summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--system/openssh/APKBUILD71
-rw-r--r--system/openssh/fix-utmp.patch11
-rw-r--r--system/openssh/fix-utmpx.patch14
3 files changed, 38 insertions, 58 deletions
diff --git a/system/openssh/APKBUILD b/system/openssh/APKBUILD
index 90a628d27..d082ddb83 100644
--- a/system/openssh/APKBUILD
+++ b/system/openssh/APKBUILD
@@ -1,18 +1,19 @@
# Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
# Contributor: Valery Kartel <valery.kartel@gmail.com>
-# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+# Maintainer: Horst Burkhardt <horst@adelielinux.org>
pkgname=openssh
-pkgver=7.5_p1
+pkgver=7.7_p1
_myver=${pkgver%_*}${pkgver#*_}
-pkgrel=5
+pkgrel=0
pkgdesc="Port of OpenBSD's free SSH release"
url="http://www.openssh.org/portable.html"
arch="all"
-license="as-is"
+license="BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause"
options="suid !check"
depends="openssh-client openssh-sftp-server openssh-server"
-makedepends_build="linux-pam-dev"
-makedepends_host="openssl-dev zlib-dev linux-headers linux-pam-dev"
+makedepends_build="linux-pam-dev gettext-tiny"
+makedepends_host="openssl-dev zlib-dev linux-headers linux-pam-dev
+ gettext-tiny-dev utmps-dev"
makedepends="$makedepends_build $makedepends_host"
subpackages="$pkgname-doc
$pkgname-keygen
@@ -24,16 +25,17 @@ subpackages="$pkgname-doc
"
source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz
- openssh7.4-peaktput.patch
- openssh7.4-dynwindows.patch
- fix-utmp.patch
bsd-compatible-realpath.patch
+ fix-utmpx.patch
+ openssh7.4-peaktput.patch
+ sftp-interactive.patch
+
sshd.initd
sshd.confd
- sftp-interactive.patch
- openssh-7.5p1-sandbox.patch
"
# secfixes:
+# 7.7_p1:
+# - CVE-2017-15906
# 7.4_p1:
# - CVE-2016-10009
# - CVE-2016-10010
@@ -44,18 +46,10 @@ source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar
builddir="$srcdir"/$pkgname-$_myver
-prepare() {
- cd "$builddir"
- default_prepare
- for _flavour in $_pkgsupport; do
- cp -R "$srcdir"/$pkgname-$_myver "$srcdir"/$pkgname-${_myver}-$_flavour
- done
-}
-
build() {
cd "$builddir"
export LD="$CC"
- ./configure --build=$CBUILD \
+ LIBS="-lutmps -lskarnet" ./configure --build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc/ssh \
@@ -64,9 +58,9 @@ build() {
--with-pid-dir=/run \
--with-mantype=man \
--with-ldflags="${LDFLAGS}" \
- --disable-lastlog \
+ --enable-lastlog \
--disable-strip \
- --disable-wtmp \
+ --enable-wtmp \
--with-privsep-path=/var/empty \
--with-xauth=/usr/bin/xauth \
--with-privsep-user=sshd \
@@ -89,7 +83,7 @@ package() {
}
keygen() {
- pkgdesc="ssh helper program for generating keys"
+ pkgdesc="Helper program for generating SSH keys"
depends=
install -d "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/ssh-keygen \
@@ -118,7 +112,7 @@ client() {
}
keysign() {
- pkgdesc="ssh helper program for host-based authentication"
+ pkgdesc="Helper program for SSH host-based authentication"
depends="openssh-client"
install -d "$subpkgdir"/usr/lib/ssh
mv "$pkgdir"/usr/lib/ssh/ssh-keysign \
@@ -126,7 +120,7 @@ keysign() {
}
sftp() {
- pkgdesc="ssh sftp server module"
+ pkgdesc="SFTP server module for OpenSSH"
depends=""
install -d "$subpkgdir"/usr/lib/ssh
mv "$pkgdir"/usr/lib/ssh/sftp-server \
@@ -155,27 +149,10 @@ server() {
mv "$pkgdir"/usr/sbin/sshd "$subpkgdir"/usr/sbin/
}
-_server() {
- cd "$builddir"
- install -d "$subpkgdir"/usr/sbin
- mv "$1"/sshd "$subpkgdir"/usr/sbin/
-}
-
-_pkg_flavour() {
- pkgdesc="OpenSSH server with $_flavour support"
- depends="openssh-keygen openssh-server-common"
- for _flavour in $_pkgsupport; do
- cd "${builddir}"-$_flavour
- _server "${builddir}"-$_flavour
- done
-}
-
-sha512sums="58c542e8a110fb4316a68db94abb663fa1c810becd0638d45281df8aeca62c1f705090437a80e788e6c29121769b72a505feced537d3118c933fde01b5285c81 openssh-7.5p1.tar.gz
-398096a89aa104abeff31aa043ac406a6348e0fdd4d313b7888ee0b931d38fd71fc21bceee46145e88f03bc27e00890e068442faee2d33f86cfbc04d58ffa4b6 openssh7.4-peaktput.patch
-b9d736eae9b43de91fa3eb277ba8abc6290a8436b0fb00ae3b0f1b2eabba9983e4d2a1e3c68f5514247d0a3f120037f0795fd88fbf302aabd2d1b54a325a04ee openssh7.4-dynwindows.patch
-f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 fix-utmp.patch
+sha512sums="597252cb48209a0cb98ca1928a67e8d63e4275252f25bc37269204c108f034baade6ba0634e32ae63422fddd280f73096a6b31ad2f2e7a848dde75ca30e14261 openssh-7.7p1.tar.gz
f2b8daa537ea3f32754a4485492cc6eb3f40133ed46c0a5a29a89e4bcf8583d82d891d94bf2e5eb1c916fa68ec094abf4e6cd641e9737a6c05053808012b3a73 bsd-compatible-realpath.patch
-394a420a36880bb0dd37dfd8727cea91fd9de6534050169e21212a46513ef3aaafe2752c338699b3d4ccd14871b26cf01a152df8060cd37f86ce0665fd53c63f sshd.initd
-ce0abddbd2004891f88efd8522c4b37a4989290269fab339c0fa9aacc051f7fd3b20813e192e92e0e64315750041cb74012d4321260f4865ff69d7a935b259d4 sshd.confd
+0c1e832cec420bc7b57558041d2288912a438db97050b87f6a57e94a2741a374cc5d141fe352968b0d1ba6accaff965794463fe9169d136678a8915a60d2f0b7 fix-utmpx.patch
+398096a89aa104abeff31aa043ac406a6348e0fdd4d313b7888ee0b931d38fd71fc21bceee46145e88f03bc27e00890e068442faee2d33f86cfbc04d58ffa4b6 openssh7.4-peaktput.patch
c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch
-15c5478bcae56c019a2fbd82ec04808537fd4ba1f1ba4a0a88c0343c16c698c45dbfac59eebc3fcfd3c15b302ebec43e60ffa02442a6c77673b14818ad3f7b60 openssh-7.5p1-sandbox.patch"
+394a420a36880bb0dd37dfd8727cea91fd9de6534050169e21212a46513ef3aaafe2752c338699b3d4ccd14871b26cf01a152df8060cd37f86ce0665fd53c63f sshd.initd
+ce0abddbd2004891f88efd8522c4b37a4989290269fab339c0fa9aacc051f7fd3b20813e192e92e0e64315750041cb74012d4321260f4865ff69d7a935b259d4 sshd.confd"
diff --git a/system/openssh/fix-utmp.patch b/system/openssh/fix-utmp.patch
deleted file mode 100644
index 275e80590..000000000
--- a/system/openssh/fix-utmp.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- openssh-6.8p1.orig/loginrec.c 2015-03-17 07:49:20.000000000 -0200
-+++ openssh-6.8p1/loginrec.c 2015-03-19 10:45:45.780276841 -0200
-@@ -783,7 +783,7 @@
- if (li->hostaddr.sa.sa_family == AF_INET)
- utx->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
- # endif
--# ifdef HAVE_ADDR_V6_IN_UTMP
-+# ifdef HAVE_ADDR_V6_IN_UTMPX
- /* this is just a 128-bit IPv6 address */
- if (li->hostaddr.sa.sa_family == AF_INET6) {
- sa6 = ((struct sockaddr_in6 *)&li->hostaddr.sa);
diff --git a/system/openssh/fix-utmpx.patch b/system/openssh/fix-utmpx.patch
new file mode 100644
index 000000000..7f05add35
--- /dev/null
+++ b/system/openssh/fix-utmpx.patch
@@ -0,0 +1,14 @@
+--- openssh-7.7p1/loginrec.c.old 2018-04-02 00:38:28.000000000 -0500
++++ openssh-7.7p1/loginrec.c 2018-06-15 22:09:00.091482769 -0500
+@@ -1656,7 +1656,11 @@
+ const char *ttyn)
+ {
+ int fd;
++#if defined(USE_UTMPX)
++ struct utmpx ut;
++#else
+ struct utmp ut;
++#endif
+ struct sockaddr_storage from;
+ socklen_t fromlen = sizeof(from);
+ struct sockaddr_in *a4;