[95508] trunk/dports/net/openssh
jwa at macports.org
jwa at macports.org
Sat Jul 14 07:30:08 PDT 2012
Revision: 95508
https://trac.macports.org/changeset/95508
Author: jwa at macports.org
Date: 2012-07-14 07:30:06 -0700 (Sat, 14 Jul 2012)
Log Message:
-----------
version bump to 6.0p1, add ldns variant, drop hpn variant indefinitely (there are no people now to implement new patches), modify the patch files due to upstream code changes, fix livecheck to allow versions greater than the 5.x series, closes #34392
Modified Paths:
--------------
trunk/dports/net/openssh/Portfile
trunk/dports/net/openssh/files/GSSAPITrustDNS.patch
trunk/dports/net/openssh/files/apple-keychain.patch
trunk/dports/net/openssh/files/launchd.patch
Modified: trunk/dports/net/openssh/Portfile
===================================================================
--- trunk/dports/net/openssh/Portfile 2012-07-14 12:19:40 UTC (rev 95507)
+++ trunk/dports/net/openssh/Portfile 2012-07-14 14:30:06 UTC (rev 95508)
@@ -4,8 +4,8 @@
PortSystem 1.0
name openssh
-version 5.9p1
-revision 3
+version 6.0p1
+
categories net
platforms darwin
maintainers jwa openmaintainer
@@ -28,8 +28,8 @@
homepage http://www.openbsd.org/openssh/
checksums ${distfiles} \
- rmd160 12d92321a2b9f404641a9cdada738784eb30e1cd \
- sha256 8d3e8b6b6ff04b525a6dfa6fdeb6a99043ccf6c3310cc32eba84c939b07777d5
+ rmd160 afad16fac6500da5cdfad94e5b3cac8c68223374 \
+ sha256 589d48e952d6c017e667873486b5df63222f9133d417d0002bd6429d9bd882de
master_sites openbsd:OpenSSH/portable \
http://mirror.mcs.anl.gov/openssh/portable/ \
@@ -46,7 +46,7 @@
depends_run port:xauth
-patchfiles launchd.patch
+#patchfiles launchd.patch
# Specified -fno-builtin because GCC 3.3 has log() as a builtin
# (from math.h) while OpenSSH has its own log() function
@@ -59,8 +59,6 @@
--with-pid-dir=${prefix}/var/run \
--with-tcp-wrappers \
--with-pam \
- --disable-suid-ssh \
- --with-random=/dev/urandom \
--mandir=${prefix}/share/man \
--with-zlib=${prefix} \
--with-kerberos5=${prefix} \
@@ -71,6 +69,10 @@
destroot.target install-nokeys
+post-extract {
+ system -W ${worksrcpath} "patch -p0 <${filespath}/launchd.patch"
+}
+
post-destroot {
destroot.keepdirs ${destroot}${prefix}/var/run ${destroot}${prefix}/var/empty
reinplace "s|#Port 22|Port 2222|g" ${destroot}${prefix}/etc/ssh/sshd_config
@@ -85,23 +87,26 @@
# For high-performance patch
# re-enable when patch for current version is available
-variant hpn description "apply high performance patch" {
- patch_sites-append http://www.psc.edu/networking/projects/hpn-ssh/:hpn
- patchfiles-append ${distname}-hpn13v12.diff.gz:hpn
- checksums-append ${distname}-hpn13v12.diff.gz \
- rmd160 7ca2c431904b184072302cb3e9ab055ffb0f4024 \
- sha256 74499c3487a53eaaeaad79d89d8260c23f9a416173d7c256d1f3131677213040 \
+#variant hpn description "apply high performance patch" {
+# patch_sites-append http://www.psc.edu/networking/projects/hpn-ssh/:hpn
+# patchfiles-append ${distname}-hpn13v12.diff.gz:hpn
+# checksums-append ${distname}-hpn13v12.diff.gz \
+# rmd160 7ca2c431904b184072302cb3e9ab055ffb0f4024 \
+# sha256 74499c3487a53eaaeaad79d89d8260c23f9a416173d7c256d1f3131677213040 \
+#
+# patch.pre_args
+# post-patch {
+# reinplace "s|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|" ${worksrcpath}/version.h
+# }
+#}
- patch.pre_args
- post-patch {
- reinplace "s|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|" ${worksrcpath}/version.h
+variant gss_api_trust_dns description "Enable GSSAPITrustDNS SSH configuration keyword" {
+# patchfiles-append GSSAPITrustDNS.patch
+ post-extract {
+ system -W ${worksrcpath} "patch -p0 <${filespath}/GSSAPITrustDNS.patch"
}
}
-variant gss_api_trust_dns description "Enable GSSAPITrustDNS SSH configuration keyword" {
- patchfiles-append GSSAPITrustDNS.patch
-}
-
variant gsskex description "Add OpenSSH GSSAPI key exchange patch" {
set extra_cppflags [concat \
"-F/System/Library/Frameworks/OpenDirectory.framework" \
@@ -123,6 +128,11 @@
LDFLAGS="-Wl,-pie -framework CoreFoundation -framework OpenDirectory"
}
+variant ldns description "Use ldns for DNSSEC support" {
+ configure.args-append --with-ldns
+ depends_lib-append port:ldns
+}
+
platform darwin {
# create link to /usr/include/pam because 'security' was renamed to 'pam'
# in OS X.
@@ -158,5 +168,6 @@
livecheck.type regex
+livecheck.version [lindex [split ${version} p] 0]
livecheck.url ${homepage}
-livecheck.regex (5.\[0-9\]p\[0-9\])
+livecheck.regex OpenSSH (\[5-9\].\[0-9\])(p\[0-9\])?
Modified: trunk/dports/net/openssh/files/GSSAPITrustDNS.patch
===================================================================
--- trunk/dports/net/openssh/files/GSSAPITrustDNS.patch 2012-07-14 12:19:40 UTC (rev 95507)
+++ trunk/dports/net/openssh/files/GSSAPITrustDNS.patch 2012-07-14 14:30:06 UTC (rev 95508)
@@ -1,19 +1,14 @@
-Index: readconf.c
-===================================================================
-RCS file: /cvs/openssh/readconf.c,v
-retrieving revision 1.135
-diff -u -r1.135 readconf.c
---- readconf.c 5 Aug 2006 02:39:40 -0000 1.135
-+++ readconf.c 19 Aug 2006 11:59:52 -0000
-@@ -126,6 +126,7 @@
+--- readconf.c.orig 2012-07-14 14:37:12.000000000 +0300
++++ readconf.c 2012-07-14 14:46:48.000000000 +0300
+@@ -129,6 +129,7 @@
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
+ oGssTrustDns,
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
- oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
-@@ -163,9 +164,11 @@
+ oSendEnv, oControlPath, oControlMaster, oControlPersist,
+ oHashKnownHosts,
+@@ -170,9 +171,11 @@
#if defined(GSSAPI)
{ "gssapiauthentication", oGssAuthentication },
{ "gssapidelegatecredentials", oGssDelegateCreds },
@@ -25,7 +20,7 @@
#endif
{ "fallbacktorsh", oDeprecated },
{ "usersh", oDeprecated },
-@@ -444,6 +447,10 @@
+@@ -487,6 +490,10 @@
intptr = &options->gss_deleg_creds;
goto parse_flag;
@@ -36,7 +31,7 @@
case oBatchMode:
intptr = &options->batch_mode;
goto parse_flag;
-@@ -1010,6 +1017,7 @@
+@@ -1140,6 +1147,7 @@
options->challenge_response_authentication = -1;
options->gss_authentication = -1;
options->gss_deleg_creds = -1;
@@ -44,7 +39,7 @@
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
options->kbd_interactive_devices = NULL;
-@@ -1100,6 +1108,8 @@
+@@ -1241,6 +1249,8 @@
options->gss_authentication = 0;
if (options->gss_deleg_creds == -1)
options->gss_deleg_creds = 0;
@@ -53,14 +48,9 @@
if (options->password_authentication == -1)
options->password_authentication = 1;
if (options->kbd_interactive_authentication == -1)
-Index: readconf.h
-===================================================================
-RCS file: /cvs/openssh/readconf.h,v
-retrieving revision 1.63
-diff -u -r1.63 readconf.h
---- readconf.h 5 Aug 2006 02:39:40 -0000 1.63
-+++ readconf.h 19 Aug 2006 11:59:52 -0000
-@@ -45,6 +45,7 @@
+--- readconf.h.orig 2012-07-14 14:37:12.000000000 +0300
++++ readconf.h 2012-07-14 14:47:18.000000000 +0300
+@@ -49,6 +49,7 @@
/* Try S/Key or TIS, authentication. */
int gss_authentication; /* Try GSS authentication */
int gss_deleg_creds; /* Delegate GSS credentials */
@@ -68,14 +58,9 @@
int password_authentication; /* Try password
* authentication. */
int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-Index: ssh_config.5
-===================================================================
-RCS file: /cvs/openssh/ssh_config.5,v
-retrieving revision 1.97
-diff -u -r1.97 ssh_config.5
---- ssh_config.5 5 Aug 2006 01:34:51 -0000 1.97
-+++ ssh_config.5 19 Aug 2006 11:59:53 -0000
-@@ -483,7 +483,16 @@
+--- ssh_config.5.orig 2012-07-14 14:37:39.000000000 +0300
++++ ssh_config.5 2012-07-14 14:48:57.000000000 +0300
+@@ -531,7 +531,16 @@
Forward (delegate) credentials to the server.
The default is
.Dq no .
@@ -93,14 +78,9 @@
.It Cm HashKnownHosts
Indicates that
.Xr ssh 1
-Index: sshconnect2.c
-===================================================================
-RCS file: /cvs/openssh/sshconnect2.c,v
-retrieving revision 1.151
-diff -u -r1.151 sshconnect2.c
---- sshconnect2.c 18 Aug 2006 14:33:34 -0000 1.151
-+++ sshconnect2.c 19 Aug 2006 11:59:53 -0000
-@@ -499,6 +499,12 @@
+--- sshconnect2.c.orig 2012-07-14 14:38:04.000000000 +0300
++++ sshconnect2.c 2012-07-14 14:51:41.000000000 +0300
+@@ -626,6 +626,12 @@
static u_int mech = 0;
OM_uint32 min;
int ok = 0;
@@ -113,7 +93,7 @@
/* Try one GSSAPI method at a time, rather than sending them all at
* once. */
-@@ -511,7 +517,7 @@
+@@ -638,7 +644,7 @@
/* My DER encoding requires length<128 */
if (gss_supported->elements[mech].length < 128 &&
ssh_gssapi_check_mechanism(&gssctxt,
Modified: trunk/dports/net/openssh/files/apple-keychain.patch
===================================================================
--- trunk/dports/net/openssh/files/apple-keychain.patch 2012-07-14 12:19:40 UTC (rev 95507)
+++ trunk/dports/net/openssh/files/apple-keychain.patch 2012-07-14 14:30:06 UTC (rev 95508)
@@ -1567,20 +1567,20 @@
+ ssh-add -- adds private key identities to the authentication agent
SYNOPSIS
-- ssh-add [-cDdLlXx] [-t life] [file ...]
-+ ssh-add [-cDdLlXxKk] [-t life] [file ...]
+- ssh-add [-cDdkLlXx] [-t life] [file ...]
++ ssh-add [-cDdLlXxZz] [-t life] [file ...]
ssh-add -s pkcs11
ssh-add -e pkcs11
-@@ -63,6 +63,13 @@ DESCRIPTION
+@@ -66,6 +66,13 @@
-x Lock the agent with a password.
-+ -K When adding identities, each passphrase will also be stored in
++ -Z When adding identities, each passphrase will also be stored in
+ your keychain. When removing identities with -d, each passphrase
+ will be removed from your keychain.
+
-+ -k Add identities to the agent using any passphrases stored in your
++ -z Add identities to the agent using any passphrases stored in your
+ keychain.
+
ENVIRONMENT
@@ -1594,20 +1594,20 @@
.Nd adds private key identities to the authentication agent
.Sh SYNOPSIS
.Nm ssh-add
--.Op Fl cDdLlXx
-+.Op Fl cDdLlXxKk
+-.Op Fl cDdkLlXx
++.Op Fl cDdLlXxZz
.Op Fl t Ar life
.Op Ar
.Nm ssh-add
-@@ -127,6 +127,12 @@ specified in
+@@ -130,6 +130,12 @@
Unlock the agent.
.It Fl x
Lock the agent with a password.
-+.It Fl K
++.It Fl Z
+When adding identities, each passphrase will also be stored in your
+keychain. When removing identities with -d, each passphrase will be
+removed from your keychain.
-+.It Fl k
++.It Fl z
+Add identities to the agent using any passphrases stored in your keychain.
.El
.Sh ENVIRONMENT
@@ -1624,7 +1624,7 @@
/* argv0 */
extern char *__progname;
-@@ -96,12 +97,24 @@ clear_pass(void)
+@@ -96,7 +97,17 @@
}
static int
@@ -1643,23 +1643,16 @@
{
Key *public;
char *comment = NULL;
- int ret = -1;
-
-+ if (keychain)
-+ remove_from_keychain(filename);
- public = key_load_public(filename, &comment);
- if (public == NULL) {
- printf("Bad key file %s\n", filename);
-@@ -139,7 +152,7 @@ delete_all(AuthenticationConnection *ac)
+@@ -139,7 +150,7 @@
}
static int
--add_file(AuthenticationConnection *ac, const char *filename)
-+add_file(AuthenticationConnection *ac, int keychain, const char *filename)
+-add_file(AuthenticationConnection *ac, const char *filename, int key_only)
++add_file(AuthenticationConnection *ac, int keychain, const char *filename, int key_only)
{
Key *private, *cert;
char *comment = NULL;
-@@ -176,11 +189,16 @@ add_file(AuthenticationConnection *ac, const char *filename)
+@@ -176,11 +187,16 @@
/* At first, try empty passphrase */
private = key_parse_private(&keyblob, filename, "", &comment);
@@ -1677,7 +1670,7 @@
if (private == NULL) {
/* clear passphrase since it did not work */
clear_pass();
-@@ -196,8 +214,11 @@ add_file(AuthenticationConnection *ac, const char *filename)
+@@ -196,8 +212,11 @@
}
private = key_parse_private(&keyblob, filename, pass,
&comment);
@@ -1690,67 +1683,67 @@
clear_pass();
snprintf(msg, sizeof msg,
"Bad passphrase, try again for %.200s: ", comment);
-@@ -347,13 +368,13 @@ lock_agent(AuthenticationConnection *ac, int lock)
+@@ -351,13 +370,13 @@
}
static int
--do_file(AuthenticationConnection *ac, int deleting, char *file)
-+do_file(AuthenticationConnection *ac, int deleting, int keychain, char *file)
+-do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file)
++do_file(AuthenticationConnection *ac, int deleting, int keychain, int key_only, char *file)
{
if (deleting) {
- if (delete_file(ac, file) == -1)
-+ if (delete_file(ac, keychain, file) == -1)
++ if (delete_file(ac, keychain, file) == -1)
return -1;
} else {
-- if (add_file(ac, file) == -1)
-+ if (add_file(ac, keychain, file) == -1)
+- if (add_file(ac, file, key_only) == -1)
++ if (add_file(ac, keychain, file, key_only) == -1)
return -1;
}
return 0;
-@@ -374,6 +395,11 @@ usage(void)
- fprintf(stderr, " -c Require confirmation to sign using identities\n");
+@@ -379,6 +398,11 @@
+ fprintf(stderr, " -X Unlock agent.\n");
fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n");
fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n");
+#ifdef KEYCHAIN
-+ fprintf(stderr, " -k Add all identities stored in your keychain.\n");
-+ fprintf(stderr, " -K Store passphrases in your keychain.\n");
++ fprintf(stderr, " -z Add all identities stored in your keychain.\n");
++ fprintf(stderr, " -Z Store passphrases in your keychain.\n");
+ fprintf(stderr, " With -d, remove passphrases from your keychain.\n");
+#endif
}
int
-@@ -384,6 +410,7 @@ main(int argc, char **argv)
+@@ -389,6 +413,7 @@
AuthenticationConnection *ac = NULL;
char *pkcs11provider = NULL;
- int i, ch, deleting = 0, ret = 0;
+ int i, ch, deleting = 0, ret = 0, key_only = 0;
+ int keychain = 0;
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
-@@ -400,7 +427,7 @@ main(int argc, char **argv)
+@@ -405,7 +430,7 @@
"Could not open a connection to your authentication agent.\n");
exit(2);
}
-- while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) {
-+ while ((ch = getopt(argc, argv, "lLcdDxXe:s:kKt:")) != -1) {
+- while ((ch = getopt(argc, argv, "klLcdDxXe:s:t:")) != -1) {
++ while ((ch = getopt(argc, argv, "klLcdDxXe:s:zZt:")) != -1) {
switch (ch) {
- case 'l':
- case 'L':
-@@ -422,6 +449,13 @@ main(int argc, char **argv)
+ case 'k':
+ key_only = 1;
+@@ -430,6 +455,13 @@
if (delete_all(ac) == -1)
ret = 1;
goto done;
-+ case 'k':
++ case 'z':
+ if (add_from_keychain(ac) == -1)
+ ret = 1;
+ goto done;
-+ case 'K':
++ case 'Z':
+ keychain = 1;
+ break;
case 's':
pkcs11provider = optarg;
break;
-@@ -452,6 +486,7 @@ main(int argc, char **argv)
+@@ -460,6 +492,7 @@
if (argc == 0) {
char buf[MAXPATHLEN];
struct passwd *pw;
@@ -1758,7 +1751,7 @@
struct stat st;
int count = 0;
-@@ -462,21 +497,25 @@ main(int argc, char **argv)
+@@ -470,21 +503,25 @@
goto done;
}
@@ -1770,8 +1763,8 @@
default_files[i]);
if (stat(buf, &st) < 0)
continue;
-- if (do_file(ac, deleting, buf) == -1)
-+ if (do_file(ac, deleting, keychain, buf) == -1)
+- if (do_file(ac, deleting, key_only, buf) == -1)
++ if (do_file(ac, deleting, keychain, key_only, buf) == -1)
ret = 1;
else
count++;
@@ -1782,8 +1775,8 @@
+ xfree(pw_dir);
} else {
for (i = 0; i < argc; i++) {
-- if (do_file(ac, deleting, argv[i]) == -1)
-+ if (do_file(ac, deleting, keychain, argv[i]) == -1)
+- if (do_file(ac, deleting, key_only, argv[i]) == -1)
++ if (do_file(ac, deleting, keychain, key_only, argv[i]) == -1)
ret = 1;
}
}
Modified: trunk/dports/net/openssh/files/launchd.patch
===================================================================
--- trunk/dports/net/openssh/files/launchd.patch 2012-07-14 12:19:40 UTC (rev 95507)
+++ trunk/dports/net/openssh/files/launchd.patch 2012-07-14 14:30:06 UTC (rev 95508)
@@ -1,6 +1,6 @@
---- clientloop.c.orig 2011-06-22 15:31:58.000000000 -0700
-+++ clientloop.c 2012-04-19 09:15:26.000000000 -0700
-@@ -296,6 +296,11 @@ client_x11_get_proto(const char *display
+--- clientloop.c 2012-07-14 14:26:09.000000000 +0300
++++ clientloop.c 2012-07-14 14:30:19.000000000 +0300
+@@ -313,6 +313,11 @@
struct stat st;
u_int now;
@@ -12,7 +12,7 @@
xauthdir = xauthfile = NULL;
*_proto = proto;
*_data = data;
-@@ -308,6 +313,24 @@ client_x11_get_proto(const char *display
+@@ -328,6 +333,24 @@
debug("x11_get_proto: DISPLAY not set");
return;
}
@@ -37,7 +37,7 @@
/*
* Handle FamilyLocal case where $DISPLAY does
* not match an authorization entry. For this we
-@@ -389,6 +412,9 @@ client_x11_get_proto(const char *display
+@@ -409,6 +432,9 @@
if (!got_data) {
u_int32_t rnd = 0;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20120714/a551aaf6/attachment-0001.html>
More information about the macports-changes
mailing list