kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

- Cast the arguments of ssh_conn_send_channel_data_type() and

Browse source 
ssh_encode_{array_alloc,buffer}() calls as appropriate in order to
  fix argument size problems on 64-bit platforms and that manifest
  themselves on amd64 and ia64. [1]
- Allow the tcsetattr(3) calls in ssh_rl_{restore,set}_tty_modes_for_fd()
  to be interrupted by signal. This fixes occasional problems when
  connecting to a host for the first time.
- Use the base zlib instead of the one shipping with SSH; although the
  latter has an enhancement allowing a minor SSH-specific optimization,
  using the base one has the benefit of not needing to track security
  vulnerabilities of zlib in this port (SSH 3.2.9.1 ships with zlib
  1.1.4 which is not know to be vulnerable though).
- Try to make the description of the WITHOUT_X11 option of the port
  Makefile to be more sentence-like.

PR:		98016 [1]
Approved by:	netchild
Obtained from:	NetBSD [1]
This commit is contained in:
Marius Strobl 2006-08-28 00:03:21 +00:00
parent eb472827b1
commit d47f13ae97
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=171488
13 changed files with 220 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
security/ssh2/Makefile
View file

@ -7,7 +7,7 @@
PORTNAME= ssh2
PORTVERSION= 3.2.9.1
PORTREVISION= 5
PORTREVISION= 6
CATEGORIES= security ipv6
# The list of official mirror sites is at:
# http://www.ssh.com/support/downloads/secureshellserver/non-commercial.html
@ -115,8 +115,8 @@ pre-everything::
@${ECHO_MSG} " security/krb5 is installed."
.endif
.if !defined(WITHOUT_X11)
@${ECHO_MSG} "WITHOUT_X11=yes builds without X11 support. Same as compiling"
@${ECHO_MSG} " security/ssh2-nox11."
@${ECHO_MSG} "WITHOUT_X11=yes builds without X11 support. Setting this is"
@${ECHO_MSG} " the same as compiling security/ssh2-nox11."
.endif
@${ECHO_MSG} ""
.endif
@ -131,6 +131,10 @@ post-patch:
@${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g' \
${WRKSRC}/apps/ssh/subconfig/${i}
.endfor
@${FIND} ${WRKSRC} -name Makefile.in -print0 -type f | \
${XARGS} -0 ${REINPLACE_CMD} -E -e \
's|-I\$$\(top_srcdir\)\/lib\/zlib||g; \
s|\$$\(top_builddir\)\/lib\/zlib\/libz.a||g'
@${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g' \
${WRKSRC}/HOWTO.anonymous.sftp
@${REINPLACE_CMD} -e \

22
security/ssh2/files/patch-apps::ssh::lib::sshproto::sshconn.c Normal file
View file

@ -0,0 +1,22 @@
--- apps/ssh/lib/sshproto/sshconn.c.orig 2003-12-03 15:17:34.000000000 +0200
+++ apps/ssh/lib/sshproto/sshconn.c
@@ -452,7 +452,8 @@ Boolean ssh_conn_send_channel_data_type(
(unsigned int) SSH_MSG_CHANNEL_DATA,
SSH_FORMAT_UINT32, (SshUInt32)
channel->remote_id,
- SSH_FORMAT_UINT32_STR, buf, len,
+ SSH_FORMAT_UINT32_STR, buf,
+ (size_t) len,
SSH_FORMAT_END);
}
else
@@ -465,7 +466,8 @@ Boolean ssh_conn_send_channel_data_type(
SSH_FORMAT_UINT32, (SshUInt32)
channel->remote_id,
SSH_FORMAT_UINT32, (SshUInt32) i,
- SSH_FORMAT_UINT32_STR, buf, len,
+ SSH_FORMAT_UINT32_STR, buf,
+ (size_t) len,
SSH_FORMAT_END);
}

20
security/ssh2/files/patch-apps::ssh::lib::sshproto::trcommon.c Normal file
View file

@ -0,0 +1,20 @@
--- apps/ssh/lib/sshproto/trcommon.c.orig 2003-12-03 15:17:33.000000000 +0200
+++ apps/ssh/lib/sshproto/trcommon.c
@@ -555,7 +555,7 @@ void ssh_tr_send_packet(SshTransportComm
SSH_DEBUG(5, ("Outgoing empty, sending empty ignore packet."));
ret = ssh_encode_buffer(&new_packet,
SSH_FORMAT_CHAR, (unsigned int) SSH_MSG_IGNORE,
- SSH_FORMAT_UINT32, 0L,
+ SSH_FORMAT_UINT32, (SshUInt32) 0,
SSH_FORMAT_END);
SSH_VERIFY(ret > 0);
ssh_tr_encode_packet(tr, ssh_buffer_ptr(&new_packet),
@@ -3171,7 +3171,7 @@ void ssh_tr_process_up_incoming_packet(S
ssh_encode_buffer(new_packet,
SSH_FORMAT_CHAR, (unsigned int) SSH_MSG_IGNORE,
- SSH_FORMAT_UINT32, ignore_len,
+ SSH_FORMAT_UINT32, (SshUInt32) ignore_len,
SSH_FORMAT_END);
ssh_xbuffer_append_space(new_packet, &datap, ignore_len);

11
security/ssh2/files/patch-apps::ssh::ssh-agent2.c Normal file
View file

@ -0,0 +1,11 @@
--- apps/ssh/ssh-agent2.c.orig 2003-12-03 15:17:27.000000000 +0200
+++ apps/ssh/ssh-agent2.c
@@ -1802,7 +1802,7 @@ void ssh_agenti_ssh1_encode_mp(SshBuffer
num_buf = ssh_xmalloc(num_buf_len);
ssh_mp_get_buf(num_buf, num_buf_len, n);
ssh_encode_buffer(buffer,
- SSH_FORMAT_DATA, len_buf, 2,
+ SSH_FORMAT_DATA, len_buf, (size_t) 2,
SSH_FORMAT_DATA, num_buf, num_buf_len,
SSH_FORMAT_END);
ssh_xfree(num_buf);

11
security/ssh2/files/patch-apps::ssh::ssh-signer2.c Normal file
View file

@ -0,0 +1,11 @@
--- apps/ssh/ssh-signer2.c.orig 2003-12-03 15:17:26.000000000 +0200
+++ apps/ssh/ssh-signer2.c
@@ -264,7 +264,7 @@ SSH_FSM_STEP(signer_send_error)
(unsigned int) gdata->error_code_to_ssh2,
SSH_FORMAT_UINT32_STR, gdata->error_message_to_ssh2,
strlen(gdata->error_message_to_ssh2),
- SSH_FORMAT_UINT32_STR, "en", 2,
+ SSH_FORMAT_UINT32_STR, "en", (size_t) 2,
SSH_FORMAT_END);
ssh_packet_wrapper_can_receive(gdata->wrapper, FALSE);

11
security/ssh2/files/patch-apps::ssh::ssh1proto.c Normal file
View file

@ -0,0 +1,11 @@
--- apps/ssh/ssh1proto.c.orig 2003-12-03 15:17:26.000000000 +0200
+++ apps/ssh/ssh1proto.c
@@ -3918,7 +3918,7 @@ void ssh1_handle_packet_smsg_auth_rsa_ch
SSH_FORMAT_UINT32_STR,
challenge_buf, challenge_len,
SSH_FORMAT_UINT32_STR,
- ssh1->session_id, 16,
+ ssh1->session_id, (size_t) 16,
SSH_FORMAT_END);
ssh_xfree(challenge_buf);
ssh1->mode = SSH1_AGENT_OPERATION_IN_PROGRESS;

21
security/ssh2/files/patch-apps::ssh::sshchsession.c
View file

@ -262,15 +262,28 @@
else if (mailbuf.st_atime > mailbuf.st_mtime)
printf("You have mail.\n");
else
@@ -1248,6 +1374,11 @@
}
@@ -1249,6 +1375,11 @@
}
}
+
+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
+ login_close(lc);
+ endpwent();
+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */
+
execve(shell, argv, env);
/* Executing the shell failed. */
perror(shell);
@@ -2315,9 +2446,9 @@
{
ssh_encode_buffer(&buffer,
SSH_FORMAT_UINT32, (SshUInt32) -exit_status,
- SSH_FORMAT_BOOLEAN, FALSE,
- SSH_FORMAT_UINT32_STR, NULL, 0,
- SSH_FORMAT_UINT32_STR, NULL, 0,
+ SSH_FORMAT_BOOLEAN, (Boolean) FALSE,
+ SSH_FORMAT_UINT32_STR, NULL, (size_t) 0,
+ SSH_FORMAT_UINT32_STR, NULL, (size_t) 0,
SSH_FORMAT_END);

12
security/ssh2/files/patch-apps::ssh::sshpamserver.c Normal file
View file

@ -0,0 +1,12 @@
--- apps/ssh/sshpamserver.c.orig 2003-12-03 15:17:26.000000000 +0200
+++ apps/ssh/sshpamserver.c
@@ -306,7 +306,8 @@ int send_packet(int fd, SshPacketType pa
buffer = ssh_xbuffer_allocate();
ssh_encode_buffer(buffer,
- SSH_FORMAT_UINT32, ssh_buffer_len(packet) + 1,
+ SSH_FORMAT_UINT32,
+ (SshUInt32) (ssh_buffer_len(packet) + 1),
SSH_FORMAT_CHAR, (unsigned int)packet_type,
SSH_FORMAT_DATA, ssh_buffer_ptr(packet),
ssh_buffer_len(packet),

24
security/ssh2/files/patch-configure
View file

@ -9,7 +9,17 @@
# Platform-specific stuff.
case "$target" in
@@ -10994,7 +10994,7 @@
@@ -9731,6 +9731,9 @@
no_ranlib=yes
CFLAGS="$CFLAGS -UM_I86SM"
;;
+ *-*-freebsd*)
+ os_freebsd=yes
+ ;;
*)
;;
esac
@@ -10994,7 +10997,7 @@
fi
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
echo "$ac_t""yes" 1>&6
@ -18,7 +28,7 @@
else
echo "$ac_t""no" 1>&6
fi
@@ -11112,7 +11112,7 @@
@@ -11112,7 +11115,7 @@
#include "confdefs.h"
#include <$ac_hdr>
EOF
@ -27,3 +37,13 @@
{ (eval echo configure:11117: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
@@ -13011,6 +13014,9 @@
fi
else
ssh2_ldadd_options="-L. -Llib/sshkeyutil -Llib/sshproto -L../../lib -lssh2 -lsshproto -lsshkeyutil $SCM_LDADD $ssh2_toolkit_ldadd -lssh"
+ if test -n "$os_freebsd"; then
+ ssh2_ldadd_options="$ssh2_ldadd_options -lz"
+ fi
fi

23
security/ssh2/files/patch-lib::Makefile.in Normal file
View file

@ -0,0 +1,23 @@
--- lib/Makefile.in.orig Wed Dec 3 14:17:43 2003
+++ lib/Makefile.in Sun Jul 30 14:39:00 2006
@@ -124,7 +124,7 @@
AUTOMAKE_OPTIONS = 1.0 foreign dist-zip no-dependencies
-SUBDIRS = sshutil zlib sshmath sshasn1 sshreadline sshcrypto sshsession sshpgp sshapputil sshfilexfer
+SUBDIRS = sshutil sshmath sshasn1 sshreadline sshcrypto sshsession sshpgp sshapputil sshfilexfer
#
@@ -449,11 +449,6 @@
local-includes:
-if test '!' -d ../include; then mkdir ../include; fi
- for i in zlib/zlib.h zlib/zconf.h; do \
- if test -f $(srcdir)/$$i; then \
- $(COPY_INCLUDE) $(srcdir)/$$i ../include; \
- fi; \
- done
includes: local-includes
for d in $(SUBDIRS); do (cd $$d && $(MAKE) includes); done

32
security/ssh2/files/patch-lib::sshreadline::sshreadline.c Normal file
View file

@ -0,0 +1,32 @@
--- lib/sshreadline/sshreadline.c.orig Wed Dec 3 14:17:20 2003
+++ lib/sshreadline/sshreadline.c Fri Aug 18 20:58:55 2006
@@ -500,8 +500,13 @@
new_term.c_lflag &= ~(ECHO | ICANON);
new_term.c_cc[VMIN] = 1;
new_term.c_cc[VTIME] = 1;
- if (tcsetattr(fd, TCSAFLUSH, &new_term) < 0)
+ while (tcsetattr(fd, TCSAFLUSH, &new_term) < 0)
{
+ if (errno == EINTR)
+ {
+ errno = 0; /* For Solaris; just to make sure. */
+ continue;
+ }
ssh_warning("tcsetattr failed in ssh_rl_set_tty_modes_for_fd: "
"fd %d: %.200s", fd, strerror(errno));
return -1;
@@ -561,8 +566,13 @@
{
fcntl(fd, F_SETFL, fcntl_flags);
- if (tcsetattr(fd, TCSAFLUSH, saved_tio) < 0)
+ while (tcsetattr(fd, TCSAFLUSH, saved_tio) < 0)
{
+ if (errno == EINTR)
+ {
+ errno = 0; /* For Solaris; just to make sure. */
+ continue;
+ }
ssh_warning("tcsetattr failed in ssh_rl_restore_tty_modes_for_fd: "
"fd %d: %.200s", fd, strerror(errno));
return -1;

20
security/ssh2/files/patch-lib::sshutil::sshincludes.h Normal file
View file

@ -0,0 +1,20 @@
--- lib/sshutil/sshincludes.h.orig Wed Dec 3 14:17:18 2003
+++ lib/sshutil/sshincludes.h Sun Jul 30 15:27:37 2006
@@ -331,7 +331,7 @@
#define UID_ROOT 0
#endif /* UID_ROOT */
-#ifdef SSHDIST_ZLIB
+#if defined(SSHDIST_ZLIB) && !defined(__FreeBSD__)
/* Define zlib to have ssh prefix, so we will not care if there is another zlib
in the kernel */
#define deflateInit_ ssh_z_deflateInit_
@@ -367,7 +367,7 @@
#define uLongf ssh_z_uLongf
#define voidpf ssh_z_voidpf
#define voidp ssh_z_voidp
-#endif /* SSHDIST_ZLIB */
+#endif /* SSHDIST_ZLIB && !__FreeBSD__ */

12
security/ssh2/files/patch-sshdistdefs.h Normal file
View file

@ -0,0 +1,12 @@
--- sshdistdefs.h.orig Wed Dec 3 14:17:34 2003
+++ sshdistdefs.h Sun Jul 30 15:29:21 2006
@@ -12,7 +12,9 @@
#ifndef SSHDISTDEFS_H
#define SSHDISTDEFS_H
+#if !defined(__FreeBSD__)
#define SSHDIST_ZLIB_LEVEL_DETECTION
+#endif
#define SSHDIST_CRYPT_HMAC
#define SSHDIST_SESSION_SIA
#define SSHDIST_SSH2_SOCKS_FILTER