[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: d4c7252424eb9de31f91a502e8fffd323000a89b Author: Gabi Falk gmx com> AuthorDate: Thu May 9 22:50:00 2024 + Commit: Sam James gentoo org> CommitDate: Tue May 21 11:48:19 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d4c72524 net-misc/openssh: fix implicit function declaraions with USE=xmss Link: https://bugzilla.mindrot.org/show_bug.cgi?id=3689 Closes: https://bugs.gentoo.org/919685 Signed-off-by: Gabi Falk gmx.com> Closes: https://github.com/gentoo/gentoo/pull/36623 Signed-off-by: Sam James gentoo.org> .../files/openssh-9.6_p1-fix-xmss-c99.patch| 20 + net-misc/openssh/openssh-9.6_p1-r4.ebuild | 390 net-misc/openssh/openssh-9.7_p1-r3.ebuild | 404 + 3 files changed, 814 insertions(+) diff --git a/net-misc/openssh/files/openssh-9.6_p1-fix-xmss-c99.patch b/net-misc/openssh/files/openssh-9.6_p1-fix-xmss-c99.patch new file mode 100644 index ..cf06b80cd5fa --- /dev/null +++ b/net-misc/openssh/files/openssh-9.6_p1-fix-xmss-c99.patch @@ -0,0 +1,20 @@ +xmss_hash.c: In function ‘core_hash_SHA2’: +xmss_hash.c:56:5: error: implicit declaration of function ‘SHA256’ [-Wimplicit-function-declaration] + 56 | SHA256(buf, inlen + keylen + n, out); + | ^~ +xmss_hash.c:61:7: error: implicit declaration of function ‘SHA512’ [-Wimplicit-function-declaration] + 61 | SHA512(buf, inlen + keylen + n, out); + | ^~ + +diff --git a/xmss_hash.c b/xmss_hash.c +index 70c126ae2..cb17de2af 100644 +--- a/xmss_hash.c b/xmss_hash.c +@@ -12,6 +12,7 @@ Public domain. + #include "xmss_hash_address.h" + #include "xmss_commons.h" + #include "xmss_hash.h" ++#include + + #include + #ifdef HAVE_STDINT_H diff --git a/net-misc/openssh/openssh-9.6_p1-r4.ebuild b/net-misc/openssh/openssh-9.6_p1-r4.ebuild new file mode 100644 index ..8d611b8b20b5 --- /dev/null +++ b/net-misc/openssh/openssh-9.6_p1-r4.ebuild @@ -0,0 +1,390 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc +inherit user-info flag-o-matic autotools optfeature pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND=" + ${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND=" + ${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) +" +BDEPEND=" + dev-build/autoconf + virtual/pkgconfig + verify-sig? ( sec-keys/openpgp-keys-openssh ) +" + +PATCHES=( + "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" + "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" + "${FILESDIR}/${PN}-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch" + "${FILESDIR}/${PN}-9.6_p1-fix-xmss-c99.patch" +) + +pkg_pretend() { + local i enabled_eol_flags disabled_eol_flags + for i in hpn sctp X509; do + if has_version "net-misc/openssh[${i}]"; then + enabled_eol_flags+="${i}," +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: 66ae04542020bb05d1cf96ab4bd40fbc721fcbda Author: David Seifert gentoo org> AuthorDate: Fri May 17 14:53:31 2024 + Commit: David Seifert gentoo org> CommitDate: Fri May 17 14:53:31 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66ae0454 net-misc/openssh: remove useless patch Patch has long been upstreamed: - https://github.com/openssh/openssh-portable/pull/148 - https://github.com/openssh/openssh-portable/commit/3ef92a657444f172b61f92d5da66d94fa8265602 Signed-off-by: David Seifert gentoo.org> ...y-shmget-shmat-shmdt-in-preauth-privsep-child.patch | 18 -- net-misc/openssh/openssh-9.6_p1-r3.ebuild | 1 - net-misc/openssh/openssh-9.7_p1-r2.ebuild | 1 - 3 files changed, 20 deletions(-) diff --git a/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch b/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch deleted file mode 100644 index 7e9334a781d2.. --- a/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch +++ /dev/null @@ -1,18 +0,0 @@ a/sandbox-seccomp-filter.c -+++ b/sandbox-seccomp-filter.c -@@ -257,6 +257,15 @@ static const struct sock_filter preauth_insns[] = { - #ifdef __NR_statx - SC_DENY(__NR_statx, EACCES), - #endif -+#ifdef __NR_shmget -+ SC_DENY(__NR_shmget, EACCES), -+#endif -+#ifdef __NR_shmat -+ SC_DENY(__NR_shmat, EACCES), -+#endif -+#ifdef __NR_shmdt -+ SC_DENY(__NR_shmdt, EACCES), -+#endif - - /* Syscalls to permit */ - #ifdef __NR_brk diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 8156cd96d1b4..c944856ebe5b 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -78,7 +78,6 @@ BDEPEND=" PATCHES=( "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" "${FILESDIR}/${PN}-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch" ) diff --git a/net-misc/openssh/openssh-9.7_p1-r2.ebuild b/net-misc/openssh/openssh-9.7_p1-r2.ebuild index 3b0c7f2125a0..ce9e1d1a47c2 100644 --- a/net-misc/openssh/openssh-9.7_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r2.ebuild @@ -76,7 +76,6 @@ BDEPEND=" " PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" "${FILESDIR}/${PN}-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch" )
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/files/
commit: e72afe2da1a4936ca807afe37799f8442e569c7c Author: Michael Mair-Keimberger levelnine at> AuthorDate: Thu Apr 18 18:14:24 2024 + Commit: Conrad Kostecki gentoo org> CommitDate: Thu Apr 18 19:31:48 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e72afe2d net-misc/openssh-contrib: remove unused patch Signed-off-by: Michael Mair-Keimberger levelnine.at> Signed-off-by: Conrad Kostecki gentoo.org> .../openssh-contrib/files/openssh-8.6_p1-hpn-version.patch | 13 - 1 file changed, 13 deletions(-) diff --git a/net-misc/openssh-contrib/files/openssh-8.6_p1-hpn-version.patch b/net-misc/openssh-contrib/files/openssh-8.6_p1-hpn-version.patch deleted file mode 100644 index 6dc290d6737b.. --- a/net-misc/openssh-contrib/files/openssh-8.6_p1-hpn-version.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/kex.c b/kex.c -index 34808b5c..88d7ccac 100644 a/kex.c -+++ b/kex.c -@@ -1205,7 +1205,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, - if (version_addendum != NULL && *version_addendum == '\0') - version_addendum = NULL; - if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", -- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, -+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, - version_addendum == NULL ? "" : " ", - version_addendum == NULL ? "" : version_addendum)) != 0) { - oerrno = errno;
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: f15611bcae75a78d88cedb30a1eac5d2a7d0404d Author: Sam James gentoo org> AuthorDate: Mon Apr 15 07:30:53 2024 + Commit: Sam James gentoo org> CommitDate: Mon Apr 15 07:38:03 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f15611bc net-misc/openssh: drop 9.6_p1-r1, 9.6_p1-r2 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r1.ebuild | 396 - net-misc/openssh/openssh-9.6_p1-r2.ebuild | 397 -- 2 files changed, 793 deletions(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r1.ebuild b/net-misc/openssh/openssh-9.6_p1-r1.ebuild deleted file mode 100644 index 9e122cab62d8.. --- a/net-misc/openssh/openssh-9.6_p1-r1.ebuild +++ /dev/null @@ -1,396 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_} - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="https://www.openssh.com/; -SRC_URI=" - mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) -" -S="${WORKDIR}/${PARCH}" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -# Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - ldns? ( ssl ) - pie? ( !static ) - static? ( !kerberos !pam ) - xmss? ( ssl ) - test? ( ssl ) -" - -# tests currently fail with XMSS -REQUIRED_USE+="test? ( !xmss )" - -LIB_DEPEND=" - audit? ( sys-process/audit[static-libs(+)] ) - ldns? ( - net-libs/ldns[static-libs(+)] - net-libs/ldns[ecdsa(+),ssl(+)] - ) - libedit? ( dev-libs/libedit:=[static-libs(+)] ) - security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) - ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) - virtual/libcrypt:=[static-libs(+)] - >=sys-libs/zlib-1.2.3:=[static-libs(+)] -" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam ) - kerberos? ( virtual/krb5 ) -" -DEPEND=" - ${RDEPEND} - virtual/os-headers - kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) - static? ( ${LIB_DEPEND} ) -" -RDEPEND=" - ${RDEPEND} - !net-misc/openssh-contrib - pam? ( >=sys-auth/pambase-20081028 ) - !prefix? ( sys-apps/shadow ) - X? ( x11-apps/xauth ) -" -# Weird dep construct for newer gcc-config for bug #872416 -BDEPEND=" - dev-build/autoconf - virtual/pkgconfig - || ( - >=sys-devel/gcc-config-2.6 - >=sys-devel/clang-toolchain-symlinks-14-r1:14 - >=sys-devel/clang-toolchain-symlinks-15-r1:15 - >=sys-devel/clang-toolchain-symlinks-16-r1:* - ) - verify-sig? ( sec-keys/openpgp-keys-openssh ) -" - -PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" -) - -pkg_pretend() { - local i enabled_eol_flags disabled_eol_flags - for i in hpn sctp X509; do - if has_version "net-misc/openssh[${i}]"; then - enabled_eol_flags+="${i}," - disabled_eol_flags+="-${i}," - fi - done - - if [[ -n ${enabled_eol_flags} && ${OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING} != yes ]]; then - # Skip for binary packages entirely because of environment saving, bug #907892 - [[ ${MERGE_TYPE} == binary ]] && return - - ewarn "net-misc/openssh does not support USE='${enabled_eol_flags%,}' anymore." - ewarn "The Base system team *STRONGLY* recommends you not rely on this functionality," - ewarn "since these USE flags required third-party patches that often trigger bugs" - ewarn "and are of questionable provenance." - ewarn - ewarn "If you must continue relying on this functionality, switch to" - ewarn "net-misc/openssh-contrib. You will have to remove net-misc/openssh from your" - ewarn "world file first: 'emerge --deselect
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 4e55535c1e0c49190c257e359a8e3c0c94f18fa4 Author: Patrick McLean gentoo org> AuthorDate: Mon Mar 25 21:29:19 2024 + Commit: Patrick McLean gentoo org> CommitDate: Mon Mar 25 21:29:46 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e55535c net-misc/openssh-contrib: Revbump, sync with openssh, remove old Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 6 - .../openssh-contrib/openssh-contrib-9.5_p1.ebuild | 505 - ..._p1.ebuild => openssh-contrib-9.7_p1-r1.ebuild} | 129 -- 3 files changed, 80 insertions(+), 560 deletions(-) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index 3ae3fc930cdf..42cd209f7e0e 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -1,11 +1,5 @@ DIST openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff 51428 BLAKE2B 370b88a7da7f148bf5a4d445f05cf593b486e9df53bba027e2e179726f534b68cf9d94edd6e53024e0b6ff5f20e568727bc9d26c94d0d415603602a80d3ad241 SHA512 2d8d887901164b33b2799ff3ec72e86a39ae4a1696e52bcee0872dbae7772fcc534351e6e7f87126ee71b164c74e9091350f14b782f4b242a09f09b4f50d047a DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e82d5dc5ac98365a038b2a66fe58d01eae5b20c258b94b5830e799d6909e75c69753cda05a910f3bdab9606fb7d5efa68e05f1 SHA512 c4a56fab55fabd1d902d45f235b603708d43f969920e45c9a57e557dccfa9cade2ec61f26d1ace938f6f73e79f17b12f119b5aea9166cbda8e3435b910500914 -DIST openssh-9.3_p2-hpn-15.2-glue.patch.xz 4728 BLAKE2B 9e3c04a289d0a94b03b871027f4f8476e3981602f5a2d9ac8a8602e08d01248a72c48126ff53a174c8dc95f6bd8608ba75bbc74f5eb427e4ecbe7c7794c7c200 SHA512 bb42d001f89b8eb3a5af813d4c526548e13467deeb2811384b473e61c86e6e766aabb9652867953c0f979533ea7045c424298f11df4faf05e43fb8b1f439 -DIST openssh-9.5_p1-X509-glue-14.3.patch.xz 788 BLAKE2B 641c9936639a7629f6ae82d56f48b9dd39e58087024fe04259e2be5aef3b484a3f8ba6c91e603dd4f80d03c92490ee85cbaccff1e40e4f7ee1064c4a1ac9f191 SHA512 8f9255e3f8a682d7c82125a6064cdd8a80616e4b699a4c101515f15af7185a6b0b98efa246e0ed97a278f377ea616daf2dd98d0dc479c24d1ac3a76c12cd97ec -DIST openssh-9.5_p1-hpn-15.2-X509-14.3-glue.patch.xz 5132 BLAKE2B 82a30622e67fab233591f6b30c634f2f8383eda77de163b6139ca9892c0485d8f174901e5e6788f6c911e0859e563ac6a9022e99099507f76a59908770474e78 SHA512 697b2ce1b2b0aa1bcf95b76b3bc79de7d8793a3c2975bc3bfb23a64fd3a9133df9fd0831848f9388b21f7f1fd597824b221d45b9380ee26beb60040596386d61 -DIST openssh-9.5p1+x509-14.3.diff.gz 1224337 BLAKE2B f695711eeab6b40a8660ac897961068738cb5941c799243888d5a90f56cf4b308803dd88d3d97d7932a72b82ebc269e20c7d142076fb3b03def1245491da0497 SHA512 a7798e2a40a81df882911c485fa240584713135df59c6dab720597b6ef60ecfac85ebd595983d7c5ce8625b758eeb777fe1462845976a2674cad339dadc0719a -DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca090e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c -DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 DIST openssh-9.6_p1-X509-glue-14.4.2.patch.xz 1516 BLAKE2B 49f1d100e1b84f051aee599547562bab17b313d097b9b16b7c3ad94fb76e31b04fc101b1824f011507033e9c5744ee0207cb751865576f92501bc442076afe8b SHA512 a09bd2ed9b9d0edfa691c2f99699261c17c9441e188ba870c1f2ceff28817af979a29a7b5c1bbfe9fbeb343241cc00b232099791cc30d665700fcbebdae07139 DIST openssh-9.6_p1-hpn-15.2-X509-14.4.2-glue.patch.xz 5472 BLAKE2B a92ca0746cd48b1580e0a73dcae5d6e141988d3239d09a2f07de376833d14ca2434185b5fdb444fb6821da9ff75ce0c63c86404299e977d3c86050d3a116fc47 SHA512 2690f158bf1f5d1512f80c9c8d86006339a461a0bf229e41c62b75d28a9b45cb5392680fbb633415c27c3abfaa1906c170cd1d18679a2be81a1367361fd98afa DIST openssh-9.6_p1-hpn-15.2-glue.patch.xz 5028 BLAKE2B 74970dc9f244eea2e35270c9abe67bdf0f05a3ddb33ffe6ce54056ade3fbec2abe9cb60e92ea889b01be7429dfd754f2986b175cdb014aab721421e1a4952c87 SHA512 1edafed18b1fd5d64844a3d121aacbf38dcde2b90adc9b4533f3192f1335365736e9cfd82f7c847980c9b1c1b72ee39470b38d6758b3a8f5ed59796d5005492b diff --git a/net-misc/openssh-contrib/openssh-contrib-9.5_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.5_p1.ebuild deleted file mode 100644 index ea41cbbeb21c.. --- a/net-misc/openssh-contrib/openssh-contrib-9.5_p1.ebuild +++ /dev/null @@ -1,505 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -#
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: ca472a48734faa1fe2431bfed39f642328bba7d7 Author: Mike Gilbert gentoo org> AuthorDate: Mon Mar 25 17:27:42 2024 + Commit: Mike Gilbert gentoo org> CommitDate: Mon Mar 25 17:27:42 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca472a48 net-misc/openssh: restore /etc/ssh/ssh_revoked_hosts Signed-off-by: Mike Gilbert gentoo.org> net-misc/openssh/{openssh-9.7_p1-r1.ebuild => openssh-9.7_p1-r2.ebuild} | 1 + 1 file changed, 1 insertion(+) diff --git a/net-misc/openssh/openssh-9.7_p1-r1.ebuild b/net-misc/openssh/openssh-9.7_p1-r2.ebuild similarity index 99% rename from net-misc/openssh/openssh-9.7_p1-r1.ebuild rename to net-misc/openssh/openssh-9.7_p1-r2.ebuild index 9e06935f6fcd..3b0c7f2125a0 100644 --- a/net-misc/openssh/openssh-9.7_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r2.ebuild @@ -332,6 +332,7 @@ src_install() { insopts -m0644 insinto /etc/ssh doins -r "${WORKDIR}"/etc/ssh/ssh_config.d + doins "${WORKDIR}"/etc/ssh/ssh_revoked_hosts diropts -m0700 insopts -m0600 doins -r "${WORKDIR}"/etc/ssh/sshd_config.d
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 354fa3a7f9bf93c9dd059380a1faa94522d81020 Author: Mike Gilbert gentoo org> AuthorDate: Mon Mar 25 15:54:57 2024 + Commit: Mike Gilbert gentoo org> CommitDate: Mon Mar 25 15:54:57 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=354fa3a7 net-misc/openssh: simplify mkdir expression Signed-off-by: Mike Gilbert gentoo.org> net-misc/openssh/openssh-9.7_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.7_p1-r1.ebuild b/net-misc/openssh/openssh-9.7_p1-r1.ebuild index 1271f7f5f29d..9e06935f6fcd 100644 --- a/net-misc/openssh/openssh-9.7_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r1.ebuild @@ -239,7 +239,7 @@ create_config_dropins() { LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE ) - mkdir -p "${WORKDIR}"/etc/ssh/{ssh_config.d,sshd_config.d} || die + mkdir -p "${WORKDIR}"/etc/ssh/ssh{,d}_config.d || die cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_config.d/999gentoo.conf || die # Send locale environment variables (bug #367017)
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 45cae2a8e7232df17ae461f2eacf3d991599b68a Author: Mike Gilbert gentoo org> AuthorDate: Mon Mar 25 15:49:58 2024 + Commit: Mike Gilbert gentoo org> CommitDate: Mon Mar 25 15:50:38 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=45cae2a8 net-misc/openssh: drop empty line Signed-off-by: Mike Gilbert gentoo.org> net-misc/openssh/openssh-9.7_p1-r1.ebuild | 1 - 1 file changed, 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.7_p1-r1.ebuild b/net-misc/openssh/openssh-9.7_p1-r1.ebuild index d6e80b9337aa..1271f7f5f29d 100644 --- a/net-misc/openssh/openssh-9.7_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r1.ebuild @@ -307,7 +307,6 @@ src_test() { emake -j1 "${tests[@]}"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: b6150ddac2b5cf1d8d1421afeaa1a9c3e9615d9e Author: Mike Gilbert gentoo org> AuthorDate: Mon Mar 25 15:26:12 2024 + Commit: Mike Gilbert gentoo org> CommitDate: Mon Mar 25 15:26:12 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6150dda net-misc/openssh: fix install mode for config dropins Closes: https://bugs.gentoo.org/906639 Closes: https://bugs.gentoo.org/915840 Signed-off-by: Mike Gilbert gentoo.org> ...nssh-9.7_p1.ebuild => openssh-9.7_p1-r1.ebuild} | 78 +- 1 file changed, 48 insertions(+), 30 deletions(-) diff --git a/net-misc/openssh/openssh-9.7_p1.ebuild b/net-misc/openssh/openssh-9.7_p1-r1.ebuild similarity index 93% rename from net-misc/openssh/openssh-9.7_p1.ebuild rename to net-misc/openssh/openssh-9.7_p1-r1.ebuild index 9508c8162da3..fdead7192a13 100644 --- a/net-misc/openssh/openssh-9.7_p1.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r1.ebuild @@ -217,24 +217,18 @@ src_configure() { econf "${myconf[@]}" } -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi +tweak_ssh_configs() { + cat <<-EOF >> ssh_config.out || die - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" > sshd_config.out || die + + Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" + EOF } -# Gentoo tweaks to default config files. -tweak_ssh_configs() { +create_config_dropins() { local locale_vars=( # These are language variables that POSIX defines. # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 @@ -245,15 +239,9 @@ tweak_ssh_configs() { LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE ) - dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die - Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" - EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die - Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" - EOF + mkdir -p "${WORKDIR}"/etc/ssh/{ssh_config.d,sshd_config.d} || die - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/999gentoo.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_config.d/999gentoo.conf || die # Send locale environment variables (bug #367017) SendEnv ${locale_vars[*]} @@ -261,16 +249,16 @@ tweak_ssh_configs() { SendEnv COLORTERM EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/999gentoo-security.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_config.d/999gentoo-security.conf || die RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_revoked_hosts || die # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ ssh-rsa B3NzaC1yc2EBIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/sshd_config.d/999gentoo.conf || die # Allow client to pass locale environment variables (bug #367017) AcceptEnv ${locale_vars[*]} @@ -279,7 +267,7 @@ tweak_ssh_configs() { EOF if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo-pam.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/sshd_config.d/999gentoo-pam.conf || die UsePAM yes # This interferes with PAM. PasswordAuthentication no @@ -290,13 +278,36 @@ tweak_ssh_configs() { fi if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo-livecd.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/sshd_config.d/999gentoo-livecd.conf || die # Allow root login with password on livecds. PermitRootLogin Yes EOF fi } +src_compile() { + default + tweak_ssh_configs + create_config_dropins +} + +src_test() { + local tests=(
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: aba49bdba12513527a8fe97b6713a32ad13abfcc Author: Mike Gilbert gentoo org> AuthorDate: Mon Mar 25 15:27:17 2024 + Commit: Mike Gilbert gentoo org> CommitDate: Mon Mar 25 15:27:17 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aba49bdb net-misc/openssh: do no create empty /etc/skel/.ssh Portage refuses to install empty directories. Signed-off-by: Mike Gilbert gentoo.org> net-misc/openssh/openssh-9.7_p1-r1.ebuild | 2 -- 1 file changed, 2 deletions(-) diff --git a/net-misc/openssh/openssh-9.7_p1-r1.ebuild b/net-misc/openssh/openssh-9.7_p1-r1.ebuild index fdead7192a13..d6e80b9337aa 100644 --- a/net-misc/openssh/openssh-9.7_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r1.ebuild @@ -322,8 +322,6 @@ src_install() { doman contrib/ssh-copy-id.1 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - diropts -m 0700 - dodir /etc/skel/.ssh rmdir "${ED}"/var/empty || die systemd_dounit "${FILESDIR}"/sshd.socket
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/files/, net-misc/openssh-contrib/
commit: 78b678bf06efe43d591f3766b4e59ffb1400a864 Author: Patrick McLean gentoo org> AuthorDate: Thu Mar 21 22:36:43 2024 + Commit: Patrick McLean gentoo org> CommitDate: Thu Mar 21 22:36:43 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78b678bf net-misc/openssh-contrib: add 9.7_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 5 + ..._NORESERVE-in-sandbox-seccomp-filter-maps.patch | 44 ++ .../openssh-contrib/openssh-contrib-9.7_p1.ebuild | 499 + 3 files changed, 548 insertions(+) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index d100d8f8abdc..3ae3fc930cdf 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -12,3 +12,8 @@ DIST openssh-9.6_p1-hpn-15.2-glue.patch.xz 5028 BLAKE2B 74970dc9f244eea2e35270c9 DIST openssh-9.6p1+x509-14.4.2.diff.gz 1243845 BLAKE2B 19ed0e174d06f4722b0f244e2c41098422fec88372d77e7c64bed2c00f4d4842b8f517d3f49958febd7a640f0582497fcaf64774fd0a04fbdc8c06b7f0ce5311 SHA512 247a088bbe7fe2bced0ec6e7f3d1fc34c3b81ce43ade9312a769c4495c7adf60d8a9ad2afb25e52fdea2f60888330de05375fbe24cd5b86a2f173e160ddb7bb8 DIST openssh-9.6p1.tar.gz 1857862 BLAKE2B dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd SHA512 0ebf81e39914c3a90da001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 DIST openssh-9.6p1.tar.gz.asc 833 BLAKE2B 9363d02f85457aa90069020827306a2f49d8406e32f5ee1d231844648dd2ffa02fa9b7325b8677a11e46a0ba0d9ffc86d9c989435d691a02f5354a956c49f9f9 SHA512 aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d +DIST openssh-9.7_p1-X509-glue-15.0.patch.xz 1532 BLAKE2B ff2c5ca97607da84345342bec31435304780503d4f066bf181407c85981d8e73b622ca1107b303d0cf7bc61a262f6e8f38d5372a60d8389b8caf671cfa55b94b SHA512 48ec8e54e6e670ee2d2783fb38befd4101869cc7fc1a4e7b72058034a716170da62cae7e94a48acb575a1cec2604d5c02da629fbe482b7dbc5e28cf4d7ef7c01 +DIST openssh-9.7_p1-hpn-15.2-X509-15.0-glue.patch.xz 5472 BLAKE2B 6ebbc66354d3af3c204f0c2f11d8b3d4e5c842b38b82263d21659cebcceaaa6502c04bb5e06c4200b9aef9d267b61e33f94001efe30f8e57760d43df5292 SHA512 e90ceda65ccfc80c4dec580b6e64f3bd889443d6e7d627dc4fca4900776621d33f3da0856998a63560f195b1ed98e47c4401e40d6840518ee1ccb8ea150f21fe +DIST openssh-9.7p1+x509-15.0.diff.gz 1239003 BLAKE2B 98f6a6d531a9afb70d6f34dcd6609115e017d4b1738a0683dbabf66aba02382cf727db4fb07fd2a62534aa87318982e9d1c41991fdbf7cc3e6593d376ad08208 SHA512 c141bddd73fb78a8f0c92bbed6900bab6617768fc124c10ec4ea70491e1b545bbd962fa35ee5efd134a9851a1b807a5b8bae8e46585cf87a60e0311b49de3226 +DIST openssh-9.7p1.tar.gz 1848766 BLAKE2B 520859fcbdf678808fc8515b64585ab9a90a8055fa869df6fbba3083cb7f73ddb81ed9ea981e131520736a8aed838f85ae68ca63406a410df61039913c5cb48b SHA512 0cafc17d22851605a4a5495a1d82c2b3fbbe6643760aad226dbf2a25b5f49d4375c3172833706ea3cb6c05d5d02a40feb9a7e790eae5c4570dd344a43e94ca55 +DIST openssh-9.7p1.tar.gz.asc 833 BLAKE2B a95e952be48bd55a07d0a95a49dc06c326816c67b8b5d40bd3f64c28aa43122253817b8a088e7a3b8a190375ea39f9fc3400b22d035561f9643c1d32b5caef27 SHA512 e028978e4266de9ad513626b13d70249e4166923fc15f38751178e2b3522ff6ebb9a7ca7dc32d1bb42d42fb92adf9903dba1b734bec083010ed7323aadad8baf diff --git a/net-misc/openssh-contrib/files/openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch b/net-misc/openssh-contrib/files/openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch new file mode 100644 index ..379a3981d7ea --- /dev/null +++ b/net-misc/openssh-contrib/files/openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch @@ -0,0 +1,44 @@ +From 45b491ce13fcf7dbc0b3bd6df986c9cf59190721 Mon Sep 17 00:00:00 2001 +From: Jordan R Abrahams-Whitehead +Date: Tue, 12 Dec 2023 22:54:02 + +Subject: [PATCH] Allow MAP_NORESERVE in sandbox seccomp filter maps + +While debugging Scudo on ChromeOS, we found that the no reserve mode +immediately crashed `sshd`. We tracked it down to the +sandbox-seccomp-filter. + +Being able to mmap with MAP_NORESERVE is useful (if not necessary) for +some overcommitting allocators. + +During mmap calls, the flag MAP_NORESERVE is used by some allocators +such as LLVM's Scudo for layout optimisation. This causes the sandbox +seccomp filter for the client subprocess to die with some Scudo +configurations. + +Upstream patch submission: +https://lists.mindrot.org/pipermail/openssh-unix-dev/2023-December/041095.html +--- + sandbox-seccomp-filter.c | 6 -- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 23b40b643..a49c5ca99 100644 +--- a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +@@ -190,9 +190,11 @@ + + #if
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 6fc56ec893c7b291955dd16f8c810b1b130cf829 Author: Rolf Eike Beer sf-mail de> AuthorDate: Thu Mar 14 14:49:57 2024 + Commit: Sam James gentoo org> CommitDate: Fri Mar 15 19:24:47 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fc56ec8 net-misc/openssh: stable 9.6_p1-r3 for sparc, bug #926795 Signed-off-by: Rolf Eike Beer sf-mail.de> Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 601da1ec3197..7b90a635135b 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 313d8690c230c5f0ac992b123d8e118ab71f4549 Author: Sam James gentoo org> AuthorDate: Tue Mar 12 08:05:21 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 08:05:21 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=313d8690 net-misc/openssh: Stabilize 9.6_p1-r3 amd64, #926795 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 6e6007085d34..4fd7758a146a 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 1a2528b416189a2d9701e0ee4c1bcc022a392fbc Author: Sam James gentoo org> AuthorDate: Tue Mar 12 08:05:22 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 08:05:22 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a2528b4 net-misc/openssh: Stabilize 9.6_p1-r3 x86, #926795 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 4fd7758a146a..601da1ec3197 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: b4373a6855b387313751e36fe5de0233e068d769 Author: Sam James gentoo org> AuthorDate: Tue Mar 12 06:53:04 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 06:53:09 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4373a68 net-misc/openssh: Stabilize 9.6_p1-r3 ppc64, #926795 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 1689d3e4ad4f..0f5037bc13ac 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 08074a32991c8a7cb82f97793fcde5ab875e4d18 Author: Sam James gentoo org> AuthorDate: Tue Mar 12 06:53:03 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 06:53:08 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08074a32 net-misc/openssh: Stabilize 9.6_p1-r3 arm, #926795 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 268e55923115..1689d3e4ad4f 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: f67efe83e0a57c7aec29136213a386b739b35fd8 Author: Sam James gentoo org> AuthorDate: Tue Mar 12 06:53:01 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 06:53:07 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f67efe83 net-misc/openssh: Stabilize 9.6_p1-r3 ppc, #926795 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index e336bd18281e..268e55923115 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 617d2f2dfd26a7c56965422bdf0911460eb424d7 Author: Sam James gentoo org> AuthorDate: Tue Mar 12 06:53:05 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 06:53:09 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=617d2f2d net-misc/openssh: Stabilize 9.6_p1-r3 arm64, #926795 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 0f5037bc13ac..6e6007085d34 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 98960014f9f93bbb7f696b3bd51c6ab119d0997a Author: Sam James gentoo org> AuthorDate: Tue Mar 12 03:47:19 2024 + Commit: Sam James gentoo org> CommitDate: Tue Mar 12 03:47:19 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98960014 net-misc/openssh: add 9.7_p1 Signed-off-by: Sam James gentoo.org> net-misc/openssh/Manifest | 2 + net-misc/openssh/openssh-9.7_p1.ebuild | 388 + 2 files changed, 390 insertions(+) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index bbc5cf33ad57..363bef164ad2 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,2 +1,4 @@ DIST openssh-9.6p1.tar.gz 1857862 BLAKE2B dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd SHA512 0ebf81e39914c3a90da001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 DIST openssh-9.6p1.tar.gz.asc 833 BLAKE2B 9363d02f85457aa90069020827306a2f49d8406e32f5ee1d231844648dd2ffa02fa9b7325b8677a11e46a0ba0d9ffc86d9c989435d691a02f5354a956c49f9f9 SHA512 aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d +DIST openssh-9.7p1.tar.gz 1848766 BLAKE2B 520859fcbdf678808fc8515b64585ab9a90a8055fa869df6fbba3083cb7f73ddb81ed9ea981e131520736a8aed838f85ae68ca63406a410df61039913c5cb48b SHA512 0cafc17d22851605a4a5495a1d82c2b3fbbe6643760aad226dbf2a25b5f49d4375c3172833706ea3cb6c05d5d02a40feb9a7e790eae5c4570dd344a43e94ca55 +DIST openssh-9.7p1.tar.gz.asc 833 BLAKE2B a95e952be48bd55a07d0a95a49dc06c326816c67b8b5d40bd3f64c28aa43122253817b8a088e7a3b8a190375ea39f9fc3400b22d035561f9643c1d32b5caef27 SHA512 e028978e4266de9ad513626b13d70249e4166923fc15f38751178e2b3522ff6ebb9a7ca7dc32d1bb42d42fb92adf9903dba1b734bec083010ed7323aadad8baf diff --git a/net-misc/openssh/openssh-9.7_p1.ebuild b/net-misc/openssh/openssh-9.7_p1.ebuild new file mode 100644 index ..9508c8162da3 --- /dev/null +++ b/net-misc/openssh/openssh-9.7_p1.ebuild @@ -0,0 +1,388 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc +inherit user-info flag-o-matic autotools optfeature pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND=" + ${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND=" + ${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) +" +BDEPEND=" + dev-build/autoconf + virtual/pkgconfig + verify-sig? ( sec-keys/openpgp-keys-openssh ) +" + +PATCHES=( + "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" + "${FILESDIR}/${PN}-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch" +) + +pkg_pretend() { + local i enabled_eol_flags disabled_eol_flags + for i in hpn sctp X509; do + if has_version "net-misc/openssh[${i}]"; then +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 9930542f8c659d729750b6abf2bfb81dcab40cee Author: Sam James gentoo org> AuthorDate: Mon Feb 19 06:17:02 2024 + Commit: Sam James gentoo org> CommitDate: Mon Feb 19 06:17:11 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9930542f net-misc/openssh: drop old gcc-config workaround This shouldn't be needed anymore since 0b22d07f89b16ac3400e45077702ac4c4492e5a4 anyway. Bug: https://bugs.gentoo.org/872416 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 7 --- 1 file changed, 7 deletions(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 3876e99bb31c..e336bd18281e 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -69,16 +69,9 @@ RDEPEND=" pam? ( >=sys-auth/pambase-20081028 ) !prefix? ( sys-apps/shadow ) " -# Weird dep construct for newer gcc-config for bug #872416 BDEPEND=" dev-build/autoconf virtual/pkgconfig - || ( - >=sys-devel/gcc-config-2.6 - >=sys-devel/clang-toolchain-symlinks-14-r1:14 - >=sys-devel/clang-toolchain-symlinks-15-r1:15 - >=sys-devel/clang-toolchain-symlinks-16-r1:* - ) verify-sig? ( sec-keys/openpgp-keys-openssh ) "
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 1b305efd9c1f5c34528aa0022e47b04f758bcd2f Author: Eli Schwartz gmail com> AuthorDate: Mon Feb 19 05:28:30 2024 + Commit: Sam James gentoo org> CommitDate: Mon Feb 19 06:16:02 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1b305efd net-misc/openssh: remove pointless USE=X It was originally added in 2006 with the following rationale: > Since with our new stable modular X, all we need to do X11-forwarding > via SSH is to have x11-apps/xauth (and dependencies) installed, it would > be handy to have this as an RDEPEND in the ebuilds. In order to keep > most entirely-non-X servers happy, it should probably be turned on only > with a USE flag, say 'X'. > This is entirely unnecessary for the building of openssh, but would > provide a straight-foward way of letting users know what to do if they > want to enable x11-forwarding w/o having xorg-x11 installed, and without > having to debug their ssh -X session or delve deeply into documentation. It is the textbook rationale for optfeature. However, in 2006, optfeature didn't exist -- it was added in 2014 through bug 498988. (And of course the real solution is GLEP 62 "IUSE_RUNTIME".) It is now 2024 and enabling/disabling USE=X still causes openssh to pointlessly recompile and rebuild itself, invalidating binhosts in the process. Bug: https://bugs.gentoo.org/139235 Signed-off-by: Eli Schwartz gmail.com> Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 399 ++ 1 file changed, 399 insertions(+) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild new file mode 100644 index ..164c30ecc6c8 --- /dev/null +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -0,0 +1,399 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc +inherit user-info flag-o-matic autotools optfeature pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND=" + ${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND=" + ${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) +" +# Weird dep construct for newer gcc-config for bug #872416 +BDEPEND=" + dev-build/autoconf + virtual/pkgconfig + || ( + >=sys-devel/gcc-config-2.6 + >=sys-devel/clang-toolchain-symlinks-14-r1:14 + >=sys-devel/clang-toolchain-symlinks-15-r1:15 + >=sys-devel/clang-toolchain-symlinks-16-r1:* + ) + verify-sig? ( sec-keys/openpgp-keys-openssh ) +" + +PATCHES=( + "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" + "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" + "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" + "${FILESDIR}/${PN}-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch" +) + +pkg_pretend() { + local i enabled_eol_flags disabled_eol_flags + for i in hpn sctp X509; do +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: e6268410df9427a59a9a4f08a0a10f7139f5d3a4 Author: Eli Schwartz gmail com> AuthorDate: Mon Feb 19 06:07:41 2024 + Commit: Sam James gentoo org> CommitDate: Mon Feb 19 06:16:02 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e6268410 net-misc/openssh: use an officially supported approach to overriding xauth Instead of patching out a header file, use the ./configure option dedicated for this purpose. It has the side effect of correctly sed'ing out config files / manpages with the updated location. When not explicitly passed, the builtin default is used as a fallback, but when USE=X, portage as an implementation detail guarantees that xauth will be installed before openssh is compiled. ... as long as you don't use --buildpkg. So, "probably" if you used USE=X the paths were correct, but: - this is overall a poor approach to reliability - it misses the point of also overriding the path when USE="-X" - we just removed the USE flag and the RDEPEND Signed-off-by: Eli Schwartz gmail.com> Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 164c30ecc6c8..3876e99bb31c 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -128,10 +128,6 @@ pkg_pretend() { } src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - # don't break .ssh/authorized_keys2 for fun sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die @@ -185,6 +181,8 @@ src_configure() { --datadir="${EPREFIX}"/usr/share/openssh --with-privsep-path="${EPREFIX}"/var/empty --with-privsep-user=sshd + # optional at runtime; guarantee a known path + --with-xauth="${EPREFIX}"/usr/bin/xauth # --with-hardening adds the following in addition to flags we # already set in our toolchain:
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/files/
commit: 0104890e0756d76bcc03443bc0f35b9833c735bd Author: Michael Mair-Keimberger levelnine at> AuthorDate: Sat Feb 17 14:35:25 2024 + Commit: David Seifert gentoo org> CommitDate: Sat Feb 17 14:35:25 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0104890e net-misc/openssh-contrib: remove unused patches Signed-off-by: Michael Mair-Keimberger levelnine.at> Signed-off-by: David Seifert gentoo.org> .../files/openssh-8.5_p1-hpn-15.2-sctp-glue.patch | 18 --- .../openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch | 13 - ...enssh-9.3_p1-openssl-version-compat-check.patch | 58 -- .../files/openssh-9.3_p2-zlib-1.3.patch| 21 4 files changed, 110 deletions(-) diff --git a/net-misc/openssh-contrib/files/openssh-8.5_p1-hpn-15.2-sctp-glue.patch b/net-misc/openssh-contrib/files/openssh-8.5_p1-hpn-15.2-sctp-glue.patch deleted file mode 100644 index 7199227589c6.. --- a/net-misc/openssh-contrib/files/openssh-8.5_p1-hpn-15.2-sctp-glue.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -u a/openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff b/openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff a/openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff2021-03-16 10:06:45.020527770 -0700 -+++ b/openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff2021-03-16 10:07:01.294423665 -0700 -@@ -1414,14 +1414,3 @@ - # Example of overriding settings on a per-user basis - #Match User anoncvs - #X11Forwarding no --diff --git a/version.h b/version.h --index 6b4fa372..332fb486 100644 - a/version.h --+++ b/version.h --@@ -3,4 +3,5 @@ -- #define SSH_VERSION "OpenSSH_8.5" -- -- #define SSH_PORTABLE "p1" ---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE --+#define SSH_HPN "-hpn15v2" --+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN diff --git a/net-misc/openssh-contrib/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch b/net-misc/openssh-contrib/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch deleted file mode 100644 index 9e08b2a553c2.. --- a/net-misc/openssh-contrib/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/gss-serv.c b/gss-serv.c -index b5d4bb2d..00e3d118 100644 a/gss-serv.c -+++ b/gss-serv.c -@@ -105,7 +105,7 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx) - gss_create_empty_oid_set(, ); - gss_add_oid_set_member(, ctx->oid, ); - -- if (gethostname(lname, MAXHOSTNAMELEN)) { -+ if (gethostname(lname, HOST_NAME_MAX)) { - gss_release_oid_set(, ); - return (-1); - } diff --git a/net-misc/openssh-contrib/files/openssh-9.3_p1-openssl-version-compat-check.patch b/net-misc/openssh-contrib/files/openssh-9.3_p1-openssl-version-compat-check.patch deleted file mode 100644 index b571ae253fff.. --- a/net-misc/openssh-contrib/files/openssh-9.3_p1-openssl-version-compat-check.patch +++ /dev/null @@ -1,58 +0,0 @@ -https://bugzilla.mindrot.org/show_bug.cgi?id=3548 a/openbsd-compat/openssl-compat.c -+++ b/openbsd-compat/openssl-compat.c -@@ -48,19 +48,25 @@ ssh_compatible_openssl(long headerver, long libver) - if (headerver == libver) - return 1; - -- /* for versions < 1.0.0, major,minor,fix,status must match */ -- if (headerver < 0x100f) { -- mask = 0xf00fL; /* major,minor,fix,status */ -- return (headerver & mask) == (libver & mask); -+ /* -+ * For versions < 3.0.0, major,minor,status must match and library -+ * fix version must be equal to or newer than the header. -+ */ -+ if (headerver < 0x300f) { -+ mask = 0xffffL; /* major,minor,status */ -+ hfix = (headerver & 0x000ff000) >> 12; -+ lfix = (libver & 0x000ff000) >> 12; -+ if ( (headerver & mask) == (libver & mask) && lfix >= hfix) -+ return 1; - } - - /* -- * For versions >= 1.0.0, major,minor,status must match and library -- * fix version must be equal to or newer than the header. -+ * For versions >= 3.0.0, major must match and minor,status must be -+ * equal to or greater than the header. -*/ -- mask = 0xfff0L; /* major,minor,status */ -- hfix = (headerver & 0x000ff000) >> 12; -- lfix = (libver & 0x000ff000) >> 12; -+ mask = 0xf00fL; /* major, status */ -+ hfix = (headerver & 0x0ff0L) >> 12; -+ lfix = (libver & 0x0ff0L) >> 12; - if ( (headerver & mask) == (libver & mask) && lfix >= hfix) - return 1; - return 0; a/openbsd-compat/regress/opensslvertest.c -+++ b/openbsd-compat/regress/opensslvertest.c -@@ -31,7 +31,7 @@ struct version_test { - { 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */ - { 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */ -
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/files/, net-misc/openssh-contrib/
commit: 1dced2a968c2d6c0011604dce4366129ffe4b816 Author: Patrick McLean gentoo org> AuthorDate: Wed Feb 7 00:20:53 2024 + Commit: Patrick McLean gentoo org> CommitDate: Wed Feb 7 00:21:31 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1dced2a9 net-misc/openssh-contrib: add 9.6_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 6 + .../files/openssh-9.6_p1-hpn-version.patch | 13 + .../openssh-contrib/openssh-contrib-9.6_p1.ebuild | 504 + 3 files changed, 523 insertions(+) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index 4474bb040ac6..18e3a686869b 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -23,3 +23,9 @@ DIST openssh-9.5_p1-hpn-15.2-X509-14.3-glue.patch.xz 5132 BLAKE2B 82a30622e67fab DIST openssh-9.5p1+x509-14.3.diff.gz 1224337 BLAKE2B f695711eeab6b40a8660ac897961068738cb5941c799243888d5a90f56cf4b308803dd88d3d97d7932a72b82ebc269e20c7d142076fb3b03def1245491da0497 SHA512 a7798e2a40a81df882911c485fa240584713135df59c6dab720597b6ef60ecfac85ebd595983d7c5ce8625b758eeb777fe1462845976a2674cad339dadc0719a DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca090e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 +DIST openssh-9.6_p1-X509-glue-14.4.2.patch.xz 1516 BLAKE2B 49f1d100e1b84f051aee599547562bab17b313d097b9b16b7c3ad94fb76e31b04fc101b1824f011507033e9c5744ee0207cb751865576f92501bc442076afe8b SHA512 a09bd2ed9b9d0edfa691c2f99699261c17c9441e188ba870c1f2ceff28817af979a29a7b5c1bbfe9fbeb343241cc00b232099791cc30d665700fcbebdae07139 +DIST openssh-9.6_p1-hpn-15.2-X509-14.4.2-glue.patch.xz 5472 BLAKE2B a92ca0746cd48b1580e0a73dcae5d6e141988d3239d09a2f07de376833d14ca2434185b5fdb444fb6821da9ff75ce0c63c86404299e977d3c86050d3a116fc47 SHA512 2690f158bf1f5d1512f80c9c8d86006339a461a0bf229e41c62b75d28a9b45cb5392680fbb633415c27c3abfaa1906c170cd1d18679a2be81a1367361fd98afa +DIST openssh-9.6_p1-hpn-15.2-glue.patch.xz 5028 BLAKE2B 74970dc9f244eea2e35270c9abe67bdf0f05a3ddb33ffe6ce54056ade3fbec2abe9cb60e92ea889b01be7429dfd754f2986b175cdb014aab721421e1a4952c87 SHA512 1edafed18b1fd5d64844a3d121aacbf38dcde2b90adc9b4533f3192f1335365736e9cfd82f7c847980c9b1c1b72ee39470b38d6758b3a8f5ed59796d5005492b +DIST openssh-9.6p1+x509-14.4.2.diff.gz 1243845 BLAKE2B 19ed0e174d06f4722b0f244e2c41098422fec88372d77e7c64bed2c00f4d4842b8f517d3f49958febd7a640f0582497fcaf64774fd0a04fbdc8c06b7f0ce5311 SHA512 247a088bbe7fe2bced0ec6e7f3d1fc34c3b81ce43ade9312a769c4495c7adf60d8a9ad2afb25e52fdea2f60888330de05375fbe24cd5b86a2f173e160ddb7bb8 +DIST openssh-9.6p1.tar.gz 1857862 BLAKE2B dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd SHA512 0ebf81e39914c3a90da001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 +DIST openssh-9.6p1.tar.gz.asc 833 BLAKE2B 9363d02f85457aa90069020827306a2f49d8406e32f5ee1d231844648dd2ffa02fa9b7325b8677a11e46a0ba0d9ffc86d9c989435d691a02f5354a956c49f9f9 SHA512 aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d diff --git a/net-misc/openssh-contrib/files/openssh-9.6_p1-hpn-version.patch b/net-misc/openssh-contrib/files/openssh-9.6_p1-hpn-version.patch new file mode 100644 index ..95a69815b822 --- /dev/null +++ b/net-misc/openssh-contrib/files/openssh-9.6_p1-hpn-version.patch @@ -0,0 +1,13 @@ +diff --git a/kex.c b/kex.c +index 34808b5c..88d7ccac 100644 +--- a/kex.c b/kex.c +@@ -1205,7 +1205,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, + if (version_addendum != NULL && *version_addendum == '\0') + version_addendum = NULL; + if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", +- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, ++ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, + version_addendum == NULL ? "" : " ", + version_addendum == NULL ? "" : version_addendum)) != 0) { + oerrno = errno; diff --git a/net-misc/openssh-contrib/openssh-contrib-9.6_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.6_p1.ebuild new file mode 100644 index ..4f323c2a427c --- /dev/null +++ b/net-misc/openssh-contrib/openssh-contrib-9.6_p1.ebuild @@ -0,0 +1,504 @@ +#
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 35dcf6991efbdb3b23eb97f0580c9d942a173da5 Author: Patrick McLean gentoo org> AuthorDate: Wed Feb 7 00:21:23 2024 + Commit: Patrick McLean gentoo org> CommitDate: Wed Feb 7 00:21:31 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=35dcf699 net-misc/openssh-contrib: drop 9.3_p1, 9.3_p2, 9.4_p1-r1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 17 - .../openssh-contrib/openssh-contrib-9.3_p1.ebuild | 532 - .../openssh-contrib/openssh-contrib-9.3_p2.ebuild | 507 .../openssh-contrib-9.4_p1-r1.ebuild | 506 4 files changed, 1562 deletions(-) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index 18e3a686869b..d100d8f8abdc 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -1,23 +1,6 @@ -DIST openssh-8_5_P1-hpn-AES-CTR-15.2.diff 30096 BLAKE2B f0c020dd2403806c79d4c37a019996d275655b04997301e247f5c4dd7fad35d12b3b7c25afb1b078d915ef2a4ae02f736f0aec9ba2a8c56a405d7ca303bcadf7 SHA512 4c2dbf99a9b5953fdb955f700272bbaeaa025f108a8860d2190197962b849f8385327af82c4d6a3a130a7fba35a74a8ec9437d642867601acb29817c49632a8f DIST openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff 51428 BLAKE2B 370b88a7da7f148bf5a4d445f05cf593b486e9df53bba027e2e179726f534b68cf9d94edd6e53024e0b6ff5f20e568727bc9d26c94d0d415603602a80d3ad241 SHA512 2d8d887901164b33b2799ff3ec72e86a39ae4a1696e52bcee0872dbae7772fcc534351e6e7f87126ee71b164c74e9091350f14b782f4b242a09f09b4f50d047a DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e82d5dc5ac98365a038b2a66fe58d01eae5b20c258b94b5830e799d6909e75c69753cda05a910f3bdab9606fb7d5efa68e05f1 SHA512 c4a56fab55fabd1d902d45f235b603708d43f969920e45c9a57e557dccfa9cade2ec61f26d1ace938f6f73e79f17b12f119b5aea9166cbda8e3435b910500914 -DIST openssh-9.3_p1-X509-glue-14.1.1.patch.xz 936 BLAKE2B f1716ff7801a27aa2aad06f1cca2ca6988eef65fb0ddcbde483e5c9205506ca40b658f5c8c40b2625afb38ff9b56e40831eadcf751c8ee1c11f69ec559f3c147 SHA512 dace01bcf22b625cd00e18ce019b0be31b6f47f714845f3ebb98ebee41b4db0a769fa09cab63ea17536a7106ec90f2b15f87696ae49fa6f6e31bad94ae09719d -DIST openssh-9.3_p1-hpn-15.2-X509-14.1.1-glue.patch.xz 6224 BLAKE2B 47c7054648e8d795b0d9e563d8313242c917df8a3620a60cff2d77f9ae8482cec861244e0f1433f711922f0704b775b7183284960a3baa48a27b99979ad7ffa3 SHA512 728cf2586bcc9480afe71b5106e2286b925857a9e04dce79f744b36cbe3ec2844ac5b4a6bd4b64117f32ad1b04c0943b9d6f935eee826202871588ed9a167387 -DIST openssh-9.3_p1-hpn-15.2-glue.patch.xz 5044 BLAKE2B 73205bd8f702612df7cb6f29e8b353df854428974dc20d5938033157da64418317f326ab8118893dc47173cd871dc7654a3e3ed601289744560becc98729cd3f SHA512 343b77109158b9af5d8d57f4ac7968bce8277fa3b4dcaa19b76593620fbddbfa832bd76c0da52e12179fe5f391f9fef67e7af51b138ab8cc69a8a6471b6a3909 -DIST openssh-9.3_p2-X509-glue-14.1.1.patch.xz 116132 BLAKE2B 7e2b5aa4569a27943cb701dccbca8224e64130a4bce46ce8ba7978a93d3a410fe46957694475fafd51177dbbefa28fc613d9bf69aa436541b03e83dc9b9497ba SHA512 df67a40f27c8af029c3d84e44bd74115e16bfe98efc039bd1f5661c22c5ab1213c2970a80c017775e828f6c5b4e2e815eff28c745888b0dba1ef6c259943ba20 -DIST openssh-9.3_p2-hpn-15.2-X509-14.1.1-glue.patch.xz 5056 BLAKE2B aea1d9dd10abb5dd85d304fb4a415c5fb8b237dd82d8f39c092622d85b51751336f18bff5feb80e9a165e171b92f471272210d926327a649961eb640cb8b SHA512 6d384ad9b3bebc4b90550e089b6c3c8d2959880a2510bea5bd7d723dd831815929dbf67a882105f22b3dd2eef6ed82dea89343175499a57d8e0f6b56ec6abfd6 DIST openssh-9.3_p2-hpn-15.2-glue.patch.xz 4728 BLAKE2B 9e3c04a289d0a94b03b871027f4f8476e3981602f5a2d9ac8a8602e08d01248a72c48126ff53a174c8dc95f6bd8608ba75bbc74f5eb427e4ecbe7c7794c7c200 SHA512 bb42d001f89b8eb3a5af813d4c526548e13467deeb2811384b473e61c86e6e766aabb9652867953c0f979533ea7045c424298f11df4faf05e43fb8b1f439 -DIST openssh-9.3p1+x509-14.1.1.diff.gz 1221335 BLAKE2B 9203fbb6955fe44ebd7ed031245a90b8df7e149a6ad3205097ffd5d2d7655a0e6b8cd2e20d7f7216fbc6d3e8bd0a1453f3fc028f04e96c0f244ad0772a0e30ab SHA512 8a1036d680d25f99e1a24ea77a2c303e807c0f5c5323043684da9fcc9ff603f80384688935a654cc97216f84f85f00f590dc35d2ee2b1f0fb169f8b427559b2d -DIST openssh-9.3p1-sctp-1.2.patch.xz 6836 BLAKE2B d12394ecaa7eca6e0b3590cea83b71537edc3230bc5f7b2992a06a67c77247cc4156be0ba151038a5baee1c3f105f76f1917cc5aad08d1aadadfd6e56858781b SHA512 ba5af014e5b825bf4a57368416a15c6e56afd355780e4c5eab44a396c3f4276ac4d813c5c15b83f3b8edf4763855221743796c038433b292fda9417f0b274a71 -DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6676459f7422ace7a2461ab96943fbcadb478633a80f40bc098f2435722850b563714adb78b14922be53cb5753d SHA512 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 -DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: 752ca84030b7d7572d95527395e91e711fe561bb Author: Jordan R Abrahams-Whitehead google com> AuthorDate: Tue Jan 2 23:03:40 2024 + Commit: Sam James gentoo org> CommitDate: Sat Jan 20 12:43:18 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=752ca840 net-misc/openssh: Allow MAP_NORESERVE in sandbox seccomp filter maps MAP_NORESERVE is used in certain memory patterns in Scudo where we want to mmap chunks of memory without reserving swap space. We use this to avoid hitting address space limits. However, OpenSSH's client sandbox is quite restrictive on which MMAP flags are allowed (understandably so), and it currently does not allow MAP_NORESERVE to be used. This commit allows us to call MAP_NORESERVE from the client sandbox process. Upstream patch submission: https://lists.mindrot.org/pipermail/openssh-unix-dev/2023-December/041095.html Signed-off-by: Jordan R Abrahams-Whitehead google.com> Closes: https://github.com/gentoo/gentoo/pull/34610 Signed-off-by: Sam James gentoo.org> ..._NORESERVE-in-sandbox-seccomp-filter-maps.patch | 44 +++ net-misc/openssh/openssh-9.6_p1-r2.ebuild | 397 + 2 files changed, 441 insertions(+) diff --git a/net-misc/openssh/files/openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch b/net-misc/openssh/files/openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch new file mode 100644 index ..379a3981d7ea --- /dev/null +++ b/net-misc/openssh/files/openssh-9.4_p1-Allow-MAP_NORESERVE-in-sandbox-seccomp-filter-maps.patch @@ -0,0 +1,44 @@ +From 45b491ce13fcf7dbc0b3bd6df986c9cf59190721 Mon Sep 17 00:00:00 2001 +From: Jordan R Abrahams-Whitehead +Date: Tue, 12 Dec 2023 22:54:02 + +Subject: [PATCH] Allow MAP_NORESERVE in sandbox seccomp filter maps + +While debugging Scudo on ChromeOS, we found that the no reserve mode +immediately crashed `sshd`. We tracked it down to the +sandbox-seccomp-filter. + +Being able to mmap with MAP_NORESERVE is useful (if not necessary) for +some overcommitting allocators. + +During mmap calls, the flag MAP_NORESERVE is used by some allocators +such as LLVM's Scudo for layout optimisation. This causes the sandbox +seccomp filter for the client subprocess to die with some Scudo +configurations. + +Upstream patch submission: +https://lists.mindrot.org/pipermail/openssh-unix-dev/2023-December/041095.html +--- + sandbox-seccomp-filter.c | 6 -- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 23b40b643..a49c5ca99 100644 +--- a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +@@ -190,9 +190,11 @@ + + #if defined(__NR_mmap) || defined(__NR_mmap2) + # ifdef MAP_FIXED_NOREPLACE +-# define SC_MMAP_FLAGS MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED|MAP_FIXED_NOREPLACE ++# define SC_MMAP_FLAGS MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED \ ++ |MAP_NORESERVE|MAP_FIXED_NOREPLACE + # else +-# define SC_MMAP_FLAGS MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED ++# define SC_MMAP_FLAGS MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED \ ++ |MAP_NORESERVE + # endif /* MAP_FIXED_NOREPLACE */ + /* Use this for both __NR_mmap and __NR_mmap2 variants */ + # define SC_MMAP(_nr) \ +-- +2.43.0.472.g3155946c3a-goog + diff --git a/net-misc/openssh/openssh-9.6_p1-r2.ebuild b/net-misc/openssh/openssh-9.6_p1-r2.ebuild new file mode 100644 index ..dbbcd778f79e --- /dev/null +++ b/net-misc/openssh/openssh-9.6_p1-r2.ebuild @@ -0,0 +1,397 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)]
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: c0d5daf5c2e4b927127c6e92a78e870fa6ef5d61 Author: David Seifert gentoo org> AuthorDate: Wed Jan 3 09:22:16 2024 + Commit: David Seifert gentoo org> CommitDate: Wed Jan 3 09:22:16 2024 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0d5daf5 net-misc/openssh: drop 9.4_p1-r1, 9.5_p1-r2 Signed-off-by: David Seifert gentoo.org> net-misc/openssh/Manifest | 4 - .../openssh/files/openssh-9.3_p1-GSSAPI-dns.patch | 345 --- .../openssh/files/openssh-9.3_p2-zlib-1.3.patch| 21 -- net-misc/openssh/openssh-9.4_p1-r1.ebuild | 380 - net-misc/openssh/openssh-9.5_p1-r2.ebuild | 378 5 files changed, 1128 deletions(-) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index a3404a654075..bbc5cf33ad57 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,6 +1,2 @@ -DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 -DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a -DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca090e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c -DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 DIST openssh-9.6p1.tar.gz 1857862 BLAKE2B dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd SHA512 0ebf81e39914c3a90da001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 DIST openssh-9.6p1.tar.gz.asc 833 BLAKE2B 9363d02f85457aa90069020827306a2f49d8406e32f5ee1d231844648dd2ffa02fa9b7325b8677a11e46a0ba0d9ffc86d9c989435d691a02f5354a956c49f9f9 SHA512 aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d diff --git a/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch deleted file mode 100644 index cbc0ec2d9c2d.. --- a/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch +++ /dev/null @@ -1,345 +0,0 @@ a/auth.c -+++ b/auth.c -@@ -637,118 +637,6 @@ - return (); - } - --/* -- * Returns the remote DNS hostname as a string. The returned string must not -- * be freed. NB. this will usually trigger a DNS query the first time it is -- * called. -- * This function does additional checks on the hostname to mitigate some -- * attacks on based on conflation of hostnames and IP addresses. -- */ -- --static char * --remote_hostname(struct ssh *ssh) --{ -- struct sockaddr_storage from; -- socklen_t fromlen; -- struct addrinfo hints, *ai, *aitop; -- char name[NI_MAXHOST], ntop2[NI_MAXHOST]; -- const char *ntop = ssh_remote_ipaddr(ssh); -- -- /* Get IP address of client. */ -- fromlen = sizeof(from); -- memset(, 0, sizeof(from)); -- if (getpeername(ssh_packet_get_connection_in(ssh), -- (struct sockaddr *), ) == -1) { -- debug("getpeername failed: %.100s", strerror(errno)); -- return xstrdup(ntop); -- } -- -- ipv64_normalise_mapped(, ); -- if (from.ss_family == AF_INET6) -- fromlen = sizeof(struct sockaddr_in6); -- -- debug3("Trying to reverse map address %.100s.", ntop); -- /* Map the IP address to a host name. */ -- if (getnameinfo((struct sockaddr *), fromlen, name, sizeof(name), -- NULL, 0, NI_NAMEREQD) != 0) { -- /* Host name not found. Use ip address. */ -- return xstrdup(ntop); -- } -- -- /* -- * if reverse lookup result looks like a numeric hostname, -- * someone is trying to trick us by PTR record like following: -- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 -- */ -- memset(, 0, sizeof(hints)); -- hints.ai_socktype = SOCK_DGRAM; /*dummy*/ -- hints.ai_flags = AI_NUMERICHOST; -- if (getaddrinfo(name, NULL, , ) == 0) { --
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/
commit: 3bf5a85eff555d9659c70b8187737c56614f25d3 Author: Michael Mair-Keimberger levelnine at> AuthorDate: Fri Dec 29 14:11:31 2023 + Commit: Conrad Kostecki gentoo org> CommitDate: Sun Dec 31 02:37:55 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3bf5a85e net-misc/openssh: remove unused patches Signed-off-by: Michael Mair-Keimberger levelnine.at> Closes: https://github.com/gentoo/gentoo/pull/34531 Signed-off-by: Conrad Kostecki gentoo.org> .../openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch | 11 .../openssh-9.3_p1-openssl-ignore-status.patch | 17 --- ...enssh-9.3_p1-openssl-version-compat-check.patch | 58 -- 3 files changed, 86 deletions(-) diff --git a/net-misc/openssh/files/openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch b/net-misc/openssh/files/openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch deleted file mode 100644 index b50ac7c00181.. --- a/net-misc/openssh/files/openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch +++ /dev/null @@ -1,11 +0,0 @@ a/gss-serv.c -+++ b/gss-serv.c -@@ -105,7 +105,7 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx) - gss_create_empty_oid_set(, ); - gss_add_oid_set_member(, ctx->oid, ); - -- if (gethostname(lname, MAXHOSTNAMELEN)) { -+ if (gethostname(lname, HOST_NAME_MAX)) { - gss_release_oid_set(, ); - return (-1); - } diff --git a/net-misc/openssh/files/openssh-9.3_p1-openssl-ignore-status.patch b/net-misc/openssh/files/openssh-9.3_p1-openssl-ignore-status.patch deleted file mode 100644 index fa33af39b6f8.. --- a/net-misc/openssh/files/openssh-9.3_p1-openssl-ignore-status.patch +++ /dev/null @@ -1,17 +0,0 @@ -the last nibble of the openssl version represents the status. that is, -whether it is a beta or release. when it comes to version checks in -openssh, this component does not matter, so ignore it. - -https://bugzilla.mindrot.org/show_bug.cgi?id=2212 - a/openbsd-compat/openssl-compat.c -+++ b/openbsd-compat/openssl-compat.c -@@ -58,7 +58,7 @@ ssh_compatible_openssl(long headerver, long libver) -* For versions >= 1.0.0, major,minor,status must match and library -* fix version must be equal to or newer than the header. -*/ -- mask = 0xffffL; /* major,minor,status */ -+ mask = 0xfff0L; /* major,minor,status */ - hfix = (headerver & 0x000ff000) >> 12; - lfix = (libver & 0x000ff000) >> 12; - if ( (headerver & mask) == (libver & mask) && lfix >= hfix) diff --git a/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch b/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch deleted file mode 100644 index b571ae253fff.. --- a/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch +++ /dev/null @@ -1,58 +0,0 @@ -https://bugzilla.mindrot.org/show_bug.cgi?id=3548 a/openbsd-compat/openssl-compat.c -+++ b/openbsd-compat/openssl-compat.c -@@ -48,19 +48,25 @@ ssh_compatible_openssl(long headerver, long libver) - if (headerver == libver) - return 1; - -- /* for versions < 1.0.0, major,minor,fix,status must match */ -- if (headerver < 0x100f) { -- mask = 0xf00fL; /* major,minor,fix,status */ -- return (headerver & mask) == (libver & mask); -+ /* -+ * For versions < 3.0.0, major,minor,status must match and library -+ * fix version must be equal to or newer than the header. -+ */ -+ if (headerver < 0x300f) { -+ mask = 0xffffL; /* major,minor,status */ -+ hfix = (headerver & 0x000ff000) >> 12; -+ lfix = (libver & 0x000ff000) >> 12; -+ if ( (headerver & mask) == (libver & mask) && lfix >= hfix) -+ return 1; - } - - /* -- * For versions >= 1.0.0, major,minor,status must match and library -- * fix version must be equal to or newer than the header. -+ * For versions >= 3.0.0, major must match and minor,status must be -+ * equal to or greater than the header. -*/ -- mask = 0xfff0L; /* major,minor,status */ -- hfix = (headerver & 0x000ff000) >> 12; -- lfix = (libver & 0x000ff000) >> 12; -+ mask = 0xf00fL; /* major, status */ -+ hfix = (headerver & 0x0ff0L) >> 12; -+ lfix = (libver & 0x0ff0L) >> 12; - if ( (headerver & mask) == (libver & mask) && lfix >= hfix) - return 1; - return 0; a/openbsd-compat/regress/opensslvertest.c -+++ b/openbsd-compat/regress/opensslvertest.c -@@ -31,7 +31,7 @@ struct version_test { - { 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */ - { 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */ - { 0x0090802fL, 0x0090702fL, 0}, /* older library minor version: NO */ -- { 0x0090802fL,
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 078d2b21258b55a295a37a931bc0fbc52be72d01 Author: Sam James gentoo org> AuthorDate: Wed Dec 27 21:11:49 2023 + Commit: Sam James gentoo org> CommitDate: Wed Dec 27 21:11:49 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=078d2b21 net-misc/openssh: Stabilize 9.6_p1-r1 x86, #920725 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r1.ebuild b/net-misc/openssh/openssh-9.6_p1-r1.ebuild index 4171585fdb9f..affd7208bd67 100644 --- a/net-misc/openssh/openssh-9.6_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r1.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 01e10d60a7465d13a038628874a53106d57e4c23 Author: Sam James gentoo org> AuthorDate: Tue Dec 26 17:33:59 2023 + Commit: Sam James gentoo org> CommitDate: Tue Dec 26 17:33:59 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=01e10d60 net-misc/openssh: Stabilize 9.6_p1-r1 arm, #920725 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r1.ebuild b/net-misc/openssh/openssh-9.6_p1-r1.ebuild index 37d2870e7a4e..42a3e0b19132 100644 --- a/net-misc/openssh/openssh-9.6_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r1.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 5b375972ff0e0d1c2cca84a9416a369a1d60ba8d Author: Sam James gentoo org> AuthorDate: Tue Dec 26 17:34:00 2023 + Commit: Sam James gentoo org> CommitDate: Tue Dec 26 17:34:00 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b375972 net-misc/openssh: Stabilize 9.6_p1-r1 amd64, #920725 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r1.ebuild b/net-misc/openssh/openssh-9.6_p1-r1.ebuild index 42a3e0b19132..4171585fdb9f 100644 --- a/net-misc/openssh/openssh-9.6_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r1.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 1587d1c20f6bf40b80a483d04e8bf392e769e453 Author: Sam James gentoo org> AuthorDate: Tue Dec 26 17:33:57 2023 + Commit: Sam James gentoo org> CommitDate: Tue Dec 26 17:33:57 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1587d1c2 net-misc/openssh: Stabilize 9.6_p1-r1 arm64, #920725 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r1.ebuild b/net-misc/openssh/openssh-9.6_p1-r1.ebuild index 84130f1d6514..37d2870e7a4e 100644 --- a/net-misc/openssh/openssh-9.6_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r1.ebuild @@ -20,7 +20,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 05703a8e8f15f62cdea07ccc2b8436b5f56725ee Author: Arthur Zamarin gentoo org> AuthorDate: Sat Dec 23 19:55:37 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Sat Dec 23 19:55:37 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=05703a8e net-misc/openssh: Stabilize 9.5_p1-r2 ppc, #919972 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index 8985d5705b50..5043c36ea762 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 0b22d07f89b16ac3400e45077702ac4c4492e5a4 Author: Sam James gentoo org> AuthorDate: Wed Dec 20 07:12:26 2023 + Commit: Sam James gentoo org> CommitDate: Wed Dec 20 07:14:16 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b22d07f net-misc/openssh: disable problematic -fzero-call-used-regs=* --with-hardening adds the following in addition to flags we already set in our toolchain: * -ftrapv (which is broken with GCC anyway), * -ftrivial-auto-var-init=zero (which is nice, but not the end of the world to not have) * -fzero-call-used-regs=used (history of miscompilations with Clang (bug #872548), ICEs on m68k (bug #920350, gcc PR113086, gcc PR104820, gcc PR104817, gcc PR110934)). Furthermore, OSSH_CHECK_CFLAG_COMPILE does not use AC_CACHE_CHECK, so we cannot just disable -fzero-call-used-regs=used. Therefore, just pass --without-hardening, given it doesn't negate our already hardened toolchain defaults, and avoids adding flags which are known-broken in both Clang and GCC and haven't been proven reliable. Bug: https://bugs.gentoo.org/872548 Bug: https://bugs.gentoo.org/920350 Bug: https://bugs.gentoo.org/920292 Bug: https://gcc.gnu.org/PR113086 Bug: https://gcc.gnu.org/PR104820 Bug: https://gcc.gnu.org/PR104817 Bug: https://gcc.gnu.org/PR110934 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r1.ebuild | 396 ++ 1 file changed, 396 insertions(+) diff --git a/net-misc/openssh/openssh-9.6_p1-r1.ebuild b/net-misc/openssh/openssh-9.6_p1-r1.ebuild new file mode 100644 index ..84130f1d6514 --- /dev/null +++ b/net-misc/openssh/openssh-9.6_p1-r1.ebuild @@ -0,0 +1,396 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND=" + ${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND=" + ${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) + X? ( x11-apps/xauth ) +" +# Weird dep construct for newer gcc-config for bug #872416 +BDEPEND=" + sys-devel/autoconf + virtual/pkgconfig + || ( + >=sys-devel/gcc-config-2.6 + >=sys-devel/clang-toolchain-symlinks-14-r1:14 + >=sys-devel/clang-toolchain-symlinks-15-r1:15 + >=sys-devel/clang-toolchain-symlinks-16-r1:* + ) + verify-sig? ( sec-keys/openpgp-keys-openssh ) +" + +PATCHES=( + "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" + "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" + "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" +) + +pkg_pretend() { + local i enabled_eol_flags disabled_eol_flags + for i in hpn sctp X509; do + if has_version "net-misc/openssh[${i}]"; then + enabled_eol_flags+="${i}," + disabled_eol_flags+="-${i},"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: d1307b9e32ea830c31939a8083de2b052e6fa3bc Author: Sam James gentoo org> AuthorDate: Tue Dec 19 05:40:50 2023 + Commit: Sam James gentoo org> CommitDate: Tue Dec 19 05:40:50 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d1307b9e net-misc/openssh: add 9.6_p1 Bug: https://bugs.gentoo.org/920292 Signed-off-by: Sam James gentoo.org> net-misc/openssh/Manifest | 2 + net-misc/openssh/openssh-9.6_p1.ebuild | 378 + 2 files changed, 380 insertions(+) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 6b2564313240..23887af76d94 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -6,3 +6,5 @@ DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca090e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 +DIST openssh-9.6p1.tar.gz 1857862 BLAKE2B dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd SHA512 0ebf81e39914c3a90da001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 +DIST openssh-9.6p1.tar.gz.asc 833 BLAKE2B 9363d02f85457aa90069020827306a2f49d8406e32f5ee1d231844648dd2ffa02fa9b7325b8677a11e46a0ba0d9ffc86d9c989435d691a02f5354a956c49f9f9 SHA512 aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d diff --git a/net-misc/openssh/openssh-9.6_p1.ebuild b/net-misc/openssh/openssh-9.6_p1.ebuild new file mode 100644 index ..c53574f62515 --- /dev/null +++ b/net-misc/openssh/openssh-9.6_p1.ebuild @@ -0,0 +1,378 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND=" + ${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND=" + ${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) + X? ( x11-apps/xauth ) +" +# Weird dep construct for newer gcc-config for bug #872416
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: b65fa6754515104a1010b1c8b7b56397840d3c11 Author: Arthur Zamarin gentoo org> AuthorDate: Fri Dec 15 12:41:38 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Fri Dec 15 12:41:38 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b65fa675 net-misc/openssh: Stabilize 9.5_p1-r2 x86, #919972 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index 82243ec5313e..967c48bfb156 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: f038c1d25975265b8f0f42a5afeb576a0568cf08 Author: Arthur Zamarin gentoo org> AuthorDate: Fri Dec 15 10:38:22 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Fri Dec 15 10:38:22 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f038c1d2 net-misc/openssh: Stabilize 9.5_p1-r2 ppc64, #919972 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index d2696cc1f155..82243ec5313e 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 6a94e5254def0450dad8a7f7114016ca36715942 Author: Sam James gentoo org> AuthorDate: Fri Dec 15 08:16:03 2023 + Commit: Sam James gentoo org> CommitDate: Fri Dec 15 08:16:03 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6a94e525 net-misc/openssh: Stabilize 9.5_p1-r2 arm, #919972 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index 867b3cc18c87..d2696cc1f155 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 5b10e23336364fe733da991dc712ddf621bcac74 Author: Sam James gentoo org> AuthorDate: Fri Dec 15 07:48:57 2023 + Commit: Sam James gentoo org> CommitDate: Fri Dec 15 07:48:57 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b10e233 net-misc/openssh: Stabilize 9.5_p1-r2 amd64, #919972 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index 4fa25b8cea3d..867b3cc18c87 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 897ae02f0e9d8e41837f1ead0a1b719a3f0a20e2 Author: Sam James gentoo org> AuthorDate: Fri Dec 15 07:23:24 2023 + Commit: Sam James gentoo org> CommitDate: Fri Dec 15 07:23:24 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=897ae02f net-misc/openssh: Stabilize 9.5_p1-r2 sparc, #919972 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index b9a20909630a..1466de270592 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 3ab071f183614a99d94c3bdaa20b4c7470825506 Author: Sam James gentoo org> AuthorDate: Fri Dec 15 07:23:26 2023 + Commit: Sam James gentoo org> CommitDate: Fri Dec 15 07:23:26 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3ab071f1 net-misc/openssh: Stabilize 9.5_p1-r2 arm64, #919972 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.5_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r2.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild index 1466de270592..4fa25b8cea3d 100644 --- a/net-misc/openssh/openssh-9.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: c967e1bff06e856c8210863f2d8fa3542a3819fc Author: Arthur Zamarin gentoo org> AuthorDate: Tue Oct 24 19:46:36 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Tue Oct 24 19:46:36 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c967e1bf net-misc/openssh: Stabilize 9.4_p1-r1 ppc, #915461 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.4_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1-r1.ebuild b/net-misc/openssh/openssh-9.4_p1-r1.ebuild index edd62d7fd3da..5f45647ac5c9 100644 --- a/net-misc/openssh/openssh-9.4_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1-r1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: d64d4d38e8204b9c0f0dfbbe8d471760852d7482 Author: Arthur Zamarin gentoo org> AuthorDate: Tue Oct 24 19:46:39 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Tue Oct 24 19:46:39 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d64d4d38 net-misc/openssh: Stabilize 9.4_p1-r1 ppc64, #915461 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.4_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1-r1.ebuild b/net-misc/openssh/openssh-9.4_p1-r1.ebuild index 5f45647ac5c9..fc65af8c47b0 100644 --- a/net-misc/openssh/openssh-9.4_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1-r1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 9024643ba0d8cc35557123d3ad34f978906ae96b Author: David Seifert gentoo org> AuthorDate: Fri Oct 13 11:28:49 2023 + Commit: David Seifert gentoo org> CommitDate: Fri Oct 13 11:28:49 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9024643b net-misc/openssh: drop GSSAPI patch * This patch is far too large for Gentoo to carry without any upstream guidance and this leads to breakage every few releases. * Every distro has a different patch for this issue. In particular, the patches carried by Debian and Fedora are more comprehensive. * Upstream doesn't seem to care about the actual issue, seeing there hasn't been any progress in the last 10 years or so: http://bugzilla.mindrot.org/show_bug.cgi?id=1008 Bug: https://bugs.gentoo.org/165444 Signed-off-by: David Seifert gentoo.org> net-misc/openssh/{openssh-9.5_p1-r1.ebuild => openssh-9.5_p1-r2.ebuild} | 1 - 1 file changed, 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.5_p1-r1.ebuild b/net-misc/openssh/openssh-9.5_p1-r2.ebuild similarity index 99% rename from net-misc/openssh/openssh-9.5_p1-r1.ebuild rename to net-misc/openssh/openssh-9.5_p1-r2.ebuild index 8ab790480184..1bfec7fcc267 100644 --- a/net-misc/openssh/openssh-9.5_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r2.ebuild @@ -81,7 +81,6 @@ BDEPEND=" " PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: cd2fe0690ce131cc623a34eb8a9586f50d0737c9 Author: Sam James gentoo org> AuthorDate: Fri Oct 13 11:00:39 2023 + Commit: Sam James gentoo org> CommitDate: Fri Oct 13 11:03:50 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cd2fe069 net-misc/openssh: drop obsolete patch from 9.4, 9.5 This was fixed properly by upstream in 9.4 so the workaround isn't needed; openssh-9.3_p1-openssl-ignore-status.patch applies with fuzz to >=9.4 and does the wrong thing there as it touches the non-OpenSSL 3 case (upstream added a conditional above in >=9.4). Signed-off-by: Sam James gentoo.org> net-misc/openssh/{openssh-9.4_p1.ebuild => openssh-9.4_p1-r1.ebuild} | 1 - net-misc/openssh/{openssh-9.5_p1.ebuild => openssh-9.5_p1-r1.ebuild} | 1 - 2 files changed, 2 deletions(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1-r1.ebuild similarity index 99% rename from net-misc/openssh/openssh-9.4_p1.ebuild rename to net-misc/openssh/openssh-9.4_p1-r1.ebuild index d57adca97bd1..edd62d7fd3da 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1-r1.ebuild @@ -82,7 +82,6 @@ BDEPEND=" PATCHES=( "${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex - "${FILESDIR}/${PN}-9.3_p1-openssl-ignore-status.patch" "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" diff --git a/net-misc/openssh/openssh-9.5_p1.ebuild b/net-misc/openssh/openssh-9.5_p1-r1.ebuild similarity index 99% rename from net-misc/openssh/openssh-9.5_p1.ebuild rename to net-misc/openssh/openssh-9.5_p1-r1.ebuild index ec36f3445783..8ab790480184 100644 --- a/net-misc/openssh/openssh-9.5_p1.ebuild +++ b/net-misc/openssh/openssh-9.5_p1-r1.ebuild @@ -82,7 +82,6 @@ BDEPEND=" PATCHES=( "${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex - "${FILESDIR}/${PN}-9.3_p1-openssl-ignore-status.patch" "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 682d6efe2be9885241813bb863324178a8d8aa5a Author: Sam James gentoo org> AuthorDate: Mon Oct 9 18:56:59 2023 + Commit: Sam James gentoo org> CommitDate: Mon Oct 9 18:56:59 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=682d6efe net-misc/openssh: Stabilize 9.4_p1 amd64, #915461 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.4_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index 6425c3bf5a36..d57adca97bd1 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 78218a0009569499d204f42a323522eb42d12680 Author: Arthur Zamarin gentoo org> AuthorDate: Mon Oct 9 16:19:43 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Mon Oct 9 16:19:43 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78218a00 net-misc/openssh: Stabilize 9.4_p1 hppa, #915461 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.4_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index 18a639795c06..6425c3bf5a36 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 22447592be90ba7eebd9dfdfbd1c1f5be5f2ef67 Author: Arthur Zamarin gentoo org> AuthorDate: Mon Oct 9 16:19:43 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Mon Oct 9 16:19:43 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22447592 net-misc/openssh: Stabilize 9.4_p1 x86, #915461 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.4_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index c39c8ba35392..18a639795c06 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 115b9b15c488e1162a6692c0ecf44be53aff49a3 Author: Sam James gentoo org> AuthorDate: Mon Oct 9 05:54:28 2023 + Commit: Sam James gentoo org> CommitDate: Mon Oct 9 05:54:28 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=115b9b15 net-misc/openssh: Stabilize 9.4_p1 sparc, #915461 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.4_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index 33c769b8b00f..c39c8ba35392 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 19b9aaecef9d28fb976e1e7ab93157ce635717c0 Author: Sam James gentoo org> AuthorDate: Mon Oct 9 04:52:52 2023 + Commit: Sam James gentoo org> CommitDate: Mon Oct 9 04:52:52 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19b9aaec net-misc/openssh: Stabilize 9.4_p1 arm64, #915461 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.4_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index 2a7b1a0175bf..33c769b8b00f 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 4707c9eb82769a7fa21d4e5ca81dc7b90ffc157d Author: Sam James gentoo org> AuthorDate: Mon Oct 9 04:46:23 2023 + Commit: Sam James gentoo org> CommitDate: Mon Oct 9 04:46:23 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4707c9eb net-misc/openssh: Stabilize 9.4_p1 arm, #915461 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.4_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index 5d1ffb94eba4..2a7b1a0175bf 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 6b990a1a411e82ed1c6b818f71a4f104324fade2 Author: Patrick McLean gentoo org> AuthorDate: Thu Oct 5 22:16:45 2023 + Commit: Patrick McLean gentoo org> CommitDate: Thu Oct 5 22:16:45 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b990a1a net-misc/openssh-contrib: add 9.5_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 5 + .../openssh-contrib/openssh-contrib-9.5_p1.ebuild | 505 + 2 files changed, 510 insertions(+) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index 8a69297b58be..4474bb040ac6 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -18,3 +18,8 @@ DIST openssh-9.4_p1-hpn-15.2-X509-14.2-glue.patch.xz 5144 BLAKE2B 324dff4027 DIST openssh-9.4p1+x509-14.2.1.diff.gz 1221969 BLAKE2B 67b06648aafd849fdcb4c54c4a841c46b6a97d53d7ebdefe6110aba7a0877833ebb2a8d22a1e51a748051f889ba08cc1501ea0e9e221fef2f5c0e8caad170983 SHA512 d90dc7bde008ab793d9f85f1b4b0687f1d084fdf2fc6cfd229748424ddcc4664f558be44fee73d72e88bc99e03a5dd1ec57138a82f77b82e0f65d14bd3ef545a DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a +DIST openssh-9.5_p1-X509-glue-14.3.patch.xz 788 BLAKE2B 641c9936639a7629f6ae82d56f48b9dd39e58087024fe04259e2be5aef3b484a3f8ba6c91e603dd4f80d03c92490ee85cbaccff1e40e4f7ee1064c4a1ac9f191 SHA512 8f9255e3f8a682d7c82125a6064cdd8a80616e4b699a4c101515f15af7185a6b0b98efa246e0ed97a278f377ea616daf2dd98d0dc479c24d1ac3a76c12cd97ec +DIST openssh-9.5_p1-hpn-15.2-X509-14.3-glue.patch.xz 5132 BLAKE2B 82a30622e67fab233591f6b30c634f2f8383eda77de163b6139ca9892c0485d8f174901e5e6788f6c911e0859e563ac6a9022e99099507f76a59908770474e78 SHA512 697b2ce1b2b0aa1bcf95b76b3bc79de7d8793a3c2975bc3bfb23a64fd3a9133df9fd0831848f9388b21f7f1fd597824b221d45b9380ee26beb60040596386d61 +DIST openssh-9.5p1+x509-14.3.diff.gz 1224337 BLAKE2B f695711eeab6b40a8660ac897961068738cb5941c799243888d5a90f56cf4b308803dd88d3d97d7932a72b82ebc269e20c7d142076fb3b03def1245491da0497 SHA512 a7798e2a40a81df882911c485fa240584713135df59c6dab720597b6ef60ecfac85ebd595983d7c5ce8625b758eeb777fe1462845976a2674cad339dadc0719a +DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca090e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c +DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 diff --git a/net-misc/openssh-contrib/openssh-contrib-9.5_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.5_p1.ebuild new file mode 100644 index ..0c2cbcad0001 --- /dev/null +++ b/net-misc/openssh-contrib/openssh-contrib-9.5_p1.ebuild @@ -0,0 +1,505 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +MY_P=${P/-contrib/} +PARCH=${MY_P/_} + +# PV to USE for HPN patches +#HPN_PV="${PV^^}" +HPN_PV="8.5_P1" + +HPN_VER="15.2" +HPN_PATCHES=( + openssh-${HPN_PV/./_}-hpn-DynWinNoneSwitch-${HPN_VER}.diff + openssh-${HPN_PV/./_}-hpn-PeakTput-${HPN_VER}.diff +) +HPN_GLUE_PATCH="openssh-9.3_p2-hpn-${HPN_VER}-glue.patch" +HPN_PATCH_DIR="HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}" + +X509_VER="14.3" +X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" +X509_PATCH="${X509_PATCH/p2/p1}" +X509_GLUE_PATCH="openssh-${PV}-X509-glue-${X509_VER}.patch" +#X509_HPN_GLUE_PATCH="${MY_P}-hpn-${HPN_VER}-X509-${X509_VER}-glue.patch" +X509_HPN_GLUE_PATCH="${MY_P}-hpn-${HPN_VER}-X509-${X509_VER%.1}-glue.patch" + +DESCRIPTION="Port of OpenBSD's free SSH release with HPN/X509 patches" +HOMEPAGE="https://www.openssh.com/; +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ${HPN_VER:+hpn? ( + $(printf "mirror://sourceforge/project/hpnssh/Patches/${HPN_PATCH_DIR}/%s\n" "${HPN_PATCHES[@]}") +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: b381e15eb7d11d5e8a8e8d22a6918422f615dc10 Author: Patrick McLean gentoo org> AuthorDate: Wed Oct 4 17:41:57 2023 + Commit: Patrick McLean gentoo org> CommitDate: Wed Oct 4 17:42:04 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b381e15e net-misc/openssh: add 9.5_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh/Manifest | 2 + net-misc/openssh/openssh-9.5_p1.ebuild | 380 + 2 files changed, 382 insertions(+) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index bf1883a4f917..6b2564313240 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -4,3 +4,5 @@ DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d82 DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a +DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca090e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c +DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 diff --git a/net-misc/openssh/openssh-9.5_p1.ebuild b/net-misc/openssh/openssh-9.5_p1.ebuild new file mode 100644 index ..ec36f3445783 --- /dev/null +++ b/net-misc/openssh/openssh-9.5_p1.ebuild @@ -0,0 +1,380 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc )" +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/openssh.org.asc +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND="${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND="${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) + X? ( x11-apps/xauth ) +" +# Weird dep construct for newer gcc-config for bug #872416 +BDEPEND=" +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/, net-misc/openssh-contrib/files/
commit: 4d8d554dc36be80ca3807e35667af8611446b54f Author: Patrick McLean gentoo org> AuthorDate: Mon Aug 21 18:49:05 2023 + Commit: Patrick McLean gentoo org> CommitDate: Mon Aug 21 18:51:16 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4d8d554d net-misc/openssh-contrib: Revbump, X509 14.2.1, zlib patch (bug #912767) Bug: https://bugs.gentoo.org/912767 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 4 ++-- .../files/openssh-9.3_p2-zlib-1.3.patch | 21 + ...4_p1.ebuild => openssh-contrib-9.4_p1-r1.ebuild} | 6 -- 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index e41061964198..8a69297b58be 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -13,8 +13,8 @@ DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6 DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f SHA512 15b8c57aa120186f1d1c3c2b8dc6ffd26733e12f755a6b0a4255d9ec1815a61506275ff5723b4ac029e44bc2ad22852ac36e1101f292348fbfa79aa1a4cd3f35 DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a -DIST openssh-9.4_p1-X509-glue-14.2.patch.xz 784 BLAKE2B b559cc7132a85baf8984088769be7f84c86ca2c5d91eba0412882615f86d0f405b3790c6dfb35111cab7150780b8b3ce2120e30a1f1d078f6308dfca47470ef6 SHA512 8faaba8444fd795a64d3ecb91ffea9e754d2688039dc8b5d8d085a91671860884c0fa1bd568d1ed62f2cd1f328564f2fb3e467e4288aa6e5a37024bcfa70522e +DIST openssh-9.4_p1-X509-glue-14.2.1.patch.xz 904 BLAKE2B 64dd3f145858d7d6b6625fa565a882f7ab43faf78233a2a78b7b13fc1d417ae67c675bebc09dd1343b3504af0c2c47a1fda6ac77a11238e1d2dabcdd394253e9 SHA512 542263bae6135c0493a16c63526da6b98cc425e01f2a1e332156bca4d3d7c7e91cfe1cd86f32c5f67097275eeb543b356faacad665c2a36c22843e2e00d19e10 DIST openssh-9.4_p1-hpn-15.2-X509-14.2-glue.patch.xz 5144 BLAKE2B 324dff4027825b8400225cf322a6882caca30aa567a1bea405142ff9f9ed143b837ef8082011342ae6d22033c22e34499f930d0b9ca1e3c241cac7c15e99 SHA512 e63b2187d3f210ce897b6696b02a364f4f212c1290f7b9bbcceeb1532427254c54366b7da059ce3cf99e595457e69d8edff4fcb7c18021c7530dea1df4bb -DIST openssh-9.4p1+x509-14.2.diff.gz 1219074 BLAKE2B ea31ef87a5a450c1e8785f4eeb27f2bfb7a2ac187e10c35dc814cdad139645e52a577b238dc8bcb9c2cb001ee6ab29d88fb056b4ff772b3660c5cf9fa4fc2380 SHA512 53cc58618f57e6011f0ae2484b56ef7fc971f39aaf248a0e0a4361e28d0e170a7d4e3b97efe7c5f2848d845cfe970b8511e876d2b9bcb1cecbf01bedd972 +DIST openssh-9.4p1+x509-14.2.1.diff.gz 1221969 BLAKE2B 67b06648aafd849fdcb4c54c4a841c46b6a97d53d7ebdefe6110aba7a0877833ebb2a8d22a1e51a748051f889ba08cc1501ea0e9e221fef2f5c0e8caad170983 SHA512 d90dc7bde008ab793d9f85f1b4b0687f1d084fdf2fc6cfd229748424ddcc4664f558be44fee73d72e88bc99e03a5dd1ec57138a82f77b82e0f65d14bd3ef545a DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a diff --git a/net-misc/openssh-contrib/files/openssh-9.3_p2-zlib-1.3.patch b/net-misc/openssh-contrib/files/openssh-9.3_p2-zlib-1.3.patch new file mode 100644 index ..f1336bbe0380 --- /dev/null +++ b/net-misc/openssh-contrib/files/openssh-9.3_p2-zlib-1.3.patch @@ -0,0 +1,21 @@ +https://bugs.gentoo.org/912766 +https://github.com/openssh/openssh-portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621 + +From cb4ed12ffc332d1f72d054ed92655b5f1c38f621 Mon Sep 17 00:00:00 2001 +From: Darren Tucker +Date: Sat, 19 Aug 2023 07:39:08 +1000 +Subject: [PATCH] Fix zlib version check for 1.3 and future version. + +bz#3604. +--- a/configure.ac b/configure.ac +@@ -1464,7 +1464,7 @@ else + [[ + int a=0, b=0, c=0, d=0, n, v; + n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d",
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 41785a11e327124c8dee9ea3693bb119a2b9fc9b Author: Patrick McLean gentoo org> AuthorDate: Mon Aug 21 18:50:49 2023 + Commit: Patrick McLean gentoo org> CommitDate: Mon Aug 21 18:51:16 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41785a11 net-misc/openssh-contrib: Add patch for zlib-1.3 (bug #912767) Closes: https://bugs.gentoo.org/912767 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild | 1 + net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild | 1 + 2 files changed, 2 insertions(+) diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild index 26c886d2d198..460d83ab5935 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild @@ -125,6 +125,7 @@ PATCHES=( "${FILESDIR}/openssh-8.9_p1-allow-ppoll_time64.patch" #834019 "${FILESDIR}/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch" #834044 "${FILESDIR}/openssh-9.3_p1-openssl-version-compat-check.patch" + "${FILESDIR}/openssh-9.3_p2-zlib-1.3.patch" #912767 ) pkg_pretend() { diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild index af6ba3f3e4ed..fce00a82a653 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild @@ -120,6 +120,7 @@ PATCHES=( "${FILESDIR}/openssh-8.9_p1-allow-ppoll_time64.patch" #834019 "${FILESDIR}/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch" #834044 "${FILESDIR}/openssh-9.3_p1-openssl-version-compat-check.patch" + "${FILESDIR}/openssh-9.3_p2-zlib-1.3.patch" #912767 ) pkg_pretend() {
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/, net-misc/openssh/
commit: 5b974a3c903327b37f46a0212bf397ef634a67fd Author: Sam James gentoo org> AuthorDate: Mon Aug 21 17:48:31 2023 + Commit: Sam James gentoo org> CommitDate: Mon Aug 21 17:48:31 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b974a3c net-misc/openssh: fix configure check for zlib-1.3 Closes: https://bugs.gentoo.org/912766 Signed-off-by: Sam James gentoo.org> .../openssh/files/openssh-9.3_p2-zlib-1.3.patch | 21 + net-misc/openssh/openssh-9.3_p1-r1.ebuild | 1 + net-misc/openssh/openssh-9.3_p2.ebuild | 1 + net-misc/openssh/openssh-9.4_p1.ebuild | 1 + 4 files changed, 24 insertions(+) diff --git a/net-misc/openssh/files/openssh-9.3_p2-zlib-1.3.patch b/net-misc/openssh/files/openssh-9.3_p2-zlib-1.3.patch new file mode 100644 index ..f1336bbe0380 --- /dev/null +++ b/net-misc/openssh/files/openssh-9.3_p2-zlib-1.3.patch @@ -0,0 +1,21 @@ +https://bugs.gentoo.org/912766 +https://github.com/openssh/openssh-portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621 + +From cb4ed12ffc332d1f72d054ed92655b5f1c38f621 Mon Sep 17 00:00:00 2001 +From: Darren Tucker +Date: Sat, 19 Aug 2023 07:39:08 +1000 +Subject: [PATCH] Fix zlib version check for 1.3 and future version. + +bz#3604. +--- a/configure.ac b/configure.ac +@@ -1464,7 +1464,7 @@ else + [[ + int a=0, b=0, c=0, d=0, n, v; + n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", , , , ); +- if (n != 3 && n != 4) ++ if (n < 1) + exit(1); + v = a*100 + b*1 + c*100 + d; + fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); + diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index e3184f35c252..2624fa94f0ee 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -88,6 +88,7 @@ PATCHES=( "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" "${FILESDIR}/${PN}-9.3_p1-gss-use-HOST_NAME_MAX.patch" #834044 "${FILESDIR}/${PN}-9.3_p1-openssl-version-compat-check.patch" + "${FILESDIR}/${PN}-9.3_p2-zlib-1.3.patch" #912766 ) pkg_pretend() { diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index 8e57bfe2061c..3013b70ed4bc 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -88,6 +88,7 @@ PATCHES=( "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" "${FILESDIR}/${PN}-9.3_p1-gss-use-HOST_NAME_MAX.patch" #834044 "${FILESDIR}/${PN}-9.3_p1-openssl-version-compat-check.patch" + "${FILESDIR}/${PN}-9.3_p2-zlib-1.3.patch" #912766 ) pkg_pretend() { diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild index ec36f3445783..5d1ffb94eba4 100644 --- a/net-misc/openssh/openssh-9.4_p1.ebuild +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -86,6 +86,7 @@ PATCHES=( "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" + "${FILESDIR}/${PN}-9.3_p2-zlib-1.3.patch" #912766 ) pkg_pretend() {
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 509df9d6d6582a4927cfe0c7ec08972a43b79e64 Author: Patrick McLean gentoo org> AuthorDate: Mon Aug 14 18:55:19 2023 + Commit: Patrick McLean gentoo org> CommitDate: Mon Aug 14 18:55:19 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=509df9d6 net-misc/openssh-contrib: add 9.4_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 5 + .../openssh-contrib/openssh-contrib-9.4_p1.ebuild | 504 + 2 files changed, 509 insertions(+) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index ff4094389d70..e41061964198 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -13,3 +13,8 @@ DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6 DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f SHA512 15b8c57aa120186f1d1c3c2b8dc6ffd26733e12f755a6b0a4255d9ec1815a61506275ff5723b4ac029e44bc2ad22852ac36e1101f292348fbfa79aa1a4cd3f35 DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a +DIST openssh-9.4_p1-X509-glue-14.2.patch.xz 784 BLAKE2B b559cc7132a85baf8984088769be7f84c86ca2c5d91eba0412882615f86d0f405b3790c6dfb35111cab7150780b8b3ce2120e30a1f1d078f6308dfca47470ef6 SHA512 8faaba8444fd795a64d3ecb91ffea9e754d2688039dc8b5d8d085a91671860884c0fa1bd568d1ed62f2cd1f328564f2fb3e467e4288aa6e5a37024bcfa70522e +DIST openssh-9.4_p1-hpn-15.2-X509-14.2-glue.patch.xz 5144 BLAKE2B 324dff4027825b8400225cf322a6882caca30aa567a1bea405142ff9f9ed143b837ef8082011342ae6d22033c22e34499f930d0b9ca1e3c241cac7c15e99 SHA512 e63b2187d3f210ce897b6696b02a364f4f212c1290f7b9bbcceeb1532427254c54366b7da059ce3cf99e595457e69d8edff4fcb7c18021c7530dea1df4bb +DIST openssh-9.4p1+x509-14.2.diff.gz 1219074 BLAKE2B ea31ef87a5a450c1e8785f4eeb27f2bfb7a2ac187e10c35dc814cdad139645e52a577b238dc8bcb9c2cb001ee6ab29d88fb056b4ff772b3660c5cf9fa4fc2380 SHA512 53cc58618f57e6011f0ae2484b56ef7fc971f39aaf248a0e0a4361e28d0e170a7d4e3b97efe7c5f2848d845cfe970b8511e876d2b9bcb1cecbf01bedd972 +DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 +DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a diff --git a/net-misc/openssh-contrib/openssh-contrib-9.4_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.4_p1.ebuild new file mode 100644 index ..402849e5c957 --- /dev/null +++ b/net-misc/openssh-contrib/openssh-contrib-9.4_p1.ebuild @@ -0,0 +1,504 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +MY_P=${P/-contrib/} +PARCH=${MY_P/_} + +# PV to USE for HPN patches +#HPN_PV="${PV^^}" +HPN_PV="8.5_P1" + +HPN_VER="15.2" +HPN_PATCHES=( + openssh-${HPN_PV/./_}-hpn-DynWinNoneSwitch-${HPN_VER}.diff + openssh-${HPN_PV/./_}-hpn-PeakTput-${HPN_VER}.diff +) +HPN_GLUE_PATCH="openssh-9.3_p2-hpn-${HPN_VER}-glue.patch" +HPN_PATCH_DIR="HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}" + +X509_VER="14.2" +X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" +X509_PATCH="${X509_PATCH/p2/p1}" +X509_GLUE_PATCH="openssh-${PV}-X509-glue-${X509_VER}.patch" +X509_HPN_GLUE_PATCH="${MY_P}-hpn-${HPN_VER}-X509-${X509_VER}-glue.patch" + +DESCRIPTION="Port of OpenBSD's free SSH release with HPN/X509 patches" +HOMEPAGE="https://www.openssh.com/; +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ${HPN_VER:+hpn? ( + $(printf "mirror://sourceforge/project/hpnssh/Patches/${HPN_PATCH_DIR}/%s\n" "${HPN_PATCHES[@]}") + https://dev.gentoo.org/~chutzpah/dist/openssh/${HPN_GLUE_PATCH}.xz + )} +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 46a96be305963e4e1863ac3c0027f7a8900e802e Author: Patrick McLean gentoo org> AuthorDate: Thu Aug 10 21:55:11 2023 + Commit: Patrick McLean gentoo org> CommitDate: Thu Aug 10 21:55:40 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46a96be3 net-misc/openssh: add 9.4_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh/Manifest | 2 + net-misc/openssh/openssh-9.4_p1.ebuild | 380 + 2 files changed, 382 insertions(+) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 2428753e02f7..bf1883a4f917 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -2,3 +2,5 @@ DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6 DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f SHA512 15b8c57aa120186f1d1c3c2b8dc6ffd26733e12f755a6b0a4255d9ec1815a61506275ff5723b4ac029e44bc2ad22852ac36e1101f292348fbfa79aa1a4cd3f35 DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a +DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 +DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a diff --git a/net-misc/openssh/openssh-9.4_p1.ebuild b/net-misc/openssh/openssh-9.4_p1.ebuild new file mode 100644 index ..ec36f3445783 --- /dev/null +++ b/net-misc/openssh/openssh-9.4_p1.ebuild @@ -0,0 +1,380 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc )" +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/openssh.org.asc +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND="${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND="${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) + X? ( x11-apps/xauth ) +" +# Weird dep construct for newer gcc-config for bug #872416 +BDEPEND=" +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: af815ce4c7a7933c36b36b24c29b655bfec37105 Author: Sam James gentoo org> AuthorDate: Wed Aug 2 12:38:57 2023 + Commit: Sam James gentoo org> CommitDate: Wed Aug 2 12:38:57 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=af815ce4 net-misc/openssh: skip sanity-check for binpkgs Because of environment saving, we can't allow users to override for binpkgs, so just elide the check there. Closes: https://bugs.gentoo.org/907892 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index e3184f35c252..8e57bfe2061c 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -100,6 +100,9 @@ pkg_pretend() { done if [[ -n ${enabled_eol_flags} && ${OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING} != yes ]]; then + # Skip for binary packages entirely because of environment saving, bug #907892 + [[ ${MERGE_TYPE} == binary ]] && return + ewarn "net-misc/openssh does not support USE='${enabled_eol_flags%,}' anymore." ewarn "The Base system team *STRONGLY* recommends you not rely on this functionality," ewarn "since these USE flags required third-party patches that often trigger bugs"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 485789457e7dc78a60bc5a6a771f996cc500062d Author: Patrick McLean gentoo org> AuthorDate: Mon Jul 24 22:39:35 2023 + Commit: Patrick McLean gentoo org> CommitDate: Mon Jul 24 22:39:47 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=48578945 net-misc/openssh-contrib: unkeyword 9.3_p1 for ~amd64 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild index 9a91a490d05f..26c886d2d198 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild @@ -51,7 +51,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~amd64" +#KEYWORDS="~amd64" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 71b6527ea4d7d180f63e3f7aa4567206bef9d3a4 Author: Patrick McLean gentoo org> AuthorDate: Mon Jul 24 22:15:10 2023 + Commit: Patrick McLean gentoo org> CommitDate: Mon Jul 24 22:15:51 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71b6527e net-misc/openssh-contrib: add 9.3_p2 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh-contrib/Manifest | 5 + .../openssh-contrib/openssh-contrib-9.3_p2.ebuild | 506 + 2 files changed, 511 insertions(+) diff --git a/net-misc/openssh-contrib/Manifest b/net-misc/openssh-contrib/Manifest index 680eb4cd062e..ff4094389d70 100644 --- a/net-misc/openssh-contrib/Manifest +++ b/net-misc/openssh-contrib/Manifest @@ -4,7 +4,12 @@ DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e8 DIST openssh-9.3_p1-X509-glue-14.1.1.patch.xz 936 BLAKE2B f1716ff7801a27aa2aad06f1cca2ca6988eef65fb0ddcbde483e5c9205506ca40b658f5c8c40b2625afb38ff9b56e40831eadcf751c8ee1c11f69ec559f3c147 SHA512 dace01bcf22b625cd00e18ce019b0be31b6f47f714845f3ebb98ebee41b4db0a769fa09cab63ea17536a7106ec90f2b15f87696ae49fa6f6e31bad94ae09719d DIST openssh-9.3_p1-hpn-15.2-X509-14.1.1-glue.patch.xz 6224 BLAKE2B 47c7054648e8d795b0d9e563d8313242c917df8a3620a60cff2d77f9ae8482cec861244e0f1433f711922f0704b775b7183284960a3baa48a27b99979ad7ffa3 SHA512 728cf2586bcc9480afe71b5106e2286b925857a9e04dce79f744b36cbe3ec2844ac5b4a6bd4b64117f32ad1b04c0943b9d6f935eee826202871588ed9a167387 DIST openssh-9.3_p1-hpn-15.2-glue.patch.xz 5044 BLAKE2B 73205bd8f702612df7cb6f29e8b353df854428974dc20d5938033157da64418317f326ab8118893dc47173cd871dc7654a3e3ed601289744560becc98729cd3f SHA512 343b77109158b9af5d8d57f4ac7968bce8277fa3b4dcaa19b76593620fbddbfa832bd76c0da52e12179fe5f391f9fef67e7af51b138ab8cc69a8a6471b6a3909 +DIST openssh-9.3_p2-X509-glue-14.1.1.patch.xz 116132 BLAKE2B 7e2b5aa4569a27943cb701dccbca8224e64130a4bce46ce8ba7978a93d3a410fe46957694475fafd51177dbbefa28fc613d9bf69aa436541b03e83dc9b9497ba SHA512 df67a40f27c8af029c3d84e44bd74115e16bfe98efc039bd1f5661c22c5ab1213c2970a80c017775e828f6c5b4e2e815eff28c745888b0dba1ef6c259943ba20 +DIST openssh-9.3_p2-hpn-15.2-X509-14.1.1-glue.patch.xz 5056 BLAKE2B aea1d9dd10abb5dd85d304fb4a415c5fb8b237dd82d8f39c092622d85b51751336f18bff5feb80e9a165e171b92f471272210d926327a649961eb640cb8b SHA512 6d384ad9b3bebc4b90550e089b6c3c8d2959880a2510bea5bd7d723dd831815929dbf67a882105f22b3dd2eef6ed82dea89343175499a57d8e0f6b56ec6abfd6 +DIST openssh-9.3_p2-hpn-15.2-glue.patch.xz 4728 BLAKE2B 9e3c04a289d0a94b03b871027f4f8476e3981602f5a2d9ac8a8602e08d01248a72c48126ff53a174c8dc95f6bd8608ba75bbc74f5eb427e4ecbe7c7794c7c200 SHA512 bb42d001f89b8eb3a5af813d4c526548e13467deeb2811384b473e61c86e6e766aabb9652867953c0f979533ea7045c424298f11df4faf05e43fb8b1f439 DIST openssh-9.3p1+x509-14.1.1.diff.gz 1221335 BLAKE2B 9203fbb6955fe44ebd7ed031245a90b8df7e149a6ad3205097ffd5d2d7655a0e6b8cd2e20d7f7216fbc6d3e8bd0a1453f3fc028f04e96c0f244ad0772a0e30ab SHA512 8a1036d680d25f99e1a24ea77a2c303e807c0f5c5323043684da9fcc9ff603f80384688935a654cc97216f84f85f00f590dc35d2ee2b1f0fb169f8b427559b2d DIST openssh-9.3p1-sctp-1.2.patch.xz 6836 BLAKE2B d12394ecaa7eca6e0b3590cea83b71537edc3230bc5f7b2992a06a67c77247cc4156be0ba151038a5baee1c3f105f76f1917cc5aad08d1aadadfd6e56858781b SHA512 ba5af014e5b825bf4a57368416a15c6e56afd355780e4c5eab44a396c3f4276ac4d813c5c15b83f3b8edf4763855221743796c038433b292fda9417f0b274a71 DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6676459f7422ace7a2461ab96943fbcadb478633a80f40bc098f2435722850b563714adb78b14922be53cb5753d SHA512 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 +DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f SHA512 15b8c57aa120186f1d1c3c2b8dc6ffd26733e12f755a6b0a4255d9ec1815a61506275ff5723b4ac029e44bc2ad22852ac36e1101f292348fbfa79aa1a4cd3f35 +DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild new file mode 100644 index ..af6ba3f3e4ed --- /dev/null +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p2.ebuild @@ -0,0 +1,506
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: ee25b7d5358f42edd851c00492a885faaf2e349c Author: Arthur Zamarin gentoo org> AuthorDate: Sun Jul 23 16:12:11 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Sun Jul 23 16:12:11 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee25b7d5 net-misc/openssh: Stabilize 9.3_p2 sparc, #910555 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index 828953a4652f..e3184f35c252 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 696ff84abcd8ea66ca7e70eeaaf84771597bc982 Author: Arthur Zamarin gentoo org> AuthorDate: Sun Jul 23 16:01:13 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Sun Jul 23 16:01:13 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=696ff84a net-misc/openssh: Stabilize 9.3_p2 hppa, #910555 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index ce2c7c5bcf0a..828953a4652f 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: cda793b7328774c58f6c4ce7baf15a13734b3e87 Author: Arthur Zamarin gentoo org> AuthorDate: Wed Jul 19 15:23:29 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Wed Jul 19 15:23:29 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cda793b7 net-misc/openssh: Stabilize 9.3_p2 ppc64, #910555 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index 42b4c24054c0..ce2c7c5bcf0a 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: f1537b974a4f616df8a75075b10bbe28ef00e1f2 Author: Arthur Zamarin gentoo org> AuthorDate: Wed Jul 19 15:23:19 2023 + Commit: Arthur Zamarin gentoo org> CommitDate: Wed Jul 19 15:23:19 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f1537b97 net-misc/openssh: Stabilize 9.3_p2 ppc, #910555 Signed-off-by: Arthur Zamarin gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index 59707d8bb693..42b4c24054c0 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 080bf20c86100a54e932f414a720ce01ebcf1de1 Author: Sam James gentoo org> AuthorDate: Wed Jul 19 15:13:39 2023 + Commit: Sam James gentoo org> CommitDate: Wed Jul 19 15:13:39 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=080bf20c net-misc/openssh: Stabilize 9.3_p2 x86, #910555 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index d67ddfcffda4..59707d8bb693 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 42f7fa536bfbb84553397cd00e4343dc40d4bb3f Author: Sam James gentoo org> AuthorDate: Wed Jul 19 15:13:38 2023 + Commit: Sam James gentoo org> CommitDate: Wed Jul 19 15:13:38 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42f7fa53 net-misc/openssh: Stabilize 9.3_p2 arm, #910555 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index f9b7b475b4f3..d67ddfcffda4 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: b08446b3b5f8c0fa29ec8d2da0a9bdfee0dba01f Author: Sam James gentoo org> AuthorDate: Wed Jul 19 15:11:43 2023 + Commit: Sam James gentoo org> CommitDate: Wed Jul 19 15:11:43 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b08446b3 net-misc/openssh: Stabilize 9.3_p2 amd64, #910555 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index 807a957d8b9b..f9b7b475b4f3 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: fb8ce7b47306c0b3837cac22256646034eac8f8f Author: Sam James gentoo org> AuthorDate: Wed Jul 19 15:11:23 2023 + Commit: Sam James gentoo org> CommitDate: Wed Jul 19 15:11:23 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fb8ce7b4 net-misc/openssh: Stabilize 9.3_p2 arm64, #910555 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild index f3833c8da7c4..807a957d8b9b 100644 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -19,7 +19,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 704e9eeeaeb28174462b3a4c68376f43bbfa6765 Author: Sam James gentoo org> AuthorDate: Wed Jul 19 14:41:10 2023 + Commit: Sam James gentoo org> CommitDate: Wed Jul 19 14:41:16 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=704e9eee net-misc/openssh: add 9.3_p2 Bug: https://bugs.gentoo.org/910553 Signed-off-by: Sam James gentoo.org> net-misc/openssh/Manifest | 2 + net-misc/openssh/openssh-9.3_p2.ebuild | 379 + 2 files changed, 381 insertions(+) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 6f31cfab6a73..2428753e02f7 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,2 +1,4 @@ DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6676459f7422ace7a2461ab96943fbcadb478633a80f40bc098f2435722850b563714adb78b14922be53cb5753d SHA512 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 +DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f SHA512 15b8c57aa120186f1d1c3c2b8dc6ffd26733e12f755a6b0a4255d9ec1815a61506275ff5723b4ac029e44bc2ad22852ac36e1101f292348fbfa79aa1a4cd3f35 +DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild new file mode 100644 index ..f3833c8da7c4 --- /dev/null +++ b/net-misc/openssh/openssh-9.3_p2.ebuild @@ -0,0 +1,379 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI=" + mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc )" +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/openssh.org.asc +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +# Probably want to drop ssl defaulting to on in a future version. +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ldns? ( ssl ) + pie? ( !static ) + static? ( !kerberos !pam ) + xmss? ( ssl ) + test? ( ssl ) +" + +# tests currently fail with XMSS +REQUIRED_USE+="test? ( !xmss )" + +LIB_DEPEND=" + audit? ( sys-process/audit[static-libs(+)] ) + ldns? ( + net-libs/ldns[static-libs(+)] + net-libs/ldns[ecdsa(+),ssl(+)] + ) + libedit? ( dev-libs/libedit:=[static-libs(+)] ) + security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) + selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) + ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) + virtual/libcrypt:=[static-libs(+)] + >=sys-libs/zlib-1.2.3:=[static-libs(+)] +" +RDEPEND=" + acct-group/sshd + acct-user/sshd + !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) + pam? ( sys-libs/pam ) + kerberos? ( virtual/krb5 ) +" +DEPEND="${RDEPEND} + virtual/os-headers + kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) + static? ( ${LIB_DEPEND} ) +" +RDEPEND="${RDEPEND} + !net-misc/openssh-contrib + pam? ( >=sys-auth/pambase-20081028 ) + !prefix? ( sys-apps/shadow ) + X? ( x11-apps/xauth ) +" +# Weird dep construct for newer gcc-config for bug #872416 +BDEPEND=" + sys-devel/autoconf + virtual/pkgconfig + || ( + >=sys-devel/gcc-config-2.6 + >=sys-devel/clang-toolchain-symlinks-14-r1:14 + >=sys-devel/clang-toolchain-symlinks-15-r1:15 + >=sys-devel/clang-toolchain-symlinks-16-r1:* + ) + verify-sig? ( sec-keys/openpgp-keys-openssh ) +" + +PATCHES=( +
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: acde9b9d754c567a61650e840b626bf32557251c Author: Sam James gentoo org> AuthorDate: Mon Jun 26 15:13:47 2023 + Commit: Sam James gentoo org> CommitDate: Mon Jun 26 15:13:47 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=acde9b9d net-misc/openssh-contrib: drop libc_Cygwin cruft Support is already gone. Closes: https://bugs.gentoo.org/909191 Signed-off-by: Sam James gentoo.org> net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild index 8fa1eabcaa5c..9a91a490d05f 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild @@ -320,6 +320,7 @@ src_configure() { --datadir="${EPREFIX}"/usr/share/openssh --with-privsep-path="${EPREFIX}"/var/empty --with-privsep-user=sshd + --with-hardening $(use_with audit audit linux) $(use_with kerberos kerberos5 "${EPREFIX}"/usr) # We apply the sctp patch conditionally, so can't pass --without-sctp @@ -333,7 +334,6 @@ src_configure() { $(usex X509 '' "$(use_with security-key security-key-builtin)") $(use_with ssl openssl) $(use_with ssl ssl-engine) - $(use_with !elibc_Cygwin hardening) #659210 ) if use elibc_musl; then
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 912850f59174a65693859c4a171ef5e98fbdab6b Author: Sam James gentoo org> AuthorDate: Sun Jun 25 19:27:59 2023 + Commit: Sam James gentoo org> CommitDate: Sun Jun 25 19:27:59 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=912850f5 net-misc/openssh: fix configure arg Fixes: 5a80377b5bf000d2efbc5ee3a5732c19c010a7a9 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index 5a0b9de25987..e3184f35c252 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -185,7 +185,7 @@ src_configure() { --datadir="${EPREFIX}"/usr/share/openssh --with-privsep-path="${EPREFIX}"/var/empty --with-privsep-user=sshd - --enable-hardening + --with-hardening $(use_with audit audit linux) $(use_with kerberos kerberos5 "${EPREFIX}"/usr) $(use_with ldns)
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 5a80377b5bf000d2efbc5ee3a5732c19c010a7a9 Author: Sam James gentoo org> AuthorDate: Sun Jun 25 19:15:08 2023 + Commit: Sam James gentoo org> CommitDate: Sun Jun 25 19:17:05 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5a80377b net-misc/openssh: drop elibc_Cygwin cruft Support is already gone. Closes: https://bugs.gentoo.org/909154 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index 2ec7c9966dff..5a0b9de25987 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -185,6 +185,7 @@ src_configure() { --datadir="${EPREFIX}"/usr/share/openssh --with-privsep-path="${EPREFIX}"/var/empty --with-privsep-user=sshd + --enable-hardening $(use_with audit audit linux) $(use_with kerberos kerberos5 "${EPREFIX}"/usr) $(use_with ldns) @@ -195,7 +196,6 @@ src_configure() { $(use_with security-key security-key-builtin) $(use_with ssl openssl) $(use_with ssl ssl-engine) - $(use_with !elibc_Cygwin hardening) #659210 ) if use elibc_musl; then
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: 825665409b7873b60a8766f929c412225196c319 Author: David Seifert gentoo org> AuthorDate: Fri May 12 11:54:21 2023 + Commit: David Seifert gentoo org> CommitDate: Fri May 12 11:54:21 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82566540 net-misc/openssh: remove redundant patch * All the patches files already include stdlib.h Signed-off-by: David Seifert gentoo.org> .../files/openssh-9.3_p1-include-stdlib.patch | 40 -- net-misc/openssh/openssh-9.3_p1-r1.ebuild | 1 - 2 files changed, 41 deletions(-) diff --git a/net-misc/openssh/files/openssh-9.3_p1-include-stdlib.patch b/net-misc/openssh/files/openssh-9.3_p1-include-stdlib.patch deleted file mode 100644 index 7925234621e2.. --- a/net-misc/openssh/files/openssh-9.3_p1-include-stdlib.patch +++ /dev/null @@ -1,40 +0,0 @@ a/auth-options.c -+++ b/auth-options.c -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include - - #include "openbsd-compat/sys-queue.h" - a/hmac.c -+++ b/hmac.c -@@ -21,6 +21,7 @@ - - #include - #include -+#include - - #include "sshbuf.h" - #include "digest.h" a/krl.c -+++ b/krl.c -@@ -29,6 +29,7 @@ - #include - #include - #include -+#include - - #include "sshbuf.h" - #include "ssherr.h" a/mac.c -+++ b/mac.c -@@ -30,6 +30,7 @@ - #include - #include - #include -+#include - - #include "digest.h" - #include "hmac.h" diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index a7481ca4a40d..35401b2679a7 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -81,7 +81,6 @@ BDEPEND=" " PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-include-stdlib.patch" "${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex "${FILESDIR}/${PN}-9.3_p1-openssl-ignore-status.patch" "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: ccfc91d36287732d0e7534c2f5e99000616fbb11 Author: David Seifert gentoo org> AuthorDate: Fri May 12 11:00:35 2023 + Commit: David Seifert gentoo org> CommitDate: Fri May 12 11:00:35 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ccfc91d3 net-misc/openssh: rebase patches Signed-off-by: David Seifert gentoo.org> .../files/openssh-8.9_p1-allow-ppoll_time64.patch | 14 - ...I-dns.patch => openssh-9.3_p1-GSSAPI-dns.patch} | 34 +++--- ...mget-shmat-shmdt-in-preauth-privsep-child.patch | 2 -- ...enssh-9.3_p1-disable-conch-interop-tests.patch} | 0 patch => openssh-9.3_p1-fix-putty-tests.patch} | 8 ++--- ... => openssh-9.3_p1-gss-use-HOST_NAME_MAX.patch} | 2 -- ...b.patch => openssh-9.3_p1-include-stdlib.patch} | 20 - ... => openssh-9.3_p1-openssl-ignore-status.patch} | 0 net-misc/openssh/openssh-9.3_p1-r1.ebuild | 13 - 9 files changed, 27 insertions(+), 66 deletions(-) diff --git a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch deleted file mode 100644 index 8c46625aa29c.. --- a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c -index 2e065ba3..4ce80cb2 100644 a/sandbox-seccomp-filter.c -+++ b/sandbox-seccomp-filter.c -@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = { - #ifdef __NR_ppoll - SC_ALLOW(__NR_ppoll), - #endif -+#ifdef __NR_ppoll_time64 -+ SC_ALLOW(__NR_ppoll_time64), -+#endif - #ifdef __NR_poll - SC_ALLOW(__NR_poll), - #endif diff --git a/net-misc/openssh/files/openssh-8.7_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch similarity index 92% rename from net-misc/openssh/files/openssh-8.7_p1-GSSAPI-dns.patch rename to net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch index ffc40b70ae3d..cbc0ec2d9c2d 100644 --- a/net-misc/openssh/files/openssh-8.7_p1-GSSAPI-dns.patch +++ b/net-misc/openssh/files/openssh-9.3_p1-GSSAPI-dns.patch @@ -1,8 +1,6 @@ -diff --git a/auth.c b/auth.c -index 00b168b4..8ee93581 100644 --- a/auth.c +++ b/auth.c -@@ -729,118 +729,6 @@ fakepw(void) +@@ -637,118 +637,6 @@ return (); } @@ -121,11 +119,9 @@ index 00b168b4..8ee93581 100644 /* These functions link key/cert options to the auth framework */ /* Log sshauthopt options locally and (optionally) for remote transmission */ -diff --git a/canohost.c b/canohost.c -index a810da0e..18e9d8d4 100644 --- a/canohost.c +++ b/canohost.c -@@ -202,3 +202,117 @@ get_local_port(int sock) +@@ -205,3 +205,117 @@ { return get_sock_port(sock, 1); } @@ -243,11 +239,9 @@ index a810da0e..18e9d8d4 100644 + return dnsname; + } +} -diff --git a/readconf.c b/readconf.c -index 03369a08..b45898ce 100644 --- a/readconf.c +++ b/readconf.c -@@ -161,6 +161,7 @@ typedef enum { +@@ -160,6 +160,7 @@ oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -255,7 +249,7 @@ index 03369a08..b45898ce 100644 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, -@@ -207,9 +208,11 @@ static struct { +@@ -207,9 +208,11 @@ #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, { "gssapidelegatecredentials", oGssDelegateCreds }, @@ -267,7 +261,7 @@ index 03369a08..b45898ce 100644 #endif #ifdef ENABLE_PKCS11 { "pkcs11provider", oPKCS11Provider }, -@@ -1117,6 +1120,10 @@ parse_time: +@@ -1125,6 +1128,10 @@ intptr = >gss_deleg_creds; goto parse_flag; @@ -278,7 +272,7 @@ index 03369a08..b45898ce 100644 case oBatchMode: intptr = >batch_mode; goto parse_flag; -@@ -2307,6 +2314,7 @@ initialize_options(Options * options) +@@ -2341,6 +2348,7 @@ options->pubkey_authentication = -1; options->gss_authentication = -1; options->gss_deleg_creds = -1; @@ -286,7 +280,7 @@ index 03369a08..b45898ce 100644 options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2465,6 +2473,8 @@ fill_default_options(Options * options) +@@ -2501,6 +2509,8 @@ options->gss_authentication = 0; if (options->gss_deleg_creds == -1) options->gss_deleg_creds = 0; @@ -295,11 +289,9 @@ index 03369a08..b45898ce 100644 if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -diff --git a/readconf.h b/readconf.h -index
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: e72af4c9467e79ca6ae198fbbe6fcf3f90ffad42 Author: Sam James gentoo org> AuthorDate: Tue May 9 21:25:27 2023 + Commit: Sam James gentoo org> CommitDate: Thu May 11 20:03:46 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e72af4c9 net-misc/openssh: tweak config file names Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1-r1.ebuild | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index 95ec07b27720..ea2cc9a83d0c 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -249,7 +249,7 @@ tweak_ssh_configs() { Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/90gentoo.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/999gentoo.conf || die # Send locale environment variables (bug #367017) SendEnv ${locale_vars[*]} @@ -257,7 +257,7 @@ tweak_ssh_configs() { SendEnv COLORTERM EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/91gentoo-security.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/999gentoo-security.conf || die RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" EOF @@ -266,7 +266,7 @@ tweak_ssh_configs() { ssh-rsa B3NzaC1yc2EBIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo.conf || die # Allow client to pass locale environment variables (bug #367017) AcceptEnv ${locale_vars[*]} @@ -275,7 +275,7 @@ tweak_ssh_configs() { EOF if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-pam.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo-pam.conf || die UsePAM yes # This interferes with PAM. PasswordAuthentication no @@ -286,7 +286,7 @@ tweak_ssh_configs() { fi if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-livecd.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo-livecd.conf || die # Allow root login with password on livecds. PermitRootLogin Yes EOF
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: d7341c7a0438bde8a99f6a02cc0daf85590a9e78 Author: Sam James gentoo org> AuthorDate: Tue May 9 21:26:24 2023 + Commit: Sam James gentoo org> CommitDate: Thu May 11 20:03:47 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d7341c7a net-misc/openssh-contrib: tweak config file names Signed-off-by: Sam James gentoo.org> net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild index bdcd1d5ad012..8fa1eabcaa5c 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild @@ -385,7 +385,7 @@ tweak_ssh_configs() { Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/90gentoo.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/999gentoo.conf || die # Send locale environment variables (bug #367017) SendEnv ${locale_vars[*]} @@ -393,7 +393,7 @@ tweak_ssh_configs() { SendEnv COLORTERM EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/91gentoo-security.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/999gentoo-security.conf || die RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" EOF @@ -402,7 +402,7 @@ tweak_ssh_configs() { ssh-rsa B3NzaC1yc2EBIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo.conf || die # Allow client to pass locale environment variables (bug #367017) AcceptEnv ${locale_vars[*]} @@ -411,7 +411,7 @@ tweak_ssh_configs() { EOF if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-pam.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo-pam.conf || die UsePAM yes # This interferes with PAM. PasswordAuthentication no @@ -422,7 +422,7 @@ tweak_ssh_configs() { fi if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-livecd.conf || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/999gentoo-livecd.conf || die # Allow root login with password on livecds. PermitRootLogin Yes EOF
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 51642f0e13ab03de8a6c3fc729185f96b1618200 Author: Sam James gentoo org> AuthorDate: Fri Mar 24 07:18:52 2023 + Commit: Sam James gentoo org> CommitDate: Thu May 11 20:03:44 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=51642f0e net-misc/openssh: use /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d for config dropins Debian patches this into their config already and we found ourselves wanting it when looking at handling the github.com SSH key change/rotation. /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d both become directories where users can add their own configuration files, but we also install the Gentoo snippets formerly in ssh_config and sshd_config in there instead. Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1-r1.ebuild | 51 ++- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index 8e9ccf877d5d..83c262f034f8 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -241,39 +241,46 @@ tweak_ssh_configs() { LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE ) - # First the server config. - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config - - # Allow client to pass locale environment variables. #367017 - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM. #658540 - AcceptEnv COLORTERM + dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die + Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" + EOF + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die + Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" EOF - # Then the client config. - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config - - # Send locale environment variables. #367017 + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/90gentoo.conf || die + # Send locale environment variables (bug #367017) SendEnv ${locale_vars[*]} - # Send COLORTERM to match TERM. #658540 + # Send COLORTERM to match TERM (bug #658540) SendEnv COLORTERM EOF + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo.conf || die + # Allow client to pass locale environment variables (bug #367017) + AcceptEnv ${locale_vars[*]} + + # Allow client to pass COLORTERM to match TERM (bug #658540) + AcceptEnv COLORTERM + EOF + if use pam ; then - sed -i \ - -e "/^#UsePAM /s:.*:UsePAM yes:" \ - -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ - -e "/^#PrintMotd /s:.*:PrintMotd no:" \ - -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ - "${ED}"/etc/ssh/sshd_config || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-pam.conf || die + UsePAM yes + # This interferes with PAM. + PasswordAuthentication no + # PAM can do its own handling of MOTD. + PrintMotd no + PrintLastLog no + EOF fi if use livecd ; then - sed -i \ - -e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \ - "${ED}"/etc/ssh/sshd_config || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-livecd.conf || die + # Allow root login with password on livecds. + PermitRootLogin Yes + EOF fi }
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: 988aa8b2fcff709be8f4deb43d7f8e8667506600 Author: Sam James gentoo org> AuthorDate: Mon May 8 17:06:39 2023 + Commit: Sam James gentoo org> CommitDate: Thu May 11 20:03:44 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=988aa8b2 net-misc/openssh-contrib: use /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d for config dropinsa Debian patches this into their config already and we found ourselves wanting it when looking at handling the github.com SSH key change/rotation. /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d both become directories where users can add their own configuration files, but we also install the Gentoo snippets formerly in ssh_config and sshd_config in there instead. Signed-off-by: Sam James gentoo.org> .../openssh-contrib/openssh-contrib-9.3_p1.ebuild | 51 -- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild index f20217c819ff..18255acf5f45 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild @@ -377,39 +377,46 @@ tweak_ssh_configs() { LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE ) - # First the server config. - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config - - # Allow client to pass locale environment variables. #367017 - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM. #658540 - AcceptEnv COLORTERM + dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die + Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" + EOF + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die + Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" EOF - # Then the client config. - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config - - # Send locale environment variables. #367017 + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/90gentoo.conf || die + # Send locale environment variables (bug #367017) SendEnv ${locale_vars[*]} - # Send COLORTERM to match TERM. #658540 + # Send COLORTERM to match TERM (bug #658540) SendEnv COLORTERM EOF + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo.conf || die + # Allow client to pass locale environment variables (bug #367017) + AcceptEnv ${locale_vars[*]} + + # Allow client to pass COLORTERM to match TERM (bug #658540) + AcceptEnv COLORTERM + EOF + if use pam ; then - sed -i \ - -e "/^#UsePAM /s:.*:UsePAM yes:" \ - -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ - -e "/^#PrintMotd /s:.*:PrintMotd no:" \ - -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ - "${ED}"/etc/ssh/sshd_config || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-pam.conf || die + UsePAM yes + # This interferes with PAM. + PasswordAuthentication no + # PAM can do its own handling of MOTD. + PrintMotd no + PrintLastLog no + EOF fi if use livecd ; then - sed -i \ - -e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \ - "${ED}"/etc/ssh/sshd_config || die + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo-livecd.conf || die + # Allow root login with password on livecds. + PermitRootLogin Yes + EOF fi }
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 5985af22c9feaa90943cd4cdc96bfe4da7ac2de5 Author: Sam James gentoo org> AuthorDate: Fri Mar 24 07:22:07 2023 + Commit: Sam James gentoo org> CommitDate: Thu May 11 20:03:45 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5985af22 net-misc/openssh: revoke github.com's compromised RSA host key See https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. It's necessary for the old github.com key to be explicitly removed (or revoked) rather than just selecting a new key, i.e. it's possible for users to be silently affected but not see the error because github.com may not serve them an RSA key. Revoke the old github.com key as part of the ebuild to help users out. Signed-off-by: Sam James gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/30327 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1-r1.ebuild | 9 + 1 file changed, 9 insertions(+) diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild index 83c262f034f8..95ec07b27720 100644 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1-r1.ebuild @@ -257,6 +257,15 @@ tweak_ssh_configs() { SendEnv COLORTERM EOF + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/91gentoo-security.conf || die + RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" + EOF + + cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die + # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ + ssh-rsa B3NzaC1yc2EBIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + EOF + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo.conf || die # Allow client to pass locale environment variables (bug #367017) AcceptEnv ${locale_vars[*]}
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh-contrib/
commit: a3392cb674cc568575d1dfe3c35c3fc907cb2a8f Author: Sam James gentoo org> AuthorDate: Mon May 8 17:07:09 2023 + Commit: Sam James gentoo org> CommitDate: Thu May 11 20:03:46 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a3392cb6 net-misc/openssh-contrib: revoke github.com's compromised RSA host key See https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. It's necessary for the old github.com key to be explicitly removed (or revoked) rather than just selecting a new key, i.e. it's possible for users to be silently affected but not see the error because github.com may not serve them an RSA key. Revoke the old github.com key as part of the ebuild to help users out. Closes: https://github.com/gentoo/gentoo/pull/30327 Closes: https://github.com/gentoo/gentoo/pull/30897 Signed-off-by: Sam James gentoo.org> net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild | 9 + 1 file changed, 9 insertions(+) diff --git a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild index 18255acf5f45..bdcd1d5ad012 100644 --- a/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild +++ b/net-misc/openssh-contrib/openssh-contrib-9.3_p1.ebuild @@ -393,6 +393,15 @@ tweak_ssh_configs() { SendEnv COLORTERM EOF + cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/91gentoo-security.conf || die + RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" + EOF + + cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die + # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ + ssh-rsa B3NzaC1yc2EBIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + EOF + cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/90gentoo.conf || die # Allow client to pass locale environment variables (bug #367017) AcceptEnv ${locale_vars[*]}
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/
commit: 943030b8b90300a6a459d4ac368a6dc676275982 Author: David Seifert gentoo org> AuthorDate: Sun May 7 10:10:58 2023 + Commit: David Seifert gentoo org> CommitDate: Sun May 7 10:10:58 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=943030b8 net-misc/openssh/files: remove unused systemd units Signed-off-by: David Seifert gentoo.org> net-misc/openssh/files/sshd.service| 12 net-misc/openssh/files/sshd_at.service | 8 2 files changed, 20 deletions(-) diff --git a/net-misc/openssh/files/sshd.service b/net-misc/openssh/files/sshd.service deleted file mode 100644 index 6b4da9132fad.. --- a/net-misc/openssh/files/sshd.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=OpenSSH server daemon -After=syslog.target network.target auditd.service - -[Service] -ExecStartPre=/usr/bin/ssh-keygen -A -ExecStart=/usr/sbin/sshd -D -e -ExecReload=/bin/kill -HUP $MAINPID -KillMode=process - -[Install] -WantedBy=multi-user.target diff --git a/net-misc/openssh/files/sshd_at.service b/net-misc/openssh/files/sshd_at.service deleted file mode 100644 index ec2907b3b1ac.. --- a/net-misc/openssh/files/sshd_at.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=OpenSSH per-connection server daemon -After=syslog.target auditd.service - -[Service] -ExecStart=-/usr/sbin/sshd -i -e -StandardInput=socket -StandardError=journal
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 8c6fab56400b1b06b788c7c72c98490f46cd848b Author: David Seifert gentoo org> AuthorDate: Sat May 6 21:27:56 2023 + Commit: David Seifert gentoo org> CommitDate: Sat May 6 21:27:56 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c6fab56 net-misc/openssh: properly indent metadata.xml Signed-off-by: David Seifert gentoo.org> net-misc/openssh/metadata.xml | 22 +++--- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml index 9f064cdd11a0..0ed696c82ad6 100644 --- a/net-misc/openssh/metadata.xml +++ b/net-misc/openssh/metadata.xml @@ -6,18 +6,18 @@ Gentoo Base System -OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that -increasing numbers of people on the Internet are coming to rely on. Many users of telnet, -rlogin, ftp, and other such programs might not realize that their password is transmitted -across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) -to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. -Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety -of authentication methods. + OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that + increasing numbers of people on the Internet are coming to rely on. Many users of telnet, + rlogin, ftp, and other such programs might not realize that their password is transmitted + across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) + to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. + Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety + of authentication methods. -The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which -replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of -the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, -ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0. + The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which + replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of + the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, + ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0. Enable high performance ssh
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/, net-misc/openssh/
commit: 781d6a979c5c181587b6289ef56c2eec627e43bf Author: David Seifert gentoo org> AuthorDate: Sat May 6 15:08:02 2023 + Commit: David Seifert gentoo org> CommitDate: Sat May 6 15:08:02 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=781d6a97 net-misc/openssh: drop 9.2_p1-r2 Signed-off-by: David Seifert gentoo.org> net-misc/openssh/Manifest | 7 - ...mget-shmat-shmdt-in-preauth-privsep-child.patch | 31 -- net-misc/openssh/openssh-9.2_p1-r2.ebuild | 517 - 3 files changed, 555 deletions(-) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 5bde55aac9be..680eb4cd062e 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,13 +1,6 @@ DIST openssh-8_5_P1-hpn-AES-CTR-15.2.diff 30096 BLAKE2B f0c020dd2403806c79d4c37a019996d275655b04997301e247f5c4dd7fad35d12b3b7c25afb1b078d915ef2a4ae02f736f0aec9ba2a8c56a405d7ca303bcadf7 SHA512 4c2dbf99a9b5953fdb955f700272bbaeaa025f108a8860d2190197962b849f8385327af82c4d6a3a130a7fba35a74a8ec9437d642867601acb29817c49632a8f DIST openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff 51428 BLAKE2B 370b88a7da7f148bf5a4d445f05cf593b486e9df53bba027e2e179726f534b68cf9d94edd6e53024e0b6ff5f20e568727bc9d26c94d0d415603602a80d3ad241 SHA512 2d8d887901164b33b2799ff3ec72e86a39ae4a1696e52bcee0872dbae7772fcc534351e6e7f87126ee71b164c74e9091350f14b782f4b242a09f09b4f50d047a DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e82d5dc5ac98365a038b2a66fe58d01eae5b20c258b94b5830e799d6909e75c69753cda05a910f3bdab9606fb7d5efa68e05f1 SHA512 c4a56fab55fabd1d902d45f235b603708d43f969920e45c9a57e557dccfa9cade2ec61f26d1ace938f6f73e79f17b12f119b5aea9166cbda8e3435b910500914 -DIST openssh-9.2_p1-X509-glue-14.1.patch.xz 900 BLAKE2B 1cfde24cdd636390bcd9b546da182b0848d637c366ff387f045e8d9158e94ff9577c0dff9d87a552208a56aac4ae8319bb17fd772719a7aa2cbc8baf2bfe59fc SHA512 b3f87fb0c339ffe627b347b4cc56fc6a056e5e9a4f23481bb18fc55262e1de3f0394d2f7a85c4fa120f74616a5872cf6628118bcda6973dfa9baec8d7e0e65b1 -DIST openssh-9.2_p1-hpn-15.2-X509-14.1-glue.patch.xz 6040 BLAKE2B d032d1f03ab1bd310af055a452375e6b85ebe40f3d09effdfb07085981155b751c6fdc74a9ee10afe807c2cd10be3444baf712eb0b211bdaff4dc43dc4f65938 SHA512 696f5ee26eeef7a1d56c212eb8bf7c7a568ded2a576eddae92b98b9b3b6bd5bd66e0944b9328e93ec4d55d16f72215a13c25d27de81f75aaae8fdbe68e3df51e -DIST openssh-9.2_p1-hpn-15.2-glue.patch.xz 4172 BLAKE2B 7bec61008f02c07bf24112995066bcd434820354155eb022ffa550baa8f7be896d915423698427ec921473190eb8e83739d2ceff04f79967759fc82b74435dac SHA512 c669a70611479f4ee0f3ba8417afc052f0212cb2d338c524fb3bf6c52a1bf3ca78fe78ab04118de5aa472a10d30b95f084c3ed00a542a8b3d0f541f8ea3f26af -DIST openssh-9.2p1+x509-14.1.diff.gz 1210737 BLAKE2B 6b1cb2392c3fdbc7627b44a055da7662c686786cddaefcdf63f33fa92c1d97a5fb9ff54d03b7aef700715baa44f4485ad2dd73f59aac5b19617597832e135773 SHA512 88ba0dfd6e7eddf06e47d27299ee900dd1a9dc24df706bde51231b290f666848935204281577a9e47267939e7ee852f7232caaccdae6ac3eb503e53c075e630d -DIST openssh-9.2p1-sctp-1.2.patch.xz 6828 BLAKE2B 8a57b85ce5d18dca34ef71b486f2f24bbc82f6bf263a4f162a1222d96ef2adc469cce62f368c9192512efaa8e1e2496a7bd8f79a11698bf0118eee07a703e6ef SHA512 3713847ef7b280f8b74a1b493644152c948ce74e06c1d0bff52996647963ca156cbc845b4459bcdbd4745eb440e409af07af2f0b696c65950a8a6d7ddb46f6c8 -DIST openssh-9.2p1.tar.gz 1852380 BLAKE2B 8d0b5e43cb42cba105a1fe303c447a2b85151cb33ec7ed47747d75c5a61d0f07f0ee4b1020b79c13eb8de4b451c5a844a8afc7ebbbea7ffeceafc3bf59cb8d21 SHA512 c4b79ef3a05b96bfc477ffb31f734635bffd5be213ab58e043111c3232dbe999ff24665fa1069518237cffa5126ded0dda8984e1b8f098f4f09b8c1dae20e604 -DIST openssh-9.2p1.tar.gz.asc 833 BLAKE2B 36210757aaa4ee8e6bdf4cfbb5590e6c54a617817d1657ebb446e54530d01a9e9f5559408b3d424d5efdb4ba06f0c02755637f5480dc81f9b4e32963de91087a SHA512 2a56f8946ed00fcd5a92935e090523d40b5c3747e25661d575b799b1825bf5e47a95eed5e7ed968fe042349c2c7d94d6b0e6bf2d9145b5c6ff5df2ca538d56e5 DIST openssh-9.3_p1-X509-glue-14.1.1.patch.xz 936 BLAKE2B f1716ff7801a27aa2aad06f1cca2ca6988eef65fb0ddcbde483e5c9205506ca40b658f5c8c40b2625afb38ff9b56e40831eadcf751c8ee1c11f69ec559f3c147 SHA512 dace01bcf22b625cd00e18ce019b0be31b6f47f714845f3ebb98ebee41b4db0a769fa09cab63ea17536a7106ec90f2b15f87696ae49fa6f6e31bad94ae09719d DIST openssh-9.3_p1-hpn-15.2-X509-14.1.1-glue.patch.xz 6224 BLAKE2B 47c7054648e8d795b0d9e563d8313242c917df8a3620a60cff2d77f9ae8482cec861244e0f1433f711922f0704b775b7183284960a3baa48a27b99979ad7ffa3 SHA512 728cf2586bcc9480afe71b5106e2286b925857a9e04dce79f744b36cbe3ec2844ac5b4a6bd4b64117f32ad1b04c0943b9d6f935eee826202871588ed9a167387 DIST openssh-9.3_p1-hpn-15.2-glue.patch.xz 5044 BLAKE2B 73205bd8f702612df7cb6f29e8b353df854428974dc20d5938033157da64418317f326ab8118893dc47173cd871dc7654a3e3ed601289744560becc98729cd3f SHA512
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 30b24b8811c963483d996dfe66bdd9aaef8cdfd1 Author: Rolf Eike Beer sf-mail de> AuthorDate: Fri Apr 28 12:33:01 2023 + Commit: Sam James gentoo org> CommitDate: Sat Apr 29 08:47:41 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=30b24b88 net-misc/openssh: stable 9.3_p1 for sparc, bug #904920 Signed-off-by: Rolf Eike Beer sf-mail.de> Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 582b590ddec9..c3084f573734 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 00d93e6525a0705396444876503843ccedb8c0cb Author: Sam James gentoo org> AuthorDate: Sun Apr 23 22:35:37 2023 + Commit: Sam James gentoo org> CommitDate: Sun Apr 23 22:35:37 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00d93e65 net-misc/openssh: Stabilize 9.3_p1 hppa, #904920 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 8b41b22c2c90..582b590ddec9 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: d983efdcb9330575179dc51e0e424527f04d54a0 Author: Sam James gentoo org> AuthorDate: Sun Apr 23 22:34:06 2023 + Commit: Sam James gentoo org> CommitDate: Sun Apr 23 22:34:06 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d983efdc net-misc/openssh: Stabilize 9.3_p1 arm, #904920 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index bb73cf505ea5..8b41b22c2c90 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: d6c44724e3085a18ed7c4beb8e08958a93d0d56b Author: Jakov Smolić gentoo org> AuthorDate: Sun Apr 23 21:12:34 2023 + Commit: Jakov Smolić gentoo org> CommitDate: Sun Apr 23 21:12:34 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6c44724 net-misc/openssh: Stabilize 9.3_p1 ppc, #904920 Signed-off-by: Jakov Smolić gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 952ae60b91a6..bb73cf505ea5 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 9be94ed089e698dbf3ffaea58b8cbeb7ff2e5863 Author: Sam James gentoo org> AuthorDate: Sun Apr 23 20:32:11 2023 + Commit: Sam James gentoo org> CommitDate: Sun Apr 23 20:32:19 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9be94ed0 net-misc/openssh: Stabilize 9.3_p1 ppc64, #904920 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 27ded0d86427..952ae60b91a6 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 9b0be1a5d3bd5c32471599dfcb500dfcfd2dae1e Author: Sam James gentoo org> AuthorDate: Sun Apr 23 20:21:28 2023 + Commit: Sam James gentoo org> CommitDate: Sun Apr 23 20:21:28 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9b0be1a5 net-misc/openssh: Stabilize 9.3_p1 arm64, #904920 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 2e8dd9001be6..e8e34590ed19 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 62badc2d1da9d8f79a335f1319ec873ef24399c0 Author: Sam James gentoo org> AuthorDate: Sun Apr 23 20:21:30 2023 + Commit: Sam James gentoo org> CommitDate: Sun Apr 23 20:21:30 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=62badc2d net-misc/openssh: Stabilize 9.3_p1 x86, #904920 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index e8e34590ed19..27ded0d86427 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 6d34894908375f304335dae253e99c9984dd7de1 Author: Sam James gentoo org> AuthorDate: Sun Apr 23 20:08:05 2023 + Commit: Sam James gentoo org> CommitDate: Sun Apr 23 20:08:05 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d348949 net-misc/openssh: Stabilize 9.3_p1 amd64, #904920 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 52b5df3521e8..2e8dd9001be6 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/
commit: 89388df8828ca7f3f759077caa139a6e34d2665b Author: Michael Mair-Keimberger levelnine at> AuthorDate: Fri Mar 24 13:54:56 2023 + Commit: Conrad Kostecki gentoo org> CommitDate: Sat Apr 1 19:10:58 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=89388df8 net-misc/openssh: remove unused patch Signed-off-by: Michael Mair-Keimberger levelnine.at> Closes: https://github.com/gentoo/gentoo/pull/30332 Signed-off-by: Conrad Kostecki gentoo.org> net-misc/openssh/files/openssh-9.1_p1-build-tests.patch | 13 - 1 file changed, 13 deletions(-) diff --git a/net-misc/openssh/files/openssh-9.1_p1-build-tests.patch b/net-misc/openssh/files/openssh-9.1_p1-build-tests.patch deleted file mode 100644 index 62f51a87823d.. --- a/net-misc/openssh/files/openssh-9.1_p1-build-tests.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in -index dd8cdc4b7..c446f0aa2 100644 a/openbsd-compat/regress/Makefile.in -+++ b/openbsd-compat/regress/Makefile.in -@@ -10,7 +10,7 @@ CFLAGS=@CFLAGS@ - CPPFLAGS=-I. -I.. -I../.. -I$(srcdir) -I$(srcdir)/.. -I$(srcdir)/../.. @CPPFLAGS@ @DEFS@ - EXEEXT=@EXEEXT@ - LIBCOMPAT=../libopenbsd-compat.a --LIBS=@LIBS@ -+LIBS=@LIBS@ -lssl -lcrypto - LDFLAGS=@LDFLAGS@ $(LIBCOMPAT) - - TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/
commit: c1bbac96c183b2608224002c0ed24bb325560578 Author: Sam James gentoo org> AuthorDate: Thu Mar 23 06:01:44 2023 + Commit: Sam James gentoo org> CommitDate: Thu Mar 23 06:01:44 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1bbac96 net-misc/openssh: restore patch metadata It was lost in the 9.3_p1 rebase. Signed-off-by: Sam James gentoo.org> .../openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch b/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch index caccfd17c11d..b571ae253fff 100644 --- a/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch +++ b/net-misc/openssh/files/openssh-9.3_p1-openssl-version-compat-check.patch @@ -1,5 +1,4 @@ -diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c -index 033f35763..efc387fa7 100644 +https://bugzilla.mindrot.org/show_bug.cgi?id=3548 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -48,19 +48,25 @@ ssh_compatible_openssl(long headerver, long libver) @@ -37,8 +36,6 @@ index 033f35763..efc387fa7 100644 if ( (headerver & mask) == (libver & mask) && lfix >= hfix) return 1; return 0; -diff --git a/openbsd-compat/regress/opensslvertest.c b/openbsd-compat/regress/opensslvertest.c -index d50066609..60a8a4e6c 100644 --- a/openbsd-compat/regress/opensslvertest.c +++ b/openbsd-compat/regress/opensslvertest.c @@ -31,7 +31,7 @@ struct version_test {
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
commit: d98d3e95b9bd0a5d29463710ece356005e70cb93 Author: Sam James gentoo org> AuthorDate: Thu Mar 23 05:59:32 2023 + Commit: Sam James gentoo org> CommitDate: Thu Mar 23 05:59:59 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d98d3e95 net-misc/openssh: drop 9.1_p1-r3, 9.2_p1-r3 Bug: https://bugs.gentoo.org/892936 Signed-off-by: Sam James gentoo.org> net-misc/openssh/Manifest | 9 - ...enssh-9.1_p2-openssl-version-compat-check.patch | 42 -- net-misc/openssh/openssh-9.1_p1-r3.ebuild | 523 - net-misc/openssh/openssh-9.2_p1-r3.ebuild | 518 4 files changed, 1092 deletions(-) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 1feba2f14167..5bde55aac9be 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,15 +1,6 @@ DIST openssh-8_5_P1-hpn-AES-CTR-15.2.diff 30096 BLAKE2B f0c020dd2403806c79d4c37a019996d275655b04997301e247f5c4dd7fad35d12b3b7c25afb1b078d915ef2a4ae02f736f0aec9ba2a8c56a405d7ca303bcadf7 SHA512 4c2dbf99a9b5953fdb955f700272bbaeaa025f108a8860d2190197962b849f8385327af82c4d6a3a130a7fba35a74a8ec9437d642867601acb29817c49632a8f DIST openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff 51428 BLAKE2B 370b88a7da7f148bf5a4d445f05cf593b486e9df53bba027e2e179726f534b68cf9d94edd6e53024e0b6ff5f20e568727bc9d26c94d0d415603602a80d3ad241 SHA512 2d8d887901164b33b2799ff3ec72e86a39ae4a1696e52bcee0872dbae7772fcc534351e6e7f87126ee71b164c74e9091350f14b782f4b242a09f09b4f50d047a DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e82d5dc5ac98365a038b2a66fe58d01eae5b20c258b94b5830e799d6909e75c69753cda05a910f3bdab9606fb7d5efa68e05f1 SHA512 c4a56fab55fabd1d902d45f235b603708d43f969920e45c9a57e557dccfa9cade2ec61f26d1ace938f6f73e79f17b12f119b5aea9166cbda8e3435b910500914 -DIST openssh-9.1_p1-X509-glue-14.0.1.patch.xz 1096 BLAKE2B cf5568982c9b2b69ee9f99f3e80459aed7b89f1350362e550ae8db3e5eee4a6d2e07879f962262a05c9745d39f34a3ae83792595c61f0ac287226ee9e0ec2a1b SHA512 18c65c97cc8c436fa8e28c0ad9f0a3874f1fb745d75e0bfb76c180bc148ae14a5f6cc5c2b2fa7261d76a8e1234f28fe869bd7f64ed282bf39c88cc3f20932be5 -DIST openssh-9.1_p1-getentropy.patch 2818 BLAKE2B 883cd035ec4aee7df9951d7da11bec5a8b9645c7e9225495bb8c86e7e07e89d7c989d32d4db7c46118e20a045e1a07c1bbf98726a69a41351968ce4b04b6779e SHA512 5153a97116e0eed9d7d238478304991737ebb837e7253dd931390bfe287398760ef5134a801825e66d95dd9daf95ed9145a260e23b459b721bc27e628da1a6c0 -DIST openssh-9.1_p1-hpn-15.2-X509-14.0.1-glue.patch.xz 5536 BLAKE2B 4629e62287f2bc36fe1eb830e4c47c5482e36650c1e725978e150e4f2a233d58b5bd1286024bdbef4d05586bb3e5d13c51fbd191dfe7429fdb06a278c564a777 SHA512 03467605b57ab3fb7ef2a9be175cf3708fa92234f3f0abfa74ea371c9ee90f2c01a3311022e282823c7bb67249d65aabf89f1574b917dc798c51847e57b0e33f -DIST openssh-9.1_p1-hpn-15.2-glue.patch.xz 3840 BLAKE2B 06fb14d8c6f52f1c6fae7971fc4da810c814d7b52063f8cc7e83356baa7ed70c84476c1d1cc896eba6d0d51813dc994e3c82278e66c04998431c8123a09fe7df SHA512 99c88c08fb384336a9680629bc04a89121780d64ee8b03ac164c4e446cc30b865004292e98516b6f857bd75e1b4393291427c046ffcabc1578629e6075636cbf -DIST openssh-9.1_p1-sandbox-writev.patch 819 BLAKE2B c2e4d507540e704b241ab9fb2c63774a2a5031879a746fcb65405f91ff8434ca1877509a5e87484dffc4b9d52da9d7f3b8e177cbbd75d9c632785ba269c3f86a SHA512 ce491ad3ee02a9f455fdd7ab5cbf16d286f439205d557deb4ef3b9d7e092ef5e9b98e682bdc0e65804ee557581133353116d508c60b0ba4a18e2cdcd3aed6bf1 -DIST openssh-9.1p1+x509-14.0.1.diff.gz 1236304 BLAKE2B 389e652a7cca4d7322d784e516a9454b0c6cb540a64aa47c0b14ac80bd9ad5aa7aa72a00dbc9024aa7c1186b19f2c62f179b8a6463085dd1bdde15fd44e451e5 SHA512 da754497f3f7d173b273f710dab2e7dbc5bf5257c95e661687ff4dd6b5e1c696ac031785850d9a9eb5669f728cbe4fe26d256a7cbd6f137ecadaf38f153770d1 -DIST openssh-9.1p1-sctp-1.2.patch.xz 6772 BLAKE2B 8393c1ca5f0df7e4d490cef5c38d50d45da83a9c3f650e9af15d95825f9e682a6aaf6a0e85fc1704d41d6567aec8f0b34e43b20652e0141008ccdbe91426dfac SHA512 6750394d0fb7b7f93a0e4f94204e53277cc341c5b2427130559e443557dbb95f2e85a71cfe8d40cfa17dd015b0f3880f79a1f868374e60e94e8385c9b45acec5 -DIST openssh-9.1p1.tar.gz 1838747 BLAKE2B 287b6b1cc4858b27af88f4a4674670afff1fb5b99461892083393c53ef3747c5a0fcd90cba95d2c27465a919e00f7f42732c93af4f306665ba0393bbb7a534f5 SHA512 a1f02c407f6b621b1d0817d1a0c9a6839b67e416c84f3b76c63003b119035b24c19a1564b22691d1152e1d2d55f4dc7eb1af2d2318751e431a99c4efa77edc70 -DIST openssh-9.1p1.tar.gz.asc 833 BLAKE2B 83efe3c705f6a02c25a9fc9bac2a4efd77470598d9e0fcb86dff2d265c58cffec1afecad3621769b2bd78ac25884f0ee20ae9b311e895db93e3bb552dffd6e74 SHA512 47dc7295f9694250bcbb86d7ca0830a47da4f3df7795bb05ebaf1590284ccce5317022c536bea1b09bd2fa4d8013295cc0de287ebe3f9dc605582077e9f11ddd DIST openssh-9.2_p1-X509-glue-14.1.patch.xz 900 BLAKE2B 1cfde24cdd636390bcd9b546da182b0848d637c366ff387f045e8d9158e94ff9577c0dff9d87a552208a56aac4ae8319bb17fd772719a7aa2cbc8baf2bfe59fc SHA512
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: aa123a786c2519c8ad2338f66fa2d44a28ad4ce1 Author: Patrick McLean gentoo org> AuthorDate: Fri Mar 17 17:09:58 2023 + Commit: Patrick McLean gentoo org> CommitDate: Fri Mar 17 17:09:58 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa123a78 net-misc/openssh: keyword 9.3_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh/openssh-9.3_p1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 3173cbc8d705..52b5df3521e8 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/, net-misc/openssh/
commit: 2c9ebdc2c763bd969cab9d503f00665076dab871 Author: Patrick McLean gentoo org> AuthorDate: Fri Mar 17 03:58:02 2023 + Commit: Patrick McLean gentoo org> CommitDate: Fri Mar 17 03:58:09 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2c9ebdc2 net-misc/openssh: add 9.3_p1 Signed-off-by: Patrick McLean gentoo.org> net-misc/openssh/Manifest | 7 + ...mget-shmat-shmdt-in-preauth-privsep-child.patch | 20 + ...enssh-9.3_p1-openssl-version-compat-check.patch | 61 +++ net-misc/openssh/openssh-9.3_p1.ebuild | 518 + 4 files changed, 606 insertions(+) diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index d16682cf7844..1feba2f14167 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -17,3 +17,10 @@ DIST openssh-9.2p1+x509-14.1.diff.gz 1210737 BLAKE2B 6b1cb2392c3fdbc7627b44a055d DIST openssh-9.2p1-sctp-1.2.patch.xz 6828 BLAKE2B 8a57b85ce5d18dca34ef71b486f2f24bbc82f6bf263a4f162a1222d96ef2adc469cce62f368c9192512efaa8e1e2496a7bd8f79a11698bf0118eee07a703e6ef SHA512 3713847ef7b280f8b74a1b493644152c948ce74e06c1d0bff52996647963ca156cbc845b4459bcdbd4745eb440e409af07af2f0b696c65950a8a6d7ddb46f6c8 DIST openssh-9.2p1.tar.gz 1852380 BLAKE2B 8d0b5e43cb42cba105a1fe303c447a2b85151cb33ec7ed47747d75c5a61d0f07f0ee4b1020b79c13eb8de4b451c5a844a8afc7ebbbea7ffeceafc3bf59cb8d21 SHA512 c4b79ef3a05b96bfc477ffb31f734635bffd5be213ab58e043111c3232dbe999ff24665fa1069518237cffa5126ded0dda8984e1b8f098f4f09b8c1dae20e604 DIST openssh-9.2p1.tar.gz.asc 833 BLAKE2B 36210757aaa4ee8e6bdf4cfbb5590e6c54a617817d1657ebb446e54530d01a9e9f5559408b3d424d5efdb4ba06f0c02755637f5480dc81f9b4e32963de91087a SHA512 2a56f8946ed00fcd5a92935e090523d40b5c3747e25661d575b799b1825bf5e47a95eed5e7ed968fe042349c2c7d94d6b0e6bf2d9145b5c6ff5df2ca538d56e5 +DIST openssh-9.3_p1-X509-glue-14.1.1.patch.xz 936 BLAKE2B f1716ff7801a27aa2aad06f1cca2ca6988eef65fb0ddcbde483e5c9205506ca40b658f5c8c40b2625afb38ff9b56e40831eadcf751c8ee1c11f69ec559f3c147 SHA512 dace01bcf22b625cd00e18ce019b0be31b6f47f714845f3ebb98ebee41b4db0a769fa09cab63ea17536a7106ec90f2b15f87696ae49fa6f6e31bad94ae09719d +DIST openssh-9.3_p1-hpn-15.2-X509-14.1.1-glue.patch.xz 6224 BLAKE2B 47c7054648e8d795b0d9e563d8313242c917df8a3620a60cff2d77f9ae8482cec861244e0f1433f711922f0704b775b7183284960a3baa48a27b99979ad7ffa3 SHA512 728cf2586bcc9480afe71b5106e2286b925857a9e04dce79f744b36cbe3ec2844ac5b4a6bd4b64117f32ad1b04c0943b9d6f935eee826202871588ed9a167387 +DIST openssh-9.3_p1-hpn-15.2-glue.patch.xz 5044 BLAKE2B 73205bd8f702612df7cb6f29e8b353df854428974dc20d5938033157da64418317f326ab8118893dc47173cd871dc7654a3e3ed601289744560becc98729cd3f SHA512 343b77109158b9af5d8d57f4ac7968bce8277fa3b4dcaa19b76593620fbddbfa832bd76c0da52e12179fe5f391f9fef67e7af51b138ab8cc69a8a6471b6a3909 +DIST openssh-9.3p1+x509-14.1.1.diff.gz 1221335 BLAKE2B 9203fbb6955fe44ebd7ed031245a90b8df7e149a6ad3205097ffd5d2d7655a0e6b8cd2e20d7f7216fbc6d3e8bd0a1453f3fc028f04e96c0f244ad0772a0e30ab SHA512 8a1036d680d25f99e1a24ea77a2c303e807c0f5c5323043684da9fcc9ff603f80384688935a654cc97216f84f85f00f590dc35d2ee2b1f0fb169f8b427559b2d +DIST openssh-9.3p1-sctp-1.2.patch.xz 6836 BLAKE2B d12394ecaa7eca6e0b3590cea83b71537edc3230bc5f7b2992a06a67c77247cc4156be0ba151038a5baee1c3f105f76f1917cc5aad08d1aadadfd6e56858781b SHA512 ba5af014e5b825bf4a57368416a15c6e56afd355780e4c5eab44a396c3f4276ac4d813c5c15b83f3b8edf4763855221743796c038433b292fda9417f0b274a71 +DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6676459f7422ace7a2461ab96943fbcadb478633a80f40bc098f2435722850b563714adb78b14922be53cb5753d SHA512 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 +DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 diff --git a/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch b/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch new file mode 100644 index ..4d098b2231c7 --- /dev/null +++ b/net-misc/openssh/files/openssh-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch @@ -0,0 +1,20 @@ +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 23b40b643..d93a357c6 100644 +--- a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +@@ -257,6 +257,15 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_statx + SC_DENY(__NR_statx, EACCES), + #endif ++#ifdef __NR_shmget ++ SC_DENY(__NR_shmget, EACCES), ++#endif ++#ifdef __NR_shmat ++ SC_DENY(__NR_shmat, EACCES), ++#endif ++#ifdef __NR_shmdt ++
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 8ce5549f96cbe56151fd1a5adef102a53a821198 Author: Sam James gentoo org> AuthorDate: Wed Mar 15 03:52:14 2023 + Commit: Sam James gentoo org> CommitDate: Wed Mar 15 03:52:14 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8ce5549f net-misc/openssh: unkeyword 9.2_p1-r3 I think this version is fine, but on reflection, I'd rather wait a bit longer until upstream have decided for sure which approach they're going with. Not really in a rush to keyword openssl-3.1.x anyway. Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.2_p1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.2_p1-r3.ebuild b/net-misc/openssh/openssh-9.2_p1-r3.ebuild index 0c12a424605e..398c9d6f532f 100644 --- a/net-misc/openssh/openssh-9.2_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.2_p1-r3.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/, net-misc/openssh/
commit: 268d1040b0682edf6f042269a33a32315590547b Author: Sam James gentoo org> AuthorDate: Wed Mar 15 03:10:39 2023 + Commit: Sam James gentoo org> CommitDate: Wed Mar 15 03:10:39 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=268d1040 net-misc/openssh: add OpenSSL version compatibility fix Without this, openssh wrongly thinks a rebuild is needed between openssl 3.0.x and 3.1.x. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=3548 Signed-off-by: Sam James gentoo.org> ...enssh-9.1_p2-openssl-version-compat-check.patch | 42 ++ net-misc/openssh/openssh-9.2_p1-r3.ebuild | 518 + 2 files changed, 560 insertions(+) diff --git a/net-misc/openssh/files/openssh-9.1_p2-openssl-version-compat-check.patch b/net-misc/openssh/files/openssh-9.1_p2-openssl-version-compat-check.patch new file mode 100644 index ..530d96e11ce2 --- /dev/null +++ b/net-misc/openssh/files/openssh-9.1_p2-openssl-version-compat-check.patch @@ -0,0 +1,42 @@ +https://bugzilla.mindrot.org/show_bug.cgi?id=3548 +--- a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c +@@ -33,10 +33,10 @@ + + /* + * OpenSSL version numbers: MNNFFPPS: major minor fix patch status +- * We match major, minor, fix and status (not patch) for <1.0.0. +- * After that, we acceptable compatible fix versions (so we +- * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed +- * within a patch series. ++ * Versions >=3 require only major versions to match. ++ * For versions <3, we accept compatible fix versions (so we allow 1.0.1 ++ * to work with 1.0.0). Going backwards is only allowed within a patch series. ++ * See https://www.openssl.org/policies/releasestrat.html + */ + + int +@@ -48,15 +48,17 @@ ssh_compatible_openssl(long headerver, long libver) + if (headerver == libver) + return 1; + +- /* for versions < 1.0.0, major,minor,fix,status must match */ +- if (headerver < 0x100f) { +- mask = 0xf00fL; /* major,minor,fix,status */ ++ /* ++ * For versions >= 3.0, only the major and status must match. ++ */ ++ if (headerver >= 0x300f) { ++ mask = 0xf00fL; /* major,status */ + return (headerver & mask) == (libver & mask); + } + + /* +- * For versions >= 1.0.0, major,minor,status must match and library +- * fix version must be equal to or newer than the header. ++ * For versions >= 1.0.0, but <3, major,minor,status must match and ++ * library fix version must be equal to or newer than the header. +*/ + mask = 0xffffL; /* major,minor,status */ + hfix = (headerver & 0x000ff000) >> 12; + diff --git a/net-misc/openssh/openssh-9.2_p1-r3.ebuild b/net-misc/openssh/openssh-9.2_p1-r3.ebuild new file mode 100644 index ..0c12a424605e --- /dev/null +++ b/net-misc/openssh/openssh-9.2_p1-r3.ebuild @@ -0,0 +1,518 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_} + +# PV to USE for HPN patches +#HPN_PV="${PV^^}" +HPN_PV="8.5_P1" + +HPN_VER="15.2" +HPN_PATCHES=( + ${PN}-${HPN_PV/./_}-hpn-DynWinNoneSwitch-${HPN_VER}.diff + ${PN}-${HPN_PV/./_}-hpn-AES-CTR-${HPN_VER}.diff + ${PN}-${HPN_PV/./_}-hpn-PeakTput-${HPN_VER}.diff +) +HPN_GLUE_PATCH="${PN}-9.2_p1-hpn-${HPN_VER}-glue.patch" +HPN_PATCH_DIR="HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}" + +SCTP_VER="1.2" +SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz" + +X509_VER="14.1" +X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" +X509_GLUE_PATCH="${P}-X509-glue-${X509_VER}.patch" +X509_HPN_GLUE_PATCH="${PN}-9.2_p1-hpn-${HPN_VER}-X509-${X509_VER}-glue.patch" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="https://www.openssh.com/; +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~chutzpah/dist/openssh/${SCTP_PATCH} )} + ${HPN_VER:+hpn? ( + $(printf "mirror://sourceforge/project/hpnssh/Patches/${HPN_PATCH_DIR}/%s\n" "${HPN_PATCHES[@]}") + https://dev.gentoo.org/~chutzpah/dist/openssh/${HPN_GLUE_PATCH}.xz + )} + ${X509_PATCH:+X509? ( + https://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} + https://dev.gentoo.org/~chutzpah/dist/openssh/${X509_GLUE_PATCH}.xz + ${HPN_VER:+hpn? ( https://dev.gentoo.org/~chutzpah/dist/openssh/${X509_HPN_GLUE_PATCH}.xz )} + )} + verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) +" +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/openssh.org.asc +S="${WORKDIR}/${PARCH}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64
[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
commit: 10b132622f4ccf734bda26c81ade9ca55101c35c Author: Sam James gentoo org> AuthorDate: Thu Feb 16 10:00:45 2023 + Commit: Sam James gentoo org> CommitDate: Thu Feb 16 10:00:45 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10b13262 net-misc/openssh: Stabilize 9.2_p1-r2 x86, #893664 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.2_p1-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net-misc/openssh/openssh-9.2_p1-r2.ebuild b/net-misc/openssh/openssh-9.2_p1-r2.ebuild index 26bdfabb396e..0a724fc1e142 100644 --- a/net-misc/openssh/openssh-9.2_p1-r2.ebuild +++ b/net-misc/openssh/openssh-9.2_p1-r2.ebuild @@ -50,7 +50,7 @@ S="${WORKDIR}/${PARCH}" LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" # Probably want to drop ssl defaulting to on in a future version. IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"