diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/openssh-portable/Makefile | 3 | ||||
-rw-r--r-- | security/openssh-portable/files/extra-patch-hpn | 5 | ||||
-rw-r--r-- | security/openssh-portable/files/extra-patch-ttssh | 32 |
3 files changed, 37 insertions, 3 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile index d13620ef7210..cbe3237ca4db 100644 --- a/security/openssh-portable/Makefile +++ b/security/openssh-portable/Makefile @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 6.8p1 -PORTREVISION= 1 +PORTREVISION= 2 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= ${MASTER_SITE_OPENBSD} @@ -48,6 +48,7 @@ NONECIPHER_DESC= NONE Cipher support OPTIONS_SUB= yes +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-ttssh TCP_WRAPPERS_EXTRA_PATCHES=${FILESDIR}/extra-patch-tcpwrappers LDNS_CONFIGURE_WITH= ldns diff --git a/security/openssh-portable/files/extra-patch-hpn b/security/openssh-portable/files/extra-patch-hpn index 2649d8169fa0..9d2149077acf 100644 --- a/security/openssh-portable/files/extra-patch-hpn +++ b/security/openssh-portable/files/extra-patch-hpn @@ -400,12 +400,13 @@ diff -urN -x configure -x config.guess -x config.h.in -x config.sub work.clean/o } --- work.clean/openssh-6.8p1/compat.h 2015-03-17 00:49:20.000000000 -0500 +++ work/openssh-6.8p1/compat.h 2015-04-03 16:39:34.780416000 -0500 -@@ -60,6 +60,9 @@ +@@ -60,7 +60,10 @@ #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 #define SSH_BUG_CURVE25519PAD 0x10000000 + #define SSH_BUG_HOSTKEYS 0x20000000 +#ifdef HPN_ENABLED -+#define SSH_BUG_LARGEWINDOW 0x20000000 ++#define SSH_BUG_LARGEWINDOW 0x40000000 +#endif void enable_compat13(void); diff --git a/security/openssh-portable/files/extra-patch-ttssh b/security/openssh-portable/files/extra-patch-ttssh new file mode 100644 index 000000000000..bfa330831640 --- /dev/null +++ b/security/openssh-portable/files/extra-patch-ttssh @@ -0,0 +1,32 @@ +--- compat.c.orig 2015-04-08 21:02:53.327154000 -0500 ++++ compat.c 2015-04-08 21:03:58.915062000 -0500 +@@ -167,6 +167,8 @@ + SSH_BUG_SCANNER }, + { "Probe-*", + SSH_BUG_PROBE }, ++ { "TTSSH/*", ++ SSH_BUG_HOSTKEYS }, + { NULL, 0 } + }; + +--- compat.h.orig 2015-04-08 21:02:42.865971000 -0500 ++++ compat.h 2015-04-08 21:04:06.865029000 -0500 +@@ -60,6 +60,7 @@ + #define SSH_NEW_OPENSSH 0x04000000 + #define SSH_BUG_DYNAMIC_RPORT 0x08000000 + #define SSH_BUG_CURVE25519PAD 0x10000000 ++#define SSH_BUG_HOSTKEYS 0x20000000 + + void enable_compat13(void); + void enable_compat20(void); +--- sshd.c.orig 2015-04-08 21:01:02.944936000 -0500 ++++ sshd.c 2015-04-08 21:03:55.086137000 -0500 +@@ -2321,7 +2321,7 @@ + options.client_alive_count_max); + + /* Try to send all our hostkeys to the client */ +- if (compat20) ++ if (compat20 && (datafellows & SSH_BUG_HOSTKEYS) == 0) + notify_hostkeys(active_state); + + /* Start session. */ |