- make PKGNAMESUFFIX more flexible

- add SIZE

- update to 3.8p1

- fix Usage

- new option WITHOUT_KERBEROS

PR:             58156
Submitted by:   matt@peterson.org

- fix build with kerberos5 from base and missing libdes
- get rid of autoconf dependency

- fix spelling of gssapi

- add CONFLICTS
Submitted by:   eikemeier@fillmore-labs.com

- GSSAPI patch improved for kerbers5 and hemidal

Submitted by:   bg@sics.se

- cleanup GSSAPI option

- Fix BATCH=yes patch for bento.

- update to 3.7.1p2
more regressions tests successfull

- Security Fix in PAM handling
Obtained from:  des

- mark FORBIDDEN until fixed.

- Security Fix obtained from OpenBSD
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/buffer.c.diff?r1=1.18&r2=1.19

Submitted by:   ash@lab.poc.net

Add Solar Designer's additional fixes to buffer management.

- Securitry Fix revision 2
http://www.openssh.com/txt/buffer.adv
Approved by:    lioux (portmgr)

Do not record expanded size before attempting to reallocate associated
memory.

Obtained from:  OpenBSD

- use OPENSSLRPATH from bsd.openssl.mk
- strip CONFIGURE_ENV, LDFLAGS is set in bsd.openssl.mk

- use hook for bsd.openssl.mk

- Update to gssapi-20030430
Submitted by:   wollman@lcs.mit.edu

- Update to 3.6.1p2

- honor any given LDFLAGS

- Change all USE_OPENSSL_* to WITH_OPENSSL_*

- use bsd.openssl.mk

- Update to 3.6.1p1

- extend regression tests

- Update to 3.6p1

- add USE_PERL5_BUILD

- retire pkg-comment

- add COMMENT

- openssh-3.5p1 doesn't log utmp for IPv6 connection correctly
Submitted by:   ume

openssh-gssapi-3.5p1 is marked as broken

- cleanup of mor patches
- fix Makefile to avoid key-generation on bento.

remove an disfuntional MASTER_SITE

Update to 3.5p1

Craete moduli on bento.

add bugfix from CURRENT

Fix resolver problem with privilege-separation.
PR:             39953

- add pam_cleanup from CURRENT
- Fix build problems < 4.0
PR:             40576

Add bits for regression tests
Fix build for /var/empty is schg and have open permissions.

- Fix Problem with HAVE_HOST_IN_UTMP
- update monitor.c

PR:             40576
Submitted by:   lxv@a-send-pr.sink.omut.org

merge PAM buffer management from current.

PermitRootLogin no explanation added.

'PermitRootLogin no' is the new default for the OpenSSH port.
This now matches the PermitRootLogin configuration of OpenSSH in
the base system.  Please be aware of this when upgrading your
OpenSSH port, and if truly necessary, re-enable remote root login
by readjusting this option in your sshd_config.

Users are encouraged to create single-purpose users with ssh keys
and very narrowly defined sudo privileges instead of using root
for automated tasks.

- PKGNAMESUFFIX for GSSAPI set.
- Merged some patches from current to improve PAM.
- Fix BATCH=yes for bento.

Cleanup patch to avoid conflicts with GSSAPI patches

Revert changes.

give Enviroment from login.conf priority over all others,
problem found by drs@rucus.ru.ac.za.

Update gssapi patch

Defaults changed: (Gregory Sutter)
 ChallengeResponseAuthentication no
 UseLogin no

patch for configure, to detect MAP_ANON submitted by:
Christophe Labouisse,Michael Handler,Gert Doering,Phil Oleson,Dave Baker

fix missing includes for "canohost.h"

nuke obsolete file

update patch for 3.4

Update to openssh-3.4
Update to openssh-3.4p1

Security FIX, Please update to this Version.

Options for both:
USE_OPENSSL_BASE=yes
        uses an older opensssl in the base system.

Options for portable:
OPENSSH_OVERWRITE_BASE=yes
        includes USE_OPENSSL_BASE=yes
        installls in the paths of the base system

Thanks to max@wide.ad.jp, maxim, obraun@informatik.unibw-muenchen.de, fjoe
Patch from current, noted by drs@rucus.ru.ac.za:
environment variables in the 'setenv' field of login.conf are set now.

Streamline OPENSSH_OVERWRITE_BASE=yes

Migrate configuration files to $PREFIX/etc/ssh/
Add ${PREFIX}/etc/rc.d/sshd.sh.sample

change --with-privsep-path if OPENSSH_OVERWRITE_BASE is in effect.
Submitted by:   brad@brad-x.com

Fix a typo, only affects when installing a packae on a clean system.
Submitted by:   anders@fix.no

Create user when package is extracted

Create user for privsep

Update: openssh-3.2.3p1
New manpages: ssh-keysign.8 sftp-server.8 sshd.8
New program ssh-keysign

- Get rid of PERL and use SED

Fix typing error in OPTION

Submitted by:   joseph@randomnetworks.com

Honor Option ENABLE_SUID_SSH
Build defaults witouth SUID

- get rid of duplicate code in Makefiles.
- Fix USE_OPENSSL_PORT and USE_OPENSSL_BASE
- drop obsolete/broken USE_OPENSSL

Update to OpenSSH 3.2.3

- patch openssh-3.1-adv.token.patch is now obsolete.
- remerged PAM changes form previous port
- declare CMSG_* macros.
- fixed bad type in function input_userauth_passwd_changereq

Update to OpenSSH-portable-3.2.3p1

- patch openssh-3.1p1-adv.token.patch is now obsolete
- keep previously declared CONFIGURE_ARGS
- remove openssh-mit-krb5-20020326.diff (should be in the distribution now)
- patch patch-readpassphrase.c is now in teh distribution
- merged previous patches.
- extend CONFIGURE_ARGS so it find OPENSSL again.
- new patches for GSSAPI, not fully tested.

If you have the patch applied:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/36080

Builds with openssl-0.9.6d under:
2.2.8-RELEASE
3.2-RELEASE
4.2-RELEASE
4.6-RC

Use crypto.3 as dependeny.
To keep consistent with USE_SSL in bsd.port.mk

Chase openssl shlib version increase.

Pointy hat to:  dinoex

openssl:
- some configure scripts check the version of the lib
  so we need to update SHLIBVER
- bump PORTREVISION

openssh:
- build ports with local openssl, if it exists

Security fix for token passing, see bugtraq for details.
- fetch and use openssh-3.1-adv.token.patch to build.
- bump PORTREVISION

- Fix build for 5.0-CURRENT

Updated Patch on openBSD website,
patch openssh/files/patch-cipher.c is now obsolete.

- Make KERBEROS patch build with heimdal port

- Fix problem with auth_ttyok and ttyname
- Make KERBEROS patch build with heimdal port

- Update patches for Option KRB5_HOME
        openssh-3.1p1-gssapi-20020321.diff
        openssh-mit-krb5-20020319.diff

Merged patches for HAVE_LOGIN_CAP from stable

PR:             35904

Fixed Build in 4.2
Add correct Version of OPENSSL in dependencies if older than 4.3
(bsd.ports.mk) is still not sufficent.

Extend the description for openssh-portable   Fix description for openssh    

Allow IPv6 connection if detected by configure.    

fix patch for build on bento    

- patch to fix undefined (ulong)   - builds now for FreeBSD 2.2.8    

Fix thinko and make it possible to disable Kerberos support on the   make
command line even if KRB5_HOME is set in make.conf.    

Mark BROKEN in Kerberos case: Simon Wilkinson has not released   updated patches
yet.  (I hope dinoex doesn't mind my committing this.)    

Update to OpenSSH 3.1 OpennSSH-portable 3.1p1    

Fix off-by-one error.    

Add option to support patches:    

Add patch for: readpassphrase.h           Someone in the OpenSSH world doesn't
understand the difference   between application and implementation namespaces. 
This causes   conflicts with <readpassphrase.h>.    

PKGNAMESUFFIX set for Option OPENSSH_OVERWRITE_BASE    

Fix MANPREFIX, so manpages are compressed    

strip trailing \    

adding a knob to the OpenSSH port to allow people   to overwrite the ssh in the
base system.           make OPENSSH_OVERWRITE_BASE=yes    

- extend patch for batch mode, so no site-specifc files are installed.    

- Udate to OpenSSH-3.0.2   - make batch-processing cleaner    

In BATCH mode - clean generated host keys.    

Give dinoex@ maintainership since he's really been maintaining it and   is
better suited for maintaining this port.    

Update to openssh-3.0.1 and openssh-portable-3.0.1p1    

Update to OpenSSH 3.0 and OpenSSH-portable 3.0p1   Extracted from Changelog (not
complete):    

cvs rm'ing patch-coredump, as the current versions are safe.   It does no harm,
so a second bump of PORTVERSION is not needed.    

- included an patch that solves a coredump in sshd   - Bumped PORTREVISION