- Add VersionAddendum support.

- Bump portrevision. PR: ports/142824 Submitted by: Scot Hetzel <swhetzel@gmail.com> Approved by: gabor (mentor)
author: stephen <stephen@FreeBSD.org> 2011-07-14 05:47:05 +0800
committer: stephen <stephen@FreeBSD.org> 2011-07-14 05:47:05 +0800
commit: 863615cdba7d91f921656e0665b30fe5fe04a39a (patch)
tree: c2271ab84454c15897c6b88911c2459c5666c31c /security/openssh-portable
parent: 4ca324b1329a132daa472863270ba04e3ad5a2fa (diff)
download: freebsd-ports-gnome-863615cdba7d91f921656e0665b30fe5fe04a39a.tar.gz
freebsd-ports-gnome-863615cdba7d91f921656e0665b30fe5fe04a39a.tar.zst
freebsd-ports-gnome-863615cdba7d91f921656e0665b30fe5fe04a39a.zip
12 files changed, 244 insertions, 43 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile
index 9c2fb41c3edd..4cf5bea90c5f 100644
--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	openssh
 DISTVERSION=	5.2p1
-PORTREVISION=	3
+PORTREVISION=	4
 PORTEPOCH=	1
 CATEGORIES=	security ipv6
 .if defined(OPENSSH_SNAPSHOT)
@@ -48,6 +48,7 @@ PRECIOUS=		ssh_config sshd_config ssh_host_key ssh_host_key.pub \
 			ssh_host_dsa_key.pub
 ETCOLD=			${PREFIX}/etc
 PORTABLE_SUFFIX=	-portable
+SSH_VERSION=		${DISTVERSION}
 
 SUDO?=		# empty
 MAKE_ENV+=	SUDO="${SUDO}"
@@ -145,6 +146,7 @@ CFLAGS+=		-DCHROOT
 
 .if defined(WITH_HPN)
 EXTRA_PATCHES+=	${FILESDIR}/openssh-5.2p1-hpn13v6.diff
+SSH_VERSION:=	${SSH_VERSION}-hpn13v6
 .endif
 
 # See http://dev.inversepath.com/trac/openssh-lpk
@@ -177,6 +179,9 @@ PATCH_SITES+=		http://www.roumenpetrov.info/openssh/x509-6.2/
 PATCHFILES+=		openssh-5.2p1+x509-6.2.diff.gz
 PLIST_SUB+=		X509=""
 .else
+EXTRA_PATCHES+=		${FILESDIR}/VersionAddendum-ssh.1.patch \
+			${FILESDIR}/VersionAddendum-ssh_config.5.patch \
+			${FILESDIR}/VersionAddendum-sshd_config.5.patch
 PLIST_SUB+=		X509="@comment "
 .endif
 
@@ -229,18 +234,11 @@ post-patch:
 	@${REINPLACE_CMD} -e 's|-ldes|-lcrypto|g' ${WRKSRC}/configure
 	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${LOCALBASE}|' \
 		-e 's|%%RC_SCRIPT_NAME%%|${RC_SCRIPT_NAME}|' ${WRKSRC}/sshd.8
-	@${REINPLACE_CMD} -E -e 's|SSH_VERSION|TMP_SSH_VERSION|' \
-		-e 's|.*SSH_RELEASE.*||' ${WRKSRC}/version.h
-	@${ECHO_CMD} '#define FREEBSD_PORT_VERSION	" FreeBSD-${PKGNAME}"' >> \
-		${WRKSRC}/version.h
-	@${ECHO_CMD} '#define SSH_VERSION	TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' >> \
-		${WRKSRC}/version.h
-	@${ECHO_CMD} '#define SSH_RELEASE	TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' >> \
-		${WRKSRC}/version.h
-.if defined(WITH_HPN)
-	@${REINPLACE_CMD} -e 's|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|' \
-		${WRKSRC}/version.h
-.endif
+.for f in ssh_config ssh_config.5 sshd_config sshd_config.5
+	@${REINPLACE_CMD} -e 's|%%ADDENDUM%%|${PKGNAME}|' ${WRKSRC}/${f}
+.endfor
+	@${REINPLACE_CMD} -e 's|%%SSH_VERSION%%|${SSH_VERSION}|' \
+		-e 's|%%ADDENDUM%%|${PKGNAME}|' ${WRKSRC}/version.h
 
 pre-su-install:
 	@${MKDIR} ${EMPTYDIR}
diff --git a/security/openssh-portable/files/VersionAddendum-ssh.1.patch b/security/openssh-portable/files/VersionAddendum-ssh.1.patch
new file mode 100644
index 000000000000..6d1a5d4b95c4
--- /dev/null
+++ b/security/openssh-portable/files/VersionAddendum-ssh.1.patch
@@ -0,0 +1,10 @@
+--- ssh.1.orig	2009-02-13 23:34:05.000000000 -0600
++++ ssh.1	2010-01-13 23:11:29.168549807 -0600
+@@ -507,6 +507,7 @@
+ .It User
+ .It UserKnownHostsFile
+ .It VerifyHostKeyDNS
++.It VersionAddendum
+ .It VisualHostKey
+ .It XAuthLocation
+ .El
diff --git a/security/openssh-portable/files/VersionAddendum-ssh_config.5.patch b/security/openssh-portable/files/VersionAddendum-ssh_config.5.patch
new file mode 100644
index 000000000000..e655f112b165
--- /dev/null
+++ b/security/openssh-portable/files/VersionAddendum-ssh_config.5.patch
@@ -0,0 +1,14 @@
+--- ssh_config.5.orig	2009-02-22 17:53:58.000000000 -0600
++++ ssh_config.5	2010-01-13 23:11:29.171550398 -0600
+@@ -1068,6 +1068,11 @@
+ .Sx VERIFYING HOST KEYS
+ in
+ .Xr ssh 1 .
++.It Cm VersionAddendum
++Specifies a string to append to the regular version string to identify
++OS- or site-specific modifications.
++The default is
++.Dq FreeBSD-%%ADDENDUM%% .
+ .It Cm VisualHostKey
+ If this flag is set to
+ .Dq yes ,
diff --git a/security/openssh-portable/files/VersionAddendum-sshd_config.5.patch b/security/openssh-portable/files/VersionAddendum-sshd_config.5.patch
new file mode 100644
index 000000000000..a4ebc5ef4496
--- /dev/null
+++ b/security/openssh-portable/files/VersionAddendum-sshd_config.5.patch
@@ -0,0 +1,14 @@
+--- sshd_config.5.orig	2009-02-22 18:00:24.000000000 -0600
++++ sshd_config.5	2010-01-13 23:11:29.175548602 -0600
+@@ -934,6 +965,11 @@
+ escalation by containing any corruption within the unprivileged processes.
+ The default is
+ .Dq yes .
++.It Cm VersionAddendum
++Specifies a string to append to the regular version string to identify
++OS- or site-specific modifications.
++The default is
++.Dq FreeBSD-%%ADDENDUM%% .
+ .It Cm X11DisplayOffset
+ Specifies the first display number available for
+ .Xr sshd 8 Ns 's
diff --git a/security/openssh-portable/files/openssh-5.2p1-hpn13v6.diff b/security/openssh-portable/files/openssh-5.2p1-hpn13v6.diff
index 7bb5a7f21e92..4aed8f059ea3 100644
--- a/security/openssh-portable/files/openssh-5.2p1-hpn13v6.diff
+++ b/security/openssh-portable/files/openssh-5.2p1-hpn13v6.diff
@@ -3564,13 +3564,3 @@ diff -NupwB sshd_config sshd_config
  # Example of overriding settings on a per-user basis
  #Match User anoncvs
  #	X11Forwarding no
-diff -NupwB version.h version.h
---- version.h	2009-02-22 19:09:26.000000000 -0500
-+++ version.h	2009-05-14 12:42:05.000000000 -0400
-@@ -3,4 +3,5 @@
- #define SSH_VERSION	"OpenSSH_5.2"
- 
- #define SSH_PORTABLE	"p1"
--#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
-+#define SSH_HPN         "-hpn13v6"
-+#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE SSH_HPN
diff --git a/security/openssh-portable/files/patch-Makefile.in b/security/openssh-portable/files/patch-Makefile.in
index f3b3c1caad26..084910a0bb37 100644
--- a/security/openssh-portable/files/patch-Makefile.in
+++ b/security/openssh-portable/files/patch-Makefile.in
@@ -1,6 +1,15 @@
---- Makefile.in.orig	Fri Feb 25 18:12:38 2005
-+++ Makefile.in	Sat Mar 19 19:53:44 2005
-@@ -230,7 +230,7 @@
+--- Makefile.in.orig	2008-11-04 23:20:46.000000000 -0600
++++ Makefile.in	2010-01-14 01:43:29.188757752 -0600
+@@ -62,7 +62,7 @@
+ 
+ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
+ 
+-LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
++LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o version.o \
+ 	canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
+ 	cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
+ 	compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
+@@ -232,7 +232,7 @@
  	-rm -rf autom4te.cache
  	(cd scard && $(MAKE) -f Makefile.in distprep)
  
diff --git a/security/openssh-portable/files/patch-readconf.c b/security/openssh-portable/files/patch-readconf.c
index 92e8a3ddb70c..270df1528eed 100644
--- a/security/openssh-portable/files/patch-readconf.c
+++ b/security/openssh-portable/files/patch-readconf.c
@@ -1,5 +1,43 @@
---- readconf.c.orig	Fri Sep  1 02:38:37 2006
-+++ readconf.c	Sat Sep 30 10:38:05 2006
+--- readconf.c.orig	2009-02-13 23:28:21.000000000 -0600
++++ readconf.c	2010-01-14 01:33:17.913145559 -0600
+@@ -42,6 +42,7 @@
+ #include "buffer.h"
+ #include "kex.h"
+ #include "mac.h"
++#include "version.h"
+ 
+ /* Format of the configuration file:
+ 
+@@ -130,6 +131,7 @@
+ 	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
+ 	oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
+ 	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
++	oVersionAddendum,
+ 	oVisualHostKey, oZeroKnowledgePasswordAuthentication,
+ 	oDeprecated, oUnsupported
+ } OpCodes;
+@@ -235,6 +237,7 @@
+ 	{ "zeroknowledgepasswordauthentication", oUnsupported },
+ #endif
+ 
++	{ "versionaddendum", oVersionAddendum },
+ 	{ NULL, oBadOption }
+ };
+ 
+@@ -914,6 +917,13 @@
+ 		intptr = &options->visual_host_key;
+ 		goto parse_flag;
+ 
++	case oVersionAddendum:
++		ssh_version_set_addendum(strtok(s, "\n"));
++		do {
++			arg = strdelim(&s);
++		} while (arg != NULL && *arg != '\0');
++		break;
++
+ 	case oDeprecated:
+ 		debug("%s line %d: Deprecated option \"%s\"",
+ 		    filename, linenum, keyword);
 @@ -1112,7 +1122,7 @@
  	if (options->batch_mode == -1)
  		options->batch_mode = 0;
diff --git a/security/openssh-portable/files/patch-servconf.c b/security/openssh-portable/files/patch-servconf.c
index da3d241695da..32c3165aea4e 100644
--- a/security/openssh-portable/files/patch-servconf.c
+++ b/security/openssh-portable/files/patch-servconf.c
@@ -1,6 +1,6 @@
---- servconf.c.orig	Fri Aug 18 11:23:15 2006
-+++ servconf.c	Sat Sep 30 21:54:26 2006
-@@ -129,7 +129,7 @@
+--- servconf.c.orig	2009-01-27 23:31:23.000000000 -0600
++++ servconf.c	2010-01-14 02:10:46.036137657 -0600
+@@ -135,7 +135,7 @@
  {
  	/* Portable-specific options */
  	if (options->use_pam == -1)
@@ -9,7 +9,7 @@
  
  	/* Standard Options */
  	if (options->protocol == SSH_PROTO_UNKNOWN)
-@@ -159,7 +159,7 @@
+@@ -165,7 +165,7 @@
  	if (options->key_regeneration_time == -1)
  		options->key_regeneration_time = 3600;
  	if (options->permit_root_login == PERMIT_NOT_SET)
@@ -18,7 +18,7 @@
  	if (options->ignore_rhosts == -1)
  		options->ignore_rhosts = 1;
  	if (options->ignore_user_known_hosts == -1)
-@@ -169,7 +169,7 @@
+@@ -175,7 +175,7 @@
  	if (options->print_lastlog == -1)
  		options->print_lastlog = 1;
  	if (options->x11_forwarding == -1)
@@ -27,7 +27,7 @@
  	if (options->x11_display_offset == -1)
  		options->x11_display_offset = 10;
  	if (options->x11_use_localhost == -1)
-@@ -207,7 +207,11 @@
+@@ -213,7 +213,11 @@
  	if (options->gss_cleanup_creds == -1)
  		options->gss_cleanup_creds = 1;
  	if (options->password_authentication == -1)
@@ -39,3 +39,33 @@
  	if (options->kbd_interactive_authentication == -1)
  		options->kbd_interactive_authentication = 0;
  	if (options->challenge_response_authentication == -1)
+@@ -284,6 +288,7 @@
+ 	sUsePAM,
+ 	/* Standard Options */
+ 	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
++	sVersionAddendum,
+ 	sPermitRootLogin, sLogFacility, sLogLevel,
+ 	sRhostsRSAAuthentication, sRSAAuthentication,
+ 	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
+@@ -328,6 +333,7 @@
+ 	{ "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
+ 	/* Standard Options */
+ 	{ "port", sPort, SSHCFG_GLOBAL },
++	{ "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
+ 	{ "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
+ 	{ "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL },		/* alias */
+ 	{ "pidfile", sPidFile, SSHCFG_GLOBAL },
+@@ -1294,6 +1300,13 @@
+ 			*charptr = xstrdup(arg);
+ 		break;
+ 
++	case sVersionAddendum:
++                ssh_version_set_addendum(strtok(cp, "\n"));
++                do {
++                        arg = strdelim(&cp);
++                } while (arg != NULL && *arg != '\0');
++		break;
++
+ 	case sDeprecated:
+ 		logit("%s line %d: Deprecated option %s",
+ 		    filename, linenum, arg);
diff --git a/security/openssh-portable/files/patch-ssh_config b/security/openssh-portable/files/patch-ssh_config
index a5fd64b5b081..867d0fc06f86 100644
--- a/security/openssh-portable/files/patch-ssh_config
+++ b/security/openssh-portable/files/patch-ssh_config
@@ -1,6 +1,6 @@
---- ssh_config.orig	Tue Jun 13 00:01:10 2006
-+++ ssh_config	Sat Sep 30 10:39:07 2006
-@@ -27,7 +28,7 @@
+--- ssh_config.orig	2009-02-20 19:45:02.000000000 -0600
++++ ssh_config	2010-01-13 23:11:29.169549026 -0600
+@@ -27,7 +27,7 @@
  #   GSSAPIAuthentication no
  #   GSSAPIDelegateCredentials no
  #   BatchMode no
@@ -9,3 +9,8 @@
  #   AddressFamily any
  #   ConnectTimeout 0
  #   StrictHostKeyChecking ask
+@@ -44,3 +44,4 @@
+ #   TunnelDevice any:any
+ #   PermitLocalCommand no
+ #   VisualHostKey no
++#   VersionAddendum FreeBSD-%%ADDENDUM%%
diff --git a/security/openssh-portable/files/patch-sshd_config b/security/openssh-portable/files/patch-sshd_config
index 80e9c800945e..a3ecb068470a 100644
--- a/security/openssh-portable/files/patch-sshd_config
+++ b/security/openssh-portable/files/patch-sshd_config
@@ -1,6 +1,15 @@
---- sshd_config.orig	2008-07-02 20:35:43.000000000 +0800
-+++ sshd_config	2008-11-07 23:40:56.957018978 +0800
-@@ -38,7 +38,7 @@
+--- sshd_config.orig	2008-07-02 07:35:43.000000000 -0500
++++ sshd_config	2010-01-13 23:11:29.173548767 -0600
+@@ -10,6 +10,8 @@
+ # possible, but leave them commented.  Uncommented options change a
+ # default value.
+ 
++#VersionAddendum FreeBSD-%%ADDENDUM%%
++
+ #Port 22
+ #AddressFamily any
+ #ListenAddress 0.0.0.0
+@@ -38,7 +40,7 @@
  # Authentication:
  
  #LoginGraceTime 2m
@@ -9,7 +18,7 @@
  #StrictModes yes
  #MaxAuthTries 6
  #MaxSessions 10
-@@ -57,11 +57,11 @@
+@@ -57,11 +59,11 @@
  # Don't read the user's ~/.rhosts and ~/.shosts files
  #IgnoreRhosts yes
  
@@ -24,7 +33,7 @@
  #ChallengeResponseAuthentication yes
  
  # Kerberos options
-@@ -74,7 +74,7 @@
+@@ -74,7 +76,7 @@
  #GSSAPIAuthentication no
  #GSSAPICleanupCredentials yes
  
@@ -33,7 +42,7 @@
  # and session processing. If this is enabled, PAM authentication will 
  # be allowed through the ChallengeResponseAuthentication and
  # PasswordAuthentication.  Depending on your PAM configuration,
-@@ -83,12 +83,12 @@
+@@ -83,12 +85,12 @@
  # If you just want the PAM account and session checks to run without
  # PAM authentication, then enable this but set PasswordAuthentication
  # and ChallengeResponseAuthentication to 'no'.
diff --git a/security/openssh-portable/files/patch-version.c b/security/openssh-portable/files/patch-version.c
new file mode 100644
index 000000000000..e592a5bff15d
--- /dev/null
+++ b/security/openssh-portable/files/patch-version.c
@@ -0,0 +1,65 @@
+--- version.c.orig	1969-12-31 18:00:00.000000000 -0600
++++ version.c	2010-01-13 23:11:29.177550043 -0600
+@@ -0,0 +1,62 @@
++/*-
++ * Copyright (c) 2001 Brian Fundakowski Feldman
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ *    notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ *    notice, this list of conditions and the following disclaimer in the
++ *    documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ * SUCH DAMAGE.
++ *
++ */
++
++#include "includes.h"
++__RCSID("$FreeBSD$");
++
++#include <string.h>
++
++#include "version.h"
++#include "xmalloc.h"
++
++
++static char *version = NULL;
++
++const char *
++ssh_version_get(void) {
++
++	if (version == NULL)
++		version = xstrdup(SSH_VERSION_BASE " " SSH_VERSION_ADDENDUM);
++	return (version);
++}
++
++void
++ssh_version_set_addendum(const char *add) {
++	char *newvers;
++	size_t size;
++
++	if (add != NULL) {
++		size = strlen(SSH_VERSION_BASE) + 1 + strlen(add) + 1;
++		newvers = xmalloc(size);
++		snprintf(newvers, size, "%s %s", SSH_VERSION_BASE, add);
++	} else {
++		newvers = xstrdup(SSH_VERSION_BASE);
++	}
++	if (version != NULL)
++		xfree(version);
++	version = newvers;
++}
diff --git a/security/openssh-portable/files/patch-version.h b/security/openssh-portable/files/patch-version.h
new file mode 100644
index 000000000000..fc1ffb8d5a1a
--- /dev/null
+++ b/security/openssh-portable/files/patch-version.h
@@ -0,0 +1,19 @@
+--- version.h.orig	2009-02-22 18:09:26.000000000 -0600
++++ version.h	2010-01-14 00:09:24.057609101 -0600
+@@ -1,6 +1,12 @@
+-/* $OpenBSD: version.h,v 1.55 2009/02/23 00:06:15 djm Exp $ */
++/* $FreeBSD$ */
+ 
+-#define SSH_VERSION	"OpenSSH_5.2"
++#ifndef SSH_VERSION
+ 
+-#define SSH_PORTABLE	"p1"
+-#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
++#define SSH_VERSION             (ssh_version_get())
++#define SSH_RELEASE             (ssh_version_get())
++#define SSH_VERSION_BASE        "OpenSSH_%%SSH_VERSION%%"
++#define SSH_VERSION_ADDENDUM    "FreeBSD-%%ADDENDUM%%"
++
++const char *ssh_version_get(void);
++void ssh_version_set_addendum(const char *);
++#endif /* SSH_VERSION */
author	stephen <stephen@FreeBSD.org>	2011-07-14 05:47:05 +0800
committer	stephen <stephen@FreeBSD.org>	2011-07-14 05:47:05 +0800
commit	863615cdba7d91f921656e0665b30fe5fe04a39a (patch)
tree	c2271ab84454c15897c6b88911c2459c5666c31c /security/openssh-portable
parent	4ca324b1329a132daa472863270ba04e3ad5a2fa (diff)
download	freebsd-ports-gnome-863615cdba7d91f921656e0665b30fe5fe04a39a.tar.gz freebsd-ports-gnome-863615cdba7d91f921656e0665b30fe5fe04a39a.tar.zst freebsd-ports-gnome-863615cdba7d91f921656e0665b30fe5fe04a39a.zip