pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/openssh openssh: update to 8.8p1.
details: https://anonhg.NetBSD.org/pkgsrc/rev/fe1e42c52469
branches: trunk
changeset: 458941:fe1e42c52469
user: wiz <wiz%pkgsrc.org@localhost>
date: Sun Sep 26 15:37:51 2021 +0000
description:
openssh: update to 8.8p1.
Changes:
One year of development, details at
https://www.openssh.com/releasenotes.html
diffstat:
security/openssh/Makefile | 5 ++---
security/openssh/distinfo | 15 +++++++--------
security/openssh/patches/patch-auth.c | 17 -----------------
security/openssh/patches/patch-sshd.c | 14 +++++++-------
security/openssh/patches/patch-sshkey.h | 8 ++++----
5 files changed, 20 insertions(+), 39 deletions(-)
diffs (123 lines):
diff -r a802aac6d0c8 -r fe1e42c52469 security/openssh/Makefile
--- a/security/openssh/Makefile Sun Sep 26 15:21:30 2021 +0000
+++ b/security/openssh/Makefile Sun Sep 26 15:37:51 2021 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.269 2021/05/24 19:53:55 wiz Exp $
+# $NetBSD: Makefile,v 1.270 2021/09/26 15:37:51 wiz Exp $
-DISTNAME= openssh-8.4p1
+DISTNAME= openssh-8.8p1
PKGNAME= ${DISTNAME:S/p1/.1/}
-PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
diff -r a802aac6d0c8 -r fe1e42c52469 security/openssh/distinfo
--- a/security/openssh/distinfo Sun Sep 26 15:21:30 2021 +0000
+++ b/security/openssh/distinfo Sun Sep 26 15:37:51 2021 +0000
@@ -1,11 +1,10 @@
-$NetBSD: distinfo,v 1.111 2020/09/29 15:17:42 ryoon Exp $
+$NetBSD: distinfo,v 1.112 2021/09/26 15:37:51 wiz Exp $
-SHA1 (openssh-8.4p1.tar.gz) = 69305059e10a60693ebe6f17731f962c9577535c
-RMD160 (openssh-8.4p1.tar.gz) = 2d3eec0b56f7edef5d50b8defa2f143ffee5c65a
-SHA512 (openssh-8.4p1.tar.gz) = d65275b082c46c5efe7cf3264fa6794d6e99a36d4a54b50554fc56979d6c0837381587fd5399195e1db680d2a5ad1ef0b99a180eac2b4de5637906cb7a89e9ce
-Size (openssh-8.4p1.tar.gz) = 1742201 bytes
+SHA1 (openssh-8.8p1.tar.gz) = 1eb964897a4372f6fb96c7effeb509ec71c379c9
+RMD160 (openssh-8.8p1.tar.gz) = 6ba3f5af90f960e1add6f81c1173adee8197e705
+SHA512 (openssh-8.8p1.tar.gz) = d44cd04445f9c8963513b0d5a7e8348985114ff2471e119a6e344498719ef40f09c61c354888a3be9dabcb5870e5cbe5d3aafbb861dfa1d82a4952f3d233a8df
+Size (openssh-8.8p1.tar.gz) = 1815060 bytes
SHA1 (patch-Makefile.in) = 13502b825c13c98b2ba3b84ff4bae9aa664b76b1
-SHA1 (patch-auth.c) = 060a93f5264751769f2fdf98fefd154bd80c0c5f
SHA1 (patch-clientloop.c) = 4e88fbd14db33f003eb93c30c682a017e102196e
SHA1 (patch-config.h.in) = 7d1050743da7264763254b57938775c546c3baa5
SHA1 (patch-configure.ac) = 321ef5ed83abe7e07d38026e096a10700b010ac8
@@ -15,5 +14,5 @@
SHA1 (patch-openbsd-compat_port-tun.c) = b2a0ce81a52b00f106198d549b5068a5e67092ef
SHA1 (patch-sandbox-darwin.c) = c9a1fe2e4dbf98e929d983b4206a244e0e354b75
SHA1 (patch-sshd.8) = 5bf48cd27cef8e8810b9dc7115f5180102a345d1
-SHA1 (patch-sshd.c) = b3674e9f467323d1852dd988a408ac23896f6700
-SHA1 (patch-sshkey.h) = 074e9be70af58772d3172d1cb2c936000ca9a8d7
+SHA1 (patch-sshd.c) = 0c5725305cbab3855b52c1a63fe4e987ed14e44e
+SHA1 (patch-sshkey.h) = aaaf622f377e455c49683fcc2ca42576ccd097bb
diff -r a802aac6d0c8 -r fe1e42c52469 security/openssh/patches/patch-auth.c
--- a/security/openssh/patches/patch-auth.c Sun Sep 26 15:21:30 2021 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-$NetBSD: patch-auth.c,v 1.6 2019/06/04 09:08:06 he Exp $
-
-* Use login_getpwclass() instead of login_getclass() so that the root
- vs. default login class distinction is made correctly, from FrrrBSD's
- ports.
-
---- auth.c.orig 2019-05-01 11:28:52.028281617 +0000
-+++ auth.c
-@@ -599,7 +599,7 @@ getpwnamallow(struct ssh *ssh, const cha
- if (!allowed_user(ssh, pw))
- return (NULL);
- #ifdef HAVE_LOGIN_CAP
-- if ((lc = login_getclass(pw->pw_class)) == NULL) {
-+ if ((lc = login_getpwclass(pw)) == NULL) {
- debug("unable to get login class: %s", user);
- return (NULL);
- }
diff -r a802aac6d0c8 -r fe1e42c52469 security/openssh/patches/patch-sshd.c
--- a/security/openssh/patches/patch-sshd.c Sun Sep 26 15:21:30 2021 +0000
+++ b/security/openssh/patches/patch-sshd.c Sun Sep 26 15:37:51 2021 +0000
@@ -1,12 +1,12 @@
-$NetBSD: patch-sshd.c,v 1.12 2020/05/27 13:49:27 sevan Exp $
+$NetBSD: patch-sshd.c,v 1.13 2021/09/26 15:37:51 wiz Exp $
* Revive tcp_wrappers support.
---- sshd.c.orig 2020-05-27 00:38:00.000000000 +0000
+--- sshd.c.orig 2021-09-26 14:03:19.000000000 +0000
+++ sshd.c
-@@ -124,6 +124,13 @@
- #include "ssherr.h"
- #include "sk-api.h"
+@@ -126,6 +126,13 @@
+ #include "srclimit.h"
+ #include "dh.h"
+#ifdef LIBWRAP
+#include <tcpd.h>
@@ -18,7 +18,7 @@
/* Re-exec fds */
#define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1)
#define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2)
-@@ -538,10 +545,17 @@ privsep_preauth(struct ssh *ssh)
+@@ -532,10 +539,17 @@ privsep_preauth(struct ssh *ssh)
/* Arrange for logging to be sent to the monitor */
set_log_handler(mm_log_handler, pmonitor);
@@ -36,7 +36,7 @@
return 0;
}
-@@ -2132,6 +2146,25 @@ main(int ac, char **av)
+@@ -2179,6 +2193,25 @@ main(int ac, char **av)
audit_connection_from(remote_ip, remote_port);
#endif
diff -r a802aac6d0c8 -r fe1e42c52469 security/openssh/patches/patch-sshkey.h
--- a/security/openssh/patches/patch-sshkey.h Sun Sep 26 15:21:30 2021 +0000
+++ b/security/openssh/patches/patch-sshkey.h Sun Sep 26 15:37:51 2021 +0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-sshkey.h,v 1.2 2020/09/29 15:17:42 ryoon Exp $
+$NetBSD: patch-sshkey.h,v 1.3 2021/09/26 15:37:51 wiz Exp $
Support for non recommendable (insecure) modulus size for RSA. This may be
required in order to access old, non-upgradable, devices for which modulus size
is less than 1024 bits (frequently 768 bits).
---- sshkey.h.orig 2020-09-27 07:25:01.000000000 +0000
+--- sshkey.h.orig 2021-09-26 14:03:19.000000000 +0000
+++ sshkey.h
-@@ -48,7 +48,11 @@
- # define EC_POINT void
+@@ -50,7 +50,11 @@
+ #define SSH_OPENSSL_VERSION "without OpenSSL"
#endif /* WITH_OPENSSL */
+#ifdef SSH_RSA_INSECURE_LEGACY_MIN_MOD_SZ
Home |
Main Index |
Thread Index |
Old Index