Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 20 Mar 2005 00:30:07 GMT
From:      Dimitry Andric <dimitry@andric.com>
To:        freebsd-ports-bugs@FreeBSD.org
Subject:   Re: ports/79029: Update port: security/openssh-portable to 4.0p1
Message-ID:  <200503200030.j2K0U7Zx060932@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/79029; it has been noted by GNATS.

From: Dimitry Andric <dimitry@andric.com>
To: freebsd-gnats-submit@FreeBSD.org,
	Marcus Grando <marcus@corp.grupos.com.br>
Cc:  
Subject: Re: ports/79029: Update port: security/openssh-portable to 4.0p1
Date: Sun, 20 Mar 2005 00:57:17 +0100

 On Sat, Mar 19, 2005 at 08:19:52PM -0300, Marcus Grando wrote:
 > Send a unified diff(1). It's better for commiters.
 
 Here's a diff:
 
 diff -urNd openssh-portable.orig/Makefile openssh-portable/Makefile
 --- openssh-portable.orig/Makefile	Sun Nov  7 16:12:49 2004
 +++ openssh-portable/Makefile	Sat Mar 19 20:39:52 2005
 @@ -6,7 +6,7 @@
  #
  
  PORTNAME=	openssh
 -PORTVERSION=	3.9.0.1
 +PORTVERSION=	4.0.0.1
  .if defined(OPENSSH_SNAPSHOT)
  PORTREVISION!=	date -v-1d +%Y%m%d
  .endif
 @@ -21,7 +21,7 @@
  MAINTAINER=	ports@FreeBSD.org
  COMMENT=	The portable version of OpenBSD's OpenSSH
  
 -OPENSSHVERSION=	3.9p1
 +OPENSSHVERSION=	4.0p1
  .if defined(OPENSSH_SNAPSHOT)
  MASTER_SITE_SUBDIR2=	snapshot/
  DISTNAME2=	${PORTNAME}-SNAP-${PORTREVISION}
 diff -urNd openssh-portable.orig/distinfo openssh-portable/distinfo
 --- openssh-portable.orig/distinfo	Wed Aug 18 13:35:53 2004
 +++ openssh-portable/distinfo	Sat Mar 19 20:39:08 2005
 @@ -1,2 +1,2 @@
 -MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e
 -SIZE (openssh-3.9p1.tar.gz) = 854027
 +MD5 (openssh-4.0p1.tar.gz) = 7b36f28fc16e1b7f4ba3c1dca191ac92
 +SIZE (openssh-4.0p1.tar.gz) = 889880
 diff -urNd openssh-portable.orig/files/patch-auth-pam.c openssh-portable/files/patch-auth-pam.c
 --- openssh-portable.orig/files/patch-auth-pam.c	Thu Jan  1 01:00:00 1970
 +++ openssh-portable/files/patch-auth-pam.c	Sat Mar 19 21:56:50 2005
 @@ -0,0 +1,65 @@
 +--- auth-pam.c.orig	Thu Jan 20 03:29:51 2005
 ++++ auth-pam.c	Sat Mar 19 21:52:37 2005
 +@@ -290,7 +290,7 @@
 +  * Conversation function for authentication thread.
 +  */
 + static int
 +-sshpam_thread_conv(int n, struct pam_message **msg,
 ++sshpam_thread_conv(int n, const struct pam_message **msg,
 +     struct pam_response **resp, void *data)
 + {
 + 	Buffer buffer;
 +@@ -390,7 +390,7 @@
 + 	u_int i;
 + 	const char *pam_user;
 + 
 +-	pam_get_item(sshpam_handle, PAM_USER, (void **)&pam_user);
 ++	pam_get_item(sshpam_handle, PAM_USER, (const void **)&pam_user);
 + 	environ[0] = NULL;
 + 
 + 	if (sshpam_authctxt != NULL) {
 +@@ -482,7 +482,7 @@
 + }
 + 
 + static int
 +-sshpam_null_conv(int n, struct pam_message **msg,
 ++sshpam_null_conv(int n, const struct pam_message **msg,
 +     struct pam_response **resp, void *data)
 + {
 + 	debug3("PAM: %s entering, %d messages", __func__, n);
 +@@ -492,7 +492,7 @@
 + static struct pam_conv null_conv = { sshpam_null_conv, NULL };
 + 
 + static int
 +-sshpam_store_conv(int n, struct pam_message **msg,
 ++sshpam_store_conv(int n, const struct pam_message **msg,
 +     struct pam_response **resp, void *data)
 + {
 + 	struct pam_response *reply;
 +@@ -565,7 +565,7 @@
 + 	if (sshpam_handle != NULL) {
 + 		/* We already have a PAM context; check if the user matches */
 + 		sshpam_err = pam_get_item(sshpam_handle,
 +-		    PAM_USER, (void **)&pam_user);
 ++		    PAM_USER, (const void **)&pam_user);
 + 		if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0)
 + 			return (0);
 + 		pam_end(sshpam_handle, sshpam_err);
 +@@ -881,7 +881,7 @@
 + }
 + 
 + static int
 +-sshpam_tty_conv(int n, struct pam_message **msg,
 ++sshpam_tty_conv(int n, const struct pam_message **msg,
 +     struct pam_response **resp, void *data)
 + {
 + 	char input[PAM_MAX_MSG_SIZE];
 +@@ -1040,7 +1040,7 @@
 +  * display.
 +  */
 + static int
 +-sshpam_passwd_conv(int n, struct pam_message **msg,
 ++sshpam_passwd_conv(int n, const struct pam_message **msg,
 +     struct pam_response **resp, void *data)
 + {
 + 	struct pam_response *reply;
 diff -urNd openssh-portable.orig/files/patch-auth1.c openssh-portable/files/patch-auth1.c
 --- openssh-portable.orig/files/patch-auth1.c	Wed Aug 18 13:35:53 2004
 +++ openssh-portable/files/patch-auth1.c	Sat Mar 19 21:35:03 2005
 @@ -1,23 +1,20 @@
 ---- auth1.c.orig	Thu Aug 12 14:40:25 2004
 -+++ auth1.c	Tue Aug 17 05:40:29 2004
 -@@ -25,6 +25,7 @@
 - #include "session.h"
 +--- auth1.c.orig	Tue Feb  8 11:52:48 2005
 ++++ auth1.c	Sat Mar 19 21:34:47 2005
 +@@ -26,6 +26,7 @@
   #include "uidswap.h"
   #include "monitor_wrap.h"
 + #include "buffer.h"
  +#include "canohost.h"
   
   /* import */
   extern ServerOptions options;
 -@@ -69,6 +70,18 @@
 +@@ -71,6 +72,15 @@
   	u_int dlen;
   	u_int ulen;
   	int prev, type = 0;
  +#ifdef HAVE_LOGIN_CAP
  +	login_cap_t *lc;
 -+#endif
 -+#ifdef USE_PAM
 -+	struct inverted_pam_cookie *pam_cookie;
 -+#endif /* USE_PAM */
 ++#endif /* HAVE_LOGIN_CAP */
  +#if defined(HAVE_LOGIN_CAP) || defined(LOGIN_ACCESS)
  +	const char *from_host, *from_ip;
  +
 @@ -27,7 +24,7 @@
   
   	debug("Attempting authentication for %s%.100s.",
   	    authctxt->valid ? "" : "invalid user ", authctxt->user);
 -@@ -217,6 +230,34 @@
 +@@ -219,6 +229,34 @@
   			logit("Unknown message during authentication: type %d", type);
   			break;
   		}
 diff -urNd openssh-portable.orig/files/patch-auth2.c openssh-portable/files/patch-auth2.c
 --- openssh-portable.orig/files/patch-auth2.c	Sun Nov  7 16:12:49 2004
 +++ openssh-portable/files/patch-auth2.c	Sat Mar 19 20:50:50 2005
 @@ -1,14 +1,14 @@
 ---- auth2.c.orig	Thu Aug 12 14:40:25 2004
 -+++ auth2.c	Mon Sep 20 05:04:48 2004
 -@@ -35,6 +35,7 @@
 - #include "dispatch.h"
 +--- auth2.c.orig	Tue Feb  8 11:52:48 2005
 ++++ auth2.c	Sat Mar 19 20:50:32 2005
 +@@ -36,6 +36,7 @@
   #include "pathnames.h"
   #include "monitor_wrap.h"
 + #include "buffer.h"
  +#include "canohost.h"
   
   #ifdef GSSAPI
   #include "ssh-gss.h"
 -@@ -134,6 +135,15 @@
 +@@ -136,6 +137,15 @@
   	Authmethod *m = NULL;
   	char *user, *service, *method, *style = NULL;
   	int authenticated = 0;
 @@ -24,7 +24,7 @@
   
   	if (authctxt == NULL)
   		fatal("input_userauth_request: no authctxt");
 -@@ -178,6 +188,41 @@
 +@@ -183,6 +193,41 @@
   		    "(%s,%s) -> (%s,%s)",
   		    authctxt->user, authctxt->service, user, service);
   	}
 diff -urNd openssh-portable.orig/files/patch-fake-rfc2553.h openssh-portable/files/patch-fake-rfc2553.h
 --- openssh-portable.orig/files/patch-fake-rfc2553.h	Thu Jan  1 01:00:00 1970
 +++ openssh-portable/files/patch-fake-rfc2553.h	Sat Mar 19 21:28:02 2005
 @@ -0,0 +1,11 @@
 +--- openbsd-compat/fake-rfc2553.h.orig	Fri Feb 11 08:32:13 2005
 ++++ openbsd-compat/fake-rfc2553.h	Sat Mar 19 21:27:33 2005
 +@@ -113,7 +113,7 @@
 + # define NI_MAXHOST 1025
 + #endif /* !NI_MAXHOST */
 + 
 +-#ifndef EAI_NODATA
 ++#ifndef EAI_MEMORY
 + # define EAI_NODATA	1
 + # define EAI_MEMORY	2
 + # define EAI_NONAME	3
 diff -urNd openssh-portable.orig/files/patch-loginrec.c openssh-portable/files/patch-loginrec.c
 --- openssh-portable.orig/files/patch-loginrec.c	Sun Nov  7 16:12:49 2004
 +++ openssh-portable/files/patch-loginrec.c	Sat Mar 19 20:56:28 2005
 @@ -1,21 +1,22 @@
 ---- loginrec.c.orig	Sun Aug 15 11:12:52 2004
 -+++ loginrec.c	Mon Sep 20 05:04:48 2004
 -@@ -167,6 +167,9 @@
 +--- loginrec.c.orig	Tue Feb 15 12:19:28 2005
 ++++ loginrec.c	Sat Mar 19 20:55:59 2005
 +@@ -164,6 +164,9 @@
   #ifdef HAVE_LIBUTIL_H
 - #   include <libutil.h>
 + # include <libutil.h>
   #endif
  +#ifdef __FreeBSD__
  +#include <osreldate.h>
  +#endif
   
 - /**
 -  ** prototypes for helper functions in this file
 -@@ -657,7 +660,12 @@
 - 	/* Use strncpy because we don't necessarily want null termination */
 - 	strncpy(ut->ut_name, li->username, MIN_SIZEOF(ut->ut_name, li->username));
 + RCSID("$Id: loginrec.c,v 1.67 2005/02/15 11:19:28 dtucker Exp $");
 + 
 +@@ -670,8 +673,13 @@
 + 	strncpy(ut->ut_name, li->username,
 + 	    MIN_SIZEOF(ut->ut_name, li->username));
   # ifdef HAVE_HOST_IN_UTMP
  +# if defined(__FreeBSD__) && __FreeBSD_version <= 400000
 - 	strncpy(ut->ut_host, li->hostname, MIN_SIZEOF(ut->ut_host, li->hostname));
 + 	strncpy(ut->ut_host, li->hostname,
 + 	    MIN_SIZEOF(ut->ut_host, li->hostname));
  +# else
  +	realhostname_sa(ut->ut_host, sizeof ut->ut_host,
  +	    &li->hostaddr.sa, li->hostaddr.sa.sa_len);
 diff -urNd openssh-portable.orig/files/patch-session.c openssh-portable/files/patch-session.c
 --- openssh-portable.orig/files/patch-session.c	Sun Nov  7 16:12:49 2004
 +++ openssh-portable/files/patch-session.c	Sat Mar 19 21:57:29 2005
 @@ -1,5 +1,5 @@
 ---- session.c.orig	Thu Aug 12 14:40:25 2004
 -+++ session.c	Tue Sep 21 19:48:42 2004
 +--- session.c.orig	Sun Mar  6 12:38:52 2005
 ++++ session.c	Sat Mar 19 21:45:32 2005
  @@ -66,6 +66,11 @@
   #include "ssh-gss.h"
   #endif
 @@ -12,7 +12,7 @@
   /* func */
   
   Session *session_new(void);
 -@@ -410,6 +415,13 @@
 +@@ -414,6 +419,13 @@
   		log_init(__progname, options.log_level, options.log_facility, log_stderr);
   
   		/*
 @@ -26,17 +26,7 @@
   		 * Create a new session and process group since the 4.4BSD
   		 * setlogin() affects the entire process group.
   		 */
 -@@ -526,6 +538,9 @@
 - {
 - 	int fdout, ptyfd, ttyfd, ptymaster;
 - 	pid_t pid;
 -+#if defined(USE_PAM)
 -+	const char *shorttty;
 -+#endif
 - 
 - 	if (s == NULL)
 - 		fatal("do_exec_pty: no session");
 -@@ -546,6 +561,14 @@
 +@@ -550,6 +562,14 @@
   
   		/* Child.  Reinitialize the log because the pid has changed. */
   		log_init(__progname, options.log_level, options.log_facility, log_stderr);
 @@ -51,26 +41,26 @@
   		/* Close the master side of the pseudo tty. */
   		close(ptyfd);
   
 -@@ -692,6 +715,18 @@
 +@@ -700,6 +720,18 @@
   	struct sockaddr_storage from;
   	struct passwd * pw = s->pw;
   	pid_t pid = getpid();
  +#ifdef HAVE_LOGIN_CAP
  +	FILE *f;
  +	char buf[256];
 -+	char *fname;
 ++	const char *fname;
  +	const char *shorttty;
  +#endif /* HAVE_LOGIN_CAP */
  +#ifdef __FreeBSD__
  +#define DEFAULT_WARN  (2L * 7L * 86400L)  /* Two weeks */
 -+	char *newcommand;
 ++	char *newcommand = NULL;
  +	struct timeval tv;
  +	time_t warntime = DEFAULT_WARN;
  +#endif /* __FreeBSD__ */
   
   	/*
   	 * Get IP address of client. If the connection is not a socket, let
 -@@ -727,12 +762,101 @@
 +@@ -735,12 +767,101 @@
   	}
   #endif
   
 @@ -173,7 +163,7 @@
   }
   
   /*
 -@@ -748,9 +872,9 @@
 +@@ -756,9 +877,9 @@
   #ifdef HAVE_LOGIN_CAP
   		f = fopen(login_getcapstr(lc, "welcome", "/etc/motd",
   		    "/etc/motd"), "r");
 @@ -185,7 +175,7 @@
   		if (f) {
   			while (fgets(buf, sizeof(buf), f))
   				fputs(buf, stdout);
 -@@ -777,10 +901,10 @@
 +@@ -785,10 +906,10 @@
   #ifdef HAVE_LOGIN_CAP
   	if (login_getcapbool(lc, "hushlogin", 0) || stat(buf, &st) >= 0)
   		return 1;
 @@ -198,10 +188,15 @@
   	return 0;
   }
   
 -@@ -967,6 +1091,10 @@
 +@@ -974,7 +1095,14 @@
 + {
   	char buf[256];
   	u_int i, envsize;
 - 	char **env, *laddr, *path = NULL;
 +-	char **env, *laddr, *path = NULL;
 ++	char **env, *laddr;
 ++#ifdef HAVE_CYGWIN
 ++	char *path = NULL;
 ++#endif /* HAVE_CYGWIN */
  +#ifdef HAVE_LOGIN_CAP
  +	extern char **environ;
  +	char **senv, **var;
 @@ -209,7 +204,7 @@
   	struct passwd *pw = s->pw;
   
   	/* Initialize the environment. */
 -@@ -974,6 +1102,9 @@
 +@@ -982,6 +1110,9 @@
   	env = xmalloc(envsize * sizeof(char *));
   	env[0] = NULL;
   
 @@ -219,7 +214,7 @@
   #ifdef HAVE_CYGWIN
   	/*
   	 * The Windows environment contains some setting which are
 -@@ -1032,9 +1163,21 @@
 +@@ -1046,9 +1177,21 @@
   
   		/* Normal systems set SHELL by default. */
   		child_set_env(&env, &envsize, "SHELL", shell);
 @@ -243,7 +238,7 @@
   
   	/* Set custom environment options from RSA authentication. */
   	if (!options.use_login) {
 -@@ -1234,6 +1377,12 @@
 +@@ -1258,6 +1401,12 @@
   void
   do_setusercontext(struct passwd *pw)
   {
 @@ -256,7 +251,7 @@
   #ifndef HAVE_CYGWIN
   	if (getuid() == 0 || geteuid() == 0)
   #endif /* HAVE_CYGWIN */
 -@@ -1254,10 +1403,30 @@
 +@@ -1285,10 +1434,30 @@
   		}
   # endif /* USE_PAM */
   		if (setusercontext(lc, pw, pw->pw_uid,
 @@ -288,7 +283,7 @@
   #else
   # if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
   		/* Sets login uid for accounting */
 -@@ -1284,7 +1453,16 @@
 +@@ -1322,7 +1491,16 @@
   		 * Reestablish them here.
   		 */
   		if (options.use_pam) {
 @@ -306,7 +301,7 @@
   			do_pam_setcred(0);
   		}
   # endif /* USE_PAM */
 -@@ -1374,7 +1552,7 @@
 +@@ -1417,7 +1595,7 @@
   	 * initgroups, because at least on Solaris 2.3 it leaves file
   	 * descriptors open.
   	 */
 @@ -315,7 +310,7 @@
   		close(i);
   }
   
 -@@ -1503,6 +1681,31 @@
 +@@ -1553,6 +1731,31 @@
   			exit(1);
   #endif
   	}



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503200030.j2K0U7Zx060932>