FreeBSD Bugzilla – Attachment 159654 Details for
Bug 202169
[patch] security/openssh-portable add rc.conf vars for flags to ssh-keygen; remove rsa1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
svn diff of /usr/ports/security/openssh-portable
openssh-portable.diff.txt (text/plain), 3.84 KB, created by
Chad Jacob Milios
on 2015-08-08 02:29:54 UTC
(
hide
)
Description:
svn diff of /usr/ports/security/openssh-portable
Filename:
MIME Type:
Creator:
Chad Jacob Milios
Created:
2015-08-08 02:29:54 UTC
Size:
3.84 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 393654) >+++ Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME= openssh > DISTVERSION= 6.9p1 >-PORTREVISION= 2 >+PORTREVISION= 3 > PORTEPOCH= 1 > CATEGORIES= security ipv6 > MASTER_SITES= OPENBSD/OpenSSH/portable >Index: files/openssh.in >=================================================================== >--- files/openssh.in (revision 393654) >+++ files/openssh.in (working copy) >@@ -24,6 +24,17 @@ > : ${openssh_enable:="NO"} > : ${openssh_skipportscheck="NO"} > >+: ${openssh_rsa1_keygen_enable="YES"} >+: ${openssh_rsa1_keygen_flags=""} >+: ${openssh_rsa_keygen_enable="YES"} >+: ${openssh_rsa_keygen_flags=""} >+: ${openssh_dsa_keygen_enable="YES"} >+: ${openssh_dsa_keygen_flags=""} >+: ${openssh_ecdsa_keygen_enable="YES"} >+: ${openssh_ecdsa_keygen_flags=""} >+: ${openssh_ed25519_keygen_enable="YES"} >+: ${openssh_ed25519_keygen_flags=""} >+ > command=%%PREFIX%%/sbin/sshd > extra_commands="configtest reload keygen" > start_precmd="${name}_checks" >@@ -35,11 +46,18 @@ > > openssh_keygen() > { >- if [ -f %%ETCDIR%%/ssh_host_key -a \ >- -f %%ETCDIR%%/ssh_host_dsa_key -a \ >- -f %%ETCDIR%%/ssh_host_rsa_key -a \ >- -f %%ETCDIR%%/ssh_host_ecdsa_key -a \ >- -f %%ETCDIR%%/ssh_host_ed25519_key ]; then >+ local skip_rsa1= skip_dsa= skip_rsa= skip_ecdsa= skip_ecdsa= >+ checkyesno openssh_rsa1_keygen_enable || skip_rsa1=y >+ checkyesno openssh_dsa_keygen_enable || skip_dsa=y >+ checkyesno openssh_rsa_keygen_enable || skip_rsa=y >+ checkyesno openssh_ecdsa_keygen_enable || skip_ecdsa=y >+ checkyesno openssh_ed25519_keygen_enable || skip_ed25519=y >+ >+ if [ \( -n "$skip_rsa1" -o -f %%ETCDIR%%/ssh_host_key \) -a \ >+ \( -n "$skip_dsa" -o -f %%ETCDIR%%/ssh_host_dsa_key \) -a \ >+ \( -n "$skip_rsa" -o -f %%ETCDIR%%/ssh_host_rsa_key \) -a \ >+ \( -n "$skip_ecdsa" -o -f %%ETCDIR%%/ssh_host_ecdsa_key \) -a \ >+ \( -n "$skip_ed25519" -o -f %%ETCDIR%%/ssh_host_ed25519_key \) ]; then > return 0 > fi > >@@ -53,8 +71,8 @@ > echo "You already have an RSA host key" \ > "in %%ETCDIR%%/ssh_host_key" > echo "Skipping protocol version 1 RSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \ >+ elif checkyesno openssh_rsa1_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t rsa1 $openssh_rsa1_keygen_flags \ > -f %%ETCDIR%%/ssh_host_key -N '' > fi > >@@ -62,8 +80,8 @@ > echo "You already have a DSA host key" \ > "in %%ETCDIR%%/ssh_host_dsa_key" > echo "Skipping protocol version 2 DSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t dsa \ >+ elif checkyesno openssh_dsa_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t dsa $openssh_dsa_keygen_flags \ > -f %%ETCDIR%%/ssh_host_dsa_key -N '' > fi > >@@ -71,8 +89,8 @@ > echo "You already have a RSA host key" \ > "in %%ETCDIR%%/ssh_host_rsa_key" > echo "Skipping protocol version 2 RSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t rsa \ >+ elif checkyesno openssh_rsa_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t rsa $openssh_rsa_keygen_flags \ > -f %%ETCDIR%%/ssh_host_rsa_key -N '' > fi > >@@ -80,8 +98,8 @@ > echo "You already have a Elliptic Curve DSA host key" \ > "in %%ETCDIR%%/ssh_host_ecdsa_key" > echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t ecdsa \ >+ elif checkyesno openssh_ecdsa_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t ecdsa $openssh_ecdsa_keygen_flags \ > -f %%ETCDIR%%/ssh_host_ecdsa_key -N '' > fi > >@@ -89,8 +107,8 @@ > echo "You already have a Elliptic Curve ED25519 host key" \ > "in %%ETCDIR%%/ssh_host_ed25519_key" > echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t ed25519 \ >+ elif checkyesno openssh_ed25519_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t ed25519 $openssh_ed22519_keygen_flags \ > -f %%ETCDIR%%/ssh_host_ed25519_key -N '' > fi > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=159654">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 202169
:
159654
|
159655
|
159665
|
159666
|
160593
|
160594