From itetcu@people.tecnik93.com  Mon Mar  6 01:37:20 2006
Return-Path: <itetcu@people.tecnik93.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BE32C16A420
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  6 Mar 2006 01:37:20 +0000 (GMT)
	(envelope-from itetcu@people.tecnik93.com)
Received: from it.buh.tecnik93.com (it.buh.tecnik93.com [81.196.204.98])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 29D1B43D46
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  6 Mar 2006 01:37:20 +0000 (GMT)
	(envelope-from itetcu@people.tecnik93.com)
Received: from it.buh.tecnik93.com (localhost [127.0.0.1])
	by it.buh.tecnik93.com (Postfix) with ESMTP id BE2A017427
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  6 Mar 2006 03:37:16 +0200 (EET)
Message-Id: <1141609036.12791@it.buh.tecnik93.com>
Date: Mon, 6 Mar 2006 03:37:16 +0200
From: "Ion-Mihai "IOnut" Tetcu" <itetcu@people.tecnik93.com>
To: "FreeBSD gnats submit" <FreeBSD-gnats-submit@freebsd.org>
Subject: [PATCH] security/hpn-ssh: UNBREAK
X-Send-Pr-Version: gtk-send-pr 0.4.7 
X-GNATS-Notify:

>Number:         94118
>Category:       ports
>Synopsis:       [PATCH] security/hpn-ssh: UNBREAK
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    brooks
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 06 01:40:00 GMT 2006
>Closed-Date:    Mon Mar 06 23:07:43 GMT 2006
>Last-Modified:  Mon Mar 06 23:07:43 GMT 2006
>Originator:     Ion-Mihai "IOnut" Tetcu
>Release:        FreeBSD 6.1-PRERELEASE i386
>Organization:
Tecnik'93 
>Environment:


System: FreeBSD 6.1-PRERELEASE #0: Fri Feb 24 07:01:54 EET 2006
    root@it.buh.tecnik93.com:/usr/obj/usr/src/sys/IT6_B_P



>Description:


From http://www.psc.edu/networking/projects/hpn-ssh/#patches :
HPN-11
This is the recommened patch set for most users. This provides the best balance between security and performance. Due to changes in the command line switches in VERSION 4.3 the tcp recieve buffer switch has been changed. It is now -R in scp and -r when used with ssh. Additionally, the size is now in KILOBYTES and *not* bytes. Seems to make a bit more sense that way.

itetcu@it> /tmp/CVS/hpn-ssh [3:27:16] 1
 > make checksum -DTRYBROKEN
Trying build of hpn-ssh-3.9.0.1.11,1 even though it is marked BROKEN.
=> MD5 Checksum OK for openssh-3.9p1.tar.gz.
=> No SHA256 checksum recorded for openssh-3.9p1.tar.gz.
=> MD5 Checksum OK for openssh-3.9p1-hpn11.diff.
=> No SHA256 checksum recorded for openssh-3.9p1-hpn11.diff.
itetcu@it> /tmp/CVS/hpn-ssh [3:27:23] 0
 > fetch -o - http://www.psc.edu/networking/projects/hpn-ssh/openssh-3.9p1-hpn11.diff | diff -u /usr/ports/distfiles/openssh-3.9p1-hpn11.diff -
-                                             100% of   12 kB   15 kBps
--- /usr/ports/distfiles/openssh-3.9p1-hpn11.diff       Wed Jun 15 16:05:53 2005
+++ -   Mon Mar  6 03:27:28 2006
@@ -26,7 +26,7 @@
  #ifndef BUFFER_H
  #define BUFFER_H

-+#define MAXBUFSZ (2>>29)-1
++#define MAXBUFSZ (2<<29)-1
 +
  typedef struct {
        u_char  *buf;           /* Buffer for data. */


Due to the security implications of this port the maintainer should probably review the implications of this change.


>How-To-Repeat:





>Fix:


--- hpn-ssh.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/security/hpn-ssh/Makefile,v
retrieving revision 1.98
diff -u -r1.98 Makefile
--- Makefile	14 Jan 2006 09:16:14 -0000	1.98
+++ Makefile	6 Mar 2006 01:32:06 -0000
@@ -24,8 +24,6 @@
 MAINTAINER=	brooks@FreeBSD.org
 COMMENT=	High Performance Enabled SSH/SCP
 
-BROKEN=		Checksum mismatch
-
 HPNVERSION=	11
 OPENSSHVERSION=	3.9p1
 WRKSRC=		${WRKDIR}/openssh-${OPENSSHVERSION}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/security/hpn-ssh/distinfo,v
retrieving revision 1.28
diff -u -r1.28 distinfo
--- distinfo	11 Jul 2005 23:53:08 -0000	1.28
+++ distinfo	6 Mar 2006 01:32:06 -0000
@@ -1,6 +1,6 @@
 MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e
+SHA256 (openssh-3.9p1.tar.gz) = e119eb9b09c13ddd945a0105f19b05983e62de0bac167264f055f93115048090
 SIZE (openssh-3.9p1.tar.gz) = 854027
-MD5 (openssh-3.9p1-hpn11.diff) = b91d73e58e2b72aecb3025ee550411fb
+MD5 (openssh-3.9p1-hpn11.diff) = 443bc5f8a761888b8aaaae698339d70d
+SHA256 (openssh-3.9p1-hpn11.diff) = 786d494c78a0fb515b07f1941b1b8494d80679b5d06dbbbd0c225fc5d3cfd7c7
 SIZE (openssh-3.9p1-hpn11.diff) = 13237
-MD5 (openssh-3.9p1-hpn11-none.diff) = 227acfa1c17ec49f43e85a3ee98e0e8a
-SIZE (openssh-3.9p1-hpn11-none.diff) = 19146
--- hpn-ssh.diff ends here ---



>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->brooks 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Mon Mar 6 01:44:11 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94118 

From: Marcus Alves Grando <mnag@FreeBSD.org>
To: bug-followup@FreeBSD.org,  itetcu@people.tecnik93.com
Cc:  
Subject: Re: ports/94118: [PATCH] security/hpn-ssh: UNBREAK
Date: Mon, 06 Mar 2006 18:21:05 -0300

 This port can be removed now. security/openssh-portable have OPTIONS to 
 enable HPN patches.
 
 Thanks
 
 -- 
 Marcus Alves Grando
 marcus(at)corp.grupos.com.br  |  Grupos Internet S/A
    mnag(at)FreeBSD.org         |  FreeBSD.org

From: Ion-Mihai Tetcu <itetcu@people.tecnik93.com>
To: Marcus Alves Grando <mnag@FreeBSD.org>
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/94118: [PATCH] security/hpn-ssh: UNBREAK
Date: Tue, 7 Mar 2006 00:03:37 +0200

 On Mon, 06 Mar 2006 18:21:05 -0300
 Marcus Alves Grando <mnag@FreeBSD.org> wrote:
 
 > This port can be removed now. security/openssh-portable have OPTIONS to 
 > enable HPN patches.
 
 Well, since it's broken, why don't you seek portmgr approval and remove it ?
 
 
 -- 
 IOnut - Unregistered ;) FreeBSD "user"
   "Intellectual Property" is   nowhere near as valuable   as "Intellect"
 
 BOFH excuse #263:
 It's stuck in the Web
 
 

From: Pav Lucistnik <pav@FreeBSD.org>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/94118: [PATCH] security/hpn-ssh: UNBREAK
Date: Mon, 06 Mar 2006 23:20:47 +0100

 Noting that portmgr wish to postpone removal of the port after the
 freeze.
 
 -- 
 Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
 
 Cats happen.
State-Changed-From-To: open->closed 
State-Changed-By: brooks 
State-Changed-When: Mon Mar 6 23:06:02 UTC 2006 
State-Changed-Why:  
Thanks for you submittion. security/hpn-ssh is obsolete as the patches 
are now an option in security/openssh-portable.  security/hpn-ssh will 
be removed after ports freeze. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=94118 
>Unformatted:
