1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-04 22:33:27 +00:00
Commit Graph

48 Commits

Author SHA1 Message Date
Torsten Blum
62e8b86072 Checfor OSVERSION _or_ USE_INET6 when deciding if IPv6 support should
be added. This is done to support the build on pre 4.0 machines with
the KAME IPv6 stack installed. It has been verified to build+work
with both 4.0 and 3.4+kame.

Org. patch Submitted By: Munechika SUMIKAWA <sumikawa@ebina.hitachi.co.jp>
2000-02-12 19:27:40 +00:00
Torsten Blum
eb66565459 Add IPv6 support to ssh.
The IPv6 patch was obtained from the kame repository and has been
been writen by KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>

Due to the whole mess with different patches it was necessary to include
both the IPv6 patch and patch-ssh-1.2.27-bsd.tty.chown in ${PATCHDIR}.
Since both patches modify the configure script it was also necessary
to rebuild it via autoconf from configure.in. I've decided to use
USE_AUTOCONF instead of including the re-build configure script in
${FILESDIR}

Obtained from:	KAME/WIDE
2000-01-14 19:37:39 +00:00
Warner Losh
ab96a24696 Default to not allowing root logins. This makes it consistant with
OpenSSH.  Users desiring the old functionality can edit their
sshd-config files by hand for new installs.
1999-11-20 19:54:31 +00:00
Warner Losh
272f7058db Don't overflow rsa bits. As seen on bugtraq and elsewhere.
Submitted by: drow@false.org
Reviewed by: ache
PR: 14749
1999-11-16 07:21:36 +00:00
Torsten Blum
4bc02dcc5e Turn Root Login on again.
It has been changed in rev. 1.4 of this file, but the committer forgot to
mention it on the log.
1999-09-10 21:01:55 +00:00
Brian Somers
2170922420 Only use trimdomain() if __FreeBSD_version > 320000
It was available in 3.0 & 3.1 but would truncate at UT_HOSTSIZE-1
1999-06-18 11:37:30 +00:00
SADA Kenji
48500b76a6 PR: ports/12037
Submitted by:	Issei Suzuki <issei@jp.FreeBSD.ORG>
Upgrade to 1.2.27.
# I'm not maintainer but it seems that torstenb is too busy to
# look the PR and many people want new version ssh port.
1999-06-15 20:14:04 +00:00
Brian Somers
ec05f7b3ba Always use trimdomain(), not just #if __FreeBSD_version >= 400004
The port maintainer must be away....
1999-05-07 15:41:49 +00:00
Brian Somers
efca57d6d3 Reduce the copy of the DISPLAY variable using
trimdomain() so that ``ssh machine.domain xterm''
comes out with a machine name of (say) ``machine:10.0''.
Reviewed by: torstenb@
1999-04-11 09:10:34 +00:00
Brian Somers
f58bba4d52 Call trimdomain() to reduce the size of the ut_host
field before reveting to storing an IP number.
Reviewed by: torstenb@
1999-04-11 09:08:31 +00:00
Andrey A. Chernov
f5f3107e73 add official kerberos patch 1998-11-10 13:20:21 +00:00
Jordan K. Hubbard
564a72f782 Properly reference the rsaref sources, which are required during the build
of ssh now.  If anyone knows of a way of making the build dependency here
less gross, I'm listening! :)
1998-10-08 03:42:23 +00:00
Chuck Robey
62728f8f6f Repair a linkage problem, whereis the ssh port was trying to
specify the location of system libs.
Reviewed by:	Mark Murray, David O'Brien
1998-09-13 20:38:06 +00:00
Dima Ruban
64e630d83b 1.2.22 -> 1.2.25
Somebody needs to go through patch-af to check it, since I'm not sure
about some of the stuff.

This version fixes a security flaw in previous version.
1998-06-12 07:55:14 +00:00
Andrey A. Chernov
810624b0c8 Fix rare DES empty passwords bug 1998-02-13 22:02:39 +00:00
Andrey A. Chernov
07199742b4 Don't print "No mail" for FreeBSD , just print nothing 1998-01-22 13:37:55 +00:00
Andrey A. Chernov
8cff771ce2 Fix .hushlogin support
Remove FreeBSD mail check, now done elsewhere in the code
Use bsdi code to warn about expired/changed passwords
Move misplaced login_close up
1998-01-22 12:04:15 +00:00
Warner Losh
935e28b3a2 Upgrade to ssh 1.2.22. Please send problems with the upgrade to me.
1.2.22 fixes a security hole with ssh-agent, so users are encouraged
to upgrade.

OK'd by: Torsten Blum (torstenb@freebsd.org)
1998-01-20 23:50:15 +00:00
Warner Losh
957ddb3bd6 Merge in change requested by theo:
OpenBSD and FreeBSD now both use rresvport.  This is a nop for
	FreeBSD, but for OpenBSD this picks random port numbers.
Submitted by:	deraadt@cvs.openbsd.org
1997-12-24 18:48:46 +00:00
Torsten Blum
c2119976db Upgrade to 1.2.21 1997-09-16 00:13:25 +00:00
John Polstra
4b40e7aa2b Prevent this server error message:
fatal: Local: Agent socket bind failed: Address already in use

It would happen when the server tried to create the Unix domain
socket "/tmp/ssh-username/agent-socket-123", if the file already
existed.  It could already exist if it happened to be left over from
a system crash.  This patch unlinks the file before attempting the
bind operation.

I will send this patch to ssh-bugs@cs.hut.fi too.
1997-07-19 19:28:35 +00:00
Andrey A. Chernov
e8c4d489b5 Handle expired and changed password timeouts now 1997-06-11 11:09:00 +00:00
David Nugent
9c41c4452d login_getclass() -> login_getpwclass(). 1997-05-10 19:03:09 +00:00
Andrey A. Chernov
e2101afed1 Fix 3 error with login.conf
1) pw->pw_class was always zero since not copied
2) login_getuserclass() used instead of login_getclass(), so
default class always returned
3) env pointer can be redefined at the moment of setusercontext() call
1997-05-02 20:20:49 +00:00
Peter Wemm
25c2756dd9 Update from ssh-1.2.19 to ssh-1.2.20. All patches applied still, I just
regenerated them to fix the line numbers.  Also, I added two commented out
options in Makefile, one to tell sshd that a group writeable homedir
is OK because all users are in their own group, and the other is to allow
an unencrypted connection (which is dangerous since it can lead to
compromise of keys), but on a secure network it's damn useful for backups
etc.
1997-04-25 05:01:06 +00:00
Andrey A. Chernov
62128c83d1 Disable extended LOGIN_CAP $MAIL processing until it will be fixed
properly. In old variant /var/mail/root was always checked instead of
/var/mail/<user>
1997-04-16 21:07:36 +00:00
Andrey A. Chernov
29fe1065ad Upgrade to 1.2.19 1997-04-16 19:48:30 +00:00
Andrey A. Chernov
f742a35be3 Fix argument parsing loop in ssh-agent (original 1.2.18 bug) 1997-04-01 04:17:21 +00:00
Andrey A. Chernov
797920ff49 Upgrade to 1.2.18 1997-03-28 23:30:39 +00:00
Andrey A. Chernov
96a7483d0d Add LOGIN_CAP abilities
Submitted by: davidn
1997-02-27 00:44:35 +00:00
Peter Wemm
67faab29d6 Make one of our changes for -current work on 2.1. In -current, rresvport()
ignores it's argument (it's meaningless, the kernel keeps the state), but
2.1.x use it.  ssh was effectively giving a random port to 2.1.

Originally noticed by: John Polstra <jdp@polstra.com>
1996-12-27 08:42:41 +00:00
Adam David
80926da9e8 1.2.16 --> 1.2.17
(new agent forwarding protocol that is said to work this time)
1996-11-20 12:45:59 +00:00
Andrey A. Chernov
d67a4ad9e9 Remove my ptys patch, because this code is unused, openpty is used instead
Mimic login more closely now:
1) Put usual Copyright line
2) You have mail
1996-11-12 01:47:39 +00:00
Andrey A. Chernov
a13d148e44 Use BSD naming convention for pty names, it fixes two problems:
1) Too many false open syscalls on pty allocation
2) (more serious) ssh not use about half of available ptys
1996-11-12 00:13:38 +00:00
Andrey A. Chernov
4a2478071f Change syslog facility from DAEMON to AUTH 1996-11-02 00:18:49 +00:00
Andrey A. Chernov
d6d04d104d Use system shared libgmp now 1996-10-24 23:46:15 +00:00
Andrey A. Chernov
3c3ae1773e It fixes a really annoying error
reporting bug which happens if the remote end uses tcp_wrappers to control
sshd access (it says something like "read: no such file or directory" or
"read: permission denied" instead of "connection closed").  I already sent it
in to the ssh mailing list.
Submitted by: fenner
1996-10-17 23:00:41 +00:00
Andrey A. Chernov
dfd4904911 Upgrade to official 1.2.16
Fix PLIST
1996-10-16 04:56:12 +00:00
Peter Wemm
4f8ec254e4 Have ssh use rresvport() to get a privileged socket instead of doing it
itself.  This means it obeys the portrange sysctl's.
1996-08-12 14:17:53 +00:00
Torsten Blum
e1b1692d10 Back out andrews change - 1.2.14.1 is not an official ssh release. 1996-07-18 11:33:47 +00:00
Andrey A. Chernov
e66e7030c0 Upgrade to 1.2.14.1
Misc bugfixes
1996-07-16 00:33:19 +00:00
Andrey A. Chernov
61772e4269 If hostname > UT_HOSTSIZE, write its numeric address instead to keep
valid information in utmp and lastlog
1996-06-17 16:14:19 +00:00
Peter Wemm
5f066853a3 Update ssh-1.2.13 -> ssh-1.2.14
ssh-askpass no longer uses wish, so chop the make rules that attempt to
locate it.
Go further to try and protect the ssh_host_key, since it's critical to
the operation and security of the machine.
1996-06-07 04:33:33 +00:00
Andrey A. Chernov
268c96e397 Upgrade to 1.2.13 1996-02-17 15:13:47 +00:00
Paul Traina
253fd7df14 Fix patch typo.
Found by: Andrzej Tobola <san@iem.pw.edu.pl>
1996-02-07 05:35:16 +00:00
Paul Traina
444809bde1 Upgrade to snapshot of ssh. 1.1.12a was recalled due to even worse
security problems.

Also re-do the method we use for disconnecting ourselves from the supplied
gmp and z libraries so that this can be maintained in the future (sigh!).
1996-02-06 02:57:10 +00:00
Peter Wemm
b3bf66adcd two minor adjustments to ssh for freebsd specific issues:
patch-ac: call setsid() before setlogin() in the child (when emulating rsh)
  otherwise the setlogin() will fail when/if the proposed setlogin() changes
  go in.  Otherwise it silently fails and may leave the login name of the user
  session as "root" (depending on how sshd was started).  Without the proposed
  kernel change, it harmlessly sets the login name of the user's session.
patch-ad: patch the #ifdef botch that stopped a ssh login from using and
  updating the lastlog file.  This is because we have struct lastlog defined
  inside utmp.h rather than a lastlog.h include file like it was expecting.
1995-11-21 04:30:29 +00:00
Torsten Blum
e92e7e24d1 Ssh is a secure rlogin/rsh/rcp replacement with strong authentication
(.rhosts together with RSA based host authentication, and pure RSA
authentication) and improved privacy (all communications are automatically
and transparently encrypted).
1995-10-07 01:19:27 +00:00