summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2006-03-14 20:03:43 +0000
committerdrochner <drochner@pkgsrc.org>2006-03-14 20:03:43 +0000
commit6989a54eea2624de25ad81a539f25001b7640109 (patch)
treef091efed0f2405659d488c6d7ad475bc1bdaac84 /security
parent43f64e0817b3dfef01122e541998af8b2211fc69 (diff)
downloadpkgsrc-6989a54eea2624de25ad81a539f25001b7640109.tar.gz
update to 0.48.1
changes: -a security fix which was already in pkgsrc (0.46nb1) -bugfixes -zlib compression for dbclient -Set "low delay" TOS bit -client keyboard-interactive mode support -logging improvements -Added aes-256 cipher and sha1-96 hmac -allow connections to listening forwarded ports from remote machines
Diffstat (limited to 'security')
-rw-r--r--security/dropbear/Makefile6
-rw-r--r--security/dropbear/distinfo14
-rw-r--r--security/dropbear/patches/patch-ab12
-rw-r--r--security/dropbear/patches/patch-ac35
-rw-r--r--security/dropbear/patches/patch-ad15
-rw-r--r--security/dropbear/patches/patch-ae16
6 files changed, 26 insertions, 72 deletions
diff --git a/security/dropbear/Makefile b/security/dropbear/Makefile
index ec4070bfe9d..ddd0dfd17d0 100644
--- a/security/dropbear/Makefile
+++ b/security/dropbear/Makefile
@@ -1,10 +1,8 @@
-# $NetBSD: Makefile,v 1.17 2006/03/04 21:30:33 jlam Exp $
+# $NetBSD: Makefile,v 1.18 2006/03/14 20:03:43 drochner Exp $
-DISTNAME= dropbear-0.46
-PKGREVISION= 2
+DISTNAME= dropbear-0.48.1
CATEGORIES= security
MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/
-EXTRACT_SUFX= .tar.bz2
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://matt.ucc.asn.au/dropbear/dropbear.html
diff --git a/security/dropbear/distinfo b/security/dropbear/distinfo
index 74760d14dfb..c465933abe5 100644
--- a/security/dropbear/distinfo
+++ b/security/dropbear/distinfo
@@ -1,10 +1,8 @@
-$NetBSD: distinfo,v 1.11 2006/01/19 23:53:54 joerg Exp $
+$NetBSD: distinfo,v 1.12 2006/03/14 20:03:43 drochner Exp $
-SHA1 (dropbear-0.46.tar.bz2) = 2b6d2083ec0294fde55c75e4080c06637cbcf833
-RMD160 (dropbear-0.46.tar.bz2) = f7c61b021705362f55209bc0f383d0bf3336841e
-Size (dropbear-0.46.tar.bz2) = 1413918 bytes
+SHA1 (dropbear-0.48.1.tar.gz) = 4dd349b5e3c1aa1b627c52a27f17f5eb7e85c146
+RMD160 (dropbear-0.48.1.tar.gz) = 055740e5978f91ca34d318e6a6f8052d182e8d7c
+Size (dropbear-0.48.1.tar.gz) = 1473114 bytes
SHA1 (patch-aa) = 3246fce39551e97f0b9ecd3397479ea2f3e22abd
-SHA1 (patch-ab) = 7096feb1f8cc7372410f2e94d7961190a6974fad
-SHA1 (patch-ac) = 5a8bc0ccaba26fcf497de554a5c3a9478203adb1
-SHA1 (patch-ad) = 4dd93da76596411dadb731e85208c07baf707d03
-SHA1 (patch-ae) = 9300c096cd498a1628bef960bdaccda4345c9a3c
+SHA1 (patch-ab) = bca3abf2505852e4a25505e505afcf2cb52aa823
+SHA1 (patch-ac) = 69b1349bb47ad6a6ae02096f1ebde87a1461dd9b
diff --git a/security/dropbear/patches/patch-ab b/security/dropbear/patches/patch-ab
index dd637d304bf..f0dbe4c6a91 100644
--- a/security/dropbear/patches/patch-ab
+++ b/security/dropbear/patches/patch-ab
@@ -1,21 +1,21 @@
-$NetBSD: patch-ab,v 1.3 2005/08/09 17:31:06 drochner Exp $
+$NetBSD: patch-ab,v 1.4 2006/03/14 20:03:43 drochner Exp $
---- options.h.orig 2005-07-08 21:20:58.000000000 +0200
+--- options.h.orig 2006-03-12 05:52:51.000000000 +0100
+++ options.h
-@@ -122,8 +122,11 @@ etc) slower (perhaps by 50%). Recommende
+@@ -127,8 +127,11 @@ etc) slower (perhaps by 50%). Recommende
* but there's an interface via a PAM module - don't bother using it otherwise.
* You can't enable both PASSWORD and PAM. */
+#ifdef DISABLE_PAM
#define ENABLE_SVR_PASSWORD_AUTH
--/*#define ENABLE_SVR_PAM_AUTH*/
+-/* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
+#else
-+#define ENABLE_SVR_PAM_AUTH
++#define ENABLE_SVR_PAM_AUTH /* requires ./configure --enable-pam */
+#endif
#define ENABLE_SVR_PUBKEY_AUTH
#define ENABLE_CLI_PASSWORD_AUTH
-@@ -148,7 +151,7 @@ etc) slower (perhaps by 50%). Recommende
+@@ -154,7 +157,7 @@ etc) slower (perhaps by 50%). Recommende
* however significantly reduce the security of your ssh connections
* if the PRNG state becomes guessable - make sure you know what you are
* doing if you change this. */
diff --git a/security/dropbear/patches/patch-ac b/security/dropbear/patches/patch-ac
index 8a5d734326a..a243a109f24 100644
--- a/security/dropbear/patches/patch-ac
+++ b/security/dropbear/patches/patch-ac
@@ -1,29 +1,18 @@
-$NetBSD: patch-ac,v 1.1 2005/08/09 17:31:06 drochner Exp $
+$NetBSD: patch-ac,v 1.2 2006/03/14 20:03:43 drochner Exp $
---- svr-authpam.c.orig 2005-08-09 19:13:13.000000000 +0200
+--- svr-authpam.c.orig 2006-03-12 05:52:52.000000000 +0100
+++ svr-authpam.c
-@@ -78,7 +78,8 @@ pamConvFunc(int num_msg,
+@@ -124,7 +124,8 @@ pamConvFunc(int num_msg,
+ case PAM_PROMPT_ECHO_ON:
- case PAM_PROMPT_ECHO_OFF:
-
-- if (strcmp(message, "Password:") != 0) {
-+ if ((strcmp(message, "Password:") != 0)
-+ && (strcmp(message, "Password: ") != 0)) {
- TRACE(("PAM_PROMPT_ECHO_OFF: unrecognized prompt"))
- rc = PAM_CONV_ERR;
- break;
-@@ -101,7 +102,9 @@ pamConvFunc(int num_msg,
-
- if ((strcmp(message, "login: " ) != 0)
- && (strcmp(message, "login:" ) != 0)
-- && (strcmp(message, "Please enter username: " ) != 0)) {
-+ && (strcmp(message, "Please enter username: " ) != 0)
-+ && (strcmp(message, "Login:" ) != 0)
-+ && (strcmp(message, "Username:" ) != 0)) {
- TRACE(("PAM_PROMPT_ECHO_ON: unrecognized prompt"))
- rc = PAM_CONV_ERR;
- break;
-@@ -184,7 +187,9 @@ void svr_auth_pam() {
+ if (!((strcmp(compare_message, "login:" ) == 0)
+- || (strcmp(compare_message, "please enter username:") == 0))) {
++ || (strcmp(compare_message, "please enter username:") == 0)
++ || (strcmp(compare_message, "username:" ) == 0))) {
+ /* We don't recognise the prompt as asking for a username,
+ so can't handle it. Add more above as required for
+ different pam modules/implementations */
+@@ -212,7 +213,9 @@ void svr_auth_pam() {
goto cleanup;
}
diff --git a/security/dropbear/patches/patch-ad b/security/dropbear/patches/patch-ad
deleted file mode 100644
index ea9360ec685..00000000000
--- a/security/dropbear/patches/patch-ad
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-ad,v 1.1 2005/12/14 18:00:12 reed Exp $
-
-security patch from http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html
-
---- svr-chansession.c.orig 2005-12-14 09:32:29.056688256 -0800
-+++ svr-chansession.c 2005-12-14 09:33:13.361952832 -0800
-@@ -810,7 +810,7 @@
- /* need to increase size */
- if (i == svr_ses.childpidsize) {
- svr_ses.childpids = (struct ChildPid*)m_realloc(svr_ses.childpids,
-- sizeof(struct ChildPid) * svr_ses.childpidsize+1);
-+ sizeof(struct ChildPid) * (svr_ses.childpidsize+1));
- svr_ses.childpidsize++;
- }
-
diff --git a/security/dropbear/patches/patch-ae b/security/dropbear/patches/patch-ae
deleted file mode 100644
index adf394203e3..00000000000
--- a/security/dropbear/patches/patch-ae
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ae,v 1.1 2006/01/19 23:53:54 joerg Exp $
-
---- svr-tcpfwd.c.orig 2006-01-19 23:47:43.000000000 +0000
-+++ svr-tcpfwd.c
-@@ -80,7 +80,11 @@ void recv_msg_global_request_remotetcp()
- reqname = buf_getstring(ses.payload, &namelen);
- wantreply = buf_getbool(ses.payload);
-
-+#if defined(NAME_MAX)
-+ if (namelen > NAME_MAX) {
-+#else
- if (namelen > MAXNAMLEN) {
-+#endif
- TRACE(("name len is wrong: %d", namelen))
- goto out;
- }