From nobody Fri Sep 06 09:15:36 2024
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0VvD3B6Qz5WRlw;
	Fri, 06 Sep 2024 09:15:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4X0VvD1LsJz4lwx;
	Fri,  6 Sep 2024 09:15:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1725614136;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xdw6QQOdCTiU1qqV7ArLkzY0dg+6cMJFCsrK8Gy4z0o=;
	b=F2YSmM1JwJ0RJH/BK2Ir+v4e4QcVdDQ3eCaU7j3pvWZXEIvxHXKUE8zNI2x6R8+XTlg6tN
	BwxGlybW31mhLMmYChIZxeaRtIhQiKkEh7qC03oy4eOfF8zVxcmpCEI3gfEE4/RlCfQEHY
	8bGkXMxIiJuCxGotaZ55QuiPKK5mv63KbIHGhcA3rxu7NLmXq5U/29MS4CnSdD3bof7Ur7
	40lNjaZo220YgXE3Ul7Ipw2jaUAZnHMdm+std5Ty2M9Jf48rSL+5GP7q3kwNgfn3oNy0iT
	cp6AjpXlrtiqc7iX+BE5ayEcchkeCyQ5dn+FLKaq6IrhdqTpGgd6ZjeqAytMUw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725614136; a=rsa-sha256; cv=none;
	b=olrBznUymM9odm9lFFm/kQ9En+9aciPn7pUkNwBtzB799Q/DjRNKhomyda14o9V4vLVSNI
	fDs6Pqd7wnnHJB7PcU1Uqdzry6AwIVnXAKtvjN7AAK8IN9LK/glQxYtEGwO+XhKImQw1TA
	FiSwcCa+Fv29W//+TinqlNPE4tsZZXGM2x8ouM74L/Wa0anPTHL3yLgy+w2w9x+PimWxlz
	hZ8boYqP3lkNdU6fK1h1ZsS9JyZXZpb+kflbZGzHHvuBr7XjUUjba6ipdQZZTABxl7k6el
	IEa4NV7zKtTIF7IdeIeGDmM9HhSxsCUrHuQ69pJ9E+2F0JQSbPm8F997BogPJQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1725614136;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xdw6QQOdCTiU1qqV7ArLkzY0dg+6cMJFCsrK8Gy4z0o=;
	b=XI4Ym/jPtIWdyZ5H52wdOmdLCzQLDUBpUh8ZudsWn4NY/LvgAyZTn57FyfiGhUVr7xzGJM
	q+Vey8b4HhPZnjbuQYCcg4zhYkNp1N31p1iv7aNmQsQxMm+/xaNlZJ3NWxzSBkHVllTMSz
	lQLJru5HdWIoyati2zUFsxkexPC00xHmrl1vDhXXHyd9H5nNdqKefiMGInOY5uBnnnjPbI
	O4F0vqaUl/CXuc6Y+f93uqAS9Yua4M1WsD0hjijxcjQR8iqbIryQ4/YoIHU90Af7lKUH41
	wHsNW09Lyvi31Rkqs2nB6GTuXG2+npU1uv8wZQPRfkPMo6Rt/LG23g98jPW7WA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4X0VvD0xwLzm6R;
	Fri,  6 Sep 2024 09:15:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4869FaYG055413;
	Fri, 6 Sep 2024 09:15:36 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4869FaPb055410;
	Fri, 6 Sep 2024 09:15:36 GMT
	(envelope-from git)
Date: Fri, 6 Sep 2024 09:15:36 GMT
Message-Id: <202409060915.4869FaPb055410@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Mateusz Piotrowski <0mp@FreeBSD.org>
Subject: git: 09b332a71572 - main - security/openssh-portable: Add
  KERB_GSSAPI patch for 9.8p1
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-main@freebsd.org
Sender: owner-dev-commits-ports-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: 0mp
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 09b332a715723a2f6f390125e97effeffa1061b0
Auto-Submitted: auto-generated

The branch main has been updated by 0mp:

URL: https://cgit.FreeBSD.org/ports/commit/?id=09b332a715723a2f6f390125e97effeffa1061b0

commit 09b332a715723a2f6f390125e97effeffa1061b0
Author:     Mateusz Piotrowski <0mp@FreeBSD.org>
AuthorDate: 2024-08-16 08:33:26 +0000
Commit:     Mateusz Piotrowski <0mp@FreeBSD.org>
CommitDate: 2024-09-06 09:12:58 +0000

    security/openssh-portable: Add KERB_GSSAPI patch for 9.8p1
    
    This patch unbreaks the gssapi flavor.
    
    - Update the distfile location.
    - Remove files/extra-patch-gssapi-auth2-gss.c. The change is already
      present in the code so there is no need to carry this extra patch any
      further.
    - Add -lgssapi_krb5 to CONFIGURE_LIBS. It fixes the following build errors:
    
          ld: error: undefined symbol: gss_indicate_mechs
          >>> referenced by sshd.c
          >>>               sshd.o:(main)
          ld: error: undefined symbol: gss_release_oid_set
          >>> referenced by sshd.c
          >>>               sshd.o:(main)
    
    PR:             279437
    Approved by:    maintainer timeout
    Sponsored by:   Klara, Inc.
---
 security/openssh-portable/Makefile                            | 10 +++++-----
 security/openssh-portable/distinfo                            |  4 +++-
 .../openssh-portable/files/extra-patch-gssapi-auth2-gss.c     | 11 -----------
 3 files changed, 8 insertions(+), 17 deletions(-)

diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile
index 482ed3798104..97ba9e01adf9 100644
--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -102,22 +102,21 @@ PATCH_SITES+=	http://mirror.shatow.net/freebsd/${PORTNAME}/:DEFAULT,hpn,gsskex
 
 # Must add this patch before HPN due to conflicts
 .if ${PORT_OPTIONS:MKERB_GSSAPI} || ${FLAVOR:U} == gssapi
-BROKEN=	KERB_GSSAPI No patch for ${DISTVERSION} yet.
+#BROKEN=	KERB_GSSAPI No patch for ${DISTVERSION} yet.
 .  if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MNONECIPHER}
 # Needed glue for applying HPN patch without conflict
 EXTRA_PATCHES+=	${FILESDIR}/extra-patch-hpn-gss-glue
 .  endif
 # - See https://sources.debian.org/data/main/o/openssh/ for which subdir to
 # pull from.
-GSSAPI_DEBIAN_VERSION=	9.7p1
-GSSAPI_DEBIAN_SUBDIR=	${GSSAPI_DEBIAN_VERSION:U${DISTVERSION}}-2
+GSSAPI_DEBIAN_VERSION=	9.8p1
+GSSAPI_DEBIAN_SUBDIR=	${GSSAPI_DEBIAN_VERSION:U${DISTVERSION}}-3
 # - Debian does not use a versioned filename so we trick fetch to make one for
 # us with the ?<anything>=/ trick.
 PATCH_SITES+=	https://sources.debian.org/data/main/o/openssh/1:${GSSAPI_DEBIAN_SUBDIR}/debian/patches/gssapi.patch?dummy=/:gsskex
 # Bump this when updating the patch location
-GSSAPI_DISTVERSION=	9.7p1
+GSSAPI_DISTVERSION=	9.8p1
 PATCHFILES+=	openssh-${GSSAPI_DISTVERSION:U${DISTVERSION}}-gsskex-all-debian-rh-${GSSAPI_DISTVERSION}.patch:-p1:gsskex
-EXTRA_PATCHES+=	${FILESDIR}/extra-patch-gssapi-auth2-gss.c
 EXTRA_PATCHES+=	${FILESDIR}/extra-patch-gssapi-kexgssc.c
 EXTRA_PATCHES+=	${FILESDIR}/extra-patch-gssapi-kexgsss.c
 .endif
@@ -158,6 +157,7 @@ IGNORE=		you have selected HEIMDAL_BASE but do not have heimdal installed in bas
 CONFIGURE_LIBS+=	-lgssapi_krb5
 CONFIGURE_ARGS+=	--with-kerberos5=/usr
 .	else
+CONFIGURE_LIBS+=	-lgssapi_krb5
 CONFIGURE_ARGS+=	--with-kerberos5=${LOCALBASE}
 .	endif
 .	if ${OPENSSLBASE} == "/usr"
diff --git a/security/openssh-portable/distinfo b/security/openssh-portable/distinfo
index 53b8c023cdd9..11c1f02429d4 100644
--- a/security/openssh-portable/distinfo
+++ b/security/openssh-portable/distinfo
@@ -1,3 +1,5 @@
-TIMESTAMP = 1719864470
+TIMESTAMP = 1722605239
 SHA256 (openssh-9.8p1.tar.gz) = dd8bd002a379b5d499dfb050dd1fa9af8029e80461f4bb6c523c49973f5a39f3
 SIZE (openssh-9.8p1.tar.gz) = 1910393
+SHA256 (openssh-9.8p1-gsskex-all-debian-rh-9.8p1.patch) = f5b93bf8076aa386afa63e98bb5b39b6e477b8ccb24d2d4b700f6cd685be6f78
+SIZE (openssh-9.8p1-gsskex-all-debian-rh-9.8p1.patch) = 125084
diff --git a/security/openssh-portable/files/extra-patch-gssapi-auth2-gss.c b/security/openssh-portable/files/extra-patch-gssapi-auth2-gss.c
deleted file mode 100644
index 68170a9f8e79..000000000000
--- a/security/openssh-portable/files/extra-patch-gssapi-auth2-gss.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- auth2-gss.c.orig	2022-03-03 10:56:35.668672000 -0800
-+++ auth2-gss.c	2022-03-03 11:03:16.048838000 -0800
-@@ -59,7 +59,7 @@ static int input_gssapi_errtok(int, u_int32_t, struct 
-  * The 'gssapi_keyex' userauth mechanism.
-  */
- static int
--userauth_gsskeyex(struct ssh *ssh)
-+userauth_gsskeyex(struct ssh *ssh, const char *method)
- {
- 	Authctxt *authctxt = ssh->authctxt;
- 	int r, authenticated = 0;