freebsd-ports/ftp/wu-ftpd+ipv6/files/patch-ad

*** src/ftpd.c.bak	Mon Jan 20 08:05:11 1997
--- src/ftpd.c	Thu Jan 30 17:46:16 1997
***************
*** 235,246 ****
  int logging = 0;
  int log_commands = 0;
  
- #ifdef SKEY			/* H* add-on.  Not as elegant as Wietse's */
- #include "skey.h"		/* logdaemon package, but does the job.   */
- struct skey skey_blk;
- char chbuff[80];
- #endif
- 
  #ifdef SECUREOSF
  #define SecureWare
  #include <prot.h>
--- 235,240 ----
***************
*** 1201,1212 ****
              acl_setfunctions();
  
  #ifdef SKEY
! /* 0 means we found the user and the skeykeys file is open for update. */
!     if (skeychallenge (&skey_blk, name, chbuff) == 0)
! 	reply (331, "[%s] required for %s.", chbuff, name);
!     else
! #endif
      reply(331, "Password required for %s.", name);
      askpasswd = 1;
      /* Delay before reading passwd after first failed attempt to slow down
       * passwd-guessing programs. */
--- 1195,1205 ----
              acl_setfunctions();
  
  #ifdef SKEY
!     pwok = skeyaccess(name, NULL, remotehost, remoteaddr);
!     reply(331, "%s", skey_challenge(name, pw, pwok));
! #else
      reply(331, "Password required for %s.", name);
+ #endif
      askpasswd = 1;
      /* Delay before reading passwd after first failed attempt to slow down
       * passwd-guessing programs. */
***************
*** 1378,1389 ****
          xpasswd = crypt(passwd, salt);
  #endif
  #endif
- #endif
- #ifdef SKEY
- /* comment the next line if you REALLY want to allow replayable passwds. */
- 	strcpy (xpasswd, "wrongo:spazmoid");  /* disable regular passwds */
- 	if (skeyverify (&skey_blk, passwd) == 0)
- 	    strcpy (xpasswd, pw->pw_passwd);	/* do it the sleazy way */
  #endif
  #ifdef ULTRIX_AUTH
          if ((numfails = ultrix_check_pass(passwd, xpasswd)) < 0) {
--- 1371,1376 ----
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`*** src/ftpd.c.bak Mon Jan 20 08:05:11 1997`
			`--- src/ftpd.c Thu Jan 30 17:46:16 1997`
			`***************`
			`* 235,246 **`
			`int logging = 0;`
			`int log_commands = 0;`

			`- #ifdef SKEY /* H* add-on. Not as elegant as Wietse's */`
			`- #include "skey.h" /* logdaemon package, but does the job. */`
			`- struct skey skey_blk;`
			`- char chbuff[80];`
			`- #endif`
			`-`
			`#ifdef SECUREOSF`
			`#define SecureWare`
			`#include <prot.h>`
			`--- 235,240 ----`
			`***************`
			`* 1201,1212 **`
			`acl_setfunctions();`

			`#ifdef SKEY`
			`! /* 0 means we found the user and the skeykeys file is open for update. */`
			`! if (skeychallenge (&skey_blk, name, chbuff) == 0)`
			`! reply (331, "[%s] required for %s.", chbuff, name);`
			`! else`
			`! #endif`
Finally get most of wu-ftpd working. Changes: - Use internal functions rather than libc versions in a couple of places This allows writing to dirs without read perms and the ftpconversions file to work. - Fix up skey support to use correct parameters - using compress in the ftpconversions file doesn't seem to work, so alter example ftpconversions file to use gzip -d rather than compress -dc - Install manpages compressed Still broken : - using /bin/compress to compress/uncompress files on the fly 1995-01-25 22:41:57 +00:00			`reply(331, "Password required for %s.", name);`
			`askpasswd = 1;`
			`/* Delay before reading passwd after first failed attempt to slow down`
			`* passwd-guessing programs. */`
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`--- 1195,1205 ----`
			`acl_setfunctions();`
Finally get most of wu-ftpd working. Changes: - Use internal functions rather than libc versions in a couple of places This allows writing to dirs without read perms and the ftpconversions file to work. - Fix up skey support to use correct parameters - using compress in the ftpconversions file doesn't seem to work, so alter example ftpconversions file to use gzip -d rather than compress -dc - Install manpages compressed Still broken : - using /bin/compress to compress/uncompress files on the fly 1995-01-25 22:41:57 +00:00
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`#ifdef SKEY`
			`! pwok = skeyaccess(name, NULL, remotehost, remoteaddr);`
			`! reply(331, "%s", skey_challenge(name, pw, pwok));`
Finally get most of wu-ftpd working. Changes: - Use internal functions rather than libc versions in a couple of places This allows writing to dirs without read perms and the ftpconversions file to work. - Fix up skey support to use correct parameters - using compress in the ftpconversions file doesn't seem to work, so alter example ftpconversions file to use gzip -d rather than compress -dc - Install manpages compressed Still broken : - using /bin/compress to compress/uncompress files on the fly 1995-01-25 22:41:57 +00:00			`! #else`
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`reply(331, "Password required for %s.", name);`
Rip off the patch to ftpd.c and one to access.c from patch-ai and merge ftpd.c patch to patch-ad and access.c patch to patch-af. (As clearly stated in the handbook, a file should be changed only by one patch.) 1997-01-17 09:09:18 +00:00			`+ #endif`
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`askpasswd = 1;`
			`/* Delay before reading passwd after first failed attempt to slow down`
			`* passwd-guessing programs. */`
Finally get most of wu-ftpd working. Changes: - Use internal functions rather than libc versions in a couple of places This allows writing to dirs without read perms and the ftpconversions file to work. - Fix up skey support to use correct parameters - using compress in the ftpconversions file doesn't seem to work, so alter example ftpconversions file to use gzip -d rather than compress -dc - Install manpages compressed Still broken : - using /bin/compress to compress/uncompress files on the fly 1995-01-25 22:41:57 +00:00			`***************`
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`* 1378,1389 **`
			`xpasswd = crypt(passwd, salt);`
Finally get most of wu-ftpd working. Changes: - Use internal functions rather than libc versions in a couple of places This allows writing to dirs without read perms and the ftpconversions file to work. - Fix up skey support to use correct parameters - using compress in the ftpconversions file doesn't seem to work, so alter example ftpconversions file to use gzip -d rather than compress -dc - Install manpages compressed Still broken : - using /bin/compress to compress/uncompress files on the fly 1995-01-25 22:41:57 +00:00			`#endif`
Fix screwy output from pwd when in a "hidden" directory. Submitted by: torstenb 1995-05-30 09:58:38 +00:00			`#endif`
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`- #endif`
			`- #ifdef SKEY`
			`- /* comment the next line if you REALLY want to allow replayable passwds. */`
			`- strcpy (xpasswd, "wrongo:spazmoid"); /* disable regular passwds */`
			`- if (skeyverify (&skey_blk, passwd) == 0)`
			`- strcpy (xpasswd, pw->pw_passwd); /* do it the sleazy way */`
Fix screwy output from pwd when in a "hidden" directory. Submitted by: torstenb 1995-05-30 09:58:38 +00:00			`#endif`
Upgrade to Academ 2.4.2-beta-12 as recommended by AUSCERT security advisory. P.S. this version is much improved comparing to what we have previously, f.e. it already contains most of our fixes. 1997-01-30 17:00:56 +00:00			`#ifdef ULTRIX_AUTH`
			`if ((numfails = ultrix_check_pass(passwd, xpasswd)) < 0) {`
			`--- 1371,1376 ----`