Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net-misc/openssh/Manifest1
-rw-r--r--net-misc/openssh/files/openssh-7.6_p1-hpn-x509-11.0-glue.patch50
-rw-r--r--net-misc/openssh/files/openssh-7.6_p1-warnings.patch12
-rw-r--r--net-misc/openssh/openssh-7.6_p1.ebuild12
4 files changed, 73 insertions, 2 deletions
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest
index df01594ce28f..c9efd08b4214 100644
--- a/net-misc/openssh/Manifest
+++ b/net-misc/openssh/Manifest
@@ -5,6 +5,7 @@ DIST openssh-7.5p1-hpnssh14v12.tar.xz 23068 SHA256 8a1ed99c121a4ad21d7a26cd32627
DIST openssh-7.5p1.tar.gz 1510857 SHA256 9846e3c5fab9f0547400b4d2c017992f914222b3fd1f8eee6c7dc6bc5e59f9f0 SHA512 58c542e8a110fb4316a68db94abb663fa1c810becd0638d45281df8aeca62c1f705090437a80e788e6c29121769b72a505feced537d3118c933fde01b5285c81 WHIRLPOOL 1a42c68d8e350bc4790dd4c1a98dd6571bfa353ad6871b1462c53b6412f752719daabd1a13bb4434d294de966a00428ac66334bab45f371420029b5e34a6914c
DIST openssh-7.6_p1-sctp.patch.xz 6996 SHA256 ca61f0b015d2f7131620a2a4901800b70026755a52a7b882d437cd9813c2652d SHA512 8445a9a8ae8e8baa67c8f386117877ba3f39f33c9cdaff341c8d5fb4ce9dfe22f26d5aedc2b0d4aab67864994ec5a6a487d18b728bd5d5c6efe14175eb9c8151 WHIRLPOOL 27125d4a7d45f0bc67f424598542cf97e123824bce7911732891531b6a0aa37b7598f636e1643a6114626c2ccc622a50928ffcdb4357c7dc3d9c3d8c161d9626
DIST openssh-7.6p1+x509-11.0.diff.gz 440219 SHA256 bc4175ed8efce14579f10e242b25a23c959b1ff0e63b7c15493503eb654a960e SHA512 add86ecdaa696d997f869e6878aaaef285590cc5eddf301be651944bbc6c80af6a891bad6f6aaa4b6e9919ad865a27dc6f45a6e0b923ca52c04f06523fa3197a WHIRLPOOL 1b324f72a6cb0c895b3994d59f3505ff2a4a0529829cea07344a33a68ee4d43c22ba534a55454792618cd9f766cd40fa5af73cc054ee3a08bccdb6e8d0073b29
+DIST openssh-7.6p1-hpnssh14v12.tar.xz 15392 SHA256 4ccb05096556233d81b68b330463ef2bd84384734ff3a8693ad28ac2d4681227 SHA512 0e2c62cdec360090b359edfd5bbe894fb25d22e387677e8a5d6cf6a0807b0572fda30b90c30390d5b68e359e9958cb1c65abae4afd9af5892c3f64f6f8001956 WHIRLPOOL c7bdc79d849bacaf1a6fb262a11b3b6cf905e95c11e9818c4434559fcea3bc5273496bb8d29e3a5edb116420b4dabc3ef17789e66864c488006c660331c18bc4
DIST openssh-7.6p1.tar.gz 1489788 SHA256 a323caeeddfe145baaa0db16e98d784b1fbc7dd436a6bf1f479dfd5cd1d21723 SHA512 de17fdcb8239401f76740c8d689a8761802f6df94e68d953f3c70b9f4f8bdb403617c48c1d01cc8c368d88e9d50aee540bf03d5a36687dfb39dfd28d73029d72 WHIRLPOOL 537b94555c7b36b2f7ef2ecd89e6671028f7cff9be758e631690ecd068510d59d6518077bf951e779e3c8a39706adb1682c6d5305edd6fc611ec19ce7953c751
DIST openssh-lpk-7.5p1-0.3.14.patch.xz 17040 SHA256 11060be996b291b8d78de698c68a92428430e4ff440553f5045c6de5c0e1dab3 SHA512 9ce5d7e5d831c972f0f866b686bf93a048a03979ab38627973f5491eeeaa45f9faab0520b3a7ed90a13a67213fdc9cd4cf11e423acad441ea91b71037c8b435b WHIRLPOOL 58526777475786bb5efa193f3a3ec0500c4d48b18fef67698f8b1999cb07f04fbca7b7d3ece469f3a1e1ceca5152cdd08d3dbe7cfa4e7494740dc2c233101b93
DIST openssh-lpk-7.6p1-0.3.14.patch.xz 17044 SHA256 fd877cf084d4eb682c503b6e5f363b0564da2b50561367558a50ab239adf4017 SHA512 e9a2b18fd6a58354198b6e48199059d055451a5f09c99bf7293d0d54137a59c581a9cb3bd906f31589e03d8450fb017b9015e18c67b7b6ae840e336039436974 WHIRLPOOL 8410dc9dad24d8b3065ba85e7a7a66322b4d37eac0ef68e72143afa3aba2706e91c324798236b9d3e320e6903d27a7e426621bde92ded89ce26a16535e8c3d3c
diff --git a/net-misc/openssh/files/openssh-7.6_p1-hpn-x509-11.0-glue.patch b/net-misc/openssh/files/openssh-7.6_p1-hpn-x509-11.0-glue.patch
new file mode 100644
index 000000000000..d55656aae974
--- /dev/null
+++ b/net-misc/openssh/files/openssh-7.6_p1-hpn-x509-11.0-glue.patch
@@ -0,0 +1,50 @@
+--- a/openssh-7.6p1-hpnssh14v12/0004-support-dynamically-sized-receive-buffers.patch 2017-10-11 15:02:11.850912525 -0700
++++ b/openssh-7.6p1-hpnssh14v12/0004-support-dynamically-sized-receive-buffers.patch 2017-10-11 15:35:06.223424844 -0700
+@@ -907,9 +907,9 @@
+ @@ -517,7 +544,7 @@ send_client_banner(int connection_out, int minor1)
+ {
+ /* Send our own protocol version identification. */
+- xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
+-- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+-+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
++ xasprintf(&client_version_string, "SSH-%d.%d-%.100s PKIX[%s]\r\n",
++- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, PACKAGE_VERSION);
+++ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, PACKAGE_VERSION);
+ if (atomicio(vwrite, connection_out, client_version_string,
+ strlen(client_version_string)) != strlen(client_version_string))
+ fatal("write: %.100s", strerror(errno));
+@@ -918,11 +918,11 @@
+ --- a/sshd.c
+ +++ b/sshd.c
+ @@ -367,7 +367,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
+- char remote_version[256]; /* Must be at least as big as buf. */
++ }
+
+- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
+-- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
+-+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
++ xasprintf(&server_version_string, "SSH-%d.%d-%s%s%s%s\r\n",
++- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, pkix_comment,
+++ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, pkix_comment,
+ *options.version_addendum == '\0' ? "" : " ",
+ options.version_addendum);
+
+@@ -982,13 +982,14 @@
+ index e093f623..83f0932d 100644
+ --- a/version.h
+ +++ b/version.h
+-@@ -3,4 +3,5 @@
++@@ -3,3 +3,6 @@
+ #define SSH_VERSION "OpenSSH_7.6"
+
+- #define SSH_PORTABLE "p1"
+--#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
++-#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1"
+++#define SSH_PORTABLE "p1"
+ +#define SSH_HPN "-hpn14v12"
+++#define SSH_X509 "-PKIXSSH-11.0"
+-+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
+++#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1" SSH_HPN
+ --
+ 2.14.2
+
diff --git a/net-misc/openssh/files/openssh-7.6_p1-warnings.patch b/net-misc/openssh/files/openssh-7.6_p1-warnings.patch
new file mode 100644
index 000000000000..5843dd162cd9
--- /dev/null
+++ b/net-misc/openssh/files/openssh-7.6_p1-warnings.patch
@@ -0,0 +1,12 @@
+diff --git a/openbsd-compat/freezero.c b/openbsd-compat/freezero.c
+index 3af8f4a7..7f6bc7fa 100644
+--- a/openbsd-compat/freezero.c
++++ b/openbsd-compat/freezero.c
+@@ -14,6 +14,7 @@
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
++#include <string.h>
+ #include "includes.h"
+
+ #ifndef HAVE_FREEZERO
diff --git a/net-misc/openssh/openssh-7.6_p1.ebuild b/net-misc/openssh/openssh-7.6_p1.ebuild
index 1c315b793a68..a15c07cdc85d 100644
--- a/net-misc/openssh/openssh-7.6_p1.ebuild
+++ b/net-misc/openssh/openssh-7.6_p1.ebuild
@@ -9,7 +9,7 @@ inherit user flag-o-matic multilib autotools pam systemd versionator
# and _p? releases.
PARCH=${P/_}
-#HPN_PATCH="${PARCH}-hpnssh14v12.tar.xz"
+HPN_PATCH="${PARCH}-hpnssh14v12.tar.xz"
SCTP_PATCH="${PN}-7.6_p1-sctp.patch.xz"
LDAP_PATCH="${PN}-lpk-7.6p1-0.3.14.patch.xz"
X509_VER="11.0" X509_PATCH="${PN}-${PV/_}+x509-${X509_VER}.diff.gz"
@@ -109,12 +109,14 @@ src_prepare() {
# this file.
cp version.h version.h.pristine
+ eapply "${FILESDIR}/${P}-warnings.patch"
+
# don't break .ssh/authorized_keys2 for fun
sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die
if use X509 ; then
if use hpn ; then
- pushd "${WORKDIR}"/${HPN_PATCH%.*.*} >/dev/null
+ pushd "${WORKDIR}" >/dev/null
eapply "${FILESDIR}"/${P}-hpn-x509-${X509_VER}-glue.patch
popd >/dev/null
fi
@@ -324,4 +326,10 @@ pkg_postinst() {
elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys"
elog "and update all clients/servers that utilize them."
fi
+
+ # remove this if aes-ctr-mt gets fixed
+ if use hpn; then
+ elog "The multithreaded AES-CTR cipher has been temporarily dropped from the HPN patch"
+ elog "set since it does not (yet) work with >=openssh-7.6p1."
+ fi
}