From 0db9b8e3e810d59712ea8a0414ec1e2e8e7a1a40 Mon Sep 17 00:00:00 2001 From: "Robin H. Johnson" Date: Thu, 10 Feb 2011 03:10:55 +0000 Subject: Revamp AES-CTR-MT disable comment, with explicit reference to upstream documentation and testcase reference (bug #354113, comment 6). Package-Manager: portage-2.2.0_alpha19/cvs/Linux x86_64 --- net-misc/openssh/ChangeLog | 8 +++++++- net-misc/openssh/Manifest | 22 ++++++---------------- net-misc/openssh/openssh-5.5_p1-r2.ebuild | 18 ++++++++++++------ net-misc/openssh/openssh-5.6_p1-r2.ebuild | 16 +++++++++++----- net-misc/openssh/openssh-5.7_p1-r1.ebuild | 16 +++++++++++----- net-misc/openssh/openssh-5.8_p1-r1.ebuild | 16 +++++++++++----- net-misc/openssh/openssh-5.8_p1.ebuild | 16 +++++++++++----- 7 files changed, 69 insertions(+), 43 deletions(-) (limited to 'net-misc') diff --git a/net-misc/openssh/ChangeLog b/net-misc/openssh/ChangeLog index 46580494b5a2..fd3200c92156 100644 --- a/net-misc/openssh/ChangeLog +++ b/net-misc/openssh/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-misc/openssh # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.409 2011/02/10 02:44:53 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.410 2011/02/10 03:10:55 robbat2 Exp $ + + 10 Feb 2011; Robin H. Johnson openssh-5.5_p1-r2.ebuild, + openssh-5.6_p1-r2.ebuild, openssh-5.7_p1-r1.ebuild, openssh-5.8_p1.ebuild, + openssh-5.8_p1-r1.ebuild: + Revamp AES-CTR-MT disable comment, with explicit reference to upstream + documentation and testcase reference (bug #354113, comment 6). 10 Feb 2011; Mike Frysinger openssh-5.8_p1-r1.ebuild, +files/openssh-5.8_p1-selinux.patch: diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index f40260200396..90fe9fa8f67c 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,6 +1,3 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - AUX openssh-4.7_p1-GSSAPI-dns.patch 4494 RMD160 4e02e0a85c0e33c917ec8c22b4e1c173a9d7d79e SHA1 d8a81eb92a49763106cfa5b319c22c6f188508ef SHA256 88a08f349258d4be5b2faa838a89fe1aa0196502990b745ac0e3a70dda30a0d7 AUX openssh-5.2_p1-autoconf.patch 386 RMD160 8e57ae97df0b2483f826a7aba00bc0622b9a28f8 SHA1 22c4e40f54f97f866b460fe8987eb16363410caf SHA256 42bb5f23f02241186abd6158ac15cd1fba0fadb4bd79e6b051fbd05605419ebb AUX openssh-5.2_p1-gsskex-fix.patch 408 RMD160 6a6296cd1c8acc52af4e0d8b6238b326d5d41e77 SHA1 b31e5294c68e6af9a75987a1c3ece5e52f56e9a5 SHA256 8190db31ed2e8dc6ce79030e5c648d04610b06dd8366df5948ef6e990314ee96 @@ -34,17 +31,10 @@ DIST openssh-5.8p1.tar.gz 1113798 RMD160 c3903b1cf99553a8fc8d762d52c0f28db830edd DIST openssh-lpk-5.4p1-0.3.13.patch.gz 18105 RMD160 734b2c3ea740b6de610e3bfa91c93a2540b79acc SHA1 4c73f21b16db41c16e096db834380ec53f15c723 SHA256 4e5dbe769e487c914ecc5b104866f6d4412cbe35c3f2bed897d06f7d824878be DIST openssh-lpk-5.6p1-0.3.13.patch.gz 18376 RMD160 c928a22d890de17c43ac8a71ac0a551fbe38a831 SHA1 477ef82043278ba9e314e14e7a487f1541fbc48b SHA256 42a76b67c390c3ed28efd6e1734ca5a7edfefc635c35086dbd610999130678e9 DIST openssh-lpk-5.7p1-0.3.13.patch.gz 18392 RMD160 9ca299e2c05c97528ecbea5cc30fe604904daa2c SHA1 5581a12eee5d5e739b77927ce7ddb00625ab03c4 SHA256 739fa32e267f2c30362bb953d597bcbb55b58d76e13f644004fa63ded81522f7 -EBUILD openssh-5.5_p1-r2.ebuild 8180 RMD160 e2bcad59293157b59d2b92fbb841fd8c4e2e6c40 SHA1 962947647c14a4a473921842375b9a7bf4bd308c SHA256 3f26e1d3d6cd6fdfef8107bbcb217899857ed12f9d7b805d93333d08ee58a90f -EBUILD openssh-5.6_p1-r2.ebuild 7962 RMD160 e8c3f7abd744ab2002078b0b94d1b9d2ab89148e SHA1 f1214a171e3ee5d7f19cf8392a469c0958b44fd2 SHA256 7edfebdd8a012778448a86b4903fc4ca773a485a4d7623aa9b92e26dfb767eed -EBUILD openssh-5.7_p1-r1.ebuild 7812 RMD160 23fd5722804982568ab00f7b854c011922fbccac SHA1 b1707a680317cc6c38810682fc4691b7fbbadeaf SHA256 b99f981d423755aa974b389c056c2f79375ed63b77d9c00dd25981cd229b93dc -EBUILD openssh-5.8_p1-r1.ebuild 7799 RMD160 4ad85688fd42fbfbeb2a42523b57e544aae2c4e8 SHA1 702a7dc1020a064bb1faa7990d2c55bb0552421b SHA256 3f738cc9df10791aa50d2ae741b426c83bee651094ca203f6ad71d04840821e2 -EBUILD openssh-5.8_p1.ebuild 7786 RMD160 cbcbc8930045986fb7b449cb9641ecf0c0ad724e SHA1 1d457b48b37844afb698daa7b873ca95480a0177 SHA256 b9f79f57d3b15c3a3a1425ea3c312ca18d432183dd266815d4173c128390bbac -MISC ChangeLog 64269 RMD160 5aac7f1c0806a1bf7bd8517efc48ed7076cb731e SHA1 0b7142b5d64612a00c9da022c7aba3584c9ba3d2 SHA256 cb6384f2622cb41c54174d975a194b0889bb00774da35ea99404c68cec55e467 +EBUILD openssh-5.5_p1-r2.ebuild 8662 RMD160 2135cda66ac98c5dd7b7223f21717a8ca8162259 SHA1 29a867e936467baf947d5ce7799a441f0d621cf6 SHA256 e27af19c0bb7043354702ec77ccd46e664e337a57064d3617acdfd865425376b +EBUILD openssh-5.6_p1-r2.ebuild 8408 RMD160 2c344d823df37b7d12054316293b07c63a1a9e0a SHA1 a47ddffcd1574f2b9164ae281beccac1b3dbd87c SHA256 ab733a919d79506fe66a79205c32fa2a8c5a8c90b1d0db4db7d96211dff23895 +EBUILD openssh-5.7_p1-r1.ebuild 8257 RMD160 6126ed9ef31f3ba2fe8d5bab996d71164160fbd5 SHA1 8d2e76cedc2b05cf6ba73aa1191a735fcd337a21 SHA256 42ffdb6f51664911af79106c9d83da64cb495fc353bc2c8fc805430401c22753 +EBUILD openssh-5.8_p1-r1.ebuild 8245 RMD160 a76bea96a22b332c24792de73284f7751068a02c SHA1 6743d27814ef68d5c71d327e646190c1b31b2b61 SHA256 ffbd73eedc8b3d9d7f7fb32eb2ad0f222e8f232aa8c5d757667679ef5407ce54 +EBUILD openssh-5.8_p1.ebuild 8231 RMD160 a59f337cb2b6cefc3b89ff1731ad8a92f53acb85 SHA1 4cc8bd6a23a0fb155b18563b4078e43d61f1b8eb SHA256 83ced0b83d5279aef8b12f85fe35bc00a00085250ee9bd8195ac7785af96e984 +MISC ChangeLog 64593 RMD160 0ba9615e33e2b8f4415f5fa213530c04e5318a39 SHA1 1432812bf7259db25df6dfa6ef032bb0228a5093 SHA256 8c8ae6de0c36265189f81f24510d21ba8a28c9d6bdc0773a50dab5a3ba3008a1 MISC metadata.xml 1599 RMD160 31fdd1531a4111aa437882680029451b29ddf4aa SHA1 af53a6887ebf563150184ab40b4cc018ab4e4d3f SHA256 fddc51b98b6831f5bc0f1f5fdeb78c064f9c40fc5c9a9f31ec816890e6aade86 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) - -iF4EAREIAAYFAk1TUSoACgkQaC/OocHi7JazjQD/QRr8HZbo/UIKkxUmlzJj0gms -v2j4XNie+srb9Q6zOesA/0boFBEgrAqF5VYPzzcMJZTesS+FwSiWrIdth1NXTnNN -=qFh9 ------END PGP SIGNATURE----- diff --git a/net-misc/openssh/openssh-5.5_p1-r2.ebuild b/net-misc/openssh/openssh-5.5_p1-r2.ebuild index f24de433f624..28818cc89c63 100644 --- a/net-misc/openssh/openssh-5.5_p1-r2.ebuild +++ b/net-misc/openssh/openssh-5.5_p1-r2.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.5_p1-r2.ebuild,v 1.7 2010/09/24 11:11:23 armin76 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.5_p1-r2.ebuild,v 1.8 2011/02/10 03:10:55 robbat2 Exp $ EAPI="2" inherit eutils flag-o-matic multilib autotools pam @@ -106,10 +106,16 @@ src_prepare() { # version.h patch conflict avoidence mv version.h version.h.hpn cp -f version.h.pristine version.h - # The AES-CTR multithreaded variant is temporarily broken, and - # causes random hangs when combined with the -f switch of ssh. - # To avoid this, we change the internal table to use the non-multithread - # version for the meantime. + # The AES-CTR multithreaded variant is broken, and causes random hangs + # when combined background threading and control sockets. To avoid + # this, we change the internal table to use the non-multithread version + # for the meantime. Do NOT remove this in new versions. See bug #354113, + # comment #6 for testcase. + # Upstream reference: http://www.psc.edu/networking/projects/hpn-ssh/ + ## Additionally, the MT-AES-CTR mode cipher replaces the default ST-AES-CTR mode + ## cipher. Be aware that if the client process is forked using the -f command line + ## option the process will hang as the parent thread gets 'divorced' from the key + ## generation threads. This issue will be resolved as soon as possible sed -i \ -e '/aes...-ctr.*SSH_CIPHER_SSH2/s,evp_aes_ctr_mt,evp_aes_128_ctr,' \ cipher.c || die diff --git a/net-misc/openssh/openssh-5.6_p1-r2.ebuild b/net-misc/openssh/openssh-5.6_p1-r2.ebuild index c12d854da5ea..829c5ac3b37f 100644 --- a/net-misc/openssh/openssh-5.6_p1-r2.ebuild +++ b/net-misc/openssh/openssh-5.6_p1-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.6_p1-r2.ebuild,v 1.9 2011/02/10 02:30:27 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.6_p1-r2.ebuild,v 1.10 2011/02/10 03:10:55 robbat2 Exp $ EAPI="2" inherit eutils flag-o-matic multilib autotools pam @@ -99,10 +99,16 @@ src_prepare() { # version.h patch conflict avoidence mv version.h version.h.hpn cp -f version.h.pristine version.h - # The AES-CTR multithreaded variant is temporarily broken, and - # causes random hangs when combined with the -f switch of ssh. - # To avoid this, we change the internal table to use the non-multithread - # version for the meantime. Do NOT remove this in new versions. + # The AES-CTR multithreaded variant is broken, and causes random hangs + # when combined background threading and control sockets. To avoid + # this, we change the internal table to use the non-multithread version + # for the meantime. Do NOT remove this in new versions. See bug #354113 + # comment #6 for testcase. + # Upstream reference: http://www.psc.edu/networking/projects/hpn-ssh/ + ## Additionally, the MT-AES-CTR mode cipher replaces the default ST-AES-CTR mode + ## cipher. Be aware that if the client process is forked using the -f command line + ## option the process will hang as the parent thread gets 'divorced' from the key + ## generation threads. This issue will be resolved as soon as possible sed -i \ -e '/aes...-ctr.*SSH_CIPHER_SSH2/s,evp_aes_ctr_mt,evp_aes_128_ctr,' \ cipher.c || die diff --git a/net-misc/openssh/openssh-5.7_p1-r1.ebuild b/net-misc/openssh/openssh-5.7_p1-r1.ebuild index 8c7b291a2fb8..e170f7465125 100644 --- a/net-misc/openssh/openssh-5.7_p1-r1.ebuild +++ b/net-misc/openssh/openssh-5.7_p1-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.7_p1-r1.ebuild,v 1.2 2011/02/10 02:30:27 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.7_p1-r1.ebuild,v 1.3 2011/02/10 03:10:55 robbat2 Exp $ EAPI="2" inherit eutils flag-o-matic multilib autotools pam @@ -97,10 +97,16 @@ src_prepare() { # version.h patch conflict avoidence mv version.h version.h.hpn cp -f version.h.pristine version.h - # The AES-CTR multithreaded variant is temporarily broken, and - # causes random hangs when combined with the -f switch of ssh. - # To avoid this, we change the internal table to use the non-multithread - # version for the meantime. Do NOT remove this in new versions. + # The AES-CTR multithreaded variant is broken, and causes random hangs + # when combined background threading and control sockets. To avoid + # this, we change the internal table to use the non-multithread version + # for the meantime. Do NOT remove this in new versions. See bug #354113 + # comment #6 for testcase. + # Upstream reference: http://www.psc.edu/networking/projects/hpn-ssh/ + ## Additionally, the MT-AES-CTR mode cipher replaces the default ST-AES-CTR mode + ## cipher. Be aware that if the client process is forked using the -f command line + ## option the process will hang as the parent thread gets 'divorced' from the key + ## generation threads. This issue will be resolved as soon as possible sed -i \ -e '/aes...-ctr.*SSH_CIPHER_SSH2/s,evp_aes_ctr_mt,evp_aes_128_ctr,' \ cipher.c || die diff --git a/net-misc/openssh/openssh-5.8_p1-r1.ebuild b/net-misc/openssh/openssh-5.8_p1-r1.ebuild index 4fad901aeba4..8da79ca25b4e 100644 --- a/net-misc/openssh/openssh-5.8_p1-r1.ebuild +++ b/net-misc/openssh/openssh-5.8_p1-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.8_p1-r1.ebuild,v 1.2 2011/02/10 02:44:53 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.8_p1-r1.ebuild,v 1.3 2011/02/10 03:10:55 robbat2 Exp $ EAPI="2" inherit eutils flag-o-matic multilib autotools pam @@ -97,10 +97,16 @@ src_prepare() { # version.h patch conflict avoidence mv version.h version.h.hpn cp -f version.h.pristine version.h - # The AES-CTR multithreaded variant is temporarily broken, and - # causes random hangs when combined with the -f switch of ssh. - # To avoid this, we change the internal table to use the non-multithread - # version for the meantime. Do NOT remove this in new versions. + # The AES-CTR multithreaded variant is broken, and causes random hangs + # when combined background threading and control sockets. To avoid + # this, we change the internal table to use the non-multithread version + # for the meantime. Do NOT remove this in new versions. See bug #354113 + # comment #6 for testcase. + # Upstream reference: http://www.psc.edu/networking/projects/hpn-ssh/ + ## Additionally, the MT-AES-CTR mode cipher replaces the default ST-AES-CTR mode + ## cipher. Be aware that if the client process is forked using the -f command line + ## option the process will hang as the parent thread gets 'divorced' from the key + ## generation threads. This issue will be resolved as soon as possible sed -i \ -e '/aes...-ctr.*SSH_CIPHER_SSH2/s,evp_aes_ctr_mt,evp_aes_128_ctr,' \ cipher.c || die diff --git a/net-misc/openssh/openssh-5.8_p1.ebuild b/net-misc/openssh/openssh-5.8_p1.ebuild index 7b83cc149d2f..ee4afdb6c8ab 100644 --- a/net-misc/openssh/openssh-5.8_p1.ebuild +++ b/net-misc/openssh/openssh-5.8_p1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.8_p1.ebuild,v 1.5 2011/02/10 02:32:42 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.8_p1.ebuild,v 1.6 2011/02/10 03:10:55 robbat2 Exp $ EAPI="2" inherit eutils flag-o-matic multilib autotools pam @@ -97,10 +97,16 @@ src_prepare() { # version.h patch conflict avoidence mv version.h version.h.hpn cp -f version.h.pristine version.h - # The AES-CTR multithreaded variant is temporarily broken, and - # causes random hangs when combined with the -f switch of ssh. - # To avoid this, we change the internal table to use the non-multithread - # version for the meantime. Do NOT remove this in new versions. + # The AES-CTR multithreaded variant is broken, and causes random hangs + # when combined background threading and control sockets. To avoid + # this, we change the internal table to use the non-multithread version + # for the meantime. Do NOT remove this in new versions. See bug #354113 + # comment #6 for testcase. + # Upstream reference: http://www.psc.edu/networking/projects/hpn-ssh/ + ## Additionally, the MT-AES-CTR mode cipher replaces the default ST-AES-CTR mode + ## cipher. Be aware that if the client process is forked using the -f command line + ## option the process will hang as the parent thread gets 'divorced' from the key + ## generation threads. This issue will be resolved as soon as possible sed -i \ -e '/aes...-ctr.*SSH_CIPHER_SSH2/s,evp_aes_ctr_mt,evp_aes_128_ctr,' \ cipher.c || die -- cgit v1.2.3-65-gdbad