Port security/openssh-portable updated from 5.2p1 to 5.8p2 with additional patches. Diff is huge (314kb), so in this PR I'm sending only link to it: https://github.com/downloads/Roorback/mgk_ports/openssh-portable.diff.txt This diff (to port) remove additional patches (to openssh) from `files` subdir and replace its with PATCH_SITES, PATCHFILES enteries in Makefile Severity is serious, because 5.2p1 version is vulnerable: http://openssh.org/security.html Priority is high, because I'll be glad if this patch will be commited before 9.0 release.
I forgot to mention, that this diff fixes several other PRs: - ports/144597: Kerberos knob work again - ports/150493: Port updated to (almost) recent version - ports/160389: Port build fine on FreeBSD 9.x - ports/156926: Suffix isn't changed with knobs - ports/155456: LPK knob work again so when this diff will be commit, above PRs should be closed.
Responsible Changed From-To: freebsd-ports-bugs->flo I'll take it.
This does not compile on 9.0-RC1 cc -O2 -pipe -fno-strict-aliasing -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -fno-builtin-memset -fstack-protector-all -I. -I. -DSSHDIR=\"/usr/local/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DSSH_RAND_HELPER=\"/usr/local/libexec/ssh-rand-helper\" -DHAVE_CONFIG_H -c loginrec.c loginrec.c:636: warning: 'struct utmp' declared inside parameter list loginrec.c:636: warning: its scope is only this definition or declaration, which is probably not what you want loginrec.c:648: warning: 'struct utmp' declared inside parameter list loginrec.c: In function 'construct_utmp': loginrec.c:654: error: dereferencing pointer to incomplete type loginrec.c:679: warning: passing argument 2 of 'set_utmp_time' from incompatible pointer type loginrec.c:681: error: dereferencing pointer to incomplete type loginrec.c:681: error: dereferencing pointer to incomplete type loginrec.c:697: error: dereferencing pointer to incomplete type loginrec.c:698: error: dereferencing pointer to incomplete type loginrec.c:698: error: dereferencing pointer to incomplete type loginrec.c: At top level: loginrec.c:1098: warning: 'struct utmp' declared inside parameter list loginrec.c: In function 'wtmp_write': loginrec.c:1109: error: dereferencing pointer to incomplete type loginrec.c:1109: error: dereferencing pointer to incomplete type loginrec.c: In function 'wtmp_perform_login': loginrec.c:1122: error: storage size of 'ut' isn't known loginrec.c:1122: warning: unused variable 'ut' loginrec.c: In function 'wtmp_perform_logout': loginrec.c:1132: error: storage size of 'ut' isn't known loginrec.c:1132: warning: unused variable 'ut' loginrec.c: At top level: loginrec.c:1173: warning: 'struct utmp' declared inside parameter list loginrec.c: In function 'wtmp_islogin': loginrec.c:1175: error: dereferencing pointer to incomplete type loginrec.c:1176: error: dereferencing pointer to incomplete type loginrec.c:1176: error: dereferencing pointer to incomplete type loginrec.c: In function 'wtmp_get_entry': loginrec.c:1191: error: storage size of 'ut' isn't known loginrec.c:1210: error: invalid application of 'sizeof' to incomplete type 'struct utmp' loginrec.c:1245: error: invalid application of 'sizeof' to incomplete type 'struct utmp' loginrec.c:1191: warning: unused variable 'ut' loginrec.c: In function 'lastlog_openseek': loginrec.c:1514: error: invalid application of 'sizeof' to incomplete type 'struct lastlog' loginrec.c: In function 'lastlog_write_entry': loginrec.c:1544: error: storage size of 'last' isn't known loginrec.c:1544: warning: unused variable 'last' loginrec.c: In function 'lastlog_get_entry': loginrec.c:1597: error: storage size of 'last' isn't known loginrec.c:1597: warning: unused variable 'last' *** Error code 1 Stop in /usr/local/tinderbox/portstrees/FreeBSD/ports/security/openssh-portable/work/openssh-5.8p2. *** Error code 1 Stop in /usr/local/tinderbox/portstrees/FreeBSD/ports/security/openssh-portable. *** Error code 1
It works fine with the following changes. Should i commit it like this? I looked at the config.h we have in src/ for the additional --disable/--without switches. Cheers, Florian --- Makefile.orig 2011-10-20 23:43:40.000000000 +0200 +++ Makefile 2011-10-20 23:39:20.000000000 +0200 @@ -21,7 +21,7 @@ MAN1= sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1 MLINKS= ssh.1 slogin.1 MAN5= moduli.5 ssh_config.5 sshd_config.5 -MAN8= sftp-server.8 sshd.8 ssh-keysign.8 +MAN8= sftp-server.8 sshd.8 ssh-keysign.8 ssh-pkcs11-helper.8 CONFLICTS?= openssh-3.* ssh-1.* ssh2-3.* @@ -58,7 +58,7 @@ .endif .if ${OSVERSION} >= 900007 -CONFIGURE_ARGS+= --disable-utmp +CONFIGURE_ARGS+= --disable-utmp --disable-wtmp --disable-wtmpx --without-lastlog .endif .if defined(WITH_X509) && defined(WITH_HPN)
On 10/20/2011 11:47 PM, Florian Smeets wrote: > It works fine with the following changes. Should i commit it like this? > > I looked at the config.h we have in src/ for the additional > --disable/--without switches. > > Cheers, > Florian > > --- Makefile.orig 2011-10-20 23:43:40.000000000 +0200 > +++ Makefile 2011-10-20 23:39:20.000000000 +0200 > @@ -21,7 +21,7 @@ > MAN1= sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1 > MLINKS= ssh.1 slogin.1 > MAN5= moduli.5 ssh_config.5 sshd_config.5 > -MAN8= sftp-server.8 sshd.8 ssh-keysign.8 > +MAN8= sftp-server.8 sshd.8 ssh-keysign.8 ssh-pkcs11-helper.8 > > CONFLICTS?= openssh-3.* ssh-1.* ssh2-3.* > > @@ -58,7 +58,7 @@ > .endif > > .if ${OSVERSION} >= 900007 > -CONFIGURE_ARGS+= --disable-utmp > +CONFIGURE_ARGS+= --disable-utmp --disable-wtmp --disable-wtmpx > --without-lastlog > .endif > > .if defined(WITH_X509) && defined(WITH_HPN) Please commit Your changes too. PS: Thanks for quick reaction.
flo 2011-10-21 16:18:57 UTC FreeBSD ports repository Modified files: security/openssh-portable Makefile distinfo pkg-plist security/openssh-portable/files openssh.in patch-Makefile.in patch-auth.c patch-auth1.c patch-auth2.c patch-loginrec.c patch-readconf.c patch-servconf.c patch-session.c patch-ssh-agent.c patch-ssh.c patch-ssh_config patch-ssh_config.5 patch-sshd.8 patch-sshd.c patch-sshd_config patch-sshd_config.5 Added files: security/openssh-portable/files extra-patch-configure openssh-lpk-5.8p2.patch Removed files: security/openssh-portable/files VersionAddendum-ssh.1.patch VersionAddendum-ssh_config.5.patch VersionAddendum-sshd_config.5.patch contrib-openssh-5.1_p1-lpk-64bit.patch contrib-openssh-lpk-5.1p1-0.3.10-servconf.c.patch contrib-openssh-lpk-5.1p1-0.3.10.patch gss-serv.c.patch lpk+hpn-servconf.c.patch openssh-5.2p1-hpn13v6-servconf.c.diff openssh-5.2p1-hpn13v6.diff openssh-5.2p1.sftpfilecontrol-v1.3.patch patch-version.c patch-version.h Log: - update to 5.8p2 [1] - fix Kerberos knob [2] - fix build on 9.0 [3] - fix deinstall with various knobs [4] - fix LPK knob [5] PR: ports/161818 [1], ports/144597 [2], ports/160389 [3] ports/150493, ports/156926 [4], ports/155456 [5] Submitted by: "Grzegorz Blach" <magik@roorback.net> [1], [2], [4], [5] pluknet [3] Reported by: Jonathan <lordsith49@hotmail.com> [2] Kevin Thompson <antiduh@csh.rit.edu> [4] Alexey Remizov <alexey@remizov.org> [5] Revision Changes Path 1.155 +48 -86 ports/security/openssh-portable/Makefile 1.53 +8 -6 ports/security/openssh-portable/distinfo 1.2 +0 -10 ports/security/openssh-portable/files/VersionAddendum-ssh.1.patch (dead) 1.2 +0 -14 ports/security/openssh-portable/files/VersionAddendum-ssh_config.5.patch (dead) 1.2 +0 -14 ports/security/openssh-portable/files/VersionAddendum-sshd_config.5.patch (dead) 1.2 +0 -44 ports/security/openssh-portable/files/contrib-openssh-5.1_p1-lpk-64bit.patch (dead) 1.2 +0 -213 ports/security/openssh-portable/files/contrib-openssh-lpk-5.1p1-0.3.10-servconf.c.patch (dead) 1.2 +0 -1682 ports/security/openssh-portable/files/contrib-openssh-lpk-5.1p1-0.3.10.patch (dead) 1.1 +10 -0 ports/security/openssh-portable/files/extra-patch-configure (new) 1.3 +0 -19 ports/security/openssh-portable/files/gss-serv.c.patch (dead) 1.2 +0 -307 ports/security/openssh-portable/files/lpk+hpn-servconf.c.patch (dead) 1.2 +0 -117 ports/security/openssh-portable/files/openssh-5.2p1-hpn13v6-servconf.c.diff (dead) 1.3 +0 -3566 ports/security/openssh-portable/files/openssh-5.2p1-hpn13v6.diff (dead) 1.2 +0 -488 ports/security/openssh-portable/files/openssh-5.2p1.sftpfilecontrol-v1.3.patch (dead) 1.1 +1880 -0 ports/security/openssh-portable/files/openssh-lpk-5.8p2.patch (new) 1.5 +11 -2 ports/security/openssh-portable/files/openssh.in 1.7 +4 -13 ports/security/openssh-portable/files/patch-Makefile.in 1.9 +3 -3 ports/security/openssh-portable/files/patch-auth.c 1.8 +8 -8 ports/security/openssh-portable/files/patch-auth1.c 1.8 +6 -6 ports/security/openssh-portable/files/patch-auth2.c 1.7 +8 -8 ports/security/openssh-portable/files/patch-loginrec.c 1.3 +3 -41 ports/security/openssh-portable/files/patch-readconf.c 1.3 +6 -36 ports/security/openssh-portable/files/patch-servconf.c 1.26 +35 -35 ports/security/openssh-portable/files/patch-session.c 1.4 +3 -3 ports/security/openssh-portable/files/patch-ssh-agent.c 1.2 +12 -8 ports/security/openssh-portable/files/patch-ssh.c 1.3 +2 -7 ports/security/openssh-portable/files/patch-ssh_config 1.2 +3 -3 ports/security/openssh-portable/files/patch-ssh_config.5 1.2 +6 -6 ports/security/openssh-portable/files/patch-sshd.8 1.4 +7 -7 ports/security/openssh-portable/files/patch-sshd.c 1.8 +6 -15 ports/security/openssh-portable/files/patch-sshd_config 1.2 +17 -26 ports/security/openssh-portable/files/patch-sshd_config.5 1.2 +0 -65 ports/security/openssh-portable/files/patch-version.c (dead) 1.2 +0 -19 ports/security/openssh-portable/files/patch-version.h (dead) 1.18 +1 -1 ports/security/openssh-portable/pkg-plist _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!