net-misc/openssh: rebase patches

Signed-off-by: David Seifert <soap@gentoo.org>
author: David Seifert <soap@gentoo.org> 2023-05-12 13:00:35 +0200
committer: David Seifert <soap@gentoo.org> 2023-05-12 13:00:35 +0200
commit: ccfc91d36287732d0e7534c2f5e99000616fbb11 (patch)
tree: 48bb08ed49237d6b1b90beff87d4b57607047be7 /net-misc
parent: media-libs/vips: skip unnecessary fuzz subdir (diff)
download: gentoo-ccfc91d36287732d0e7534c2f5e99000616fbb11.tar.gz
gentoo-ccfc91d36287732d0e7534c2f5e99000616fbb11.tar.bz2
gentoo-ccfc91d36287732d0e7534c2f5e99000616fbb11.zip
9 files changed, 27 insertions, 66 deletions
diff --git a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch
deleted file mode 100644
index 8c46625aa29c..000000000000
--- a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
-index 2e065ba3..4ce80cb2 100644
---- a/sandbox-seccomp-filter.c
-+++ b/sandbox-seccomp-filter.c
-@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = {
- #ifdef __NR_ppoll
- 	SC_ALLOW(__NR_ppoll),
- #endif
-+#ifdef __NR_ppoll_time64
-+	SC_ALLOW(__NR_ppoll_time64),
-+#endif
- #ifdef __NR_poll
- 	SC_ALLOW(__NR_poll),
- #endif
diff --git a/net-misc/openssh/files/openssh-8.7_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch
index ffc40b70ae3d..cbc0ec2d9c2d 100644
--- a/net-misc/openssh/files/openssh-8.7_p1-GSSAPI-dns.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch
@@ -1,8 +1,6 @@
-diff --git a/auth.c b/auth.c
-index 00b168b4..8ee93581 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -729,118 +729,6 @@ fakepw(void)
+@@ -637,118 +637,6 @@
  	return (&fake);
  }
  
@@ -121,11 +119,9 @@ index 00b168b4..8ee93581 100644
  /* These functions link key/cert options to the auth framework */
  
  /* Log sshauthopt options locally and (optionally) for remote transmission */
-diff --git a/canohost.c b/canohost.c
-index a810da0e..18e9d8d4 100644
 --- a/canohost.c
 +++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
+@@ -205,3 +205,117 @@
  {
  	return get_sock_port(sock, 1);
  }
@@ -243,11 +239,9 @@ index a810da0e..18e9d8d4 100644
 +		return dnsname;
 +	}
 +}
-diff --git a/readconf.c b/readconf.c
-index 03369a08..b45898ce 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -161,6 +161,7 @@ typedef enum {
+@@ -160,6 +160,7 @@
  	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
  	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
  	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
@@ -255,7 +249,7 @@ index 03369a08..b45898ce 100644
  	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
  	oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
  	oHashKnownHosts,
-@@ -207,9 +208,11 @@ static struct {
+@@ -207,9 +208,11 @@
  #if defined(GSSAPI)
  	{ "gssapiauthentication", oGssAuthentication },
  	{ "gssapidelegatecredentials", oGssDelegateCreds },
@@ -267,7 +261,7 @@ index 03369a08..b45898ce 100644
  #endif
  #ifdef ENABLE_PKCS11
  	{ "pkcs11provider", oPKCS11Provider },
-@@ -1117,6 +1120,10 @@ parse_time:
+@@ -1125,6 +1128,10 @@
  		intptr = &options->gss_deleg_creds;
  		goto parse_flag;
  
@@ -278,7 +272,7 @@ index 03369a08..b45898ce 100644
  	case oBatchMode:
  		intptr = &options->batch_mode;
  		goto parse_flag;
-@@ -2307,6 +2314,7 @@ initialize_options(Options * options)
+@@ -2341,6 +2348,7 @@
  	options->pubkey_authentication = -1;
  	options->gss_authentication = -1;
  	options->gss_deleg_creds = -1;
@@ -286,7 +280,7 @@ index 03369a08..b45898ce 100644
  	options->password_authentication = -1;
  	options->kbd_interactive_authentication = -1;
  	options->kbd_interactive_devices = NULL;
-@@ -2465,6 +2473,8 @@ fill_default_options(Options * options)
+@@ -2501,6 +2509,8 @@
  		options->gss_authentication = 0;
  	if (options->gss_deleg_creds == -1)
  		options->gss_deleg_creds = 0;
@@ -295,11 +289,9 @@ index 03369a08..b45898ce 100644
  	if (options->password_authentication == -1)
  		options->password_authentication = 1;
  	if (options->kbd_interactive_authentication == -1)
-diff --git a/readconf.h b/readconf.h
-index f7d53b06..c3a91898 100644
 --- a/readconf.h
 +++ b/readconf.h
-@@ -40,6 +40,7 @@ typedef struct {
+@@ -41,6 +41,7 @@
  	int     hostbased_authentication;	/* ssh2's rhosts_rsa */
  	int     gss_authentication;	/* Try GSS authentication */
  	int     gss_deleg_creds;	/* Delegate GSS credentials */
@@ -307,11 +299,9 @@ index f7d53b06..c3a91898 100644
  	int     password_authentication;	/* Try password
  						 * authentication. */
  	int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-diff --git a/ssh_config.5 b/ssh_config.5
-index cd0eea86..27101943 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -832,6 +832,16 @@ The default is
+@@ -843,6 +843,16 @@
  Forward (delegate) credentials to the server.
  The default is
  .Cm no .
@@ -328,11 +318,9 @@ index cd0eea86..27101943 100644
  .It Cm HashKnownHosts
  Indicates that
  .Xr ssh 1
-diff --git a/sshconnect2.c b/sshconnect2.c
-index fea50fab..aeff639b 100644
 --- a/sshconnect2.c
 +++ b/sshconnect2.c
-@@ -776,6 +776,13 @@ userauth_gssapi(struct ssh *ssh)
+@@ -764,6 +764,13 @@
  	OM_uint32 min;
  	int r, ok = 0;
  	gss_OID mech = NULL;
@@ -346,7 +334,7 @@ index fea50fab..aeff639b 100644
  
  	/* Try one GSSAPI method at a time, rather than sending them all at
  	 * once. */
-@@ -790,7 +797,7 @@ userauth_gssapi(struct ssh *ssh)
+@@ -778,7 +785,7 @@
  		    elements[authctxt->mech_tried];
  		/* My DER encoding requires length<128 */
  		if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
diff --git a/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch b/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
index 4d098b2231c7..7e9334a781d2 100644
--- a/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
@@ -1,5 +1,3 @@
-diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
-index 23b40b643..d93a357c6 100644
 --- a/sandbox-seccomp-filter.c
 +++ b/sandbox-seccomp-filter.c
 @@ -257,6 +257,15 @@ static const struct sock_filter preauth_insns[] = {
diff --git a/net-misc/openssh/files/openssh-7.5_p1-disable-conch-interop-tests.patch b/net-misc/openssh/files/openssh-9.3_p1-disable-conch-interop-tests.patch
index a5647ce9d8d3..a5647ce9d8d3 100644
--- a/net-misc/openssh/files/openssh-7.5_p1-disable-conch-interop-tests.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-disable-conch-interop-tests.patch
diff --git a/net-misc/openssh/files/openssh-8.0_p1-fix-putty-tests.patch b/net-misc/openssh/files/openssh-9.3_p1-fix-putty-tests.patch
index 4310aa123fc8..9ac02c188000 100644
--- a/net-misc/openssh/files/openssh-8.0_p1-fix-putty-tests.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-fix-putty-tests.patch
@@ -5,9 +5,9 @@ https://bugs.gentoo.org/493866
 
 --- a/regress/putty-ciphers.sh
 +++ b/regress/putty-ciphers.sh
-@@ -10,11 +10,17 @@ fi
+@@ -16,11 +16,17 @@
  
- for c in aes 3des aes128-ctr aes192-ctr aes256-ctr ; do
+ for c in aes 3des aes128-ctr aes192-ctr aes256-ctr chacha20 ; do
  	verbose "$tid: cipher $c"
 +	rm -f ${COPY}
  	cp ${OBJ}/.putty/sessions/localhost_proxy \
@@ -26,7 +26,7 @@ https://bugs.gentoo.org/493866
  	if [ $? -ne 0 ]; then
 --- a/regress/putty-kex.sh
 +++ b/regress/putty-kex.sh
-@@ -14,6 +14,12 @@ for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ; do
+@@ -20,6 +20,12 @@
  	    ${OBJ}/.putty/sessions/kex_$k
  	echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k
  
@@ -41,7 +41,7 @@ https://bugs.gentoo.org/493866
  		fail "KEX $k failed"
 --- a/regress/putty-transfer.sh
 +++ b/regress/putty-transfer.sh
-@@ -14,6 +14,13 @@ for c in 0 1 ; do
+@@ -26,6 +26,13 @@
  	cp ${OBJ}/.putty/sessions/localhost_proxy \
  	    ${OBJ}/.putty/sessions/compression_$c
  	echo "Compression=$c" >> ${OBJ}/.putty/sessions/kex_$k
diff --git a/net-misc/openssh/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch b/net-misc/openssh/files/openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch
index 9e08b2a553c2..b50ac7c00181 100644
--- a/net-misc/openssh/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch
@@ -1,5 +1,3 @@
-diff --git a/gss-serv.c b/gss-serv.c
-index b5d4bb2d..00e3d118 100644
 --- a/gss-serv.c
 +++ b/gss-serv.c
 @@ -105,7 +105,7 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx)
diff --git a/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch b/net-misc/openssh/files/openssh-9.3_p1-include-stdlib.patch
index c5697c2b8bd1..7925234621e2 100644
--- a/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-include-stdlib.patch
@@ -1,8 +1,6 @@
-diff --git a/auth-options.c b/auth-options.c
-index b05d6d6f..d1f42f04 100644
 --- a/auth-options.c
 +++ b/auth-options.c
-@@ -26,6 +26,7 @@
+@@ -27,6 +27,7 @@
  #include <stdarg.h>
  #include <ctype.h>
  #include <limits.h>
@@ -10,23 +8,19 @@ index b05d6d6f..d1f42f04 100644
  
  #include "openbsd-compat/sys-queue.h"
  
-diff --git a/hmac.c b/hmac.c
-index 1c879640..a29f32c5 100644
 --- a/hmac.c
 +++ b/hmac.c
-@@ -19,6 +19,7 @@
+@@ -21,6 +21,7 @@
  
- #include <sys/types.h>
+ #include <stdlib.h>
  #include <string.h>
 +#include <stdlib.h>
  
  #include "sshbuf.h"
  #include "digest.h"
-diff --git a/krl.c b/krl.c
-index 8e2d5d5d..c32e147a 100644
 --- a/krl.c
 +++ b/krl.c
-@@ -28,6 +28,7 @@
+@@ -29,6 +29,7 @@
  #include <string.h>
  #include <time.h>
  #include <unistd.h>
@@ -34,12 +28,10 @@ index 8e2d5d5d..c32e147a 100644
  
  #include "sshbuf.h"
  #include "ssherr.h"
-diff --git a/mac.c b/mac.c
-index 51dc11d7..3d11eba6 100644
 --- a/mac.c
 +++ b/mac.c
-@@ -29,6 +29,7 @@
- 
+@@ -30,6 +30,7 @@
+ #include <stdlib.h>
  #include <string.h>
  #include <stdio.h>
 +#include <stdlib.h>
diff --git a/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch b/net-misc/openssh/files/openssh-9.3_p1-openssl-ignore-status.patch
index fa33af39b6f8..fa33af39b6f8 100644
--- a/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch
+++ b/net-misc/openssh/files/openssh-9.3_p1-openssl-ignore-status.patch
diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild
index ea2cc9a83d0c..a7481ca4a40d 100644
--- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild
+++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild
@@ -81,14 +81,13 @@ BDEPEND="
 "
 
 PATCHES=(
-	"${FILESDIR}/${PN}-7.9_p1-include-stdlib.patch"
-	"${FILESDIR}/${PN}-8.7_p1-GSSAPI-dns.patch" #165444 integrated into gsskex
-	"${FILESDIR}/${PN}-6.7_p1-openssl-ignore-status.patch"
-	"${FILESDIR}/${PN}-7.5_p1-disable-conch-interop-tests.patch"
-	"${FILESDIR}/${PN}-8.0_p1-fix-putty-tests.patch"
+	"${FILESDIR}/${PN}-9.3_p1-include-stdlib.patch"
+	"${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex
+	"${FILESDIR}/${PN}-9.3_p1-openssl-ignore-status.patch"
+	"${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch"
+	"${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch"
 	"${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch"
-	"${FILESDIR}/${PN}-8.9_p1-allow-ppoll_time64.patch" #834019
-	"${FILESDIR}/${PN}-8.9_p1-gss-use-HOST_NAME_MAX.patch" #834044
+	"${FILESDIR}/${PN}-9.3_p1-gss-use-HOST_NAME_MAX.patch" #834044
 	"${FILESDIR}/${PN}-9.3_p1-openssl-version-compat-check.patch"
 )
author	David Seifert <soap@gentoo.org>	2023-05-12 13:00:35 +0200
committer	David Seifert <soap@gentoo.org>	2023-05-12 13:00:35 +0200
commit	ccfc91d36287732d0e7534c2f5e99000616fbb11 (patch)
tree	48bb08ed49237d6b1b90beff87d4b57607047be7 /net-misc
parent	media-libs/vips: skip unnecessary fuzz subdir (diff)
download	gentoo-ccfc91d36287732d0e7534c2f5e99000616fbb11.tar.gz gentoo-ccfc91d36287732d0e7534c2f5e99000616fbb11.tar.bz2 gentoo-ccfc91d36287732d0e7534c2f5e99000616fbb11.zip