FreeBSD Bugzilla – Attachment 160593 Details for
Bug 202169
[patch] security/openssh-portable add rc.conf vars for flags to ssh-keygen; remove rsa1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
svn diff of /usr/ports/security/openssh-portable
openssh-portable.diff (text/plain), 3.69 KB, created by
Chad Jacob Milios
on 2015-09-01 16:06:53 UTC
(
hide
)
Description:
svn diff of /usr/ports/security/openssh-portable
Filename:
MIME Type:
Creator:
Chad Jacob Milios
Created:
2015-09-01 16:06:53 UTC
Size:
3.69 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 395755) >+++ Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME= openssh > DISTVERSION= 7.1p1 >-PORTREVISION= 1 >+PORTREVISION= 2 > PORTEPOCH= 1 > CATEGORIES= security ipv6 > MASTER_SITES= OPENBSD/OpenSSH/portable >Index: files/openssh.in >=================================================================== >--- files/openssh.in (revision 395755) >+++ files/openssh.in (working copy) >@@ -24,6 +24,15 @@ > : ${openssh_enable:="NO"} > : ${openssh_skipportscheck="NO"} > >+: ${openssh_dsa_keygen_enable="YES"} >+: ${openssh_dsa_keygen_flags=""} >+: ${openssh_rsa_keygen_enable="YES"} >+: ${openssh_rsa_keygen_flags=""} >+: ${openssh_ecdsa_keygen_enable="YES"} >+: ${openssh_ecdsa_keygen_flags=""} >+: ${openssh_ed25519_keygen_enable="YES"} >+: ${openssh_ed25519_keygen_flags=""} >+ > command=%%PREFIX%%/sbin/sshd > extra_commands="configtest reload keygen" > start_precmd="${name}_checks" >@@ -35,11 +44,16 @@ > > openssh_keygen() > { >- if [ -f %%ETCDIR%%/ssh_host_key -a \ >- -f %%ETCDIR%%/ssh_host_dsa_key -a \ >- -f %%ETCDIR%%/ssh_host_rsa_key -a \ >- -f %%ETCDIR%%/ssh_host_ecdsa_key -a \ >- -f %%ETCDIR%%/ssh_host_ed25519_key ]; then >+ local skip_dsa= skip_rsa= skip_ecdsa= skip_ed25519= >+ checkyesno openssh_dsa_keygen_enable || skip_dsa=y >+ checkyesno openssh_rsa_keygen_enable || skip_rsa=y >+ checkyesno openssh_ecdsa_keygen_enable || skip_ecdsa=y >+ checkyesno openssh_ed25519_keygen_enable || skip_ed25519=y >+ >+ if [ \( -n "$skip_dsa" -o -f %%ETCDIR%%/ssh_host_dsa_key \) -a \ >+ \( -n "$skip_rsa" -o -f %%ETCDIR%%/ssh_host_rsa_key \) -a \ >+ \( -n "$skip_ecdsa" -o -f %%ETCDIR%%/ssh_host_ecdsa_key \) -a \ >+ \( -n "$skip_ed25519" -o -f %%ETCDIR%%/ssh_host_ed25519_key \) ]; then > return 0 > fi > >@@ -49,21 +63,12 @@ > [ -x %%PREFIX%%/bin/ssh-keygen ] || > err 1 "%%PREFIX%%/bin/ssh-keygen does not exist." > >- if [ -f %%ETCDIR%%/ssh_host_key ]; then >- echo "You already have an RSA host key" \ >- "in %%ETCDIR%%/ssh_host_key" >- echo "Skipping protocol version 1 RSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \ >- -f %%ETCDIR%%/ssh_host_key -N '' >- fi >- > if [ -f %%ETCDIR%%/ssh_host_dsa_key ]; then > echo "You already have a DSA host key" \ > "in %%ETCDIR%%/ssh_host_dsa_key" > echo "Skipping protocol version 2 DSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t dsa \ >+ elif checkyesno openssh_dsa_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t dsa $openssh_dsa_keygen_flags \ > -f %%ETCDIR%%/ssh_host_dsa_key -N '' > fi > >@@ -71,8 +76,8 @@ > echo "You already have a RSA host key" \ > "in %%ETCDIR%%/ssh_host_rsa_key" > echo "Skipping protocol version 2 RSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t rsa \ >+ elif checkyesno openssh_rsa_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t rsa $openssh_rsa_keygen_flags \ > -f %%ETCDIR%%/ssh_host_rsa_key -N '' > fi > >@@ -80,8 +85,8 @@ > echo "You already have a Elliptic Curve DSA host key" \ > "in %%ETCDIR%%/ssh_host_ecdsa_key" > echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t ecdsa \ >+ elif checkyesno openssh_ecdsa_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t ecdsa $openssh_ecdsa_keygen_flags \ > -f %%ETCDIR%%/ssh_host_ecdsa_key -N '' > fi > >@@ -89,8 +94,8 @@ > echo "You already have a Elliptic Curve ED25519 host key" \ > "in %%ETCDIR%%/ssh_host_ed25519_key" > echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation" >- else >- %%PREFIX%%/bin/ssh-keygen -t ed25519 \ >+ elif checkyesno openssh_ed25519_keygen_enable; then >+ %%PREFIX%%/bin/ssh-keygen -t ed25519 $openssh_ed22519_keygen_flags \ > -f %%ETCDIR%%/ssh_host_ed25519_key -N '' > fi > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=160593">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 202169
:
159654
|
159655
|
159665
|
159666
| 160593 |
160594