diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2014-03-14 06:57:00 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2014-03-14 06:57:00 +0000 |
| commit | 1a10b44e42a01944b9e623d121122936c74dd352 (patch) | |
| tree | 43619b3526b03e0148c8aee6b333879b374f5cde /net-misc | |
| parent | Pull in sys-apps/iproute2 wrt #503968 until upstream has more flexible ifconf... (diff) | |
| download | historical-1a10b44e42a01944b9e623d121122936c74dd352.tar.gz historical-1a10b44e42a01944b9e623d121122936c74dd352.tar.bz2 historical-1a10b44e42a01944b9e623d121122936c74dd352.zip | |
Version bump #499962 by Lars Wendler.
Package-Manager: portage-2.2.8-r1/cvs/Linux x86_64
Manifest-Sign-Key: 0xD2E96200
Diffstat (limited to 'net-misc')
| -rw-r--r-- | net-misc/openssh/ChangeLog | 9 | ||||
| -rw-r--r-- | net-misc/openssh/Manifest | 25 | ||||
| -rw-r--r-- | net-misc/openssh/files/openssh-6.5_p1-x509-glue.patch | 16 | ||||
| -rw-r--r-- | net-misc/openssh/files/openssh-6.5_p1-x509-hpn14v4-glue-p2.patch | 26 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-6.5_p1.ebuild | 308 |
5 files changed, 379 insertions, 5 deletions
diff --git a/net-misc/openssh/ChangeLog b/net-misc/openssh/ChangeLog index ada44701eed7..f8ee609c46b8 100644 --- a/net-misc/openssh/ChangeLog +++ b/net-misc/openssh/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-misc/openssh # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.500 2014/02/14 15:49:29 hattya Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.501 2014/03/14 06:56:57 vapier Exp $ + +*openssh-6.5_p1 (14 Mar 2014) + + 14 Mar 2014; Mike Frysinger <vapier@gentoo.org> + +files/openssh-6.5_p1-x509-glue.patch, + +files/openssh-6.5_p1-x509-hpn14v4-glue-p2.patch, +openssh-6.5_p1.ebuild: + Version bump #499962 by Lars Wendler. 14 Feb 2014; Akinori Hattori <hattya@gentoo.org> openssh-6.4_p1-r1.ebuild: ia64 stable wrt bug #477894 diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 40fac7dc0351..051bd09a86d3 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -23,6 +23,8 @@ AUX openssh-6.3_p1-aes-gcm.patch 367 SHA256 11e57d0b1e0de81b3bef67a026fb6e278807 AUX openssh-6.3_p1-x509-glue.patch 555 SHA256 1166dba2fe590dfee70119ce6dd79f535d7146d0afb8d36bf7a28505ba93a273 SHA512 1a3c2467215dde959fecdd563069d605f29632a7ffc385039a6fc90b2317ca56d463d0abb91a8bb594d321f64456f75a973bb62625deebe92f8787439416b82d WHIRLPOOL f894d19843a3c018efbe3ed365c8abbee52b1d7a3afea11b292a085996fef8d3cc9889a0e6ae596d4db876ed96efcb73d1823a677eac6779f8793c2fb3677cda AUX openssh-6.3_p1-x509-hpn14v2-glue.patch 1451 SHA256 d7179b3c16edd065977aaf56a410e2b9b237206fb619474f312972b430b73c8d SHA512 02577e3f718ff994bb4e962189f17048b4c03104d0a1981683f3c6a1d6d30701db368e132102c8396da2c0f5eb2f6602b26f32f74d19382af34bd9a93fc508f3 WHIRLPOOL b7d224d71634f380bd31b3a1dd3e588a29582255f717a6a308738ad58b485b693d827a53704479995ec2ebca53c9dc9b2113d8de52a1336b67ce83943f946b77 AUX openssh-6.4_p1-x509-glue.patch 1445 SHA256 cf18f17b12514692a4e33d5fb995f5ba1bc1ea258c80babb38516d8def7d0bc3 SHA512 e5c51fd639e95ca9c7820974684117861cc58cf5172c7c44deaaca106c1e91a931421720cb210652aef30ffa41bc96efe04dbedf996120b40143080fc6b2b47d WHIRLPOOL 7c7065a22cc6237a927e6d6c0f7b4bfa7b57e32ffd8b3d70ed9e70b9a882a95ce40478873374460a6173cc5a33c22ddfbbded783568049f1b4fccb5f5253d4bf +AUX openssh-6.5_p1-x509-glue.patch 556 SHA256 2eb5937f7c69c45dd53d7f76eb12f0f6fed3b03cb8a8662b2a7df9de2e724b32 SHA512 0582cad1359bb79f6d529fa0263ab4ecabc9f761cdd7413a40784026055ef53ea1a2763dc0d501f4fbec825175dda055302c3a0d7b83c1dc7c0f4a8d464c7681 WHIRLPOOL d32492975d26e01deb9fd0e91f8df5cb27bb8365e98f17a88acbffab8ae475954fb13fd553b9d46f804d9926b169c472d60a46d0a5b77a6efd9a92270486be8b +AUX openssh-6.5_p1-x509-hpn14v4-glue-p2.patch 1083 SHA256 d8df3c116527c8330e9ca7e4dc05b9a84ab26ef94f9c9db7c4203293a755a1d0 SHA512 7b6e8cc4fc81ea1cff4767316f0d3d5e736a68a97f7d84a388b91bc9351672df3f27263c73f3306cd25f73f5399a4b6c2b2a403290a1e31139e18f4d679a4b4f WHIRLPOOL 90a59e37501d86505b47e73b0bd0d5cb1e726aebab594016234b3de23c1e32c3cb13ae6836887451d29a7c88c2a0dc03626053ce512f8d9977e483e50a225703 AUX sshd.confd 396 SHA256 29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 SHA512 b9ae816af54a55e134a9307e376f05367b815f1b3fd545c2a2c312d18aedcf907f413e8bad8db980cdd9aad4011a72a79e1e94594f69500939a9cb46287f2f81 WHIRLPOOL 69f43e6192e009a4663d130f7e40ee8b13c6eb9cc7d960b5e0e22f5d477649c88806a9d219efef211f4346582c2bb51e40d230a8191e5953dbe08bfff976ae53 AUX sshd.pam 294 SHA256 f01cc51c624b21a815fb6c0be35edc590e2e6f8a5ffbdcabc220a9630517972f SHA512 3268dc826978fbb205968744d83c6f1c838c9c73bf9c4ceee709c5b4168b4aaf06bcde47a32808571fa71cbc5a6bfdb98406995b2b28c9e633ce392a53932d64 WHIRLPOOL fff8966d66d75cd4d70607585b5de063f225a776b73b8b0f8146c5eed6c8ffd2ca38c46f86fa4e2ca8caafcde7797a3f0b177e60baa6fa0642064080883fa68a AUX sshd.pam_include.2 156 SHA256 166136e27d653e0bf481a6ca79fecb7d9fa2fc3d597d041f97df595f65a8193c SHA512 d3f7e6ca8c9f2b5060ebccb259316bb59c9a7e158e8ef9466765a20db263a4043a590811f1a3ab072b718dbd70898bc69b77e0b19603d7f394b5ac1bd0a4a56c WHIRLPOOL ba7a0a8c3bb39c5fda69de34b822a19696398e0a8789211ac1faae787ee34f9639eb35efe29c67f874b5f9fe674742503e570f441c005974f4a0c93468b8970b @@ -51,23 +53,38 @@ DIST openssh-6.3p1-hpnssh14v2.diff.gz 24569 SHA256 85c0aeecb329af961203017921e4e DIST openssh-6.3p1.tar.gz 1201101 SHA256 aea575ededd3ebd45c05d42d0a87af22c79131a847ea440c54e3fdd223f5a420 SHA512 9ae0d11b7305739345e84adbf9dae769705ff93b3d3c3ccd9b7fb887a69716518bee931fd698f2c67087ae75281a25bcfd72220cbac1c751715d540d208a6a9a WHIRLPOOL 827548305d730148c93f0634767e3bd78380ae519ef4db149f523c179bdcb1dffc20bb47b48dbcac4e8b4935d504d6934d1ac58da63617735cda52b998f3e3c9 DIST openssh-6.4p1+x509-7.7.diff.gz 220934 SHA256 8b490a9ce1afcaedf12c5b16f83147a6dda68213f498aaccd3f970cee6a1fb7d SHA512 e56c0567d836b2dd0a21cfac7e4fa46f2eb1d6a3c3fc831da7f1fddf9b365a9e851469bf5b79556b397e698477e597add10930ef11429554b83e7727555247c4 WHIRLPOOL f025f23b76c0c1eeadd065c03118c32c425e0ad390ec65c73736e1f611a5fd110bcab83109cc69533aac544035388946f2ac7ba70fe0c8f36c5dc8c265c521a0 DIST openssh-6.4p1.tar.gz 1201402 SHA256 5530f616513b14aea3662c4c373bafd6a97a269938674c006377e381f68975d2 SHA512 f87b3e1d3110b87c1dfff729459ff26024863480c8eb4449b9e3b0b750d187acdfedb199ca4ea133b5dfa436bed0e2eea7607392d451b18c626c4dc1d38bb52a WHIRLPOOL 3737ec70c724a240b8eefb34a5c01974a9c3a8ca0f20b52d52f106b066f298119404b1f5a324c2347d3d8bdcb2cd1cc06e4f0c5b6c7c895d1d394a97cc591f72 +DIST openssh-6.5p1+x509-7.8.diff.gz 225483 SHA256 b096ff7569e9ea3601673383540a986ce87636a984cc605a60dc53574888b992 SHA512 cbe369e9e756f1c0d0560d9ddc569504416700bde9770c66ac613f10fcac69b82a6cf03cb4040ccc89829f1f67836e0de976c97582d612424166ffaafee0374c WHIRLPOOL c6fc755ca4126e47c1d4bb5e31c9746cba03bd9044f19246f8aed5912e1d07097e1fe9393baf1fa78d1d089b5cc0a6199dce54f5b922437748a9c40d2f14c43e +DIST openssh-6.5p1-hpnssh14v4.diff.gz 24575 SHA256 7b0507172759dd2c85965728981343d4b60d8b8c5faf2c20dc8145606421c364 SHA512 cb3e7e45a8ed2fd9458b045e8559dace2bf1d004c7c3716c0eae6de3b682608a162216e3e4ab3006c203c79b18f1958101a7468069b8037223fc893efc080ac5 WHIRLPOOL 89f4fb8031dc173436b4b2238a0a0696dfd879820702490106b2499d3db27b33da03d106dc21e5f5413a4e319de272b6efaecc172dc54ab8b41b76366e55a34b +DIST openssh-6.5p1.tar.gz 1293187 SHA256 a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027 SHA512 8dee8f55a00aed942728a91f0bf0af729589d446e3b7e075950eb214c6a10635ac4d2702dd71b07d705ab0419d5e0537ce7de75daeb7243e8bbbc0f680930734 WHIRLPOOL 78848be83d41c0848c1f6b94676b813117ce1eedeeedc10b458c9b4a62e528e2692dcdaf7397d959968549878204282e9fb164917e243402086622ccadfa668f DIST openssh-lpk-5.9p1-0.3.14.patch.gz 18335 SHA256 1a922d57a2e7020bf597135437a57080d7d046c9f41a7a53559945ddddbe0892 SHA512 eb4641d30e221eaa409d22ab423e38c1a31dd9dfeacbf978c94827194cb838cc0f832bf96aa4c494a71a5d5d1b90fc6789e8469e35d82ffcaf54305f07ccdb9b WHIRLPOOL 6748426d6d0cda07729744d8993d96a762134a61acf757afc1618ada5cbd9752d9211a89be831e5a4f1744f70cc4fc643b5f745d1f785b53a4e1dbf9d7c92680 DIST openssh-lpk-6.0p1-0.3.14.patch.gz 18401 SHA256 d0f3d55fd92ecc45aa6120d6ea919c903e4828ce0c2b07612c742a2aa7648beb SHA512 ebf680b90bc289c0d69c22fd6fd666032cdcf4c3850ecdf03e264200d60c50a12f4a5254907c6ab850727216e7837176be5564ae22b68d9b80a67c62f372a9dd WHIRLPOOL 4f8b32c77fc2a9205d283109ccd787a3f37757c18060da39c63147ff09f6b922f4a57ca1ba8d0cdc692f3f1eaba3e5e88eb4287f728ddaaf544d2d425c0cca91 DIST openssh-lpk-6.1p1-0.3.14.patch.gz 18458 SHA256 2d0e40116e021913668519a42743f89b8fb77f8d5beed863d620cc79999b0b79 SHA512 9cfd83e650cedbc3950b8cf80d0b36fbb7dff8fbe7d017378f9a2ae18189fa6e459e323dae6cd1fa1d82ff948f628563892d0a0f30113b3a8ba5269fe051e784 WHIRLPOOL c1ee5570f0bfb3191c602d575e0e05cabe7d42183bd78c07cac19a2743a59f110728e309fcee6f0b6abc7b141ae8c701d92d010d2b7737739b4cac92406552fa DIST openssh-lpk-6.2p2-0.3.14.patch.gz 18187 SHA256 47e97b911e16f48ac4924b26d39586fc6e80d9ac550f6371376d61ad8ca5bc72 SHA512 104334ff4859cb743ed75893ab8032b44c19b951906b7472b78038ee77d43238bf70530ebc81ef2fba2696bee5d334fa793e7829eebbf50753f7605e19492b7e WHIRLPOOL 03386966ef0b7f7e657dbed871e303e399ca37796adf0456992e59c9f75537ea84c8d6ad84d9fd5348bd46dcf5ccf9bb02684a43c8d8b855206528e2f3284b18 DIST openssh-lpk-6.3p1-0.3.14.patch.gz 18208 SHA256 ebdb1a6d4134a3c909fbdfafd034571292b9e7ae4fa0c110f2f87c81e426cab1 SHA512 cc07757c23f0a334c2428f704d24ad026caf2667f9447cec21d7ba96b6b12f17613ba8985d020010c916fd351a1beac4d55a4d90caa3af75401f2fe5fcc9300c WHIRLPOOL a1ef1912269bfc24058d7045a6746cc4d28d35fe46461244ebd6dbf608a421ae81ff8bcb0e3f5ccf2a61ea7cbae27c4750e2fde5ed52efb9cb38d6e2fac49523 +DIST openssh-lpk-6.5p1-0.3.14.patch.gz 18217 SHA256 ad678f366dd7ef63ee164e29b59a4a4d264de9ddf9ad2c1d59178779e83539f3 SHA512 16f0053663ffc9a0670dbf8956dc070e6891e1e47cb1fbbea9567a6a4368c5500bf7e2ff7a2eb7208e651a0121088c271fb0a6ece62b98d103b3337866374610 WHIRLPOOL 34ee5a67e4cb0eb5d8126fde5469b73e0c81d4a7795cd9849c671922227eb8a6767cecf3097acbff338a47c3a7930b285fa4ecf2ebe74cb2e9186f93ec70c40c EBUILD openssh-5.9_p1-r4.ebuild 9274 SHA256 f8ee28e22f860cfa26477510ea0b8961b4bec3dd922eba2e686897520924fc6f SHA512 f7da00aa02a6c0c0a40096d786975da47234dd211d1629830fcb7247be309f721b2a4904c166a5c11210eb5328bdf742173448f322a68e972f61774f19996c8f WHIRLPOOL 6bb118b5cfa14323b72393cdedd5d5095438f9d33ee9437ffc7d39f4dcd59b806c3b484ba1ca4f44e776f7212c4d882a5ec62cf95840b516f1baf32a7f5752dd EBUILD openssh-6.0_p1-r1.ebuild 9552 SHA256 e26536443dcde274078e2f0d6abbf00d89fcb872ef03de5fa1a3cfbc5dc08fbc SHA512 aa8f12099ff9cb0e0462cf7f0074a31cb65208c73897d908f457fedb784aeef2b219f73e26a46d6a2e589dbd9a81f27efb5cf8185871a5d1411883e8f97acc1b WHIRLPOOL 7a15ca53de12eaeb2c81f62bd716be93e6b6c89b372a730bccb7f9673c9a0ed3dbc16bf0ad876726f2b61c87dc6ff3363c3b20657cb916cf1f8f93af53b4d0f0 EBUILD openssh-6.1_p1-r1.ebuild 10300 SHA256 898f55671d0726c3b9c4abccf82311a68ecb8477c260322ac9959273e08f8c92 SHA512 773781b160639152a932d74dfccbd3854e575a1ad26e48387d372bfe42bf7b7f22bb9c7bc5d659168c9863bb87c99316764bbd3eae75e6880c1d4678d24777fa WHIRLPOOL 4b475dde03c3792bc7e14ba34c43eb464661fe6825b6ed32899985bc1e0309d8cbb483342c1c55971e23071d0d7dff6e7a29733faca9a8ff075c7bcc70cf79a2 EBUILD openssh-6.2_p2-r5.ebuild 9454 SHA256 ed6988f5eaa2242f3344c7aa72bf76d83443881d88cd53b0bd4db7a7384a07cb SHA512 d0ccc242efeae257bffd53af70629c508e948835526496c95428be210f4e9c5ad4508f0198db6406cd3bee13da584faba3ee6677e1e79303d281ba4842fc1cc4 WHIRLPOOL 052e89e2eb50b35f73a13a34e6b67aa19750f883781fb7f4fc2234f8ec7df514308c3583e4afa29d3481bd47a20da0e6c87ea806534b23a6a628ef4b64f80493 EBUILD openssh-6.3_p1-r1.ebuild 9457 SHA256 d6c073899d89a323598e5745cb8f10868eda0a89466e7ee1f2fa04b075d62cc3 SHA512 45a18e1a9b931c7be5d938745ce05de893959f20ef528aebc318491ab840a6aecf304df4e4333f2d900d714b0d5a9a869b668b8cfc649034af3c1c29014df916 WHIRLPOOL 6b0141bcc54178f0577d6d0dad6813560b2a94f1ab389e5ac3e06b019b499ac717ec2e9a9e97f91a1c655fbd251b262ad8990b7504f76649ecbb36de97fb786e EBUILD openssh-6.4_p1-r1.ebuild 9388 SHA256 504efacf3283016b3db83ce84bc083e300e510d041dc6fa9e41f01564a3dc580 SHA512 2455f68a46403649e401fdbcdeb9e6108f1f16df130240bb256fb96f7395dfe9861c725f02b3b8c709256a2187ec1363d1faae9f21f59b55add0161e96f90de2 WHIRLPOOL 6a59666b7a676f42db67063679d7d68e725dd87d67a8033880fa1605683d45540120a08eb6dd9cd37917e6eb99100e38010754da4c72adeb48b6664da89d5192 -MISC ChangeLog 81653 SHA256 9cdb2b49260400c9c3a45b83f0be33fafbbf3db06bd5b580a2e6ee23dca0c65e SHA512 c17b854e1e9cd178567c8d9796c6eeaff8bd32d23fd13c99ac39cce2d330f5ade7e654e6a459541f6f6e3674522898fb79349a1bd0941a02769695ece914fc6e WHIRLPOOL b87996102b21b8b764368b4ccfcffc6cda27b76a1b3591b663f8bbb927529ea53cceeec40d903d3ddab61970a2852152345fea9292b683fbf9c133c714d781ee +EBUILD openssh-6.5_p1.ebuild 9482 SHA256 c4ce138332ef97a42ff9a93d79d63230022d5517dc96432b4dc5831313aad453 SHA512 5575649ed73beca0375d5e4b5fbc55e1aef56daad0e81b60bf214c4d6819bb373feb4e73a0f694b035a36258de7b8821a768481f01ac441c1c607495c7999e90 WHIRLPOOL 4191624554153d39850c27a08a622ec9ba09c3919fa71fc60d99ef6d1848546bcf57d6bc7640717133780b12c4ad846c7b880e409f95bc0a34f5a48f3e0a9316 +MISC ChangeLog 81892 SHA256 b0d74df96da52446d33dd82694f78d76dd0206ff0741131e9997ee02b7912607 SHA512 2abeb80485033667990b1abec9965c85785c6efe5463d1c77ff257e2c4d9807a76d3ce6bc900a29fd861cdd225315e58a26dab89887a0d4fd22ee2d045d198f7 WHIRLPOOL 09918350f9d4feef6788e7601c10adfb8ed7c68890de4d4f3340f3da2f3be6f5bbdf7d8f1b2de9cd8848e635940288ec65ef4738d5d644ffbc930cba387824fb MISC metadata.xml 1837 SHA256 5f8be0245926a5dc8007dd78594febffc68bbcb45306630d027666872e664050 SHA512 76e044611e16ede9bb9697c0ad448c149131f1f20b84ef1000fb77d6cec954abd48542fd26299a372b4411aa0ecb161ed38396b2c3b5c11c71a4bc247e0b23ed WHIRLPOOL 46c8b0f7911fec3ca086e1601cfab5d03e01a7d8cd2069460975545438f6fa5964f138d19a70ec7db7f1f8c9c0fbb48dcec6ee8269fa9d7b432214e9e3e46806 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) -iEYEAREIAAYFAlL+Ow0ACgkQL46suuyRem3ziACeLlfzRZrg4Z4VIuLRye3hxXed -tDsAn0LYubXG68YXgf42TFTla61Ak8ax -=UhTY +iQIcBAEBCAAGBQJTIqhCAAoJEPGu1DbS6WIA7UAQAIZA7/llVzvVNqhvEXzLg/ze +tYW9gZ76nGoIMrKbbMXx6vY5dEVQvw6Szao2CDqZU3N2Rmk8QL2jJgvkOf6SOJDW ++lvYO2X0kx9m9A67bJKlad8ULuwqP9CDh8aRetNdfs37tZOAhjXbNmKpsLQZA8mv +7McoZxfZvmPE6mC2tjbL2v3wnISLYwGA0aQvlUGGKw0v++R86vFuWapwxsr8sDCm +VoM45dahqYFiWx2FAFOO0Tw5VVujxV2wx1piZgUstV8VcljqT0SJGheX3KwNIZ4N +UevZ7dJ9+Xs3TzKybiMVnEinKm1xl4KJv1lblJLVX1u4JaakVVMLv3oidoYZhlJA +QuAD+PjUKuy4VmEmDKd4IRLl0lxyH7J/jzmgE3lBzzZTr3w0HqFm17cQOPyi8v25 +WkX7lwTaqay+nRS0/Yict1u21+ysHb6xOtXnuQkAfZ10lW7s8MQ/5vYufsLbJ1Fr +ClOK4uuFN9Y02/G0Au1u6FGkxsDMz1O2qFMy53yZLa+9JyYJf5J6OFq63AUYwHpD +0+TW49xDh+CajAST9LIDQwZonVYoLTVZ9CCSwEK4hwDbLKHWqEdYT+zOkFPy7N8o +A++Xd8M/RGoUNN9IgneBhI+AvlSh2k5WCQHku501FL45dozAt40k3aAP7xG/f9+b +E+Vy0AwhiGDo6I0rfmMp +=T1la -----END PGP SIGNATURE----- diff --git a/net-misc/openssh/files/openssh-6.5_p1-x509-glue.patch b/net-misc/openssh/files/openssh-6.5_p1-x509-glue.patch new file mode 100644 index 000000000000..83e873973501 --- /dev/null +++ b/net-misc/openssh/files/openssh-6.5_p1-x509-glue.patch @@ -0,0 +1,16 @@ +Make x509 apply after openssh-5.9_p1-sshd-gssapi-multihomed.patch. + +--- openssh-6.5p1+x509-7.8.diff ++++ openssh-6.5p1+x509-7.8.diff +@@ -15473,10 +15473,9 @@ + .It Cm ChallengeResponseAuthentication + Specifies whether challenge-response authentication is allowed (e.g. via + PAM or though authentication styles supported in +-@@ -499,6 +576,16 @@ ++@@ -499,5 +576,15 @@ + The default is + .Dq yes . +- Note that this option applies to protocol version 2 only. + +.It Cm HostbasedAlgorithms + +Specifies the protocol version 2 algorithms used in + +.Dq hostbased diff --git a/net-misc/openssh/files/openssh-6.5_p1-x509-hpn14v4-glue-p2.patch b/net-misc/openssh/files/openssh-6.5_p1-x509-hpn14v4-glue-p2.patch new file mode 100644 index 000000000000..95cf48d80fc0 --- /dev/null +++ b/net-misc/openssh/files/openssh-6.5_p1-x509-hpn14v4-glue-p2.patch @@ -0,0 +1,26 @@ +make the hpn patch apply when the x509 patch has also been applied + +--- openssh-6.5p1-hpnssh14v4.diff ++++ openssh-6.5p1-hpnssh14v4.diff +@@ -1790,18 +1790,14 @@ + if (options->ip_qos_interactive == -1) + options->ip_qos_interactive = IPTOS_LOWDELAY; + if (options->ip_qos_bulk == -1) +-@@ -348,9 +396,10 @@ typedef enum { ++@@ -348,6 +396,7 @@ typedef enum { + sUsePrivilegeSeparation, sAllowAgentForwarding, + sZeroKnowledgePasswordAuthentication, sHostCertificate, + sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, +-+ sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize, +++ sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize, sNoneEnabled, + sKexAlgorithms, sIPQoS, sVersionAddendum, + sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, +-- sAuthenticationMethods, sHostKeyAgent, +-+ sAuthenticationMethods, sNoneEnabled, sHostKeyAgent, +- sDeprecated, sUnsupported +- } ServerOpCodes; +- ++ sAuthenticationMethods, sHostKeyAgent, + @@ -476,6 +525,10 @@ static struct { + { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, + { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, diff --git a/net-misc/openssh/openssh-6.5_p1.ebuild b/net-misc/openssh/openssh-6.5_p1.ebuild new file mode 100644 index 000000000000..200856eff0db --- /dev/null +++ b/net-misc/openssh/openssh-6.5_p1.ebuild @@ -0,0 +1,308 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-6.5_p1.ebuild,v 1.1 2014/03/14 06:56:57 vapier Exp $ + +EAPI="4" +inherit eutils user flag-o-matic multilib autotools pam systemd versionator + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +HPN_PATCH="${PN}-6.5p1-hpnssh14v4.diff.gz" +LDAP_PATCH="${PN}-lpk-6.5p1-0.3.14.patch.gz" +X509_VER="7.8" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="http://www.openssh.org/" +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ${HPN_PATCH:+hpn? ( mirror://sourceforge/hpnssh/${HPN_PATCH} )} + ${LDAP_PATCH:+ldap? ( mirror://gentoo/${LDAP_PATCH} )} + ${X509_PATCH:+X509? ( http://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )} + " + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +IUSE="bindist ${HPN_PATCH:++}hpn kerberos ldap ldns libedit pam selinux skey static tcpd X X509" + +LIB_DEPEND="selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + skey? ( >=sys-auth/skey-1.1.5-r1[static-libs(+)] ) + libedit? ( dev-libs/libedit[static-libs(+)] ) + >=dev-libs/openssl-0.9.6d:0[bindist=] + dev-libs/openssl[static-libs(+)] + >=sys-libs/zlib-1.2.3[static-libs(+)] + tcpd? ( >=sys-apps/tcp-wrappers-7.6[static-libs(+)] )" +RDEPEND=" + !static? ( + ${LIB_DEPEND//\[static-libs(+)]} + ldns? ( + !bindist? ( net-libs/ldns[ecdsa,ssl] ) + bindist? ( net-libs/ldns[-ecdsa,ssl] ) + ) + ) + pam? ( virtual/pam ) + kerberos? ( virtual/krb5 ) + ldap? ( net-nds/openldap )" +DEPEND="${RDEPEND} + static? ( + ${LIB_DEPEND} + ldns? ( + !bindist? ( net-libs/ldns[ecdsa,ssl,static-libs(+)] ) + bindist? ( net-libs/ldns[-ecdsa,ssl,static-libs(+)] ) + ) + ) + virtual/pkgconfig + virtual/os-headers + sys-devel/autoconf" +RDEPEND="${RDEPEND} + pam? ( >=sys-auth/pambase-20081028 ) + userland_GNU? ( virtual/shadow ) + X? ( x11-apps/xauth )" + +S=${WORKDIR}/${PARCH} + +pkg_setup() { + # this sucks, but i'd rather have people unable to `emerge -u openssh` + # than not be able to log in to their server any more + maybe_fail() { [[ -z ${!2} ]] && echo "$1" ; } + local fail=" + $(use X509 && maybe_fail X509 X509_PATCH) + $(use ldap && maybe_fail ldap LDAP_PATCH) + $(use hpn && maybe_fail hpn HPN_PATCH) + " + fail=$(echo ${fail}) + if [[ -n ${fail} ]] ; then + eerror "Sorry, but this version does not yet support features" + eerror "that you requested: ${fail}" + eerror "Please mask ${PF} for now and check back later:" + eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" + die "booooo" + fi +} + +save_version() { + # version.h patch conflict avoidence + mv version.h version.h.$1 + cp -f version.h.pristine version.h +} + +src_prepare() { + sed -i \ + -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ + pathnames.h || die + # keep this as we need it to avoid the conflict between LPK and HPN changing + # this file. + cp version.h version.h.pristine + + # don't break .ssh/authorized_keys2 for fun + sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die + + epatch "${FILESDIR}"/${PN}-5.9_p1-sshd-gssapi-multihomed.patch #378361 + if use X509 ; then + pushd .. >/dev/null + epatch "${FILESDIR}"/${PN}-6.5_p1-x509-glue.patch + use hpn && epatch "${FILESDIR}"/${PN}-6.5_p1-x509-hpn14v4-glue-p2.patch + popd >/dev/null + epatch "${WORKDIR}"/${X509_PATCH%.*} + epatch "${FILESDIR}"/${PN}-6.3_p1-x509-hpn14v2-glue.patch + save_version X509 + fi + if ! use X509 ; then + if [[ -n ${LDAP_PATCH} ]] && use ldap ; then + epatch "${WORKDIR}"/${LDAP_PATCH%.*} + save_version LPK + fi + else + use ldap && ewarn "Sorry, X509 and LDAP conflict internally, disabling LDAP" + fi + epatch "${FILESDIR}"/${PN}-4.7_p1-GSSAPI-dns.patch #165444 integrated into gsskex + if [[ -n ${HPN_PATCH} ]] && use hpn; then + epatch "${WORKDIR}"/${HPN_PATCH%.*} + save_version HPN + fi + + tc-export PKG_CONFIG + local sed_args=( + -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" + # Disable PATH reset, trust what portage gives us #254615 + -e 's:^PATH=/:#PATH=/:' + # Disable fortify flags ... our gcc does this for us + -e 's:-D_FORTIFY_SOURCE=2::' + ) + sed -i "${sed_args[@]}" configure{,.ac} || die + + epatch_user #473004 + + # Now we can build a sane merged version.h + ( + sed '/^#define SSH_RELEASE/d' version.h.* | sort -u + macros=() + for p in HPN LPK X509 ; do [ -e version.h.${p} ] && macros+=( SSH_${p} ) ; done + printf '#define SSH_RELEASE SSH_VERSION SSH_PORTABLE %s\n' "${macros}" + ) > version.h + + eautoreconf +} + +static_use_with() { + local flag=$1 + if use static && use ${flag} ; then + ewarn "Disabling '${flag}' support because of USE='static'" + # rebuild args so that we invert the first one (USE flag) + # but otherwise leave everything else working so we can + # just leverage use_with + shift + [[ -z $1 ]] && flag="${flag} ${flag}" + set -- !${flag} "$@" + fi + use_with "$@" +} + +src_configure() { + local myconf + addwrite /dev/ptmx + addpredict /etc/skey/skeykeys #skey configure code triggers this + + use static && append-ldflags -static + + # Special settings for Gentoo/FreeBSD 9.0 or later (see bug #391011) + if use elibc_FreeBSD && version_is_at_least 9.0 "$(uname -r|sed 's/\(.\..\).*/\1/')" ; then + myconf="${myconf} --disable-utmp --disable-wtmp --disable-wtmpx" + append-ldflags -lutil + fi + + econf \ + --with-ldflags="${LDFLAGS}" \ + --disable-strip \ + --with-pid-dir="${EPREFIX}"/var/run \ + --sysconfdir="${EPREFIX}"/etc/ssh \ + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc \ + --datadir="${EPREFIX}"/usr/share/openssh \ + --with-privsep-path="${EPREFIX}"/var/empty \ + --with-privsep-user=sshd \ + --with-md5-passwords \ + --with-ssl-engine \ + $(static_use_with pam) \ + $(static_use_with kerberos kerberos5 /usr) \ + ${LDAP_PATCH:+$(use X509 || ( use ldap && use_with ldap ))} \ + $(use_with ldns) \ + $(use_with libedit) \ + $(use_with selinux) \ + $(use_with skey) \ + $(use_with tcpd tcp-wrappers) \ + ${myconf} +} + +src_install() { + emake install-nokeys DESTDIR="${D}" + fperms 600 /etc/ssh/sshd_config + dobin contrib/ssh-copy-id + newinitd "${FILESDIR}"/sshd.rc6.4 sshd + newconfd "${FILESDIR}"/sshd.confd sshd + keepdir /var/empty + + # not all openssl installs support ecc, or are functional #352645 + if ! grep -q '#define OPENSSL_HAS_ECC 1' config.h ; then + elog "dev-libs/openssl was built with 'bindist' - disabling ecdsa support" + sed -i 's:&& gen_key ecdsa::' "${ED}"/etc/init.d/sshd || die + fi + + newpamd "${FILESDIR}"/sshd.pam_include.2 sshd + if use pam ; then + sed -i \ + -e "/^#UsePAM /s:.*:UsePAM yes:" \ + -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ + -e "/^#PrintMotd /s:.*:PrintMotd no:" \ + -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ + "${ED}"/etc/ssh/sshd_config || die "sed of configuration file failed" + fi + + # Gentoo tweaks to default config files + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config + + # Allow client to pass locale environment variables #367017 + AcceptEnv LANG LC_* + EOF + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config + + # Send locale environment variables #367017 + SendEnv LANG LC_* + EOF + + # This instruction is from the HPN webpage, + # Used for the server logging functionality + if [[ -n ${HPN_PATCH} ]] && use hpn ; then + keepdir /var/empty/dev + fi + + if ! use X509 && [[ -n ${LDAP_PATCH} ]] && use ldap ; then + insinto /etc/openldap/schema/ + newins openssh-lpk_openldap.schema openssh-lpk.schema + fi + + doman contrib/ssh-copy-id.1 + dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config + + diropts -m 0700 + dodir /etc/skel/.ssh + + systemd_dounit "${FILESDIR}"/sshd.{service,socket} + systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service' +} + +src_test() { + local t tests skipped failed passed shell + tests="interop-tests compat-tests" + skipped="" + shell=$(egetshell ${UID}) + if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then + elog "Running the full OpenSSH testsuite" + elog "requires a usable shell for the 'portage'" + elog "user, so we will run a subset only." + skipped="${skipped} tests" + else + tests="${tests} tests" + fi + # It will also attempt to write to the homedir .ssh + local sshhome=${T}/homedir + mkdir -p "${sshhome}"/.ssh + for t in ${tests} ; do + # Some tests read from stdin ... + HOMEDIR="${sshhome}" \ + emake -k -j1 ${t} </dev/null \ + && passed="${passed}${t} " \ + || failed="${failed}${t} " + done + einfo "Passed tests: ${passed}" + ewarn "Skipped tests: ${skipped}" + if [[ -n ${failed} ]] ; then + ewarn "Failed tests: ${failed}" + die "Some tests failed: ${failed}" + else + einfo "Failed tests: ${failed}" + return 0 + fi +} + +pkg_preinst() { + enewgroup sshd 22 + enewuser sshd 22 -1 /var/empty sshd +} + +pkg_postinst() { + if has_version "<${CATEGORY}/${PN}-5.8_p1" ; then + elog "Starting with openssh-5.8p1, the server will default to a newer key" + elog "algorithm (ECDSA). You are encouraged to manually update your stored" + elog "keys list as servers update theirs. See ssh-keyscan(1) for more info." + fi + ewarn "Remember to merge your config files in /etc/ssh/ and then" + ewarn "reload sshd: '/etc/init.d/sshd reload'." + # This instruction is from the HPN webpage, + # Used for the server logging functionality + if [[ -n ${HPN_PATCH} ]] && use hpn ; then + echo + einfo "For the HPN server logging patch, you must ensure that" + einfo "your syslog application also listens at /var/empty/dev/log." + fi +} |