
diff --git a/security/ssh/patches/patch-aa b/security/ssh/patches/patch-aa
deleted file mode 100644
index 83e9968ac31..00000000000
--- a/security/ssh/patches/patch-aa
+++ /dev/null
@@ -1,19 +0,0 @@
-*** make-ssh-known-hosts.pl.in.orig Wed Apr 23 08:40:05 1997
---- make-ssh-known-hosts.pl.in Fri Apr 25 12:38:21 1997
-***************
-*** 87,93 ****
- $debug = 5;
- $defserver = '';
- $bell='\a';
-! $public_key = '/etc/ssh_host_key.pub';
- $private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
- $timeout = 60;
- $ping_timeout = 3;
---- 87,93 ----
- $debug = 5;
- $defserver = '';
- $bell='\a';
-! $public_key = '@ETCDIR@/ssh_host_key.pub';
- $private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
- $timeout = 60;
- $ping_timeout = 3;
diff --git a/security/ssh/patches/patch-ab b/security/ssh/patches/patch-ab
index dba02a731c0..5214a5f44af 100644
--- a/security/ssh/patches/patch-ab
+++ b/security/ssh/patches/patch-ab
@@ -1,5 +1,6 @@
-*** configure.orig Wed Apr 23 08:40:06 1997
---- configure Fri Apr 25 12:38:54 1997
+Index: configure
+*** configure.orig Fri Aug 22 10:28:43 1997
+--- configure Thu Dec 18 12:52:15 1997
***************
*** 1757,1768 ****
@@ -16,24 +17,24 @@
echo "configure:1769: checking that the compiler works" >&5
--- 1757,1762 ----
***************
-*** 2759,2765 ****
+*** 6931,6937 ****
+ ac_given_srcdir=$srcdir
+ ac_given_INSTALL="$INSTALL"
- fi
+! trap 'rm -fr `echo "Makefile sshd.8 ssh.1 make-ssh-known-hosts.1 zlib-1.0.4/Makefile config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
+ EOF
+ cat >> $CONFIG_STATUS <<EOF
-! for ac_hdr in unistd.h rusage.h sys/time.h lastlog.h utmp.h shadow.h
- do
- ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
- echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
---- 2753,2759 ----
+--- 6925,6931 ----
+ ac_given_srcdir=$srcdir
+ ac_given_INSTALL="$INSTALL"
- fi
+! trap 'rm -fr `echo "Makefile sshd.8 ssh.1 make-ssh-known-hosts.pl make-ssh-known-hosts.1 zlib-1.0.4/Makefile config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
+ EOF
+ cat >> $CONFIG_STATUS <<EOF
-! for ac_hdr in unistd.h rusage.h sys/time.h lastlog.h login_cap.h utmp.h shadow.h
- do
- ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
- echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
***************
-*** 7031,7037 ****
+*** 7036,7042 ****
cat >> $CONFIG_STATUS <<EOF
@@ -41,11 +42,11 @@
EOF
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
---- 7025,7031 ----
+--- 7030,7036 ----
cat >> $CONFIG_STATUS <<EOF
-! CONFIG_FILES=\${CONFIG_FILES-"Makefile sshd.8 ssh.1 make-ssh-known-hosts.1 make-ssh-known-hosts.pl"}
+! CONFIG_FILES=\${CONFIG_FILES-"Makefile sshd.8 ssh.1 make-ssh-known-hosts.pl make-ssh-known-hosts.1 zlib-1.0.4/Makefile"}
EOF
cat >> $CONFIG_STATUS <<\EOF
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
diff --git a/security/ssh/patches/patch-ac b/security/ssh/patches/patch-ac
index 6027311b99d..46a3ff28881 100644
--- a/security/ssh/patches/patch-ac
+++ b/security/ssh/patches/patch-ac
@@ -1,3 +1,4 @@
+Index: Makefile.inc
--- Makefile.in.orig Fri Aug 22 01:28:42 1997
+++ Makefile.in Mon Nov 24 15:14:18 1997
@@ -263,8 +263,10 @@
diff --git a/security/ssh/patches/patch-ae b/security/ssh/patches/patch-ae
index 6c0ffecd0dd..6f8a5e79039 100644
--- a/security/ssh/patches/patch-ae
+++ b/security/ssh/patches/patch-ae
@@ -1,3 +1,4 @@
+Index: server_config.sample
*** server_config.sample.orig Thu Mar 27 09:04:06 1997
--- server_config.sample Fri Mar 28 15:45:53 1997
***************
diff --git a/security/ssh/patches/patch-af b/security/ssh/patches/patch-af
deleted file mode 100644
index 736cd569902..00000000000
--- a/security/ssh/patches/patch-af
+++ /dev/null
@@ -1,423 +0,0 @@
-*** sshd.c.orig Wed Apr 23 04:40:08 1997
---- sshd.c Wed Jun 11 14:56:57 1997
-***************
-*** 400,405 ****
---- 400,409 ----
- #include "firewall.h" /* TIS authsrv authentication */
- #endif
-
-+ #ifdef HAVE_LOGIN_CAP_H
-+ #include <login_cap.h>
-+ #endif
-+
- #ifdef _PATH_BSHELL
- #define DEFAULT_SHELL _PATH_BSHELL
- #else
-***************
-*** 1542,1547 ****
---- 1546,1583 ----
- endspent();
- }
- #endif /* HAVE_ETC_SHADOW */
-+ #ifdef __FreeBSD__
-+ {
-+ time_t currtime;
-+
-+ if (pwd->pw_change || pwd->pw_expire)
-+ currtime = time(NULL);
-+
-+ /*
-+ * Check for an expired password
-+ */
-+ if (pwd->pw_change && pwd->pw_change <= currtime)
-+ {
-+ debug("Account %.100s's password is too old - forced to change.",
-+ user);
-+ if (options.forced_passwd_change)
-+ forced_command = "/usr/bin/passwd";
-+ else
-+ {
-+ return 0;
-+ }
-+ }
-+
-+ /*
-+ * Check for expired account
-+ */
-+ if (pwd->pw_expire && pwd->pw_expire <= currtime)
-+ {
-+ debug("Account %.100s has expired - access denied.", user);
-+ return 0;
-+ }
-+ }
-+ #else /* !FreeBSD */
- /*
- * Check if account is locked. Check if encrypted password starts
- * with "*LK*".
-***************
-*** 1553,1558 ****
---- 1589,1595 ----
- return 0;
- }
- }
-+ #endif /* !FreeBSD */
- #ifdef CHECK_ETC_SHELLS
- {
- int invalid = 1;
-***************
-*** 1698,1703 ****
---- 1735,1743 ----
- memset(&pwcopy, 0, sizeof(pwcopy));
- pwcopy.pw_name = xstrdup(pw->pw_name);
- pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
-+ #ifdef HAVE_LOGIN_CAP_H
-+ pwcopy.pw_class = xstrdup(pw->pw_class);
-+ #endif
- pwcopy.pw_uid = pw->pw_uid;
- pwcopy.pw_gid = pw->pw_gid;
- pwcopy.pw_dir = xstrdup(pw->pw_dir);
-***************
-*** 2654,2659 ****
---- 2694,2702 ----
- struct sockaddr_in from;
- int fromlen;
- struct pty_cleanup_context cleanup_context;
-+ #ifdef HAVE_LOGIN_CAP_H
-+ login_cap_t *lc;
-+ #endif
-
- /* We no longer need the child running on user's privileges. */
- userfile_uninit();
-***************
-*** 2725,2735 ****
- record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
- &from);
-
- /* Check if .hushlogin exists. Note that we cannot use userfile
- here because we are in the child. */
- sprintf(line, "%.200s/.hushlogin", pw->pw_dir);
- quiet_login = stat(line, &st) >= 0;
-!
- /* If the user has logged in before, display the time of last login.
- However, don't display anything extra if a command has been
- specified (so that ssh can be used to execute commands on a remote
---- 2768,2786 ----
- record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
- &from);
-
-+ #ifdef HAVE_LOGIN_CAP_H
-+ lc = login_getclass(pw->pw_class);
-+ #endif
-+
- /* Check if .hushlogin exists. Note that we cannot use userfile
- here because we are in the child. */
- sprintf(line, "%.200s/.hushlogin", pw->pw_dir);
- quiet_login = stat(line, &st) >= 0;
-!
-! #ifdef HAVE_LOGIN_CAP_H
-! quiet_login = login_getcapbool(lc, "hushlogin", quiet_login);
-! #endif
-!
- /* If the user has logged in before, display the time of last login.
- However, don't display anything extra if a command has been
- specified (so that ssh can be used to execute commands on a remote
-***************
-*** 2749,2754 ****
---- 2800,2828 ----
- printf("Last login: %s from %s\r\n", time_string, buf);
- }
-
-+ #ifdef __FreeBSD__
-+ if (command == NULL && !quiet_login)
-+ {
-+ #ifdef HAVE_LOGIN_CAP_H
-+ char *cw;
-+ FILE *f;
-+
-+ cw = login_getcapstr(lc, "copyright", NULL, NULL);
-+ if (cw != NULL && (f = fopen(cw, "r")) != NULL)
-+ {
-+ while (fgets(line, sizeof(line), f))
-+ fputs(line, stdout);
-+ fclose(f);
-+ }
-+ else
-+ #endif
-+ printf("%s\n\t%s %s\n\n",
-+ "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994",
-+ "The Regents of the University of California. ",
-+ "All rights reserved.");
-+ }
-+ #endif
-+
- /* Print /etc/motd unless a command was specified or printing it was
- disabled in server options. Note that some machines appear to
- print it in /etc/profile or similar. */
-***************
-*** 2758,2764 ****
---- 2832,2842 ----
- FILE *f;
-
- /* Print /etc/motd if it exists. */
-+ #ifdef HAVE_LOGIN_CAP_H
-+ f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", "/etc/motd"), "r");
-+ #else
- f = fopen("/etc/motd", "r");
-+ #endif
- if (f)
- {
- while (fgets(line, sizeof(line), f))
-***************
-*** 2766,2771 ****
---- 2844,2872 ----
- fclose(f);
- }
- }
-+ #ifdef __FreeBSD__
-+ if (command == NULL && !quiet_login)
-+ {
-+ #ifdef broken_HAVE_LOGIN_CAP_H
-+ char *mp = getenv("MAIL");
-+
-+ if (mp != NULL)
-+ {
-+ strncpy(line, mp, sizeof line);
-+ line[sizeof line - 1] = '\0';
-+ }
-+ else
-+ #endif
-+ sprintf(line, "%s/%.200s", _PATH_MAILDIR, pw->pw_name);
-+ if (stat(line, &st) == 0 && st.st_size != 0)
-+ printf("You have %smail.\n",
-+ (st.st_mtime > st.st_atime) ? "new " : "");
-+ }
-+ #endif
-+
-+ #ifdef HAVE_LOGIN_CAP_H
-+ login_close(lc);
-+ #endif
-
- /* Do common processing for the child, such as execing the command. */
- do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
-***************
-*** 3017,3023 ****
- char *user_shell;
- char *remote_ip;
- int remote_port;
-!
- /* Check /etc/nologin. */
- f = fopen("/etc/nologin", "r");
- if (f)
---- 3118,3130 ----
- char *user_shell;
- char *remote_ip;
- int remote_port;
-! #ifdef HAVE_LOGIN_CAP_H
-! login_cap_t *lc;
-! char *real_shell;
-!
-! lc = login_getclass(pw->pw_class);
-! auth_checknologin(lc);
-! #else /* !HAVE_LOGIN_CAP_H */
- /* Check /etc/nologin. */
- f = fopen("/etc/nologin", "r");
- if (f)
-***************
-*** 3031,3036 ****
---- 3138,3144 ----
- if (pw->pw_uid != UID_ROOT)
- exit(254);
- }
-+ #endif /* HAVE_LOGIN_CAP_H */
-
- if (command != NULL)
- {
-***************
-*** 3043,3049 ****
- else
- log_msg("executing remote command as user %.200s", pw->pw_name);
- }
-!
- #ifdef HAVE_SETLOGIN
- /* Set login name in the kernel. Warning: setsid() must be called before
- this. */
---- 3151,3158 ----
- else
- log_msg("executing remote command as user %.200s", pw->pw_name);
- }
-!
-! #ifndef HAVE_LOGIN_CAP_H
- #ifdef HAVE_SETLOGIN
- /* Set login name in the kernel. Warning: setsid() must be called before
- this. */
-***************
-*** 3064,3069 ****
---- 3173,3179 ----
- if (setpcred((char *)pw->pw_name, NULL))
- log_msg("setpcred %.100s: %.100s", strerror(errno));
- #endif /* HAVE_USERSEC_H */
-+ #endif /* !HAVE_LOGIN_CAP_H */
-
- /* Save some data that will be needed so that we can do certain cleanups
- before we switch to user's uid. (We must clear all sensitive data
-***************
-*** 3134,3139 ****
---- 3244,3309 ----
- if (command != NULL || !options.use_login)
- #endif /* USELOGIN */
- {
-+ #ifdef HAVE_LOGIN_CAP_H
-+ char *p, *s, **tmpenv;
-+
-+ /* Initialize the new environment.
-+ */
-+ envsize = 64;
-+ env = xmalloc(envsize * sizeof(char *));
-+ env[0] = NULL;
-+
-+ child_set_env(&env, &envsize, "PATH", DEFAULT_PATH);
-+
-+ #ifdef MAIL_SPOOL_DIRECTORY
-+ sprintf(buf, "%.200s/%.50s", MAIL_SPOOL_DIRECTORY, user_name);
-+ child_set_env(&env, &envsize, "MAIL", buf);
-+ #else /* MAIL_SPOOL_DIRECTORY */
-+ #ifdef MAIL_SPOOL_FILE
-+ sprintf(buf, "%.200s/%.50s", user_dir, MAIL_SPOOL_FILE);
-+ child_set_env(&env, &envsize, "MAIL", buf);
-+ #endif /* MAIL_SPOOL_FILE */
-+ #endif /* MAIL_SPOOL_DIRECTORY */
-+
-+ /* Let it inherit timezone if we have one. */
-+ if (getenv("TZ"))
-+ child_set_env(&env, &envsize, "TZ", getenv("TZ"));
-+
-+ /* Save previous environment array
-+ */
-+ tmpenv = environ;
-+ environ = env;
-+
-+ /* Set the user's login environment
-+ */
-+ if (setusercontext(lc, pw, user_uid, LOGIN_SETALL) < 0)
-+ {
-+ perror("setusercontext");
-+ exit(1);
-+ }
-+
-+ p = getenv("PATH");
-+ s = xmalloc((p != NULL ? strlen(p) + 1 : 0) + sizeof(SSH_BINDIR));
-+ *s = '\0';
-+ if (p != NULL)
-+ {
-+ strcat(s, p);
-+ strcat(s, ":");
-+ }
-+ strcat(s, SSH_BINDIR);
-+
-+ env = environ;
-+ environ = tmpenv; /* Restore parent environment */
-+ for (envsize = 0; env[envsize] != NULL; ++envsize)
-+ ;
-+ /* Reallocate this to what is expected */
-+ envsize = (envsize < 100) ? 100 : envsize + 16;
-+ env = xrealloc(env, envsize * sizeof(char *));
-+
-+ child_set_env(&env, &envsize, "PATH", s);
-+ xfree(s);
-+
-+ #else /* !HAVE_LOGIN_CAP_H */
- /* Set uid, gid, and groups. */
- if (getuid() == UID_ROOT || geteuid() == UID_ROOT)
- {
-***************
-*** 3165,3170 ****
---- 3335,3341 ----
-
- if (getuid() != user_uid || geteuid() != user_uid)
- fatal("Failed to set uids to %d.", (int)user_uid);
-+ #endif /* HAVE_LOGIN_CAP_H */
- }
-
- /* Reset signals to their default settings before starting the user
-***************
-*** 3175,3185 ****
---- 3346,3361 ----
- and means /bin/sh. */
- shell = (user_shell[0] == '\0') ? DEFAULT_SHELL : user_shell;
-
-+ #ifdef HAVE_LOGIN_CAP_H
-+ real_shell = login_getcapstr(lc, "shell", (char*)shell, (char*)shell);
-+ login_close(lc);
-+ #else /* !HAVE_LOGIN_CAP_H */
- /* Initialize the environment. In the first part we allocate space for
- all environment variables. */
- envsize = 100;
- env = xmalloc(envsize * sizeof(char *));
- env[0] = NULL;
-+ #endif /* HAVE_LOGIN_CAP_H */
-
- #ifdef USELOGIN
- if (command != NULL || !options.use_login)
-***************
-*** 3189,3194 ****
---- 3365,3372 ----
- child_set_env(&env, &envsize, "HOME", user_dir);
- child_set_env(&env, &envsize, "USER", user_name);
- child_set_env(&env, &envsize, "LOGNAME", user_name);
-+
-+ #ifndef HAVE_LOGIN_CAP_H
- child_set_env(&env, &envsize, "PATH", DEFAULT_PATH ":" SSH_BINDIR);
-
- #ifdef MAIL_SPOOL_DIRECTORY
-***************
-*** 3200,3205 ****
---- 3378,3384 ----
- child_set_env(&env, &envsize, "MAIL", buf);
- #endif /* MAIL_SPOOL_FILE */
- #endif /* MAIL_SPOOL_DIRECTORY */
-+ #endif /* !HAVE_LOGIN_CAP_H */
-
- #ifdef HAVE_ETC_DEFAULT_LOGIN
- /* Read /etc/default/login; this exists at least on Solaris 2.x. Note
-***************
-*** 3215,3223 ****
---- 3394,3404 ----
- child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
- original_command);
-
-+ #ifndef HAVE_LOGIN_CAP_H
- /* Let it inherit timezone if we have one. */
- if (getenv("TZ"))
- child_set_env(&env, &envsize, "TZ", getenv("TZ"));
-+ #endif /* !HAVE_LOGIN_CAP_H */
-
- /* Set custom environment options from RSA authentication. */
- while (custom_environment)
-***************
-*** 3437,3443 ****
---- 3618,3628 ----
- /* Execute the shell. */
- argv[0] = buf;
- argv[1] = NULL;
-+ #ifdef HAVE_LOGIN_CAP_H
-+ execve(real_shell, argv, env);
-+ #else
- execve(shell, argv, env);
-+ #endif /* HAVE_LOGIN_CAP_H */
- /* Executing the shell failed. */
- perror(shell);
- exit(1);
-***************
-*** 3458,3464 ****
---- 3643,3653 ----
- argv[1] = "-c";
- argv[2] = (char *)command;
- argv[3] = NULL;
-+ #ifdef HAVE_LOGIN_CAP_H
-+ execve(real_shell, argv, env);
-+ #else
- execve(shell, argv, env);
-+ #endif /* HAVE_LOGIN_CAP_H */
- perror(shell);
- exit(1);
- }
diff --git a/security/ssh/patches/patch-ah b/security/ssh/patches/patch-ah
deleted file mode 100644
index c06b14c7541..00000000000
--- a/security/ssh/patches/patch-ah
+++ /dev/null
@@ -1,14 +0,0 @@
-*** config.h.in.orig Wed Apr 23 08:40:06 1997
---- config.h.in Fri Apr 25 12:40:48 1997
-***************
-*** 527,532 ****
---- 527,535 ----
- /* Define if you have the <lastlog.h> header file. */
- #undef HAVE_LASTLOG_H
-
-+ /* Define if you have the <login_cap.h> header file. */
-+ #undef HAVE_LOGIN_CAP_H
-+
- /* Define if you have the <machine/endian.h> header file. */
- #undef HAVE_MACHINE_ENDIAN_H
-
diff --git a/security/ssh/patches/patch-ai b/security/ssh/patches/patch-ai
deleted file mode 100644
index 241dbf31f7d..00000000000
--- a/security/ssh/patches/patch-ai
+++ /dev/null
@@ -1,40 +0,0 @@
-*** userfile.c.orig Thu Mar 27 09:04:13 1997
---- userfile.c Sat Mar 29 01:16:51 1997
-***************
-*** 166,171 ****
---- 166,175 ----
- #endif
-
-
-+ #ifdef HAVE_LOGIN_CAP_H
-+ #include <login_cap.h>
-+ #endif
-+
- /* Protocol message types. */
- #define USERFILE_OPEN 1
- #define USERFILE_OPEN_REPLY 2
-***************
-*** 626,631 ****
---- 630,641 ----
- /* Child. We will start serving request. */
- if (uid != geteuid() || uid != getuid())
- {
-+ #ifdef HAVE_LOGIN_CAP_H
-+ struct passwd * pw = getpwuid(uid);
-+ login_cap_t * lc = login_getuserclass(pw);
-+ if (setusercontext(lc, pw, uid, LOGIN_SETALL&~(LOGIN_SETLOGIN|LOGIN_SETPATH|LOGIN_SETENV)) < 0)
-+ fatal("setusercontext: %s", strerror(errno));
-+ #else
- if (setgid(gid) < 0)
- fatal("setgid: %s", strerror(errno));
-
-***************
-*** 636,641 ****
---- 646,652 ----
-
- if (setuid(uid) < 0)
- fatal("setuid: %s", strerror(errno));
-+ #endif /* HAVE_LOGIN_CAP_H */
- }
-
- /* Enter the server main loop. */
diff --git a/security/ssh/patches/patch-aj b/security/ssh/patches/patch-aj
index 60f7495697f..02da3ad1639 100644
--- a/security/ssh/patches/patch-aj
+++ b/security/ssh/patches/patch-aj
@@ -1,7 +1,8 @@
-*** configure.in.orig Wed Apr 23 08:40:06 1997
---- configure.in Fri Apr 25 12:41:26 1997
+Index: configure.in
+*** configure.in.orig Fri Aug 22 10:28:43 1997
+--- configure.in Thu Dec 18 12:52:28 1997
***************
-*** 616,624 ****
+*** 623,631 ****
export CFLAGS CC
@@ -11,7 +12,7 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
---- 616,624 ----
+--- 623,631 ----
export CFLAGS CC
@@ -22,19 +23,13 @@
AC_MSG_CHECKING([that the compiler works])
AC_TRY_RUN([ main(int ac, char **av) { return 0; } ],
***************
-*** 671,677 ****
-
- AC_HEADER_STDC
- AC_HEADER_SYS_WAIT
-! AC_CHECK_HEADERS(unistd.h rusage.h sys/time.h lastlog.h utmp.h shadow.h)
- AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
- AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
- AC_HEADER_TIME
---- 671,677 ----
-
- AC_HEADER_STDC
- AC_HEADER_SYS_WAIT
-! AC_CHECK_HEADERS(unistd.h rusage.h sys/time.h lastlog.h login_cap.h utmp.h shadow.h)
- AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h machine/endian.h)
- AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h netinet/in_system.h netinet/ip.h netinet/tcp.h ulimit.h)
- AC_HEADER_TIME
+*** 1525,1528 ****
+ AC_SUBST(CONFOBJS)
+ AC_SUBST(SSHINSTALLMODE)
+
+! AC_OUTPUT(Makefile sshd.8 ssh.1 make-ssh-known-hosts.1 zlib-1.0.4/Makefile)
+--- 1525,1528 ----
+ AC_SUBST(CONFOBJS)
+ AC_SUBST(SSHINSTALLMODE)
+
+! AC_OUTPUT(Makefile sshd.8 ssh.1 make-ssh-known-hosts.pl make-ssh-known-hosts.1 zlib-1.0.4/Makefile)
diff --git a/security/ssh/patches/patch-al b/security/ssh/patches/patch-al
deleted file mode 100644
index 1da799c26ac..00000000000
--- a/security/ssh/patches/patch-al
+++ /dev/null
@@ -1,27 +0,0 @@
-*** sshconnect.c.orig Wed Apr 23 08:40:11 1997
---- sshconnect.c Fri Apr 25 12:41:59 1997
-***************
-*** 311,316 ****
---- 311,322 ----
- {
- struct sockaddr_in sin;
- int p;
-+ #if defined(__FreeBSD__) && !defined(SOCKS)
-+ p = 1023; /* Compat with old FreeBSD */
-+ sock = rresvport(&p);
-+ if (sock < 0)
-+ fatal("rresvport: %.100s", strerror(errno));
-+ #else
- for (p = 1023; p > 512; p--)
- {
- sock = socket(AF_INET, SOCK_STREAM, 0);
-***************
-*** 338,343 ****
---- 344,350 ----
- }
- fatal("bind: %.100s", strerror(errno));
- }
-+ #endif
- debug("Allocated local port %d.", p);
- }
- else
diff --git a/security/ssh/patches/patch-ao b/security/ssh/patches/patch-ao
index 5072ce4d394..314d60a8c4b 100644
--- a/security/ssh/patches/patch-ao
+++ b/security/ssh/patches/patch-ao
@@ -1,3 +1,4 @@
+Index: newchannels.c
--- newchannels.c.orig Tue Apr 22 17:40:11 1997
+++ newchannels.c Sat Jul 19 11:42:06 1997
@@ -2139,6 +2139,10 @@
diff --git a/security/ssh/pkg/PLIST b/security/ssh/pkg/PLIST
index ac70652f7a4..6690140a329 100644
--- a/security/ssh/pkg/PLIST
+++ b/security/ssh/pkg/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 1997/12/14 16:17:14 hubertf Exp $
+@comment $NetBSD: PLIST,v 1.2 1997/12/18 02:45:02 mrg Exp $
@comment XXX etc/rc.d/sshd.sh - not yet - hubertf
bin/scp
bin/ssh
@@ -18,8 +18,6 @@ man/man1/ssh.1.gz
man/man1/slogin.1.gz
man/man8/sshd.8.gz
sbin/sshd
-etc/ssh_config
-etc/sshd_config
@exec ln -s /etc/ssh_host_key %B
@unexec rm -f %B/ssh_host_key
@exec ln -s /etc/ssh_host_key.pub %B