PR: ports/12037
Submitted by: Issei Suzuki <issei@jp.FreeBSD.ORG> Upgrade to 1.2.27. # I'm not maintainer but it seems that torstenb is too busy to # look the PR and many people want new version ssh port.
This commit is contained in:
parent
c5bb7f1b1a
commit
48500b76a6
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=19489
@ -1,15 +1,15 @@
|
||||
# New ports collection makefile for: ssh
|
||||
# Version required: 1.2.25
|
||||
# Version required: 1.2.*
|
||||
# Date created: 30 Jul 1995
|
||||
# Whom: torstenb@FreeBSD.ORG
|
||||
#
|
||||
# $Id: Makefile,v 1.73 1999/03/13 18:51:11 billf Exp $
|
||||
# $Id: Makefile,v 1.74 1999/04/03 03:35:50 ache Exp $
|
||||
#
|
||||
# Maximal ssh package requires YES values for
|
||||
# USE_PERL, USE_TCPWRAP
|
||||
#
|
||||
|
||||
DISTNAME= ssh-1.2.26
|
||||
DISTNAME= ssh-1.2.27
|
||||
CATEGORIES= security net
|
||||
MASTER_SITES= ftp://ftp.funet.fi/pub/unix/security/login/ssh/
|
||||
|
||||
|
@ -1,3 +1 @@
|
||||
MD5 (ssh-1.2.26.tar.gz) = 2ee46d454015dd01c5e8f074eabf0245
|
||||
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
|
||||
MD5 (ssh-1.2.22-patchkit) = 5228897d59be91ad3ae88e992d61cd50
|
||||
MD5 (ssh-1.2.27.tar.gz) = c22bc000bee0f7d6f4845eab72a81395
|
||||
|
@ -1,7 +1,7 @@
|
||||
*** make-ssh-known-hosts.pl.in.orig Wed Apr 23 08:40:05 1997
|
||||
--- make-ssh-known-hosts.pl.in Fri Apr 25 12:38:21 1997
|
||||
*** make-ssh-known-hosts.pl.in.orig Wed May 12 20:18:51 1999
|
||||
--- make-ssh-known-hosts.pl.in Sun Jun 6 02:30:08 1999
|
||||
***************
|
||||
*** 87,93 ****
|
||||
*** 98,104 ****
|
||||
$debug = 5;
|
||||
$defserver = '';
|
||||
$bell='\a';
|
||||
@ -9,7 +9,7 @@
|
||||
$private_ssh_known_hosts = "/tmp/ssh_known_hosts$$";
|
||||
$timeout = 60;
|
||||
$ping_timeout = 3;
|
||||
--- 87,93 ----
|
||||
--- 98,104 ----
|
||||
$debug = 5;
|
||||
$defserver = '';
|
||||
$bell='\a';
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- Makefile.in.orig Wed Jul 8 09:40:39 1998
|
||||
+++ Makefile.in Wed Oct 7 19:11:37 1998
|
||||
@@ -294,14 +294,19 @@
|
||||
--- Makefile.in.orig Wed May 12 20:19:31 1999
|
||||
+++ Makefile.in Sun Jun 6 01:22:50 1999
|
||||
@@ -301,14 +301,19 @@
|
||||
SHELL = /bin/sh
|
||||
|
||||
GMPDIR = gmp-2.0.2-ssh-2
|
||||
@ -25,7 +25,7 @@
|
||||
RSAREFSRCDIR = $(RSAREFDIR)/source
|
||||
|
||||
X_CFLAGS = @X_CFLAGS@
|
||||
@@ -404,7 +409,7 @@
|
||||
@@ -411,7 +416,7 @@
|
||||
$(CC) -o rfc-pg rfc-pg.o
|
||||
|
||||
.c.o:
|
||||
@ -34,7 +34,7 @@
|
||||
|
||||
sshd: $(SSHD_OBJS) $(GMPDEP) $(RSAREFDEP) $(ZLIBDEP)
|
||||
-rm -f sshd
|
||||
@@ -447,19 +452,19 @@
|
||||
@@ -454,19 +459,19 @@
|
||||
sed "s#&PERL&#$(PERL)#" <$(srcdir)/make-ssh-known-hosts.pl >make-ssh-known-hosts
|
||||
chmod +x make-ssh-known-hosts
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
|
||||
$(RSAREFSRCDIR)/librsaref.a:
|
||||
-if test '!' -d $(RSAREFDIR); then \
|
||||
@@ -516,7 +521,7 @@
|
||||
@@ -523,7 +528,7 @@
|
||||
# (otherwise it can only log in as the user it runs as, and must be
|
||||
# bound to a non-privileged port). Also, password authentication may
|
||||
# not be available if non-root and using shadow passwords.
|
||||
@ -76,7 +76,7 @@
|
||||
-rm -f $(install_prefix)$(bindir)/ssh1.old
|
||||
-chmod 755 $(install_prefix)$(bindir)/ssh1
|
||||
-chmod 755 $(install_prefix)$(bindir)/ssh
|
||||
@@ -672,15 +677,15 @@
|
||||
@@ -679,15 +684,15 @@
|
||||
|
||||
clean:
|
||||
-rm -f *.o gmon.out *core $(PROGRAMS) rfc-pg
|
||||
@ -96,7 +96,7 @@
|
||||
|
||||
dist: dist-free
|
||||
|
||||
@@ -709,12 +714,12 @@
|
||||
@@ -716,12 +721,12 @@
|
||||
-mkdir $(DISTNAME)
|
||||
cp $(DISTFILES) $(DISTNAME)
|
||||
for i in $(DISTSRCS); do cp $(srcdir)/$$i $(DISTNAME); done
|
||||
@ -113,7 +113,7 @@
|
||||
|
||||
#ifdef F_SECURE_COMMERCIAL
|
||||
#
|
||||
@@ -742,7 +747,7 @@
|
||||
@@ -749,7 +754,7 @@
|
||||
(echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed $(srcdir)/version.h >/dev/null
|
||||
|
||||
depend:
|
||||
|
@ -1,13 +1,13 @@
|
||||
*** auth-passwd.c.bak Tue Jan 20 15:23:48 1998
|
||||
--- auth-passwd.c Sat Feb 14 00:49:56 1998
|
||||
*** auth-passwd.c.orig Wed May 12 20:19:23 1999
|
||||
--- auth-passwd.c Sun Jun 6 02:36:00 1999
|
||||
***************
|
||||
*** 815,820 ****
|
||||
--- 815,822 ----
|
||||
*** 911,916 ****
|
||||
--- 911,918 ----
|
||||
encrypted_password = crypt(password,
|
||||
(correct_passwd[0] && correct_passwd[1]) ?
|
||||
correct_passwd : "xx");
|
||||
(correct_passwd[0] && correct_passwd[1]) ?
|
||||
correct_passwd : "xx");
|
||||
+ if (!password[0] && correct_passwd[0])
|
||||
+ encrypted_password = ":";
|
||||
+ encrypted_password = ":";
|
||||
#endif /* HAVE_SCO_ETC_SHADOW */
|
||||
#endif /* HAVE_OSF1_C2_SECURITY */
|
||||
|
||||
/* Authentication is accepted if the encrypted passwords are identical. */
|
||||
|
@ -1,7 +1,24 @@
|
||||
*** server_config.sample.orig Thu Mar 27 09:04:06 1997
|
||||
--- server_config.sample Fri Mar 28 15:45:53 1997
|
||||
*** server_config.sample.orig Wed May 12 20:18:51 1999
|
||||
--- server_config.sample Sun Jun 6 02:36:38 1999
|
||||
***************
|
||||
*** 16,22 ****
|
||||
*** 7,13 ****
|
||||
ServerKeyBits 768
|
||||
LoginGraceTime 600
|
||||
KeyRegenerationInterval 3600
|
||||
! PermitRootLogin yes
|
||||
IgnoreRhosts no
|
||||
StrictModes yes
|
||||
QuietMode no
|
||||
--- 7,13 ----
|
||||
ServerKeyBits 768
|
||||
LoginGraceTime 600
|
||||
KeyRegenerationInterval 3600
|
||||
! PermitRootLogin no
|
||||
IgnoreRhosts no
|
||||
StrictModes yes
|
||||
QuietMode no
|
||||
***************
|
||||
*** 16,27 ****
|
||||
FascistLogging no
|
||||
PrintMotd yes
|
||||
KeepAlive yes
|
||||
@ -9,7 +26,12 @@
|
||||
RhostsAuthentication no
|
||||
RhostsRSAAuthentication yes
|
||||
RSAAuthentication yes
|
||||
--- 16,22 ----
|
||||
PasswordAuthentication yes
|
||||
! PermitEmptyPasswords yes
|
||||
UseLogin no
|
||||
# CheckMail no
|
||||
# PidFile /u/zappa/.ssh/pid
|
||||
--- 16,27 ----
|
||||
FascistLogging no
|
||||
PrintMotd yes
|
||||
KeepAlive yes
|
||||
@ -17,3 +39,8 @@
|
||||
RhostsAuthentication no
|
||||
RhostsRSAAuthentication yes
|
||||
RSAAuthentication yes
|
||||
PasswordAuthentication yes
|
||||
! PermitEmptyPasswords no
|
||||
UseLogin no
|
||||
# CheckMail no
|
||||
# PidFile /u/zappa/.ssh/pid
|
||||
|
@ -1,7 +1,7 @@
|
||||
*** sshd.c.WAS Thu Jun 11 23:11:47 1998
|
||||
--- sshd.c Thu Jun 11 23:30:30 1998
|
||||
*** sshd.c.orig Wed May 12 20:19:29 1999
|
||||
--- sshd.c Sun Jun 6 02:37:18 1999
|
||||
***************
|
||||
*** 2014,2020 ****
|
||||
*** 2222,2228 ****
|
||||
pwcopy.pw_class = xstrdup(pw->pw_class);
|
||||
pwcopy.pw_change = pw->pw_change;
|
||||
pwcopy.pw_expire = pw->pw_expire;
|
||||
@ -9,7 +9,7 @@
|
||||
pwcopy.pw_dir = xstrdup(pw->pw_dir);
|
||||
pwcopy.pw_shell = xstrdup(pw->pw_shell);
|
||||
pw = &pwcopy;
|
||||
--- 2014,2020 ----
|
||||
--- 2222,2228 ----
|
||||
pwcopy.pw_class = xstrdup(pw->pw_class);
|
||||
pwcopy.pw_change = pw->pw_change;
|
||||
pwcopy.pw_expire = pw->pw_expire;
|
||||
@ -18,7 +18,7 @@
|
||||
pwcopy.pw_shell = xstrdup(pw->pw_shell);
|
||||
pw = &pwcopy;
|
||||
***************
|
||||
*** 3045,3054 ****
|
||||
*** 3285,3294 ****
|
||||
struct pty_cleanup_context cleanup_context;
|
||||
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
|
||||
login_cap_t *lc;
|
||||
@ -27,9 +27,9 @@
|
||||
struct timeval tp;
|
||||
! #endif /* __bsdi__ && _BSDI_VERSION >= 199510 */
|
||||
|
||||
#ifdef HAVE_OSF1_C2_SECURITY
|
||||
{
|
||||
--- 3045,3055 ----
|
||||
/* We no longer need the child running on user's privileges. */
|
||||
userfile_uninit();
|
||||
--- 3285,3295 ----
|
||||
struct pty_cleanup_context cleanup_context;
|
||||
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
|
||||
login_cap_t *lc;
|
||||
@ -39,14 +39,14 @@
|
||||
struct timeval tp;
|
||||
! #endif /* __FreeBSD__ || (__bsdi__ && _BSDI_VERSION >= 199510) */
|
||||
|
||||
#ifdef HAVE_OSF1_C2_SECURITY
|
||||
{
|
||||
/* We no longer need the child running on user's privileges. */
|
||||
userfile_uninit();
|
||||
***************
|
||||
*** 3183,3188 ****
|
||||
--- 3184,3197 ----
|
||||
"The Regents of the University of California. ",
|
||||
"All rights reserved.");
|
||||
}
|
||||
*** 3446,3451 ****
|
||||
--- 3447,3460 ----
|
||||
"The Regents of the University of California. ",
|
||||
"All rights reserved.");
|
||||
}
|
||||
+ #ifdef HAVE_LOGIN_CAP_H
|
||||
+ #define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */
|
||||
+
|
||||
@ -59,50 +59,50 @@
|
||||
|
||||
/* Print /etc/motd unless a command was specified or printing it was
|
||||
***************
|
||||
*** 3206,3212 ****
|
||||
fputs(line, stdout);
|
||||
fclose(f);
|
||||
}
|
||||
*** 3469,3475 ****
|
||||
fputs(line, stdout);
|
||||
fclose(f);
|
||||
}
|
||||
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
|
||||
if (pw->pw_change || pw->pw_expire)
|
||||
(void)gettimeofday(&tp, (struct timezone *)NULL);
|
||||
if (pw->pw_change)
|
||||
--- 3215,3221 ----
|
||||
fputs(line, stdout);
|
||||
fclose(f);
|
||||
}
|
||||
if (pw->pw_change || pw->pw_expire)
|
||||
(void)gettimeofday(&tp, (struct timezone *)NULL);
|
||||
if (pw->pw_change)
|
||||
--- 3478,3484 ----
|
||||
fputs(line, stdout);
|
||||
fclose(f);
|
||||
}
|
||||
! #if defined(__FreeBSD__) || (defined(__bsdi__) && _BSDI_VERSION >= 199510)
|
||||
if (pw->pw_change || pw->pw_expire)
|
||||
(void)gettimeofday(&tp, (struct timezone *)NULL);
|
||||
if (pw->pw_change)
|
||||
if (pw->pw_change || pw->pw_expire)
|
||||
(void)gettimeofday(&tp, (struct timezone *)NULL);
|
||||
if (pw->pw_change)
|
||||
***************
|
||||
*** 3575,3581 ****
|
||||
while (fgets(buf, sizeof(buf), f))
|
||||
fputs(buf, stderr);
|
||||
fclose(f);
|
||||
*** 3922,3928 ****
|
||||
while (fgets(buf, sizeof(buf), f))
|
||||
fputs(buf, stderr);
|
||||
fclose(f);
|
||||
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
|
||||
if (pw->pw_uid != UID_ROOT &&
|
||||
!login_getcapbool(lc, "ignorenologin", 0))
|
||||
exit(254);
|
||||
--- 3584,3590 ----
|
||||
while (fgets(buf, sizeof(buf), f))
|
||||
fputs(buf, stderr);
|
||||
fclose(f);
|
||||
if (pw->pw_uid != UID_ROOT &&
|
||||
!login_getcapbool(lc, "ignorenologin", 0))
|
||||
exit(254);
|
||||
--- 3931,3937 ----
|
||||
while (fgets(buf, sizeof(buf), f))
|
||||
fputs(buf, stderr);
|
||||
fclose(f);
|
||||
! #if (defined(__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)) || (defined (__bsdi__) && _BSDI_VERSION >= 199510)
|
||||
if (pw->pw_uid != UID_ROOT &&
|
||||
!login_getcapbool(lc, "ignorenologin", 0))
|
||||
exit(254);
|
||||
if (pw->pw_uid != UID_ROOT &&
|
||||
!login_getcapbool(lc, "ignorenologin", 0))
|
||||
exit(254);
|
||||
***************
|
||||
*** 4121,4127 ****
|
||||
--- 4130,4140 ----
|
||||
struct stat mailbuf;
|
||||
|
||||
if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0)
|
||||
*** 4525,4531 ****
|
||||
--- 4534,4544 ----
|
||||
struct stat mailbuf;
|
||||
|
||||
if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0)
|
||||
+ #ifdef __FreeBSD__
|
||||
+ ;
|
||||
+ ;
|
||||
+ #else
|
||||
printf("No mail.\n");
|
||||
printf("No mail.\n");
|
||||
+ #endif
|
||||
else if (mailbuf.st_atime > mailbuf.st_mtime)
|
||||
printf("You have mail.\n");
|
||||
else
|
||||
else if (mailbuf.st_atime > mailbuf.st_mtime)
|
||||
printf("You have mail.\n");
|
||||
else
|
||||
|
@ -1,286 +1,33 @@
|
||||
--- sshconnect.c.orig Wed Jul 8 20:40:38 1998
|
||||
+++ sshconnect.c Tue Nov 10 15:43:45 1998
|
||||
@@ -282,7 +282,7 @@
|
||||
|
||||
/* Child. Permanently give up superuser privileges. */
|
||||
if (setuid(getuid()) < 0)
|
||||
- fatal("setuid: %s", strerror(errno));
|
||||
+ fatal("setuid: %.100s", strerror(errno));
|
||||
|
||||
/* Redirect stdin and stdout. */
|
||||
close(pin[1]);
|
||||
@@ -944,7 +944,7 @@
|
||||
if (!ssh_context)
|
||||
{
|
||||
if ((r = krb5_init_context(&ssh_context)))
|
||||
- fatal("Kerberos V5: %s while initializing krb5.", error_message(r));
|
||||
+ fatal("Kerberos V5: %.100s while initializing krb5.", error_message(r));
|
||||
krb5_init_ets(ssh_context);
|
||||
}
|
||||
|
||||
@@ -959,14 +959,14 @@
|
||||
"host", KRB5_NT_SRV_HST,
|
||||
&creds.server)))
|
||||
{
|
||||
- debug("Kerberos V5: error while constructing service name: %s.",
|
||||
+ debug("Kerberos V5: error while constructing service name: %.100s.",
|
||||
error_message(r));
|
||||
goto cleanup;
|
||||
}
|
||||
if ((r = krb5_cc_get_principal(ssh_context, ccache,
|
||||
&creds.client)))
|
||||
{
|
||||
- debug("Kerberos V5: failure on principal (%s).",
|
||||
+ debug("Kerberos V5: failure on principal (%.100s).",
|
||||
error_message(r));
|
||||
goto cleanup;
|
||||
}
|
||||
@@ -975,7 +975,7 @@
|
||||
if ((r = krb5_get_credentials(ssh_context, 0,
|
||||
ccache, &creds, &new_creds)))
|
||||
{
|
||||
- debug("Kerberos V5: failure on credentials(%s).",
|
||||
+ debug("Kerberos V5: failure on credentials(%.100s).",
|
||||
error_message(r));
|
||||
goto cleanup;
|
||||
}
|
||||
@@ -987,7 +987,7 @@
|
||||
{
|
||||
if ((r = krb5_auth_con_init(ssh_context, &auth_context)))
|
||||
{
|
||||
- debug("Kerberos V5: failed to init auth_context (%s)",
|
||||
+ debug("Kerberos V5: failed to init auth_context (%.100s)",
|
||||
error_message(r));
|
||||
goto cleanup;
|
||||
}
|
||||
@@ -998,7 +998,7 @@
|
||||
if ((r = krb5_mk_req_extended(ssh_context, &auth_context, ap_opts,
|
||||
0, new_creds, &auth)))
|
||||
{
|
||||
- debug("Kerberos V5: failed krb5_mk_req_extended (%s)",
|
||||
+ debug("Kerberos V5: failed krb5_mk_req_extended (%.100s)",
|
||||
error_message(r));
|
||||
goto cleanup;
|
||||
}
|
||||
@@ -1046,7 +1046,7 @@
|
||||
--- auth-kerberos.c.orig Sun Jun 6 02:01:32 1999
|
||||
+++ auth-kerberos.c Sun Jun 6 02:01:33 1999
|
||||
@@ -120,10 +120,18 @@
|
||||
|
||||
if (r = krb5_rd_rep(ssh_context, auth_context, &auth, &repl))
|
||||
{
|
||||
- packet_disconnect("Kerberos V5 Authentication failed: %s",
|
||||
+ packet_disconnect("Kerberos V5 Authentication failed: %.100s",
|
||||
error_message(r));
|
||||
goto cleanup;
|
||||
}
|
||||
@@ -1090,7 +1090,7 @@
|
||||
krb5_data outbuf;
|
||||
krb5_error_code r;
|
||||
int type;
|
||||
- char server_name[128];
|
||||
+ char server_name[512];
|
||||
|
||||
remotehost = (char *) get_canonical_hostname();
|
||||
memset(&outbuf, 0 , sizeof(outbuf));
|
||||
@@ -1100,14 +1100,14 @@
|
||||
if (!ssh_context)
|
||||
{
|
||||
if ((r = krb5_init_context(&ssh_context)))
|
||||
- fatal("Kerberos V5: %s while initializing krb5.", error_message(r));
|
||||
+ fatal("Kerberos V5: %.100s while initializing krb5.", error_message(r));
|
||||
krb5_init_ets(ssh_context);
|
||||
}
|
||||
if (!auth_context)
|
||||
{
|
||||
if ((r = krb5_auth_con_init(ssh_context, &auth_context)))
|
||||
{
|
||||
- debug("Kerberos V5: failed to init auth_context (%s)",
|
||||
+ debug("Kerberos V5: failed to init auth_context (%.100s)",
|
||||
error_message(r));
|
||||
return 0 ;
|
||||
}
|
||||
@@ -1124,7 +1124,7 @@
|
||||
if ((r = krb5_cc_get_principal(ssh_context, ccache,
|
||||
&client)))
|
||||
{
|
||||
- debug("Kerberos V5: failure on principal (%s)",
|
||||
+ debug("Kerberos V5: failure on principal (%.100s)",
|
||||
error_message(r));
|
||||
return 0 ;
|
||||
}
|
||||
@@ -1136,7 +1136,7 @@
|
||||
principal and point it to clients realm. This way
|
||||
we pass over a TGT of the clients realm. */
|
||||
|
||||
- sprintf(server_name,"host/%s@", remotehost);
|
||||
+ sprintf(server_name,"host/%.100s@", remotehost);
|
||||
strncat(server_name,client->realm.data,client->realm.length);
|
||||
krb5_parse_name(ssh_context,server_name, &server);
|
||||
server->type = KRB5_NT_SRV_HST;
|
||||
@@ -1145,7 +1145,7 @@
|
||||
if ((r = krb5_fwd_tgt_creds(ssh_context, auth_context, 0, client,
|
||||
server, ccache, 1, &outbuf)))
|
||||
{
|
||||
- debug("Kerberos V5 krb5_fwd_tgt_creds failure (%s)",
|
||||
+ debug("Kerberos V5 krb5_fwd_tgt_creds failure (%.100s)",
|
||||
error_message(r));
|
||||
krb5_free_principal(ssh_context, client);
|
||||
krb5_free_principal(ssh_context, server);
|
||||
@@ -1416,7 +1416,7 @@
|
||||
error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
|
||||
error("It is also possible that the host key has just been changed.");
|
||||
error("Please contact your system administrator.");
|
||||
- error("Add correct host key in %s to get rid of this message.",
|
||||
+ error("Add correct host key in %.100s to get rid of this message.",
|
||||
options->user_hostfile);
|
||||
|
||||
/* If strict host key checking is in use, the user will have to edit
|
||||
@@ -1589,7 +1589,7 @@
|
||||
if (!ssh_context)
|
||||
{
|
||||
if ((problem = krb5_init_context(&ssh_context)))
|
||||
- fatal("Kerberos V5: %s while initializing krb5.",
|
||||
+ fatal("Kerberos V5: %.100s while initializing krb5.",
|
||||
error_message(problem));
|
||||
krb5_init_ets(ssh_context);
|
||||
}
|
||||
@@ -1605,7 +1605,7 @@
|
||||
if ((problem = krb5_cc_get_principal(ssh_context, ccache,
|
||||
&client)))
|
||||
{
|
||||
- debug("Kerberos V5: failure on principal (%s).",
|
||||
+ debug("Kerberos V5: failure on principal (%.100s).",
|
||||
error_message(problem));
|
||||
}
|
||||
else {
|
||||
--- auth-kerberos.c.orig Wed Jul 8 20:40:35 1998
|
||||
+++ auth-kerberos.c Tue Nov 10 15:50:15 1998
|
||||
@@ -63,11 +63,11 @@
|
||||
krb5_auth_con_free(ssh_context, auth_context);
|
||||
auth_context = 0;
|
||||
}
|
||||
- log_msg("Kerberos ticket authentication of user %s failed: %s",
|
||||
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
|
||||
server_user, error_message(problem));
|
||||
|
||||
- debug("Kerberos krb5_auth_con_genaddrs (%s).", error_message(problem));
|
||||
- packet_send_debug("Kerberos krb5_auth_con_genaddrs: %s",
|
||||
+ debug("Kerberos krb5_auth_con_genaddrs (%.100s).", error_message(problem));
|
||||
+ packet_send_debug("Kerberos krb5_auth_con_genaddrs: %.100s",
|
||||
error_message(problem));
|
||||
return 0;
|
||||
}
|
||||
@@ -80,11 +80,11 @@
|
||||
krb5_auth_con_free(ssh_context, auth_context);
|
||||
auth_context = 0;
|
||||
}
|
||||
- log_msg("Kerberos ticket authentication of user %s failed: %s",
|
||||
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
|
||||
server_user, error_message(problem));
|
||||
|
||||
- debug("Kerberos V5 rd_req failed (%s).", error_message(problem));
|
||||
- packet_send_debug("Kerberos V5 krb5_rd_req: %s", error_message(problem));
|
||||
+ debug("Kerberos V5 rd_req failed (%.100s).", error_message(problem));
|
||||
+ packet_send_debug("Kerberos V5 krb5_rd_req: %.100s", error_message(problem));
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -93,22 +93,22 @@
|
||||
if (problem)
|
||||
{
|
||||
krb5_free_ticket(ssh_context, ticket);
|
||||
- log_msg("Kerberos ticket authentication of user %s failed: %s",
|
||||
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
|
||||
server_user, error_message(problem));
|
||||
|
||||
- debug("Kerberos krb5_unparse_name failed (%s).", error_message(problem));
|
||||
- packet_send_debug("Kerberos krb5_unparse_name: %s",
|
||||
+ debug("Kerberos krb5_unparse_name failed (%.100s).", error_message(problem));
|
||||
+ packet_send_debug("Kerberos krb5_unparse_name: %.100s",
|
||||
error_message(problem));
|
||||
return 0;
|
||||
}
|
||||
if (strncmp(server, "host/", strlen("host/")))
|
||||
{
|
||||
krb5_free_ticket(ssh_context, ticket);
|
||||
- log_msg("Kerberos ticket authentication of user %s failed: invalid service name (%s)",
|
||||
+ log_msg("Kerberos ticket authentication of user %.100s failed: invalid service name (%.100s)",
|
||||
server_user, server);
|
||||
|
||||
- debug("Kerberos invalid service name (%s).", server);
|
||||
- packet_send_debug("Kerberos invalid service name (%s).", server);
|
||||
+ debug("Kerberos invalid service name (%.100s).", server);
|
||||
+ packet_send_debug("Kerberos invalid service name (%.100s).", server);
|
||||
debug("Kerberos invalid service name (%.100s).", server);
|
||||
packet_send_debug("Kerberos invalid service name (%.100s).", server);
|
||||
+#ifdef krb5_xfree
|
||||
krb5_xfree(server);
|
||||
+#else
|
||||
+ free(server);
|
||||
+#endif
|
||||
return 0;
|
||||
}
|
||||
@@ -122,11 +122,11 @@
|
||||
+#ifdef krb5_xfree
|
||||
krb5_xfree(server);
|
||||
+#else
|
||||
+ free(server);
|
||||
+#endif
|
||||
|
||||
if (problem)
|
||||
{
|
||||
- log_msg("Kerberos ticket authentication of user %s failed: %s",
|
||||
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
|
||||
server_user, error_message(problem));
|
||||
- debug("Kerberos krb5_copy_principal failed (%s).",
|
||||
+ debug("Kerberos krb5_copy_principal failed (%.100s).",
|
||||
error_message(problem));
|
||||
- packet_send_debug("Kerberos krb5_copy_principal: %s",
|
||||
+ packet_send_debug("Kerberos krb5_copy_principal: %.100s",
|
||||
error_message(problem));
|
||||
return 0;
|
||||
}
|
||||
@@ -135,11 +135,11 @@
|
||||
/* Make the reply - so that mutual authentication can be done */
|
||||
if ((problem = krb5_mk_rep(ssh_context, auth_context, &reply)))
|
||||
{
|
||||
- log_msg("Kerberos ticket authentication of user %s failed: %s",
|
||||
+ log_msg("Kerberos ticket authentication of user %.100s failed: %.100s",
|
||||
server_user, error_message(problem));
|
||||
- debug("Kerberos krb5_mk_rep failed (%s).",
|
||||
+ debug("Kerberos krb5_mk_rep failed (%.100s).",
|
||||
error_message(problem));
|
||||
- packet_send_debug("Kerberos krb5_mk_rep failed: %s",
|
||||
+ packet_send_debug("Kerberos krb5_mk_rep failed: %.100s",
|
||||
error_message(problem));
|
||||
return 0;
|
||||
}
|
||||
@@ -160,7 +160,7 @@
|
||||
{
|
||||
krb5_creds **creds;
|
||||
krb5_error_code retval;
|
||||
- static char ccname[128];
|
||||
+ static char ccname[512];
|
||||
krb5_ccache ccache = NULL;
|
||||
struct passwd *pwd;
|
||||
extern char *ticket;
|
||||
@@ -208,9 +208,9 @@
|
||||
|
||||
if (retval = krb5_rd_cred(ssh_context, auth_context, krb5data, &creds, NULL))
|
||||
{
|
||||
- log_msg("Kerberos V5 tgt rejected for user %.100s : %s", server_user,
|
||||
+ log_msg("Kerberos V5 tgt rejected for user %.100s : %.100s", server_user,
|
||||
error_message(retval));
|
||||
- packet_send_debug("Kerberos V5 tgt rejected for %.100s : %s",
|
||||
+ packet_send_debug("Kerberos V5 tgt rejected for %.100s : %.100s",
|
||||
server_user,
|
||||
error_message(retval));
|
||||
packet_start(SSH_SMSG_FAILURE);
|
||||
@@ -234,7 +234,7 @@
|
||||
goto errout;
|
||||
|
||||
ticket = xmalloc(strlen(ccname) + 1);
|
||||
- (void) sprintf(ticket, "%s", ccname);
|
||||
+ (void) sprintf(ticket, "%.100s", ccname);
|
||||
|
||||
/* Successful */
|
||||
packet_start(SSH_SMSG_SUCCESS);
|
||||
@@ -244,9 +244,9 @@
|
||||
|
||||
errout:
|
||||
krb5_free_tgt_creds(ssh_context, creds);
|
||||
- log_msg("Kerberos V5 tgt rejected for user %.100s :%s", server_user,
|
||||
+ log_msg("Kerberos V5 tgt rejected for user %.100s :%.100s", server_user,
|
||||
error_message(retval));
|
||||
- packet_send_debug("Kerberos V5 tgt rejected for %.100s : %s", server_user,
|
||||
+ packet_send_debug("Kerberos V5 tgt rejected for %.100s : %.100s", server_user,
|
||||
error_message(retval));
|
||||
packet_start(SSH_SMSG_FAILURE);
|
||||
/* Extract the users name from the ticket client principal */
|
||||
problem = krb5_copy_principal(ssh_context, ticket->enc_part2->client,
|
||||
@@ -159,7 +167,11 @@
|
||||
packet_put_string((char *) reply.data, reply.length);
|
||||
packet_send();
|
||||
packet_write_wait();
|
||||
+#ifdef krb5_xfree
|
||||
krb5_xfree(reply.data);
|
||||
+#else
|
||||
+ krb5_free_data_contents(ssh_context, &reply);
|
||||
+#endif
|
||||
return 1;
|
||||
}
|
||||
#endif /* KRB5 */
|
||||
|
@ -1,26 +1,26 @@
|
||||
*** sshconnect.c.orig Wed Apr 23 08:40:11 1997
|
||||
--- sshconnect.c Fri Apr 25 12:41:59 1997
|
||||
*** sshconnect.c.orig Wed May 12 20:19:29 1999
|
||||
--- sshconnect.c Sun Jun 6 02:39:02 1999
|
||||
***************
|
||||
*** 311,316 ****
|
||||
--- 311,322 ----
|
||||
*** 347,352 ****
|
||||
--- 347,358 ----
|
||||
{
|
||||
struct sockaddr_in sin;
|
||||
int p;
|
||||
+ #if (defined(__OpenBSD__) || defined(__FreeBSD__)) && !defined(SOCKS)
|
||||
+ p = 1023; /* Compat with old FreeBSD */
|
||||
+ sock = rresvport(&p);
|
||||
+ if (sock < 0)
|
||||
+ fatal("rresvport: %.100s", strerror(errno));
|
||||
+ p = 1023; /* Compat with old FreeBSD */
|
||||
+ sock = rresvport(&p);
|
||||
+ if (sock < 0)
|
||||
+ fatal("rresvport: %.100s", strerror(errno));
|
||||
+ #else
|
||||
for (p = 1023; p > 512; p--)
|
||||
{
|
||||
sock = socket(AF_INET, SOCK_STREAM, 0);
|
||||
{
|
||||
sock = socket(AF_INET, SOCK_STREAM, 0);
|
||||
***************
|
||||
*** 338,343 ****
|
||||
--- 344,350 ----
|
||||
}
|
||||
fatal("bind: %.100s", strerror(errno));
|
||||
}
|
||||
*** 374,379 ****
|
||||
--- 380,386 ----
|
||||
}
|
||||
fatal("bind: %.100s", strerror(errno));
|
||||
}
|
||||
+ #endif
|
||||
debug("Allocated local port %d.", p);
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- newchannels.c.orig Wed Jul 8 17:40:36 1998
|
||||
+++ newchannels.c Mon May 3 23:45:06 1999
|
||||
@@ -271,6 +271,10 @@
|
||||
--- newchannels.c.orig Wed May 12 20:19:27 1999
|
||||
+++ newchannels.c Sun Jun 6 01:49:22 1999
|
||||
@@ -282,6 +282,10 @@
|
||||
#endif /* NEED_SYS_SYSLOG_H */
|
||||
#endif /* LIBWRAP */
|
||||
|
||||
@ -11,17 +11,17 @@
|
||||
/* Directory in which the fake unix-domain X11 displays reside. */
|
||||
#ifndef X11_DIR
|
||||
#define X11_DIR "/tmp/.X11-unix"
|
||||
@@ -1874,6 +1878,9 @@
|
||||
if (gethostname(hostname, sizeof(hostname)) < 0)
|
||||
@@ -1891,6 +1895,9 @@
|
||||
fatal("gethostname: %.100s", strerror(errno));
|
||||
sprintf(buf, "%.400s:%d.%d", hostname, display_number, screen_number);
|
||||
snprintf(buf, sizeof(buf),
|
||||
"%.400s:%d.%d", hostname, display_number, screen_number);
|
||||
+#ifdef __FreeBSD__
|
||||
+ trimdomain(buf, UT_HOSTSIZE);
|
||||
+#endif
|
||||
#else /* HAVE_GETHOSTNAME */
|
||||
if (uname(&uts) < 0)
|
||||
fatal("uname: %s", strerror(errno));
|
||||
@@ -2388,6 +2395,10 @@
|
||||
fatal("uname: %.100s", strerror(errno));
|
||||
@@ -2412,6 +2419,10 @@
|
||||
ssh-agent connections on your system */
|
||||
old_umask = umask(S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- login.c.orig Wed Jul 8 17:40:36 1998
|
||||
+++ login.c Mon May 3 23:52:39 1999
|
||||
@@ -287,12 +287,13 @@
|
||||
--- login.c.orig Wed May 12 20:19:26 1999
|
||||
+++ login.c Sun Jun 6 01:51:33 1999
|
||||
@@ -301,12 +301,13 @@
|
||||
strncpy(u.ut_user, user, sizeof(u.ut_user));
|
||||
#endif /* HAVE_NAME_IN_UTMP */
|
||||
#ifdef HAVE_HOST_IN_UTMP
|
||||
|
Loading…
Reference in New Issue
Block a user