From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id DB9751382C5 for ; Wed, 11 Apr 2018 23:54:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F35F5E092A; Wed, 11 Apr 2018 23:54:26 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B83AEE092A for ; Wed, 11 Apr 2018 23:54:25 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E2B27335C60 for ; Wed, 11 Apr 2018 23:54:23 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 28081253 for ; Wed, 11 Apr 2018 23:54:22 +0000 (UTC) From: "Thomas Deutschmann" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Thomas Deutschmann" Message-ID: <1523490839.a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b.whissi@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/openssh/openssh-7.7_p1-r1.ebuild net-misc/openssh/openssh-7.7_p1.ebuild X-VCS-Directories: net-misc/openssh/ X-VCS-Committer: whissi X-VCS-Committer-Name: Thomas Deutschmann X-VCS-Revision: a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b X-VCS-Branch: master Date: Wed, 11 Apr 2018 23:54:22 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 59116f39-b66c-417a-a765-decefa940bf8 X-Archives-Hash: 147e7275f1fa551b7bb98ee79c312daf commit: a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b Author: Thomas Deutschmann gentoo org> AuthorDate: Wed Apr 11 23:53:46 2018 +0000 Commit: Thomas Deutschmann gentoo org> CommitDate: Wed Apr 11 23:53:59 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a9911ca7 net-misc/openssh: Fix X.509 support The X.509 part in sshd only accepts specific PACKAGE VERSION values or will reject a X.509 ssh client. Because we cannot fix all X.509 sshd servers we patched the exposed PACKAGE VERSION to pass the "requirement". Package-Manager: Portage-2.3.28, Repoman-2.3.9 .../{openssh-7.7_p1.ebuild => openssh-7.7_p1-r1.ebuild} | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/net-misc/openssh/openssh-7.7_p1.ebuild b/net-misc/openssh/openssh-7.7_p1-r1.ebuild similarity index 96% rename from net-misc/openssh/openssh-7.7_p1.ebuild rename to net-misc/openssh/openssh-7.7_p1-r1.ebuild index ba76b889200..cfcfc30327f 100644 --- a/net-misc/openssh/openssh-7.7_p1.ebuild +++ b/net-misc/openssh/openssh-7.7_p1-r1.ebuild @@ -20,7 +20,7 @@ X509_VER="11.3.1" X509_PATCH="${PARCH}-x509-${X509_VER}.patch.xz" DESCRIPTION="Port of OpenBSD's free SSH release" HOMEPAGE="https://www.openssh.com/" SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - ${SCTP_PATCH:+https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH}} + ${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH} )} ${HPN_PATCH:+hpn? ( https://dev.gentoo.org/~whissi/dist/openssh/${HPN_PATCH} )} ${LDAP_PATCH:+ldap? ( https://dev.gentoo.org/~whissi/dist/openssh/${LDAP_PATCH} )} ${X509_PATCH:+X509? ( https://dev.gentoo.org/~whissi/dist/openssh/${X509_PATCH} )} @@ -115,6 +115,14 @@ src_prepare() { if use X509 ; then eapply "${WORKDIR}"/${X509_PATCH%.*} + # We need to patch package version or any X.509 sshd will reject our ssh client + # with "userauth_pubkey: could not parse key: string is too large [preauth]" + # error + einfo "Patching package version for X.509 patch set ..." + sed -i \ + -e "s/^AC_INIT(\[OpenSSH\], \[Portable\]/AC_INIT([OpenSSH], [${X509_VER}]/" \ + "${S}"/configure.ac || die "Failed to patch package version for X.509 patch" + einfo "Patching version.h to expose X.509 patch set ..." sed -i \ -e "/^#define SSH_PORTABLE.*/a #define SSH_X509 \"-PKIXSSH-${X509_VER}\"" \ @@ -209,6 +217,8 @@ src_prepare() { "${S}"/version.h || die "Failed to patch SSH_RELEASE (version.h)" fi + eapply_user #473004 + tc-export PKG_CONFIG local sed_args=( -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" @@ -229,8 +239,6 @@ src_prepare() { ) sed -i "${sed_args[@]}" configure{.ac,} || die - eapply_user #473004 - eautoreconf }