summary refs log tree commit diff
path: root/pkgs/tools/networking/openssh
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2023-11-21 16:12:21 +0100
committerAlyssa Ross <hi@alyssa.is>2023-11-21 16:12:48 +0100
commit048a4cd441a59cbf89defb18bb45c9f0b4429b35 (patch)
treef8f5850ff05521ab82d65745894714a8796cbfb6 /pkgs/tools/networking/openssh
parent030c5028b07afcedce7c5956015c629486cc79d9 (diff)
parent4c2d05dd6435d449a3651a6dd314d9411b5f8146 (diff)
downloadnixpkgs-rootfs.tar
nixpkgs-rootfs.tar.gz
nixpkgs-rootfs.tar.bz2
nixpkgs-rootfs.tar.lz
nixpkgs-rootfs.tar.xz
nixpkgs-rootfs.tar.zst
nixpkgs-rootfs.zip
Rebase onto e4ad989506ec7d71f7302cc3067abd82730a4beb HEAD rootfs
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Diffstat (limited to 'pkgs/tools/networking/openssh')
-rw-r--r--pkgs/tools/networking/openssh/common.nix12
-rw-r--r--pkgs/tools/networking/openssh/default.nix12
2 files changed, 10 insertions, 14 deletions
diff --git a/pkgs/tools/networking/openssh/common.nix b/pkgs/tools/networking/openssh/common.nix
index 2b6ea743fec..bf645edec39 100644
--- a/pkgs/tools/networking/openssh/common.nix
+++ b/pkgs/tools/networking/openssh/common.nix
@@ -18,11 +18,13 @@
 , zlib
 , openssl
 , libedit
+, ldns
 , pkg-config
 , pam
 , libredirect
 , etcDir ? null
 , withKerberos ? true
+, withLdns ? true
 , libkrb5
 , libfido2
 , hostname
@@ -45,14 +47,6 @@ stdenv.mkDerivation {
 
     # See discussion in https://github.com/NixOS/nixpkgs/pull/16966
     ./dont_create_privsep_path.patch
-
-    # Pull upstream zlib-1.3 support.
-    # The patch changes configure.ac, uses autoreconfHook.
-    (fetchpatch {
-      name = "zlib-1.3.patch";
-      url = "https://github.com/openssh/openssh-portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621.patch";
-      hash = "sha256-3Gx0/I2n9/XaWCIefVYtvk5f+VgH6MlhMBse+PMyf34=";
-    })
   ] ++ extraPatches;
 
   postPatch =
@@ -72,6 +66,7 @@ stdenv.mkDerivation {
   buildInputs = [ zlib openssl libedit ]
     ++ lib.optional withFIDO libfido2
     ++ lib.optional withKerberos libkrb5
+    ++ lib.optional withLdns ldns
     ++ lib.optional withPAM pam;
 
   preConfigure = ''
@@ -95,6 +90,7 @@ stdenv.mkDerivation {
     ++ lib.optional withKerberos (assert libkrb5 != null; "--with-kerberos5=${libkrb5}")
     ++ lib.optional stdenv.isDarwin "--disable-libutil"
     ++ lib.optional (!linkOpenssl) "--without-openssl"
+    ++ lib.optional withLdns "--with-ldns"
     ++ extraConfigureFlags;
 
   ${if stdenv.hostPlatform.isStatic then "NIX_LDFLAGS" else null}= [ "-laudit" ] ++ lib.optionals withKerberos [ "-lkeyutils" ];
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix
index 42f7220da55..d701ac7b4ae 100644
--- a/pkgs/tools/networking/openssh/default.nix
+++ b/pkgs/tools/networking/openssh/default.nix
@@ -5,11 +5,11 @@ in
 {
   openssh = common rec {
     pname = "openssh";
-    version = "9.4p1";
+    version = "9.5p1";
 
     src = fetchurl {
       url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
-      hash = "sha256-Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU=";
+      hash = "sha256-8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs=";
     };
 
     extraPatches = [ ./ssh-keysign-8.5.patch ];
@@ -18,12 +18,12 @@ in
 
   openssh_hpn = common rec {
     pname = "openssh-with-hpn";
-    version = "9.4p1";
+    version = "9.5p1";
     extraDesc = " with high performance networking patches";
 
     src = fetchurl {
       url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
-      hash = "sha256-Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU=";
+      hash = "sha256-8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs=";
     };
 
     extraPatches = let url = "https://raw.githubusercontent.com/freebsd/freebsd-ports/700625bcd86b74cf3fb9536aeea250d7f8cd1fd5/security/openssh-portable/files/extra-patch-hpn"; in
@@ -58,12 +58,12 @@ in
 
   openssh_gssapi = common rec {
     pname = "openssh-with-gssapi";
-    version = "9.4p1";
+    version = "9.5p1";
     extraDesc = " with GSSAPI support";
 
     src = fetchurl {
       url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
-      sha256 = "sha256-Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU=";
+      hash = "sha256-8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs=";
     };
 
     extraPatches = [
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-31 08:11:32 +0000