cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PR: ports/12037

Browse Source 
Submitted by:	Issei Suzuki <issei@jp.FreeBSD.ORG>
Upgrade to 1.2.27.
# I'm not maintainer but it seems that torstenb is too busy to
# look the PR and many people want new version ssh port.
This commit is contained in:
SADA Kenji 1999-06-15 20:14:04 +00:00
parent c5bb7f1b1a
commit 48500b76a6
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=19489
11 changed files with 162 additions and 390 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
security/ssh/Makefile
View File

@ -1,15 +1,15 @@
# New ports collection makefile for: ssh
# Version required: 1.2.25
# Version required: 1.2.*
# Date created: 30 Jul 1995
# Whom: torstenb@FreeBSD.ORG
#
# $Id: Makefile,v 1.73 1999/03/13 18:51:11 billf Exp $
# $Id: Makefile,v 1.74 1999/04/03 03:35:50 ache Exp $
#
# Maximal ssh package requires YES values for
# USE_PERL, USE_TCPWRAP
#
DISTNAME= ssh-1.2.26
DISTNAME= ssh-1.2.27
CATEGORIES= security net
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/

4
security/ssh/distinfo
View File

@ -1,3 +1 @@
MD5 (ssh-1.2.26.tar.gz) = 2ee46d454015dd01c5e8f074eabf0245
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
MD5 (ssh-1.2.22-patchkit) = 5228897d59be91ad3ae88e992d61cd50
MD5 (ssh-1.2.27.tar.gz) = c22bc000bee0f7d6f4845eab72a81395

8
security/ssh/files/patch-aa
View File

@ -1,7 +1,7 @@
*** make-ssh-known-hosts.pl.in.orig Wed Apr 23 08:40:05 1997
--- make-ssh-known-hosts.pl.in Fri Apr 25 12:38:21 1997
*** make-ssh-known-hosts.pl.in.orig Wed May 12 20:18:51 1999
--- make-ssh-known-hosts.pl.in Sun Jun 6 02:30:08 1999
***************
*** 87,93 ****
*** 98,104 ****
$debug = 5;
$defserver = '';
$bell='\a';
@ -9,7 +9,7 @@
$private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
$timeout = 60;
$ping_timeout = 3;
--- 87,93 ----
--- 98,104 ----
$debug = 5;
$defserver = '';
$bell='\a';

18
security/ssh/files/patch-ac
View File

@ -1,6 +1,6 @@
--- Makefile.in.orig Wed Jul 8 09:40:39 1998
+++ Makefile.in Wed Oct 7 19:11:37 1998
@@ -294,14 +294,19 @@
--- Makefile.in.orig Wed May 12 20:19:31 1999
+++ Makefile.in Sun Jun 6 01:22:50 1999
@@ -301,14 +301,19 @@
SHELL = /bin/sh
GMPDIR = gmp-2.0.2-ssh-2
@ -25,7 +25,7 @@
RSAREFSRCDIR = $(RSAREFDIR)/source
X_CFLAGS = @X_CFLAGS@
@@ -404,7 +409,7 @@
@@ -411,7 +416,7 @@
$(CC) -o rfc-pg rfc-pg.o
.c.o:
@ -34,7 +34,7 @@
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
-rm -f sshd
@@ -447,19 +452,19 @@
@@ -454,19 +459,19 @@
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
chmod +x make-ssh-known-hosts
@ -67,7 +67,7 @@
$(RSAREFSRCDIR)/librsaref.a:
-if test '!' -d $(RSAREFDIR); then \
@@ -516,7 +521,7 @@
@@ -523,7 +528,7 @@
# (otherwise it can only log in as the user it runs as, and must be
# bound to a non-privileged port). Also, password authentication may
# not be available if non-root and using shadow passwords.
@ -76,7 +76,7 @@
-rm -f $(install_prefix)$(bindir)/ssh1.old
-chmod 755 $(install_prefix)$(bindir)/ssh1
-chmod 755 $(install_prefix)$(bindir)/ssh
@@ -672,15 +677,15 @@
@@ -679,15 +684,15 @@
clean:
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
@ -96,7 +96,7 @@
dist: dist-free
@@ -709,12 +714,12 @@
@@ -716,12 +721,12 @@
-mkdir $(DISTNAME)
cp $(DISTFILES) $(DISTNAME)
for i in $(DISTSRCS); do cp $(srcdir)/$$i $(DISTNAME); done
@ -113,7 +113,7 @@
#ifdef F_SECURE_COMMERCIAL
#
@@ -742,7 +747,7 @@
@@ -749,7 +754,7 @@
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
depend:

16
security/ssh/files/patch-ad
View File

@ -1,13 +1,13 @@
*** auth-passwd.c.bak Tue Jan 20 15:23:48 1998
--- auth-passwd.c Sat Feb 14 00:49:56 1998
*** auth-passwd.c.orig Wed May 12 20:19:23 1999
--- auth-passwd.c Sun Jun 6 02:36:00 1999
***************
*** 815,820 ****
--- 815,822 ----
*** 911,916 ****
--- 911,918 ----
encrypted_password = crypt(password,
(correct_passwd[0] && correct_passwd[1]) ?
correct_passwd : "xx");
(correct_passwd[0] && correct_passwd[1]) ?
correct_passwd : "xx");
+ if (!password[0] && correct_passwd[0])
+ encrypted_password = ":";
+ encrypted_password = ":";
#endif /* HAVE_SCO_ETC_SHADOW */
#endif /* HAVE_OSF1_C2_SECURITY */
/* Authentication is accepted if the encrypted passwords are identical. */

35
security/ssh/files/patch-ae
View File

@ -1,7 +1,24 @@
*** server_config.sample.orig Thu Mar 27 09:04:06 1997
--- server_config.sample Fri Mar 28 15:45:53 1997
*** server_config.sample.orig Wed May 12 20:18:51 1999
--- server_config.sample Sun Jun 6 02:36:38 1999
***************
*** 16,22 ****
*** 7,13 ****
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
! PermitRootLogin yes
IgnoreRhosts no
StrictModes yes
QuietMode no
--- 7,13 ----
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
! PermitRootLogin no
IgnoreRhosts no
StrictModes yes
QuietMode no
***************
*** 16,27 ****
FascistLogging no
PrintMotd yes
KeepAlive yes
@ -9,7 +26,12 @@
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
--- 16,22 ----
PasswordAuthentication yes
! PermitEmptyPasswords yes
UseLogin no
# CheckMail no
# PidFile /u/zappa/.ssh/pid
--- 16,27 ----
FascistLogging no
PrintMotd yes
KeepAlive yes
@ -17,3 +39,8 @@
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
! PermitEmptyPasswords no
UseLogin no
# CheckMail no
# PidFile /u/zappa/.ssh/pid

106
security/ssh/files/patch-af
View File

@ -1,7 +1,7 @@
*** sshd.c.WAS Thu Jun 11 23:11:47 1998
--- sshd.c Thu Jun 11 23:30:30 1998
*** sshd.c.orig Wed May 12 20:19:29 1999
--- sshd.c Sun Jun 6 02:37:18 1999
***************
*** 2014,2020 ****
*** 2222,2228 ****
pwcopy.pw_class = xstrdup(pw->pw_class);
pwcopy.pw_change = pw->pw_change;
pwcopy.pw_expire = pw->pw_expire;
@ -9,7 +9,7 @@
pwcopy.pw_dir = xstrdup(pw->pw_dir);
pwcopy.pw_shell = xstrdup(pw->pw_shell);
pw = &pwcopy;
--- 2014,2020 ----
--- 2222,2228 ----
pwcopy.pw_class = xstrdup(pw->pw_class);
pwcopy.pw_change = pw->pw_change;
pwcopy.pw_expire = pw->pw_expire;
@ -18,7 +18,7 @@
pwcopy.pw_shell = xstrdup(pw->pw_shell);
pw = &pwcopy;
***************
*** 3045,3054 ****
*** 3285,3294 ****
struct pty_cleanup_context cleanup_context;
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
login_cap_t *lc;
@ -27,9 +27,9 @@
struct timeval tp;
! #endif /* __bsdi__ && _BSDI_VERSION >= 199510 */
#ifdef HAVE_OSF1_C2_SECURITY
{
--- 3045,3055 ----
/* We no longer need the child running on user's privileges. */
userfile_uninit();
--- 3285,3295 ----
struct pty_cleanup_context cleanup_context;
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
login_cap_t *lc;
@ -39,14 +39,14 @@
struct timeval tp;
! #endif /* __FreeBSD__ || (__bsdi__ && _BSDI_VERSION >= 199510) */
#ifdef HAVE_OSF1_C2_SECURITY
{
/* We no longer need the child running on user's privileges. */
userfile_uninit();
***************
*** 3183,3188 ****
--- 3184,3197 ----
"The Regents of the University of California. ",
"All rights reserved.");
}
*** 3446,3451 ****
--- 3447,3460 ----
"The Regents of the University of California. ",
"All rights reserved.");
}
+ #ifdef HAVE_LOGIN_CAP_H
+ #define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */
+
@ -59,50 +59,50 @@
/* Print /etc/motd unless a command was specified or printing it was
***************
*** 3206,3212 ****
fputs(line, stdout);
fclose(f);
}
*** 3469,3475 ****
fputs(line, stdout);
fclose(f);
}
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
if (pw->pw_change || pw->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pw->pw_change)
--- 3215,3221 ----
fputs(line, stdout);
fclose(f);
}
if (pw->pw_change || pw->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pw->pw_change)
--- 3478,3484 ----
fputs(line, stdout);
fclose(f);
}
! #if defined(__FreeBSD__) || (defined(__bsdi__) && _BSDI_VERSION >= 199510)
if (pw->pw_change || pw->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pw->pw_change)
if (pw->pw_change || pw->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pw->pw_change)
***************
*** 3575,3581 ****
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
*** 3922,3928 ****
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
if (pw->pw_uid != UID_ROOT &&
!login_getcapbool(lc, "ignorenologin", 0))
exit(254);
--- 3584,3590 ----
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
if (pw->pw_uid != UID_ROOT &&
!login_getcapbool(lc, "ignorenologin", 0))
exit(254);
--- 3931,3937 ----
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
! #if (defined(__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)) || (defined (__bsdi__) && _BSDI_VERSION >= 199510)
if (pw->pw_uid != UID_ROOT &&
!login_getcapbool(lc, "ignorenologin", 0))
exit(254);
if (pw->pw_uid != UID_ROOT &&
!login_getcapbool(lc, "ignorenologin", 0))
exit(254);
***************
*** 4121,4127 ****
--- 4130,4140 ----
struct stat mailbuf;
if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0)
*** 4525,4531 ****
--- 4534,4544 ----
struct stat mailbuf;
if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0)
+ #ifdef __FreeBSD__
+ ;
+ ;
+ #else
printf("No mail.\n");
printf("No mail.\n");
+ #endif
else if (mailbuf.st_atime > mailbuf.st_mtime)
printf("You have mail.\n");
else
else if (mailbuf.st_atime > mailbuf.st_mtime)
printf("You have mail.\n");
else

307
security/ssh/files/patch-ag
View File

@ -1,286 +1,33 @@
--- sshconnect.c.orig Wed Jul 8 20:40:38 1998
+++ sshconnect.c Tue Nov 10 15:43:45 1998
@@ -282,7 +282,7 @@
/* Child. Permanently give up superuser privileges. */
if (setuid(getuid()) < 0)
- fatal("setuid: %s", strerror(errno));
+ fatal("setuid: %.100s", strerror(errno));
/* Redirect stdin and stdout. */
close(pin[1]);
@@ -944,7 +944,7 @@
if (!ssh_context)
{
if ((r = krb5_init_context(&ssh_context)))
- fatal("Kerberos V5: %s while initializing krb5.", error_message(r));
+ fatal("Kerberos V5: %.100s while initializing krb5.", error_message(r));
krb5_init_ets(ssh_context);
}
@@ -959,14 +959,14 @@
"host", KRB5_NT_SRV_HST,
&creds.server)))
{
- debug("Kerberos V5: error while constructing service name: %s.",
+ debug("Kerberos V5: error while constructing service name: %.100s.",
error_message(r));
goto cleanup;
}
if ((r = krb5_cc_get_principal(ssh_context, ccache,
&creds.client)))
{
- debug("Kerberos V5: failure on principal (%s).",
+ debug("Kerberos V5: failure on principal (%.100s).",
error_message(r));
goto cleanup;
}
@@ -975,7 +975,7 @@
if ((r = krb5_get_credentials(ssh_context, 0,
ccache, &creds, &new_creds)))
{
- debug("Kerberos V5: failure on credentials(%s).",
+ debug("Kerberos V5: failure on credentials(%.100s).",
error_message(r));
goto cleanup;
}
@@ -987,7 +987,7 @@
{
if ((r = krb5_auth_con_init(ssh_context, &auth_context)))
{
- debug("Kerberos V5: failed to init auth_context (%s)",
+ debug("Kerberos V5: failed to init auth_context (%.100s)",
error_message(r));
goto cleanup;
}
@@ -998,7 +998,7 @@
if ((r = krb5_mk_req_extended(ssh_context, &auth_context, ap_opts,
0, new_creds, &auth)))
{
- debug("Kerberos V5: failed krb5_mk_req_extended (%s)",
+ debug("Kerberos V5: failed krb5_mk_req_extended (%.100s)",
error_message(r));
goto cleanup;
}
@@ -1046,7 +1046,7 @@
--- auth-kerberos.c.orig Sun Jun 6 02:01:32 1999
+++ auth-kerberos.c Sun Jun 6 02:01:33 1999
@@ -120,10 +120,18 @@
if (r = krb5_rd_rep(ssh_context, auth_context, &auth, &repl))
{
- packet_disconnect("Kerberos V5 Authentication failed: %s",
+ packet_disconnect("Kerberos V5 Authentication failed: %.100s",
error_message(r));
goto cleanup;
}
@@ -1090,7 +1090,7 @@
krb5_data outbuf;
krb5_error_code r;
int type;
- char server_name[128];
+ char server_name[512];
remotehost = (char *) get_canonical_hostname();
memset(&outbuf, 0 , sizeof(outbuf));
@@ -1100,14 +1100,14 @@
if (!ssh_context)
{
if ((r = krb5_init_context(&ssh_context)))
- fatal("Kerberos V5: %s while initializing krb5.", error_message(r));
+ fatal("Kerberos V5: %.100s while initializing krb5.", error_message(r));
krb5_init_ets(ssh_context);
}
if (!auth_context)
{
if ((r = krb5_auth_con_init(ssh_context, &auth_context)))
{
- debug("Kerberos V5: failed to init auth_context (%s)",
+ debug("Kerberos V5: failed to init auth_context (%.100s)",
error_message(r));
return 0 ;
}
@@ -1124,7 +1124,7 @@
if ((r = krb5_cc_get_principal(ssh_context, ccache,
&client)))
{
- debug("Kerberos V5: failure on principal (%s)",
+ debug("Kerberos V5: failure on principal (%.100s)",
error_message(r));
return 0 ;
}
@@ -1136,7 +1136,7 @@
principal and point it to clients realm. This way
we pass over a TGT of the clients realm. */
- sprintf(server_name,"host/%s@", remotehost);
+ sprintf(server_name,"host/%.100s@", remotehost);
strncat(server_name,client->realm.data,client->realm.length);
krb5_parse_name(ssh_context,server_name, &server);
server->type = KRB5_NT_SRV_HST;
@@ -1145,7 +1145,7 @@
if ((r = krb5_fwd_tgt_creds(ssh_context, auth_context, 0, client,
server, ccache, 1, &outbuf)))
{
- debug("Kerberos V5 krb5_fwd_tgt_creds failure (%s)",
+ debug("Kerberos V5 krb5_fwd_tgt_creds failure (%.100s)",
error_message(r));
krb5_free_principal(ssh_context, client);
krb5_free_principal(ssh_context, server);
@@ -1416,7 +1416,7 @@
error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
error("It is also possible that the host key has just been changed.");
error("Please contact your system administrator.");
- error("Add correct host key in %s to get rid of this message.",
+ error("Add correct host key in %.100s to get rid of this message.",
options->user_hostfile);
/* If strict host key checking is in use, the user will have to edit
@@ -1589,7 +1589,7 @@
if (!ssh_context)
{
if ((problem = krb5_init_context(&ssh_context)))
- fatal("Kerberos V5: %s while initializing krb5.",
+ fatal("Kerberos V5: %.100s while initializing krb5.",
error_message(problem));
krb5_init_ets(ssh_context);
}
@@ -1605,7 +1605,7 @@
if ((problem = krb5_cc_get_principal(ssh_context, ccache,
&client)))
{
- debug("Kerberos V5: failure on principal (%s).",
+ debug("Kerberos V5: failure on principal (%.100s).",
error_message(problem));
}
else {
--- auth-kerberos.c.orig Wed Jul 8 20:40:35 1998
+++ auth-kerberos.c Tue Nov 10 15:50:15 1998
@@ -63,11 +63,11 @@
krb5_auth_con_free(ssh_context, auth_context);
auth_context = 0;
}
- log_msg("Kerberos ticket authentication of user %s failed: %s",
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
server_user, error_message(problem));
- debug("Kerberos krb5_auth_con_genaddrs (%s).", error_message(problem));
- packet_send_debug("Kerberos krb5_auth_con_genaddrs: %s",
+ debug("Kerberos krb5_auth_con_genaddrs (%.100s).", error_message(problem));
+ packet_send_debug("Kerberos krb5_auth_con_genaddrs: %.100s",
error_message(problem));
return 0;
}
@@ -80,11 +80,11 @@
krb5_auth_con_free(ssh_context, auth_context);
auth_context = 0;
}
- log_msg("Kerberos ticket authentication of user %s failed: %s",
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
server_user, error_message(problem));
- debug("Kerberos V5 rd_req failed (%s).", error_message(problem));
- packet_send_debug("Kerberos V5 krb5_rd_req: %s", error_message(problem));
+ debug("Kerberos V5 rd_req failed (%.100s).", error_message(problem));
+ packet_send_debug("Kerberos V5 krb5_rd_req: %.100s", error_message(problem));
return 0;
}
@@ -93,22 +93,22 @@
if (problem)
{
krb5_free_ticket(ssh_context, ticket);
- log_msg("Kerberos ticket authentication of user %s failed: %s",
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
server_user, error_message(problem));
- debug("Kerberos krb5_unparse_name failed (%s).", error_message(problem));
- packet_send_debug("Kerberos krb5_unparse_name: %s",
+ debug("Kerberos krb5_unparse_name failed (%.100s).", error_message(problem));
+ packet_send_debug("Kerberos krb5_unparse_name: %.100s",
error_message(problem));
return 0;
}
if (strncmp(server, "host/", strlen("host/")))
{
krb5_free_ticket(ssh_context, ticket);
- log_msg("Kerberos ticket authentication of user %s failed: invalid service name (%s)",
+ log_msg("Kerberos ticket authentication of user %.100s failed: invalid service name (%.100s)",
server_user, server);
- debug("Kerberos invalid service name (%s).", server);
- packet_send_debug("Kerberos invalid service name (%s).", server);
+ debug("Kerberos invalid service name (%.100s).", server);
+ packet_send_debug("Kerberos invalid service name (%.100s).", server);
debug("Kerberos invalid service name (%.100s).", server);
packet_send_debug("Kerberos invalid service name (%.100s).", server);
+#ifdef krb5_xfree
krb5_xfree(server);
+#else
+ free(server);
+#endif
return 0;
}
@@ -122,11 +122,11 @@
+#ifdef krb5_xfree
krb5_xfree(server);
+#else
+ free(server);
+#endif
if (problem)
{
- log_msg("Kerberos ticket authentication of user %s failed: %s",
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
server_user, error_message(problem));
- debug("Kerberos krb5_copy_principal failed (%s).",
+ debug("Kerberos krb5_copy_principal failed (%.100s).",
error_message(problem));
- packet_send_debug("Kerberos krb5_copy_principal: %s",
+ packet_send_debug("Kerberos krb5_copy_principal: %.100s",
error_message(problem));
return 0;
}
@@ -135,11 +135,11 @@
/* Make the reply - so that mutual authentication can be done */
if ((problem = krb5_mk_rep(ssh_context, auth_context, &reply)))
{
- log_msg("Kerberos ticket authentication of user %s failed: %s",
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
server_user, error_message(problem));
- debug("Kerberos krb5_mk_rep failed (%s).",
+ debug("Kerberos krb5_mk_rep failed (%.100s).",
error_message(problem));
- packet_send_debug("Kerberos krb5_mk_rep failed: %s",
+ packet_send_debug("Kerberos krb5_mk_rep failed: %.100s",
error_message(problem));
return 0;
}
@@ -160,7 +160,7 @@
{
krb5_creds **creds;
krb5_error_code retval;
- static char ccname[128];
+ static char ccname[512];
krb5_ccache ccache = NULL;
struct passwd *pwd;
extern char *ticket;
@@ -208,9 +208,9 @@
if (retval = krb5_rd_cred(ssh_context, auth_context, krb5data, &creds, NULL))
{
- log_msg("Kerberos V5 tgt rejected for user %.100s : %s", server_user,
+ log_msg("Kerberos V5 tgt rejected for user %.100s : %.100s", server_user,
error_message(retval));
- packet_send_debug("Kerberos V5 tgt rejected for %.100s : %s",
+ packet_send_debug("Kerberos V5 tgt rejected for %.100s : %.100s",
server_user,
error_message(retval));
packet_start(SSH_SMSG_FAILURE);
@@ -234,7 +234,7 @@
goto errout;
ticket = xmalloc(strlen(ccname) + 1);
- (void) sprintf(ticket, "%s", ccname);
+ (void) sprintf(ticket, "%.100s", ccname);
/* Successful */
packet_start(SSH_SMSG_SUCCESS);
@@ -244,9 +244,9 @@
errout:
krb5_free_tgt_creds(ssh_context, creds);
- log_msg("Kerberos V5 tgt rejected for user %.100s :%s", server_user,
+ log_msg("Kerberos V5 tgt rejected for user %.100s :%.100s", server_user,
error_message(retval));
- packet_send_debug("Kerberos V5 tgt rejected for %.100s : %s", server_user,
+ packet_send_debug("Kerberos V5 tgt rejected for %.100s : %.100s", server_user,
error_message(retval));
packet_start(SSH_SMSG_FAILURE);
/* Extract the users name from the ticket client principal */
problem = krb5_copy_principal(ssh_context, ticket->enc_part2->client,
@@ -159,7 +167,11 @@
packet_put_string((char *) reply.data, reply.length);
packet_send();
packet_write_wait();
+#ifdef krb5_xfree
krb5_xfree(reply.data);
+#else
+ krb5_free_data_contents(ssh_context, &reply);
+#endif
return 1;
}
#endif /* KRB5 */

30
security/ssh/files/patch-al
View File

@ -1,26 +1,26 @@
*** sshconnect.c.orig Wed Apr 23 08:40:11 1997
--- sshconnect.c Fri Apr 25 12:41:59 1997
*** sshconnect.c.orig Wed May 12 20:19:29 1999
--- sshconnect.c Sun Jun 6 02:39:02 1999
***************
*** 311,316 ****
--- 311,322 ----
*** 347,352 ****
--- 347,358 ----
{
struct sockaddr_in sin;
int p;
+ #if (defined(__OpenBSD__) || defined(__FreeBSD__)) && !defined(SOCKS)
+ p = 1023; /* Compat with old FreeBSD */
+ sock = rresvport(&p);
+ if (sock < 0)
+ fatal("rresvport: %.100s", strerror(errno));
+ p = 1023; /* Compat with old FreeBSD */
+ sock = rresvport(&p);
+ if (sock < 0)
+ fatal("rresvport: %.100s", strerror(errno));
+ #else
for (p = 1023; p > 512; p--)
{
sock = socket(AF_INET, SOCK_STREAM, 0);
{
sock = socket(AF_INET, SOCK_STREAM, 0);
***************
*** 338,343 ****
--- 344,350 ----
}
fatal("bind: %.100s", strerror(errno));
}
*** 374,379 ****
--- 380,386 ----
}
fatal("bind: %.100s", strerror(errno));
}
+ #endif
debug("Allocated local port %d.", p);
}

16
security/ssh/files/patch-ao
View File

@ -1,6 +1,6 @@
--- newchannels.c.orig Wed Jul 8 17:40:36 1998
+++ newchannels.c Mon May 3 23:45:06 1999
@@ -271,6 +271,10 @@
--- newchannels.c.orig Wed May 12 20:19:27 1999
+++ newchannels.c Sun Jun 6 01:49:22 1999
@@ -282,6 +282,10 @@
#endif /* NEED_SYS_SYSLOG_H */
#endif /* LIBWRAP */
@ -11,17 +11,17 @@
/* Directory in which the fake unix-domain X11 displays reside. */
#ifndef X11_DIR
#define X11_DIR "/tmp/.X11-unix"
@@ -1874,6 +1878,9 @@
if (gethostname(hostname, sizeof(hostname)) < 0)
@@ -1891,6 +1895,9 @@
fatal("gethostname: %.100s", strerror(errno));
sprintf(buf, "%.400s:%d.%d", hostname, display_number, screen_number);
snprintf(buf, sizeof(buf),
"%.400s:%d.%d", hostname, display_number, screen_number);
+#ifdef __FreeBSD__
+ trimdomain(buf, UT_HOSTSIZE);
+#endif
#else /* HAVE_GETHOSTNAME */
if (uname(&uts) < 0)
fatal("uname: %s", strerror(errno));
@@ -2388,6 +2395,10 @@
fatal("uname: %.100s", strerror(errno));
@@ -2412,6 +2419,10 @@
ssh-agent connections on your system */
old_umask = umask(S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);

6
security/ssh/files/patch-aw
View File

@ -1,6 +1,6 @@
--- login.c.orig Wed Jul 8 17:40:36 1998
+++ login.c Mon May 3 23:52:39 1999
@@ -287,12 +287,13 @@
--- login.c.orig Wed May 12 20:19:26 1999
+++ login.c Sun Jun 6 01:51:33 1999
@@ -301,12 +301,13 @@
strncpy(u.ut_user, user, sizeof(u.ut_user));
#endif /* HAVE_NAME_IN_UTMP */
#ifdef HAVE_HOST_IN_UTMP