1 |
commit: baf822f58e1e881b5f3dbf553ed550d93329fffa |
2 |
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Mar 30 18:30:18 2017 +0000 |
4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Mar 30 18:30:45 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=baf822f5 |
7 |
|
8 |
net-misc/openssh: Add patch to allow 7.4_p1 to build with X509+libressl |
9 |
|
10 |
Package-Manager: Portage-2.3.5, Repoman-2.3.2 |
11 |
|
12 |
.../files/openssh-7.5p1-x509-libressl.patch | 202 +++++++++++++++++++++ |
13 |
net-misc/openssh/openssh-7.5_p1-r1.ebuild | 1 + |
14 |
2 files changed, 203 insertions(+) |
15 |
|
16 |
diff --git a/net-misc/openssh/files/openssh-7.5p1-x509-libressl.patch b/net-misc/openssh/files/openssh-7.5p1-x509-libressl.patch |
17 |
new file mode 100644 |
18 |
index 00000000000..b4f36a51318 |
19 |
--- /dev/null |
20 |
+++ b/net-misc/openssh/files/openssh-7.5p1-x509-libressl.patch |
21 |
@@ -0,0 +1,202 @@ |
22 |
+diff -urN openssh-7.5p1.orig/a_utf8.c openssh-7.5p1/a_utf8.c |
23 |
+--- openssh-7.5p1.orig/a_utf8.c 1970-01-01 00:00:00.000000000 +0000 |
24 |
++++ openssh-7.5p1/a_utf8.c 2017-03-30 17:38:25.179532110 +0000 |
25 |
+@@ -0,0 +1,186 @@ |
26 |
++/* |
27 |
++ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
28 |
++ * |
29 |
++ * Licensed under the OpenSSL license (the "License"). You may not use |
30 |
++ * this file except in compliance with the License. You can obtain a copy |
31 |
++ * in the file LICENSE in the source distribution or at |
32 |
++ * https://www.openssl.org/source/license.html |
33 |
++ */ |
34 |
++ |
35 |
++#include <stdio.h> |
36 |
++ |
37 |
++/* UTF8 utilities */ |
38 |
++ |
39 |
++/*- |
40 |
++ * This parses a UTF8 string one character at a time. It is passed a pointer |
41 |
++ * to the string and the length of the string. It sets 'value' to the value of |
42 |
++ * the current character. It returns the number of characters read or a |
43 |
++ * negative error code: |
44 |
++ * -1 = string too short |
45 |
++ * -2 = illegal character |
46 |
++ * -3 = subsequent characters not of the form 10xxxxxx |
47 |
++ * -4 = character encoded incorrectly (not minimal length). |
48 |
++ */ |
49 |
++ |
50 |
++int UTF8_getc(const unsigned char *str, int len, unsigned long *val) |
51 |
++{ |
52 |
++ const unsigned char *p; |
53 |
++ unsigned long value; |
54 |
++ int ret; |
55 |
++ if (len <= 0) |
56 |
++ return 0; |
57 |
++ p = str; |
58 |
++ |
59 |
++ /* Check syntax and work out the encoded value (if correct) */ |
60 |
++ if ((*p & 0x80) == 0) { |
61 |
++ value = *p++ & 0x7f; |
62 |
++ ret = 1; |
63 |
++ } else if ((*p & 0xe0) == 0xc0) { |
64 |
++ if (len < 2) |
65 |
++ return -1; |
66 |
++ if ((p[1] & 0xc0) != 0x80) |
67 |
++ return -3; |
68 |
++ value = (*p++ & 0x1f) << 6; |
69 |
++ value |= *p++ & 0x3f; |
70 |
++ if (value < 0x80) |
71 |
++ return -4; |
72 |
++ ret = 2; |
73 |
++ } else if ((*p & 0xf0) == 0xe0) { |
74 |
++ if (len < 3) |
75 |
++ return -1; |
76 |
++ if (((p[1] & 0xc0) != 0x80) |
77 |
++ || ((p[2] & 0xc0) != 0x80)) |
78 |
++ return -3; |
79 |
++ value = (*p++ & 0xf) << 12; |
80 |
++ value |= (*p++ & 0x3f) << 6; |
81 |
++ value |= *p++ & 0x3f; |
82 |
++ if (value < 0x800) |
83 |
++ return -4; |
84 |
++ ret = 3; |
85 |
++ } else if ((*p & 0xf8) == 0xf0) { |
86 |
++ if (len < 4) |
87 |
++ return -1; |
88 |
++ if (((p[1] & 0xc0) != 0x80) |
89 |
++ || ((p[2] & 0xc0) != 0x80) |
90 |
++ || ((p[3] & 0xc0) != 0x80)) |
91 |
++ return -3; |
92 |
++ value = ((unsigned long)(*p++ & 0x7)) << 18; |
93 |
++ value |= (*p++ & 0x3f) << 12; |
94 |
++ value |= (*p++ & 0x3f) << 6; |
95 |
++ value |= *p++ & 0x3f; |
96 |
++ if (value < 0x10000) |
97 |
++ return -4; |
98 |
++ ret = 4; |
99 |
++ } else if ((*p & 0xfc) == 0xf8) { |
100 |
++ if (len < 5) |
101 |
++ return -1; |
102 |
++ if (((p[1] & 0xc0) != 0x80) |
103 |
++ || ((p[2] & 0xc0) != 0x80) |
104 |
++ || ((p[3] & 0xc0) != 0x80) |
105 |
++ || ((p[4] & 0xc0) != 0x80)) |
106 |
++ return -3; |
107 |
++ value = ((unsigned long)(*p++ & 0x3)) << 24; |
108 |
++ value |= ((unsigned long)(*p++ & 0x3f)) << 18; |
109 |
++ value |= ((unsigned long)(*p++ & 0x3f)) << 12; |
110 |
++ value |= (*p++ & 0x3f) << 6; |
111 |
++ value |= *p++ & 0x3f; |
112 |
++ if (value < 0x200000) |
113 |
++ return -4; |
114 |
++ ret = 5; |
115 |
++ } else if ((*p & 0xfe) == 0xfc) { |
116 |
++ if (len < 6) |
117 |
++ return -1; |
118 |
++ if (((p[1] & 0xc0) != 0x80) |
119 |
++ || ((p[2] & 0xc0) != 0x80) |
120 |
++ || ((p[3] & 0xc0) != 0x80) |
121 |
++ || ((p[4] & 0xc0) != 0x80) |
122 |
++ || ((p[5] & 0xc0) != 0x80)) |
123 |
++ return -3; |
124 |
++ value = ((unsigned long)(*p++ & 0x1)) << 30; |
125 |
++ value |= ((unsigned long)(*p++ & 0x3f)) << 24; |
126 |
++ value |= ((unsigned long)(*p++ & 0x3f)) << 18; |
127 |
++ value |= ((unsigned long)(*p++ & 0x3f)) << 12; |
128 |
++ value |= (*p++ & 0x3f) << 6; |
129 |
++ value |= *p++ & 0x3f; |
130 |
++ if (value < 0x4000000) |
131 |
++ return -4; |
132 |
++ ret = 6; |
133 |
++ } else |
134 |
++ return -2; |
135 |
++ *val = value; |
136 |
++ return ret; |
137 |
++} |
138 |
++ |
139 |
++/* |
140 |
++ * This takes a character 'value' and writes the UTF8 encoded value in 'str' |
141 |
++ * where 'str' is a buffer containing 'len' characters. Returns the number of |
142 |
++ * characters written or -1 if 'len' is too small. 'str' can be set to NULL |
143 |
++ * in which case it just returns the number of characters. It will need at |
144 |
++ * most 6 characters. |
145 |
++ */ |
146 |
++ |
147 |
++int UTF8_putc(unsigned char *str, int len, unsigned long value) |
148 |
++{ |
149 |
++ if (!str) |
150 |
++ len = 6; /* Maximum we will need */ |
151 |
++ else if (len <= 0) |
152 |
++ return -1; |
153 |
++ if (value < 0x80) { |
154 |
++ if (str) |
155 |
++ *str = (unsigned char)value; |
156 |
++ return 1; |
157 |
++ } |
158 |
++ if (value < 0x800) { |
159 |
++ if (len < 2) |
160 |
++ return -1; |
161 |
++ if (str) { |
162 |
++ *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0); |
163 |
++ *str = (unsigned char)((value & 0x3f) | 0x80); |
164 |
++ } |
165 |
++ return 2; |
166 |
++ } |
167 |
++ if (value < 0x10000) { |
168 |
++ if (len < 3) |
169 |
++ return -1; |
170 |
++ if (str) { |
171 |
++ *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0); |
172 |
++ *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); |
173 |
++ *str = (unsigned char)((value & 0x3f) | 0x80); |
174 |
++ } |
175 |
++ return 3; |
176 |
++ } |
177 |
++ if (value < 0x200000) { |
178 |
++ if (len < 4) |
179 |
++ return -1; |
180 |
++ if (str) { |
181 |
++ *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0); |
182 |
++ *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); |
183 |
++ *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); |
184 |
++ *str = (unsigned char)((value & 0x3f) | 0x80); |
185 |
++ } |
186 |
++ return 4; |
187 |
++ } |
188 |
++ if (value < 0x4000000) { |
189 |
++ if (len < 5) |
190 |
++ return -1; |
191 |
++ if (str) { |
192 |
++ *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8); |
193 |
++ *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); |
194 |
++ *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); |
195 |
++ *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); |
196 |
++ *str = (unsigned char)((value & 0x3f) | 0x80); |
197 |
++ } |
198 |
++ return 5; |
199 |
++ } |
200 |
++ if (len < 6) |
201 |
++ return -1; |
202 |
++ if (str) { |
203 |
++ *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc); |
204 |
++ *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80); |
205 |
++ *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); |
206 |
++ *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); |
207 |
++ *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); |
208 |
++ *str = (unsigned char)((value & 0x3f) | 0x80); |
209 |
++ } |
210 |
++ return 6; |
211 |
++} |
212 |
+diff -urN openssh-7.5p1.orig/Makefile.in openssh-7.5p1/Makefile.in |
213 |
+--- openssh-7.5p1.orig/Makefile.in 2017-03-30 17:33:30.983830629 +0000 |
214 |
++++ openssh-7.5p1/Makefile.in 2017-03-30 17:39:28.392905858 +0000 |
215 |
+@@ -74,7 +74,7 @@ |
216 |
+ @OCSP_ON@OCSP_OBJS=ssh-ocsp.o |
217 |
+ @OCSP_OFF@OCSP_OBJS= |
218 |
+ |
219 |
+-SSHX509_OBJS=ssh-x509.o ssh-xkalg.o x509_nm_cmp.o key-eng.o |
220 |
++SSHX509_OBJS=ssh-x509.o ssh-xkalg.o x509_nm_cmp.o key-eng.o a_utf8.o |
221 |
+ X509STORE_OBJS=x509store.o $(LDAP_OBJS) |
222 |
+ |
223 |
+ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) |
224 |
|
225 |
diff --git a/net-misc/openssh/openssh-7.5_p1-r1.ebuild b/net-misc/openssh/openssh-7.5_p1-r1.ebuild |
226 |
index 4ce0ad47678..9652d9263d6 100644 |
227 |
--- a/net-misc/openssh/openssh-7.5_p1-r1.ebuild |
228 |
+++ b/net-misc/openssh/openssh-7.5_p1-r1.ebuild |
229 |
@@ -121,6 +121,7 @@ src_prepare() { |
230 |
fi |
231 |
save_version X509 |
232 |
epatch "${WORKDIR}"/${X509_PATCH%.*} |
233 |
+ use libressl && epatch "${FILESDIR}"/${PN}-7.5p1-x509-libressl.patch |
234 |
fi |
235 |
|
236 |
if use ldap ; then |