summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net-misc/keychain/files/keychain-2.8.5-empty-ssh-askpass.patch21
-rw-r--r--net-misc/keychain/files/keychain-2.8.5-malformed-ssh-key.patch28
-rw-r--r--net-misc/keychain/files/keychain-2.8.5-typos.patch88
-rw-r--r--net-misc/keychain/keychain-2.8.5-r2.ebuild27
4 files changed, 164 insertions, 0 deletions
diff --git a/net-misc/keychain/files/keychain-2.8.5-empty-ssh-askpass.patch b/net-misc/keychain/files/keychain-2.8.5-empty-ssh-askpass.patch
new file mode 100644
index 000000000000..00c93c8c07d9
--- /dev/null
+++ b/net-misc/keychain/files/keychain-2.8.5-empty-ssh-askpass.patch
@@ -0,0 +1,21 @@
+https://salsa.debian.org/debian/keychain/-/blob/debian/master/debian/patches/empty-ssh-askpass.patch
+
+Description: Handle an empty (or unset) SSH_ASKPASS variable
+Bug-Debian: https://bugs.debian.org/325644
+Forwarded: no
+Author: Peter Pentchev <roam@debian.org>
+Author: Tim Connors <twc@aaocbn.aao.gov.au>
+Last-Updated: 2023-01-06
+
+--- a/keychain.sh
++++ b/keychain.sh
+@@ -1420,6 +1420,9 @@
+ IFS="$old_IFS" # restore IFS
+ set +f # re-enable globbing
+
++ if [ -z "$SSH_ASKPASS" ]; then
++ SSH_ASKPASS="$(command -v ssh-askpass || true)"
++ fi
+ if $noguiopt || [ -z "$SSH_ASKPASS" -o -z "$DISPLAY" ]; then
+ unset DISPLAY # DISPLAY="" can cause problems
+ unset SSH_ASKPASS # make sure ssh-add doesn't try SSH_ASKPASS
diff --git a/net-misc/keychain/files/keychain-2.8.5-malformed-ssh-key.patch b/net-misc/keychain/files/keychain-2.8.5-malformed-ssh-key.patch
new file mode 100644
index 000000000000..ef1ab63898d1
--- /dev/null
+++ b/net-misc/keychain/files/keychain-2.8.5-malformed-ssh-key.patch
@@ -0,0 +1,28 @@
+https://salsa.debian.org/debian/keychain/-/blob/debian/master/debian/patches/malformed-ssh-key.patch
+
+Description: Display a more visible warning for a malformed SSH public key.
+Bug-Debian: https://bugs.debian.org/673019
+Forwarded: https://github.com/funtoo/keychain/pull/111
+Author: Ryan Kavanagh <rak@debian.org>
+Author: Peter Pentchev <roam@debian.org>
+Last-Update: 2019-02-18
+
+--- a/keychain.sh
++++ b/keychain.sh
+@@ -853,7 +853,15 @@
+
+ for slm_k in "$@"; do
+ # Fingerprint current user-specified key
+- slm_finger=$(ssh_f "$slm_k") || continue
++ if ! slm_finger=$(ssh_f "$slm_k"); then
++ warn "Unable to extract fingerprint from keyfile ${slm_k}.pub, skipping"
++ continue
++ fi
++ slm_wordcount="$(printf -- '%s\n' "$slm_finger" | wc -w)"
++ if [ "$slm_wordcount" -ne 1 ]; then
++ warn "Unable to extract exactly one key fingerprint from keyfile ${slm_k}.pub, got $slm_wordcount instead, skipping"
++ continue
++ fi
+
+ # Check if it needs to be added
+ case " $sshavail " in
diff --git a/net-misc/keychain/files/keychain-2.8.5-typos.patch b/net-misc/keychain/files/keychain-2.8.5-typos.patch
new file mode 100644
index 000000000000..6356ae44df9a
--- /dev/null
+++ b/net-misc/keychain/files/keychain-2.8.5-typos.patch
@@ -0,0 +1,88 @@
+https://salsa.debian.org/debian/keychain/-/blob/debian/master/debian/patches/typos.patch
+
+Description: Correct some typographical and grammatical errors.
+Forwarded: https://github.com/funtoo/keychain/pull/112
+Author: Peter Pentchev <roam@ringlet.net>
+Last-Update: 2020-05-07
+
+--- a/keychain.pod
++++ b/keychain.pod
+@@ -43,7 +43,7 @@
+
+ As an additional feature, if a private key has an extension ".ext", keychain
+ will look for privkey.ext.pub first, and if not found, will look for
+-privkeyname.pub.
++privkey.pub.
+
+ Keychain also supports gpg-agent in the same ways that ssh-agent is
+ supported. By default keychain attempts to start ssh-agent only.
+@@ -227,7 +227,7 @@
+
+ =item others
+
+-Kill agent processes other than the one keychain is providing. Prior
++Kill agent processes other than the ones keychain is providing. Prior
+ to keychain-2.5.0, keychain would do this automatically. The new
+ behavior requires that you specify it explicitly if you want it.
+
+--- a/Makefile
++++ b/Makefile
+@@ -27,7 +27,7 @@
+ keychain.1.gz: keychain.1
+ gzip -9 keychain.1
+
+-GENKEYCHAINPL = open P, "keychain.txt" or die "cant open keychain.txt"; \
++GENKEYCHAINPL = open P, "keychain.txt" or die "cannot open keychain.txt"; \
+ while (<P>) { \
+ $$printing = 0 if /^\w/; \
+ $$printing = 1 if /^(SYNOPSIS|OPTIONS)/; \
+@@ -39,7 +39,7 @@
+ s/(^|\s)(-+[-\w]+)/$$1\$${GREEN}$$2\$${OFF}/g; \
+ $$pod .= $$_; \
+ }; \
+- open B, "keychain.sh" or die "cant open keychain.sh"; \
++ open B, "keychain.sh" or die "cannot open keychain.sh"; \
+ $$/ = undef; \
+ $$_ = <B>; \
+ s/INSERT_POD_OUTPUT_HERE[\r\n]/$$pod/ || die; \
+--- a/README.md
++++ b/README.md
+@@ -3,12 +3,12 @@
+
+ Please apply your patches to `keychain.sh`, *not* the generated `keychain`
+ script, which we are now including in the git repo to facilitate the
+-distribution of release archives direct from GitHub. All development work will
+-be done on the 'devel' branch and will only be merged with the master branch when
++distribution of release archives directly from GitHub. All development work will
++be done on the 'devel' branch and will only be merged into the master branch when
+ a new release is made. This should allow the generated files (keychain, man pages,
+-spec file)to remain in sync on the master branch but no guarantees are made except
++spec file) to remain in sync on the master branch but no guarantees are made except
+ for the tagged release. They will be regenerated for official release archives
+-only (those tagged with the release version.). Anyone using or contributing to the
++only (those tagged with the release version). Anyone using or contributing to the
+ 'devel' branch should assume the generated files are out of date and regenerate
+ locally if needed.
+ Thanks!
+--- a/keychain
++++ b/keychain
+@@ -354,7 +354,7 @@
+ # This function originates from Parallels Inc.'s OpenVZ vpsreboot script
+
+ # Description: This function attempts to acquire the lock. If it succeeds,
+- # it returns 0. If it fails, it returns 1. This function retuns immediately
++ # it returns 0. If it fails, it returns 1. This function returns immediately
+ # and only tries to acquire the lock once.
+
+ tmpfile="$lockf.$$"
+--- a/keychain.sh
++++ b/keychain.sh
+@@ -173,7 +173,7 @@
+ # This function originates from Parallels Inc.'s OpenVZ vpsreboot script
+
+ # Description: This function attempts to acquire the lock. If it succeeds,
+- # it returns 0. If it fails, it returns 1. This function retuns immediately
++ # it returns 0. If it fails, it returns 1. This function returns immediately
+ # and only tries to acquire the lock once.
+
+ tmpfile="$lockf.$$"
diff --git a/net-misc/keychain/keychain-2.8.5-r2.ebuild b/net-misc/keychain/keychain-2.8.5-r2.ebuild
new file mode 100644
index 000000000000..6bb4d3533258
--- /dev/null
+++ b/net-misc/keychain/keychain-2.8.5-r2.ebuild
@@ -0,0 +1,27 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="Agent manager for OpenSSH, ssh.com, Sun SSH, and GnuPG"
+HOMEPAGE="https://www.funtoo.org/Keychain"
+SRC_URI="https://github.com/funtoo/keychain/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+
+BDEPEND="dev-lang/perl"
+
+PATCHES=(
+ # Patches from Debian
+ "${FILESDIR}/${P}-malformed-ssh-key.patch"
+ "${FILESDIR}/${P}-typos.patch"
+ "${FILESDIR}/${P}-empty-ssh-askpass.patch"
+)
+
+src_install() {
+ dobin ${PN}
+ doman ${PN}.1
+ dodoc ChangeLog README.md
+}