Diff openssh-8.0_p1-r4 with a openssh-8.1_p1-r1

/usr/portage/net-misc/openssh/openssh-8.1_p1-r1.ebuild 2019-10-17 17:09:00.000000000 +0300
1 1
# Copyright 1999-2019 Gentoo Authors
2 2
# Distributed under the terms of the GNU General Public License v2
3 3

  
4
EAPI=6
4
EAPI=7
5 5

  
6
inherit user eapi7-ver flag-o-matic multilib autotools pam systemd
6
inherit user flag-o-matic multilib autotools pam systemd
7 7

  
8 8
# Make it more portable between straight releases
9 9
# and _p? releases.
......
18 18
)
19 19

  
20 20
SCTP_VER="1.2" SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz"
21
X509_VER="12.1-gentoo" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz"
21
X509_VER="12.3" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz"
22 22

  
23 23
PATCH_SET="openssh-7.9p1-patches-1.0"
24 24

  
25 25
DESCRIPTION="Port of OpenBSD's free SSH release"
26 26
HOMEPAGE="https://www.openssh.com/"
27 27
SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
28
	${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH} )}
28
	${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~chutzpah/dist/openssh/${SCTP_PATCH} )}
29 29
	${HPN_VER:+hpn? ( $(printf "mirror://sourceforge/hpnssh/HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}/%s\n" "${HPN_PATCHES[@]}") )}
30
	${X509_PATCH:+X509? ( https://dev.gentoo.org/~whissi/dist/openssh/${X509_PATCH} )}
30
	${X509_PATCH:+X509? ( https://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )}
31 31
	"
32 32

  
33 33
LICENSE="BSD GPL-2"
34 34
SLOT="0"
35
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 ~riscv s390 sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
35
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
36 36
# Probably want to drop ssl defaulting to on in a future version.
37 37
IUSE="abi_mips_n32 audit bindist debug hpn kerberos kernel_linux ldns libedit libressl livecd pam +pie sctp selinux +ssl static test X X509 xmss"
38 38
RESTRICT="!test? ( test )"
......
72 72
	kerberos? ( virtual/krb5 )"
73 73
DEPEND="${RDEPEND}
74 74
	static? ( ${LIB_DEPEND} )
75
	virtual/pkgconfig
76
	virtual/os-headers
77
	sys-devel/autoconf"
75
	virtual/os-headers"
78 76
RDEPEND="${RDEPEND}
79 77
	pam? ( >=sys-auth/pambase-20081028 )
80 78
	userland_GNU? ( virtual/shadow )
81 79
	X? ( x11-apps/xauth )"
80
BDEPEND="
81
	virtual/pkgconfig
82
	sys-devel/autoconf"
82 83

  
83 84
S="${WORKDIR}/${PARCH}"
84 85

  
......
101 102
	fi
102 103

  
103 104
	# Make sure people who are using tcp wrappers are notified of its removal. #531156
104
	if grep -qs '^ *sshd *:' "${EROOT%/}"/etc/hosts.{allow,deny} ; then
105
	if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then
105 106
		ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like"
106
		ewarn "you're trying to use it.  Update your ${EROOT}etc/hosts.{allow,deny} please."
107
		ewarn "you're trying to use it.  Update your ${EROOT}/etc/hosts.{allow,deny} please."
107 108
	fi
108 109
}
109 110

  
......
116 117
	sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die
117 118

  
118 119
	eapply "${FILESDIR}"/${PN}-7.9_p1-include-stdlib.patch
119
	eapply "${FILESDIR}"/${PN}-8.0_p1-GSSAPI-dns.patch #165444 integrated into gsskex
120
	eapply "${FILESDIR}"/${PN}-8.1_p1-GSSAPI-dns.patch #165444 integrated into gsskex
120 121
	eapply "${FILESDIR}"/${PN}-6.7_p1-openssl-ignore-status.patch
121 122
	eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch
122 123
	eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch
123 124
	eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
124
	eapply "${FILESDIR}"/${PN}-8.0_p1-fix-integer-overflow-in-XMSS-private-key-parsing.patch
125
	eapply "${FILESDIR}"/${PN}-8.0_p1-fix-an-unreachable-integer-overflow-similar-to-the-XMSS-case.patch
126
	use X509 || eapply "${FILESDIR}"/${PN}-8.0_p1-tests.patch
127 125

  
128 126
	[[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches
129 127

  
130 128
	local PATCHSET_VERSION_MACROS=()
131 129

  
132 130
	if use X509 ; then
133
		# X509 12.1-gentoo patch contains the changes from below
134
		#pushd "${WORKDIR}" &>/dev/null || die
135
		#eapply "${FILESDIR}/${P}-X509-glue-"${X509_VER}".patch"
136
		#eapply "${FILESDIR}/${P}-X509-dont-make-piddir-"${X509_VER}".patch"
137
		#popd &>/dev/null || die
131
		pushd "${WORKDIR}" &>/dev/null || die
132
		eapply "${FILESDIR}/${P}-X509-glue-"${X509_VER}".patch"
133
		popd &>/dev/null || die
138 134

  
139 135
		eapply "${WORKDIR}"/${X509_PATCH%.*}
140 136
		eapply "${FILESDIR}"/${P}-X509-$(ver_cut 1-2 ${X509_VER})-tests.patch
......
174 170
		mkdir "${hpn_patchdir}"
175 171
		cp $(printf -- "${DISTDIR}/%s\n" "${HPN_PATCHES[@]}") "${hpn_patchdir}"
176 172
		pushd "${hpn_patchdir}" &>/dev/null || die
177
		eapply "${FILESDIR}"/${PN}-8.0_p1-hpn-glue.patch
173
		eapply "${FILESDIR}"/${PN}-8.1_p1-hpn-glue.patch
178 174
		if use X509; then
179 175
			einfo "Will disable MT AES cipher due to incompatbility caused by X509 patch set"
180 176
			# X509 and AES-CTR-MT don't get along, let's just drop it
Thank you!