diff options
| author | itojun <itojun@pkgsrc.org> | 2000-05-31 15:32:44 +0000 |
|---|---|---|
| committer | itojun <itojun@pkgsrc.org> | 2000-05-31 15:32:44 +0000 |
| commit | e1270396ddf04d55aa2b5f8825e2ce3655021457 (patch) | |
| tree | d4736c8127eb172cf35deb8aad91c8e5de85584a /security | |
| parent | 82a9b0ca8e70646e3e0a6dacf42897992a17a8ce (diff) | |
| download | pkgsrc-e1270396ddf04d55aa2b5f8825e2ce3655021457.tar.gz | |
upgrade to 2.1.0p3.
there are too many changes to mention here.
the biggest change would be the addition of SSH protocol version 2 (uses DSA).
Diffstat (limited to 'security')
| -rw-r--r-- | security/openssh/Makefile | 8 | ||||
| -rw-r--r-- | security/openssh/files/md5 | 4 | ||||
| -rw-r--r-- | security/openssh/files/patch-sum | 15 | ||||
| -rw-r--r-- | security/openssh/patches/patch-aa | 45 | ||||
| -rw-r--r-- | security/openssh/patches/patch-ab | 59 | ||||
| -rw-r--r-- | security/openssh/patches/patch-ad | 13 | ||||
| -rw-r--r-- | security/openssh/patches/patch-af | 14 | ||||
| -rw-r--r-- | security/openssh/patches/patch-ah | 22 | ||||
| -rw-r--r-- | security/openssh/patches/patch-ai | 12 | ||||
| -rw-r--r-- | security/openssh/patches/patch-ak | 12 | ||||
| -rw-r--r-- | security/openssh/pkg/PLIST | 7 |
11 files changed, 69 insertions, 142 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 8cdd45cf700..77234834f1e 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.11 2000/05/28 11:28:51 wiz Exp $ +# $NetBSD: Makefile,v 1.12 2000/05/31 15:32:44 itojun Exp $ # -DISTNAME= openssh-1.2.3 +DISTNAME= openssh-2.1.0p3 CATEGORIES= security MASTER_SITES= http://the.wiretapped.net/security/cryptography/ssh/OpenSSH/files/ \ http://www.firedrake.org/openssh/files/ \ @@ -13,6 +13,7 @@ MAINTAINER= packages@netbsd.org HOMEPAGE= http://www.openssh.com/ BUILD_DEPENDS+= ${LOCALBASE}/bin/perl:../../lang/perl5 +BUILD_DEPENDS+= autoreconf:../../devel/autoconf .if !exists(/usr/include/openssl/rsa.h) DEPENDS+= openssl-[0-9]*:../../security/openssl @@ -44,6 +45,9 @@ CONFIGURE_ARGS+= openssl SSH_CONF_DIR?= /etc CONFIGURE_ARGS= --sysconfdir=${SSH_CONF_DIR} +pre-configure: + cd ${WRKSRC}; autoreconf + post-build: cd ${PKGDIR}; \ for FILE in DEINSTALL MESSAGE PLIST ${FILESDIR}/sshd.sh; do \ diff --git a/security/openssh/files/md5 b/security/openssh/files/md5 index 61e5c9a4b50..01d4240af6d 100644 --- a/security/openssh/files/md5 +++ b/security/openssh/files/md5 @@ -1,3 +1,3 @@ -$NetBSD: md5,v 1.3 2000/03/26 14:36:24 itojun Exp $ +$NetBSD: md5,v 1.4 2000/05/31 15:32:44 itojun Exp $ -MD5 (openssh-1.2.3.tar.gz) = 6aad0cc9ceca55f138ed1ba4cf660349 +MD5 (openssh-2.1.0p3.tar.gz) = cf4bbd40eb0ea722627760abc8ec1b13 diff --git a/security/openssh/files/patch-sum b/security/openssh/files/patch-sum index 156a005e2d4..e57cfc02a22 100644 --- a/security/openssh/files/patch-sum +++ b/security/openssh/files/patch-sum @@ -1,13 +1,12 @@ -$NetBSD: patch-sum,v 1.8 2000/03/27 01:33:06 fredb Exp $ +$NetBSD: patch-sum,v 1.9 2000/05/31 15:32:44 itojun Exp $ -MD5 (patch-aa) = ba9621decf3b55fde17a92409b0649ed -MD5 (patch-ab) = b1be98743ffb76d3e0401dda3a420f25 +MD5 (patch-aa) = 45b54d94970c6b58478641edaea06ee8 MD5 (patch-ac) = 5bdf4a142210aea600f3bf6f3ac14010 -MD5 (patch-ad) = affe7f6d4df103015cb788cac15d2670 +MD5 (patch-ad) = 9307af423624aca41ea0a160c6efe011 MD5 (patch-ae) = 0076ca9d2343f21a304a3eee1a82c3cc -MD5 (patch-af) = c78d9cbf3e896460367e1b835ab25a20 +MD5 (patch-af) = 601161a5721c12fa31ae5dcfc1f88a91 MD5 (patch-ag) = 037888228d97283b54d1232daf3945a2 -MD5 (patch-ah) = a37b5e7e44739dda6ca38c2276276535 -MD5 (patch-ai) = 94cff0f8dd220a401f740738cfd1dd82 +MD5 (patch-ah) = 2699d4a4c560b1896d756d3799e1614b +MD5 (patch-ai) = c2621996e146a82e7deea0363a0e68c9 MD5 (patch-aj) = 54e9f5ecd7c1ca1f32401144c7980908 -MD5 (patch-ak) = 16dcaf7a4cfc072e66cadaabf27e378f +MD5 (patch-ak) = 1bd755c11128b2b8d7ecc894e70b82c7 diff --git a/security/openssh/patches/patch-aa b/security/openssh/patches/patch-aa index 37dcf14abe1..56f3f09ef0e 100644 --- a/security/openssh/patches/patch-aa +++ b/security/openssh/patches/patch-aa @@ -1,41 +1,14 @@ -$NetBSD: patch-aa,v 1.6 2000/03/27 00:01:17 fredb Exp $ +$NetBSD: patch-aa,v 1.7 2000/05/31 15:32:44 itojun Exp $ ---- configure.orig Thu Mar 23 16:28:48 2000 -+++ configure Sun Mar 26 17:32:51 2000 -@@ -2427,9 +2427,11 @@ - - #include <sys/types.h> - #include <sys/socket.h> -+ #include <string.h> - - int main() { - struct sockaddr_storage s; -+memset(&s, 0, sizeof(s)); - ; return 0; } - EOF - if { (eval echo configure:2436: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then -@@ -2455,6 +2457,7 @@ - cat > conftest.$ac_ext <<EOF - #line 2457 "configure" - #include "confdefs.h" +--- configure.in Tue May 30 11:57:47 2000 ++++ configure.in Wed May 31 18:31:52 2000 +@@ -447,3 +447,5 @@ + [ +#include <sys/types.h> #include <netinet/in.h> - int main() { - struct sockaddr_in6 s; s.sin6_family = 0; -@@ -2483,6 +2486,7 @@ - cat > conftest.$ac_ext <<EOF - #line 2485 "configure" - #include "confdefs.h" ++#include <sys/socket.h> + ], +@@ -461,2 +463,3 @@ + [ +#include <sys/types.h> #include <netinet/in.h> - int main() { - struct in6_addr s; s.s6_addr[0] = 0; -@@ -3149,7 +3153,7 @@ - if test "$cross_compiling" = yes; then - { echo "configure: error: Cannot check for file existence when cross compiling" 1>&2; exit 1; } - else -- if test -r "/dev/urandom"; then -+ if test -r "/dev/urandom" && dd if=/dev/urandom of=/dev/null bs=1 count=1; then - eval "ac_cv_file_$ac_safe=yes" - else - eval "ac_cv_file_$ac_safe=no" diff --git a/security/openssh/patches/patch-ab b/security/openssh/patches/patch-ab deleted file mode 100644 index 12af0e999d6..00000000000 --- a/security/openssh/patches/patch-ab +++ /dev/null @@ -1,59 +0,0 @@ -$NetBSD: patch-ab,v 1.1 2000/01/17 05:34:34 christos Exp $ - ---- fake-getaddrinfo.c.orig Sun Jan 16 23:45:39 2000 -+++ fake-getaddrinfo.c Sun Jan 16 23:47:45 2000 -@@ -41,7 +41,7 @@ - do { - next = ai->ai_next; - free(ai); -- } while (ai = next); -+ } while ((ai = next) != NULL); - } - #endif /* !HAVE_FREEADDRINFO */ - -@@ -53,8 +53,8 @@ - { - struct addrinfo *ai; - -- if (ai = (struct addrinfo *)malloc(sizeof(struct addrinfo) + -- sizeof(struct sockaddr_in))) { -+ if ((ai = (struct addrinfo *)malloc(sizeof(struct addrinfo) + -+ sizeof(struct sockaddr_in))) != NULL) { - memset(ai, 0, sizeof(struct addrinfo) + sizeof(struct sockaddr_in)); - ai->ai_addr = (struct sockaddr *)(ai + 1); - /* XXX -- ssh doesn't use sa_len */ -@@ -83,25 +83,27 @@ - else - port = 0; - if (hints && hints->ai_flags & AI_PASSIVE) -- if (*res = malloc_ai(port, htonl(0x00000000))) -+ if ((*res = malloc_ai(port, htonl(0x00000000))) != NULL) - return 0; - else - return EAI_MEMORY; -- if (!hostname) -- if (*res = malloc_ai(port, htonl(0x7f000001))) -+ if (!hostname) { -+ if ((*res = malloc_ai(port, htonl(0x7f000001))) != NULL) - return 0; - else - return EAI_MEMORY; -- if (inet_addr(hostname) != -1) -- if (*res = malloc_ai(port, inet_addr(hostname))) -+ } -+ if (inet_addr(hostname) != -1) { -+ if ((*res = malloc_ai(port, inet_addr(hostname))) != NULL) - return 0; - else - return EAI_MEMORY; -+ } - if ((hp = gethostbyname(hostname)) && - hp->h_name && hp->h_name[0] && hp->h_addr_list[0]) { - for (i = 0; hp->h_addr_list[i]; i++) -- if (cur = malloc_ai(port, -- ((struct in_addr *)hp->h_addr_list[i])->s_addr)) { -+ if ((cur = malloc_ai(port, -+ ((struct in_addr *)hp->h_addr_list[i])->s_addr)) != NULL) { - if (prev) - prev->ai_next = cur; - else diff --git a/security/openssh/patches/patch-ad b/security/openssh/patches/patch-ad index 96a2ebc7d93..9573514ce52 100644 --- a/security/openssh/patches/patch-ad +++ b/security/openssh/patches/patch-ad @@ -1,7 +1,7 @@ -$NetBSD: patch-ad,v 1.1 2000/01/17 05:34:34 christos Exp $ +$NetBSD: patch-ad,v 1.2 2000/05/31 15:32:44 itojun Exp $ ---- fake-getnameinfo.c.orig Sun Jan 16 23:45:45 2000 -+++ fake-getnameinfo.c Sun Jan 16 23:48:01 2000 +--- fake-getnameinfo.c- Wed May 31 18:50:37 2000 ++++ fake-getnameinfo.c Wed May 31 18:51:02 2000 @@ -37,25 +37,27 @@ else strcpy(serv, tmpserv); @@ -17,11 +17,10 @@ $NetBSD: patch-ad,v 1.1 2000/01/17 05:34:34 christos Exp $ return 0; } - else -- if (hp = gethostbyaddr((char *)&sin->sin_addr, sizeof(struct in_addr), -- AF_INET)) + } else { -+ if ((hp = gethostbyaddr((char *)&sin->sin_addr, sizeof(struct in_addr), -+ AF_INET)) != NULL) { + if (NULL != (hp = gethostbyaddr((char *)&sin->sin_addr, +- sizeof(struct in_addr), AF_INET))) ++ sizeof(struct in_addr), AF_INET))) { if (strlen(hp->h_name) > hostlen) return EAI_MEMORY; else { diff --git a/security/openssh/patches/patch-af b/security/openssh/patches/patch-af index 241d0cacc2a..73eac1d33a0 100644 --- a/security/openssh/patches/patch-af +++ b/security/openssh/patches/patch-af @@ -1,11 +1,11 @@ -$NetBSD: patch-af,v 1.3 2000/03/27 00:59:13 fredb Exp $ +$NetBSD: patch-af,v 1.4 2000/05/31 15:32:44 itojun Exp $ ---- ssh-agent.1.orig Sat Jan 22 02:57:40 2000 -+++ ssh-agent.1 Sun Mar 26 18:43:55 2000 -@@ -126,6 +126,7 @@ - authentication agent. These sockets should only be readable by the - owner. The sockets should get automatically removed when the agent - exits. +--- ssh-agent.1- Wed May 31 18:52:51 2000 ++++ ssh-agent.1 Wed May 31 18:52:33 2000 +@@ -133,6 +133,7 @@ + authentication agent. + These sockets should only be readable by the owner. + The sockets should get automatically removed when the agent exits. +.El .Sh AUTHOR Tatu Ylonen <ylo@cs.hut.fi> diff --git a/security/openssh/patches/patch-ah b/security/openssh/patches/patch-ah index 0649063bd76..c15b1b265ae 100644 --- a/security/openssh/patches/patch-ah +++ b/security/openssh/patches/patch-ah @@ -1,7 +1,7 @@ -$NetBSD: patch-ah,v 1.4 2000/03/27 00:59:13 fredb Exp $ +$NetBSD: patch-ah,v 1.5 2000/05/31 15:32:44 itojun Exp $ ---- Makefile.in.orig Thu Mar 16 08:48:26 2000 -+++ Makefile.in Sun Mar 26 23:19:20 2000 +--- Makefile.in.orig Sat May 20 14:33:44 2000 ++++ Makefile.in Wed May 31 18:55:11 2000 @@ -6,6 +6,7 @@ mandir=@mandir@ mansubdir=@mansubdir@ @@ -10,29 +10,37 @@ $NetBSD: patch-ah,v 1.4 2000/03/27 00:59:13 fredb Exp $ piddir=@piddir@ srcdir=@srcdir@ top_srcdir=@top_srcdir@ -@@ -118,19 +119,19 @@ +@@ -131,14 +132,14 @@ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 - if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config -a ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ -- $(INSTALL) -d $(DESTDIR)$(sysconfdir); \ +- ./mkinstalldirs $(DESTDIR)$(sysconfdir); \ - $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ - $(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \ + if [ ! -f $(DESTDIR)$(examplesdir)/ssh_config -a ! -f $(DESTDIR)$(examplesdir)/sshd_config ]; then \ -+ $(INSTALL) -d $(DESTDIR)$(examplesdir); \ ++ ./mkinstalldirs $(DESTDIR)$(examplesdir); \ + $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(examplesdir)/ssh_config; \ + $(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(examplesdir)/sshd_config; \ fi + if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ + $(PERL) fixprogs ssh_prng_cmds $(ENT); \ +- $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \ ++ $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(examplesdir)/ssh_prng_cmds; \ + fi host-key: ssh-keygen - ./ssh-keygen -b 1024 -f $(sysconfdir)/ssh_host_key -N '' +@@ -146,10 +147,10 @@ + ./ssh-keygen -d -f $(sysconfdir)/ssh_host_dsa_key -N "" uninstallall: uninstall - -rm -f $(DESTDIR)$(sysconfdir)/ssh_config - -rm -f $(DESTDIR)$(sysconfdir)/sshd_config +- -rm -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds - -rmdir $(DESTDIR)$(sysconfdir) + -rm -f $(DESTDIR)$(examplesdir)/ssh_config + -rm -f $(DESTDIR)$(examplesdir)/sshd_config ++ -rm -f $(DESTDIR)$(examplesdir)/ssh_prng_cmds + -rmdir $(DESTDIR)$(examplesdir) -rmdir $(DESTDIR)$(bindir) -rmdir $(DESTDIR)$(sbindir) diff --git a/security/openssh/patches/patch-ai b/security/openssh/patches/patch-ai index ebf1fb8192e..ce21a10b93d 100644 --- a/security/openssh/patches/patch-ai +++ b/security/openssh/patches/patch-ai @@ -1,11 +1,11 @@ -$NetBSD: patch-ai,v 1.1 2000/03/27 00:59:13 fredb Exp $ +$NetBSD: patch-ai,v 1.2 2000/05/31 15:32:44 itojun Exp $ ---- ssh-keygen.1.orig Sat Jan 22 02:57:40 2000 -+++ ssh-keygen.1 Sun Mar 26 18:45:41 2000 -@@ -124,6 +124,7 @@ +--- ssh-keygen.1- Wed May 31 18:55:33 2000 ++++ ssh-keygen.1 Wed May 31 18:55:48 2000 +@@ -188,6 +188,7 @@ on all machines - where you wish to log in using RSA authentication. There is no - need to keep the contents of this file secret. + where you wish to log in using DSA authentication. + There is no need to keep the contents of this file secret. +.El .Sh AUTHOR Tatu Ylonen <ylo@cs.hut.fi> diff --git a/security/openssh/patches/patch-ak b/security/openssh/patches/patch-ak index e890751c707..3e6acd0829b 100644 --- a/security/openssh/patches/patch-ak +++ b/security/openssh/patches/patch-ak @@ -1,11 +1,11 @@ -$NetBSD: patch-ak,v 1.1 2000/03/27 01:33:08 fredb Exp $ +$NetBSD: patch-ak,v 1.2 2000/05/31 15:32:44 itojun Exp $ ---- sshd.8.orig Fri Mar 17 06:40:18 2000 -+++ sshd.8 Sun Mar 26 19:29:22 2000 -@@ -765,6 +765,7 @@ +--- sshd.8- Wed May 31 18:56:16 2000 ++++ sshd.8 Wed May 31 18:56:26 2000 +@@ -940,6 +940,7 @@ This can be used to specify - machine-specific login-time initializations globally. This file - should be writable only by root, and should be world-readable. + machine-specific login-time initializations globally. + This file should be writable only by root, and should be world-readable. +.El .Sh AUTHOR OpenSSH diff --git a/security/openssh/pkg/PLIST b/security/openssh/pkg/PLIST index 37b9e1dbc98..3a8a4dc21e7 100644 --- a/security/openssh/pkg/PLIST +++ b/security/openssh/pkg/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.2 2000/01/27 17:12:06 hubertf Exp $ +@comment $NetBSD: PLIST,v 1.3 2000/05/31 15:32:44 itojun Exp $ bin/ssh bin/scp bin/slogin @@ -15,9 +15,12 @@ man/man1/ssh-agent.1 man/man1/ssh-keygen.1 man/man8/sshd.8 share/examples/ssh/ssh_config +@comment share/examples/ssh/ssh_prng_cmds share/examples/ssh/sshd_config @exec if [ ! -d @SSH_CONF_DIR@ ]; then echo "Creating directory @SSH_CONF_DIR@ for ssh config files.." ; mkdir -p @SSH_CONF_DIR@; fi @exec if [ ! -f @SSH_CONF_DIR@/ssh_config ]; then echo "Installing example ssh_config in @SSH_CONF_DIR@.." ; /usr/bin/install -c -o root -g wheel -m 0644 %D/share/examples/ssh/ssh_config @SSH_CONF_DIR@; fi @exec if [ ! -f @SSH_CONF_DIR@/sshd_config ]; then echo "Installing example sshd_config in @SSH_CONF_DIR@.." ; /usr/bin/install -c -o root -g wheel -m 0644 %D/share/examples/ssh/sshd_config @SSH_CONF_DIR@; fi -@exec if [ ! -f @SSH_CONF_DIR@/ssh_host_key ]; then echo "Generating a secret host key in @SSH_CONF_DIR@.." ; %D/bin/ssh-keygen -N "" -f @SSH_CONF_DIR@/ssh_host_key; fi +@comment @exec if [ ! -f @SSH_CONF_DIR@/ssh_prng_cmds ]; then echo "Installing example ssh_prng_cmds in @SSH_CONF_DIR@.." ; /usr/bin/install -c -o root -g wheel -m 0644 %D/share/examples/ssh/ssh_prng_cmds @SSH_CONF_DIR@; fi +@exec if [ ! -f @SSH_CONF_DIR@/ssh_host_key ]; then echo "Generating an RSA secret host key in @SSH_CONF_DIR@.." ; %D/bin/ssh-keygen -N "" -f @SSH_CONF_DIR@/ssh_host_key; fi +@exec if [ ! -f @SSH_CONF_DIR@/ssh_host_dsa_key ]; then echo "Generating a DSA secret host key in @SSH_CONF_DIR@.." ; %D/bin/ssh-keygen -d -N "" -f @SSH_CONF_DIR@/ssh_host_dsa_key; fi @dirrm share/examples/ssh |