security/openssh: Fixes

security/openssh/Makefile

@@ -110,6 +110,10 @@ CONFIGURE_ARGS+=	--disable-libutil
 # prior version don't have it.  So, disable use of strnvis(3) now.
 #
 CONFIGURE_ENV+=		ac_cv_func_strnvis=no
+. if ${OS_VARIANT} == "Minix"
+CPPFLAGS+= -D_OPENBSD_SOURCE
+CONFIGURE_ARGS+= ac_cv_have_decl_O_NONBLOCK=no
+. endif # ${OS_VARIANT} == "Minix"
 .endif
 
 .if (${OPSYS} == "SunOS") && (${OS_VERSION} == "5.8" || ${OS_VERSION} == "5.9")

security/openssh/distinfo

@@ -29,4 +29,4 @@ SHA1 (patch-sshd.8) = 50154729a94aeaef17213d92979967b12d9c4e15
 SHA1 (patch-sshd.c) = d381db6d05067d0f28be8268847df97a0c8e9ba4
 SHA1 (patch-sshpty.c) = f87451e49e39fe137c8876fae52110dc2569958a
 SHA1 (patch-uidswap.c) = 875be63bb6d1a7dd8c3d1c008c85aa4bf37dfdc2
-SHA1 (patch-zz-minix) = 1098c7642641e49952c358a4a9ca6f7e66a54c63
+SHA1 (patch-zz-minix) = fb0b798db80ae4c652f0b56ac8ea4920388df48d

security/openssh/files/sshd.sh

@@ -22,12 +22,13 @@ sshd_keygen()
 {
 	(
 	umask 022
-	if [ -f @PKG_SYSCONFDIR@/ssh_host_key ]; then
-		@ECHO@ "You already have an RSA host key in @PKG_SYSCONFDIR@/ssh_host_key"
-		@ECHO@ "Skipping protocol version 1 RSA Key Generation"
-	else
-		${keygen_command} -t rsa1 -b 1024 -f @PKG_SYSCONFDIR@/ssh_host_key -N ''
-	fi
+# LSC: For Minix: rsa1 is not supported anymore
+#	if [ -f @PKG_SYSCONFDIR@/ssh_host_key ]; then
+#		@ECHO@ "You already have an RSA host key in @PKG_SYSCONFDIR@/ssh_host_key"
+#		@ECHO@ "Skipping protocol version 1 RSA Key Generation"
+#	else
+#		${keygen_command} -t rsa1 -b 1024 -f @PKG_SYSCONFDIR@/ssh_host_key -N ''
+#	fi
 
 	if [ -f @PKG_SYSCONFDIR@/ssh_host_dsa_key ]; then
 		@ECHO@ "You already have a DSA host key in @PKG_SYSCONFDIR@/ssh_host_dsa_key"
@@ -63,7 +64,9 @@ sshd_keygen()
 
 sshd_precmd()
 {
-	if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \
+# LSC: For Minix: rsa1 is now unsupported
+#	if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \
+	if [ \
 	     ! -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -o \
 	     ! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -o \
 	     ! -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key -o \

security/openssh/patches/patch-zz-minix

@@ -1,15 +1,23 @@
 --- sshd_config.orig	Sun Jan 12 08:20:47 2014
-+++ sshd_config	Sat Apr 25 09:28:41 2015
-@@ -99,6 +99,12 @@
- #AllowAgentForwarding yes
- #AllowTcpForwarding yes
- #GatewayPorts no
++++ sshd_config	Thu Apr 17 23:51:34 2014
+@@ -102,12 +102,19 @@ AuthorizedKeysFile	.ssh/authorized_keys
+ #X11Forwarding no
+ #X11DisplayOffset 10
+ #X11UseLocalhost yes
 +
 +# LSC: Uncomment if you wish to use X11 forwarding. To actually
 +#      activate X11 forwarding, you also need to set X11Forwarding yes.
 +#XAuthLocation /usr/X11R7/bin/xauth # LSC: Use Native xauth
 +#X11UseLocalhost no # LSC: Workaround SSHD bug
 +
- #X11Forwarding no
- #X11DisplayOffset 10
- #X11UseLocalhost yes
+ #PermitTTY yes
+ #PrintMotd yes
+ #PrintLastLog yes
+ #TCPKeepAlive yes
+ #UseLogin no
+-UsePrivilegeSeparation sandbox		# Default for new installations.
++#UsePrivilegeSeparation sandbox		# Default for new installations.
++UsePrivilegeSeparation no # LSC: for Minix, this is not supported ATM.
+ #PermitUserEnvironment no
+ #Compression delayed
+ #ClientAliveInterval 0