pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/libssh libssh: updated to 0.8.5
details: https://anonhg.NetBSD.org/pkgsrc/rev/d1a773033547
branches: trunk
changeset: 326306:d1a773033547
user: adam <adam%pkgsrc.org@localhost>
date: Mon Dec 03 15:19:51 2018 +0000
description:
libssh: updated to 0.8.5
version 0.8.5:
* Added support to get known_hosts locations with ssh_options_get()
* Fixed preferred algorithm for known hosts negotiations
* Fixed KEX with some server implementations (e.g. Cisco)
* Fixed issues with MSVC
* Fixed keyboard-interactive auth in server mode
(regression from CVE-2018-10933)
* Fixed gssapi auth in server mode (regression from CVE-2018-10933)
* Fixed socket fd handling with proxy command
* Fixed a memory leak with OpenSSL
version 0.8.4:
* Fixed CVE-2018-10933
* Fixed building without globbing support
* Fixed possible memory leaks
* Avoid SIGPIPE on sockets
version 0.8.3:
* Added support for rsa-sha2
* Added support to parse private keys in openssh container format
(other than ed25519)
* Added support for diffie-hellman-group18-sha512 and
diffie-hellman-group16-sha512
* Added ssh_get_fingerprint_hash()
* Added ssh_pki_export_privkey_base64()
* Added support for Match keyword in config file
* Improved performance and reduced memory footprint for sftp
* Fixed ecdsa publickey auth
* Fixed reading a closed channel
* Added support to announce posix-rename%openssh.com@localhost and
hardlink%openssh.com@localhost in the sftp server
version 0.8.2:
* Added sha256 fingerprints for pubkeys
* Improved compiler flag detection
* Fixed race condition in reading sftp messages
* Fixed doxygen generation and added modern style
* Fixed library initialization on Windows
* Fixed __bounded__ attribute detection
* Fixed a bug in the options parser
* Fixed documentation for new knwon_hosts API
version 0.8.1:
* Fixed version number in the header
* Fixed version number in pkg-config and cmake config
* Fixed library initialization
* Fixed attribute detection
version 0.8.0:
* Removed support for deprecated SSHv1 protocol
* Added new connector API for clients
* Added new known_hosts parsing API
* Added support for OpenSSL 1.1
* Added support for chacha20-poly1305 cipher
* Added crypto backend for mbedtls crypto library
* Added ECDSA support with gcrypt backend
* Added advanced client and server testing using cwrap.org
* Added support for curve25519-sha256 alias
* Added support for global known_hosts file
* Added support for symbol versioning
* Improved ssh_config parsing
* Improved threading support
diffstat:
security/libssh/Makefile | 37 +++++----
security/libssh/PLIST | 8 +-
security/libssh/buildlink3.mk | 8 +-
security/libssh/distinfo | 13 +-
security/libssh/options.mk | 11 +--
security/libssh/patches/patch-CompilerChecks.cmake | 27 +++++++
security/libssh/patches/patch-aa | 17 ----
security/libssh/patches/patch-cmake_Modules_DefineCompilerFlags.cmake | 22 -----
8 files changed, 61 insertions(+), 82 deletions(-)
diffs (224 lines):
diff -r 2dc6afef378d -r d1a773033547 security/libssh/Makefile
--- a/security/libssh/Makefile Mon Dec 03 15:17:27 2018 +0000
+++ b/security/libssh/Makefile Mon Dec 03 15:19:51 2018 +0000
@@ -1,31 +1,36 @@
-# $NetBSD: Makefile,v 1.24 2018/10/16 20:25:25 maya Exp $
+# $NetBSD: Makefile,v 1.25 2018/12/03 15:19:51 adam Exp $
#
# history: upstream renamed 0.11 to 0.1.1;
# we have to use the old-style convention so that version compares work.
-#
-VER= 0.7.6
-DISTNAME= libssh-${VER}
-PKGNAME= libssh-0.76
-CATEGORIES= security
-MASTER_SITES= https://www.libssh.org/files/0.7/
-EXTRACT_SUFX= .tar.xz
-MAINTAINER= is%NetBSD.org@localhost
-HOMEPAGE= http://www.libssh.org/
-COMMENT= SSHv2+v1 protocol library
-LICENSE= 2-clause-bsd
+VER= 0.8.5
+DISTNAME= libssh-${VER}
+PKGNAME= libssh-0.85
+CATEGORIES= security
+MASTER_SITES= https://www.libssh.org/files/${VER:R}/
+EXTRACT_SUFX= .tar.xz
-DIST_SUBDIR= security
+MAINTAINER= is%NetBSD.org@localhost
+HOMEPAGE= http://www.libssh.org/
+COMMENT= SSHv2+v1 protocol library
+LICENSE= 2-clause-bsd
USE_CMAKE= yes
USE_LANGUAGES= c c++
-CMAKE_ARGS+= WITH_TESTING=yes
+PKGCONFIG_OVERRIDE+= libssh.pc.in
+TEST_TARGET= test
-PKGCONFIG_OVERRIDE+= libssh.pc.in
-TEST_TARGET= check
+CONFIGURE_DIRS= ${WRKDIR}/build
+CMAKE_ARG_PATH= ${WRKSRC}
+CMAKE_ARGS+= -DUNIT_TESTING=ON
.include "options.mk"
+post-extract:
+ ${MKDIR} ${WRKDIR}/build
+
.include "../../devel/argp/buildlink3.mk"
+.include "../../devel/cmocka/buildlink3.mk"
.include "../../devel/zlib/buildlink3.mk"
+.include "../../mk/krb5.buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 2dc6afef378d -r d1a773033547 security/libssh/PLIST
--- a/security/libssh/PLIST Mon Dec 03 15:17:27 2018 +0000
+++ b/security/libssh/PLIST Mon Dec 03 15:19:51 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2018/10/16 20:25:25 maya Exp $
+@comment $NetBSD: PLIST,v 1.9 2018/12/03 15:19:51 adam Exp $
include/libssh/callbacks.h
include/libssh/legacy.h
include/libssh/libssh.h
@@ -10,9 +10,5 @@
lib/cmake/libssh/libssh-config.cmake
lib/libssh.so
lib/libssh.so.4
-lib/libssh.so.4.4.3
-lib/libssh_threads.so
-lib/libssh_threads.so.4
-lib/libssh_threads.so.4.4.3
+lib/libssh.so.4.7.2
lib/pkgconfig/libssh.pc
-lib/pkgconfig/libssh_threads.pc
diff -r 2dc6afef378d -r d1a773033547 security/libssh/buildlink3.mk
--- a/security/libssh/buildlink3.mk Mon Dec 03 15:17:27 2018 +0000
+++ b/security/libssh/buildlink3.mk Mon Dec 03 15:19:51 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.17 2016/10/09 22:02:07 kamil Exp $
+# $NetBSD: buildlink3.mk,v 1.18 2018/12/03 15:19:51 adam Exp $
BUILDLINK_TREE+= libssh
@@ -12,15 +12,13 @@
pkgbase := libssh
.include "../../mk/pkg-build-options.mk"
-.if !empty(PKG_BUILD_OPTIONS.libssh:Mzlib)
-.include "../../devel/zlib/buildlink3.mk"
-.endif
-
.if !empty(PKG_BUILD_OPTIONS.libssh:Mopenssl)
.include "../../security/openssl/buildlink3.mk"
.endif
.include "../../devel/argp/buildlink3.mk"
+.include "../../devel/zlib/buildlink3.mk"
+.include "../../mk/krb5.buildlink3.mk"
.endif # LIBSSH_BUILDLINK3_MK
BUILDLINK_TREE+= -libssh
diff -r 2dc6afef378d -r d1a773033547 security/libssh/distinfo
--- a/security/libssh/distinfo Mon Dec 03 15:17:27 2018 +0000
+++ b/security/libssh/distinfo Mon Dec 03 15:19:51 2018 +0000
@@ -1,8 +1,7 @@
-$NetBSD: distinfo,v 1.13 2018/10/16 20:25:25 maya Exp $
+$NetBSD: distinfo,v 1.14 2018/12/03 15:19:51 adam Exp $
-SHA1 (security/libssh-0.7.6.tar.xz) = 8e5f23a861f84fa214ca1da0e3f98b839ff7c051
-RMD160 (security/libssh-0.7.6.tar.xz) = 7316fae4a5355cf2c511cd91a5a65d7354ab361f
-SHA512 (security/libssh-0.7.6.tar.xz) = 2a01402b5a9fab9ecc29200544ed45d3f2c40871ed1c8241ca793f8dc7fdb3ad2150f6a522c4321affa9b8778e280dc7ed10f76adfc4a73f0751ae735a42f56c
-Size (security/libssh-0.7.6.tar.xz) = 366556 bytes
-SHA1 (patch-aa) = 2f9a7c8a629188f40f3c94d4304b1e44720e45ae
-SHA1 (patch-cmake_Modules_DefineCompilerFlags.cmake) = 9f140ad664363953e4c7ff4e3bede74c693da993
+SHA1 (libssh-0.8.5.tar.xz) = b5564774f986e396a7288a593595455bf10d9ce8
+RMD160 (libssh-0.8.5.tar.xz) = a118e08705257814531ce6c01d2d48cf0d6e59ce
+SHA512 (libssh-0.8.5.tar.xz) = f1e90a5046e006d44a48ab36675167761d8e308ada7a1d7a1f7ba2825d222a2fab7e19dbc78b1371fee9ba74d9c55d9856a623f97842c9b9ad4c79215e344124
+Size (libssh-0.8.5.tar.xz) = 427372 bytes
+SHA1 (patch-CompilerChecks.cmake) = 86de41ab778d25368691c1b0b9ecfa653f24cc5d
diff -r 2dc6afef378d -r d1a773033547 security/libssh/options.mk
--- a/security/libssh/options.mk Mon Dec 03 15:17:27 2018 +0000
+++ b/security/libssh/options.mk Mon Dec 03 15:19:51 2018 +0000
@@ -1,19 +1,12 @@
-# $NetBSD: options.mk,v 1.3 2018/01/25 19:52:38 markd Exp $
+# $NetBSD: options.mk,v 1.4 2018/12/03 15:19:51 adam Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.libssh
PKG_OPTIONS_REQUIRED_GROUPS= crypto
PKG_OPTIONS_GROUP.crypto= openssl libgcrypt
-#PKG_SUPPORTED_OPTIONS= compression
-PKG_SUGGESTED_OPTIONS= openssl # XXX zlib
+PKG_SUGGESTED_OPTIONS= openssl
.include "../../mk/bsd.options.mk"
-.if !empty(PKG_OPTIONS:Mzlib)
-BUILDLINK_API_DEPENDS.zlib+= zlib>=1.2
-CONFIGURE_ARGS+= --with-libz=${BUILDLINK_PREFIX.zlib:Q}
-.include "../../devel/zlib/buildlink3.mk"
-.endif
-
.if !empty(PKG_OPTIONS:Mopenssl)
BUILDLINK_API_DEPENDS.openssl+= openssl>=0.9.8
CMAKE_ARGS+= -DWITH_GCRYPT:BOOL=OFF
diff -r 2dc6afef378d -r d1a773033547 security/libssh/patches/patch-CompilerChecks.cmake
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libssh/patches/patch-CompilerChecks.cmake Mon Dec 03 15:19:51 2018 +0000
@@ -0,0 +1,27 @@
+$NetBSD: patch-CompilerChecks.cmake,v 1.1 2018/12/03 15:19:51 adam Exp $
+
+Let PkgSrc handle security features.
+
+--- CompilerChecks.cmake.orig 2018-12-03 09:27:44.000000000 +0000
++++ CompilerChecks.cmake
+@@ -62,20 +62,7 @@ if (UNIX)
+ endif()
+ endif()
+
+- check_c_compiler_flag_ssp("-fstack-protector-strong" WITH_STACK_PROTECTOR_STRONG)
+- if (WITH_STACK_PROTECTOR_STRONG)
+- list(APPEND SUPPORTED_COMPILER_FLAGS "-fstack-protector-strong")
+- else (WITH_STACK_PROTECTOR_STRONG)
+- check_c_compiler_flag_ssp("-fstack-protector" WITH_STACK_PROTECTOR)
+- if (WITH_STACK_PROTECTOR)
+- list(APPEND SUPPORTED_COMPILER_FLAGS "-fstack-protector")
+- endif()
+- endif (WITH_STACK_PROTECTOR_STRONG)
+
+- check_c_compiler_flag_ssp("-fstack-clash-protection" WITH_STACK_CLASH_PROTECTION)
+- if (WITH_STACK_CLASH_PROTECTION)
+- list(APPEND SUPPORTED_COMPILER_FLAGS "-fstack-clash-protection")
+- endif()
+
+ if (PICKY_DEVELOPER)
+ add_c_compiler_flag("-Wno-error=deprecated-declarations" SUPPORTED_COMPILER_FLAGS)
diff -r 2dc6afef378d -r d1a773033547 security/libssh/patches/patch-aa
--- a/security/libssh/patches/patch-aa Mon Dec 03 15:17:27 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-$NetBSD: patch-aa,v 1.6 2015/11/18 21:00:51 christos Exp $
-
-Disable out of source build test
-
---- CMakeLists.txt.orig 2015-09-16 02:44:35.000000000 -0400
-+++ CMakeLists.txt 2015-11-17 10:44:55.000000000 -0500
-@@ -36,8 +36,8 @@
- include(CPackConfig.cmake)
-
- # disallow in-source build
--include(MacroEnsureOutOfSourceBuild)
--macro_ensure_out_of_source_build("${PROJECT_NAME} requires an out of source build. Please create a separate build directory and run 'cmake /path/to/${PROJECT_NAME} [options]' there.")
-+#include(MacroEnsureOutOfSourceBuild)
-+#macro_ensure_out_of_source_build("${PROJECT_NAME} requires an out of source build. Please create a separate build directory and run 'cmake /path/to/${PROJECT_NAME} [options]' there.")
-
- # search for libraries
- if (WITH_ZLIB)
diff -r 2dc6afef378d -r d1a773033547 security/libssh/patches/patch-cmake_Modules_DefineCompilerFlags.cmake
--- a/security/libssh/patches/patch-cmake_Modules_DefineCompilerFlags.cmake Mon Dec 03 15:17:27 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,22 +0,0 @@
-$NetBSD: patch-cmake_Modules_DefineCompilerFlags.cmake,v 1.1 2018/02/02 09:31:29 jperkin Exp $
-
-Leave pkgsrc to handle security features.
-
---- cmake/Modules/DefineCompilerFlags.cmake.orig 2016-02-15 12:42:53.000000000 +0000
-+++ cmake/Modules/DefineCompilerFlags.cmake
-@@ -21,6 +21,7 @@ if (UNIX AND NOT WIN32)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
- endif (WITH_FPIC)
-
-+ if(0)
- check_c_compiler_flag_ssp("-fstack-protector" WITH_STACK_PROTECTOR)
- if (WITH_STACK_PROTECTOR)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
-@@ -35,6 +36,7 @@ if (UNIX AND NOT WIN32)
- endif (WITH_FORTIFY_SOURCE)
- endif()
- endif()
-+ endif(0)
- endif (${CMAKE_C_COMPILER_ID} MATCHES "(GNU|Clang)")
-
- #
Home |
Main Index |
Thread Index |
Old Index