diff options
author | William A. Kennington III <william@wkennington.com> | 2013-12-29 10:50:16 -0600 |
---|---|---|
committer | William A. Kennington III <william@wkennington.com> | 2013-12-30 02:42:12 -0600 |
commit | c4e03f07394017d6f537308506019d6d63e17676 (patch) | |
tree | 7d7fafe1314f9a54d992f067a78b3867c68c15ab /pkgs/tools/networking/openssh | |
parent | 4cc859c6be2b7c99640f964cdba4a5c5e04ef5ca (diff) | |
download | nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.tar nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.tar.gz nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.tar.bz2 nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.tar.lz nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.tar.xz nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.tar.zst nixpkgs-c4e03f07394017d6f537308506019d6d63e17676.zip |
openssh: Update from 6.2p2 -> 6.4p1
This patch also bumps up the HPN version of openssh so that it compiles on top of 6.4. Along with the bump, a package was added for the high performance networking version. The gcmrekey patch was removed as this vulnerability is fixed in version 6.4 onward. http://www.openssh.org/txt/gcmrekey.adv
Diffstat (limited to 'pkgs/tools/networking/openssh')
-rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 10 | ||||
-rw-r--r-- | pkgs/tools/networking/openssh/gcmrekey.patch | 18 |
2 files changed, 5 insertions, 23 deletions
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 7d2ae9c5bb4..1f785fdf730 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -10,18 +10,18 @@ assert withKerberos -> kerberos != null; let hpnSrc = fetchurl { - url = http://tarballs.nixos.org/openssh-6.1p1-hpn13v14.diff.gz; - sha256 = "14das6lim6fxxnx887ssw76ywsbvx3s4q3n43afgh5rgvs4xmnnq"; + url = mirror://sourceforge/hpnssh/openssh-6.3p1-hpnssh14v2.diff.gz; + sha256 = "1jldqjwry9qpxxzb3mikfmmmv90mfb7xkmcfdbvwqac6nl3r7bi3"; }; in stdenv.mkDerivation rec { - name = "openssh-6.2p2"; + name = "openssh-6.4p1"; src = fetchurl { url = "ftp://ftp.nl.uu.net/pub/OpenBSD/OpenSSH/portable/${name}.tar.gz"; - sha1 = "c2b4909eba6f5ec6f9f75866c202db47f3b501ba"; + sha256 = "1lkmi7v83qvpcc04qrrqk4k7mafnmwxkfk1ccsisw51va4bgcc2m"; }; prePatch = stdenv.lib.optionalString hpnSupport @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { export NIX_LDFLAGS="$NIX_LDFLAGS -lgcc_s" ''; - patches = [ ./locale_archive.patch ./gcmrekey.patch ]; + patches = [ ./locale_archive.patch ]; buildInputs = [ zlib openssl libedit pkgconfig pam ] ++ (if withKerberos then [ kerberos ] else []) diff --git a/pkgs/tools/networking/openssh/gcmrekey.patch b/pkgs/tools/networking/openssh/gcmrekey.patch deleted file mode 100644 index ddb694af1dd..00000000000 --- a/pkgs/tools/networking/openssh/gcmrekey.patch +++ /dev/null @@ -1,18 +0,0 @@ -http://www.openssh.com/txt/gcmrekey.adv - -Index: monitor_wrap.c -=================================================================== -RCS file: /cvs/src/usr.bin/ssh/monitor_wrap.c,v -retrieving revision 1.76 -diff -u -p -u -r1.76 monitor_wrap.c ---- a/monitor_wrap.c 17 May 2013 00:13:13 -0000 1.76 -+++ b/monitor_wrap.c 6 Nov 2013 16:31:26 -0000 -@@ -469,7 +469,7 @@ mm_newkeys_from_blob(u_char *blob, int b - buffer_init(&b); - buffer_append(&b, blob, blen); - -- newkey = xmalloc(sizeof(*newkey)); -+ newkey = xcalloc(1, sizeof(*newkey)); - enc = &newkey->enc; - mac = &newkey->mac; - comp = &newkey->comp; |