Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 18 Jul 2019 17:34:22 -0400
From:      Rick Miller <vrwmiller@gmail.com>
To:        freebsd-ports <freebsd-ports@freebsd.org>
Subject:   security/openssh-portable: how to best test GSSAPI?
Message-ID:  <CAHzLAVHPNPuyjnjkVBnzWAF-tZ6FUeftteJaTuYkU2e5ptFXLA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
Hi,

security/openssh-portable was recently updated to 8.0p1 and breaks GSSAPI.
I'd like to test the Debian GSSAPI patch for 8.0p1[1] submitting the result
to the openssh-portable maintainer. Poudriere already sets the appropriate
options for KERB_GSSAPI here so the intent is to leverage Poudriere. For
example, create a new poudriere ports tree (poudriere ports -c), update
security/openssh-portable/Makefile in that ports tree (patch below),
subsequently run `make makesum` to update distinfo, then build the tree
(poudriere bulk -f).

I get to the point of running `make makesum` and distinfo is not updated
with the GSSAPI patch's patchfile's info (similar to the current distinfo)
and no error is printed. `make fetch` will retrieve openssh-portable
sources if they're not already present, but not the GSSAPI patchfile. Can
the patch be tested in place like this or am I going about this completely
wrong? Does the file need to be

--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -101,7 +101,8 @@ ETCDIR?=            ${PREFIX}/etc/ssh

 .include <bsd.port.pre.mk>

-PATCH_SITES+=
http://mirror.shatow.net/freebsd/${PORTNAME}/:DEFAULT,x509,hpn,gsskex
+PATCH_SITES+=
http://mirror.shatow.net/freebsd/${PORTNAME}/:DEFAULT,x509,hpn \
+
https://sources.debian.org/data/main/o/openssh/1:8.0p1-3/debian/patches/:gsskex

 # X509 patch includes TCP Wrapper support already
 .if ${PORT_OPTIONS:MX509}
@@ -120,7 +121,7 @@ EXTRA_PATCHES:=
${EXTRA_PATCHES:N${TCP_WRAPPERS_EXTRA_PATCHES}}
 # Needed glue for applying HPN patch without conflict
 EXTRA_PATCHES+=        ${FILESDIR}/extra-patch-hpn-gss-glue
 .  endif
-PATCHFILES+=
openssh-7.9p1-gsskex-all-20141021-debian-rh-20181020.patch.gz:-p1:gsskex
+PATCHFILES+=   gssapi.patch:-p1:gsskex
 .endif


[1]
https://sources.debian.org/data/main/o/openssh/1:8.0p1-3/debian/patches/gssapi.patch

-- 
Take care
Rick Miller

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHzLAVHPNPuyjnjkVBnzWAF-tZ6FUeftteJaTuYkU2e5ptFXLA>