Anyone still using this? Or should I update the port then remove it?
On Wed, Nov 24, 2021 at 02:25:24PM +0100, Theo Buehler wrote:
> For the upcoming libcrypto bump, software based on older OpenSSH
> versions will need updating since it will need to make use of the
> OpenSSL 1.1 API.
>
> As far as I can see, this is the latest version of the ssh-ldap-helper
> as shipped on Rocky Linux. Redhat have deprecated this and recommend
> using SSSD: https://bugzilla.redhat.com/show_bug.cgi?id=1871025
>
> I don't use LDAP, so I have no easy way of testing this. It builds
> and packages fine, the modifications of the port are relatively
> straightforward.
>
> Tests and oks welcome.
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/ssh-ldap-helper/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- Makefile 10 Jan 2021 22:34:50 -0000 1.7
+++ Makefile 24 Nov 2021 13:11:01 -0000
@@ -2,36 +2,39 @@
COMMENT = fetch ssh AuthorizedKeys from LDAP
-DISTNAME = openssh-5.3p1-81
-PKGNAME = ssh-ldap-helper-5.3
-REVISION = 0
+V = 8.0p1
+DISTNAME = openssh-${V}-10
+PKGNAME = ssh-ldap-helper-8.0
CATEGORIES = security net
-EXTRACT_SUFX= .el6.src.rpm
+EXTRACT_SUFX= .el8.src.rpm
# BSD
PERMIT_PACKAGE= Yes
-WANTLIB += c crypto lber-2.4 ldap-2.4 util z
+WANTLIB += c crypto lber ldap util z
-MASTER_SITES = http://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/
+MASTER_SITES = https://dl.rockylinux.org/pub/rocky/8/BaseOS/source/tree/Packages/o/
-PATCH_LIST = ${WRKDIR}/openssh-5.3p1-ldap.patch patch-*
+LDAP_PATCH = ${WRKDIR}/openssh-6.7p1-ldap.patch
+
+PATCH_LIST = ${LDAP_PATCH} patch-*
PATCH_STRIP = -p1
-WRKDIST = ${WRKDIR}/openssh-5.3p1
+WRKDIST = ${WRKDIR}/openssh-${V}
CONFIGURE_STYLE = autoconf
-AUTOCONF_VERSION = 2.62
+AUTOCONF_VERSION = 2.69
CONFIGURE_ARGS = --with-ldap=${LOCALBASE} \
--without-pam
NO_TEST = Yes
ALL_TARGET = ssh-ldap-helper
-BUILD_DEPENDS= archivers/bzip2
LIB_DEPENDS = databases/openldap
post-extract:
- cd ${WRKDIR} && ${TAR} xjf openssh-5.3p1-noacss.tar.bz2
+ # Fix a 64-bit time_t issue in the LDAP_PATCH
+ sed -i 's/timeout to %l/&l/' ${LDAP_PATCH}
+ cd ${WRKDIR} && ${TAR} xzf openssh-${V}.tar.gz
# The LDAP_SET_REBIND_PROC_ARGS macro is set to literal
# "$ac_cv_ldap_set_rebind_proc" instead of "3" because of the improper
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/ssh-ldap-helper/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo 14 Nov 2012 18:42:50 -0000 1.1.1.1
+++ distinfo 24 Nov 2021 12:24:57 -0000
@@ -1,2 +1,2 @@
-SHA256 (openssh-5.3p1-81.el6.src.rpm) = 9QWDzq8p08r8TG9SrcQ/t1wKqdgcenMKYy3xI4wn2Is=
-SIZE (openssh-5.3p1-81.el6.src.rpm) = 1317731
+SHA256 (openssh-8.0p1-10.el8.src.rpm) = yT3B6BwP1vrXWNm2WRjwbT6KNG9hWHlGYzgkqjRuiYw=
+SIZE (openssh-8.0p1-10.el8.src.rpm) = 2998520
Index: patches/patch-Makefile_in
===================================================================
RCS file: patches/patch-Makefile_in
diff -N patches/patch-Makefile_in
--- patches/patch-Makefile_in 14 Nov 2012 18:42:50 -0000 1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,12 +0,0 @@
-$OpenBSD: patch-Makefile_in,v 1.1.1.1 2012/11/14 18:42:50 landry Exp $
---- Makefile.in.orig Sun Nov 11 22:35:51 2012
-+++ Makefile.in Sun Nov 11 22:35:58 2012
-@@ -163,7 +163,7 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysca
- $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
-
- ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
-- $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck -lldap -llber $(LIBS)
-+ $(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lldap -llber $(LIBS)
-
- sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
- $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
Index: patches/patch-log_h
===================================================================
RCS file: /cvs/ports/security/ssh-ldap-helper/patches/patch-log_h,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 patch-log_h
--- patches/patch-log_h 14 Nov 2012 18:42:50 -0000 1.1.1.1
+++ patches/patch-log_h 24 Nov 2021 13:04:26 -0000
@@ -1,12 +1,15 @@
$OpenBSD: patch-log_h,v 1.1.1.1 2012/11/14 18:42:50 landry Exp $
---- log.h.orig Sun Nov 11 22:35:23 2012
-+++ log.h Sun Nov 11 22:35:33 2012
-@@ -14,7 +14,7 @@
-
+
+Index: log.h
+--- log.h.orig
++++ log.h
+@@ -15,6 +15,9 @@
#ifndef SSH_LOG_H
#define SSH_LOG_H
--
+
+#include <stdarg.h>
++#include <stdio.h>
++
/* Supported syslog facilities and levels. */
typedef enum {
SYSLOG_FACILITY_DAEMON,
No comments:
Post a Comment