--- a/components/openssh/Makefile Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/Makefile Wed Apr 20 13:13:57 2016 -0700
@@ -102,8 +102,12 @@
$(LN) -fs $(COMPONENT_DIR)/dtrace_sftp/*.[dh] $(SOURCE_DIR); \
)
-# Copy source files that are not yet part of a patch
-COMPONENT_PREP_ACTION += ($(CP) sources/*.c $(@D)/)
+# Copy Solaris specific source files and generate configuration script
+COMPONENT_PREP_ACTION += \
+ ( $(CP) sources/*.c $(@D)/; \
+ cd $(@D); autoconf; \
+ )
+
REQUIRED_PACKAGES += library/libedit
REQUIRED_PACKAGES += library/security/openssl
--- a/components/openssh/patches/010-gss_store_cred.patch Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/010-gss_store_cred.patch Wed Apr 20 13:13:57 2016 -0700
@@ -32,19 +32,6 @@
/* Use libedit for sftp */
#undef USE_LIBEDIT
-diff -pur old/configure new/configure
---- old/configure
-+++ new/configure
-@@ -10944,6 +10944,9 @@ fi
-
- fi
-
-+ $as_echo "#define USE_GSS_STORE_CRED 1" >>confdefs.h
-+ $as_echo "#define GSSAPI_STORECREDS_NEEDS_RUID 1" >>confdefs.h
-+
- TEST_SHELL=$SHELL # let configure find us a capable shell
- ;;
- *-*-sunos4*)
diff -pur old/configure.ac new/configure.ac
--- old/configure.ac
+++ new/configure.ac
--- a/components/openssh/patches/022-solaris_audit.patch Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/022-solaris_audit.patch Wed Apr 20 13:13:57 2016 -0700
@@ -21,8 +21,8 @@
# should/will be created for sftp Solaris Audit and password change.
#
diff -pur old/INSTALL new/INSTALL
---- old/INSTALL 2015-03-16 22:49:20.000000000 -0700
-+++ new/INSTALL 2015-05-21 03:54:29.120932630 -0700
+--- old/INSTALL
++++ new/INSTALL
@@ -92,9 +92,13 @@ http://www.gnu.org/software/autoconf/
Basic Security Module (BSM):
@@ -53,8 +53,8 @@
--with-pam enables PAM support. If PAM support is compiled in, it must
also be enabled in sshd_config (refer to the UsePAM directive).
diff -pur old/Makefile.in new/Makefile.in
---- old/Makefile.in 2015-05-21 03:54:29.058280375 -0700
-+++ new/Makefile.in 2015-05-21 03:54:29.121196577 -0700
+--- old/Makefile.in
++++ new/Makefile.in
@@ -100,7 +100,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o s
roaming_common.o roaming_client.o
@@ -65,8 +65,8 @@
auth.o auth1.o auth2.o auth-options.o session.o \
auth-chall.o auth2-chall.o groupaccess.o \
diff -pur old/README.platform new/README.platform
---- old/README.platform 2015-03-16 22:49:20.000000000 -0700
-+++ new/README.platform 2015-05-21 03:54:29.121331205 -0700
+--- old/README.platform
++++ new/README.platform
@@ -68,8 +68,8 @@ zlib-devel and pam-devel, on Debian base
libssl-dev, libz-dev and libpam-dev.
@@ -89,8 +89,8 @@
Platforms using PAM
-------------------
diff -pur old/config.h.in new/config.h.in
---- old/config.h.in 2015-05-21 03:54:29.047656051 -0700
-+++ new/config.h.in 2015-05-21 03:54:29.121686621 -0700
+--- old/config.h.in
++++ new/config.h.in
@@ -1635,6 +1635,9 @@
/* Use Linux audit module */
#undef USE_LINUX_AUDIT
@@ -101,182 +101,35 @@
/* Enable OpenSSL engine support */
#undef USE_OPENSSL_ENGINE
-diff -pur old/configure new/configure
---- old/configure 2015-05-21 03:54:29.053171257 -0700
-+++ new/configure 2015-05-21 06:53:04.579282150 -0700
-@@ -1336,7 +1336,7 @@ Optional Packages:
- --with-skey[=PATH] Enable S/Key support (optionally in PATH)
- --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH)
- --with-libedit[=PATH] Enable libedit support for sftp
-- --with-audit=module Enable audit support (modules=debug,bsm,linux)
-+ --with-audit=module Enable audit support (modules=debug,bsm,linux,solaris)
- --with-pie Build Position Independent Executables if possible
- --with-ssl-dir=PATH Specify path to OpenSSL installation
- --without-openssl-header-check Disable OpenSSL version consistency check
-@@ -16106,6 +16106,160 @@ cat >>confdefs.h <<\_ACEOF
- _ACEOF
+diff -pur old/configure.ac new/configure.ac
+--- old/configure.ac
++++ new/configure.ac
+@@ -1517,10 +1517,21 @@ AC_ARG_WITH([libedit],
- ;;
+ AUDIT_MODULE=none
+ AC_ARG_WITH([audit],
+- [ --with-audit=module Enable audit support (modules=debug,bsm,linux)],
++ [ --with-audit=module Enable audit support (modules=debug,bsm,linux,solaris)],
+ [
+ AC_MSG_CHECKING([for supported audit module])
+ case "$withval" in
+ solaris)
-+ { echo "$as_me:$LINENO: result: solaris" >&5
-+echo "${ECHO_T}solaris" >&6; }
++ AC_MSG_RESULT([solaris])
+ AUDIT_MODULE=solaris
-+
-+for ac_header in bsm/adt.h
-+do
-+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
-+ { echo "$as_me:$LINENO: checking for $ac_header" >&5
-+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
-+ echo $ECHO_N "(cached) $ECHO_C" >&6
-+fi
-+ac_res=`eval echo '${'$as_ac_Header'}'`
-+ { echo "$as_me:$LINENO: result: $ac_res" >&5
-+echo "${ECHO_T}$ac_res" >&6; }
-+else
-+ # Is the header compilable?
-+{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
-+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
-+cat >conftest.$ac_ext <<_ACEOF
-+/* confdefs.h. */
-+_ACEOF
-+cat confdefs.h >>conftest.$ac_ext
-+cat >>conftest.$ac_ext <<_ACEOF
-+/* end confdefs.h. */
-+$ac_includes_default
-+#include <$ac_header>
-+_ACEOF
-+rm -f conftest.$ac_objext
-+if { (ac_try="$ac_compile"
-+case "(($ac_try" in
-+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-+ *) ac_try_echo=$ac_try;;
-+esac
-+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-+ (eval "$ac_compile") 2>conftest.er1
-+ ac_status=$?
-+ grep -v '^ *+' conftest.er1 >conftest.err
-+ rm -f conftest.er1
-+ cat conftest.err >&5
-+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+ (exit $ac_status); } && {
-+ test -z "$ac_c_werror_flag" ||
-+ test ! -s conftest.err
-+ } && test -s conftest.$ac_objext; then
-+ ac_header_compiler=yes
-+else
-+ echo "$as_me: failed program was:" >&5
-+sed 's/^/| /' conftest.$ac_ext >&5
-+
-+ ac_header_compiler=no
-+fi
-+
-+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-+{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-+echo "${ECHO_T}$ac_header_compiler" >&6; }
-+
-+# Is the header present?
-+{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
-+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
-+cat >conftest.$ac_ext <<_ACEOF
-+/* confdefs.h. */
-+_ACEOF
-+cat confdefs.h >>conftest.$ac_ext
-+cat >>conftest.$ac_ext <<_ACEOF
-+/* end confdefs.h. */
-+#include <$ac_header>
-+_ACEOF
-+if { (ac_try="$ac_cpp conftest.$ac_ext"
-+case "(($ac_try" in
-+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-+ *) ac_try_echo=$ac_try;;
-+esac
-+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
-+ ac_status=$?
-+ grep -v '^ *+' conftest.er1 >conftest.err
-+ rm -f conftest.er1
-+ cat conftest.err >&5
-+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
-+ (exit $ac_status); } >/dev/null && {
-+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
-+ test ! -s conftest.err
-+ }; then
-+ ac_header_preproc=yes
-+else
-+ echo "$as_me: failed program was:" >&5
-+sed 's/^/| /' conftest.$ac_ext >&5
-+
-+ ac_header_preproc=no
-+fi
-+
-+rm -f conftest.err conftest.$ac_ext
-+{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-+echo "${ECHO_T}$ac_header_preproc" >&6; }
-+
-+# So? What about this header?
-+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
-+ yes:no: )
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-+echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
-+ ac_header_preproc=yes
-+ ;;
-+ no:yes:* )
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-+echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-+echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
-+ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-+echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
-+ ( cat <<\_ASBOX
-+## ------------------------------------------- ##
-+## Report this to [email protected] ##
-+## ------------------------------------------- ##
-+_ASBOX
-+ ) | sed "s/^/$as_me: WARNING: /" >&2
-+ ;;
-+esac
-+{ echo "$as_me:$LINENO: checking for $ac_header" >&5
-+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
-+ echo $ECHO_N "(cached) $ECHO_C" >&6
-+else
-+ eval "$as_ac_Header=\$ac_header_preproc"
-+fi
-+ac_res=`eval echo '${'$as_ac_Header'}'`
-+ { echo "$as_me:$LINENO: result: $ac_res" >&5
-+echo "${ECHO_T}$ac_res" >&6; }
-+
-+fi
-+if test `eval echo '${'$as_ac_Header'}'` = yes; then
-+ cat >>confdefs.h <<_ACEOF
-+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-+_ACEOF
-+
-+fi
-+
-+done
-+
++ dnl Checks for headers, libs and functions
++ AC_CHECK_HEADERS([bsm/adt.h], [],
++ [AC_MSG_ERROR([Solaris Audit enabled and bsm/adt.h not found])],
++ []
++ )
+ SSHDLIBS="$SSHDLIBS -lbsm"
-+cat >>confdefs.h <<\_ACEOF
-+#define USE_SOLARIS_AUDIT 1
-+_ACEOF
-+ ;;
- debug)
- AUDIT_MODULE=debug
- { echo "$as_me:$LINENO: result: debug" >&5
++ AC_DEFINE([USE_SOLARIS_AUDIT], [1], [Use Solaris audit module])
++ ;;
+ bsm)
+ AC_MSG_RESULT([bsm])
+ AUDIT_MODULE=bsm
diff -pur old/defines.h new/defines.h
---- old/defines.h 2015-03-16 22:49:20.000000000 -0700
-+++ new/defines.h 2015-05-21 03:54:29.127386034 -0700
+--- old/defines.h
++++ new/defines.h
@@ -635,6 +635,11 @@ struct winsize {
# define CUSTOM_SSH_AUDIT_EVENTS
#endif
@@ -290,9 +143,9 @@
# define __func__ __FUNCTION__
#elif !defined(HAVE___func__)
diff -pur old/sshd.c new/sshd.c
---- old/sshd.c 2015-05-21 03:54:29.070139157 -0700
-+++ new/sshd.c 2015-05-21 03:54:29.127803176 -0700
-@@ -2215,7 +2215,9 @@ main(int ac, char **av)
+--- old/sshd.c
++++ new/sshd.c
+@@ -2234,7 +2234,9 @@ main(int ac, char **av)
}
#ifdef SSH_AUDIT_EVENTS
@@ -302,7 +155,7 @@
#endif
#ifdef GSSAPI
-@@ -2245,6 +2247,10 @@ main(int ac, char **av)
+@@ -2264,6 +2266,10 @@ main(int ac, char **av)
do_pam_session();
}
#endif
--- a/components/openssh/patches/023-gsskex.patch Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/023-gsskex.patch Wed Apr 20 13:13:57 2016 -0700
@@ -112,22 +112,6 @@
&method_gssapi,
#endif
&method_passwd,
-diff -pur old/configure new/configure
---- old/configure
-+++ new/configure
-@@ -10944,8 +10944,10 @@ fi
-
- fi
-
-- $as_echo "#define USE_GSS_STORE_CRED 1" >>confdefs.h
-- $as_echo "#define GSSAPI_STORECREDS_NEEDS_RUID 1" >>confdefs.h
-+cat >>confdefs.h <<\_ACEOF
-+#define USE_GSS_STORE_CRED 1
-+#define GSSAPI_STORECREDS_NEEDS_RUID 1
-+_ACEOF
-
- TEST_SHELL=$SHELL # let configure find us a capable shell
- ;;
diff -pur old/gss-genr.c new/gss-genr.c
--- old/gss-genr.c
+++ new/gss-genr.c
--- a/components/openssh/patches/025-login_to_a_role.patch Wed Apr 20 12:04:31 2016 -0700
+++ b/components/openssh/patches/025-login_to_a_role.patch Wed Apr 20 13:13:57 2016 -0700
@@ -117,17 +117,6 @@
/* Define to 1 if you have the `pam_getenvlist' function. */
#undef HAVE_PAM_GETENVLIST
-diff -pur old/configure new/configure
---- old/configure 2015-05-21 04:08:41.952127851 -0700
-+++ new/configure 2015-05-21 04:09:34.214165539 -0700
-@@ -10872,6 +10872,7 @@ fi
- cat >>confdefs.h <<\_ACEOF
- #define USE_GSS_STORE_CRED 1
- #define GSSAPI_STORECREDS_NEEDS_RUID 1
-+#define HAVE_PAM_AUSER 1
- _ACEOF
-
- TEST_SHELL=$SHELL # let configure find us a capable shell
diff -pur old/configure.ac new/configure.ac
--- old/configure.ac 2015-05-21 04:08:41.886514252 -0700
+++ new/configure.ac 2015-05-21 04:08:42.052981088 -0700