From owner-svn-ports-all@freebsd.org Sat Jan 2 12:00:00 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BEFE6A5E513; Sat, 2 Jan 2016 12:00:00 +0000 (UTC) (envelope-from riggs@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9A04E1CEC; Sat, 2 Jan 2016 12:00:00 +0000 (UTC) (envelope-from riggs@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u02Bxxma049830; Sat, 2 Jan 2016 11:59:59 GMT (envelope-from riggs@FreeBSD.org) Received: (from riggs@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u02BxxBo049825; Sat, 2 Jan 2016 11:59:59 GMT (envelope-from riggs@FreeBSD.org) Message-Id: <201601021159.u02BxxBo049825@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: riggs set sender to riggs@FreeBSD.org using -f From: Thomas Zander Date: Sat, 2 Jan 2016 11:59:59 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r405067 - in head/security/sshpass: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Jan 2016 12:00:00 -0000 Author: riggs Date: Sat Jan 2 11:59:59 2016 New Revision: 405067 URL: https://svnweb.freebsd.org/changeset/ports/405067 Log: Backport patch from upstream trunk for 'hangs forever' issue On http://sourceforge.net/p/sshpass/bugs/12/ the issue is explained: Doing a "sshpass -p password ssh vmfreebsd10-32 -l account ls" hangs forever. The reason is that in this combination the prompt for the password looks like this: "Password for account@vmfreebsd10-32:" and sshpass checks the password against the string "assword:", so there is no match. This is fixed upstream in trunk, but no release has been created yet. Import the patch into the ports tree until the next release. PR: 204819 Submitted by: andrey@bsdnir.info Approved by: maintainer timeout Added: head/security/sshpass/files/ head/security/sshpass/files/patch-configure.ac (contents, props changed) head/security/sshpass/files/patch-main.c (contents, props changed) head/security/sshpass/files/patch-sshpass.1 (contents, props changed) Modified: head/security/sshpass/Makefile head/security/sshpass/pkg-descr Modified: head/security/sshpass/Makefile ============================================================================== --- head/security/sshpass/Makefile Sat Jan 2 11:37:24 2016 (r405066) +++ head/security/sshpass/Makefile Sat Jan 2 11:59:59 2016 (r405067) @@ -3,6 +3,7 @@ PORTNAME= sshpass PORTVERSION= 1.05 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= SF/${PORTNAME}/sshpass/${PORTVERSION} @@ -11,6 +12,7 @@ COMMENT= Non-interactive ssh password au LICENSE= GPLv2 +USES= autoreconf:env GNU_CONFIGURE= yes PLIST_FILES= bin/sshpass \ Added: head/security/sshpass/files/patch-configure.ac ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshpass/files/patch-configure.ac Sat Jan 2 11:59:59 2016 (r405067) @@ -0,0 +1,14 @@ +--- configure.ac.orig 2011-08-06 07:03:01 UTC ++++ configure.ac +@@ -32,6 +32,11 @@ AC_FUNC_SELECT_ARGTYPES + AC_TYPE_SIGNAL + AC_CHECK_FUNCS([select posix_openpt strdup]) + ++AC_ARG_ENABLE([password-prompt], ++ [AS_HELP_STRING([--enable-password-prompt=prompt], [Provide alternative ssh password prompt to look for.])], ++ [AC_DEFINE_UNQUOTED([PASSWORD_PROMPT], ["$enable_password_prompt"], [Password prompt to use])], ++ [AC_DEFINE([PASSWORD_PROMPT], ["assword"])]) ++ + AC_CONFIG_FILES([Makefile]) + AM_CONFIG_HEADER(config.h) + AC_OUTPUT Added: head/security/sshpass/files/patch-main.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshpass/files/patch-main.c Sat Jan 2 11:59:59 2016 (r405067) @@ -0,0 +1,65 @@ +--- main.c.orig 2011-08-06 07:04:33 UTC ++++ main.c +@@ -1,5 +1,5 @@ + /* This file is part of "sshpass", a tool for batch running password ssh authentication +- * Copyright (C) 2006 Lingnu Open Source Consulting Ltd. ++ * Copyright (C) 2006, 2015 Lingnu Open Source Consulting Ltd. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -69,6 +69,8 @@ struct { + int fd; + const char *password; + } pwsrc; ++ ++ const char *pwprompt; + } args; + + static void show_help() +@@ -77,6 +79,7 @@ static void show_help() + " -f filename Take password to use from file\n" + " -d number Use number as file descriptor for getting password\n" + " -p password Provide password as argument (security unwise)\n" ++ " -P prompt Which string should sshpass search for to detect a password prompt\n" + " -e Password is passed as env-var \"SSHPASS\"\n" + " With no parameters - password will be taken from stdin\n\n" + " -h Show help (this screen)\n" +@@ -99,7 +102,7 @@ static int parse_options( int argc, char + fprintf(stderr, "Conflicting password source\n"); \ + error=RETURN_CONFLICTING_ARGUMENTS; } + +- while( (opt=getopt(argc, argv, "+f:d:p:heV"))!=-1 && error==-1 ) { ++ while( (opt=getopt(argc, argv, "+f:d:p:P:heV"))!=-1 && error==-1 ) { + switch( opt ) { + case 'f': + // Password should come from a file +@@ -130,6 +133,9 @@ static int parse_options( int argc, char + optarg[i]='z'; + } + break; ++ case 'P': ++ args.pwprompt=optarg; ++ break; + case 'e': + VIRGIN_PWTYPE; + +@@ -359,7 +365,7 @@ int handleoutput( int fd ) + // We are looking for the string + static int prevmatch=0; // If the "password" prompt is repeated, we have the wrong password. + static int state1, state2; +- static const char compare1[]="assword:"; // Asking for a password ++ static const char *compare1=PASSWORD_PROMPT; // Asking for a password + static const char compare2[]="The authenticity of host "; // Asks to authenticate host + // static const char compare3[]="WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"; // Warns about man in the middle attack + // The remote identification changed error is sent to stderr, not the tty, so we do not handle it. +@@ -367,6 +373,10 @@ int handleoutput( int fd ) + char buffer[40]; + int ret=0; + ++ if( args.pwprompt ) { ++ compare1 = args.pwprompt; ++ } ++ + int numread=read(fd, buffer, sizeof(buffer) ); + + state1=match( compare1, buffer, numread, state1 ); Added: head/security/sshpass/files/patch-sshpass.1 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshpass/files/patch-sshpass.1 Sat Jan 2 11:59:59 2016 (r405067) @@ -0,0 +1,22 @@ +--- sshpass.1.orig 2011-08-06 06:58:25 UTC ++++ sshpass.1 +@@ -1,4 +1,4 @@ +-.TH SSHPASS 1 "August 6, 2011" "Lingnu Open Source Consulting" "Sshpass User Manual" ++.TH SSHPASS 1 "April 24, 2015" "Lingnu Open Source Consulting" "Sshpass User Manual" + .\" Please adjust this date whenever revising the manpage. + .SH NAME + sshpass \- noninteractive ssh password provider +@@ -37,6 +37,13 @@ password is read from the open file desc + .TP + .B \-e + The password is taken from the environment variable "SSHPASS". ++.TP ++.B \-P ++Set the password prompt. Sshpass searched for this prompt in the program's ++output to the TTY as an indication when to send the password. By default ++sshpass looks for the string "assword:" (which matches both "Password:" and ++"password:"). If your client's prompt does not fall under either of these, ++you can override the default with this option. + .SH SECURITY CONSIDERATIONS + .P + First and foremost, users of sshpass should realize that ssh's insistance on Modified: head/security/sshpass/pkg-descr ============================================================================== --- head/security/sshpass/pkg-descr Sat Jan 2 11:37:24 2016 (r405066) +++ head/security/sshpass/pkg-descr Sat Jan 2 11:59:59 2016 (r405067) @@ -2,4 +2,4 @@ Sshpass is a tool for non-interactively with SSH's so called "interactive keyboard password authentication". Most user should use SSH's more secure public key authentication instead. -WWW: http://sourceforge.net/projects/sshpass/ +WWW: http://sourceforge.net/projects/sshpass/