[Midnightbsd-cvs] mports [18030] trunk/security/openssh-portable: OpenSSH 6.7p1

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Tue Feb 24 08:34:15 EST 2015 

Revision: 18030
          http://svnweb.midnightbsd.org/mports/?rev=18030
Author:   laffer1
Date:     2015-02-24 08:34:14 -0500 (Tue, 24 Feb 2015)
Log Message:
-----------
OpenSSH 6.7p1

Modified Paths:
--------------
    trunk/security/openssh-portable/Makefile
    trunk/security/openssh-portable/distinfo
    trunk/security/openssh-portable/files/extra-patch-hpn-build-options
    trunk/security/openssh-portable/files/openssh.in
    trunk/security/openssh-portable/files/patch-readconf.c
    trunk/security/openssh-portable/files/patch-ssh-agent.c
    trunk/security/openssh-portable/files/patch-sshd_config.5

Modified: trunk/security/openssh-portable/Makefile
===================================================================
--- trunk/security/openssh-portable/Makefile	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/Makefile	2015-02-24 13:34:14 UTC (rev 18030)
@@ -1,7 +1,7 @@
 # $MidnightBSD$
 
 PORTNAME=	openssh
-DISTVERSION=	6.6p1
+DISTVERSION=	6.7p1
 PORTEPOCH=	1
 CATEGORIES=	security ipv6
 MASTER_SITES=	${MASTER_SITE_OPENBSD}

Modified: trunk/security/openssh-portable/distinfo
===================================================================
--- trunk/security/openssh-portable/distinfo	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/distinfo	2015-02-24 13:34:14 UTC (rev 18030)
@@ -1,12 +1,12 @@
-SHA256 (openssh-6.6p1.tar.gz) = 48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bb
-SIZE (openssh-6.6p1.tar.gz) = 1282502
-SHA256 (openssh-6.6p1-hpnssh14v2.diff.gz) = 2a1b34dc3bf922e12cbca687e57b1fad2a0b087e38022e6782e99b45fcc1a315
-SIZE (openssh-6.6p1-hpnssh14v2.diff.gz) = 24469
-SHA256 (openssh-6.6p1+x509-7.9.diff.gz) = 463473f75c1dc250ea4eda21f2c79df6f0b479ea499d044cb51d73073881ca34
-SIZE (openssh-6.6p1+x509-7.9.diff.gz) = 224691
-SHA256 (openssh-6.5p1-gsskex-all-20110125.patch.gz) = dd3b0f383a58e490f735646ae27f3dd05db96446e2e4ae8e753b64eee7f46582
-SIZE (openssh-6.5p1-gsskex-all-20110125.patch.gz) = 23516
+SHA256 (openssh-6.7p1.tar.gz) = b2f8394eae858dabbdef7dac10b99aec00c95462753e80342e530bbb6f725507
+SIZE (openssh-6.7p1.tar.gz) = 1351367
+SHA256 (openssh-6.7p1-hpnssh14v5.diff.gz) = 846ad51577de8308d60dbfaa58ba18d112d0732fdf21063ebc78407fc8e4a7b6
+SIZE (openssh-6.7p1-hpnssh14v5.diff.gz) = 24326
+SHA256 (openssh-6.7p1+x509-8.2.diff.gz) = 85acfcd560b40d4533b82a4e3f443b7137b377868bab424dacdf00581c83240f
+SIZE (openssh-6.7p1+x509-8.2.diff.gz) = 241798
+SHA256 (openssh-6.7p1-gsskex-all-20141021-284f364.patch.gz) = 9a361408269a542d28dae77320f30e94a44098acdbbbc552efb0bdeac6270dc8
+SIZE (openssh-6.7p1-gsskex-all-20141021-284f364.patch.gz) = 25825
 SHA256 (openssh-lpk-6.3p1.patch.gz) = d2a8b7da7acebac2afc4d0a3dffe8fca2e49900cf733af2e7012f2449b3668e1
 SIZE (openssh-lpk-6.3p1.patch.gz) = 17815
-SHA256 (openssh-6.6p1-sctp-2329.patch.gz) = e054529810815d63f7de5d1c6cc76fccb7766e1b2d1b62438ca83770afac9bfa
-SIZE (openssh-6.6p1-sctp-2329.patch.gz) = 8695
+SHA256 (openssh-6.7p1-sctp-2496.patch.gz) = ec2b6aa8a6d65a2c11d4453a25294ae5082e7ed7c9f418ec081f750bfba022db
+SIZE (openssh-6.7p1-sctp-2496.patch.gz) = 8052

Modified: trunk/security/openssh-portable/files/extra-patch-hpn-build-options
===================================================================
--- trunk/security/openssh-portable/files/extra-patch-hpn-build-options	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/files/extra-patch-hpn-build-options	2015-02-24 13:34:14 UTC (rev 18030)
@@ -37,9 +37,9 @@
 --- readconf.c.orig	2013-10-11 09:24:10.812126846 -0500
 +++ readconf.c	2013-10-11 09:19:12.295135966 -0500
 @@ -268,12 +268,16 @@ static struct {
- 	{ "canonicalizehostname", oCanonicalizeHostname },
- 	{ "canonicalizemaxdots", oCanonicalizeMaxDots },
  	{ "canonicalizepermittedcnames", oCanonicalizePermittedCNAMEs },
+ 	{ "streamlocalbindmask", oStreamLocalBindMask },
+ 	{ "streamlocalbindunlink", oStreamLocalBindUnlink },
 +#ifdef NONECIPHER
  	{ "noneenabled", oNoneEnabled },
  	{ "noneswitch", oNoneSwitch },
@@ -53,7 +53,7 @@
  	{ "ignoreunknown", oIgnoreUnknown },
  
  	{ NULL, oBadOption }
-@@ -1739,12 +1743,20 @@ fill_default_options(Options * options)
+@@ -1819,12 +1823,20 @@ fill_default_options(Options * options)
  		options->server_alive_interval = 0;
  	if (options->server_alive_count_max == -1)
  		options->server_alive_count_max = 3;

Modified: trunk/security/openssh-portable/files/openssh.in
===================================================================
--- trunk/security/openssh-portable/files/openssh.in	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/files/openssh.in	2015-02-24 13:34:14 UTC (rev 18030)
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# $FreeBSD: head/security/openssh-portable/files/openssh.in 342628 2014-02-05 03:06:08Z bdrewery $
+# $FreeBSD: head/security/openssh-portable/files/openssh.in 369931 2014-10-03 19:23:03Z bdrewery $
 #
 # PROVIDE: openssh
 # REQUIRE: DAEMON
@@ -144,9 +144,14 @@
         base_sshd_port=22
     fi
 
-    if [ "${self_port}" -ne "${base_sshd_port}" ]; then 
-        return 1
-    fi
+    # self_port and base_sshd_port may have multiple values. Compare them all
+    for sport in ${self_port}; do
+	    for bport in ${base_sshd_port}; do
+		    [ ${sport} -eq ${bport} ] && return 0
+	    done
+    done
+
+    return 1
 }
 
 openssh_configtest()

Modified: trunk/security/openssh-portable/files/patch-readconf.c
===================================================================
--- trunk/security/openssh-portable/files/patch-readconf.c	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/files/patch-readconf.c	2015-02-24 13:34:14 UTC (rev 18030)
@@ -18,9 +18,8 @@
 
 Submitted by:   delphij@
 
-
---- readconf.c.orig	2013-10-03 06:56:21.649139613 -0500
-+++ readconf.c	2013-10-03 06:56:50.961467272 -0500
+--- readconf.c.orig	2014-07-17 23:11:26.000000000 -0500
++++ readconf.c	2014-11-03 16:45:05.188796445 -0600
 @@ -17,6 +17,7 @@
  #include <sys/types.h>
  #include <sys/stat.h>
@@ -27,13 +26,13 @@
  #include <sys/socket.h>
 +#include <sys/sysctl.h>
  #include <sys/wait.h>
+ #include <sys/un.h>
  
- #include <netinet/in.h>
-@@ -282,7 +283,19 @@
- 	Forward *fwd;
+@@ -281,7 +282,19 @@ add_local_forward(Options *options, cons
+ 	struct Forward *fwd;
  #ifndef NO_IPPORT_RESERVED_CONCEPT
  	extern uid_t original_real_uid;
--	if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
+-	if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 &&
 +	int ipport_reserved;
 +#ifdef __FreeBSD__
 +	size_t len_ipport_reserved = sizeof(ipport_reserved);
@@ -46,11 +45,11 @@
 +#else
 +	ipport_reserved = IPPORT_RESERVED;
 +#endif
-+	if (newfwd->listen_port < ipport_reserved && original_real_uid != 0)
++	if (newfwd->listen_port < ipport_reserved && original_real_uid != 0 &&
+ 	    newfwd->listen_path == NULL)
  		fatal("Privileged ports can only be forwarded by root.");
  #endif
- 	options->local_forwards = xrealloc(options->local_forwards,
-@@ -1607,7 +1620,7 @@
+@@ -1674,7 +1687,7 @@ fill_default_options(Options * options)
  	if (options->batch_mode == -1)
  		options->batch_mode = 0;
  	if (options->check_host_ip == -1)

Modified: trunk/security/openssh-portable/files/patch-ssh-agent.c
===================================================================
--- trunk/security/openssh-portable/files/patch-ssh-agent.c	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/files/patch-ssh-agent.c	2015-02-24 13:34:14 UTC (rev 18030)
@@ -7,11 +7,11 @@
 Add a -x option that causes ssh-agent(1) to exit when all clients have
 disconnected.
 
---- ssh-agent.c.orig	2011-06-02 23:14:16.000000000 -0500
-+++ ssh-agent.c	2013-05-09 15:59:14.044627857 -0500
-@@ -137,15 +137,34 @@
- /* Default lifetime (0 == forever) */
- static int lifetime = 0;
+--- ssh-agent.c.orig	2014-07-29 21:32:46.000000000 -0500
++++ ssh-agent.c	2014-11-03 16:48:03.930786112 -0600
+@@ -142,15 +142,34 @@ extern char *__progname;
+ /* Default lifetime in seconds (0 == forever) */
+ static long lifetime = 0;
  
 +/*
 + * Client connection count; incremented in new_socket() and decremented in
@@ -44,7 +44,7 @@
  }
  
  static void
-@@ -900,6 +919,10 @@
+@@ -810,6 +829,10 @@ new_socket(sock_type type, int fd)
  {
  	u_int i, old_alloc, new_alloc;
  
@@ -55,15 +55,16 @@
  	set_nonblock(fd);
  
  	if (fd > max_fd)
-@@ -1120,6 +1143,7 @@
- 	fprintf(stderr, "  -d          Debug mode.\n");
- 	fprintf(stderr, "  -a socket   Bind agent socket to given name.\n");
- 	fprintf(stderr, "  -t life     Default identity lifetime (seconds).\n");
-+	fprintf(stderr, "  -x          Exit when the last client disconnects.\n");
+@@ -1026,7 +1049,7 @@ usage(void)
+ {
+ 	fprintf(stderr,
+ 	    "usage: ssh-agent [-c | -s] [-d] [-a bind_address] [-t life]\n"
+-	    "                 [command [arg ...]]\n"
++	    "                 [-x] [command [arg ...]]\n"
+ 	    "       ssh-agent [-c | -s] -k\n");
  	exit(1);
  }
- 
-@@ -1149,6 +1173,7 @@
+@@ -1056,6 +1079,7 @@ main(int ac, char **av)
  	/* drop */
  	setegid(getgid());
  	setgid(getgid());
@@ -71,7 +72,7 @@
  
  #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
  	/* Disable ptrace on Linux without sgid bit */
-@@ -1160,7 +1185,7 @@
+@@ -1069,7 +1093,7 @@ main(int ac, char **av)
  	__progname = ssh_get_progname(av[0]);
  	seed_rng();
  
@@ -80,7 +81,7 @@
  		switch (ch) {
  		case 'c':
  			if (s_flag)
-@@ -1189,6 +1214,9 @@
+@@ -1098,6 +1122,9 @@ main(int ac, char **av)
  				usage();
  			}
  			break;

Modified: trunk/security/openssh-portable/files/patch-sshd_config.5
===================================================================
--- trunk/security/openssh-portable/files/patch-sshd_config.5	2015-02-24 13:10:27 UTC (rev 18029)
+++ trunk/security/openssh-portable/files/patch-sshd_config.5	2015-02-24 13:34:14 UTC (rev 18030)
@@ -1,9 +1,9 @@
---- sshd_config.5.orig	2013-02-11 18:02:09.000000000 -0600
-+++ sshd_config.5	2013-05-13 06:49:28.164628328 -0500
-@@ -277,7 +277,9 @@
+--- sshd_config.5.orig	2014-10-02 18:24:57.000000000 -0500
++++ sshd_config.5	2014-11-03 16:49:35.943778119 -0600
+@@ -304,7 +304,9 @@
  .It Cm ChallengeResponseAuthentication
  Specifies whether challenge-response authentication is allowed (e.g. via
- PAM or though authentication styles supported in
+ PAM or through authentication styles supported in
 -.Xr login.conf 5 )
 +.Xr login.conf 5 ) .
 +See also
@@ -11,7 +11,7 @@
  The default is
  .Dq yes .
  .It Cm ChrootDirectory
-@@ -555,7 +557,7 @@
+@@ -615,7 +617,7 @@
  .Pp
  .Pa /etc/hosts.equiv
  and
@@ -20,7 +20,7 @@
  are still used.
  The default is
  .Dq yes .
-@@ -841,7 +843,22 @@
+@@ -977,7 +979,22 @@
  .It Cm PasswordAuthentication
  Specifies whether password authentication is allowed.
  The default is
@@ -43,7 +43,7 @@
  .It Cm PermitEmptyPasswords
  When password authentication is allowed, it specifies whether the
  server allows login to accounts with empty password strings.
-@@ -887,7 +904,14 @@
+@@ -1023,7 +1040,14 @@
  or
  .Dq no .
  The default is
@@ -59,8 +59,8 @@
  .Pp
  If this option is set to
  .Dq without-password ,
-@@ -1006,7 +1030,9 @@
- section in
+@@ -1178,7 +1202,9 @@
+ For more information on KRLs, see the KEY REVOCATION LISTS section in
  .Xr ssh-keygen 1 .
  .It Cm RhostsRSAAuthentication
 -Specifies whether rhosts or /etc/hosts.equiv authentication together
@@ -70,7 +70,7 @@
  with successful RSA host authentication is allowed.
  The default is
  .Dq no .
-@@ -1146,7 +1172,7 @@
+@@ -1343,7 +1369,7 @@
  .Xr sshd 8
  as a non-root user.
  The default is
@@ -79,7 +79,7 @@
  .It Cm UsePrivilegeSeparation
  Specifies whether
  .Xr sshd 8
-@@ -1182,7 +1208,7 @@
+@@ -1379,7 +1405,7 @@
  or
  .Dq no .
  The default is

More information about the Midnightbsd-cvs mailing list