Index: head/security/hpn-ssh/Makefile =================================================================== --- head/security/hpn-ssh/Makefile (revision 43776) +++ head/security/hpn-ssh/Makefile (revision 43777) @@ -1,38 +1,38 @@ # New ports collection makefile for: openssh # Date created: 18 Mar 1999 # Whom: dwcjr@inethouston.net # # $FreeBSD$ # PORTNAME= openssh PORTVERSION= 2.9p1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \ ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/ PKGNAMESUFFIX= -portable MAINTAINER= dwcjr@FreeBSD.org MAN1= sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1 MAN8= sftp-server.8 sshd.8 CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto USE_OPENSSL= YES GNU_CONFIGURE= yes CONFIGURE_ARGS?= --prefix=${PREFIX} .if exists(/usr/include/security/pam_modules.h) CONFIGURE_ARGS+= --with-pam .endif .if exists(/usr/include/tcpd.h) CONFIGURE_ARGS+= --with-tcp-wrappers .endif post-install: @${CAT} ${PKGMESSAGE} .include Property changes on: head/security/hpn-ssh/Makefile ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.3 \ No newline at end of property +1.4 \ No newline at end of property Index: head/security/hpn-ssh/files/patch-session.c =================================================================== --- head/security/hpn-ssh/files/patch-session.c (revision 43776) +++ head/security/hpn-ssh/files/patch-session.c (revision 43777) @@ -1,100 +1,102 @@ ---- session.c.orig Tue Apr 17 21:34:25 2001 -+++ session.c Sat May 26 15:45:15 2001 -@@ -461,6 +467,13 @@ +--- session.c.orig Sun Jun 10 17:22:44 2001 ++++ session.c Sun Jun 10 17:23:22 2001 +@@ -514,6 +514,13 @@ log_init(__progname, options.log_level, options.log_facility, log_stderr); /* + * Using login and executing a specific "command" are mutually + * exclusive, so turn off use_login if there's a command. + */ + if (command != NULL) + options.use_login = 0; + + /* * Create a new session and process group since the 4.4BSD * setlogin() affects the entire process group. */ -@@ -566,6 +579,13 @@ +@@ -628,6 +635,13 @@ /* Child. Reinitialize the log because the pid has changed. */ log_init(__progname, options.log_level, options.log_facility, log_stderr); + /* + * Using login and executing a specific "command" are mutually + * exclusive, so turn off use_login if there's a command. + */ + if (command != NULL) + options.use_login = 0; + /* Close the master side of the pseudo tty. */ close(ptyfd); -@@ -639,6 +659,11 @@ +@@ -707,6 +721,11 @@ time_t last_login_time; struct passwd * pw = s->pw; pid_t pid = getpid(); +#ifdef HAVE_LOGIN_CAP + FILE *f; + char buf[256]; + char *fname; +#endif /* HAVE_LOGIN_CAP */ /* * Get IP address of client. If the connection is not a socket, let -@@ -679,6 +704,21 @@ +@@ -767,6 +786,21 @@ printf("Last login: %s from %s\r\n", time_string, hostname); } +#ifdef HAVE_LOGIN_CAP + if (!options.use_login) { + fname = login_getcapstr(lc, "copyright", NULL, NULL); + if (fname != NULL && (f = fopen(fname, "r")) != NULL) { + while (fgets(buf, sizeof(buf), f) != NULL) + fputs(buf, stdout); + fclose(f); + } else + (void)printf("%s\n\t%s %s\n", + "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", + "The Regents of the University of California. ", + "All rights reserved."); + } +#endif /* HAVE_LOGIN_CAP */ + do_motd(); } -@@ -1027,7 +1067,7 @@ +@@ -1376,7 +1410,7 @@ * initgroups, because at least on Solaris 2.3 it leaves file * descriptors open. */ - for (i = 3; i < 64; i++) + for (i = 3; i < getdtablesize(); i++) close(i); /* Change current directory to the user\'s home directory. */ -@@ -1051,6 +1091,26 @@ +@@ -1400,6 +1434,28 @@ * in this order). */ if (!options.use_login) { +#ifdef __FreeBSD__ + /* + * If the password change time is set and has passed, give the + * user a password expiry notice and chance to change it. + */ + if (pw->pw_change != 0) { + struct timeval tv; + + (void)gettimeofday(&tv, NULL); + if (tv.tv_sec >= pw->pw_change) { + (void)printf( + "Sorry -- your password has expired.\n"); + syslog(LOG_INFO, + "%s Password expired - forcing change", + pw->pw_name); -+ if (system("/usr/bin/passwd") != 0) ++ if (system("/usr/bin/passwd") != 0) { + perror("/usr/bin/passwd"); ++ exit(1); ++ } + } + } +#endif /* __FreeBSD__ */ /* ignore _PATH_SSH_USER_RC for subsystems */ if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { - if (debug_flag) + snprintf(cmd, sizeof cmd, "%s -c '%s %s'", Property changes on: head/security/hpn-ssh/files/patch-session.c ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.1 \ No newline at end of property +1.2 \ No newline at end of property Index: head/security/openssh-portable/Makefile =================================================================== --- head/security/openssh-portable/Makefile (revision 43776) +++ head/security/openssh-portable/Makefile (revision 43777) @@ -1,38 +1,38 @@ # New ports collection makefile for: openssh # Date created: 18 Mar 1999 # Whom: dwcjr@inethouston.net # # $FreeBSD$ # PORTNAME= openssh PORTVERSION= 2.9p1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \ ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/ PKGNAMESUFFIX= -portable MAINTAINER= dwcjr@FreeBSD.org MAN1= sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1 MAN8= sftp-server.8 sshd.8 CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto USE_OPENSSL= YES GNU_CONFIGURE= yes CONFIGURE_ARGS?= --prefix=${PREFIX} .if exists(/usr/include/security/pam_modules.h) CONFIGURE_ARGS+= --with-pam .endif .if exists(/usr/include/tcpd.h) CONFIGURE_ARGS+= --with-tcp-wrappers .endif post-install: @${CAT} ${PKGMESSAGE} .include Property changes on: head/security/openssh-portable/Makefile ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.3 \ No newline at end of property +1.4 \ No newline at end of property Index: head/security/openssh-portable/files/patch-session.c =================================================================== --- head/security/openssh-portable/files/patch-session.c (revision 43776) +++ head/security/openssh-portable/files/patch-session.c (revision 43777) @@ -1,100 +1,102 @@ ---- session.c.orig Tue Apr 17 21:34:25 2001 -+++ session.c Sat May 26 15:45:15 2001 -@@ -461,6 +467,13 @@ +--- session.c.orig Sun Jun 10 17:22:44 2001 ++++ session.c Sun Jun 10 17:23:22 2001 +@@ -514,6 +514,13 @@ log_init(__progname, options.log_level, options.log_facility, log_stderr); /* + * Using login and executing a specific "command" are mutually + * exclusive, so turn off use_login if there's a command. + */ + if (command != NULL) + options.use_login = 0; + + /* * Create a new session and process group since the 4.4BSD * setlogin() affects the entire process group. */ -@@ -566,6 +579,13 @@ +@@ -628,6 +635,13 @@ /* Child. Reinitialize the log because the pid has changed. */ log_init(__progname, options.log_level, options.log_facility, log_stderr); + /* + * Using login and executing a specific "command" are mutually + * exclusive, so turn off use_login if there's a command. + */ + if (command != NULL) + options.use_login = 0; + /* Close the master side of the pseudo tty. */ close(ptyfd); -@@ -639,6 +659,11 @@ +@@ -707,6 +721,11 @@ time_t last_login_time; struct passwd * pw = s->pw; pid_t pid = getpid(); +#ifdef HAVE_LOGIN_CAP + FILE *f; + char buf[256]; + char *fname; +#endif /* HAVE_LOGIN_CAP */ /* * Get IP address of client. If the connection is not a socket, let -@@ -679,6 +704,21 @@ +@@ -767,6 +786,21 @@ printf("Last login: %s from %s\r\n", time_string, hostname); } +#ifdef HAVE_LOGIN_CAP + if (!options.use_login) { + fname = login_getcapstr(lc, "copyright", NULL, NULL); + if (fname != NULL && (f = fopen(fname, "r")) != NULL) { + while (fgets(buf, sizeof(buf), f) != NULL) + fputs(buf, stdout); + fclose(f); + } else + (void)printf("%s\n\t%s %s\n", + "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", + "The Regents of the University of California. ", + "All rights reserved."); + } +#endif /* HAVE_LOGIN_CAP */ + do_motd(); } -@@ -1027,7 +1067,7 @@ +@@ -1376,7 +1410,7 @@ * initgroups, because at least on Solaris 2.3 it leaves file * descriptors open. */ - for (i = 3; i < 64; i++) + for (i = 3; i < getdtablesize(); i++) close(i); /* Change current directory to the user\'s home directory. */ -@@ -1051,6 +1091,26 @@ +@@ -1400,6 +1434,28 @@ * in this order). */ if (!options.use_login) { +#ifdef __FreeBSD__ + /* + * If the password change time is set and has passed, give the + * user a password expiry notice and chance to change it. + */ + if (pw->pw_change != 0) { + struct timeval tv; + + (void)gettimeofday(&tv, NULL); + if (tv.tv_sec >= pw->pw_change) { + (void)printf( + "Sorry -- your password has expired.\n"); + syslog(LOG_INFO, + "%s Password expired - forcing change", + pw->pw_name); -+ if (system("/usr/bin/passwd") != 0) ++ if (system("/usr/bin/passwd") != 0) { + perror("/usr/bin/passwd"); ++ exit(1); ++ } + } + } +#endif /* __FreeBSD__ */ /* ignore _PATH_SSH_USER_RC for subsystems */ if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { - if (debug_flag) + snprintf(cmd, sizeof cmd, "%s -c '%s %s'", Property changes on: head/security/openssh-portable/files/patch-session.c ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.1 \ No newline at end of property +1.2 \ No newline at end of property