Attachment #245214 for bug #274024

Lines 1-6 Link Here

(-)b/devel/gitolite/Makefile (+1 lines)
1	PORTNAME= gitolite	1	PORTNAME= gitolite
2	DISTVERSIONPREFIX= v	2	DISTVERSIONPREFIX= v
3	DISTVERSION= 3.6.12	3	DISTVERSION= 3.6.12
		4	PORTREVISION= 1
4	PORTEPOCH= 1	5	PORTEPOCH= 1
5	CATEGORIES= devel	6	CATEGORIES= devel
6		7




--- src/triggers/post-compile/ssh-authkeys.orig	2020-08-04 13:30:21 UTC
From: Gleb Smirnoff <glebius@FreeBSD.org>
Date: Thu, 13 Feb 2020 09:38:33 -0800
Subject: [PATCH] When prepending our options to a key, check if key file
 already has any options.  In this case put comma after end of our options
 instead of space.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

To tell key with options against bare key we check if key starts
with (ecdsa|ssh)-.  At the moment of this commit OpenSSH supports
the following algorithms “ecdsa-sha2-nistp256”, “ecdsa-sha2-nistp384”,
“ecdsa-sha2-nistp521”, “ssh-ed25519”, “ssh-dss” or “ssh-rsa”.  If
a different algorithm to be introduce to OpenSSH in future, this
code would be broken.  However, adding a full key parser to this
subroutine seems to be overkill now.
---
 src/triggers/post-compile/ssh-authkeys | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/triggers/post-compile/ssh-authkeys b/src/triggers/post-compile/ssh-authkeys
index cd59aec83..6325373d7 100755
--- src/triggers/post-compile/ssh-authkeys
+++ src/triggers/post-compile/ssh-authkeys
@@ -137,6 +137,7 @@ sub optionise {
         return '';

     chomp(@line);
-    return "command=\"$glshell $user" . ( $kfn ? " $f" : "" ) . "\",$auth_options $line[0]";
+    return "command=\"$glshell $user" . ( $kfn ? " $f" : "" ) . "\",$auth_options" .
+        ($line[0] =~ /^(ecdsa|(sk-)?ssh)-/ ? " " : "," ) . $line[0];
 }
 
- 

Return to bug 274024

Lines 1-27 Link Here

(-)b/devel/gitolite/files/patch-src_triggers_post-compile_ssh-authkeys (-26 / +2 lines)
1	From 7db6332d9be1879d97c57c35d53d97c4b15663d5 Mon Sep 17 00:00:00 2001	1	--- src/triggers/post-compile/ssh-authkeys.orig 2020-08-04 13:30:21 UTC
2	From: Gleb Smirnoff <glebius@FreeBSD.org>
3	Date: Thu, 13 Feb 2020 09:38:33 -0800
4	Subject: [PATCH] When prepending our options to a key, check if key file
5	already has any options. In this case put comma after end of our options
6	instead of space.
7	MIME-Version: 1.0
8	Content-Type: text/plain; charset=UTF-8
9	Content-Transfer-Encoding: 8bit
10
11	To tell key with options against bare key we check if key starts
12	with (ecdsa\|ssh)-. At the moment of this commit OpenSSH supports
13	the following algorithms “ecdsa-sha2-nistp256”, “ecdsa-sha2-nistp384”,
14	“ecdsa-sha2-nistp521”, “ssh-ed25519”, “ssh-dss” or “ssh-rsa”. If
15	a different algorithm to be introduce to OpenSSH in future, this
16	code would be broken. However, adding a full key parser to this
17	subroutine seems to be overkill now.
18	---
19	src/triggers/post-compile/ssh-authkeys \| 3 ++-
20	1 file changed, 2 insertions(+), 1 deletion(-)
21
22	diff --git a/src/triggers/post-compile/ssh-authkeys b/src/triggers/post-compile/ssh-authkeys
23	index cd59aec83..6325373d7 100755
24	--- src/triggers/post-compile/ssh-authkeys
25	+++ src/triggers/post-compile/ssh-authkeys	2	+++ src/triggers/post-compile/ssh-authkeys
26	@@ -137,6 +137,7 @@ sub optionise {	3	@@ -137,6 +137,7 @@ sub optionise {
27	return '';	4	return '';
Lines 29-34 index cd59aec83..6325373d7 100755 Link Here
29	chomp(@line);	6	chomp(@line);
30	- return "command=\"$glshell $user" . ( $kfn ? " $f" : "" ) . "\",$auth_options $line[0]";	7	- return "command=\"$glshell $user" . ( $kfn ? " $f" : "" ) . "\",$auth_options $line[0]";
31	+ return "command=\"$glshell $user" . ( $kfn ? " $f" : "" ) . "\",$auth_options" .	8	+ return "command=\"$glshell $user" . ( $kfn ? " $f" : "" ) . "\",$auth_options" .
32	+ ($line[0] =~ /^(ecdsa\|ssh)-/ ? " " : "," ) . $line[0];	9	+ ($line[0] =~ /^(ecdsa\|(sk-)?ssh)-/ ? " " : "," ) . $line[0];
33	}	10	}
34		11
35	-