aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/openssh-portable/Makefile3
-rw-r--r--security/openssh-portable/files/extra-patch-hpn5
-rw-r--r--security/openssh-portable/files/extra-patch-ttssh32
3 files changed, 37 insertions, 3 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile
index d13620ef7210..cbe3237ca4db 100644
--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -3,7 +3,7 @@
PORTNAME= openssh
DISTVERSION= 6.8p1
-PORTREVISION= 1
+PORTREVISION= 2
PORTEPOCH= 1
CATEGORIES= security ipv6
MASTER_SITES= ${MASTER_SITE_OPENBSD}
@@ -48,6 +48,7 @@ NONECIPHER_DESC= NONE Cipher support
OPTIONS_SUB= yes
+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-ttssh
TCP_WRAPPERS_EXTRA_PATCHES=${FILESDIR}/extra-patch-tcpwrappers
LDNS_CONFIGURE_WITH= ldns
diff --git a/security/openssh-portable/files/extra-patch-hpn b/security/openssh-portable/files/extra-patch-hpn
index 2649d8169fa0..9d2149077acf 100644
--- a/security/openssh-portable/files/extra-patch-hpn
+++ b/security/openssh-portable/files/extra-patch-hpn
@@ -400,12 +400,13 @@ diff -urN -x configure -x config.guess -x config.h.in -x config.sub work.clean/o
}
--- work.clean/openssh-6.8p1/compat.h 2015-03-17 00:49:20.000000000 -0500
+++ work/openssh-6.8p1/compat.h 2015-04-03 16:39:34.780416000 -0500
-@@ -60,6 +60,9 @@
+@@ -60,7 +60,10 @@
#define SSH_NEW_OPENSSH 0x04000000
#define SSH_BUG_DYNAMIC_RPORT 0x08000000
#define SSH_BUG_CURVE25519PAD 0x10000000
+ #define SSH_BUG_HOSTKEYS 0x20000000
+#ifdef HPN_ENABLED
-+#define SSH_BUG_LARGEWINDOW 0x20000000
++#define SSH_BUG_LARGEWINDOW 0x40000000
+#endif
void enable_compat13(void);
diff --git a/security/openssh-portable/files/extra-patch-ttssh b/security/openssh-portable/files/extra-patch-ttssh
new file mode 100644
index 000000000000..bfa330831640
--- /dev/null
+++ b/security/openssh-portable/files/extra-patch-ttssh
@@ -0,0 +1,32 @@
+--- compat.c.orig 2015-04-08 21:02:53.327154000 -0500
++++ compat.c 2015-04-08 21:03:58.915062000 -0500
+@@ -167,6 +167,8 @@
+ SSH_BUG_SCANNER },
+ { "Probe-*",
+ SSH_BUG_PROBE },
++ { "TTSSH/*",
++ SSH_BUG_HOSTKEYS },
+ { NULL, 0 }
+ };
+
+--- compat.h.orig 2015-04-08 21:02:42.865971000 -0500
++++ compat.h 2015-04-08 21:04:06.865029000 -0500
+@@ -60,6 +60,7 @@
+ #define SSH_NEW_OPENSSH 0x04000000
+ #define SSH_BUG_DYNAMIC_RPORT 0x08000000
+ #define SSH_BUG_CURVE25519PAD 0x10000000
++#define SSH_BUG_HOSTKEYS 0x20000000
+
+ void enable_compat13(void);
+ void enable_compat20(void);
+--- sshd.c.orig 2015-04-08 21:01:02.944936000 -0500
++++ sshd.c 2015-04-08 21:03:55.086137000 -0500
+@@ -2321,7 +2321,7 @@
+ options.client_alive_count_max);
+
+ /* Try to send all our hostkeys to the client */
+- if (compat20)
++ if (compat20 && (datafellows & SSH_BUG_HOSTKEYS) == 0)
+ notify_hostkeys(active_state);
+
+ /* Start session. */