From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1032828-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 8FF64138335
	for <garchives@archives.gentoo.org>; Tue, 26 Jun 2018 08:23:03 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 9CE60E08F5;
	Tue, 26 Jun 2018 08:23:02 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 5C4B9E08F5
	for <gentoo-commits@lists.gentoo.org>; Tue, 26 Jun 2018 08:23:02 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 29818335CA5
	for <gentoo-commits@lists.gentoo.org>; Tue, 26 Jun 2018 08:23:01 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id E698F2C2
	for <gentoo-commits@lists.gentoo.org>; Tue, 26 Jun 2018 08:22:58 +0000 (UTC)
From: "Mike Frysinger" <vapier@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" <vapier@gentoo.org>
Message-ID: <1530001130.6fdefd62aefe48e72cb5939f38b6421a30e4d5c5.vapier@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-misc/openssh/openssh-7.7_p1-r101.ebuild net-misc/openssh/openssh-7.7_p1-r102.ebuild net-misc/openssh/openssh-7.7_p1-r6.ebuild
X-VCS-Directories: net-misc/openssh/
X-VCS-Committer: vapier
X-VCS-Committer-Name: Mike Frysinger
X-VCS-Revision: 6fdefd62aefe48e72cb5939f38b6421a30e4d5c5
X-VCS-Branch: master
Date: Tue, 26 Jun 2018 08:22:58 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: c3d25c36-4159-4132-b67c-2edf6b07d2f0
X-Archives-Hash: c208191370db838d79dc4a6c759000f8

commit:     6fdefd62aefe48e72cb5939f38b6421a30e4d5c5
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Wed Jun 20 21:47:41 2018 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Tue Jun 26 08:18:50 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fdefd62

net-misc/openssh: update set of locale vars #367017

Rather than glob all LC_* env vars, hardcode the list based on what
POSIX defines and the GNU extensions.  In practice, this means we
additionally send LANGUAGE, and unregistered or unrelated env vars
that happen to start with "LC_" are no longer sent.  If someone has
a locale related variable that they want to include, they can file
a new request for it.

We continue to omit POSIX's NLSPATH as that is much more likely to
be system specific and have no useful meaning on the remote side.

Bug: https://bugs.gentoo.org/367017

 ...7_p1-r101.ebuild => openssh-7.7_p1-r102.ebuild} | 18 ++++++++---
 ...7.7_p1-r101.ebuild => openssh-7.7_p1-r6.ebuild} | 37 ++++++++++++----------
 2 files changed, 34 insertions(+), 21 deletions(-)

diff --git a/net-misc/openssh/openssh-7.7_p1-r101.ebuild b/net-misc/openssh/openssh-7.7_p1-r102.ebuild
similarity index 96%
copy from net-misc/openssh/openssh-7.7_p1-r101.ebuild
copy to net-misc/openssh/openssh-7.7_p1-r102.ebuild
index d330358e032..5bea8702b07 100644
--- a/net-misc/openssh/openssh-7.7_p1-r101.ebuild
+++ b/net-misc/openssh/openssh-7.7_p1-r102.ebuild
@@ -330,18 +330,28 @@ src_test() {
 
 # Gentoo tweaks to default config files.
 tweak_ssh_configs() {
+	local locale_vars=(
+		# These are language variables that POSIX defines.
+		# http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02
+		LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME
+
+		# These are the GNU extensions.
+		# https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html
+		LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
+	)
+
 	# First the server config.
 	cat <<-EOF >> "${ED%/}"/etc/ssh/sshd_config
 
-	# Allow client to pass locale environment variables #367017
-	AcceptEnv LANG LC_*
+	# Allow client to pass locale environment variables. #367017
+	AcceptEnv ${locale_vars[*]}
 	EOF
 
 	# Then the client config.
 	cat <<-EOF >> "${ED%/}"/etc/ssh/ssh_config
 
-	# Send locale environment variables #367017
-	SendEnv LANG LC_*
+	# Send locale environment variables. #367017
+	SendEnv ${locale_vars[*]}
 	EOF
 
 	if use pam ; then

diff --git a/net-misc/openssh/openssh-7.7_p1-r101.ebuild b/net-misc/openssh/openssh-7.7_p1-r6.ebuild
similarity index 92%
rename from net-misc/openssh/openssh-7.7_p1-r101.ebuild
rename to net-misc/openssh/openssh-7.7_p1-r6.ebuild
index d330358e032..3e0ed629bbc 100644
--- a/net-misc/openssh/openssh-7.7_p1-r101.ebuild
+++ b/net-misc/openssh/openssh-7.7_p1-r6.ebuild
@@ -12,7 +12,10 @@ PARCH=${P/_}
 HPN_VER="14v15-gentoo2" HPN_PATCH="${PARCH}-hpnssh${HPN_VER}.patch.xz"
 SCTP_VER="1.1" SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz"
 X509_VER="11.3.1" X509_PATCH="${PARCH}-x509-${X509_VER}.patch.xz"
-LDAP_VER="20180327" LDAP_PATCH="${PARCH}-ldap-${LDAP_VER}.patch.xz"
+
+# Disable LDAP support until someone will rewrite the patch,
+# upstream removed auth_parse_options() via commit 7c856857607112a3dfe6414696bf4c7ab7fb0cb3
+#LDAP_VER="0.3.14" LDAP_PATCH="${PN}-lpk-7.7p1-${LDAP_VER}.patch.xz"
 
 PATCH_SET="openssh-7.7p1-patches-1.1"
 
@@ -28,7 +31,7 @@ SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
 
 LICENSE="BSD GPL-2"
 SLOT="0"
-#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
 # Probably want to drop ssl defaulting to on in a future version.
 IUSE="abi_mips_n32 audit bindist debug hpn kerberos kernel_linux ldap ldns libedit libressl livecd pam +pie sctp selinux skey +ssl static test X X509"
 REQUIRED_USE="ldns? ( ssl )
@@ -146,9 +149,6 @@ src_prepare() {
 	fi
 
 	if use ldap ; then
-		sed -i \
-			-e "s/ -lfipscheck//" \
-			"${WORKDIR}"/${LDAP_PATCH%.*} || die "Failed to remove fipscheck from LDAP patch"
 		eapply "${WORKDIR}"/${LDAP_PATCH%.*}
 
 		einfo "Patching version.h to expose LDAP patch set ..."
@@ -330,18 +330,28 @@ src_test() {
 
 # Gentoo tweaks to default config files.
 tweak_ssh_configs() {
+	local locale_vars=(
+		# These are language variables that POSIX defines.
+		# http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02
+		LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME
+
+		# These are the GNU extensions.
+		# https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html
+		LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
+	)
+
 	# First the server config.
 	cat <<-EOF >> "${ED%/}"/etc/ssh/sshd_config
 
-	# Allow client to pass locale environment variables #367017
-	AcceptEnv LANG LC_*
+	# Allow client to pass locale environment variables. #367017
+	AcceptEnv ${locale_vars[*]}
 	EOF
 
 	# Then the client config.
 	cat <<-EOF >> "${ED%/}"/etc/ssh/ssh_config
 
-	# Send locale environment variables #367017
-	SendEnv LANG LC_*
+	# Send locale environment variables. #367017
+	SendEnv ${locale_vars[*]}
 	EOF
 
 	if use pam ; then
@@ -373,7 +383,7 @@ src_install() {
 
 	if use ldap && [[ -n ${LDAP_PATCH} ]] ; then
 		insinto /etc/openldap/schema/
-		doins openssh-lpk-{sun,openldap}.schema
+		newins openssh-lpk_openldap.schema openssh-lpk.schema
 	fi
 
 	doman contrib/ssh-copy-id.1
@@ -438,11 +448,4 @@ pkg_postinst() {
 		elog "Otherwise you maybe unable to connect to this sshd using any AES CTR cipher."
 		elog ""
 	fi
-
-	if use ldap && [[ -n ${LDAP_PATCH} ]] && has_version "<${CATEGORY}/${PN}-7.7_p1" ; then
-		elog "Starting with openssh-7.7_p1, the LDAP implementation was changed."
-		elog "You must revise your configuration or your previous LDAP setup will stop working."
-		elog ""
-		elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for migration details."
-	fi
 }