[110737] trunk/dports/net/openssh
cal at macports.org
cal at macports.org
Wed Sep 4 15:26:01 PDT 2013
Revision: 110737
https://trac.macports.org/changeset/110737
Author: cal at macports.org
Date: 2013-09-04 15:26:00 -0700 (Wed, 04 Sep 2013)
Log Message:
-----------
openssh: re-enable hpn patch, closes #40323
Modified Paths:
--------------
trunk/dports/net/openssh/Portfile
trunk/dports/net/openssh/files/launchd.patch
trunk/dports/net/openssh/files/openssh-6.2p2-gsskex-all-20110125.patch
Modified: trunk/dports/net/openssh/Portfile
===================================================================
--- trunk/dports/net/openssh/Portfile 2013-09-04 22:21:22 UTC (rev 110736)
+++ trunk/dports/net/openssh/Portfile 2013-09-04 22:26:00 UTC (rev 110737)
@@ -46,6 +46,8 @@
port:zlib \
port:kerberos5
+# the HPN patch needs this, so rewrite all other patches to support it, too
+patch.args -p1
patchfiles launchd.patch
# Specified -fno-builtin because GCC 3.3 has log() as a builtin
@@ -101,31 +103,23 @@
variant no_x11 requires xauth description {Legacy compatibility variant} {}
-# Disable HPN variant since it currently doesn't work with 6.2
-#variant hpn description "apply high performance patch" {
-# # http://www.psc.edu/index.php/hpn-ssh
-# #patch_sites-append http://www.psc.edu/index.php/component/remository/func-download/861/chk,20152cee1847ff688dabbe20eab6505c/no_html,1/?dummy=:hpn
-# patch_sites-append googlecode:latian-linux:hpn
-# set hpn_patchfile ${distname}-hpn13v14.diff.gz
-# patchfiles-append ${hpn_patchfile}:hpn
-# checksums-append ${hpn_patchfile} \
-# rmd160 e422c76f2aad6efd2b5101fbe0018df3f95bf5cb \
-# sha256 d8dada89de2f17f89c1ac40e4cf4e87b69eecde15a1f84baeddd991aa9d1aa91
-#
-# patch.pre_args
-# post-patch {
-# reinplace "s|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SH_HPN|" ${worksrcpath}/version.h
-# }
-#}
+variant hpn conflicts gsskex description {Apply high performance patch} {
+ # http://www.psc.edu/index.php/hpn-ssh
+ patch_sites-append http://distfiles.gentoo.org/distfiles/:hpn
+ set hpn_patchfile ${distname}-hpn14v1.diff.gz
+ patchfiles-append ${hpn_patchfile}:hpn
+ checksums-append ${hpn_patchfile} \
+ rmd160 6e1593e58b093d0908a98f3bba5c3b187eabffc8 \
+ sha256 5243c76ceecb2fd0934d87fd9c33604ff0241c00156e456bf5b7e40e407d8c90
+}
-variant gsskex description "Add OpenSSH GSSAPI key exchange patch" {
+variant gsskex conflicts hpn description "Add OpenSSH GSSAPI key exchange patch" {
set extra_cppflags [concat \
"-F/System/Library/Frameworks/DirectoryService.framework" \
"-F/System/Library/Frameworks/CoreFoundation.framework" \
"-D_UTMPX_COMPAT -D__APPLE_LAUNCHD__ -D__APPLE_MEMBERSHIP__" \
"-D__APPLE_XSAN__"]
use_autoreconf yes
- patch.pre_args -p0
patchfiles-append openssh-6.2p2-gsskex-all-20110125.patch \
0002-Apple-keychain-integration-other-changes.patch
configure.args-append --with-4in6 \
Modified: trunk/dports/net/openssh/files/launchd.patch
===================================================================
--- trunk/dports/net/openssh/files/launchd.patch 2013-09-04 22:21:22 UTC (rev 110736)
+++ trunk/dports/net/openssh/files/launchd.patch 2013-09-04 22:26:00 UTC (rev 110737)
@@ -1,5 +1,5 @@
---- clientloop.c 2012-07-14 14:26:09.000000000 +0300
-+++ clientloop.c 2012-07-14 14:30:19.000000000 +0300
+--- a/clientloop.c 2012-07-14 14:26:09.000000000 +0300
++++ b/clientloop.c 2012-07-14 14:30:19.000000000 +0300
@@ -313,6 +313,11 @@
struct stat st;
u_int now;
Modified: trunk/dports/net/openssh/files/openssh-6.2p2-gsskex-all-20110125.patch
===================================================================
--- trunk/dports/net/openssh/files/openssh-6.2p2-gsskex-all-20110125.patch 2013-09-04 22:21:22 UTC (rev 110736)
+++ trunk/dports/net/openssh/files/openssh-6.2p2-gsskex-all-20110125.patch 2013-09-04 22:26:00 UTC (rev 110737)
@@ -8,7 +8,7 @@
new file mode 100644
index 0000000..f117a33
--- /dev/null
-+++ ChangeLog.gssapi
++++ b/ChangeLog.gssapi
@@ -0,0 +1,113 @@
+20110101
+ - Finally update for OpenSSH 5.6p1
@@ -125,8 +125,8 @@
+ <gssapi-with-mic support is Bugzilla #1008>
diff --git Makefile.in Makefile.in
index d327787..dd0502e 100644
---- Makefile.in
-+++ Makefile.in
+--- a/Makefile.in
++++ b/Makefile.in
@@ -72,6 +72,7 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o bufbn.o buffer.o \
atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
@@ -146,8 +146,8 @@
roaming_common.o roaming_serv.o \
diff --git auth-krb5.c auth-krb5.c
index 922c66c..91529ea 100644
---- auth-krb5.c
-+++ auth-krb5.c
+--- a/auth-krb5.c
++++ b/auth-krb5.c
@@ -170,8 +170,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
len = strlen(authctxt->krb5_ticket_file) + 6;
@@ -197,8 +197,8 @@
}
diff --git auth2-gss.c auth2-gss.c
index 93d576b..17d4a3a 100644
---- auth2-gss.c
-+++ auth2-gss.c
+--- a/auth2-gss.c
++++ b/auth2-gss.c
@@ -1,7 +1,7 @@
/* $OpenBSD: auth2-gss.c,v 1.18 2012/12/02 20:34:09 djm Exp $ */
@@ -284,8 +284,8 @@
userauth_gssapi,
diff --git auth2.c auth2.c
index e367a10..d259400 100644
---- auth2.c
-+++ auth2.c
+--- a/auth2.c
++++ b/auth2.c
@@ -69,6 +69,7 @@ extern Authmethod method_passwd;
extern Authmethod method_kbdint;
extern Authmethod method_hostbased;
@@ -304,8 +304,8 @@
#ifdef JPAKE
diff --git clientloop.c clientloop.c
index c1d1d44..2ef816a 100644
---- clientloop.c
-+++ clientloop.c
+--- a/clientloop.c
++++ b/clientloop.c
@@ -111,6 +111,10 @@
#include "msg.h"
#include "roaming.h"
@@ -335,8 +335,8 @@
xxx_kex->done = 0;
diff --git configure.ac configure.ac
index 88dd29e..02f8e3f 100644
---- configure.ac
-+++ configure.ac
+--- a/configure.ac
++++ b/configure.ac
@@ -533,6 +533,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
[Use tunnel device compatibility to OpenBSD])
AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
@@ -370,8 +370,8 @@
AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records])
diff --git gss-genr.c gss-genr.c
index 842f385..f9b39cf 100644
---- gss-genr.c
-+++ gss-genr.c
+--- a/gss-genr.c
++++ b/gss-genr.c
@@ -1,7 +1,7 @@
/* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */
@@ -721,8 +721,8 @@
#endif /* GSSAPI */
diff --git gss-serv-krb5.c gss-serv-krb5.c
index 5a625ac..e7170ee 100644
---- gss-serv-krb5.c
-+++ gss-serv-krb5.c
+--- a/gss-serv-krb5.c
++++ b/gss-serv-krb5.c
@@ -1,7 +1,7 @@
/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
@@ -845,8 +845,8 @@
#endif /* KRB5 */
diff --git gss-serv.c gss-serv.c
index c719c13..380895e 100644
---- gss-serv.c
-+++ gss-serv.c
+--- a/gss-serv.c
++++ b/gss-serv.c
@@ -1,7 +1,7 @@
/* $OpenBSD: gss-serv.c,v 1.23 2011/08/01 19:18:15 markus Exp $ */
@@ -1162,8 +1162,8 @@
#endif
diff --git kex.c kex.c
index 57a79dd..f9e7a9c 100644
---- kex.c
-+++ kex.c
+--- a/kex.c
++++ b/kex.c
@@ -50,6 +50,10 @@
#include "monitor.h"
#include "roaming.h"
@@ -1198,8 +1198,8 @@
}
diff --git kex.h kex.h
index 46731fa..8013ab8 100644
---- kex.h
-+++ kex.h
+--- a/kex.h
++++ b/kex.h
@@ -73,6 +73,9 @@ enum kex_exchange {
KEX_DH_GEX_SHA1,
KEX_DH_GEX_SHA256,
@@ -1239,7 +1239,7 @@
new file mode 100644
index 0000000..39be405
--- /dev/null
-+++ kexgssc.c
++++ b/kexgssc.c
@@ -0,0 +1,334 @@
+/*
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -1579,7 +1579,7 @@
new file mode 100644
index 0000000..0c3eeaa
--- /dev/null
-+++ kexgsss.c
++++ b/kexgsss.c
@@ -0,0 +1,288 @@
+/*
+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -1871,8 +1871,8 @@
+#endif /* GSSAPI */
diff --git key.c key.c
index 4cc5c5d..fdfed5c 100644
---- key.c
-+++ key.c
+--- a/key.c
++++ b/key.c
@@ -976,6 +976,8 @@ key_ssh_name_from_type_nid(int type, int nid)
}
break;
@@ -1893,8 +1893,8 @@
debug2("key_type_from_name: unknown key type '%s'", name);
diff --git key.h key.h
index ebdf456..4beaf20 100644
---- key.h
-+++ key.h
+--- a/key.h
++++ b/key.h
@@ -44,6 +44,7 @@ enum types {
KEY_ECDSA_CERT,
KEY_RSA_CERT_V00,
@@ -1905,8 +1905,8 @@
enum fp_type {
diff --git monitor.c monitor.c
index 8006b83..d7a782f 100644
---- monitor.c
-+++ monitor.c
+--- a/monitor.c
++++ b/monitor.c
@@ -180,6 +180,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *);
int mm_answer_gss_accept_ctx(int, Buffer *);
int mm_answer_gss_userok(int, Buffer *);
@@ -2101,8 +2101,8 @@
#ifdef JPAKE
diff --git monitor.h monitor.h
index 2caa469..d4dbc5a 100644
---- monitor.h
-+++ monitor.h
+--- a/monitor.h
++++ b/monitor.h
@@ -62,6 +62,9 @@ enum monitor_reqtype {
MONITOR_REQ_JPAKE_KEY_CONFIRM = 58, MONITOR_ANS_JPAKE_KEY_CONFIRM = 59,
MONITOR_REQ_JPAKE_CHECK_CONFIRM = 60, MONITOR_ANS_JPAKE_CHECK_CONFIRM = 61,
@@ -2115,8 +2115,8 @@
MONITOR_REQ_PAM_INIT_CTX = 104, MONITOR_ANS_PAM_INIT_CTX = 105,
diff --git monitor_wrap.c monitor_wrap.c
index ea654a7..ed8dbda 100644
---- monitor_wrap.c
-+++ monitor_wrap.c
+--- a/monitor_wrap.c
++++ b/monitor_wrap.c
@@ -1271,7 +1271,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
}
@@ -2180,8 +2180,8 @@
#ifdef JPAKE
diff --git monitor_wrap.h monitor_wrap.h
index 0c7f2e3..ec9b9b1 100644
---- monitor_wrap.h
-+++ monitor_wrap.h
+--- a/monitor_wrap.h
++++ b/monitor_wrap.h
@@ -58,8 +58,10 @@ BIGNUM *mm_auth_rsa_generate_challenge(Key *);
OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
@@ -2196,8 +2196,8 @@
#ifdef USE_PAM
diff --git readconf.c readconf.c
index 36265e4..375ca32 100644
---- readconf.c
-+++ readconf.c
+--- a/readconf.c
++++ b/readconf.c
@@ -129,6 +129,8 @@ typedef enum {
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
@@ -2288,8 +2288,8 @@
if (options->kbd_interactive_authentication == -1)
diff --git readconf.h readconf.h
index 8416489..0835cb6 100644
---- readconf.h
-+++ readconf.h
+--- a/readconf.h
++++ b/readconf.h
@@ -48,7 +48,12 @@ typedef struct {
int challenge_response_authentication;
/* Try S/Key or TIS, authentication. */
@@ -2305,8 +2305,8 @@
int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
diff --git servconf.c servconf.c
index b2a60fd..cdc0293 100644
---- servconf.c
-+++ servconf.c
+--- a/servconf.c
++++ b/servconf.c
@@ -102,7 +102,10 @@ initialize_server_options(ServerOptions *options)
options->kerberos_ticket_cleanup = -1;
options->kerberos_get_afs_token = -1;
@@ -2401,8 +2401,8 @@
dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
diff --git servconf.h servconf.h
index 870c709..06e21a9 100644
---- servconf.h
-+++ servconf.h
+--- a/servconf.h
++++ b/servconf.h
@@ -110,7 +110,10 @@ typedef struct {
int kerberos_get_afs_token; /* If true, try to get AFS token if
* authenticated with Kerberos. */
@@ -2416,8 +2416,8 @@
int kbd_interactive_authentication; /* If true, permit */
diff --git ssh-gss.h ssh-gss.h
index 077e13c..bc6e8f9 100644
---- ssh-gss.h
-+++ ssh-gss.h
+--- a/ssh-gss.h
++++ b/ssh-gss.h
@@ -1,6 +1,6 @@
/* $OpenBSD: ssh-gss.h,v 1.10 2007/06/12 08:20:00 djm Exp $ */
/*
@@ -2517,8 +2517,8 @@
#endif /* _SSH_GSS_H */
diff --git ssh_config ssh_config
index 1893674..2c06ba7 100644
---- ssh_config
-+++ ssh_config
+--- a/ssh_config
++++ b/ssh_config
@@ -26,6 +26,8 @@
# HostbasedAuthentication no
# GSSAPIAuthentication no
@@ -2530,8 +2530,8 @@
# AddressFamily any
diff --git ssh_config.5 ssh_config.5
index 269529c..bd3a712 100644
---- ssh_config.5
-+++ ssh_config.5
+--- a/ssh_config.5
++++ b/ssh_config.5
@@ -530,11 +530,43 @@ Specifies whether user authentication based on GSSAPI is allowed.
The default is
.Dq no .
@@ -2579,8 +2579,8 @@
.Xr ssh 1
diff --git sshconnect2.c sshconnect2.c
index 58015c0..1aa8523 100644
---- sshconnect2.c
-+++ sshconnect2.c
+--- a/sshconnect2.c
++++ b/sshconnect2.c
@@ -160,9 +160,34 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
{
Kex *kex;
@@ -2781,8 +2781,8 @@
int
diff --git sshd.c sshd.c
index 3e9d176..d8faaeb 100644
---- sshd.c
-+++ sshd.c
+--- a/sshd.c
++++ b/sshd.c
@@ -121,6 +121,10 @@
#include "ssh-sandbox.h"
#include "version.h"
@@ -2934,8 +2934,8 @@
kex->server_version_string=server_version_string;
diff --git sshd_config sshd_config
index 9cd2fdd..1af2afd 100644
---- sshd_config
-+++ sshd_config
+--- a/sshd_config
++++ b/sshd_config
@@ -80,6 +80,8 @@ AuthorizedKeysFile .ssh/authorized_keys
# GSSAPI options
#GSSAPIAuthentication no
@@ -2947,8 +2947,8 @@
# and session processing. If this is enabled, PAM authentication will
diff --git sshd_config.5 sshd_config.5
index cfa4806..935bb62 100644
---- sshd_config.5
-+++ sshd_config.5
+--- a/sshd_config.5
++++ b/sshd_config.5
@@ -481,12 +481,40 @@ Specifies whether user authentication based on GSSAPI is allowed.
The default is
.Dq no .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20130904/d88d1b43/attachment-0001.html>
More information about the macports-changes
mailing list