[gentoo-commits] repo/proj/prefix:master commit in: net-misc/openssh/

Fabian Groffen Tue, 27 Sep 2016 23:44:42 -0700

commit:     4d633ac31d0dfc76ed9924f40125aa0a2bd125b5
Author:     Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Sep 28 06:43:49 2016 +0000
Commit:     Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Sep 28 06:43:49 2016 +0000
URL:        https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=4d633ac3


net-misc/openssh: sync 7.1 version to latest, bug #595320

Package-Manager: portage-2.2.28-prefix

 net-misc/openssh/Manifest                          |  7 +++--
 net-misc/openssh/metadata.xml                      |  9 ++++--
 ...h-7.1_p1-r2.ebuild => openssh-7.1_p2-r1.ebuild} | 36 +++++++++++-----------
 3 files changed, 28 insertions(+), 24 deletions(-)

diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest
index e85eac1..5ad3eda 100644
--- a/net-misc/openssh/Manifest
+++ b/net-misc/openssh/Manifest
@@ -6,7 +6,8 @@ DIST openssh-6.8p1.tar.gz 1475953 SHA256 
3ff64ce73ee124480b5bf767b9830d7d3c03bbc
 DIST openssh-6.9p1+x509-8.4.diff.gz 425687 SHA256 
0ed8bfff0d2ecd9f3791ae1f168ca3270bb66d7ab7bc0a8ff2d61d2ab829c3fb SHA512 
596cb65408db06fb299b92160147685b001dc23929ecf5c4bd11a8b0475d79695c7b4dbe8a878d7fbcd944155935fd62a14e35c79204b39e413f5eaa961ef76c
 WHIRLPOOL 
771fa0f4f6a20ed49ba201605fcdcbfc41a0f094ef4a89ca2433ee51b7c8bf99cc266f26bd7877c61ff92e9a50c7d65119ba75ba64eaa029bd567bab3ee243c2
 DIST openssh-6.9p1-r1-hpnssh14v5.tar.xz 21396 SHA256 
84e9e28a1488ccf66e29a7c90442b3bc4833a6fa186260fb6853b5a1b19c0beb SHA512 
476064dbdb3d82b86ad7c481a4a301ff0d46bd281fe7ca0c29f34ae50b0034028760997ae2c934a265499c154f4534d35ead647aa63d1a4545ed503a5364eada
 WHIRLPOOL 
74eaf2fe0a6ecd0e2fa5078034628d4c76c75b121f3c813ff8a098ab28363daa3800d03936046aa3aebbfdab3afd31ef30a207399f5e305d7f71e5f3c7e4f4a7
 DIST openssh-6.9p1.tar.gz 1487617 SHA256 
6e074df538f357d440be6cf93dc581a21f22d39e236f217fcd8eacbb6c896cfe SHA512 
68fec9b4e512fe126a5d35b01e2cc656d810b75052ed8a36bc85cd0a05de7318b15ed287bc95cf9bcb3fa2f385029151d85aced55e07fbcc79e6c779bee6751d
 WHIRLPOOL 
1dcb291383c9f934b512f61ce9f6e0319f22e112ce3f6eace2a868ca0f99c709c65bae14a9815e2ef237f8132fe72c583cffb7ea20bdfa2aaa77cf347967be7f
-DIST openssh-7.1p1+x509-8.6.diff.gz 413931 SHA256 
cbf661a1fec080dc9ed335a290414154326c2a13f124985db050b86a91073d52 SHA512 
c91d0f1b69b6d34984e94b391ad022271e73d0634cef2df355ba555366bc38d30649b478f245b6c51ce79d71adf1b693bc97826e6c6013a78e7ccfb7023b4bcc
 WHIRLPOOL 
4ed4427e80026996c43a188d7d45f2c53fa6a7fd842a248b1225b27f3e9037e761f0ed172d79b53ada81c24d958a2193e94d918f6ca1320e45d5e68379845981
-DIST openssh-7.1p1-hpnssh14v9.tar.xz 21580 SHA256 
a795c2f2621f537b3fd98172cbd1f7c71869e4da78cd280d123fa19ae4262b97 SHA512 
6ce151949bf81b5518b95092a2f18d2f24581954e2c629deaf3c1d10136f32f830567aafb9b4045547e95e3ab63cf750e240eac40e2b9caa6d71cb2b132821ec
 WHIRLPOOL 
8e3c9a1d79112092a6cb42c6766ccdf61e5d8fcd366ea5c7d3bab94cf309bcc12f3761476a288158638a340023aa24519d888caac19fb0ef25fa56bdab06412c
-DIST openssh-7.1p1.tar.gz 1493170 SHA256 
fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428 SHA512 
f1491ca5a0a733eb27ede966590642a412cb7be7178dcb7b9e5844bbdc8383032f4b00435192b95fc0365b6fe74d6c5ac8d6facbe9d51e1532d049e2f784e8f7
 WHIRLPOOL 
a650a93657f930d20dc3fa24ab720857f63f7cd0a82d1906cf1e58145e866129207851d5e587d678655e5731fa73221ab9b6ea0754533100c25fe2acaa442e05
+DIST openssh-7.1p2+x509-8.7.diff.gz 438584 SHA256 
23030dff924a78718686fad6442b1083293b0c2a057714291bd0af9ed8ef5868 SHA512 
d9aa43f5fc06b88b442285a9f9a15d01b52796c36f0cb228c756edca473a89eadb296c45503a14514fdb156d3bc9d90ff33271ccfa9461a9bb2b798a581cc007
 WHIRLPOOL 
ef3f4486fff0addad1a6bdcde3ba606d55d6e3ea5d2cd6e79bfe2494d660c38f0e9f1c157af72c3b6ad5e6eb3731168f975b26c94f8357154e54c08e5d876652
+DIST openssh-7.1p2-hpnssh14v10.tar.xz 22388 SHA256 
729e20a2627ca403da6cfff8ef251c03421022123a21c68003181b4e5409bcc5 SHA512 
b8e88ac5891ed632416db8da6377512614f19f5f7a7c093b55ecfe3e3f50979c61c0674e9381c316632d8daed90f8cce958c9b77bd00084a4ee1b0297cf321ba
 WHIRLPOOL 
c466cc33dc4a40e9466148beb154c539e095ac1b9cdcc5b3d235cbcf12ca10255d63da2f0e1da10d1afa1a0d2ebd436ca0d9e542c732df6ef67fb8f4d2d0192c
+DIST openssh-7.1p2.tar.gz 1475829 SHA256 
dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd SHA512 
d5be60f3645ec238b21e1f2dfd801b2136146674bbc086ebdb14be516c613819bc87c84b5089f3a45fe6e137a7458404f79f42572c69d91571e45ebed9d5e3af
 WHIRLPOOL 
9f48952b82db3983c20e84bcff5b6761f5b284174072c828698dced3a53ca8bbc2e1f89d2e82b62a68f4606b52c980fcf097250f86c1a67ad343d20e3ec9d1f4
 DIST openssh-lpk-6.8p1-0.3.14.patch.xz 16940 SHA256 
d5f048dc7e9d3fca085c152fc31306f1d8fa793e524c538295915b075ec085b0 SHA512 
2470b6b46f8c7ac985f82d14b788a3eb81a468a1d5013cb7f89257d9dd78b6037e24bf54ac57b757db8ed1df24332d659cf918c11ea73592fd24a69c25a54081
 WHIRLPOOL 
b041ee9e0efdf370686f11df4131ab5e5ffb2f11cc66c386a8223bf563c5b78ab9443f06e4adc2e506e440cdec9dc5b20f5972cd8d691d786d2f903bb49b947b
+DIST openssh-lpk-7.1p2-0.3.14.patch.xz 17704 SHA256 
fbf2e1560cac707f819a539999c758a444ba6bfe140ef80d1af7ef1c9a95f0df SHA512 
95851baa699da16720358249d54d2f6a3c57b0ae082375bef228b97697c501c626ab860916c5b17e3c649b44f14f4009ff369962597438dfd60480a0e4882471
 WHIRLPOOL 
4629b3a7d1f373a678935e889a6cd0d66d70b420e93e40ae0ad19aa7f91be7dcf2169fb797d89df93005a885d54ebaa0d46c2e5418bd2d0a77ad64e65897b518

diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml
index ec8bad1..29134fc 100644
--- a/net-misc/openssh/metadata.xml
+++ b/net-misc/openssh/metadata.xml
@@ -1,8 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";>
 <pkgmetadata>
-  <herd>base-system</herd>
-  <maintainer restrict="net-misc/openssh[ldap]">
+  <maintainer type="project">
+    <email>[email protected]</email>
+    <name>Gentoo Base System</name>
+  </maintainer>
+  <maintainer type="person">
     <email>[email protected]</email>
     <description>LPK issues. Only assign if it's a direct LPK issue. Do not 
directly assign for anything else.</description>
   </maintainer>
@@ -25,7 +28,7 @@ ssh-keygen and sftp-server. OpenSSH supports SSH protocol 
versions 1.3, 1.5, and
     <flag name="hpn">Enable high performance ssh</flag>
     <flag name="ldap">Add support for storing SSH public keys in LDAP</flag>
     <flag name="ldns">Use LDNS for DNSSEC/SSHFP validation.</flag>
-    <flag name="sctp">Support for Stream Control Transmission Protocol</flag>
+    <flag name="livecd">Enable root password logins for live-cd 
environment.</flag>
     <flag name="ssh1">Support the legacy/weak SSH1 protocol</flag>
     <flag name="ssl">Enable additional crypto algorithms via OpenSSL</flag>
     <flag name="X509">Adds support for X.509 certificate authentication</flag>

diff --git a/net-misc/openssh/openssh-7.1_p1-r2.ebuild 
b/net-misc/openssh/openssh-7.1_p2-r1.ebuild
similarity index 92%
rename from net-misc/openssh/openssh-7.1_p1-r2.ebuild
rename to net-misc/openssh/openssh-7.1_p2-r1.ebuild
index 1a1e9a2..d17c953 100644
--- a/net-misc/openssh/openssh-7.1_p1-r2.ebuild
+++ b/net-misc/openssh/openssh-7.1_p2-r1.ebuild
@@ -1,17 +1,18 @@
-# Copyright 1999-2015 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
-EAPI="4"
+EAPI="5"
+
 inherit eutils user flag-o-matic multilib autotools pam systemd versionator
 
 # Make it more portable between straight releases
 # and _p? releases.
 PARCH=${P/_}
 
-HPN_PATCH="${PARCH}-hpnssh14v9.tar.xz"
-LDAP_PATCH="${PN}-lpk-6.8p1-0.3.14.patch.xz"
-X509_VER="8.6" X509_PATCH="${PN}-${PV//_/}+x509-${X509_VER}.diff.gz"
+HPN_PATCH="${PARCH}-hpnssh14v10.tar.xz"
+LDAP_PATCH="${PN}-lpk-7.1p2-0.3.14.patch.xz"
+X509_VER="8.7" X509_PATCH="${PN}-${PV/_}+x509-${X509_VER}.diff.gz"
 
 DESCRIPTION="Port of OpenBSD's free SSH release"
 HOMEPAGE="http://www.openssh.org/";
@@ -19,7 +20,6 @@ SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
        mirror://gentoo/${PN}-6.8_p1-sctp.patch.xz
        ${HPN_PATCH:+hpn? (
                mirror://gentoo/${HPN_PATCH}
-               https://dev.gentoo.org/~polynomial-c/${HPN_PATCH}
                mirror://sourceforge/hpnssh/${HPN_PATCH}
        )}
        ${LDAP_PATCH:+ldap? ( mirror://gentoo/${LDAP_PATCH} )}
@@ -116,14 +116,15 @@ src_prepare() {
 
        if use X509 ; then
                pushd .. >/dev/null
-               pushd ${HPN_PATCH%.*.*} >/dev/null
-               epatch "${FILESDIR}"/${PN}-7.1_p1-hpn-x509-glue.patch
-               popd >/dev/null
+               if use hpn ; then
+                       pushd ${HPN_PATCH%.*.*} >/dev/null
+                       epatch "${FILESDIR}"/${PN}-7.1_p1-hpn-x509-glue.patch
+                       popd >/dev/null
+               fi
                epatch "${FILESDIR}"/${PN}-7.0_p1-sctp-x509-glue.patch
                popd >/dev/null
                epatch "${WORKDIR}"/${X509_PATCH%.*}
-               epatch "${FILESDIR}"/${PN}-6.3_p1-x509-hpn14v2-glue.patch
-               epatch "${FILESDIR}"/${PN}-6.9_p1-x509-warnings.patch
+               epatch "${FILESDIR}"/${PN}-7.1_p2-x509-hpn14v10-glue.patch
                save_version X509
        fi
        if use ldap ; then
@@ -157,8 +158,6 @@ src_prepare() {
        )
        sed -i "${sed_args[@]}" configure{.ac,} || die
 
-       sed -i -e 's/-m 4711/-m 0711/' "${S}"/Makefile.in || die
-
        epatch_user #473004
 
        # Now we can build a sane merged version.h
@@ -174,7 +173,6 @@ src_prepare() {
 
 src_configure() {
        addwrite /dev/ptmx
-       addpredict /etc/skey/skeykeys # skey configure code triggers this
 
        use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG
        use static && append-ldflags -static
@@ -200,8 +198,7 @@ src_configure() {
                $(use_with selinux)
                $(use_with skey)
                $(use_with ssh1)
-               # The X509 patch deletes this option entirely.
-               $(use X509 || use_with ssl openssl)
+               $(use_with ssl openssl)
                $(use_with ssl md5-passwords)
                $(use_with ssl ssl-engine)
        )
@@ -295,7 +292,6 @@ src_test() {
 pkg_preinst() {
        enewgroup sshd 22
        enewuser sshd 22 -1 /var/empty sshd
-       fperms 4711 /usr/$(get_libdir)/misc/ssh-keysign
 }
 
 pkg_postinst() {
@@ -312,12 +308,16 @@ pkg_postinst() {
                elog "Make sure to update any configs that you might have.  
Note that xinetd might"
                elog "be an alternative for you as it supports USE=tcpd."
        fi
-       if has_version "<${CATEGORY}/${PN}-7.1_p1" ; then #557388
+       if has_version "<${CATEGORY}/${PN}-7.1_p1" ; then #557388 #555518
                elog "Starting with openssh-7.0, support for ssh-dss keys were 
disabled due to their"
                elog "weak sizes.  If you rely on these key types, you can 
re-enable the key types by"
                elog "adding to your sshd_config or ~/.ssh/config files:"
                elog "  PubkeyAcceptedKeyTypes=+ssh-dss"
                elog "You should however generate new keys using rsa or 
ed25519."
+
+               elog "Starting with openssh-7.0, the default for 
PermitRootLogin changed from 'yes'"
+               elog "to 'prohibit-password'.  That means password auth for 
root users no longer works"
+               elog "out of the box.  If you need this, please update your 
sshd_config explicitly."
        fi
        if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]" ; then
                elog "Be aware that by disabling openssl support in openssh, 
the server and clients"

[gentoo-commits] repo/proj/prefix:master commit in: net-misc/openssh/

Reply via email to