diff options
Diffstat (limited to 'net-misc')
| -rw-r--r-- | net-misc/Manifest.gz | bin | 54538 -> 54552 bytes | |||
| -rw-r--r-- | net-misc/openssh/Manifest | 8 | ||||
| -rw-r--r-- | net-misc/openssh/metadata.xml | 1 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-8.9_p1-r2.ebuild | 492 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-9.0_p1-r2.ebuild | 485 | ||||
| -rw-r--r-- | net-misc/rsync/Manifest | 3 | ||||
| -rw-r--r-- | net-misc/rsync/rsync-3.2.6.ebuild | 167 | ||||
| -rw-r--r-- | net-misc/wget/Manifest | 1 | ||||
| -rw-r--r-- | net-misc/wget/wget-1.21.3.ebuild | 110 | ||||
| -rw-r--r-- | net-misc/whois/Manifest | 2 | ||||
| -rw-r--r-- | net-misc/whois/whois-5.5.13-r1.ebuild | 78 |
11 files changed, 1 insertions, 1346 deletions
diff --git a/net-misc/Manifest.gz b/net-misc/Manifest.gz Binary files differindex 2a293bf19b99..e69ec0a5e939 100644 --- a/net-misc/Manifest.gz +++ b/net-misc/Manifest.gz diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 8e0efd53051b..82fc719f3464 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -22,10 +22,6 @@ AUX sshd.pam_include.2 156 BLAKE2B 91ebefbb1264fe3fe98df0a72ac22a4cd8a787b3b391a AUX sshd.service 259 BLAKE2B e65ea7227658295584c3fdee3bf46f098c1c5a53a0b433e88ae8d43f0823fade25846a5f3abbacf939a13af8195a888d0ffb937e8da943478e76eea7c0e13c82 SHA512 9656ae4c045ba47ad28f983e50d1119d51c1d0a7471fe8e792d6f734a71c8d4d900431b591f2f40bb8af3a382e6215933ae32eff56de6da0f2f166d6fb855987 AUX sshd.socket 136 BLAKE2B 22e218c831fc384a3151ef97c391253738fa9002e20cf4628c6fe3d52d4b0ac3b957da58f816950669d0a6f8f2786251c6dfc31bbb863f837a3f52631341dc2e SHA512 4d31d373b7bdae917dc0cf05418c71d4743e98e354aefcf055f88f55c9c644a5a0e0e605dbb8372c1b98d17c0ea1c8c0fee27d38ab8dbe23c7e420a6a78c6d42 AUX sshd_at.service 177 BLAKE2B 0e78184f58cb4c68fb834953fac3ce01f9e39e9eb1a84c03f720205f5b611365c9a48fba445962c06c7e18bdb310cdb9ffe4fc49e95f69608922d224b00c890b SHA512 423120ea2e1ac0b92575ce4eb05347483f902238dc104848e74088f49483c37d30c27364e7fe8599b3e85562159c69284ecf25a4c5394b4cfa18c5c77c6beacd -DIST openssh-8.9p1+x509-13.3.1.diff.gz 1113333 BLAKE2B 01fc34ed5c5c64a97db99f8f5a98f5917519474b4c22a2372f76a9c36d5dfc4efe1d03fcc43ed3d1602177f7e674a58676b9d04444d7bb66bc1c096136fd2ed0 SHA512 4fea3cf0dd0f6e0b9e28c16fb88f2a125c3ec7f86111d33e040664ab4976e697b137ffe80d02c979e2eb55a5c004f597299cfec22e730b80279665de61cb1f13 -DIST openssh-8.9p1-sctp-1.2.patch.xz 6752 BLAKE2B 8f87a4e604ce412f45432ae29b6ccb5a10f6bd6ddc3c688b85d75c2126387dc5d4ed2b2396691db016cc0dee3e71a557611bcf34066dee075d62c9e69e887f14 SHA512 88a36e2d87bb8b6136885094729d001953e15799e06885ff1c489300458b6e412520f7a78c48dfd24df46e58f2561051212d7948f8af63082edcb85c33b4d32b -DIST openssh-8.9p1.tar.gz 1820282 BLAKE2B 02934da7f7a2954141888e63e81e38fad4fb8558ddd1032de44f69684802c62771fdd7e9e470e0715059635999c8f9d2ab95f6351217e236573ead83a867f59b SHA512 04bd38ea6fe4be31acc8c4e83de7d3dda66fb7207be2e4ba25d3b8118d13d098a283769da9e8ce1fc4fba7edf739c14efcc6c9137132919261a7f882314b0f6b -DIST openssh-8.9p1.tar.gz.asc 833 BLAKE2B fd44a5545bd0795ee335e480011dbe3c12011dc05b8722fb257bf4c7e8067ab4b515293cf73d23d57b6cf6980eb4e49251b026af9498a237365c5b0440226898 SHA512 fd0bbd285ff2f8791f5a512f087f32bce026b716d5ac213cd4ef28f08722601fb943514bee71b2ac4b9f9363e2f120ce6c60fed952d1d8e53dbcf2a6fe2e706b DIST openssh-8_5_P1-hpn-AES-CTR-15.2.diff 30096 BLAKE2B f0c020dd2403806c79d4c37a019996d275655b04997301e247f5c4dd7fad35d12b3b7c25afb1b078d915ef2a4ae02f736f0aec9ba2a8c56a405d7ca303bcadf7 SHA512 4c2dbf99a9b5953fdb955f700272bbaeaa025f108a8860d2190197962b849f8385327af82c4d6a3a130a7fba35a74a8ec9437d642867601acb29817c49632a8f DIST openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff 51428 BLAKE2B 370b88a7da7f148bf5a4d445f05cf593b486e9df53bba027e2e179726f534b68cf9d94edd6e53024e0b6ff5f20e568727bc9d26c94d0d415603602a80d3ad241 SHA512 2d8d887901164b33b2799ff3ec72e86a39ae4a1696e52bcee0872dbae7772fcc534351e6e7f87126ee71b164c74e9091350f14b782f4b242a09f09b4f50d047a DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e82d5dc5ac98365a038b2a66fe58d01eae5b20c7777258b94b5830e799d6909e75c69753cda05a910f3bdab9606fb7d5efa68e05f1 SHA512 c4a56fab55fabd1d902d45f235b603708d43f969920e45c9a57e557dccfa9cade2ec61f26d1ace938f6f73e79f17b12f119b5aea9166cbda8e3435b910500914 @@ -43,9 +39,7 @@ DIST openssh-9.1p1+x509-14.0.1.diff.gz 1236304 BLAKE2B 389e652a7cca4d7322d784e51 DIST openssh-9.1p1-sctp-1.2.patch.xz 6772 BLAKE2B 8393c1ca5f0df7e4d490cef5c38d50d45da83a9c3f650e9af15d95825f9e682a6aaf6a0e85fc1704d41d6567aec8f0b34e43b20652e0141008ccdbe91426dfac SHA512 6750394d0fb7b7f93a0e4f94204e53277cc341c5b2427130559e443557dbb95f2e85a71cfe8d40cfa17dd015b0f3880f79a1f868374e60e94e8385c9b45acec5 DIST openssh-9.1p1.tar.gz 1838747 BLAKE2B 287b6b1cc4858b27af88f4a4674670afff1fb5b99461892083393c53ef3747c5a0fcd90cba95d2c27465a919e00f7f42732c93af4f306665ba0393bbb7a534f5 SHA512 a1f02c407f6b621b1d0817d1a0c9a6839b67e416c84f3b76c63003b119035b24c19a1564b22691d1152e1d2d55f4dc7eb1af2d2318751e431a99c4efa77edc70 DIST openssh-9.1p1.tar.gz.asc 833 BLAKE2B 83efe3c705f6a02c25a9fc9bac2a4efd77470598d9e0fcb86dff2d265c58cffec1afecad3621769b2bd78ac25884f0ee20ae9b311e895db93e3bb552dffd6e74 SHA512 47dc7295f9694250bcbb86d7ca0830a47da4f3df7795bb05ebaf1590284ccce5317022c536bea1b09bd2fa4d8013295cc0de287ebe3f9dc605582077e9f11ddd -EBUILD openssh-8.9_p1-r2.ebuild 17076 BLAKE2B 6f236af760da98ff31643f2bf22560c65d7fc0b00a00502b84657739039663e230b78db2a0cc3cc02eea6fc3f030157bc22053955501ecaa055698eea5a70bca SHA512 4d2d05fc3a15318687d769c99b779bdc41998a5456650b7d174828e4d557711036d2def92f7f8465c9c4e38180e614f12462e58ca7e0653d7be7e242e4408bb5 -EBUILD openssh-9.0_p1-r2.ebuild 16929 BLAKE2B a218c0faba8bb8218841f2c621584bd7b381629a12620e27f54cb5c563fcd1d56a21b2f10be20b77c7492eb2d89be31c209fc250252be86cb88d427642123ebe SHA512 d7a865cbf8bd64fd4518966b43a4af8f3156cd125cb6b91a4d9a63ba1c02625155bd641f082056d753c5f84172c2965e3fc5e5376a6d68b72edf651c8f7b5d55 EBUILD openssh-9.0_p1-r6.ebuild 17502 BLAKE2B bfdb6f817ee3042e7a7f407b3fcef7d398f96899e1a9090e197afd625ebab39e83f4ec76fe7582fbed41cbfa2e84350f7edd648e03bc83f3c560751379d9d44e SHA512 260f6c0d2f46517debec42cec0993b4cfefb0adc480b3e0d3cdf8e80c3f5ba89da1013994c7db2c61143a43af4374536a21d1e62f8af742fd394933eead529db EBUILD openssh-9.1_p1-r1.ebuild 17832 BLAKE2B b29a9cae52c16dd29382dc57454879e26bae5f1bd18edf87541c7cee8de3fa907eb1d27770235124267c73e9adafbe85c61c16b7eb3be047e3c3ba0da2e447f1 SHA512 2aacdffce384c2c50bb946d202cb1397c36eff5dbaafe741e5f412321828a057fb876a7ded8db8d88ad99c603c35da219ff59ecd7c84b2a7f20c2216fc290658 EBUILD openssh-9.1_p1.ebuild 17810 BLAKE2B 302fca36aa0f354186744a3220f430e61c3f2ca1f3dda7de7c98f47e6a476715aee1a023451f27cfb1bb07ee50ec1bbc28a05e8f70c2937d391519b9a8423725 SHA512 871fc233d0532c5b84a171a46e3a9ccd5888833145413547e5d8c7bfc0a761280446c61440103dd132e2bd2f73cb6f35c0f90ae41a4975e3d9c2fd506ba0de29 -MISC metadata.xml 2047 BLAKE2B 87356343744e121075383ad94ba6b821d2db5c3f5af16745130078f939e53b6a83281c19b89f272d20509753bc734bfdd3aab024d72651c7d5c69df27b36841a SHA512 a5b69ff7fa94b00062e78eba36b6d321fd923d27e953fc24ae81d8e25040bebde9ccb8b1555912726eff2b39ee0256aee0da52359e326fb4b1edd394e4f1e406 +MISC metadata.xml 1957 BLAKE2B f5921abe3735fc6b8f8c6e88f3c3c11201c32ac91f7426150a51619b430f8c15c2afb0a9dcb9b3b5099fe7e5f193a05514064029392df6d0815a7fb67c2b96cf SHA512 6189845b640943147020d4a0fe04be66f58433809edded6fe98824b51c704faef9c3fc4c0d7a604391afcfcee62c0a47e25d36024b9145c4f1e332fe27db7f0a diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml index 699281fbc1f3..9f064cdd11a0 100644 --- a/net-misc/openssh/metadata.xml +++ b/net-misc/openssh/metadata.xml @@ -20,7 +20,6 @@ the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0. </longdescription> <use> - <flag name="scp">Enable scp command with known security problems. See bug 733802</flag> <flag name="hpn">Enable high performance ssh</flag> <flag name="ldns">Use LDNS for DNSSEC/SSHFP validation.</flag> <flag name="livecd">Enable root password logins for live-cd environment.</flag> diff --git a/net-misc/openssh/openssh-8.9_p1-r2.ebuild b/net-misc/openssh/openssh-8.9_p1-r2.ebuild deleted file mode 100644 index 52bb14990c58..000000000000 --- a/net-misc/openssh/openssh-8.9_p1-r2.ebuild +++ /dev/null @@ -1,492 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_} - -# PV to USE for HPN patches -#HPN_PV="${PV^^}" -HPN_PV="8.5_P1" - -HPN_VER="15.2" -HPN_PATCHES=( - ${PN}-${HPN_PV/./_}-hpn-DynWinNoneSwitch-${HPN_VER}.diff - ${PN}-${HPN_PV/./_}-hpn-AES-CTR-${HPN_VER}.diff - ${PN}-${HPN_PV/./_}-hpn-PeakTput-${HPN_VER}.diff -) - -SCTP_VER="1.2" -SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz" -X509_VER="13.3.1" -X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="https://www.openssh.com/" -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - ${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~chutzpah/dist/openssh/${SCTP_PATCH} )} - ${HPN_VER:+hpn? ( $(printf "mirror://sourceforge/project/hpnssh/Patches/HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}/%s\n" "${HPN_PATCHES[@]}") )} - ${X509_PATCH:+X509? ( https://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )} - verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) -" -VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/openssh.org.asc -S="${WORKDIR}/${PARCH}" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -# Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie +scp sctp security-key selinux +ssl static test X X509 xmss" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - hpn? ( ssl ) - ldns? ( ssl ) - pie? ( !static ) - static? ( !kerberos !pam ) - X509? ( !sctp ssl !xmss ) - xmss? ( ssl ) - test? ( ssl ) -" - -# tests currently fail with XMSS -REQUIRED_USE+="test? ( !xmss )" - -LIB_DEPEND=" - audit? ( sys-process/audit[static-libs(+)] ) - ldns? ( - net-libs/ldns[static-libs(+)] - net-libs/ldns[ecdsa(+),ssl(+)] - ) - libedit? ( dev-libs/libedit:=[static-libs(+)] ) - sctp? ( net-misc/lksctp-tools[static-libs(+)] ) - security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) - ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) - virtual/libcrypt:=[static-libs(+)] - >=sys-libs/zlib-1.2.3:=[static-libs(+)] -" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam ) - kerberos? ( virtual/krb5 ) -" -DEPEND="${RDEPEND} - virtual/os-headers - kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) - static? ( ${LIB_DEPEND} ) -" -RDEPEND="${RDEPEND} - pam? ( >=sys-auth/pambase-20081028 ) - !prefix? ( sys-apps/shadow ) - X? ( x11-apps/xauth ) -" -BDEPEND=" - virtual/pkgconfig - sys-devel/autoconf - verify-sig? ( sec-keys/openpgp-keys-openssh ) -" - -pkg_pretend() { - # this sucks, but i'd rather have people unable to `emerge -u openssh` - # than not be able to log in to their server any more - local missing=() - check_feature() { use "${1}" && [[ -z ${!2} ]] && missing+=( "${1}" ); } - check_feature hpn HPN_VER - check_feature sctp SCTP_PATCH - check_feature X509 X509_PATCH - if [[ ${#missing[@]} -ne 0 ]] ; then - eerror "Sorry, but this version does not yet support features" - eerror "that you requested: ${missing[*]}" - eerror "Please mask ${PF} for now and check back later:" - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" - die "Missing requested third party patch." - fi - - # Make sure people who are using tcp wrappers are notified of its removal. #531156 - if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then - ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like" - ewarn "you're trying to use it. Update your ${EROOT}/etc/hosts.{allow,deny} please." - fi -} - -src_unpack() { - default - - # We don't have signatures for HPN, X509, so we have to write this ourselves - use verify-sig && verify-sig_verify_detached "${DISTDIR}"/${PARCH}.tar.gz{,.asc} -} - -src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - - # don't break .ssh/authorized_keys2 for fun - sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die - - eapply "${FILESDIR}"/${PN}-7.9_p1-include-stdlib.patch - eapply "${FILESDIR}"/${PN}-8.7_p1-GSSAPI-dns.patch #165444 integrated into gsskex - eapply "${FILESDIR}"/${PN}-6.7_p1-openssl-ignore-status.patch - eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch - eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch - eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch - eapply "${FILESDIR}"/${PN}-8.9_p1-allow-ppoll_time64.patch #834019 - eapply "${FILESDIR}"/${PN}-8.9_p1-fzero-call-used-regs.patch #834037 - eapply "${FILESDIR}"/${PN}-8.9_p1-gss-use-HOST_NAME_MAX.patch #834044 - - [[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches - - local PATCHSET_VERSION_MACROS=() - - if use X509 ; then - pushd "${WORKDIR}" &>/dev/null || die - eapply "${FILESDIR}/${P}-X509-glue-"${X509_VER}".patch" - popd &>/dev/null || die - - eapply "${WORKDIR}"/${X509_PATCH%.*} - - # We need to patch package version or any X.509 sshd will reject our ssh client - # with "userauth_pubkey: could not parse key: string is too large [preauth]" - # error - einfo "Patching package version for X.509 patch set ..." - sed -i \ - -e "s/^AC_INIT(\[OpenSSH\], \[Portable\]/AC_INIT([OpenSSH], [${X509_VER}]/" \ - "${S}"/configure.ac || die "Failed to patch package version for X.509 patch" - - einfo "Patching version.h to expose X.509 patch set ..." - sed -i \ - -e "/^#define SSH_PORTABLE.*/a #define SSH_X509 \"-PKIXSSH-${X509_VER}\"" \ - "${S}"/version.h || die "Failed to sed-in X.509 patch version" - PATCHSET_VERSION_MACROS+=( 'SSH_X509' ) - fi - - if use sctp ; then - eapply "${WORKDIR}"/${SCTP_PATCH%.*} - - einfo "Patching version.h to expose SCTP patch set ..." - sed -i \ - -e "/^#define SSH_PORTABLE/a #define SSH_SCTP \"-sctp-${SCTP_VER}\"" \ - "${S}"/version.h || die "Failed to sed-in SCTP patch version" - PATCHSET_VERSION_MACROS+=( 'SSH_SCTP' ) - - einfo "Disabling known failing test (cfgparse) caused by SCTP patch ..." - sed -i \ - -e "/\t\tcfgparse \\\/d" \ - "${S}"/regress/Makefile || die "Failed to disable known failing test (cfgparse) caused by SCTP patch" - fi - - if use hpn ; then - local hpn_patchdir="${T}/${P}-hpn${HPN_VER}" - mkdir "${hpn_patchdir}" || die - cp $(printf -- "${DISTDIR}/%s\n" "${HPN_PATCHES[@]}") "${hpn_patchdir}" || die - pushd "${hpn_patchdir}" &>/dev/null || die - eapply "${FILESDIR}"/${PN}-8.9_p1-hpn-${HPN_VER}-glue.patch - use X509 && eapply "${FILESDIR}"/${PN}-8.9_p1-hpn-${HPN_VER}-X509-glue.patch - use sctp && eapply "${FILESDIR}"/${PN}-8.5_p1-hpn-${HPN_VER}-sctp-glue.patch - popd &>/dev/null || die - - eapply "${hpn_patchdir}" - - use X509 || eapply "${FILESDIR}/openssh-8.6_p1-hpn-version.patch" - - einfo "Patching Makefile.in for HPN patch set ..." - sed -i \ - -e "/^LIBS=/ s/\$/ -lpthread/" \ - "${S}"/Makefile.in || die "Failed to patch Makefile.in" - - einfo "Patching version.h to expose HPN patch set ..." - sed -i \ - -e "/^#define SSH_PORTABLE/a #define SSH_HPN \"-hpn${HPN_VER//./v}\"" \ - "${S}"/version.h || die "Failed to sed-in HPN patch version" - PATCHSET_VERSION_MACROS+=( 'SSH_HPN' ) - - if [[ -n "${HPN_DISABLE_MTAES}" ]] ; then - einfo "Disabling known non-working MT AES cipher per default ..." - - cat > "${T}"/disable_mtaes.conf <<- EOF - - # HPN's Multi-Threaded AES CTR cipher is currently known to be broken - # and therefore disabled per default. - DisableMTAES yes - EOF - sed -i \ - -e "/^#HPNDisabled.*/r ${T}/disable_mtaes.conf" \ - "${S}"/sshd_config || die "Failed to disabled MT AES ciphers in sshd_config" - - sed -i \ - -e "/AcceptEnv.*_XXX_TEST$/a \\\tDisableMTAES\t\tyes" \ - "${S}"/regress/test-exec.sh || die "Failed to disable MT AES ciphers in test config" - fi - fi - - if use X509 || use sctp || use hpn ; then - einfo "Patching sshconnect.c to use SSH_RELEASE in send_client_banner() ..." - sed -i \ - -e "s/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE/" \ - "${S}"/sshconnect.c || die "Failed to patch send_client_banner() to use SSH_RELEASE (sshconnect.c)" - - einfo "Patching sshd.c to use SSH_RELEASE in sshd_exchange_identification() ..." - sed -i \ - -e "s/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE/" \ - "${S}"/sshd.c || die "Failed to patch sshd_exchange_identification() to use SSH_RELEASE (sshd.c)" - - einfo "Patching version.h to add our patch sets to SSH_RELEASE ..." - sed -i \ - -e "s/^#define SSH_RELEASE.*/#define SSH_RELEASE SSH_VERSION SSH_PORTABLE ${PATCHSET_VERSION_MACROS[*]}/" \ - "${S}"/version.h || die "Failed to patch SSH_RELEASE (version.h)" - fi - - sed -i \ - -e "/#UseLogin no/d" \ - "${S}"/sshd_config || die "Failed to remove removed UseLogin option (sshd_config)" - - eapply_user #473004 - - # These tests are currently incompatible with PORTAGE_TMPDIR/sandbox - sed -e '/\t\tpercent \\/ d' \ - -i regress/Makefile || die - - tc-export PKG_CONFIG - local sed_args=( - -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" - # Disable PATH reset, trust what portage gives us #254615 - -e 's:^PATH=/:#PATH=/:' - # Disable fortify flags ... our gcc does this for us - -e 's:-D_FORTIFY_SOURCE=2::' - ) - - # The -ftrapv flag ICEs on hppa #505182 - use hppa && sed_args+=( - -e '/CFLAGS/s:-ftrapv:-fdisable-this-test:' - -e '/OSSH_CHECK_CFLAG_LINK.*-ftrapv/d' - ) - # _XOPEN_SOURCE causes header conflicts on Solaris - [[ ${CHOST} == *-solaris* ]] && sed_args+=( - -e 's/-D_XOPEN_SOURCE//' - ) - sed -i "${sed_args[@]}" configure{.ac,} || die - - eautoreconf -} - -src_configure() { - addwrite /dev/ptmx - - use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG - use static && append-ldflags -static - use xmss && append-cflags -DWITH_XMSS - - if [[ ${CHOST} == *-solaris* ]] ; then - # Solaris' glob.h doesn't have things like GLOB_TILDE, configure - # doesn't check for this, so force the replacement to be put in - # place - append-cppflags -DBROKEN_GLOB - fi - - # use replacement, RPF_ECHO_ON doesn't exist here - [[ ${CHOST} == *-darwin* ]] && export ac_cv_func_readpassphrase=no - - local myconf=( - --with-ldflags="${LDFLAGS}" - --disable-strip - --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run - --sysconfdir="${EPREFIX}"/etc/ssh - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc - --datadir="${EPREFIX}"/usr/share/openssh - --with-privsep-path="${EPREFIX}"/var/empty - --with-privsep-user=sshd - $(use_with audit audit linux) - $(use_with kerberos kerberos5 "${EPREFIX}"/usr) - # We apply the sctp patch conditionally, so can't pass --without-sctp - # unconditionally else we get unknown flag warnings. - $(use sctp && use_with sctp) - $(use_with ldns) - $(use_with libedit) - $(use_with pam) - $(use_with pie) - $(use_with selinux) - $(usex X509 '' "$(use_with security-key security-key-builtin)") - $(use_with ssl openssl) - $(use_with ssl ssl-engine) - $(use_with !elibc_Cygwin hardening) #659210 - ) - - if use elibc_musl; then - # musl defines bogus values for UTMP_FILE and WTMP_FILE - # https://bugs.gentoo.org/753230 - myconf+=( --disable-utmp --disable-wtmp ) - fi - - econf "${myconf[@]}" -} - -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi - - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" </dev/null -} - -# Gentoo tweaks to default config files. -tweak_ssh_configs() { - local locale_vars=( - # These are language variables that POSIX defines. - # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 - LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME - - # These are the GNU extensions. - # https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html - LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE - ) - - # First the server config. - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config - - # Allow client to pass locale environment variables. #367017 - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM. #658540 - AcceptEnv COLORTERM - EOF - - # Then the client config. - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config - - # Send locale environment variables. #367017 - SendEnv ${locale_vars[*]} - - # Send COLORTERM to match TERM. #658540 - SendEnv COLORTERM - EOF - - if use pam ; then - sed -i \ - -e "/^#UsePAM /s:.*:UsePAM yes:" \ - -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ - -e "/^#PrintMotd /s:.*:PrintMotd no:" \ - -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ - "${ED}"/etc/ssh/sshd_config || die - fi - - if use livecd ; then - sed -i \ - -e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \ - "${ED}"/etc/ssh/sshd_config || die - fi -} - -src_install() { - emake install-nokeys DESTDIR="${D}" - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd-r1.initd sshd - newconfd "${FILESDIR}"/sshd-r1.confd sshd - - if use pam; then - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd - fi - - tweak_ssh_configs - - doman contrib/ssh-copy-id.1 - dodoc CREDITS OVERVIEW README* TODO sshd_config - use hpn && dodoc HPN-README - use X509 || dodoc ChangeLog - - diropts -m 0700 - dodir /etc/skel/.ssh - - # https://bugs.gentoo.org/733802 - if ! use scp; then - rm -f "${ED}"/usr/{bin/scp,share/man/man1/scp.1} \ - || die "failed to remove scp" - fi - - rmdir "${ED}"/var/empty || die - - systemd_dounit "${FILESDIR}"/sshd.{service,socket} - systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service' -} - -pkg_preinst() { - if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]"; then - show_ssl_warning=1 - fi -} - -pkg_postinst() { - local old_ver - for old_ver in ${REPLACING_VERSIONS}; do - if ver_test "${old_ver}" -lt "5.8_p1"; then - elog "Starting with openssh-5.8p1, the server will default to a newer key" - elog "algorithm (ECDSA). You are encouraged to manually update your stored" - elog "keys list as servers update theirs. See ssh-keyscan(1) for more info." - fi - if ver_test "${old_ver}" -lt "7.0_p1"; then - elog "Starting with openssh-6.7, support for USE=tcpd has been dropped by upstream." - elog "Make sure to update any configs that you might have. Note that xinetd might" - elog "be an alternative for you as it supports USE=tcpd." - fi - if ver_test "${old_ver}" -lt "7.1_p1"; then #557388 #555518 - elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their" - elog "weak sizes. If you rely on these key types, you can re-enable the key types by" - elog "adding to your sshd_config or ~/.ssh/config files:" - elog " PubkeyAcceptedKeyTypes=+ssh-dss" - elog "You should however generate new keys using rsa or ed25519." - - elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'" - elog "to 'prohibit-password'. That means password auth for root users no longer works" - elog "out of the box. If you need this, please update your sshd_config explicitly." - fi - if ver_test "${old_ver}" -lt "7.6_p1"; then - elog "Starting with openssh-7.6p1, openssh upstream has removed ssh1 support entirely." - elog "Furthermore, rsa keys with less than 1024 bits will be refused." - fi - if ver_test "${old_ver}" -lt "7.7_p1"; then - elog "Starting with openssh-7.7p1, we no longer patch openssh to provide LDAP functionality." - elog "Install sys-auth/ssh-ldap-pubkey and use OpenSSH's \"AuthorizedKeysCommand\" option" - elog "if you need to authenticate against LDAP." - elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for more details." - fi - if ver_test "${old_ver}" -lt "8.2_p1"; then - ewarn "After upgrading to openssh-8.2p1 please restart sshd, otherwise you" - ewarn "will not be able to establish new sessions. Restarting sshd over a ssh" - ewarn "connection is generally safe." - fi - done - - if [[ -n ${show_ssl_warning} ]]; then - elog "Be aware that by disabling openssl support in openssh, the server and clients" - elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys" - elog "and update all clients/servers that utilize them." - fi - - if use hpn && [[ -n "${HPN_DISABLE_MTAES}" ]] ; then - elog "" - elog "HPN's multi-threaded AES CTR cipher is currently known to be broken" - elog "and therefore disabled at runtime per default." - elog "Make sure your sshd_config is up to date and contains" - elog "" - elog " DisableMTAES yes" - elog "" - elog "Otherwise you maybe unable to connect to this sshd using any AES CTR cipher." - elog "" - fi -} diff --git a/net-misc/openssh/openssh-9.0_p1-r2.ebuild b/net-misc/openssh/openssh-9.0_p1-r2.ebuild deleted file mode 100644 index decc6b4c0401..000000000000 --- a/net-misc/openssh/openssh-9.0_p1-r2.ebuild +++ /dev/null @@ -1,485 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_} - -# PV to USE for HPN patches -#HPN_PV="${PV^^}" -HPN_PV="8.5_P1" - -HPN_VER="15.2" -HPN_PATCHES=( - ${PN}-${HPN_PV/./_}-hpn-DynWinNoneSwitch-${HPN_VER}.diff - ${PN}-${HPN_PV/./_}-hpn-AES-CTR-${HPN_VER}.diff - ${PN}-${HPN_PV/./_}-hpn-PeakTput-${HPN_VER}.diff -) - -SCTP_VER="1.2" -SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz" -X509_VER="13.4.1" -X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="https://www.openssh.com/" -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - ${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~chutzpah/dist/openssh/${SCTP_PATCH} )} - ${HPN_VER:+hpn? ( $(printf "mirror://sourceforge/project/hpnssh/Patches/HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}/%s\n" "${HPN_PATCHES[@]}") )} - ${X509_PATCH:+X509? ( https://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )} - verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) -" -VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/openssh.org.asc -S="${WORKDIR}/${PARCH}" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -# Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug hpn kerberos ldns libedit livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - hpn? ( ssl ) - ldns? ( ssl ) - pie? ( !static ) - static? ( !kerberos !pam ) - X509? ( !sctp ssl !xmss ) - xmss? ( ssl ) - test? ( ssl ) -" - -# tests currently fail with XMSS -REQUIRED_USE+="test? ( !xmss )" - -LIB_DEPEND=" - audit? ( sys-process/audit[static-libs(+)] ) - ldns? ( - net-libs/ldns[static-libs(+)] - net-libs/ldns[ecdsa(+),ssl(+)] - ) - libedit? ( dev-libs/libedit:=[static-libs(+)] ) - sctp? ( net-misc/lksctp-tools[static-libs(+)] ) - security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) - ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) - virtual/libcrypt:=[static-libs(+)] - >=sys-libs/zlib-1.2.3:=[static-libs(+)] -" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam ) - kerberos? ( virtual/krb5 ) -" -DEPEND="${RDEPEND} - virtual/os-headers - kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) - static? ( ${LIB_DEPEND} ) -" -RDEPEND="${RDEPEND} - pam? ( >=sys-auth/pambase-20081028 ) - !prefix? ( sys-apps/shadow ) - X? ( x11-apps/xauth ) -" -BDEPEND=" - virtual/pkgconfig - sys-devel/autoconf - verify-sig? ( sec-keys/openpgp-keys-openssh ) -" - -pkg_pretend() { - # this sucks, but i'd rather have people unable to `emerge -u openssh` - # than not be able to log in to their server any more - local missing=() - check_feature() { use "${1}" && [[ -z ${!2} ]] && missing+=( "${1}" ); } - check_feature hpn HPN_VER - check_feature sctp SCTP_PATCH - check_feature X509 X509_PATCH - if [[ ${#missing[@]} -ne 0 ]] ; then - eerror "Sorry, but this version does not yet support features" - eerror "that you requested: ${missing[*]}" - eerror "Please mask ${PF} for now and check back later:" - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" - die "Missing requested third party patch." - fi - - # Make sure people who are using tcp wrappers are notified of its removal. #531156 - if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then - ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like" - ewarn "you're trying to use it. Update your ${EROOT}/etc/hosts.{allow,deny} please." - fi -} - -src_unpack() { - default - - # We don't have signatures for HPN, X509, so we have to write this ourselves - use verify-sig && verify-sig_verify_detached "${DISTDIR}"/${PARCH}.tar.gz{,.asc} -} - -src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - - # don't break .ssh/authorized_keys2 for fun - sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die - - eapply "${FILESDIR}"/${PN}-7.9_p1-include-stdlib.patch - eapply "${FILESDIR}"/${PN}-8.7_p1-GSSAPI-dns.patch #165444 integrated into gsskex - eapply "${FILESDIR}"/${PN}-6.7_p1-openssl-ignore-status.patch - eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch - eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch - eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch - eapply "${FILESDIR}"/${PN}-8.9_p1-allow-ppoll_time64.patch #834019 - eapply "${FILESDIR}"/${PN}-8.9_p1-gss-use-HOST_NAME_MAX.patch #834044 - - [[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches - - local PATCHSET_VERSION_MACROS=() - - if use X509 ; then - pushd "${WORKDIR}" &>/dev/null || die - eapply "${FILESDIR}/${P}-X509-glue-"${X509_VER}".patch" - popd &>/dev/null || die - - eapply "${WORKDIR}"/${X509_PATCH%.*} - eapply "${FILESDIR}/${PN}-9.0_p1-X509-uninitialized-delay.patch" - - # We need to patch package version or any X.509 sshd will reject our ssh client - # with "userauth_pubkey: could not parse key: string is too large [preauth]" - # error - einfo "Patching package version for X.509 patch set ..." - sed -i \ - -e "s/^AC_INIT(\[OpenSSH\], \[Portable\]/AC_INIT([OpenSSH], [${X509_VER}]/" \ - "${S}"/configure.ac || die "Failed to patch package version for X.509 patch" - - einfo "Patching version.h to expose X.509 patch set ..." - sed -i \ - -e "/^#define SSH_PORTABLE.*/a #define SSH_X509 \"-PKIXSSH-${X509_VER}\"" \ - "${S}"/version.h || die "Failed to sed-in X.509 patch version" - PATCHSET_VERSION_MACROS+=( 'SSH_X509' ) - fi - - if use sctp ; then - eapply "${WORKDIR}"/${SCTP_PATCH%.*} - - einfo "Patching version.h to expose SCTP patch set ..." - sed -i \ - -e "/^#define SSH_PORTABLE/a #define SSH_SCTP \"-sctp-${SCTP_VER}\"" \ - "${S}"/version.h || die "Failed to sed-in SCTP patch version" - PATCHSET_VERSION_MACROS+=( 'SSH_SCTP' ) - - einfo "Disabling known failing test (cfgparse) caused by SCTP patch ..." - sed -i \ - -e "/\t\tcfgparse \\\/d" \ - "${S}"/regress/Makefile || die "Failed to disable known failing test (cfgparse) caused by SCTP patch" - fi - - if use hpn ; then - local hpn_patchdir="${T}/${P}-hpn${HPN_VER}" - mkdir "${hpn_patchdir}" || die - cp $(printf -- "${DISTDIR}/%s\n" "${HPN_PATCHES[@]}") "${hpn_patchdir}" || die - pushd "${hpn_patchdir}" &>/dev/null || die - eapply "${FILESDIR}"/${PN}-8.9_p1-hpn-${HPN_VER}-glue.patch - use X509 && eapply "${FILESDIR}"/${PN}-8.9_p1-hpn-${HPN_VER}-X509-glue.patch - use sctp && eapply "${FILESDIR}"/${PN}-8.5_p1-hpn-${HPN_VER}-sctp-glue.patch - popd &>/dev/null || die - - eapply "${hpn_patchdir}" - - use X509 || eapply "${FILESDIR}/openssh-8.6_p1-hpn-version.patch" - - einfo "Patching Makefile.in for HPN patch set ..." - sed -i \ - -e "/^LIBS=/ s/\$/ -lpthread/" \ - "${S}"/Makefile.in || die "Failed to patch Makefile.in" - - einfo "Patching version.h to expose HPN patch set ..." - sed -i \ - -e "/^#define SSH_PORTABLE/a #define SSH_HPN \"-hpn${HPN_VER//./v}\"" \ - "${S}"/version.h || die "Failed to sed-in HPN patch version" - PATCHSET_VERSION_MACROS+=( 'SSH_HPN' ) - - if [[ -n "${HPN_DISABLE_MTAES}" ]] ; then - einfo "Disabling known non-working MT AES cipher per default ..." - - cat > "${T}"/disable_mtaes.conf <<- EOF - - # HPN's Multi-Threaded AES CTR cipher is currently known to be broken - # and therefore disabled per default. - DisableMTAES yes - EOF - sed -i \ - -e "/^#HPNDisabled.*/r ${T}/disable_mtaes.conf" \ - "${S}"/sshd_config || die "Failed to disabled MT AES ciphers in sshd_config" - - sed -i \ - -e "/AcceptEnv.*_XXX_TEST$/a \\\tDisableMTAES\t\tyes" \ - "${S}"/regress/test-exec.sh || die "Failed to disable MT AES ciphers in test config" - fi - fi - - if use X509 || use sctp || use hpn ; then - einfo "Patching sshconnect.c to use SSH_RELEASE in send_client_banner() ..." - sed -i \ - -e "s/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE/" \ - "${S}"/sshconnect.c || die "Failed to patch send_client_banner() to use SSH_RELEASE (sshconnect.c)" - - einfo "Patching sshd.c to use SSH_RELEASE in sshd_exchange_identification() ..." - sed -i \ - -e "s/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE/" \ - "${S}"/sshd.c || die "Failed to patch sshd_exchange_identification() to use SSH_RELEASE (sshd.c)" - - einfo "Patching version.h to add our patch sets to SSH_RELEASE ..." - sed -i \ - -e "s/^#define SSH_RELEASE.*/#define SSH_RELEASE SSH_VERSION SSH_PORTABLE ${PATCHSET_VERSION_MACROS[*]}/" \ - "${S}"/version.h || die "Failed to patch SSH_RELEASE (version.h)" - fi - - sed -i \ - -e "/#UseLogin no/d" \ - "${S}"/sshd_config || die "Failed to remove removed UseLogin option (sshd_config)" - - eapply_user #473004 - - # These tests are currently incompatible with PORTAGE_TMPDIR/sandbox - sed -e '/\t\tpercent \\/ d' \ - -i regress/Makefile || die - - tc-export PKG_CONFIG - local sed_args=( - -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" - # Disable PATH reset, trust what portage gives us #254615 - -e 's:^PATH=/:#PATH=/:' - # Disable fortify flags ... our gcc does this for us - -e 's:-D_FORTIFY_SOURCE=2::' - ) - - # The -ftrapv flag ICEs on hppa #505182 - use hppa && sed_args+=( - -e '/CFLAGS/s:-ftrapv:-fdisable-this-test:' - -e '/OSSH_CHECK_CFLAG_LINK.*-ftrapv/d' - ) - # _XOPEN_SOURCE causes header conflicts on Solaris - [[ ${CHOST} == *-solaris* ]] && sed_args+=( - -e 's/-D_XOPEN_SOURCE//' - ) - sed -i "${sed_args[@]}" configure{.ac,} || die - - eautoreconf -} - -src_configure() { - addwrite /dev/ptmx - - use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG - use static && append-ldflags -static - use xmss && append-cflags -DWITH_XMSS - - if [[ ${CHOST} == *-solaris* ]] ; then - # Solaris' glob.h doesn't have things like GLOB_TILDE, configure - # doesn't check for this, so force the replacement to be put in - # place - append-cppflags -DBROKEN_GLOB - fi - - # use replacement, RPF_ECHO_ON doesn't exist here - [[ ${CHOST} == *-darwin* ]] && export ac_cv_func_readpassphrase=no - - local myconf=( - --with-ldflags="${LDFLAGS}" - --disable-strip - --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run - --sysconfdir="${EPREFIX}"/etc/ssh - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc - --datadir="${EPREFIX}"/usr/share/openssh - --with-privsep-path="${EPREFIX}"/var/empty - --with-privsep-user=sshd - $(use_with audit audit linux) - $(use_with kerberos kerberos5 "${EPREFIX}"/usr) - # We apply the sctp patch conditionally, so can't pass --without-sctp - # unconditionally else we get unknown flag warnings. - $(use sctp && use_with sctp) - $(use_with ldns) - $(use_with libedit) - $(use_with pam) - $(use_with pie) - $(use_with selinux) - $(usex X509 '' "$(use_with security-key security-key-builtin)") - $(use_with ssl openssl) - $(use_with ssl ssl-engine) - $(use_with !elibc_Cygwin hardening) #659210 - ) - - if use elibc_musl; then - # musl defines bogus values for UTMP_FILE and WTMP_FILE - # https://bugs.gentoo.org/753230 - myconf+=( --disable-utmp --disable-wtmp ) - fi - - econf "${myconf[@]}" -} - -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi - - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" </dev/null -} - -# Gentoo tweaks to default config files. -tweak_ssh_configs() { - local locale_vars=( - # These are language variables that POSIX defines. - # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 - LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME - - # These are the GNU extensions. - # https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html - LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE - ) - - # First the server config. - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config - - # Allow client to pass locale environment variables. #367017 - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM. #658540 - AcceptEnv COLORTERM - EOF - - # Then the client config. - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config - - # Send locale environment variables. #367017 - SendEnv ${locale_vars[*]} - - # Send COLORTERM to match TERM. #658540 - SendEnv COLORTERM - EOF - - if use pam ; then - sed -i \ - -e "/^#UsePAM /s:.*:UsePAM yes:" \ - -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ - -e "/^#PrintMotd /s:.*:PrintMotd no:" \ - -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ - "${ED}"/etc/ssh/sshd_config || die - fi - - if use livecd ; then - sed -i \ - -e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \ - "${ED}"/etc/ssh/sshd_config || die - fi -} - -src_install() { - emake install-nokeys DESTDIR="${D}" - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd-r1.initd sshd - newconfd "${FILESDIR}"/sshd-r1.confd sshd - - if use pam; then - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd - fi - - tweak_ssh_configs - - doman contrib/ssh-copy-id.1 - dodoc CREDITS OVERVIEW README* TODO sshd_config - use hpn && dodoc HPN-README - use X509 || dodoc ChangeLog - - diropts -m 0700 - dodir /etc/skel/.ssh - rmdir "${ED}"/var/empty || die - - systemd_dounit "${FILESDIR}"/sshd.{service,socket} - systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service' -} - -pkg_preinst() { - if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]"; then - show_ssl_warning=1 - fi -} - -pkg_postinst() { - local old_ver - for old_ver in ${REPLACING_VERSIONS}; do - if ver_test "${old_ver}" -lt "5.8_p1"; then - elog "Starting with openssh-5.8p1, the server will default to a newer key" - elog "algorithm (ECDSA). You are encouraged to manually update your stored" - elog "keys list as servers update theirs. See ssh-keyscan(1) for more info." - fi - if ver_test "${old_ver}" -lt "7.0_p1"; then - elog "Starting with openssh-6.7, support for USE=tcpd has been dropped by upstream." - elog "Make sure to update any configs that you might have. Note that xinetd might" - elog "be an alternative for you as it supports USE=tcpd." - fi - if ver_test "${old_ver}" -lt "7.1_p1"; then #557388 #555518 - elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their" - elog "weak sizes. If you rely on these key types, you can re-enable the key types by" - elog "adding to your sshd_config or ~/.ssh/config files:" - elog " PubkeyAcceptedKeyTypes=+ssh-dss" - elog "You should however generate new keys using rsa or ed25519." - - elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'" - elog "to 'prohibit-password'. That means password auth for root users no longer works" - elog "out of the box. If you need this, please update your sshd_config explicitly." - fi - if ver_test "${old_ver}" -lt "7.6_p1"; then - elog "Starting with openssh-7.6p1, openssh upstream has removed ssh1 support entirely." - elog "Furthermore, rsa keys with less than 1024 bits will be refused." - fi - if ver_test "${old_ver}" -lt "7.7_p1"; then - elog "Starting with openssh-7.7p1, we no longer patch openssh to provide LDAP functionality." - elog "Install sys-auth/ssh-ldap-pubkey and use OpenSSH's \"AuthorizedKeysCommand\" option" - elog "if you need to authenticate against LDAP." - elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for more details." - fi - if ver_test "${old_ver}" -lt "8.2_p1"; then - ewarn "After upgrading to openssh-8.2p1 please restart sshd, otherwise you" - ewarn "will not be able to establish new sessions. Restarting sshd over a ssh" - ewarn "connection is generally safe." - fi - done - - if [[ -n ${show_ssl_warning} ]]; then - elog "Be aware that by disabling openssl support in openssh, the server and clients" - elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys" - elog "and update all clients/servers that utilize them." - fi - - if use hpn && [[ -n "${HPN_DISABLE_MTAES}" ]] ; then - elog "" - elog "HPN's multi-threaded AES CTR cipher is currently known to be broken" - elog "and therefore disabled at runtime per default." - elog "Make sure your sshd_config is up to date and contains" - elog "" - elog " DisableMTAES yes" - elog "" - elog "Otherwise you maybe unable to connect to this sshd using any AES CTR cipher." - elog "" - fi -} diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest index f142ff410d5f..848bc37ff3cf 100644 --- a/net-misc/rsync/Manifest +++ b/net-misc/rsync/Manifest @@ -8,12 +8,9 @@ AUX rsyncd.logrotate 104 BLAKE2B 8e031a851e527815d26816985b8438dd439614cf8753d51 AUX rsyncd.xinetd-3.0.9-r1 194 BLAKE2B 8e3edf4831e020451ba1886e2e8ae86e576016aabcaaf8e84c48adb15ba6a2e8d8c58098af2757011ea4f84fbfd758029d905fb8f5ed21bcc5ac34c3baae2a9c SHA512 fc053fc4748950343e866cc95284d037156a953454e4294d775f01f059e96e805582688bf1de5c965836889192ce4a663ec740e6ec2265406e509c5c6d6c3215 DIST rsync-3.2.4.tar.gz 1114853 BLAKE2B a67fcb9619874f1c5346a876138e59f4bf508a90736f830fb2b4eaf180ab11f15a0a7db9b3b28c3b990b77c2b0973d8e668bf509e4134f464159ed3172f53d80 SHA512 96318e2754fbddf84d16df671c721e577766969dfa415925c4dc1be2e4e60a51246623747a8aec0c6e9c0824e6aa7335235ccd07f3d6fd901f8cf28e2d6e91b6 DIST rsync-3.2.4.tar.gz.asc 195 BLAKE2B 9bc2fbd59e5396a91de82f27a461367ad2a129820e2d1926c3b1e26dacf93c676a7231f186c341b6dec9c764a9619b504bc9b5f95925982e78de4607eddf6c65 SHA512 7e1bbebc777d5710345fdec1efd4c2ef1079d6c0ec90272a1a4a51a59ae3cb619b9d1c0ae2f337ecdd06827bb3536b969b6f21f9108f8d21114713aa1750012b -DIST rsync-3.2.6.tar.gz 1138593 BLAKE2B fa0c4aa9cdffbc9ffd4f81e8c3cdc1fda7080f80c1923084c6d705e6872caaba31c13de4603c9462f312dbbdae76520c27d3f4f40b327f1e66c7127b1d05ea73 SHA512 d141d04732c91e055708e8d1f14b976f9483208a93076bb66dc75cbf87d54f2dcbffc11423f0c9c005d2d4e20cb9c147a7672f7a9c0b987f4e2c39b4c3645cfe -DIST rsync-3.2.6.tar.gz.asc 195 BLAKE2B 945c60ca67aa4234bc9d5b38c9228125f3040bccecf60c08892286c1b4fa32878d92bfc78ee664d4f6453ccaaf6d394dbe203f0a8be149e557fabede1c111b07 SHA512 1316b358dfa87ad7c35b2b5d11e0be111a182041150cf9c9ae30f73e0af1430a59136250dc853f784e9e80d0ee20cc46e9a34b07cc7c7a48040db168a8c8941b DIST rsync-3.2.7.tar.gz 1149787 BLAKE2B 1b910b321e8d6b49af9f26bef813509f0da12dedd6857897de136d3617c68d38368ce05de13b9b0ef35a5452dca141ebdcdfb6af8456151d0ca0ad546452b504 SHA512 c2afba11a352fd88133f9e96e19d6df80eb864450c83eced13a7faa23df947bccf2ef093f2101df6ee30abff4cbbd39ac802e9aa5f726e42c9caff274fad8377 DIST rsync-3.2.7.tar.gz.asc 195 BLAKE2B d2bca9276d9a0c96a9156a8da60e391f58eceb2e1ffaa51b7e7ffd592feaba3ce54772bd563a251e3b30efb0ad07fc96da01158a77dd77c6534eac5d80b46e53 SHA512 bad9f48e033966566c6abf8cd485d35c0d9cf130eafb0c5fff9bcb928882283bbcdd2375e7c2880cf71cf81496ba6b743b61adca3d4678421c32915a2464acc3 EBUILD rsync-3.2.4-r3.ebuild 4804 BLAKE2B 54e83b27fc60ad3103f4e6e012b1b6296fa81532a150e085b3063d590b20e15e0a8b4422a457cc0f42ddbd8f90248fc36f6e83f0ffa303f67ed696c3962f3a01 SHA512 4e88afe6749e5d0f6d74ab80d22c4572b540560d7bc37ba8942b7dd0d78ada2f985ab020422d135ae161221bcb8ab386ac75d4cd33ba0f8fbc8e44123435b854 -EBUILD rsync-3.2.6.ebuild 4515 BLAKE2B 89f5ad14e0dd506830dae96014566274a70b09b8d66215174dbe15c609075e2cdb179f83b20acde4170bd0c9b2707fa1e9b81a5bd6792d7913f60c5ece06532e SHA512 ebf536d851b3da99859f080e322147ac3438e90b06ea01148698bd22b4269ba4ccd84fc8b7217188010ab8e20ce3f92ff86a245de4aa7013ba500a93b620faf8 EBUILD rsync-3.2.7-r1.ebuild 5180 BLAKE2B 9d7fb2cfe0c2ce4bc7beca2fbed0cd5416c5bc0be66a1044b5878ca8cde0ddd18d9100dd283bc46c071a6c8d7e1fad5d0895e4f0cf4a68b52df9f76bc30aa5f0 SHA512 eb2bd26bdc0b5b61278e126db46df883c746758273825436b43d05d377bf2aa8ca9b74aac0667560c2b3843d4eef9c7b42a55c4d80062f1291834db04c190a2b EBUILD rsync-9999.ebuild 5180 BLAKE2B 9d7fb2cfe0c2ce4bc7beca2fbed0cd5416c5bc0be66a1044b5878ca8cde0ddd18d9100dd283bc46c071a6c8d7e1fad5d0895e4f0cf4a68b52df9f76bc30aa5f0 SHA512 eb2bd26bdc0b5b61278e126db46df883c746758273825436b43d05d377bf2aa8ca9b74aac0667560c2b3843d4eef9c7b42a55c4d80062f1291834db04c190a2b MISC metadata.xml 880 BLAKE2B b079b9b9cb5dcc93b50d49fa50723729b7c57c34ad0cdfd946821089a1f9788a460818cef8d6a4e9f603ad066f6b3a0c22c7becb950abc1eac8e2923adf18bac SHA512 215f0df65f53e2aca8d519c85111f87e95d592454b8a297f69058c1d87ff5650f32f3c937715c8a83dc9bef1ca1e70589cd3797ca595688806c1067462717c14 diff --git a/net-misc/rsync/rsync-3.2.6.ebuild b/net-misc/rsync/rsync-3.2.6.ebuild deleted file mode 100644 index 804909ae11e6..000000000000 --- a/net-misc/rsync/rsync-3.2.6.ebuild +++ /dev/null @@ -1,167 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Uncomment when introducing a patch which touches configure -#RSYNC_NEEDS_AUTOCONF=1 -PYTHON_COMPAT=( python3_{8..10} ) -inherit prefix python-single-r1 systemd - -DESCRIPTION="File transfer program to keep remote files into sync" -HOMEPAGE="https://rsync.samba.org/" -if [[ ${PV} == *9999 ]] ; then - EGIT_REPO_URI="https://github.com/WayneD/rsync.git" - inherit autotools git-r3 - - REQUIRED_USE="${PYTHON_REQUIRED_USE}" -else - VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/waynedavison.asc - inherit verify-sig - - if [[ -n ${RSYNC_NEEDS_AUTOCONF} ]] ; then - inherit autotools - fi - - if [[ ${PV} == *_pre* ]] ; then - SRC_DIR="src-previews" - else - SRC_DIR="src" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" - fi - - SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz - verify-sig? ( https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz.asc )" - S="${WORKDIR}"/${P/_/} -fi - -LICENSE="GPL-3" -SLOT="0" -IUSE="acl examples iconv lz4 ssl stunnel system-zlib xattr xxhash zstd" -REQUIRED_USE+=" examples? ( ${PYTHON_REQUIRED_USE} )" - -RDEPEND=" - >=dev-libs/popt-1.5 - acl? ( virtual/acl ) - examples? ( - ${PYTHON_DEPS} - dev-lang/perl - ) - lz4? ( app-arch/lz4:= ) - ssl? ( dev-libs/openssl:= ) - system-zlib? ( sys-libs/zlib ) - xattr? ( kernel_linux? ( sys-apps/attr ) ) - xxhash? ( >=dev-libs/xxhash-0.8 ) - zstd? ( >=app-arch/zstd-1.4:= ) - iconv? ( virtual/libiconv )" -DEPEND="${RDEPEND}" -BDEPEND="examples? ( ${PYTHON_DEPS} )" - -if [[ ${PV} == *9999 ]] ; then - BDEPEND+=" ${PYTHON_DEPS} - $(python_gen_cond_dep ' - dev-python/commonmark[${PYTHON_USEDEP}] - ')" -else - BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-waynedavison )" -fi - -pkg_setup() { - # - USE=examples needs Python itself at runtime, but nothing else - # - 9999 needs commonmark at build time - if [[ ${PV} == *9999 ]] || use examples ; then - python-single-r1_pkg_setup - fi -} - -src_prepare() { - default - - if [[ ${PV} == *9999 || -n ${RSYNC_NEEDS_AUTOCONF} ]] ; then - eaclocal -I m4 - eautoconf -o configure.sh - eautoheader && touch config.h.in - fi -} - -src_configure() { - local myeconfargs=( - --with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf - --without-included-popt - --enable-ipv6 - $(use_enable acl acl-support) - $(use_enable iconv) - $(use_enable lz4) - $(use_enable ssl openssl) - $(use_with !system-zlib included-zlib) - $(use_enable xattr xattr-support) - $(use_enable xxhash) - $(use_enable zstd) - ) - - econf "${myeconfargs[@]}" -} - -src_install() { - emake DESTDIR="${D}" install - - newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd - newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd - - dodoc NEWS.md README.md TODO tech_report.tex - - insinto /etc - newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf - - insinto /etc/logrotate.d - newins "${FILESDIR}"/rsyncd.logrotate rsyncd - - insinto /etc/xinetd.d - newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd - - # Install stunnel helpers - if use stunnel ; then - emake DESTDIR="${D}" install-ssl-daemon - fi - - # Install the useful contrib scripts - if use examples ; then - python_fix_shebang support/ - - exeinto /usr/share/rsync - doexe support/* - - rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c} - fi - - eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd* - - systemd_newunit packaging/systemd/rsync.service rsyncd.service -} - -pkg_postinst() { - if grep -Eqis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \ - "${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then - ewarn "You have disabled chroot support in your rsyncd.conf. This" - ewarn "is a security risk which you should fix. Please check your" - ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'." - fi - - if use stunnel ; then - einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature." - einfo - einfo "You maybe have to update the certificates configured in" - einfo "${EROOT}/etc/stunnel/rsync.conf" - fi - - if use system-zlib ; then - ewarn "Using system-zlib is incompatible with <rsync-3.1.1 when" - ewarn "using the --compress option." - ewarn - ewarn "When syncing with >=rsync-3.1.1 built with bundled zlib," - ewarn "and the --compress option, add --new-compress (-zz)." - ewarn - ewarn "For syncing the portage tree, add:" - ewarn "PORTAGE_RSYNC_EXTRA_OPTS=\"--new-compress\" to make.conf" - fi -} diff --git a/net-misc/wget/Manifest b/net-misc/wget/Manifest index 9df6a1b4a73c..0e87b4752a77 100644 --- a/net-misc/wget/Manifest +++ b/net-misc/wget/Manifest @@ -2,5 +2,4 @@ AUX wget-1.21.3-hsts-type.patch 8463 BLAKE2B ebee8872161ba4a0288ee973d1edb5d3874 DIST wget-1.21.3.tar.gz 5079864 BLAKE2B 4ff40a30cb3be82ea492d0eae324a9d43de30a0169d3b219ce25f3d667915f90c7eb1559760d1605340f112e96e028613265e0be73aaba7935c69cc06a4ae4f6 SHA512 29889ecbf590dff0f39183d9e0621741d731a554d990e5c995a4644725dca62e8e19601d40db0ef7d62ebf54e5457c7409965e4832b6e60e4ccbc9c8caa30718 DIST wget-1.21.3.tar.gz.sig 854 BLAKE2B 71f69492397ae9e36284be9acdd1c94da34a7397c14a6de1a867c0d1e807bf961f8a2e098ab5629425691ce595227fb08f046416245fda2a6025929079f2d7c2 SHA512 b9f41496e0083545bc703c97b0758500f337527647cdc422152d7855d05351e3a62685269238c78300eafdbfaed8afecaeb988901a3d8a6b002e9fb3d70efe4f EBUILD wget-1.21.3-r1.ebuild 3262 BLAKE2B 7bdad461c19cb25bba2d1cf734a4377903acc6bff433980afa5e601d43a4187eeba0c438af3f27917b784a4b307bf2ef6e3e608e7b6fdfeccdf17d18da5a12a5 SHA512 f16cdcfce70b8a0e1abd0688d7d62731bbbefc474daad1cd0699c1b90c64a294ba128bc3a3dfb200d67e689796de6b7b65966b091bebe4192316d70dffc4d64f -EBUILD wget-1.21.3.ebuild 3213 BLAKE2B 3525d9e7c155f6a60a5dfd797b34005261d814e539656d4dafa8b05d78355ffe5bd528d21c4de84d7caacdfa0b84727175a932ae2911d4bbe68f04f5ad674d24 SHA512 5eb1a02d9fcfa89a544dd7f421c5119aaec9eb6d1ad6479b30baf611d9e6c412b75eb8f6b9cbe65583ceb4d126500f787913f4a702621a586887ecbba401f00d MISC metadata.xml 803 BLAKE2B 9bdb761fa36afd7a03f4631ed314230776de4af2c3e153a3631ee8f9e801233e44abe68ba5ec874bcfaef53d2cb1100a671768169d58d6e2c96387be5210abc9 SHA512 4ddbdc883a155f4eddeb5cd6e031b4824f1f50586ceaedd1b72a8d2ce9d3dffe440a0554e4a9a07f1295f79a5958bcb533ae324919c64daf77caff577318dfc1 diff --git a/net-misc/wget/wget-1.21.3.ebuild b/net-misc/wget/wget-1.21.3.ebuild deleted file mode 100644 index 79dfd8c1ddeb..000000000000 --- a/net-misc/wget/wget-1.21.3.ebuild +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8..10} ) -VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/wget.asc -inherit flag-o-matic python-any-r1 toolchain-funcs verify-sig - -DESCRIPTION="Network utility to retrieve files from the WWW" -HOMEPAGE="https://www.gnu.org/software/wget/" -SRC_URI="mirror://gnu/wget/${P}.tar.gz" -SRC_URI+=" verify-sig? ( mirror://gnu/wget/${P}.tar.gz.sig )" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="cookie-check debug gnutls idn ipv6 metalink nls ntlm pcre +ssl static test uuid zlib" -REQUIRED_USE="ntlm? ( !gnutls ssl ) gnutls? ( ssl )" -RESTRICT="!test? ( test )" - -# * Force a newer libidn2 to avoid libunistring deps. #bug #612498 -# * Metalink can use gpgme automagically (so let's always depend on it) -# for signed metalink resources. -LIB_DEPEND=" - cookie-check? ( net-libs/libpsl ) - idn? ( >=net-dns/libidn2-0.14:=[static-libs(+)] ) - metalink? ( - app-crypt/gpgme - media-libs/libmetalink - ) - pcre? ( dev-libs/libpcre2[static-libs(+)] ) - ssl? ( - gnutls? ( net-libs/gnutls:=[static-libs(+)] ) - !gnutls? ( dev-libs/openssl:=[static-libs(+)] ) - ) - uuid? ( sys-apps/util-linux[static-libs(+)] ) - zlib? ( sys-libs/zlib[static-libs(+)] ) -" -RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )" -DEPEND=" - ${RDEPEND} - static? ( ${LIB_DEPEND} ) -" -BDEPEND=" - app-arch/xz-utils - dev-lang/perl - sys-apps/texinfo - virtual/pkgconfig - nls? ( sys-devel/gettext ) - test? ( - ${PYTHON_DEPS} - >=dev-perl/HTTP-Daemon-6.60.0 - dev-perl/HTTP-Message - dev-perl/IO-Socket-SSL - ) - verify-sig? ( sec-keys/openpgp-keys-wget ) -" - -DOCS=( AUTHORS MAILING-LIST NEWS README ) - -pkg_setup() { - use test && python-any-r1_pkg_setup -} - -src_prepare() { - default - sed -i -e "s:/usr/local/etc:${EPREFIX}/etc:g" doc/{sample.wgetrc,wget.texi} || die -} - -src_configure() { - # fix compilation on Solaris, we need filio.h for FIONBIO as used in - # the included gnutls -- force ioctl.h to include this header - [[ ${CHOST} == *-solaris* ]] && append-cppflags -DBSD_COMP=1 - - if use static ; then - append-ldflags -static - tc-export PKG_CONFIG - PKG_CONFIG+=" --static" - fi - - # There is no flag that controls this. libunistring-prefix only - # controls the search path (which is why we turn it off below). - # Further, libunistring is only needed w/older libidn2 installs, - # and since we force the latest, we can force off libunistring. # bug #612498 - local myeconfargs=( - ac_cv_libunistring=no - --disable-assert - --disable-pcre - --disable-rpath - --without-included-libunistring - --without-libunistring-prefix - $(use_enable debug) - $(use_enable idn iri) - $(use_enable ipv6) - $(use_enable nls) - $(use_enable ntlm) - $(use_enable pcre pcre2) - $(use_enable ssl digest) - $(use_enable ssl opie) - $(use_with cookie-check libpsl) - $(use_enable idn iri) - $(use_with metalink) - $(use_with ssl ssl $(usex gnutls gnutls openssl)) - $(use_with uuid libuuid) - $(use_with zlib) - ) - - econf "${myeconfargs[@]}" -} diff --git a/net-misc/whois/Manifest b/net-misc/whois/Manifest index a74296c0f6ef..48468c3a10b1 100644 --- a/net-misc/whois/Manifest +++ b/net-misc/whois/Manifest @@ -1,9 +1,7 @@ AUX whois-4.7.2-config-file.patch 202 BLAKE2B b5c421655f40c22fcb9c9ac3194821e6e4100657bd11013ed220cea3c81c77e3c7e50432361c8e08274b59d96ff04ca22d8f500436fbefef981d587e26ef75a7 SHA512 932ce9dd51b29750a88da3082bdb1f3fd994e1d859fbdef45fadd3c833ee24d12acb6530989db60f4df3df9481d34cc5cabbdad4bf5150389a06ef7c832daf65 AUX whois-5.3.0-libidn_automagic.patch 778 BLAKE2B b9214f6f0c081abf6141057ee9f82db30dad7306fe611b1cb70d256b235d0ba544887f8b084d7b71a21486ad68d312ad98075aed51765f59ecbf7ced45684772 SHA512 8df8c99320ee4a4327f35a62dbaca0b071a3472d398604304d772f2424d607d109d87056b1a138b041c4c391409828cc7397dc62ed973dee500b2eb9f1735676 AUX whois-5.5.6-libxcrypt_automagic.patch 677 BLAKE2B e832e829f97c9b23ca4d62e037f74fdf87225390a399fa240f0789123144f07f3e2d66ec009662c9936d1a0f112998532350a2144d95dc96cac7b22250090fac SHA512 14b2787fc7933eaf21584dc93b84a605a3f593b77767f2b622b906f03c75edd3faee3d39281dc4332bb5b64b24bee07c7ccd1115f2e80ae394637bf093f70305 -DIST whois_5.5.13.tar.xz 87384 BLAKE2B 6ce90ad907c4ea79301adbcda5a402344df9f283ac258a3186f5c405e0abfb97f603f3f163652f1cf03a1fc60290b8f9f54b509bf7d9fd3cec12189eeeaaffe5 SHA512 b4a70cc6d58133287d70775ecd8173c255f800362639a3e2dea0d3d56c35405b7fc93c4c220cc50cbd15ae5ae402a59bd15f99e98a7cccb314f82a205aa7ee61 DIST whois_5.5.14.tar.xz 87480 BLAKE2B 868c9dc968581535ee2b56a6293f634e2c8dc6c00703a45d4ca4f0ce6769786ee4921bd66f3a470b2a7f31808db2971b284c23b76b608bff1edbb7bbe37f892a SHA512 f190d488d7bd68717c0a83ca85709fad09c33b619c46d7e0dd12e79621fdba56b9d43480c25ef3c9df2f6ade0ee72d692bfc5d0bd96839ef92194004313d1cc6 -EBUILD whois-5.5.13-r1.ebuild 1803 BLAKE2B 34e8b346355983a98f296cae86cfa97640bf013f9782b175a5b4600debc18013f6b1fd0c87344549e00ba5d23b353674164b9689146819bafa6b31a0ed01acbf SHA512 18a4d7d29ac3bc975e14fb3fc29ca82173aa1bd095994fb8032be234f37b2c2f4f4de27f67e997e3874381f694e3a6b5be68fe2c965d410af7065920be43b504 EBUILD whois-5.5.14.ebuild 1808 BLAKE2B 515bdfc63e20ec89b88a133e14ca14d41a523738999c376db7f4f23ef65b0620e5ab57ee029afc3945c63cdd26757a574fd686cf3bf2d0a3d9917cf13fb089e0 SHA512 505ea2158d675fdaba18bffebb1e4011a21ac6b8286ab29325085a615be9143277d18ce022c27c9ede8b45d092976a7b008e5767f36a3d04ce86e7fc45515abc EBUILD whois-9999.ebuild 1815 BLAKE2B 7aad1ac7a3eafa9dd02db50a74ba8b8ec0d274aace166656d860147170c709efbabf6cd8dde78d90b6805322501c9366d0fa90364ee16a9cf8e1be6dfdc6df33 SHA512 e7fa376bcab2a5f009b1134952a3848d922c6704af16479da171ae92c7ea6a608b84db22795ebfd60d7a24379dd8c83aa71f7b53380bddaf8b16b0d5046f37c5 MISC metadata.xml 439 BLAKE2B 609f61e31ef22ab28f06d9f0b6542a0efbcb8a006b05f14ff6339a332bb3f04996d13c9a62b55765ce4611df0e9efe021b6f5b5060b13d00d72eae71eb9f9e3e SHA512 05bf067e25586b2032b137dae008a4c59aed9e633f37b545d6ccdca6dc3d69d8614d8ad26c34e87d956b93d24b7962c3fe908070dcfd6826c8fe916b51f29d2f diff --git a/net-misc/whois/whois-5.5.13-r1.ebuild b/net-misc/whois/whois-5.5.13-r1.ebuild deleted file mode 100644 index 1c3e8e21b391..000000000000 --- a/net-misc/whois/whois-5.5.13-r1.ebuild +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit toolchain-funcs - -MY_P=${P/-/_} -DESCRIPTION="Improved Whois Client" -HOMEPAGE="https://github.com/rfc1036/whois" - -if [[ ${PV} == *9999 ]] ; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/rfc1036/whois.git" -else - SRC_URI="mirror://debian/pool/main/w/whois/${MY_P}.tar.xz" - #SRC_URI="https://github.com/rfc1036/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - S="${WORKDIR}"/${PN} - - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="iconv idn nls xcrypt" - -RDEPEND="iconv? ( virtual/libiconv ) - idn? ( net-dns/libidn2:= ) - nls? ( virtual/libintl ) - xcrypt? ( >=sys-libs/libxcrypt-4.1:= ) - !xcrypt? ( virtual/libcrypt:= )" -DEPEND="${RDEPEND}" -BDEPEND="app-arch/xz-utils - >=dev-lang/perl-5 - virtual/pkgconfig - nls? ( sys-devel/gettext )" - -PATCHES=( - "${FILESDIR}"/${PN}-4.7.2-config-file.patch - "${FILESDIR}"/${PN}-5.3.0-libidn_automagic.patch - "${FILESDIR}"/${PN}-5.5.6-libxcrypt_automagic.patch -) - -src_prepare() { - default - - if use nls ; then - sed -i -e 's:#\(.*pos\):\1:' Makefile || die - else - sed -i -e '/ENABLE_NLS/s:define:undef:' config.h || die - - # don't generate po files when nls is disabled (bug #419889) - sed -i -e '/^all:/s/ pos//' \ - -e '/^install:/s/ install-pos//' Makefile || die - fi -} - -src_configure() { :; } # expected no-op - -src_compile() { - unset HAVE_ICONV HAVE_LIBIDN - - use iconv && export HAVE_ICONV=1 - use idn && export HAVE_LIBIDN=1 - use xcrypt && export HAVE_XCRYPT=1 - - tc-export CC - - emake CFLAGS="${CFLAGS} ${CPPFLAGS}" -} - -src_install() { - emake BASEDIR="${ED}" prefix=/usr install - - insinto /etc - doins whois.conf - dodoc README debian/changelog -} |