From b131dffd162148b30d4e0f834ff7455ebd43a073 Mon Sep 17 00:00:00 2001 From: dugsong Date: Sun, 12 Dec 1999 22:09:25 +0000 Subject: [PATCH] use rsaref port --- security/ssh/Makefile | 25 ++++---------------- security/ssh/files/md5 | 3 --- security/ssh/files/patch-rsaref2 | 25 -------------------- security/ssh/files/patch-rsaref2-2 | 38 ------------------------------ security/ssh/patches/patch-ai | 13 +++++++++- security/ssh/pkg/SECURITY | 3 --- 6 files changed, 16 insertions(+), 91 deletions(-) delete mode 100644 security/ssh/files/patch-rsaref2 delete mode 100644 security/ssh/files/patch-rsaref2-2 diff --git a/security/ssh/Makefile b/security/ssh/Makefile index b539b989843..78275f2c241 100644 --- a/security/ssh/Makefile +++ b/security/ssh/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.44 1999/12/09 17:55:55 brad Exp $ +# $OpenBSD: Makefile,v 1.45 1999/12/12 22:09:25 dugsong Exp $ DISTNAME= ssh-1.2.27 CATEGORIES= security net @@ -6,9 +6,6 @@ MASTER_SITES= http://the.wiretapped.net/security/cryptography/ssh/SSH/ \ ftp://ftp.cs.hut.fi/pub/ssh/ \ ftp://ftp.funet.fi/pub/unix/security/login/ssh/ \ ftp://ftp.cert.dfn.de/pub/tools/net/ssh/ -MASTER_SITES0= http://the.wiretapped.net/security/cryptography/libs/rsa/ \ - ftp://idea.dsi.unimi.it/pub/security/crypt/math/ \ - ftp://ftp.it.net.au/mirrors/crypto/misc/ PATCH_SITES= http://www.ssh.org/patches/ \ ftp://ftp2.inch.com/pub/FreeBSD/ @@ -23,8 +20,9 @@ RESTRICTED= "Crypto; export-controlled" MAINTAINER= todd@openbsd.org .if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES -DISTFILES= ${DISTNAME}.tar.gz rsaref2.tar.gz:0 -CONFIGURE_ARGS+= --with-rsaref +BUILD_DEPENDS= ${PREFIX}/lib/librsaref.a:${PORTSDIR}/security/rsaref +CONFIGURE_ARGS+= --with-rsaref=${PREFIX}/lib +CFLAGS+= -I${PREFIX}/include .endif GNU_CONFIGURE= yes @@ -71,19 +69,9 @@ ETCDIR?= /etc RSHPROG?= /usr/bin/rsh pre-patch: -.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES - @cp ${FILESDIR}/patch-rsaref2 ${PATCHDIR} - @cp ${FILESDIR}/patch-rsaref2-2 ${PATCHDIR} -.endif @mv -f ${WRKSRC}/make-ssh-known-hosts.pl \ ${WRKSRC}/make-ssh-known-hosts.pl.in -post-patch: -.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES - @rm -f ${PATCHDIR}/patch-rsaref2 - @rm -f ${PATCHDIR}/patch-rsaref2-2 -.endif - fetch-depends: .if !defined(NO_WARNINGS) .if !defined(USA_RESIDENT) || ${USA_RESIDENT:U} != YES && ${USA_RESIDENT:U} != NO @@ -101,11 +89,6 @@ fetch-depends: .endif .endif -post-extract: -.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES - @mv ${WRKDIR}/rsaref2 ${WRKSRC}/rsaref2 -.endif - # Put the config files someplace where they can be found to # create a package. post-install: diff --git a/security/ssh/files/md5 b/security/ssh/files/md5 index 21da797d38c..ce7eb704d70 100644 --- a/security/ssh/files/md5 +++ b/security/ssh/files/md5 @@ -1,9 +1,6 @@ MD5 (patch-ssh-1.2.27-bsd.tty.chown) = e4d7755994c2fa0d419a60723e8a9d53 -MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d MD5 (ssh-1.2.27.tar.gz) = c22bc000bee0f7d6f4845eab72a81395 RMD160 (patch-ssh-1.2.27-bsd.tty.chown) = 90dd710dc0ba69473eaad648720165914f921f4a -RMD160 (rsaref2.tar.gz) = 282d62321c50ddc3cefb8bab924200594d24af0c RMD160 (ssh-1.2.27.tar.gz) = b2295e38551f8cc479e0a8e6081ae4312bf946fb SHA1 (patch-ssh-1.2.27-bsd.tty.chown) = 69692ec9b28ebfc552c5c7e2727eb1bc210bcfcf -SHA1 (rsaref2.tar.gz) = 0b1e58ed2dd82bed07fe80c01c3cfa8558dc745f SHA1 (ssh-1.2.27.tar.gz) = 0e7d59c6a62b094bd51818599ae24f7de3462d14 diff --git a/security/ssh/files/patch-rsaref2 b/security/ssh/files/patch-rsaref2 deleted file mode 100644 index 03b7846fed2..00000000000 --- a/security/ssh/files/patch-rsaref2 +++ /dev/null @@ -1,25 +0,0 @@ ---- rsaref2/source/global.h.~1~ Fri Mar 25 12:01:46 1994 -+++ rsaref2/source/global.h Thu Apr 2 00:12:23 1998 -@@ -7,6 +7,8 @@ - #ifndef _GLOBAL_H_ - #define _GLOBAL_H_ 1 - -+#include -+ - /* PROTOTYPES should be set to one if and only if the compiler supports - function argument prototyping. - The following makes PROTOTYPES default to 1 if it has not already been -@@ -23,7 +25,13 @@ - typedef unsigned short int UINT2; - - /* UINT4 defines a four byte word */ -+#if ( UINT_MAX == 0xffffffffU ) -+typedef unsigned int UINT4; -+#elif ( ULONG_MAX == 0xffffffffU ) - typedef unsigned long int UINT4; -+#else -+# error Unknown size for UINT4 -+#endif - - #ifndef NULL_PTR - #define NULL_PTR ((POINTER)0) diff --git a/security/ssh/files/patch-rsaref2-2 b/security/ssh/files/patch-rsaref2-2 deleted file mode 100644 index dcdf8343080..00000000000 --- a/security/ssh/files/patch-rsaref2-2 +++ /dev/null @@ -1,38 +0,0 @@ ---- rsaref2/source/rsa.c.orig Fri Mar 25 14:01:48 1994 -+++ rsaref2/source/rsa.c Sun Dec 12 13:47:57 1999 -@@ -33,6 +33,8 @@ - unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN]; - unsigned int i, modulusLen; - -+ if (publicKey->bits > MAX_RSA_MODULUS_BITS) -+ return (RE_LEN); - modulusLen = (publicKey->bits + 7) / 8; - if (inputLen + 11 > modulusLen) - return (RE_LEN); -@@ -78,6 +80,8 @@ - unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; - unsigned int i, modulusLen, pkcsBlockLen; - -+ if (publicKey->bits > MAX_RSA_MODULUS_BITS) -+ return (RE_LEN); - modulusLen = (publicKey->bits + 7) / 8; - if (inputLen > modulusLen) - return (RE_LEN); -@@ -129,6 +133,8 @@ - unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; - unsigned int i, modulusLen; - -+ if (privateKey->bits > MAX_RSA_MODULUS_BITS) -+ return (RE_LEN); - modulusLen = (privateKey->bits + 7) / 8; - if (inputLen + 11 > modulusLen) - return (RE_LEN); -@@ -168,6 +174,8 @@ - unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; - unsigned int i, modulusLen, pkcsBlockLen; - -+ if (privateKey->bits > MAX_RSA_MODULUS_BITS) -+ return (RE_LEN); - modulusLen = (privateKey->bits + 7) / 8; - if (inputLen > modulusLen) - return (RE_LEN); diff --git a/security/ssh/patches/patch-ai b/security/ssh/patches/patch-ai index e707cde3d82..fa39334531f 100644 --- a/security/ssh/patches/patch-ai +++ b/security/ssh/patches/patch-ai @@ -1,5 +1,16 @@ --- rsaglue.c.orig Wed May 12 07:19:28 1999 -+++ rsaglue.c Wed Nov 10 09:30:32 1999 ++++ rsaglue.c Sun Dec 12 16:20:41 1999 +@@ -71,8 +71,8 @@ + interface without modifying RSAREF. */ + + #define _MD5_H_ /* Kludge to prevent inclusion of rsaref md5.h. */ +-#include "rsaref2/source/global.h" +-#include "rsaref2/source/rsaref.h" ++#include "global.h" ++#include "rsaref.h" + + /* Convert an integer from gmp to rsaref representation. */ + @@ -139,6 +139,10 @@ input_bits = mpz_sizeinbase(input, 2); diff --git a/security/ssh/pkg/SECURITY b/security/ssh/pkg/SECURITY index 780f325a29e..18ae7a21635 100644 --- a/security/ssh/pkg/SECURITY +++ b/security/ssh/pkg/SECURITY @@ -3,6 +3,3 @@ ssh-1.2.27: patch-ai fixes the buffer overflow in RSAREF rsaglue code. OpenSSH (integrated into OpenBSD-2.6) does not have this bug. -patch-rsaref2-2 fixes the buffer overflow in RSA{Private,Public}{De,En}crypt(), -as published by CORE SDI in their advisory of Dec. 1, 1999. -