diff --git a/crypto/openssh/FREEBSD-tricks b/crypto/openssh/FREEBSD-tricks deleted file mode 100644 index 480bffc1db1..00000000000 --- a/crypto/openssh/FREEBSD-tricks +++ /dev/null @@ -1,14 +0,0 @@ -# $FreeBSD$ - -# Shell code to remove FreeBSD tags before merging -grep -rl '\$Fre[e]BSD:' . | grep -v FREEBSD >tags -cat tags | while read f ; do - sed -i.orig -e '/\$Fre[e]BSD:/d' $f -done - -# Shell + Perl code to add FreeBSD tags wherever an OpenBSD or Id tag occurs -cat tags | -xargs perl -n -i.orig -e 'print; s/\$(Id|OpenBSD): [^\$]*/\$FreeBSD/ && print' - -# Diff against vendor branch -svn diff --no-diff-deleted --old=$FSVN/vendor-crypto/openssh/dist/ --new=. diff --git a/crypto/openssh/FREEBSD-upgrade b/crypto/openssh/FREEBSD-upgrade index 2a3dc7f481c..11f9bda3f84 100644 --- a/crypto/openssh/FREEBSD-upgrade +++ b/crypto/openssh/FREEBSD-upgrade @@ -3,81 +3,97 @@ FreeBSD maintainer's guide to OpenSSH-portable ============================================== -XXX -XXX this needs a complete rewrite -XXX svn merge from vendor branch, resolve conflicts manually -XXX (see FREEBSD-tricks for tips on how to reduce conflicts) -XXX run freebsd-configure.sh to generate config.h and krb5_config.h -XXX svn diff Makefile.in to see if the Makefiles need adjusting -XXX +00) Make sure your mail spool has plenty of free space. It'll fill up + pretty fast once you're done with this checklist. -0) Make sure your mail spool has plenty of free space. It'll fill up - pretty fast once you're done with this checklist. +01) Download the latest OpenSSH-portable tarball and signature from + OpenBSD (ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/). -1) Grab the latest OpenSSH-portable tarball from the OpenBSD FTP - site (ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/) +02) Verify the signature: -2) Unpack the tarball in a suitable directory. + $ gpg --verify openssh-X.YpZ.tar.gz.asc - $ tar xf openssh-X.YpZ.tar.gz \ - -X /usr/src/crypto/openssh/FREEBSD-Xlist +03) Unpack the tarball in a suitable directory: -3) Remove trash: + $ tar xf openssh-X.YpZ.tar.gz - Make sure -X took care of everything, and if it didn't, make sure - to update FREEBSD-Xlist so you won't miss it the next time. A good - way to do this is to run a test import and see if any new files - show up: +04) Copy to the vendor directory: - $ cvs -n import src/crypto/openssh OPENSSH x | grep \^N + $ svn co svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/dist + $ rsync --archive --delete openssh-X.YpZ/ dist/ -4) Import the sources: +05) Take care of added / deleted files: - $ cvs import src/crypto/openssh OPENSSH OpenSSH_X_YpZ + $ svn rm $(svn stat dist | awk '$1 == "!" { print $2 }') + $ svn add --no-auto-props $(svn stat dist | awk '$1 == "?" { print $2 }') -5) Resolve conflicts. Remember to bump the version number and - addendum in version.h, and update the default value in - ssh{,d}_config and ssh{,d}_config.5. +06) Commit: -6) Generate configure and config.h.in: + $ svn commit -m "Vendor import of OpenSSH X.YpZ." dist - $ autoconf - $ autoheader +07) Tag: - Note: this requires a recent version of autoconf, not autoconf213. + $ svn copy -m "Tag OpenSSH X.YpZ." \ + svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/dist \ + svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/X.YpZ -7) Run configure with the appropriate arguments: +08) Check out head and run the pre-merge script: - $ ./configure --prefix=/usr --sysconfdir=/etc/ssh \ - --with-pam --with-tcp-wrappers --with-libedit \ - --with-ssl-engine + $ svn co svn+ssh://svn.freebsd.org/base/head + $ cd head/crypto/openssh + $ sh freebsd-pre-merge.sh - This will regenerate config.h, which must be committed along with - the rest. +09) Merge from the vendor branch: - Note that we don't want to configure OpenSSH for Kerberos using - configure since we have to be able to turn it on or off depending - on the value of MK_KERBEROS. Our Makefiles take care of this. + $ svn merge -cNNNNNN \^/vendor-crypto/openssh/dist . -8) If source files have been added or removed, update the appropriate - makefiles to reflect changes in the vendor's Makefile.in. +0A) Resolve conflicts. Remember to bump the version addendum in + version.h, and update the default value in ssh{,d}_config and + ssh{,d}_config.5. -9) Build libssh. Follow the instructions in ssh_namespace.h to get a - list of new symbols. Update ssh_namespace.h, build everything, - install and test. +0B) Diff against the vendor branch: -A) Build and test the pam_ssh PAM module. It gropes around libssh's - internals and will break if something significant changes or if - ssh_namespace.h is out of whack. + $ svn diff \^/vendor-crypto/openssh/dist . -B) Re-commit everything on repoman (you *did* use a test repo for - this, didn't you?) + Files that have modifications relative to the vendor code, and + only those files, must have the svn:keywords property set to + FreeBSD=%H and be listed in the 'keywords' file created by the + pre-merge script. + +0C) Run the post-merge script: + + $ sh freebsd-post-merge.sh + +0D) Run the configure script: + + $ sh freebsd-configure.sh + +0E) Check config.h very carefully. + +0F) If source files have been added or removed, update the appropriate + makefiles to reflect changes in the vendor's Makefile.in. + +10) Build libssh: + + $ cd ../../secure/lib/libssh && make obj && make depend && make + +11) Follow the instructions in ssh_namespace.h to get a list of new + symbols, and them to ssh_namespace.h. Keep it sorted! + +12) Build and install world, reboot, test. Pay particular attention + to pam_ssh(8), which gropes inside libssh and will break if + something significant changes or if ssh_namespace.h is out of + whack. + +13) Commit, and hunker down for the inevitable storm of complaints. An overview of FreeBSD changes to OpenSSH-portable ================================================== +XXX This section is out of date + 0) VersionAddendum The SSH protocol allows for a human-readable version string of up diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index a085de45584..985256277cb 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -1,4 +1,5 @@ /* $OpenBSD: auth.c,v 1.103 2013/05/19 02:42:42 djm Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index 5a359c714d6..238605174ac 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -1,4 +1,5 @@ /* $OpenBSD: auth2.c,v 1.129 2013/05/19 02:42:42 djm Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c index eac93daaa9e..2d3d22aa94a 100644 --- a/crypto/openssh/buffer.c +++ b/crypto/openssh/buffer.c @@ -14,6 +14,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index ffff261075e..bbdf15558b5 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -41,6 +41,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/cipher.c b/crypto/openssh/cipher.c index 2701da3c96c..6e4b9e298bf 100644 --- a/crypto/openssh/cipher.c +++ b/crypto/openssh/cipher.c @@ -37,6 +37,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index b7b1bec2998..d4336c615bf 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -61,6 +61,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index 77efc136485..4ca71cf99d8 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -25,6 +25,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include diff --git a/crypto/openssh/contrib/ssh-copy-id.1 b/crypto/openssh/contrib/ssh-copy-id.1 index 67a59e492a9..ccf325f1aa4 100644 --- a/crypto/openssh/contrib/ssh-copy-id.1 +++ b/crypto/openssh/contrib/ssh-copy-id.1 @@ -21,7 +21,7 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .. -.Dd $Mdocdate: June 17 2010 $ +.Dd June 17, 2010 .Dt SSH-COPY-ID 1 .Os .Sh NAME diff --git a/crypto/openssh/freebsd-post-merge.sh b/crypto/openssh/freebsd-post-merge.sh new file mode 100755 index 00000000000..eefe3af639c --- /dev/null +++ b/crypto/openssh/freebsd-post-merge.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +xargs perl -n -i -e ' + print; + s/\$(Id|OpenBSD): [^\$]*/\$FreeBSD/ && print; + m/^\#include "includes.h"/ && print "__RCSID(\"\$FreeBSD\$\");\n"; +' keywords +xargs perl -n -i -e ' + $strip = $ARGV if /\$(Id|OpenBSD):.*\$/; + print unless ($strip eq $ARGV && /\$FreeBSD.*\$/); +' mdocdates +xargs perl -p -i -e ' + s/^\.Dd (\w+) (\d+), (\d+)$/.Dd \$Mdocdate: $1 $2 $3 \$/; +' diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c index b7dbe500657..8e7f7c56d71 100644 --- a/crypto/openssh/misc.c +++ b/crypto/openssh/misc.c @@ -26,6 +26,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/moduli.5 b/crypto/openssh/moduli.5 index d272d186ddc..dbb20a079fb 100644 --- a/crypto/openssh/moduli.5 +++ b/crypto/openssh/moduli.5 @@ -1,4 +1,5 @@ .\" $OpenBSD: moduli.5,v 1.17 2012/09/26 17:34:38 jmc Exp $ +.\" $FreeBSD$ .\" .\" Copyright (c) 2008 Damien Miller .\" diff --git a/crypto/openssh/mux.c b/crypto/openssh/mux.c index f4edf555203..6ef88c9cba2 100644 --- a/crypto/openssh/mux.c +++ b/crypto/openssh/mux.c @@ -1,4 +1,5 @@ /* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -31,6 +32,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/openbsd-compat/blowfish.c b/crypto/openssh/openbsd-compat/blowfish.c index e10f7e7d927..37e0638b5bd 100644 --- a/crypto/openssh/openbsd-compat/blowfish.c +++ b/crypto/openssh/openbsd-compat/blowfish.c @@ -1,4 +1,5 @@ /* $OpenBSD: blowfish.c,v 1.18 2004/11/02 17:23:26 hshoexer Exp $ */ +/* $FreeBSD$ */ /* * Blowfish block cipher for OpenBSD * Copyright 1997 Niels Provos @@ -40,6 +41,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #if !defined(HAVE_BCRYPT_PBKDF) && (!defined(HAVE_BLOWFISH_INITSTATE) || \ !defined(HAVE_BLOWFISH_EXPAND0STATE) || !defined(HAVE_BLF_ENC)) diff --git a/crypto/openssh/openbsd-compat/bsd-misc.h b/crypto/openssh/openbsd-compat/bsd-misc.h index e4fa8057c58..e2fd6460d2c 100644 --- a/crypto/openssh/openbsd-compat/bsd-misc.h +++ b/crypto/openssh/openbsd-compat/bsd-misc.h @@ -1,4 +1,5 @@ /* $Id: bsd-misc.h,v 1.25 2013/08/04 11:48:41 dtucker Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 1999-2004 Damien Miller @@ -20,6 +21,7 @@ #define _BSD_MISC_H #include "includes.h" +__RCSID("$FreeBSD$"); char *ssh_get_progname(char *); diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index 2393689d9b8..df1bc396a45 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -1,4 +1,5 @@ /* $OpenBSD: packet.c,v 1.191 2013/12/06 13:34:54 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -38,6 +39,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include "openbsd-compat/sys-queue.h" diff --git a/crypto/openssh/pathnames.h b/crypto/openssh/pathnames.h index 0029e4a0c1a..e53d67a19a7 100644 --- a/crypto/openssh/pathnames.h +++ b/crypto/openssh/pathnames.h @@ -1,4 +1,5 @@ /* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen diff --git a/crypto/openssh/sandbox-capsicum.c b/crypto/openssh/sandbox-capsicum.c index 1e1c15c93ac..f05588e9454 100644 --- a/crypto/openssh/sandbox-capsicum.c +++ b/crypto/openssh/sandbox-capsicum.c @@ -15,6 +15,8 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); +__RCSID("$FreeBSD$"); #ifdef SANDBOX_CAPSICUM diff --git a/crypto/openssh/schnorr.c b/crypto/openssh/schnorr.c index 77141824849..63b7b5c5358 100644 --- a/crypto/openssh/schnorr.c +++ b/crypto/openssh/schnorr.c @@ -27,6 +27,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include diff --git a/crypto/openssh/scp.1 b/crypto/openssh/scp.1 index c23e3721e7d..21d94ba95bd 100644 --- a/crypto/openssh/scp.1 +++ b/crypto/openssh/scp.1 @@ -9,6 +9,7 @@ .\" Created: Sun May 7 00:14:37 1995 ylo .\" .\" $OpenBSD: scp.1,v 1.61 2013/10/20 09:51:26 djm Exp $ +.\" $FreeBSD$ .\" .Dd October 20, 2013 .Dt SCP 1 diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index 32248180944..8a3bfbaa2b4 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -37,6 +37,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/sftp-common.c b/crypto/openssh/sftp-common.c index d7f88371f15..5b468074763 100644 --- a/crypto/openssh/sftp-common.c +++ b/crypto/openssh/sftp-common.c @@ -1,4 +1,5 @@ /* $OpenBSD: sftp-common.c,v 1.26 2014/01/09 03:26:00 guenther Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Damien Miller. All rights reserved. @@ -25,6 +26,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index c6c88ef464f..0ec00b4b755 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -17,6 +17,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/ssh-add.1 b/crypto/openssh/ssh-add.1 index b2d5c5de66e..915e0a6e82f 100644 --- a/crypto/openssh/ssh-add.1 +++ b/crypto/openssh/ssh-add.1 @@ -1,4 +1,5 @@ .\" $OpenBSD: ssh-add.1,v 1.59 2013/12/07 11:58:46 naddy Exp $ +.\" $FreeBSD$ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c index e149850c6da..145d819e039 100644 --- a/crypto/openssh/ssh-agent.c +++ b/crypto/openssh/ssh-agent.c @@ -1,4 +1,5 @@ /* $OpenBSD: ssh-agent.c,v 1.181 2013/12/19 01:19:41 djm Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland diff --git a/crypto/openssh/ssh-gss.h b/crypto/openssh/ssh-gss.h index 3fcc2d14057..88219e85f38 100644 --- a/crypto/openssh/ssh-gss.h +++ b/crypto/openssh/ssh-gss.h @@ -1,4 +1,5 @@ /* $OpenBSD: ssh-gss.h,v 1.10 2007/06/12 08:20:00 djm Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. * diff --git a/crypto/openssh/ssh-keysign.8 b/crypto/openssh/ssh-keysign.8 index 5b10f29fcdd..32e7253166d 100644 --- a/crypto/openssh/ssh-keysign.8 +++ b/crypto/openssh/ssh-keysign.8 @@ -1,4 +1,5 @@ .\" $OpenBSD: ssh-keysign.8,v 1.14 2013/12/07 11:58:46 naddy Exp $ +.\" $FreeBSD$ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" diff --git a/crypto/openssh/ssh-pkcs11-helper.8 b/crypto/openssh/ssh-pkcs11-helper.8 index a5380a32e46..17beebe4544 100644 --- a/crypto/openssh/ssh-pkcs11-helper.8 +++ b/crypto/openssh/ssh-pkcs11-helper.8 @@ -1,4 +1,5 @@ .\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $ +.\" $FreeBSD$ .\" .\" Copyright (c) 2010 Markus Friedl. All rights reserved. .\" diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index 1157b84f5a1..8cbbebd319f 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -15,6 +15,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c index 9a97875a9f4..f66c6d0cba7 100644 --- a/crypto/openssh/sshconnect2.c +++ b/crypto/openssh/sshconnect2.c @@ -26,6 +26,7 @@ */ #include "includes.h" +__RCSID("$FreeBSD$"); #include #include