From 942706dc7a3a96c466b2d6724795c13ce29cea2d Mon Sep 17 00:00:00 2001 From: Bryan Drewery Date: Sun, 16 Mar 2014 17:35:32 +0000 Subject: [PATCH] - Update to 6.6 - Capsicum patch no longer needed - Update X509 patch to 7.9 Changelog: http://www.openssh.org/txt/release-6.6 --- security/openssh-portable/Makefile | 11 +++++------ security/openssh-portable/distinfo | 16 ++++++++-------- .../files/extra-patch-hpn-build-options | 6 +++--- .../files/patch-sandbox-capsicum.c | 17 ----------------- 4 files changed, 16 insertions(+), 34 deletions(-) delete mode 100644 security/openssh-portable/files/patch-sandbox-capsicum.c diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile index 0491c53b03b2..1840ce832156 100644 --- a/security/openssh-portable/Makefile +++ b/security/openssh-portable/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= openssh -DISTVERSION= 6.5p1 -PORTREVISION= 1 +DISTVERSION= 6.6p1 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= ${MASTER_SITE_OPENBSD} @@ -80,12 +79,12 @@ LPK_CONFIGURE_ON= --with-ldap=yes \ LPK_USE= OPENLDAP=yes # See http://www.roumenpetrov.info/openssh/ -X509_VERSION= 7.8 +X509_VERSION= 7.9 X509_PATCH_SITES= http://www.roumenpetrov.info/openssh/x509-${X509_VERSION}/:x509 -X509_PATCHFILES= ${PORTNAME}-6.5p1+x509-${X509_VERSION}.diff.gz:-p1:x509 +X509_PATCHFILES= ${PORTNAME}-6.6p1+x509-${X509_VERSION}.diff.gz:-p1:x509 # See https://bugzilla.mindrot.org/show_bug.cgi?id=2016 -SCTP_PATCHFILES= ${PORTNAME}-6.5p1-sctp-2329.patch.gz +SCTP_PATCHFILES= ${PORTNAME}-6.6p1-sctp-2329.patch.gz SCTP_CONFIGURE_WITH= sctp # Adapated from 5.7 patch at http://www.sxw.org.uk/computing/patches/ @@ -112,7 +111,7 @@ BROKEN= KERB_GSSAPI Patch is not updated for 6.5 and upstream has not been acti .if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MAES_THREADED} || ${PORT_OPTIONS:MNONECIPHER} PORTDOCS+= HPN-README HPN_VERSION= 14v2 -HPN_DISTVERSION= 6.5p1 +HPN_DISTVERSION= 6.6p1 PATCH_SITES+= ${MASTER_SITE_SOURCEFORGE:S/$/:hpn/} PATCH_SITE_SUBDIR+= hpnssh/HPN-SSH%20${HPN_VERSION}%20${HPN_DISTVERSION}/:hpn PATCHFILES+= ${PORTNAME}-${HPN_DISTVERSION}-hpnssh${HPN_VERSION}.diff.gz:-p1:hpn diff --git a/security/openssh-portable/distinfo b/security/openssh-portable/distinfo index 2112530b0ea0..955a51cee7d8 100644 --- a/security/openssh-portable/distinfo +++ b/security/openssh-portable/distinfo @@ -1,12 +1,12 @@ -SHA256 (openssh-6.5p1.tar.gz) = a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027 -SIZE (openssh-6.5p1.tar.gz) = 1293187 -SHA256 (openssh-6.5p1-hpnssh14v2.diff.gz) = be6915130f2b1aad00235e02d55b67114dbb517b13d04d52a8abac9343166efd -SIZE (openssh-6.5p1-hpnssh14v2.diff.gz) = 24534 -SHA256 (openssh-6.5p1+x509-7.8.diff.gz) = b096ff7569e9ea3601673383540a986ce87636a984cc605a60dc53574888b992 -SIZE (openssh-6.5p1+x509-7.8.diff.gz) = 225483 +SHA256 (openssh-6.6p1.tar.gz) = 48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bb +SIZE (openssh-6.6p1.tar.gz) = 1282502 +SHA256 (openssh-6.6p1-hpnssh14v2.diff.gz) = 2a1b34dc3bf922e12cbca687e57b1fad2a0b087e38022e6782e99b45fcc1a315 +SIZE (openssh-6.6p1-hpnssh14v2.diff.gz) = 24469 +SHA256 (openssh-6.6p1+x509-7.9.diff.gz) = 463473f75c1dc250ea4eda21f2c79df6f0b479ea499d044cb51d73073881ca34 +SIZE (openssh-6.6p1+x509-7.9.diff.gz) = 224691 SHA256 (openssh-6.5p1-gsskex-all-20110125.patch.gz) = dd3b0f383a58e490f735646ae27f3dd05db96446e2e4ae8e753b64eee7f46582 SIZE (openssh-6.5p1-gsskex-all-20110125.patch.gz) = 23516 SHA256 (openssh-lpk-6.3p1.patch.gz) = d2a8b7da7acebac2afc4d0a3dffe8fca2e49900cf733af2e7012f2449b3668e1 SIZE (openssh-lpk-6.3p1.patch.gz) = 17815 -SHA256 (openssh-6.5p1-sctp-2329.patch.gz) = 07acf0c6e6be493dbcf6fb166b846eef99256f6f60f0feb3451522147a1d9464 -SIZE (openssh-6.5p1-sctp-2329.patch.gz) = 8722 +SHA256 (openssh-6.6p1-sctp-2329.patch.gz) = e054529810815d63f7de5d1c6cc76fccb7766e1b2d1b62438ca83770afac9bfa +SIZE (openssh-6.6p1-sctp-2329.patch.gz) = 8695 diff --git a/security/openssh-portable/files/extra-patch-hpn-build-options b/security/openssh-portable/files/extra-patch-hpn-build-options index 235db7f624a7..233aaf8cce7c 100644 --- a/security/openssh-portable/files/extra-patch-hpn-build-options +++ b/security/openssh-portable/files/extra-patch-hpn-build-options @@ -76,10 +76,10 @@ /* if a user tries to set the size to 0 set it to 1KB */ --- servconf.c.orig 2013-10-11 09:24:44.734138483 -0500 +++ servconf.c 2013-10-11 09:25:50.777137928 -0500 -@@ -305,10 +305,16 @@ fill_default_server_options(ServerOption +@@ -303,10 +303,16 @@ + } + if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; - if (options->zero_knowledge_password_authentication == -1) - options->zero_knowledge_password_authentication = 0; +#ifdef NONECIPHER if (options->none_enabled == -1) +#endif diff --git a/security/openssh-portable/files/patch-sandbox-capsicum.c b/security/openssh-portable/files/patch-sandbox-capsicum.c deleted file mode 100644 index 3f91db8d3469..000000000000 --- a/security/openssh-portable/files/patch-sandbox-capsicum.c +++ /dev/null @@ -1,17 +0,0 @@ ---- sandbox-capsicum.c.orig 2014-01-25 16:39:53.000000000 -0600 -+++ sandbox-capsicum.c 2014-02-02 20:14:02.881233373 -0600 -@@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo - fatal("can't limit stderr: %m"); - - cap_rights_init(&rights, CAP_READ, CAP_WRITE); -- if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1) -+ if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1 && -+ errno != ENOSYS) - fatal("%s: failed to limit the network socket", __func__); - cap_rights_init(&rights, CAP_WRITE); -- if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1) -+ if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1 && -+ errno != ENOSYS) - fatal("%s: failed to limit the logging socket", __func__); - if (cap_enter() < 0 && errno != ENOSYS) - fatal("%s: failed to enter capability mode", __func__);