non port: security/ssh2/pkg-plist |
Number of commits found: 12 |
Friday, 15 Oct 2010
|
17:40 garga
Remove expired ports
2010-10-15 security/ssh2: abandoned upstream
2010-10-15 security/ssh2-nox11: abandoned upstream
|
Sunday, 19 Feb 2006
|
22:56 marius
- Switch to a rc.d startup script.
- Move the generation of the host key (if not present) from the package/
port installation to the startup script in order to be in line with
what the base OpenSSH and the OpenSSH-portable port do.
- Flush stdout when updating the transfer progress bar of sftp2 and scp2
so the info displayed is up to date. [1]
- Remove obsolete USE_REINPLACE, remove trailing white space in Makefile.
PR: 91262 [1]
Approved by: netchild
|
Sunday, 22 Jan 2006
|
02:50 edwin
Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry
Approved by: krion@
PR: ports/88711 (related)
|
Sunday, 4 Jan 2004
|
14:03 netchild
HEADS-UP: Traditionally this port automatically installs a start-up script for
sshd2 unless it detects an entry for ssh in /etc/inetd.conf. As there
are three ways to automatically start sshd2 and /etc/rc.conf is the
simplest one (at least on FreeBSD 4, with rcNG once /etc/rc.d/sshd is
fixed to not be tailored to the base sshd) this version of the port
is the last one to do so. Beginning with next version it will only
install a sample start-up script. To prevent foot shooting when
updating to the next version this port won't remove an existing
start-up scripting on deinstall. Please see also the pkg-message that
gets displayed on installation.
- Update to 3.2.9.1. This is _not_ a security update. For the non-commercial
version the only change worth mentioning since 3.2.5 is the addition of the
config option "DisableVersionFallback", see sshd2_config(5) for further
details.
- Use sites from the official list of mirrors for MASTER_SITES.
- Adjust COMMENT to justify why this port is security/ssh2, not security/ssh3.
- Revise list of installed documentation. No longer install MANIFEST (list of
source files) and INSTALL, install RFCs referenced in sshd2_config(5) and
HOWTO.anonymous.sftp (patched to better fit FreeBSD).
- Remove WITH_STATIC_SFTP knob. Using the internal sftp-server instead of the
external (static) one is much simpler to set up and maintain (using the
external one requires to install a copy of it in the home directory of the
anonymous sftp user which has to be manually updated when installing a newer
version of the port).
- Remove WITHOUT_TCPWRAP knob, libwarp is part of FreeBSD since 3.2.
- Install examples scripts for the ExternalAuthorizationProgram and
AuthKbdInt.Plugin config options in EXAMPLESDIR. See sshd2_config(5) for
further information.
- Replace references to /etc/ssh2/* in config files with PREFIX/etc/ssh2/*.
- Add a pkg-message displaying the different methods to automatically start
sshd2.
- Switch to the start-up script for Solaris which is part of the tarball, it
handles the name of the pidfile better.
- Fix detection of X11 headers, this enables compilation with support for X11
SECURITY extension. See TrustX11Applications in ssh2_config(5) for further
information.
- Add a test target to the Makefile of the port, the tests seem a bit outdated
and buggy but it's enough to e.g. do a bit of speed comparison when building
with different compilers.
- Minor changes and clean-up (sort pkg-plist, don't add /usr/local/lib to
the library search path when compiling, etc.).
Revive some local modifications lost with the update to 3.1.0:
- Use login_cap(3)/login_class(3) facilities to set environment variables,
prority and shell, get motd, copyright, hushlogin and nologin, respect
ignorenologin and requirehome. This changes are roughly based on former
patch-ah and patch-ai and patches of security/openssh.
- Don't print "No mail.", it's not FreeBSD login style.
Submitted by: maintainer
|
Monday, 7 Jul 2003
|
15:24 netchild
Fix plist.
No PORTREVISION update because of the short timeframe between the commits.
Submitted by: maintainer
|
14:19 netchild
Update to 3.2.5:
* Fixed a critical security bug with RSA signature
verification. Mitigating factors: DSA is used by default (not
vulnerable). Also, the attack requires that attacker has the
public key and the attacker needs to precompute the signature
data so, that it looks like a valid PKCS#1 signature. This is a
non-trivial task to perform without the private
key. Nonetheless, all users should update their servers and
clients as soon as convenient. Workarounds are to not use RSA
keys as host keys (though connecting to existing hosts with RSA
hostkeys poses a serious risk with a vulnerable client), and
disabling publickey authentication. Update your clients and
servers.
Update MASTER_SITES, remove sites that are down or no langer carry ssh2
and add some new.
- Turn Kerberos and group writeability support into knobs so one hasn't to
edit the Makefile.
- Remove dependency on security/tcp_wrapper for tcp-wrapper support on
systems < FreeBSD 4.0, that port is no longer persistent.
- Fix pkg-plist for WITH_STATIC_SFTP case.
- Replace referneces to /etc/ssh2/* in man pages with references to
PREFIX/etc/ssh2/* in order to better fit for FreeBSD.
- Replace "$(ETCDIR)" in ssh_dummy_shell.out with PREFIX/etc.
- Remove duplicated mechanism for generating the host key if an old one isn't
found in the post-install target in the Makefile of the port, this is
already done by the generate-host-key target in WRKSRC/apps/ssh/Makefile.
- Fix differences between the install action done when installing the
package versus installing the port. I.e. make the package create the host
key with what ever bits ssh-keygen2 defaults to (currently 2048) instead
of 1024 bits, copy over the configuration files for ssh2 and sshd2 from
the examples if not already existent and create the directories for the
global host keys and known hosts files.
- Add some foo to pkg-plist to remove as much as possible from PREFIX/etc/ssh2,
i.e. configuration files that don't differ from the corresponding examples
and empty directories. Inform the user to remove what's left over if any.
- Use _PATH_STDPATH instead of _PATH_DEFPATH so that the default PATH gets
set to "/usr/bin:/bin:/usr/sbin:/sbin:PREFIX/bin" instead of
"/usr/bin:/bin:PREFIX/bin". Using _PATH_STDPATH is consistent with OpenSSH
and seems more usefull. One might want to patch ssh2 to also use login_cap(3)
so that e.g. PATH gets picked up from whatever is defined in /etc/login.conf.
- Change MAINTAINER.
- Replace "share/doc/ssh2" with %%DATADIR%% in pkg-plist.
Submitted by: Marius Strobl <marius@alchemy.franken.de>
Approved by: maintainer
|
Sunday, 23 Feb 2003
|
22:39 edwin
Update port: security/ssh2 3.2.2 -> 3.2.3
PR: ports/48542
Submitted by: Lars Eggert <larse@isi.edu>
|
Tuesday, 18 Jun 2002
|
23:45 pat
Update to 3.2.0
PR: 39491
Submitted by: maintainer
|
Friday, 17 May 2002
|
09:20 sada
Install default config files as *.sample instead of overwriting existing ones.
Note: The PR includes diffs to cope with WITHOUT_X11 env,
but this was already committed by knu-san.
So I just added CONFIGURE_ARGS line, please verify it.
PR: ports/35385
Submitted by: maintainer
|
Tuesday, 2 Apr 2002
|
04:49 knu
ssh_askpass2 is built only when X11 is installed. Support
{WITH,WITHOUT}_X11 and detect ${X11BASE}/lib/libX11.a.
Reported by: bento
Obtained from: security/ssh (partly)
|
Friday, 22 Feb 2002
|
02:52 knu
- Update to 3.1.0.
|
Friday, 14 Sep 2001
|
14:51 dwcjr
Remove extra file from pkg-plist to fix package building
|
Number of commits found: 12 |