head	1.12;
access;
symbols
	RELEASE_7_4_0:1.11
	RELEASE_8_2_0:1.11
	RELEASE_6_EOL:1.11
	RELEASE_8_1_0:1.11
	RELEASE_7_3_0:1.11
	RELEASE_8_0_0:1.11
	RELEASE_7_2_0:1.11
	RELEASE_7_1_0:1.11
	RELEASE_6_4_0:1.11
	RELEASE_5_EOL:1.11
	RELEASE_7_0_0:1.11
	RELEASE_6_3_0:1.11
	PRE_XORG_7:1.11
	RELEASE_4_EOL:1.11
	RELEASE_6_2_0:1.11
	RELEASE_6_1_0:1.11
	RELEASE_5_5_0:1.11
	RELEASE_6_0_0:1.11
	RELEASE_5_4_0:1.11
	RELEASE_4_11_0:1.11
	RELEASE_5_3_0:1.11
	RELEASE_4_10_0:1.11
	RELEASE_5_2_1:1.11
	RELEASE_5_2_0:1.11
	RELEASE_4_9_0:1.11
	RELEASE_5_1_0:1.11
	RELEASE_4_8_0:1.11
	RELEASE_5_0_0:1.11
	RELEASE_4_7_0:1.11
	RELEASE_4_6_2:1.11
	RELEASE_4_6_1:1.11
	ssh_1_2_33:1.11
	ssh_1_2_32:1.11
	ssh_1_2_31:1.11
	ssh_1_2_30:1.11
	ssh_1_2_29:1.11
	ssh_1_2_28:1.11
	ssh_1_2_27:1.11
	RELEASE_4_6_0:1.11
	RELEASE_5_0_DP1:1.11
	RELEASE_4_5_0:1.11
	RELEASE_4_4_0:1.11
	RELEASE_4_3_0:1.11
	RELEASE_4_2_0:1.11
	RELEASE_4_1_1:1.11
	RELEASE_4_1_0:1.11
	RELEASE_3_5_0:1.11
	RELEASE_4_0_0:1.11
	RELEASE_3_4_0:1.8
	RELEASE_3_3_0:1.8
	RELEASE_3_2_0:1.7
	RELEASE_3_1_0:1.7
	RELEASE_2_2_8:1.7
	RELEASE_3_0_0:1.7
	RELEASE_2_2_7:1.7
	RELEASE_2_2_6:1.7
	RELEASE_2_2_5:1.6
	RELEASE_2_2_1:1.3
	RELEASE_2_2_2:1.6;
locks; strict;
comment	@# @;


1.12
date	2011.05.01.20.14.19;	author bapt;	state dead;
branches;
next	1.11;

1.11
date	2000.02.24.14.11.58;	author sumikawa;	state Exp;
branches;
next	1.10;

1.10
date	2000.02.24.08.27.36;	author sumikawa;	state Exp;
branches;
next	1.9;

1.9
date	2000.01.14.19.37.34;	author torstenb;	state Exp;
branches;
next	1.8;

1.8
date	99.06.15.20.13.59;	author sada;	state Exp;
branches;
next	1.7;

1.7
date	97.12.24.18.48.46;	author imp;	state Exp;
branches;
next	1.6;

1.6
date	97.04.25.05.01.06;	author peter;	state Exp;
branches;
next	1.5;

1.5
date	97.04.16.19.48.30;	author ache;	state Exp;
branches;
next	1.4;

1.4
date	97.03.28.23.30.39;	author ache;	state Exp;
branches;
next	1.3;

1.3
date	97.02.27.00.44.35;	author ache;	state Exp;
branches;
next	1.2;

1.2
date	96.12.27.08.42.41;	author peter;	state Exp;
branches;
next	1.1;

1.1
date	96.08.12.14.17.53;	author peter;	state Exp;
branches;
next	;


desc
@@


1.12
log
@Remove unmaintained expired ports from security

2011-05-01 security/aafid2: Upstream disapear and distfile is no more available
2011-05-01 security/bjorb: Upstream disapear and distfile is no more available
2011-05-01 security/borzoi: Upstream disapear and distfile is no more available
2011-05-01 security/cmd5checkpw: Upstream disapear and distfile is no more available
2011-05-01 security/cops: Upstream disapear and distfile is no more available
2011-05-01 security/find_ddos: Upstream disapear and distfile is no more available
2011-05-01 security/ftpmap: Upstream disapear and distfile is no more available
2011-05-01 security/hafiye: Upstream disapear and distfile is no more available
2011-05-01 security/ident2: Upstream disapear and distfile is no more available
2011-05-01 security/liedentd: Upstream disapear and distfile is no more available
2011-05-01 security/pam_pop3: Upstream disapear and distfile is no more available
2011-05-01 security/poc: Upstream disapear and distfile is no more available
2011-05-01 security/portscanner: Upstream disapear and distfile is no more available
2011-05-01 security/ppgen: Upstream disapear and distfile is no more available
2011-05-01 security/qident: Upstream disapear and distfile is no more available
2011-05-01 security/quintuple-agent: Upstream disapear and distfile is no more available
2011-05-01 security/rc5pipe: Upstream disapear and distfile is no more available
2011-05-01 security/rid: Upstream disapear and distfile is no more available
2011-05-01 security/ssh: Upstream disapear and distfile is no more available
2011-05-01 security/tea-total: Upstream disapear and distfile is no more available
2011-05-01 security/uberkey: Upstream disapear and distfile is no more available
@
text
@*** sshconnect.c.orig	Wed May 12 20:19:29 1999
--- sshconnect.c	Thu Feb 24 22:34:47 2000
***************
*** 337,343 ****
  
  /* Creates a (possibly privileged) socket for use as the ssh connection. */
  
! int ssh_create_socket(uid_t original_real_uid, int privileged)
  {
    int sock;
  
--- 337,343 ----
  
  /* Creates a (possibly privileged) socket for use as the ssh connection. */
  
! int ssh_create_socket(uid_t original_real_uid, int privileged, int family)
  {
    int sock;
  
***************
*** 345,379 ****
       bind our own socket to a privileged port. */
    if (privileged)
      {
!       struct sockaddr_in sin;
        int p;
        for (p = 1023; p > 512; p--)
          {
!           sock = socket(AF_INET, SOCK_STREAM, 0);
            if (sock < 0)
!             fatal("socket: %.100s", strerror(errno));
            
!           /* Initialize the desired sockaddr_in structure. */
!           memset(&sin, 0, sizeof(sin));
!           sin.sin_family = AF_INET;
!           sin.sin_addr.s_addr = INADDR_ANY;
!           sin.sin_port = htons(p);
  
            /* Try to bind the socket to the privileged port. */
  #if defined(SOCKS)
!           if (Rbind(sock, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
              break; /* Success. */
  #else /* SOCKS */
!           if (bind(sock, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
              break; /* Success. */
  #endif /* SOCKS */
            if (errno == EADDRINUSE)
              {
                close(sock);
                continue;
              }
!           fatal("bind: %.100s", strerror(errno));
          }
        debug("Allocated local port %d.", p);
      }
    else
--- 345,404 ----
       bind our own socket to a privileged port. */
    if (privileged)
      {
!       struct addrinfo hints, *ai = NULL;
!       int errgai;
!       char strport[PORTSTRLEN];
        int p;
+ #if (defined(__OpenBSD__) || defined(__FreeBSD__))  && !defined(SOCKS)
+       p = 1023;	/* Compat with old FreeBSD */
+ #if __FreeBSD__ >= 400014
+       sock = rresvport_af(&p, family);
+         if (sock < 0)
+           error("rresvport_af: %.100s", strerror(errno));
+ #else
+       sock = rresvport(&p);
+         if (sock < 0)
+           error("rresvport: %.100s", strerror(errno));
+ #endif
+ #else
        for (p = 1023; p > 512; p--)
          {
! 	  sock = socket(family, SOCK_STREAM, 0);
            if (sock < 0)
!             error("socket: %.100s", strerror(errno));
            
! 	  /* Initialize the desired addrinfo structure. */
! 	  memset(&hints, 0, sizeof(hints));
! 	  hints.ai_family = family;
! 	  hints.ai_flags = AI_PASSIVE;
! 	  hints.ai_socktype = SOCK_STREAM;
! 	  sprintf(strport, "%d", p);
! #if defined(SOCKS)
! 	  if ((errgai = Rgetaddrinfo(NULL, strport, &hints, &ai)) != 0)
! 	    fatal("getaddrinfo: %.100s", gai_strerror(errgai));
! #else /* SOCKS */
! 	  if ((errgai = getaddrinfo(NULL, strport, &hints, &ai)) != 0)
! 	    fatal("getaddrinfo: %.100s", gai_strerror(errgai));
! #endif /* SOCKS */
  
            /* Try to bind the socket to the privileged port. */
  #if defined(SOCKS)
! 	  if (Rbind(sock, ai->ai_addr, ai->ai_addrlen) >= 0)
              break; /* Success. */
  #else /* SOCKS */
! 	  if (bind(sock, ai->ai_addr, ai->ai_addrlen) >= 0)
              break; /* Success. */
  #endif /* SOCKS */
            if (errno == EADDRINUSE)
              {
                close(sock);
+ 	      freeaddrinfo(ai);
                continue;
              }
!           error("bind: %.100s", strerror(errno));
          }
+       freeaddrinfo(ai);
+ #endif
        debug("Allocated local port %d.", p);
      }
    else
***************
*** 396,409 ****
     the daemon. */
  
  int ssh_connect(const char *host, int port, int connection_attempts,
                  int anonymous, uid_t original_real_uid, 
                  const char *proxy_command, RandomState *random_state)
  {
    int sock = -1, attempt, i;
    int on = 1;
    struct servent *sp;
!   struct hostent *hp;
!   struct sockaddr_in hostaddr;
  #if defined(SO_LINGER) && defined(ENABLE_SO_LINGER)
    struct linger linger;
  #endif /* SO_LINGER */
--- 421,439 ----
     the daemon. */
  
  int ssh_connect(const char *host, int port, int connection_attempts,
+ #ifdef ENABLE_ANOTHER_PORT_TRY
+ 		int another_port,
+ #endif /* ENABLE_ANOTHER_PORT_TRY */
                  int anonymous, uid_t original_real_uid, 
                  const char *proxy_command, RandomState *random_state)
  {
    int sock = -1, attempt, i;
    int on = 1;
    struct servent *sp;
!   struct addrinfo hints, *ai, *aitop, *aitmp;
!   struct sockaddr_storage hostaddr;
!   char ntop[ADDRSTRLEN], strport[PORTSTRLEN];
!   int gaierr;
  #if defined(SO_LINGER) && defined(ENABLE_SO_LINGER)
    struct linger linger;
  #endif /* SO_LINGER */
***************
*** 421,430 ****
          port = SSH_DEFAULT_PORT;
      }
  
-   /* Map localhost to ip-address locally */
-   if (strcmp(host, "localhost") == 0)
-     host = "127.0.0.1";
-   
    /* If a proxy command is given, connect using it. */
    if (proxy_command != NULL && *proxy_command)
      return ssh_proxy_connect(host, port, original_real_uid, proxy_command,
--- 451,456 ----
***************
*** 432,440 ****
  
    /* No proxy command. */
  
!   /* No host lookup made yet. */
!   hp = NULL;
!   
    /* Try to connect several times.  On some machines, the first time will
       sometimes fail.  In general socket code appears to behave quite
       magically on many machines. */
--- 458,495 ----
  
    /* No proxy command. */
  
!   memset(&hints, 0, sizeof(hints));
!   hints.ai_family = IPv4or6;
!   hints.ai_socktype = SOCK_STREAM;
!   sprintf(strport, "%d", port);
! #if defined(SOCKS)
!   if ((gaierr = Rgetaddrinfo(host, strport, &hints, &aitop)) != 0)
!     fatal("Bad host name: %.100s (%s)", host, gai_strerror(gaierr));
! #else /* SOCKS */
!   if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
!     fatal("Bad host name: %.100s (%s)", host, gai_strerror(gaierr));
! #endif /* SOCKS */
! 
! #ifdef ENABLE_ANOTHER_PORT_TRY
!   if (another_port)
!     {
!       aitmp = aitop;
!       memset(&hints, 0, sizeof(hints));
!       hints.ai_family = IPv4or6;
!       hints.ai_socktype = SOCK_STREAM;
!       sprintf(strport, "%d", another_port);
! #if defined(SOCKS)
!       if ((gaierr = Rgetaddrinfo(host, strport, &hints, &aitop)) != 0)
! 	fatal("Bad host name: %.100s (%s)", host, gai_strerror(gaierr));
! #else /* SOCKS */
!       if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
! 	fatal("Bad host name: %.100s (%s)", host, gai_strerror(gaierr));
! #endif /* SOCKS */
!       for (ai = aitop; ai->ai_next; ai = ai->ai_next);
!       ai->ai_next = aitmp;
!     }
! #endif /* ENABLE_ANOTHER_PORT_TRY */
! 
    /* Try to connect several times.  On some machines, the first time will
       sometimes fail.  In general socket code appears to behave quite
       magically on many machines. */
***************
*** 443,545 ****
        if (attempt > 0)
          debug("Trying again...");
  
-       /* Try to parse the host name as a numeric inet address. */
-       memset(&hostaddr, 0, sizeof(hostaddr));
-       hostaddr.sin_family = AF_INET;
-       hostaddr.sin_port = htons(port);
- #ifdef BROKEN_INET_ADDR
-       hostaddr.sin_addr.s_addr = inet_network(host);
- #else /* BROKEN_INET_ADDR */
-       hostaddr.sin_addr.s_addr = inet_addr(host);
- #endif /* BROKEN_INET_ADDR */
-       if ((hostaddr.sin_addr.s_addr & 0xffffffff) != 0xffffffff)
-         { 
-           /* Create a socket. */
-           sock = ssh_create_socket(original_real_uid, 
-                                    !anonymous && geteuid() == UID_ROOT);
-       
-           /* Valid numeric IP address */
-           debug("Connecting to %.100s port %d.", 
-                 inet_ntoa(hostaddr.sin_addr), port);
- 
-           /* Connect to the host. */
- #if defined(SOCKS)
-           if (Rconnect(sock, (struct sockaddr *)&hostaddr, sizeof(hostaddr))
- #else /* SOCKS */
-           if (connect(sock, (struct sockaddr *)&hostaddr, sizeof(hostaddr))
- #endif /* SOCKS */
-               >= 0)
-             {
-               /* Successful connect. */
-               break;
-             }
-           debug("connect: %.100s", strerror(errno));
- 
-           /* Destroy the failed socket. */
-           shutdown(sock, 2);
-           close(sock);
-         }
-       else
-         { 
-           /* Not a valid numeric inet address. */
-           /* Map host name to an address. */
-           if (!hp)
-             {
-               struct hostent *hp_static;
- 
- #if defined(SOCKS5)
-               hp_static = Rgethostbyname(host);
- #else
-               hp_static = gethostbyname(host);
- #endif
-               if (hp_static)
-                 {
-                   hp = xmalloc(sizeof(struct hostent));
-                   memcpy(hp, hp_static, sizeof(struct hostent));
- 
-                   /* Copy list of addresses, not just pointers.
-                      We don't use h_name & h_aliases so leave them as is */
-                   for (i = 0; hp_static->h_addr_list[i]; i++)
-                     ; /* count them */
-                   hp->h_addr_list = xmalloc((i + 1) *
-                                             sizeof(hp_static->h_addr_list[0]));
-                   for (i = 0; hp_static->h_addr_list[i]; i++)
-                     {
-                       hp->h_addr_list[i] = xmalloc(hp->h_length);
-                       memcpy(hp->h_addr_list[i], hp_static->h_addr_list[i],
-                              hp->h_length);
-                     }
-                   hp->h_addr_list[i] = NULL; /* last one */
-                 }
-             }
-           if (!hp)
-             fatal("Bad host name: %.100s", host);
-           if (!hp->h_addr_list[0])
-             fatal("Host does not have an IP address: %.100s", host);
- 
            /* Loop through addresses for this host, and try each one in
               sequence until the connection succeeds. */
!           for (i = 0; hp->h_addr_list[i]; i++)
              {
!               /* Set the address to connect to. */
!               hostaddr.sin_family = hp->h_addrtype;
!               memcpy(&hostaddr.sin_addr, hp->h_addr_list[i],
!                      sizeof(hostaddr.sin_addr));
  
!               debug("Connecting to %.200s [%.100s] port %d.",
!                     host, inet_ntoa(hostaddr.sin_addr), port);
  
                /* Create a socket for connecting. */
                sock = ssh_create_socket(original_real_uid, 
!                                        !anonymous && geteuid() == UID_ROOT);
  
                /* Connect to the host. */
  #if defined(SOCKS)
!               if (Rconnect(sock, (struct sockaddr *)&hostaddr, 
!                            sizeof(hostaddr)) >= 0)
  #else /* SOCKS */
!               if (connect(sock, (struct sockaddr *)&hostaddr, 
!                           sizeof(hostaddr)) >= 0)
  #endif /* SOCKS */
                  {
                    /* Successful connection. */
--- 498,526 ----
        if (attempt > 0)
          debug("Trying again...");
  
            /* Loop through addresses for this host, and try each one in
               sequence until the connection succeeds. */
!           for (ai = aitop; ai; ai = ai->ai_next)
              {
! 	      getnameinfo(ai->ai_addr, ai->ai_addrlen,
! 			  ntop, sizeof(ntop), strport, sizeof(strport),
! 			  NI_NUMERICHOST|NI_NUMERICSERV);
  
! 	      debug("Connecting to %.200s [%.100s] port %s.",
! 		    host, ntop, strport);
  
                /* Create a socket for connecting. */
                sock = ssh_create_socket(original_real_uid, 
! 				       !anonymous && geteuid() == UID_ROOT,
! 				       ai->ai_family);
! 	      if (sock < 0)
! 		      continue;
  
                /* Connect to the host. */
  #if defined(SOCKS)
! 	      if (Rconnect(sock, ai->ai_addr, ai->ai_addrlen) >= 0)
  #else /* SOCKS */
! 	      if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0)
  #endif /* SOCKS */
                  {
                    /* Successful connection. */
***************
*** 552,573 ****
                   returned an error. */
                shutdown(sock, 2);
                close(sock);
!             }
!           if (hp->h_addr_list[i])
              break; /* Successful connection. */
-         }
  
        /* Sleep a moment before retrying. */
        sleep(1);
      }
  
!   if (hp)
!     {
!       for (i = 0; hp->h_addr_list[i]; i++)
!         xfree(hp->h_addr_list[i]);
!       xfree(hp->h_addr_list);
!       xfree(hp);
!     }
  
    /* Return failure if we didn't get a successful connection. */
    if (attempt >= connection_attempts)
--- 533,547 ----
                   returned an error. */
                shutdown(sock, 2);
                close(sock);
! 	    } /* for (ai = aitop; ai; ai = ai->ai_next) */
!           if (ai)
              break; /* Successful connection. */
  
        /* Sleep a moment before retrying. */
        sleep(1);
      }
  
!   freeaddrinfo(aitop);
  
    /* Return failure if we didn't get a successful connection. */
    if (attempt >= connection_attempts)
***************
*** 946,952 ****
    int ap_opts, ret_stat = 0;
    krb5_keyblock   *session_key = 0;
    krb5_ap_rep_enc_part *repl = 0;
!   struct sockaddr_in local, foreign;
    
    memset(&auth, 0 , sizeof(auth));
    remotehost = (char *) get_canonical_hostname();
--- 920,926 ----
    int ap_opts, ret_stat = 0;
    krb5_keyblock   *session_key = 0;
    krb5_ap_rep_enc_part *repl = 0;
!   struct sockaddr_storage local, foreign;
    
    memset(&auth, 0 , sizeof(auth));
    remotehost = (char *) get_canonical_hostname();
@


1.11
log
@- re-enable TCP_NODELAY
  Submitted by:	Arjan.deVet@@adv.iae.nl (Arjan de Vet)

- do not exit in failure to connect using IPv6 and try to IPv4
  when connecting to dualstack hosts.

Approved by:	torstenb
@
text
@@


1.10
log
@Make IPv6-enable ssh works on socks environment.

Submitted by:	Masahide -mac- NODA <mac@@clave.gr.jp>
Reviewed by:	shin, Robert Muir <rmuir@@looksharp.net>
		Toshihiko Kodama <kodama@@ayame.mfd.cs.fujitsu.co.jp>
Approved by:	torstenb
@
text
@d1 2
a2 2
*** sshconnect.c.orig	Wed May 12 13:19:29 1999
--- sshconnect.c	Thu Feb 24 17:12:10 2000
d21 1
a21 1
*** 345,385 ****
d31 1
a31 1
              fatal("socket: %.100s", strerror(errno));
d52 1
a52 1
            fatal("bind: %.100s", strerror(errno));
d57 1
a57 7
      { 
        /* Just create an ordinary socket on arbitrary port.  */
!       sock = socket(AF_INET, SOCK_STREAM, 0);
        if (sock < 0)
          fatal("socket: %.100s", strerror(errno));
      }
--- 345,397 ----
d65 12
d81 1
a81 1
              fatal("socket: %.100s", strerror(errno));
d111 1
a111 1
            fatal("bind: %.100s", strerror(errno));
d113 2
a115 1
+       freeaddrinfo(ai);
a117 6
      { 
        /* Just create an ordinary socket on arbitrary port.  */
!       sock = socket(family, SOCK_STREAM, 0);
        if (sock < 0)
          fatal("socket: %.100s", strerror(errno));
      }
d134 1
a134 1
--- 408,426 ----
d166 1
a166 1
--- 438,443 ----
d178 1
a178 1
--- 445,482 ----
d322 1
a322 1
--- 485,511 ----
d341 2
d376 1
a376 1
--- 518,532 ----
a392 14
*** 578,586 ****
--- 537,547 ----
    /* Set socket options.  We would like the socket to disappear as soon as
       it has been closed for whatever reason. */
    /* setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */
+ #if 0 /* XXX */
  #if defined(TCP_NODELAY) && defined(ENABLE_TCP_NODELAY)
    setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void *)&on, sizeof(on));
  #endif /* TCP_NODELAY */
+ #endif /* 0 */
  #if defined(SO_LINGER) && defined(ENABLE_SO_LINGER)
    linger.l_onoff = 1;
    linger.l_linger = 15;
***************
d401 1
a401 1
--- 907,913 ----
@


1.9
log
@Add IPv6 support to ssh.
The IPv6 patch was obtained from the kame repository and has been
been writen by KIKUCHI Takahiro <kick@@kyoto.wide.ad.jp>

Due to the whole mess with different patches it was necessary to include
both the IPv6 patch and patch-ssh-1.2.27-bsd.tty.chown in ${PATCHDIR}.
Since both patches modify the configure script it was also necessary
to rebuild it via autoconf from configure.in. I've decided to use
USE_AUTOCONF instead of including the re-build configure script in
${FILESDIR}

Obtained from:	KAME/WIDE
@
text
@d2 1
a2 1
--- sshconnect.c	Wed Jan 12 00:34:55 2000
d63 1
a63 1
--- 345,392 ----
d83 4
d89 1
d133 1
a133 1
--- 403,421 ----
d165 1
a165 1
--- 433,438 ----
d177 1
a177 1
--- 440,467 ----
d185 4
d191 1
d201 4
d207 1
d321 1
a321 1
--- 470,496 ----
d373 1
a373 1
--- 503,517 ----
d391 1
a391 1
--- 522,532 ----
d412 1
a412 1
--- 892,898 ----
@


1.8
log
@PR:	ports/12037
Submitted by:	Issei Suzuki <issei@@jp.FreeBSD.ORG>
Upgrade to 1.2.27.
# I'm not maintainer but it seems that torstenb is too busy to
# look the PR and many people want new version ssh port.
@
text
@d1 2
a2 2
*** sshconnect.c.orig	Wed May 12 20:19:29 1999
--- sshconnect.c	Sun Jun  6 02:39:02 1999
d4 62
a65 2
*** 347,352 ****
--- 347,358 ----
d67 3
a69 1
        struct sockaddr_in sin;
a70 6
+ #if (defined(__OpenBSD__) || defined(__FreeBSD__))  && !defined(SOCKS)
+       p = 1023;	/* Compat with old FreeBSD */
+         sock = rresvport(&p);
+         if (sock < 0)
+           fatal("rresvport: %.100s", strerror(errno));
+ #else
d73 26
a98 4
            sock = socket(AF_INET, SOCK_STREAM, 0);
***************
*** 374,379 ****
--- 380,386 ----
a101 1
+ #endif
d103 1
d106 299
@


1.7
log
@Merge in change requested by theo:
	OpenBSD and FreeBSD now both use rresvport.  This is a nop for
	FreeBSD, but for OpenBSD this picks random port numbers.
Submitted by:	deraadt@@cvs.openbsd.org
@
text
@d1 2
a2 2
*** sshconnect.c.orig	Wed Apr 23 08:40:11 1997
--- sshconnect.c	Fri Apr 25 12:41:59 1997
d4 2
a5 2
*** 311,316 ****
--- 311,322 ----
d10 4
a13 4
+ 	p = 1023;	/* Compat with old FreeBSD */
+       sock = rresvport(&p);
+       if (sock < 0)
+ 	fatal("rresvport: %.100s", strerror(errno));
d16 2
a17 2
  	{
  	  sock = socket(AF_INET, SOCK_STREAM, 0);
d19 5
a23 5
*** 338,343 ****
--- 344,350 ----
  	    }
  	  fatal("bind: %.100s", strerror(errno));
  	}
@


1.6
log
@Update from ssh-1.2.19 to ssh-1.2.20.  All patches applied still, I just
regenerated them to fix the line numbers.  Also, I added two commented out
options in Makefile, one to tell sshd that a group writeable homedir
is OK because all users are in their own group, and the other is to allow
an unencrypted connection (which is dangerous since it can lead to
compromise of keys), but on a secure network it's damn useful for backups
etc.
@
text
@d9 1
a9 1
+ #if defined(__FreeBSD__)  && !defined(SOCKS)
@


1.5
log
@Upgrade to 1.2.19
@
text
@d1 2
a2 2
*** sshconnect.c.orig	Sun Apr  6 03:57:04 1997
--- sshconnect.c	Wed Apr 16 23:04:17 1997
d4 2
a5 2
*** 302,307 ****
--- 302,313 ----
d19 2
a20 2
*** 329,334 ****
--- 335,341 ----
@


1.4
log
@Upgrade to 1.2.18
@
text
@d1 2
a2 2
*** sshconnect.c.orig	Thu Mar 27 09:04:10 1997
--- sshconnect.c	Sat Mar 29 01:16:51 1997
d4 2
a5 2
*** 298,303 ****
--- 298,309 ----
d19 2
a20 2
*** 325,330 ****
--- 331,337 ----
@


1.3
log
@Add LOGIN_CAP abilities
Submitted by: davidn
@
text
@d1 2
a2 2
*** sshconnect.c.orig	Thu Jan 30 23:00:03 1997
--- sshconnect.c	Thu Jan 30 23:00:04 1997
d4 2
a5 2
*** 239,244 ****
--- 239,250 ----
d19 2
a20 2
*** 266,271 ****
--- 272,278 ----
@


1.2
log
@Make one of our changes for -current work on 2.1.  In -current, rresvport()
ignores it's argument (it's meaningless, the kernel keeps the state), but
2.1.x use it.  ssh was effectively giving a random port to 2.1.

Originally noticed by: John Polstra <jdp@@polstra.com>
@
text
@d1 2
a2 2
*** sshconnect.c.dist	Thu Jun  6 21:47:06 1996
--- sshconnect.c	Mon Aug 12 13:26:46 1996
d4 2
a5 2
*** 235,240 ****
--- 235,246 ----
d19 2
a20 2
*** 262,267 ****
--- 267,273 ----
@


1.1
log
@Have ssh use rresvport() to get a privileged socket instead of doing it
itself.  This means it obeys the portrange sysctl's.
@
text
@d5 1
a5 1
--- 235,245 ----
d10 1
@
