From 2291c3b2218c256a9036312072dc28a07488aa05 Mon Sep 17 00:00:00 2001
From: seb <seb@pkgsrc.org>
Date: Tue, 6 Aug 2002 00:48:09 +0000
Subject: Initial import of ssh version 2.3.0 into the NetBSD Packages
 Collection.

This package provides Secure Shell client and server for V.2 SSH protocol
from SSH Communications Security.

Based on PR 15358 from Greg A. Woods <woods@planix.com>.
---
 security/ssh2/DESCR                      |   8 ++
 security/ssh2/Makefile                   |  87 ++++++++++++++++++++++
 security/ssh2/PLIST                      |  75 +++++++++++++++++++
 security/ssh2/distinfo                   |  12 +++
 security/ssh2/files/ssh2_secure_shell.sh |  84 +++++++++++++++++++++
 security/ssh2/patches/patch-aa           | 114 +++++++++++++++++++++++++++++
 security/ssh2/patches/patch-ab           | 121 +++++++++++++++++++++++++++++++
 security/ssh2/patches/patch-ac           |  13 ++++
 security/ssh2/patches/patch-ad           |  13 ++++
 security/ssh2/patches/patch-ae           |  23 ++++++
 security/ssh2/patches/patch-af           |  65 +++++++++++++++++
 security/ssh2/patches/patch-ag           |  14 ++++
 security/ssh2/patches/patch-ah           |  18 +++++
 13 files changed, 647 insertions(+)
 create mode 100644 security/ssh2/DESCR
 create mode 100644 security/ssh2/Makefile
 create mode 100644 security/ssh2/PLIST
 create mode 100644 security/ssh2/distinfo
 create mode 100644 security/ssh2/files/ssh2_secure_shell.sh
 create mode 100644 security/ssh2/patches/patch-aa
 create mode 100644 security/ssh2/patches/patch-ab
 create mode 100644 security/ssh2/patches/patch-ac
 create mode 100644 security/ssh2/patches/patch-ad
 create mode 100644 security/ssh2/patches/patch-ae
 create mode 100644 security/ssh2/patches/patch-af
 create mode 100644 security/ssh2/patches/patch-ag
 create mode 100644 security/ssh2/patches/patch-ah

(limited to 'security/ssh2')

diff --git a/security/ssh2/DESCR b/security/ssh2/DESCR
new file mode 100644
index 00000000000..da9e9d321ea
--- /dev/null
+++ b/security/ssh2/DESCR
@@ -0,0 +1,8 @@
+Secure Shell is a program to log into another computer over a
+network, to execute commands in a remote machine, and to move files
+from one machine to another.  It provides strong authentication
+and secure communications over insecure channels.  It is intended
+as a replacement for rlogin, rsh, rcp, and rdist.
+
+The programs in this package implement version 2 of the Secure Shell
+protocol.
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile
new file mode 100644
index 00000000000..7bece464bf9
--- /dev/null
+++ b/security/ssh2/Makefile
@@ -0,0 +1,87 @@
+# $NetBSD: Makefile,v 1.1.1.1 2002/08/06 00:48:09 seb Exp $
+#
+
+DISTNAME=	ssh-3.2.0
+PKGNAME=	${DISTNAME:C/ssh-/ssh2-/}
+CATEGORIES=	security
+MASTER_SITES=	ftp://ftp.ssh.com/pub/ssh/
+
+MAINTAINER=	packages@netbsd.org
+HOMEPAGE=	http://www.ssh.com
+COMMENT=	Secure Shell client and server for V.2 SSH protocol
+
+CONFLICTS=	openssh-[0-9]* ssh6-[0-9]* ssh-[0-9]* sftp-[0-9]*
+
+GNU_CONFIGURE=		YES
+USE_BUILDLINK_ONLY=	YES
+PKG_SYSCONFSUBDIR=	ssh2
+
+BUILD_DEFS+=		USE_INET6
+
+CRYPTO=			YES
+
+.include "../../mk/bsd.prefs.mk"
+
+.if (${OPSYS:M*BSD} == "") && (${OPSYS} != "Linux")
+LICENSE=		no-commercial-use
+.endif
+
+SSH_PID_DIR=		/var/run	# default directory for PID files
+SSH_PID_DIR.SunOS=      /etc		# Solaris doesn't have a /var/run
+
+.if defined(SSH_PID_DIR.${OPSYS})
+SSH_PID_DIR=		${SSH_PID_DIR.${OPSYS}}
+.endif
+
+CONFIGURE_ARGS+=	--without-daemonpam --without-clientpam
+CONFIGURE_ARGS+=	--without-ssh-agent1-compat
+CONFIGURE_ARGS+=	--without-ssh1-compat
+CONFIGURE_ARGS+=	--with-libwrap=${BUILDLINK_DIR}
+CONFIGURE_ARGS+=	--with-pid-dir=${SSH_PID_DIR}
+# Setting FOREIGN_ETCDIR to PKG_SYSCONFBASE may seem stupid
+# if PKG_SYSCONFDIR.${PKG_SYSCONFVAR} is set but it does no harm...
+CONFIGURE_ARGS+=	--with-foreign-etcdir=${PKG_SYSCONFBASE}
+CONFIGURE_ARGS+=	--with-etcdir=${PKG_SYSCONFDIR}
+
+MAKE_ENV+=		PKGBASE=${PKGBASE}
+
+RCD_SCRIPTS=		ssh2_secure_shell
+
+EGDIR=			${PREFIX}/share/examples/${PKGBASE}
+EGFILES=		ext_authorization_example.sh \
+			kbdint_plugin_example.sh
+
+CONFS=			sshd2_config ssh2_config ssh_dummy_shell.out
+CONF_FILES=		# empty
+.for FILE in ${CONFS}
+CONF_FILES+=		${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE}
+.endfor
+FILES_SUBST=		SSH_PID_DIR=${SSH_PID_DIR}
+
+OWN_DIRS=		${PKG_SYSCONFDIR}/knownhosts
+OWN_DIRS+=		${PKG_SYSCONFDIR}/hostkeys
+
+DOCSDIR=		${PREFIX}/share/doc/${PKGBASE}
+DOCS=			CHANGES FAQ HOWTO.anonymous.sftp INSTALL LICENSE \
+			NEWS README REGEX-SYNTAX SSH2.QUICKSTART \
+			RFC.authorization_program_protocol \
+			RFC.kbdint_plugin_protocol
+
+post-build:
+	@${SED} ${FILES_SUBST_SED} ${FILESDIR}/ssh2_secure_shell.sh \
+	   > ${WRKDIR}/ssh2_secure_shell
+
+post-install:
+	${INSTALL_DATA_DIR} ${DOCSDIR}
+.for FILE in ${DOCS}
+	${INSTALL_DATA} ${WRKSRC}/${FILE} ${DOCSDIR}
+.endfor
+.for FILE in ${EGFILES}
+	${INSTALL_DATA} ${WRKSRC}/${FILE} ${EGDIR}
+.endfor
+	${INSTALL_SCRIPT} ${WRKDIR}/ssh2_secure_shell ${PREFIX}/etc/rc.d/ssh2_secure_shell
+
+.include "../../security/tcp_wrappers/buildlink.mk"
+.include "../../mk/x11.buildlink.mk"
+.include "../../mk/bsd.pkg.install.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/ssh2/PLIST b/security/ssh2/PLIST
new file mode 100644
index 00000000000..0dc24415b4c
--- /dev/null
+++ b/security/ssh2/PLIST
@@ -0,0 +1,75 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2002/08/06 00:48:10 seb Exp $
+bin/scp
+bin/scp2
+bin/sftp
+bin/sftp-server
+bin/sftp-server2
+bin/sftp2
+bin/ssh
+bin/ssh-add
+bin/ssh-add2
+bin/ssh-agent
+bin/ssh-agent2
+bin/ssh-askpass
+bin/ssh-askpass2
+bin/ssh-chrootmgr
+bin/ssh-dummy-shell
+bin/ssh-keygen
+bin/ssh-keygen2
+bin/ssh-probe
+bin/ssh-probe2
+bin/ssh-pubkeymgr
+bin/ssh-signer
+bin/ssh-signer2
+bin/ssh2
+etc/rc.d/ssh2_secure_shell
+man/man1/scp.1
+man/man1/scp2.1
+man/man1/sftp.1
+man/man1/sftp2.1
+man/man1/ssh-add.1
+man/man1/ssh-add2.1
+man/man1/ssh-agent.1
+man/man1/ssh-agent2.1
+man/man1/ssh-chrootmgr.1
+man/man1/ssh-dummy-shell.1
+man/man1/ssh-keygen.1
+man/man1/ssh-keygen2.1
+man/man1/ssh-probe.1
+man/man1/ssh-probe2.1
+man/man1/ssh-pubkeymgr.1
+man/man1/ssh.1
+man/man1/ssh2.1
+man/man1/sshregex.1
+man/man5/ssh2_config.5
+man/man5/sshd-check-conf.5
+man/man5/sshd2_config.5
+man/man5/sshd2_subconfig.5
+man/man8/sshd.8
+man/man8/sshd2.8
+sbin/sshd
+sbin/sshd-check-conf
+sbin/sshd2
+share/doc/${PKGBASE}/CHANGES
+share/doc/${PKGBASE}/FAQ
+share/doc/${PKGBASE}/HOWTO.anonymous.sftp
+share/doc/${PKGBASE}/INSTALL
+share/doc/${PKGBASE}/LICENSE
+share/doc/${PKGBASE}/NEWS
+share/doc/${PKGBASE}/README
+share/doc/${PKGBASE}/REGEX-SYNTAX
+share/doc/${PKGBASE}/RFC.authorization_program_protocol
+share/doc/${PKGBASE}/RFC.kbdint_plugin_protocol
+share/doc/${PKGBASE}/SSH2.QUICKSTART
+share/examples/${PKGBASE}/ext_authorization_example.sh
+share/examples/${PKGBASE}/kbdint_plugin_example.sh
+share/examples/${PKGBASE}/ssh2_config
+share/examples/${PKGBASE}/ssh_dummy_shell.out
+share/examples/${PKGBASE}/sshd2_config
+share/examples/${PKGBASE}/subconfig/anonymous.example
+share/examples/${PKGBASE}/subconfig/host_ext.example
+share/examples/${PKGBASE}/subconfig/host_int.example
+share/examples/${PKGBASE}/subconfig/user.example
+@dirrm share/examples/${PKGBASE}/subconfig
+@dirrm share/examples/${PKGBASE}
+@dirrm share/doc/${PKGBASE}
diff --git a/security/ssh2/distinfo b/security/ssh2/distinfo
new file mode 100644
index 00000000000..88a4cf9a9b2
--- /dev/null
+++ b/security/ssh2/distinfo
@@ -0,0 +1,12 @@
+$NetBSD: distinfo,v 1.1.1.1 2002/08/06 00:48:10 seb Exp $
+
+SHA1 (ssh-3.2.0.tar.gz) = 13cefe3d4a890004a37b680b00bc119542247c16
+Size (ssh-3.2.0.tar.gz) = 2256240 bytes
+SHA1 (patch-aa) = eeec9d05b2360fe971a397cf53795caf3fd47bfb
+SHA1 (patch-ab) = 5e4d66e3f8f3f13c9f3926d181e2a1a568c20b4b
+SHA1 (patch-ac) = b87e967252b1eaafc6e6b7ee95d8e09550957bff
+SHA1 (patch-ad) = b6944222c0b84d5f906ad019b5260fb19ee299d9
+SHA1 (patch-ae) = 0132993883abca365175116c2e9769bcfa35cc1f
+SHA1 (patch-af) = 0b42b41e4300bcae167dadadf13e310d3f893433
+SHA1 (patch-ag) = 5990115dc53a9278f171158df1dcdd4754080e90
+SHA1 (patch-ah) = 5a4314cf70463638d18599dcb3fddbbc19d52b2a
diff --git a/security/ssh2/files/ssh2_secure_shell.sh b/security/ssh2/files/ssh2_secure_shell.sh
new file mode 100644
index 00000000000..21f1db631da
--- /dev/null
+++ b/security/ssh2/files/ssh2_secure_shell.sh
@@ -0,0 +1,84 @@
+#!/bin/sh
+#
+# $NetBSD: ssh2_secure_shell.sh,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+#
+# PROVIDE: ssh2_secure_shell
+# REQUIRE: DAEMON LOGIN
+
+if [ -f /etc/rc.subr ]
+then
+	. /etc/rc.subr
+fi
+
+name="ssh2_secure_shell"
+rcvar=$name
+command="@PREFIX@/sbin/sshd2"
+keygen_command="@PREFIX@/bin/ssh-keygen2"
+pidfile="@SSH_PID_DIR@/sshd2_22.pid"
+required_files="@PKG_SYSCONFDIR@/sshd2_config"
+extra_commands="keygen reload"
+
+ssh2_secure_shell_keygen()
+{
+	(
+	umask 022
+	if [ -f @PKG_SYSCONFDIR@/hostkey ]; then
+		@ECHO@ "You already have an DSA host key in @PKG_SYSCONFDIR@/hostkey"
+		@ECHO@ "Skipping Key Generation"
+	else
+		${keygen_command} -P -b 1024 -t dsa -c "1024-bit dsa hostkey" @PKG_SYSCONFDIR@/hostkey
+	fi
+	)
+}
+
+ssh2_secure_shell_precmd()
+{
+	if [ ! -f @PKG_SYSCONFDIR@/hostkey ]; then
+		$0 keygen
+	fi
+}
+
+keygen_cmd=ssh2_secure_shell_keygen
+start_precmd=ssh2_secure_shell_precmd
+
+if [ -f /etc/rc.subr ]
+then
+	load_rc_config $name
+	run_rc_command "$1"
+else
+	case ${1:-start} in
+	start)
+		if [ -x ${command} -a -f ${required_files} ]
+		then
+			@ECHO@ "Starting ${name}."
+			eval ${start_precmd}
+			eval ${command} ${sshd_flags} ${command_args}
+		fi
+		;;
+	stop)
+		if [ -f ${pidfile} ]; then
+			pid=`@HEAD@ -1 ${pidfile}`
+			@ECHO@ "Stopping ${name}."
+			kill -TERM ${pid}
+		else
+			@ECHO@ "${name} not running?"
+		fi
+		;;
+	restart)
+		( $0 stop )
+		sleep 1
+		$0 start
+		;;
+	status)
+		if [ -f ${pidfile} ]; then
+			pid=`@HEAD@ -1 ${pidfile}`
+			@ECHO@ "${name} is running as pid ${pid}."
+		else
+			@ECHO@ "${name} is not running."
+		fi
+		;;
+	keygen)
+		eval ${keygen_cmd}
+		;;
+	esac
+fi
diff --git a/security/ssh2/patches/patch-aa b/security/ssh2/patches/patch-aa
new file mode 100644
index 00000000000..59a10bdfad5
--- /dev/null
+++ b/security/ssh2/patches/patch-aa
@@ -0,0 +1,114 @@
+$NetBSD: patch-aa,v 1.1.1.1 2002/08/06 00:48:12 seb Exp $
+
+--- apps/ssh/Makefile.am.orig	Thu May 16 10:32:14 2002
++++ apps/ssh/Makefile.am
+@@ -18,7 +18,8 @@ WINCONF_OPTIONS = maintainer=sjl@ssh.com
+ etcdir = @ETCDIR@
+ known_hosts_dir = $(etcdir)/knownhosts
+ host_keys_dir = $(etcdir)/hostkeys
+-subconfig_dir = $(etcdir)/subconfig
++egdir = $(prefix)/share/examples/${PKGBASE}
++subconfig_dir = $(egdir)/subconfig
+ STATIC_FLAG = @STATIC_FLAG@
+ 
+ #
+@@ -576,13 +577,13 @@ COMPILE = $(CC) $(KERBEROS_INCS) $(INCLU
+ #
+ LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS)
+ #
++INSTALL_DATA_DIR=	$(BSD_INSTALL_DATA_DIR)
++#
+ includes:
+ 
+ make-install-dirs:
+-	-if test '!' -d $(DESTDIR)$(etcdir); then mkdir -p $(DESTDIR)$(etcdir); fi
+-	-if test '!' -d $(DESTDIR)$(known_hosts_dir); then mkdir -p $(DESTDIR)$(known_hosts_dir); fi
+-	-if test '!' -d $(DESTDIR)$(host_keys_dir); then mkdir -p $(DESTDIR)$(host_keys_dir); fi
+-	-if test '!' -d $(DESTDIR)$(subconfig_dir); then mkdir -p $(DESTDIR)$(subconfig_dir); fi
++	$(INSTALL_DATA_DIR) $(DESTDIR)$(egdir)
++	$(INSTALL_DATA_DIR) $(DESTDIR)$(subconfig_dir)
+ 
+ generate-host-key:
+ 	-@if test -f $(DESTDIR)$(etcdir)/hostkey; \
+@@ -593,17 +594,6 @@ generate-host-key:
+ 	  fi
+ 
+ install-symlinks:
+-	-mv -f $(DESTDIR)$(bindir)/ssh $(DESTDIR)$(bindir)/ssh.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-agent $(DESTDIR)$(bindir)/ssh-agent.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-add $(DESTDIR)$(bindir)/ssh-add.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-askpass $(DESTDIR)$(bindir)/ssh-askpass.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen.old
+-	-mv -f $(DESTDIR)$(bindir)/scp $(DESTDIR)$(bindir)/scp.old
+-	-mv -f $(DESTDIR)$(bindir)/sftp $(DESTDIR)$(bindir)/sftp.old
+-	-mv -f $(DESTDIR)$(bindir)/sftp-server $(DESTDIR)$(bindir)/sftp-server.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-signer $(DESTDIR)$(bindir)/ssh-signer.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-probe $(DESTDIR)$(bindir)/ssh-probe.old
+-
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh2 ssh)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-agent2 ssh-agent)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-add2 ssh-add)
+@@ -614,15 +604,7 @@ install-symlinks:
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) sftp-server2 sftp-server)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-signer2 ssh-signer)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-probe2 ssh-probe)
+-	-mv -f $(DESTDIR)$(sbindir)/sshd $(DESTDIR)$(sbindir)/sshd.old
+ 	(cd $(DESTDIR)$(sbindir) && $(LN_S) sshd2 sshd)
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh.1 $(DESTDIR)$(mandir)/man1/ssh.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-add.1 $(DESTDIR)$(mandir)/man1/ssh-add.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-agent.1 $(DESTDIR)$(mandir)/man1/ssh-agent.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-keygen.1 $(DESTDIR)$(mandir)/man1/ssh-keygen.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/scp.1 $(DESTDIR)$(mandir)/man1/scp.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/sftp.1 $(DESTDIR)$(mandir)/man1/sftp.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-probe.1 $(DESTDIR)$(mandir)/man1/ssh-probe.old.1
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh2.1 ssh.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-add2.1 ssh-add.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-agent2.1 ssh-agent.1)
+@@ -630,7 +612,6 @@ install-symlinks:
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) scp2.1 scp.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) sftp2.1 sftp.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-probe2.1 ssh-probe.1)
+-	-mv -f $(DESTDIR)$(mandir)/man8/sshd.8 $(DESTDIR)$(mandir)/man8/sshd.old.8
+ 	(cd $(DESTDIR)$(mandir)/man8 && $(LN_S) sshd2.8 sshd.8)
+ 
+ clean-up-old:
+@@ -649,23 +630,13 @@ install-exec-hook:
+ 	-chown root $(DESTDIR)$(bindir)/ssh-signer2
+ 	-chmod $(SSH_SIGNER_INSTALL_MODE) $(DESTDIR)$(bindir)/ssh-signer2
+ 
+-install-data-hook: make-install-dirs generate-host-key install-symlinks
+-	-@if test '!' -f $(DESTDIR)$(etcdir)/sshd2_config ; then \
+-	 echo Installing $(DESTDIR)$(etcdir)/sshd2_config ; \
++install-data-hook: make-install-dirs install-symlinks
++	 echo Installing $(DESTDIR)$(egdir)/sshd2_config ; \
+ 	 $(INSTALL_DATA) $(srcdir)/sshd2_config \
+-                         $(DESTDIR)$(etcdir)/sshd2_config ; \
+-	fi
+-	 echo Updating $(DESTDIR)$(etcdir)/sshd2_config.example ;
+-	 $(INSTALL_DATA) $(srcdir)/sshd2_config \
+-                         $(DESTDIR)$(etcdir)/sshd2_config.example ;
+-	-@if test '!' -f $(DESTDIR)$(etcdir)/ssh2_config ; then \
+-	 echo Installing $(DESTDIR)$(etcdir)/ssh2_config ; \
+-	 $(INSTALL_DATA) $(srcdir)/ssh2_config \
+-                         $(DESTDIR)$(etcdir)/ssh2_config ; \
+-	fi
+-	 echo Updating $(DESTDIR)$(etcdir)/ssh2_config.example ;
++                         $(DESTDIR)$(egdir)/sshd2_config ;
++	 echo Installing $(DESTDIR)$(egdir)/ssh2_config ; \
+ 	 $(INSTALL_DATA) $(srcdir)/ssh2_config \
+-                         $(DESTDIR)$(etcdir)/ssh2_config.example ;
++                         $(DESTDIR)$(egdir)/ssh2_config ;
+ 	 echo Updating $(DESTDIR)$(subconfig_dir)/host_ext.example ;
+ 	 $(INSTALL_DATA) $(srcdir)/subconfig/host_ext.example \
+                          $(DESTDIR)$(subconfig_dir)/host_ext.example ;
+@@ -678,8 +649,6 @@ install-data-hook: make-install-dirs gen
+ 	 echo Updating $(DESTDIR)$(subconfig_dir)/user.example ;
+ 	 $(INSTALL_DATA) $(srcdir)/subconfig/user.example \
+                          $(DESTDIR)$(subconfig_dir)/user.example ;
+-	-@if test '!' -f $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; then \
+-	 echo Installing $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; \
++	 echo Installing $(DESTDIR)$(egdir)/ssh_dummy_shell.out ; \
+ 	 $(INSTALL_DATA) $(srcdir)/ssh_dummy_shell.out \
+-                         $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; \
+-	fi
++                         $(DESTDIR)$(egdir)/ssh_dummy_shell.out ;
diff --git a/security/ssh2/patches/patch-ab b/security/ssh2/patches/patch-ab
new file mode 100644
index 00000000000..af40be11ca3
--- /dev/null
+++ b/security/ssh2/patches/patch-ab
@@ -0,0 +1,121 @@
+$NetBSD: patch-ab,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- apps/ssh/Makefile.in.orig	Thu May 16 10:32:43 2002
++++ apps/ssh/Makefile.in
+@@ -124,7 +124,8 @@ WINCONF_OPTIONS = maintainer=sjl@ssh.com
+ etcdir = @ETCDIR@
+ known_hosts_dir = $(etcdir)/knownhosts
+ host_keys_dir = $(etcdir)/hostkeys
+-subconfig_dir = $(etcdir)/subconfig
++egdir = $(prefix)/share/examples/${PKGBASE}
++subconfig_dir = $(egdir)/subconfig
+ STATIC_FLAG = @STATIC_FLAG@
+ 
+ #
+@@ -455,6 +456,8 @@ SSH_DEFS = -DETCDIR=\"$(etcdir)\" -DSSH_
+ COMPILE = $(CC) $(KERBEROS_INCS) $(INCLUDES) $(SSH_DEFS) $(DEFS) $(CPPFLAGS) $(CFLAGS) $(X_CFLAGS)
+ #
+ LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS)
++#
++INSTALL_DATA_DIR = $(BSD_INSTALL_DATA_DIR)
+ mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+ CONFIG_HEADER = ../../sshconf.h
+ CONFIG_CLEAN_FILES = 
+@@ -1026,10 +1029,8 @@ maintainer-clean-generic clean mostlycle
+ includes:
+ 
+ make-install-dirs:
+-	-if test '!' -d $(DESTDIR)$(etcdir); then mkdir -p $(DESTDIR)$(etcdir); fi
+-	-if test '!' -d $(DESTDIR)$(known_hosts_dir); then mkdir -p $(DESTDIR)$(known_hosts_dir); fi
+-	-if test '!' -d $(DESTDIR)$(host_keys_dir); then mkdir -p $(DESTDIR)$(host_keys_dir); fi
+-	-if test '!' -d $(DESTDIR)$(subconfig_dir); then mkdir -p $(DESTDIR)$(subconfig_dir); fi
++	$(INSTALL_DATA_DIR) $(DESTDIR)$(egdir)
++	$(INSTALL_DATA_DIR) $(DESTDIR)$(subconfig_dir)
+ 
+ generate-host-key:
+ 	-@if test -f $(DESTDIR)$(etcdir)/hostkey; \
+@@ -1040,17 +1041,6 @@ generate-host-key:
+ 	  fi
+ 
+ install-symlinks:
+-	-mv -f $(DESTDIR)$(bindir)/ssh $(DESTDIR)$(bindir)/ssh.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-agent $(DESTDIR)$(bindir)/ssh-agent.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-add $(DESTDIR)$(bindir)/ssh-add.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-askpass $(DESTDIR)$(bindir)/ssh-askpass.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen.old
+-	-mv -f $(DESTDIR)$(bindir)/scp $(DESTDIR)$(bindir)/scp.old
+-	-mv -f $(DESTDIR)$(bindir)/sftp $(DESTDIR)$(bindir)/sftp.old
+-	-mv -f $(DESTDIR)$(bindir)/sftp-server $(DESTDIR)$(bindir)/sftp-server.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-signer $(DESTDIR)$(bindir)/ssh-signer.old
+-	-mv -f $(DESTDIR)$(bindir)/ssh-probe $(DESTDIR)$(bindir)/ssh-probe.old
+-
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh2 ssh)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-agent2 ssh-agent)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-add2 ssh-add)
+@@ -1061,15 +1051,7 @@ install-symlinks:
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) sftp-server2 sftp-server)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-signer2 ssh-signer)
+ 	(cd $(DESTDIR)$(bindir) && $(LN_S) ssh-probe2 ssh-probe)
+-	-mv -f $(DESTDIR)$(sbindir)/sshd $(DESTDIR)$(sbindir)/sshd.old
+ 	(cd $(DESTDIR)$(sbindir) && $(LN_S) sshd2 sshd)
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh.1 $(DESTDIR)$(mandir)/man1/ssh.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-add.1 $(DESTDIR)$(mandir)/man1/ssh-add.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-agent.1 $(DESTDIR)$(mandir)/man1/ssh-agent.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-keygen.1 $(DESTDIR)$(mandir)/man1/ssh-keygen.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/scp.1 $(DESTDIR)$(mandir)/man1/scp.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/sftp.1 $(DESTDIR)$(mandir)/man1/sftp.old.1
+-	-mv -f $(DESTDIR)$(mandir)/man1/ssh-probe.1 $(DESTDIR)$(mandir)/man1/ssh-probe.old.1
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh2.1 ssh.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-add2.1 ssh-add.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-agent2.1 ssh-agent.1)
+@@ -1077,7 +1059,6 @@ install-symlinks:
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) scp2.1 scp.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) sftp2.1 sftp.1)
+ 	(cd $(DESTDIR)$(mandir)/man1 && $(LN_S) ssh-probe2.1 ssh-probe.1)
+-	-mv -f $(DESTDIR)$(mandir)/man8/sshd.8 $(DESTDIR)$(mandir)/man8/sshd.old.8
+ 	(cd $(DESTDIR)$(mandir)/man8 && $(LN_S) sshd2.8 sshd.8)
+ 
+ clean-up-old:
+@@ -1096,23 +1077,13 @@ install-exec-hook:
+ 	-chown root $(DESTDIR)$(bindir)/ssh-signer2
+ 	-chmod $(SSH_SIGNER_INSTALL_MODE) $(DESTDIR)$(bindir)/ssh-signer2
+ 
+-install-data-hook: make-install-dirs generate-host-key install-symlinks
+-	-@if test '!' -f $(DESTDIR)$(etcdir)/sshd2_config ; then \
+-	 echo Installing $(DESTDIR)$(etcdir)/sshd2_config ; \
++install-data-hook: make-install-dirs install-symlinks
++	 echo Installing $(DESTDIR)$(egdir)/sshd2_config ; \
+ 	 $(INSTALL_DATA) $(srcdir)/sshd2_config \
+-                         $(DESTDIR)$(etcdir)/sshd2_config ; \
+-	fi
+-	 echo Updating $(DESTDIR)$(etcdir)/sshd2_config.example ;
+-	 $(INSTALL_DATA) $(srcdir)/sshd2_config \
+-                         $(DESTDIR)$(etcdir)/sshd2_config.example ;
+-	-@if test '!' -f $(DESTDIR)$(etcdir)/ssh2_config ; then \
+-	 echo Installing $(DESTDIR)$(etcdir)/ssh2_config ; \
+-	 $(INSTALL_DATA) $(srcdir)/ssh2_config \
+-                         $(DESTDIR)$(etcdir)/ssh2_config ; \
+-	fi
+-	 echo Updating $(DESTDIR)$(etcdir)/ssh2_config.example ;
++                         $(DESTDIR)$(egdir)/sshd2_config ;
++	 echo Installing $(DESTDIR)$(egdir)/ssh2_config ; \
+ 	 $(INSTALL_DATA) $(srcdir)/ssh2_config \
+-                         $(DESTDIR)$(etcdir)/ssh2_config.example ;
++                         $(DESTDIR)$(egdir)/ssh2_config ;
+ 	 echo Updating $(DESTDIR)$(subconfig_dir)/host_ext.example ;
+ 	 $(INSTALL_DATA) $(srcdir)/subconfig/host_ext.example \
+                          $(DESTDIR)$(subconfig_dir)/host_ext.example ;
+@@ -1125,11 +1096,9 @@ install-data-hook: make-install-dirs gen
+ 	 echo Updating $(DESTDIR)$(subconfig_dir)/user.example ;
+ 	 $(INSTALL_DATA) $(srcdir)/subconfig/user.example \
+                          $(DESTDIR)$(subconfig_dir)/user.example ;
+-	-@if test '!' -f $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; then \
+-	 echo Installing $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; \
++	 echo Installing $(DESTDIR)$(egdir)/ssh_dummy_shell.out ; \
+ 	 $(INSTALL_DATA) $(srcdir)/ssh_dummy_shell.out \
+-                         $(DESTDIR)$(etcdir)/ssh_dummy_shell.out ; \
+-	fi
++                         $(DESTDIR)$(egdir)/ssh_dummy_shell.out ;
+ 
+ # Tell versions [3.59,3.63) of GNU make to not export all variables.
+ # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/security/ssh2/patches/patch-ac b/security/ssh2/patches/patch-ac
new file mode 100644
index 00000000000..9263fa0d2ec
--- /dev/null
+++ b/security/ssh2/patches/patch-ac
@@ -0,0 +1,13 @@
+$NetBSD: patch-ac,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- apps/ssh/sshchx11.c.orig	Thu May 16 10:32:22 2002
++++ apps/ssh/sshchx11.c
+@@ -680,7 +680,7 @@ Boolean ssh_channel_x11_process_request(
+                                         size_t len)
+ {
+   int display_number;
+-  char buf[512], hostname[257];
++  char buf[512], hostname[MAXHOSTNAMELEN+1];
+   struct stat st;
+   SshChannelX11Session session;
+   SshChannelTypeX11 ct;
diff --git a/security/ssh2/patches/patch-ad b/security/ssh2/patches/patch-ad
new file mode 100644
index 00000000000..95c3a37f440
--- /dev/null
+++ b/security/ssh2/patches/patch-ad
@@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- apps/ssh/sshstdiofilter.c.orig	Thu May 16 10:32:22 2002
++++ apps/ssh/sshstdiofilter.c
+@@ -301,7 +301,7 @@ void ssh_escape_char_dump_statistics(int
+ 
+ #endif /* SSHDIST_SSH2_INTERNAL_SSH1_EMULATION */
+ 
+-  ssh_tcp_get_host_name(local_host_name, MAXHOSTNAMELEN);
++  ssh_tcp_get_host_name(local_host_name, sizeof(local_host_name));
+ 
+   if (client->config->host_to_connect)
+     fprintf(stderr, "remote host: %s\n", client->config->host_to_connect);
diff --git a/security/ssh2/patches/patch-ae b/security/ssh2/patches/patch-ae
new file mode 100644
index 00000000000..fc9725994b8
--- /dev/null
+++ b/security/ssh2/patches/patch-ae
@@ -0,0 +1,23 @@
+$NetBSD: patch-ae,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- configure.in.orig	Thu May 16 10:32:33 2002
++++ configure.in
+@@ -781,9 +781,6 @@ dnl
+ #                    All rights reserved
+ #
+ 
+-# So many systems seem to need this that it is better do it here automatically.
+-LIBS="-L/usr/local/lib $LIBS"
+-
+ # Platform-specific stuff.
+ case "$target" in
+   alpha*-dec-osf*)
+@@ -1779,6 +1776,8 @@ fi
+ if test -z "$no_libbsd"; then
+   AC_CHECK_LIB(bsd, openpty)
+ fi
++AC_CHECK_LIB(util, openpty, LIBS="$LIBS -lutil"
++			    pty="openpty")
+ AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN)
+ 			  LIBS="$LIBS -lutil")
+ 
diff --git a/security/ssh2/patches/patch-af b/security/ssh2/patches/patch-af
new file mode 100644
index 00000000000..3424ec2768a
--- /dev/null
+++ b/security/ssh2/patches/patch-af
@@ -0,0 +1,65 @@
+$NetBSD: patch-af,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- configure.orig	Thu May 16 10:32:38 2002
++++ configure
+@@ -3771,9 +3771,6 @@ export CC CFLAGS
+ #                    All rights reserved
+ #
+ 
+-# So many systems seem to need this that it is better do it here automatically.
+-LIBS="-L/usr/local/lib $LIBS"
+-
+ # Platform-specific stuff.
+ case "$target" in
+   alpha*-dec-osf*)
+@@ -8224,8 +8221,49 @@ else
+ fi
+ 
+ fi
++echo $ac_n "checking for openpty in -lutil""... $ac_c" 1>&6
++echo "configure:8226: checking for openpty in -lutil" >&5
++ac_lib_var=`echo util'_'openpty | sed 'y%./+-%__p_%'`
++if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
++  echo $ac_n "(cached) $ac_c" 1>&6
++else
++  ac_save_LIBS="$LIBS"
++LIBS="-lutil  $LIBS"
++cat > conftest.$ac_ext <<EOF
++#line 8234 "configure"
++#include "confdefs.h"
++/* Override any gcc2 internal prototype to avoid an error.  */
++/* We use char because int might match the return type of a gcc2
++    builtin and then its argument prototype would still apply.  */
++char openpty();
++
++int main() {
++openpty()
++; return 0; }
++EOF
++if { (eval echo configure:8245: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++  rm -rf conftest*
++  eval "ac_cv_lib_$ac_lib_var=yes"
++else
++  echo "configure: failed program was:" >&5
++  cat conftest.$ac_ext >&5
++  rm -rf conftest*
++  eval "ac_cv_lib_$ac_lib_var=no"
++fi
++rm -f conftest*
++LIBS="$ac_save_LIBS"
++
++fi
++if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
++  echo "$ac_t""yes" 1>&6
++  LIBS="$LIBS -lutil"
++			    pty="openpty"
++else
++  echo "$ac_t""no" 1>&6
++fi
++
+ echo $ac_n "checking for login in -lutil""... $ac_c" 1>&6
+-echo "configure:8229: checking for login in -lutil" >&5
++echo "configure:8267: checking for login in -lutil" >&5
+ ac_lib_var=`echo util'_'login | sed 'y%./+-%__p_%'`
+ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+   echo $ac_n "(cached) $ac_c" 1>&6
diff --git a/security/ssh2/patches/patch-ag b/security/ssh2/patches/patch-ag
new file mode 100644
index 00000000000..1c5845ebc8f
--- /dev/null
+++ b/security/ssh2/patches/patch-ag
@@ -0,0 +1,14 @@
+$NetBSD: patch-ag,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- lib/sshsession/pty-openpty.c.orig	Thu May 16 10:32:17 2002
++++ lib/sshsession/pty-openpty.c
+@@ -18,6 +18,9 @@ and BSD 4.4.
+ #ifdef HAVE_PTY_H
+ #include <pty.h>
+ #endif /* HAVE_PTY_H */
++#ifdef HAVE_UTIL_H
++#include <util.h>
++#endif /* HAVE_UTIL_H */
+ 
+ /* Allocates a pty using a machine-specific method, and returns the
+    master side pty in *ptyfd, the child side in *ttyfd, and the name of the
diff --git a/security/ssh2/patches/patch-ah b/security/ssh2/patches/patch-ah
new file mode 100644
index 00000000000..2fb06b9002d
--- /dev/null
+++ b/security/ssh2/patches/patch-ah
@@ -0,0 +1,18 @@
+$NetBSD: patch-ah,v 1.1.1.1 2002/08/06 00:48:14 seb Exp $
+
+--- lib/sshsession/sshunixuser.c.orig	Thu May 16 10:32:17 2002
++++ lib/sshsession/sshunixuser.c
+@@ -1854,6 +1854,13 @@ SshGroup *ssh_user_get_groups(SshUser uc
+         }
+ 
+       endgrent();
++      /* groups array is assumed to end in a NULL pointer, so make sure we have
++         room for it */
++      if (count >= allocated)
++        {
++          allocated++;
++          groups = ssh_xrealloc(groups, allocated*sizeof(SshGroup));
++        }
+       groups[count] = NULL;
+       uc->groups = groups;
+ #else /* HAVE_GETGRENT */
-- 
cgit v1.2.3