diff options
| author |   Haelwenn (lanodan) Monnier <contact@hacktivis.me> | 2024-01-04 02:57:46 +0100 |
|---|---|---|
| committer |   Yixun Lan <dlan@gentoo.org> | 2024-01-07 00:34:33 +0000 |
| commit | 1bcc59a0043c07b7aeaf3bfb3b40503fa55d4a9b (patch) | |
| tree | 31208b43ea293181c95dbedab986ae365f9376f4 /net-misc/tinyssh | |
| parent | profiles: mask tac_plus (diff) | |
| download | gentoo-1bcc59a0043c07b7aeaf3bfb3b40503fa55d4a9b.tar.gz gentoo-1bcc59a0043c07b7aeaf3bfb3b40503fa55d4a9b.tar.bz2 gentoo-1bcc59a0043c07b7aeaf3bfb3b40503fa55d4a9b.zip | |
net-misc/tinyssh: add 20240101
Adds kex-strict-s-v00@openssh.com support, required to mitigate
CVE-2023-48795 aka Terrapin.
Links: https://github.com/advisories/GHSA-45x7-px36-x8w8
Signed-off-by: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Signed-off-by: Yixun Lan <dlan@gentoo.org>
Diffstat (limited to 'net-misc/tinyssh')
| -rw-r--r-- | net-misc/tinyssh/Manifest | 1 | ||||
| -rw-r--r-- | net-misc/tinyssh/tinyssh-20240101.ebuild | 73 |
2 files changed, 74 insertions, 0 deletions
diff --git a/net-misc/tinyssh/Manifest b/net-misc/tinyssh/Manifest index 4b4495c26cdb..5d54a5ceaa82 100644 --- a/net-misc/tinyssh/Manifest +++ b/net-misc/tinyssh/Manifest @@ -1 +1,2 @@ DIST tinyssh-20230101.tar.gz 249091 BLAKE2B 5efb6eab07c136763ab27588661618763d2ca174dce4b0f4b5fd5dcca56044f8361342de780931070cff8efe43f6efa68eaf912e9ae38febfcff733f79e23018 SHA512 6beaf266058a89a78c710abd1a02feff0641a93d0d92aa07a1ad1ba3f6b3344bc312bb5a4cd5c06c6dcc83d25e48a801f9cfcfbb3de0f73904f36d32d4430482 +DIST tinyssh-20240101.tar.gz 249848 BLAKE2B 228547c6f4acae3b77a338df1ced3a49e0b4c72257ce081b3b50941c29c5a39a0b1623f6aefce2721b9dde9fae03cb8c1c87b6b019658d578ddcca99e0a021f5 SHA512 b48561cfc11bb6d2e9b1c805c9dfc36be5f1bbbf04a455b8db3f02b5b8df15e420fcd93d58fb23526baaf0fd70e9969deca261152a656015f12a433a61092e90 diff --git a/net-misc/tinyssh/tinyssh-20240101.ebuild b/net-misc/tinyssh/tinyssh-20240101.ebuild new file mode 100644 index 000000000000..5164323fe0c6 --- /dev/null +++ b/net-misc/tinyssh/tinyssh-20240101.ebuild @@ -0,0 +1,73 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="A small SSH server with state-of-the-art cryptography" +HOMEPAGE="https://tinyssh.org" +if [[ "${PV}" == "99999999" ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/janmojzis/tinyssh.git" +else + SRC_URI="https://github.com/janmojzis/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~x86" +fi + +LICENSE="CC0-1.0" +SLOT="0" + +IUSE="+sodium" + +DEPEND=" + sodium? ( dev-libs/libsodium:= ) +" +RDEPEND=" + ${DEPEND} + sys-apps/ucspi-tcp +" + +src_prepare() { + # Leave optimization level to user CFLAGS + sed -i 's/-Os -fomit-frame-pointer -funroll-loops//g' ./conf-cc || die + + # Use make-tinysshcc.sh script, which has no tests and doesn't execute + # binaries. See https://github.com/janmojzis/tinyssh/issues/2 + sed -i 's/make-tinyssh\.sh/make-tinysshcc.sh/g' ./Makefile || die + + default +} + +src_compile() { + tc-export PKG_CONFIG + + if use sodium + then + emake \ + CC="$(tc-getCC)" \ + LIBS="$("${PKG_CONFIG}" --libs libsodium)" \ + CFLAGS="${CFLAGS} $("${PKG_CONFIG}" --cflags libsodium)" \ + LDFLAGS="${LDFLAGS}" + else + emake CC="$(tc-getCC)" + fi +} + +src_install() { + dosbin build/bin/tinysshd{,-makekey} + dobin build/bin/tinysshd-printkey + doman man/* + + newinitd "${FILESDIR}/${PN}.initd" "${PN}" + newconfd "${FILESDIR}/${PN}.confd" "${PN}" + + systemd_newunit "${FILESDIR}/${PN}.service" "${PN}@.service" + systemd_newunit "${FILESDIR}/${PN}.socket" "${PN}@.socket" + systemd_dounit "${FILESDIR}/${PN}-makekey.service" +} + +pkg_postinst() { + einfo "TinySSH is in beta stage, and ready for production use." + einfo "See https://tinyssh.org for more information." +} |