openssh: update to 7.9p1

Refreshes keydir patch to account for xmss keys and retiring of ssh1 support. Adds upstream patch to correct openssl version check. Signed-off-by: Ian Leonard <antonlacon@gmail.com>
2025-07-24 11:16:51 +00:00 · 2018-12-06 09:21:18 +00:00 · 2018-12-06 09:21:18 +00:00 · 7f4e3e613c
commit 7f4e3e613c
parent 1f14e69a61
3 changed files with 72 additions and 58 deletions
--- a/packages/network/openssh/package.mk
+++ b/packages/network/openssh/package.mk
@ -3,11 +3,11 @@
 # Copyright (C) 2018-present Team LibreELEC (https://libreelec.tv)

 PKG_NAME="openssh"
-PKG_VERSION="7.5p1"
-PKG_SHA256="9846e3c5fab9f0547400b4d2c017992f914222b3fd1f8eee6c7dc6bc5e59f9f0"
+PKG_VERSION="7.9p1"
+PKG_SHA256="6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad"
 PKG_LICENSE="OSS"
-PKG_SITE="http://www.openssh.com/"
-PKG_URL="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$PKG_NAME-$PKG_VERSION.tar.gz"
+PKG_SITE="https://www.openssh.com/"
+PKG_URL="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$PKG_NAME-$PKG_VERSION.tar.gz"
 PKG_DEPENDS_TARGET="toolchain openssl zlib"
 PKG_LONGDESC="An open re-implementation of the SSH package."
 PKG_TOOLCHAIN="autotools"
--- a/packages/network/openssh/patches/openssh-7.9p1-keydir.patch
+++ b/packages/network/openssh/patches/openssh-7.9p1-keydir.patch
@ -1,8 +1,49 @@
-diff --git a/Makefile.in b/Makefile.in
-index 06be3d5..5272bda 100644
--- a/Makefile.in
-+++ b/Makefile.in
-@@ -30,8 +30,10 @@ PRIVSEP_PATH=@PRIVSEP_PATH@
+diff -u a/configure.ac b/configure.ac
+--- a/configure.ac	2018-10-16 20:01:20.000000000 -0400
+++ b/configure.ac	2018-12-06 04:08:42.718993760 -0500
+@@ -4903,6 +4903,19 @@
+ )
+ 
+ 
+# Set keydir
+AC_ARG_WITH([keydir],
+	[  --with-keydir=      Specify different path for storing keys],
+	[
+		if test -n "$withval" && test "x$withval" != "xno" && \
+			test "x${withval}" != "xyes"; then
+			KEYDIR=$withval
+		fi
+	]
+)
+AC_SUBST([KEYDIR])
+
+
+ AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
+ IPV4_IN6_HACK_MSG="no"
+ AC_ARG_WITH(4in6,
+@@ -5277,6 +5290,7 @@
+ H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
+ I=`eval echo ${user_path}` ; I=`eval echo ${I}`
+ J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
+K=`eval echo ${KEYDIR}` ; K=`eval echo ${K}`
+ 
+ echo ""
+ echo "OpenSSH has been configured with the following options:"
+@@ -5300,6 +5314,9 @@
+ if test ! -z "$superuser_path" ; then
+ echo "          sshd superuser user PATH: $J"
+ fi
+if test ! -z "$KEYDIR" ; then
+echo "                       sshd keydir: $K"
+fi
+ echo "                    Manpage format: $MANTYPE"
+ echo "                       PAM support: $PAM_MSG"
+ echo "                   OSF SIA support: $SIA_MSG"
+Common subdirectories: a/contrib and b/contrib
+diff -u a/Makefile.in b/Makefile.in
+--- a/Makefile.in	2018-10-16 20:01:20.000000000 -0400
+++ b/Makefile.in	2018-12-06 04:00:04.301968236 -0500
+@@ -28,8 +28,10 @@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
 TEST_SHELL=@TEST_SHELL@
@ -13,7 +54,7 @@ index 06be3d5..5272bda 100644
 	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
 	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
 	-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
-@@ -121,11 +123,11 @@ PATHSUBS	= \
+@@ -133,11 +135,11 @@
 	-e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \
 	-e 's|/usr/libexec|$(libexecdir)|g' \
 	-e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \
@ -30,50 +71,10 @@ index 06be3d5..5272bda 100644
 	-e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \
 	-e 's|/etc/moduli|$(sysconfdir)/moduli|g' \
 	-e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \
-diff --git a/configure.ac b/configure.ac
-index 67c4486..b4297bf 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -4429,6 +4429,17 @@ AC_ARG_WITH([superuser-path],
- 	]
- )
- 
-+# Set keydir
-+AC_ARG_WITH([keydir],
-+	[  --with-keydir=      Specify different path for storing keys],
-+	[
-+		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-+                    test "x${withval}" != "xyes"; then
-+			KEYDIR=$withval
-+		fi
-+	]
-+)
-+AC_SUBST([KEYDIR])
- 
- AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
- IPV4_IN6_HACK_MSG="no"
-@@ -4799,6 +4810,7 @@ G=`eval echo ${piddir}` ; G=`eval echo ${G}`
- H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
- I=`eval echo ${user_path}` ; I=`eval echo ${I}`
- J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
-+K=`eval echo ${KEYDIR}` ; K=`eval echo ${K}`
- 
- echo ""
- echo "OpenSSH has been configured with the following options:"
-@@ -4822,6 +4834,9 @@ fi
- if test ! -z "$superuser_path" ; then
- echo "          sshd superuser user PATH: $J"
- fi
-+if test ! -z "$KEYDIR" ; then
-+echo "                       sshd keydir: $K"
-+fi
- echo "                    Manpage format: $MANTYPE"
- echo "                       PAM support: $PAM_MSG"
- echo "                   OSF SIA support: $SIA_MSG"
-diff --git a/pathnames.h b/pathnames.h
-index ec89fc6..8a33ca2 100644
--- a/pathnames.h
-+++ b/pathnames.h
+Common subdirectories: a/openbsd-compat and b/openbsd-compat
+diff -u a/pathnames.h b/pathnames.h
+--- a/pathnames.h	2018-10-16 20:01:20.000000000 -0400
+++ b/pathnames.h	2018-12-06 04:15:01.286012398 -0500
@@ -18,6 +18,10 @@
 #define SSHDIR				ETCDIR "/ssh"
 #endif
@ -101,16 +102,17 @@ index ec89fc6..8a33ca2 100644
  */
 #define _PATH_SERVER_CONFIG_FILE	SSHDIR "/sshd_config"
 #define _PATH_HOST_CONFIG_FILE		SSHDIR "/ssh_config"
-#define _PATH_HOST_KEY_FILE		SSHDIR "/ssh_host_key"
 -#define _PATH_HOST_DSA_KEY_FILE		SSHDIR "/ssh_host_dsa_key"
 -#define _PATH_HOST_ECDSA_KEY_FILE	SSHDIR "/ssh_host_ecdsa_key"
 -#define _PATH_HOST_ED25519_KEY_FILE	SSHDIR "/ssh_host_ed25519_key"
+-#define _PATH_HOST_XMSS_KEY_FILE	SSHDIR "/ssh_host_xmss_key"
 -#define _PATH_HOST_RSA_KEY_FILE		SSHDIR "/ssh_host_rsa_key"
-+#define _PATH_HOST_KEY_FILE		KEYDIR "/ssh_host_key"
 +#define _PATH_HOST_DSA_KEY_FILE		KEYDIR "/ssh_host_dsa_key"
 +#define _PATH_HOST_ECDSA_KEY_FILE	KEYDIR "/ssh_host_ecdsa_key"
 +#define _PATH_HOST_ED25519_KEY_FILE	KEYDIR "/ssh_host_ed25519_key"
+#define _PATH_HOST_XMSS_KEY_FILE	KEYDIR "/ssh_host_xmss_key"
 +#define _PATH_HOST_RSA_KEY_FILE		KEYDIR "/ssh_host_rsa_key"
 #define _PATH_DH_MODULI			SSHDIR "/moduli"
- /* Backwards compatibility */
- #define _PATH_DH_PRIMES			SSHDIR "/primes"
+ 
+ #ifndef _PATH_SSH_PROGRAM
+Common subdirectories: a/regress and b/regress
--- a/packages/network/openssh/patches/openssh-7.9p1-openssl-ver-check.patch
+++ b/packages/network/openssh/patches/openssh-7.9p1-openssl-ver-check.patch
@ -0,0 +1,12 @@
+diff -ru a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
+--- a/openbsd-compat/openssl-compat.c	2018-10-16 20:01:20.000000000 -0400
+++ b/openbsd-compat/openssl-compat.c	2018-12-06 04:40:34.296087875 -0500
+@@ -76,7 +76,7 @@
+ 	ENGINE_load_builtin_engines();
+ 	ENGINE_register_all_complete();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10001000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	OPENSSL_config(NULL);
+ #else
+ 	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |