diff options
| author | wiz <wiz@pkgsrc.org> | 2008-03-25 13:44:00 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2008-03-25 13:44:00 +0000 |
| commit | 85df72c6fe48e00dcd6f572b6bec1b677bc93db9 (patch) | |
| tree | 1f16c488748cc4ec4ca19b0358e623488a2c5d75 /security | |
| parent | baf30c0ac80ce754b72e568087f4f3d2c16c4392 (diff) | |
| download | pkgsrc-85df72c6fe48e00dcd6f572b6bec1b677bc93db9.tar.gz | |
Remove openssh+gssapi.
It has security problems for a long time now.
Removal was announced on pkgsrc-users on March 13.
Diffstat (limited to 'security')
| -rw-r--r-- | security/Makefile | 3 | ||||
| -rw-r--r-- | security/openssh+gssapi/DESCR | 8 | ||||
| -rw-r--r-- | security/openssh+gssapi/INSTALL | 36 | ||||
| -rw-r--r-- | security/openssh+gssapi/MESSAGE | 17 | ||||
| -rw-r--r-- | security/openssh+gssapi/MESSAGE.pam | 9 | ||||
| -rw-r--r-- | security/openssh+gssapi/MESSAGE.urandom | 8 | ||||
| -rw-r--r-- | security/openssh+gssapi/Makefile | 160 | ||||
| -rw-r--r-- | security/openssh+gssapi/PLIST | 30 | ||||
| -rw-r--r-- | security/openssh+gssapi/PLIST.pam | 2 | ||||
| -rw-r--r-- | security/openssh+gssapi/PLIST.prng | 3 | ||||
| -rw-r--r-- | security/openssh+gssapi/distinfo | 13 | ||||
| -rw-r--r-- | security/openssh+gssapi/files/sshd.sh | 105 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-aa | 34 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-ab | 34 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-ah | 60 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-ai | 62 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-aj | 26 |
17 files changed, 1 insertions, 609 deletions
diff --git a/security/Makefile b/security/Makefile index 19e8cfe33da..931a041a8fa 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.314 2008/03/16 00:15:11 wiz Exp $ +# $NetBSD: Makefile,v 1.315 2008/03/25 13:44:00 wiz Exp $ # COMMENT= Security tools @@ -134,7 +134,6 @@ SUBDIR+= ocaml-ssl SUBDIR+= opencdk SUBDIR+= openpam SUBDIR+= openssh -SUBDIR+= openssh+gssapi SUBDIR+= openssl SUBDIR+= otpCalc SUBDIR+= p0f diff --git a/security/openssh+gssapi/DESCR b/security/openssh+gssapi/DESCR deleted file mode 100644 index 784da25242d..00000000000 --- a/security/openssh+gssapi/DESCR +++ /dev/null @@ -1,8 +0,0 @@ -OpenSSH is based on the last free version of Tatu Ylonen's SSH with -all patent-encumbered algorithms removed (to external libraries), all -known security bugs fixed, new features reintroduced and many other -clean-ups. More information about SSH itself can be found in the file -README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck, -Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. - -This package adds enhanced support for GSSAPI, provided by sxw.org.uk. diff --git a/security/openssh+gssapi/INSTALL b/security/openssh+gssapi/INSTALL deleted file mode 100644 index e0a3e44fb0e..00000000000 --- a/security/openssh+gssapi/INSTALL +++ /dev/null @@ -1,36 +0,0 @@ -# $NetBSD: INSTALL,v 1.4 2004/06/15 18:44:57 kristerw Exp $ - -DIRS="/etc /etc/ssh ${PKG_PREFIX}/etc ${PKG_PREFIX}/etc/ssh" -FILES="sshd.conf sshd_config" - -case ${STAGE} in -POST-INSTALL) - for dir in $DIRS; do - if [ "@PKG_SYSCONFDIR@" != "$dir" ]; then - for file in $FILES; do - path=$dir/$file - if [ -f $path ]; then - ${CAT} <<EOF -=========================================================================== - - *===* NOTICE *===* - -WARNING: previous configuration file $path found. - -The config files for ${PKGNAME} must be located in: - - @PKG_SYSCONFDIR@ - -You will need to ensure your configuration files and/or keys are -placed in the correct directory before using ${PKGNAME}. - -=========================================================================== -EOF - - exit - fi - done - fi - done - ;; -esac diff --git a/security/openssh+gssapi/MESSAGE b/security/openssh+gssapi/MESSAGE deleted file mode 100644 index a3873a4add6..00000000000 --- a/security/openssh+gssapi/MESSAGE +++ /dev/null @@ -1,17 +0,0 @@ -=========================================================================== -$NetBSD: MESSAGE,v 1.3 2004/06/15 18:44:57 kristerw Exp $ - - *===* NOTICE *===* - -If you have existing config files for OpenSSH located at /etc/ssh.conf -and /etc/sshd.conf, then you will have to copy them: - - /etc/ssh.conf --> ${PKG_SYSCONFDIR}/ssh_config - /etc/sshd.conf --> ${PKG_SYSCONFDIR}/sshd_config - -The `${OPENSSH_USER}' user and `${OPENSSH_GROUP}' group used for -privilege separation have been created if they did not already exist. -For security reasons, UsePrivilegeSeparation has to be yes -(the default value). - -=========================================================================== diff --git a/security/openssh+gssapi/MESSAGE.pam b/security/openssh+gssapi/MESSAGE.pam deleted file mode 100644 index df4c02dee8d..00000000000 --- a/security/openssh+gssapi/MESSAGE.pam +++ /dev/null @@ -1,9 +0,0 @@ -=========================================================================== -$NetBSD: MESSAGE.pam,v 1.3 2004/06/15 18:44:57 kristerw Exp $ - -To authenticate for SSH using PAM, add the contents of the file: - - ${EGDIR}/sshd.pam - -to your PAM configuration file. -=========================================================================== diff --git a/security/openssh+gssapi/MESSAGE.urandom b/security/openssh+gssapi/MESSAGE.urandom deleted file mode 100644 index 5f92af1a28d..00000000000 --- a/security/openssh+gssapi/MESSAGE.urandom +++ /dev/null @@ -1,8 +0,0 @@ -=========================================================================== -$NetBSD: MESSAGE.urandom,v 1.3 2004/06/15 18:44:57 kristerw Exp $ - -You will need a working /dev/urandom. Please make sure you have a kernel -compiled from a config file containing the line: - - pseudo-device rnd -=========================================================================== diff --git a/security/openssh+gssapi/Makefile b/security/openssh+gssapi/Makefile deleted file mode 100644 index 137600dcc99..00000000000 --- a/security/openssh+gssapi/Makefile +++ /dev/null @@ -1,160 +0,0 @@ -# $NetBSD: Makefile,v 1.42 2008/01/18 05:09:39 tnn Exp $ - -# NOTE: This package is modeled on ../openssh, but does not share -# files with it as that package may update faster than the gssapi -# patches do. - -DISTNAME= openssh-3.6.1p2 -PKGNAME= openssh+gssapi-3.6.1.2.20030430 -PKGREVISION= 8 -SVR4_PKGNAME= osshgss -CATEGORIES= security -MASTER_SITES= ftp://ftp.stealth.net/pub/mirrors/ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ - http://public.planetmirror.com.au/pub/OpenBSD/OpenSSH/portable/ \ - ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ - ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ - ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/old/ -PATCH_SITES= http://www.sxw.org.uk/computing/patches/ -PATCHFILES= openssh-3.6.1p2-gssapi-20030430.diff -PATCH_DIST_STRIP= -p1 - -# Don't delete the last entry -- it's there if the pkgsrc version is not -# up-to-date and the mirrors already removed the old distfile. - -MAINTAINER= jwise@NetBSD.org -HOMEPAGE= http://www.openssh.com/ -COMMENT= Open Source Secure shell client and server with enhanced GSSAPI support - -CONFLICTS= sftp-[0-9]* -CONFLICTS+= ssh-[0-9]* ssh6-[0-9]* ssh2-[0-9]* -CONFLICTS+= openssh-[0-9]* -CONFLICTS+= lsh>2.0 - -CRYPTO= yes -KERBEROS= yes - -# retain the following line, for IPv6-ready pkgsrc webpage -BUILD_DEFS+= IPV6_READY -#BUILD_DEFS+= KERBEROS - -.include "../../mk/bsd.prefs.mk" - -INSTALL_TARGET= install-nokeys -PLIST_SRC= # empty -MESSAGE_SRC= ${.CURDIR}/MESSAGE - -PKG_GROUPS_VARS+= OPENSSH_GROUP -PKG_USERS_VARS+= OPENSSH_USER - -PKG_GROUPS= ${OPENSSH_GROUP} -PKG_USERS= ${OPENSSH_USER}:${OPENSSH_GROUP} - -PKG_GECOS.${OPENSSH_USER}= sshd privsep pseudo-user -PKG_HOME.${OPENSSH_USER}= ${OPENSSH_CHROOT} - -SSH_PID_DIR= /var/run # default directory for PID files - -PKG_SYSCONFSUBDIR= ssh - -USE_TOOLS+= autoconf perl -GNU_CONFIGURE= yes -CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} -CONFIGURE_ARGS+= --with-pid-dir=${SSH_PID_DIR:Q} -CONFIGURE_ARGS+= --with-ssl-dir=${SSLBASE:Q} -CONFIGURE_ARGS+= --with-tcp-wrappers=${BUILDLINK_PREFIX.tcp_wrappers} -CONFIGURE_ARGS+= --with-privsep-path=${OPENSSH_CHROOT:Q} -CONFIGURE_ARGS+= --with-privsep-user=${OPENSSH_USER:Q} -CONFIGURE_ARGS+= --with-kerberos5=/usr - -CPPFLAGS+= -I/usr/include/krb5 - -# XXX: PAM authentication causes memory faults, and I haven't tracked down -# XXX: why yet. For the moment, disable PAM authentication. -# -#PKG_OPTIONS_VAR= PKG_OPTIONS.openssh+gssapi -#PKG_SUPPORTED_OPTIONS= pam -#.include "../../mk/bsd.options.mk" -# -#.if !empty(PKG_OPTIONS:Mpam) -#. include "../../mk/pam.buildlink3.mk" -#CONFIGURE_ARGS+= --with-pam -#PLIST_SRC+= ${.CURDIR}/PLIST.pam -#MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam -#.endif - -.if (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS") -. include "../../security/skey/buildlink3.mk" -CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey} -.elif ${OPSYS} == "NetBSD" -# XXX: NetBSD has 4 args (4: sslen) to skeychallenge instead of 3 -#CONFIGURE_ARGS+= --with-skey=/usr -CONFIGURE_ARGS+= --without-skey -.else -CONFIGURE_ARGS+= --without-skey -.endif - -.if defined(KERBEROS) -.include "../../security/kth-krb4/buildlink3.mk" -PKG_USE_KERBEROS= yes -CONFIGURE_ARGS+= --with-kerberos4=${BUILDLINK_PREFIX.kth-krb4} -CPPFLAGS+= -I${BUILDLINK_PREFIX.kth-krb4}/include/kerberosIV -LDFLAGS+= -L${BUILDLINK_PREFIX.kth-krb4}/lib -LDFLAGS+= -Wl,-R${BUILDLINK_PREFIX.kth-krb4}/lib -LDFLAGS+= -lkrb -lcom_err -lroken -ldes -lcrypto -.endif - -CONFIGURE_ENV+= LD=${CC:Q} - -# The ssh-askpass program is in ${X11BASE}/bin or ${X11PREFIX}/bin depending -# on if it's part of the X11 distribution, or if it's installed from pkgsrc -# (security/ssh-askpass). -# -.if exists(${X11BASE}/bin/ssh-askpass) -ASKPASS_PROGRAM= ${X11BASE}/bin/ssh-askpass -.else -ASKPASS_PROGRAM= ${X11PREFIX}/bin/ssh-askpass -.endif -CONFIGURE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q} -MAKE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q} - -CONFS= ssh_config sshd_config moduli - -.if exists(/dev/urandom) -MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom -.else -CONFIGURE_ARGS+= --without-random -CONFS+= ssh_prng_cmds -PLIST_SRC+= ${.CURDIR}/PLIST.prng -.endif - -EGDIR= ${PREFIX}/share/examples/openssh -CONF_FILES= # empty -.for FILE in ${CONFS} -CONF_FILES+= ${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE} -.endfor -OWN_DIRS= ${OPENSSH_CHROOT} -RCD_SCRIPTS= sshd - -PLIST_SRC+= ${.CURDIR}/PLIST -FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q} -MESSAGE_SUBST+= EGDIR=${EGDIR} -MESSAGE_SUBST+= OPENSSH_USER=${OPENSSH_USER} -MESSAGE_SUBST+= OPENSSH_GROUP=${OPENSSH_GROUP} - -pre-configure: - cd ${WRKSRC} && autoreconf - -post-install: - ${INSTALL_DATA_DIR} ${EGDIR} - cd ${WRKSRC}; for file in ${CONFS}; do \ - ${INSTALL_DATA} $${file}.out ${EGDIR}/$${file}; \ - done -#.if !empty(PKT_OPTIONS:Mpam) -# ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.freebsd ${EGDIR}/sshd.pam -#.endif - -.include "../../devel/zlib/buildlink3.mk" -.include "../../security/openssl/buildlink3.mk" -.include "../../security/tcp_wrappers/buildlink3.mk" - -.include "../../mk/bsd.pkg.mk" diff --git a/security/openssh+gssapi/PLIST b/security/openssh+gssapi/PLIST deleted file mode 100644 index 9e2967a7157..00000000000 --- a/security/openssh+gssapi/PLIST +++ /dev/null @@ -1,30 +0,0 @@ -@comment $NetBSD: PLIST,v 1.6 2005/10/07 17:43:30 reed Exp $ -bin/scp -bin/sftp -bin/slogin -bin/ssh -bin/ssh-add -bin/ssh-agent -bin/ssh-keygen -bin/ssh-keyscan -libexec/sftp-server -libexec/ssh-keysign -man/man1/scp.1 -man/man1/sftp.1 -man/man1/slogin.1 -man/man1/ssh-add.1 -man/man1/ssh-agent.1 -man/man1/ssh-keygen.1 -man/man1/ssh-keyscan.1 -man/man1/ssh.1 -man/man5/ssh_config.5 -man/man5/sshd_config.5 -man/man8/sftp-server.8 -man/man8/ssh-keysign.8 -man/man8/sshd.8 -sbin/sshd -share/examples/openssh/moduli -share/examples/openssh/ssh_config -share/examples/openssh/sshd_config -share/examples/rc.d/sshd -@dirrm share/examples/openssh diff --git a/security/openssh+gssapi/PLIST.pam b/security/openssh+gssapi/PLIST.pam deleted file mode 100644 index 1a5bc7cc5ba..00000000000 --- a/security/openssh+gssapi/PLIST.pam +++ /dev/null @@ -1,2 +0,0 @@ -@comment $NetBSD: PLIST.pam,v 1.3 2004/06/15 18:44:57 kristerw Exp $ -share/examples/openssh/sshd.pam diff --git a/security/openssh+gssapi/PLIST.prng b/security/openssh+gssapi/PLIST.prng deleted file mode 100644 index e0f33eb6481..00000000000 --- a/security/openssh+gssapi/PLIST.prng +++ /dev/null @@ -1,3 +0,0 @@ -@comment $NetBSD: PLIST.prng,v 1.3 2004/06/15 18:44:57 kristerw Exp $ -libexec/ssh-rand-helper -share/examples/openssh/ssh_prng_cmds diff --git a/security/openssh+gssapi/distinfo b/security/openssh+gssapi/distinfo deleted file mode 100644 index f022bd45752..00000000000 --- a/security/openssh+gssapi/distinfo +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: distinfo,v 1.7 2006/02/20 23:03:00 wiz Exp $ - -SHA1 (openssh-3.6.1p2.tar.gz) = dafe5b6ee2c8ced12c2ee8961530b4e51c2f0bcf -RMD160 (openssh-3.6.1p2.tar.gz) = 6e1dd6edf2313b74a886f5af4c4a5be96f0d35bb -Size (openssh-3.6.1p2.tar.gz) = 879629 bytes -SHA1 (openssh-3.6.1p2-gssapi-20030430.diff) = a938638ad7d861e4f55ef5f8410acfdaac8a9e57 -RMD160 (openssh-3.6.1p2-gssapi-20030430.diff) = ce5bf79f8d48fac9ee51840b645c8680476067b7 -Size (openssh-3.6.1p2-gssapi-20030430.diff) = 121077 bytes -SHA1 (patch-aa) = 20abe6938aba07ab7b6c7eab5d24a303f0cd2298 -SHA1 (patch-ab) = 1069fe256b7925fcf404781ef14e5c492f52c21e -SHA1 (patch-ah) = 547a8c5371f1b034a61eea18cdb7fcd35e424848 -SHA1 (patch-ai) = a564c1c9df9704fa8ed20bd31a5eb36450c72f2b -SHA1 (patch-aj) = a83eed6c0a5703a2953682b4627be38a87bfb65f diff --git a/security/openssh+gssapi/files/sshd.sh b/security/openssh+gssapi/files/sshd.sh deleted file mode 100644 index 64490d99407..00000000000 --- a/security/openssh+gssapi/files/sshd.sh +++ /dev/null @@ -1,105 +0,0 @@ -#!@RCD_SCRIPTS_SHELL@ -# -# $NetBSD: sshd.sh,v 1.3 2004/06/15 18:44:57 kristerw Exp $ -# -# PROVIDE: sshd -# REQUIRE: DAEMON LOGIN - -if [ -f /etc/rc.subr ] -then - . /etc/rc.subr -fi - -name="sshd" -rcvar=$name -command="@PREFIX@/sbin/${name}" -keygen_command="@PREFIX@/bin/ssh-keygen" -pidfile="@SSH_PID_DIR@/${name}.pid" -required_files="@PKG_SYSCONFDIR@/sshd_config" -extra_commands="keygen reload" - -sshd_keygen() -{ - ( - umask 022 - if [ -f @PKG_SYSCONFDIR@/ssh_host_key ]; then - @ECHO@ "You already have an RSA host key in @PKG_SYSCONFDIR@/ssh_host_key" - @ECHO@ "Skipping protocol version 1 RSA Key Generation" - else - ${keygen_command} -t rsa1 -b 1024 -f @PKG_SYSCONFDIR@/ssh_host_key -N '' - fi - - if [ -f @PKG_SYSCONFDIR@/ssh_host_dsa_key ]; then - @ECHO@ "You already have a DSA host key in @PKG_SYSCONFDIR@/ssh_host_dsa_key" - @ECHO@ "Skipping protocol version 2 DSA Key Generation" - else - ${keygen_command} -t dsa -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -N '' - fi - - if [ -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then - @ECHO@ "You already have a RSA host key in @PKG_SYSCONFDIR@/ssh_host_rsa_key" - @ECHO@ "Skipping protocol version 2 RSA Key Generation" - else - ${keygen_command} -t rsa -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -N '' - fi - ) -} - -sshd_precmd() -{ - if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \ - ! -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -o \ - ! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then - if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ] - then - run_rc_command keygen - else - eval ${keygen_cmd} - fi - fi -} - -keygen_cmd=sshd_keygen -start_precmd=sshd_precmd - -if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ] -then - load_rc_config $name - run_rc_command "$1" -else - case ${1:-start} in - start) - if [ -x ${command} -a -f ${required_files} ] - then - @ECHO@ "Starting ${name}." - eval ${start_precmd} - eval ${command} ${sshd_flags} ${command_args} - fi - ;; - stop) - if [ -f ${pidfile} ]; then - pid=`@HEAD@ -1 ${pidfile}` - @ECHO@ "Stopping ${name}." - kill -TERM ${pid} - else - @ECHO@ "${name} not running?" - fi - ;; - restart) - ( $0 stop ) - sleep 1 - $0 start - ;; - status) - if [ -f ${pidfile} ]; then - pid=`@HEAD@ -1 ${pidfile}` - @ECHO@ "${name} is running as pid ${pid}." - else - @ECHO@ "${name} is not running." - fi - ;; - keygen) - eval ${keygen_cmd} - ;; - esac -fi diff --git a/security/openssh+gssapi/patches/patch-aa b/security/openssh+gssapi/patches/patch-aa deleted file mode 100644 index 08ea9913140..00000000000 --- a/security/openssh+gssapi/patches/patch-aa +++ /dev/null @@ -1,34 +0,0 @@ -$NetBSD: patch-aa,v 1.3 2004/06/15 18:44:57 kristerw Exp $ - ---- configure.orig Tue Apr 29 02:37:28 2003 -+++ configure Tue Jun 10 13:38:01 2003 -@@ -4939,6 +4939,9 @@ - ;; - esac - -+# pkgsrc handles any rpath settings this package needs -+need_dash_r= -+ - # Allow user to specify flags - - # Check whether --with-cflags or --without-cflags was given. -@@ -7030,6 +7033,10 @@ - cat >>conftest.$ac_ext <<_ACEOF - /* end confdefs.h. */ - -+#ifdef HAVE_SYS_CDEFS_H -+#include <sys/cdefs.h> -+#endif -+#include <stdio.h> - #include <tcpd.h> - int deny_severity = 0, allow_severity = 0; - -@@ -19123,7 +19130,7 @@ - echo " User binaries: $B" - echo " System binaries: $C" - echo " Configuration files: $D" --echo " Askpass program: $E" -+echo " Askpass program: ${ASKPASS_PROGRAM}" - echo " Manual pages: $F" - echo " PID file: $G" - echo " Privilege separation chroot path: $H" diff --git a/security/openssh+gssapi/patches/patch-ab b/security/openssh+gssapi/patches/patch-ab deleted file mode 100644 index f14b7d72251..00000000000 --- a/security/openssh+gssapi/patches/patch-ab +++ /dev/null @@ -1,34 +0,0 @@ -$NetBSD: patch-ab,v 1.3 2004/06/15 18:44:57 kristerw Exp $ - ---- configure.ac.orig Thu Sep 26 00:38:47 2002 -+++ configure.ac -@@ -341,6 +341,9 @@ mips-sony-bsd|mips-sony-newsos4) - ;; - esac - -+# pkgsrc handles any rpath settings this package needs -+need_dash_r= -+ - # Allow user to specify flags - AC_ARG_WITH(cflags, - [ --with-cflags Specify additional flags to pass to compiler], -@@ -575,6 +578,10 @@ AC_ARG_WITH(tcp-wrappers, - AC_MSG_CHECKING(for libwrap) - AC_TRY_LINK( - [ -+#ifdef HAVE_SYS_CDEFS_H -+#include <sys/cdefs.h> -+#endif -+#include <stdio.h> - #include <tcpd.h> - int deny_severity = 0, allow_severity = 0; - ], -@@ -2449,7 +2456,7 @@ echo "OpenSSH has been configured with t - echo " User binaries: $B" - echo " System binaries: $C" - echo " Configuration files: $D" --echo " Askpass program: $E" -+echo " Askpass program: ${ASKPASS_PROGRAM}" - echo " Manual pages: $F" - echo " PID file: $G" - echo " Privilege separation chroot path: $H" diff --git a/security/openssh+gssapi/patches/patch-ah b/security/openssh+gssapi/patches/patch-ah deleted file mode 100644 index 944395f2858..00000000000 --- a/security/openssh+gssapi/patches/patch-ah +++ /dev/null @@ -1,60 +0,0 @@ -$NetBSD: patch-ah,v 1.4 2006/02/20 23:03:00 wiz Exp $ - ---- Makefile.in.orig 2006-02-20 12:02:30.000000000 +0000 -+++ Makefile.in -@@ -21,7 +21,7 @@ top_srcdir=@top_srcdir@ - DESTDIR= - VPATH=@srcdir@ - SSH_PROGRAM=@bindir@/ssh --ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass -+#ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass - SFTP_SERVER=$(libexecdir)/sftp-server - SSH_KEYSIGN=$(libexecdir)/ssh-keysign - RAND_HELPER=$(libexecdir)/ssh-rand-helper -@@ -225,7 +225,7 @@ check-config: - scard-install: - (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) - --install-files: scard-install -+install-files: - $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) -@@ -267,37 +267,6 @@ install-files: scard-install - ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin - -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 - ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 -- if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ -- $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ -- fi -- @if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \ -- $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ -- else \ -- echo "$(DESTDIR)$(sysconfdir)/ssh_config already exists, install will not overwrite"; \ -- fi -- @if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ -- $(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \ -- else \ -- echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \ -- fi -- @if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ -- $(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \ -- if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \ -- $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \ -- else \ -- echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \ -- fi ; \ -- fi -- @if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \ -- if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \ -- echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \ -- mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \ -- else \ -- $(INSTALL) -m 644 moduli.out $(DESTDIR)$(sysconfdir)/moduli; \ -- fi ; \ -- else \ -- echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \ -- fi - - host-key: ssh-keygen$(EXEEXT) - @if [ -z "$(DESTDIR)" ] ; then \ diff --git a/security/openssh+gssapi/patches/patch-ai b/security/openssh+gssapi/patches/patch-ai deleted file mode 100644 index 34f38120460..00000000000 --- a/security/openssh+gssapi/patches/patch-ai +++ /dev/null @@ -1,62 +0,0 @@ -$NetBSD: patch-ai,v 1.4 2004/06/15 18:44:57 kristerw Exp $ -Index: buffer.c -=================================================================== -RCS file: /cvs/src/usr.bin/ssh/buffer.c,v -retrieving revision 1.16 -retrieving revision 1.18 -diff -u -r1.16 -r1.18 ---- buffer.c 26 Jun 2002 08:54:18 -0000 1.16 -+++ buffer.c 16 Sep 2003 21:02:39 -0000 1.18 -@@ -23,8 +23,11 @@ - void - buffer_init(Buffer *buffer) - { -- buffer->alloc = 4096; -- buffer->buf = xmalloc(buffer->alloc); -+ const u_int len = 4096; -+ -+ buffer->alloc = 0; -+ buffer->buf = xmalloc(len); -+ buffer->alloc = len; - buffer->offset = 0; - buffer->end = 0; - } -@@ -34,8 +37,10 @@ - void - buffer_free(Buffer *buffer) - { -- memset(buffer->buf, 0, buffer->alloc); -- xfree(buffer->buf); -+ if (buffer->alloc > 0) { -+ memset(buffer->buf, 0, buffer->alloc); -+ xfree(buffer->buf); -+ } - } - - /* -@@ -69,6 +74,7 @@ - void * - buffer_append_space(Buffer *buffer, u_int len) - { -+ u_int newlen; - void *p; - - if (len > 0x100000) -@@ -98,11 +104,13 @@ - goto restart; - } - /* Increase the size of the buffer and retry. */ -- buffer->alloc += len + 32768; -- if (buffer->alloc > 0xa00000) -+ -+ newlen = buffer->alloc + len + 32768; -+ if (newlen > 0xa00000) - fatal("buffer_append_space: alloc %u not supported", -- buffer->alloc); -- buffer->buf = xrealloc(buffer->buf, buffer->alloc); -+ newlen); -+ buffer->buf = xrealloc(buffer->buf, newlen); -+ buffer->alloc = newlen; - goto restart; - /* NOTREACHED */ - } diff --git a/security/openssh+gssapi/patches/patch-aj b/security/openssh+gssapi/patches/patch-aj deleted file mode 100644 index 2df3b480871..00000000000 --- a/security/openssh+gssapi/patches/patch-aj +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-aj,v 1.3 2004/06/15 18:44:57 kristerw Exp $ -Index: channels.c -=================================================================== -RCS file: /cvs/src/usr.bin/ssh/channels.c,v -retrieving revision 1.194 -retrieving revision 1.195 -diff -u -r1.194 -r1.195 ---- channels.c 29 Aug 2003 10:04:36 -0000 1.194 -+++ channels.c 16 Sep 2003 21:02:40 -0000 1.195 -@@ -228,12 +228,13 @@ - if (found == -1) { - /* There are no free slots. Take last+1 slot and expand the array. */ - found = channels_alloc; -- channels_alloc += 10; - if (channels_alloc > 10000) - fatal("channel_new: internal error: channels_alloc %d " - "too big.", channels_alloc); -+ channels = xrealloc(channels, -+ (channels_alloc + 10) * sizeof(Channel *)); -+ channels_alloc += 10; - debug2("channel: expanding %d", channels_alloc); -- channels = xrealloc(channels, channels_alloc * sizeof(Channel *)); - for (i = found; i < channels_alloc; i++) - channels[i] = NULL; - } - |