From 3235a54cd762fc3ff512d4b38c10823ba0b5a8f2 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 4 Oct 2021 01:19:28 +0200 Subject: gnu: openssh: Update to 8.8p1 [security fixes]. The securities fixed did not affect the default installation. * gnu/packages/ssh.scm (openssh): Update to 8.8p1. [arguments]: Don't explicitly return #t from phases. --- gnu/packages/ssh.scm | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 0a6d97e46c..2240811be9 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -186,7 +186,7 @@ (define-public libssh2 (define-public openssh (package (name "openssh") - (version "8.7p1") + (version "8.8p1") (source (origin (method url-fetch) (uri (string-append "mirror://openbsd/OpenSSH/portable/" @@ -194,7 +194,7 @@ (define-public openssh (patches (search-patches "openssh-hurd.patch")) (sha256 (base32 - "090yxpi03pxxzb4ppx8g8hdpw7c4nf8p0avr6c7ybsaana5lp8vw")))) + "1s8z6f7mi1pwsl79cqai8cr350m5lf2ifcxff57wx6mvm478k425")))) (build-system gnu-build-system) (native-inputs `(("groff" ,groff) ("pkg-config" ,pkg-config))) @@ -244,8 +244,7 @@ (define-public openssh (let ((out (assoc-ref outputs "out"))) (substitute* "Makefile" (("PRIVSEP_PATH=/var/empty") - (string-append "PRIVSEP_PATH=" out "/var/empty"))) - #t))) + (string-append "PRIVSEP_PATH=" out "/var/empty")))))) (add-before 'check 'patch-tests (lambda _ (substitute* "regress/test-exec.sh" @@ -255,8 +254,7 @@ (define-public openssh (substitute* (list "Makefile" "regress/Makefile") (("^(tests:.*) t-exec(.*)" all pre post) - (string-append pre post))) - #t)) + (string-append pre post))))) (replace 'install (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) ;; Install without host keys and system configuration files. @@ -268,8 +266,7 @@ (define-public openssh "/bin/ssh-copy-id") #o555) (install-file "contrib/ssh-copy-id.1" (string-append (assoc-ref outputs "out") - "/share/man/man1/")) - #t))))) + "/share/man/man1/"))))))) (synopsis "Client and server for the secure shell (ssh) protocol") (description "The SSH2 protocol implemented in OpenSSH is standardised by the -- cgit v1.2.3 From ec7bcdc35af17021a9dfd73ef49750d0ad82b989 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 4 Oct 2021 02:06:49 +0200 Subject: gnu: openssh: Remove empty /var/empty. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/ssh.scm (openssh)[arguments]: Delete /var/empty after ‘make install’. Make the rest less repetitive—no functional changes. --- gnu/packages/ssh.scm | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 2240811be9..f7e6286db0 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -256,17 +256,19 @@ (define-public openssh (("^(tests:.*) t-exec(.*)" all pre post) (string-append pre post))))) (replace 'install - (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) - ;; Install without host keys and system configuration files. - (apply invoke "make" "install-nosysconf" make-flags) - (install-file "contrib/ssh-copy-id" - (string-append (assoc-ref outputs "out") - "/bin/")) - (chmod (string-append (assoc-ref outputs "out") - "/bin/ssh-copy-id") #o555) - (install-file "contrib/ssh-copy-id.1" - (string-append (assoc-ref outputs "out") - "/share/man/man1/"))))))) + (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + ;; Install without host keys and system configuration files. + (apply invoke "make" "install-nosysconf" make-flags) + (with-directory-excursion out + (rmdir "var/empty") + (rmdir "var")) + (with-directory-excursion "contrib" + (chmod "ssh-copy-id" #o555) + (install-file "ssh-copy-id" + (string-append out "/bin/")) + (install-file "ssh-copy-id.1" + (string-append out "/share/man/man1/"))))))))) (synopsis "Client and server for the secure shell (ssh) protocol") (description "The SSH2 protocol implemented in OpenSSH is standardised by the -- cgit v1.2.3 From a03562b478f50c302b6398fe5793fc072ed621f2 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 4 Oct 2021 14:18:45 +0200 Subject: Revert "gnu: openssh: Remove empty /var/empty." Oh, hello, you must be new here: $ git show ba912479e8481d69b699ce348b35d5d70f0c9367 That silly person really ought to have added a comment to the code, shouldn't they? This reverts similar changes made in commit ec7bcdc35af17021a9dfd73ef49750d0ad82b989, and adds one. --- gnu/packages/ssh.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index f7e6286db0..4e217888fd 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -259,10 +259,9 @@ (define-public openssh (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) (let ((out (assoc-ref outputs "out"))) ;; Install without host keys and system configuration files. + ;; This will install /var/empty to the store, which is needed + ;; by the system openssh-service-type. (apply invoke "make" "install-nosysconf" make-flags) - (with-directory-excursion out - (rmdir "var/empty") - (rmdir "var")) (with-directory-excursion "contrib" (chmod "ssh-copy-id" #o555) (install-file "ssh-copy-id" -- cgit v1.2.3