From c317f52677d43449b2e15ca268d9b178c19ea9b2 Mon Sep 17 00:00:00 2001 From: Leah Neukirchen Date: Wed, 3 Mar 2021 15:28:49 +0100 Subject: [PATCH 1/2] openssh: update to 8.5p1. --- srcpkgs/openssh/patches/config.patch | 8 --- srcpkgs/openssh/patches/ssh-copy-id.patch | 78 ----------------------- srcpkgs/openssh/template | 6 +- 3 files changed, 3 insertions(+), 89 deletions(-) delete mode 100644 srcpkgs/openssh/patches/ssh-copy-id.patch diff --git a/srcpkgs/openssh/patches/config.patch b/srcpkgs/openssh/patches/config.patch index 5ce3d57eb30..9424dd29ccd 100644 --- a/srcpkgs/openssh/patches/config.patch +++ b/srcpkgs/openssh/patches/config.patch @@ -8,14 +8,6 @@ OSSH_CHECK_CFLAG_COMPILE([-Wsign-compare]) OSSH_CHECK_CFLAG_COMPILE([-Wformat-security]) OSSH_CHECK_CFLAG_COMPILE([-Wsizeof-pointer-memaccess]) -@@ -1692,7 +1693,6 @@ - endgrent \ - err \ - errx \ -- explicit_bzero \ - fchmod \ - fchown \ - freeaddrinfo \ @@ -1761,8 +1760,6 @@ strcasestr \ strdup \ diff --git a/srcpkgs/openssh/patches/ssh-copy-id.patch b/srcpkgs/openssh/patches/ssh-copy-id.patch deleted file mode 100644 index d79c35a29a6..00000000000 --- a/srcpkgs/openssh/patches/ssh-copy-id.patch +++ /dev/null @@ -1,78 +0,0 @@ -Accumulated changes to fix ssh-copy-id, pulled from -https://github.com/openssh/openssh-portable/tree/ce941c75ea9cd6c358508a5b206809846c8d9240 - ---- contrib/ssh-copy-id -+++ contrib/ssh-copy-id -@@ -76,7 +76,7 @@ - } - - use_id_file() { -- local L_ID_FILE="$1" -+ L_ID_FILE="$1" - - if [ -z "$L_ID_FILE" ] ; then - printf '%s: ERROR: no ID file found\n' "$0" -@@ -94,7 +94,7 @@ - # check that the files are readable - for f in "$PUB_ID_FILE" ${PRIV_ID_FILE:+"$PRIV_ID_FILE"} ; do - ErrMSG=$( { : < "$f" ; } 2>&1 ) || { -- local L_PRIVMSG="" -+ L_PRIVMSG="" - [ "$f" = "$PRIV_ID_FILE" ] && L_PRIVMSG=" (to install the contents of '$PUB_ID_FILE' anyway, look at the -f option)" - printf "\\n%s: ERROR: failed to open ID file '%s': %s\\n" "$0" "$f" "$(printf '%s\n%s\n' "$ErrMSG" "$L_PRIVMSG" | sed -e 's/.*: *//')" - exit 1 -@@ -169,7 +169,7 @@ - # populate_new_ids() uses several global variables ($USER_HOST, $SSH_OPTS ...) - # and has the side effect of setting $NEW_IDS - populate_new_ids() { -- local L_SUCCESS="$1" -+ L_SUCCESS="$1" - - # shellcheck disable=SC2086 - if [ "$FORCED" ] ; then -@@ -181,13 +181,12 @@ - eval set -- "$SSH_OPTS" - - umask 0177 -- local L_TMP_ID_FILE - L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX) - if test $? -ne 0 || test "x$L_TMP_ID_FILE" = "x" ; then - printf '%s: ERROR: mktemp failed\n' "$0" >&2 - exit 1 - fi -- local L_CLEANUP="rm -f \"$L_TMP_ID_FILE\" \"${L_TMP_ID_FILE}.stderr\"" -+ L_CLEANUP="rm -f \"$L_TMP_ID_FILE\" \"${L_TMP_ID_FILE}.stderr\"" - # shellcheck disable=SC2064 - trap "$L_CLEANUP" EXIT TERM INT QUIT - printf '%s: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n' "$0" >&2 -@@ -237,7 +236,8 @@ - # produce a one-liner to add the keys to remote authorized_keys file - # optionally takes an alternative path for authorized_keys - installkeys_sh() { -- local AUTH_KEY_FILE=${1:-.ssh/authorized_keys} -+ AUTH_KEY_FILE=${1:-.ssh/authorized_keys} -+ AUTH_KEY_DIR=$(dirname "${AUTH_KEY_FILE}") - - # In setting INSTALLKEYS_SH: - # the tr puts it all on one line (to placate tcsh) -@@ -247,10 +247,10 @@ - # the -z `tail ...` checks for a trailing newline. The echo adds one if was missing - # the cat adds the keys we're getting via STDIN - # and if available restorecon is used to restore the SELinux context -- INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF) -+ INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF - cd; - umask 077; -- mkdir -p $(dirname "${AUTH_KEY_FILE}") && -+ mkdir -p "${AUTH_KEY_DIR}" && - { [ -z \`tail -1c ${AUTH_KEY_FILE} 2>/dev/null\` ] || echo >> ${AUTH_KEY_FILE}; } && - cat >> ${AUTH_KEY_FILE} || - exit 1; -@@ -258,6 +258,7 @@ - restorecon -F .ssh ${AUTH_KEY_FILE}; - fi - EOF -+ ) - - # to defend against quirky remote shells: use 'exec sh -c' to get POSIX; - printf "exec sh -c '%s'" "${INSTALLKEYS_SH}" diff --git a/srcpkgs/openssh/template b/srcpkgs/openssh/template index dfd8f659492..49b94930409 100644 --- a/srcpkgs/openssh/template +++ b/srcpkgs/openssh/template @@ -1,7 +1,7 @@ # Template file for 'openssh' pkgname=openssh -version=8.4p1 -revision=5 +version=8.5p1 +revision=1 build_style=gnu-configure configure_args="--datadir=/usr/share/openssh --sysconfdir=/etc/ssh --without-selinux --with-privsep-user=nobody @@ -23,7 +23,7 @@ maintainer="Leah Neukirchen " license="BSD-2-Clause, ISC" homepage="https://www.openssh.com" distfiles="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${version}.tar.gz" -checksum=5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24 +checksum=f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25 conf_files="/etc/ssh/moduli /etc/ssh/ssh_config /etc/ssh/sshd_config /etc/pam.d/sshd" make_dirs="/var/chroot/ssh 0755 root root" From 564eb7950e95fa1108f9526bb8a99bcd68fc7650 Mon Sep 17 00:00:00 2001 From: Leah Neukirchen Date: Wed, 3 Mar 2021 15:30:05 +0100 Subject: [PATCH 2/2] gnome-ssh-askpass: update to 8.5p1. --- srcpkgs/gnome-ssh-askpass/template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/srcpkgs/gnome-ssh-askpass/template b/srcpkgs/gnome-ssh-askpass/template index 751f372cc11..43764cc5152 100644 --- a/srcpkgs/gnome-ssh-askpass/template +++ b/srcpkgs/gnome-ssh-askpass/template @@ -1,6 +1,6 @@ # Template file for 'gnome-ssh-askpass' pkgname=gnome-ssh-askpass -version=8.4p1 +version=8.5p1 revision=1 wrksrc="openssh-${version}" hostmakedepends="pkg-config" @@ -10,7 +10,7 @@ maintainer="Leah Neukirchen " license="BSD-3-Clause, BSD-2-Clause" homepage="http://www.openssh.org" distfiles="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${version}.tar.gz" -checksum=5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24 +checksum=f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25 alternatives=" ssh-askpass:/usr/libexec/ssh-askpass:/usr/bin/gnome-ssh-askpass