From owner-svn-ports-all@freebsd.org Tue Jun 19 15:44:43 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3B887102248F; Tue, 19 Jun 2018 15:44:43 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DC72E87638; Tue, 19 Jun 2018 15:44:42 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BEFB6158F2; Tue, 19 Jun 2018 15:44:42 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w5JFigKN058090; Tue, 19 Jun 2018 15:44:42 GMT (envelope-from bdrewery@FreeBSD.org) Received: (from bdrewery@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w5JFig8O058089; Tue, 19 Jun 2018 15:44:42 GMT (envelope-from bdrewery@FreeBSD.org) Message-Id: <201806191544.w5JFig8O058089@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bdrewery set sender to bdrewery@FreeBSD.org using -f From: Bryan Drewery Date: Tue, 19 Jun 2018 15:44:42 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r472800 - in branches/2018Q2/security/openssh-portable: . files X-SVN-Group: ports-branches X-SVN-Commit-Author: bdrewery X-SVN-Commit-Paths: in branches/2018Q2/security/openssh-portable: . files X-SVN-Commit-Revision: 472800 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2018 15:44:43 -0000 Author: bdrewery Date: Tue Jun 19 15:44:42 2018 New Revision: 472800 URL: https://svnweb.freebsd.org/changeset/ports/472800 Log: MFH: r472796 r472797 r472798 Add lost metadata on why this patch exists Fix nologin check when PAM option is disabled in the port. PR: 229147 Submitted by: Robert Schulze Forgot PORTREVISION bump for r472797. PR: 229147 Approved by: portmgr (implicit) Modified: branches/2018Q2/security/openssh-portable/Makefile branches/2018Q2/security/openssh-portable/files/patch-servconf.c Directory Properties: branches/2018Q2/ (props changed) Modified: branches/2018Q2/security/openssh-portable/Makefile ============================================================================== --- branches/2018Q2/security/openssh-portable/Makefile Tue Jun 19 15:43:01 2018 (r472799) +++ branches/2018Q2/security/openssh-portable/Makefile Tue Jun 19 15:44:42 2018 (r472800) @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 7.6p1 -PORTREVISION= 3 +PORTREVISION= 4 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= OPENBSD/OpenSSH/portable Modified: branches/2018Q2/security/openssh-portable/files/patch-servconf.c ============================================================================== --- branches/2018Q2/security/openssh-portable/files/patch-servconf.c Tue Jun 19 15:43:01 2018 (r472799) +++ branches/2018Q2/security/openssh-portable/files/patch-servconf.c Tue Jun 19 15:44:42 2018 (r472800) @@ -1,23 +1,34 @@ ---- servconf.c.orig 2015-08-17 20:37:29.913831000 UTC -+++ servconf.c 2015-08-17 20:37:29.950132000 -0700 -@@ -57,6 +57,7 @@ +r99048 | des | 2002-06-29 05:51:56 -0500 (Sat, 29 Jun 2002) | 4 lines +Changed paths: + M /head/crypto/openssh/myproposal.h + M /head/crypto/openssh/readconf.c + M /head/crypto/openssh/servconf.c + +Apply FreeBSD's configuration defaults. + +--- servconf.c.orig 2018-06-19 09:26:26 UTC ++++ servconf.c +@@ -63,6 +63,7 @@ #include "auth.h" #include "myproposal.h" #include "digest.h" +#include "version.h" - static void add_listen_addr(ServerOptions *, char *, int); - static void add_one_listen_addr(ServerOptions *, char *, int); -@@ -193,7 +194,7 @@ fill_default_server_options(ServerOption + static void add_listen_addr(ServerOptions *, const char *, + const char *, int); +@@ -240,7 +241,11 @@ fill_default_server_options(ServerOption /* Portable-specific options */ if (options->use_pam == -1) -- options->use_pam = 0; ++#ifdef USE_PAM + options->use_pam = 1; ++#else + options->use_pam = 0; ++#endif /* Standard Options */ - if (options->protocol == SSH_PROTO_UNKNOWN) -@@ -242,7 +243,7 @@ fill_default_server_options(ServerOption + if (options->num_host_key_files == 0) { +@@ -280,7 +285,7 @@ fill_default_server_options(ServerOption if (options->print_lastlog == -1) options->print_lastlog = 1; if (options->x11_forwarding == -1) @@ -26,9 +37,9 @@ if (options->x11_display_offset == -1) options->x11_display_offset = 10; if (options->x11_use_localhost == -1) -@@ -288,7 +289,11 @@ fill_default_server_options(ServerOption +@@ -320,7 +325,11 @@ fill_default_server_options(ServerOption if (options->gss_strict_acceptor == -1) - options->gss_strict_acceptor = 0; + options->gss_strict_acceptor = 1; if (options->password_authentication == -1) +#ifdef USE_PAM + options->password_authentication = 0;