| Summary: | security/openssh-portable blacklistd extra-patch broken with 9.8.p1 | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | epopen | ||||||
| Component: | Individual Port(s) | Assignee: | Bryan Drewery <bdrewery> | ||||||
| Status: | New --- | ||||||||
| Severity: | Affects Some People | CC: | aaron, agh, brnrd, kag, mike | ||||||
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(bdrewery) |
||||||
| Version: | Latest | ||||||||
| Hardware: | amd64 | ||||||||
| OS: | Any | ||||||||
| Attachments: |
|
||||||||
I think you could change the importance. It effects every one who uses the blacklistd patch. (In reply to aaron from comment #1) Thanks you, importance changed. Created attachment 252576 [details]
Candidate replacement for extra-patch-blacklistd
This patches and compiles (on FreeBSD 13.3-RELEASE_p3 amd64). sshd works. Haven't verified that blacklistd is successfully integrated.
(In reply to Kenneth Graves from comment #3) Your patch file integrated and build successful. Thanks you very much. About status of the bug, keep "New" until official ports integrate your patch to fix? (In reply to Kenneth Graves from comment #3) Addition... Build successful but connect failed as follows $ /usr/local/bin/ssh 10.0.3.254 -vv OpenSSH_9.7p1, OpenSSL 3.0.13 30 Jan 2024 debug2: resolve_canonicalize: hostname 10.0.3.254 is address debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug1: Connecting to 10.0.3.254 [10.0.3.254] port 2222. debug1: Connection established. debug1: identity file /home/login/.ssh/id_rsa type -1 debug1: identity file /home/login/.ssh/id_rsa-cert type -1 debug1: identity file /home/login/.ssh/id_ecdsa type -1 debug1: identity file /home/login/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/login/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/login/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/login/.ssh/id_ed25519 type -1 debug1: identity file /home/login/.ssh/id_ed25519-cert type -1 debug1: identity file /home/login/.ssh/id_ed25519_sk type -1 debug1: identity file /home/login/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/login/.ssh/id_xmss type -1 debug1: identity file /home/login/.ssh/id_xmss-cert type -1 debug1: identity file /home/login/.ssh/id_dsa type -1 debug1: identity file /home/login/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_9.7-hpn14v15 kex_exchange_identification: Connection closed by remote host Connection closed by 10.0.3.254 port 2222 Root cause unknown Prevent lost ssh connect with server, I rollbacke to v9.7p1. Thanks a lot. Created attachment 254125 [details]
9.9.p1,1 version of extra-patch-blacklistd
Minor update of the patch to work on the new openssh-portable version. I don't use -hpn or -gssapi, so I don't know if it will work with those.
|
Using options: BLACKLISTD=on: FreeBSD blacklistd(8) support BSM=off: OpenBSM Auditing Run "portmaser -d openssh-portable" and result as follows ===> Cleaning for openssh-portable-9.8.p1,1 ===> License OPENSSH accepted by the user ===> openssh-portable-9.8.p1,1 depends on file: /usr/local/sbin/pkg - found ===> Fetching all distfiles required by openssh-portable-9.8.p1,1 for building ===> Extracting for openssh-portable-9.8.p1,1 => SHA256 Checksum OK for openssh-9.8p1.tar.gz. ===> Patching for openssh-portable-9.8.p1,1 ===> Applying extra patch /usr/ports/security/openssh-portable/files/extra-patch-blacklistd 1 out of 2 hunks failed--saving rejects to auth-pam.c.rej No such line 2224 in input file, ignoring 3 out of 3 hunks failed--saving rejects to sshd.c.rej ===> FAILED Applying extra patch /usr/ports/security/openssh-portable/files/extra-patch-blacklistd *** Error code 1 Stop. make[1]: stopped in /usr/ports/security/openssh-portable *** Error code 1 Thanks a lot.