diff options
-rw-r--r-- | .SRCINFO | 10 | ||||
-rw-r--r-- | PKGBUILD | 11 | ||||
-rw-r--r-- | tuntap.patch | 35 |
3 files changed, 50 insertions, 6 deletions
@@ -1,7 +1,7 @@ pkgbase = openssh-selinux - pkgdesc = Free version of the SSH connectivity tools with SELinux support + pkgdesc = Premier connectivity tool for remote login with the SSH protocol, with SELinux support pkgver = 7.7p1 - pkgrel = 1 + pkgrel = 2 url = https://www.openssh.com/portable.html arch = x86_64 groups = selinux @@ -14,8 +14,8 @@ pkgbase = openssh-selinux depends = libselinux optdepends = xorg-xauth: X11 forwarding optdepends = x11-ssh-askpass: input passphrase in X - provides = openssh=7.7p1-1 - provides = selinux-openssh=7.7p1-1 + provides = openssh=7.7p1-2 + provides = selinux-openssh=7.7p1-2 conflicts = openssh conflicts = selinux-openssh backup = etc/ssh/ssh_config @@ -24,6 +24,7 @@ pkgbase = openssh-selinux source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz.asc source = openssl-1.1.0.patch + source = tuntap.patch source = sshdgenkeys.service source = sshd@.service source = sshd.service @@ -34,6 +35,7 @@ pkgbase = openssh-selinux sha256sums = d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f sha256sums = SKIP sha256sums = fa91849cc3161916f563bda5413676342e0bcc2705857e9d01b73c70e4904adf + sha256sums = bd3698425ece4853d67a9f9e934d37ad22948754c9b82e0a872eb854e94220ce sha256sums = 4031577db6416fcbaacf8a26a024ecd3939e5c10fe6a86ee3f0eea5093d533b7 sha256sums = 3a0845737207f4eda221c9c9fb64e766ade9684562d8ba4f705f7ae6826886e5 sha256sums = c5ed9fa629f8f8dbf3bae4edbad4441c36df535088553fe82695c52d7bde30aa @@ -5,11 +5,14 @@ # SELinux Maintainer: Nicolas Iooss (nicolas <dot> iooss <at> m4x <dot> org) # SELinux Contributor: Timothée Ravier <tim@siosm.fr> # SELinux Contributor: Nicky726 <Nicky726@gmail.com> +# +# This PKGBUILD is maintained on https://github.com/archlinuxhardened/selinux. +# If you want to help keep it up to date, please open a Pull Request there. pkgname=openssh-selinux pkgver=7.7p1 -pkgrel=1 -pkgdesc='Free version of the SSH connectivity tools with SELinux support' +pkgrel=2 +pkgdesc='Premier connectivity tool for remote login with the SSH protocol, with SELinux support' url='https://www.openssh.com/portable.html' license=('custom:BSD') arch=('x86_64') @@ -24,6 +27,7 @@ groups=('selinux') validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30') source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux}-${pkgver}.tar.gz"{,.asc} 'openssl-1.1.0.patch' + 'tuntap.patch' 'sshdgenkeys.service' 'sshd@.service' 'sshd.service' @@ -33,6 +37,7 @@ source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux sha256sums=('d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f' 'SKIP' 'fa91849cc3161916f563bda5413676342e0bcc2705857e9d01b73c70e4904adf' + 'bd3698425ece4853d67a9f9e934d37ad22948754c9b82e0a872eb854e94220ce' '4031577db6416fcbaacf8a26a024ecd3939e5c10fe6a86ee3f0eea5093d533b7' '3a0845737207f4eda221c9c9fb64e766ade9684562d8ba4f705f7ae6826886e5' 'c5ed9fa629f8f8dbf3bae4edbad4441c36df535088553fe82695c52d7bde30aa' @@ -46,6 +51,8 @@ prepare() { cd "${srcdir}/${pkgname/-selinux}-${pkgver}" # OpenSSL 1.1.0 patch from http://vega.pgw.jp/~kabe/vsd/patch/openssh-7.4p1-openssl-1.1.0c.patch.html patch -p1 -i ../openssl-1.1.0.patch + + patch -p1 -i ../tuntap.patch } build() { diff --git a/tuntap.patch b/tuntap.patch new file mode 100644 index 000000000000..232d8e59b80c --- /dev/null +++ b/tuntap.patch @@ -0,0 +1,35 @@ +From cfb1d9bc76734681e3dea532a1504fcd466fbe91 Mon Sep 17 00:00:00 2001 +From: Damien Miller <djm@mindrot.org> +Date: Fri, 13 Apr 2018 13:38:06 +1000 +Subject: Fix tunnel forwarding broken in 7.7p1 + +bz2855, ok dtucker@ +--- + openbsd-compat/port-net.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/openbsd-compat/port-net.c b/openbsd-compat/port-net.c +index 7050629..bb53562 100644 +--- a/openbsd-compat/port-net.c ++++ b/openbsd-compat/port-net.c +@@ -185,7 +185,7 @@ sys_tun_open(int tun, int mode, char **ifname) + else + debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd); + +- if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) ++ if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL) + goto failed; + + return (fd); +@@ -272,7 +272,7 @@ sys_tun_open(int tun, int mode, char **ifname) + goto failed; + } + +- if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) ++ if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL) + goto failed; + + close(sock); +-- +cgit v1.1 + |