FreeBSD Bugzilla – Attachment 219000 Details for
Bug 250559
security/openssh-portable: support self-generated moduli in opensshd-portable
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
the moduli.sample patch
openssh-portable-moduli.patch (text/plain), 1.84 KB, created by
Michał "rysiek" Woźniak
on 2020-10-23 14:14:39 UTC
(
hide
)
Description:
the moduli.sample patch
Filename:
MIME Type:
Creator:
Michał "rysiek" Woźniak
Created:
2020-10-23 14:14:39 UTC
Size:
1.84 KB
patch
obsolete
>diff -u ./Makefile ../openssh-portable-moduli-patch/Makefile >--- ./Makefile 2020-03-23 23:15:09.000000000 +0000 >+++ ../openssh-portable-moduli-patch/Makefile 2020-10-22 22:04:34.305030000 +0000 >@@ -3,7 +3,7 @@ > > PORTNAME= openssh > DISTVERSION= 8.2p1 >-PORTREVISION= 1 >+PORTREVISION= 2 > PORTEPOCH= 1 > CATEGORIES= security > MASTER_SITES= OPENBSD/OpenSSH/portable >@@ -191,8 +191,12 @@ > @${ECHO_CMD} "#define WITH_XMSS 1" >> ${WRKSRC}/config.h > > post-install: >+ ${MV} ${STAGEDIR}${ETCDIR}/moduli \ >+ ${STAGEDIR}${ETCDIR}/moduli.sample >+ ${RLN} ${STAGEDIR}${ETCDIR}/moduli.sample \ >+ ${STAGEDIR}${ETCDIR}/moduli > ${MV} ${STAGEDIR}${ETCDIR}/ssh_config \ >- ${STAGEDIR}${ETCDIR}//ssh_config.sample >+ ${STAGEDIR}${ETCDIR}/ssh_config.sample > ${MV} ${STAGEDIR}${ETCDIR}/sshd_config \ > ${STAGEDIR}${ETCDIR}/sshd_config.sample > .if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MNONECIPHER} >diff -u ./pkg-plist ../openssh-portable-moduli-patch/pkg-plist >--- ./pkg-plist 2020-03-23 17:07:42.000000000 +0000 >+++ ../openssh-portable-moduli-patch/pkg-plist 2020-10-22 21:50:26.762560000 +0000 >@@ -5,7 +5,7 @@ > bin/ssh-agent > bin/ssh-keygen > bin/ssh-keyscan >-%%ETCDIR%%/moduli >+@sample %%ETCDIR%%/moduli.sample > @sample %%ETCDIR%%/ssh_config.sample > @sample %%ETCDIR%%/sshd_config.sample > @postexec if [ -f %D/%%ETCDIR%%/ssh_host_ecdsa_key ] && grep -q DSA %D/%%ETCDIR%%/ssh_host_ecdsa_key; then echo; echo "\!/ Warning \!/"; echo; echo "Your %D/%%ETCDIR%%/ssh_host_ecdsa_key is not a valid ECDSA key. It is incorrectly"; echo "a DSA key due to a bug fixed in 2012 in the security/openssh-portable port."; echo; echo "Regenerate a proper one with: rm -f %D/%%ETCDIR%%/ssh_host_ecdsa_key*; service openssh restart"; echo; echo "Clients should not see any key change warning since the ECDSA was not valid and was not actually"; echo "used by the server."; echo; echo "\!/ Warning \!/"; fi
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=219000">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 250559
: 219000