Bug 237249 - security/rubygem-net-ssh: Update to 5.2.0, Add pkg-message
Summary: security/rubygem-net-ssh: Update to 5.2.0, Add pkg-message
Status: Closed Overcome By Events
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-ruby (Nobody)
URL:
Keywords: easy, needs-qa
Depends on:
Blocks:
 
Reported: 2019-04-13 00:07 UTC by Romain Tartière
Modified: 2020-10-05 19:09 UTC (History)
1 user (show)

See Also:
sunpoet: maintainer-feedback+


Attachments
Update to 5.2.0 (2.03 KB, patch)
2019-04-13 00:07 UTC, Romain Tartière
no flags Details | Diff
Patch for vragrant (1.14 KB, patch)
2019-04-25 02:24 UTC, Romain Tartière
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Romain Tartière freebsd_committer 2019-04-13 00:07:20 UTC
Created attachment 203630 [details]
Update to 5.2.0

A new release of security/rubygem-net-ssh is available (5.2.0).

The attached patch add a pkg-message entry to inform end-users about net-ssh not validating ssh keys the same way as OpenSSH itself and leading to authentication failures; and include a workaround for this issue.

The issue is expected to vanish with the removal of the extra checks which are planned for a future major release.
Comment 1 Sunpoet Po-Chuan Hsieh freebsd_committer 2019-04-24 17:27:32 UTC
The patch looks good to me.

Did you test all dependent ports? I checked some and noticed that sysutils/vagrant requires "net-ssh ~> 5.1.0".
Comment 2 Romain Tartière freebsd_committer 2019-04-24 17:44:32 UTC
Good catch: I only tested this through poudriere with the packages I am using…

Do you think we should ask for an exp-run?
Comment 3 Sunpoet Po-Chuan Hsieh freebsd_committer 2019-04-24 17:52:32 UTC
The dependent ports are:
devel/rubygem-cheffish
devel/rubygem-pdk
net-mgmt/rubygem-oxidized
net/rubygem-rye
security/metasploit
security/rubygem-metasploit-credential
security/rubygem-net-scp
security/rubygem-net-sftp
security/rubygem-net-ssh-gateway
security/rubygem-net-ssh-gateway1
security/rubygem-net-ssh-multi
security/rubygem-sshkit
sysutils/rhc
sysutils/rubygem-backup
sysutils/rubygem-specinfra
sysutils/vagrant
www/gitlab-ce

It seems sysutils/vagrant is the only one needs gemspec patch.
Comment 4 Romain Tartière freebsd_committer 2019-04-24 18:10:44 UTC
net-ssh is using semver (at least, 3.0.0 entry in the ChangeLog says so), vagrant requests "~> 5.1.0", so I guess this cna be changed to "~> 5.1" without causing any issue.  I am starting a build of vagrant with such a change and will report back.
Comment 5 Romain Tartière freebsd_committer 2019-04-25 02:24:22 UTC
Created attachment 203995 [details]
Patch for vragrant

It looks like we have to patch vagrant: with the attached patch, I am able to `vagrant up` and `vagrant ssh` into a box.
Comment 6 Sunpoet Po-Chuan Hsieh freebsd_committer 2019-04-25 13:00:12 UTC
LGTM. Thanks!
Comment 7 Mateusz Piotrowski freebsd_committer 2020-10-04 20:53:21 UTC
security/rubygem-net-ssh is already version 6. Is this patch still relevant?
Comment 8 Romain Tartière freebsd_committer 2020-10-05 19:09:33 UTC
(In reply to Mateusz Piotrowski from comment #7)
I just checked, it seems to be good.  I completely forgot about this PR and failed to follow-up, sorry about this and thanks for the heads-up!