[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/

["Lars Wendler" <polynomial-c@gentoo.org>]

commit:     23ef4c426436c6db690893a6291e6cd40e3b5d50
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Mon Jan  9 21:06:23 2017 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Mon Jan  9 21:09:28 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=23ef4c42

net-misc/openssh: Removed unused patches.

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 .../files/openssh-7.1_p1-hpn-x509-glue.patch       |  11 ---
 .../openssh/files/openssh-7.2_p1-GSSAPI-dns.patch  | 106 ---------------------
 .../files/openssh-7.2_p1-sctp-x509-glue.patch      |  74 --------------
 .../files/openssh-7.3_p1-hpn-x509-glue.patch       |  33 -------
 4 files changed, 224 deletions(-)

diff --git a/net-misc/openssh/files/openssh-7.1_p1-hpn-x509-glue.patch b/net-misc/openssh/files/openssh-7.1_p1-hpn-x509-glue.patch
deleted file mode 100644
index 393ea99..00000000
--- a/net-misc/openssh/files/openssh-7.1_p1-hpn-x509-glue.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- openssh-7.0p1-hpnssh14v5/0002-add-support-for-the-NONE-cipher.patch.orig	2015-08-24 11:17:05.379280954 -0700
-+++ openssh-7.0p1-hpnssh14v5/0002-add-support-for-the-NONE-cipher.patch	2015-08-24 11:19:30.788424050 -0700
-@@ -80,7 +80,7 @@
- +			else
- +				fatal("Pre-authentication none cipher requests are not allowed.");
- +		}
-- 		debug("kex: %s %s %s %s",
-+ 		debug("kex: %s cipher: %s MAC: %s compression: %s",
-  		    ctos ? "client->server" : "server->client",
-  		    newkeys->enc.name,
- diff --git a/myproposal.h b/myproposal.h

diff --git a/net-misc/openssh/files/openssh-7.2_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-7.2_p1-GSSAPI-dns.patch
deleted file mode 100644
index 29e94e4..00000000
--- a/net-misc/openssh/files/openssh-7.2_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,106 +0,0 @@
-http://bugs.gentoo.org/165444
-https://bugzilla.mindrot.org/show_bug.cgi?id=1008
-
---- openssh-7.2p1/readconf.c
-+++ openssh-7.2p1/readconf.c
-@@ -148,6 +148,7 @@
- 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- 	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+	oGssTrustDns,
- 	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- 	oSendEnv, oControlPath, oControlMaster, oControlPersist,
- 	oHashKnownHosts,
-@@ -194,9 +195,11 @@
- #if defined(GSSAPI)
- 	{ "gssapiauthentication", oGssAuthentication },
- 	{ "gssapidelegatecredentials", oGssDelegateCreds },
-+	{ "gssapitrustdns", oGssTrustDns },
- #else
- 	{ "gssapiauthentication", oUnsupported },
- 	{ "gssapidelegatecredentials", oUnsupported },
-+	{ "gssapitrustdns", oUnsupported },
- #endif
- 	{ "fallbacktorsh", oDeprecated },
- 	{ "usersh", oDeprecated },
-@@ -930,6 +933,10 @@
- 		intptr = &options->gss_deleg_creds;
- 		goto parse_flag;
- 
-+	case oGssTrustDns:
-+		intptr = &options->gss_trust_dns;
-+		goto parse_flag;
-+
- 	case oBatchMode:
- 		intptr = &options->batch_mode;
- 		goto parse_flag;
-@@ -1649,6 +1656,7 @@
- 	options->challenge_response_authentication = -1;
- 	options->gss_authentication = -1;
- 	options->gss_deleg_creds = -1;
-+	options->gss_trust_dns = -1;
- 	options->password_authentication = -1;
- 	options->kbd_interactive_authentication = -1;
- 	options->kbd_interactive_devices = NULL;
-@@ -1779,6 +1787,8 @@
- 		options->gss_authentication = 0;
- 	if (options->gss_deleg_creds == -1)
- 		options->gss_deleg_creds = 0;
-+	if (options->gss_trust_dns == -1)
-+		options->gss_trust_dns = 0;
- 	if (options->password_authentication == -1)
- 		options->password_authentication = 1;
- 	if (options->kbd_interactive_authentication == -1)
---- openssh-7.2p1/readconf.h
-+++ openssh-7.2p1/readconf.h
-@@ -46,6 +46,7 @@
- 					/* Try S/Key or TIS, authentication. */
- 	int     gss_authentication;	/* Try GSS authentication */
- 	int     gss_deleg_creds;	/* Delegate GSS credentials */
-+	int	gss_trust_dns;		/* Trust DNS for GSS canonicalization */
- 	int     password_authentication;	/* Try password
- 						 * authentication. */
- 	int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
---- openssh-7.2p1/ssh_config.5
-+++ openssh-7.2p1/ssh_config.5
-@@ -830,6 +830,16 @@
- Forward (delegate) credentials to the server.
- The default is
- .Dq no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
---- openssh-7.2p1/sshconnect2.c
-+++ openssh-7.2p1/sshconnect2.c
-@@ -656,6 +656,12 @@
- 	static u_int mech = 0;
- 	OM_uint32 min;
- 	int ok = 0;
-+	const char *gss_host;
-+
-+	if (options.gss_trust_dns)
-+		gss_host = get_canonical_hostname(1);
-+	else
-+		gss_host = authctxt->host;
- 
- 	/* Try one GSSAPI method at a time, rather than sending them all at
- 	 * once. */
-@@ -668,7 +674,7 @@
- 		/* My DER encoding requires length<128 */
- 		if (gss_supported->elements[mech].length < 128 &&
- 		    ssh_gssapi_check_mechanism(&gssctxt, 
--		    &gss_supported->elements[mech], authctxt->host)) {
-+		    &gss_supported->elements[mech], gss_host)) {
- 			ok = 1; /* Mechanism works */
- 		} else {
- 			mech++;

diff --git a/net-misc/openssh/files/openssh-7.2_p1-sctp-x509-glue.patch b/net-misc/openssh/files/openssh-7.2_p1-sctp-x509-glue.patch
deleted file mode 100644
index 2884ee9..00000000
--- a/net-misc/openssh/files/openssh-7.2_p1-sctp-x509-glue.patch
+++ /dev/null
@@ -1,74 +0,0 @@
---- openssh-7.2_p1-sctp.patch
-+++ openssh-7.2_p1-sctp.patch
-@@ -195,14 +195,6 @@
-  .Op Fl c Ar cipher
-  .Op Fl F Ar ssh_config
-  .Op Fl i Ar identity_file
--@@ -181,6 +181,7 @@ For full details of the options listed below, and their possible values, see
-- .It ServerAliveCountMax
-- .It StrictHostKeyChecking
-- .It TCPKeepAlive
--+.It Transport
-- .It UpdateHostKeys
-- .It UsePrivilegedPort
-- .It User
- @@ -222,6 +223,8 @@ and
-  to print debugging messages about their progress.
-  This is helpful in
-@@ -477,19 +469,11 @@
-  .Sh SYNOPSIS
-  .Nm ssh
-  .Bk -words
---.Op Fl 1246AaCfGgKkMNnqsTtVvXxYy
--+.Op Fl 1246AaCfGgKkMNnqsTtVvXxYyz
-+-.Op Fl 1246AaCdfgKkMNnqsTtVvXxYy
-++.Op Fl 1246AaCdfgKkMNnqsTtVvXxYyz
-  .Op Fl b Ar bind_address
-  .Op Fl c Ar cipher_spec
-  .Op Fl D Oo Ar bind_address : Oc Ns Ar port
--@@ -536,6 +536,7 @@ For full details of the options listed below, and their possible values, see
-- .It StreamLocalBindUnlink
-- .It StrictHostKeyChecking
-- .It TCPKeepAlive
--+.It Transport
-- .It Tunnel
-- .It TunnelDevice
-- .It UpdateHostKeys
- @@ -770,6 +771,8 @@ controls.
-  .Pp
-  .It Fl y
-@@ -501,7 +485,7 @@
- index f9ff91f..d0d92ce 100644
- --- a/ssh.c
- +++ b/ssh.c
--@@ -195,12 +195,17 @@ extern int muxserver_sock;
-+@@ -195,11 +195,16 @@ extern int muxserver_sock;
-  extern u_int muxclient_command;
-  
-  /* Prints a help message to the user.  This function never returns. */
-@@ -515,18 +499,17 @@
-  usage(void)
-  {
-  	fprintf(stderr,
---"usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
--+"usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy" SCTP_OPT "] [-b bind_address] [-c cipher_spec]\n"
-+-"usage: ssh [-1246AaCdfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
-++"usage: ssh [-1246AaCdfgKkMNnqsTtVvXxYy" SCTP_OPT "] [-b bind_address] [-c cipher_spec]\n"
-  "           [-D [bind_address:]port] [-E log_file] [-e escape_char]\n"
-  "           [-F configfile] [-I pkcs11] [-i identity_file] [-L address]\n"
-- "           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
- @@ -605,7 +610,7 @@ main(int ac, char **av)
-- 	argv0 = av[0];
-+ #  define ENGCONFIG ""
-+ #endif
-  
--  again:
---	while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
--+	while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" SCTP_OPT
-- 	    "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) {
-+-	while ((opt = getopt(ac, av, "1246ab:c:de:fgi:kl:m:no:p:qstvx"
-++	while ((opt = getopt(ac, av, "1246ab:c:de:fgi:kl:m:no:p:qstvx" SCTP_OPT
-+ 	    "ACD:E:F:" ENGCONFIG "I:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) {
-  		switch (opt) {
-  		case '1':
- @@ -845,6 +850,11 @@ main(int ac, char **av)

diff --git a/net-misc/openssh/files/openssh-7.3_p1-hpn-x509-glue.patch b/net-misc/openssh/files/openssh-7.3_p1-hpn-x509-glue.patch
deleted file mode 100644
index d458e9e..00000000
--- a/net-misc/openssh/files/openssh-7.3_p1-hpn-x509-glue.patch
+++ /dev/null
@@ -1,33 +0,0 @@
---- a/openssh-7.3_p1-hpn-14.10.patch 12:11:41.120750207 -0700
-+++ b/openssh-7.3_p1-hpn-14.10.patch 14:00:44.311487904 -0700
-@@ -141,7 +141,7 @@
- @@ -44,7 +44,7 @@ CC=@CC@
-  LD=@LD@
-  CFLAGS=@CFLAGS@
-- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
-+ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
- -LIBS=@LIBS@
- +LIBS=@LIBS@ -lpthread
-  K5LIBS=@K5LIBS@
-@@ -2098,7 +2098,7 @@
- @@ -527,10 +555,10 @@ send_client_banner(int connection_out, int minor1)
-  	/* Send our own protocol version identification. */
-  	if (compat20) {
-- 		xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-+ 		xasprintf(&client_version_string, "SSH-%d.%d-%.100s PKIX\r\n",
- -		    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
- +		    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
-  	} else {
-@@ -2196,9 +2196,9 @@
- @@ -431,7 +431,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
-  	}
-  
-- 	xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
---	    major, minor, SSH_VERSION,
--+	    major, minor, SSH_RELEASE,
-+ 	xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s%s",
-+-	    major, minor, SSH_VERSION, comment,
-++	    major, minor, SSH_RELEASE, comment,
-  	    *options.version_addendum == '\0' ? "" : " ",
-  	    options.version_addendum, newline);
-