| 1 |
commit: 4d633ac31d0dfc76ed9924f40125aa0a2bd125b5 |
| 2 |
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Wed Sep 28 06:43:49 2016 +0000 |
| 4 |
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Sep 28 06:43:49 2016 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=4d633ac3 |
| 7 |
|
| 8 |
net-misc/openssh: sync 7.1 version to latest, bug #595320 |
| 9 |
|
| 10 |
Package-Manager: portage-2.2.28-prefix |
| 11 |
|
| 12 |
net-misc/openssh/Manifest | 7 +++-- |
| 13 |
net-misc/openssh/metadata.xml | 9 ++++-- |
| 14 |
...h-7.1_p1-r2.ebuild => openssh-7.1_p2-r1.ebuild} | 36 +++++++++++----------- |
| 15 |
3 files changed, 28 insertions(+), 24 deletions(-) |
| 16 |
|
| 17 |
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest |
| 18 |
index e85eac1..5ad3eda 100644 |
| 19 |
--- a/net-misc/openssh/Manifest |
| 20 |
+++ b/net-misc/openssh/Manifest |
| 21 |
@@ -6,7 +6,8 @@ DIST openssh-6.8p1.tar.gz 1475953 SHA256 3ff64ce73ee124480b5bf767b9830d7d3c03bbc |
| 22 |
DIST openssh-6.9p1+x509-8.4.diff.gz 425687 SHA256 0ed8bfff0d2ecd9f3791ae1f168ca3270bb66d7ab7bc0a8ff2d61d2ab829c3fb SHA512 596cb65408db06fb299b92160147685b001dc23929ecf5c4bd11a8b0475d79695c7b4dbe8a878d7fbcd944155935fd62a14e35c79204b39e413f5eaa961ef76c WHIRLPOOL 771fa0f4f6a20ed49ba201605fcdcbfc41a0f094ef4a89ca2433ee51b7c8bf99cc266f26bd7877c61ff92e9a50c7d65119ba75ba64eaa029bd567bab3ee243c2 |
| 23 |
DIST openssh-6.9p1-r1-hpnssh14v5.tar.xz 21396 SHA256 84e9e28a1488ccf66e29a7c90442b3bc4833a6fa186260fb6853b5a1b19c0beb SHA512 476064dbdb3d82b86ad7c481a4a301ff0d46bd281fe7ca0c29f34ae50b0034028760997ae2c934a265499c154f4534d35ead647aa63d1a4545ed503a5364eada WHIRLPOOL 74eaf2fe0a6ecd0e2fa5078034628d4c76c75b121f3c813ff8a098ab28363daa3800d03936046aa3aebbfdab3afd31ef30a207399f5e305d7f71e5f3c7e4f4a7 |
| 24 |
DIST openssh-6.9p1.tar.gz 1487617 SHA256 6e074df538f357d440be6cf93dc581a21f22d39e236f217fcd8eacbb6c896cfe SHA512 68fec9b4e512fe126a5d35b01e2cc656d810b75052ed8a36bc85cd0a05de7318b15ed287bc95cf9bcb3fa2f385029151d85aced55e07fbcc79e6c779bee6751d WHIRLPOOL 1dcb291383c9f934b512f61ce9f6e0319f22e112ce3f6eace2a868ca0f99c709c65bae14a9815e2ef237f8132fe72c583cffb7ea20bdfa2aaa77cf347967be7f |
| 25 |
-DIST openssh-7.1p1+x509-8.6.diff.gz 413931 SHA256 cbf661a1fec080dc9ed335a290414154326c2a13f124985db050b86a91073d52 SHA512 c91d0f1b69b6d34984e94b391ad022271e73d0634cef2df355ba555366bc38d30649b478f245b6c51ce79d71adf1b693bc97826e6c6013a78e7ccfb7023b4bcc WHIRLPOOL 4ed4427e80026996c43a188d7d45f2c53fa6a7fd842a248b1225b27f3e9037e761f0ed172d79b53ada81c24d958a2193e94d918f6ca1320e45d5e68379845981 |
| 26 |
-DIST openssh-7.1p1-hpnssh14v9.tar.xz 21580 SHA256 a795c2f2621f537b3fd98172cbd1f7c71869e4da78cd280d123fa19ae4262b97 SHA512 6ce151949bf81b5518b95092a2f18d2f24581954e2c629deaf3c1d10136f32f830567aafb9b4045547e95e3ab63cf750e240eac40e2b9caa6d71cb2b132821ec WHIRLPOOL 8e3c9a1d79112092a6cb42c6766ccdf61e5d8fcd366ea5c7d3bab94cf309bcc12f3761476a288158638a340023aa24519d888caac19fb0ef25fa56bdab06412c |
| 27 |
-DIST openssh-7.1p1.tar.gz 1493170 SHA256 fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428 SHA512 f1491ca5a0a733eb27ede966590642a412cb7be7178dcb7b9e5844bbdc8383032f4b00435192b95fc0365b6fe74d6c5ac8d6facbe9d51e1532d049e2f784e8f7 WHIRLPOOL a650a93657f930d20dc3fa24ab720857f63f7cd0a82d1906cf1e58145e866129207851d5e587d678655e5731fa73221ab9b6ea0754533100c25fe2acaa442e05 |
| 28 |
+DIST openssh-7.1p2+x509-8.7.diff.gz 438584 SHA256 23030dff924a78718686fad6442b1083293b0c2a057714291bd0af9ed8ef5868 SHA512 d9aa43f5fc06b88b442285a9f9a15d01b52796c36f0cb228c756edca473a89eadb296c45503a14514fdb156d3bc9d90ff33271ccfa9461a9bb2b798a581cc007 WHIRLPOOL ef3f4486fff0addad1a6bdcde3ba606d55d6e3ea5d2cd6e79bfe2494d660c38f0e9f1c157af72c3b6ad5e6eb3731168f975b26c94f8357154e54c08e5d876652 |
| 29 |
+DIST openssh-7.1p2-hpnssh14v10.tar.xz 22388 SHA256 729e20a2627ca403da6cfff8ef251c03421022123a21c68003181b4e5409bcc5 SHA512 b8e88ac5891ed632416db8da6377512614f19f5f7a7c093b55ecfe3e3f50979c61c0674e9381c316632d8daed90f8cce958c9b77bd00084a4ee1b0297cf321ba WHIRLPOOL c466cc33dc4a40e9466148beb154c539e095ac1b9cdcc5b3d235cbcf12ca10255d63da2f0e1da10d1afa1a0d2ebd436ca0d9e542c732df6ef67fb8f4d2d0192c |
| 30 |
+DIST openssh-7.1p2.tar.gz 1475829 SHA256 dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd SHA512 d5be60f3645ec238b21e1f2dfd801b2136146674bbc086ebdb14be516c613819bc87c84b5089f3a45fe6e137a7458404f79f42572c69d91571e45ebed9d5e3af WHIRLPOOL 9f48952b82db3983c20e84bcff5b6761f5b284174072c828698dced3a53ca8bbc2e1f89d2e82b62a68f4606b52c980fcf097250f86c1a67ad343d20e3ec9d1f4 |
| 31 |
DIST openssh-lpk-6.8p1-0.3.14.patch.xz 16940 SHA256 d5f048dc7e9d3fca085c152fc31306f1d8fa793e524c538295915b075ec085b0 SHA512 2470b6b46f8c7ac985f82d14b788a3eb81a468a1d5013cb7f89257d9dd78b6037e24bf54ac57b757db8ed1df24332d659cf918c11ea73592fd24a69c25a54081 WHIRLPOOL b041ee9e0efdf370686f11df4131ab5e5ffb2f11cc66c386a8223bf563c5b78ab9443f06e4adc2e506e440cdec9dc5b20f5972cd8d691d786d2f903bb49b947b |
| 32 |
+DIST openssh-lpk-7.1p2-0.3.14.patch.xz 17704 SHA256 fbf2e1560cac707f819a539999c758a444ba6bfe140ef80d1af7ef1c9a95f0df SHA512 95851baa699da16720358249d54d2f6a3c57b0ae082375bef228b97697c501c626ab860916c5b17e3c649b44f14f4009ff369962597438dfd60480a0e4882471 WHIRLPOOL 4629b3a7d1f373a678935e889a6cd0d66d70b420e93e40ae0ad19aa7f91be7dcf2169fb797d89df93005a885d54ebaa0d46c2e5418bd2d0a77ad64e65897b518 |
| 33 |
|
| 34 |
diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml |
| 35 |
index ec8bad1..29134fc 100644 |
| 36 |
--- a/net-misc/openssh/metadata.xml |
| 37 |
+++ b/net-misc/openssh/metadata.xml |
| 38 |
@@ -1,8 +1,11 @@ |
| 39 |
<?xml version="1.0" encoding="UTF-8"?> |
| 40 |
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
| 41 |
<pkgmetadata> |
| 42 |
- <herd>base-system</herd> |
| 43 |
- <maintainer restrict="net-misc/openssh[ldap]"> |
| 44 |
+ <maintainer type="project"> |
| 45 |
+ <email>base-system@g.o</email> |
| 46 |
+ <name>Gentoo Base System</name> |
| 47 |
+ </maintainer> |
| 48 |
+ <maintainer type="person"> |
| 49 |
<email>robbat2@g.o</email> |
| 50 |
<description>LPK issues. Only assign if it's a direct LPK issue. Do not directly assign for anything else.</description> |
| 51 |
</maintainer> |
| 52 |
@@ -25,7 +28,7 @@ ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and |
| 53 |
<flag name="hpn">Enable high performance ssh</flag> |
| 54 |
<flag name="ldap">Add support for storing SSH public keys in LDAP</flag> |
| 55 |
<flag name="ldns">Use LDNS for DNSSEC/SSHFP validation.</flag> |
| 56 |
- <flag name="sctp">Support for Stream Control Transmission Protocol</flag> |
| 57 |
+ <flag name="livecd">Enable root password logins for live-cd environment.</flag> |
| 58 |
<flag name="ssh1">Support the legacy/weak SSH1 protocol</flag> |
| 59 |
<flag name="ssl">Enable additional crypto algorithms via OpenSSL</flag> |
| 60 |
<flag name="X509">Adds support for X.509 certificate authentication</flag> |
| 61 |
|
| 62 |
diff --git a/net-misc/openssh/openssh-7.1_p1-r2.ebuild b/net-misc/openssh/openssh-7.1_p2-r1.ebuild |
| 63 |
similarity index 92% |
| 64 |
rename from net-misc/openssh/openssh-7.1_p1-r2.ebuild |
| 65 |
rename to net-misc/openssh/openssh-7.1_p2-r1.ebuild |
| 66 |
index 1a1e9a2..d17c953 100644 |
| 67 |
--- a/net-misc/openssh/openssh-7.1_p1-r2.ebuild |
| 68 |
+++ b/net-misc/openssh/openssh-7.1_p2-r1.ebuild |
| 69 |
@@ -1,17 +1,18 @@ |
| 70 |
-# Copyright 1999-2015 Gentoo Foundation |
| 71 |
+# Copyright 1999-2016 Gentoo Foundation |
| 72 |
# Distributed under the terms of the GNU General Public License v2 |
| 73 |
# $Id$ |
| 74 |
|
| 75 |
-EAPI="4" |
| 76 |
+EAPI="5" |
| 77 |
+ |
| 78 |
inherit eutils user flag-o-matic multilib autotools pam systemd versionator |
| 79 |
|
| 80 |
# Make it more portable between straight releases |
| 81 |
# and _p? releases. |
| 82 |
PARCH=${P/_} |
| 83 |
|
| 84 |
-HPN_PATCH="${PARCH}-hpnssh14v9.tar.xz" |
| 85 |
-LDAP_PATCH="${PN}-lpk-6.8p1-0.3.14.patch.xz" |
| 86 |
-X509_VER="8.6" X509_PATCH="${PN}-${PV//_/}+x509-${X509_VER}.diff.gz" |
| 87 |
+HPN_PATCH="${PARCH}-hpnssh14v10.tar.xz" |
| 88 |
+LDAP_PATCH="${PN}-lpk-7.1p2-0.3.14.patch.xz" |
| 89 |
+X509_VER="8.7" X509_PATCH="${PN}-${PV/_}+x509-${X509_VER}.diff.gz" |
| 90 |
|
| 91 |
DESCRIPTION="Port of OpenBSD's free SSH release" |
| 92 |
HOMEPAGE="http://www.openssh.org/" |
| 93 |
@@ -19,7 +20,6 @@ SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz |
| 94 |
mirror://gentoo/${PN}-6.8_p1-sctp.patch.xz |
| 95 |
${HPN_PATCH:+hpn? ( |
| 96 |
mirror://gentoo/${HPN_PATCH} |
| 97 |
- https://dev.gentoo.org/~polynomial-c/${HPN_PATCH} |
| 98 |
mirror://sourceforge/hpnssh/${HPN_PATCH} |
| 99 |
)} |
| 100 |
${LDAP_PATCH:+ldap? ( mirror://gentoo/${LDAP_PATCH} )} |
| 101 |
@@ -116,14 +116,15 @@ src_prepare() { |
| 102 |
|
| 103 |
if use X509 ; then |
| 104 |
pushd .. >/dev/null |
| 105 |
- pushd ${HPN_PATCH%.*.*} >/dev/null |
| 106 |
- epatch "${FILESDIR}"/${PN}-7.1_p1-hpn-x509-glue.patch |
| 107 |
- popd >/dev/null |
| 108 |
+ if use hpn ; then |
| 109 |
+ pushd ${HPN_PATCH%.*.*} >/dev/null |
| 110 |
+ epatch "${FILESDIR}"/${PN}-7.1_p1-hpn-x509-glue.patch |
| 111 |
+ popd >/dev/null |
| 112 |
+ fi |
| 113 |
epatch "${FILESDIR}"/${PN}-7.0_p1-sctp-x509-glue.patch |
| 114 |
popd >/dev/null |
| 115 |
epatch "${WORKDIR}"/${X509_PATCH%.*} |
| 116 |
- epatch "${FILESDIR}"/${PN}-6.3_p1-x509-hpn14v2-glue.patch |
| 117 |
- epatch "${FILESDIR}"/${PN}-6.9_p1-x509-warnings.patch |
| 118 |
+ epatch "${FILESDIR}"/${PN}-7.1_p2-x509-hpn14v10-glue.patch |
| 119 |
save_version X509 |
| 120 |
fi |
| 121 |
if use ldap ; then |
| 122 |
@@ -157,8 +158,6 @@ src_prepare() { |
| 123 |
) |
| 124 |
sed -i "${sed_args[@]}" configure{.ac,} || die |
| 125 |
|
| 126 |
- sed -i -e 's/-m 4711/-m 0711/' "${S}"/Makefile.in || die |
| 127 |
- |
| 128 |
epatch_user #473004 |
| 129 |
|
| 130 |
# Now we can build a sane merged version.h |
| 131 |
@@ -174,7 +173,6 @@ src_prepare() { |
| 132 |
|
| 133 |
src_configure() { |
| 134 |
addwrite /dev/ptmx |
| 135 |
- addpredict /etc/skey/skeykeys # skey configure code triggers this |
| 136 |
|
| 137 |
use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG |
| 138 |
use static && append-ldflags -static |
| 139 |
@@ -200,8 +198,7 @@ src_configure() { |
| 140 |
$(use_with selinux) |
| 141 |
$(use_with skey) |
| 142 |
$(use_with ssh1) |
| 143 |
- # The X509 patch deletes this option entirely. |
| 144 |
- $(use X509 || use_with ssl openssl) |
| 145 |
+ $(use_with ssl openssl) |
| 146 |
$(use_with ssl md5-passwords) |
| 147 |
$(use_with ssl ssl-engine) |
| 148 |
) |
| 149 |
@@ -295,7 +292,6 @@ src_test() { |
| 150 |
pkg_preinst() { |
| 151 |
enewgroup sshd 22 |
| 152 |
enewuser sshd 22 -1 /var/empty sshd |
| 153 |
- fperms 4711 /usr/$(get_libdir)/misc/ssh-keysign |
| 154 |
} |
| 155 |
|
| 156 |
pkg_postinst() { |
| 157 |
@@ -312,12 +308,16 @@ pkg_postinst() { |
| 158 |
elog "Make sure to update any configs that you might have. Note that xinetd might" |
| 159 |
elog "be an alternative for you as it supports USE=tcpd." |
| 160 |
fi |
| 161 |
- if has_version "<${CATEGORY}/${PN}-7.1_p1" ; then #557388 |
| 162 |
+ if has_version "<${CATEGORY}/${PN}-7.1_p1" ; then #557388 #555518 |
| 163 |
elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their" |
| 164 |
elog "weak sizes. If you rely on these key types, you can re-enable the key types by" |
| 165 |
elog "adding to your sshd_config or ~/.ssh/config files:" |
| 166 |
elog " PubkeyAcceptedKeyTypes=+ssh-dss" |
| 167 |
elog "You should however generate new keys using rsa or ed25519." |
| 168 |
+ |
| 169 |
+ elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'" |
| 170 |
+ elog "to 'prohibit-password'. That means password auth for root users no longer works" |
| 171 |
+ elog "out of the box. If you need this, please update your sshd_config explicitly." |
| 172 |
fi |
| 173 |
if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]" ; then |
| 174 |
elog "Be aware that by disabling openssl support in openssh, the server and clients" |
Archives