Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/musl:master commit in: net-misc/openssh/files/, net-misc/openssh/
Date: Wed, 25 Nov 2015 00:59:30
Message-Id: 1448413576.f2e20d1658c7955020ef48cfde79717ac5af4a97.blueness@gentoo
1 commit: f2e20d1658c7955020ef48cfde79717ac5af4a97
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Wed Nov 25 01:06:16 2015 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Wed Nov 25 01:06:16 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=f2e20d16
7
8 net-misc/openssh: in tree version works.
9
10 net-misc/openssh/Manifest | 18 --
11 .../openssh/files/openssh-4.7_p1-GSSAPI-dns.patch | 127 ---------
12 .../files/openssh-6.3_p1-x509-hpn14v2-glue.patch | 51 ----
13 .../openssh-6.7_p1-openssl-ignore-status.patch | 17 --
14 .../openssh-6.8_p1-ssl-engine-configure.patch | 33 ---
15 .../openssh-6.9_p1-remove-stackprotector.patch | 51 ----
16 net-misc/openssh/files/sshd.confd | 21 --
17 net-misc/openssh/files/sshd.pam_include.2 | 4 -
18 net-misc/openssh/files/sshd.rc6.4 | 87 ------
19 net-misc/openssh/files/sshd.service | 11 -
20 net-misc/openssh/files/sshd.socket | 10 -
21 net-misc/openssh/files/sshd_at.service | 8 -
22 net-misc/openssh/metadata.xml | 34 ---
23 net-misc/openssh/openssh-6.9_p1-r99.ebuild | 314 ---------------------
24 14 files changed, 786 deletions(-)
25
26 diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest
27 deleted file mode 100644
28 index 5d2f675..0000000
29 --- a/net-misc/openssh/Manifest
30 +++ /dev/null
31 @@ -1,18 +0,0 @@
32 -AUX openssh-4.7_p1-GSSAPI-dns.patch 4494 SHA256 88a08f349258d4be5b2faa838a89fe1aa0196502990b745ac0e3a70dda30a0d7 SHA512 4d00a9ed79f66b92502c3e5ee580523f63d7b3643fe1bd330ff97994acce527d4d285d38199cef66eddc0ef68afabf7b268abc60cba871bac5d2e99045d4ac11 WHIRLPOOL 2f118fd2f016c529dbc31e8f2b6b418931e6770ab02c28b7feeaba93e84e7fcd1c742f4420a43a9fec0bdfaa4d4bc7cf14fb860c0a56c68a30e7b136fb60bcdb
33 -AUX openssh-6.3_p1-x509-hpn14v2-glue.patch 1451 SHA256 d7179b3c16edd065977aaf56a410e2b9b237206fb619474f312972b430b73c8d SHA512 02577e3f718ff994bb4e962189f17048b4c03104d0a1981683f3c6a1d6d30701db368e132102c8396da2c0f5eb2f6602b26f32f74d19382af34bd9a93fc508f3 WHIRLPOOL b7d224d71634f380bd31b3a1dd3e588a29582255f717a6a308738ad58b485b693d827a53704479995ec2ebca53c9dc9b2113d8de52a1336b67ce83943f946b77
34 -AUX openssh-6.7_p1-openssl-ignore-status.patch 765 SHA256 b068cc30d4bce5c457cea78233396c9793864ec909f810dd0be87d913673433a SHA512 ab15d6dfdb8d59946684501f6f30ac0eb82676855b7b57f19f2027a7ada072f9062fcb96911111a50cfc3838492faddd282db381ec83d22462644ccddccf0ae7 WHIRLPOOL c0a4ff69d65eeb40c1ace8d5be6f8e59044a8f16dc6b37e87393e79ab80935abf30a9d2a6babc043aba0477f5f79412e1ae5d373daba580178fd85ca1f60e60b
35 -AUX openssh-6.8_p1-ssl-engine-configure.patch 936 SHA256 cb3f34ef031aa5360b082468b4afb8b7fd2c778c990c2f20fda250167725ff88 SHA512 4b7840f719ad58c1f196327a52534f0a21264ce47e8df4a335e9f58d9d5eae33dbb9a75a2a714c3bdae6bee04728e66020ed57eb521fc1164521c4c5aa4a9a93 WHIRLPOOL 662d6eedb091021d5da4cdbd6d623e3678e54fb75cb52d8afdc4ef9c31f98d95f8445c2fde834d622b0aabf8b9593244847da574201ed176c350747526a28fe5
36 -AUX openssh-6.9_p1-remove-stackprotector.patch 1574 SHA256 a8d96a7f273f8920a96c87ad258fd88d939ae51dd05893869f4b0ab4ffe7563b SHA512 4e720add3384031173ed86d147d062a2f3b6cb3f87bd9d47a0369d2634c1beaf791c613d1498031e9b476d47a1c8682bb0297fd2c97724a6a09a769c2182de0e WHIRLPOOL 1bd560bb1befcafea2fe3e60f9a20a9e214c38516cca763b99e188a5ffafba7590b7ee7f370688c4d50476505e9b8412349fe37f69d51263eb4461d016c53a23
37 -AUX sshd.confd 396 SHA256 29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 SHA512 b9ae816af54a55e134a9307e376f05367b815f1b3fd545c2a2c312d18aedcf907f413e8bad8db980cdd9aad4011a72a79e1e94594f69500939a9cb46287f2f81 WHIRLPOOL 69f43e6192e009a4663d130f7e40ee8b13c6eb9cc7d960b5e0e22f5d477649c88806a9d219efef211f4346582c2bb51e40d230a8191e5953dbe08bfff976ae53
38 -AUX sshd.pam_include.2 156 SHA256 166136e27d653e0bf481a6ca79fecb7d9fa2fc3d597d041f97df595f65a8193c SHA512 d3f7e6ca8c9f2b5060ebccb259316bb59c9a7e158e8ef9466765a20db263a4043a590811f1a3ab072b718dbd70898bc69b77e0b19603d7f394b5ac1bd0a4a56c WHIRLPOOL ba7a0a8c3bb39c5fda69de34b822a19696398e0a8789211ac1faae787ee34f9639eb35efe29c67f874b5f9fe674742503e570f441c005974f4a0c93468b8970b
39 -AUX sshd.rc6.4 2313 SHA256 97221a017d8ee9de996277c5a794d973a0b5e8180c29c97b3652bd1984a7b5d0 SHA512 88826bc9923299ac4c1502e7076483d6c197fd5a0e693bc2e1690f82bcd7d1bbd144aae2ffd92acb28d6fe912233aa93346e00c72917de65c22811ce9cd5bff7 WHIRLPOOL a77bad5891eb74770ae12e79131a99e5645a83841d14f1d60e39581a23b9d86e66b2e5fb7d0c989afac410eb5c6a627b83389d54085d1b78c89fc07852f8eb66
40 -AUX sshd.service 242 SHA256 1351c43fe8287f61255ace9fa20790f770d69296b4dd31b0c583983d4cc59843 SHA512 77f50c85a2c944995a39819916eb860cfdc1aff90986e93282e669a0de73c287ecb92d550fd118cfcc8ab538eab677e0d103b23cd959b7e8d9801bc37250c39c WHIRLPOOL 0f5c48d709274c526ceee4f26e35dcb00816ffa9d6661acc1e4e462acb38c3c6108b0e87783eff9da1b1868127c5550c57a5a0a9d7270b927ac4b92191876989
41 -AUX sshd.socket 136 SHA256 c055abcd10c5d372119cbc3708661ddffccdee7a1de1282559c54d03e2f109d9 SHA512 4d31d373b7bdae917dc0cf05418c71d4743e98e354aefcf055f88f55c9c644a5a0e0e605dbb8372c1b98d17c0ea1c8c0fee27d38ab8dbe23c7e420a6a78c6d42 WHIRLPOOL 102d87b708c31e5994e8005437c78b1aa756c6def4ee9ae2fa9be1438f328fc28c9152a4ff2528941be18f1311594490ecd98b66716ec74e970aa3725a98e2e5
42 -AUX sshd_at.service 176 SHA256 332f5ffc30456fe2494095c2aabd1e6e02075ce224e2d49708ac7ccf6d341998 SHA512 662a9c2668902633e6dbcb9435ac35bec3e224afdb2ab6a1df908618536ae9fc1958ba1d611e146c01fddb0c8f41eefdc26de78f45b7f165b1d6b2ee2f23be2a WHIRLPOOL aeb32351380dd674ef7a2e7b537f43116c189f7fddb8bdb8b2c109e9f62b0a73cc0f29f2d46270e658ab6409b8d3671ce9e0d0ba7c0d3674c2f85291a73e6df1
43 -DIST openssh-6.8_p1-sctp.patch.xz 7388 SHA256 2c74dd00aaae9f4de908d8e5685ae982779a5069996b98d55e8408eada739a19 SHA512 f93a1d27bc3e57a6d4fa717c9d5ece4f28196f8539cb2f2efc4285dce9a2e94a3f5a59d18fc01ea73a94e90630cee7621240455fce146f781cf7091a828f2db0 WHIRLPOOL 7fb3346c3444654988303ff2a941345c00412a8012d6d419c9e4f870ef4c3362f92a4020d7bff2dc5d1ff9e42cf7287c4346909f8db07154783d5359a73a7476
44 -DIST openssh-6.9p1+x509-8.4.diff.gz 425687 SHA256 0ed8bfff0d2ecd9f3791ae1f168ca3270bb66d7ab7bc0a8ff2d61d2ab829c3fb SHA512 596cb65408db06fb299b92160147685b001dc23929ecf5c4bd11a8b0475d79695c7b4dbe8a878d7fbcd944155935fd62a14e35c79204b39e413f5eaa961ef76c WHIRLPOOL 771fa0f4f6a20ed49ba201605fcdcbfc41a0f094ef4a89ca2433ee51b7c8bf99cc266f26bd7877c61ff92e9a50c7d65119ba75ba64eaa029bd567bab3ee243c2
45 -DIST openssh-6.9p1-r1-hpnssh14v5.tar.xz 21396 SHA256 84e9e28a1488ccf66e29a7c90442b3bc4833a6fa186260fb6853b5a1b19c0beb SHA512 476064dbdb3d82b86ad7c481a4a301ff0d46bd281fe7ca0c29f34ae50b0034028760997ae2c934a265499c154f4534d35ead647aa63d1a4545ed503a5364eada WHIRLPOOL 74eaf2fe0a6ecd0e2fa5078034628d4c76c75b121f3c813ff8a098ab28363daa3800d03936046aa3aebbfdab3afd31ef30a207399f5e305d7f71e5f3c7e4f4a7
46 -DIST openssh-6.9p1.tar.gz 1487617 SHA256 6e074df538f357d440be6cf93dc581a21f22d39e236f217fcd8eacbb6c896cfe SHA512 68fec9b4e512fe126a5d35b01e2cc656d810b75052ed8a36bc85cd0a05de7318b15ed287bc95cf9bcb3fa2f385029151d85aced55e07fbcc79e6c779bee6751d WHIRLPOOL 1dcb291383c9f934b512f61ce9f6e0319f22e112ce3f6eace2a868ca0f99c709c65bae14a9815e2ef237f8132fe72c583cffb7ea20bdfa2aaa77cf347967be7f
47 -DIST openssh-lpk-6.8p1-0.3.14.patch.xz 16940 SHA256 d5f048dc7e9d3fca085c152fc31306f1d8fa793e524c538295915b075ec085b0 SHA512 2470b6b46f8c7ac985f82d14b788a3eb81a468a1d5013cb7f89257d9dd78b6037e24bf54ac57b757db8ed1df24332d659cf918c11ea73592fd24a69c25a54081 WHIRLPOOL b041ee9e0efdf370686f11df4131ab5e5ffb2f11cc66c386a8223bf563c5b78ab9443f06e4adc2e506e440cdec9dc5b20f5972cd8d691d786d2f903bb49b947b
48 -EBUILD openssh-6.9_p1-r99.ebuild 9806 SHA256 2360ba25d6c04203dc83316981212858358412aba721a950a149fe90de06a3a7 SHA512 c3e3a9ead1e3b9d7416d942ea1b9a9ab908efca3d09ecf52ff5d2987e90ec4362c73597bc5b4dd42725559abc2a835f37b49ae96b8371120e1a70e6abf07e0a0 WHIRLPOOL 602cd12b21ed055fa5c83e08c903fa790a476302a69df9b23442e507e54fa627dea325e6c4fd0c244e8bc3c366f70302b1398d603d31dfbe87ebe87a6e5c1fdc
49 -MISC metadata.xml 1912 SHA256 7b838285f09ad395f237a0d0b9963eee86d0e85b58e6e5b4d5edb093fa888a0a SHA512 e55c10ffd12488720c3da19e55942cfedec63fe767fc1608439b5a3932eeb5488086ad7ef4e1f858c89381e737426f035845ea5e8bede4ed8a0ccabdc656d9b5 WHIRLPOOL 5c07b3dd4a4002cff5df62133ecf570bf79f58e9477d0ad25d60f185ee029183d11118147e3adfec373542659d921e99e787054cfe9284031c974d694de6e9ed
50
51 diff --git a/net-misc/openssh/files/openssh-4.7_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-4.7_p1-GSSAPI-dns.patch
52 deleted file mode 100644
53 index c81ae5c..0000000
54 --- a/net-misc/openssh/files/openssh-4.7_p1-GSSAPI-dns.patch
55 +++ /dev/null
56 @@ -1,127 +0,0 @@
57 -http://bugs.gentoo.org/165444
58 -https://bugzilla.mindrot.org/show_bug.cgi?id=1008
59 -
60 -Index: readconf.c
61 -===================================================================
62 -RCS file: /cvs/openssh/readconf.c,v
63 -retrieving revision 1.135
64 -diff -u -r1.135 readconf.c
65 ---- readconf.c 5 Aug 2006 02:39:40 -0000 1.135
66 -+++ readconf.c 19 Aug 2006 11:59:52 -0000
67 -@@ -126,6 +126,7 @@
68 - oClearAllForwardings, oNoHostAuthenticationForLocalhost,
69 - oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
70 - oAddressFamily, oGssAuthentication, oGssDelegateCreds,
71 -+ oGssTrustDns,
72 - oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
73 - oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
74 - oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
75 -@@ -163,9 +164,11 @@
76 - #if defined(GSSAPI)
77 - { "gssapiauthentication", oGssAuthentication },
78 - { "gssapidelegatecredentials", oGssDelegateCreds },
79 -+ { "gssapitrustdns", oGssTrustDns },
80 - #else
81 - { "gssapiauthentication", oUnsupported },
82 - { "gssapidelegatecredentials", oUnsupported },
83 -+ { "gssapitrustdns", oUnsupported },
84 - #endif
85 - { "fallbacktorsh", oDeprecated },
86 - { "usersh", oDeprecated },
87 -@@ -444,6 +447,10 @@
88 - intptr = &options->gss_deleg_creds;
89 - goto parse_flag;
90 -
91 -+ case oGssTrustDns:
92 -+ intptr = &options->gss_trust_dns;
93 -+ goto parse_flag;
94 -+
95 - case oBatchMode:
96 - intptr = &options->batch_mode;
97 - goto parse_flag;
98 -@@ -1010,6 +1017,7 @@
99 - options->challenge_response_authentication = -1;
100 - options->gss_authentication = -1;
101 - options->gss_deleg_creds = -1;
102 -+ options->gss_trust_dns = -1;
103 - options->password_authentication = -1;
104 - options->kbd_interactive_authentication = -1;
105 - options->kbd_interactive_devices = NULL;
106 -@@ -1100,6 +1108,8 @@
107 - options->gss_authentication = 0;
108 - if (options->gss_deleg_creds == -1)
109 - options->gss_deleg_creds = 0;
110 -+ if (options->gss_trust_dns == -1)
111 -+ options->gss_trust_dns = 0;
112 - if (options->password_authentication == -1)
113 - options->password_authentication = 1;
114 - if (options->kbd_interactive_authentication == -1)
115 -Index: readconf.h
116 -===================================================================
117 -RCS file: /cvs/openssh/readconf.h,v
118 -retrieving revision 1.63
119 -diff -u -r1.63 readconf.h
120 ---- readconf.h 5 Aug 2006 02:39:40 -0000 1.63
121 -+++ readconf.h 19 Aug 2006 11:59:52 -0000
122 -@@ -45,6 +45,7 @@
123 - /* Try S/Key or TIS, authentication. */
124 - int gss_authentication; /* Try GSS authentication */
125 - int gss_deleg_creds; /* Delegate GSS credentials */
126 -+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
127 - int password_authentication; /* Try password
128 - * authentication. */
129 - int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
130 -Index: ssh_config.5
131 -===================================================================
132 -RCS file: /cvs/openssh/ssh_config.5,v
133 -retrieving revision 1.97
134 -diff -u -r1.97 ssh_config.5
135 ---- ssh_config.5 5 Aug 2006 01:34:51 -0000 1.97
136 -+++ ssh_config.5 19 Aug 2006 11:59:53 -0000
137 -@@ -483,7 +483,16 @@
138 - Forward (delegate) credentials to the server.
139 - The default is
140 - .Dq no .
141 --Note that this option applies to protocol version 2 only.
142 -+Note that this option applies to protocol version 2 connections using GSSAPI.
143 -+.It Cm GSSAPITrustDns
144 -+Set to
145 -+.Dq yes to indicate that the DNS is trusted to securely canonicalize
146 -+the name of the host being connected to. If
147 -+.Dq no, the hostname entered on the
148 -+command line will be passed untouched to the GSSAPI library.
149 -+The default is
150 -+.Dq no .
151 -+This option only applies to protocol version 2 connections using GSSAPI.
152 - .It Cm HashKnownHosts
153 - Indicates that
154 - .Xr ssh 1
155 -Index: sshconnect2.c
156 -===================================================================
157 -RCS file: /cvs/openssh/sshconnect2.c,v
158 -retrieving revision 1.151
159 -diff -u -r1.151 sshconnect2.c
160 ---- sshconnect2.c 18 Aug 2006 14:33:34 -0000 1.151
161 -+++ sshconnect2.c 19 Aug 2006 11:59:53 -0000
162 -@@ -499,6 +499,12 @@
163 - static u_int mech = 0;
164 - OM_uint32 min;
165 - int ok = 0;
166 -+ const char *gss_host;
167 -+
168 -+ if (options.gss_trust_dns)
169 -+ gss_host = get_canonical_hostname(1);
170 -+ else
171 -+ gss_host = authctxt->host;
172 -
173 - /* Try one GSSAPI method at a time, rather than sending them all at
174 - * once. */
175 -@@ -511,7 +517,7 @@
176 - /* My DER encoding requires length<128 */
177 - if (gss_supported->elements[mech].length < 128 &&
178 - ssh_gssapi_check_mechanism(&gssctxt,
179 -- &gss_supported->elements[mech], authctxt->host)) {
180 -+ &gss_supported->elements[mech], gss_host)) {
181 - ok = 1; /* Mechanism works */
182 - } else {
183 - mech++;
184
185 diff --git a/net-misc/openssh/files/openssh-6.3_p1-x509-hpn14v2-glue.patch b/net-misc/openssh/files/openssh-6.3_p1-x509-hpn14v2-glue.patch
186 deleted file mode 100644
187 index c3647d5..0000000
188 --- a/net-misc/openssh/files/openssh-6.3_p1-x509-hpn14v2-glue.patch
189 +++ /dev/null
190 @@ -1,51 +0,0 @@
191 ---- openssh-6.3p1/Makefile.in
192 -+++ openssh-6.3p1/Makefile.in
193 -@@ -45,7 +45,7 @@
194 - CC=@CC@
195 - LD=@LD@
196 - CFLAGS=@CFLAGS@
197 --CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
198 -+CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
199 - LIBS=@LIBS@
200 - K5LIBS=@K5LIBS@
201 - GSSLIBS=@GSSLIBS@
202 -@@ -53,6 +53,7 @@
203 - SSHDLIBS=@SSHDLIBS@
204 - LIBEDIT=@LIBEDIT@
205 - LIBLDAP=@LDAP_LDFLAGS@ @LDAP_LIBS@
206 -+CPPFLAGS+=@LDAP_CPPFLAGS@
207 - AR=@AR@
208 - AWK=@AWK@
209 - RANLIB=@RANLIB@
210 ---- openssh-6.3p1/sshconnect.c
211 -+++ openssh-6.3p1/sshconnect.c
212 -@@ -465,7 +465,7 @@
213 - {
214 - /* Send our own protocol version identification. */
215 - if (compat20) {
216 -- xasprintf(&client_version_string, "SSH-%d.%d-%.100s PKIX\r\n",
217 -+ xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
218 - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
219 - } else {
220 - xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
221 ---- openssh-6.3p1/sshd.c
222 -+++ openssh-6.3p1/sshd.c
223 -@@ -472,8 +472,8 @@
224 - comment = "";
225 - }
226 -
227 -- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s%s",
228 -- major, minor, SSH_VERSION, comment,
229 -+ xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
230 -+ major, minor, SSH_VERSION,
231 - *options.version_addendum == '\0' ? "" : " ",
232 - options.version_addendum, newline);
233 -
234 ---- openssh-6.3p1/version.h
235 -+++ openssh-6.3p1/version.h
236 -@@ -3,4 +3,5 @@
237 - #define SSH_VERSION "OpenSSH_6.3"
238 -
239 - #define SSH_PORTABLE "p1"
240 -+#define SSH_X509 " PKIX"
241 - #define SSH_RELEASE SSH_VERSION SSH_PORTABLE
242
243 diff --git a/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch b/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch
244 deleted file mode 100644
245 index fa33af3..0000000
246 --- a/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch
247 +++ /dev/null
248 @@ -1,17 +0,0 @@
249 -the last nibble of the openssl version represents the status. that is,
250 -whether it is a beta or release. when it comes to version checks in
251 -openssh, this component does not matter, so ignore it.
252 -
253 -https://bugzilla.mindrot.org/show_bug.cgi?id=2212
254 -
255 ---- a/openbsd-compat/openssl-compat.c
256 -+++ b/openbsd-compat/openssl-compat.c
257 -@@ -58,7 +58,7 @@ ssh_compatible_openssl(long headerver, long libver)
258 - * For versions >= 1.0.0, major,minor,status must match and library
259 - * fix version must be equal to or newer than the header.
260 - */
261 -- mask = 0xfff0000fL; /* major,minor,status */
262 -+ mask = 0xfff00000L; /* major,minor,status */
263 - hfix = (headerver & 0x000ff000) >> 12;
264 - lfix = (libver & 0x000ff000) >> 12;
265 - if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
266
267 diff --git a/net-misc/openssh/files/openssh-6.8_p1-ssl-engine-configure.patch b/net-misc/openssh/files/openssh-6.8_p1-ssl-engine-configure.patch
268 deleted file mode 100644
269 index a355e2c..0000000
270 --- a/net-misc/openssh/files/openssh-6.8_p1-ssl-engine-configure.patch
271 +++ /dev/null
272 @@ -1,33 +0,0 @@
273 -https://github.com/openssh/openssh-portable/pull/29
274 -
275 -From 003ed46d1bd94bac29c53b26ae70f6321ea11c80 Mon Sep 17 00:00:00 2001
276 -From: Mike Frysinger <vapier@g.o>
277 -Date: Wed, 18 Mar 2015 12:37:24 -0400
278 -Subject: [PATCH] do not abort when --without-ssl-engine --without-openssl is
279 - set
280 -
281 ----
282 - configure.ac | 6 +++---
283 - 1 file changed, 3 insertions(+), 3 deletions(-)
284 -
285 -diff --git a/configure.ac b/configure.ac
286 -index b4d6598..7806d20 100644
287 ---- a/configure.ac
288 -+++ b/configure.ac
289 -@@ -2276,10 +2276,10 @@ openssl_engine=no
290 - AC_ARG_WITH([ssl-engine],
291 - [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
292 - [
293 -- if test "x$openssl" = "xno" ; then
294 -- AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
295 -- fi
296 - if test "x$withval" != "xno" ; then
297 -+ if test "x$openssl" = "xno" ; then
298 -+ AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
299 -+ fi
300 - openssl_engine=yes
301 - fi
302 - ]
303 ---
304 -2.3.2
305 -
306
307 diff --git a/net-misc/openssh/files/openssh-6.9_p1-remove-stackprotector.patch b/net-misc/openssh/files/openssh-6.9_p1-remove-stackprotector.patch
308 deleted file mode 100644
309 index 98e867f..0000000
310 --- a/net-misc/openssh/files/openssh-6.9_p1-remove-stackprotector.patch
311 +++ /dev/null
312 @@ -1,51 +0,0 @@
313 -diff -Naur openssh-6.9p1.orig/configure.ac openssh-6.9p1/configure.ac
314 ---- openssh-6.9p1.orig/configure.ac 2015-06-30 22:35:31.000000000 -0400
315 -+++ openssh-6.9p1/configure.ac 2015-09-04 02:29:02.746836099 -0400
316 -@@ -234,47 +234,6 @@
317 - CFLAGS="$saved_CFLAGS" ]
318 - )
319 -
320 -- # -fstack-protector-all doesn't always work for some GCC versions
321 -- # and/or platforms, so we test if we can. If it's not supported
322 -- # on a given platform gcc will emit a warning so we use -Werror.
323 -- if test "x$use_stack_protector" = "x1"; then
324 -- for t in -fstack-protector-strong -fstack-protector-all \
325 -- -fstack-protector; do
326 -- AC_MSG_CHECKING([if $CC supports $t])
327 -- saved_CFLAGS="$CFLAGS"
328 -- saved_LDFLAGS="$LDFLAGS"
329 -- CFLAGS="$CFLAGS $t -Werror"
330 -- LDFLAGS="$LDFLAGS $t -Werror"
331 -- AC_LINK_IFELSE(
332 -- [AC_LANG_PROGRAM([[ #include <stdio.h> ]],
333 -- [[
334 -- char x[256];
335 -- snprintf(x, sizeof(x), "XXX");
336 -- ]])],
337 -- [ AC_MSG_RESULT([yes])
338 -- CFLAGS="$saved_CFLAGS $t"
339 -- LDFLAGS="$saved_LDFLAGS $t"
340 -- AC_MSG_CHECKING([if $t works])
341 -- AC_RUN_IFELSE(
342 -- [AC_LANG_PROGRAM([[ #include <stdio.h> ]],
343 -- [[
344 -- char x[256];
345 -- snprintf(x, sizeof(x), "XXX");
346 -- ]])],
347 -- [ AC_MSG_RESULT([yes])
348 -- break ],
349 -- [ AC_MSG_RESULT([no]) ],
350 -- [ AC_MSG_WARN([cross compiling: cannot test])
351 -- break ]
352 -- )
353 -- ],
354 -- [ AC_MSG_RESULT([no]) ]
355 -- )
356 -- CFLAGS="$saved_CFLAGS"
357 -- LDFLAGS="$saved_LDFLAGS"
358 -- done
359 -- fi
360 --
361 - if test -z "$have_llong_max"; then
362 - # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
363 - unset ac_cv_have_decl_LLONG_MAX
364
365 diff --git a/net-misc/openssh/files/sshd.confd b/net-misc/openssh/files/sshd.confd
366 deleted file mode 100644
367 index 28952b4..0000000
368 --- a/net-misc/openssh/files/sshd.confd
369 +++ /dev/null
370 @@ -1,21 +0,0 @@
371 -# /etc/conf.d/sshd: config file for /etc/init.d/sshd
372 -
373 -# Where is your sshd_config file stored?
374 -
375 -SSHD_CONFDIR="/etc/ssh"
376 -
377 -
378 -# Any random options you want to pass to sshd.
379 -# See the sshd(8) manpage for more info.
380 -
381 -SSHD_OPTS=""
382 -
383 -
384 -# Pid file to use (needs to be absolute path).
385 -
386 -#SSHD_PIDFILE="/var/run/sshd.pid"
387 -
388 -
389 -# Path to the sshd binary (needs to be absolute path).
390 -
391 -#SSHD_BINARY="/usr/sbin/sshd"
392
393 diff --git a/net-misc/openssh/files/sshd.pam_include.2 b/net-misc/openssh/files/sshd.pam_include.2
394 deleted file mode 100644
395 index b801aaa..0000000
396 --- a/net-misc/openssh/files/sshd.pam_include.2
397 +++ /dev/null
398 @@ -1,4 +0,0 @@
399 -auth include system-remote-login
400 -account include system-remote-login
401 -password include system-remote-login
402 -session include system-remote-login
403
404 diff --git a/net-misc/openssh/files/sshd.rc6.4 b/net-misc/openssh/files/sshd.rc6.4
405 deleted file mode 100755
406 index 1b872bc..0000000
407 --- a/net-misc/openssh/files/sshd.rc6.4
408 +++ /dev/null
409 @@ -1,87 +0,0 @@
410 -#!/sbin/runscript
411 -# Copyright 1999-2013 Gentoo Foundation
412 -# Distributed under the terms of the GNU General Public License v2
413 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.4,v 1.3 2013/04/24 03:13:03 vapier Exp $
414 -
415 -extra_commands="checkconfig"
416 -extra_started_commands="reload"
417 -
418 -SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh}
419 -SSHD_CONFIG=${SSHD_CONFIG:-${SSHD_CONFDIR}/sshd_config}
420 -SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid}
421 -SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd}
422 -
423 -depend() {
424 - use logger dns
425 - if [ "${rc_need+set}" = "set" ]; then
426 - : # Do nothing, the user has explicitly set rc_need
427 - else
428 - warn_addr=''
429 - for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
430 - case "$x" in
431 - 0.0.0.0|0.0.0.0:*) ;;
432 - ::|\[::\]*) ;;
433 - *) warn_addr="${warn_addr} $x" ;;
434 - esac
435 - done
436 - unset x
437 - if [ "${warn_addr:+set}" = "set" ]; then
438 - need net
439 - ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
440 - ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd"
441 - ewarn "where FOO is the interface(s) providing the following address(es):"
442 - ewarn "${warn_addr}"
443 - fi
444 - unset warn_addr
445 - fi
446 -}
447 -
448 -checkconfig() {
449 - if [ ! -d /var/empty ] ; then
450 - mkdir -p /var/empty || return 1
451 - fi
452 -
453 - if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then
454 - eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd"
455 - eerror "There is a sample file in /usr/share/doc/openssh"
456 - return 1
457 - fi
458 -
459 - ssh-keygen -A || return 1
460 -
461 - [ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \
462 - && SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
463 - [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \
464 - && SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFDIR}/sshd_config"
465 -
466 - "${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
467 -}
468 -
469 -start() {
470 - checkconfig || return 1
471 -
472 - ebegin "Starting ${SVCNAME}"
473 - start-stop-daemon --start --exec "${SSHD_BINARY}" \
474 - --pidfile "${SSHD_PIDFILE}" \
475 - -- ${SSHD_OPTS}
476 - eend $?
477 -}
478 -
479 -stop() {
480 - if [ "${RC_CMD}" = "restart" ] ; then
481 - checkconfig || return 1
482 - fi
483 -
484 - ebegin "Stopping ${SVCNAME}"
485 - start-stop-daemon --stop --exec "${SSHD_BINARY}" \
486 - --pidfile "${SSHD_PIDFILE}" --quiet
487 - eend $?
488 -}
489 -
490 -reload() {
491 - checkconfig || return 1
492 - ebegin "Reloading ${SVCNAME}"
493 - start-stop-daemon --signal HUP \
494 - --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"
495 - eend $?
496 -}
497
498 diff --git a/net-misc/openssh/files/sshd.service b/net-misc/openssh/files/sshd.service
499 deleted file mode 100644
500 index b5e96b3..0000000
501 --- a/net-misc/openssh/files/sshd.service
502 +++ /dev/null
503 @@ -1,11 +0,0 @@
504 -[Unit]
505 -Description=OpenSSH server daemon
506 -After=syslog.target network.target auditd.service
507 -
508 -[Service]
509 -ExecStartPre=/usr/bin/ssh-keygen -A
510 -ExecStart=/usr/sbin/sshd -D -e
511 -ExecReload=/bin/kill -HUP $MAINPID
512 -
513 -[Install]
514 -WantedBy=multi-user.target
515
516 diff --git a/net-misc/openssh/files/sshd.socket b/net-misc/openssh/files/sshd.socket
517 deleted file mode 100644
518 index 94b9533..0000000
519 --- a/net-misc/openssh/files/sshd.socket
520 +++ /dev/null
521 @@ -1,10 +0,0 @@
522 -[Unit]
523 -Description=OpenSSH Server Socket
524 -Conflicts=sshd.service
525 -
526 -[Socket]
527 -ListenStream=22
528 -Accept=yes
529 -
530 -[Install]
531 -WantedBy=sockets.target
532
533 diff --git a/net-misc/openssh/files/sshd_at.service b/net-misc/openssh/files/sshd_at.service
534 deleted file mode 100644
535 index 2645ad0..0000000
536 --- a/net-misc/openssh/files/sshd_at.service
537 +++ /dev/null
538 @@ -1,8 +0,0 @@
539 -[Unit]
540 -Description=OpenSSH per-connection server daemon
541 -After=syslog.target auditd.service
542 -
543 -[Service]
544 -ExecStart=-/usr/sbin/sshd -i -e
545 -StandardInput=socket
546 -StandardError=syslog
547
548 diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml
549 deleted file mode 100644
550 index 885648b..0000000
551 --- a/net-misc/openssh/metadata.xml
552 +++ /dev/null
553 @@ -1,34 +0,0 @@
554 -<?xml version="1.0" encoding="UTF-8"?>
555 -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
556 -<pkgmetadata>
557 - <herd>base-system</herd>
558 - <maintainer restrict="net-misc/openssh[ldap]">
559 - <email>robbat2@g.o</email>
560 - <description>LPK issues. Only assign if it's a direct LPK issue. Do not directly assign for anything else.</description>
561 - </maintainer>
562 - <longdescription>
563 -OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that
564 -increasing numbers of people on the Internet are coming to rely on. Many users of telnet,
565 -rlogin, ftp, and other such programs might not realize that their password is transmitted
566 -across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords)
567 -to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
568 -Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety
569 -of authentication methods.
570 -
571 -The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which
572 -replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of
573 -the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan,
574 -ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0.
575 -</longdescription>
576 - <use>
577 - <flag name="bindist">Disable EC/RC5 algorithms in OpenSSL for patent reasons.</flag>
578 - <flag name="hpn">Enable high performance ssh</flag>
579 - <flag name="ldap">Add support for storing SSH public keys in LDAP</flag>
580 - <flag name="ldns">Use LDNS for DNSSEC/SSHFP validation.</flag>
581 - <flag name="sctp">Support for Stream Control Transmission Protocol</flag>
582 - <flag name="X509">Adds support for X.509 certificate authentication</flag>
583 - </use>
584 - <upstream>
585 - <remote-id type="cpe">cpe:/a:openssh:openssh</remote-id>
586 - </upstream>
587 -</pkgmetadata>
588
589 diff --git a/net-misc/openssh/openssh-6.9_p1-r99.ebuild b/net-misc/openssh/openssh-6.9_p1-r99.ebuild
590 deleted file mode 100644
591 index 0ab549d..0000000
592 --- a/net-misc/openssh/openssh-6.9_p1-r99.ebuild
593 +++ /dev/null
594 @@ -1,314 +0,0 @@
595 -# Copyright 1999-2015 Gentoo Foundation
596 -# Distributed under the terms of the GNU General Public License v2
597 -# $Id$
598 -
599 -EAPI="4"
600 -inherit eutils user flag-o-matic multilib autotools pam systemd versionator
601 -
602 -# Make it more portable between straight releases
603 -# and _p? releases.
604 -PARCH=${P/_}
605 -
606 -HPN_PATCH="${PN}-6.9p1-r1-hpnssh14v5.tar.xz"
607 -LDAP_PATCH="${PN}-lpk-6.8p1-0.3.14.patch.xz"
608 -X509_VER="8.4" X509_PATCH="${PN}-6.9p1+x509-${X509_VER}.diff.gz"
609 -
610 -DESCRIPTION="Port of OpenBSD's free SSH release"
611 -HOMEPAGE="http://www.openssh.org/"
612 -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
613 - mirror://gentoo/${PN}-6.8_p1-sctp.patch.xz
614 - ${HPN_PATCH:+hpn? (
615 - mirror://gentoo/${HPN_PATCH}
616 - https://dev.gentoo.org/~polynomial-c/${HPN_PATCH}
617 - mirror://sourceforge/hpnssh/${HPN_PATCH}
618 - )}
619 - ${LDAP_PATCH:+ldap? ( mirror://gentoo/${LDAP_PATCH} )}
620 - ${X509_PATCH:+X509? ( http://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )}
621 - "
622 -
623 -LICENSE="BSD GPL-2"
624 -SLOT="0"
625 -KEYWORDS="ppc"
626 -# Probably want to drop ssl defaulting to on in a future version.
627 -IUSE="bindist debug ${HPN_PATCH:++}hpn kerberos kernel_linux ldap ldns libedit pam +pie sctp selinux skey ssh1 +ssl static X X509"
628 -REQUIRED_USE="ldns? ( ssl )
629 - pie? ( !static )
630 - ssh1? ( ssl )
631 - static? ( !kerberos !pam )
632 - X509? ( !ldap ssl )"
633 -
634 -LIB_DEPEND="
635 - ldns? (
636 - net-libs/ldns[static-libs(+)]
637 - !bindist? ( net-libs/ldns[ecdsa,ssl] )
638 - bindist? ( net-libs/ldns[-ecdsa,ssl] )
639 - )
640 - libedit? ( dev-libs/libedit[static-libs(+)] )
641 - sctp? ( net-misc/lksctp-tools[static-libs(+)] )
642 - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] )
643 - skey? ( >=sys-auth/skey-1.1.5-r1[static-libs(+)] )
644 - ssl? (
645 - >=dev-libs/openssl-0.9.6d:0[bindist=]
646 - dev-libs/openssl[static-libs(+)]
647 - )
648 - >=sys-libs/zlib-1.2.3[static-libs(+)]"
649 -RDEPEND="
650 - !static? ( ${LIB_DEPEND//\[static-libs(+)]} )
651 - pam? ( virtual/pam )
652 - kerberos? ( virtual/krb5 )
653 - ldap? ( net-nds/openldap )"
654 -DEPEND="${RDEPEND}
655 - static? ( ${LIB_DEPEND} )
656 - virtual/pkgconfig
657 - virtual/os-headers
658 - sys-devel/autoconf"
659 -RDEPEND="${RDEPEND}
660 - pam? ( >=sys-auth/pambase-20081028 )
661 - userland_GNU? ( virtual/shadow )
662 - X? ( x11-apps/xauth )"
663 -
664 -S=${WORKDIR}/${PARCH}
665 -
666 -pkg_setup() {
667 - # this sucks, but i'd rather have people unable to `emerge -u openssh`
668 - # than not be able to log in to their server any more
669 - maybe_fail() { [[ -z ${!2} ]] && echo "$1" ; }
670 - local fail="
671 - $(use X509 && maybe_fail X509 X509_PATCH)
672 - $(use ldap && maybe_fail ldap LDAP_PATCH)
673 - $(use hpn && maybe_fail hpn HPN_PATCH)
674 - "
675 - fail=$(echo ${fail})
676 - if [[ -n ${fail} ]] ; then
677 - eerror "Sorry, but this version does not yet support features"
678 - eerror "that you requested: ${fail}"
679 - eerror "Please mask ${PF} for now and check back later:"
680 - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask"
681 - die "booooo"
682 - fi
683 -
684 - # Make sure people who are using tcp wrappers are notified of its removal. #531156
685 - if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then
686 - ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like"
687 - ewarn "you're trying to use it. Update your ${EROOT}etc/hosts.{allow,deny} please."
688 - fi
689 -}
690 -
691 -save_version() {
692 - # version.h patch conflict avoidence
693 - mv version.h version.h.$1
694 - cp -f version.h.pristine version.h
695 -}
696 -
697 -src_prepare() {
698 - sed -i \
699 - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \
700 - pathnames.h || die
701 - # keep this as we need it to avoid the conflict between LPK and HPN changing
702 - # this file.
703 - cp version.h version.h.pristine
704 -
705 - # don't break .ssh/authorized_keys2 for fun
706 - sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die
707 -
708 - if use X509 ; then
709 - pushd .. >/dev/null
710 - #epatch "${WORKDIR}"/${PN}-6.8_p1-x509-${X509_VER}-glue.patch
711 - epatch "${FILESDIR}"/${PN}-6.8_p1-sctp-x509-glue.patch
712 - popd >/dev/null
713 - epatch "${WORKDIR}"/${X509_PATCH%.*}
714 - epatch "${FILESDIR}"/${PN}-6.3_p1-x509-hpn14v2-glue.patch
715 - epatch "${FILESDIR}"/${PN}-6.9_p1-x509-warnings.patch
716 - save_version X509
717 - fi
718 - if use ldap ; then
719 - epatch "${WORKDIR}"/${LDAP_PATCH%.*}
720 - save_version LPK
721 - fi
722 - epatch "${FILESDIR}"/${PN}-4.7_p1-GSSAPI-dns.patch #165444 integrated into gsskex
723 - epatch "${FILESDIR}"/${PN}-6.7_p1-openssl-ignore-status.patch
724 - # The X509 patchset fixes this independently.
725 - use X509 || epatch "${FILESDIR}"/${PN}-6.8_p1-ssl-engine-configure.patch
726 - epatch "${WORKDIR}"/${PN}-6.8_p1-sctp.patch
727 - if use hpn ; then
728 - EPATCH_FORCE="yes" EPATCH_SUFFIX="patch" \
729 - EPATCH_MULTI_MSG="Applying HPN patchset ..." \
730 - epatch "${WORKDIR}"/${HPN_PATCH%.*.*}
731 - save_version HPN
732 - fi
733 -
734 - tc-export PKG_CONFIG
735 - local sed_args=(
736 - -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):"
737 - # Disable PATH reset, trust what portage gives us #254615
738 - -e 's:^PATH=/:#PATH=/:'
739 - # Disable fortify flags ... our gcc does this for us
740 - -e 's:-D_FORTIFY_SOURCE=2::'
741 - )
742 - # The -ftrapv flag ICEs on hppa #505182
743 - use hppa && sed_args+=(
744 - -e '/CFLAGS/s:-ftrapv:-fdisable-this-test:'
745 - -e '/OSSH_CHECK_CFLAG_LINK.*-ftrapv/d'
746 - )
747 - sed -i "${sed_args[@]}" configure{.ac,} || die
748 -
749 - # ppc musl lacks __stack_chk_fail_local()
750 - epatch "${FILESDIR}"/${P}-remove-stackprotector.patch
751 -
752 - epatch_user #473004
753 -
754 - # Now we can build a sane merged version.h
755 - (
756 - sed '/^#define SSH_RELEASE/d' version.h.* | sort -u
757 - macros=()
758 - for p in HPN LPK X509 ; do [ -e version.h.${p} ] && macros+=( SSH_${p} ) ; done
759 - printf '#define SSH_RELEASE SSH_VERSION SSH_PORTABLE %s\n' "${macros}"
760 - ) > version.h
761 -
762 - eautoreconf
763 -}
764 -
765 -src_configure() {
766 - addwrite /dev/ptmx
767 - addpredict /etc/skey/skeykeys # skey configure code triggers this
768 -
769 - use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG
770 - use static && append-ldflags -static
771 -
772 - local myconf=(
773 - --with-ldflags="${LDFLAGS}"
774 - --disable-strip
775 - --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run
776 - --sysconfdir="${EPREFIX}"/etc/ssh
777 - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc
778 - --datadir="${EPREFIX}"/usr/share/openssh
779 - --with-privsep-path="${EPREFIX}"/var/empty
780 - --with-privsep-user=sshd
781 - $(use_with kerberos kerberos5 "${EPREFIX}"/usr)
782 - # We apply the ldap patch conditionally, so can't pass --without-ldap
783 - # unconditionally else we get unknown flag warnings.
784 - $(use ldap && use_with ldap)
785 - $(use_with ldns)
786 - $(use_with libedit)
787 - $(use_with pam)
788 - $(use_with pie)
789 - $(use_with sctp)
790 - $(use_with selinux)
791 - $(use_with skey)
792 - $(use_with ssh1)
793 - # The X509 patch deletes this option entirely.
794 - $(use X509 || use_with ssl openssl)
795 - $(use_with ssl md5-passwords)
796 - $(use_with ssl ssl-engine)
797 - )
798 -
799 - # The seccomp sandbox is broken on x32, so use the older method for now. #553748
800 - use amd64 && [[ ${ABI} == "x32" ]] && myconf+=( --with-sandbox=rlimit )
801 -
802 - # Special settings for Gentoo/FreeBSD 9.0 or later (see bug #391011)
803 - if use elibc_FreeBSD && version_is_at_least 9.0 "$(uname -r|sed 's/\(.\..\).*/\1/')" ; then
804 - myconf+=( --disable-utmp --disable-wtmp --disable-wtmpx )
805 - append-ldflags -lutil
806 - fi
807 -
808 - econf "${myconf[@]}"
809 -}
810 -
811 -src_install() {
812 - emake install-nokeys DESTDIR="${D}"
813 - fperms 600 /etc/ssh/sshd_config
814 - dobin contrib/ssh-copy-id
815 - newinitd "${FILESDIR}"/sshd.rc6.4 sshd
816 - newconfd "${FILESDIR}"/sshd.confd sshd
817 - keepdir /var/empty
818 -
819 - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd
820 - if use pam ; then
821 - sed -i \
822 - -e "/^#UsePAM /s:.*:UsePAM yes:" \
823 - -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \
824 - -e "/^#PrintMotd /s:.*:PrintMotd no:" \
825 - -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \
826 - "${ED}"/etc/ssh/sshd_config || die
827 - fi
828 -
829 - # Gentoo tweaks to default config files
830 - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config
831 -
832 - # Allow client to pass locale environment variables #367017
833 - AcceptEnv LANG LC_*
834 - EOF
835 - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config
836 -
837 - # Send locale environment variables #367017
838 - SendEnv LANG LC_*
839 - EOF
840 -
841 - if ! use X509 && [[ -n ${LDAP_PATCH} ]] && use ldap ; then
842 - insinto /etc/openldap/schema/
843 - newins openssh-lpk_openldap.schema openssh-lpk.schema
844 - fi
845 -
846 - doman contrib/ssh-copy-id.1
847 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
848 -
849 - diropts -m 0700
850 - dodir /etc/skel/.ssh
851 -
852 - systemd_dounit "${FILESDIR}"/sshd.{service,socket}
853 - systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service'
854 -}
855 -
856 -src_test() {
857 - local t tests skipped failed passed shell
858 - tests="interop-tests compat-tests"
859 - skipped=""
860 - shell=$(egetshell ${UID})
861 - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then
862 - elog "Running the full OpenSSH testsuite"
863 - elog "requires a usable shell for the 'portage'"
864 - elog "user, so we will run a subset only."
865 - skipped="${skipped} tests"
866 - else
867 - tests="${tests} tests"
868 - fi
869 - # It will also attempt to write to the homedir .ssh
870 - local sshhome=${T}/homedir
871 - mkdir -p "${sshhome}"/.ssh
872 - for t in ${tests} ; do
873 - # Some tests read from stdin ...
874 - HOMEDIR="${sshhome}" \
875 - emake -k -j1 ${t} </dev/null \
876 - && passed="${passed}${t} " \
877 - || failed="${failed}${t} "
878 - done
879 - einfo "Passed tests: ${passed}"
880 - ewarn "Skipped tests: ${skipped}"
881 - if [[ -n ${failed} ]] ; then
882 - ewarn "Failed tests: ${failed}"
883 - die "Some tests failed: ${failed}"
884 - else
885 - einfo "Failed tests: ${failed}"
886 - return 0
887 - fi
888 -}
889 -
890 -pkg_preinst() {
891 - enewgroup sshd 22
892 - enewuser sshd 22 -1 /var/empty sshd
893 -}
894 -
895 -pkg_postinst() {
896 - if has_version "<${CATEGORY}/${PN}-5.8_p1" ; then
897 - elog "Starting with openssh-5.8p1, the server will default to a newer key"
898 - elog "algorithm (ECDSA). You are encouraged to manually update your stored"
899 - elog "keys list as servers update theirs. See ssh-keyscan(1) for more info."
900 - fi
901 - if has_version "<${CATEGORY}/${PN}-6.9_p1" ; then
902 - elog "Starting with openssh-6.9p1, ssh1 support is disabled by default."
903 - fi
904 - ewarn "Remember to merge your config files in /etc/ssh/ and then"
905 - ewarn "reload sshd: '/etc/init.d/sshd reload'."
906 - elog "Note: openssh-6.7 versions no longer support USE=tcpd as upstream has"
907 - elog " dropped it. Make sure to update any configs that you might have."
908 -}
Report Message
Find on MARC Find on Google Groups