Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch')
-rw-r--r--net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch216
1 files changed, 0 insertions, 216 deletions
diff --git a/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch b/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
deleted file mode 100644
index 0ad814f95d87..000000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-Only in b: .openssh-7_8_P1-hpn-AES-CTR-14.16.diff.un~
-Only in b: .openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff.un~
-diff -ru a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff
---- a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2019-10-10 13:48:31.513603947 -0700
-+++ b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2019-10-10 13:50:15.012495676 -0700
-@@ -17,8 +17,8 @@
- canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
- - cipher-ctr.o cleanup.o \
- + cipher-ctr.o cleanup.o cipher-ctr-mt.o \
-- compat.o crc32.o fatal.o hostfile.o \
-- log.o match.o moduli.o nchan.o packet.o opacket.o \
-+ compat.o fatal.o hostfile.o \
-+ log.o match.o moduli.o nchan.o packet.o \
- readpass.o ttymodes.o xmalloc.o addrmatch.o \
- diff --git a/cipher-ctr-mt.c b/cipher-ctr-mt.c
- new file mode 100644
-@@ -998,7 +998,7 @@
- + * so we repoint the define to the multithreaded evp. To start the threads we
- + * then force a rekey
- + */
--+ const void *cc = ssh_packet_get_send_context(active_state);
-++ const void *cc = ssh_packet_get_send_context(ssh);
- +
- + /* only do this for the ctr cipher. otherwise gcm mode breaks. Don't know why though */
- + if (strstr(cipher_ctx_name(cc), "ctr")) {
-@@ -1028,7 +1028,7 @@
- + * so we repoint the define to the multithreaded evp. To start the threads we
- + * then force a rekey
- + */
--+ const void *cc = ssh_packet_get_send_context(active_state);
-++ const void *cc = ssh_packet_get_send_context(ssh);
- +
- + /* only rekey if necessary. If we don't do this gcm mode cipher breaks */
- + if (strstr(cipher_ctx_name(cc), "ctr")) {
-diff -ru a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff
---- a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-10-10 13:47:54.801642144 -0700
-+++ b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-10-10 15:58:05.085803333 -0700
-@@ -162,24 +162,24 @@
- }
-
- +static int
--+channel_tcpwinsz(void)
-++channel_tcpwinsz(struct ssh *ssh)
- +{
- + u_int32_t tcpwinsz = 0;
- + socklen_t optsz = sizeof(tcpwinsz);
- + int ret = -1;
- +
- + /* if we aren't on a socket return 128KB */
--+ if (!packet_connection_is_on_socket())
-++ if (!ssh_packet_connection_is_on_socket(ssh))
- + return 128 * 1024;
- +
--+ ret = getsockopt(packet_get_connection_in(),
-++ ret = getsockopt(ssh_packet_get_connection_in(ssh),
- + SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz);
- + /* return no more than SSHBUF_SIZE_MAX (currently 256MB) */
- + if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX)
- + tcpwinsz = SSHBUF_SIZE_MAX;
- +
- + debug2("tcpwinsz: tcp connection %d, Receive window: %d",
--+ packet_get_connection_in(), tcpwinsz);
-++ ssh_packet_get_connection_in(ssh), tcpwinsz);
- + return tcpwinsz;
- +}
- +
-@@ -191,7 +191,7 @@
- c->local_window < c->local_window_max/2) &&
- c->local_consumed > 0) {
- + u_int addition = 0;
--+ u_int32_t tcpwinsz = channel_tcpwinsz();
-++ u_int32_t tcpwinsz = channel_tcpwinsz(ssh);
- + /* adjust max window size if we are in a dynamic environment */
- + if (c->dynamic_window && (tcpwinsz > c->local_window_max)) {
- + /* grow the window somewhat aggressively to maintain pressure */
-@@ -409,18 +409,10 @@
- index dcf35e6..da4ced0 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -920,6 +920,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -920,6 +920,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
- return 0;
- }
-
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+ rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
- #define MAX_PACKETS (1U<<31)
- static int
- ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -946,6 +964,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- return 0;
--
--+ /* used to force rekeying when called for by the none
--+ * cipher switch methods -cjr */
--+ if (rekey_requested == 1) {
--+ rekey_requested = 0;
--+ return 1;
--+ }
--+
-- /* Time-based rekeying */
-- if (state->rekey_interval != 0 &&
-- (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 170203c..f4d9df2 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
- /* Format of the configuration file:
-
- @@ -166,6 +167,8 @@ typedef enum {
-- oHashKnownHosts,
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -615,9 +593,9 @@
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
- @@ -111,7 +115,10 @@ typedef struct {
--
- int enable_ssh_keysign;
- int64_t rekey_limit;
-+ int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -633,7 +611,7 @@
- off_t i, statbytes;
- size_t amt, nr;
- int fd = -1, haderr, indx;
--- char *last, *name, buf[2048], encname[PATH_MAX];
-+- char *last, *name, buf[PATH_MAX + 128], encname[PATH_MAX];
- + char *last, *name, buf[16384], encname[PATH_MAX];
- int len;
-
-@@ -673,9 +651,9 @@
- /* Portable-specific options */
- if (options->use_pam == -1)
- @@ -391,6 +400,43 @@ fill_default_server_options(ServerOptions *options)
-- }
-- if (options->permit_tun == -1)
- options->permit_tun = SSH_TUNMODE_NO;
-+ if (options->disable_multithreaded == -1)
-+ options->disable_multithreaded = 0;
- + if (options->none_enabled == -1)
- + options->none_enabled = 0;
- + if (options->hpn_disabled == -1)
-@@ -1092,7 +1070,7 @@
- xxx_host = host;
- xxx_hostaddr = hostaddr;
-
--@@ -412,6 +423,28 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-+@@ -412,6 +423,27 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-
- if (!authctxt.success)
- fatal("Authentication failed.");
-@@ -1108,7 +1086,7 @@
- + memcpy(&myproposal, &myproposal_default, sizeof(myproposal));
- + myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
- + myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
--+ kex_prop2buf(active_state->kex->my, myproposal);
-++ kex_prop2buf(ssh->kex->my, myproposal);
- + packet_request_rekeying();
- + fprintf(stderr, "WARNING: ENABLED NONE CIPHER\n");
- + } else {
-@@ -1117,23 +1095,13 @@
- + fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
- + }
- + }
--+
-- debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
-
-+ #ifdef WITH_OPENSSL
-+ if (options.disable_multithreaded == 0) {
- diff --git a/sshd.c b/sshd.c
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
- +++ b/sshd.c
--@@ -373,7 +373,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-- char remote_version[256]; /* Must be at least as big as buf. */
--
-- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
--+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-- *options.version_addendum == '\0' ? "" : " ",
-- options.version_addendum);
--
- @@ -1037,6 +1037,8 @@ listen_on_addrs(struct listenaddr *la)
- int ret, listen_sock;
- struct addrinfo *ai;
-@@ -1217,11 +1185,10 @@
- index f1bbf00..21a70c2 100644
- --- a/version.h
- +++ b/version.h
--@@ -3,4 +3,6 @@
-+@@ -3,4 +3,5 @@
- #define SSH_VERSION "OpenSSH_7.8"
-
- #define SSH_PORTABLE "p1"
- -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v16"
- +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
- +