CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Wed May 23 16:03:07 UTC 2018 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: refresh the diffs to the latest portable To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/ssh.diff diff -u src/external/bsd/blacklist/diff/ssh.diff:1.9 src/external/bsd/blacklist/diff/ssh.diff:1.10 --- src/external/bsd/blacklist/diff/ssh.diff:1.9 Mon Jun 26 13:12:05 2017 +++ src/external/bsd/blacklist/diff/ssh.diff Wed May 23 12:03:07 2018 @@ -62,174 +62,89 @@ diff -u -u -r1.10 Makefile + +LDADD+= -lblacklist +DPADD+= ${LIBBLACKLIST} -Index: dist/auth.c -=== -RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth.c,v -retrieving revision 1.10 -diff -u -u -r1.10 auth.c dist/auth.c 19 Oct 2014 16:30:58 - 1.10 -+++ dist/auth.c 22 Jan 2015 21:39:22 - -@@ -62,6 +62,7 @@ - #include "monitor_wrap.h" - #include "krl.h" - #include "compat.h" -+#include "pfilter.h" - - #ifdef HAVE_LOGIN_CAP - #include -@@ -362,6 +363,8 @@ - compat20 ? "ssh2" : "ssh1", - authctxt->info != NULL ? ": " : "", - authctxt->info != NULL ? authctxt->info : ""); -+ if (!authctxt->postponed) -+ pfilter_notify(!authenticated); - free(authctxt->info); - authctxt->info = NULL; - } -Index: dist/sshd.c -=== -RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/sshd.c,v -retrieving revision 1.15 -diff -u -u -r1.15 sshd.c dist/sshd.c 28 Oct 2014 21:36:16 - 1.15 -+++ dist/sshd.c 22 Jan 2015 21:39:22 - -@@ -109,6 +109,7 @@ - #include "roaming.h" - #include "ssh-sandbox.h" - #include "version.h" -+#include "pfilter.h" - - #ifdef LIBWRAP - #include -@@ -364,6 +365,7 @@ - killpg(0, SIGTERM); - } - -+ pfilter_notify(1); - /* Log error and exit. */ - sigdie("Timeout before authentication for %s", get_remote_ipaddr()); - } -@@ -1160,6 +1162,7 @@ - for (i = 0; i < options.max_startups; i++) - startup_pipes[i] = -1; - -+ pfilter_init(); - /* - * Stay listening for connections until the system crashes or - * the daemon is killed with a signal. -Index: auth1.c -=== -RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth1.c,v -retrieving revision 1.9 -diff -u -u -r1.9 auth1.c auth1.c 19 Oct 2014 16:30:58 - 1.9 -+++ auth1.c 14 Feb 2015 15:40:51 - -@@ -41,6 +41,7 @@ +diff -ru openssh-7.7p1/auth-pam.c dist/auth-pam.c +--- openssh-7.7p1/auth-pam.c 2018-04-02 01:38:28.0 -0400 dist/auth-pam.c 2018-05-23 11:56:22.206661484 -0400 +@@ -103,6 +103,7 @@ + #include "ssh-gss.h" #endif #include "monitor_wrap.h" - #include "buffer.h" +#include "pfilter.h" - /* import */ extern ServerOptions options; -@@ -445,6 +446,7 @@ - else { - debug("do_authentication: invalid user %s", user); - authctxt->pw = fakepw(); -+ pfilter_notify(1); - } + extern Buffer loginmsg; +@@ -526,6 +527,7 @@ + ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, ); + else + ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, ); ++ pfilter_notify(1); + buffer_free(); + pthread_exit(NULL); - /* Configuration may have changed as a result of Match */ -Index: auth2.c -=== -RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth2.c,v -retrieving revision 1.9 -diff -u -u -r1.9 auth2.c auth2.c 19 Oct 2014 16:30:58 - 1.9 -+++ auth2.c 14 Feb 2015 15:40:51 - -@@ -52,6 +52,7 @@ +@@ -804,6 +806,7 @@ + free(msg); + return (0); + } ++ pfilter_notify(1); + error("PAM: %s for %s%.100s from %.100s", msg, + sshpam_authctxt->valid ? "" : "illegal user ", + sshpam_authctxt->user, +diff -ru openssh-7.7p1/auth2.c dist/auth2.c +--- openssh-7.7p1/auth2.c 2018-04-02 01:38:28.0 -0400 dist/auth2.c 2018-05-23 11:57:31.022197317 -0400 +@@ -51,6 +51,7 @@ + #include "dispatch.h" #include "pathnames.h" #include "buffer.h" - #include "canohost.h" +#include "pfilter.h" #ifdef GSSAPI #include "ssh-gss.h" -@@ -256,6 +257,7 @@ +@@ -242,6 +243,7 @@ } else { - logit("input_userauth_request: invalid user %s", user); + /* Invalid user, fake password information */ authctxt->pw = fakepw(); + pfilter_notify(1); - } - #ifdef USE_PAM - if (options.use_pam) -Index: sshd.c -=== -RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/sshd.c,v -retrieving revision 1.16 -diff -u -r1.16 sshd.c sshd.c 25 Jan 2015 15:52:44 - 1.16 -+++ sshd.c 14 Feb 2015 09:55:06 - -@@ -628,6 +628,8 @@ - explicit_bzero(pw->pw_passwd,
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Wed May 23 16:03:07 UTC 2018 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: refresh the diffs to the latest portable To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Thu Feb 1 03:32:31 UTC 2018 Added Files: src/external/bsd/blacklist/diff: postfix.diff Log Message: add a diff for smtpd To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/external/bsd/blacklist/diff/postfix.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/external/bsd/blacklist/diff/postfix.diff diff -u /dev/null src/external/bsd/blacklist/diff/postfix.diff:1.1 --- /dev/null Wed Jan 31 22:32:31 2018 +++ src/external/bsd/blacklist/diff/postfix.diff Wed Jan 31 22:32:31 2018 @@ -0,0 +1,82 @@ +Index: dist/src/smtpd/pfilter.c +=== +RCS file: dist/src/smtpd/pfilter.c +diff -N dist/src/smtpd/pfilter.c +--- /dev/null 1 Jan 1970 00:00:00 - dist/src/smtpd/pfilter.c 1 Feb 2018 03:29:09 - +@@ -0,0 +1,19 @@ ++#include "pfilter.h" ++#include /* for NULL */ ++#include ++ ++static struct blacklist *blstate; ++ ++void ++pfilter_notify(int a, int fd) ++{ ++ if (blstate == NULL) ++ blstate = blacklist_open(); ++ if (blstate == NULL) ++ return; ++ (void)blacklist_r(blstate, a, fd, "smtpd"); ++ if (a == 0) { ++ blacklist_close(blstate); ++ blstate = NULL; ++ } ++} +Index: dist/src/smtpd/pfilter.h +=== +RCS file: dist/src/smtpd/pfilter.h +diff -N dist/src/smtpd/pfilter.h +--- /dev/null 1 Jan 1970 00:00:00 - dist/src/smtpd/pfilter.h 1 Feb 2018 03:29:09 - +@@ -0,0 +1,2 @@ ++ ++void pfilter_notify(int, int); +Index: dist/src/smtpd/smtpd.c +=== +RCS file: /cvsroot/src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c,v +retrieving revision 1.14 +diff -u -r1.14 smtpd.c +--- dist/src/smtpd/smtpd.c 14 Feb 2017 01:16:48 - 1.14 dist/src/smtpd/smtpd.c 1 Feb 2018 03:29:09 - +@@ -1197,6 +1197,8 @@ + #include + #include + ++#include "pfilter.h" ++ + /* + * Tunable parameters. Make sure that there is some bound on the length of + * an SMTP command, so that the mail system stays in control even when a +@@ -5048,6 +5050,7 @@ + if (state->error_count >= var_smtpd_hard_erlim) { + state->reason = REASON_ERROR_LIMIT; + state->error_mask |= MAIL_ERROR_PROTOCOL; ++ pfilter_notify(1, vstream_fileno(state->client)); + smtpd_chat_reply(state, "421 4.7.0 %s Error: too many errors", + var_myhostname); + break; +Index: libexec/smtpd/Makefile +=== +RCS file: /cvsroot/src/external/ibm-public/postfix/libexec/smtpd/Makefile,v +retrieving revision 1.6 +diff -u -r1.6 Makefile +--- libexec/smtpd/Makefile 21 May 2017 15:28:40 - 1.6 libexec/smtpd/Makefile 1 Feb 2018 03:29:09 - +@@ -13,11 +13,14 @@ + SRCS= smtpd.c smtpd_token.c smtpd_check.c smtpd_chat.c smtpd_state.c \ + smtpd_peer.c smtpd_sasl_proto.c smtpd_sasl_glue.c smtpd_proxy.c \ + smtpd_xforward.c smtpd_dsn_fix.c smtpd_milter.c smtpd_resolve.c \ +- smtpd_expand.c smtpd_haproxy.c ++ smtpd_expand.c smtpd_haproxy.c pfilter.c + + DPADD+= ${LIBPMASTER} ${LIBPMILTER} ${LIBPGLOBAL} ${LIBPDNS} ${LIBPXSASL} + LDADD+= ${LIBPMASTER} ${LIBPMILTER} ${LIBPGLOBAL} ${LIBPDNS} ${LIBPXSASL} + ++DPADD+= ${LIBBLACKLIST} ++LDADD+= -lblacklist ++ + DPADD+= ${LIBPTLS} ${LIBSSL} ${LIBCRYPTO} + LDADD+= ${LIBPTLS} -lssl -lcrypto +
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Thu Feb 1 03:32:31 UTC 2018 Added Files: src/external/bsd/blacklist/diff: postfix.diff Log Message: add a diff for smtpd To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/external/bsd/blacklist/diff/postfix.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Mon Jun 26 17:12:05 UTC 2017 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: amend the patch to close. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/ssh.diff diff -u src/external/bsd/blacklist/diff/ssh.diff:1.8 src/external/bsd/blacklist/diff/ssh.diff:1.9 --- src/external/bsd/blacklist/diff/ssh.diff:1.8 Fri Jan 22 19:05:38 2016 +++ src/external/bsd/blacklist/diff/ssh.diff Mon Jun 26 13:12:05 2017 @@ -1,6 +1,6 @@ --- /dev/null 2015-01-22 23:10:33.0 -0500 +++ dist/pfilter.c 2015-01-22 23:46:03.0 -0500 -@@ -0,0 +1,28 @@ +@@ -0,0 +1,32 @@ +#include "namespace.h" +#include "includes.h" +#include "ssh.h" @@ -28,6 +28,10 @@ + // XXX: 3? + fd = packet_connection_is_on_socket() ? packet_get_connection_in() : 3; + (void)blacklist_r(blstate, a, fd, "ssh"); ++ if (a == 0) { ++ blacklist_close(blstate); ++ blstate = NULL; ++ } +} --- /dev/null 2015-01-20 21:14:44.0 -0500 +++ dist/pfilter.h 2015-01-20 20:16:20.0 -0500
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Mon Jun 26 17:12:05 UTC 2017 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: amend the patch to close. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Tue Jan 26 02:54:25 UTC 2016 Modified Files: src/external/bsd/blacklist/diff: proftpd.diff Log Message: fix fd leak To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/bsd/blacklist/diff/proftpd.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/proftpd.diff diff -u src/external/bsd/blacklist/diff/proftpd.diff:1.2 src/external/bsd/blacklist/diff/proftpd.diff:1.3 --- src/external/bsd/blacklist/diff/proftpd.diff:1.2 Fri Jan 22 22:11:14 2016 +++ src/external/bsd/blacklist/diff/proftpd.diff Mon Jan 25 21:54:25 2016 @@ -1,15 +1,14 @@ Make.rules.in.orig 2016-01-22 17:33:49.0 -0500 -+++ Make.rules.in 2016-01-22 17:33:41.0 -0500 +--- Make.rules.in.orig 2015-05-27 20:25:54.0 -0400 Make.rules.in 2016-01-25 21:48:47.0 -0500 @@ -110,3 +110,8 @@ + FTPWHO_OBJS=ftpwho.o scoreboard.o misc.o BUILD_FTPWHO_OBJS=utils/ftpwho.o utils/scoreboard.o utils/misc.o - ++ +CPPFLAGS+=-DHAVE_BLACKLIST +LIBS+=-lblacklist +OBJS+= pfilter.o +BUILD_OBJS+= src/pfilter.o -+ - --- /dev/null 2016-01-22 17:30:55.0 -0500 +++ include/pfilter.h 2016-01-22 16:18:33.0 -0500 @@ -0,0 +1,3 @@ @@ -81,7 +80,7 @@ /* Child is running here */ --- /dev/null 2016-01-22 17:30:55.0 -0500 +++ src/pfilter.c 2016-01-22 16:37:55.0 -0500 -@@ -0,0 +1,40 @@ +@@ -0,0 +1,41 @@ +#include "pfilter.h" +#include "conf.h" +#include "privs.h" @@ -95,7 +94,8 @@ +pfilter_init(void) +{ +#ifdef HAVE_BLACKLIST -+ blstate = blacklist_open(); ++ if (blstate == NULL) ++ blstate = blacklist_open(); +#endif +} +
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Tue Jan 26 02:54:25 UTC 2016 Modified Files: src/external/bsd/blacklist/diff: proftpd.diff Log Message: fix fd leak To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/bsd/blacklist/diff/proftpd.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Jan 23 00:05:54 UTC 2016 Added Files: src/external/bsd/blacklist/diff: proftpd.diff Log Message: add proftpd diffs. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/external/bsd/blacklist/diff/proftpd.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/external/bsd/blacklist/diff/proftpd.diff diff -u /dev/null src/external/bsd/blacklist/diff/proftpd.diff:1.1 --- /dev/null Fri Jan 22 19:05:54 2016 +++ src/external/bsd/blacklist/diff/proftpd.diff Fri Jan 22 19:05:54 2016 @@ -0,0 +1,130 @@ +--- Make.rules.in.orig 2016-01-22 17:33:49.0 -0500 Make.rules.in 2016-01-22 17:33:41.0 -0500 +@@ -110,3 +110,8 @@ + FTPWHO_OBJS=ftpwho.o scoreboard.o misc.o + BUILD_FTPWHO_OBJS=utils/ftpwho.o utils/scoreboard.o utils/misc.o + ++CPPFLAGS+=-DHAVE_BLACKLIST ++LIBS+=-lblacklist ++OBJS+= pfilter.o ++BUILD_OBJS+= src/pfilter.o ++ +$NetBSD: proftpd.diff,v 1.1 2016/01/23 00:05:54 christos Exp $ + +Make this pkgsrc friendly. + +Linking ftpdctl does not (seem to) require all the libraries needed for +various proftpd modules. It definitely cannot include -lwrap. + +--- /dev/null 2016-01-22 17:30:55.0 -0500 include/pfilter.h 2016-01-22 16:18:33.0 -0500 +@@ -0,0 +1,3 @@ ++ ++void pfilter_notify(int); ++void pfilter_init(void); +--- modules/mod_auth.c.orig 2015-05-27 20:25:54.0 -0400 modules/mod_auth.c 2016-01-22 16:21:06.0 -0500 +@@ -30,6 +30,7 @@ + + #include "conf.h" + #include "privs.h" ++#include "pfilter.h" + + extern pid_t mpid; + +@@ -84,6 +85,8 @@ + _("Login timeout (%d %s): closing control connection"), TimeoutLogin, + TimeoutLogin != 1 ? "seconds" : "second"); + ++ pfilter_notify(1); ++ + /* It's possible that any listeners of this event might terminate the +* session process themselves (e.g. mod_ban). So write out that the +* TimeoutLogin has been exceeded to the log here, in addition to the +@@ -913,6 +916,7 @@ + pr_memscrub(pass, strlen(pass)); + } + ++ pfilter_notify(1); + pr_log_auth(PR_LOG_NOTICE, "SECURITY VIOLATION: Root login attempted"); + return 0; + } +@@ -1726,6 +1730,7 @@ + return 1; + + auth_failure: ++ pfilter_notify(1); + if (pass) + pr_memscrub(pass, strlen(pass)); + session.user = session.group = NULL; +--- src/main.c.orig 2016-01-22 17:36:43.0 -0500 src/main.c 2016-01-22 17:37:58.0 -0500 +@@ -49,6 +49,7 @@ + #endif + + #include "privs.h" ++#include "pfilter.h" + + int (*cmd_auth_chk)(cmd_rec *); + void (*cmd_handler)(server_rec *, conn_t *); +@@ -1050,6 +1051,7 @@ + pid_t pid; + sigset_t sig_set; + ++ pfilter_init(); + if (!nofork) { + + /* A race condition exists on heavily loaded servers where the parent +@@ -1169,7 +1171,8 @@ + + /* Reseed pseudo-randoms */ + srand((unsigned int) (time(NULL) * getpid())); +- ++#else ++ pfilter_init(); + #endif /* PR_DEVEL_NO_FORK */ + + /* Child is running here */ +--- /dev/null 2016-01-22 17:30:55.0 -0500 src/pfilter.c 2016-01-22 16:37:55.0 -0500 +@@ -0,0 +1,40 @@ ++#include "pfilter.h" ++#include "conf.h" ++#include "privs.h" ++#ifdef HAVE_BLACKLIST ++#include ++#endif ++ ++static struct blacklist *blstate; ++ ++void ++pfilter_init(void) ++{ ++#ifdef HAVE_BLACKLIST ++ blstate = blacklist_open(); ++#endif ++} ++ ++void ++pfilter_notify(int a) ++{ ++#ifdef HAVE_BLACKLIST ++ conn_t *c = session.c; ++ int fd; ++ ++ if (c == NULL) ++ return; ++ if (c->rfd != -1) ++ fd = c->rfd; ++ else if (c->wfd != -1) ++ fd = c->wfd; ++ else ++ return; ++ ++ if (blstate == NULL) ++ pfilter_init(); ++ if (blstate == NULL) ++ return; ++ (void)blacklist_r(blstate, a, fd, "proftpd"); ++#endif ++}
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Jan 23 00:05:54 UTC 2016 Added Files: src/external/bsd/blacklist/diff: proftpd.diff Log Message: add proftpd diffs. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/external/bsd/blacklist/diff/proftpd.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Jan 23 00:05:38 UTC 2016 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: add more points. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/ssh.diff diff -u src/external/bsd/blacklist/diff/ssh.diff:1.7 src/external/bsd/blacklist/diff/ssh.diff:1.8 --- src/external/bsd/blacklist/diff/ssh.diff:1.7 Sat May 30 17:05:18 2015 +++ src/external/bsd/blacklist/diff/ssh.diff Fri Jan 22 19:05:38 2016 @@ -1,7 +1,8 @@ --- /dev/null 2015-01-22 23:10:33.0 -0500 +++ dist/pfilter.c 2015-01-22 23:46:03.0 -0500 -@@ -0,0 +1,27 @@ +@@ -0,0 +1,28 @@ +#include "namespace.h" ++#include "includes.h" +#include "ssh.h" +#include "packet.h" +#include "log.h" @@ -175,3 +176,56 @@ diff -u -r1.16 sshd.c if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, +Index: auth-pam.c +=== +RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth-pam.c,v +retrieving revision 1.7 +diff -u -u -r1.7 auth-pam.c +--- auth-pam.c 3 Jul 2015 00:59:59 - 1.7 auth-pam.c 23 Jan 2016 00:01:16 - +@@ -114,6 +114,7 @@ + #include "ssh-gss.h" + #endif + #include "monitor_wrap.h" ++#include "pfilter.h" + + extern ServerOptions options; + extern Buffer loginmsg; +@@ -809,6 +810,7 @@ + free(msg); + return (0); + } ++ pfilter_notify(1); + error("PAM: %s for %s%.100s from %.100s", msg, + sshpam_authctxt->valid ? "" : "illegal user ", + sshpam_authctxt->user, +Index: auth.c +=== +RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth.c,v +retrieving revision 1.15 +diff -u -u -r1.15 auth.c +--- auth.c 21 Aug 2015 08:20:59 - 1.15 auth.c 23 Jan 2016 00:01:16 - +@@ -656,6 +656,7 @@ + + pw = getpwnam(user); + if (pw == NULL) { ++ pfilter_notify(1); + logit("Invalid user %.100s from %.100s", + user, get_remote_ipaddr()); + return (NULL); +Index: auth1.c +=== +RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth1.c,v +retrieving revision 1.12 +diff -u -u -r1.12 auth1.c +--- auth1.c 3 Jul 2015 00:59:59 - 1.12 auth1.c 23 Jan 2016 00:01:16 - +@@ -376,6 +376,7 @@ + char *msg; + size_t len; + ++ pfilter_notify(1); + error("Access denied for user %s by PAM account " + "configuration", authctxt->user); + len = buffer_len();
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Jan 23 00:05:38 UTC 2016 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: add more points. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Jan 23 03:11:14 UTC 2016 Modified Files: src/external/bsd/blacklist/diff: proftpd.diff Log Message: cleanup pkgsrc junk To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/external/bsd/blacklist/diff/proftpd.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Jan 23 03:11:14 UTC 2016 Modified Files: src/external/bsd/blacklist/diff: proftpd.diff Log Message: cleanup pkgsrc junk To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/external/bsd/blacklist/diff/proftpd.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/proftpd.diff diff -u src/external/bsd/blacklist/diff/proftpd.diff:1.1 src/external/bsd/blacklist/diff/proftpd.diff:1.2 --- src/external/bsd/blacklist/diff/proftpd.diff:1.1 Fri Jan 22 19:05:54 2016 +++ src/external/bsd/blacklist/diff/proftpd.diff Fri Jan 22 22:11:14 2016 @@ -9,12 +9,6 @@ +OBJS+= pfilter.o +BUILD_OBJS+= src/pfilter.o + -$NetBSD: proftpd.diff,v 1.1 2016/01/23 00:05:54 christos Exp $ - -Make this pkgsrc friendly. - -Linking ftpdctl does not (seem to) require all the libraries needed for -various proftpd modules. It definitely cannot include -lwrap. --- /dev/null 2016-01-22 17:30:55.0 -0500 +++ include/pfilter.h 2016-01-22 16:18:33.0 -0500
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat May 30 21:05:18 UTC 2015 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: add prototype To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/ssh.diff diff -u src/external/bsd/blacklist/diff/ssh.diff:1.6 src/external/bsd/blacklist/diff/ssh.diff:1.7 --- src/external/bsd/blacklist/diff/ssh.diff:1.6 Sat Feb 14 14:05:59 2015 +++ src/external/bsd/blacklist/diff/ssh.diff Sat May 30 17:05:18 2015 @@ -11,7 +11,7 @@ +static struct blacklist *blstate; + +void -+pfilter_init() ++pfilter_init(void) +{ + blstate = blacklist_open(); +}
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat May 30 21:05:18 UTC 2015 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: add prototype To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Feb 14 15:42:17 UTC 2015 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: Add the bad user diff. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Feb 14 15:42:17 UTC 2015 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: Add the bad user diff. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/ssh.diff diff -u src/external/bsd/blacklist/diff/ssh.diff:1.4 src/external/bsd/blacklist/diff/ssh.diff:1.5 --- src/external/bsd/blacklist/diff/ssh.diff:1.4 Fri Jan 23 18:28:45 2015 +++ src/external/bsd/blacklist/diff/ssh.diff Sat Feb 14 10:42:17 2015 @@ -112,3 +112,49 @@ diff -u -u -r1.15 sshd.c /* * Stay listening for connections until the system crashes or * the daemon is killed with a signal. +Index: auth1.c +=== +RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth1.c,v +retrieving revision 1.9 +diff -u -u -r1.9 auth1.c +--- auth1.c 19 Oct 2014 16:30:58 - 1.9 auth1.c 14 Feb 2015 15:40:51 - +@@ -41,6 +41,7 @@ + #endif + #include monitor_wrap.h + #include buffer.h ++#include pfilter.h + + /* import */ + extern ServerOptions options; +@@ -445,6 +446,7 @@ + else { + debug(do_authentication: invalid user %s, user); + authctxt-pw = fakepw(); ++ pfilter_notify(1); + } + + /* Configuration may have changed as a result of Match */ +Index: auth2.c +=== +RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth2.c,v +retrieving revision 1.9 +diff -u -u -r1.9 auth2.c +--- auth2.c 19 Oct 2014 16:30:58 - 1.9 auth2.c 14 Feb 2015 15:40:51 - +@@ -52,6 +52,7 @@ + #include pathnames.h + #include buffer.h + #include canohost.h ++#include pfilter.h + + #ifdef GSSAPI + #include ssh-gss.h +@@ -256,6 +257,7 @@ + } else { + logit(input_userauth_request: invalid user %s, user); + authctxt-pw = fakepw(); ++ pfilter_notify(1); + } + #ifdef USE_PAM + if (options.use_pam)
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Feb 14 19:05:59 UTC 2015 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: one more pfilter_init() To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/diff/ssh.diff diff -u src/external/bsd/blacklist/diff/ssh.diff:1.5 src/external/bsd/blacklist/diff/ssh.diff:1.6 --- src/external/bsd/blacklist/diff/ssh.diff:1.5 Sat Feb 14 10:42:17 2015 +++ src/external/bsd/blacklist/diff/ssh.diff Sat Feb 14 14:05:59 2015 @@ -158,3 +158,20 @@ diff -u -u -r1.9 auth2.c } #ifdef USE_PAM if (options.use_pam) +Index: sshd.c +=== +RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/sshd.c,v +retrieving revision 1.16 +diff -u -r1.16 sshd.c +--- sshd.c 25 Jan 2015 15:52:44 - 1.16 sshd.c 14 Feb 2015 09:55:06 - +@@ -628,6 +628,8 @@ + explicit_bzero(pw-pw_passwd, strlen(pw-pw_passwd)); + endpwent(); + ++ pfilter_init(); ++ + /* Change our root directory */ + if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) + fatal(chroot(\%s\): %s, _PATH_PRIVSEP_CHROOT_DIR, +
CVS commit: src/external/bsd/blacklist/diff
Module Name:src Committed By: christos Date: Sat Feb 14 19:05:59 UTC 2015 Modified Files: src/external/bsd/blacklist/diff: ssh.diff Log Message: one more pfilter_init() To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/external/bsd/blacklist/diff/ssh.diff Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.