Attachment #159665 for bug #202169

Lines 3-9 Link Here

(-)Makefile (-1 / +1 lines)
3		3
4	PORTNAME= openssh	4	PORTNAME= openssh
5	DISTVERSION= 6.9p1	5	DISTVERSION= 6.9p1
6	PORTREVISION= 2	6	PORTREVISION= 3
7	PORTEPOCH= 1	7	PORTEPOCH= 1
8	CATEGORIES= security ipv6	8	CATEGORIES= security ipv6
9	MASTER_SITES= OPENBSD/OpenSSH/portable	9	MASTER_SITES= OPENBSD/OpenSSH/portable




: ${openssh_enable:="NO"}
: ${openssh_skipportscheck="NO"}

: ${openssh_rsa1_keygen_enable="YES"}
: ${openssh_rsa1_keygen_flags=""}
: ${openssh_rsa_keygen_enable="YES"}
: ${openssh_rsa_keygen_flags=""}
: ${openssh_dsa_keygen_enable="YES"}
: ${openssh_dsa_keygen_flags=""}
: ${openssh_ecdsa_keygen_enable="YES"}
: ${openssh_ecdsa_keygen_flags=""}
: ${openssh_ed25519_keygen_enable="YES"}
: ${openssh_ed25519_keygen_flags=""}

command=%%PREFIX%%/sbin/sshd
extra_commands="configtest reload keygen"
start_precmd="${name}_checks"


openssh_keygen()
{
	local skip_rsa1= skip_dsa= skip_rsa= skip_ecdsa= skip_ed25519=
	checkyesno openssh_rsa1_keygen_enable || skip_rsa1=y
	checkyesno openssh_dsa_keygen_enable || skip_dsa=y
	checkyesno openssh_rsa_keygen_enable || skip_rsa=y
	checkyesno openssh_ecdsa_keygen_enable || skip_ecdsa=y
	checkyesno openssh_ed25519_keygen_enable || skip_ed25519=y

	if [ \( -n "$skip_rsa1" -o -f %%ETCDIR%%/ssh_host_key \) -a \
	    \( -n "$skip_dsa" -o -f %%ETCDIR%%/ssh_host_dsa_key \) -a \
	    \( -n "$skip_rsa" -o -f %%ETCDIR%%/ssh_host_rsa_key \) -a \
	    \( -n "$skip_ecdsa" -o -f %%ETCDIR%%/ssh_host_ecdsa_key \) -a \
	    \( -n "$skip_ed25519" -o -f %%ETCDIR%%/ssh_host_ed25519_key \) ]; then
		return 0
	fi


		echo "You already have an RSA host key" \
			"in %%ETCDIR%%/ssh_host_key"
		echo "Skipping protocol version 1 RSA Key Generation"
	elif checkyesno openssh_rsa1_keygen_enable; then
		%%PREFIX%%/bin/ssh-keygen -t rsa1 $openssh_rsa1_keygen_flags \
			-f %%ETCDIR%%/ssh_host_key -N ''
	fi


		echo "You already have a DSA host key" \
			"in %%ETCDIR%%/ssh_host_dsa_key"
		echo "Skipping protocol version 2 DSA Key Generation"
	elif checkyesno openssh_dsa_keygen_enable; then
		%%PREFIX%%/bin/ssh-keygen -t dsa $openssh_dsa_keygen_flags \
			-f %%ETCDIR%%/ssh_host_dsa_key -N ''
	fi


		echo "You already have a RSA host key" \
			"in %%ETCDIR%%/ssh_host_rsa_key"
		echo "Skipping protocol version 2 RSA Key Generation"
	elif checkyesno openssh_rsa_keygen_enable; then
		%%PREFIX%%/bin/ssh-keygen -t rsa $openssh_rsa_keygen_flags \
			-f %%ETCDIR%%/ssh_host_rsa_key -N ''
	fi


		echo "You already have a Elliptic Curve DSA host key" \
			"in %%ETCDIR%%/ssh_host_ecdsa_key"
		echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation"
	elif checkyesno openssh_ecdsa_keygen_enable; then
		%%PREFIX%%/bin/ssh-keygen -t ecdsa $openssh_ecdsa_keygen_flags \
			-f %%ETCDIR%%/ssh_host_ecdsa_key -N ''
	fi


		echo "You already have a Elliptic Curve ED25519 host key" \
			"in %%ETCDIR%%/ssh_host_ed25519_key"
		echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation"
	elif checkyesno openssh_ed25519_keygen_enable; then
		%%PREFIX%%/bin/ssh-keygen -t ed25519 $openssh_ed22519_keygen_flags \
			-f %%ETCDIR%%/ssh_host_ed25519_key -N ''
	fi
}

Return to bug 202169

Lines 24-29 Link Here

(-)files/openssh.in (-15 / +33 lines)
24	: ${openssh_enable:="NO"}	24	: ${openssh_enable:="NO"}
25	: ${openssh_skipportscheck="NO"}	25	: ${openssh_skipportscheck="NO"}
26		26
		27	: ${openssh_rsa1_keygen_enable="YES"}
		28	: ${openssh_rsa1_keygen_flags=""}
		29	: ${openssh_rsa_keygen_enable="YES"}
		30	: ${openssh_rsa_keygen_flags=""}
		31	: ${openssh_dsa_keygen_enable="YES"}
		32	: ${openssh_dsa_keygen_flags=""}
		33	: ${openssh_ecdsa_keygen_enable="YES"}
		34	: ${openssh_ecdsa_keygen_flags=""}
		35	: ${openssh_ed25519_keygen_enable="YES"}
		36	: ${openssh_ed25519_keygen_flags=""}
		37
27	command=%%PREFIX%%/sbin/sshd	38	command=%%PREFIX%%/sbin/sshd
28	extra_commands="configtest reload keygen"	39	extra_commands="configtest reload keygen"
29	start_precmd="${name}_checks"	40	start_precmd="${name}_checks"
Lines 35-45 Link Here
35		46
36	openssh_keygen()	47	openssh_keygen()
37	{	48	{
38	if [ -f %%ETCDIR%%/ssh_host_key -a \	49	local skip_rsa1= skip_dsa= skip_rsa= skip_ecdsa= skip_ed25519=
39	-f %%ETCDIR%%/ssh_host_dsa_key -a \	50	checkyesno openssh_rsa1_keygen_enable \|\| skip_rsa1=y
40	-f %%ETCDIR%%/ssh_host_rsa_key -a \	51	checkyesno openssh_dsa_keygen_enable \|\| skip_dsa=y
41	-f %%ETCDIR%%/ssh_host_ecdsa_key -a \	52	checkyesno openssh_rsa_keygen_enable \|\| skip_rsa=y
42	-f %%ETCDIR%%/ssh_host_ed25519_key ]; then	53	checkyesno openssh_ecdsa_keygen_enable \|\| skip_ecdsa=y
		54	checkyesno openssh_ed25519_keygen_enable \|\| skip_ed25519=y
		55
		56	if [ \( -n "$skip_rsa1" -o -f %%ETCDIR%%/ssh_host_key \) -a \
		57	\( -n "$skip_dsa" -o -f %%ETCDIR%%/ssh_host_dsa_key \) -a \
		58	\( -n "$skip_rsa" -o -f %%ETCDIR%%/ssh_host_rsa_key \) -a \
		59	\( -n "$skip_ecdsa" -o -f %%ETCDIR%%/ssh_host_ecdsa_key \) -a \
		60	\( -n "$skip_ed25519" -o -f %%ETCDIR%%/ssh_host_ed25519_key \) ]; then
43	return 0	61	return 0
44	fi	62	fi
45		63
Lines 53-60 Link Here
53	echo "You already have an RSA host key" \	71	echo "You already have an RSA host key" \
54	"in %%ETCDIR%%/ssh_host_key"	72	"in %%ETCDIR%%/ssh_host_key"
55	echo "Skipping protocol version 1 RSA Key Generation"	73	echo "Skipping protocol version 1 RSA Key Generation"
56	else	74	elif checkyesno openssh_rsa1_keygen_enable; then
57	%%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \	75	%%PREFIX%%/bin/ssh-keygen -t rsa1 $openssh_rsa1_keygen_flags \
58	-f %%ETCDIR%%/ssh_host_key -N ''	76	-f %%ETCDIR%%/ssh_host_key -N ''
59	fi	77	fi
60		78
Lines 62-69 Link Here
62	echo "You already have a DSA host key" \	80	echo "You already have a DSA host key" \
63	"in %%ETCDIR%%/ssh_host_dsa_key"	81	"in %%ETCDIR%%/ssh_host_dsa_key"
64	echo "Skipping protocol version 2 DSA Key Generation"	82	echo "Skipping protocol version 2 DSA Key Generation"
65	else	83	elif checkyesno openssh_dsa_keygen_enable; then
66	%%PREFIX%%/bin/ssh-keygen -t dsa \	84	%%PREFIX%%/bin/ssh-keygen -t dsa $openssh_dsa_keygen_flags \
67	-f %%ETCDIR%%/ssh_host_dsa_key -N ''	85	-f %%ETCDIR%%/ssh_host_dsa_key -N ''
68	fi	86	fi
69		87
Lines 71-78 Link Here
71	echo "You already have a RSA host key" \	89	echo "You already have a RSA host key" \
72	"in %%ETCDIR%%/ssh_host_rsa_key"	90	"in %%ETCDIR%%/ssh_host_rsa_key"
73	echo "Skipping protocol version 2 RSA Key Generation"	91	echo "Skipping protocol version 2 RSA Key Generation"
74	else	92	elif checkyesno openssh_rsa_keygen_enable; then
75	%%PREFIX%%/bin/ssh-keygen -t rsa \	93	%%PREFIX%%/bin/ssh-keygen -t rsa $openssh_rsa_keygen_flags \
76	-f %%ETCDIR%%/ssh_host_rsa_key -N ''	94	-f %%ETCDIR%%/ssh_host_rsa_key -N ''
77	fi	95	fi
78		96
Lines 80-87 Link Here
80	echo "You already have a Elliptic Curve DSA host key" \	98	echo "You already have a Elliptic Curve DSA host key" \
81	"in %%ETCDIR%%/ssh_host_ecdsa_key"	99	"in %%ETCDIR%%/ssh_host_ecdsa_key"
82	echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation"	100	echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation"
83	else	101	elif checkyesno openssh_ecdsa_keygen_enable; then
84	%%PREFIX%%/bin/ssh-keygen -t ecdsa \	102	%%PREFIX%%/bin/ssh-keygen -t ecdsa $openssh_ecdsa_keygen_flags \
85	-f %%ETCDIR%%/ssh_host_ecdsa_key -N ''	103	-f %%ETCDIR%%/ssh_host_ecdsa_key -N ''
86	fi	104	fi
87		105
Lines 89-96 Link Here
89	echo "You already have a Elliptic Curve ED25519 host key" \	107	echo "You already have a Elliptic Curve ED25519 host key" \
90	"in %%ETCDIR%%/ssh_host_ed25519_key"	108	"in %%ETCDIR%%/ssh_host_ed25519_key"
91	echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation"	109	echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation"
92	else	110	elif checkyesno openssh_ed25519_keygen_enable; then
93	%%PREFIX%%/bin/ssh-keygen -t ed25519 \	111	%%PREFIX%%/bin/ssh-keygen -t ed25519 $openssh_ed22519_keygen_flags \
94	-f %%ETCDIR%%/ssh_host_ed25519_key -N ''	112	-f %%ETCDIR%%/ssh_host_ed25519_key -N ''
95	fi	113	fi
96	}	114	}