Date: Sat, 2 Jan 2016 11:59:59 +0000 (UTC) From: Thomas Zander <riggs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r405067 - in head/security/sshpass: . files Message-ID: <201601021159.u02BxxBo049825@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: riggs Date: Sat Jan 2 11:59:59 2016 New Revision: 405067 URL: https://svnweb.freebsd.org/changeset/ports/405067 Log: Backport patch from upstream trunk for 'hangs forever' issue On http://sourceforge.net/p/sshpass/bugs/12/ the issue is explained: Doing a "sshpass -p password ssh vmfreebsd10-32 -l account ls" hangs forever. The reason is that in this combination the prompt for the password looks like this: "Password for account@vmfreebsd10-32:" and sshpass checks the password against the string "assword:", so there is no match. This is fixed upstream in trunk, but no release has been created yet. Import the patch into the ports tree until the next release. PR: 204819 Submitted by: andrey@bsdnir.info Approved by: maintainer timeout Added: head/security/sshpass/files/ head/security/sshpass/files/patch-configure.ac (contents, props changed) head/security/sshpass/files/patch-main.c (contents, props changed) head/security/sshpass/files/patch-sshpass.1 (contents, props changed) Modified: head/security/sshpass/Makefile head/security/sshpass/pkg-descr Modified: head/security/sshpass/Makefile ============================================================================== --- head/security/sshpass/Makefile Sat Jan 2 11:37:24 2016 (r405066) +++ head/security/sshpass/Makefile Sat Jan 2 11:59:59 2016 (r405067) @@ -3,6 +3,7 @@ PORTNAME= sshpass PORTVERSION= 1.05 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= SF/${PORTNAME}/sshpass/${PORTVERSION} @@ -11,6 +12,7 @@ COMMENT= Non-interactive ssh password au LICENSE= GPLv2 +USES= autoreconf:env GNU_CONFIGURE= yes PLIST_FILES= bin/sshpass \ Added: head/security/sshpass/files/patch-configure.ac ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshpass/files/patch-configure.ac Sat Jan 2 11:59:59 2016 (r405067) @@ -0,0 +1,14 @@ +--- configure.ac.orig 2011-08-06 07:03:01 UTC ++++ configure.ac +@@ -32,6 +32,11 @@ AC_FUNC_SELECT_ARGTYPES + AC_TYPE_SIGNAL + AC_CHECK_FUNCS([select posix_openpt strdup]) + ++AC_ARG_ENABLE([password-prompt], ++ [AS_HELP_STRING([--enable-password-prompt=prompt], [Provide alternative ssh password prompt to look for.])], ++ [AC_DEFINE_UNQUOTED([PASSWORD_PROMPT], ["$enable_password_prompt"], [Password prompt to use])], ++ [AC_DEFINE([PASSWORD_PROMPT], ["assword"])]) ++ + AC_CONFIG_FILES([Makefile]) + AM_CONFIG_HEADER(config.h) + AC_OUTPUT Added: head/security/sshpass/files/patch-main.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshpass/files/patch-main.c Sat Jan 2 11:59:59 2016 (r405067) @@ -0,0 +1,65 @@ +--- main.c.orig 2011-08-06 07:04:33 UTC ++++ main.c +@@ -1,5 +1,5 @@ + /* This file is part of "sshpass", a tool for batch running password ssh authentication +- * Copyright (C) 2006 Lingnu Open Source Consulting Ltd. ++ * Copyright (C) 2006, 2015 Lingnu Open Source Consulting Ltd. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -69,6 +69,8 @@ struct { + int fd; + const char *password; + } pwsrc; ++ ++ const char *pwprompt; + } args; + + static void show_help() +@@ -77,6 +79,7 @@ static void show_help() + " -f filename Take password to use from file\n" + " -d number Use number as file descriptor for getting password\n" + " -p password Provide password as argument (security unwise)\n" ++ " -P prompt Which string should sshpass search for to detect a password prompt\n" + " -e Password is passed as env-var \"SSHPASS\"\n" + " With no parameters - password will be taken from stdin\n\n" + " -h Show help (this screen)\n" +@@ -99,7 +102,7 @@ static int parse_options( int argc, char + fprintf(stderr, "Conflicting password source\n"); \ + error=RETURN_CONFLICTING_ARGUMENTS; } + +- while( (opt=getopt(argc, argv, "+f:d:p:heV"))!=-1 && error==-1 ) { ++ while( (opt=getopt(argc, argv, "+f:d:p:P:heV"))!=-1 && error==-1 ) { + switch( opt ) { + case 'f': + // Password should come from a file +@@ -130,6 +133,9 @@ static int parse_options( int argc, char + optarg[i]='z'; + } + break; ++ case 'P': ++ args.pwprompt=optarg; ++ break; + case 'e': + VIRGIN_PWTYPE; + +@@ -359,7 +365,7 @@ int handleoutput( int fd ) + // We are looking for the string + static int prevmatch=0; // If the "password" prompt is repeated, we have the wrong password. + static int state1, state2; +- static const char compare1[]="assword:"; // Asking for a password ++ static const char *compare1=PASSWORD_PROMPT; // Asking for a password + static const char compare2[]="The authenticity of host "; // Asks to authenticate host + // static const char compare3[]="WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"; // Warns about man in the middle attack + // The remote identification changed error is sent to stderr, not the tty, so we do not handle it. +@@ -367,6 +373,10 @@ int handleoutput( int fd ) + char buffer[40]; + int ret=0; + ++ if( args.pwprompt ) { ++ compare1 = args.pwprompt; ++ } ++ + int numread=read(fd, buffer, sizeof(buffer) ); + + state1=match( compare1, buffer, numread, state1 ); Added: head/security/sshpass/files/patch-sshpass.1 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/sshpass/files/patch-sshpass.1 Sat Jan 2 11:59:59 2016 (r405067) @@ -0,0 +1,22 @@ +--- sshpass.1.orig 2011-08-06 06:58:25 UTC ++++ sshpass.1 +@@ -1,4 +1,4 @@ +-.TH SSHPASS 1 "August 6, 2011" "Lingnu Open Source Consulting" "Sshpass User Manual" ++.TH SSHPASS 1 "April 24, 2015" "Lingnu Open Source Consulting" "Sshpass User Manual" + .\" Please adjust this date whenever revising the manpage. + .SH NAME + sshpass \- noninteractive ssh password provider +@@ -37,6 +37,13 @@ password is read from the open file desc + .TP + .B \-e + The password is taken from the environment variable "SSHPASS". ++.TP ++.B \-P ++Set the password prompt. Sshpass searched for this prompt in the program's ++output to the TTY as an indication when to send the password. By default ++sshpass looks for the string "assword:" (which matches both "Password:" and ++"password:"). If your client's prompt does not fall under either of these, ++you can override the default with this option. + .SH SECURITY CONSIDERATIONS + .P + First and foremost, users of sshpass should realize that ssh's insistance on Modified: head/security/sshpass/pkg-descr ============================================================================== --- head/security/sshpass/pkg-descr Sat Jan 2 11:37:24 2016 (r405066) +++ head/security/sshpass/pkg-descr Sat Jan 2 11:59:59 2016 (r405067) @@ -2,4 +2,4 @@ Sshpass is a tool for non-interactively with SSH's so called "interactive keyboard password authentication". Most user should use SSH's more secure public key authentication instead. -WWW: http://sourceforge.net/projects/sshpass/ +WWW: http://sourceforge.net/projects/sshpass/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601021159.u02BxxBo049825>