Date: Mon, 6 Mar 2006 03:37:16 +0200 From: "Ion-Mihai "IOnut" Tetcu" <itetcu@people.tecnik93.com> To: "FreeBSD gnats submit" <FreeBSD-gnats-submit@FreeBSD.org> Subject: ports/94118: [PATCH] security/hpn-ssh: UNBREAK Message-ID: <1141609036.12791@it.buh.tecnik93.com> Resent-Message-ID: <200603060140.k261e1HY050214@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 94118
>Category: ports
>Synopsis: [PATCH] security/hpn-ssh: UNBREAK
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Mar 06 01:40:00 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Ion-Mihai "IOnut" Tetcu
>Release: FreeBSD 6.1-PRERELEASE i386
>Organization:
Tecnik'93
>Environment:
System: FreeBSD 6.1-PRERELEASE #0: Fri Feb 24 07:01:54 EET 2006
root@it.buh.tecnik93.com:/usr/obj/usr/src/sys/IT6_B_P
>Description:
>From http://www.psc.edu/networking/projects/hpn-ssh/#patches :
HPN-11
This is the recommened patch set for most users. This provides the best balance between security and performance. Due to changes in the command line switches in VERSION 4.3 the tcp recieve buffer switch has been changed. It is now -R in scp and -r when used with ssh. Additionally, the size is now in KILOBYTES and *not* bytes. Seems to make a bit more sense that way.
itetcu@it> /tmp/CVS/hpn-ssh [3:27:16] 1
> make checksum -DTRYBROKEN
Trying build of hpn-ssh-3.9.0.1.11,1 even though it is marked BROKEN.
=> MD5 Checksum OK for openssh-3.9p1.tar.gz.
=> No SHA256 checksum recorded for openssh-3.9p1.tar.gz.
=> MD5 Checksum OK for openssh-3.9p1-hpn11.diff.
=> No SHA256 checksum recorded for openssh-3.9p1-hpn11.diff.
itetcu@it> /tmp/CVS/hpn-ssh [3:27:23] 0
> fetch -o - http://www.psc.edu/networking/projects/hpn-ssh/openssh-3.9p1-hpn11.diff | diff -u /usr/ports/distfiles/openssh-3.9p1-hpn11.diff -
- 100% of 12 kB 15 kBps
--- /usr/ports/distfiles/openssh-3.9p1-hpn11.diff Wed Jun 15 16:05:53 2005
+++ - Mon Mar 6 03:27:28 2006
@@ -26,7 +26,7 @@
#ifndef BUFFER_H
#define BUFFER_H
-+#define MAXBUFSZ (2>>29)-1
++#define MAXBUFSZ (2<<29)-1
+
typedef struct {
u_char *buf; /* Buffer for data. */
Due to the security implications of this port the maintainer should probably review the implications of this change.
>How-To-Repeat:
>Fix:
--- hpn-ssh.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/security/hpn-ssh/Makefile,v
retrieving revision 1.98
diff -u -r1.98 Makefile
--- Makefile 14 Jan 2006 09:16:14 -0000 1.98
+++ Makefile 6 Mar 2006 01:32:06 -0000
@@ -24,8 +24,6 @@
MAINTAINER= brooks@FreeBSD.org
COMMENT= High Performance Enabled SSH/SCP
-BROKEN= Checksum mismatch
-
HPNVERSION= 11
OPENSSHVERSION= 3.9p1
WRKSRC= ${WRKDIR}/openssh-${OPENSSHVERSION}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/security/hpn-ssh/distinfo,v
retrieving revision 1.28
diff -u -r1.28 distinfo
--- distinfo 11 Jul 2005 23:53:08 -0000 1.28
+++ distinfo 6 Mar 2006 01:32:06 -0000
@@ -1,6 +1,6 @@
MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e
+SHA256 (openssh-3.9p1.tar.gz) = e119eb9b09c13ddd945a0105f19b05983e62de0bac167264f055f93115048090
SIZE (openssh-3.9p1.tar.gz) = 854027
-MD5 (openssh-3.9p1-hpn11.diff) = b91d73e58e2b72aecb3025ee550411fb
+MD5 (openssh-3.9p1-hpn11.diff) = 443bc5f8a761888b8aaaae698339d70d
+SHA256 (openssh-3.9p1-hpn11.diff) = 786d494c78a0fb515b07f1941b1b8494d80679b5d06dbbbd0c225fc5d3cfd7c7
SIZE (openssh-3.9p1-hpn11.diff) = 13237
-MD5 (openssh-3.9p1-hpn11-none.diff) = 227acfa1c17ec49f43e85a3ee98e0e8a
-SIZE (openssh-3.9p1-hpn11-none.diff) = 19146
--- hpn-ssh.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1141609036.12791>