Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 Oct 2012 02:43:41 +0600 (BDT)
From:      Muhammad Moinur Rahman <5u623l20@gmail.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/172941: [PATCH] security/pam_ssh_agent_auth: update to 0.9.4
Message-ID:  <201210212043.q9LKhfSo098895@tb.s.ubze.ro>
Resent-Message-ID: <201210212050.q9LKo1qd058280@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         172941
>Category:       ports
>Synopsis:       [PATCH] security/pam_ssh_agent_auth: update to 0.9.4
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 21 20:50:01 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Muhammad Moinur Rahman
>Release:        FreeBSD 9.1-PRERELEASE amd64
>Organization:
>Environment:
System: FreeBSD tb.s.ubze.ro 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0: Mon Oct 15 03:30:02 BDT 2012
>Description:
- Update to 0.9.4

Removed file(s):
- files/patch-entropy.c
- files/patch-iterate_ssh_agent_keys.c
- files/patch-key.c
- files/patch-log.c
- files/patch-log.h
- files/patch-misc.c
- files/patch-pam_ssh_agent_auth.c
- files/patch-pam_user_key_allowed2.c
- files/patch-secure_filename.c
- files/patch-ssh-dss.c
- files/patch-ssh-rsa.c

For Committer's reference:
http://tb.s.ubze.ro//logs/7-STABLE-i386/pam_ssh_agent_auth-0.9.4.log
http://tb.s.ubze.ro//logs/8-STABLE-i386/pam_ssh_agent_auth-0.9.4.log
http://tb.s.ubze.ro//logs/9-STABLE-i386/pam_ssh_agent_auth-0.9.4.log
http://tb.s.ubze.ro//logs/7-STABLE-amd64/pam_ssh_agent_auth-0.9.4.log
http://tb.s.ubze.ro//logs/8-STABLE-amd64/pam_ssh_agent_auth-0.9.4.log
http://tb.s.ubze.ro//logs/9-STABLE-amd64/pam_ssh_agent_auth-0.9.4.log

Port maintainer (miwi@FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.99_6 (mode: update, diff: ports)
>How-To-Repeat:
>Fix:

--- pam_ssh_agent_auth-0.9.4.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/Makefile ./Makefile
--- /usr/ports/security/pam_ssh_agent_auth/Makefile	2011-10-23 21:46:37.000000000 +0600
+++ ./Makefile	2012-10-22 02:08:52.000000000 +0600
@@ -6,8 +6,7 @@
 #
 
 PORTNAME=	pam_ssh_agent_auth
-PORTVERSION=	0.9.3
-PORTREVISION=	1
+PORTVERSION=	0.9.4
 CATEGORIES=	security
 MASTER_SITES=	SF/pamsshagentauth/${PORTNAME}/v${PORTVERSION}/
 
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/distinfo ./distinfo
--- /usr/ports/security/pam_ssh_agent_auth/distinfo	2011-06-25 11:29:26.000000000 +0600
+++ ./distinfo	2012-10-22 02:09:00.000000000 +0600
@@ -1,2 +1,2 @@
-SHA256 (pam_ssh_agent_auth-0.9.3.tar.bz2) = 10017968f5a8a41e1fcfaac6cdec479b70998bbbd19a70e94e2f654befafe5a6
-SIZE (pam_ssh_agent_auth-0.9.3.tar.bz2) = 239596
+SHA256 (pam_ssh_agent_auth-0.9.4.tar.bz2) = 496de600771d6296c7a7d01636399fd603e5a79930416ffbdc150c3784d80ca9
+SIZE (pam_ssh_agent_auth-0.9.4.tar.bz2) = 239250
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-entropy.c ./files/patch-entropy.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-entropy.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-entropy.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,25 +0,0 @@
---- ./entropy.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/entropy.c	2011-10-10 13:10:35.864389493 -0400
-@@ -79,11 +79,11 @@
- 	mysig_t old_sigchld;
- 
- 	if (RAND_status() == 1) {
--		verbose("RNG is ready, skipping seeding");
-+		pam_ssh_auth_verbose("RNG is ready, skipping seeding");
- 		return;
- 	}
- 
--	verbose("Seeding PRNG from %s", SSH_RAND_HELPER);
-+	pam_ssh_auth_verbose("Seeding PRNG from %s", SSH_RAND_HELPER);
- 
- 	if ((devnull = open("/dev/null", O_RDWR)) == -1)
- 		fatal("Couldn't open /dev/null: %s", strerror(errno));
-@@ -187,7 +187,7 @@
- 
- 	buf = buffer_get_string_ret(m, &len);
- 	if (buf != NULL) {
--		verbose("rexec_recv_rng_seed: seeding rng with %u bytes", len);
-+		pam_ssh_auth_verbose("rexec_recv_rng_seed: seeding rng with %u bytes", len);
- 		RAND_add(buf, len, len);
- 	}
- }
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-iterate_ssh_agent_keys.c ./files/patch-iterate_ssh_agent_keys.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-iterate_ssh_agent_keys.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-iterate_ssh_agent_keys.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,20 +0,0 @@
---- ./iterate_ssh_agent_keys.c	2010-01-12 21:17:01.000000000 -0500
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/iterate_ssh_agent_keys.c	2011-10-10 13:10:35.864389493 -0400
-@@ -82,7 +82,7 @@
-     session_id2 = session_id2_gen();
- 
-     if ((ac = ssh_get_authentication_connection(uid))) {
--        verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
-+        pam_ssh_auth_verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
-         for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2)) 
-         {
-             if(key != NULL) {
-@@ -103,7 +103,7 @@
-         ssh_close_authentication_connection(ac);
-     }
-     else {
--        verbose("No ssh-agent could be contacted");
-+        pam_ssh_auth_verbose("No ssh-agent could be contacted");
-     }
-     xfree(session_id2);
-     EVP_cleanup();
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-key.c ./files/patch-key.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-key.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-key.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,51 +0,0 @@
---- ./key.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/key.c	2011-10-10 13:10:35.865388224 -0400
-@@ -420,26 +420,26 @@
- 	case KEY_DSA:
- 		space = strchr(cp, ' ');
- 		if (space == NULL) {
--			verbose("key_read: missing whitespace");
-+			pam_ssh_auth_verbose("key_read: missing whitespace");
- 			return -1;
- 		}
- 		*space = '\0';
- 		type = key_type_from_name(cp);
- 		*space = ' ';
- 		if (type == KEY_UNSPEC) {
--			verbose("key_read: missing keytype");
-+			pam_ssh_auth_verbose("key_read: missing keytype");
- 			return -1;
- 		}
- 		cp = space+1;
- 		if (*cp == '\0') {
--			verbose("key_read: short string");
-+			pam_ssh_auth_verbose("key_read: short string");
- 			return -1;
- 		}
- 		if (ret->type == KEY_UNSPEC) {
- 			ret->type = type;
- 		} else if (ret->type != type) {
- 			/* is a key, but different type */
--			verbose("key_read: type mismatch");
-+			pam_ssh_auth_verbose("key_read: type mismatch");
- 			return -1;
- 		}
- 		len = 2*strlen(cp);
-@@ -656,7 +656,7 @@
- 	} else if (strcmp(name, "ssh-dss") == 0) {
- 		return KEY_DSA;
- 	}
--	verbose("key_type_from_name: unknown key type '%s'", name);
-+	pam_ssh_auth_verbose("key_type_from_name: unknown key type '%s'", name);
- 	return KEY_UNSPEC;
- }
- 
-@@ -677,7 +677,7 @@
- 			return 0;
- 		}
- 	}
--	verbose("key names ok: [%s]", names);
-+	pam_ssh_auth_verbose("key names ok: [%s]", names);
- 	xfree(s);
- 	return 1;
- }
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-log.c ./files/patch-log.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-log.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-log.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,11 +0,0 @@
---- ./log.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/log.c	2011-10-10 13:10:35.865388224 -0400
-@@ -166,7 +166,7 @@
- /* More detailed messages (information that does not need to go to the log). */
- 
- void
--verbose(const char *fmt,...)
-+pam_ssh_auth_verbose(const char *fmt,...)
- {
- 	va_list args;
- 
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-log.h ./files/patch-log.h
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-log.h	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-log.h	1970-01-01 06:00:00.000000000 +0600
@@ -1,11 +0,0 @@
---- ./log.h	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/log.h	2011-10-10 13:10:38.856166661 -0400
-@@ -55,7 +55,7 @@
- void     logerror(const char *, ...) __attribute__((format(printf, 1, 2)));
- void     sigdie(const char *, ...) __attribute__((format(printf, 1, 2)));
- void     logit(const char *, ...) __attribute__((format(printf, 1, 2)));
--void     verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
-+void     pam_ssh_auth_verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
- void     debug(const char *, ...) __attribute__((format(printf, 1, 2)));
- void     debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
- void     debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-misc.c ./files/patch-misc.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-misc.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-misc.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,102 +0,0 @@
---- ./misc.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/misc.c	2011-10-10 13:10:35.866387792 -0400
-@@ -84,13 +84,13 @@
- 		return (-1);
- 	}
- 	if (val & O_NONBLOCK) {
--		verbose("fd %d is O_NONBLOCK", fd);
-+		pam_ssh_auth_verbose("fd %d is O_NONBLOCK", fd);
- 		return (0);
- 	}
--	verbose("fd %d setting O_NONBLOCK", fd);
-+	pam_ssh_auth_verbose("fd %d setting O_NONBLOCK", fd);
- 	val |= O_NONBLOCK;
- 	if (fcntl(fd, F_SETFL, val) == -1) {
--		verbose("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
-+		pam_ssh_auth_verbose("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
- 		    strerror(errno));
- 		return (-1);
- 	}
-@@ -108,13 +108,13 @@
- 		return (-1);
- 	}
- 	if (!(val & O_NONBLOCK)) {
--		verbose("fd %d is not O_NONBLOCK", fd);
-+		pam_ssh_auth_verbose("fd %d is not O_NONBLOCK", fd);
- 		return (0);
- 	}
--	verbose("fd %d clearing O_NONBLOCK", fd);
-+	pam_ssh_auth_verbose("fd %d clearing O_NONBLOCK", fd);
- 	val &= ~O_NONBLOCK;
- 	if (fcntl(fd, F_SETFL, val) == -1) {
--		verbose("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
-+		pam_ssh_auth_verbose("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
- 		    fd, strerror(errno));
- 		return (-1);
- 	}
-@@ -138,15 +138,15 @@
- 
- 	optlen = sizeof opt;
- 	if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
--		verbose("getsockopt TCP_NODELAY: %.100s", strerror(errno));
-+		pam_ssh_auth_verbose("getsockopt TCP_NODELAY: %.100s", strerror(errno));
- 		return;
- 	}
- 	if (opt == 1) {
--		verbose("fd %d is TCP_NODELAY", fd);
-+		pam_ssh_auth_verbose("fd %d is TCP_NODELAY", fd);
- 		return;
- 	}
- 	opt = 1;
--	verbose("fd %d setting TCP_NODELAY", fd);
-+	pam_ssh_auth_verbose("fd %d setting TCP_NODELAY", fd);
- 	if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
- 		logerror("setsockopt TCP_NODELAY: %.100s", strerror(errno));
- }
-@@ -367,7 +367,7 @@
- 		return(xstrdup(host));
- 	if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
- 		fatal("put_host_port: asprintf: %s", strerror(errno));
--	verbose("put_host_port: %s", hoststr);
-+	pam_ssh_auth_verbose("put_host_port: %s", hoststr);
- 	return hoststr;
- }
- 
-@@ -631,7 +631,7 @@
- 		if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
- 			return 0;
- 		} else {
--			verbose("%s: %s line %lu exceeds size limit", __func__,
-+			pam_ssh_auth_verbose("%s: %s line %lu exceeds size limit", __func__,
- 			    filename, *lineno);
- 			/* discard remainder of line */
- 			while (fgetc(f) != '\n' && !feof(f))
-@@ -662,16 +662,16 @@
- 				break;
- 		}
- 	} else {
--		verbose("%s: invalid tunnel %u", __func__, tun);
-+		pam_ssh_auth_verbose("%s: invalid tunnel %u", __func__, tun);
- 		return (-1);
- 	}
- 
- 	if (fd < 0) {
--		verbose("%s: %s open failed: %s", __func__, name, strerror(errno));
-+		pam_ssh_auth_verbose("%s: %s open failed: %s", __func__, name, strerror(errno));
- 		return (-1);
- 	}
- 
--	verbose("%s: %s mode %d fd %d", __func__, name, mode, fd);
-+	pam_ssh_auth_verbose("%s: %s mode %d fd %d", __func__, name, mode, fd);
- 
- 	/* Set the tunnel device operation mode */
- 	snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
-@@ -703,7 +703,7 @@
- 		close(fd);
- 	if (sock >= 0)
- 		close(sock);
--	verbose("%s: failed to set %s mode %d: %s", __func__, name,
-+	pam_ssh_auth_verbose("%s: failed to set %s mode %d: %s", __func__, name,
- 	    mode, strerror(errno));
- 	return (-1);
- #else
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-pam_ssh_agent_auth.c ./files/patch-pam_ssh_agent_auth.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-pam_ssh_agent_auth.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-pam_ssh_agent_auth.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,58 +0,0 @@
---- ./pam_ssh_agent_auth.c	2011-01-26 15:59:21.000000000 -0500
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/pam_ssh_agent_auth.c	2011-10-10 13:10:35.866387792 -0400
-@@ -124,7 +124,7 @@
-     pam_get_item(pamh, PAM_USER, (void *) &user);
-     pam_get_item(pamh, PAM_RUSER, (void *) &ruser_ptr);
- 
--    verbose("Beginning pam_ssh_agent_auth for user %s", user);
-+    pam_ssh_auth_verbose("Beginning pam_ssh_agent_auth for user %s", user);
- 
-     if(ruser_ptr) {
-         strncpy(ruser, ruser_ptr, sizeof(ruser) - 1);
-@@ -139,12 +139,12 @@
- #ifdef ENABLE_SUDO_HACK
-         if( (strlen(sudo_service_name) > 0) && strncasecmp(servicename, sudo_service_name, sizeof(sudo_service_name) - 1) == 0 && getenv("SUDO_USER") ) {
-             strncpy(ruser, getenv("SUDO_USER"), sizeof(ruser) - 1 );
--            verbose( "Using environment variable SUDO_USER (%s)", ruser );
-+            pam_ssh_auth_verbose( "Using environment variable SUDO_USER (%s)", ruser );
-         } else 
- #endif
-         {
-             if( ! getpwuid(getuid()) ) {
--                verbose("Unable to getpwuid(getuid())");
-+                pam_ssh_auth_verbose("Unable to getpwuid(getuid())");
-                 goto cleanexit;
-             }
-             strncpy(ruser, getpwuid(getuid())->pw_name, sizeof(ruser) - 1);
-@@ -153,11 +153,11 @@
- 
-     /* Might as well explicitely confirm the user exists here */
-     if(! getpwnam(ruser) ) {
--        verbose("getpwnam(%s) failed, bailing out", ruser);
-+        pam_ssh_auth_verbose("getpwnam(%s) failed, bailing out", ruser);
-         goto cleanexit;
-     }
-     if( ! getpwnam(user) ) {
--        verbose("getpwnam(%s) failed, bailing out", user);
-+        pam_ssh_auth_verbose("getpwnam(%s) failed, bailing out", user);
-         goto cleanexit;
-     }
- 
-@@ -167,7 +167,7 @@
-          */
-         parse_authorized_key_file(user, authorized_keys_file_input);
-     } else {
--        verbose("Using default file=/etc/security/authorized_keys");
-+        pam_ssh_auth_verbose("Using default file=/etc/security/authorized_keys");
-         authorized_keys_file = xstrdup("/etc/security/authorized_keys");
-     }
- 
-@@ -177,7 +177,7 @@
-      */
- 
-     if(user && strlen(ruser) > 0) {
--        verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
-+        pam_ssh_auth_verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
- 
-         /* 
-          * this pw_uid is used to validate the SSH_AUTH_SOCK, and so must be the uid of the ruser invoking the program, not the target-user
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-pam_user_key_allowed2.c ./files/patch-pam_user_key_allowed2.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-pam_user_key_allowed2.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-pam_user_key_allowed2.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,42 +0,0 @@
---- ./pam_user_key_allowed2.c	2011-06-07 02:32:46.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/pam_user_key_allowed2.c	2011-10-10 13:10:35.866387792 -0400
-@@ -63,11 +63,11 @@
- 	Key *found;
- 	char *fp;
- 
--	verbose("trying public key file %s", file);
-+	pam_ssh_auth_verbose("trying public key file %s", file);
- 
- 	/* Fail not so quietly if file does not exist */
- 	if (stat(file, &st) < 0) {
--        verbose("File not found: %s", file);
-+        pam_ssh_auth_verbose("File not found: %s", file);
- 		return 0;
- 	}
- 	/* Open the file containing the authorized keys. */
-@@ -97,7 +97,7 @@
- 		if (key_read(found, &cp) != 1) {
- 			/* no key?  check if there are options for this key */
- 			int quoted = 0;
--			verbose("user_key_allowed: check options: '%s'", cp);
-+			pam_ssh_auth_verbose("user_key_allowed: check options: '%s'", cp);
- 			key_options = cp;
- 			for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
- 				if (*cp == '\\' && cp[1] == '"')
-@@ -109,7 +109,7 @@
- 			for (; *cp == ' ' || *cp == '\t'; cp++)
- 				;
- 			if (key_read(found, &cp) != 1) {
--				verbose("user_key_allowed: advance: '%s'", cp);
-+				pam_ssh_auth_verbose("user_key_allowed: advance: '%s'", cp);
- 				/* still no key?  advance to next line*/
- 				continue;
- 			}
-@@ -128,6 +128,6 @@
- 	fclose(f);
- 	key_free(found);
- 	if (!found_key)
--		verbose("key not found");
-+		pam_ssh_auth_verbose("key not found");
- 	return found_key;
- }
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-secure_filename.c ./files/patch-secure_filename.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-secure_filename.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-secure_filename.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,29 +0,0 @@
---- ./secure_filename.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/secure_filename.c	2011-10-10 13:10:35.867387919 -0400
-@@ -80,7 +80,7 @@
- 	int comparehome = 0;
- 	struct stat st;
- 
--    verbose("secure_filename: checking for uid: %u", uid);
-+    pam_ssh_auth_verbose("secure_filename: checking for uid: %u", uid);
- 
- 	if (realpath(file, buf) == NULL) {
- 		snprintf(err, errlen, "realpath %s failed: %s", file,
-@@ -107,7 +107,7 @@
- 		}
- 		strlcpy(buf, cp, sizeof(buf));
- 
--		verbose("secure_filename: checking '%s'", buf);
-+		pam_ssh_auth_verbose("secure_filename: checking '%s'", buf);
- 		if (stat(buf, &st) < 0 ||
- 		    (st.st_uid != 0 && st.st_uid != uid) ||
- 		    (st.st_mode & 022) != 0) {
-@@ -118,7 +118,7 @@
- 
- 		/* If are passed the homedir then we can stop */
- 		if (comparehome && strcmp(homedir, buf) == 0) {
--			verbose("secure_filename: terminating check at '%s'",
-+			pam_ssh_auth_verbose("secure_filename: terminating check at '%s'",
- 			    buf);
- 			break;
- 		}
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-ssh-dss.c ./files/patch-ssh-dss.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-ssh-dss.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-ssh-dss.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,11 +0,0 @@
---- ./ssh-dss.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/ssh-dss.c	2011-10-10 13:10:35.867387919 -0400
-@@ -179,7 +179,7 @@
- 
- 	DSA_SIG_free(sig);
- 
--	verbose("ssh_dss_verify: signature %s",
-+	pam_ssh_auth_verbose("ssh_dss_verify: signature %s",
- 	    ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
- 	return ret;
- }
diff -ruN --exclude=CVS /usr/ports/security/pam_ssh_agent_auth/files/patch-ssh-rsa.c ./files/patch-ssh-rsa.c
--- /usr/ports/security/pam_ssh_agent_auth/files/patch-ssh-rsa.c	2011-10-23 21:46:38.000000000 +0600
+++ ./files/patch-ssh-rsa.c	1970-01-01 06:00:00.000000000 +0600
@@ -1,28 +0,0 @@
---- ./ssh-rsa.c	2009-08-08 20:54:21.000000000 -0400
-+++ ../../pam_ssh_agent_auth-0.9.3.fixed/ssh-rsa.c	2011-10-10 13:10:35.867387919 -0400
-@@ -75,7 +75,7 @@
- 	}
- 	if (len < slen) {
- 		u_int diff = slen - len;
--		verbose("slen %u > len %u", slen, len);
-+		pam_ssh_auth_verbose("slen %u > len %u", slen, len);
- 		memmove(sig + diff, sig, len);
- 		memset(sig, 0, diff);
- 	} else if (len > slen) {
-@@ -148,7 +148,7 @@
- 		return -1;
- 	} else if (len < modlen) {
- 		u_int diff = modlen - len;
--		verbose("ssh_rsa_verify: add padding: modlen %u > len %u",
-+		pam_ssh_auth_verbose("ssh_rsa_verify: add padding: modlen %u > len %u",
- 		    modlen, len);
- 		sigblob = xrealloc(sigblob, 1, modlen);
- 		memmove(sigblob + diff, sigblob, len);
-@@ -169,7 +169,7 @@
- 	memset(digest, 'd', sizeof(digest));
- 	memset(sigblob, 's', len);
- 	xfree(sigblob);
--	verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
-+	pam_ssh_auth_verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
- 	return ret;
- }
--- pam_ssh_agent_auth-0.9.4.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201210212043.q9LKhfSo098895>