depot/third_party/nixpkgs/pkgs/tools/networking/openssh/default.nix

{ callPackage, lib, fetchurl, fetchpatch, fetchFromGitHub, autoreconfHook }:
let
  common = opts: callPackage (import ./common.nix opts) { };
in
{

  openssh = common rec {
    pname = "openssh";
    version = "9.0p1";

    src = fetchurl {
      url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
      sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3";
    };

    extraPatches = [ ./ssh-keysign-8.5.patch ];
    extraMeta.maintainers = with lib.maintainers; [ das_j ];
  };

  openssh_hpn = common rec {
    pname = "openssh-with-hpn";
    version = "9.0p1";
    extraDesc = " with high performance networking patches";

    src = fetchurl {
      url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
      sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3";
    };

    extraPatches = [
      ./ssh-keysign-8.5.patch

      # HPN Patch from FreeBSD ports
      (fetchpatch {
        name = "ssh-hpn.patch";
        url = "https://raw.githubusercontent.com/freebsd/freebsd-ports/ae66cffc19f357cbd51d5841c9b110a9ffd63e32/security/openssh-portable/files/extra-patch-hpn";
        stripLen = 1;
        sha256 = "sha256-p3CmMqTgrqFZUo4ZuqaPLczAhjmPufkCvptVW5dI+MI=";
      })
    ];

    extraNativeBuildInputs = [ autoreconfHook ];

    extraConfigureFlags = [ "--with-hpn" ];
    extraMeta.maintainers = with lib.maintainers; [ abbe ];
  };

  openssh_gssapi = common rec {
    pname = "openssh-with-gssapi";
    version = "8.4p1";
    extraDesc = " with GSSAPI support";

    src = fetchurl {
      url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
      sha256 = "091b3pxdlj47scxx6kkf4agkx8c8sdacdxx8m1dw1cby80pd40as";
    };

    extraPatches = [
      ./ssh-keysign-8.4.patch

      # See https://github.com/openssh/openssh-portable/pull/206
      ./ssh-copy-id-fix-eof.patch

      (fetchpatch {
        name = "openssh-gssapi.patch";
        url = "https://salsa.debian.org/ssh-team/openssh/raw/debian/1%25${version}-2/debian/patches/gssapi.patch";
        sha256 = "1z1ckzimlkm1dmr9f5fqjnjg28gsqcwx6xka0klak857548d2lp2";
      })
    ];

    extraNativeBuildInputs = [ autoreconfHook ];

    extraMeta.knownVulnerabilities = [
      "CVE-2021-28041"
      "CVE-2021-41617"
    ];
  };
}
Project import generated by Copybara. GitOrigin-RevId: bc5d68306b40b8522ffb69ba6cff91898c2fbbff 2021-12-06 16:07:01 +00:00			`{ callPackage, lib, fetchurl, fetchpatch, fetchFromGitHub, autoreconfHook }:`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00			`let`
Project import generated by Copybara. GitOrigin-RevId: 51bcdc4cdaac48535dabf0ad4642a66774c609ed 2021-09-23 15:35:13 +00:00			`common = opts: callPackage (import ./common.nix opts) { };`
			`in`
			`{`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00
			`openssh = common rec {`
			`pname = "openssh";`
Project import generated by Copybara. GitOrigin-RevId: 5181d5945eda382ff6a9ca3e072ed6ea9b547fee 2022-04-15 01:41:22 +00:00			`version = "9.0p1";`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`src = fetchurl {`
			`url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";`
Project import generated by Copybara. GitOrigin-RevId: 5181d5945eda382ff6a9ca3e072ed6ea9b547fee 2022-04-15 01:41:22 +00:00			`sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3";`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`};`
Project import generated by Copybara. GitOrigin-RevId: c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38 2020-08-20 17:08:02 +00:00
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`extraPatches = [ ./ssh-keysign-8.5.patch ];`
Project import generated by Copybara. GitOrigin-RevId: bc5d68306b40b8522ffb69ba6cff91898c2fbbff 2021-12-06 16:07:01 +00:00			`extraMeta.maintainers = with lib.maintainers; [ das_j ];`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00			`};`

Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`openssh_hpn = common rec {`
			`pname = "openssh-with-hpn";`
Project import generated by Copybara. GitOrigin-RevId: c777cdf5c564015d5f63b09cc93bef4178b19b01 2022-04-27 09:35:20 +00:00			`version = "9.0p1";`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`extraDesc = " with high performance networking patches";`

Project import generated by Copybara. GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f 2022-01-07 04:07:37 +00:00			`src = fetchurl {`
			`url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";`
Project import generated by Copybara. GitOrigin-RevId: c777cdf5c564015d5f63b09cc93bef4178b19b01 2022-04-27 09:35:20 +00:00			`sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3";`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`};`

			`extraPatches = [`
Project import generated by Copybara. GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f 2022-01-07 04:07:37 +00:00			`./ssh-keysign-8.5.patch`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00
Project import generated by Copybara. GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f 2022-01-07 04:07:37 +00:00			`# HPN Patch from FreeBSD ports`
			`(fetchpatch {`
			`name = "ssh-hpn.patch";`
Project import generated by Copybara. GitOrigin-RevId: 062a0c5437b68f950b081bbfc8a699d57a4ee026 2022-03-05 16:20:37 +00:00			`url = "https://raw.githubusercontent.com/freebsd/freebsd-ports/ae66cffc19f357cbd51d5841c9b110a9ffd63e32/security/openssh-portable/files/extra-patch-hpn";`
Project import generated by Copybara. GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f 2022-01-07 04:07:37 +00:00			`stripLen = 1;`
Project import generated by Copybara. GitOrigin-RevId: 062a0c5437b68f950b081bbfc8a699d57a4ee026 2022-03-05 16:20:37 +00:00			`sha256 = "sha256-p3CmMqTgrqFZUo4ZuqaPLczAhjmPufkCvptVW5dI+MI=";`
Project import generated by Copybara. GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f 2022-01-07 04:07:37 +00:00			`})`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`];`

			`extraNativeBuildInputs = [ autoreconfHook ];`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00
Project import generated by Copybara. GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f 2022-01-07 04:07:37 +00:00			`extraConfigureFlags = [ "--with-hpn" ];`
			`extraMeta.maintainers = with lib.maintainers; [ abbe ];`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`};`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`openssh_gssapi = common rec {`
			`pname = "openssh-with-gssapi";`
			`version = "8.4p1";`
			`extraDesc = " with GSSAPI support";`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`src = fetchurl {`
			`url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";`
			`sha256 = "091b3pxdlj47scxx6kkf4agkx8c8sdacdxx8m1dw1cby80pd40as";`
			`};`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`extraPatches = [`
			`./ssh-keysign-8.4.patch`
Project import generated by Copybara. GitOrigin-RevId: 296793637b22bdb4d23b479879eba0a71c132a66 2020-12-03 08:41:04 +00:00
			`# See https://github.com/openssh/openssh-portable/pull/206`
			`./ssh-copy-id-fix-eof.patch`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00
			`(fetchpatch {`
			`name = "openssh-gssapi.patch";`
			`url = "https://salsa.debian.org/ssh-team/openssh/raw/debian/1%25${version}-2/debian/patches/gssapi.patch";`
			`sha256 = "1z1ckzimlkm1dmr9f5fqjnjg28gsqcwx6xka0klak857548d2lp2";`
			`})`
			`];`

			`extraNativeBuildInputs = [ autoreconfHook ];`

			`extraMeta.knownVulnerabilities = [`
			`"CVE-2021-28041"`
Project import generated by Copybara. GitOrigin-RevId: 14aef06d9b3ad1d07626bdbb16083b83f92dc6c1 2021-10-04 12:37:57 +00:00			`"CVE-2021-41617"`
Project import generated by Copybara. GitOrigin-RevId: 3d1a7716d7f1fccbd7d30ab3b2ed3db831f43bde 2021-04-05 15:23:46 +00:00			`];`
Project import generated by Copybara. GitOrigin-RevId: 2c3273caa153ee8eb5786bc8141b85b859e7efd7 2020-04-24 23:36:52 +00:00			`};`
			`}`