pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/openssh Update openssh to 6.6.1 (OpenSSH 6.6p1).
details: https://anonhg.NetBSD.org/pkgsrc/rev/03c2317d98ce
branches: trunk
changeset: 632437:03c2317d98ce
user: taca <taca%pkgsrc.org@localhost>
date: Sat Mar 29 09:38:11 2014 +0000
description:
Update openssh to 6.6.1 (OpenSSH 6.6p1).
pkgsrc change
* Use PLIST_VARS.
* Update hpn-patch based on openssh-6.5p1-hpnssh14v4.diff.gz.
Fixes security problem (SA57488).
For full changes, please refer below release notes.
http://www.openssh.com/txt/release-6.5
http://www.openssh.com/txt/release-6.6
diffstat:
security/openssh/Makefile | 13 +-
security/openssh/PLIST | 5 +-
security/openssh/PLIST.pam | 1 -
security/openssh/PLIST.prng | 3 -
security/openssh/distinfo | 43 ++++-----
security/openssh/options.mk | 10 +-
security/openssh/patches/patch-Makefile.in | 6 +-
security/openssh/patches/patch-atomicio.c | 19 ----
security/openssh/patches/patch-auth2.c | 6 +-
security/openssh/patches/patch-config.h.in | 12 +-
security/openssh/patches/patch-configure | 18 ++--
security/openssh/patches/patch-configure.ac | 14 +-
security/openssh/patches/patch-defines.h | 6 +-
security/openssh/patches/patch-loginrec.c | 16 +-
security/openssh/patches/patch-openbsd-compat_openbsd-compat.h | 6 +-
security/openssh/patches/patch-platform.c | 6 +-
security/openssh/patches/patch-session.c | 14 +-
security/openssh/patches/patch-sftp-common.c | 6 +-
security/openssh/patches/patch-ssh.c | 20 ++--
security/openssh/patches/patch-sshd.c | 16 +-
security/openssh/patches/patch-uidswap.c | 16 +-
21 files changed, 119 insertions(+), 137 deletions(-)
diffs (truncated from 730 to 300 lines):
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/Makefile
--- a/security/openssh/Makefile Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/Makefile Sat Mar 29 09:38:11 2014 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.217 2014/03/13 11:08:52 jperkin Exp $
+# $NetBSD: Makefile,v 1.218 2014/03/29 09:38:11 taca Exp $
-DISTNAME= openssh-6.4p1
-PKGNAME= openssh-6.4.1
-PKGREVISION= 1
+DISTNAME= openssh-6.6p1
+PKGNAME= openssh-6.6.1
SVR4_PKGNAME= ossh
CATEGORIES= security
MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
@@ -38,7 +37,6 @@
BUILD_DEFS+= VARBASE
INSTALL_TARGET= install-nokeys
-PLIST_SRC= # empty
.include "options.mk"
@@ -144,6 +142,8 @@
CONFS= ssh_config sshd_config moduli
+PLIST_VARS+= prng
+
.if exists(/dev/urandom)
. if ${OPSYS} == "NetBSD"
MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom
@@ -151,7 +151,7 @@
.else
CONFIGURE_ARGS+= --without-random
CONFS+= ssh_prng_cmds
-PLIST_SRC+= ${.CURDIR}/PLIST.prng
+PLIST.prng= yes
.endif
EGDIR= ${PREFIX}/share/examples/${PKGBASE}
@@ -164,7 +164,6 @@
RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh
SMF_METHODS= sshd
-PLIST_SRC+= ${.CURDIR}/PLIST
FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q}
SUBST_CLASSES+= patch
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/PLIST
--- a/security/openssh/PLIST Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/PLIST Sat Mar 29 09:38:11 2014 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.15 2014/03/11 14:05:13 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.16 2014/03/29 09:38:11 taca Exp $
bin/scp
bin/sftp
bin/slogin
@@ -10,6 +10,7 @@
libexec/sftp-server
libexec/ssh-keysign
libexec/ssh-pkcs11-helper
+${PLIST.prng}libexec/ssh-rand-helper
man/man1/scp.1
man/man1/sftp.1
man/man1/slogin.1
@@ -28,4 +29,6 @@
sbin/sshd
share/examples/openssh/moduli
share/examples/openssh/ssh_config
+${PLIST.prng}share/examples/openssh/ssh_prng_cmds
+${PLIST.pam}share/examples/openssh/sshd.pam
share/examples/openssh/sshd_config
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/PLIST.pam
--- a/security/openssh/PLIST.pam Sat Mar 29 09:05:51 2014 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,1 +0,0 @@
-@comment $NetBSD: PLIST.pam,v 1.2 2012/01/09 05:25:36 manu Exp $
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/PLIST.prng
--- a/security/openssh/PLIST.prng Sat Mar 29 09:05:51 2014 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,3 +0,0 @@
-@comment $NetBSD: PLIST.prng,v 1.2 2002/08/30 08:04:31 grant Exp $
-libexec/ssh-rand-helper
-share/examples/openssh/ssh_prng_cmds
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/distinfo
--- a/security/openssh/distinfo Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/distinfo Sat Mar 29 09:38:11 2014 +0000
@@ -1,32 +1,31 @@
-$NetBSD: distinfo,v 1.85 2013/12/01 06:11:41 taca Exp $
+$NetBSD: distinfo,v 1.86 2014/03/29 09:38:11 taca Exp $
-SHA1 (openssh-6.4p1-hpn14v2.diff.gz) = 2713d734d5f652c6dccd13d779c1e116ccca2e7e
-RMD160 (openssh-6.4p1-hpn14v2.diff.gz) = 45366b1f61241fc29a87918790182bd4f29a1f29
-Size (openssh-6.4p1-hpn14v2.diff.gz) = 23792 bytes
-SHA1 (openssh-6.4p1.tar.gz) = cf5fe0eb118d7e4f9296fbc5d6884965885fc55d
-RMD160 (openssh-6.4p1.tar.gz) = d0e757c90350351bb92ebd4fa9f045586fb54f97
-Size (openssh-6.4p1.tar.gz) = 1201402 bytes
-SHA1 (patch-Makefile.in) = 1cf8bda061df1b76822be2886d9c231cc3cb39b9
-SHA1 (patch-atomicio.c) = 6bb3c3ca1491693918ce1ac7481e0852c90e0b4e
+SHA1 (openssh-6.6p1-hpnssh14v4.diff.gz) = 1cb86c7151ea4c805cfb1197eac13844cd8f2f2c
+RMD160 (openssh-6.6p1-hpnssh14v4.diff.gz) = 292cea7880ff66040d915f2d5957dd27d0835984
+Size (openssh-6.6p1-hpnssh14v4.diff.gz) = 23417 bytes
+SHA1 (openssh-6.6p1.tar.gz) = b850fd1af704942d9b3c2eff7ef6b3a59b6a6b6e
+RMD160 (openssh-6.6p1.tar.gz) = e19ed34e240001898b6665bb4356b868bba5513d
+Size (openssh-6.6p1.tar.gz) = 1282502 bytes
+SHA1 (patch-Makefile.in) = 3b136be23e0dab21894dcc881746cf5a186ff572
SHA1 (patch-auth-passwd.c) = de9f5487fe1f5848cc702e549bce949fd75d70cd
SHA1 (patch-auth-rhosts.c) = ab8dd3e375accc5bed3e15b158a85a1b1f9a2e3e
SHA1 (patch-auth.c) = 950b0380bcbb0fa1681014cfbb41528d09a10a18
SHA1 (patch-auth1.c) = 7b0481f445bc85cce9d7539b00bf581b9aa09fea
-SHA1 (patch-auth2.c) = f4c5ab6ffb83f649e7d3566097e0dec8323f0d29
-SHA1 (patch-config.h.in) = c838507e83224d842e25170ea8faa63c8559ea37
-SHA1 (patch-configure) = 91bd541c6dc19aed54f20bb31bea958847dae738
-SHA1 (patch-configure.ac) = 896aac81d96fe09775ef5b7c6942c37309097b33
-SHA1 (patch-defines.h) = e2aebe7dcf0927d8afcca7a96c4001a6e0130cc2
+SHA1 (patch-auth2.c) = 8f4f97516874fc4af5814cbd3a1f59b9ca77b43f
+SHA1 (patch-config.h.in) = 9799f48f204aa213318914f1d6c45e83a8af942f
+SHA1 (patch-configure) = 3015dda57a5626667cf5c15c7c7be25f8844cfc6
+SHA1 (patch-configure.ac) = 996a3bcf133a0832b9d7fa35cc0983562d9fa60a
+SHA1 (patch-defines.h) = 4f4f4c8dc54aa86275192edf230b36737b1c0cf6
SHA1 (patch-includes.h) = 0a899d3b38ef3de7f5b08fec022696b4e998b54e
-SHA1 (patch-loginrec.c) = 0305a5b552c88ac99d8f894d3cda9686e0b0ccdd
+SHA1 (patch-loginrec.c) = 3b42ea96935a69316233eb2c65d810e46a3e5d76
SHA1 (patch-openbsd-compat_bsd-openpty.c) = a1318cf691f0ad844a8761a77e3bb32a9e20c695
-SHA1 (patch-openbsd-compat_openbsd-compat.h) = 17690feb6962bd27fef96bd6fb1acfa60e9af9dc
+SHA1 (patch-openbsd-compat_openbsd-compat.h) = 1cafbe8f226c16443d2cfd003166923f33352eb0
SHA1 (patch-openbsd-compat_port-tun.c) = 8288e2b9336ea1fcc1129d8a2ab5e55816b2ccbf
-SHA1 (patch-platform.c) = fcb85cca516d992ec50dfb259b9cc8ddbb032b5c
+SHA1 (patch-platform.c) = c2f85f494f0a38ed9fea93c46c98b20d865610a0
SHA1 (patch-scp.c) = 97e33843cc1b93babb6c45225c07ac74555e6d54
-SHA1 (patch-session.c) = dc7fd9ec8956c734cb4a6427243133919cb47158
-SHA1 (patch-sftp-common.c) = 5467a25bc996dac8e4c6e4cb657ad722a3284388
-SHA1 (patch-ssh.c) = e878057032340425ed01230ca6abc8bbfdb07dfb
-SHA1 (patch-sshd.c) = 547bf87e572229ab4e568d1e7b03e722d8a63302
+SHA1 (patch-session.c) = 55e84175c7294816107c970f002401d1766f7095
+SHA1 (patch-sftp-common.c) = 5b36300c6a83ceef2340c2cee3be211eaf39ecdd
+SHA1 (patch-ssh.c) = 8965e0458aabc137fa3b5e53c6573c0f0fba8280
+SHA1 (patch-sshd.c) = 43b3e4383142303a5d1158f08baee4a27f2f7b13
SHA1 (patch-sshpty.c) = 9f08f899919d05567998087a060b90800c2c7b11
-SHA1 (patch-uidswap.c) = cbed1c1db63e7f198efaa76581e8f5a5aa9615da
+SHA1 (patch-uidswap.c) = 0b76322d47b9e14bb2828bc143645d38028bdafd
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/options.mk
--- a/security/openssh/options.mk Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/options.mk Sat Mar 29 09:38:11 2014 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.27 2013/12/05 14:37:01 taca Exp $
+# $NetBSD: options.mk,v 1.28 2014/03/29 09:38:11 taca Exp $
.include "../../mk/bsd.prefs.mk"
@@ -16,14 +16,18 @@
.endif
.if !empty(PKG_OPTIONS:Mhpn-patch)
-PATCHFILES= openssh-6.4p1-hpn14v2.diff.gz
+PATCHFILES= openssh-6.6p1-hpnssh14v4.diff.gz
PATCH_SITES= ftp://ftp.NetBSD.org/pub/NetBSD/misc/openssh/
+PATCH_DIST_STRIP= -p1
.endif
.if !empty(PKG_OPTIONS:Mpam)
.include "../../mk/pam.buildlink3.mk"
CONFIGURE_ARGS+= --with-pam
-PLIST_SRC+= ${.CURDIR}/PLIST.pam
MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam
MESSAGE_SUBST+= EGDIR=${EGDIR}
+PLIST_VARS+= pam
+.if ${OPSYS} == "Linux"
+PLIST.pam= yes
.endif
+.endif
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/patches/patch-Makefile.in
--- a/security/openssh/patches/patch-Makefile.in Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/patches/patch-Makefile.in Sat Mar 29 09:38:11 2014 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-Makefile.in,v 1.2 2013/12/01 06:11:41 taca Exp $
+$NetBSD: patch-Makefile.in,v 1.3 2014/03/29 09:38:11 taca Exp $
Removed install-sysconf as we handle that phase through post-install
---- Makefile.in.orig 2013-06-11 01:26:10.000000000 +0000
+--- Makefile.in.orig 2014-02-04 00:12:56.000000000 +0000
+++ Makefile.in
@@ -2,5 +2,5 @@
@@ -18,7 +18,7 @@
+#ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
-@@ -246,5 +246,5 @@ distprep: catman-do
+@@ -250,5 +250,5 @@ distprep: catman-do
install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
-install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/patches/patch-atomicio.c
--- a/security/openssh/patches/patch-atomicio.c Sat Mar 29 09:05:51 2014 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,19 +0,0 @@
-$NetBSD: patch-atomicio.c,v 1.2 2013/05/01 19:58:26 imil Exp $
-
-Check for vwrite instead of read to avoid read being renamed by SSP issues
-
---- atomicio.c.orig 2010-09-24 12:15:11.000000000 +0000
-+++ atomicio.c
-@@ -57,7 +57,11 @@ atomicio6(ssize_t (*f) (int, void *, siz
- struct pollfd pfd;
-
- pfd.fd = fd;
-- pfd.events = f == read ? POLLIN : POLLOUT;
-+ /*
-+ * check for vwrite instead of read to avoid read being renamed
-+ * by SSP issues
-+ */
-+ pfd.events = f == vwrite ? POLLOUT : POLLIN;
- while (n > pos) {
- res = (f) (fd, s + pos, n - pos);
- switch (res) {
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/patches/patch-auth2.c
--- a/security/openssh/patches/patch-auth2.c Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/patches/patch-auth2.c Sat Mar 29 09:38:11 2014 +0000
@@ -1,10 +1,10 @@
-$NetBSD: patch-auth2.c,v 1.2 2013/12/01 06:11:41 taca Exp $
+$NetBSD: patch-auth2.c,v 1.3 2014/03/29 09:38:11 taca Exp $
Replace uid 0 with ROOTUID macro
---- auth2.c.orig 2013-06-01 21:41:51.000000000 +0000
+--- auth2.c.orig 2014-02-04 00:12:57.000000000 +0000
+++ auth2.c
-@@ -310,7 +310,7 @@ userauth_finish(Authctxt *authctxt, int
+@@ -301,7 +301,7 @@ userauth_finish(Authctxt *authctxt, int
fatal("INTERNAL ERROR: authenticated and postponed");
/* Special handling for root */
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/patches/patch-config.h.in
--- a/security/openssh/patches/patch-config.h.in Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/patches/patch-config.h.in Sat Mar 29 09:38:11 2014 +0000
@@ -1,20 +1,20 @@
-$NetBSD: patch-config.h.in,v 1.2 2013/12/01 06:11:41 taca Exp $
+$NetBSD: patch-config.h.in,v 1.3 2014/03/29 09:38:11 taca Exp $
Added Interix and define new path to if_tun.h
---- config.h.in.orig 2013-11-08 01:41:08.000000000 +0000
+--- config.h.in.orig 2014-03-13 02:18:56.000000000 +0000
+++ config.h.in
-@@ -584,6 +584,9 @@
+@@ -636,6 +636,9 @@
/* define if you have int64_t data type */
#undef HAVE_INT64_T
+/* Define if you are on Interix */
+#undef HAVE_INTERIX
+
- /* Define to 1 if you have the <inttypes.h> header file. */
- #undef HAVE_INTTYPES_H
+ /* Define to 1 if the system has the type `intmax_t'. */
+ #undef HAVE_INTMAX_T
-@@ -737,6 +740,9 @@
+@@ -792,6 +795,9 @@
/* Define to 1 if you have the <net/if_tun.h> header file. */
#undef HAVE_NET_IF_TUN_H
diff -r 97cca95fa1a0 -r 03c2317d98ce security/openssh/patches/patch-configure
--- a/security/openssh/patches/patch-configure Sat Mar 29 09:05:51 2014 +0000
+++ b/security/openssh/patches/patch-configure Sat Mar 29 09:38:11 2014 +0000
@@ -1,10 +1,10 @@
-$NetBSD: patch-configure,v 1.2 2013/12/01 06:11:41 taca Exp $
+$NetBSD: patch-configure,v 1.3 2014/03/29 09:38:11 taca Exp $
Various fixes regarding portability
---- configure.orig 2013-11-08 01:41:15.000000000 +0000
+--- configure.orig 2014-03-13 02:19:03.000000000 +0000
+++ configure
-@@ -6159,6 +6159,9 @@ if test "${with_rpath+set}" = set; then
+@@ -6500,6 +6500,9 @@ if test "${with_rpath+set}" = set; then
fi
@@ -14,7 +14,7 @@
# Allow user to specify flags
# Check whether --with-cflags was given.
-@@ -6243,6 +6246,7 @@ for ac_header in \
+@@ -6586,6 +6589,7 @@ for ac_header in \
maillock.h \
ndir.h \
net/if_tun.h \
@@ -22,7 +22,7 @@
netdb.h \
netgroup.h \
pam/pam_appl.h \
-@@ -6978,6 +6982,36 @@ $as_echo "#define HAVE_SECUREWARE 1" >>c
+@@ -7369,6 +7373,36 @@ $as_echo "#define HAVE_SECUREWARE 1" >>c
;;
esac
;;
Home |
Main Index |
Thread Index |
Old Index