From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Sep 23 17:30:07 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DCD76106577A for ; Thu, 23 Sep 2010 17:30:07 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 470378FC16 for ; Thu, 23 Sep 2010 17:30:07 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o8NHU7bm011004 for ; Thu, 23 Sep 2010 17:30:07 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o8NHU7XF010997; Thu, 23 Sep 2010 17:30:07 GMT (envelope-from gnats) Date: Thu, 23 Sep 2010 17:30:07 GMT Message-Id: <201009231730.o8NHU7XF010997@freefall.freebsd.org> To: freebsd-ports-bugs@FreeBSD.org From: John Hein Cc: Subject: Re: ports/150493: Update for: security%2Fopenssh-portable port from 5.2p1 to 5.6p1 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: John Hein List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Sep 2010 17:30:08 -0000 The following reply was made to PR ports/150493; it has been noted by GNATS. From: John Hein To: bug-followup@FreeBSD.org, magik@roorback.net Cc: Subject: Re: ports/150493: Update for: security%2Fopenssh-portable port from 5.2p1 to 5.6p1 Date: Thu, 23 Sep 2010 11:29:23 -0600 --gbAT/ME/2i Content-Type: text/plain; charset=us-ascii Content-Description: message body text Content-Transfer-Encoding: 7bit As I mentioned in the last submission, here is a second patchset that just refreshes patches (diff hunk line numbers and dates) that otherwise apply cleanly. It can be considered optional. --gbAT/ME/2i Content-Type: text/plain; name="p-refresh-patches" Content-Description: just refresh patches that otherwise apply cleanly Content-Disposition: inline; filename="p-refresh-patches" Content-Transfer-Encoding: 7bit These patch updates do not change the end result at all. The orignal patch files still apply cleanly to 5.6p1 files. The updates below are just refreshed (update line numbers and date header) against the 5.6p1 files. Index: files/gss-serv.c.patch =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/gss-serv.c.patch,v retrieving revision 1.2 diff -u -p -r1.2 gss-serv.c.patch --- files/gss-serv.c.patch 7 Feb 2006 20:07:54 -0000 1.2 +++ files/gss-serv.c.patch 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- gss-serv.c.orig Sat Nov 5 02:07:05 2005 -+++ gss-serv.c Thu Feb 2 22:45:37 2006 -@@ -134,6 +134,16 @@ +--- gss-serv.c.orig 2008-05-18 23:05:07.000000000 -0600 ++++ gss-serv.c 2010-09-14 16:14:12.000000000 -0600 +@@ -192,6 +192,16 @@ OM_uint32 offset; OM_uint32 oidl; Index: files/patch-Makefile.in =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-Makefile.in,v retrieving revision 1.5 diff -u -p -r1.5 patch-Makefile.in --- files/patch-Makefile.in 7 Feb 2006 20:07:54 -0000 1.5 +++ files/patch-Makefile.in 14 Sep 2010 22:29:54 -0000 @@ -1,8 +1,8 @@ ---- Makefile.in.orig Fri Feb 25 18:12:38 2005 -+++ Makefile.in Sat Mar 19 19:53:44 2005 -@@ -230,7 +230,7 @@ +--- Makefile.in.orig 2010-05-12 00:51:39.000000000 -0600 ++++ Makefile.in 2010-09-14 16:14:12.000000000 -0600 +@@ -238,7 +238,7 @@ + $(AUTORECONF) -rm -rf autom4te.cache - (cd scard && $(MAKE) -f Makefile.in distprep) -install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config +install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf Index: files/patch-auth.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-auth.c,v retrieving revision 1.8 diff -u -p -r1.8 patch-auth.c --- files/patch-auth.c 1 Oct 2006 02:15:00 -0000 1.8 +++ files/patch-auth.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- auth.c.orig Wed Sep 6 21:36:43 2006 -+++ auth.c Sat Sep 30 10:38:04 2006 -@@ -500,7 +501,7 @@ +--- auth.c.orig 2010-08-12 11:33:01.000000000 -0600 ++++ auth.c 2010-09-14 16:14:12.000000000 -0600 +@@ -594,7 +594,7 @@ if (!allowed_user(pw)) return (NULL); #ifdef HAVE_LOGIN_CAP Index: files/patch-auth1.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-auth1.c,v retrieving revision 1.7 diff -u -p -r1.7 patch-auth1.c --- files/patch-auth1.c 1 Oct 2006 02:15:00 -0000 1.7 +++ files/patch-auth1.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- auth1.c.orig Fri Sep 1 02:38:36 2006 -+++ auth1.c Sat Sep 30 18:47:57 2006 -@@ -39,6 +39,7 @@ +--- auth1.c.orig 2010-06-25 18:01:33.000000000 -0600 ++++ auth1.c 2010-09-14 16:14:12.000000000 -0600 +@@ -40,6 +40,7 @@ #endif #include "monitor_wrap.h" #include "buffer.h" @@ -8,7 +8,7 @@ /* import */ extern ServerOptions options; -@@ -238,6 +239,13 @@ +@@ -239,6 +240,13 @@ char info[1024]; int prev = 0, type = 0; const struct AuthMethod1 *meth; @@ -22,11 +22,10 @@ debug("Attempting authentication for %s%.100s.", authctxt->valid ? "" : "invalid user ", authctxt->user); -@@ -288,6 +296,26 @@ - "type %d", type); +@@ -292,6 +300,26 @@ goto skip; } -+ + +#ifdef HAVE_LOGIN_CAP + if (authctxt->pw != NULL) { + lc = login_getpwclass(authctxt->pw); @@ -46,6 +45,7 @@ + lc = NULL; + } +#endif /* HAVE_LOGIN_CAP */ - ++ if (!*(meth->enabled)) { verbose("%s authentication disabled.", meth->name); + goto skip; Index: files/patch-auth2.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-auth2.c,v retrieving revision 1.7 diff -u -p -r1.7 patch-auth2.c --- files/patch-auth2.c 19 Apr 2008 13:46:24 -0000 1.7 +++ files/patch-auth2.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- auth2.c.orig 2008-04-07 22:16:43.000000000 -0300 -+++ auth2.c 2008-04-07 22:20:03.000000000 -0300 -@@ -41,6 +41,7 @@ +--- auth2.c.orig 2009-06-22 00:11:07.000000000 -0600 ++++ auth2.c 2010-09-14 16:14:12.000000000 -0600 +@@ -46,6 +46,7 @@ #include "key.h" #include "hostfile.h" #include "auth.h" @@ -8,7 +8,7 @@ #include "dispatch.h" #include "pathnames.h" #include "buffer.h" -@@ -146,6 +147,13 @@ +@@ -217,6 +218,13 @@ Authmethod *m = NULL; char *user, *service, *method, *style = NULL; int authenticated = 0; @@ -22,7 +22,7 @@ if (authctxt == NULL) fatal("input_userauth_request: no authctxt"); -@@ -194,6 +202,27 @@ +@@ -261,6 +269,27 @@ "(%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } @@ -49,4 +49,4 @@ + /* reset state */ auth2_challenge_stop(authctxt); - + #ifdef JPAKE Index: files/patch-loginrec.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-loginrec.c,v retrieving revision 1.6 diff -u -p -r1.6 patch-loginrec.c --- files/patch-loginrec.c 1 Oct 2006 02:15:00 -0000 1.6 +++ files/patch-loginrec.c 14 Sep 2010 22:29:54 -0000 @@ -1,16 +1,16 @@ ---- loginrec.c.orig Tue Feb 15 12:19:28 2005 -+++ loginrec.c Sat Mar 19 20:55:59 2005 -@@ -164,6 +164,9 @@ - #ifdef HAVE_LIBUTIL_H - # include +--- loginrec.c.orig 2010-04-09 02:13:27.000000000 -0600 ++++ loginrec.c 2010-09-14 16:14:12.000000000 -0600 +@@ -179,6 +179,9 @@ + #ifdef HAVE_UTIL_H + # include #endif +#ifdef __FreeBSD__ +#include +#endif - RCSID("$Id: loginrec.c,v 1.67 2005/02/15 11:19:28 dtucker Exp $"); - -@@ -670,8 +673,13 @@ + #ifdef HAVE_LIBUTIL_H + # include +@@ -693,8 +696,13 @@ strncpy(ut->ut_name, li->username, MIN_SIZEOF(ut->ut_name, li->username)); # ifdef HAVE_HOST_IN_UTMP Index: files/patch-readconf.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-readconf.c,v retrieving revision 1.1 diff -u -p -r1.1 patch-readconf.c --- files/patch-readconf.c 1 Oct 2006 02:15:00 -0000 1.1 +++ files/patch-readconf.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- readconf.c.orig Fri Sep 1 02:38:37 2006 -+++ readconf.c Sat Sep 30 10:38:05 2006 -@@ -1112,7 +1122,7 @@ +--- readconf.c.orig 2010-08-03 00:04:46.000000000 -0600 ++++ readconf.c 2010-09-14 16:14:12.000000000 -0600 +@@ -1169,7 +1169,7 @@ if (options->batch_mode == -1) options->batch_mode = 0; if (options->check_host_ip == -1) Index: files/patch-servconf.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-servconf.c,v retrieving revision 1.1 diff -u -p -r1.1 patch-servconf.c --- files/patch-servconf.c 1 Oct 2006 02:15:00 -0000 1.1 +++ files/patch-servconf.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- servconf.c.orig Fri Aug 18 11:23:15 2006 -+++ servconf.c Sat Sep 30 21:54:26 2006 -@@ -129,7 +129,7 @@ +--- servconf.c.orig 2010-06-25 17:38:45.000000000 -0600 ++++ servconf.c 2010-09-14 16:14:12.000000000 -0600 +@@ -139,7 +139,7 @@ { /* Portable-specific options */ if (options->use_pam == -1) @@ -9,7 +9,7 @@ /* Standard Options */ if (options->protocol == SSH_PROTO_UNKNOWN) -@@ -159,7 +159,7 @@ +@@ -170,7 +170,7 @@ if (options->key_regeneration_time == -1) options->key_regeneration_time = 3600; if (options->permit_root_login == PERMIT_NOT_SET) @@ -18,7 +18,7 @@ if (options->ignore_rhosts == -1) options->ignore_rhosts = 1; if (options->ignore_user_known_hosts == -1) -@@ -169,7 +169,7 @@ +@@ -180,7 +180,7 @@ if (options->print_lastlog == -1) options->print_lastlog = 1; if (options->x11_forwarding == -1) @@ -27,7 +27,7 @@ if (options->x11_display_offset == -1) options->x11_display_offset = 10; if (options->x11_use_localhost == -1) -@@ -207,7 +207,11 @@ +@@ -218,7 +218,11 @@ if (options->gss_cleanup_creds == -1) options->gss_cleanup_creds = 1; if (options->password_authentication == -1) Index: files/patch-ssh-agent.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-ssh-agent.c,v retrieving revision 1.3 diff -u -p -r1.3 patch-ssh-agent.c --- files/patch-ssh-agent.c 1 Oct 2006 02:15:00 -0000 1.3 +++ files/patch-ssh-agent.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- ssh-agent.c.orig Fri Sep 1 02:38:37 2006 -+++ ssh-agent.c Sat Sep 30 18:30:32 2006 -@@ -1036,6 +1036,7 @@ +--- ssh-agent.c.orig 2010-04-15 23:56:22.000000000 -0600 ++++ ssh-agent.c 2010-09-14 16:14:13.000000000 -0600 +@@ -1086,6 +1086,7 @@ /* drop */ setegid(getgid()); setgid(getgid()); Index: files/patch-ssh_config =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-ssh_config,v retrieving revision 1.1 diff -u -p -r1.1 patch-ssh_config --- files/patch-ssh_config 1 Oct 2006 02:15:00 -0000 1.1 +++ files/patch-ssh_config 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- ssh_config.orig Tue Jun 13 00:01:10 2006 -+++ ssh_config Sat Sep 30 10:39:07 2006 -@@ -27,7 +28,7 @@ +--- ssh_config.orig 2010-01-12 01:40:27.000000000 -0700 ++++ ssh_config 2010-09-14 16:14:13.000000000 -0600 +@@ -27,7 +27,7 @@ # GSSAPIAuthentication no # GSSAPIDelegateCredentials no # BatchMode no Index: files/patch-ssh_config.5 =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-ssh_config.5,v retrieving revision 1.1 diff -u -p -r1.1 patch-ssh_config.5 --- files/patch-ssh_config.5 1 Oct 2006 02:15:00 -0000 1.1 +++ files/patch-ssh_config.5 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- ssh_config.5.orig Fri Aug 4 22:34:51 2006 -+++ ssh_config.5 Sat Sep 30 10:39:07 2006 -@@ -165,7 +166,7 @@ +--- ssh_config.5.orig 2010-08-04 21:03:13.000000000 -0600 ++++ ssh_config.5 2010-09-14 16:14:13.000000000 -0600 +@@ -164,7 +164,7 @@ .Dq no , the check will not be executed. The default is Index: files/patch-sshd.8 =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-sshd.8,v retrieving revision 1.1 diff -u -p -r1.1 patch-sshd.8 --- files/patch-sshd.8 1 Oct 2006 02:15:00 -0000 1.1 +++ files/patch-sshd.8 14 Sep 2010 22:29:54 -0000 @@ -1,15 +1,15 @@ ---- sshd.8.orig Tue Aug 29 22:07:01 2006 -+++ sshd.8 Sat Sep 30 20:05:16 2006 -@@ -65,7 +65,7 @@ +--- sshd.8.orig 2010-08-04 21:03:13.000000000 -0600 ++++ sshd.8 2010-09-14 16:14:14.000000000 -0600 +@@ -70,7 +70,7 @@ .Nm listens for connections from clients. It is normally started at boot from -.Pa /etc/rc . -+.Pa %%PREFIX%%/etc/rc.d/%%RC_SCRIPT_NAME%% . ++.Pa /usr/local/etc/rc.d/openssh . It forks a new daemon for each incoming connection. The forked daemons handle -@@ -342,8 +342,9 @@ +@@ -384,8 +384,9 @@ If the login is on a tty, records login time. .It Checks @@ -21,7 +21,7 @@ (unless root). .It Changes to run with normal user privileges. -@@ -365,7 +366,8 @@ +@@ -407,7 +408,8 @@ exists, runs it; else if .Pa /etc/ssh/sshrc exists, runs Index: files/patch-sshd.c =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-sshd.c,v retrieving revision 1.3 diff -u -p -r1.3 patch-sshd.c --- files/patch-sshd.c 10 Nov 2006 13:11:49 -0000 1.3 +++ files/patch-sshd.c 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- sshd.c.patch Sun Sep 17 01:04:46 2006 -+++ sshd.c Sat Sep 30 10:38:05 2006 -@@ -80,6 +81,13 @@ +--- sshd.c.orig 2010-04-15 23:56:22.000000000 -0600 ++++ sshd.c 2010-09-14 16:14:13.000000000 -0600 +@@ -83,6 +83,13 @@ #include #endif @@ -14,11 +14,10 @@ #include "xmalloc.h" #include "ssh.h" #include "ssh1.h" -@@ -1697,6 +1705,29 @@ - signal(SIGQUIT, SIG_DFL); +@@ -1864,6 +1871,29 @@ signal(SIGCHLD, SIG_DFL); signal(SIGINT, SIG_DFL); -+ + +#ifdef __FreeBSD__ + /* + * Initialize the resolver. This may not happen automatically @@ -41,6 +40,7 @@ + } +#endif +#endif - ++ /* * Register our connection. This turns encryption off because we do + * not have a key. Index: files/patch-sshd_config =================================================================== RCS file: /base/FreeBSD-CVS/ports/security/openssh-portable/files/patch-sshd_config,v retrieving revision 1.6 diff -u -p -r1.6 patch-sshd_config --- files/patch-sshd_config 24 Mar 2009 17:26:18 -0000 1.6 +++ files/patch-sshd_config 14 Sep 2010 22:29:54 -0000 @@ -1,6 +1,6 @@ ---- sshd_config.orig 2008-07-02 20:35:43.000000000 +0800 -+++ sshd_config 2008-11-07 23:40:56.957018978 +0800 -@@ -38,7 +38,7 @@ +--- sshd_config.orig 2009-10-11 04:51:09.000000000 -0600 ++++ sshd_config 2010-09-14 16:14:13.000000000 -0600 +@@ -36,7 +36,7 @@ # Authentication: #LoginGraceTime 2m @@ -9,7 +9,7 @@ #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 -@@ -57,11 +57,11 @@ +@@ -55,11 +55,11 @@ # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes @@ -24,7 +24,7 @@ #ChallengeResponseAuthentication yes # Kerberos options -@@ -74,7 +74,7 @@ +@@ -72,7 +72,7 @@ #GSSAPIAuthentication no #GSSAPICleanupCredentials yes @@ -33,7 +33,7 @@ # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -@@ -83,12 +83,12 @@ +@@ -81,12 +81,12 @@ # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. --gbAT/ME/2i--