svn commit: r382887 - head/security/openssh-portable

Bryan Drewery bdrewery at FreeBSD.org
Wed Apr 1 01:04:24 UTC 2015 

Author: bdrewery
Date: Wed Apr  1 01:04:23 2015
New Revision: 382887
URL: https://svnweb.freebsd.org/changeset/ports/382887
QAT: https://qat.redports.org/buildarchive/r382887/

Log:
  Make the check added in 2013 in r330200 for a bad ECDSA key actually work.

Modified:
  head/security/openssh-portable/Makefile
  head/security/openssh-portable/pkg-plist

Modified: head/security/openssh-portable/Makefile
==============================================================================
--- head/security/openssh-portable/Makefile	Wed Apr  1 01:02:17 2015	(r382886)
+++ head/security/openssh-portable/Makefile	Wed Apr  1 01:04:23 2015	(r382887)
@@ -3,7 +3,7 @@
 
 PORTNAME=	openssh
 DISTVERSION=	6.7p1
-PORTREVISION=	4
+PORTREVISION=	5
 PORTEPOCH=	1
 CATEGORIES=	security ipv6
 MASTER_SITES=	${MASTER_SITE_OPENBSD}

Modified: head/security/openssh-portable/pkg-plist
==============================================================================
--- head/security/openssh-portable/pkg-plist	Wed Apr  1 01:02:17 2015	(r382886)
+++ head/security/openssh-portable/pkg-plist	Wed Apr  1 01:04:23 2015	(r382887)
@@ -13,7 +13,7 @@ etc/ssh/moduli
 @sample etc/ssh/ssh_config.sample
 @sample etc/ssh/sshd_config.sample
 %%X509%%@dir etc/ssh/ca
- at exec if [ -f %D/etc/ssh_host_ecdsa_key ] && grep -q DSA %D/etc/ssh_host_ecdsa_key; then echo; echo "\!/ Warning \!/"; echo; echo "Your %D/etc/ssh_host_ecdsa_key is not a valid ECDSA key. It is incorrectly"; echo "a DSA key due to a bug fixed in 2012 in the security/openssh-portable port."; echo; echo "Regenerate a proper one with: rm -f %D/etc/ssh_host_ecdsa_key*; service openssh restart"; echo; echo "Clients should not see any key change warning since the ECDSA was not valid and was not actually"; echo "used by the server."; echo; echo "\!/ Warning \!/"; fi
+ at exec if [ -f %D/%%ETCDIR%%/ssh_host_ecdsa_key ] && grep -q DSA %D/%%ETCDIR%%/ssh_host_ecdsa_key; then echo; echo "\!/ Warning \!/"; echo; echo "Your %D/%%ETCDIR%%/ssh_host_ecdsa_key is not a valid ECDSA key. It is incorrectly"; echo "a DSA key due to a bug fixed in 2012 in the security/openssh-portable port."; echo; echo "Regenerate a proper one with: rm -f %D/%%ETCDIR%%/ssh_host_ecdsa_key*; service openssh restart"; echo; echo "Clients should not see any key change warning since the ECDSA was not valid and was not actually"; echo "used by the server."; echo; echo "\!/ Warning \!/"; fi
 sbin/sshd
 libexec/sftp-server
 libexec/ssh-keysign

More information about the svn-ports-head mailing list