misc/142819: [patch] security/openssh-portable: port fails to patch when both X509 and KERB_GSSAPI are selected

Scot Hetzel swhetzel at gmail.com
Thu Jan 14 09:00:09 UTC 2010 

>Number:         142819
>Category:       misc
>Synopsis:       [patch] security/openssh-portable: port fails to patch when both X509 and KERB_GSSAPI are selected
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 14 09:00:08 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Scot Hetzel
>Release:        FreeBSD 8.0
>Organization:
>Environment:
FreeBSD dv8t01 8.0-STABLE FreeBSD 8.0-STABLE #10 r201599M: Tue Jan  5 14:29:56 CST 2010     swhetzel at dv8t01:/usr/obj/usr/src/8-stable/sys/GENERIC  amd64

>Description:
When the port options KERBEROS, GSSAPI, KERB_GSSAPI, and X509 are selected, the port fails to patch. If either KERB_GSSAPI or X509 are not selected then the port will complete the patch stage.
>How-To-Repeat:
# make config
(select KERBEROS, GSSAPI, KERB_GSSAPI and X509)
# make patch
===>  Vulnerability check disabled, database not found
===>  Found saved configuration for openssh-portable-5.2.p1_2,1
===>  Extracting for openssh-gssapi-5.2.p1_2,1
=> MD5 Checksum OK for openssh-5.2p1.tar.gz.
=> SHA256 Checksum OK for openssh-5.2p1.tar.gz.
=> MD5 Checksum OK for openssh-5.2p1-gsskex-all-20090726.patch.
=> SHA256 Checksum OK for openssh-5.2p1-gsskex-all-20090726.patch.
=> MD5 Checksum OK for openssh-5.2p1+x509-6.2.diff.gz.
=> SHA256 Checksum OK for openssh-5.2p1+x509-6.2.diff.gz.
===>  Patching for openssh-gssapi-5.2.p1_2,1
===>  Applying distribution patches for openssh-gssapi-5.2.p1_2,1
1 out of 3 hunks failed--saving rejects to key.h.rej
1 out of 16 hunks failed--saving rejects to Makefile.in.rej
1 out of 15 hunks failed--saving rejects to sshd_config.5.rej
*** Error code 3

Stop in /usr/ports/security/openssh-portable.
*** Error code 1

Stop in /usr/ports/security/openssh-portable.
>Fix:
The attached patch marks the port BROKEN when both KERB_GSSAPI and X509 are selected.

Patch attached with submission follows:

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/security/openssh-portable/Makefile,v
retrieving revision 1.144
diff -u -r1.144 Makefile
--- Makefile	16 Dec 2009 16:43:21 -0000	1.144
+++ Makefile	14 Jan 2010 08:29:17 -0000
@@ -74,6 +74,10 @@
 BROKEN=		X509 patch incompatible with HPN and LPK patches
 .endif
 
+.if defined(WITH_X509) && defined(WITH_KERB_GSSAPI)
+BROKEN=		X509 patch incompatible with KERB_GSSAPI patch
+.endif
+
 .if defined(OPENSSH_OVERWRITE_BASE)
 WITH_OVERWRITE_BASE=	yes
 .endif


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list