Merge pull request #153475 from wahjava/update-openssh-hpn
openssh_hpn: 8.4p1 -> 8.8p1
This commit is contained in:
commit
38bb3aeed9
2 changed files with 17 additions and 14 deletions
|
@ -4,6 +4,7 @@
|
|||
, src
|
||||
, extraPatches ? []
|
||||
, extraNativeBuildInputs ? []
|
||||
, extraConfigureFlags ? []
|
||||
, extraMeta ? {}
|
||||
}:
|
||||
|
||||
|
@ -94,7 +95,8 @@ stdenv.mkDerivation rec {
|
|||
++ optional withFIDO "--with-security-key-builtin=yes"
|
||||
++ optional withKerberos (assert libkrb5 != null; "--with-kerberos5=${libkrb5}")
|
||||
++ optional stdenv.isDarwin "--disable-libutil"
|
||||
++ optional (!linkOpenssl) "--without-openssl";
|
||||
++ optional (!linkOpenssl) "--without-openssl"
|
||||
++ extraConfigureFlags;
|
||||
|
||||
buildFlags = [ "SSH_KEYSIGN=ssh-keysign" ];
|
||||
|
||||
|
|
|
@ -19,29 +19,30 @@ in
|
|||
|
||||
openssh_hpn = common rec {
|
||||
pname = "openssh-with-hpn";
|
||||
version = "8.4p1";
|
||||
version = "8.8p1";
|
||||
extraDesc = " with high performance networking patches";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rapier1";
|
||||
repo = "openssh-portable";
|
||||
rev = "hpn-KitchenSink-${builtins.replaceStrings [ "." "p" ] [ "_" "_P" ] version}";
|
||||
hash = "sha256-SYQPDGxZR41m4g603RaZaOYm4vCr9uZnFnZoKhruueY=";
|
||||
src = fetchurl {
|
||||
url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
|
||||
sha256 = "1s8z6f7mi1pwsl79cqai8cr350m5lf2ifcxff57wx6mvm478k425";
|
||||
};
|
||||
|
||||
extraPatches = [
|
||||
./ssh-keysign-8.4.patch
|
||||
./ssh-keysign-8.5.patch
|
||||
|
||||
# See https://github.com/openssh/openssh-portable/pull/206
|
||||
./ssh-copy-id-fix-eof.patch
|
||||
# HPN Patch from FreeBSD ports
|
||||
(fetchpatch {
|
||||
name = "ssh-hpn.patch";
|
||||
url = "https://raw.githubusercontent.com/freebsd/freebsd-ports/a981593e/security/openssh-portable/files/extra-patch-hpn";
|
||||
stripLen = 1;
|
||||
sha256 = "sha256-+JvpPxktZAjhxLLK1lF4ijG9VlSWkqbRwotaLe6en64=";
|
||||
})
|
||||
];
|
||||
|
||||
extraNativeBuildInputs = [ autoreconfHook ];
|
||||
|
||||
extraMeta.knownVulnerabilities = [
|
||||
"CVE-2021-28041"
|
||||
"CVE-2021-41617"
|
||||
];
|
||||
extraConfigureFlags = [ "--with-hpn" ];
|
||||
extraMeta.maintainers = with lib.maintainers; [ abbe ];
|
||||
};
|
||||
|
||||
openssh_gssapi = common rec {
|
||||
|
|
Loading…
Reference in a new issue