openssh_hpn: 7.8p1 -> 8.1p1

fix build failure
2024-11-12 03:56:17 +03:00 · 2020-02-16 19:27:56 +01:00 · 2020-02-16 19:27:56 +01:00 · 205f42b142
commit 205f42b142
parent 44864b292f
1 changed files with 4 additions and 13 deletions
--- a/pkgs/tools/networking/openssh/default.nix
+++ b/pkgs/tools/networking/openssh/default.nix
@ -22,12 +22,12 @@ in
 with stdenv.lib;
 stdenv.mkDerivation rec {
  pname = "openssh";
-  version = if hpnSupport then "7.8p1" else "8.2p1";
+  version = if hpnSupport then "8.1p1" else "8.2p1";

  src = if hpnSupport then
      fetchurl {
-        url = "https://github.com/rapier1/openssh-portable/archive/hpn-KitchenSink-7_8_P1.tar.gz";
-        sha256 = "05q5hxx7fzcgd8a5i0zk4fwvmnz4xqk04j489irnwm7cka7xdqxw";
+        url = "https://github.com/rapier1/openssh-portable/archive/hpn-KitchenSink-8_1_P1.tar.gz";
+        sha256 = "1xiv28df9c15h44fv1i93fq8rvkyapjj9vj985ndnw3xk1nvqjyd";
      }
    else
      fetchurl {
@ -43,15 +43,7 @@ stdenv.mkDerivation rec {
      ./dont_create_privsep_path.patch

      ./ssh-keysign.patch
-    ] ++ optional hpnSupport
-      # CVE-2018-20685, can probably be dropped with next version bump
-      # See https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
-      # for details
-      (fetchpatch {
-        name = "CVE-2018-20685.patch";
-        url = https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2.patch;
-        sha256 = "0q27i9ymr97yb628y44qi4m11hk5qikb1ji1vhvax8hp18lwskds";
-      })
+    ]
    ++ optional withGssapiPatches (assert withKerberos; gssapiPatch);

  postPatch =
@ -112,6 +104,5 @@ stdenv.mkDerivation rec {
    license = stdenv.lib.licenses.bsd2;
    platforms = platforms.unix ++ platforms.windows;
    maintainers = with maintainers; [ eelco aneeshusa ];
-    broken = hpnSupport;
  };
 }