1 |
commit: 3991e69a8144f7b2459ae7a666ec74c868ae7d2d |
2 |
Author: Patrick McLean <patrick.mclean <AT> sony <DOT> com> |
3 |
AuthorDate: Mon Oct 5 19:05:12 2020 +0000 |
4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Oct 5 19:05:36 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3991e69a |
7 |
|
8 |
net-misc/openssh-8.4_p1-r1: Revbump, enable the X509 USE flag |
9 |
|
10 |
Copyright: Sony Interactive Entertainment Inc. |
11 |
Package-Manager: Portage-3.0.8, Repoman-3.0.1 |
12 |
Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org> |
13 |
|
14 |
net-misc/openssh/Manifest | 1 + |
15 |
.../files/openssh-8.4_p1-X509-glue-12.6.patch | 34 ++++++ |
16 |
.../files/openssh-8.4_p1-hpn-14.22-X509-glue.patch | 129 +++++++++++++++++++++ |
17 |
...nssh-8.4_p1.ebuild => openssh-8.4_p1-r1.ebuild} | 12 +- |
18 |
4 files changed, 167 insertions(+), 9 deletions(-) |
19 |
|
20 |
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest |
21 |
index 8683815ce7d..173d930cac0 100644 |
22 |
--- a/net-misc/openssh/Manifest |
23 |
+++ b/net-misc/openssh/Manifest |
24 |
@@ -8,6 +8,7 @@ DIST openssh-8.2p1.tar.gz 1701197 BLAKE2B 8b95cdebc87e8d14f655ed13c12b91b122adf4 |
25 |
DIST openssh-8.3p1+x509-12.5.1.diff.gz 803054 BLAKE2B ec88959b4e3328e70d6f136f3d5bebced2e555de3ea40f55c535ca8a30a0eed84d177ad966e5bda46e1fc61d42141b13e96d068f5abfd069ae81b131dfb5a66c SHA512 28166a1a1aeff0c65f36263c0009e82cda81fc8f4efe3d11fabd0312d199a4f935476cf7074fbce68787d2fec0fd42f00fef383bf856a5767ce9d0ca6bbc8ef0 |
26 |
DIST openssh-8.3p1-sctp-1.2.patch.xz 7668 BLAKE2B abbc65253d842c09a04811bdbafc175c5226996cdd190812b47ce9646853cd5c1b21d733e719b481cce9c7f4dc00894b6d6be732e311850963df23b9dc55a0e6 SHA512 4e0cc1707663f902dfbf331a431325da78759cc757a4aaae33e0c7f64f21830ec805168d8ae4d47a65a20c235fa534679e288f922df2b24655b7d1ee9a3bf014 |
27 |
DIST openssh-8.3p1.tar.gz 1706358 BLAKE2B 0b53d92caa4a0f4cb40eee671ac889753d320b7c8e44df159a81dd8163c3663f07fa648f5dc506fb27d31893acf9701b997598c50bf204acf54172d72825a4d8 SHA512 b5232f7c85bf59ae2ff9d17b030117012e257e3b8c0d5ac60bb139a85b1fbf298b40f2e04203a2e13ca7273053ed668b9dedd54d3a67a7cb8e8e58c0228c5f40 |
28 |
+DIST openssh-8.4p1+x509-12.6.diff.gz 857479 BLAKE2B ac8c3e8c1087ca571e5459c9826903410ff2d45de60151d9bd8e59da15805b75752f8f3ffc231c9f8aaa8f2b2c07a97a8296684f885e0d14b54ff5d7bc585588 SHA512 e56516b376ecc3e5464895744ce0616cf4446a891fbd3cbcb090d5f61ebc349d74f9c01e855ccd22e574dbfeec0cb2ba7daf582983010ff991243a6371cc5fe3 |
29 |
DIST openssh-8.4p1-sctp-1.2.patch.xz 7668 BLAKE2B 2e22d2a90723cea9ef958bd989b8c431fcb08b4dc5bfd3ebbf463ca9546dc37acdc185c35ddf3adbb90bde9b3902bf36524a456061a9bcbdef7a76ece79e2ff4 SHA512 90da34b7b86e52df9e0191c99c9d645a4d4671958adebeed46e1149102d4ba8c729eadb79d84fad9feac64aafa0541d2f1f4db8cdfe0af5ba893aac072ef2380 |
30 |
DIST openssh-8.4p1.tar.gz 1742201 BLAKE2B 4b1e60d4962095df045c3a31bbf8af725b1c07324c4aa1f6b9a3ddb7e695c98e9aa01655b268f6fd6a400f511b23be91f6b89d07b14a6a2d92f873efb4d9c146 SHA512 d65275b082c46c5efe7cf3264fa6794d6e99a36d4a54b50554fc56979d6c0837381587fd5399195e1db680d2a5ad1ef0b99a180eac2b4de5637906cb7a89e9ce |
31 |
DIST openssh-8_1_P1-hpn-AES-CTR-14.20.diff 29935 BLAKE2B 79101c43601e41306c957481c0680a63357d93bededdf12a32229d50acd9c1f46a386cbb91282e9e7d7bb26a9f276f5a675fd2de7662b7cbd073322b172d3bca SHA512 94f011b7e654630e968a378375aa54fa1fde087b4426d0f2225813262e6667a1073814d6a83e9005f97b371c536e462e614bfe726b092ffed8229791592ca221 |
32 |
|
33 |
diff --git a/net-misc/openssh/files/openssh-8.4_p1-X509-glue-12.6.patch b/net-misc/openssh/files/openssh-8.4_p1-X509-glue-12.6.patch |
34 |
new file mode 100644 |
35 |
index 00000000000..f12a3096b64 |
36 |
--- /dev/null |
37 |
+++ b/net-misc/openssh/files/openssh-8.4_p1-X509-glue-12.6.patch |
38 |
@@ -0,0 +1,34 @@ |
39 |
+diff -u a/openssh-8.4p1+x509-12.6.diff b/openssh-8.4p1+x509-12.6.diff |
40 |
+--- a/openssh-8.4p1+x509-12.6.diff 2020-10-04 10:58:16.980495330 -0700 |
41 |
++++ b/openssh-8.4p1+x509-12.6.diff 2020-10-04 11:02:31.951966223 -0700 |
42 |
+@@ -39348,12 +39348,11 @@ |
43 |
+ |
44 |
+ install-files: |
45 |
+ $(MKDIR_P) $(DESTDIR)$(bindir) |
46 |
+-@@ -384,6 +365,8 @@ |
47 |
++@@ -384,6 +365,7 @@ |
48 |
+ $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)5 |
49 |
+ $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8 |
50 |
+ $(MKDIR_P) $(DESTDIR)$(libexecdir) |
51 |
+ + $(MKDIR_P) $(DESTDIR)$(sshcadir) |
52 |
+-+ $(MKDIR_P) $(DESTDIR)$(piddir) |
53 |
+ $(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH) |
54 |
+ $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT) |
55 |
+ $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT) |
56 |
+@@ -103950,16 +103949,6 @@ |
57 |
+ +int asnmprintf(char **, size_t, int *, const char *, ...) |
58 |
+ __attribute__((format(printf, 4, 5))); |
59 |
+ void msetlocale(void); |
60 |
+-diff -ruN openssh-8.4p1/version.h openssh-8.4p1+x509-12.6/version.h |
61 |
+---- openssh-8.4p1/version.h 2020-09-27 10:25:01.000000000 +0300 |
62 |
+-+++ openssh-8.4p1+x509-12.6/version.h 2020-10-03 10:07:00.000000000 +0300 |
63 |
+-@@ -2,5 +2,4 @@ |
64 |
+- |
65 |
+- #define SSH_VERSION "OpenSSH_8.4" |
66 |
+- |
67 |
+--#define SSH_PORTABLE "p1" |
68 |
+--#define SSH_RELEASE SSH_VERSION SSH_PORTABLE |
69 |
+-+#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1" |
70 |
+ diff -ruN openssh-8.4p1/version.m4 openssh-8.4p1+x509-12.6/version.m4 |
71 |
+ --- openssh-8.4p1/version.m4 1970-01-01 02:00:00.000000000 +0200 |
72 |
+ +++ openssh-8.4p1+x509-12.6/version.m4 2020-10-03 10:07:00.000000000 +0300 |
73 |
|
74 |
diff --git a/net-misc/openssh/files/openssh-8.4_p1-hpn-14.22-X509-glue.patch b/net-misc/openssh/files/openssh-8.4_p1-hpn-14.22-X509-glue.patch |
75 |
new file mode 100644 |
76 |
index 00000000000..9bd600b6a1c |
77 |
--- /dev/null |
78 |
+++ b/net-misc/openssh/files/openssh-8.4_p1-hpn-14.22-X509-glue.patch |
79 |
@@ -0,0 +1,129 @@ |
80 |
+diff -u a/openssh-8_3_P1-hpn-AES-CTR-14.22.diff b/openssh-8_3_P1-hpn-AES-CTR-14.22.diff |
81 |
+--- a/openssh-8_3_P1-hpn-AES-CTR-14.22.diff 2020-10-04 11:04:44.495171346 -0700 |
82 |
++++ b/openssh-8_3_P1-hpn-AES-CTR-14.22.diff 2020-10-04 11:48:05.099637206 -0700 |
83 |
+@@ -3,9 +3,9 @@ |
84 |
+ --- a/Makefile.in |
85 |
+ +++ b/Makefile.in |
86 |
+ @@ -46,7 +46,7 @@ CFLAGS=@CFLAGS@ |
87 |
+- CFLAGS_NOPIE=@CFLAGS_NOPIE@ |
88 |
+- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ |
89 |
+- PICFLAG=@PICFLAG@ |
90 |
++ LD=@LD@ |
91 |
++ CFLAGS=@CFLAGS@ $(CFLAGS_EXTRA) |
92 |
++ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@ |
93 |
+ -LIBS=@LIBS@ |
94 |
+ +LIBS=@LIBS@ -lpthread |
95 |
+ K5LIBS=@K5LIBS@ |
96 |
+@@ -803,7 +803,7 @@ |
97 |
+ ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) |
98 |
+ { |
99 |
+ struct session_state *state; |
100 |
+-- const struct sshcipher *none = cipher_by_name("none"); |
101 |
++- const struct sshcipher *none = cipher_none(); |
102 |
+ + struct sshcipher *none = cipher_by_name("none"); |
103 |
+ int r; |
104 |
+ |
105 |
+@@ -901,17 +901,18 @@ |
106 |
+ } |
107 |
+ |
108 |
+ /* |
109 |
+-@@ -2203,6 +2210,10 @@ fill_default_options(Options * options) |
110 |
++@@ -2203,5 +2210,10 @@ fill_default_options(Options * options) |
111 |
+ if (options->sk_provider == NULL) |
112 |
+ options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); |
113 |
+- #endif |
114 |
++ |
115 |
+ + if (options->update_hostkeys == -1) |
116 |
+ + options->update_hostkeys = 0; |
117 |
+ + if (options->disable_multithreaded == -1) |
118 |
+ + options->disable_multithreaded = 0; |
119 |
+- |
120 |
+- /* Expand KEX name lists */ |
121 |
+- all_cipher = cipher_alg_list(',', 0); |
122 |
+++ |
123 |
++ /* expand KEX and etc. name lists */ |
124 |
++ { char *all; |
125 |
++ #define ASSEMBLE(what, defaults, all) \ |
126 |
+ diff --git a/readconf.h b/readconf.h |
127 |
+ index e143a108..1383a3cd 100644 |
128 |
+ --- a/readconf.h |
129 |
+@@ -950,9 +951,9 @@ |
130 |
+ /* Portable-specific options */ |
131 |
+ sUsePAM, |
132 |
+ + sDisableMTAES, |
133 |
+- /* Standard Options */ |
134 |
+- sPort, sHostKeyFile, sLoginGraceTime, |
135 |
+- sPermitRootLogin, sLogFacility, sLogLevel, |
136 |
++ /* X.509 Standard Options */ |
137 |
++ sHostbasedAlgorithms, |
138 |
++ sPubkeyAlgorithms, |
139 |
+ @@ -679,6 +683,7 @@ static struct { |
140 |
+ { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, |
141 |
+ { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, |
142 |
+diff -u a/openssh-8_3_P1-hpn-DynWinNoneSwitch-14.22.diff b/openssh-8_3_P1-hpn-DynWinNoneSwitch-14.22.diff |
143 |
+--- a/openssh-8_3_P1-hpn-DynWinNoneSwitch-14.22.diff 2020-10-04 11:04:37.441213650 -0700 |
144 |
++++ b/openssh-8_3_P1-hpn-DynWinNoneSwitch-14.22.diff 2020-10-04 11:50:55.865616716 -0700 |
145 |
+@@ -382,7 +382,7 @@ |
146 |
+ @@ -888,6 +888,10 @@ kex_choose_conf(struct ssh *ssh) |
147 |
+ int nenc, nmac, ncomp; |
148 |
+ u_int mode, ctos, need, dh_need, authlen; |
149 |
+- int r, first_kex_follows; |
150 |
++ int r, first_kex_follows = 0; |
151 |
+ + int auth_flag; |
152 |
+ + |
153 |
+ + auth_flag = packet_authentication_state(ssh); |
154 |
+@@ -1193,14 +1193,3 @@ |
155 |
+ # Example of overriding settings on a per-user basis |
156 |
+ #Match User anoncvs |
157 |
+ # X11Forwarding no |
158 |
+-diff --git a/version.h b/version.h |
159 |
+-index a2eca3ec..ff654fc3 100644 |
160 |
+---- a/version.h |
161 |
+-+++ b/version.h |
162 |
+-@@ -3,4 +3,5 @@ |
163 |
+- #define SSH_VERSION "OpenSSH_8.3" |
164 |
+- |
165 |
+- #define SSH_PORTABLE "p1" |
166 |
+--#define SSH_RELEASE SSH_VERSION SSH_PORTABLE |
167 |
+-+#define SSH_HPN "-hpn14v22" |
168 |
+-+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN |
169 |
+diff -u a/openssh-8_3_P1-hpn-PeakTput-14.22.diff b/openssh-8_3_P1-hpn-PeakTput-14.22.diff |
170 |
+--- a/openssh-8_3_P1-hpn-PeakTput-14.22.diff 2020-10-04 11:51:46.409313155 -0700 |
171 |
++++ b/openssh-8_3_P1-hpn-PeakTput-14.22.diff 2020-10-04 11:56:57.407445258 -0700 |
172 |
+@@ -12,9 +12,9 @@ |
173 |
+ static long stalled; /* how long we have been stalled */ |
174 |
+ static int bytes_per_second; /* current speed in bytes per second */ |
175 |
+ @@ -127,6 +129,7 @@ refresh_progress_meter(int force_update) |
176 |
++ off_t bytes_left; |
177 |
+ int cur_speed; |
178 |
+- int hours, minutes, seconds; |
179 |
+- int file_len; |
180 |
++ int len; |
181 |
+ + off_t delta_pos; |
182 |
+ |
183 |
+ if ((!force_update && !alarm_fired && !win_resized) || !can_output()) |
184 |
+@@ -30,15 +30,17 @@ |
185 |
+ if (bytes_left > 0) |
186 |
+ elapsed = now - last_update; |
187 |
+ else { |
188 |
+-@@ -166,7 +173,7 @@ refresh_progress_meter(int force_update) |
189 |
++@@ -166,8 +173,8 @@ refresh_progress_meter(int force_update) |
190 |
++ buf[1] = '\0'; |
191 |
+ |
192 |
+ /* filename */ |
193 |
+- buf[0] = '\0'; |
194 |
+-- file_len = win_size - 36; |
195 |
+-+ file_len = win_size - 45; |
196 |
+- if (file_len > 0) { |
197 |
+- buf[0] = '\r'; |
198 |
+- snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s", |
199 |
++- if (win_size > 36) { |
200 |
++- int file_len = win_size - 36; |
201 |
+++ if (win_size > 45) { |
202 |
+++ int file_len = win_size - 45; |
203 |
++ snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s ", |
204 |
++ file_len, file); |
205 |
++ } |
206 |
+ @@ -191,6 +198,15 @@ refresh_progress_meter(int force_update) |
207 |
+ (off_t)bytes_per_second); |
208 |
+ strlcat(buf, "/s ", win_size); |
209 |
|
210 |
diff --git a/net-misc/openssh/openssh-8.4_p1.ebuild b/net-misc/openssh/openssh-8.4_p1-r1.ebuild |
211 |
similarity index 97% |
212 |
rename from net-misc/openssh/openssh-8.4_p1.ebuild |
213 |
rename to net-misc/openssh/openssh-8.4_p1-r1.ebuild |
214 |
index 6248805da22..34edf4ea761 100644 |
215 |
--- a/net-misc/openssh/openssh-8.4_p1.ebuild |
216 |
+++ b/net-misc/openssh/openssh-8.4_p1-r1.ebuild |
217 |
@@ -21,7 +21,7 @@ HPN_PATCHES=( |
218 |
) |
219 |
|
220 |
SCTP_VER="1.2" SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz" |
221 |
-#X509_VER="12.5.1" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" |
222 |
+X509_VER="12.6" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" |
223 |
|
224 |
DESCRIPTION="Port of OpenBSD's free SSH release" |
225 |
HOMEPAGE="https://www.openssh.com/" |
226 |
@@ -189,13 +189,7 @@ src_prepare() { |
227 |
pushd "${hpn_patchdir}" &>/dev/null || die |
228 |
eapply "${FILESDIR}"/${P}-hpn-${HPN_VER}-glue.patch |
229 |
eapply "${FILESDIR}"/${PN}-8.4_p1-hpn-${HPN_VER}-libressl.patch |
230 |
- if use X509; then |
231 |
- # einfo "Will disable MT AES cipher due to incompatbility caused by X509 patch set" |
232 |
- # # X509 and AES-CTR-MT don't get along, let's just drop it |
233 |
- # rm openssh-${HPN_PV//./_}-hpn-AES-CTR-${HPN_VER}.diff || die |
234 |
- |
235 |
- eapply "${FILESDIR}"/${PN}-8.2_p1-hpn-${HPN_VER}-X509-glue.patch |
236 |
- fi |
237 |
+ use X509 && eapply "${FILESDIR}"/${PN}-8.4_p1-hpn-${HPN_VER}-X509-glue.patch |
238 |
use sctp && eapply "${FILESDIR}"/${PN}-8.4_p1-hpn-${HPN_VER}-sctp-glue.patch |
239 |
popd &>/dev/null || die |
240 |
|
241 |
@@ -436,7 +430,7 @@ src_install() { |
242 |
|| die "failed to remove scp" |
243 |
fi |
244 |
|
245 |
- keepdir /var/empty |
246 |
+ rmdir "${D}"/var/empty || die |
247 |
|
248 |
systemd_dounit "${FILESDIR}"/sshd.{service,socket} |
249 |
systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service' |