diff options
Diffstat (limited to 'security/openssh+gssapi')
| -rw-r--r-- | security/openssh+gssapi/DESCR | 14 | ||||
| -rw-r--r-- | security/openssh+gssapi/INSTALL | 36 | ||||
| -rw-r--r-- | security/openssh+gssapi/MESSAGE | 17 | ||||
| -rw-r--r-- | security/openssh+gssapi/MESSAGE.pam | 9 | ||||
| -rw-r--r-- | security/openssh+gssapi/MESSAGE.urandom | 8 | ||||
| -rw-r--r-- | security/openssh+gssapi/Makefile | 163 | ||||
| -rw-r--r-- | security/openssh+gssapi/Makefile.intree | 55 | ||||
| -rw-r--r-- | security/openssh+gssapi/PLIST | 30 | ||||
| -rw-r--r-- | security/openssh+gssapi/PLIST.pam | 2 | ||||
| -rw-r--r-- | security/openssh+gssapi/PLIST.prng | 3 | ||||
| -rw-r--r-- | security/openssh+gssapi/distinfo | 9 | ||||
| -rw-r--r-- | security/openssh+gssapi/files/sshd.sh | 105 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-aa | 34 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-ab | 34 | ||||
| -rw-r--r-- | security/openssh+gssapi/patches/patch-ah | 22 |
15 files changed, 541 insertions, 0 deletions
diff --git a/security/openssh+gssapi/DESCR b/security/openssh+gssapi/DESCR new file mode 100644 index 00000000000..764ae7f0903 --- /dev/null +++ b/security/openssh+gssapi/DESCR @@ -0,0 +1,14 @@ +OpenSSH is based on the last free version of Tatu Ylonen's SSH with +all patent-encumbered algorithms removed (to external libraries), all +known security bugs fixed, new features reintroduced and many other +clean-ups. More information about SSH itself can be found in the file +README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck, +Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. + +This port consists of the re-introduction of autoconf support, PAM +support (for Linux and Solaris), EGD[1] support, SOCKS support (using +the Dante [6] libraries and replacements for OpenBSD library functions +that are (regrettably) absent from other unices. This port has been +best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX, +SCO, NeXT and other Unices is underway. This version actively tracks +changes in the OpenBSD CVS repository. diff --git a/security/openssh+gssapi/INSTALL b/security/openssh+gssapi/INSTALL new file mode 100644 index 00000000000..f930e443924 --- /dev/null +++ b/security/openssh+gssapi/INSTALL @@ -0,0 +1,36 @@ +# $NetBSD: INSTALL,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +DIRS="/etc /etc/ssh ${PKG_PREFIX}/etc ${PKG_PREFIX}/etc/ssh" +FILES="sshd.conf sshd_config" + +if [ "${STAGE}" != "POST-INSTALL" ]; then + exit 0 +fi + +for dir in $DIRS; do + if [ "@PKG_SYSCONFDIR@" != "$dir" ]; then + for file in $FILES; do + path=$dir/$file + if [ -f $path ]; then + ${CAT} <<EOF +=========================================================================== + + *===* NOTICE *===* + +WARNING: previous configuration file $path found. + +The config files for ${PKGNAME} must be located in: + + @PKG_SYSCONFDIR@ + +You will need to ensure your configuration files and/or keys are +placed in the correct directory before using ${PKGNAME}. + +=========================================================================== +EOF + + exit + fi + done + fi +done diff --git a/security/openssh+gssapi/MESSAGE b/security/openssh+gssapi/MESSAGE new file mode 100644 index 00000000000..482f771c674 --- /dev/null +++ b/security/openssh+gssapi/MESSAGE @@ -0,0 +1,17 @@ +=========================================================================== +$NetBSD: MESSAGE,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + + *===* NOTICE *===* + +If you have existing config files for OpenSSH located at /etc/ssh.conf +and /etc/sshd.conf, then you will have to copy them: + + /etc/ssh.conf --> ${PKG_SYSCONFDIR}/ssh_config + /etc/sshd.conf --> ${PKG_SYSCONFDIR}/sshd_config + +The `${OPENSSH_USER}' user and `${OPENSSH_GROUP}' group used for +privilege separation have been created if they did not already exist. +For security reasons, UsePrivilegeSeparation has to be yes +(the default value). + +=========================================================================== diff --git a/security/openssh+gssapi/MESSAGE.pam b/security/openssh+gssapi/MESSAGE.pam new file mode 100644 index 00000000000..65185d65a13 --- /dev/null +++ b/security/openssh+gssapi/MESSAGE.pam @@ -0,0 +1,9 @@ +=========================================================================== +$NetBSD: MESSAGE.pam,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +To authenticate for SSH using PAM, add the contents of the file: + + ${EGDIR}/sshd.pam + +to your PAM configuration file. +=========================================================================== diff --git a/security/openssh+gssapi/MESSAGE.urandom b/security/openssh+gssapi/MESSAGE.urandom new file mode 100644 index 00000000000..6c3f593d0ae --- /dev/null +++ b/security/openssh+gssapi/MESSAGE.urandom @@ -0,0 +1,8 @@ +=========================================================================== +$NetBSD: MESSAGE.urandom,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +You will need a working /dev/urandom. Please make sure you have a kernel +compiled from a config file containing the line: + + pseudo-device rnd +=========================================================================== diff --git a/security/openssh+gssapi/Makefile b/security/openssh+gssapi/Makefile new file mode 100644 index 00000000000..8d1834809f6 --- /dev/null +++ b/security/openssh+gssapi/Makefile @@ -0,0 +1,163 @@ +# $NetBSD: Makefile,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +DISTNAME= openssh-3.6.1p2 +PKGNAME= openssh+gssapi-3.6.1.2.20030430 +SVR4_PKGNAME= ossh +CATEGORIES= security +MASTER_SITES= ftp://ftp7.usa.openbsd.org/pub/os/OpenBSD/OpenSSH/portable/ \ + ftp://ftp.stealth.net/pub/mirrors/ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ + http://public.planetmirror.com.au/pub/OpenBSD/OpenSSH/portable/ \ + ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ + ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ + ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/old/ +PATCH_SITES= http://www.sxw.org.uk/computing/patches/ +PATCHFILES= openssh-3.6.1p2-gssapi-20030430.diff +PATCH_DIST_STRIP= -p1 + +# Don't delete the last entry -- it's there if the pkgsrc version is not +# up-to-date and the mirrors already removed the old distfile. + +MAINTAINER= jwise@NetBSD.org +HOMEPAGE= http://www.openssh.com/ +COMMENT= Open Source Secure shell client and server (remote login program) + +CONFLICTS= sftp-[0-9]* +CONFLICTS+= ssh-[0-9]* ssh6-[0-9]* ssh2-[0-9]* +CONFLICTS+= openssh-[0-9]* + +USE_PERL5= build + +# 0.9.5a can be used, with blowfish support broken. so require 0.9.6. +USE_OPENSSL_VERSION= ${OPENSSL_VERSION_096} + +CRYPTO= yes + +# retain the following line, for IPv6-ready pkgsrc webpage +BUILD_DEFS+= USE_INET6 +#BUILD_DEFS+= KERBEROS + +.include "../../mk/bsd.prefs.mk" + +INSTALL_TARGET= install-nokeys +PLIST_SRC= # empty +MESSAGE_SRC= ${.CURDIR}/MESSAGE + +PKG_USERS= ${OPENSSH_USER}:${OPENSSH_GROUP}:${OPENSSH_UID}:sshd\\ privsep:${OPENSSH_CHROOT}:${NOLOGIN} +PKG_GROUPS= ${OPENSSH_GROUP}:${OPENSSH_GID} + +SSH_PID_DIR= /var/run # default directory for PID files + +PKG_SYSCONFSUBDIR= ssh +MANDIR= man +RCD_SCRIPTS_EGDIR= etc/rc.d + +PLIST_SUBST+= MANDIR=${MANDIR} +PLIST_SUBST+= RCD_SCRIPTS_EGDIR=${RCD_SCRIPTS_EGDIR} + +USE_BUILDLINK2= yes +USE_PKGINSTALL= yes +GNU_CONFIGURE= yes +CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} +CONFIGURE_ARGS+= --mandir=${PREFIX}/${MANDIR} +CONFIGURE_ARGS+= --with-pid-dir=${SSH_PID_DIR} +CONFIGURE_ARGS+= --with-ssl-dir=${SSLBASE} +CONFIGURE_ARGS+= --with-tcp-wrappers=${BUILDLINK_PREFIX.tcp_wrappers} +CONFIGURE_ARGS+= --with-privsep-path=${OPENSSH_CHROOT} +CONFIGURE_ARGS+= --with-privsep-user=${OPENSSH_USER} +CONFIGURE_ARGS+= --with-kerberos5=/usr +CONFIGURE_ARGS+= --with-kerberos4=/usr + +CPPFLAGS+= -I/usr/include/krb5 -I/usr/include/kerberosIV + +# XXX: PAM authentication causes memory faults, and I haven't tracked down +# XXX: why yet. For the moment, disable PAM authentication. +# +#.if defined(USE_PAM) +#.include "../../security/PAM/buildlink2.mk" +#CONFIGURE_ARGS+= --with-pam +#PLIST_SRC+= ${.CURDIR}/PLIST.pam +#MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam +#.endif + +.if (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS") +. include "../../security/skey/buildlink2.mk" +CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey} +.elif ${OPSYS} == "NetBSD" +# XXX: NetBSD has 4 args (4: sslen) to skeychallenge instead of 3 +#CONFIGURE_ARGS+= --with-skey=/usr +CONFIGURE_ARGS+= --without-skey +.else +CONFIGURE_ARGS+= --without-skey +.endif + +.if defined(KERBEROS) +PKG_USE_KERBEROS= yes +CONFIGURE_ARGS+= --with-kerberos4=/usr +LDFLAGS+= -lkrb -lcom_err -lroken -ldes +.endif + +LD= ${CC} + +# The ssh-askpass program is in ${X11BASE}/bin or ${X11PREFIX}/bin depending +# on if it's part of the X11 distribution, or if it's installed from pkgsrc +# (security/ssh-askpass). +# +.if exists(${X11BASE}/bin/ssh-askpass) +ASKPASS_PROGRAM= ${X11BASE}/bin/ssh-askpass +.else +ASKPASS_PROGRAM= ${X11PREFIX}/bin/ssh-askpass +.endif +CONFIGURE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM} +MAKE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM} + +CONFS= ssh_config sshd_config +SUPPS= moduli + +.if exists(/dev/urandom) +MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom +.else +CONFIGURE_ARGS+= --without-random +CONFS+= ssh_prng_cmds +PLIST_SRC+= ${.CURDIR}/PLIST.prng +.endif + +EGDIR= ${PREFIX}/share/examples/openssh +CONF_FILES= # empty +.for FILE in ${CONFS} +CONF_FILES+= ${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE} +.endfor +SUPPORT_FILES= # empty +.for FILE in ${SUPPS} +SUPPORT_FILES+= ${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE} +.endfor +OWN_DIRS= ${OPENSSH_CHROOT} +RCD_SCRIPTS= sshd + +PLIST_SRC+= ${.CURDIR}/PLIST +FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR} +MESSAGE_SUBST+= EGDIR=${EGDIR} +MESSAGE_SUBST+= OPENSSH_USER=${OPENSSH_USER} +MESSAGE_SUBST+= OPENSSH_GROUP=${OPENSSH_GROUP} + +.if defined(UPDATE_INTREE_OPENSSH) +. include "Makefile.intree" +.endif + +pre-configure: + cd ${WRKSRC} && ${AUTORECONF} + +post-install: + ${INSTALL_DATA_DIR} ${EGDIR} + cd ${WRKSRC}; for file in ${CONFS} ${SUPPS}; do \ + ${INSTALL_DATA} $${file}.out ${EGDIR}/$${file}; \ + done +#.if defined(USE_PAM) +# ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.freebsd ${EGDIR}/sshd.pam +#.endif + +.include "../../devel/zlib/buildlink2.mk" +.include "../../security/openssl/buildlink2.mk" +.include "../../security/tcp_wrappers/buildlink2.mk" +.include "../../mk/autoconf.mk" + +.include "../../mk/bsd.pkg.mk" diff --git a/security/openssh+gssapi/Makefile.intree b/security/openssh+gssapi/Makefile.intree new file mode 100644 index 00000000000..83c6df0edea --- /dev/null +++ b/security/openssh+gssapi/Makefile.intree @@ -0,0 +1,55 @@ +# $NetBSD: Makefile.intree,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +.include "../../mk/bsd.prefs.mk" + +_UPDATE_INTREE_OPENSSH?= NO +.if ${OPSYS} == "NetBSD" +. for PATTERN in 1.5 1.5.* +. if ${OS_VERSION:M${PATTERN}} +_UPDATE_INTREE_OPENSSH= YES +PKG_SYSCONFSUBDIR:= # empty +. endif +. endfor +. for PATTERN in 1.6* +. if ${OS_VERSION:M${PATTERN}} +_UPDATE_INTREE_OPENSSH= YES +PKG_SYSCONFSUBDIR:= ssh +. endif +. endfor +.endif + +# We would like to require an in-tree OpenSSL that is at least 0.9.5a, but the +# openssl buildlink2.mk forces at least 0.9.6f, which makes +# UPDATE_INTREE_OPENSSH useless for anything before 1.6* +# +# USE_OPENSSL_VERSION:= ${OPENSSL_VERSION_095A} +.include "../../security/openssl/buildlink2.mk" +.if ${_NEED_OPENSSL} == "YES" +_UPDATE_INTREE_OPENSSH= NO +PKG_FAIL_REASON= "OpenSSL>=0.9.6f in the base distribution is required." +.endif + +.if ${_UPDATE_INTREE_OPENSSH} == "YES" +NO_MTREE= yes +NO_PKG_REGISTER= yes +NO_PACKAGE= No package registration is done +MANCOMPRESSED_IF_MANZ= yes +LOCALBASE:= /usr +PKG_SYSCONFBASE:= /etc +MANDIR:= share/man +RCD_SCRIPTS_EGDIR:= share/examples/openssh +.else +PKG_FAIL_REASON?= "Unable to update in-tree OpenSSH for ${OPSYS}-${OS_VERSION}." +.endif + +real-tarball: + ${GREP} -v "^@" ${PLIST} | ${SED} -e "s,^,${PREFIX}/," | ${SORT} \ + > ${WRKDIR}/MANIFEST + ${GTAR} zcvpf ${PKGNAME}-intree-${OPSYS}-${OS_VERSION}.tgz \ + `${CAT} ${WRKDIR}/MANIFEST` + +tarball: + @${ECHO_MSG} "${_PKGSRC_IN}> Tarballing ${PKGNAME}" + ${_PKG_SILENT}${_PKG_DEBUG} \ + realtarget="real-tarball"; action="tarball"; \ + ${_SU_TARGET} diff --git a/security/openssh+gssapi/PLIST b/security/openssh+gssapi/PLIST new file mode 100644 index 00000000000..ce179a879ef --- /dev/null +++ b/security/openssh+gssapi/PLIST @@ -0,0 +1,30 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ +bin/scp +bin/sftp +bin/slogin +bin/ssh +bin/ssh-add +bin/ssh-agent +bin/ssh-keygen +bin/ssh-keyscan +${RCD_SCRIPTS_EGDIR}/sshd +libexec/sftp-server +libexec/ssh-keysign +${MANDIR}/man1/scp.1 +${MANDIR}/man1/sftp.1 +${MANDIR}/man1/slogin.1 +${MANDIR}/man1/ssh-add.1 +${MANDIR}/man1/ssh-agent.1 +${MANDIR}/man1/ssh-keygen.1 +${MANDIR}/man1/ssh-keyscan.1 +${MANDIR}/man1/ssh.1 +${MANDIR}/man5/ssh_config.5 +${MANDIR}/man5/sshd_config.5 +${MANDIR}/man8/sftp-server.8 +${MANDIR}/man8/ssh-keysign.8 +${MANDIR}/man8/sshd.8 +sbin/sshd +share/examples/openssh/moduli +share/examples/openssh/ssh_config +share/examples/openssh/sshd_config +@dirrm share/examples/openssh diff --git a/security/openssh+gssapi/PLIST.pam b/security/openssh+gssapi/PLIST.pam new file mode 100644 index 00000000000..51a30ff1f77 --- /dev/null +++ b/security/openssh+gssapi/PLIST.pam @@ -0,0 +1,2 @@ +@comment $NetBSD: PLIST.pam,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ +share/examples/openssh/sshd.pam diff --git a/security/openssh+gssapi/PLIST.prng b/security/openssh+gssapi/PLIST.prng new file mode 100644 index 00000000000..16c1a2cb120 --- /dev/null +++ b/security/openssh+gssapi/PLIST.prng @@ -0,0 +1,3 @@ +@comment $NetBSD: PLIST.prng,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ +libexec/ssh-rand-helper +share/examples/openssh/ssh_prng_cmds diff --git a/security/openssh+gssapi/distinfo b/security/openssh+gssapi/distinfo new file mode 100644 index 00000000000..897244dfa7b --- /dev/null +++ b/security/openssh+gssapi/distinfo @@ -0,0 +1,9 @@ +$NetBSD: distinfo,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +SHA1 (openssh-3.6.1p2.tar.gz) = dafe5b6ee2c8ced12c2ee8961530b4e51c2f0bcf +Size (openssh-3.6.1p2.tar.gz) = 879629 bytes +SHA1 (openssh-3.6.1p2-gssapi-20030430.diff) = a938638ad7d861e4f55ef5f8410acfdaac8a9e57 +Size (openssh-3.6.1p2-gssapi-20030430.diff) = 121077 bytes +SHA1 (patch-aa) = 20abe6938aba07ab7b6c7eab5d24a303f0cd2298 +SHA1 (patch-ab) = 1069fe256b7925fcf404781ef14e5c492f52c21e +SHA1 (patch-ah) = 9913c868bde5d318915b1dee2c05dcf454a0f506 diff --git a/security/openssh+gssapi/files/sshd.sh b/security/openssh+gssapi/files/sshd.sh new file mode 100644 index 00000000000..b33955a6e31 --- /dev/null +++ b/security/openssh+gssapi/files/sshd.sh @@ -0,0 +1,105 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: sshd.sh,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ +# +# PROVIDE: sshd +# REQUIRE: DAEMON LOGIN + +if [ -f /etc/rc.subr ] +then + . /etc/rc.subr +fi + +name="sshd" +rcvar=$name +command="@PREFIX@/sbin/${name}" +keygen_command="@PREFIX@/bin/ssh-keygen" +pidfile="@SSH_PID_DIR@/${name}.pid" +required_files="@PKG_SYSCONFDIR@/sshd_config" +extra_commands="keygen reload" + +sshd_keygen() +{ + ( + umask 022 + if [ -f @PKG_SYSCONFDIR@/ssh_host_key ]; then + @ECHO@ "You already have an RSA host key in @PKG_SYSCONFDIR@/ssh_host_key" + @ECHO@ "Skipping protocol version 1 RSA Key Generation" + else + ${keygen_command} -t rsa1 -b 1024 -f @PKG_SYSCONFDIR@/ssh_host_key -N '' + fi + + if [ -f @PKG_SYSCONFDIR@/ssh_host_dsa_key ]; then + @ECHO@ "You already have a DSA host key in @PKG_SYSCONFDIR@/ssh_host_dsa_key" + @ECHO@ "Skipping protocol version 2 DSA Key Generation" + else + ${keygen_command} -t dsa -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -N '' + fi + + if [ -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then + @ECHO@ "You already have a RSA host key in @PKG_SYSCONFDIR@/ssh_host_rsa_key" + @ECHO@ "Skipping protocol version 2 RSA Key Generation" + else + ${keygen_command} -t rsa -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -N '' + fi + ) +} + +sshd_precmd() +{ + if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \ + ! -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -o \ + ! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then + if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ] + then + run_rc_command keygen + else + eval ${keygen_cmd} + fi + fi +} + +keygen_cmd=sshd_keygen +start_precmd=sshd_precmd + +if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ] +then + load_rc_config $name + run_rc_command "$1" +else + case ${1:-start} in + start) + if [ -x ${command} -a -f ${required_files} ] + then + @ECHO@ "Starting ${name}." + eval ${start_precmd} + eval ${command} ${sshd_flags} ${command_args} + fi + ;; + stop) + if [ -f ${pidfile} ]; then + pid=`@HEAD@ -1 ${pidfile}` + @ECHO@ "Stopping ${name}." + kill -TERM ${pid} + else + @ECHO@ "${name} not running?" + fi + ;; + restart) + ( $0 stop ) + sleep 1 + $0 start + ;; + status) + if [ -f ${pidfile} ]; then + pid=`@HEAD@ -1 ${pidfile}` + @ECHO@ "${name} is running as pid ${pid}." + else + @ECHO@ "${name} is not running." + fi + ;; + keygen) + eval ${keygen_cmd} + ;; + esac +fi diff --git a/security/openssh+gssapi/patches/patch-aa b/security/openssh+gssapi/patches/patch-aa new file mode 100644 index 00000000000..a505c8d77c1 --- /dev/null +++ b/security/openssh+gssapi/patches/patch-aa @@ -0,0 +1,34 @@ +$NetBSD: patch-aa,v 1.1.1.1 2003/07/24 21:01:23 jwise Exp $ + +--- configure.orig Tue Apr 29 02:37:28 2003 ++++ configure Tue Jun 10 13:38:01 2003 +@@ -4939,6 +4939,9 @@ + ;; + esac + ++# pkgsrc handles any rpath settings this package needs ++need_dash_r= ++ + # Allow user to specify flags + + # Check whether --with-cflags or --without-cflags was given. +@@ -7030,6 +7033,10 @@ + cat >>conftest.$ac_ext <<_ACEOF + /* end confdefs.h. */ + ++#ifdef HAVE_SYS_CDEFS_H ++#include <sys/cdefs.h> ++#endif ++#include <stdio.h> + #include <tcpd.h> + int deny_severity = 0, allow_severity = 0; + +@@ -19123,7 +19130,7 @@ + echo " User binaries: $B" + echo " System binaries: $C" + echo " Configuration files: $D" +-echo " Askpass program: $E" ++echo " Askpass program: ${ASKPASS_PROGRAM}" + echo " Manual pages: $F" + echo " PID file: $G" + echo " Privilege separation chroot path: $H" diff --git a/security/openssh+gssapi/patches/patch-ab b/security/openssh+gssapi/patches/patch-ab new file mode 100644 index 00000000000..78af9066543 --- /dev/null +++ b/security/openssh+gssapi/patches/patch-ab @@ -0,0 +1,34 @@ +$NetBSD: patch-ab,v 1.1.1.1 2003/07/24 21:01:24 jwise Exp $ + +--- configure.ac.orig Thu Sep 26 00:38:47 2002 ++++ configure.ac +@@ -341,6 +341,9 @@ mips-sony-bsd|mips-sony-newsos4) + ;; + esac + ++# pkgsrc handles any rpath settings this package needs ++need_dash_r= ++ + # Allow user to specify flags + AC_ARG_WITH(cflags, + [ --with-cflags Specify additional flags to pass to compiler], +@@ -575,6 +578,10 @@ AC_ARG_WITH(tcp-wrappers, + AC_MSG_CHECKING(for libwrap) + AC_TRY_LINK( + [ ++#ifdef HAVE_SYS_CDEFS_H ++#include <sys/cdefs.h> ++#endif ++#include <stdio.h> + #include <tcpd.h> + int deny_severity = 0, allow_severity = 0; + ], +@@ -2449,7 +2456,7 @@ echo "OpenSSH has been configured with t + echo " User binaries: $B" + echo " System binaries: $C" + echo " Configuration files: $D" +-echo " Askpass program: $E" ++echo " Askpass program: ${ASKPASS_PROGRAM}" + echo " Manual pages: $F" + echo " PID file: $G" + echo " Privilege separation chroot path: $H" diff --git a/security/openssh+gssapi/patches/patch-ah b/security/openssh+gssapi/patches/patch-ah new file mode 100644 index 00000000000..195dd6ba600 --- /dev/null +++ b/security/openssh+gssapi/patches/patch-ah @@ -0,0 +1,22 @@ +$NetBSD: patch-ah,v 1.1.1.1 2003/07/24 21:01:24 jwise Exp $ + +--- Makefile.in.orig Fri Jun 21 10:38:53 2002 ++++ Makefile.in Tue Jun 25 10:50:44 2002 +@@ -21,7 +21,7 @@ + DESTDIR= + VPATH=@srcdir@ + SSH_PROGRAM=@bindir@/ssh +-ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass ++#ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass + SFTP_SERVER=$(libexecdir)/sftp-server + SSH_KEYSIGN=$(libexecdir)/ssh-keysign + RAND_HELPER=$(libexecdir)/ssh-rand-helper +@@ -203,7 +203,7 @@ + scard-install: + (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) + +-install-files: scard-install ++install-files: + $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) |