Re: [update] ssh-ldap-helper to 8.0p1

Theo Buehler Fri, 03 Dec 2021 15:48:14 -0800

Anyone still using this? Or should I update the port then remove it?

On Wed, Nov 24, 2021 at 02:25:24PM +0100, Theo Buehler wrote:
> For the upcoming libcrypto bump, software based on older OpenSSH
> versions will need updating since it will need to make use of the
> OpenSSL 1.1 API.
> 
> As far as I can see, this is the latest version of the ssh-ldap-helper
> as shipped on Rocky Linux.  Redhat have deprecated this and recommend
> using SSSD:  https://bugzilla.redhat.com/show_bug.cgi?id=1871025
> 
> I don't use LDAP, so I have no easy way of testing this. It builds
> and packages fine, the modifications of the port are relatively
> straightforward.
> 
> Tests and oks welcome.


Index: Makefile
===================================================================
RCS file: /cvs/ports/security/ssh-ldap-helper/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- Makefile    10 Jan 2021 22:34:50 -0000      1.7
+++ Makefile    24 Nov 2021 13:11:01 -0000
@@ -2,36 +2,39 @@
 
 COMMENT =      fetch ssh AuthorizedKeys from LDAP
 
-DISTNAME =     openssh-5.3p1-81
-PKGNAME =      ssh-ldap-helper-5.3
-REVISION =     0
+V =            8.0p1
+DISTNAME =     openssh-${V}-10
+PKGNAME =      ssh-ldap-helper-8.0
 
 CATEGORIES =   security net
-EXTRACT_SUFX=  .el6.src.rpm
+EXTRACT_SUFX=  .el8.src.rpm
 
 # BSD
 PERMIT_PACKAGE=        Yes
 
-WANTLIB +=     c crypto lber-2.4 ldap-2.4 util z
+WANTLIB +=     c crypto lber ldap util z
 
-MASTER_SITES = 
http://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/
+MASTER_SITES = 
https://dl.rockylinux.org/pub/rocky/8/BaseOS/source/tree/Packages/o/
 
-PATCH_LIST =   ${WRKDIR}/openssh-5.3p1-ldap.patch patch-*
+LDAP_PATCH =   ${WRKDIR}/openssh-6.7p1-ldap.patch
+
+PATCH_LIST =   ${LDAP_PATCH} patch-*
 PATCH_STRIP =  -p1
-WRKDIST =      ${WRKDIR}/openssh-5.3p1
+WRKDIST =      ${WRKDIR}/openssh-${V}
 
 CONFIGURE_STYLE =      autoconf
-AUTOCONF_VERSION =     2.62
+AUTOCONF_VERSION =     2.69
 CONFIGURE_ARGS =       --with-ldap=${LOCALBASE} \
                        --without-pam
 NO_TEST =      Yes
 ALL_TARGET =   ssh-ldap-helper
 
-BUILD_DEPENDS= archivers/bzip2
 LIB_DEPENDS =  databases/openldap
 
 post-extract:
-       cd ${WRKDIR} && ${TAR} xjf openssh-5.3p1-noacss.tar.bz2
+       # Fix a 64-bit time_t issue in the LDAP_PATCH
+       sed -i 's/timeout to %l/&l/' ${LDAP_PATCH}
+       cd ${WRKDIR} && ${TAR} xzf openssh-${V}.tar.gz
 
 # The LDAP_SET_REBIND_PROC_ARGS macro is set to literal
 # "$ac_cv_ldap_set_rebind_proc" instead of "3" because of the improper
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/ssh-ldap-helper/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo    14 Nov 2012 18:42:50 -0000      1.1.1.1
+++ distinfo    24 Nov 2021 12:24:57 -0000
@@ -1,2 +1,2 @@
-SHA256 (openssh-5.3p1-81.el6.src.rpm) = 
9QWDzq8p08r8TG9SrcQ/t1wKqdgcenMKYy3xI4wn2Is=
-SIZE (openssh-5.3p1-81.el6.src.rpm) = 1317731
+SHA256 (openssh-8.0p1-10.el8.src.rpm) = 
yT3B6BwP1vrXWNm2WRjwbT6KNG9hWHlGYzgkqjRuiYw=
+SIZE (openssh-8.0p1-10.el8.src.rpm) = 2998520
Index: patches/patch-Makefile_in
===================================================================
RCS file: patches/patch-Makefile_in
diff -N patches/patch-Makefile_in
--- patches/patch-Makefile_in   14 Nov 2012 18:42:50 -0000      1.1.1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,12 +0,0 @@
-$OpenBSD: patch-Makefile_in,v 1.1.1.1 2012/11/14 18:42:50 landry Exp $
---- Makefile.in.orig   Sun Nov 11 22:35:51 2012
-+++ Makefile.in        Sun Nov 11 22:35:58 2012
-@@ -163,7 +163,7 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysca
-       $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh 
-lopenbsd-compat -lssh $(LIBS)
- 
- ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o 
ldapmisc.o ldap-helper.o
--      $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) 
-lssh -lopenbsd-compat -lfipscheck -lldap -llber $(LIBS)
-+      $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) 
-lssh -lopenbsd-compat -lldap -llber $(LIBS)
- 
- sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o 
sftp-server.o sftp-server-main.o
-       $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) 
-lssh -lopenbsd-compat $(LIBS)
Index: patches/patch-log_h
===================================================================
RCS file: /cvs/ports/security/ssh-ldap-helper/patches/patch-log_h,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 patch-log_h
--- patches/patch-log_h 14 Nov 2012 18:42:50 -0000      1.1.1.1
+++ patches/patch-log_h 24 Nov 2021 13:04:26 -0000
@@ -1,12 +1,15 @@
 $OpenBSD: patch-log_h,v 1.1.1.1 2012/11/14 18:42:50 landry Exp $
---- log.h.orig Sun Nov 11 22:35:23 2012
-+++ log.h      Sun Nov 11 22:35:33 2012
-@@ -14,7 +14,7 @@
- 
+
+Index: log.h
+--- log.h.orig
++++ log.h
+@@ -15,6 +15,9 @@
  #ifndef SSH_LOG_H
  #define SSH_LOG_H
--
+ 
 +#include <stdarg.h>
++#include <stdio.h>
++
  /* Supported syslog facilities and levels. */
  typedef enum {
        SYSLOG_FACILITY_DAEMON,

Re: [update] ssh-ldap-helper to 8.0p1

Reply via email to