aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbdrewery <bdrewery@FreeBSD.org>2016-01-20 10:18:42 +0800
committerbdrewery <bdrewery@FreeBSD.org>2016-01-20 10:18:42 +0800
commitf11fb46da9ab282df9555bdc1f6ca756c2a98231 (patch)
tree027b3d81bda87406adec16c9dadafc8025329c3f
parent7782e787da75709eec1c1f0203099174d04beff3 (diff)
downloadfreebsd-ports-gnome-f11fb46da9ab282df9555bdc1f6ca756c2a98231.tar.gz
freebsd-ports-gnome-f11fb46da9ab282df9555bdc1f6ca756c2a98231.tar.zst
freebsd-ports-gnome-f11fb46da9ab282df9555bdc1f6ca756c2a98231.zip
Fix the KERB_GSSAPI option using the latest patch from Debian.
This slightly refactors some of the HPN patch to avoid a conflict. PR: 206346 Submitted by: Garret Wollman
-rw-r--r--security/openssh-portable/Makefile26
-rw-r--r--security/openssh-portable/distinfo4
-rw-r--r--security/openssh-portable/files/extra-patch-hpn21
-rw-r--r--security/openssh-portable/files/extra-patch-hpn-gss-glue24
4 files changed, 49 insertions, 26 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile
index e4c0a6d3b846..da3605fc8aa9 100644
--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -90,6 +90,19 @@ PATCH_SITES+= http://mirror.shatow.net/freebsd/${PORTNAME}/:DEFAULT,x509,hpn,gs
EXTRA_PATCHES:= ${EXTRA_PATCHES:N${TCP_WRAPPERS_EXTRA_PATCHES}}
.endif
+# Must add this patch before HPN due to conflicts
+.if ${PORT_OPTIONS:MKERB_GSSAPI}
+# 7.1 patch taken from
+# http://sources.debian.net/data/main/o/openssh/1:7.1p2-2/debian/patches/gssapi.patch
+# which was originally based on 5.7 patch from
+# http://www.sxw.org.uk/computing/patches/
+. if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MNONECIPHER}
+# Needed glue for applying HPN patch without conflict
+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-hpn-gss-glue
+. endif
+PATCHFILES+= openssh-7.1p2-gsskex-all-20141021-debian-rh-20160104.patch.gz:-p1:gsskex
+.endif
+
# http://www.psc.edu/index.php/hpn-ssh https://github.com/rapier1/hpn-ssh https://github.com/rapier1/openssh-portable
.if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MNONECIPHER}
PORTDOCS+= HPN-README
@@ -100,15 +113,6 @@ HPN_DISTVERSION= 6.7p1
EXTRA_PATCHES+= ${FILESDIR}/extra-patch-hpn:-p2
.endif
-# Must add this patch after HPN due to conflicts
-.if ${PORT_OPTIONS:MKERB_GSSAPI}
-# 6.7 patch taken from
-# http://sources.debian.net/data/main/o/openssh/1:6.7p1-3/debian/patches/gssapi.patch
-# which was originally based on 5.7 patch from
-# http://www.sxw.org.uk/computing/patches/
-PATCHFILES+= openssh-6.7p1-gsskex-all-20141021-284f364.patch.gz:-p1:gsskex
-.endif
-
CONFIGURE_LIBS+= -lutil
CONFIGURE_ARGS+= --disable-utmp --disable-wtmp --disable-wtmpx --without-lastlog
@@ -134,10 +138,6 @@ BROKEN= X509 patch incompatible with KERB_GSSAPI patch
.endif
-. if ${PORT_OPTIONS:MKERB_GSSAPI}
-BROKEN= Does not apply to 6.8
-. endif
-
.if ${PORT_OPTIONS:MHEIMDAL_BASE} && ${PORT_OPTIONS:MKERB_GSSAPI}
BROKEN= KERB_GSSAPI Requires either MIT or HEMIDAL, does not build with base Heimdal currently
.endif
diff --git a/security/openssh-portable/distinfo b/security/openssh-portable/distinfo
index f32eae1f45e1..9e0fe401e6e8 100644
--- a/security/openssh-portable/distinfo
+++ b/security/openssh-portable/distinfo
@@ -4,5 +4,5 @@ SHA256 (openssh-6.8p1-sctp-2573.patch.gz) = 0348713ad4cb4463e90cf5202ed41c8f726d
SIZE (openssh-6.8p1-sctp-2573.patch.gz) = 8531
SHA256 (openssh-7.0p1+x509-8.5.diff.gz) = 6000557f1ddae06aff8837d440d93342a923fada571fec59fc5dedf388fb5f9e
SIZE (openssh-7.0p1+x509-8.5.diff.gz) = 411960
-SHA256 (openssh-6.7p1-gsskex-all-20141021-284f364.patch.gz) = 9a361408269a542d28dae77320f30e94a44098acdbbbc552efb0bdeac6270dc8
-SIZE (openssh-6.7p1-gsskex-all-20141021-284f364.patch.gz) = 25825
+SHA256 (openssh-7.1p2-gsskex-all-20141021-debian-rh-20160104.patch.gz) = 420f3ee70705de57bb9a9ad66e72c1d40c318d8a882815d108816687fcc79b62
+SIZE (openssh-7.1p2-gsskex-all-20141021-debian-rh-20160104.patch.gz) = 25798
diff --git a/security/openssh-portable/files/extra-patch-hpn b/security/openssh-portable/files/extra-patch-hpn
index 179a96653bde..9629e9b8c26b 100644
--- a/security/openssh-portable/files/extra-patch-hpn
+++ b/security/openssh-portable/files/extra-patch-hpn
@@ -1110,8 +1110,8 @@ diff -urN -x configure -x config.guess -x config.h.in -x config.sub work.clean/o
}
if (roaming_atomicio(vwrite, connection_out, client_version_string,
strlen(client_version_string)) != strlen(client_version_string))
---- work.clean/openssh-6.8p1/sshconnect2.c 2015-03-17 00:49:20.000000000 -0500
-+++ work/openssh-6.8p1/sshconnect2.c 2015-04-03 16:54:23.936298000 -0500
+--- work.clean/openssh-7.1p2/sshconnect2.c.orig 2016-01-13 17:10:45.000000000 -0800
++++ work.clean/openssh-7.1p2/sshconnect2.c 2016-01-19 17:49:17.929000000 -0800
@@ -80,6 +80,14 @@
extern char *client_version_string;
extern char *server_version_string;
@@ -1127,7 +1127,7 @@ diff -urN -x configure -x config.guess -x config.h.in -x config.sub work.clean/o
/*
* SSH2 key exchange
-@@ -153,13 +161,16 @@
+@@ -153,13 +161,16 @@ order_hostkeyalgs(char *host, struct soc
return ret;
}
@@ -1145,18 +1145,17 @@ diff -urN -x configure -x config.guess -x config.h.in -x config.sub work.clean/o
xxx_host = host;
xxx_hostaddr = hostaddr;
-@@ -222,6 +233,10 @@
- kex->server_version_string=server_version_string;
- kex->verify_host_key=&verify_host_key_callback;
-
+@@ -232,6 +243,9 @@ ssh_kex2(char *host, struct sockaddr *ho
+ packet_send();
+ packet_write_wait();
+ #endif
+#ifdef NONE_CIPHER_ENABLED
+ xxx_kex = kex;
+#endif
-+
- dispatch_run(DISPATCH_BLOCK, &kex->done, active_state);
+ }
- if (options.use_roaming && !kex->roaming) {
-@@ -423,6 +438,29 @@
+ /*
+@@ -416,6 +430,29 @@ ssh_userauth2(const char *local_user, co
pubkey_cleanup(&authctxt);
dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
diff --git a/security/openssh-portable/files/extra-patch-hpn-gss-glue b/security/openssh-portable/files/extra-patch-hpn-gss-glue
new file mode 100644
index 000000000000..630b7a1bbbd2
--- /dev/null
+++ b/security/openssh-portable/files/extra-patch-hpn-gss-glue
@@ -0,0 +1,24 @@
+--- sshconnect2.c.orig 2016-01-19 18:10:12.550854000 -0800
++++ sshconnect2.c 2016-01-19 18:10:27.290409000 -0800
+@@ -160,11 +160,6 @@ ssh_kex2(char *host, struct sockaddr *ho
+ struct kex *kex;
+ int r;
+
+-#ifdef GSSAPI
+- char *orig = NULL, *gss = NULL;
+- char *gss_host = NULL;
+-#endif
+-
+ xxx_host = host;
+ xxx_hostaddr = hostaddr;
+
+@@ -199,6 +194,9 @@ ssh_kex2(char *host, struct sockaddr *ho
+ }
+
+ #ifdef GSSAPI
++ char *orig = NULL, *gss = NULL;
++ char *gss_host = NULL;
++
+ if (options.gss_keyex) {
+ /* Add the GSSAPI mechanisms currently supported on this
+ * client to the key exchange algorithm proposal */