Commit Graph

962 Commits

Author SHA1 Message Date
Jun Kuriyama
803a0d0909 Use @unexec to remove locale directories. 2000-01-15 04:07:26 +00:00
Torsten Blum
eb66565459 Add IPv6 support to ssh.
The IPv6 patch was obtained from the kame repository and has been
been writen by KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>

Due to the whole mess with different patches it was necessary to include
both the IPv6 patch and patch-ssh-1.2.27-bsd.tty.chown in ${PATCHDIR}.
Since both patches modify the configure script it was also necessary
to rebuild it via autoconf from configure.in. I've decided to use
USE_AUTOCONF instead of including the re-build configure script in
${FILESDIR}

Obtained from:	KAME/WIDE
2000-01-14 19:37:39 +00:00
Brian Feldman
dcd2c0fc89 Add the actual change of names in sockaddr_storage. This broke things
for people after what time my system was previously made.  Sorry.

Submitted by:	sumikawa
2000-01-14 07:07:18 +00:00
Satoshi Asami
1f6491de9d Add dsniff, fragrouter and whisker. 2000-01-14 02:12:49 +00:00
Brian Feldman
8d55d19095 Update to a more current OpenSSH, including...
IPv6 support!!

Thank you very much, Sumikawa san.

Submitted by:	Munechika SUMIKAWA <sumikawa@ebina.hitachi.co.jp>
2000-01-13 23:22:17 +00:00
David E. O'Brien
06b36d5868 Update to version 0.7.1. 2000-01-13 20:13:52 +00:00
Sheldon Hearn
b4035e7bc8 Mark FORBIDDEN when /usr/include/tcpd.h exists.
This commit was done without consultation with the maintainer.
2000-01-12 07:20:54 +00:00
Foxfair Hu
28183a94c3 Clean up Makefile, remove the unwanted action while compiling.
Pointed out by : Martti Kuparinen <martti.kuparinen@ericsson.com>
		(maintainer)
2000-01-11 01:16:04 +00:00
Daniel Baker
576ca01d38 add zebedee 2000-01-10 04:57:15 +00:00
David E. O'Brien
b27ac2c9dd Make the inline ASM gcc 2.95 clean. 2000-01-09 20:37:05 +00:00
Daniel Baker
afa17e6669 initial import of zebedee port
Submitted by: Greg Hewgill <greg@hewgill.com>
2000-01-09 08:15:42 +00:00
Kris Kennaway
549ab1724d Update to dsniff 1.2 which now builds out of the box of FreeBSD. How's
that for vendor turnaround time!
2000-01-09 05:14:19 +00:00
Kris Kennaway
33f3aab20c New port: dsniff 1.1
dsniff is a set of network penetration testing tools

Obtained from:	OpenBSD
2000-01-09 03:13:59 +00:00
Nick Sayer
07e10dcc32 1. Remove RESTRICTED -- aparently hashing is exportable.
2. Removed threading restriction.

3. Changed the WWW:

4. Improved the pkg/COMMENT

PR:		15893
Submitted by:	Cy.Schubert@uumail.gov.bc.ca
2000-01-09 02:40:22 +00:00
Kris Kennaway
d668f660f3 Add some MASTER_SITES and take over maintainership.
PR:	ports/15516
2000-01-09 00:17:38 +00:00
Mark Murray
fdeab08731 Update to 0.2l - bug fixes and a bunch of new man pages. 2000-01-08 16:35:17 +00:00
Kris Kennaway
0f6a074fbd Whisker v1.3 is a sophisticated CGI security scanner by
.rain.forest.puppy

Obtained From:	OpenBSD
2000-01-08 09:55:18 +00:00
Kris Kennaway
9393541ce9 Add Fragrouter 1.6.
Fragrouter is a program for routing network traffic in such a way as
to elude most network intrusion detection systems.

Obtained From:	OpenBSD
2000-01-08 09:24:25 +00:00
Satoshi Asami
2ca1fe047a Don't include bsd.port.pre.mk twice. This usually is caused by first
including bsd.port.pre.mk and then later including bsd.port.mk (the
latter of which of course should be bsd.port.post.mk).
2000-01-07 16:40:17 +00:00
Nick Sayer
45f70d0346 Upgrade libmcrypt port to 2.2.4
Submitted by:	robertb@probe.net
2000-01-07 15:59:17 +00:00
David E. O'Brien
fb6cec5d1a Upgrade to version 2.3BETA12.
Submitted by:	taguchi@tohoku.iij.ad.jp
2000-01-04 08:00:20 +00:00
Dirk Froemberg
0a0ab0a8a4 Remove dependencies to header files in ${PREFIX} to avoid problems
if openssl is in the base system already.
2000-01-02 23:17:48 +00:00
Dirk Froemberg
2e3aadb778 Use LIB_DEPENDS instead of RUN_DEPENDS. It's more appropriate here. 2000-01-02 22:58:02 +00:00
Vanilla I. Shu
86b3146232 Upgrade to 2.1.8.8pre5 2000-01-02 06:14:23 +00:00
Mark Murray
fd1da02c8d CVS is starting to really piss me off. This was supposed to be part
of the same commit that:

Upgrade Heimdal to 0.2j

No response from:	MAINTAINER
1999-12-31 15:40:27 +00:00
Mark Murray
f7ccbfacac Update to Heimdal 0.2i.
No response from:	MAINTAINER
1999-12-31 14:55:55 +00:00
Dirk Froemberg
7a034920be Check wheather OpenSSL is installed in the base system already and
skip openssl port if so.

(I. e. check the existence of /usr/bin/openssl, /usr/lib/libcrypto.so
and /usr/lib/libssl.so. If they exist set FORBIDDEN.)
1999-12-30 11:13:37 +00:00
Steve Price
ead323453d Use OpenSSL instaed of librc4 so this port's package can be exported.
Also incorporate Garrett Wollman's kerberos fixes.

PR:		15732
Submitted by:	maintainer
1999-12-29 07:06:27 +00:00
Peter Wemm
039a8cc408 Update the BROKEN message (for -current) to also list _KERNEL as a reason. 1999-12-29 05:32:39 +00:00
Tim Vanderhoek
8cd82c0318 General comment cleanups. 1999-12-28 16:30:10 +00:00
Brian Feldman
f2bfcd0cca Upgrade to the pam_ssh module, version 1.1..
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used.  XDM and its variants
should now work without modification.  Note that the new code uses
the macros in <sys/queue.h>.

Submitted by:	Andrew J. Korty <ajk@iu.edu>
1999-12-28 05:32:54 +00:00
Steve Price
822f6f827a Update to version 0.99.2. NOTE: I added a BUILD and RUN_DEPENDS on
the nmap port otherwise the build fell over despite the configure script
saying that it would continue without it.

PR:		15714 (4 of 4)
Submitted by:	maintainer
1999-12-27 21:54:05 +00:00
Steve Price
96d98d1082 Update to version 0.99.2.
PR:		15714 (3 of 4)
Submitted by:	maintainer
1999-12-27 21:51:53 +00:00
Steve Price
dd4425ed02 Update to version 0.99.2.
PR:		15714 (2 of 4)
Submitted by:	maintainer
1999-12-27 21:50:16 +00:00
Steve Price
c6e1440585 Update to version 0.99.2
PR:		15714 (1 of 4)
Submitted by:	maintainer
1999-12-27 21:49:06 +00:00
Steve Price
e4d4e5d882 Adding pgpgpg version 0.13.
A wrapper for GnuPG to simulate PGP 2.6.x.

PR:		15526
Submitted by:	Matt Behrens <matt@zigg.com>
1999-12-27 01:58:13 +00:00
Steve Price
2b52928c68 Adding sslwrap version 2.0.5.
Another SSL wrapper application, which uses SSLEay/OpenSSL.

PR:		14771
Submitted by:	Zahemszky Gabor <zgabor@CoDe.HU>
1999-12-27 01:56:10 +00:00
Steve Price
54ea5fa715 Adding cyrus-sasl version 1.5.13.
An RFC 2222 SASL (Simple Authentication and Security Layer).

PR:		14619
Submitted by:	Scot W. Hetzel <hetzels@westbend.net>
1999-12-27 01:52:25 +00:00
Steve Price
c4714f3342 Fix build for USA_RESIDENT=yes. Also get this to compile again on
-current.

PR:		14888
Inspired by:	maintainer and the stunnel port
1999-12-27 00:40:15 +00:00
Steve Price
a6b26cdacc librc4 version 1.1
RC4 library for use with the Cyrus SASL library (export controlled).

PR:		14618
Submitted by:	Scot W. Hetzel <hetzels@westbend.net>
1999-12-25 19:10:34 +00:00
Steve Price
dd02eac948 Add a MASTER_SITE.
PR:		15677
1999-12-25 18:54:44 +00:00
Steve Price
bee3a271ee Add a continuation character at the end of the first MASTER_SITES line.
PR:		15687
Submitted by:	Dann Lunsford <dann@greycat.com>
1999-12-25 18:46:42 +00:00
Steve Price
04c6d34137 logcheck version 1.1.1
An auditing tools for system logs on Un*x boxes.

PR:		15360
Submitted by:	Dan Langille <dan@freebsddiary.org>
1999-12-25 16:11:00 +00:00
Nick Sayer
06aaa30b1a Add the international crypto repository as a master site
PR:		15072
1999-12-25 16:01:53 +00:00
Michael Haro
d1fd392f52 GNU_CONFIGURE makes it so we dont' need --prefix=${PREFIX} 1999-12-24 19:21:43 +00:00
Michael Haro
332b0f4a83 remove --prefix=${PREFIX} when GNU_CONFIGURE=yes and other minor cleanups
PR:		14759
Submitted by:	Jeremy Lea <reg@shale.csir.co.za>
1999-12-24 18:39:48 +00:00
Michael Haro
3f6b106686 fix corrupted patch
Submitted by:	FUJISHIMA Satsuki <k5@cheerful.com>
1999-12-24 04:38:36 +00:00
Steve Price
fcbcdf68f0 Make this compile again after the libnet updates.
PR:		15645
1999-12-24 04:25:45 +00:00
Brian Feldman
ccf991de8f Update to today's OpenSSH.
The version is now 1.2.1, from 1.2.  You can mv your old distfiles/OpenSSH-1.2
dir to distfiles/OpenSSH-1.2.1, if you want to not waste time/space.

Some minor nits have been fixed, and a couple bugs.  One sizeof(len)
should have just been len, and, in markus's words,
"fix get_remote_port() and friends for sshd -i".
1999-12-23 06:37:30 +00:00
Andrey A. Chernov
1799118ba6 Remove myself from MAINTAINER 1999-12-23 02:30:06 +00:00
Jun Kuriyama
7a0b30e57f Update to v1.0.1. (with correct gpg.1) 1999-12-23 00:01:12 +00:00
Michael Haro
174b80c32e update to 1.6.1 1999-12-22 17:56:15 +00:00
Michael Haro
9e2a601197 Update to 1.6.1 1999-12-22 17:53:40 +00:00
Chris D. Faulhaber
b97a47d2df * Update portsentry to 1.0
* Remove current MAINTAINER as email has been unreachable for weeks
* Add dan@freebsddiary.com as MAINTAINER at his request

PR:		15490
Submitted by:	Dan Langille <dan@freebsddiary.com>
1999-12-22 14:26:41 +00:00
Dirk Froemberg
9934bc0975 Upgrade to 1.5. 1999-12-22 10:56:28 +00:00
Satoshi Asami
ee7f9aa44a Install sudoers in correct place.
Submitted by:	jhb via cpiazza
1999-12-17 08:18:03 +00:00
Satoshi Asami
ce59e9a532 Fix whitespace problem.
Submitted by:	jedgar@fxp.org
1999-12-14 22:53:27 +00:00
Satoshi Asami
da18acd49b Fix buffer overflow problem properly.
Submitted by:	kris
Obtained from:	bugtraq list (I believe)
1999-12-13 07:02:03 +00:00
David E. O'Brien
472081e636 For some reason etc/sudoers.sample isn't installed by the distfiles's
Makefile any more.  So install it manually.
1999-12-10 19:51:09 +00:00
Chris Piazza
580675f5ed Unbreak for 3.4-R by changing the MASTER_SITE path in case mharo
doesn't get to PR 15403 in time.
1999-12-10 19:02:28 +00:00
Michael Haro
61d648591a update to 1.6.
had to remove manpage path corrections patch (patch-ac) because
I don't have time till after Friday to work on this port more.
1999-12-10 02:27:59 +00:00
Foxfair Hu
a205b4eda9 Back out my change from Oct.26, this was a misconfigured hack and should
never be taken.

Pointed out by : maintainer.
1999-12-09 14:17:09 +00:00
Don Lewis
4c18c17742 Activate chrootuid. 1999-12-09 10:40:46 +00:00
Don Lewis
1ef37aadb3 The chrootuid command combines chroot(8) and su(1) into one program,
so that there is no need to have commands such as /usr/bin/su in the
restricted environment.  Access to the file system is restricted to
the newroot subtree and privileges are restricted to those of the
newuser account (which must be a known account in the unrestricted
environment).
1999-12-09 10:37:38 +00:00
Andrey A. Chernov
69872a6f4b Change broken link to homepage to official one 1999-12-08 21:27:01 +00:00
Brian Feldman
d64b6e2fd2 I've cleaned up ${CVS_DATE} usage a bit (keep spaces correctly), and
updated to today's snapshot of OpenSSH.

Various updates from the latest ${CVS_DATE}, and requisite patch
changes, are the "big new thing".  Nothing major has changed;  the
biggest ones would be using atomicio() in a lot of places and a
fix for a SIGHUP not updating sshd(8)'s configuration until the
next connection.
1999-12-08 04:06:38 +00:00
David E. O'Brien
7c36a52e4c Update to 2.3 beta #9.
This speeds up OS scans.
1999-12-07 22:06:56 +00:00
SADA Kenji
745f62c9ad The software's www page has been moved. 1999-12-07 21:13:02 +00:00
Brian Feldman
7db4f457f6 In the meantime (while things are being worked and decided on on the
OpenBSD OpenSSH front), add ConnectionsPerPeriod to prevent DoS via
running the system out of resources.  In reality, this wouldn't
be a full DoS, but would make a system slower, but this is a better
thing to do than let the system get loaded down.
   So here we are, rate-limiting.  The default settings are now:
Five connections are allowed to authenticate (and not be rejected) in
a period of ten seconds.
One minute is given for login grace time.
   More work in this area is being done by alfred@FreeBSD.org and
markus@OpenBSD.org, at the very least.  This is, essentially, a
stopgap solution;  however, it is a properly implemented and documented
one, and has an easily modifiable framework.
1999-12-06 06:32:22 +00:00
Brian Feldman
c249079362 Under advisories, put RESTRICTED back. It more accurately reflects
reality, though.  One file, cipher.c, calls cryptographic routines
from external libraries.  This really cannot encumber OpenSSH in
any case, but I put RESTRICTED back since it would give people a
false hope of being able to install the OpenSSH package but
not the requisite, RESTRICTED (so nonexistant) openssl package.
1999-12-06 06:26:17 +00:00
Kris Kennaway
26fd302372 Upgrade to l0pht-watch 1.1
Reviewed by:	Maintainer
1999-12-06 05:15:58 +00:00
Brian Feldman
1394b1ef56 Good-bye, RESTRICTED.
Reasons:
1. It's not crypto.
2. It links with crypto.
	a. That crypto is in the public domain.
	b. Linking with crypto does not constitute cryptography.
3. Even if it were crypto, the description of the entire protocol, etc.,
   is in the public domain.  The RFC is PD in the USA, and the white paper
   in Europe.
4. Precedence?  Even if it were crypto, the Bernstein case has set
   precedence for allowing export of that.  But it's not even crypto.
1999-12-06 04:49:22 +00:00
Brian Feldman
99f8fb2572 Reduce LoginGraceTime from 10 minutes (!!!) to 30 seconds. More to
come, soon.
1999-12-04 12:40:39 +00:00
Chris Piazza
85ed02f6b6 fix buffer overflow in RSA{Public,Private}Decrypt. from CORE SDI. 1999-12-02 07:49:03 +00:00
Foxfair Hu
8020a1e16b PORTLINT rules. 1999-12-01 20:01:59 +00:00
Foxfair Hu
29b60edf91 More portlint cleanup. 1999-12-01 19:53:56 +00:00
Foxfair Hu
3ea9778c6e PORTLINT rules. 1999-12-01 19:48:40 +00:00
Foxfair Hu
325fc4a8d1 Upgrade nessus-plugins to 0.99.1 . 1999-12-01 19:46:27 +00:00
Foxfair Hu
d94887d9ad Upgrade to 0.99.1, and make portlint happy. 1999-12-01 19:35:08 +00:00
Foxfair Hu
5cc9cadf7f Active nessus-* ports. 1999-12-01 05:42:11 +00:00
Foxfair Hu
7690d17b90 PR: 14776
Submitted by:	Anders Nordby <anders@fix.no>

Import the plugins for nessus, network security scanner program.

WWW: http://www.nessus.org/
1999-12-01 05:40:10 +00:00
Foxfair Hu
ef5033c94b PR: 14775
Submitted by:		Anders Nordby <anders@fix.no>

NASL is a scripting language designed for the Nessus security scanner. Its
aim is to allow anyone to write a test for a given security hole in a few
minutes, to allow people to share their tests without having to worry
about their operating system, and to garantee everyone that a NASL script
can not do anything nasty except performing a given security test against
a given target.

NASL is not a powerful scripting language. Its purpose is to make scripts
that are security tests. So, do not expect to write a third generation web
server in this language, nor a file conversion utility. Use perl, python
or whatever scripting language to do this.

WWW: http://www.nessus.org/doc/nasl.html
1999-12-01 05:35:29 +00:00
Foxfair Hu
b08bfa9ba0 PR: 14774
Submitted by:		Anders Nordby <anders@fix.no>
Split nessus-libraries from nessus port.
1999-12-01 05:32:20 +00:00
Foxfair Hu
788058aac1 PR: ports/14773
Submitted by:		maintainer
Update to 0.99.1, and disable nessus for compiling in -current.
Original patch submitted by the maintainer, and some fixes from me.
1999-12-01 05:27:13 +00:00
Archie Cobbs
99d5b650ca Update one of the master sites.
Submitted by:	Brent <brent@kearneys.ca>
1999-11-30 06:39:34 +00:00
Brian Feldman
c52ee5193f Add the PAM SSH RSA key authentication module. For example, you can add,
"login  auth    sufficient      pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)

PR:		15158
Submitted by:	Andrew J. Korty <ajk@waterspout.com>
Reviewed by:	obrien
1999-11-29 07:09:45 +00:00
Brian Feldman
8e53bbefee Update to a current CVS_DATE. The only real change I see is the (big)
change of KNFization being finalized :)

Patches had to be modified, but should look "better" according to
style(9), now.
1999-11-28 22:40:28 +00:00
Brian Feldman
cc029c1647 Change CFLAGS to get modified in Makefile.inc, fixing the
problem several people have reported with make.conf setting ${CFLAGS}.

Partially submitted by:	Jos Backus <Jos.Backus@nl.origin-it.com>
1999-11-28 21:40:58 +00:00
Nick Sayer
f900a41e79 Update to 0.6.1
Submitted by:	sascha@schumann.cx
1999-11-28 16:26:42 +00:00
Steve Price
af5234ea2c Re-importing in net.
Suggested by:	kris
1999-11-26 23:18:39 +00:00
Steve Price
1aa203a2e7 Activate the dante and p5-Authen-PAM ports. 1999-11-26 20:35:28 +00:00
Steve Price
8d71c26261 Initial import of p5-Authen-PAM version 0.08.
A Perl interface to the PAM library.

PR:		14137
Submitted by:	Matt Behrens <matt@zigg.com>
1999-11-26 20:32:25 +00:00
Chris Piazza
e8bddd06d0 Forgot a line 1999-11-25 21:26:38 +00:00
Chris Piazza
37014e3b5d Patches are now available from www.ssh.org/patches
Submitted by:	Issei Suzuki <issei@jp.freebsd.org>
1999-11-25 21:26:03 +00:00
SADA Kenji
03825be304 Removed an obsoleted patch.
PR:		15059
Submitted by:	Maintainer
1999-11-24 21:45:32 +00:00
Brian Feldman
56a0d0c739 Also, set SSH_PROGRAM correctly. 1999-11-24 03:39:54 +00:00
Brian Feldman
f0ca59b2b5 Update the CVS_DATE. This brings in support for TIS authentication,
obsoleting a couple patches (it's the same code, though, except for
additions).

This also brings in KNFization of everything (please hold the cheering
down :) and made me reroll all my patches.

My patches have been almost entirely rewritten.  The places are the
same, but the code's rewritten.  It fits with the style (KNF) now,
and looks better.

I've also added strlcat.c to the build, which, just like strlcpy.c, is
necessary for compatibility with older libcs.  After strlcat() snuck
into the OpenSSH code recently, this would prevent OpenSSH from
building on (e.g.) FreeBSD 3.2.  Adding it to ssh/lib/ makes it work
yet again :)
1999-11-24 03:36:23 +00:00
Brian Feldman
f9d23e53cc Correct ssh-keygen usage.
Submitted by:	Larry Baird <lab@gta.com>
1999-11-23 03:04:05 +00:00
Brian Feldman
64c59a88a8 Clean up some shell scripting and replace it with proper Makefile
syntax.  Run ssh-keygen for ssh_host_key on port install, not just
package install.
1999-11-22 22:45:47 +00:00
Brian Feldman
64484c75cf I wish CVS would report new files. This broke the carefully designed
mirroring system.  The tarball was fine, but the extraction was not
1999-11-22 22:44:47 +00:00