[92129] trunk/dports/net/openssh
jeremyhu at macports.org
jeremyhu at macports.org
Thu Apr 19 09:20:26 PDT 2012
Revision: 92129
https://trac.macports.org/changeset/92129
Author: jeremyhu at macports.org
Date: 2012-04-19 09:20:26 -0700 (Thu, 19 Apr 2012)
Log Message:
-----------
openssh: Show the xauth warning only when appropriate (related to #29619), and use our kerberos (#23422).
Modified Paths:
--------------
trunk/dports/net/openssh/Portfile
Added Paths:
-----------
trunk/dports/net/openssh/files/launchd.patch
Removed Paths:
-------------
trunk/dports/net/openssh/files/DVG-5142987_launchd_DISPLAY_for_X11.patch
Modified: trunk/dports/net/openssh/Portfile
===================================================================
--- trunk/dports/net/openssh/Portfile 2012-04-19 16:15:27 UTC (rev 92128)
+++ trunk/dports/net/openssh/Portfile 2012-04-19 16:20:26 UTC (rev 92129)
@@ -5,7 +5,7 @@
name openssh
version 5.9p1
-revision 2
+revision 3
categories net
maintainers jwa openmaintainer
@@ -36,9 +36,12 @@
ftp://ftp.cse.buffalo.edu/pub/OpenBSD/OpenSSH/portable/ \
ftp://openbsd.mirrors.pair.com/ftp/OpenSSH/portable \
ftp://openbsd.secsup.org/pub/openbsd/OpenSSH/portable/
-depends_lib port:openssl port:zlib
+depends_lib port:openssl port:zlib port:kerberos5
depends_run port:xauth
+patchfiles \
+ launchd.patch
+
# Specified -fno-builtin because GCC 3.3 has log() as a builtin
# (from math.h) while OpenSSH has its own log() function
# -- from fink.
@@ -48,7 +51,7 @@
--with-pid-dir=${prefix}/var/run --with-tcp-wrappers \
--with-pam --disable-suid-ssh --with-random=/dev/urandom \
--mandir=${prefix}/share/man --with-zlib=${prefix} \
- --with-kerberos5=/usr --with-xauth=${prefix}/bin/xauth \
+ --with-kerberos5=${prefix} --with-xauth=${prefix}/bin/xauth \
--with-libedit
use_parallel_build yes
@@ -82,10 +85,6 @@
}
}
-variant mute_fake_xauth description "Do not print (typically due to XQuartz) 'using fake authentication data' warning messages" {
- patchfiles-append patch-clientloop.c.diff
-}
-
variant gss_api_trust_dns description "Enable GSSAPITrustDNS SSH configuration keyword" {
patchfiles-append GSSAPITrustDNS.patch
}
@@ -115,15 +114,6 @@
}
}
-platform darwin 9 {
-# patch_sites-append http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/patches/:apple
-# patchfiles-append DVG-5142987_launchd_DISPLAY_for_X11.patch:apple
-# checksums-append DVG-5142987_launchd_DISPLAY_for_X11.patch \
-# md5 e188ebbba95c4cde61e0e1b2edc9f992 \
-# sha1 62735c5bfbbe1fa41433993435ded7767cc5f1f9 \
-# rmd160 eb5262f554583f4925f6f91f6a6d0034c70098ad
-}
-
startupitem.create yes
startupitem.name OpenSSH
startupitem.start \
Deleted: trunk/dports/net/openssh/files/DVG-5142987_launchd_DISPLAY_for_X11.patch
===================================================================
--- trunk/dports/net/openssh/files/DVG-5142987_launchd_DISPLAY_for_X11.patch 2012-04-19 16:15:27 UTC (rev 92128)
+++ trunk/dports/net/openssh/files/DVG-5142987_launchd_DISPLAY_for_X11.patch 2012-04-19 16:20:26 UTC (rev 92129)
@@ -1,55 +0,0 @@
-diff -uNr ../openssh-4.5p1.orig/channels.c ./channels.c
---- ../openssh-4.5p1.orig/channels.c 2006-08-29 18:07:40.000000000 -0700
-+++ ./channels.c 2007-04-19 18:59:28.000000000 -0700
-@@ -2954,7 +2954,7 @@
- }
-
- static int
--connect_local_xsocket(u_int dnr)
-+connect_local_xsocket_path(const char *pathname)
- {
- int sock;
- struct sockaddr_un addr;
-@@ -2964,7 +2964,7 @@
- error("socket: %.100s", strerror(errno));
- memset(&addr, 0, sizeof(addr));
- addr.sun_family = AF_UNIX;
-- snprintf(addr.sun_path, sizeof addr.sun_path, _PATH_UNIX_X, dnr);
-+ strlcpy(addr.sun_path, pathname, sizeof addr.sun_path);
- if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == 0)
- return sock;
- close(sock);
-@@ -2972,6 +2972,14 @@
- return -1;
- }
-
-+static int
-+connect_local_xsocket(u_int dnr)
-+{
-+ char buf[1024];
-+ snprintf(buf, sizeof buf, _PATH_UNIX_X, dnr);
-+ return connect_local_xsocket_path(buf);
-+}
-+
- int
- x11_connect_display(void)
- {
-@@ -2994,9 +3002,18 @@
- */
-
- /*
-+ * Check if the display is from launchd, then...
- * Check if it is a unix domain socket. Unix domain displays are in
- * one of the following formats: unix:d[.s], :d[.s], ::d[.s]
- */
-+ if (strncmp(display, "/tmp/launch", 11) == 0) {
-+ sock = connect_local_xsocket_path(display);
-+ if (sock < 0)
-+ return -1;
-+
-+ /* OK, we now have a connection to the display. */
-+ return sock;
-+ }
- if (strncmp(display, "unix:", 5) == 0 ||
- display[0] == ':') {
- /* Connect to the unix domain socket. */
Added: trunk/dports/net/openssh/files/launchd.patch
===================================================================
--- trunk/dports/net/openssh/files/launchd.patch (rev 0)
+++ trunk/dports/net/openssh/files/launchd.patch 2012-04-19 16:20:26 UTC (rev 92129)
@@ -0,0 +1,49 @@
+--- clientloop.c.orig 2011-06-22 15:31:58.000000000 -0700
++++ clientloop.c 2012-04-19 09:15:26.000000000 -0700
+@@ -296,6 +296,11 @@ client_x11_get_proto(const char *display
+ struct stat st;
+ u_int now;
+
++#if __APPLE__
++ char *strptr = NULL;
++ int is_launchd = 0, len_to_screen = 0;
++#endif /* __APPLE__ */
++
+ xauthdir = xauthfile = NULL;
+ *_proto = proto;
+ *_data = data;
+@@ -308,6 +313,24 @@ client_x11_get_proto(const char *display
+ debug("x11_get_proto: DISPLAY not set");
+ return;
+ }
++#if __APPLE__
++ /*
++ * If using launchd socket, then remove the screen number from
++ * end of $DISPLAY. is_launchd is used later in this function
++ * to determine if an error should be displayed.
++ */
++ if (strncmp(display, "/tmp/launch-", 12) == 0) {
++ is_launchd = 1;
++ if (NULL != (strptr = rindex(display, ':')) &&
++ NULL != (strptr = index(strptr, '.'))) {
++ debug("x11_get_proto: $DISPLAY is launchd, removing screennum");
++ len_to_screen = strptr - display;
++ strlcpy(xdisplay, display, (len_to_screen + 1));
++ display = xdisplay;
++ setenv("DISPLAY", display, 1);
++ }
++ }
++#endif /* __APPLE__ */
+ /*
+ * Handle FamilyLocal case where $DISPLAY does
+ * not match an authorization entry. For this we
+@@ -389,6 +412,9 @@ client_x11_get_proto(const char *display
+ if (!got_data) {
+ u_int32_t rnd = 0;
+
++#if __APPLE__
++ if (!is_launchd)
++#endif /* __APPLE__ */
+ logit("Warning: No xauth data; "
+ "using fake authentication data for X11 forwarding.");
+ strlcpy(proto, SSH_X11_PROTO, sizeof proto);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20120419/6bbfc952/attachment.html>
More information about the macports-changes
mailing list