[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/

Wed, 11 Apr 2018 16:55:26 -0700 

commit:     a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Wed Apr 11 23:53:46 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Wed Apr 11 23:53:59 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a9911ca7

net-misc/openssh: Fix X.509 support

The X.509 part in sshd only accepts specific PACKAGE VERSION values or will
reject a X.509 ssh client. Because we cannot fix all X.509 sshd servers
we patched the exposed PACKAGE VERSION to pass the "requirement".

Package-Manager: Portage-2.3.28, Repoman-2.3.9

 .../{openssh-7.7_p1.ebuild => openssh-7.7_p1-r1.ebuild}    | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/net-misc/openssh/openssh-7.7_p1.ebuild 
b/net-misc/openssh/openssh-7.7_p1-r1.ebuild
similarity index 96%
rename from net-misc/openssh/openssh-7.7_p1.ebuild
rename to net-misc/openssh/openssh-7.7_p1-r1.ebuild
index ba76b889200..cfcfc30327f 100644
--- a/net-misc/openssh/openssh-7.7_p1.ebuild
+++ b/net-misc/openssh/openssh-7.7_p1-r1.ebuild
@@ -20,7 +20,7 @@ X509_VER="11.3.1" 
X509_PATCH="${PARCH}-x509-${X509_VER}.patch.xz"
 DESCRIPTION="Port of OpenBSD's free SSH release"
 HOMEPAGE="https://www.openssh.com/";
 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
-       ${SCTP_PATCH:+https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH}}
+       ${SCTP_PATCH:+sctp? ( 
https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH} )}
        ${HPN_PATCH:+hpn? ( 
https://dev.gentoo.org/~whissi/dist/openssh/${HPN_PATCH} )}
        ${LDAP_PATCH:+ldap? ( 
https://dev.gentoo.org/~whissi/dist/openssh/${LDAP_PATCH} )}
        ${X509_PATCH:+X509? ( 
https://dev.gentoo.org/~whissi/dist/openssh/${X509_PATCH} )}
@@ -115,6 +115,14 @@ src_prepare() {
        if use X509 ; then
                eapply "${WORKDIR}"/${X509_PATCH%.*}
 
+               # We need to patch package version or any X.509 sshd will 
reject our ssh client
+               # with "userauth_pubkey: could not parse key: string is too 
large [preauth]"
+               # error
+               einfo "Patching package version for X.509 patch set ..."
+               sed -i \
+                       -e "s/^AC_INIT(\[OpenSSH\], 
\[Portable\]/AC_INIT([OpenSSH], [${X509_VER}]/" \
+                       "${S}"/configure.ac || die "Failed to patch package 
version for X.509 patch"
+
                einfo "Patching version.h to expose X.509 patch set ..."
                sed -i \
                        -e "/^#define SSH_PORTABLE.*/a #define SSH_X509         
      \"-PKIXSSH-${X509_VER}\"" \
@@ -209,6 +217,8 @@ src_prepare() {
                        "${S}"/version.h || die "Failed to patch SSH_RELEASE 
(version.h)"
        fi
 
+       eapply_user #473004
+
        tc-export PKG_CONFIG
        local sed_args=(
                -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):"
@@ -229,8 +239,6 @@ src_prepare() {
        )
        sed -i "${sed_args[@]}" configure{.ac,} || die
 
-       eapply_user #473004
-
        eautoreconf
 }

Reply via email to