diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2018-04-12 01:53:46 +0200 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-04-12 01:53:59 +0200 |
| commit | a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b (patch) | |
| tree | ec1f72cf14907616c9b2cf2649e1387836634c40 /net-misc/openssh | |
| parent | media-gfx/sane-frontends: Repoint SRC_URI. (diff) | |
| download | gentoo-a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b.tar.gz gentoo-a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b.tar.bz2 gentoo-a9911ca75fca79e9f8e36d3c25f7e5f504b2c32b.zip | |
net-misc/openssh: Fix X.509 support
The X.509 part in sshd only accepts specific PACKAGE VERSION values or will
reject a X.509 ssh client. Because we cannot fix all X.509 sshd servers
we patched the exposed PACKAGE VERSION to pass the "requirement".
Package-Manager: Portage-2.3.28, Repoman-2.3.9
Diffstat (limited to 'net-misc/openssh')
| -rw-r--r-- | net-misc/openssh/openssh-7.7_p1-r1.ebuild (renamed from net-misc/openssh/openssh-7.7_p1.ebuild) | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/net-misc/openssh/openssh-7.7_p1.ebuild b/net-misc/openssh/openssh-7.7_p1-r1.ebuild index ba76b889200d..cfcfc30327fc 100644 --- a/net-misc/openssh/openssh-7.7_p1.ebuild +++ b/net-misc/openssh/openssh-7.7_p1-r1.ebuild @@ -20,7 +20,7 @@ X509_VER="11.3.1" X509_PATCH="${PARCH}-x509-${X509_VER}.patch.xz" DESCRIPTION="Port of OpenBSD's free SSH release" HOMEPAGE="https://www.openssh.com/" SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - ${SCTP_PATCH:+https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH}} + ${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~whissi/dist/openssh/${SCTP_PATCH} )} ${HPN_PATCH:+hpn? ( https://dev.gentoo.org/~whissi/dist/openssh/${HPN_PATCH} )} ${LDAP_PATCH:+ldap? ( https://dev.gentoo.org/~whissi/dist/openssh/${LDAP_PATCH} )} ${X509_PATCH:+X509? ( https://dev.gentoo.org/~whissi/dist/openssh/${X509_PATCH} )} @@ -115,6 +115,14 @@ src_prepare() { if use X509 ; then eapply "${WORKDIR}"/${X509_PATCH%.*} + # We need to patch package version or any X.509 sshd will reject our ssh client + # with "userauth_pubkey: could not parse key: string is too large [preauth]" + # error + einfo "Patching package version for X.509 patch set ..." + sed -i \ + -e "s/^AC_INIT(\[OpenSSH\], \[Portable\]/AC_INIT([OpenSSH], [${X509_VER}]/" \ + "${S}"/configure.ac || die "Failed to patch package version for X.509 patch" + einfo "Patching version.h to expose X.509 patch set ..." sed -i \ -e "/^#define SSH_PORTABLE.*/a #define SSH_X509 \"-PKIXSSH-${X509_VER}\"" \ @@ -209,6 +217,8 @@ src_prepare() { "${S}"/version.h || die "Failed to patch SSH_RELEASE (version.h)" fi + eapply_user #473004 + tc-export PKG_CONFIG local sed_args=( -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" @@ -229,8 +239,6 @@ src_prepare() { ) sed -i "${sed_args[@]}" configure{.ac,} || die - eapply_user #473004 - eautoreconf } |