diff options
-rw-r--r-- | security/openssh/Makefile | 8 | ||||
-rw-r--r-- | security/openssh/distinfo | 46 | ||||
-rw-r--r-- | security/openssh/options.mk | 4 | ||||
-rw-r--r-- | security/openssh/patches/patch-aa | 18 | ||||
-rw-r--r-- | security/openssh/patches/patch-ab | 16 | ||||
-rw-r--r-- | security/openssh/patches/patch-ad | 16 | ||||
-rw-r--r-- | security/openssh/patches/patch-ag | 8 | ||||
-rw-r--r-- | security/openssh/patches/patch-ah | 10 | ||||
-rw-r--r-- | security/openssh/patches/patch-aj | 10 | ||||
-rw-r--r-- | security/openssh/patches/patch-ak | 10 | ||||
-rw-r--r-- | security/openssh/patches/patch-al | 8 | ||||
-rw-r--r-- | security/openssh/patches/patch-am | 6 | ||||
-rw-r--r-- | security/openssh/patches/patch-an | 10 | ||||
-rw-r--r-- | security/openssh/patches/patch-ao | 16 | ||||
-rw-r--r-- | security/openssh/patches/patch-ap | 6 | ||||
-rw-r--r-- | security/openssh/patches/patch-aq | 10 | ||||
-rw-r--r-- | security/openssh/patches/patch-ar | 6 | ||||
-rw-r--r-- | security/openssh/patches/patch-av | 18 | ||||
-rw-r--r-- | security/openssh/patches/patch-aw | 6 |
19 files changed, 116 insertions, 116 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index f496b58b631..986c4ac3c34 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.191 2009/05/01 14:27:34 zafer Exp $ +# $NetBSD: Makefile,v 1.192 2009/05/21 03:22:29 taca Exp $ -DISTNAME= openssh-5.1p1 -PKGNAME= openssh-5.1.1 +DISTNAME= openssh-5.2p1 +PKGNAME= openssh-5.2.1 SVR4_PKGNAME= ossh CATEGORIES= security MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ @@ -14,7 +14,7 @@ MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ ftp://mirror.pacific.net.au/OpenBSD/OpenSSH/portable/ # Don't delete the last entry -- it's there if the pkgsrc version is not # up-to-date and the mirrors already removed the old distfile. -DIST_SUBDIR= ${PKGBASE}-5.1.1-20080916 +DIST_SUBDIR= ${PKGBASE}-5.2.1-20090521 MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://www.openssh.com/ diff --git a/security/openssh/distinfo b/security/openssh/distinfo index 6f39c5826d3..72ed3233e3e 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,29 +1,29 @@ -$NetBSD: distinfo,v 1.71 2008/09/16 12:53:08 taca Exp $ +$NetBSD: distinfo,v 1.72 2009/05/21 03:22:29 taca Exp $ -SHA1 (openssh-5.1.1-20080916/openssh-5.1p1-hpn13v5.diff.gz) = c2911f04f8d46a28afa9f9cbb7ec226cb2c893d1 -RMD160 (openssh-5.1.1-20080916/openssh-5.1p1-hpn13v5.diff.gz) = 6466cd0825e80366adc1978069e3c61255e0bde7 -Size (openssh-5.1.1-20080916/openssh-5.1p1-hpn13v5.diff.gz) = 23017 bytes -SHA1 (openssh-5.1.1-20080916/openssh-5.1p1.tar.gz) = 877ea5b283060fe0160e376ea645e8e168047ff5 -RMD160 (openssh-5.1.1-20080916/openssh-5.1p1.tar.gz) = 24293ad89633cfd4791f08eb3442becb7e5788ca -Size (openssh-5.1.1-20080916/openssh-5.1p1.tar.gz) = 1040041 bytes -SHA1 (patch-aa) = 8b7a16e9a63cfff3b73d70b9cebb6627b96396e0 -SHA1 (patch-ab) = a105c238c8dc774ed6992791b131da56824869e9 +SHA1 (openssh-5.2.1-20090521/openssh-5.2p1-hpn13v6.diff.gz) = 9683d5feb3f7e302ef836901af5366df6c425815 +RMD160 (openssh-5.2.1-20090521/openssh-5.2p1-hpn13v6.diff.gz) = d647d3b0547e4d698c616f5ed6643b3ddbcced95 +Size (openssh-5.2.1-20090521/openssh-5.2p1-hpn13v6.diff.gz) = 33540 bytes +SHA1 (openssh-5.2.1-20090521/openssh-5.2p1.tar.gz) = 8273a0237db98179fbdc412207ff8eb14ff3d6de +RMD160 (openssh-5.2.1-20090521/openssh-5.2p1.tar.gz) = 7c53f342034b16e9faa9f5a09ef46390420722eb +Size (openssh-5.2.1-20090521/openssh-5.2p1.tar.gz) = 1016612 bytes +SHA1 (patch-aa) = 38546f8fd8bf6021d43cdf076ab723ad39a5f78e +SHA1 (patch-ab) = 00e7e50a35e8b3bcfa53b239b520a12498c8dca0 SHA1 (patch-ac) = ba97b23c6527311256b335c58175da9e9a3616e4 -SHA1 (patch-ad) = 7921e029b56c0e4769a7ada03dff3eb2e275db7d +SHA1 (patch-ad) = 254e11c5f56a72bf0b30bb8860e45156b3a0adf2 SHA1 (patch-ae) = 9585221f9e49b4ebea31c374066d70e11aa804a1 SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6 -SHA1 (patch-ag) = eeaa6e09f743405af074009ffe80678a5179ed08 -SHA1 (patch-ah) = bc0d7c2903ecf264e62b53f3864812af5f2f04ce +SHA1 (patch-ag) = b5cb0400d3cda9cb6d60dc729e54b1ffc34ec9e2 +SHA1 (patch-ah) = fa5175734678e95d05dcdcebadeb79df3ecef760 SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403 -SHA1 (patch-aj) = 4f477f40d1d891dcda9083cec5521e80410ebd54 -SHA1 (patch-ak) = 3720afb4e95356d5310762cda881820d524dcffc -SHA1 (patch-al) = d312a068047a375e52180026554bab745efdcdb7 -SHA1 (patch-am) = 4e2278b20e87e530e1819efde976d4414e160e38 -SHA1 (patch-an) = 2f955b8891bedd79986490d282eb09acd4910250 -SHA1 (patch-ao) = a7c5a1832cb2a4584c77577fb125f84a1e9a9deb -SHA1 (patch-ap) = 3029b847ce83305e8103276e27c75e0338e1fc08 -SHA1 (patch-aq) = a619b57361b04d5ab3d41375c18f7b99d71c8b34 -SHA1 (patch-ar) = fce4dc1011a124f02b8e14980cda1d633b36aa7d +SHA1 (patch-aj) = 5c89b4a7da59f05c50c16083aa6dd6e465cd0305 +SHA1 (patch-ak) = 550eae0b47dc220dac2439f57b39b7e4319057c5 +SHA1 (patch-al) = a3906a9b6a9a15b948b8bab3a85454f2515400bd +SHA1 (patch-am) = 4893a8a059d611d35c1fb9ff03b598c590e0355e +SHA1 (patch-an) = 5b41d9493028dd4dce4a73ea78e43f3a073108e5 +SHA1 (patch-ao) = 6b64be9b230ddb634b9b5fdab22c4944ae605153 +SHA1 (patch-ap) = 041059e25d2331aace0eaa5a6c3032afb3d565b4 +SHA1 (patch-aq) = 1a7d8a4c5e70a0c6211247ba583534ed8ce317d0 +SHA1 (patch-ar) = a1099e0175a2b14f3b19db04261891179b1e3299 SHA1 (patch-au) = 6cfdfc531e2267017a15e66ea48c7ecfa2a3926f -SHA1 (patch-av) = 00f54c3fae7318b278b16bd0b01881a90bd31365 -SHA1 (patch-aw) = 2a88b7563c6f52163c6c5f716e437ecaea613a30 +SHA1 (patch-av) = 06126d8f83398aa9df8a56792ad55bc769dd2550 +SHA1 (patch-aw) = 532f2aebcb93cae5e0dd26a5faa1593a7d3a3c51 diff --git a/security/openssh/options.mk b/security/openssh/options.mk index 25b1ea42821..f5b05a73da8 100644 --- a/security/openssh/options.mk +++ b/security/openssh/options.mk @@ -1,4 +1,4 @@ -# $NetBSD: options.mk,v 1.16 2008/09/16 12:53:08 taca Exp $ +# $NetBSD: options.mk,v 1.17 2009/05/21 03:22:29 taca Exp $ .include "../../mk/bsd.prefs.mk" @@ -17,7 +17,7 @@ CONFIGURE_ARGS+= --with-kerberos5=${KRB5BASE:Q} .endif .if !empty(PKG_OPTIONS:Mhpn-patch) -PATCHFILES= openssh-5.1p1-hpn13v5.diff.gz +PATCHFILES= openssh-5.2p1-hpn13v6.diff.gz PATCH_SITES= http://www.psc.edu/networking/projects/hpn-ssh/ PATCH_DIST_STRIP= -p1 .endif diff --git a/security/openssh/patches/patch-aa b/security/openssh/patches/patch-aa index 20e523159f8..2efc262c042 100644 --- a/security/openssh/patches/patch-aa +++ b/security/openssh/patches/patch-aa @@ -1,8 +1,8 @@ -$NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ +$NetBSD: patch-aa,v 1.44 2009/05/21 03:22:29 taca Exp $ ---- configure.orig 2006-11-07 22:07:18.000000000 +0900 +--- configure.orig 2009-02-23 09:18:14.000000000 +0900 +++ configure -@@ -5835,6 +5835,9 @@ if test "${with_rpath+set}" = set; then +@@ -5666,6 +5666,9 @@ if test "${with_rpath+set}" = set; then fi @@ -12,7 +12,7 @@ $NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ # Allow user to specify flags # Check whether --with-cflags was given. -@@ -5976,6 +5979,7 @@ for ac_header in \ +@@ -5812,6 +5815,7 @@ for ac_header in \ maillock.h \ ndir.h \ net/if_tun.h \ @@ -20,7 +20,7 @@ $NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ netdb.h \ netgroup.h \ pam/pam_appl.h \ -@@ -7919,6 +7923,36 @@ _ACEOF +@@ -7521,6 +7525,36 @@ _ACEOF ;; esac ;; @@ -57,7 +57,7 @@ $NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ *-*-irix5*) PATH="$PATH:/usr/etc" -@@ -8524,7 +8558,7 @@ cat >>confdefs.h <<\_ACEOF +@@ -8082,7 +8116,7 @@ cat >>confdefs.h <<\_ACEOF _ACEOF ;; @@ -66,7 +66,7 @@ $NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ check_for_libcrypt_later=1 cat >>confdefs.h <<\_ACEOF -@@ -32058,14 +32092,21 @@ fi +@@ -29187,14 +29221,21 @@ fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test -z "$conf_utmpx_location"; then if test x"$system_utmpx_path" = x"no" ; then @@ -92,7 +92,7 @@ $NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ #define CONF_UTMPX_FILE "$conf_utmpx_location" _ACEOF -@@ -32146,14 +32187,20 @@ fi +@@ -29258,14 +29299,20 @@ fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test -z "$conf_wtmpx_location"; then if test x"$system_wtmpx_path" = x"no" ; then @@ -118,7 +118,7 @@ $NetBSD: patch-aa,v 1.43 2006/11/08 01:49:22 taca Exp $ #define CONF_WTMPX_FILE "$conf_wtmpx_location" _ACEOF -@@ -33386,7 +33433,7 @@ echo "OpenSSH has been configured with t +@@ -30518,7 +30565,7 @@ echo "OpenSSH has been configured with t echo " User binaries: $B" echo " System binaries: $C" echo " Configuration files: $D" diff --git a/security/openssh/patches/patch-ab b/security/openssh/patches/patch-ab index 102af7061a3..45f6cd22c7d 100644 --- a/security/openssh/patches/patch-ab +++ b/security/openssh/patches/patch-ab @@ -1,8 +1,8 @@ -$NetBSD: patch-ab,v 1.25 2006/11/08 01:49:22 taca Exp $ +$NetBSD: patch-ab,v 1.26 2009/05/21 03:22:29 taca Exp $ ---- configure.ac.orig 2006-10-07 08:07:21.000000000 +0900 +--- configure.ac.orig 2009-02-16 13:37:03.000000000 +0900 +++ configure.ac -@@ -127,6 +127,9 @@ AC_ARG_WITH(rpath, +@@ -191,6 +191,9 @@ AC_ARG_WITH(rpath, ] ) @@ -12,7 +12,7 @@ $NetBSD: patch-ab,v 1.25 2006/11/08 01:49:22 taca Exp $ # Allow user to specify flags AC_ARG_WITH(cflags, [ --with-cflags Specify additional flags to pass to compiler], -@@ -194,6 +197,7 @@ AC_CHECK_HEADERS( \ +@@ -258,6 +261,7 @@ AC_CHECK_HEADERS( \ maillock.h \ ndir.h \ net/if_tun.h \ @@ -20,7 +20,7 @@ $NetBSD: patch-ab,v 1.25 2006/11/08 01:49:22 taca Exp $ netdb.h \ netgroup.h \ pam/pam_appl.h \ -@@ -454,6 +458,15 @@ main() { if (NSVersionOfRunTimeLibrary(" +@@ -531,6 +535,15 @@ main() { if (NSVersionOfRunTimeLibrary(" ;; esac ;; @@ -36,7 +36,7 @@ $NetBSD: patch-ab,v 1.25 2006/11/08 01:49:22 taca Exp $ *-*-irix5*) PATH="$PATH:/usr/etc" AC_DEFINE(BROKEN_INET_NTOA, 1, -@@ -3876,9 +3889,17 @@ AC_TRY_COMPILE([ +@@ -4063,9 +4076,17 @@ AC_TRY_COMPILE([ ) if test -z "$conf_utmpx_location"; then if test x"$system_utmpx_path" = x"no" ; then @@ -56,7 +56,7 @@ $NetBSD: patch-ab,v 1.25 2006/11/08 01:49:22 taca Exp $ AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", [Define if you want to specify the path to your utmpx file]) fi -@@ -3902,9 +3923,17 @@ AC_TRY_COMPILE([ +@@ -4089,9 +4110,17 @@ AC_TRY_COMPILE([ ) if test -z "$conf_wtmpx_location"; then if test x"$system_wtmpx_path" = x"no" ; then @@ -76,7 +76,7 @@ $NetBSD: patch-ab,v 1.25 2006/11/08 01:49:22 taca Exp $ AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", [Define if you want to specify the path to your wtmpx file]) fi -@@ -3944,7 +3973,7 @@ echo "OpenSSH has been configured with t +@@ -4138,7 +4167,7 @@ echo "OpenSSH has been configured with t echo " User binaries: $B" echo " System binaries: $C" echo " Configuration files: $D" diff --git a/security/openssh/patches/patch-ad b/security/openssh/patches/patch-ad index 12ae915a4e4..0e40539f65d 100644 --- a/security/openssh/patches/patch-ad +++ b/security/openssh/patches/patch-ad @@ -1,8 +1,8 @@ -$NetBSD: patch-ad,v 1.12 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-ad,v 1.13 2009/05/21 03:22:29 taca Exp $ ---- loginrec.c.orig 2006-09-07 21:57:54.000000000 +0900 +--- loginrec.c.orig 2009-02-12 11:12:22.000000000 +0900 +++ loginrec.c -@@ -430,8 +430,8 @@ login_set_addr(struct logininfo *li, con +@@ -431,8 +431,8 @@ login_set_addr(struct logininfo *li, con int login_write(struct logininfo *li) { @@ -13,7 +13,7 @@ $NetBSD: patch-ad,v 1.12 2006/10/31 03:31:20 taca Exp $ logit("Attempt to write login records by non-root user (aborting)"); return (1); } -@@ -439,7 +439,7 @@ login_write(struct logininfo *li) +@@ -440,7 +440,7 @@ login_write(struct logininfo *li) /* set the timestamp */ login_set_current_time(li); @@ -22,7 +22,7 @@ $NetBSD: patch-ad,v 1.12 2006/10/31 03:31:20 taca Exp $ syslogin_write_entry(li); #endif #ifdef USE_LASTLOG -@@ -619,7 +619,7 @@ line_abbrevname(char *dst, const char *s +@@ -620,7 +620,7 @@ line_abbrevname(char *dst, const char *s ** into account. **/ @@ -31,7 +31,7 @@ $NetBSD: patch-ad,v 1.12 2006/10/31 03:31:20 taca Exp $ /* build the utmp structure */ void -@@ -756,10 +756,6 @@ construct_utmpx(struct logininfo *li, st +@@ -757,10 +757,6 @@ construct_utmpx(struct logininfo *li, st set_utmpx_time(li, utx); utx->ut_pid = li->pid; @@ -42,7 +42,7 @@ $NetBSD: patch-ad,v 1.12 2006/10/31 03:31:20 taca Exp $ if (li->type == LTYPE_LOGOUT) return; -@@ -768,6 +764,8 @@ construct_utmpx(struct logininfo *li, st +@@ -769,6 +765,8 @@ construct_utmpx(struct logininfo *li, st * for logouts. */ @@ -51,7 +51,7 @@ $NetBSD: patch-ad,v 1.12 2006/10/31 03:31:20 taca Exp $ # ifdef HAVE_HOST_IN_UTMPX strncpy(utx->ut_host, li->hostname, MIN_SIZEOF(utx->ut_host, li->hostname)); -@@ -1397,7 +1395,7 @@ wtmpx_get_entry(struct logininfo *li) +@@ -1398,7 +1396,7 @@ wtmpx_get_entry(struct logininfo *li) ** Low-level libutil login() functions **/ diff --git a/security/openssh/patches/patch-ag b/security/openssh/patches/patch-ag index 60451e45489..63f28b8fe7d 100644 --- a/security/openssh/patches/patch-ag +++ b/security/openssh/patches/patch-ag @@ -1,8 +1,8 @@ -$NetBSD: patch-ag,v 1.10 2008/09/16 12:53:08 taca Exp $ +$NetBSD: patch-ag,v 1.11 2009/05/21 03:22:29 taca Exp $ ---- config.h.in.orig 2008-07-21 17:30:49.000000000 +0900 +--- config.h.in.orig 2009-02-23 09:18:12.000000000 +0900 +++ config.h.in -@@ -506,6 +506,9 @@ +@@ -509,6 +509,9 @@ /* define if you have int64_t data type */ #undef HAVE_INT64_T @@ -12,7 +12,7 @@ $NetBSD: patch-ag,v 1.10 2008/09/16 12:53:08 taca Exp $ /* Define to 1 if you have the <inttypes.h> header file. */ #undef HAVE_INTTYPES_H -@@ -623,6 +626,9 @@ +@@ -626,6 +629,9 @@ /* Define to 1 if you have the <net/if_tun.h> header file. */ #undef HAVE_NET_IF_TUN_H diff --git a/security/openssh/patches/patch-ah b/security/openssh/patches/patch-ah index 0899809e42a..abdd6769d4e 100644 --- a/security/openssh/patches/patch-ah +++ b/security/openssh/patches/patch-ah @@ -1,8 +1,8 @@ -$NetBSD: patch-ah,v 1.24 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-ah,v 1.25 2009/05/21 03:22:29 taca Exp $ ---- Makefile.in.orig 2006-09-12 20:54:10.000000000 +0900 +--- Makefile.in.orig 2008-11-05 14:20:46.000000000 +0900 +++ Makefile.in -@@ -21,7 +21,7 @@ top_srcdir=@top_srcdir@ +@@ -22,7 +22,7 @@ top_srcdir=@top_srcdir@ DESTDIR= VPATH=@srcdir@ SSH_PROGRAM=@bindir@/ssh @@ -11,7 +11,7 @@ $NetBSD: patch-ah,v 1.24 2006/10/31 03:31:20 taca Exp $ SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign RAND_HELPER=$(libexecdir)/ssh-rand-helper -@@ -234,7 +234,7 @@ distprep: catman-do +@@ -233,7 +233,7 @@ distprep: catman-do (cd scard && $(MAKE) -f Makefile.in distprep) install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config @@ -20,7 +20,7 @@ $NetBSD: patch-ah,v 1.24 2006/10/31 03:31:20 taca Exp $ install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files check-config: -@@ -243,7 +243,7 @@ check-config: +@@ -242,7 +242,7 @@ check-config: scard-install: (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) diff --git a/security/openssh/patches/patch-aj b/security/openssh/patches/patch-aj index e403be88acf..d9d31a4e589 100644 --- a/security/openssh/patches/patch-aj +++ b/security/openssh/patches/patch-aj @@ -1,8 +1,8 @@ -$NetBSD: patch-aj,v 1.7 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-aj,v 1.8 2009/05/21 03:22:29 taca Exp $ ---- auth-rhosts.c.orig 2006-08-05 11:39:39.000000000 +0900 +--- auth-rhosts.c.orig 2008-06-14 08:01:25.000000000 +0900 +++ auth-rhosts.c -@@ -212,7 +212,7 @@ auth_rhosts2_raw(struct passwd *pw, cons +@@ -230,7 +230,7 @@ auth_rhosts2_raw(struct passwd *pw, cons return 0; /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ @@ -11,7 +11,7 @@ $NetBSD: patch-aj,v 1.7 2006/10/31 03:31:20 taca Exp $ if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user, pw->pw_name)) { auth_debug_add("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", -@@ -238,7 +238,7 @@ auth_rhosts2_raw(struct passwd *pw, cons +@@ -256,7 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, cons return 0; } if (options.strict_modes && @@ -20,7 +20,7 @@ $NetBSD: patch-aj,v 1.7 2006/10/31 03:31:20 taca Exp $ (st.st_mode & 022) != 0)) { logit("Rhosts authentication refused for %.100s: " "bad ownership or modes for home directory.", pw->pw_name); -@@ -265,7 +265,7 @@ auth_rhosts2_raw(struct passwd *pw, cons +@@ -283,7 +283,7 @@ auth_rhosts2_raw(struct passwd *pw, cons * allowing access to their account by anyone. */ if (options.strict_modes && diff --git a/security/openssh/patches/patch-ak b/security/openssh/patches/patch-ak index 8f219befee9..a4c009b6204 100644 --- a/security/openssh/patches/patch-ak +++ b/security/openssh/patches/patch-ak @@ -1,8 +1,8 @@ -$NetBSD: patch-ak,v 1.8 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-ak,v 1.9 2009/05/21 03:22:29 taca Exp $ ---- auth.c.orig 2006-09-07 09:36:43.000000000 +0900 +--- auth.c.orig 2008-11-05 14:12:54.000000000 +0900 +++ auth.c -@@ -377,7 +377,7 @@ check_key_in_hostfiles(struct passwd *pw +@@ -378,7 +378,7 @@ check_key_in_hostfiles(struct passwd *pw user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); if (options.strict_modes && (stat(user_hostfile, &st) == 0) && @@ -11,7 +11,7 @@ $NetBSD: patch-ak,v 1.8 2006/10/31 03:31:20 taca Exp $ (st.st_mode & 022) != 0)) { logit("Authentication refused for %.100s: " "bad owner or modes for %.200s", -@@ -430,7 +430,7 @@ secure_filename(FILE *f, const char *fil +@@ -431,7 +431,7 @@ secure_filename(FILE *f, const char *fil /* check the open file to avoid races */ if (fstat(fileno(f), &st) < 0 || @@ -20,7 +20,7 @@ $NetBSD: patch-ak,v 1.8 2006/10/31 03:31:20 taca Exp $ (st.st_mode & 022) != 0) { snprintf(err, errlen, "bad ownership or modes for file %s", buf); -@@ -447,7 +447,7 @@ secure_filename(FILE *f, const char *fil +@@ -448,7 +448,7 @@ secure_filename(FILE *f, const char *fil debug3("secure_filename: checking '%s'", buf); if (stat(buf, &st) < 0 || diff --git a/security/openssh/patches/patch-al b/security/openssh/patches/patch-al index 3e8b49202b2..67fa78f21c0 100644 --- a/security/openssh/patches/patch-al +++ b/security/openssh/patches/patch-al @@ -1,8 +1,8 @@ -$NetBSD: patch-al,v 1.7 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-al,v 1.8 2009/05/21 03:22:29 taca Exp $ ---- auth1.c.orig 2006-09-01 14:38:36.000000000 +0900 +--- auth1.c.orig 2008-07-09 19:54:05.000000000 +0900 +++ auth1.c -@@ -325,7 +325,7 @@ do_authloop(Authctxt *authctxt) +@@ -328,7 +328,7 @@ do_authloop(Authctxt *authctxt) } #else /* Special handling for root */ @@ -11,7 +11,7 @@ $NetBSD: patch-al,v 1.7 2006/10/31 03:31:20 taca Exp $ !auth_root_allowed(meth->name)) { authenticated = 0; # ifdef SSH_AUDIT_EVENTS -@@ -423,8 +423,8 @@ do_authentication(Authctxt *authctxt) +@@ -426,8 +426,8 @@ do_authentication(Authctxt *authctxt) * If we are not running as root, the user must have the same uid as * the server. */ diff --git a/security/openssh/patches/patch-am b/security/openssh/patches/patch-am index 6b4cf1f9a92..9a45a833bb9 100644 --- a/security/openssh/patches/patch-am +++ b/security/openssh/patches/patch-am @@ -1,8 +1,8 @@ -$NetBSD: patch-am,v 1.7 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-am,v 1.8 2009/05/21 03:22:29 taca Exp $ ---- auth2.c.orig 2006-08-05 11:39:39.000000000 +0900 +--- auth2.c.orig 2008-11-05 14:20:46.000000000 +0900 +++ auth2.c -@@ -223,7 +223,7 @@ userauth_finish(Authctxt *authctxt, int +@@ -298,7 +298,7 @@ userauth_finish(Authctxt *authctxt, int authctxt->user); /* Special handling for root */ diff --git a/security/openssh/patches/patch-an b/security/openssh/patches/patch-an index dac9e7edfe6..d837aea414e 100644 --- a/security/openssh/patches/patch-an +++ b/security/openssh/patches/patch-an @@ -1,8 +1,8 @@ -$NetBSD: patch-an,v 1.9 2007/03/18 12:38:45 taca Exp $ +$NetBSD: patch-an,v 1.10 2009/05/21 03:22:29 taca Exp $ ---- scp.c.orig 2007-03-18 16:27:26.000000000 +0900 +--- scp.c.orig 2008-11-03 17:23:45.000000000 +0900 +++ scp.c -@@ -377,7 +377,11 @@ main(int argc, char **argv) +@@ -390,7 +390,11 @@ main(int argc, char **argv) argc -= optind; argv += optind; @@ -14,7 +14,7 @@ $NetBSD: patch-an,v 1.9 2007/03/18 12:38:45 taca Exp $ fatal("unknown user %u", (u_int) userid); if (!isatty(STDOUT_FILENO)) -@@ -724,8 +728,10 @@ rsource(char *name, struct stat *statp) +@@ -782,8 +786,10 @@ rsource(char *name, struct stat *statp) return; } while ((dp = readdir(dirp)) != NULL) { @@ -25,7 +25,7 @@ $NetBSD: patch-an,v 1.9 2007/03/18 12:38:45 taca Exp $ if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) continue; if (strlen(name) + 1 + strlen(dp->d_name) >= sizeof(path) - 1) { -@@ -1175,7 +1181,9 @@ okname(char *cp0) +@@ -1233,7 +1239,9 @@ okname(char *cp0) case '\'': case '"': case '`': diff --git a/security/openssh/patches/patch-ao b/security/openssh/patches/patch-ao index 6823d1e0080..2d3931130a0 100644 --- a/security/openssh/patches/patch-ao +++ b/security/openssh/patches/patch-ao @@ -1,12 +1,12 @@ -$NetBSD: patch-ao,v 1.12 2008/04/27 00:34:27 tnn Exp $ +$NetBSD: patch-ao,v 1.13 2009/05/21 03:22:29 taca Exp $ One more replacing 0 with ROOTUID is handled by using SUBST framework because patch can't handle it when hpn-patch option is enabled. So, don't simply update this file with mkpatch command. ---- session.c.orig 2008-03-27 01:03:05.000000000 +0100 +--- session.c.orig 2009-01-28 14:29:49.000000000 +0900 +++ session.c -@@ -955,7 +955,7 @@ read_etc_default_login(char ***env, u_in +@@ -1068,7 +1068,7 @@ read_etc_default_login(char ***env, u_in if (tmpenv == NULL) return; @@ -15,7 +15,7 @@ So, don't simply update this file with mkpatch command. var = child_get_env(tmpenv, "SUPATH"); else var = child_get_env(tmpenv, "PATH"); -@@ -1064,7 +1064,7 @@ do_setup_env(Session *s, const char *she +@@ -1177,7 +1177,7 @@ do_setup_env(Session *s, const char *she # endif /* HAVE_ETC_DEFAULT_LOGIN */ if (path == NULL || *path == '\0') { child_set_env(&env, &envsize, "PATH", @@ -24,7 +24,7 @@ So, don't simply update this file with mkpatch command. SUPERUSER_PATH : _PATH_STDPATH); } # endif /* HAVE_CYGWIN */ -@@ -1178,6 +1178,18 @@ do_setup_env(Session *s, const char *she +@@ -1291,6 +1291,18 @@ do_setup_env(Session *s, const char *she strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); read_environment_file(&env, &envsize, buf); } @@ -43,7 +43,7 @@ So, don't simply update this file with mkpatch command. if (debug_flag) { /* dump the environment */ fprintf(stderr, "Environment:\n"); -@@ -1351,9 +1363,9 @@ do_setusercontext(struct passwd *pw) +@@ -1464,9 +1476,9 @@ do_setusercontext(struct passwd *pw) (void)ssh_selinux_enabled(); #endif @@ -55,7 +55,7 @@ So, don't simply update this file with mkpatch command. { #ifdef HAVE_SETPCRED -@@ -1387,11 +1399,13 @@ do_setusercontext(struct passwd *pw) +@@ -1500,11 +1512,13 @@ do_setusercontext(struct passwd *pw) perror("setgid"); exit(1); } @@ -69,7 +69,7 @@ So, don't simply update this file with mkpatch command. endgrent(); # ifdef USE_PAM /* -@@ -2175,7 +2189,7 @@ session_pty_cleanup2(Session *s) +@@ -2328,7 +2342,7 @@ session_pty_cleanup2(Session *s) record_logout(s->pid, s->tty, s->pw->pw_name); /* Release the pseudo-tty. */ diff --git a/security/openssh/patches/patch-ap b/security/openssh/patches/patch-ap index 3b982f750a3..70377e9c4a1 100644 --- a/security/openssh/patches/patch-ap +++ b/security/openssh/patches/patch-ap @@ -1,8 +1,8 @@ -$NetBSD: patch-ap,v 1.9 2008/04/27 00:34:27 tnn Exp $ +$NetBSD: patch-ap,v 1.10 2009/05/21 03:22:29 taca Exp $ ---- ssh.c.orig 2008-02-28 09:13:52.000000000 +0100 +--- ssh.c.orig 2009-02-14 14:28:21.000000000 +0900 +++ ssh.c -@@ -693,7 +693,7 @@ main(int ac, char **av) +@@ -702,7 +702,7 @@ main(int ac, char **av) if (ssh_connect(host, &hostaddr, options.port, options.address_family, options.connection_attempts, &timeout_ms, options.tcp_keep_alive, diff --git a/security/openssh/patches/patch-aq b/security/openssh/patches/patch-aq index 2501dc65c6e..ed29d3f1d2a 100644 --- a/security/openssh/patches/patch-aq +++ b/security/openssh/patches/patch-aq @@ -1,17 +1,17 @@ -$NetBSD: patch-aq,v 1.6 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-aq,v 1.7 2009/05/21 03:22:29 taca Exp $ ---- sshpty.c.orig 2006-08-05 11:39:41.000000000 +0900 +--- sshpty.c.orig 2009-02-12 10:19:21.000000000 +0900 +++ sshpty.c -@@ -78,7 +78,7 @@ pty_allocate(int *ptyfd, int *ttyfd, cha - void +@@ -86,7 +86,7 @@ void pty_release(const char *tty) { + #ifndef __APPLE_PRIVPTY__ - if (chown(tty, (uid_t) 0, (gid_t) 0) < 0) + if (chown(tty, (uid_t) ROOTUID, (gid_t) ROOTGID) < 0) error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno)); if (chmod(tty, (mode_t) 0666) < 0) error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno)); -@@ -224,7 +224,7 @@ pty_setowner(struct passwd *pw, const ch +@@ -233,7 +233,7 @@ pty_setowner(struct passwd *pw, const ch if (st.st_uid != pw->pw_uid || st.st_gid != gid) { if (chown(tty, pw->pw_uid, gid) < 0) { if (errno == EROFS && diff --git a/security/openssh/patches/patch-ar b/security/openssh/patches/patch-ar index b60e7466dae..3c6d715a04f 100644 --- a/security/openssh/patches/patch-ar +++ b/security/openssh/patches/patch-ar @@ -1,6 +1,6 @@ -$NetBSD: patch-ar,v 1.7 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-ar,v 1.8 2009/05/21 03:22:29 taca Exp $ ---- uidswap.c.orig 2006-08-05 11:39:41.000000000 +0900 +--- uidswap.c.orig 2009-01-21 14:04:24.000000000 +0900 +++ uidswap.c @@ -66,13 +66,13 @@ temporarily_use_uid(struct passwd *pw) (u_int)pw->pw_uid, (u_int)pw->pw_gid, @@ -64,7 +64,7 @@ $NetBSD: patch-ar,v 1.7 2006/10/31 03:31:20 taca Exp $ #if defined(HAVE_SETRESGID) && !defined(BROKEN_SETRESGID) if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); -@@ -268,6 +278,7 @@ permanently_set_uid(struct passwd *pw) +@@ -278,6 +288,7 @@ permanently_set_uid(struct passwd *pw) (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) fatal("%s: was able to restore old [e]uid", __func__); #endif diff --git a/security/openssh/patches/patch-av b/security/openssh/patches/patch-av index b029a71e43f..3e06c1b1ccd 100644 --- a/security/openssh/patches/patch-av +++ b/security/openssh/patches/patch-av @@ -1,8 +1,8 @@ -$NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ +$NetBSD: patch-av,v 1.7 2009/05/21 03:22:29 taca Exp $ ---- sshd.c.orig 2006-10-29 17:01:29.000000000 +0900 +--- sshd.c.orig 2009-01-28 14:31:23.000000000 +0900 +++ sshd.c -@@ -232,7 +232,11 @@ int *startup_pipes = NULL; +@@ -234,7 +234,11 @@ int *startup_pipes = NULL; int startup_pipe; /* in child */ /* variables used for privilege separation */ @@ -14,7 +14,7 @@ $NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ struct monitor *pmonitor = NULL; /* global authentication context */ -@@ -608,10 +612,15 @@ privsep_preauth_child(void) +@@ -604,10 +608,15 @@ privsep_preauth_child(void) /* XXX not ready, too heavy after chroot */ do_setusercontext(privsep_pw); #else @@ -30,7 +30,7 @@ $NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ #endif } -@@ -651,7 +660,7 @@ privsep_preauth(Authctxt *authctxt) +@@ -647,7 +656,7 @@ privsep_preauth(Authctxt *authctxt) close(pmonitor->m_sendfd); /* Demote the child */ @@ -39,7 +39,7 @@ $NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ privsep_preauth_child(); setproctitle("%s", "[net]"); } -@@ -664,7 +673,7 @@ privsep_postauth(Authctxt *authctxt) +@@ -662,7 +671,7 @@ privsep_postauth(Authctxt *authctxt) #ifdef DISABLE_FD_PASSING if (1) { #else @@ -48,7 +48,7 @@ $NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ #endif /* File descriptor passing is broken or root login */ use_privsep = 0; -@@ -1256,8 +1265,10 @@ main(int ac, char **av) +@@ -1272,8 +1281,10 @@ main(int ac, char **av) av = saved_argv; #endif @@ -60,7 +60,7 @@ $NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); -@@ -1519,7 +1530,7 @@ main(int ac, char **av) +@@ -1577,7 +1588,7 @@ main(int ac, char **av) (st.st_uid != getuid () || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0)) #else @@ -69,7 +69,7 @@ $NetBSD: patch-av,v 1.6 2006/11/21 17:43:56 tv Exp $ #endif fatal("%s must be owned by root and not group or " "world-writable.", _PATH_PRIVSEP_CHROOT_DIR); -@@ -1536,8 +1547,10 @@ main(int ac, char **av) +@@ -1601,8 +1612,10 @@ main(int ac, char **av) * to create a file, and we can't control the code in every * module which might be used). */ diff --git a/security/openssh/patches/patch-aw b/security/openssh/patches/patch-aw index 3af175388fb..c61742928c9 100644 --- a/security/openssh/patches/patch-aw +++ b/security/openssh/patches/patch-aw @@ -1,8 +1,8 @@ -$NetBSD: patch-aw,v 1.2 2006/10/31 03:31:20 taca Exp $ +$NetBSD: patch-aw,v 1.3 2009/05/21 03:22:29 taca Exp $ ---- openbsd-compat/port-tun.c.orig 2006-09-02 14:32:40.000000000 +0900 +--- openbsd-compat/port-tun.c.orig 2008-05-19 14:28:36.000000000 +0900 +++ openbsd-compat/port-tun.c -@@ -109,6 +109,10 @@ sys_tun_open(int tun, int mode) +@@ -110,6 +110,10 @@ sys_tun_open(int tun, int mode) #include <sys/socket.h> #include <net/if.h> |