1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-23 04:23:08 +00:00

Defaults changed: (Gregory Sutter)

ChallengeResponseAuthentication no
 UseLogin no

SSH_PRIVSEP_USER=sshd, distributioin patch set it to nobodyh. (Jan Srzednicki)

#undef USE_PIPES, problems with ppp over ssh. (Kugimoto Takeshi)

fix missing includes for "canohost.h"
This commit is contained in:
Dirk Meyer 2002-06-28 04:50:31 +00:00
parent 27bab29fdb
commit 22f7f6acb8
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=62139
6 changed files with 49 additions and 20 deletions

View File

@ -7,6 +7,7 @@
PORTNAME= openssh
PORTVERSION= 3.4
PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/ \
ftp://ftp.usa.openbsd.org/pub/OpenBSD/OpenSSH/ \
@ -28,7 +29,7 @@ MODIFY= ssh.h sshd_config sshd.sh pathnames.h
FIXME= lib/Makefile scp/Makefile sftp/Makefile sftp-server/Makefile \
ssh/Makefile ssh-add/Makefile ssh-agent/Makefile \
ssh-keygen/Makefile ssh-keyscan/Makefile sshd/Makefile
ADDME+= netdb.h auth-pam.c auth-pam.h auth2-pam.c
ADDME+= auth-pam.c auth-pam.h auth2-pam.c
ADDLIB+= strlcat.c strlcpy.c \
getaddrinfo.c name6.c bindresvport.c rcmd.c getnameinfo.c
PRECIOUS= ssh_config sshd_config \
@ -46,6 +47,7 @@ CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto
MAKE_ENV+= DESTDIR=${PREFIX} MANDIR=/man/man CRYPTOLIBS="${CRYPTOLIBS}"
.if ${OSVERSION} < 400014
MAKE_ENV+= COMPAT_GETADDRINFO=yes
ADDME+= netdb.h
.else
MAKE_ENV+= INET6FLAGS=-DINET6
.endif

View File

@ -1,21 +1,21 @@
--- auth1.c.orig Wed Jun 19 02:27:55 2002
+++ auth1.c Wed Jun 26 18:05:48 2002
@@ -27,6 +27,15 @@
+++ auth1.c Fri Jun 28 06:45:24 2002
@@ -26,6 +26,15 @@
#include "session.h"
#include "uidswap.h"
#include "monitor_wrap.h"
+#include "canohost.h"
+
+#ifdef HAVE_LOGIN_CAP
+#include <login_cap.h>
+#endif /* HAVE_LOGIN_CAP */
+#ifdef USE_PAM
+#include "canohost.h"
+#include "auth-pam.h"
+#include <security/pam_appl.h>
+#endif /* USE_PAM */
+
/* import */
extern ServerOptions options;
@@ -75,6 +84,16 @@
u_int ulen;
int type = 0;

View File

@ -1,6 +1,14 @@
--- auth2.c.orig Fri May 31 13:35:15 2002
+++ auth2.c Mon Jun 24 07:02:04 2002
@@ -133,6 +133,15 @@
+++ auth2.c Fri Jun 28 06:45:47 2002
@@ -35,6 +35,7 @@
#include "dispatch.h"
#include "pathnames.h"
#include "monitor_wrap.h"
+#include "canohost.h"
/* import */
extern ServerOptions options;
@@ -133,6 +134,15 @@
Authmethod *m = NULL;
char *user, *service, *method, *style = NULL;
int authenticated = 0;
@ -16,7 +24,7 @@
if (authctxt == NULL)
fatal("input_userauth_request: no authctxt");
@@ -152,8 +161,14 @@
@@ -152,8 +162,14 @@
if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
authctxt->valid = 1;
debug2("input_userauth_request: setting up authctxt for %s", user);
@ -31,7 +39,7 @@
}
setproctitle("%s%s", authctxt->pw ? user : "unknown",
use_privsep ? " [net]" : "");
@@ -168,6 +183,41 @@
@@ -168,6 +184,41 @@
"(%s,%s) -> (%s,%s)",
authctxt->user, authctxt->service, user, service);
}
@ -73,7 +81,7 @@
/* reset state */
auth2_challenge_stop(authctxt);
authctxt->postponed = 0;
@@ -178,6 +228,12 @@
@@ -178,6 +229,12 @@
debug2("input_userauth_request: try method %s", method);
authenticated = m->userauth(authctxt);
}

View File

@ -1,5 +1,5 @@
--- includes.h.orig Sat Jan 26 17:44:22 2002
+++ includes.h Sat Jun 22 12:17:34 2002
+++ includes.h Fri Jun 28 06:23:07 2002
@@ -24,12 +24,12 @@
#include <sys/select.h>
#include <sys/param.h>
@ -22,10 +22,12 @@
#include <stdio.h>
#include <ctype.h>
#include <errno.h>
@@ -62,5 +61,68 @@
@@ -61,6 +60,69 @@
* Define this to use pipes instead of socketpairs for communicating with the
* client program. Socketpairs do not seem to work on all systems.
*/
#define USE_PIPES 1
-#define USE_PIPES 1
+#undef USE_PIPES
+
+#if defined(__FreeBSD__) && __FreeBSD__ <= 3
+/*

View File

@ -0,0 +1,11 @@
--- ssh.h.orig Fri Jun 28 06:15:27 2002
+++ ssh.h Fri Jun 28 06:16:33 2002
@@ -90,7 +90,7 @@
* sshd will change its privileges to this user and its
* primary group.
*/
-#define SSH_PRIVSEP_USER "nobody"
+#define SSH_PRIVSEP_USER "sshd"
/* Minimum modulus size (n) for RSA keys. */
#define SSH_RSA_MINIMUM_MODULUS_SIZE 768

View File

@ -1,10 +1,16 @@
--- sshd_config Mon Jun 24 20:56:50 2002
+++ sshd_config.orig Sat Jun 22 12:40:35 2002
@@ -74,7 +76,9 @@
#PrintLastLog yes
--- sshd_config.orig Thu Jun 27 22:07:41 2002
+++ sshd_config Fri Jun 28 06:00:05 2002
@@ -56,6 +56,7 @@
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
+ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
@@ -75,6 +76,7 @@
#KeepAlive yes
#UseLogin no
+UseLogin yes
#UsePrivilegeSeparation yes
+UsePrivilegeSeparation yes
#Compression yes