- Cast the arguments of ssh_conn_send_channel_data_type() and
ssh_encode_{array_alloc,buffer}() calls as appropriate in order to fix argument size problems on 64-bit platforms and that manifest themselves on amd64 and ia64. [1] - Allow the tcsetattr(3) calls in ssh_rl_{restore,set}_tty_modes_for_fd() to be interrupted by signal. This fixes occasional problems when connecting to a host for the first time. - Use the base zlib instead of the one shipping with SSH; although the latter has an enhancement allowing a minor SSH-specific optimization, using the base one has the benefit of not needing to track security vulnerabilities of zlib in this port (SSH 3.2.9.1 ships with zlib 1.1.4 which is not know to be vulnerable though). - Try to make the description of the WITHOUT_X11 option of the port Makefile to be more sentence-like. PR: 98016 [1] Approved by: netchild Obtained from: NetBSD [1]
This commit is contained in:
parent
eb472827b1
commit
d47f13ae97
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=171488
13 changed files with 220 additions and 9 deletions
|
@ -7,7 +7,7 @@
|
|||
|
||||
PORTNAME= ssh2
|
||||
PORTVERSION= 3.2.9.1
|
||||
PORTREVISION= 5
|
||||
PORTREVISION= 6
|
||||
CATEGORIES= security ipv6
|
||||
# The list of official mirror sites is at:
|
||||
# http://www.ssh.com/support/downloads/secureshellserver/non-commercial.html
|
||||
|
@ -115,8 +115,8 @@ pre-everything::
|
|||
@${ECHO_MSG} " security/krb5 is installed."
|
||||
.endif
|
||||
.if !defined(WITHOUT_X11)
|
||||
@${ECHO_MSG} "WITHOUT_X11=yes builds without X11 support. Same as compiling"
|
||||
@${ECHO_MSG} " security/ssh2-nox11."
|
||||
@${ECHO_MSG} "WITHOUT_X11=yes builds without X11 support. Setting this is"
|
||||
@${ECHO_MSG} " the same as compiling security/ssh2-nox11."
|
||||
.endif
|
||||
@${ECHO_MSG} ""
|
||||
.endif
|
||||
|
@ -131,6 +131,10 @@ post-patch:
|
|||
@${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g' \
|
||||
${WRKSRC}/apps/ssh/subconfig/${i}
|
||||
.endfor
|
||||
@${FIND} ${WRKSRC} -name Makefile.in -print0 -type f | \
|
||||
${XARGS} -0 ${REINPLACE_CMD} -E -e \
|
||||
's|-I\$$\(top_srcdir\)\/lib\/zlib||g; \
|
||||
s|\$$\(top_builddir\)\/lib\/zlib\/libz.a||g'
|
||||
@${REINPLACE_CMD} -e 's|\/etc\/ssh2|${PREFIX}&|g' \
|
||||
${WRKSRC}/HOWTO.anonymous.sftp
|
||||
@${REINPLACE_CMD} -e \
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
--- apps/ssh/lib/sshproto/sshconn.c.orig 2003-12-03 15:17:34.000000000 +0200
|
||||
+++ apps/ssh/lib/sshproto/sshconn.c
|
||||
@@ -452,7 +452,8 @@ Boolean ssh_conn_send_channel_data_type(
|
||||
(unsigned int) SSH_MSG_CHANNEL_DATA,
|
||||
SSH_FORMAT_UINT32, (SshUInt32)
|
||||
channel->remote_id,
|
||||
- SSH_FORMAT_UINT32_STR, buf, len,
|
||||
+ SSH_FORMAT_UINT32_STR, buf,
|
||||
+ (size_t) len,
|
||||
SSH_FORMAT_END);
|
||||
}
|
||||
else
|
||||
@@ -465,7 +466,8 @@ Boolean ssh_conn_send_channel_data_type(
|
||||
SSH_FORMAT_UINT32, (SshUInt32)
|
||||
channel->remote_id,
|
||||
SSH_FORMAT_UINT32, (SshUInt32) i,
|
||||
- SSH_FORMAT_UINT32_STR, buf, len,
|
||||
+ SSH_FORMAT_UINT32_STR, buf,
|
||||
+ (size_t) len,
|
||||
SSH_FORMAT_END);
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
--- apps/ssh/lib/sshproto/trcommon.c.orig 2003-12-03 15:17:33.000000000 +0200
|
||||
+++ apps/ssh/lib/sshproto/trcommon.c
|
||||
@@ -555,7 +555,7 @@ void ssh_tr_send_packet(SshTransportComm
|
||||
SSH_DEBUG(5, ("Outgoing empty, sending empty ignore packet."));
|
||||
ret = ssh_encode_buffer(&new_packet,
|
||||
SSH_FORMAT_CHAR, (unsigned int) SSH_MSG_IGNORE,
|
||||
- SSH_FORMAT_UINT32, 0L,
|
||||
+ SSH_FORMAT_UINT32, (SshUInt32) 0,
|
||||
SSH_FORMAT_END);
|
||||
SSH_VERIFY(ret > 0);
|
||||
ssh_tr_encode_packet(tr, ssh_buffer_ptr(&new_packet),
|
||||
@@ -3171,7 +3171,7 @@ void ssh_tr_process_up_incoming_packet(S
|
||||
|
||||
ssh_encode_buffer(new_packet,
|
||||
SSH_FORMAT_CHAR, (unsigned int) SSH_MSG_IGNORE,
|
||||
- SSH_FORMAT_UINT32, ignore_len,
|
||||
+ SSH_FORMAT_UINT32, (SshUInt32) ignore_len,
|
||||
SSH_FORMAT_END);
|
||||
|
||||
ssh_xbuffer_append_space(new_packet, &datap, ignore_len);
|
11
security/ssh2/files/patch-apps::ssh::ssh-agent2.c
Normal file
11
security/ssh2/files/patch-apps::ssh::ssh-agent2.c
Normal file
|
@ -0,0 +1,11 @@
|
|||
--- apps/ssh/ssh-agent2.c.orig 2003-12-03 15:17:27.000000000 +0200
|
||||
+++ apps/ssh/ssh-agent2.c
|
||||
@@ -1802,7 +1802,7 @@ void ssh_agenti_ssh1_encode_mp(SshBuffer
|
||||
num_buf = ssh_xmalloc(num_buf_len);
|
||||
ssh_mp_get_buf(num_buf, num_buf_len, n);
|
||||
ssh_encode_buffer(buffer,
|
||||
- SSH_FORMAT_DATA, len_buf, 2,
|
||||
+ SSH_FORMAT_DATA, len_buf, (size_t) 2,
|
||||
SSH_FORMAT_DATA, num_buf, num_buf_len,
|
||||
SSH_FORMAT_END);
|
||||
ssh_xfree(num_buf);
|
11
security/ssh2/files/patch-apps::ssh::ssh-signer2.c
Normal file
11
security/ssh2/files/patch-apps::ssh::ssh-signer2.c
Normal file
|
@ -0,0 +1,11 @@
|
|||
--- apps/ssh/ssh-signer2.c.orig 2003-12-03 15:17:26.000000000 +0200
|
||||
+++ apps/ssh/ssh-signer2.c
|
||||
@@ -264,7 +264,7 @@ SSH_FSM_STEP(signer_send_error)
|
||||
(unsigned int) gdata->error_code_to_ssh2,
|
||||
SSH_FORMAT_UINT32_STR, gdata->error_message_to_ssh2,
|
||||
strlen(gdata->error_message_to_ssh2),
|
||||
- SSH_FORMAT_UINT32_STR, "en", 2,
|
||||
+ SSH_FORMAT_UINT32_STR, "en", (size_t) 2,
|
||||
SSH_FORMAT_END);
|
||||
|
||||
ssh_packet_wrapper_can_receive(gdata->wrapper, FALSE);
|
11
security/ssh2/files/patch-apps::ssh::ssh1proto.c
Normal file
11
security/ssh2/files/patch-apps::ssh::ssh1proto.c
Normal file
|
@ -0,0 +1,11 @@
|
|||
--- apps/ssh/ssh1proto.c.orig 2003-12-03 15:17:26.000000000 +0200
|
||||
+++ apps/ssh/ssh1proto.c
|
||||
@@ -3918,7 +3918,7 @@ void ssh1_handle_packet_smsg_auth_rsa_ch
|
||||
SSH_FORMAT_UINT32_STR,
|
||||
challenge_buf, challenge_len,
|
||||
SSH_FORMAT_UINT32_STR,
|
||||
- ssh1->session_id, 16,
|
||||
+ ssh1->session_id, (size_t) 16,
|
||||
SSH_FORMAT_END);
|
||||
ssh_xfree(challenge_buf);
|
||||
ssh1->mode = SSH1_AGENT_OPERATION_IN_PROGRESS;
|
|
@ -262,15 +262,28 @@
|
|||
else if (mailbuf.st_atime > mailbuf.st_mtime)
|
||||
printf("You have mail.\n");
|
||||
else
|
||||
@@ -1248,6 +1374,11 @@
|
||||
}
|
||||
@@ -1249,6 +1375,11 @@
|
||||
}
|
||||
}
|
||||
+
|
||||
|
||||
+#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
|
||||
+ login_close(lc);
|
||||
+ endpwent();
|
||||
+#endif /* __FreeBSD__ && HAVE_LOGIN_CAP_H */
|
||||
|
||||
+
|
||||
execve(shell, argv, env);
|
||||
/* Executing the shell failed. */
|
||||
perror(shell);
|
||||
@@ -2315,9 +2446,9 @@
|
||||
{
|
||||
ssh_encode_buffer(&buffer,
|
||||
SSH_FORMAT_UINT32, (SshUInt32) -exit_status,
|
||||
- SSH_FORMAT_BOOLEAN, FALSE,
|
||||
- SSH_FORMAT_UINT32_STR, NULL, 0,
|
||||
- SSH_FORMAT_UINT32_STR, NULL, 0,
|
||||
+ SSH_FORMAT_BOOLEAN, (Boolean) FALSE,
|
||||
+ SSH_FORMAT_UINT32_STR, NULL, (size_t) 0,
|
||||
+ SSH_FORMAT_UINT32_STR, NULL, (size_t) 0,
|
||||
SSH_FORMAT_END);
|
||||
|
||||
|
||||
|
|
12
security/ssh2/files/patch-apps::ssh::sshpamserver.c
Normal file
12
security/ssh2/files/patch-apps::ssh::sshpamserver.c
Normal file
|
@ -0,0 +1,12 @@
|
|||
--- apps/ssh/sshpamserver.c.orig 2003-12-03 15:17:26.000000000 +0200
|
||||
+++ apps/ssh/sshpamserver.c
|
||||
@@ -306,7 +306,8 @@ int send_packet(int fd, SshPacketType pa
|
||||
|
||||
buffer = ssh_xbuffer_allocate();
|
||||
ssh_encode_buffer(buffer,
|
||||
- SSH_FORMAT_UINT32, ssh_buffer_len(packet) + 1,
|
||||
+ SSH_FORMAT_UINT32,
|
||||
+ (SshUInt32) (ssh_buffer_len(packet) + 1),
|
||||
SSH_FORMAT_CHAR, (unsigned int)packet_type,
|
||||
SSH_FORMAT_DATA, ssh_buffer_ptr(packet),
|
||||
ssh_buffer_len(packet),
|
|
@ -9,7 +9,17 @@
|
|||
|
||||
# Platform-specific stuff.
|
||||
case "$target" in
|
||||
@@ -10994,7 +10994,7 @@
|
||||
@@ -9731,6 +9731,9 @@
|
||||
no_ranlib=yes
|
||||
CFLAGS="$CFLAGS -UM_I86SM"
|
||||
;;
|
||||
+ *-*-freebsd*)
|
||||
+ os_freebsd=yes
|
||||
+ ;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
@@ -10994,7 +10997,7 @@
|
||||
fi
|
||||
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
|
||||
echo "$ac_t""yes" 1>&6
|
||||
|
@ -18,7 +28,7 @@
|
|||
else
|
||||
echo "$ac_t""no" 1>&6
|
||||
fi
|
||||
@@ -11112,7 +11112,7 @@
|
||||
@@ -11112,7 +11115,7 @@
|
||||
#include "confdefs.h"
|
||||
#include <$ac_hdr>
|
||||
EOF
|
||||
|
@ -27,3 +37,13 @@
|
|||
{ (eval echo configure:11117: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
|
||||
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
|
||||
if test -z "$ac_err"; then
|
||||
@@ -13011,6 +13014,9 @@
|
||||
fi
|
||||
else
|
||||
ssh2_ldadd_options="-L. -Llib/sshkeyutil -Llib/sshproto -L../../lib -lssh2 -lsshproto -lsshkeyutil $SCM_LDADD $ssh2_toolkit_ldadd -lssh"
|
||||
+ if test -n "$os_freebsd"; then
|
||||
+ ssh2_ldadd_options="$ssh2_ldadd_options -lz"
|
||||
+ fi
|
||||
fi
|
||||
|
||||
|
||||
|
|
23
security/ssh2/files/patch-lib::Makefile.in
Normal file
23
security/ssh2/files/patch-lib::Makefile.in
Normal file
|
@ -0,0 +1,23 @@
|
|||
--- lib/Makefile.in.orig Wed Dec 3 14:17:43 2003
|
||||
+++ lib/Makefile.in Sun Jul 30 14:39:00 2006
|
||||
@@ -124,7 +124,7 @@
|
||||
|
||||
AUTOMAKE_OPTIONS = 1.0 foreign dist-zip no-dependencies
|
||||
|
||||
-SUBDIRS = sshutil zlib sshmath sshasn1 sshreadline sshcrypto sshsession sshpgp sshapputil sshfilexfer
|
||||
+SUBDIRS = sshutil sshmath sshasn1 sshreadline sshcrypto sshsession sshpgp sshapputil sshfilexfer
|
||||
|
||||
|
||||
#
|
||||
@@ -449,11 +449,6 @@
|
||||
|
||||
local-includes:
|
||||
-if test '!' -d ../include; then mkdir ../include; fi
|
||||
- for i in zlib/zlib.h zlib/zconf.h; do \
|
||||
- if test -f $(srcdir)/$$i; then \
|
||||
- $(COPY_INCLUDE) $(srcdir)/$$i ../include; \
|
||||
- fi; \
|
||||
- done
|
||||
|
||||
includes: local-includes
|
||||
for d in $(SUBDIRS); do (cd $$d && $(MAKE) includes); done
|
32
security/ssh2/files/patch-lib::sshreadline::sshreadline.c
Normal file
32
security/ssh2/files/patch-lib::sshreadline::sshreadline.c
Normal file
|
@ -0,0 +1,32 @@
|
|||
--- lib/sshreadline/sshreadline.c.orig Wed Dec 3 14:17:20 2003
|
||||
+++ lib/sshreadline/sshreadline.c Fri Aug 18 20:58:55 2006
|
||||
@@ -500,8 +500,13 @@
|
||||
new_term.c_lflag &= ~(ECHO | ICANON);
|
||||
new_term.c_cc[VMIN] = 1;
|
||||
new_term.c_cc[VTIME] = 1;
|
||||
- if (tcsetattr(fd, TCSAFLUSH, &new_term) < 0)
|
||||
+ while (tcsetattr(fd, TCSAFLUSH, &new_term) < 0)
|
||||
{
|
||||
+ if (errno == EINTR)
|
||||
+ {
|
||||
+ errno = 0; /* For Solaris; just to make sure. */
|
||||
+ continue;
|
||||
+ }
|
||||
ssh_warning("tcsetattr failed in ssh_rl_set_tty_modes_for_fd: "
|
||||
"fd %d: %.200s", fd, strerror(errno));
|
||||
return -1;
|
||||
@@ -561,8 +566,13 @@
|
||||
{
|
||||
fcntl(fd, F_SETFL, fcntl_flags);
|
||||
|
||||
- if (tcsetattr(fd, TCSAFLUSH, saved_tio) < 0)
|
||||
+ while (tcsetattr(fd, TCSAFLUSH, saved_tio) < 0)
|
||||
{
|
||||
+ if (errno == EINTR)
|
||||
+ {
|
||||
+ errno = 0; /* For Solaris; just to make sure. */
|
||||
+ continue;
|
||||
+ }
|
||||
ssh_warning("tcsetattr failed in ssh_rl_restore_tty_modes_for_fd: "
|
||||
"fd %d: %.200s", fd, strerror(errno));
|
||||
return -1;
|
20
security/ssh2/files/patch-lib::sshutil::sshincludes.h
Normal file
20
security/ssh2/files/patch-lib::sshutil::sshincludes.h
Normal file
|
@ -0,0 +1,20 @@
|
|||
--- lib/sshutil/sshincludes.h.orig Wed Dec 3 14:17:18 2003
|
||||
+++ lib/sshutil/sshincludes.h Sun Jul 30 15:27:37 2006
|
||||
@@ -331,7 +331,7 @@
|
||||
#define UID_ROOT 0
|
||||
#endif /* UID_ROOT */
|
||||
|
||||
-#ifdef SSHDIST_ZLIB
|
||||
+#if defined(SSHDIST_ZLIB) && !defined(__FreeBSD__)
|
||||
/* Define zlib to have ssh prefix, so we will not care if there is another zlib
|
||||
in the kernel */
|
||||
#define deflateInit_ ssh_z_deflateInit_
|
||||
@@ -367,7 +367,7 @@
|
||||
#define uLongf ssh_z_uLongf
|
||||
#define voidpf ssh_z_voidpf
|
||||
#define voidp ssh_z_voidp
|
||||
-#endif /* SSHDIST_ZLIB */
|
||||
+#endif /* SSHDIST_ZLIB && !__FreeBSD__ */
|
||||
|
||||
|
||||
|
12
security/ssh2/files/patch-sshdistdefs.h
Normal file
12
security/ssh2/files/patch-sshdistdefs.h
Normal file
|
@ -0,0 +1,12 @@
|
|||
--- sshdistdefs.h.orig Wed Dec 3 14:17:34 2003
|
||||
+++ sshdistdefs.h Sun Jul 30 15:29:21 2006
|
||||
@@ -12,7 +12,9 @@
|
||||
#ifndef SSHDISTDEFS_H
|
||||
#define SSHDISTDEFS_H
|
||||
|
||||
+#if !defined(__FreeBSD__)
|
||||
#define SSHDIST_ZLIB_LEVEL_DETECTION
|
||||
+#endif
|
||||
#define SSHDIST_CRYPT_HMAC
|
||||
#define SSHDIST_SESSION_SIA
|
||||
#define SSHDIST_SSH2_SOCKS_FILTER
|
Loading…
Reference in a new issue