OpenSSH 3.0.2p1 AIX .bff patch Create AIX installp/SMIT installable .bff/.lpp packages of OpenSSH (updated 2002/3/4)
This patch was integrated before 3.1p1. Unfortunately other changes caused the scripts to break just before 3.1p1 shipped. The next patch fixes that and adds some sanity checks.
OpenSSH 3.1p1 AIX .bff
patch Fixes errors "0503-005 inutoc: The format of the toc file is
invalid." and "0503-019 inutoc: openssh 1 is an invalid level." in AIX
buildbff script shipped with OpenSSH 3.1p1
OpenSSH 3.3p1 AIX .bff patch This patch is included in 3.4p1.
These are old patches against 3.5p1 to add password expiry to sshd, based originally on patches by Pablo Sor and Mark Pitt. Includes "your password will expire on ..." warnings.
openssh-3.5p1-aixpassexpire.patch Original patch against 3.5p1. Uses /bin/passwd in session. (2002-10-13).make -f Makefile.in
distprep. Diff against post-3.5p1 CVS tree. openssh-passexpire16.patch
Only generates login message when euid == 0. This prevents a fatal
error if authentication is postponed. Because configure.ac is patched,
you must run autoreconf to re-build configure. openssh-3.5p1-passexpire16.patch
is the same patch against the 3.5p1 release (autoreconf is not
required for this patch).
openssh-passexpire17.patch
Fixed problem where forced-password changes did not work when account
expiry was not enabled, reported by Zdenek Tlusty. Enabled basic PAM
password expiry support support. You must run autoreconf
to re-build configure. openssh-3.5p1-passexpire17.patch
is the same patch against the 3.5p1 release (autoreconf is not
required for this patch).
openssh-passexpire18.patch Fixed a double-change bug when PAM was enabled (reported by Dan Oviatt). Removed the forward-flag resetting via the use of SIGUSR1. openssh-3.5p1-passexpire18.patch is the same patch against the 3.5p1 release, openssh-3.6.1p1-passexpire18.patch the same against 3.6.1p1.
openssh-passexpire19.patch (gpg sig). Added handling of AIX's S_MAXAGE attribute when checking for over-expired passwords. Based on report and code from Ravinder Sekhon. openssh-3.6.1p2-passexpire19.patch (gpg sig) the same against 3.6.1p2.
openssh-3.6.1p2-passexpire20.patch (gpg sig). Fixed stupid bug that prevented password expiry from working with PAM and PrivSep, reported by Scott Burch. There is currently no passexpire20 patch for the CVS tree.
openssh-3.6.1p2-passexpire21.patch (gpg sig). Fixed stupid bug that prevented correct operation of /etc/nologin. Reported and fix confirmed by Andrew Elwell. There is no passexpire21 patch for the CVS tree either.
openssh-3.6.1p2-passexpire22.patch (gpg sig). Flush expiry messages to ensure they are displayed before the password change prompt. Store expiry message before stripping newlines and logging. Add newlines to ensure expiry messages are nicely formatted. Reported by Andrew Elwell.
openssh-3.6.1p2-passexpire23.patch (gpg sig). Backported configure's loginfailed() argument detection from -current. Will now automatically detect if loginfailed() takes 4 arguments (ie should compile OK on AIX 5.2). No other changes.
openssh-3.7p1-pwexp24.patch (gpg sig). Updated patch to 3.7p1. Due to the urgency of the 3.7p1 release, this patch is not as well tested as I would have liked, however reports of problems are welcome. (Updated 2003-09-17 to correct missing PATH_PASSWD_PROGRAM define, no functional changes). There is also a patch for 3.7.1p1: openssh-3.7.1p1-pwexp24.patch (gpg sig) and 3.7.1p2: openssh-3.7.1p2-pwexp24.patch (gpg sig).
openssh-3.7.1p2-pwexp25.patch (gpg sig). Now displays messages returned by PAM modules.
OpenSSH 3.0.2p1 Solaris
buildpkg patch Adds postinstall script to preserve original
configs and restart sshd.
In OpenSSH versions 3.1p1 and above the buildpkg scripts have been
overhauled.
Page last modified: $Date: 2022-05-25 $