main/openssh: upgrade to 6.0p1

* also add support for hmac oneshot mode (requires patched openssl; we have these patches in Alpine) * rebase hpn patches * remove obsolete patch (upstreamed)
author: Timo Teräs <timo.teras@iki.fi> 2012-08-02 17:38:04 +0300
committer: Timo Teräs <timo.teras@iki.fi> 2012-08-02 17:40:14 +0300
commit: 2c2467e1eb63bbdf7b332d27bdadd2f2e7a61077 (patch)
tree: 8ba421c5c55d2ef840679c6ade16fb45698201a2
parent: ce9d2dea5b5d0da317b8417f8d916b269fd8696f (diff)
download: aports-2c2467e1eb63bbdf7b332d27bdadd2f2e7a61077.tar.bz2
aports-2c2467e1eb63bbdf7b332d27bdadd2f2e7a61077.tar.xz
5 files changed, 21 insertions, 34 deletions
diff --git a/main/openssh/APKBUILD b/main/openssh/APKBUILD
index 4f5d86005d..7ba855f1d7 100644
--- a/main/openssh/APKBUILD
+++ b/main/openssh/APKBUILD
@@ -1,19 +1,19 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=openssh
-pkgver=5.9_p1
+pkgver=6.0_p1
 _myver=${pkgver%_*}${pkgver#*_}
-pkgrel=2
+pkgrel=0
 pkgdesc="Port of OpenBSD's free SSH release"
 url="http://www.openssh.org/portable.html"
 arch="all"
 license="as-is"
-depends="openssh-client"
+depends="openssh-client libcrypto1.0>=1.0.1c-r2"
 makedepends="openssl-dev zlib-dev"
 subpackages="$pkgname-doc $pkgname-client"
 source="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz
 	openssh${pkgver%_*}-dynwindow_noneswitch.diff
 	openssh${pkgver%_*}-peaktput.diff
-	openssh-fix-openssl-abi.diff
+	openssh-hmac-accel.diff
 	sshd.initd
 	sshd.confd
 	"
@@ -29,10 +29,7 @@ prepare() {
 			;;
 		*.diff)
 			msg "Applying $i"
-			patch -p1 -N -i "$srcdir"/${i##*/}
-			if [ $? -gt 1 ]; then
-				return 1
-			fi
+			patch -p1 -N -i "$srcdir"/${i##*/} || return 1
 			;;
 		esac
 	done
@@ -87,9 +84,9 @@ client() {
 		"$subpkgdir"/etc/ssh/
 }
 
-md5sums="afe17eee7e98d3b8550cc349834a85d0  openssh-5.9p1.tar.gz
-f3db05e57e7af4cb2b55b85117652ed3  openssh5.9-dynwindow_noneswitch.diff
-949ff348573438163240c60d6c3618eb  openssh5.9-peaktput.diff
-c6f0728f19a80f680b0ee3922f3084cf  openssh-fix-openssl-abi.diff
+md5sums="3c9347aa67862881c5da3f3b1c08da7b  openssh-6.0p1.tar.gz
+77dfe8b990a369c02a581801aa40d487  openssh6.0-dynwindow_noneswitch.diff
+949ff348573438163240c60d6c3618eb  openssh6.0-peaktput.diff
+c65d454dc5b149647273485fc184636d  openssh-hmac-accel.diff
 cb0dd08c413fad346f0c594107b4a2e0  sshd.initd
 b35e9f3829f4cfca07168fcba98749c7  sshd.confd"
diff --git a/main/openssh/openssh-fix-openssl-abi.diff b/main/openssh/openssh-fix-openssl-abi.diff
deleted file mode 100644
index 2b4a4cc931..0000000000
--- a/main/openssh/openssh-fix-openssl-abi.diff
+++ /dev/null
@@ -1,20 +0,0 @@
---- openssh-5.9p1/entropy.c.orig
-+++ openssh-5.9p1/entropy.c
-@@ -206,6 +206,7 @@
- void
- seed_rng(void)
- {
-+	u_long mask;
- #ifndef OPENSSL_PRNG_ONLY
- 	unsigned char buf[RANDOM_SEED_SIZE];
- #endif
-@@ -213,7 +214,8 @@
- 	 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
- 	 * We match major, minor, fix and status (not patch)
- 	 */
--	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L)
-+	mask = (OPENSSL_VERSION_NUMBER >= 0x10000000) ? 0xffff0L : 0xff0L;
-+	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~mask)
- 		fatal("OpenSSL version mismatch. Built against %lx, you "
- 		    "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
- 
diff --git a/main/openssh/openssh-hmac-accel.diff b/main/openssh/openssh-hmac-accel.diff
new file mode 100644
index 0000000000..91140263cb
--- /dev/null
+++ b/main/openssh/openssh-hmac-accel.diff
@@ -0,0 +1,10 @@
+--- a/mac.c
++++ b/mac.c
+@@ -142,6 +142,7 @@
+ 		/* reset HMAC context */
+ 		HMAC_Init(&mac->evp_ctx, NULL, 0, NULL);
+ 		HMAC_Update(&mac->evp_ctx, b, sizeof(b));
++		HMAC_CTX_set_flags(&mac->evp_ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ 		HMAC_Update(&mac->evp_ctx, data, datalen);
+ 		HMAC_Final(&mac->evp_ctx, m, NULL);
+ 		break;
diff --git a/main/openssh/openssh5.9-dynwindow_noneswitch.diff b/main/openssh/openssh6.0-dynwindow_noneswitch.diff
index d08e0df071..04158ab011 100644
--- a/main/openssh/openssh5.9-dynwindow_noneswitch.diff
+++ b/main/openssh/openssh6.0-dynwindow_noneswitch.diff
@@ -573,10 +573,10 @@ index 16cf282..6feaa6b 100644
 --- a/compat.h
 +++ b/compat.h
 @@ -58,6 +58,7 @@
- #define SSH_OLD_FORWARD_ADDR	0x01000000
  #define SSH_BUG_RFWD_ADDR	0x02000000
  #define SSH_NEW_OPENSSH		0x04000000
-+#define SSH_BUG_LARGEWINDOW     0x08000000
+ #define SSH_BUG_DYNAMIC_RPORT	0x08000000
++#define SSH_BUG_LARGEWINDOW     0x10000000
  
  void     enable_compat13(void);
  void     enable_compat20(void);
diff --git a/main/openssh/openssh5.9-peaktput.diff b/main/openssh/openssh6.0-peaktput.diff
index b376433d8a..b376433d8a 100644
--- a/main/openssh/openssh5.9-peaktput.diff
+++ b/main/openssh/openssh6.0-peaktput.diff
author	Timo Teräs <timo.teras@iki.fi>	2012-08-02 17:38:04 +0300
committer	Timo Teräs <timo.teras@iki.fi>	2012-08-02 17:40:14 +0300
commit	2c2467e1eb63bbdf7b332d27bdadd2f2e7a61077 (patch)
tree	8ba421c5c55d2ef840679c6ade16fb45698201a2
parent	ce9d2dea5b5d0da317b8417f8d916b269fd8696f (diff)
download	aports-2c2467e1eb63bbdf7b332d27bdadd2f2e7a61077.tar.bz2 aports-2c2467e1eb63bbdf7b332d27bdadd2f2e7a61077.tar.xz