diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-11-21 16:12:21 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-11-21 16:12:48 +0100 |
commit | 048a4cd441a59cbf89defb18bb45c9f0b4429b35 (patch) | |
tree | f8f5850ff05521ab82d65745894714a8796cbfb6 /pkgs/tools/networking/openssh | |
parent | 030c5028b07afcedce7c5956015c629486cc79d9 (diff) | |
parent | 4c2d05dd6435d449a3651a6dd314d9411b5f8146 (diff) | |
download | nixpkgs-rootfs.tar nixpkgs-rootfs.tar.gz nixpkgs-rootfs.tar.bz2 nixpkgs-rootfs.tar.lz nixpkgs-rootfs.tar.xz nixpkgs-rootfs.tar.zst nixpkgs-rootfs.zip |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Diffstat (limited to 'pkgs/tools/networking/openssh')
-rw-r--r-- | pkgs/tools/networking/openssh/common.nix | 12 | ||||
-rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 12 |
2 files changed, 10 insertions, 14 deletions
diff --git a/pkgs/tools/networking/openssh/common.nix b/pkgs/tools/networking/openssh/common.nix index 2b6ea743fec..bf645edec39 100644 --- a/pkgs/tools/networking/openssh/common.nix +++ b/pkgs/tools/networking/openssh/common.nix @@ -18,11 +18,13 @@ , zlib , openssl , libedit +, ldns , pkg-config , pam , libredirect , etcDir ? null , withKerberos ? true +, withLdns ? true , libkrb5 , libfido2 , hostname @@ -45,14 +47,6 @@ stdenv.mkDerivation { # See discussion in https://github.com/NixOS/nixpkgs/pull/16966 ./dont_create_privsep_path.patch - - # Pull upstream zlib-1.3 support. - # The patch changes configure.ac, uses autoreconfHook. - (fetchpatch { - name = "zlib-1.3.patch"; - url = "https://github.com/openssh/openssh-portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621.patch"; - hash = "sha256-3Gx0/I2n9/XaWCIefVYtvk5f+VgH6MlhMBse+PMyf34="; - }) ] ++ extraPatches; postPatch = @@ -72,6 +66,7 @@ stdenv.mkDerivation { buildInputs = [ zlib openssl libedit ] ++ lib.optional withFIDO libfido2 ++ lib.optional withKerberos libkrb5 + ++ lib.optional withLdns ldns ++ lib.optional withPAM pam; preConfigure = '' @@ -95,6 +90,7 @@ stdenv.mkDerivation { ++ lib.optional withKerberos (assert libkrb5 != null; "--with-kerberos5=${libkrb5}") ++ lib.optional stdenv.isDarwin "--disable-libutil" ++ lib.optional (!linkOpenssl) "--without-openssl" + ++ lib.optional withLdns "--with-ldns" ++ extraConfigureFlags; ${if stdenv.hostPlatform.isStatic then "NIX_LDFLAGS" else null}= [ "-laudit" ] ++ lib.optionals withKerberos [ "-lkeyutils" ]; diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 42f7220da55..d701ac7b4ae 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -5,11 +5,11 @@ in { openssh = common rec { pname = "openssh"; - version = "9.4p1"; + version = "9.5p1"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - hash = "sha256-Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU="; + hash = "sha256-8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs="; }; extraPatches = [ ./ssh-keysign-8.5.patch ]; @@ -18,12 +18,12 @@ in openssh_hpn = common rec { pname = "openssh-with-hpn"; - version = "9.4p1"; + version = "9.5p1"; extraDesc = " with high performance networking patches"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - hash = "sha256-Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU="; + hash = "sha256-8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs="; }; extraPatches = let url = "https://raw.githubusercontent.com/freebsd/freebsd-ports/700625bcd86b74cf3fb9536aeea250d7f8cd1fd5/security/openssh-portable/files/extra-patch-hpn"; in @@ -58,12 +58,12 @@ in openssh_gssapi = common rec { pname = "openssh-with-gssapi"; - version = "9.4p1"; + version = "9.5p1"; extraDesc = " with GSSAPI support"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - sha256 = "sha256-Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU="; + hash = "sha256-8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs="; }; extraPatches = [ |