From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A6BF31581B9 for ; Wed, 01 Oct 2025 00:38:59 +0000 (UTC) Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) (Authenticated sender: relay-lists.gentoo.org@gentoo.org) by smtp.gentoo.org (Postfix) with ESMTPSA id 91C4D34105B for ; Wed, 01 Oct 2025 00:38:59 +0000 (UTC) Received: from bobolink.gentoo.org (localhost [127.0.0.1]) by bobolink.gentoo.org (Postfix) with ESMTP id 169A01104A0; Wed, 01 Oct 2025 00:38:55 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) by bobolink.gentoo.org (Postfix) with ESMTPS id 0CA041104A0 for ; Wed, 01 Oct 2025 00:38:55 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id BAE81340836 for ; Wed, 01 Oct 2025 00:38:54 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id D0DAD3A61 for ; Wed, 01 Oct 2025 00:38:52 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1759278320.ca59d98308f0728b3b7b60d50fa3f244e411c2b1.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/openssh/openssh-10.0_p2.ebuild X-VCS-Directories: net-misc/openssh/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: ca59d98308f0728b3b7b60d50fa3f244e411c2b1 X-VCS-Branch: master Date: Wed, 01 Oct 2025 00:38:52 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: da0144d1-0849-4e33-9a03-c945e4ba9f81 X-Archives-Hash: 879c76e8a9e73dc592c5140121411774 commit: ca59d98308f0728b3b7b60d50fa3f244e411c2b1 Author: Sam James gentoo org> AuthorDate: Wed Oct 1 00:25:20 2025 +0000 Commit: Sam James gentoo org> CommitDate: Wed Oct 1 00:25:20 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca59d983 net-misc/openssh: drop useless USE=pie and SSP We already default to PIE and -fstack-protector-strong in the toolchain, there's no point in specifying it again here. Closes: https://bugs.gentoo.org/616380 Closes: https://bugs.gentoo.org/669048 Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-10.0_p2.ebuild | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net-misc/openssh/openssh-10.0_p2.ebuild b/net-misc/openssh/openssh-10.0_p2.ebuild index 14b86cc3fcf3..32b9143abbf7 100644 --- a/net-misc/openssh/openssh-10.0_p2.ebuild +++ b/net-misc/openssh/openssh-10.0_p2.ebuild @@ -28,13 +28,12 @@ LICENSE="BSD GPL-2" SLOT="0" KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" # Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test xmss" +IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam security-key selinux +ssl static test xmss" RESTRICT="!test? ( test )" REQUIRED_USE=" ldns? ( ssl ) - pie? ( !static ) static? ( !kerberos !pam ) xmss? ( ssl ) test? ( ssl ) @@ -194,14 +193,16 @@ src_configure() { # Clang (bug #872548), ICEs on m68k (bug #920350, gcc PR113086, # gcc PR104820, gcc PR104817, gcc PR110934)). # - # Furthermore, OSSH_CHECK_CFLAG_COMPILE does not use AC_CACHE_CHECK, - # so we cannot just disable -fzero-call-used-regs=used. + # Furthermore, OSSH_CHECK_CFLAG_COMPILE does not use AC_CACHE_CHECK + # util 10.1_p1, so we cannot just disable -fzero-call-used-regs=used. # # Therefore, just pass --without-hardening, given it doesn't negate # our already hardened toolchain defaults, and avoids adding flags # which are known-broken in both Clang and GCC and haven't been # proven reliable. --without-hardening + --without-pie + --without-stackprotect # wtmpdb not yet packaged --without-wtmpdb @@ -211,7 +212,6 @@ src_configure() { $(use_with ldns) $(use_with libedit) $(use_with pam) - $(use_with pie) $(use_with selinux) $(use_with security-key security-key-builtin) $(use_with ssl openssl)