21206288 OpenSSH should patch configure.ac and generate configure
authorTomas Kuthan <tomas.kuthan@oracle.com>
Wed, 20 Apr 2016 13:13:57 -0700
changeset 5818 5f0e7a0f17c2
parent 5817 3755bdf41fbe
child 5819 c5f05bd2a9bc
21206288 OpenSSH should patch configure.ac and generate configure
components/openssh/Makefile
components/openssh/patches/010-gss_store_cred.patch
components/openssh/patches/022-solaris_audit.patch
components/openssh/patches/023-gsskex.patch
components/openssh/patches/025-login_to_a_role.patch
--- a/components/openssh/Makefile	Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/Makefile	Wed Apr 20 13:13:57 2016 -0700
@@ -102,8 +102,12 @@
       $(LN) -fs $(COMPONENT_DIR)/dtrace_sftp/*.[dh] $(SOURCE_DIR); \
     )
 
-# Copy source files that are not yet part of a patch
-COMPONENT_PREP_ACTION += ($(CP) sources/*.c $(@D)/)
+# Copy Solaris specific source files and generate configuration script
+COMPONENT_PREP_ACTION += \
+    ( $(CP) sources/*.c $(@D)/; \
+      cd $(@D); autoconf; \
+    )
+
 
 REQUIRED_PACKAGES += library/libedit
 REQUIRED_PACKAGES += library/security/openssl
--- a/components/openssh/patches/010-gss_store_cred.patch	Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/010-gss_store_cred.patch	Wed Apr 20 13:13:57 2016 -0700
@@ -32,19 +32,6 @@
  /* Use libedit for sftp */
  #undef USE_LIBEDIT
  
-diff -pur old/configure new/configure
---- old/configure
-+++ new/configure
[email protected]@ -10944,6 +10944,9 @@ fi
- 
- fi
- 
-+        $as_echo "#define USE_GSS_STORE_CRED 1" >>confdefs.h
-+        $as_echo "#define GSSAPI_STORECREDS_NEEDS_RUID 1" >>confdefs.h
-+
- 	TEST_SHELL=$SHELL	# let configure find us a capable shell
- 	;;
- *-*-sunos4*)
 diff -pur old/configure.ac new/configure.ac
 --- old/configure.ac
 +++ new/configure.ac
--- a/components/openssh/patches/022-solaris_audit.patch	Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/022-solaris_audit.patch	Wed Apr 20 13:13:57 2016 -0700
@@ -21,8 +21,8 @@
 #  should/will be created for sftp Solaris Audit and password change.
 #
 diff -pur old/INSTALL new/INSTALL
---- old/INSTALL	2015-03-16 22:49:20.000000000 -0700
-+++ new/INSTALL	2015-05-21 03:54:29.120932630 -0700
+--- old/INSTALL
++++ new/INSTALL
 @@ -92,9 +92,13 @@ http://www.gnu.org/software/autoconf/
  
  Basic Security Module (BSM):
@@ -53,8 +53,8 @@
  --with-pam enables PAM support. If PAM support is compiled in, it must
  also be enabled in sshd_config (refer to the UsePAM directive).
 diff -pur old/Makefile.in new/Makefile.in
---- old/Makefile.in	2015-05-21 03:54:29.058280375 -0700
-+++ new/Makefile.in	2015-05-21 03:54:29.121196577 -0700
+--- old/Makefile.in
++++ new/Makefile.in
 @@ -100,7 +100,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o s
  	roaming_common.o roaming_client.o
  
@@ -65,8 +65,8 @@
  	auth.o auth1.o auth2.o auth-options.o session.o \
  	auth-chall.o auth2-chall.o groupaccess.o \
 diff -pur old/README.platform new/README.platform
---- old/README.platform	2015-03-16 22:49:20.000000000 -0700
-+++ new/README.platform	2015-05-21 03:54:29.121331205 -0700
+--- old/README.platform
++++ new/README.platform
 @@ -68,8 +68,8 @@ zlib-devel and pam-devel, on Debian base
  libssl-dev, libz-dev and libpam-dev.
  
@@ -89,8 +89,8 @@
  Platforms using PAM
  -------------------
 diff -pur old/config.h.in new/config.h.in
---- old/config.h.in	2015-05-21 03:54:29.047656051 -0700
-+++ new/config.h.in	2015-05-21 03:54:29.121686621 -0700
+--- old/config.h.in
++++ new/config.h.in
 @@ -1635,6 +1635,9 @@
  /* Use Linux audit module */
  #undef USE_LINUX_AUDIT
@@ -101,182 +101,35 @@
  /* Enable OpenSSL engine support */
  #undef USE_OPENSSL_ENGINE
  
-diff -pur old/configure new/configure
---- old/configure	2015-05-21 03:54:29.053171257 -0700
-+++ new/configure	2015-05-21 06:53:04.579282150 -0700
[email protected]@ -1336,7 +1336,7 @@ Optional Packages:
-   --with-skey[=PATH]      Enable S/Key support (optionally in PATH)
-   --with-ldns[=PATH]      Use ldns for DNSSEC support (optionally in PATH)
-   --with-libedit[=PATH]   Enable libedit support for sftp
--  --with-audit=module     Enable audit support (modules=debug,bsm,linux)
-+  --with-audit=module     Enable audit support (modules=debug,bsm,linux,solaris)
-   --with-pie              Build Position Independent Executables if possible
-   --with-ssl-dir=PATH     Specify path to OpenSSL installation
-   --without-openssl-header-check Disable OpenSSL version consistency check
[email protected]@ -16106,6 +16106,160 @@ cat >>confdefs.h <<\_ACEOF
- _ACEOF
+diff -pur old/configure.ac new/configure.ac
+--- old/configure.ac
++++ new/configure.ac
[email protected]@ -1517,10 +1517,21 @@ AC_ARG_WITH([libedit],
  
- 		;;
+ AUDIT_MODULE=none
+ AC_ARG_WITH([audit],
+-	[  --with-audit=module     Enable audit support (modules=debug,bsm,linux)],
++	[  --with-audit=module     Enable audit support (modules=debug,bsm,linux,solaris)],
+ 	[
+ 	  AC_MSG_CHECKING([for supported audit module])
+ 	  case "$withval" in
 +	  solaris)
-+		{ echo "$as_me:$LINENO: result: solaris" >&5
-+echo "${ECHO_T}solaris" >&6; }
++		AC_MSG_RESULT([solaris])
 +		AUDIT_MODULE=solaris
-+
-+for ac_header in bsm/adt.h
-+do
-+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
-+  { echo "$as_me:$LINENO: checking for $ac_header" >&5
-+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
-+  echo $ECHO_N "(cached) $ECHO_C" >&6
-+fi
-+ac_res=`eval echo '${'$as_ac_Header'}'`
-+	       { echo "$as_me:$LINENO: result: $ac_res" >&5
-+echo "${ECHO_T}$ac_res" >&6; }
-+else
-+  # Is the header compilable?
-+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
-+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
-+cat >conftest.$ac_ext <<_ACEOF
-+/* confdefs.h.  */
-+_ACEOF
-+cat confdefs.h >>conftest.$ac_ext
-+cat >>conftest.$ac_ext <<_ACEOF
-+/* end confdefs.h.  */
-+$ac_includes_default
-+#include <$ac_header>
-+_ACEOF
-+rm -f conftest.$ac_objext
-+if { (ac_try="$ac_compile"
-+case "(($ac_try" in
-+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-+  *) ac_try_echo=$ac_try;;
-+esac
-+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-+  (eval "$ac_compile") 2>conftest.er1
-+  ac_status=$?
-+  grep -v '^ *+' conftest.er1 >conftest.err
-+  rm -f conftest.er1
-+  cat conftest.err >&5
-+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+  (exit $ac_status); } && {
-+	 test -z "$ac_c_werror_flag" ||
-+	 test ! -s conftest.err
-+       } && test -s conftest.$ac_objext; then
-+  ac_header_compiler=yes
-+else
-+  echo "$as_me: failed program was:" >&5
-+sed 's/^/| /' conftest.$ac_ext >&5
-+
-+	ac_header_compiler=no
-+fi
-+
-+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-+echo "${ECHO_T}$ac_header_compiler" >&6; }
-+
-+# Is the header present?
-+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
-+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
-+cat >conftest.$ac_ext <<_ACEOF
-+/* confdefs.h.  */
-+_ACEOF
-+cat confdefs.h >>conftest.$ac_ext
-+cat >>conftest.$ac_ext <<_ACEOF
-+/* end confdefs.h.  */
-+#include <$ac_header>
-+_ACEOF
-+if { (ac_try="$ac_cpp conftest.$ac_ext"
-+case "(($ac_try" in
-+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-+  *) ac_try_echo=$ac_try;;
-+esac
-+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
-+  ac_status=$?
-+  grep -v '^ *+' conftest.er1 >conftest.err
-+  rm -f conftest.er1
-+  cat conftest.err >&5
-+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+  (exit $ac_status); } >/dev/null && {
-+	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
-+	 test ! -s conftest.err
-+       }; then
-+  ac_header_preproc=yes
-+else
-+  echo "$as_me: failed program was:" >&5
-+sed 's/^/| /' conftest.$ac_ext >&5
-+
-+  ac_header_preproc=no
-+fi
-+
-+rm -f conftest.err conftest.$ac_ext
-+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-+echo "${ECHO_T}$ac_header_preproc" >&6; }
-+
-+# So?  What about this header?
-+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
-+  yes:no: )
-+    { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
-+    { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
-+    ac_header_preproc=yes
-+    ;;
-+  no:yes:* )
-+    { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
-+    { echo "$as_me:$LINENO: WARNING: $ac_header:     check for missing prerequisite headers?" >&5
-+echo "$as_me: WARNING: $ac_header:     check for missing prerequisite headers?" >&2;}
-+    { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
-+    { echo "$as_me:$LINENO: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&5
-+echo "$as_me: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&2;}
-+    { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
-+    { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
-+    ( cat <<\_ASBOX
-+## ------------------------------------------- ##
-+## Report this to [email protected] ##
-+## ------------------------------------------- ##
-+_ASBOX
-+     ) | sed "s/^/$as_me: WARNING:     /" >&2
-+    ;;
-+esac
-+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
-+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
-+  echo $ECHO_N "(cached) $ECHO_C" >&6
-+else
-+  eval "$as_ac_Header=\$ac_header_preproc"
-+fi
-+ac_res=`eval echo '${'$as_ac_Header'}'`
-+	       { echo "$as_me:$LINENO: result: $ac_res" >&5
-+echo "${ECHO_T}$ac_res" >&6; }
-+
-+fi
-+if test `eval echo '${'$as_ac_Header'}'` = yes; then
-+  cat >>confdefs.h <<_ACEOF
-+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-+_ACEOF
-+
-+fi
-+
-+done
-+
++		dnl    Checks for headers, libs and functions
++		AC_CHECK_HEADERS([bsm/adt.h], [],
++		    [AC_MSG_ERROR([Solaris Audit enabled and bsm/adt.h not found])],
++		    []
++		)
 +		SSHDLIBS="$SSHDLIBS -lbsm"
-+cat >>confdefs.h <<\_ACEOF
-+#define USE_SOLARIS_AUDIT 1
-+_ACEOF
-+	  	;;
- 	  debug)
- 		AUDIT_MODULE=debug
- 		{ echo "$as_me:$LINENO: result: debug" >&5
++		AC_DEFINE([USE_SOLARIS_AUDIT], [1], [Use Solaris audit module])
++		;;
+ 	  bsm)
+ 		AC_MSG_RESULT([bsm])
+ 		AUDIT_MODULE=bsm
 diff -pur old/defines.h new/defines.h
---- old/defines.h	2015-03-16 22:49:20.000000000 -0700
-+++ new/defines.h	2015-05-21 03:54:29.127386034 -0700
+--- old/defines.h
++++ new/defines.h
 @@ -635,6 +635,11 @@ struct winsize {
  # define CUSTOM_SSH_AUDIT_EVENTS
  #endif
@@ -290,9 +143,9 @@
  #  define __func__ __FUNCTION__
  #elif !defined(HAVE___func__)
 diff -pur old/sshd.c new/sshd.c
---- old/sshd.c	2015-05-21 03:54:29.070139157 -0700
-+++ new/sshd.c	2015-05-21 03:54:29.127803176 -0700
[email protected]@ -2215,7 +2215,9 @@ main(int ac, char **av)
+--- old/sshd.c
++++ new/sshd.c
[email protected]@ -2234,7 +2234,9 @@ main(int ac, char **av)
  	}
  
  #ifdef SSH_AUDIT_EVENTS
@@ -302,7 +155,7 @@
  #endif
  
  #ifdef GSSAPI
[email protected]@ -2245,6 +2247,10 @@ main(int ac, char **av)
[email protected]@ -2264,6 +2266,10 @@ main(int ac, char **av)
  		do_pam_session();
  	}
  #endif
--- a/components/openssh/patches/023-gsskex.patch	Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/023-gsskex.patch	Wed Apr 20 13:13:57 2016 -0700
@@ -112,22 +112,6 @@
  	&method_gssapi,
  #endif
  	&method_passwd,
-diff -pur old/configure new/configure
---- old/configure
-+++ new/configure
[email protected]@ -10944,8 +10944,10 @@ fi
- 
- fi
- 
--        $as_echo "#define USE_GSS_STORE_CRED 1" >>confdefs.h
--        $as_echo "#define GSSAPI_STORECREDS_NEEDS_RUID 1" >>confdefs.h
-+cat >>confdefs.h <<\_ACEOF
-+#define	USE_GSS_STORE_CRED 1
-+#define	GSSAPI_STORECREDS_NEEDS_RUID 1
-+_ACEOF
- 
- 	TEST_SHELL=$SHELL	# let configure find us a capable shell
- 	;;
 diff -pur old/gss-genr.c new/gss-genr.c
 --- old/gss-genr.c
 +++ new/gss-genr.c
--- a/components/openssh/patches/025-login_to_a_role.patch	Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/025-login_to_a_role.patch	Wed Apr 20 13:13:57 2016 -0700
@@ -117,17 +117,6 @@
  /* Define to 1 if you have the `pam_getenvlist' function. */
  #undef HAVE_PAM_GETENVLIST
  
-diff -pur old/configure new/configure
---- old/configure	2015-05-21 04:08:41.952127851 -0700
-+++ new/configure	2015-05-21 04:09:34.214165539 -0700
[email protected]@ -10872,6 +10872,7 @@ fi
- cat >>confdefs.h <<\_ACEOF
- #define	USE_GSS_STORE_CRED 1
- #define	GSSAPI_STORECREDS_NEEDS_RUID 1
-+#define HAVE_PAM_AUSER 1
- _ACEOF
- 
- 	TEST_SHELL=$SHELL	# let configure find us a capable shell
 diff -pur old/configure.ac new/configure.ac
 --- old/configure.ac	2015-05-21 04:08:41.886514252 -0700
 +++ new/configure.ac	2015-05-21 04:08:42.052981088 -0700