Thu Mar 19 20:23:55 2015 UTC ()
Add patch from MacPorts to fix X11 forwarding under Mac OS X Yosemite.
(tron)
diff -r1.227 -r1.228 pkgsrc/security/openssh/Makefile
diff -r1.87 -r1.88 pkgsrc/security/openssh/distinfo
diff -r0 -r1.1 pkgsrc/security/openssh/patches/patch-channels.c
diff -r0 -r1.1 pkgsrc/security/openssh/patches/patch-clientloop.c
--- pkgsrc/security/openssh/Makefile 2015/02/16 11:03:20 1.227
+++ pkgsrc/security/openssh/Makefile 2015/03/19 20:23:55 1.228
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.227 2015/02/16 11:03:20 jperkin Exp $
+# $NetBSD: Makefile,v 1.228 2015/03/19 20:23:55 tron Exp $
DISTNAME= openssh-6.6p1
PKGNAME= openssh-6.6.1
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
--- pkgsrc/security/openssh/distinfo 2014/10/08 15:50:22 1.87
+++ pkgsrc/security/openssh/distinfo 2015/03/19 20:23:55 1.88
@@ -1,8 +1,5 @@
-$NetBSD: distinfo,v 1.87 2014/10/08 15:50:22 taca Exp $
+$NetBSD: distinfo,v 1.88 2015/03/19 20:23:55 tron Exp $
-SHA1 (openssh-6.6p1-hpnssh14v4.diff.gz) = 1cb86c7151ea4c805cfb1197eac13844cd8f2f2c
-RMD160 (openssh-6.6p1-hpnssh14v4.diff.gz) = 292cea7880ff66040d915f2d5957dd27d0835984
-Size (openssh-6.6p1-hpnssh14v4.diff.gz) = 23417 bytes
SHA1 (openssh-6.6p1.tar.gz) = b850fd1af704942d9b3c2eff7ef6b3a59b6a6b6e
RMD160 (openssh-6.6p1.tar.gz) = e19ed34e240001898b6665bb4356b868bba5513d
Size (openssh-6.6p1.tar.gz) = 1282502 bytes
@@ -12,6 +9,8 @@
SHA1 (patch-auth.c) = 950b0380bcbb0fa1681014cfbb41528d09a10a18
SHA1 (patch-auth1.c) = 7b0481f445bc85cce9d7539b00bf581b9aa09fea
SHA1 (patch-auth2.c) = 8f4f97516874fc4af5814cbd3a1f59b9ca77b43f
+SHA1 (patch-channels.c) = 88af4136f13f93d73c70caacea0a2ded0601d1cf
+SHA1 (patch-clientloop.c) = 499f34ce4e067f1da8aca257cfa7dd820efa3504
SHA1 (patch-config.h.in) = 9799f48f204aa213318914f1d6c45e83a8af942f
SHA1 (patch-configure) = 3015dda57a5626667cf5c15c7c7be25f8844cfc6
SHA1 (patch-configure.ac) = 996a3bcf133a0832b9d7fa35cc0983562d9fa60a
$NetBSD: patch-channels.c,v 1.1 2015/03/19 20:23:55 tron Exp $
Fix X11 forwarding under Mac OS X Yosemite. Patch taken from MacPorts.
https://trac.macports.org/browser/trunk/dports/net/openssh/files/launchd.patch?rev=121205
--- channels.c.orig 2014-02-26 23:18:33.000000000 +0000
+++ channels.c 2015-03-19 20:16:04.000000000 +0000
@@ -3576,15 +3576,35 @@
* connection to the real X server.
*/
- /* Check if the display is from launchd. */
#ifdef __APPLE__
- if (strncmp(display, "/tmp/launch", 11) == 0) {
- sock = connect_local_xsocket_path(display);
- if (sock < 0)
- return -1;
+ /* Check if the display is a path to a socket (as set by launchd). */
+ {
+ char path[PATH_MAX];
+ struct stat sbuf;
+ int is_path_to_socket = 0;
+
+ strlcpy(path, display, sizeof(path));
+ if (0 == stat(path, &sbuf)) {
+ is_path_to_socket = 1;
+ } else {
+ char *dot = strrchr(path, '.');
+ if (dot) {
+ *dot = '\0';
+ /* screen = atoi(dot + 1); */
+ if (0 == stat(path, &sbuf)) {
+ is_path_to_socket=1;
+ }
+ }
+ }
- /* OK, we now have a connection to the display. */
- return sock;
+ if (is_path_to_socket) {
+ sock = connect_local_xsocket_path(path);
+ if (sock < 0)
+ return -1;
+
+ /* OK, we now have a connection to the display. */
+ return sock;
+ }
}
#endif
/*
$NetBSD: patch-clientloop.c,v 1.1 2015/03/19 20:23:55 tron Exp $
Fix X11 forwarding under Mac OS X Yosemite. Patch taken from MacPorts.
https://trac.macports.org/browser/trunk/dports/net/openssh/files/launchd.patch?rev=121205
--- clientloop.c.orig 2014-02-04 00:20:15.000000000 +0000
+++ clientloop.c 2015-03-19 20:16:04.000000000 +0000
@@ -313,6 +313,10 @@
struct stat st;
u_int now;
+#if __APPLE__
+ int is_path_to_socket = 0;
+#endif /* __APPLE__ */
+
xauthdir = xauthfile = NULL;
*_proto = proto;
*_data = data;
@@ -328,6 +332,33 @@
debug("x11_get_proto: DISPLAY not set");
return;
}
+#if __APPLE__
+ {
+ /*
+ * If using launchd socket, remove the screen number from the end
+ * of $DISPLAY. is_path_to_socket is used later in this function
+ * to determine if an error should be displayed.
+ */
+ char path[PATH_MAX];
+ struct stat sbuf;
+
+ strlcpy(path, display, sizeof(path));
+ if (0 == stat(path, &sbuf)) {
+ is_path_to_socket = 1;
+ } else {
+ char *dot = strrchr(path, '.');
+ if (dot) {
+ *dot = '\0';
+ /* screen = atoi(dot + 1); */
+ if (0 == stat(path, &sbuf)) {
+ is_path_to_socket = 1;
+ debug("x11_get_proto: $DISPLAY is launchd, removing screennum");
+ setenv("DISPLAY", path, 1);
+ }
+ }
+ }
+ }
+#endif /* __APPLE__ */
/*
* Handle FamilyLocal case where $DISPLAY does
* not match an authorization entry. For this we
@@ -407,6 +438,9 @@
if (!got_data) {
u_int32_t rnd = 0;
+#if __APPLE__
+ if (!is_path_to_socket)
+#endif /* __APPLE__ */
logit("Warning: No xauth data; "
"using fake authentication data for X11 forwarding.");
strlcpy(proto, SSH_X11_PROTO, sizeof proto);