[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/files/

["Michał Górny" <mgorny@gentoo.org>]

commit:     1c1928e63aa1756ef887f1375aa79fee58f3aee5
Author:     Michael Mair-Keimberger <m.mairkeimberger <AT> gmail <DOT> com>
AuthorDate: Sat Jun 20 07:23:54 2020 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Jun 20 07:35:41 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c1928e6

net-misc/openssh: remove unused patch and files

Package-Manager: Portage-2.3.101, Repoman-2.3.22
Signed-off-by: Michael Mair-Keimberger <m.mairkeimberger <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/16335
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>

 .../openssh/files/openssh-8.1_p1-hpn-glue.patch    | 216 ---------------------
 net-misc/openssh/files/sshd.confd                  |  21 --
 net-misc/openssh/files/sshd.initd                  |  89 ---------
 net-misc/openssh/files/sshd.rc6.4                  |  84 --------
 4 files changed, 410 deletions(-)

diff --git a/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch b/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
deleted file mode 100644
index 0ad814f95d8..00000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-Only in b: .openssh-7_8_P1-hpn-AES-CTR-14.16.diff.un~
-Only in b: .openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff.un~
-diff -ru a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff
---- a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff	2019-10-10 13:48:31.513603947 -0700
-+++ b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff	2019-10-10 13:50:15.012495676 -0700
-@@ -17,8 +17,8 @@
-  	canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
- -	cipher-ctr.o cleanup.o \
- +	cipher-ctr.o cleanup.o cipher-ctr-mt.o \
-- 	compat.o crc32.o fatal.o hostfile.o \
-- 	log.o match.o moduli.o nchan.o packet.o opacket.o \
-+ 	compat.o fatal.o hostfile.o \
-+ 	log.o match.o moduli.o nchan.o packet.o \
-  	readpass.o ttymodes.o xmalloc.o addrmatch.o \
- diff --git a/cipher-ctr-mt.c b/cipher-ctr-mt.c
- new file mode 100644
-@@ -998,7 +998,7 @@
- +		 * so we repoint the define to the multithreaded evp. To start the threads we
- +		 * then force a rekey
- +		 */
--+		const void *cc = ssh_packet_get_send_context(active_state);
-++		const void *cc = ssh_packet_get_send_context(ssh);
- +		
- +		/* only do this for the ctr cipher. otherwise gcm mode breaks. Don't know why though */
- +		if (strstr(cipher_ctx_name(cc), "ctr")) {
-@@ -1028,7 +1028,7 @@
- +		 * so we repoint the define to the multithreaded evp. To start the threads we
- +		 * then force a rekey
- +		 */
--+		const void *cc = ssh_packet_get_send_context(active_state);
-++		const void *cc = ssh_packet_get_send_context(ssh);
- +		
- +		/* only rekey if necessary. If we don't do this gcm mode cipher breaks */
- +		if (strstr(cipher_ctx_name(cc), "ctr")) {
-diff -ru a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff
---- a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff	2019-10-10 13:47:54.801642144 -0700
-+++ b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff	2019-10-10 15:58:05.085803333 -0700
-@@ -162,24 +162,24 @@
-  }
-  
- +static int
--+channel_tcpwinsz(void)
-++channel_tcpwinsz(struct ssh *ssh)
- +{
- +	u_int32_t tcpwinsz = 0;
- +	socklen_t optsz = sizeof(tcpwinsz);
- +	int ret = -1;
- +
- +	/* if we aren't on a socket return 128KB */
--+	if (!packet_connection_is_on_socket())
-++	if (!ssh_packet_connection_is_on_socket(ssh))
- +		return 128 * 1024;
- +
--+	ret = getsockopt(packet_get_connection_in(),
-++	ret = getsockopt(ssh_packet_get_connection_in(ssh),
- +			 SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz);
- +	/* return no more than SSHBUF_SIZE_MAX (currently 256MB) */
- +	if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX)
- +		tcpwinsz = SSHBUF_SIZE_MAX;
- +
- +	debug2("tcpwinsz: tcp connection %d, Receive window: %d",
--+	       packet_get_connection_in(), tcpwinsz);
-++	       ssh_packet_get_connection_in(ssh), tcpwinsz);
- +	return tcpwinsz;
- +}
- +
-@@ -191,7 +191,7 @@
-  	    c->local_window < c->local_window_max/2) &&
-  	    c->local_consumed > 0) {
- +		u_int addition = 0;
--+		u_int32_t tcpwinsz = channel_tcpwinsz();
-++		u_int32_t tcpwinsz = channel_tcpwinsz(ssh);
- +		/* adjust max window size if we are in a dynamic environment */
- +		if (c->dynamic_window && (tcpwinsz > c->local_window_max)) {
- +			/* grow the window somewhat aggressively to maintain pressure */
-@@ -409,18 +409,10 @@
- index dcf35e6..da4ced0 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -920,6 +920,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -920,6 +920,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-  	return 0;
-  }
-  
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+	rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
-  #define MAX_PACKETS	(1U<<31)
-  static int
-  ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -946,6 +964,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- 	if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- 		return 0;
-- 
--+	/* used to force rekeying when called for by the none
--+         * cipher switch methods -cjr */
--+        if (rekey_requested == 1) {
--+                rekey_requested = 0;
--+                return 1;
--+        }
--+
-- 	/* Time-based rekeying */
-- 	if (state->rekey_interval != 0 &&
-- 	    (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 170203c..f4d9df2 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
-  /* Format of the configuration file:
-  
- @@ -166,6 +167,8 @@ typedef enum {
-- 	oHashKnownHosts,
-  	oTunnel, oTunnelDevice,
-  	oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ 	oDisableMTAES,
- +	oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- +	oNoneEnabled, oNoneSwitch,
-  	oVisualHostKey,
-@@ -615,9 +593,9 @@
-  	int	ip_qos_bulk;		/* IP ToS/DSCP/class for bulk traffic */
-  	SyslogFacility log_facility;	/* Facility for system logging. */
- @@ -111,7 +115,10 @@ typedef struct {
-- 
-  	int	enable_ssh_keysign;
-  	int64_t rekey_limit;
-+ 	int     disable_multithreaded; /*disable multithreaded aes-ctr*/
- +	int     none_switch;    /* Use none cipher */
- +	int     none_enabled;   /* Allow none to be used */
-  	int	rekey_interval;
-@@ -633,7 +611,7 @@
-  	off_t i, statbytes;
-  	size_t amt, nr;
-  	int fd = -1, haderr, indx;
---	char *last, *name, buf[2048], encname[PATH_MAX];
-+-	char *last, *name, buf[PATH_MAX + 128], encname[PATH_MAX];
- +	char *last, *name, buf[16384], encname[PATH_MAX];
-  	int len;
-  
-@@ -673,9 +651,9 @@
-  	/* Portable-specific options */
-  	if (options->use_pam == -1)
- @@ -391,6 +400,43 @@ fill_default_server_options(ServerOptions *options)
-- 	}
-- 	if (options->permit_tun == -1)
-  		options->permit_tun = SSH_TUNMODE_NO;
-+ 	if (options->disable_multithreaded == -1)
-+ 		options->disable_multithreaded = 0;
- +	if (options->none_enabled == -1)
- +		options->none_enabled = 0;
- +	if (options->hpn_disabled == -1)
-@@ -1092,7 +1070,7 @@
-  	xxx_host = host;
-  	xxx_hostaddr = hostaddr;
-  
--@@ -412,6 +423,28 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-+@@ -412,6 +423,27 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-  
-  	if (!authctxt.success)
-  		fatal("Authentication failed.");
-@@ -1108,7 +1086,7 @@
- +			memcpy(&myproposal, &myproposal_default, sizeof(myproposal));
- +			myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
- +			myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
--+			kex_prop2buf(active_state->kex->my, myproposal);
-++			kex_prop2buf(ssh->kex->my, myproposal);
- +			packet_request_rekeying();
- +			fprintf(stderr, "WARNING: ENABLED NONE CIPHER\n");
- +		} else {
-@@ -1117,23 +1095,13 @@
- +			fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
- +		}
- +	}
--+
-- 	debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
-  
-+ #ifdef WITH_OPENSSL
-+ 	if (options.disable_multithreaded == 0) {
- diff --git a/sshd.c b/sshd.c
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
- +++ b/sshd.c
--@@ -373,7 +373,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-- 	char remote_version[256];	/* Must be at least as big as buf. */
-- 
-- 	xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
---	    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
--+	    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-- 	    *options.version_addendum == '\0' ? "" : " ",
-- 	    options.version_addendum);
-- 
- @@ -1037,6 +1037,8 @@ listen_on_addrs(struct listenaddr *la)
-  	int ret, listen_sock;
-  	struct addrinfo *ai;
-@@ -1217,11 +1185,10 @@
- index f1bbf00..21a70c2 100644
- --- a/version.h
- +++ b/version.h
--@@ -3,4 +3,6 @@
-+@@ -3,4 +3,5 @@
-  #define SSH_VERSION	"OpenSSH_7.8"
-  
-  #define SSH_PORTABLE	"p1"
- -#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN         "-hpn14v16"
- +#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE SSH_HPN
- + 

diff --git a/net-misc/openssh/files/sshd.confd b/net-misc/openssh/files/sshd.confd
deleted file mode 100644
index 28952b4a285..00000000000
--- a/net-misc/openssh/files/sshd.confd
+++ /dev/null
@@ -1,21 +0,0 @@
-# /etc/conf.d/sshd: config file for /etc/init.d/sshd
-
-# Where is your sshd_config file stored?
-
-SSHD_CONFDIR="/etc/ssh"
-
-
-# Any random options you want to pass to sshd.
-# See the sshd(8) manpage for more info.
-
-SSHD_OPTS=""
-
-
-# Pid file to use (needs to be absolute path).
-
-#SSHD_PIDFILE="/var/run/sshd.pid"
-
-
-# Path to the sshd binary (needs to be absolute path).
-
-#SSHD_BINARY="/usr/sbin/sshd"

diff --git a/net-misc/openssh/files/sshd.initd b/net-misc/openssh/files/sshd.initd
deleted file mode 100644
index c5df4693dbe..00000000000
--- a/net-misc/openssh/files/sshd.initd
+++ /dev/null
@@ -1,89 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="checkconfig"
-extra_started_commands="reload"
-
-: ${SSHD_CONFDIR:=${RC_PREFIX%/}/etc/ssh}
-: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}
-: ${SSHD_PIDFILE:=${RC_PREFIX%/}/run/${SVCNAME}.pid}
-: ${SSHD_BINARY:=${RC_PREFIX%/}/usr/sbin/sshd}
-: ${SSHD_KEYGEN_BINARY:=${RC_PREFIX%/}/usr/bin/ssh-keygen}
-
-command="${SSHD_BINARY}"
-pidfile="${SSHD_PIDFILE}"
-command_args="${SSHD_OPTS} -o PidFile=${pidfile} -f ${SSHD_CONFIG}"
-
-# Wait one second (length chosen arbitrarily) to see if sshd actually
-# creates a PID file, or if it crashes for some reason like not being
-# able to bind to the address in ListenAddress (bug 617596).
-: ${SSHD_SSD_OPTS:=--wait 1000}
-start_stop_daemon_args="${SSHD_SSD_OPTS}"
-
-depend() {
-	# Entropy can be used by ssh-keygen, among other things, but
-	# is not strictly required (bug 470020).
-	use logger dns entropy
-	if [ "${rc_need+set}" = "set" ] ; then
-		: # Do nothing, the user has explicitly set rc_need
-	else
-		local x warn_addr
-		for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
-			case "${x}" in
-				0.0.0.0|0.0.0.0:*) ;;
-				::|\[::\]*) ;;
-				*) warn_addr="${warn_addr} ${x}" ;;
-			esac
-		done
-		if [ -n "${warn_addr}" ] ; then
-			need net
-			ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
-			ewarn "You must add rc_need=\"net.FOO\" to your ${RC_PREFIX%/}/etc/conf.d/sshd"
-			ewarn "where FOO is the interface(s) providing the following address(es):"
-			ewarn "${warn_addr}"
-		fi
-	fi
-}
-
-checkconfig() {
-	checkpath --mode 0755 --directory "${RC_PREFIX%/}/var/empty"
-
-	if [ ! -e "${SSHD_CONFIG}" ] ; then
-		eerror "You need an ${SSHD_CONFIG} file to run sshd"
-		eerror "There is a sample file in /usr/share/doc/openssh"
-		return 1
-	fi
-
-	${SSHD_KEYGEN_BINARY} -A || return 2
-
-	"${command}" -t ${command_args} || return 3
-}
-
-start_pre() {
-	# If this isn't a restart, make sure that the user's config isn't
-	# busted before we try to start the daemon (this will produce
-	# better error messages than if we just try to start it blindly).
-	#
-	# If, on the other hand, this *is* a restart, then the stop_pre
-	# action will have ensured that the config is usable and we don't
-	# need to do that again.
-	if [ "${RC_CMD}" != "restart" ] ; then
-		checkconfig || return $?
-	fi
-}
-
-stop_pre() {
-	# If this is a restart, check to make sure the user's config
-	# isn't busted before we stop the running daemon.
-	if [ "${RC_CMD}" = "restart" ] ; then
-		checkconfig || return $?
-	fi
-}
-
-reload() {
-	checkconfig || return $?
-	ebegin "Reloading ${SVCNAME}"
-	start-stop-daemon --signal HUP --pidfile "${pidfile}"
-	eend $?
-}

diff --git a/net-misc/openssh/files/sshd.rc6.4 b/net-misc/openssh/files/sshd.rc6.4
deleted file mode 100644
index 5e301420361..00000000000
--- a/net-misc/openssh/files/sshd.rc6.4
+++ /dev/null
@@ -1,84 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="checkconfig"
-extra_started_commands="reload"
-
-: ${SSHD_CONFDIR:=/etc/ssh}
-: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}
-: ${SSHD_PIDFILE:=/var/run/${SVCNAME}.pid}
-: ${SSHD_BINARY:=/usr/sbin/sshd}
-
-depend() {
-	use logger dns
-	if [ "${rc_need+set}" = "set" ] ; then
-		: # Do nothing, the user has explicitly set rc_need
-	else
-		local x warn_addr
-		for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
-			case "${x}" in
-				0.0.0.0|0.0.0.0:*) ;;
-				::|\[::\]*) ;;
-				*) warn_addr="${warn_addr} ${x}" ;;
-			esac
-		done
-		if [ -n "${warn_addr}" ] ; then
-			need net
-			ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
-			ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd"
-			ewarn "where FOO is the interface(s) providing the following address(es):"
-			ewarn "${warn_addr}"
-		fi
-	fi
-}
-
-checkconfig() {
-	if [ ! -d /var/empty ] ; then
-		mkdir -p /var/empty || return 1
-	fi
-
-	if [ ! -e "${SSHD_CONFIG}" ] ; then
-		eerror "You need an ${SSHD_CONFIG} file to run sshd"
-		eerror "There is a sample file in /usr/share/doc/openssh"
-		return 1
-	fi
-
-	ssh-keygen -A || return 1
-
-	[ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \
-		&& SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
-	[ "${SSHD_CONFIG}" != "/etc/ssh/sshd_config" ] \
-		&& SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFIG}"
-
-	"${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
-}
-
-start() {
-	checkconfig || return 1
-
-	ebegin "Starting ${SVCNAME}"
-	start-stop-daemon --start --exec "${SSHD_BINARY}" \
-	    --pidfile "${SSHD_PIDFILE}" \
-	    -- ${SSHD_OPTS}
-	eend $?
-}
-
-stop() {
-	if [ "${RC_CMD}" = "restart" ] ; then
-		checkconfig || return 1
-	fi
-
-	ebegin "Stopping ${SVCNAME}"
-	start-stop-daemon --stop --exec "${SSHD_BINARY}" \
-	    --pidfile "${SSHD_PIDFILE}" --quiet
-	eend $?
-}
-
-reload() {
-	checkconfig || return 1
-	ebegin "Reloading ${SVCNAME}"
-	start-stop-daemon --signal HUP \
-	    --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"
-	eend $?
-}