Date: Thu, 9 Apr 2015 20:57:24 +0000 (UTC) From: Bryan Drewery <bdrewery@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r383678 - in head/security/openssh-portable: . files Message-ID: <201504092057.t39KvOaI024898@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bdrewery Date: Thu Apr 9 20:57:23 2015 New Revision: 383678 URL: https://svnweb.freebsd.org/changeset/ports/383678 Log: Cleanup some unneeded patches. 1. There's no need to patch the xauth(1) location as the OpenSSH build already does so based on the --with-xauth path provided. It also updates manpages. 2. Don't modify manpage for shosts location as it was wrong. The proper LOCALBASE path is now used due to OpenSSH's build already handling it properly. 3. Remove confusing UsePrivilegeSeparation change in sshd_config. The default upstream is to have it disabled by default. The sshd_config line is in upstream to enable it by default in new installations. We always enable it though. So remove the sshd_config change which makes it look like we don't use it; it was not a needed difference with upstream. From discussion with: TJ <tj@mrsk.me> Modified: head/security/openssh-portable/Makefile head/security/openssh-portable/files/patch-sshd_config head/security/openssh-portable/files/patch-sshd_config.5 Modified: head/security/openssh-portable/Makefile ============================================================================== --- head/security/openssh-portable/Makefile Thu Apr 9 20:34:09 2015 (r383677) +++ head/security/openssh-portable/Makefile Thu Apr 9 20:57:23 2015 (r383678) @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 6.8p1 -PORTREVISION= 3 +PORTREVISION= 4 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= ${MASTER_SITE_OPENBSD} @@ -187,6 +187,8 @@ CONFIGURE_ARGS+= --sysconfdir=${ETCDIR} CONFIGURE_ARGS+= --with-libs='${CONFIGURE_LIBS}' .endif +CONFIGURE_ARGS+= --with-xauth=${LOCALBASE}/bin/xauth + RC_SCRIPT_NAME= openssh VERSION_ADDENDUM_DEFAULT?= ${OPSYS}-${PKGNAME} @@ -195,9 +197,6 @@ post-patch: @${REINPLACE_CMD} \ -e 's|install: \(.*\) host-key check-config|install: \1|g' \ ${WRKSRC}/Makefile.in - @${REINPLACE_CMD} -e 's|/usr/X11R6|${LOCALBASE}|' \ - ${WRKSRC}/pathnames.h ${WRKSRC}/sshd_config.5 \ - ${WRKSRC}/ssh_config.5 @${REINPLACE_CMD} -e 's|%%PREFIX%%|${LOCALBASE}|' \ -e 's|%%RC_SCRIPT_NAME%%|${RC_SCRIPT_NAME}|' ${WRKSRC}/sshd.8 @${REINPLACE_CMD} \ Modified: head/security/openssh-portable/files/patch-sshd_config ============================================================================== --- head/security/openssh-portable/files/patch-sshd_config Thu Apr 9 20:34:09 2015 (r383677) +++ head/security/openssh-portable/files/patch-sshd_config Thu Apr 9 20:57:23 2015 (r383678) @@ -68,12 +68,3 @@ #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes -@@ -107,7 +109,7 @@ - #PrintLastLog yes - #TCPKeepAlive yes - #UseLogin no --UsePrivilegeSeparation sandbox # Default for new installations. -+#UsePrivilegeSeparation sandbox - #PermitUserEnvironment no - #Compression delayed - #ClientAliveInterval 0 Modified: head/security/openssh-portable/files/patch-sshd_config.5 ============================================================================== --- head/security/openssh-portable/files/patch-sshd_config.5 Thu Apr 9 20:34:09 2015 (r383677) +++ head/security/openssh-portable/files/patch-sshd_config.5 Thu Apr 9 20:57:23 2015 (r383678) @@ -11,15 +11,6 @@ The default is .Dq yes . .It Cm ChrootDirectory -@@ -615,7 +617,7 @@ or - .Pp - .Pa /etc/hosts.equiv - and --.Pa /etc/shosts.equiv -+.Pa /etc/ssh/shosts.equiv - are still used. - The default is - .Dq yes . @@ -977,7 +979,22 @@ are refused if the number of unauthentic .It Cm PasswordAuthentication Specifies whether password authentication is allowed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504092057.t39KvOaI024898>