diff --git a/app-admin/calamares/Manifest b/app-admin/calamares/Manifest
deleted file mode 100644
index 5978dea0a..000000000
--- a/app-admin/calamares/Manifest
+++ /dev/null
@@ -1,2 +0,0 @@
-DIST calamares-3.2.16.tar.gz 3093109 BLAKE2B 1159b28017c3c034afd825ad9a488f110ceefeef916c184d9b245daab7d12c568e0058924c279bf0d40935720690ad19afa6509e8143237df92f2beb34abe617 SHA512 5f838471b2ece56151054b70b01902a74f1cf98b59889f05190fc5509667ee6f4e47909edc5505a38eacdad2c17a19745699c1d63e10e5ce140ecc3d7f6981b9
-DIST calamares-3.2.17.1.tar.gz 3128350 BLAKE2B a6926faaf1d521647cc0037b88686f9ceee1cc8167b888fe3c25228cbca8058572c8786a51f6ce0ccb77b31351d21ac41fa6c86a6577569c118729e1263ccafa SHA512 fa8f1906aa7774b0f6bd65d1dc87ea2e08df92018c162f7e7fe01fe6119e65d6391141bc242623f88040bb18eb8b71003cb7417b27c10b39bc30de0f0bf8deb0
diff --git a/app-admin/calamares/calamares-3.2.16.ebuild b/app-admin/calamares/calamares-3.2.16.ebuild
deleted file mode 100644
index ee6d500ad..000000000
--- a/app-admin/calamares/calamares-3.2.16.ebuild
+++ /dev/null
@@ -1,97 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_6 python3_7 )
-inherit ecm python-r1
-
-DESCRIPTION="Distribution-independent installer framework"
-HOMEPAGE="https://calamares.io"
-if [[ ${KDE_BUILD_TYPE} == live ]] ; then
- EGIT_REPO_URI="https://github.com/${PN}/${PN}"
-else
- SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.gz"
- KEYWORDS="~amd64"
-fi
-SLOT=5
-LICENSE="GPL-3"
-IUSE="+networkmanager +upower +fat jfs reiserfs xfs ntfs pythonqt"
-
-DEPEND="${PYTHON_DEPS}
- dev-qt/linguist-tools:5
- dev-qt/qtconcurrent:5
- dev-qt/qtdbus:5
- dev-qt/qtdeclarative:5
- dev-qt/qtgui:5
- dev-qt/qtnetwork:5
- dev-qt/qtsvg:5
- dev-qt/qtwebengine:5[widgets]
- dev-qt/qtwidgets:5
- dev-qt/qtxml:5
- kde-frameworks/kconfig:5
- kde-frameworks/kcoreaddons:5
- kde-frameworks/kcrash:5
- kde-frameworks/kpackage:5
- kde-frameworks/kparts:5
- kde-frameworks/kservice:5
- dev-cpp/yaml-cpp:=
- >=dev-libs/boost-1.55:=[${PYTHON_USEDEP}]
- dev-libs/libpwquality[${PYTHON_USEDEP}]
- sys-apps/dbus
- sys-apps/dmidecode
- sys-auth/polkit-qt
- >=sys-libs/kpmcore-4.0.0:5=
- pythonqt? ( >=dev-python/PythonQt-3.1:=[${PYTHON_USEDEP}] )
-"
-
-RDEPEND="${DEPEND}
- app-admin/sudo
- dev-libs/libatasmart
- net-misc/rsync
- >=sys-block/parted-3.0
- || ( sys-boot/grub:2 sys-boot/systemd-boot )
- sys-boot/os-prober
- sys-fs/squashfs-tools
- sys-libs/timezone-data
- virtual/udev
- networkmanager? ( net-misc/networkmanager )
- upower? ( sys-power/upower )
- fat? ( sys-fs/dosfstools )
- jfs? ( sys-fs/jfsutils )
- reiserfs? ( sys-fs/reiserfsprogs )
- xfs? (
- sys-fs/xfsprogs
- sys-fs/xfsdump
- )
- ntfs? ( sys-fs/ntfs3g[ntfsprogs] )
-"
-
-src_prepare() {
- ecm_src_prepare
- python_setup
- export PYTHON_INCLUDE_DIRS="$(python_get_includedir)" \
- PYTHON_INCLUDE_PATH="$(python_get_library_path)" \
- PYTHON_CFLAGS="$(python_get_CFLAGS)" \
- PYTHON_LIBS="$(python_get_LIBS)"
-
- sed -i -e 's:pkexec /usr/bin/calamares:calamares-pkexec:' \
- calamares.desktop || die
- sed -i -e 's:Icon=calamares:Icon=drive-harddisk:' \
- calamares.desktop || die
-}
-
-src_configure() {
- local mycmakeargs=(
- -DWEBVIEW_FORCE_WEBKIT=OFF
- -DCMAKE_DISABLE_FIND_PACKAGE_LIBPARTED=ON
- -DWITH_PYTHONQT=$(usex pythonqt)
- )
-
- ecm_src_configure
-}
-
-src_install() {
- ecm_src_install
- dobin "${FILESDIR}"/calamares-pkexec
-}
diff --git a/app-admin/calamares/calamares-3.2.17.1.ebuild b/app-admin/calamares/calamares-3.2.17.1.ebuild
deleted file mode 100644
index ee6d500ad..000000000
--- a/app-admin/calamares/calamares-3.2.17.1.ebuild
+++ /dev/null
@@ -1,97 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_6 python3_7 )
-inherit ecm python-r1
-
-DESCRIPTION="Distribution-independent installer framework"
-HOMEPAGE="https://calamares.io"
-if [[ ${KDE_BUILD_TYPE} == live ]] ; then
- EGIT_REPO_URI="https://github.com/${PN}/${PN}"
-else
- SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.gz"
- KEYWORDS="~amd64"
-fi
-SLOT=5
-LICENSE="GPL-3"
-IUSE="+networkmanager +upower +fat jfs reiserfs xfs ntfs pythonqt"
-
-DEPEND="${PYTHON_DEPS}
- dev-qt/linguist-tools:5
- dev-qt/qtconcurrent:5
- dev-qt/qtdbus:5
- dev-qt/qtdeclarative:5
- dev-qt/qtgui:5
- dev-qt/qtnetwork:5
- dev-qt/qtsvg:5
- dev-qt/qtwebengine:5[widgets]
- dev-qt/qtwidgets:5
- dev-qt/qtxml:5
- kde-frameworks/kconfig:5
- kde-frameworks/kcoreaddons:5
- kde-frameworks/kcrash:5
- kde-frameworks/kpackage:5
- kde-frameworks/kparts:5
- kde-frameworks/kservice:5
- dev-cpp/yaml-cpp:=
- >=dev-libs/boost-1.55:=[${PYTHON_USEDEP}]
- dev-libs/libpwquality[${PYTHON_USEDEP}]
- sys-apps/dbus
- sys-apps/dmidecode
- sys-auth/polkit-qt
- >=sys-libs/kpmcore-4.0.0:5=
- pythonqt? ( >=dev-python/PythonQt-3.1:=[${PYTHON_USEDEP}] )
-"
-
-RDEPEND="${DEPEND}
- app-admin/sudo
- dev-libs/libatasmart
- net-misc/rsync
- >=sys-block/parted-3.0
- || ( sys-boot/grub:2 sys-boot/systemd-boot )
- sys-boot/os-prober
- sys-fs/squashfs-tools
- sys-libs/timezone-data
- virtual/udev
- networkmanager? ( net-misc/networkmanager )
- upower? ( sys-power/upower )
- fat? ( sys-fs/dosfstools )
- jfs? ( sys-fs/jfsutils )
- reiserfs? ( sys-fs/reiserfsprogs )
- xfs? (
- sys-fs/xfsprogs
- sys-fs/xfsdump
- )
- ntfs? ( sys-fs/ntfs3g[ntfsprogs] )
-"
-
-src_prepare() {
- ecm_src_prepare
- python_setup
- export PYTHON_INCLUDE_DIRS="$(python_get_includedir)" \
- PYTHON_INCLUDE_PATH="$(python_get_library_path)" \
- PYTHON_CFLAGS="$(python_get_CFLAGS)" \
- PYTHON_LIBS="$(python_get_LIBS)"
-
- sed -i -e 's:pkexec /usr/bin/calamares:calamares-pkexec:' \
- calamares.desktop || die
- sed -i -e 's:Icon=calamares:Icon=drive-harddisk:' \
- calamares.desktop || die
-}
-
-src_configure() {
- local mycmakeargs=(
- -DWEBVIEW_FORCE_WEBKIT=OFF
- -DCMAKE_DISABLE_FIND_PACKAGE_LIBPARTED=ON
- -DWITH_PYTHONQT=$(usex pythonqt)
- )
-
- ecm_src_configure
-}
-
-src_install() {
- ecm_src_install
- dobin "${FILESDIR}"/calamares-pkexec
-}
diff --git a/app-admin/calamares/files/calamares-pkexec b/app-admin/calamares/files/calamares-pkexec
deleted file mode 100644
index 3300d3b70..000000000
--- a/app-admin/calamares/files/calamares-pkexec
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-pkexec "/usr/bin/calamares" "$@"
diff --git a/app-admin/calamares/metadata.xml b/app-admin/calamares/metadata.xml
deleted file mode 100644
index bc9aeb329..000000000
--- a/app-admin/calamares/metadata.xml
+++ /dev/null
@@ -1,27 +0,0 @@
-
-
-
-
- johu@gentoo.org
- Johannes Huber
-
-
- mudler@gentoo.org
- Ettore Di Giacinto
-
-
- Calamares is a distribution-independent system installer, with an
- advanced partitioning feature for both manual and automated
- partitioning operations. It is the first installer with an automated
- “Replace Partition” option, which makes it easy to reuse a partition
- over and over for distribution testing. Calamares is designed to be
- customizable by distribution maintainers without need for cumbersome
- patching, thanks to third party branding and external modules support.
-
-
- calamares/calamares
-
-
-
diff --git a/app-benchmarks/interbench/Manifest b/app-benchmarks/interbench/Manifest
deleted file mode 100644
index 7233add08..000000000
--- a/app-benchmarks/interbench/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST interbench-0.31.tar.gz 28332 SHA256 79e10536ebe6fb7879b8d622f7be06e4e261d664db3d1f0edd9e7be712ce1966
diff --git a/app-benchmarks/interbench/interbench-0.31.ebuild b/app-benchmarks/interbench/interbench-0.31.ebuild
deleted file mode 100644
index 868b08b85..000000000
--- a/app-benchmarks/interbench/interbench-0.31.ebuild
+++ /dev/null
@@ -1,39 +0,0 @@
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-inherit flag-o-matic
-
-DESCRIPTION="Con Kolivas' Benchmarking Suite -- Successor to Contest"
-HOMEPAGE="http://members.optusnet.com.au/ckolivas/interbench/"
-SRC_URI="mirror://kernel/linux/kernel/people/ck/apps/interbench/${PF}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~x86 ~amd64"
-
-DEPEND=""
-RDEPEND=""
-
-src_unpack() {
- unpack ${A}
- cd ${S}
- sed -i -e 's/CFLAGS/#CFLAGS/' \
- -e 's/CC/#CC/' Makefile || die "Can't sed Makefile!"
-}
-
-src_compile() {
- make CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die "Make Error!"
-}
-
-src_install() {
- dobin interbench
- dodoc readme*
- doman interbench.8
-}
-
-pkg_postinst() {
- einfo "${PN} has been installed to /usr/bin."
- einfo "For best and consistent results, it is recommended to"
- einfo "boot to init level 1 or use telinit 1."
- einfo "See documentation or ${HOMEPAGE} for more info."
-}
diff --git a/app-pda/ideviceinstaller/Manifest b/app-pda/ideviceinstaller/Manifest
deleted file mode 100644
index 35a97c6a8..000000000
--- a/app-pda/ideviceinstaller/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST ideviceinstaller-1.1.0.tar.bz2 272210 SHA256 0821b8d3ca6153d9bf82ceba2706f7bd0e3f07b90a138d79c2448e42362e2f53 SHA512 8bf5dc30b8fa2f0c171ec3705db8d8d143d2520b2875fc05d9d325bd4f1ffdf29230557e57f3e824654ab3bb71bbaf9019aa573d4b1cce29a9c75bf15024d623 WHIRLPOOL ae6b166c81f32cbce14f3fd9a54d21cce3a380fbe1219a7b4db02566d5605f894f760f5674df338dd239dec553234c9d25bd806f36309939fefd4641ab910d8d
diff --git a/app-pda/ideviceinstaller/ideviceinstaller-1.1.0.ebuild b/app-pda/ideviceinstaller/ideviceinstaller-1.1.0.ebuild
deleted file mode 100644
index effa48881..000000000
--- a/app-pda/ideviceinstaller/ideviceinstaller-1.1.0.ebuild
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-DESCRIPTION="A tool to interact with the installation_proxy of an Apple's iDevice"
-HOMEPAGE="http://www.libimobiledevice.org/"
-SRC_URI="http://www.libimobiledevice.org/downloads/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 x86"
-IUSE=""
-
-RDEPEND=">=app-pda/libimobiledevice-1.1.4:=
- >=app-pda/libplist-1.8:=
- >=dev-libs/libzip-0.8"
-DEPEND="${RDEPEND}
- virtual/pkgconfig"
-
-DOCS="AUTHORS NEWS README"
-
-src_prepare() {
- sed -i -e 's:-Werror -g::' configure || die
-}
diff --git a/app-pda/ideviceinstaller/metadata.xml b/app-pda/ideviceinstaller/metadata.xml
deleted file mode 100644
index 097975e3a..000000000
--- a/app-pda/ideviceinstaller/metadata.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-
-
diff --git a/dev-cpp/ETL/ETL-0.04.17.ebuild b/dev-cpp/ETL/ETL-0.04.17.ebuild
deleted file mode 100644
index 8702ce12e..000000000
--- a/dev-cpp/ETL/ETL-0.04.17.ebuild
+++ /dev/null
@@ -1,26 +0,0 @@
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=4
-
-inherit autotools
-
-DESCRIPTION="ETL is a multi-platform class and template library"
-HOMEPAGE="http://synfig.org"
-SRC_URI="mirror://sourceforge/synfig/releases/0.64.1/source/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-DEPEND=""
-RDEPEND="${DEPEND}"
-
-src_prepare() {
- sed -i -e 's/CXXFLAGS="`echo $CXXFLAGS | sed s:-g::` $debug_flags"//' \
- -e 's/CFLAGS="`echo $CFLAGS | sed s:-g::` $debug_flags"//' \
- m4/subs.m4
-
- eautoreconf
-}
diff --git a/dev-cpp/ETL/Manifest b/dev-cpp/ETL/Manifest
deleted file mode 100644
index 454b903c7..000000000
--- a/dev-cpp/ETL/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST ETL-0.04.17.tar.gz 357667 SHA256 3e222c1ad8fd0e3b77b49281342cde0aab0208c8985ec65d72515ff6b88e778e SHA512 e2e79f2fb4b139fbbb78ffdeb43b5a59b083b3484fec071108b83e5d905376616c1a6364bb22eccf45ef8455af692329fecdd127e0354006f771cad18e2b77de WHIRLPOOL d789d3819d6777cc75e407484bb762c69811ce9291d084defeab2bd46471fa57978c88cbc592b99b99e3feff22ab970203042a09a8435b5ed4280df80154713f
diff --git a/dev-libs/crossguid/Manifest b/dev-libs/crossguid/Manifest
deleted file mode 100644
index 5e62e42dc..000000000
--- a/dev-libs/crossguid/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST crossguid-0_pre20150817.tar.gz 46569 SHA256 022c9f02cc36e865cd8fd0111a597ff2bd91988deeb348dbe2aba64aed1abd99 SHA512 823ca301f1d3b78a778649cd9169194d98dd33c65cadd5bfb9f86429e82049c99c17e09f093b92675981d2aac2aac25b60cbb157fad57a3e1bada826edd8ba0a WHIRLPOOL 16cb99af3d52a71c63bab1c266623dfd02a65e9d2a94851878358a822bd6a456fb41703c3268ea4393e0068589a7894c96a2ce1ee69135da947e206e2c43f8ce
diff --git a/dev-libs/crossguid/crossguid-0_pre20150817.ebuild b/dev-libs/crossguid/crossguid-0_pre20150817.ebuild
deleted file mode 100644
index 905ab2c29..000000000
--- a/dev-libs/crossguid/crossguid-0_pre20150817.ebuild
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-inherit toolchain-funcs
-
-if [[ ${PV} == "9999" ]] ; then
- EGIT_REPO_URI="git://github.com/graeme-hill/crossguid.git"
- inherit git-r3
-else
- EGIT_COMMIT="8f399e8bd4252be9952f3dfa8199924cc8487ca4"
- SRC_URI="https://github.com/graeme-hill/crossguid/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz"
- S="${WORKDIR}/${PN}-${EGIT_COMMIT}"
-fi
-
-DESCRIPTION="Lightweight cross platform C++ GUID/UUID library"
-HOMEPAGE="https://github.com/graeme-hill/crossguid"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~x86 ~arm"
-IUSE=""
-
-# We use libuuid from util-linux.
-DEPEND="sys-apps/util-linux"
-RDEPEND="${DEPEND}"
-
-RESTRICT="test" #575544
-
-e() { echo "$@"; "$@"; }
-
-src_compile() {
- e $(tc-getCXX) \
- ${CXXFLAGS} ${CPPFLAGS} ${LDFLAGS} \
- -std=c++11 \
- -c guid.cpp -o guid.o \
- -DGUID_LIBUUID \
- || die
-
- e $(tc-getAR) rs libcrossguid.a guid.o || die
-}
-
-src_install() {
- insinto /usr/include
- doins guid.h
- dolib.a libcrossguid.a
-}
diff --git a/dev-python/pymdown-extensions/Manifest b/dev-python/pymdown-extensions/Manifest
deleted file mode 100644
index 845d8bd53..000000000
--- a/dev-python/pymdown-extensions/Manifest
+++ /dev/null
@@ -1,3 +0,0 @@
-DIST pymdown-extensions-6.1.0.tar.gz 556422 BLAKE2B cdfde606932eae938072d90319b21e2a21f798f7479011d80b041d8f5a6f32d6851dfb0ddfc1bec9af162e6710552d6da4629dd92fecf2c2d9c135c329627a9f SHA512 c972e3a0bfb97ac9d04275fa066091a118aa7d259dd2d9102af046aaac162b03ce6dfd0ba33ad18e0e57daf24941bfb2bc6e9445b6c6e83ce1ff0a54dd89abfd
-DIST pymdown-extensions-6.2.0.tar.gz 544158 BLAKE2B b9df2050348089b5959fc0be0b1e0f90729559c595e72aa211bf65a08948c4794b8d78d22eb4a1240ded81fa6db78e811aab8142eb5cba5a0f6981d98336de8c SHA512 b3ff1359e49372d95d5d515fad86bae19229bc957261c51ac34659a046db28599aad15f98f92758f50212cef3a68dbdad744a2791b24e49eb0cb92b5de772313
-DIST pymdown-extensions-6.2.1.tar.gz 550663 BLAKE2B b64240c4c996c3bcfd185dcf0eed4dd065af4c860308e5262ba0fb1b9958f1ae6e7390662729facf0c5da9d26218e237be8401feb21cacd903093beebd1e46fa SHA512 2e8df596cad063b0a5447174ec603d7a49bc8d7ed3ea20c178f2c7f9ae7cadddbf9f7f62af6b58524bf81270a4015e6342ae933266b5fef5bd0388b20d573873
diff --git a/dev-python/pymdown-extensions/metadata.xml b/dev-python/pymdown-extensions/metadata.xml
deleted file mode 100644
index 9f9a251df..000000000
--- a/dev-python/pymdown-extensions/metadata.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
- geaaru@sabayonlinux.org
- Daniele Rondina
-
-
diff --git a/dev-python/pymdown-extensions/pymdown-extensions-6.1.0.ebuild b/dev-python/pymdown-extensions/pymdown-extensions-6.1.0.ebuild
deleted file mode 100644
index 3833521d6..000000000
--- a/dev-python/pymdown-extensions/pymdown-extensions-6.1.0.ebuild
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python2_7 python{3_6,3_7} )
-inherit distutils-r1
-
-DESCRIPTION="Extensions for Python Markdown."
-HOMEPAGE="https://github.com/facelessuser/pymdown-extensions"
-SRC_URI="https://github.com/facelessuser/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-RDEPEND=">=dev-python/mkdocs-1.0.1[${PYTHON_USEDEP}]"
-DEPEND="${RDEPEND}
- dev-python/setuptools[${PYTHON_USEDEP}]"
-
-src_prepare() {
- # remove tests directory
- rm -rf ${S}/tests || die
- sed -i -e "s:, 'tests'::g" ${S}/setup.py
-
- distutils-r1_src_prepare
-}
diff --git a/dev-python/pymdown-extensions/pymdown-extensions-6.2.0.ebuild b/dev-python/pymdown-extensions/pymdown-extensions-6.2.0.ebuild
deleted file mode 100644
index 3833521d6..000000000
--- a/dev-python/pymdown-extensions/pymdown-extensions-6.2.0.ebuild
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python2_7 python{3_6,3_7} )
-inherit distutils-r1
-
-DESCRIPTION="Extensions for Python Markdown."
-HOMEPAGE="https://github.com/facelessuser/pymdown-extensions"
-SRC_URI="https://github.com/facelessuser/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-RDEPEND=">=dev-python/mkdocs-1.0.1[${PYTHON_USEDEP}]"
-DEPEND="${RDEPEND}
- dev-python/setuptools[${PYTHON_USEDEP}]"
-
-src_prepare() {
- # remove tests directory
- rm -rf ${S}/tests || die
- sed -i -e "s:, 'tests'::g" ${S}/setup.py
-
- distutils-r1_src_prepare
-}
diff --git a/dev-python/pymdown-extensions/pymdown-extensions-6.2.1.ebuild b/dev-python/pymdown-extensions/pymdown-extensions-6.2.1.ebuild
deleted file mode 100644
index 3833521d6..000000000
--- a/dev-python/pymdown-extensions/pymdown-extensions-6.2.1.ebuild
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python2_7 python{3_6,3_7} )
-inherit distutils-r1
-
-DESCRIPTION="Extensions for Python Markdown."
-HOMEPAGE="https://github.com/facelessuser/pymdown-extensions"
-SRC_URI="https://github.com/facelessuser/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-RDEPEND=">=dev-python/mkdocs-1.0.1[${PYTHON_USEDEP}]"
-DEPEND="${RDEPEND}
- dev-python/setuptools[${PYTHON_USEDEP}]"
-
-src_prepare() {
- # remove tests directory
- rm -rf ${S}/tests || die
- sed -i -e "s:, 'tests'::g" ${S}/setup.py
-
- distutils-r1_src_prepare
-}
diff --git a/games-misc/cowsay/Manifest b/games-misc/cowsay/Manifest
deleted file mode 100644
index d9324add2..000000000
--- a/games-misc/cowsay/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST cowsay-3.03.tar.gz 15189 SHA256 0b8672a7ac2b51183780db72618b42af8ec1ce02f6c05fe612510b650540b2af SHA512 8e91d0c929c2e0743106c08643029a943d0684343ff44ad8ff172636a8f47fd25ee8bc4d108ccfe308c756d2871b956cceef0c406800615ed0dc1e1e24648219 WHIRLPOOL 08b1f7818c073390dd4061e955888d5344b8d091b1a7ec12eeeb9d584b084e3a3e630fa03a6da3c80721f59e5d8ba10cffc677b892304fc900136fed110e7e87
diff --git a/games-misc/cowsay/cowsay-3.03-r2.ebuild b/games-misc/cowsay/cowsay-3.03-r2.ebuild
deleted file mode 100644
index f3391314e..000000000
--- a/games-misc/cowsay/cowsay-3.03-r2.ebuild
+++ /dev/null
@@ -1,41 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-inherit eutils
-
-DESCRIPTION="configurable talking ASCII cow (and other characters)"
-HOMEPAGE="http://www.nog.net/~tony/warez/cowsay.shtml"
-SRC_URI="http://www.nog.net/~tony/warez/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 ~arm hppa ~ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd ~x64-solaris"
-IUSE=""
-
-RDEPEND=">=dev-lang/perl-5"
-
-src_prepare() {
- sed -i \
- -e "1 c\#!${EPREFIX}/usr/bin/perl"\
- -e 's/\$version/\$VERSION/g'\
- -e "s:%PREFIX%/share/cows:${EPREFIX}/usr/share/${P}/cows:" \
- -e '/getopts/ i\$Getopt::Std::STANDARD_HELP_VERSION=1;' cowsay \
- || die "sed cowsay failed"
- sed -i \
- -e "s|%PREFIX%/share/cows|${EPREFIX}/usr/share/${P}/cows|" cowsay.1 \
- || die "sed cowsay.1 failed"
- epatch \
- "${FILESDIR}/${P}"-tongue.patch \
- "${FILESDIR}/${P}"-mech.patch \
- "${FILESDIR}/${P}"-utf8.patch
-}
-
-src_install() {
- dobin cowsay
- doman cowsay.1
- dosym cowsay /usr/bin/cowthink
- dosym cowsay.1 /usr/share/man/man1/cowthink.1
- dodir /usr/share/${P}/cows
- cp -r cows "${ED}"/usr/share/${P}/ || die "cp failed"
-}
diff --git a/games-misc/cowsay/files/cowsay-3.03-mech.patch b/games-misc/cowsay/files/cowsay-3.03-mech.patch
deleted file mode 100644
index 10478ed66..000000000
--- a/games-misc/cowsay/files/cowsay-3.03-mech.patch
+++ /dev/null
@@ -1,18 +0,0 @@
---- cows/mech-and-cow 2009-06-21 03:09:36.000000000 +0300
-+++ cows/mech-and-cow.cow 2010-08-22 01:04:02.670000262 +0300
-@@ -1,3 +1,5 @@
-+$the_cow = <=dev-libs/appstream-glib-0.7.14:0
- >=x11-libs/gdk-pixbuf-2.32.0:2
- >=dev-libs/libxmlb-0.1.7
- net-libs/gnome-online-accounts:=
- >=x11-libs/gtk+-3.22.4:3
- >=dev-libs/glib-2.56:2
- >=dev-libs/json-glib-1.2.0
- >=net-libs/libsoup-2.52.0:2.4
- flatpak? ( >=sys-apps/flatpak-1.6.3 )
- gnome? ( >=gnome-base/gnome-desktop-3.18.0:3= )
- spell? ( app-text/gspell:= )
- sys-auth/polkit
- packagekit? ( >=app-admin/packagekit-base-1.1.0 )
- firmware? ( >=sys-apps/fwupd-1.0.3 )
- udev? ( dev-libs/libgudev )
- >=gnome-base/gsettings-desktop-schemas-3.11.5
-"
-DEPEND="${RDEPEND}"
-BDEPEND="
- dev-libs/libxml2:2
- dev-util/gdbus-codegen
- >=sys-devel/gettext-0.19.8
- virtual/pkgconfig
- gtk-doc? (
- dev-util/gtk-doc
- app-text/docbook-xml-dtd:4.3 )
-"
-# test? ( dev-util/valgrind )
-
-src_prepare() {
- xdg_src_prepare
- sed -i -e '/install_data.*README\.md.*share\/doc\/gnome-software/d' meson.build || die
- # We don't need language packs download support, and it fails tests in 3.34.2 for us (if they are enabled)
- sed -i -e '/subdir.*fedora-langpacks/d' plugins/meson.build || die
- # Trouble talking to spawned gnome-keyring socket for some reason, even if wrapped in dbus-run-session
- # TODO: Investigate; seems to work outside ebuild .. test/emerge
- sed -i -e '/g_test_add_func.*gs_auth_secret_func/d' lib/gs-self-test.c || die
-}
-
-src_configure() {
- local emesonargs=(
- -Dtests=false #$(meson_use test tests)
- $(meson_use spell gspell)
- $(meson_use gnome gnome_desktop) # Investigate purpose, in relation to shell_extensions too (is it ok to be same USE?)
- -Dman=true
- $(meson_use packagekit)
- # -Dpackagekit_autoremove
- -Dpolkit=true
- -Deos_updater=false # Endless OS updater
- $(meson_use firmware fwupd)
- $(meson_use flatpak)
- -Dmalcontent=false
- -Drpm_ostree=false
- -Dodrs=false
- $(meson_use udev gudev)
- -Dsnap=false
- -Dexternal_appstream=false
- -Dvalgrind=false
- $(meson_use gtk-doc gtk_doc)
- -Dhardcoded_popular=true
- -Ddefault_featured_apps=true
- -Dmogwai=false #TODO?
- )
- meson_src_configure
-}
-
-#src_test() {
-# virtx meson_src_test
-#}
-
-pkg_postinst() {
- xdg_pkg_postinst
- gnome2_schemas_update
-}
-
-pkg_postrm() {
- xdg_pkg_postrm
- gnome2_schemas_update
-}
diff --git a/media-video/v4l2loopback/Manifest b/media-video/v4l2loopback/Manifest
deleted file mode 100644
index 18287b142..000000000
--- a/media-video/v4l2loopback/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST v4l2loopback-0.12.1.tar.gz 48909 BLAKE2B 9fc694b357399604ff31355d14d4512af6af40aabf7cf0e200c121895f6200f89b98698cf9b6929c389a0fcff17aaa98f0d8a1f00836d0f458cd3b1eebefd9af SHA512 f0c3ecbd4776662eff89ffab89bd3bfff200d2dc104a6ce521bf22d7cd25ab0aa0664780a9501d9f0bab2b4f156a65bafb214dbf13621c7df1645245f8071689
diff --git a/media-video/v4l2loopback/v4l2loopback-0.12.1.ebuild b/media-video/v4l2loopback/v4l2loopback-0.12.1.ebuild
deleted file mode 100644
index c2f92d34a..000000000
--- a/media-video/v4l2loopback/v4l2loopback-0.12.1.ebuild
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit linux-mod toolchain-funcs
-
-case ${PV} in
-9999)
- inherit git-r3
- KEYWORDS=""
- EGIT_REPO_URI="git://github.com/umlaeute/v4l2loopback.git"
- ;;
-*)
- inherit vcs-snapshot
- KEYWORDS="~amd64 ~x86"
- SRC_URI="https://github.com/umlaeute/v4l2loopback/tarball/v${PV} -> ${P}.tar.gz"
- ;;
-esac
-
-DESCRIPTION="v4l2 loopback device which output is it's own input"
-HOMEPAGE="https://github.com/umlaeute/v4l2loopback"
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="examples"
-
-CONFIG_CHECK="VIDEO_DEV"
-MODULE_NAMES="v4l2loopback(video:)"
-BUILD_TARGETS="all"
-
-pkg_setup() {
- linux-mod_pkg_setup
- export KERNELRELEASE=${KV_FULL}
-}
-
-src_prepare() {
- default
- sed -i -e 's/gcc /$(CC) /' examples/Makefile || die
-}
-
-src_compile() {
- linux-mod_src_compile
- if use examples; then
- emake CC=$(tc-getCC) -C examples
- fi
-}
-
-src_install() {
- linux-mod_src_install
- dosbin utils/v4l2loopback-ctl
- dodoc doc/kernel_debugging.txt
- dodoc doc/docs.txt
- if use examples; then
- dosbin examples/yuv4mpeg_to_v4l2
- docinto examples
- dodoc examples/{*.sh,*.c,Makefile}
- fi
-}
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest
deleted file mode 100644
index 2c93655db..000000000
--- a/net-misc/openssh/Manifest
+++ /dev/null
@@ -1,6 +0,0 @@
-DIST openssh-8.2p1+x509-12.4.3.diff.gz 806905 BLAKE2B 8e0f0f3eeb2aafd9fc9e6eca80c0b51ffedbed9dfc46ff73bb1becd28f6ac013407d03107b59da05d9d56edbf283eef20891086867b79efd8aab81c3e9a4a32f SHA512 51117d7e4df2ff78c4fdfd08c2bb8f1739b1db064df65bab3872e1a956c277a4736c511794aa399061058fea666a76ee07bb50d83a0d077b7fa572d02c030b91
-DIST openssh-8.2p1-sctp-1.2.patch.xz 7668 BLAKE2B 717487cffd235a5dfa2d9d3f2c1983f410d400b0d23f71a9b74406ac3d2f448d76381a3b7a3244942bff4e6bdc3bc78d148b9949c78dc297d99c7330179f8176 SHA512 a5fbd827e62e91b762062a29c7bc3bf569a202bdc8c91da7d77566ff8bb958b5b9fb6f8d45df586e0d7ac07a83de6e82996e9c5cdd6b3bf43336c420d3099305
-DIST openssh-8.2p1.tar.gz 1701197 BLAKE2B 8b95cdebc87e8d14f655ed13c12b91b122adf47161071aa81d0763f81b12fe4bc3d409c260783d995307d4e4ed2d16080fd74b15e4dc6dcc5648d7e66720c3ed SHA512 c4db64e52a3a4c410de9de49f9cb104dd493b10250af3599b92457dd986277b3fd99a6f51cec94892fd1be5bd0369c5757262ea7805f0de464b245c3d34c120a
-DIST openssh-8_1_P1-hpn-AES-CTR-14.20.diff 29935 BLAKE2B 79101c43601e41306c957481c0680a63357d93bededdf12a32229d50acd9c1f46a386cbb91282e9e7d7bb26a9f276f5a675fd2de7662b7cbd073322b172d3bca SHA512 94f011b7e654630e968a378375aa54fa1fde087b4426d0f2225813262e6667a1073814d6a83e9005f97b371c536e462e614bfe726b092ffed8229791592ca221
-DIST openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 42696 BLAKE2B d8ac7fa1a4e4d1877acdedeaee80172da469b5a62d0aaa43d6ed46c578e7893577b9d563835d89ca2044867fc561ad3f562bf504c025cf4c78421cf3d24397e9 SHA512 768db7cca8839df4441afcb08457d13d32625b31859da527c3d7f1a92d17a4ec81d6987db00879c394bbe59589e57b10bfd98899a167ffed65ab367b1fd08739
-DIST openssh-8_1_P1-hpn-PeakTput-14.20.diff 2012 BLAKE2B e42c43128f1d82b4de1517e6a9219947da03cecb607f1bc45f0728547f17601a6ce2ec819b6434890efd19ceaf4d20cb98183596ab5ee79e104a52cda7db9cdc SHA512 238f9419efd3be80bd700f6ae7e210e522d747c363c4e670364f5191f144ae3aa8d1b1539c0bf87b3de36743aa73e8101c53c0ef1c6472d209569be389e7814d
diff --git a/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch b/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch
deleted file mode 100644
index fa33af39b..000000000
--- a/net-misc/openssh/files/openssh-6.7_p1-openssl-ignore-status.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-the last nibble of the openssl version represents the status. that is,
-whether it is a beta or release. when it comes to version checks in
-openssh, this component does not matter, so ignore it.
-
-https://bugzilla.mindrot.org/show_bug.cgi?id=2212
-
---- a/openbsd-compat/openssl-compat.c
-+++ b/openbsd-compat/openssl-compat.c
-@@ -58,7 +58,7 @@ ssh_compatible_openssl(long headerver, long libver)
- * For versions >= 1.0.0, major,minor,status must match and library
- * fix version must be equal to or newer than the header.
- */
-- mask = 0xfff0000fL; /* major,minor,status */
-+ mask = 0xfff00000L; /* major,minor,status */
- hfix = (headerver & 0x000ff000) >> 12;
- lfix = (libver & 0x000ff000) >> 12;
- if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
diff --git a/net-misc/openssh/files/openssh-7.5_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-7.5_p1-GSSAPI-dns.patch
deleted file mode 100644
index 6b1e6dd35..000000000
--- a/net-misc/openssh/files/openssh-7.5_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,351 +0,0 @@
-http://bugs.gentoo.org/165444
-https://bugzilla.mindrot.org/show_bug.cgi?id=1008
-
---- a/readconf.c
-+++ b/readconf.c
-@@ -148,6 +148,7 @@
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -194,9 +195,11 @@
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "smartcarddevice", oPKCS11Provider },
-@@ -930,6 +933,10 @@
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -1649,6 +1656,7 @@
- options->challenge_response_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -1779,6 +1787,8 @@
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
---- a/readconf.h
-+++ b/readconf.h
-@@ -46,6 +46,7 @@
- /* Try S/Key or TIS, authentication. */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -830,6 +830,16 @@
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -656,6 +656,13 @@
- static u_int mech = 0;
- OM_uint32 min;
- int ok = 0;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(active_state, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -668,7 +674,7 @@
- /* My DER encoding requires length<128 */
- if (gss_supported->elements[mech].length < 128 &&
- ssh_gssapi_check_mechanism(&gssctxt,
-- &gss_supported->elements[mech], authctxt->host)) {
-+ &gss_supported->elements[mech], gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- mech++;
-
-need to move these two funcs back to canohost so they're available to clients
-and the server. auth.c is only used in the server.
-
---- a/auth.c
-+++ b/auth.c
-@@ -784,117 +784,3 @@ fakepw(void)
-
- return (&fake);
- }
--
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on legacy rhosts-style authentication.
-- * XXX is RhostsRSAAuthentication vulnerable to these?
-- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) < 0) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return strdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return strdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return strdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return strdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return strdup(ntop);
-- }
-- return strdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) < 0) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return strdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return strdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return strdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return strdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return strdup(ntop);
-+ }
-+ return strdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
diff --git a/net-misc/openssh/files/openssh-7.5_p1-disable-conch-interop-tests.patch b/net-misc/openssh/files/openssh-7.5_p1-disable-conch-interop-tests.patch
deleted file mode 100644
index a5647ce9d..000000000
--- a/net-misc/openssh/files/openssh-7.5_p1-disable-conch-interop-tests.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Disable conch interop tests which are failing when called
-via portage for yet unknown reason and because using conch
-seems to be flaky (test is failing when using Python2 but
-passing when using Python3).
-
-Bug: https://bugs.gentoo.org/605446
-
---- a/regress/conch-ciphers.sh
-+++ b/regress/conch-ciphers.sh
-@@ -3,6 +3,10 @@
-
- tid="conch ciphers"
-
-+# https://bugs.gentoo.org/605446
-+echo "conch interop tests skipped due to Gentoo bug #605446"
-+exit 0
-+
- if test "x$REGRESS_INTEROP_CONCH" != "xyes" ; then
- echo "conch interop tests not enabled"
- exit 0
diff --git a/net-misc/openssh/files/openssh-7.5_p1-hpn-x509-10.2-glue.patch b/net-misc/openssh/files/openssh-7.5_p1-hpn-x509-10.2-glue.patch
deleted file mode 100644
index 11a5b364b..000000000
--- a/net-misc/openssh/files/openssh-7.5_p1-hpn-x509-10.2-glue.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-diff -ur a/0003-Add-support-for-the-multi-threaded-AES-CTR-cipher.patch b/0003-Add-support-for-the-multi-threaded-AES-CTR-cipher.patch
---- a/0003-Add-support-for-the-multi-threaded-AES-CTR-cipher.patch 2017-03-27 13:31:01.816551100 -0700
-+++ b/0003-Add-support-for-the-multi-threaded-AES-CTR-cipher.patch 2017-03-27 13:51:03.894805846 -0700
-@@ -40,7 +40,7 @@
- @@ -44,7 +44,7 @@ CC=@CC@
- LD=@LD@
- CFLAGS=@CFLAGS@
-- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
-+ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
- -LIBS=@LIBS@
- +LIBS=@LIBS@ -lpthread
- K5LIBS=@K5LIBS@
-@@ -1023,6 +1023,3 @@
- do_authenticated(authctxt);
-
- /* The connection has been terminated. */
----
--2.12.0
--
-diff -ur a/0004-support-dynamically-sized-receive-buffers.patch b/0004-support-dynamically-sized-receive-buffers.patch
---- a/0004-support-dynamically-sized-receive-buffers.patch 2017-03-27 13:31:01.816551100 -0700
-+++ b/0004-support-dynamically-sized-receive-buffers.patch 2017-03-27 13:49:44.513498976 -0700
-@@ -926,9 +926,9 @@
- @@ -526,10 +553,10 @@ send_client_banner(int connection_out, int minor1)
- /* Send our own protocol version identification. */
- if (compat20) {
-- xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
--- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
--+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
-+ xasprintf(&client_version_string, "SSH-%d.%d-%.100s PKIX[%s]\r\n",
-+- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, PACKAGE_VERSION);
-++ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, PACKAGE_VERSION);
- } else {
- xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
- - PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
-@@ -943,11 +943,11 @@
- @@ -367,7 +367,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
- char remote_version[256]; /* Must be at least as big as buf. */
-
-- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
--+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-+ xasprintf(&server_version_string, "SSH-%d.%d-%s%s%s%s%s",
-+- major, minor, SSH_VERSION, pkix_comment,
-++ major, minor, SSH_RELEASE, pkix_comment,
- *options.version_addendum == '\0' ? "" : " ",
-- options.version_addendum);
-+ options.version_addendum, newline);
-
- @@ -1020,6 +1020,8 @@ server_listen(void)
- int ret, listen_sock, on = 1;
-@@ -1006,12 +1008,9 @@
- --- a/version.h
- +++ b/version.h
--@@ -3,4 +3,5 @@
-+@@ -3,4 +3,6 @@
- #define SSH_VERSION "OpenSSH_7.5"
-
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
-+-#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1"
-++#define SSH_X509 ", PKIX-SSH " PACKAGE_VERSION
- +#define SSH_HPN "-hpn14v12"
- +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
----
--2.12.0
--
diff --git a/net-misc/openssh/files/openssh-7.7_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-7.7_p1-GSSAPI-dns.patch
deleted file mode 100644
index 2840652a9..000000000
--- a/net-misc/openssh/files/openssh-7.7_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,351 +0,0 @@
-https://bugs.gentoo.org/165444
-https://bugzilla.mindrot.org/show_bug.cgi?id=1008
-
---- a/auth.c
-+++ b/auth.c
-@@ -728,120 +728,6 @@ fakepw(void)
- return (&fake);
- }
-
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on legacy rhosts-style authentication.
-- * XXX is RhostsRSAAuthentication vulnerable to these?
-- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) < 0) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return strdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return strdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return strdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return strdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return strdup(ntop);
-- }
-- return strdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
--
- /*
- * Runs command in a subprocess wuth a minimal environment.
- * Returns pid on success, 0 on failure.
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) < 0) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return strdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return strdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return strdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return strdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return strdup(ntop);
-+ }
-+ return strdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
---- a/readconf.c
-+++ b/readconf.c
-@@ -160,6 +160,7 @@ typedef enum {
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -200,9 +201,11 @@ static struct {
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "smartcarddevice", oPKCS11Provider },
-@@ -954,6 +957,10 @@ parse_time:
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -1766,6 +1773,7 @@ initialize_options(Options * options)
- options->challenge_response_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -1908,6 +1916,8 @@ fill_default_options(Options * options)
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
---- a/readconf.h
-+++ b/readconf.h
-@@ -43,6 +43,7 @@ typedef struct {
- /* Try S/Key or TIS, authentication. */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -731,6 +731,16 @@ The default is
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -643,6 +643,13 @@ userauth_gssapi(Authctxt *authctxt)
- static u_int mech = 0;
- OM_uint32 min;
- int ok = 0;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(active_state, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -655,7 +662,7 @@ userauth_gssapi(Authctxt *authctxt)
- /* My DER encoding requires length<128 */
- if (gss_supported->elements[mech].length < 128 &&
- ssh_gssapi_check_mechanism(&gssctxt,
-- &gss_supported->elements[mech], authctxt->host)) {
-+ &gss_supported->elements[mech], gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- mech++;
---
diff --git a/net-misc/openssh/files/openssh-7.8_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-7.8_p1-GSSAPI-dns.patch
deleted file mode 100644
index 989dc6cee..000000000
--- a/net-misc/openssh/files/openssh-7.8_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,359 +0,0 @@
-diff --git a/auth.c b/auth.c
-index 9a3bc96f..fc2c3620 100644
---- a/auth.c
-+++ b/auth.c
-@@ -733,120 +733,6 @@ fakepw(void)
- return (&fake);
- }
-
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on legacy rhosts-style authentication.
-- * XXX is RhostsRSAAuthentication vulnerable to these?
-- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) < 0) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return strdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return strdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return strdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return strdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return strdup(ntop);
-- }
-- return strdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
--
- /*
- * Runs command in a subprocess with a minimal environment.
- * Returns pid on success, 0 on failure.
-diff --git a/canohost.c b/canohost.c
-index f71a0856..3e162d8c 100644
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) < 0) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return strdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return strdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return strdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return strdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return strdup(ntop);
-+ }
-+ return strdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
-diff --git a/readconf.c b/readconf.c
-index db5f2d54..67feffa5 100644
---- a/readconf.c
-+++ b/readconf.c
-@@ -161,6 +161,7 @@ typedef enum {
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -202,9 +203,11 @@ static struct {
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "smartcarddevice", oPKCS11Provider },
-@@ -977,6 +980,10 @@ parse_time:
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -1818,6 +1825,7 @@ initialize_options(Options * options)
- options->challenge_response_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -1964,6 +1972,8 @@ fill_default_options(Options * options)
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
-diff --git a/readconf.h b/readconf.h
-index c5688781..af809cc8 100644
---- a/readconf.h
-+++ b/readconf.h
-@@ -41,6 +41,7 @@ typedef struct {
- /* Try S/Key or TIS, authentication. */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-diff --git a/ssh_config.5 b/ssh_config.5
-index f499396a..be758544 100644
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -722,6 +722,16 @@ The default is
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
-diff --git a/sshconnect2.c b/sshconnect2.c
-index 10e4f0a0..4f7d49e3 100644
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -657,6 +657,13 @@ userauth_gssapi(Authctxt *authctxt)
- static u_int mech = 0;
- OM_uint32 min;
- int r, ok = 0;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(active_state, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -669,7 +676,7 @@ userauth_gssapi(Authctxt *authctxt)
- /* My DER encoding requires length<128 */
- if (gss_supported->elements[mech].length < 128 &&
- ssh_gssapi_check_mechanism(&gssctxt,
-- &gss_supported->elements[mech], authctxt->host)) {
-+ &gss_supported->elements[mech], gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- mech++;
diff --git a/net-misc/openssh/files/openssh-7.9_p1-X509-11.6-tests.patch b/net-misc/openssh/files/openssh-7.9_p1-X509-11.6-tests.patch
deleted file mode 100644
index 9766b1594..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-X509-11.6-tests.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -ur openssh-7.9p1.orig/openbsd-compat/regress/Makefile.in openssh-7.9p1/openbsd-compat/regress/Makefile.in
---- openssh-7.9p1.orig/openbsd-compat/regress/Makefile.in 2018-10-16 17:01:20.000000000 -0700
-+++ openssh-7.9p1/openbsd-compat/regress/Makefile.in 2018-12-19 11:03:14.421028691 -0800
-@@ -7,7 +7,7 @@
- CC=@CC@
- LD=@LD@
- CFLAGS=@CFLAGS@
--CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
-+CPPFLAGS=-I. -I.. -I$(srcdir) -I../.. @CPPFLAGS@ @DEFS@
- EXEEXT=@EXEEXT@
- LIBCOMPAT=../libopenbsd-compat.a
- LIBS=@LIBS@
diff --git a/net-misc/openssh/files/openssh-7.9_p1-X509-dont-make-piddir-11.6.patch b/net-misc/openssh/files/openssh-7.9_p1-X509-dont-make-piddir-11.6.patch
deleted file mode 100644
index 487b23963..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-X509-dont-make-piddir-11.6.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- a/openssh-7.9p1+x509-11.6.diff 2018-12-07 17:24:03.211328918 -0800
-+++ b/openssh-7.9p1+x509-11.6.diff 2018-12-07 17:24:13.399262277 -0800
-@@ -40681,12 +40681,11 @@
-
- install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
- install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf
--@@ -333,6 +351,8 @@
-+@@ -333,6 +351,7 @@
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)5
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8
- $(MKDIR_P) $(DESTDIR)$(libexecdir)
- + $(MKDIR_P) $(DESTDIR)$(sshcadir)
--+ $(MKDIR_P) $(DESTDIR)$(piddir)
- $(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH)
- $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT)
- $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT)
diff --git a/net-misc/openssh/files/openssh-7.9_p1-X509-glue-11.6.patch b/net-misc/openssh/files/openssh-7.9_p1-X509-glue-11.6.patch
deleted file mode 100644
index b807ac45f..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-X509-glue-11.6.patch
+++ /dev/null
@@ -1,28 +0,0 @@
---- a/openssh-7.9p1+x509-11.6.diff 2018-12-19 10:42:01.241775036 -0800
-+++ b/openssh-7.9p1+x509-11.6.diff 2018-12-19 10:43:33.383140818 -0800
-@@ -45862,7 +45862,7 @@
- ENGINE_register_all_complete();
- +#endif
-
---#if OPENSSL_VERSION_NUMBER < 0x10001000L
-+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- + /* OPENSSL_config will load buildin engines and engines
- + * specified in configuration file, i.e. method call
- + * ENGINE_load_builtin_engines. Latter is only for
-@@ -81123,16 +81123,6 @@
- setlocale(LC_CTYPE, "POSIX.UTF-8") != NULL))
- return;
- setlocale(LC_CTYPE, "C");
--diff -ruN openssh-7.9p1/version.h openssh-7.9p1+x509-11.6/version.h
----- openssh-7.9p1/version.h 2018-10-17 03:01:20.000000000 +0300
--+++ openssh-7.9p1+x509-11.6/version.h 2018-12-18 20:07:00.000000000 +0200
--@@ -2,5 +2,4 @@
--
-- #define SSH_VERSION "OpenSSH_7.9"
--
---#define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1"
- diff -ruN openssh-7.9p1/version.m4 openssh-7.9p1+x509-11.6/version.m4
- --- openssh-7.9p1/version.m4 1970-01-01 02:00:00.000000000 +0200
- +++ openssh-7.9p1+x509-11.6/version.m4 2018-12-18 20:07:00.000000000 +0200
diff --git a/net-misc/openssh/files/openssh-7.9_p1-hpn-X509-glue.patch b/net-misc/openssh/files/openssh-7.9_p1-hpn-X509-glue.patch
deleted file mode 100644
index c76d454c9..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-hpn-X509-glue.patch
+++ /dev/null
@@ -1,79 +0,0 @@
---- temp/openssh-7_8_P1-hpn-AES-CTR-14.16.diff.orig 2018-09-12 15:58:57.377986085 -0700
-+++ temp/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2018-09-12 16:07:15.376711327 -0700
-@@ -4,8 +4,8 @@
- +++ b/Makefile.in
- @@ -42,7 +42,7 @@ CC=@CC@
- LD=@LD@
-- CFLAGS=@CFLAGS@
-- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
-+ CFLAGS=@CFLAGS@ $(CFLAGS_EXTRA)
-+ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
- -LIBS=@LIBS@
- +LIBS=@LIBS@ -lpthread
- K5LIBS=@K5LIBS@
-@@ -788,8 +788,8 @@
- ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out)
- {
- struct session_state *state;
--- const struct sshcipher *none = cipher_by_name("none");
--+ struct sshcipher *none = cipher_by_name("none");
-+- const struct sshcipher *none = cipher_none();
-++ struct sshcipher *none = cipher_none();
- int r;
-
- if (none == NULL) {
-@@ -933,9 +933,9 @@
- /* Portable-specific options */
- sUsePAM,
- + sDisableMTAES,
-- /* Standard Options */
-- sPort, sHostKeyFile, sLoginGraceTime,
-- sPermitRootLogin, sLogFacility, sLogLevel,
-+ /* X.509 Standard Options */
-+ sHostbasedAlgorithms,
-+ sPubkeyAlgorithms,
- @@ -626,6 +630,7 @@ static struct {
- { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
- { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
---- temp/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff.orig 2018-09-12 16:38:16.947447218 -0700
-+++ temp/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2018-09-12 16:32:35.479700864 -0700
-@@ -382,7 +382,7 @@
- @@ -822,6 +822,10 @@ kex_choose_conf(struct ssh *ssh)
- int nenc, nmac, ncomp;
- u_int mode, ctos, need, dh_need, authlen;
-- int r, first_kex_follows;
-+ int r, first_kex_follows = 0;
- + int auth_flag;
- +
- + auth_flag = packet_authentication_state(ssh);
-@@ -1125,15 +1125,6 @@
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
- +++ b/sshd.c
--@@ -373,7 +373,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-- char remote_version[256]; /* Must be at least as big as buf. */
--
-- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
--+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-- *options.version_addendum == '\0' ? "" : " ",
-- options.version_addendum);
--
- @@ -1037,6 +1037,8 @@ listen_on_addrs(struct listenaddr *la)
- int ret, listen_sock;
- struct addrinfo *ai;
-@@ -1213,14 +1204,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index f1bbf00..21a70c2 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,5 @@
-- #define SSH_VERSION "OpenSSH_7.8"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
diff --git a/net-misc/openssh/files/openssh-7.9_p1-hpn-glue.patch b/net-misc/openssh/files/openssh-7.9_p1-hpn-glue.patch
deleted file mode 100644
index 0561e3814..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-hpn-glue.patch
+++ /dev/null
@@ -1,112 +0,0 @@
---- temp/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff.orig 2018-09-11 17:19:19.968420409 -0700
-+++ temp/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2018-09-11 17:39:19.977535398 -0700
-@@ -409,18 +409,10 @@
- index dcf35e6..da4ced0 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -920,6 +920,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -920,6 +920,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
- return 0;
- }
-
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+ rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
- #define MAX_PACKETS (1U<<31)
- static int
- ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -946,6 +964,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- return 0;
--
--+ /* used to force rekeying when called for by the none
--+ * cipher switch methods -cjr */
--+ if (rekey_requested == 1) {
--+ rekey_requested = 0;
--+ return 1;
--+ }
--+
-- /* Time-based rekeying */
-- if (state->rekey_interval != 0 &&
-- (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 170203c..f4d9df2 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
- /* Format of the configuration file:
-
- @@ -166,6 +167,8 @@ typedef enum {
-- oHashKnownHosts,
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -615,9 +593,9 @@
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
- @@ -111,7 +115,10 @@ typedef struct {
--
- int enable_ssh_keysign;
- int64_t rekey_limit;
-+ int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -673,9 +651,9 @@
- /* Portable-specific options */
- if (options->use_pam == -1)
- @@ -391,6 +400,43 @@ fill_default_server_options(ServerOptions *options)
-- }
-- if (options->permit_tun == -1)
- options->permit_tun = SSH_TUNMODE_NO;
-+ if (options->disable_multithreaded == -1)
-+ options->disable_multithreaded = 0;
- + if (options->none_enabled == -1)
- + options->none_enabled = 0;
- + if (options->hpn_disabled == -1)
-@@ -1092,7 +1070,7 @@
- xxx_host = host;
- xxx_hostaddr = hostaddr;
-
--@@ -412,6 +423,28 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-+@@ -412,6 +423,27 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-
- if (!authctxt.success)
- fatal("Authentication failed.");
-@@ -1117,10 +1095,9 @@
- + fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
- + }
- + }
--+
-- debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
-
-+ #ifdef WITH_OPENSSL
-+ if (options.disable_multithreaded == 0) {
- diff --git a/sshd.c b/sshd.c
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
-@@ -1217,11 +1194,10 @@
- index f1bbf00..21a70c2 100644
- --- a/version.h
- +++ b/version.h
--@@ -3,4 +3,6 @@
-+@@ -3,4 +3,5 @@
- #define SSH_VERSION "OpenSSH_7.8"
-
- #define SSH_PORTABLE "p1"
- -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v16"
- +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
- +
diff --git a/net-misc/openssh/files/openssh-7.9_p1-hpn-sctp-glue.patch b/net-misc/openssh/files/openssh-7.9_p1-hpn-sctp-glue.patch
deleted file mode 100644
index a7d51ad94..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-hpn-sctp-glue.patch
+++ /dev/null
@@ -1,17 +0,0 @@
---- dd/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff.orig 2018-09-12 18:18:51.851536374 -0700
-+++ dd/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2018-09-12 18:19:01.116475099 -0700
-@@ -1190,14 +1190,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index f1bbf00..21a70c2 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,5 @@
-- #define SSH_VERSION "OpenSSH_7.8"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
diff --git a/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch b/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch
deleted file mode 100644
index c5697c2b8..000000000
--- a/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-diff --git a/auth-options.c b/auth-options.c
-index b05d6d6f..d1f42f04 100644
---- a/auth-options.c
-+++ b/auth-options.c
-@@ -26,6 +26,7 @@
- #include
- #include
- #include
-+#include
-
- #include "openbsd-compat/sys-queue.h"
-
-diff --git a/hmac.c b/hmac.c
-index 1c879640..a29f32c5 100644
---- a/hmac.c
-+++ b/hmac.c
-@@ -19,6 +19,7 @@
-
- #include
- #include
-+#include
-
- #include "sshbuf.h"
- #include "digest.h"
-diff --git a/krl.c b/krl.c
-index 8e2d5d5d..c32e147a 100644
---- a/krl.c
-+++ b/krl.c
-@@ -28,6 +28,7 @@
- #include
- #include
- #include
-+#include
-
- #include "sshbuf.h"
- #include "ssherr.h"
-diff --git a/mac.c b/mac.c
-index 51dc11d7..3d11eba6 100644
---- a/mac.c
-+++ b/mac.c
-@@ -29,6 +29,7 @@
-
- #include
- #include
-+#include
-
- #include "digest.h"
- #include "hmac.h"
diff --git a/net-misc/openssh/files/openssh-8.0_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-8.0_p1-GSSAPI-dns.patch
deleted file mode 100644
index 04d622191..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,359 +0,0 @@
-diff --git a/auth.c b/auth.c
-index 8696f258..f4cd70a3 100644
---- a/auth.c
-+++ b/auth.c
-@@ -723,120 +723,6 @@ fakepw(void)
- return (&fake);
- }
-
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on legacy rhosts-style authentication.
-- * XXX is RhostsRSAAuthentication vulnerable to these?
-- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) < 0) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return strdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return strdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return strdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return strdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return strdup(ntop);
-- }
-- return strdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
--
- /*
- * Runs command in a subprocess with a minimal environment.
- * Returns pid on success, 0 on failure.
-diff --git a/canohost.c b/canohost.c
-index f71a0856..3e162d8c 100644
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) < 0) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return strdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return strdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return strdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return strdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return strdup(ntop);
-+ }
-+ return strdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
-diff --git a/readconf.c b/readconf.c
-index 71a5c795..2a8c6990 100644
---- a/readconf.c
-+++ b/readconf.c
-@@ -163,6 +163,7 @@ typedef enum {
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -204,9 +205,11 @@ static struct {
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "pkcs11provider", oPKCS11Provider },
-@@ -993,6 +996,10 @@ parse_time:
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -1875,6 +1882,7 @@ initialize_options(Options * options)
- options->challenge_response_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -2023,6 +2031,8 @@ fill_default_options(Options * options)
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
-diff --git a/readconf.h b/readconf.h
-index 69c24700..2758b633 100644
---- a/readconf.h
-+++ b/readconf.h
-@@ -45,6 +45,7 @@ typedef struct {
- /* Try S/Key or TIS, authentication. */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-diff --git a/ssh_config.5 b/ssh_config.5
-index b7566782..64897e4e 100644
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -758,6 +758,16 @@ The default is
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
-diff --git a/sshconnect2.c b/sshconnect2.c
-index dffee90b..a25a32b9 100644
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -698,6 +698,13 @@ userauth_gssapi(struct ssh *ssh)
- OM_uint32 min;
- int r, ok = 0;
- gss_OID mech = NULL;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(ssh, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -712,7 +719,7 @@ userauth_gssapi(struct ssh *ssh)
- elements[authctxt->mech_tried];
- /* My DER encoding requires length<128 */
- if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
-- mech, authctxt->host)) {
-+ mech, gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- authctxt->mech_tried++;
diff --git a/net-misc/openssh/files/openssh-8.0_p1-X509-12.1-tests.patch b/net-misc/openssh/files/openssh-8.0_p1-X509-12.1-tests.patch
deleted file mode 100644
index 67a93fe2a..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-X509-12.1-tests.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/openbsd-compat/regress/Makefile.in 2019-06-17 10:59:01.210601434 -0700
-+++ b/openbsd-compat/regress/Makefile.in 2019-06-17 10:59:18.753485852 -0700
-@@ -7,7 +7,7 @@
- CC=@CC@
- LD=@LD@
- CFLAGS=@CFLAGS@
--CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
-+CPPFLAGS=-I. -I.. -I../.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
- EXEEXT=@EXEEXT@
- LIBCOMPAT=../libopenbsd-compat.a
- LIBS=@LIBS@
diff --git a/net-misc/openssh/files/openssh-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch b/net-misc/openssh/files/openssh-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
deleted file mode 100644
index fe3be2409..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 3ef92a657444f172b61f92d5da66d94fa8265602 Mon Sep 17 00:00:00 2001
-From: Lonnie Abelbeck
-Date: Tue, 1 Oct 2019 09:05:09 -0500
-Subject: [PATCH] Deny (non-fatal) shmget/shmat/shmdt in preauth privsep child.
-
-New wait_random_seeded() function on OpenSSL 1.1.1d uses shmget, shmat, and shmdt
-in the preauth codepath, deny (non-fatal) in seccomp_filter sandbox.
----
- sandbox-seccomp-filter.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
-index 840c5232b..39dc289e3 100644
---- a/sandbox-seccomp-filter.c
-+++ b/sandbox-seccomp-filter.c
-@@ -168,6 +168,15 @@ static const struct sock_filter preauth_insns[] = {
- #ifdef __NR_stat64
- SC_DENY(__NR_stat64, EACCES),
- #endif
-+#ifdef __NR_shmget
-+ SC_DENY(__NR_shmget, EACCES),
-+#endif
-+#ifdef __NR_shmat
-+ SC_DENY(__NR_shmat, EACCES),
-+#endif
-+#ifdef __NR_shmdt
-+ SC_DENY(__NR_shmdt, EACCES),
-+#endif
-
- /* Syscalls to permit */
- #ifdef __NR_brk
diff --git a/net-misc/openssh/files/openssh-8.0_p1-fix-putty-tests.patch b/net-misc/openssh/files/openssh-8.0_p1-fix-putty-tests.patch
deleted file mode 100644
index 4310aa123..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-fix-putty-tests.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-Make sure that host keys are already accepted before
-running tests.
-
-https://bugs.gentoo.org/493866
-
---- a/regress/putty-ciphers.sh
-+++ b/regress/putty-ciphers.sh
-@@ -10,11 +10,17 @@ fi
-
- for c in aes 3des aes128-ctr aes192-ctr aes256-ctr ; do
- verbose "$tid: cipher $c"
-+ rm -f ${COPY}
- cp ${OBJ}/.putty/sessions/localhost_proxy \
- ${OBJ}/.putty/sessions/cipher_$c
- echo "Cipher=$c" >> ${OBJ}/.putty/sessions/cipher_$c
-
-- rm -f ${COPY}
-+ env HOME=$PWD echo "y" | ${PLINK} -load cipher_$c \
-+ -i ${OBJ}/putty.rsa2 "exit"
-+ if [ $? -ne 0 ]; then
-+ fail "failed to pre-cache host key"
-+ fi
-+
- env HOME=$PWD ${PLINK} -load cipher_$c -batch -i ${OBJ}/putty.rsa2 \
- cat ${DATA} > ${COPY}
- if [ $? -ne 0 ]; then
---- a/regress/putty-kex.sh
-+++ b/regress/putty-kex.sh
-@@ -14,6 +14,12 @@ for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ; do
- ${OBJ}/.putty/sessions/kex_$k
- echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k
-
-+ env HOME=$PWD echo "y" | ${PLINK} -load kex_$k \
-+ -i ${OBJ}/putty.rsa2 "exit"
-+ if [ $? -ne 0 ]; then
-+ fail "failed to pre-cache host key"
-+ fi
-+
- env HOME=$PWD ${PLINK} -load kex_$k -batch -i ${OBJ}/putty.rsa2 true
- if [ $? -ne 0 ]; then
- fail "KEX $k failed"
---- a/regress/putty-transfer.sh
-+++ b/regress/putty-transfer.sh
-@@ -14,6 +14,13 @@ for c in 0 1 ; do
- cp ${OBJ}/.putty/sessions/localhost_proxy \
- ${OBJ}/.putty/sessions/compression_$c
- echo "Compression=$c" >> ${OBJ}/.putty/sessions/kex_$k
-+
-+ env HOME=$PWD echo "y" | ${PLINK} -load compression_$c \
-+ -i ${OBJ}/putty.rsa2 "exit"
-+ if [ $? -ne 0 ]; then
-+ fail "failed to pre-cache host key"
-+ fi
-+
- env HOME=$PWD ${PLINK} -load compression_$c -batch \
- -i ${OBJ}/putty.rsa2 cat ${DATA} > ${COPY}
- if [ $? -ne 0 ]; then
diff --git a/net-misc/openssh/files/openssh-8.0_p1-hpn-14.20-X509-glue.patch b/net-misc/openssh/files/openssh-8.0_p1-hpn-14.20-X509-glue.patch
deleted file mode 100644
index 167adfcae..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-hpn-14.20-X509-glue.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-diff -ur a/openssh-8_1_P1-hpn-AES-CTR-14.20.diff b/openssh-8_1_P1-hpn-AES-CTR-14.20.diff
---- a/openssh-8_1_P1-hpn-AES-CTR-14.20.diff 2020-02-04 15:49:15.746095444 -0800
-+++ b/openssh-8_1_P1-hpn-AES-CTR-14.20.diff 2020-02-04 15:49:54.181853707 -0800
-@@ -4,8 +4,8 @@
- +++ b/Makefile.in
- @@ -42,7 +42,7 @@ CC=@CC@
- LD=@LD@
-- CFLAGS=@CFLAGS@
-- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
-+ CFLAGS=@CFLAGS@ $(CFLAGS_EXTRA)
-+ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
- -LIBS=@LIBS@
- +LIBS=@LIBS@ -lpthread
- K5LIBS=@K5LIBS@
-@@ -803,8 +803,8 @@
- ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out)
- {
- struct session_state *state;
--- const struct sshcipher *none = cipher_by_name("none");
--+ struct sshcipher *none = cipher_by_name("none");
-+- const struct sshcipher *none = cipher_none();
-++ struct sshcipher *none = cipher_none();
- int r;
-
- if (none == NULL) {
-@@ -948,9 +948,9 @@
- /* Portable-specific options */
- sUsePAM,
- + sDisableMTAES,
-- /* Standard Options */
-- sPort, sHostKeyFile, sLoginGraceTime,
-- sPermitRootLogin, sLogFacility, sLogLevel,
-+ /* X.509 Standard Options */
-+ sHostbasedAlgorithms,
-+ sPubkeyAlgorithms,
- @@ -643,6 +647,7 @@ static struct {
- { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
- { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
-diff -ur a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff
---- a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-04 15:41:42.512910357 -0800
-+++ b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-04 15:56:40.323299499 -0800
-@@ -382,7 +382,7 @@
- @@ -884,6 +884,10 @@ kex_choose_conf(struct ssh *ssh)
- int nenc, nmac, ncomp;
- u_int mode, ctos, need, dh_need, authlen;
-- int r, first_kex_follows;
-+ int r, first_kex_follows = 0;
- + int auth_flag;
- +
- + auth_flag = packet_authentication_state(ssh);
-@@ -391,8 +391,8 @@
- debug2("local %s KEXINIT proposal", kex->server ? "server" : "client");
- if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0)
- @@ -954,6 +958,14 @@ kex_choose_conf(struct ssh *ssh)
-- peer[ncomp] = NULL;
-- goto out;
-+ else
-+ fatal("Pre-authentication none cipher requests are not allowed.");
- }
- + debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name);
- + if (strcmp(newkeys->enc.name, "none") == 0) {
-@@ -1169,15 +1169,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index 6b3fadf8..ec1d2e27 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,6 @@
-- #define SSH_VERSION "OpenSSH_8.1"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v20"
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
-diff -ur a/openssh-8_1_P1-hpn-PeakTput-14.20.diff b/openssh-8_1_P1-hpn-PeakTput-14.20.diff
---- a/openssh-8_1_P1-hpn-PeakTput-14.20.diff 2020-02-04 15:41:42.512910357 -0800
-+++ b/openssh-8_1_P1-hpn-PeakTput-14.20.diff 2020-02-04 16:02:42.203023609 -0800
-@@ -12,9 +12,9 @@
- static long stalled; /* how long we have been stalled */
- static int bytes_per_second; /* current speed in bytes per second */
- @@ -127,6 +129,7 @@ refresh_progress_meter(int force_update)
-+ off_t bytes_left;
- int cur_speed;
-- int hours, minutes, seconds;
-- int file_len;
-+ int len;
- + off_t delta_pos;
-
- if ((!force_update && !alarm_fired && !win_resized) || !can_output())
-@@ -33,12 +33,12 @@
- @@ -166,7 +173,7 @@ refresh_progress_meter(int force_update)
-
- /* filename */
-- buf[0] = '\0';
--- file_len = win_size - 36;
--+ file_len = win_size - 45;
-- if (file_len > 0) {
-- buf[0] = '\r';
-- snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s",
-+ if (win_size > 36) {
-+- int file_len = win_size - 36;
-++ int file_len = win_size - 45;
-+ snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s ",
-+ file_len, file);
-+ }
- @@ -191,6 +198,15 @@ refresh_progress_meter(int force_update)
- (off_t)bytes_per_second);
- strlcat(buf, "/s ", win_size);
diff --git a/net-misc/openssh/files/openssh-8.0_p1-hpn-X509-glue.patch b/net-misc/openssh/files/openssh-8.0_p1-hpn-X509-glue.patch
deleted file mode 100644
index 2a9d3bd2f..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-hpn-X509-glue.patch
+++ /dev/null
@@ -1,114 +0,0 @@
---- a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-04-18 17:07:59.413376785 -0700
-+++ b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-04-18 20:05:12.622588051 -0700
-@@ -382,7 +382,7 @@
- @@ -822,6 +822,10 @@ kex_choose_conf(struct ssh *ssh)
- int nenc, nmac, ncomp;
- u_int mode, ctos, need, dh_need, authlen;
-- int r, first_kex_follows;
-+ int r, first_kex_follows = 0;
- + int auth_flag;
- +
- + auth_flag = packet_authentication_state(ssh);
-@@ -441,6 +441,39 @@
- int ssh_packet_get_state(struct ssh *, struct sshbuf *);
- int ssh_packet_set_state(struct ssh *, struct sshbuf *);
-
-+diff --git a/packet.c b/packet.c
-+index dcf35e6..9433f08 100644
-+--- a/packet.c
-++++ b/packet.c
-+@@ -920,6 +920,14 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+ return 0;
-+ }
-+
-++/* this supports the forced rekeying required for the NONE cipher */
-++int rekey_requested = 0;
-++void
-++packet_request_rekeying(void)
-++{
-++ rekey_requested = 1;
-++}
-++
-+ #define MAX_PACKETS (1U<<31)
-+ static int
-+ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-+@@ -946,6 +954,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-+ if (state->p_send.packets == 0 && state->p_read.packets == 0)
-+ return 0;
-+
-++ /* used to force rekeying when called for by the none
-++ * cipher switch and aes-mt-ctr methods -cjr */
-++ if (rekey_requested == 1) {
-++ rekey_requested = 0;
-++ return 1;
-++ }
-++
-+ /* Time-based rekeying */
-+ if (state->rekey_interval != 0 &&
-+ (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/readconf.c b/readconf.c
- index db5f2d5..33f18c9 100644
- --- a/readconf.c
-@@ -453,10 +486,9 @@
-
- /* Format of the configuration file:
-
--@@ -166,6 +167,8 @@ typedef enum {
-+@@ -166,5 +167,7 @@ typedef enum {
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-- oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -592,10 +624,9 @@
- int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
--@@ -111,7 +115,10 @@ typedef struct {
-+@@ -111,6 +115,9 @@ typedef struct {
- int enable_ssh_keysign;
- int64_t rekey_limit;
-- int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -650,10 +681,8 @@
-
- /* Portable-specific options */
- if (options->use_pam == -1)
--@@ -391,6 +400,43 @@ fill_default_server_options(ServerOptions *options)
-+@@ -391,4 +400,41 @@ fill_default_server_options(ServerOptions *options)
- options->permit_tun = SSH_TUNMODE_NO;
-- if (options->disable_multithreaded == -1)
-- options->disable_multithreaded = 0;
- + if (options->none_enabled == -1)
- + options->none_enabled = 0;
- + if (options->hpn_disabled == -1)
-@@ -1095,9 +1124,9 @@
- + fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
- + }
- + }
-+ debug("Authentication succeeded (%s).", authctxt.method->name);
-+ }
-
-- #ifdef WITH_OPENSSL
-- if (options.disable_multithreaded == 0) {
- diff --git a/sshd.c b/sshd.c
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
-@@ -1181,14 +1210,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index f1bbf00..21a70c2 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,5 @@
-- #define SSH_VERSION "OpenSSH_7.8"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
diff --git a/net-misc/openssh/files/openssh-8.0_p1-hpn-glue.patch b/net-misc/openssh/files/openssh-8.0_p1-hpn-glue.patch
deleted file mode 100644
index adbfa87af..000000000
--- a/net-misc/openssh/files/openssh-8.0_p1-hpn-glue.patch
+++ /dev/null
@@ -1,194 +0,0 @@
-diff -ur --exclude '.*.un*' a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff
---- a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2019-04-18 15:07:06.748067368 -0700
-+++ b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2019-04-18 19:42:26.689298696 -0700
-@@ -998,7 +998,7 @@
- + * so we repoint the define to the multithreaded evp. To start the threads we
- + * then force a rekey
- + */
--+ const void *cc = ssh_packet_get_send_context(active_state);
-++ const void *cc = ssh_packet_get_send_context(ssh);
- +
- + /* only do this for the ctr cipher. otherwise gcm mode breaks. Don't know why though */
- + if (strstr(cipher_ctx_name(cc), "ctr")) {
-@@ -1028,7 +1028,7 @@
- + * so we repoint the define to the multithreaded evp. To start the threads we
- + * then force a rekey
- + */
--+ const void *cc = ssh_packet_get_send_context(active_state);
-++ const void *cc = ssh_packet_get_send_context(ssh);
- +
- + /* only rekey if necessary. If we don't do this gcm mode cipher breaks */
- + if (strstr(cipher_ctx_name(cc), "ctr")) {
-diff -ur --exclude '.*.un*' a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff
---- a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-04-18 15:07:11.289035776 -0700
-+++ b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-04-18 17:07:59.413376785 -0700
-@@ -162,24 +162,24 @@
- }
-
- +static int
--+channel_tcpwinsz(void)
-++channel_tcpwinsz(struct ssh *ssh)
- +{
- + u_int32_t tcpwinsz = 0;
- + socklen_t optsz = sizeof(tcpwinsz);
- + int ret = -1;
- +
- + /* if we aren't on a socket return 128KB */
--+ if (!packet_connection_is_on_socket())
-++ if (!ssh_packet_connection_is_on_socket(ssh))
- + return 128 * 1024;
- +
--+ ret = getsockopt(packet_get_connection_in(),
-++ ret = getsockopt(ssh_packet_get_connection_in(ssh),
- + SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz);
- + /* return no more than SSHBUF_SIZE_MAX (currently 256MB) */
- + if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX)
- + tcpwinsz = SSHBUF_SIZE_MAX;
- +
- + debug2("tcpwinsz: tcp connection %d, Receive window: %d",
--+ packet_get_connection_in(), tcpwinsz);
-++ ssh_packet_get_connection_in(ssh), tcpwinsz);
- + return tcpwinsz;
- +}
- +
-@@ -191,7 +191,7 @@
- c->local_window < c->local_window_max/2) &&
- c->local_consumed > 0) {
- + u_int addition = 0;
--+ u_int32_t tcpwinsz = channel_tcpwinsz();
-++ u_int32_t tcpwinsz = channel_tcpwinsz(ssh);
- + /* adjust max window size if we are in a dynamic environment */
- + if (c->dynamic_window && (tcpwinsz > c->local_window_max)) {
- + /* grow the window somewhat aggressively to maintain pressure */
-@@ -409,18 +409,10 @@
- index dcf35e6..da4ced0 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -920,6 +920,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -920,6 +920,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
- return 0;
- }
-
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+ rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
- #define MAX_PACKETS (1U<<31)
- static int
- ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -946,6 +964,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- return 0;
--
--+ /* used to force rekeying when called for by the none
--+ * cipher switch methods -cjr */
--+ if (rekey_requested == 1) {
--+ rekey_requested = 0;
--+ return 1;
--+ }
--+
-- /* Time-based rekeying */
-- if (state->rekey_interval != 0 &&
-- (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 170203c..f4d9df2 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
- /* Format of the configuration file:
-
- @@ -166,6 +167,8 @@ typedef enum {
-- oHashKnownHosts,
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -615,9 +593,9 @@
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
- @@ -111,7 +115,10 @@ typedef struct {
--
- int enable_ssh_keysign;
- int64_t rekey_limit;
-+ int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -673,9 +651,9 @@
- /* Portable-specific options */
- if (options->use_pam == -1)
- @@ -391,6 +400,43 @@ fill_default_server_options(ServerOptions *options)
-- }
-- if (options->permit_tun == -1)
- options->permit_tun = SSH_TUNMODE_NO;
-+ if (options->disable_multithreaded == -1)
-+ options->disable_multithreaded = 0;
- + if (options->none_enabled == -1)
- + options->none_enabled = 0;
- + if (options->hpn_disabled == -1)
-@@ -1092,7 +1070,7 @@
- xxx_host = host;
- xxx_hostaddr = hostaddr;
-
--@@ -412,6 +423,28 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-+@@ -412,6 +423,27 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-
- if (!authctxt.success)
- fatal("Authentication failed.");
-@@ -1108,7 +1086,7 @@
- + memcpy(&myproposal, &myproposal_default, sizeof(myproposal));
- + myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
- + myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
--+ kex_prop2buf(active_state->kex->my, myproposal);
-++ kex_prop2buf(ssh->kex->my, myproposal);
- + packet_request_rekeying();
- + fprintf(stderr, "WARNING: ENABLED NONE CIPHER\n");
- + } else {
-@@ -1117,23 +1095,13 @@
- + fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
- + }
- + }
--+
-- debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
-
-+ #ifdef WITH_OPENSSL
-+ if (options.disable_multithreaded == 0) {
- diff --git a/sshd.c b/sshd.c
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
- +++ b/sshd.c
--@@ -373,7 +373,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-- char remote_version[256]; /* Must be at least as big as buf. */
--
-- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
--+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-- *options.version_addendum == '\0' ? "" : " ",
-- options.version_addendum);
--
- @@ -1037,6 +1037,8 @@ listen_on_addrs(struct listenaddr *la)
- int ret, listen_sock;
- struct addrinfo *ai;
-@@ -1217,11 +1185,10 @@
- index f1bbf00..21a70c2 100644
- --- a/version.h
- +++ b/version.h
--@@ -3,4 +3,6 @@
-+@@ -3,4 +3,5 @@
- #define SSH_VERSION "OpenSSH_7.8"
-
- #define SSH_PORTABLE "p1"
- -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v16"
- +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
- +
diff --git a/net-misc/openssh/files/openssh-8.1_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-8.1_p1-GSSAPI-dns.patch
deleted file mode 100644
index 6aba6f266..000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,359 +0,0 @@
-diff --git a/auth.c b/auth.c
-index ca450f4e..2994a4e4 100644
---- a/auth.c
-+++ b/auth.c
-@@ -723,120 +723,6 @@ fakepw(void)
- return (&fake);
- }
-
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on legacy rhosts-style authentication.
-- * XXX is RhostsRSAAuthentication vulnerable to these?
-- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) == -1) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return strdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return strdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return strdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return strdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return strdup(ntop);
-- }
-- return strdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
--
- /*
- * Runs command in a subprocess with a minimal environment.
- * Returns pid on success, 0 on failure.
-diff --git a/canohost.c b/canohost.c
-index abea9c6e..4f4524d2 100644
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) < 0) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return strdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return strdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return strdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return strdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return strdup(ntop);
-+ }
-+ return strdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
-diff --git a/readconf.c b/readconf.c
-index f78b4d6f..747287f7 100644
---- a/readconf.c
-+++ b/readconf.c
-@@ -162,6 +162,7 @@ typedef enum {
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -203,9 +204,11 @@ static struct {
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "pkcs11provider", oPKCS11Provider },
-@@ -992,6 +995,10 @@ parse_time:
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -1864,6 +1871,7 @@ initialize_options(Options * options)
- options->challenge_response_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -2011,6 +2019,8 @@ fill_default_options(Options * options)
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
-diff --git a/readconf.h b/readconf.h
-index 8e36bf32..c9e4718d 100644
---- a/readconf.h
-+++ b/readconf.h
-@@ -41,6 +41,7 @@ typedef struct {
- /* Try S/Key or TIS, authentication. */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-diff --git a/ssh_config.5 b/ssh_config.5
-index 02a87892..95de538b 100644
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -762,6 +762,16 @@ The default is
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
-diff --git a/sshconnect2.c b/sshconnect2.c
-index 87fa70a4..a6ffdc96 100644
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -697,6 +697,13 @@ userauth_gssapi(struct ssh *ssh)
- OM_uint32 min;
- int r, ok = 0;
- gss_OID mech = NULL;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(ssh, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -711,7 +718,7 @@ userauth_gssapi(struct ssh *ssh)
- elements[authctxt->mech_tried];
- /* My DER encoding requires length<128 */
- if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
-- mech, authctxt->host)) {
-+ mech, gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- authctxt->mech_tried++;
diff --git a/net-misc/openssh/files/openssh-8.1_p1-X509-12.3-tests.patch b/net-misc/openssh/files/openssh-8.1_p1-X509-12.3-tests.patch
deleted file mode 100644
index 67a93fe2a..000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-X509-12.3-tests.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/openbsd-compat/regress/Makefile.in 2019-06-17 10:59:01.210601434 -0700
-+++ b/openbsd-compat/regress/Makefile.in 2019-06-17 10:59:18.753485852 -0700
-@@ -7,7 +7,7 @@
- CC=@CC@
- LD=@LD@
- CFLAGS=@CFLAGS@
--CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
-+CPPFLAGS=-I. -I.. -I../.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
- EXEEXT=@EXEEXT@
- LIBCOMPAT=../libopenbsd-compat.a
- LIBS=@LIBS@
diff --git a/net-misc/openssh/files/openssh-8.1_p1-X509-glue-12.3.patch b/net-misc/openssh/files/openssh-8.1_p1-X509-glue-12.3.patch
deleted file mode 100644
index 48cce7979..000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-X509-glue-12.3.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Only in b: .openssh-8.1p1+x509-12.3.diff.un~
-diff -ur a/openssh-8.1p1+x509-12.3.diff b/openssh-8.1p1+x509-12.3.diff
---- a/openssh-8.1p1+x509-12.3.diff 2019-10-14 11:33:45.796485604 -0700
-+++ b/openssh-8.1p1+x509-12.3.diff 2019-10-14 11:39:44.960312587 -0700
-@@ -35343,12 +35343,11 @@
-
- install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
- install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf
--@@ -339,6 +360,8 @@
-+@@ -339,6 +360,7 @@
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)5
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8
- $(MKDIR_P) $(DESTDIR)$(libexecdir)
- + $(MKDIR_P) $(DESTDIR)$(sshcadir)
--+ $(MKDIR_P) $(DESTDIR)$(piddir)
- $(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH)
- $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT)
- $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT)
-@@ -83536,16 +83535,6 @@
- + return mbtowc(NULL, s, n);
- +}
- +#endif
--diff -ruN openssh-8.1p1/version.h openssh-8.1p1+x509-12.3/version.h
----- openssh-8.1p1/version.h 2019-10-09 03:31:03.000000000 +0300
--+++ openssh-8.1p1+x509-12.3/version.h 2019-10-13 09:07:00.000000000 +0300
--@@ -2,5 +2,4 @@
--
-- #define SSH_VERSION "OpenSSH_8.1"
--
---#define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1"
- diff -ruN openssh-8.1p1/version.m4 openssh-8.1p1+x509-12.3/version.m4
- --- openssh-8.1p1/version.m4 1970-01-01 02:00:00.000000000 +0200
- +++ openssh-8.1p1+x509-12.3/version.m4 2019-10-13 09:07:00.000000000 +0300
diff --git a/net-misc/openssh/files/openssh-8.1_p1-hpn-14.20-glue.patch b/net-misc/openssh/files/openssh-8.1_p1-hpn-14.20-glue.patch
deleted file mode 100644
index 90fa248fc..000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-hpn-14.20-glue.patch
+++ /dev/null
@@ -1,105 +0,0 @@
-diff -ur a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff
---- a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-04 14:55:30.408567718 -0800
-+++ b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-04 15:16:14.646567224 -0800
-@@ -409,18 +409,10 @@
- index 817da43b..b2bcf78f 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -925,6 +925,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -925,6 +925,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
- return 0;
- }
-
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+ rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
- #define MAX_PACKETS (1U<<31)
- static int
- ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -951,6 +969,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- return 0;
--
--+ /* used to force rekeying when called for by the none
--+ * cipher switch methods -cjr */
--+ if (rekey_requested == 1) {
--+ rekey_requested = 0;
--+ return 1;
--+ }
--+
-- /* Time-based rekeying */
-- if (state->rekey_interval != 0 &&
-- (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 8ccfd2e0..1ad9bc06 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
- /* Format of the configuration file:
-
- @@ -167,6 +168,8 @@ typedef enum {
-- oHashKnownHosts,
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -615,9 +593,9 @@
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
- @@ -112,7 +116,10 @@ typedef struct {
--
- int enable_ssh_keysign;
- int64_t rekey_limit;
-+ int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -700,9 +678,9 @@
- + options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT;
- + }
- +
-+ if (options->disable_multithreaded == -1)
-+ options->disable_multithreaded = 0;
- if (options->ip_qos_interactive == -1)
-- options->ip_qos_interactive = IPTOS_DSCP_AF21;
-- if (options->ip_qos_bulk == -1)
- @@ -486,6 +532,8 @@ typedef enum {
- sPasswordAuthentication, sKbdInteractiveAuthentication,
- sListenAddress, sAddressFamily,
-@@ -1079,11 +1057,11 @@
- xxx_host = host;
- xxx_hostaddr = hostaddr;
-
--@@ -422,6 +433,28 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
-+@@ -422,7 +433,28 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
-
- if (!authctxt.success)
- fatal("Authentication failed.");
--+
-+
- + /*
- + * If the user wants to use the none cipher, do it post authentication
- + * and only if the right conditions are met -- both of the NONE commands
-@@ -1105,9 +1083,9 @@
- + }
- + }
- +
-- debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
--
-+ #ifdef WITH_OPENSSL
-+ if (options.disable_multithreaded == 0) {
-+ /* if we are using aes-ctr there can be issues in either a fork or sandbox
- diff --git a/sshd.c b/sshd.c
- index 11571c01..23a06022 100644
- --- a/sshd.c
diff --git a/net-misc/openssh/files/openssh-8.1_p1-hpn-14.20-sctp-glue.patch b/net-misc/openssh/files/openssh-8.1_p1-hpn-14.20-sctp-glue.patch
deleted file mode 100644
index 3f5c7a47d..000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-hpn-14.20-sctp-glue.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-diff -ur a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff
---- a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-04 14:55:30.408567718 -0800
-+++ b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-04 16:36:51.394069720 -0800
-@@ -1191,15 +1191,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index 6b3fadf8..ec1d2e27 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,6 @@
-- #define SSH_VERSION "OpenSSH_8.1"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v20"
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
diff --git a/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch b/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
deleted file mode 100644
index 0ad814f95..000000000
--- a/net-misc/openssh/files/openssh-8.1_p1-hpn-glue.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-Only in b: .openssh-7_8_P1-hpn-AES-CTR-14.16.diff.un~
-Only in b: .openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff.un~
-diff -ru a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff
---- a/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2019-10-10 13:48:31.513603947 -0700
-+++ b/openssh-7_8_P1-hpn-AES-CTR-14.16.diff 2019-10-10 13:50:15.012495676 -0700
-@@ -17,8 +17,8 @@
- canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
- - cipher-ctr.o cleanup.o \
- + cipher-ctr.o cleanup.o cipher-ctr-mt.o \
-- compat.o crc32.o fatal.o hostfile.o \
-- log.o match.o moduli.o nchan.o packet.o opacket.o \
-+ compat.o fatal.o hostfile.o \
-+ log.o match.o moduli.o nchan.o packet.o \
- readpass.o ttymodes.o xmalloc.o addrmatch.o \
- diff --git a/cipher-ctr-mt.c b/cipher-ctr-mt.c
- new file mode 100644
-@@ -998,7 +998,7 @@
- + * so we repoint the define to the multithreaded evp. To start the threads we
- + * then force a rekey
- + */
--+ const void *cc = ssh_packet_get_send_context(active_state);
-++ const void *cc = ssh_packet_get_send_context(ssh);
- +
- + /* only do this for the ctr cipher. otherwise gcm mode breaks. Don't know why though */
- + if (strstr(cipher_ctx_name(cc), "ctr")) {
-@@ -1028,7 +1028,7 @@
- + * so we repoint the define to the multithreaded evp. To start the threads we
- + * then force a rekey
- + */
--+ const void *cc = ssh_packet_get_send_context(active_state);
-++ const void *cc = ssh_packet_get_send_context(ssh);
- +
- + /* only rekey if necessary. If we don't do this gcm mode cipher breaks */
- + if (strstr(cipher_ctx_name(cc), "ctr")) {
-diff -ru a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff
---- a/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-10-10 13:47:54.801642144 -0700
-+++ b/openssh-7_8_P1-hpn-DynWinNoneSwitch-14.16.diff 2019-10-10 15:58:05.085803333 -0700
-@@ -162,24 +162,24 @@
- }
-
- +static int
--+channel_tcpwinsz(void)
-++channel_tcpwinsz(struct ssh *ssh)
- +{
- + u_int32_t tcpwinsz = 0;
- + socklen_t optsz = sizeof(tcpwinsz);
- + int ret = -1;
- +
- + /* if we aren't on a socket return 128KB */
--+ if (!packet_connection_is_on_socket())
-++ if (!ssh_packet_connection_is_on_socket(ssh))
- + return 128 * 1024;
- +
--+ ret = getsockopt(packet_get_connection_in(),
-++ ret = getsockopt(ssh_packet_get_connection_in(ssh),
- + SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz);
- + /* return no more than SSHBUF_SIZE_MAX (currently 256MB) */
- + if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX)
- + tcpwinsz = SSHBUF_SIZE_MAX;
- +
- + debug2("tcpwinsz: tcp connection %d, Receive window: %d",
--+ packet_get_connection_in(), tcpwinsz);
-++ ssh_packet_get_connection_in(ssh), tcpwinsz);
- + return tcpwinsz;
- +}
- +
-@@ -191,7 +191,7 @@
- c->local_window < c->local_window_max/2) &&
- c->local_consumed > 0) {
- + u_int addition = 0;
--+ u_int32_t tcpwinsz = channel_tcpwinsz();
-++ u_int32_t tcpwinsz = channel_tcpwinsz(ssh);
- + /* adjust max window size if we are in a dynamic environment */
- + if (c->dynamic_window && (tcpwinsz > c->local_window_max)) {
- + /* grow the window somewhat aggressively to maintain pressure */
-@@ -409,18 +409,10 @@
- index dcf35e6..da4ced0 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -920,6 +920,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -920,6 +920,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
- return 0;
- }
-
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+ rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
- #define MAX_PACKETS (1U<<31)
- static int
- ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -946,6 +964,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- return 0;
--
--+ /* used to force rekeying when called for by the none
--+ * cipher switch methods -cjr */
--+ if (rekey_requested == 1) {
--+ rekey_requested = 0;
--+ return 1;
--+ }
--+
-- /* Time-based rekeying */
-- if (state->rekey_interval != 0 &&
-- (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 170203c..f4d9df2 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
- /* Format of the configuration file:
-
- @@ -166,6 +167,8 @@ typedef enum {
-- oHashKnownHosts,
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -615,9 +593,9 @@
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
- @@ -111,7 +115,10 @@ typedef struct {
--
- int enable_ssh_keysign;
- int64_t rekey_limit;
-+ int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -633,7 +611,7 @@
- off_t i, statbytes;
- size_t amt, nr;
- int fd = -1, haderr, indx;
--- char *last, *name, buf[2048], encname[PATH_MAX];
-+- char *last, *name, buf[PATH_MAX + 128], encname[PATH_MAX];
- + char *last, *name, buf[16384], encname[PATH_MAX];
- int len;
-
-@@ -673,9 +651,9 @@
- /* Portable-specific options */
- if (options->use_pam == -1)
- @@ -391,6 +400,43 @@ fill_default_server_options(ServerOptions *options)
-- }
-- if (options->permit_tun == -1)
- options->permit_tun = SSH_TUNMODE_NO;
-+ if (options->disable_multithreaded == -1)
-+ options->disable_multithreaded = 0;
- + if (options->none_enabled == -1)
- + options->none_enabled = 0;
- + if (options->hpn_disabled == -1)
-@@ -1092,7 +1070,7 @@
- xxx_host = host;
- xxx_hostaddr = hostaddr;
-
--@@ -412,6 +423,28 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-+@@ -412,6 +423,27 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
-
- if (!authctxt.success)
- fatal("Authentication failed.");
-@@ -1108,7 +1086,7 @@
- + memcpy(&myproposal, &myproposal_default, sizeof(myproposal));
- + myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
- + myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
--+ kex_prop2buf(active_state->kex->my, myproposal);
-++ kex_prop2buf(ssh->kex->my, myproposal);
- + packet_request_rekeying();
- + fprintf(stderr, "WARNING: ENABLED NONE CIPHER\n");
- + } else {
-@@ -1117,23 +1095,13 @@
- + fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
- + }
- + }
--+
-- debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
-
-+ #ifdef WITH_OPENSSL
-+ if (options.disable_multithreaded == 0) {
- diff --git a/sshd.c b/sshd.c
- index a738c3a..b32dbe0 100644
- --- a/sshd.c
- +++ b/sshd.c
--@@ -373,7 +373,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-- char remote_version[256]; /* Must be at least as big as buf. */
--
-- xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
--+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-- *options.version_addendum == '\0' ? "" : " ",
-- options.version_addendum);
--
- @@ -1037,6 +1037,8 @@ listen_on_addrs(struct listenaddr *la)
- int ret, listen_sock;
- struct addrinfo *ai;
-@@ -1217,11 +1185,10 @@
- index f1bbf00..21a70c2 100644
- --- a/version.h
- +++ b/version.h
--@@ -3,4 +3,6 @@
-+@@ -3,4 +3,5 @@
- #define SSH_VERSION "OpenSSH_7.8"
-
- #define SSH_PORTABLE "p1"
- -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v16"
- +#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
- +
diff --git a/net-misc/openssh/files/openssh-8.2_p1-GSSAPI-dns.patch b/net-misc/openssh/files/openssh-8.2_p1-GSSAPI-dns.patch
deleted file mode 100644
index d4db77b98..000000000
--- a/net-misc/openssh/files/openssh-8.2_p1-GSSAPI-dns.patch
+++ /dev/null
@@ -1,359 +0,0 @@
-diff --git a/auth.c b/auth.c
-index 086b8ebb..a267353c 100644
---- a/auth.c
-+++ b/auth.c
-@@ -724,120 +724,6 @@ fakepw(void)
- return (&fake);
- }
-
--/*
-- * Returns the remote DNS hostname as a string. The returned string must not
-- * be freed. NB. this will usually trigger a DNS query the first time it is
-- * called.
-- * This function does additional checks on the hostname to mitigate some
-- * attacks on legacy rhosts-style authentication.
-- * XXX is RhostsRSAAuthentication vulnerable to these?
-- * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-- */
--
--static char *
--remote_hostname(struct ssh *ssh)
--{
-- struct sockaddr_storage from;
-- socklen_t fromlen;
-- struct addrinfo hints, *ai, *aitop;
-- char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-- const char *ntop = ssh_remote_ipaddr(ssh);
--
-- /* Get IP address of client. */
-- fromlen = sizeof(from);
-- memset(&from, 0, sizeof(from));
-- if (getpeername(ssh_packet_get_connection_in(ssh),
-- (struct sockaddr *)&from, &fromlen) == -1) {
-- debug("getpeername failed: %.100s", strerror(errno));
-- return xstrdup(ntop);
-- }
--
-- ipv64_normalise_mapped(&from, &fromlen);
-- if (from.ss_family == AF_INET6)
-- fromlen = sizeof(struct sockaddr_in6);
--
-- debug3("Trying to reverse map address %.100s.", ntop);
-- /* Map the IP address to a host name. */
-- if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-- NULL, 0, NI_NAMEREQD) != 0) {
-- /* Host name not found. Use ip address. */
-- return xstrdup(ntop);
-- }
--
-- /*
-- * if reverse lookup result looks like a numeric hostname,
-- * someone is trying to trick us by PTR record like following:
-- * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-- hints.ai_flags = AI_NUMERICHOST;
-- if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-- logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-- name, ntop);
-- freeaddrinfo(ai);
-- return xstrdup(ntop);
-- }
--
-- /* Names are stored in lowercase. */
-- lowercase(name);
--
-- /*
-- * Map it back to an IP address and check that the given
-- * address actually is an address of this host. This is
-- * necessary because anyone with access to a name server can
-- * define arbitrary names for an IP address. Mapping from
-- * name to IP address can be trusted better (but can still be
-- * fooled if the intruder has access to the name server of
-- * the domain).
-- */
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = from.ss_family;
-- hints.ai_socktype = SOCK_STREAM;
-- if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-- logit("reverse mapping checking getaddrinfo for %.700s "
-- "[%s] failed.", name, ntop);
-- return xstrdup(ntop);
-- }
-- /* Look for the address from the list of addresses. */
-- for (ai = aitop; ai; ai = ai->ai_next) {
-- if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-- sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-- (strcmp(ntop, ntop2) == 0))
-- break;
-- }
-- freeaddrinfo(aitop);
-- /* If we reached the end of the list, the address was not there. */
-- if (ai == NULL) {
-- /* Address not found for the host name. */
-- logit("Address %.100s maps to %.600s, but this does not "
-- "map back to the address.", ntop, name);
-- return xstrdup(ntop);
-- }
-- return xstrdup(name);
--}
--
--/*
-- * Return the canonical name of the host in the other side of the current
-- * connection. The host name is cached, so it is efficient to call this
-- * several times.
-- */
--
--const char *
--auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
--{
-- static char *dnsname;
--
-- if (!use_dns)
-- return ssh_remote_ipaddr(ssh);
-- else if (dnsname != NULL)
-- return dnsname;
-- else {
-- dnsname = remote_hostname(ssh);
-- return dnsname;
-- }
--}
--
- /*
- * Runs command in a subprocess with a minimal environment.
- * Returns pid on success, 0 on failure.
-diff --git a/canohost.c b/canohost.c
-index abea9c6e..4f4524d2 100644
---- a/canohost.c
-+++ b/canohost.c
-@@ -202,3 +202,117 @@ get_local_port(int sock)
- {
- return get_sock_port(sock, 1);
- }
-+
-+/*
-+ * Returns the remote DNS hostname as a string. The returned string must not
-+ * be freed. NB. this will usually trigger a DNS query the first time it is
-+ * called.
-+ * This function does additional checks on the hostname to mitigate some
-+ * attacks on legacy rhosts-style authentication.
-+ * XXX is RhostsRSAAuthentication vulnerable to these?
-+ * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?)
-+ */
-+
-+static char *
-+remote_hostname(struct ssh *ssh)
-+{
-+ struct sockaddr_storage from;
-+ socklen_t fromlen;
-+ struct addrinfo hints, *ai, *aitop;
-+ char name[NI_MAXHOST], ntop2[NI_MAXHOST];
-+ const char *ntop = ssh_remote_ipaddr(ssh);
-+
-+ /* Get IP address of client. */
-+ fromlen = sizeof(from);
-+ memset(&from, 0, sizeof(from));
-+ if (getpeername(ssh_packet_get_connection_in(ssh),
-+ (struct sockaddr *)&from, &fromlen) < 0) {
-+ debug("getpeername failed: %.100s", strerror(errno));
-+ return strdup(ntop);
-+ }
-+
-+ ipv64_normalise_mapped(&from, &fromlen);
-+ if (from.ss_family == AF_INET6)
-+ fromlen = sizeof(struct sockaddr_in6);
-+
-+ debug3("Trying to reverse map address %.100s.", ntop);
-+ /* Map the IP address to a host name. */
-+ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-+ NULL, 0, NI_NAMEREQD) != 0) {
-+ /* Host name not found. Use ip address. */
-+ return strdup(ntop);
-+ }
-+
-+ /*
-+ * if reverse lookup result looks like a numeric hostname,
-+ * someone is trying to trick us by PTR record like following:
-+ * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-+ hints.ai_flags = AI_NUMERICHOST;
-+ if (getaddrinfo(name, NULL, &hints, &ai) == 0) {
-+ logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
-+ name, ntop);
-+ freeaddrinfo(ai);
-+ return strdup(ntop);
-+ }
-+
-+ /* Names are stored in lowercase. */
-+ lowercase(name);
-+
-+ /*
-+ * Map it back to an IP address and check that the given
-+ * address actually is an address of this host. This is
-+ * necessary because anyone with access to a name server can
-+ * define arbitrary names for an IP address. Mapping from
-+ * name to IP address can be trusted better (but can still be
-+ * fooled if the intruder has access to the name server of
-+ * the domain).
-+ */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = from.ss_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
-+ logit("reverse mapping checking getaddrinfo for %.700s "
-+ "[%s] failed.", name, ntop);
-+ return strdup(ntop);
-+ }
-+ /* Look for the address from the list of addresses. */
-+ for (ai = aitop; ai; ai = ai->ai_next) {
-+ if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2,
-+ sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 &&
-+ (strcmp(ntop, ntop2) == 0))
-+ break;
-+ }
-+ freeaddrinfo(aitop);
-+ /* If we reached the end of the list, the address was not there. */
-+ if (ai == NULL) {
-+ /* Address not found for the host name. */
-+ logit("Address %.100s maps to %.600s, but this does not "
-+ "map back to the address.", ntop, name);
-+ return strdup(ntop);
-+ }
-+ return strdup(name);
-+}
-+
-+/*
-+ * Return the canonical name of the host in the other side of the current
-+ * connection. The host name is cached, so it is efficient to call this
-+ * several times.
-+ */
-+
-+const char *
-+auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
-+{
-+ static char *dnsname;
-+
-+ if (!use_dns)
-+ return ssh_remote_ipaddr(ssh);
-+ else if (dnsname != NULL)
-+ return dnsname;
-+ else {
-+ dnsname = remote_hostname(ssh);
-+ return dnsname;
-+ }
-+}
-diff --git a/readconf.c b/readconf.c
-index f3cac6b3..adfd7a4e 100644
---- a/readconf.c
-+++ b/readconf.c
-@@ -160,6 +160,7 @@ typedef enum {
- oClearAllForwardings, oNoHostAuthenticationForLocalhost,
- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
- oAddressFamily, oGssAuthentication, oGssDelegateCreds,
-+ oGssTrustDns,
- oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
- oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
- oHashKnownHosts,
-@@ -205,9 +206,11 @@ static struct {
- #if defined(GSSAPI)
- { "gssapiauthentication", oGssAuthentication },
- { "gssapidelegatecredentials", oGssDelegateCreds },
-+ { "gssapitrustdns", oGssTrustDns },
- # else
- { "gssapiauthentication", oUnsupported },
- { "gssapidelegatecredentials", oUnsupported },
-+ { "gssapitrustdns", oUnsupported },
- #endif
- #ifdef ENABLE_PKCS11
- { "pkcs11provider", oPKCS11Provider },
-@@ -1033,6 +1036,10 @@ parse_time:
- intptr = &options->gss_deleg_creds;
- goto parse_flag;
-
-+ case oGssTrustDns:
-+ intptr = &options->gss_trust_dns;
-+ goto parse_flag;
-+
- case oBatchMode:
- intptr = &options->batch_mode;
- goto parse_flag;
-@@ -1912,6 +1919,7 @@ initialize_options(Options * options)
- options->challenge_response_authentication = -1;
- options->gss_authentication = -1;
- options->gss_deleg_creds = -1;
-+ options->gss_trust_dns = -1;
- options->password_authentication = -1;
- options->kbd_interactive_authentication = -1;
- options->kbd_interactive_devices = NULL;
-@@ -2061,6 +2069,8 @@ fill_default_options(Options * options)
- options->gss_authentication = 0;
- if (options->gss_deleg_creds == -1)
- options->gss_deleg_creds = 0;
-+ if (options->gss_trust_dns == -1)
-+ options->gss_trust_dns = 0;
- if (options->password_authentication == -1)
- options->password_authentication = 1;
- if (options->kbd_interactive_authentication == -1)
-diff --git a/readconf.h b/readconf.h
-index feedb3d2..c7139c1b 100644
---- a/readconf.h
-+++ b/readconf.h
-@@ -42,6 +42,7 @@ typedef struct {
- /* Try S/Key or TIS, authentication. */
- int gss_authentication; /* Try GSS authentication */
- int gss_deleg_creds; /* Delegate GSS credentials */
-+ int gss_trust_dns; /* Trust DNS for GSS canonicalization */
- int password_authentication; /* Try password
- * authentication. */
- int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
-diff --git a/ssh_config.5 b/ssh_config.5
-index 06a32d31..6871ff36 100644
---- a/ssh_config.5
-+++ b/ssh_config.5
-@@ -770,6 +770,16 @@ The default is
- Forward (delegate) credentials to the server.
- The default is
- .Cm no .
-+Note that this option applies to protocol version 2 connections using GSSAPI.
-+.It Cm GSSAPITrustDns
-+Set to
-+.Dq yes to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If
-+.Dq no, the hostname entered on the
-+command line will be passed untouched to the GSSAPI library.
-+The default is
-+.Dq no .
-+This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
- .Xr ssh 1
-diff --git a/sshconnect2.c b/sshconnect2.c
-index af00fb30..652463c5 100644
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -716,6 +716,13 @@ userauth_gssapi(struct ssh *ssh)
- OM_uint32 min;
- int r, ok = 0;
- gss_OID mech = NULL;
-+ const char *gss_host;
-+
-+ if (options.gss_trust_dns) {
-+ extern const char *auth_get_canonical_hostname(struct ssh *ssh, int use_dns);
-+ gss_host = auth_get_canonical_hostname(ssh, 1);
-+ } else
-+ gss_host = authctxt->host;
-
- /* Try one GSSAPI method at a time, rather than sending them all at
- * once. */
-@@ -730,7 +737,7 @@ userauth_gssapi(struct ssh *ssh)
- elements[authctxt->mech_tried];
- /* My DER encoding requires length<128 */
- if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
-- mech, authctxt->host)) {
-+ mech, gss_host)) {
- ok = 1; /* Mechanism works */
- } else {
- authctxt->mech_tried++;
diff --git a/net-misc/openssh/files/openssh-8.2_p1-X509-12.4.2-tests.patch b/net-misc/openssh/files/openssh-8.2_p1-X509-12.4.2-tests.patch
deleted file mode 100644
index 1c58d0d5d..000000000
--- a/net-misc/openssh/files/openssh-8.2_p1-X509-12.4.2-tests.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/openbsd-compat/regress/Makefile.in 2020-02-15 10:59:01.210601434 -0700
-+++ b/openbsd-compat/regress/Makefile.in 2020-02-15 10:59:18.753485852 -0700
-@@ -7,7 +7,7 @@
- CC=@CC@
- LD=@LD@
- CFLAGS=@CFLAGS@
--CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
-+CPPFLAGS=-I. -I.. -I../.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
- EXEEXT=@EXEEXT@
- LIBCOMPAT=../libopenbsd-compat.a
- LIBS=@LIBS@
diff --git a/net-misc/openssh/files/openssh-8.2_p1-X509-glue-12.4.2.patch b/net-misc/openssh/files/openssh-8.2_p1-X509-glue-12.4.2.patch
deleted file mode 100644
index 90a5d5a66..000000000
--- a/net-misc/openssh/files/openssh-8.2_p1-X509-glue-12.4.2.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-diff --exclude '*.un~' -ubr a/openssh-8.2p1+x509-12.4.2.diff b/openssh-8.2p1+x509-12.4.2.diff
---- a/openssh-8.2p1+x509-12.4.2.diff 2020-02-23 12:25:17.296737805 -0800
-+++ b/openssh-8.2p1+x509-12.4.2.diff 2020-02-23 12:26:25.347779673 -0800
-@@ -39236,16 +39236,15 @@
-
- install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
- install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf
--@@ -378,6 +379,8 @@
-+@@ -378,6 +379,7 @@
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)5
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8
- $(MKDIR_P) $(DESTDIR)$(libexecdir)
- + $(MKDIR_P) $(DESTDIR)$(sshcadir)
--+ $(MKDIR_P) $(DESTDIR)$(piddir)
- $(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH)
- $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT)
- $(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT)
--@@ -386,11 +389,14 @@
-+@@ -386,11 +388,14 @@
- $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
- $(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
- $(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
-@@ -39264,7 +39263,7 @@
- $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
- $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
- $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
--@@ -400,12 +406,12 @@
-+@@ -400,12 +405,12 @@
- $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
- $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
- $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
-@@ -39278,7 +39277,7 @@
-
- install-sysconf:
- $(MKDIR_P) $(DESTDIR)$(sysconfdir)
--@@ -463,10 +469,9 @@
-+@@ -463,10 +468,9 @@
- -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
- -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
- -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
-@@ -39292,7 +39291,7 @@
- -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
- -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
- -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
--@@ -478,7 +483,6 @@
-+@@ -478,7 +482,6 @@
- -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
- -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
- -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
-@@ -39300,7 +39299,7 @@
-
- regress-prep:
- $(MKDIR_P) `pwd`/regress/unittests/test_helper
--@@ -491,11 +495,11 @@
-+@@ -491,11 +494,11 @@
- $(MKDIR_P) `pwd`/regress/unittests/match
- $(MKDIR_P) `pwd`/regress/unittests/utf8
- $(MKDIR_P) `pwd`/regress/misc/kexfuzz
-@@ -39314,7 +39313,7 @@
-
- regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS)
- $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \
--@@ -546,8 +550,7 @@
-+@@ -546,8 +549,7 @@
- regress/unittests/sshkey/tests.o \
- regress/unittests/sshkey/common.o \
- regress/unittests/sshkey/test_file.o \
-@@ -39344,7 +39343,7 @@
-
- regress/unittests/hostkeys/test_hostkeys$(EXEEXT): \
- ${UNITTESTS_TEST_HOSTKEYS_OBJS} \
--@@ -618,35 +619,18 @@
-+@@ -618,35 +618,18 @@
- -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
-
- MISC_KEX_FUZZ_OBJS=\
-@@ -39382,7 +39381,7 @@
- regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \
- regress/unittests/sshkey/test_sshkey$(EXEEXT) \
- regress/unittests/bitmap/test_bitmap$(EXEEXT) \
--@@ -657,36 +641,29 @@
-+@@ -657,36 +640,29 @@
- regress/unittests/utf8/test_utf8$(EXEEXT) \
- regress/misc/kexfuzz/kexfuzz$(EXEEXT)
-
-@@ -39439,7 +39438,7 @@
- TEST_SSH_IPV6="@TEST_SSH_IPV6@" ; \
- TEST_SSH_UTF8="@TEST_SSH_UTF8@" ; \
- TEST_SSH_ECC="@TEST_SSH_ECC@" ; \
--@@ -708,8 +685,6 @@
-+@@ -708,8 +684,6 @@
- TEST_SSH_SSHPKCS11HELPER="$${TEST_SSH_SSHPKCS11HELPER}" \
- TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \
- TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \
-@@ -39448,7 +39447,7 @@
- TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \
- TEST_SSH_PLINK="$${TEST_SSH_PLINK}" \
- TEST_SSH_PUTTYGEN="$${TEST_SSH_PUTTYGEN}" \
--@@ -717,17 +692,35 @@
-+@@ -717,17 +691,35 @@
- TEST_SSH_IPV6="$${TEST_SSH_IPV6}" \
- TEST_SSH_UTF8="$${TEST_SSH_UTF8}" \
- TEST_SSH_ECC="$${TEST_SSH_ECC}" \
-@@ -39487,7 +39486,7 @@
-
- survey: survey.sh ssh
- @$(SHELL) ./survey.sh > survey
--@@ -743,4 +736,8 @@
-+@@ -743,4 +735,8 @@
- sh buildpkg.sh; \
- fi
-
-@@ -98042,16 +98041,6 @@
- + return mbtowc(NULL, s, n);
- +}
- +#endif
--diff -ruN openssh-8.2p1/version.h openssh-8.2p1+x509-12.4.2/version.h
----- openssh-8.2p1/version.h 2020-02-14 02:40:54.000000000 +0200
--+++ openssh-8.2p1+x509-12.4.2/version.h 2020-02-23 11:07:00.000000000 +0200
--@@ -2,5 +2,4 @@
--
-- #define SSH_VERSION "OpenSSH_8.2"
--
---#define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_RELEASE PACKAGE_STRING ", " SSH_VERSION "p1"
- diff -ruN openssh-8.2p1/version.m4 openssh-8.2p1+x509-12.4.2/version.m4
- --- openssh-8.2p1/version.m4 1970-01-01 02:00:00.000000000 +0200
- +++ openssh-8.2p1+x509-12.4.2/version.m4 2020-02-23 11:07:00.000000000 +0200
diff --git a/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-X509-glue.patch b/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-X509-glue.patch
deleted file mode 100644
index 5af4534ce..000000000
--- a/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-X509-glue.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-diff -ur '--exclude=*.un~' a/openssh-8_1_P1-hpn-AES-CTR-14.20.diff b/openssh-8_1_P1-hpn-AES-CTR-14.20.diff
---- a/openssh-8_1_P1-hpn-AES-CTR-14.20.diff 2020-02-15 13:41:56.143193830 -0800
-+++ b/openssh-8_1_P1-hpn-AES-CTR-14.20.diff 2020-02-15 13:46:40.060133610 -0800
-@@ -3,9 +3,9 @@
- --- a/Makefile.in
- +++ b/Makefile.in
- @@ -42,7 +42,7 @@ CC=@CC@
-- CFLAGS_NOPIE=@CFLAGS_NOPIE@
-- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
-- PICFLAG=@PICFLAG@
-+ LD=@LD@
-+ CFLAGS=@CFLAGS@ $(CFLAGS_EXTRA)
-+ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@
- -LIBS=@LIBS@
- +LIBS=@LIBS@ -lpthread
- K5LIBS=@K5LIBS@
-@@ -803,8 +803,8 @@
- ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out)
- {
- struct session_state *state;
--- const struct sshcipher *none = cipher_by_name("none");
--+ struct sshcipher *none = cipher_by_name("none");
-+- const struct sshcipher *none = cipher_none();
-++ struct sshcipher *none = cipher_none();
- int r;
-
- if (none == NULL) {
-@@ -902,14 +902,14 @@
-
- /*
- @@ -2118,6 +2125,8 @@ fill_default_options(Options * options)
-- options->canonicalize_hostname = SSH_CANONICALISE_NO;
-- if (options->fingerprint_hash == -1)
- options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
-+ if (options->update_hostkeys == -1)
-+ options->update_hostkeys = 0;
- + if (options->disable_multithreaded == -1)
- + options->disable_multithreaded = 0;
-- #ifdef ENABLE_SK_INTERNAL
- if (options->sk_provider == NULL)
-- options->sk_provider = xstrdup("internal");
-+ options->sk_provider = xstrdup("$SSH_SK_PROVIDER");
-+
- diff --git a/readconf.h b/readconf.h
- index 8e36bf32..c803eca7 100644
- --- a/readconf.h
-@@ -948,9 +948,9 @@
- /* Portable-specific options */
- sUsePAM,
- + sDisableMTAES,
-- /* Standard Options */
-- sPort, sHostKeyFile, sLoginGraceTime,
-- sPermitRootLogin, sLogFacility, sLogLevel,
-+ /* X.509 Standard Options */
-+ sHostbasedAlgorithms,
-+ sPubkeyAlgorithms,
- @@ -643,6 +647,7 @@ static struct {
- { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
- { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
-Only in b: openssh-8_1_P1-hpn-AES-CTR-14.20.diff.orig
-diff -ur '--exclude=*.un~' a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff
---- a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-15 13:41:56.144193830 -0800
-+++ b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-15 13:45:36.665147504 -0800
-@@ -382,7 +382,7 @@
- @@ -884,6 +884,10 @@ kex_choose_conf(struct ssh *ssh)
- int nenc, nmac, ncomp;
- u_int mode, ctos, need, dh_need, authlen;
-- int r, first_kex_follows;
-+ int r, first_kex_follows = 0;
- + int auth_flag;
- +
- + auth_flag = packet_authentication_state(ssh);
-@@ -391,8 +391,8 @@
- debug2("local %s KEXINIT proposal", kex->server ? "server" : "client");
- if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0)
- @@ -954,6 +958,14 @@ kex_choose_conf(struct ssh *ssh)
-- peer[ncomp] = NULL;
-- goto out;
-+ else
-+ fatal("Pre-authentication none cipher requests are not allowed.");
- }
- + debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name);
- + if (strcmp(newkeys->enc.name, "none") == 0) {
-@@ -1169,15 +1169,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index 6b3fadf8..ec1d2e27 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,6 @@
-- #define SSH_VERSION "OpenSSH_8.1"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v20"
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
-diff -ur '--exclude=*.un~' a/openssh-8_1_P1-hpn-PeakTput-14.20.diff b/openssh-8_1_P1-hpn-PeakTput-14.20.diff
---- a/openssh-8_1_P1-hpn-PeakTput-14.20.diff 2020-02-15 13:41:43.834196317 -0800
-+++ b/openssh-8_1_P1-hpn-PeakTput-14.20.diff 2020-02-15 13:45:36.665147504 -0800
-@@ -12,9 +12,9 @@
- static long stalled; /* how long we have been stalled */
- static int bytes_per_second; /* current speed in bytes per second */
- @@ -127,6 +129,7 @@ refresh_progress_meter(int force_update)
-+ off_t bytes_left;
- int cur_speed;
-- int hours, minutes, seconds;
-- int file_len;
-+ int len;
- + off_t delta_pos;
-
- if ((!force_update && !alarm_fired && !win_resized) || !can_output())
-@@ -33,12 +33,12 @@
- @@ -166,7 +173,7 @@ refresh_progress_meter(int force_update)
-
- /* filename */
-- buf[0] = '\0';
--- file_len = win_size - 36;
--+ file_len = win_size - 45;
-- if (file_len > 0) {
-- buf[0] = '\r';
-- snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s",
-+ if (win_size > 36) {
-+- int file_len = win_size - 36;
-++ int file_len = win_size - 45;
-+ snmprintf(buf+1, sizeof(buf)-1, &file_len, "%-*s ",
-+ file_len, file);
-+ }
- @@ -191,6 +198,15 @@ refresh_progress_meter(int force_update)
- (off_t)bytes_per_second);
- strlcat(buf, "/s ", win_size);
diff --git a/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-glue.patch b/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-glue.patch
deleted file mode 100644
index b2163fe5a..000000000
--- a/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-glue.patch
+++ /dev/null
@@ -1,151 +0,0 @@
-diff -ur '--exclude=*.un~' a/openssh-8_1_P1-hpn-AES-CTR-14.20.diff b/openssh-8_1_P1-hpn-AES-CTR-14.20.diff
---- a/openssh-8_1_P1-hpn-AES-CTR-14.20.diff 2020-02-15 12:50:44.413776914 -0800
-+++ b/openssh-8_1_P1-hpn-AES-CTR-14.20.diff 2020-02-15 12:53:06.190742744 -0800
-@@ -3,9 +3,9 @@
- --- a/Makefile.in
- +++ b/Makefile.in
- @@ -42,7 +42,7 @@ CC=@CC@
-- LD=@LD@
-- CFLAGS=@CFLAGS@
-+ CFLAGS_NOPIE=@CFLAGS_NOPIE@
- CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
-+ PICFLAG=@PICFLAG@
- -LIBS=@LIBS@
- +LIBS=@LIBS@ -lpthread
- K5LIBS=@K5LIBS@
-@@ -902,14 +902,14 @@
-
- /*
- @@ -2118,6 +2125,8 @@ fill_default_options(Options * options)
-+ options->canonicalize_hostname = SSH_CANONICALISE_NO;
-+ if (options->fingerprint_hash == -1)
- options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
-- if (options->update_hostkeys == -1)
-- options->update_hostkeys = 0;
- + if (options->disable_multithreaded == -1)
- + options->disable_multithreaded = 0;
--
-- /* Expand KEX name lists */
-- all_cipher = cipher_alg_list(',', 0);
-+ #ifdef ENABLE_SK_INTERNAL
-+ if (options->sk_provider == NULL)
-+ options->sk_provider = xstrdup("internal");
- diff --git a/readconf.h b/readconf.h
- index 8e36bf32..c803eca7 100644
- --- a/readconf.h
-@@ -952,9 +952,9 @@
- sPort, sHostKeyFile, sLoginGraceTime,
- sPermitRootLogin, sLogFacility, sLogLevel,
- @@ -643,6 +647,7 @@ static struct {
-- { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
- { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
- { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
-+ { "include", sInclude, SSHCFG_ALL },
- + { "disableMTAES", sDisableMTAES, SSHCFG_ALL },
- { "ipqos", sIPQoS, SSHCFG_ALL },
- { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },
-diff -ur '--exclude=*.un~' a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff
---- a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-15 12:50:44.413776914 -0800
-+++ b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-15 12:51:19.541768656 -0800
-@@ -409,18 +409,10 @@
- index 817da43b..b2bcf78f 100644
- --- a/packet.c
- +++ b/packet.c
--@@ -925,6 +925,24 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
-+@@ -925,6 +925,16 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
- return 0;
- }
-
--+/* this supports the forced rekeying required for the NONE cipher */
--+int rekey_requested = 0;
--+void
--+packet_request_rekeying(void)
--+{
--+ rekey_requested = 1;
--+}
--+
- +/* used to determine if pre or post auth when rekeying for aes-ctr
- + * and none cipher switch */
- +int
-@@ -434,20 +426,6 @@
- #define MAX_PACKETS (1U<<31)
- static int
- ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
--@@ -951,6 +969,13 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
-- if (state->p_send.packets == 0 && state->p_read.packets == 0)
-- return 0;
--
--+ /* used to force rekeying when called for by the none
--+ * cipher switch methods -cjr */
--+ if (rekey_requested == 1) {
--+ rekey_requested = 0;
--+ return 1;
--+ }
--+
-- /* Time-based rekeying */
-- if (state->rekey_interval != 0 &&
-- (int64_t)state->rekey_time + state->rekey_interval <= monotime())
- diff --git a/packet.h b/packet.h
- index 8ccfd2e0..1ad9bc06 100644
- --- a/packet.h
-@@ -476,9 +454,9 @@
- /* Format of the configuration file:
-
- @@ -167,6 +168,8 @@ typedef enum {
-- oHashKnownHosts,
- oTunnel, oTunnelDevice,
- oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-+ oDisableMTAES,
- + oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
- + oNoneEnabled, oNoneSwitch,
- oVisualHostKey,
-@@ -615,9 +593,9 @@
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
- SyslogFacility log_facility; /* Facility for system logging. */
- @@ -112,7 +116,10 @@ typedef struct {
--
- int enable_ssh_keysign;
- int64_t rekey_limit;
-+ int disable_multithreaded; /*disable multithreaded aes-ctr*/
- + int none_switch; /* Use none cipher */
- + int none_enabled; /* Allow none to be used */
- int rekey_interval;
-@@ -700,9 +678,9 @@
- + options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT;
- + }
- +
-+ if (options->disable_multithreaded == -1)
-+ options->disable_multithreaded = 0;
- if (options->ip_qos_interactive == -1)
-- options->ip_qos_interactive = IPTOS_DSCP_AF21;
-- if (options->ip_qos_bulk == -1)
- @@ -486,6 +532,8 @@ typedef enum {
- sPasswordAuthentication, sKbdInteractiveAuthentication,
- sListenAddress, sAddressFamily,
-@@ -1079,11 +1057,11 @@
- xxx_host = host;
- xxx_hostaddr = hostaddr;
-
--@@ -422,6 +433,28 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
-+@@ -422,7 +433,28 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
-
- if (!authctxt.success)
- fatal("Authentication failed.");
--+
-+
- + /*
- + * If the user wants to use the none cipher, do it post authentication
- + * and only if the right conditions are met -- both of the NONE commands
-@@ -1105,9 +1083,9 @@
- + }
- + }
- +
-- debug("Authentication succeeded (%s).", authctxt.method->name);
-- }
--
-+ #ifdef WITH_OPENSSL
-+ if (options.disable_multithreaded == 0) {
-+ /* if we are using aes-ctr there can be issues in either a fork or sandbox
- diff --git a/sshd.c b/sshd.c
- index 11571c01..23a06022 100644
- --- a/sshd.c
diff --git a/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-sctp-glue.patch b/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-sctp-glue.patch
deleted file mode 100644
index 2397aad96..000000000
--- a/net-misc/openssh/files/openssh-8.2_p1-hpn-14.20-sctp-glue.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-diff -ur '--exclude=*.un~' a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff
---- a/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-15 12:10:00.321998279 -0800
-+++ b/openssh-8_1_P1-hpn-DynWinNoneSwitch-14.20.diff 2020-02-15 12:10:21.759980508 -0800
-@@ -1169,15 +1169,3 @@
- # Example of overriding settings on a per-user basis
- #Match User anoncvs
- # X11Forwarding no
--diff --git a/version.h b/version.h
--index 6b3fadf8..ec1d2e27 100644
----- a/version.h
--+++ b/version.h
--@@ -3,4 +3,6 @@
-- #define SSH_VERSION "OpenSSH_8.1"
--
-- #define SSH_PORTABLE "p1"
---#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--+#define SSH_HPN "-hpn14v20"
--+#define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_HPN
--+
diff --git a/net-misc/openssh/files/sshd-r1.confd b/net-misc/openssh/files/sshd-r1.confd
deleted file mode 100644
index cf430371b..000000000
--- a/net-misc/openssh/files/sshd-r1.confd
+++ /dev/null
@@ -1,33 +0,0 @@
-# /etc/conf.d/sshd: config file for /etc/init.d/sshd
-
-# Where is your sshd_config file stored?
-
-SSHD_CONFDIR="${RC_PREFIX%/}/etc/ssh"
-
-
-# Any random options you want to pass to sshd.
-# See the sshd(8) manpage for more info.
-
-SSHD_OPTS=""
-
-
-# Wait one second (length chosen arbitrarily) to see if sshd actually
-# creates a PID file, or if it crashes for some reason like not being
-# able to bind to the address in ListenAddress.
-
-#SSHD_SSD_OPTS="--wait 1000"
-
-
-# Pid file to use (needs to be absolute path).
-
-#SSHD_PIDFILE="${RC_PREFIX%/}/run/sshd.pid"
-
-
-# Path to the sshd binary (needs to be absolute path).
-
-#SSHD_BINARY="${RC_PREFIX%/}/usr/sbin/sshd"
-
-
-# Path to the ssh-keygen binary (needs to be absolute path).
-
-#SSHD_KEYGEN_BINARY="${RC_PREFIX%/}/usr/bin/ssh-keygen"
diff --git a/net-misc/openssh/files/sshd-r1.initd b/net-misc/openssh/files/sshd-r1.initd
deleted file mode 100644
index e91cd0116..000000000
--- a/net-misc/openssh/files/sshd-r1.initd
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="checkconfig"
-extra_started_commands="reload"
-
-: ${SSHD_CONFDIR:=${RC_PREFIX%/}/etc/ssh}
-: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}
-: ${SSHD_PIDFILE:=${RC_PREFIX%/}/run/${SVCNAME}.pid}
-: ${SSHD_BINARY:=${RC_PREFIX%/}/usr/sbin/sshd}
-: ${SSHD_KEYGEN_BINARY:=${RC_PREFIX%/}/usr/bin/ssh-keygen}
-
-command="${SSHD_BINARY}"
-pidfile="${SSHD_PIDFILE}"
-command_args="${SSHD_OPTS} -o PidFile=${pidfile} -f ${SSHD_CONFIG}"
-
-# Wait one second (length chosen arbitrarily) to see if sshd actually
-# creates a PID file, or if it crashes for some reason like not being
-# able to bind to the address in ListenAddress (bug 617596).
-: ${SSHD_SSD_OPTS:=--wait 1000}
-start_stop_daemon_args="${SSHD_SSD_OPTS}"
-
-depend() {
- # Entropy can be used by ssh-keygen, among other things, but
- # is not strictly required (bug 470020).
- use logger dns entropy
- if [ "${rc_need+set}" = "set" ] ; then
- : # Do nothing, the user has explicitly set rc_need
- else
- local x warn_addr
- for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
- case "${x}" in
- 0.0.0.0|0.0.0.0:*) ;;
- ::|\[::\]*) ;;
- *) warn_addr="${warn_addr} ${x}" ;;
- esac
- done
- if [ -n "${warn_addr}" ] ; then
- need net
- ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
- ewarn "You must add rc_need=\"net.FOO\" to your ${RC_PREFIX%/}/etc/conf.d/sshd"
- ewarn "where FOO is the interface(s) providing the following address(es):"
- ewarn "${warn_addr}"
- fi
- fi
-}
-
-checkconfig() {
- checkpath --mode 0755 --directory "${RC_PREFIX%/}/var/empty"
-
- if [ ! -e "${SSHD_CONFIG}" ] ; then
- eerror "You need an ${SSHD_CONFIG} file to run sshd"
- eerror "There is a sample file in /usr/share/doc/openssh"
- return 1
- fi
-
- ${SSHD_KEYGEN_BINARY} -A || return 2
-
- "${command}" -t ${command_args} || return 3
-}
-
-start_pre() {
- # Make sure that the user's config isn't busted before we try
- # to start the daemon (this will produce better error messages
- # than if we just try to start it blindly).
- #
- # We always need to call checkconfig because this function will
- # also generate any missing host key and you can start a
- # non-running service with "restart" argument.
- checkconfig || return $?
-}
-
-stop_pre() {
- # If this is a restart, check to make sure the user's config
- # isn't busted before we stop the running daemon.
- if [ "${RC_CMD}" = "restart" ] ; then
- checkconfig || return $?
- fi
-}
-
-reload() {
- checkconfig || return $?
- ebegin "Reloading ${SVCNAME}"
- start-stop-daemon --signal HUP --pidfile "${pidfile}"
- eend $?
-}
diff --git a/net-misc/openssh/files/sshd.pam_include.2 b/net-misc/openssh/files/sshd.pam_include.2
deleted file mode 100644
index b801aaafa..000000000
--- a/net-misc/openssh/files/sshd.pam_include.2
+++ /dev/null
@@ -1,4 +0,0 @@
-auth include system-remote-login
-account include system-remote-login
-password include system-remote-login
-session include system-remote-login
diff --git a/net-misc/openssh/files/sshd.service b/net-misc/openssh/files/sshd.service
deleted file mode 100644
index b5e96b3a2..000000000
--- a/net-misc/openssh/files/sshd.service
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=OpenSSH server daemon
-After=syslog.target network.target auditd.service
-
-[Service]
-ExecStartPre=/usr/bin/ssh-keygen -A
-ExecStart=/usr/sbin/sshd -D -e
-ExecReload=/bin/kill -HUP $MAINPID
-
-[Install]
-WantedBy=multi-user.target
diff --git a/net-misc/openssh/files/sshd.socket b/net-misc/openssh/files/sshd.socket
deleted file mode 100644
index 94b953318..000000000
--- a/net-misc/openssh/files/sshd.socket
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=OpenSSH Server Socket
-Conflicts=sshd.service
-
-[Socket]
-ListenStream=22
-Accept=yes
-
-[Install]
-WantedBy=sockets.target
diff --git a/net-misc/openssh/files/sshd_at.service b/net-misc/openssh/files/sshd_at.service
deleted file mode 100644
index 2645ad047..000000000
--- a/net-misc/openssh/files/sshd_at.service
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=OpenSSH per-connection server daemon
-After=syslog.target auditd.service
-
-[Service]
-ExecStart=-/usr/sbin/sshd -i -e
-StandardInput=socket
-StandardError=syslog
diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml
deleted file mode 100644
index 6cc1ea784..000000000
--- a/net-misc/openssh/metadata.xml
+++ /dev/null
@@ -1,42 +0,0 @@
-
-
-
-
- base-system@gentoo.org
- Gentoo Base System
-
-
- robbat2@gentoo.org
- LPK issues. Only assign if it's a direct LPK issue. Do not directly assign for anything else.
-
-
-OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that
-increasing numbers of people on the Internet are coming to rely on. Many users of telnet,
-rlogin, ftp, and other such programs might not realize that their password is transmitted
-across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords)
-to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
-Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety
-of authentication methods.
-
-The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which
-replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of
-the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan,
-ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0.
-
-
-
- cpe:/a:openssh:openssh
- hpnssh
-
-
diff --git a/net-misc/openssh/openssh-8.2_p1-r6.ebuild b/net-misc/openssh/openssh-8.2_p1-r6.ebuild
deleted file mode 100644
index 1c76f42fe..000000000
--- a/net-misc/openssh/openssh-8.2_p1-r6.ebuild
+++ /dev/null
@@ -1,494 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit user-info flag-o-matic multilib autotools pam systemd toolchain-funcs
-
-# Make it more portable between straight releases
-# and _p? releases.
-PARCH=${P/_}
-HPN_PV="8.1_P1"
-
-HPN_VER="14.20"
-HPN_PATCHES=(
- ${PN}-${HPN_PV/./_}-hpn-DynWinNoneSwitch-${HPN_VER}.diff
- ${PN}-${HPN_PV/./_}-hpn-AES-CTR-${HPN_VER}.diff
- ${PN}-${HPN_PV/./_}-hpn-PeakTput-${HPN_VER}.diff
-)
-
-SCTP_VER="1.2" SCTP_PATCH="${PARCH}-sctp-${SCTP_VER}.patch.xz"
-X509_VER="12.4.3" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz"
-
-DESCRIPTION="Port of OpenBSD's free SSH release"
-HOMEPAGE="https://www.openssh.com/"
-SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
- ${SCTP_PATCH:+sctp? ( https://dev.gentoo.org/~chutzpah/dist/openssh/${SCTP_PATCH} )}
- ${HPN_VER:+hpn? ( $(printf "mirror://sourceforge/hpnssh/HPN-SSH%%20${HPN_VER/./v}%%20${HPN_PV/_P/p}/%s\n" "${HPN_PATCHES[@]}") )}
- ${X509_PATCH:+X509? ( https://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )}
-"
-S="${WORKDIR}/${PARCH}"
-
-LICENSE="BSD GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-# Probably want to drop ssl defaulting to on in a future version.
-IUSE="abi_mips_n32 audit bindist debug hpn kerberos kernel_linux ldns libedit libressl livecd pam +pie sctp security-key selinux +ssl static test X X509 xmss"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="
- ldns? ( ssl )
- pie? ( !static )
- static? ( !kerberos !pam )
- X509? ( !sctp !security-key ssl !xmss )
- xmss? ( || ( ssl libressl ) )
- test? ( ssl )
-"
-
-LIB_DEPEND="
- audit? ( sys-process/audit[static-libs(+)] )
- ldns? (
- net-libs/ldns[static-libs(+)]
- !bindist? ( net-libs/ldns[ecdsa,ssl(+)] )
- bindist? ( net-libs/ldns[-ecdsa,ssl(+)] )
- )
- libedit? ( dev-libs/libedit:=[static-libs(+)] )
- sctp? ( net-misc/lksctp-tools[static-libs(+)] )
- security-key? ( dev-libs/libfido2:=[static-libs(+)] )
- selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] )
- ssl? (
- !libressl? (
- || (
- (
- >=dev-libs/openssl-1.0.1:0[bindist=]
- =dev-libs/openssl-1.1.0g:0[bindist=]
- )
- dev-libs/openssl:0=[static-libs(+)]
- )
- libressl? ( dev-libs/libressl:0=[static-libs(+)] )
- )
- virtual/libcrypt:=[static-libs(+)]
- >=sys-libs/zlib-1.2.3:=[static-libs(+)]
-"
-RDEPEND="
- acct-group/sshd
- acct-user/sshd
- !static? ( ${LIB_DEPEND//\[static-libs(+)]} )
- pam? ( sys-libs/pam )
- kerberos? ( virtual/krb5 )
-"
-DEPEND="${RDEPEND}
- static? ( ${LIB_DEPEND} )
- virtual/os-headers
-"
-RDEPEND="${RDEPEND}
- pam? ( >=sys-auth/pambase-20081028 )
- userland_GNU? ( !prefix? ( sys-apps/shadow ) )
- X? ( x11-apps/xauth )
-"
-BDEPEND="
- virtual/pkgconfig
- sys-devel/autoconf
-"
-
-pkg_pretend() {
- # this sucks, but i'd rather have people unable to `emerge -u openssh`
- # than not be able to log in to their server any more
- maybe_fail() { [[ -z ${!2} ]] && echo "$1" ; }
- local fail="
- $(use hpn && maybe_fail hpn HPN_VER)
- $(use sctp && maybe_fail sctp SCTP_PATCH)
- $(use X509 && maybe_fail X509 X509_PATCH)
- "
- fail=$(echo ${fail})
- if [[ -n ${fail} ]] ; then
- eerror "Sorry, but this version does not yet support features"
- eerror "that you requested: ${fail}"
- eerror "Please mask ${PF} for now and check back later:"
- eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask"
- die "booooo"
- fi
-
- # Make sure people who are using tcp wrappers are notified of its removal. #531156
- if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then
- ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like"
- ewarn "you're trying to use it. Update your ${EROOT}/etc/hosts.{allow,deny} please."
- fi
-}
-
-src_prepare() {
- sed -i \
- -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \
- pathnames.h || die
-
- # don't break .ssh/authorized_keys2 for fun
- sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die
-
- eapply "${FILESDIR}"/${PN}-7.9_p1-include-stdlib.patch
- eapply "${FILESDIR}"/${PN}-8.2_p1-GSSAPI-dns.patch #165444 integrated into gsskex
- eapply "${FILESDIR}"/${PN}-6.7_p1-openssl-ignore-status.patch
- eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch
- eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch
- eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
-
- [[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches
-
- local PATCHSET_VERSION_MACROS=()
-
- if use X509 ; then
- pushd "${WORKDIR}" &>/dev/null || die
- eapply "${FILESDIR}/${P}-X509-glue-"${X509_VER}".patch"
- popd &>/dev/null || die
-
- eapply "${WORKDIR}"/${X509_PATCH%.*}
- eapply "${FILESDIR}"/${P}-X509-${X509_VER}-tests.patch
-
- # We need to patch package version or any X.509 sshd will reject our ssh client
- # with "userauth_pubkey: could not parse key: string is too large [preauth]"
- # error
- einfo "Patching package version for X.509 patch set ..."
- sed -i \
- -e "s/^AC_INIT(\[OpenSSH\], \[Portable\]/AC_INIT([OpenSSH], [${X509_VER}]/" \
- "${S}"/configure.ac || die "Failed to patch package version for X.509 patch"
-
- einfo "Patching version.h to expose X.509 patch set ..."
- sed -i \
- -e "/^#define SSH_PORTABLE.*/a #define SSH_X509 \"-PKIXSSH-${X509_VER}\"" \
- "${S}"/version.h || die "Failed to sed-in X.509 patch version"
- PATCHSET_VERSION_MACROS+=( 'SSH_X509' )
- fi
-
- if use sctp ; then
- eapply "${WORKDIR}"/${SCTP_PATCH%.*}
-
- einfo "Patching version.h to expose SCTP patch set ..."
- sed -i \
- -e "/^#define SSH_PORTABLE/a #define SSH_SCTP \"-sctp-${SCTP_VER}\"" \
- "${S}"/version.h || die "Failed to sed-in SCTP patch version"
- PATCHSET_VERSION_MACROS+=( 'SSH_SCTP' )
-
- einfo "Disabling know failing test (cfgparse) caused by SCTP patch ..."
- sed -i \
- -e "/\t\tcfgparse \\\/d" \
- "${S}"/regress/Makefile || die "Failed to disable known failing test (cfgparse) caused by SCTP patch"
- fi
-
- if use hpn ; then
- local hpn_patchdir="${T}/${P}-hpn${HPN_VER}"
- mkdir "${hpn_patchdir}" || die
- cp $(printf -- "${DISTDIR}/%s\n" "${HPN_PATCHES[@]}") "${hpn_patchdir}" || die
- pushd "${hpn_patchdir}" &>/dev/null || die
- eapply "${FILESDIR}"/${P}-hpn-${HPN_VER}-glue.patch
- if use X509; then
- # einfo "Will disable MT AES cipher due to incompatbility caused by X509 patch set"
- # # X509 and AES-CTR-MT don't get along, let's just drop it
- # rm openssh-${HPN_PV//./_}-hpn-AES-CTR-${HPN_VER}.diff || die
- eapply "${FILESDIR}"/${P}-hpn-${HPN_VER}-X509-glue.patch
- fi
- use sctp && eapply "${FILESDIR}"/${P}-hpn-${HPN_VER}-sctp-glue.patch
- popd &>/dev/null || die
-
- eapply "${hpn_patchdir}"
-
- use X509 || eapply "${FILESDIR}/openssh-8.0_p1-hpn-version.patch"
-
- einfo "Patching Makefile.in for HPN patch set ..."
- sed -i \
- -e "/^LIBS=/ s/\$/ -lpthread/" \
- "${S}"/Makefile.in || die "Failed to patch Makefile.in"
-
- einfo "Patching version.h to expose HPN patch set ..."
- sed -i \
- -e "/^#define SSH_PORTABLE/a #define SSH_HPN \"-hpn${HPN_VER//./v}\"" \
- "${S}"/version.h || die "Failed to sed-in HPN patch version"
- PATCHSET_VERSION_MACROS+=( 'SSH_HPN' )
-
- if [[ -n "${HPN_DISABLE_MTAES}" ]] ; then
- einfo "Disabling known non-working MT AES cipher per default ..."
-
- cat > "${T}"/disable_mtaes.conf <<- EOF
-
- # HPN's Multi-Threaded AES CTR cipher is currently known to be broken
- # and therefore disabled per default.
- DisableMTAES yes
- EOF
- sed -i \
- -e "/^#HPNDisabled.*/r ${T}/disable_mtaes.conf" \
- "${S}"/sshd_config || die "Failed to disabled MT AES ciphers in sshd_config"
-
- sed -i \
- -e "/AcceptEnv.*_XXX_TEST$/a \\\tDisableMTAES\t\tyes" \
- "${S}"/regress/test-exec.sh || die "Failed to disable MT AES ciphers in test config"
- fi
- fi
-
- if use X509 || use sctp || use hpn ; then
- einfo "Patching sshconnect.c to use SSH_RELEASE in send_client_banner() ..."
- sed -i \
- -e "s/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE/" \
- "${S}"/sshconnect.c || die "Failed to patch send_client_banner() to use SSH_RELEASE (sshconnect.c)"
-
- einfo "Patching sshd.c to use SSH_RELEASE in sshd_exchange_identification() ..."
- sed -i \
- -e "s/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION/PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE/" \
- "${S}"/sshd.c || die "Failed to patch sshd_exchange_identification() to use SSH_RELEASE (sshd.c)"
-
- einfo "Patching version.h to add our patch sets to SSH_RELEASE ..."
- sed -i \
- -e "s/^#define SSH_RELEASE.*/#define SSH_RELEASE SSH_VERSION SSH_PORTABLE ${PATCHSET_VERSION_MACROS[*]}/" \
- "${S}"/version.h || die "Failed to patch SSH_RELEASE (version.h)"
- fi
-
- sed -i \
- -e "/#UseLogin no/d" \
- "${S}"/sshd_config || die "Failed to remove removed UseLogin option (sshd_config)"
-
- eapply_user #473004
-
- tc-export PKG_CONFIG
- local sed_args=(
- -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):"
- # Disable PATH reset, trust what portage gives us #254615
- -e 's:^PATH=/:#PATH=/:'
- # Disable fortify flags ... our gcc does this for us
- -e 's:-D_FORTIFY_SOURCE=2::'
- )
-
- # The -ftrapv flag ICEs on hppa #505182
- use hppa && sed_args+=(
- -e '/CFLAGS/s:-ftrapv:-fdisable-this-test:'
- -e '/OSSH_CHECK_CFLAG_LINK.*-ftrapv/d'
- )
- # _XOPEN_SOURCE causes header conflicts on Solaris
- [[ ${CHOST} == *-solaris* ]] && sed_args+=(
- -e 's/-D_XOPEN_SOURCE//'
- )
- sed -i "${sed_args[@]}" configure{.ac,} || die
-
- eautoreconf
-}
-
-src_configure() {
- addwrite /dev/ptmx
-
- use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG
- use static && append-ldflags -static
- use xmss && append-cflags -DWITH_XMSS
-
- local myconf=(
- --with-ldflags="${LDFLAGS}"
- --disable-strip
- --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run
- --sysconfdir="${EPREFIX}"/etc/ssh
- --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc
- --datadir="${EPREFIX}"/usr/share/openssh
- --with-privsep-path="${EPREFIX}"/var/empty
- --with-privsep-user=sshd
- $(use_with audit audit linux)
- $(use_with kerberos kerberos5 "${EPREFIX}"/usr)
- # We apply the sctp patch conditionally, so can't pass --without-sctp
- # unconditionally else we get unknown flag warnings.
- $(use sctp && use_with sctp)
- $(use_with ldns ldns "${EPREFIX}"/usr)
- $(use_with libedit)
- $(use_with pam)
- $(use_with pie)
- $(use_with selinux)
- $(use_with security-key security-key-builtin)
- $(use_with ssl openssl)
- $(use_with ssl md5-passwords)
- $(use_with ssl ssl-engine)
- $(use_with !elibc_Cygwin hardening) #659210
- )
-
- # stackprotect is broken on musl x86 and ppc
- use elibc_musl && ( use x86 || use ppc ) && myconf+=( --without-stackprotect )
-
- # The seccomp sandbox is broken on x32, so use the older method for now. #553748
- use amd64 && [[ ${ABI} == "x32" ]] && myconf+=( --with-sandbox=rlimit )
-
- econf "${myconf[@]}"
-}
-
-src_test() {
- local t skipped=() failed=() passed=()
- local tests=( interop-tests compat-tests )
-
- local shell=$(egetshell "${UID}")
- if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then
- elog "Running the full OpenSSH testsuite requires a usable shell for the 'portage'"
- elog "user, so we will run a subset only."
- skipped+=( tests )
- else
- tests+=( tests )
- fi
-
- # It will also attempt to write to the homedir .ssh.
- local sshhome=${T}/homedir
- mkdir -p "${sshhome}"/.ssh
- for t in "${tests[@]}" ; do
- # Some tests read from stdin ...
- HOMEDIR="${sshhome}" HOME="${sshhome}" SUDO="" \
- emake -k -j1 ${t} > "${ED}"/etc/ssh/sshd_config
-
- # Allow client to pass locale environment variables. #367017
- AcceptEnv ${locale_vars[*]}
-
- # Allow client to pass COLORTERM to match TERM. #658540
- AcceptEnv COLORTERM
- EOF
-
- # Then the client config.
- cat <<-EOF >> "${ED}"/etc/ssh/ssh_config
-
- # Send locale environment variables. #367017
- SendEnv ${locale_vars[*]}
-
- # Send COLORTERM to match TERM. #658540
- SendEnv COLORTERM
- EOF
-
- if use pam ; then
- sed -i \
- -e "/^#UsePAM /s:.*:UsePAM yes:" \
- -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \
- -e "/^#PrintMotd /s:.*:PrintMotd no:" \
- -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \
- "${ED}"/etc/ssh/sshd_config || die
- fi
-
- if use livecd ; then
- sed -i \
- -e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \
- "${ED}"/etc/ssh/sshd_config || die
- fi
-}
-
-src_install() {
- emake install-nokeys DESTDIR="${D}"
- fperms 600 /etc/ssh/sshd_config
- dobin contrib/ssh-copy-id
- newinitd "${FILESDIR}"/sshd-r1.initd sshd
- newconfd "${FILESDIR}"/sshd-r1.confd sshd
-
- newpamd "${FILESDIR}"/sshd.pam_include.2 sshd
-
- tweak_ssh_configs
-
- doman contrib/ssh-copy-id.1
- dodoc CREDITS OVERVIEW README* TODO sshd_config
- use hpn && dodoc HPN-README
- use X509 || dodoc ChangeLog
-
- diropts -m 0700
- dodir /etc/skel/.ssh
-
- keepdir /var/empty
-
- systemd_dounit "${FILESDIR}"/sshd.{service,socket}
- systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service'
-}
-
-pkg_preinst() {
- if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]"; then
- show_ssl_warning=1
- fi
-}
-
-pkg_postinst() {
- local old_ver
- for old_ver in ${REPLACING_VERSIONS}; do
- if ver_test "${old_ver}" -lt "5.8_p1"; then
- elog "Starting with openssh-5.8p1, the server will default to a newer key"
- elog "algorithm (ECDSA). You are encouraged to manually update your stored"
- elog "keys list as servers update theirs. See ssh-keyscan(1) for more info."
- fi
- if ver_test "${old_ver}" -lt "7.0_p1"; then
- elog "Starting with openssh-6.7, support for USE=tcpd has been dropped by upstream."
- elog "Make sure to update any configs that you might have. Note that xinetd might"
- elog "be an alternative for you as it supports USE=tcpd."
- fi
- if ver_test "${old_ver}" -lt "7.1_p1"; then #557388 #555518
- elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their"
- elog "weak sizes. If you rely on these key types, you can re-enable the key types by"
- elog "adding to your sshd_config or ~/.ssh/config files:"
- elog " PubkeyAcceptedKeyTypes=+ssh-dss"
- elog "You should however generate new keys using rsa or ed25519."
-
- elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'"
- elog "to 'prohibit-password'. That means password auth for root users no longer works"
- elog "out of the box. If you need this, please update your sshd_config explicitly."
- fi
- if ver_test "${old_ver}" -lt "7.6_p1"; then
- elog "Starting with openssh-7.6p1, openssh upstream has removed ssh1 support entirely."
- elog "Furthermore, rsa keys with less than 1024 bits will be refused."
- fi
- if ver_test "${old_ver}" -lt "7.7_p1"; then
- elog "Starting with openssh-7.7p1, we no longer patch openssh to provide LDAP functionality."
- elog "Install sys-auth/ssh-ldap-pubkey and use OpenSSH's \"AuthorizedKeysCommand\" option"
- elog "if you need to authenticate against LDAP."
- elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for more details."
- fi
- if ver_test "${old_ver}" -lt "8.2_p1"; then
- ewarn "After upgrading to openssh-8.2p1 please restart sshd, otherwise you"
- ewarn "will not be able to establish new sessions. Restarting sshd over a ssh"
- ewarn "connection is generally safe."
- fi
- done
-
- if [[ -n ${show_ssl_warning} ]]; then
- elog "Be aware that by disabling openssl support in openssh, the server and clients"
- elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys"
- elog "and update all clients/servers that utilize them."
- fi
-
- if use hpn && [[ -n "${HPN_DISABLE_MTAES}" ]] ; then
- elog ""
- elog "HPN's multi-threaded AES CTR cipher is currently known to be broken"
- elog "and therefore disabled at runtime per default."
- elog "Make sure your sshd_config is up to date and contains"
- elog ""
- elog " DisableMTAES yes"
- elog ""
- elog "Otherwise you maybe unable to connect to this sshd using any AES CTR cipher."
- elog ""
- fi
-
- # Sabayon
- for old_ver in ${REPLACING_VERSIONS}; do
- if ver_test "${old_ver}" -lt "8.2"; then
- if systemctl is-active sshd.service > /dev/null; then
- ewarn
- ewarn "Sabayon modification: restarting sshd"
- ewarn "due to bug https://bugs.gentoo.org/709748"
- systemctl restart sshd.service
- fi
- fi
- done
-}
diff --git a/net-wireless/broadcom-sta/Manifest b/net-wireless/broadcom-sta/Manifest
deleted file mode 100644
index 58d156ff2..000000000
--- a/net-wireless/broadcom-sta/Manifest
+++ /dev/null
@@ -1,3 +0,0 @@
-DIST README-broadcom-sta-6.30.223.271.txt 17216 BLAKE2B af6db6e129911d1589d7d6cb7166bee32ce1ca98a4e5c9b3515a44e48681d8a7a7a6b697419b2bcd9c46f0f4ca1f7ece632b63531b4a4ecd91df4f9dddf043c9 SHA512 672ecc5afcd8535a9f8beb4baea5a40c584b7682844e9ff0e4f66b7406b42118a99dce1fcd580118187fdc506781334b8243082def2b78dce916d90c55ab3663
-DIST hybrid-v35-nodebug-pcoem-6_30_223_271.tar.gz 2869247 BLAKE2B 2e3189c468cec50b1a980452a4b2bd0f9657d9adf6fae2a95a8b1c2d1df2f5f6beb4cb903f72f444eddf823fe4375299864cd62191c9d59c4f77598b5d3aa246 SHA512 0361ba30d97bcb1dedf46c11ef1b9a16f09cde3faa6be87b3ccc28679f34183c2fdf511e7c3b5c26b304f6961da454ccf71844b92bbb2f25aa876249496a2f1b
-DIST hybrid-v35_64-nodebug-pcoem-6_30_223_271.tar.gz 2928541 BLAKE2B e9d01c1a1a63c07f720e3ee53ee3ef634ab12694135300cb0ce47ade0e9e0084967a0b6df64d983e8184240eb3defb128f650bddb7727e901d50315307f3398a SHA512 6855781f7c69a9aecb9461932423688964879d5a4df571f01ae7adaa7bf21a410bef839605d555afb6c8f4eec92fe8510af6cb120930095617ff6cdcccedaf17
diff --git a/net-wireless/broadcom-sta/broadcom-sta-6.30.223.271-r5.ebuild b/net-wireless/broadcom-sta/broadcom-sta-6.30.223.271-r5.ebuild
deleted file mode 100644
index 9cee093d7..000000000
--- a/net-wireless/broadcom-sta/broadcom-sta-6.30.223.271-r5.ebuild
+++ /dev/null
@@ -1,94 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-inherit eutils linux-info linux-mod
-
-DESCRIPTION="Broadcom's IEEE 802.11a/b/g/n hybrid Linux device driver"
-HOMEPAGE="https://www.broadcom.com/support/802.11"
-SRC_BASE="https://docs.broadcom.com/docs-and-downloads/docs/linux_sta/hybrid-v35"
-SRC_URI="x86? ( ${SRC_BASE}-nodebug-pcoem-${PV//\./_}.tar.gz )
- amd64? ( ${SRC_BASE}_64-nodebug-pcoem-${PV//\./_}.tar.gz )
- https://docs.broadcom.com/docs-and-downloads/docs/linux_sta/README_${PV}.txt -> README-${P}.txt"
-
-LICENSE="Broadcom"
-KEYWORDS="-* ~amd64 ~x86"
-
-RESTRICT="mirror"
-
-DEPEND="virtual/linux-sources"
-RDEPEND=""
-
-S="${WORKDIR}"
-
-MODULE_NAMES="wl(net/wireless)"
-MODULESD_WL_ALIASES=("wlan0 wl")
-
-pkg_pretend() {
- ewarn
- ewarn "If you are stuck using this unmaintained driver (likely in a MacBook),"
- ewarn "you may be interested to know that a newer compatible wireless card"
- ewarn "is supported by the in-tree brcmfmac driver. It has a model number "
- ewarn "BCM943602CS and is for sale on the second hand market for less than "
- ewarn "20 USD."
- ewarn
- ewarn "See https://wikidevi.com/wiki/Broadcom_Wireless_Adapters and"
- ewarn " https://wikidevi.com/wiki/Broadcom_BCM943602CS"
- ewarn "for more information."
- ewarn
-}
-
-pkg_setup() {
- # bug #300570
- # NOTE: module builds correctly anyway with b43 and SSB enabled
- # make checks non-fatal. The correct fix is blackisting ssb and, perhaps
- # b43 via udev rules. Moreover, previous fix broke binpkgs support.
- CONFIG_CHECK="~!B43 ~!BCMA ~!SSB"
- CONFIG_CHECK2="LIB80211 ~!MAC80211 ~LIB80211_CRYPT_TKIP"
- ERROR_B43="B43: If you insist on building this, you must blacklist it!"
- ERROR_BCMA="BCMA: If you insist on building this, you must blacklist it!"
- ERROR_SSB="SSB: If you insist on building this, you must blacklist it!"
- ERROR_LIB80211="LIB80211: Please enable it. If you can't find it: enabling the driver for \"Intel PRO/Wireless 2100\" or \"Intel PRO/Wireless 2200BG\" (IPW2100 or IPW2200) should suffice."
- ERROR_MAC80211="MAC80211: If you insist on building this, you must blacklist it!"
- ERROR_PREEMPT_RCU="PREEMPT_RCU: Please do not set the Preemption Model to \"Preemptible Kernel\"; choose something else."
- ERROR_LIB80211_CRYPT_TKIP="LIB80211_CRYPT_TKIP: You will need this for WPA."
- if kernel_is ge 3 8 8; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} CFG80211 ~!PREEMPT_RCU ~!PREEMPT"
- elif kernel_is ge 2 6 32; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} CFG80211"
- elif kernel_is ge 2 6 31; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} WIRELESS_EXT ~!MAC80211"
- elif kernel_is ge 2 6 29; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} WIRELESS_EXT COMPAT_NET_DEV_OPS"
- else
- CONFIG_CHECK="${CONFIG_CHECK} IEEE80211 IEEE80211_CRYPT_TKIP"
- fi
-
- linux-mod_pkg_setup
-
- BUILD_PARAMS="-C ${KV_DIR} M=${S}"
- BUILD_TARGETS="wl.ko"
-}
-
-src_prepare() {
- epatch \
- "${FILESDIR}/${PN}-6.30.223.141-makefile.patch" \
- "${FILESDIR}/${PN}-6.30.223.141-eth-to-wlan.patch" \
- "${FILESDIR}/${PN}-6.30.223.141-gcc.patch" \
- "${FILESDIR}/${PN}-6.30.223.248-r3-Wno-date-time.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r1-linux-3.18.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r2-linux-4.3-v2.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.7.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.8.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.11.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.12.patch" \
- "${FILESDIR}/${PN}-6.30.223.271-r5-linux-4.15.patch"
-
- epatch_user
-}
-
-src_install() {
- linux-mod_src_install
-
- dodoc "${DISTDIR}/README-${P}.txt"
-}
diff --git a/net-wireless/broadcom-sta/broadcom-sta-6.30.223.271-r6.ebuild b/net-wireless/broadcom-sta/broadcom-sta-6.30.223.271-r6.ebuild
deleted file mode 100644
index 15636b4fc..000000000
--- a/net-wireless/broadcom-sta/broadcom-sta-6.30.223.271-r6.ebuild
+++ /dev/null
@@ -1,91 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit eutils linux-info linux-mod
-
-DESCRIPTION="Broadcom's IEEE 802.11a/b/g/n hybrid Linux device driver"
-HOMEPAGE="https://www.broadcom.com/support/802.11"
-SRC_BASE="https://docs.broadcom.com/docs-and-downloads/docs/linux_sta/hybrid-v35"
-SRC_URI="x86? ( ${SRC_BASE}-nodebug-pcoem-${PV//\./_}.tar.gz )
- amd64? ( ${SRC_BASE}_64-nodebug-pcoem-${PV//\./_}.tar.gz )
- https://docs.broadcom.com/docs-and-downloads/docs/linux_sta/README_${PV}.txt -> README-${P}.txt"
-
-LICENSE="Broadcom"
-KEYWORDS="-* ~amd64 ~x86"
-
-RESTRICT="mirror"
-
-DEPEND="virtual/linux-sources"
-RDEPEND=""
-
-S="${WORKDIR}"
-
-MODULE_NAMES="wl(net/wireless)"
-MODULESD_WL_ALIASES=("wlan0 wl")
-
-PATCHES=(
- "${FILESDIR}/${PN}-6.30.223.141-eth-to-wlan.patch"
- "${FILESDIR}/${PN}-6.30.223.141-gcc.patch"
- "${FILESDIR}/${PN}-6.30.223.248-r3-Wno-date-time.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r1-linux-3.18.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r2-linux-4.3-v2.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.7.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.8.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.11.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r4-linux-4.12.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r5-linux-4.15.patch"
- "${FILESDIR}/${PN}-6.30.223.271-r6-linux-5.1.patch"
-)
-
-pkg_pretend() {
- ewarn
- ewarn "If you are stuck using this unmaintained driver (likely in a MacBook),"
- ewarn "you may be interested to know that a newer compatible wireless card"
- ewarn "is supported by the in-tree brcmfmac driver. It has a model number "
- ewarn "BCM943602CS and is for sale on the second hand market for less than "
- ewarn "20 USD."
- ewarn
- ewarn "See https://wikidevi.com/wiki/Broadcom_Wireless_Adapters and"
- ewarn " https://wikidevi.com/wiki/Broadcom_BCM943602CS"
- ewarn "for more information."
- ewarn
-}
-
-pkg_setup() {
- # bug #300570
- # NOTE: module builds correctly anyway with b43 and SSB enabled
- # make checks non-fatal. The correct fix is blackisting ssb and, perhaps
- # b43 via udev rules. Moreover, previous fix broke binpkgs support.
- CONFIG_CHECK="~!B43 ~!BCMA ~!SSB"
- CONFIG_CHECK2="LIB80211 ~!MAC80211 ~LIB80211_CRYPT_TKIP"
- ERROR_B43="B43: If you insist on building this, you must blacklist it!"
- ERROR_BCMA="BCMA: If you insist on building this, you must blacklist it!"
- ERROR_SSB="SSB: If you insist on building this, you must blacklist it!"
- ERROR_LIB80211="LIB80211: Please enable it. If you can't find it: enabling the driver for \"Intel PRO/Wireless 2100\" or \"Intel PRO/Wireless 2200BG\" (IPW2100 or IPW2200) should suffice."
- ERROR_MAC80211="MAC80211: If you insist on building this, you must blacklist it!"
- ERROR_PREEMPT_RCU="PREEMPT_RCU: Please do not set the Preemption Model to \"Preemptible Kernel\"; choose something else."
- ERROR_LIB80211_CRYPT_TKIP="LIB80211_CRYPT_TKIP: You will need this for WPA."
- if kernel_is ge 3 8 8; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} CFG80211 ~!PREEMPT_RCU ~!PREEMPT"
- elif kernel_is ge 2 6 32; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} CFG80211"
- elif kernel_is ge 2 6 31; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} WIRELESS_EXT ~!MAC80211"
- elif kernel_is ge 2 6 29; then
- CONFIG_CHECK="${CONFIG_CHECK} ${CONFIG_CHECK2} WIRELESS_EXT COMPAT_NET_DEV_OPS"
- else
- CONFIG_CHECK="${CONFIG_CHECK} IEEE80211 IEEE80211_CRYPT_TKIP"
- fi
-
- linux-mod_pkg_setup
-
- BUILD_PARAMS="-C ${KV_DIR} M=${S}"
- BUILD_TARGETS="wl.ko"
-}
-
-src_install() {
- linux-mod_src_install
-
- dodoc "${DISTDIR}/README-${P}.txt"
-}
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-eth-to-wlan.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-eth-to-wlan.patch
deleted file mode 100644
index b23914a0b..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-eth-to-wlan.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -urN a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c
---- a/src/wl/sys/wl_linux.c 2013-08-01 09:52:22.000000000 +0300
-+++ b/src/wl/sys/wl_linux.c 2013-09-27 09:20:11.495023471 +0300
-@@ -235,7 +235,7 @@
- #define to_str(s) #s
- #define quote_str(s) to_str(s)
-
--#define BRCM_WLAN_IFNAME eth%d
-+#define BRCM_WLAN_IFNAME wlan%d
-
- static char intf_name[IFNAMSIZ] = quote_str(BRCM_WLAN_IFNAME);
-
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-gcc.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-gcc.patch
deleted file mode 100644
index b5d7e858d..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-gcc.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -urN a/src/wl/sys/wl_iw.h b/src/wl/sys/wl_iw.h
---- a/src/wl/sys/wl_iw.h 2013-08-01 09:52:22.000000000 +0300
-+++ b/src/wl/sys/wl_iw.h 2013-09-27 09:36:07.808067913 +0300
-@@ -21,6 +21,7 @@
- #ifndef _wl_iw_h_
- #define _wl_iw_h_
-
-+#include
- #include
-
- #include
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-makefile.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-makefile.patch
deleted file mode 100644
index 09c495d2a..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.141-makefile.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- Makefile.old 2013-04-28 22:42:59.000000000 +0200
-+++ Makefile 2013-04-28 22:45:53.000000000 +0200
-@@ -128,9 +128,9 @@
-
- EXTRA_LDFLAGS := $(src)/lib/wlc_hybrid.o_shipped
-
--KBASE ?= /lib/modules/`uname -r`
-+KBASE ?= /lib/modules/${KV_FULL}
- KBUILD_DIR ?= $(KBASE)/build
--MDEST_DIR ?= $(KBASE)/kernel/drivers/net/wireless
-+MDEST_DIR ?= ${D}$(KBASE)/kernel/drivers/net/wireless
-
- all:
- KBUILD_NOPEDANTIC=1 make -C $(KBUILD_DIR) M=`pwd`
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.248-r3-Wno-date-time.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.248-r3-Wno-date-time.patch
deleted file mode 100644
index f93e3f1d3..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.248-r3-Wno-date-time.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/Makefile 2014-06-26 10:42:08.000000000 +0000
-+++ b/Makefile 2014-07-17 22:44:01.662297228 +0000
-@@ -126,6 +126,8 @@
- EXTRA_CFLAGS += -I$(src)/src/shared/bcmwifi/include
- #EXTRA_CFLAGS += -DBCMDBG_ASSERT -DBCMDBG_ERR
-
-+EXTRA_CFLAGS += -Wno-date-time
-+
- EXTRA_LDFLAGS := $(src)/lib/wlc_hybrid.o_shipped
-
- KBASE ?= /lib/modules/`uname -r`
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r1-linux-3.18.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r1-linux-3.18.patch
deleted file mode 100644
index 9a0e7136c..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r1-linux-3.18.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/src/wl/sys/wl_linux.c 2014-06-26 12:42:08.000000000 +0200
-+++ b/src/wl/sys/wl_linux.c 2015-01-22 01:44:58.580453805 +0100
-@@ -2157,8 +2159,8 @@
- wlif = WL_DEV_IF(dev);
- wl = WL_INFO(dev);
-
-+ skb->prev = NULL;
- if (WL_ALL_PASSIVE_ENAB(wl) || (WL_RTR() && WL_CONFIG_SMP())) {
-- skb->prev = NULL;
-
- TXQ_LOCK(wl);
-
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r2-linux-4.3-v2.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r2-linux-4.3-v2.patch
deleted file mode 100644
index 588f77ad1..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r2-linux-4.3-v2.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -ruN a/src/shared/linux_osl.c b/src/shared/linux_osl.c
---- a/src/shared/linux_osl.c 2015-11-26 12:16:23.343091098 -0800
-+++ b/src/shared/linux_osl.c 2015-11-26 12:17:08.657092739 -0800
-@@ -932,7 +932,11 @@
- uint cycles;
-
- #if defined(__i386__)
-- rdtscl(cycles);
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
-+ cycles = (u32)rdtsc();
-+#else
-+ rdtscl(cycles);
-+#endif
- #else
- cycles = 0;
- #endif
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.11.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.11.patch
deleted file mode 100644
index a779f8c84..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.11.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-diff --git a/src/wl/sys/wl_cfg80211_hybrid.c b/src/wl/sys/wl_cfg80211_hybrid.c
-index a9671e2..da36405 100644
---- a/src/wl/sys/wl_cfg80211_hybrid.c
-+++ b/src/wl/sys/wl_cfg80211_hybrid.c
-@@ -30,6 +30,9 @@
- #include
- #include
- #include
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
-+#include
-+#endif
- #include
- #include
- #include
-diff --git a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c
-index 489c9f5..f8278ad 100644
---- a/src/wl/sys/wl_linux.c
-+++ b/src/wl/sys/wl_linux.c
-@@ -117,6 +117,9 @@ int wl_found = 0;
-
- typedef struct priv_link {
- wl_if_t *wlif;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
-+ unsigned long last_rx;
-+#endif
- } priv_link_t;
-
- #define WL_DEV_IF(dev) ((wl_if_t*)((priv_link_t*)DEV_PRIV(dev))->wlif)
-@@ -2450,6 +2453,9 @@ wl_monitor(wl_info_t *wl, wl_rxsts_t *rxsts, void *p)
- {
- struct sk_buff *oskb = (struct sk_buff *)p;
- struct sk_buff *skb;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
-+ priv_link_t *priv_link;
-+#endif
- uchar *pdata;
- uint len;
-
-@@ -2916,7 +2922,13 @@ wl_monitor(wl_info_t *wl, wl_rxsts_t *rxsts, void *p)
- if (skb == NULL) return;
-
- skb->dev = wl->monitor_dev;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
-+ priv_link = MALLOC(wl->osh, sizeof(priv_link_t));
-+ priv_link = netdev_priv(skb->dev);
-+ priv_link->last_rx = jiffies;
-+#else
- skb->dev->last_rx = jiffies;
-+#endif
- #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 22)
- skb_reset_mac_header(skb);
- #else
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.12.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.12.patch
deleted file mode 100644
index 94c6253f8..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.12.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-diff -ru work.orig/src/wl/sys/wl_cfg80211_hybrid.c work.patched/src/wl/sys/wl_cfg80211_hybrid.c
---- work.orig/src/wl/sys/wl_cfg80211_hybrid.c 2017-06-10 15:50:27.328823384 -0700
-+++ work.patched/src/wl/sys/wl_cfg80211_hybrid.c 2017-06-10 15:52:40.540809187 -0700
-@@ -52,8 +52,13 @@
- u32 wl_dbg_level = WL_DBG_ERR;
- #endif
-
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
-+static s32 wl_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
-+ enum nl80211_iftype type, struct vif_params *params);
-+#else
- static s32 wl_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
- enum nl80211_iftype type, u32 *flags, struct vif_params *params);
-+#endif
- #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 6, 0)
- static s32
- wl_cfg80211_scan(struct wiphy *wiphy,
-@@ -466,7 +471,11 @@
-
- static s32
- wl_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
-+ enum nl80211_iftype type,
-+#else
- enum nl80211_iftype type, u32 *flags,
-+#endif
- struct vif_params *params)
- {
- struct wl_cfg80211_priv *wl = wiphy_to_wl(wiphy);
-@@ -2361,12 +2370,26 @@
- const wl_event_msg_t *e, void *data)
- {
- struct wl_cfg80211_connect_info *conn_info = wl_to_conn(wl);
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
-+ struct cfg80211_roam_info roam_info = {};
-+#endif
- s32 err = 0;
-
- wl_get_assoc_ies(wl);
- memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
- memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
- wl_update_bss_info(wl);
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
-+ roam_info.channel = &wl->conf->channel,
-+ roam_info.bssid = (u8 *)&wl->bssid,
-+ roam_info.req_ie = conn_info->req_ie,
-+ roam_info.req_ie_len = conn_info->req_ie_len,
-+ roam_info.resp_ie = conn_info->resp_ie,
-+ roam_info.resp_ie_len = conn_info->resp_ie_len,
-+
-+ cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
-+#else
- cfg80211_roamed(ndev,
- #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 39)
- &wl->conf->channel,
-@@ -2374,6 +2397,7 @@
- (u8 *)&wl->bssid,
- conn_info->req_ie, conn_info->req_ie_len,
- conn_info->resp_ie, conn_info->resp_ie_len, GFP_KERNEL);
-+#endif
- WL_DBG(("Report roaming result\n"));
-
- set_bit(WL_STATUS_CONNECTED, &wl->status);
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.7.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.7.patch
deleted file mode 100644
index 566680a09..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.7.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-Since Linux 4.7, the enum ieee80211_band is no longer used
-
-This shall cause no problem's since both enums ieee80211_band
-and nl80211_band were added in the same commit:
-https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=13ae75b103e07304a34ab40c9136e9f53e06475c
-
-This patch refactors the references of IEEE80211_BAND_* to NL80211_BAND_*
-
-Reference:
-https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=57fbcce37be7c1d2622b56587c10ade00e96afa3
-
---- a/src/wl/sys/wl_cfg80211_hybrid.c 2016-06-13 11:57:36.159340297 -0500
-+++ b/src/wl/sys/wl_cfg80211_hybrid.c 2016-06-13 11:58:18.442323435 -0500
-@@ -236,7 +236,7 @@
- #endif
-
- #define CHAN2G(_channel, _freq, _flags) { \
-- .band = IEEE80211_BAND_2GHZ, \
-+ .band = NL80211_BAND_2GHZ, \
- .center_freq = (_freq), \
- .hw_value = (_channel), \
- .flags = (_flags), \
-@@ -245,7 +245,7 @@
- }
-
- #define CHAN5G(_channel, _flags) { \
-- .band = IEEE80211_BAND_5GHZ, \
-+ .band = NL80211_BAND_5GHZ, \
- .center_freq = 5000 + (5 * (_channel)), \
- .hw_value = (_channel), \
- .flags = (_flags), \
-@@ -379,7 +379,7 @@
- };
-
- static struct ieee80211_supported_band __wl_band_2ghz = {
-- .band = IEEE80211_BAND_2GHZ,
-+ .band = NL80211_BAND_2GHZ,
- .channels = __wl_2ghz_channels,
- .n_channels = ARRAY_SIZE(__wl_2ghz_channels),
- .bitrates = wl_g_rates,
-@@ -387,7 +387,7 @@
- };
-
- static struct ieee80211_supported_band __wl_band_5ghz_a = {
-- .band = IEEE80211_BAND_5GHZ,
-+ .band = NL80211_BAND_5GHZ,
- .channels = __wl_5ghz_a_channels,
- .n_channels = ARRAY_SIZE(__wl_5ghz_a_channels),
- .bitrates = wl_a_rates,
-@@ -395,7 +395,7 @@
- };
-
- static struct ieee80211_supported_band __wl_band_5ghz_n = {
-- .band = IEEE80211_BAND_5GHZ,
-+ .band = NL80211_BAND_5GHZ,
- .channels = __wl_5ghz_n_channels,
- .n_channels = ARRAY_SIZE(__wl_5ghz_n_channels),
- .bitrates = wl_a_rates,
-@@ -1876,8 +1876,8 @@
- wdev->wiphy->max_num_pmkids = WL_NUM_PMKIDS_MAX;
- #endif
- wdev->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) | BIT(NL80211_IFTYPE_ADHOC);
-- wdev->wiphy->bands[IEEE80211_BAND_2GHZ] = &__wl_band_2ghz;
-- wdev->wiphy->bands[IEEE80211_BAND_5GHZ] = &__wl_band_5ghz_a;
-+ wdev->wiphy->bands[NL80211_BAND_2GHZ] = &__wl_band_2ghz;
-+ wdev->wiphy->bands[NL80211_BAND_5GHZ] = &__wl_band_5ghz_a;
- wdev->wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
- wdev->wiphy->cipher_suites = __wl_cipher_suites;
- wdev->wiphy->n_cipher_suites = ARRAY_SIZE(__wl_cipher_suites);
-@@ -2000,7 +2000,7 @@
- #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 39)
- freq = ieee80211_channel_to_frequency(notif_bss_info->channel,
- (notif_bss_info->channel <= CH_MAX_2G_CHANNEL) ?
-- IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ);
-+ NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
- #else
- freq = ieee80211_channel_to_frequency(notif_bss_info->channel);
- #endif
-@@ -2116,7 +2116,7 @@
- return err;
- }
- chan = wf_chspec_ctlchan(chanspec);
-- band = (chan <= CH_MAX_2G_CHANNEL) ? IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ;
-+ band = (chan <= CH_MAX_2G_CHANNEL) ? NL80211_BAND_2GHZ : NL80211_BAND_5GHZ;
- freq = ieee80211_channel_to_frequency(chan, band);
- channel = ieee80211_get_channel(wiphy, freq);
- cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, channel, GFP_KERNEL);
-@@ -2250,10 +2250,10 @@
- join_params->params.chanspec_list[0] =
- ieee80211_frequency_to_channel(chan->center_freq);
-
-- if (chan->band == IEEE80211_BAND_2GHZ) {
-+ if (chan->band == NL80211_BAND_2GHZ) {
- chanspec |= WL_CHANSPEC_BAND_2G;
- }
-- else if (chan->band == IEEE80211_BAND_5GHZ) {
-+ else if (chan->band == NL80211_BAND_5GHZ) {
- chanspec |= WL_CHANSPEC_BAND_5G;
- }
- else {
-@@ -2885,7 +2885,7 @@
-
- if (phy == 'n' || phy == 'a' || phy == 'v') {
- wiphy = wl_to_wiphy(wl);
-- wiphy->bands[IEEE80211_BAND_5GHZ] = &__wl_band_5ghz_n;
-+ wiphy->bands[NL80211_BAND_5GHZ] = &__wl_band_5ghz_n;
- }
-
- return err;
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.8.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.8.patch
deleted file mode 100644
index 20e8a9ae4..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r4-linux-4.8.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From d3f93542326a06d920c6eb89b703384290d37b8b Mon Sep 17 00:00:00 2001
-From: Alberto Milone
-Date: Fri, 2 Sep 2016 17:35:34 +0200
-Subject: [PATCH 1/1] Add support for Linux 4.8
-
-Orginal author: Krzysztof Kolasa
----
- src/wl/sys/wl_cfg80211_hybrid.c | 22 ++++++++++++++++++++++
- 1 file changed, 22 insertions(+)
-
-diff --git a/src/wl/sys/wl_cfg80211_hybrid.c b/src/wl/sys/wl_cfg80211_hybrid.c
-index 2fc71fe..ec5e472 100644
---- a/src/wl/sys/wl_cfg80211_hybrid.c
-+++ b/src/wl/sys/wl_cfg80211_hybrid.c
-@@ -2388,8 +2388,16 @@ wl_bss_connect_done(struct wl_cfg80211_priv *wl, struct net_device *ndev,
- s32 err = 0;
-
- if (wl->scan_request) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 8, 0)
-+ struct cfg80211_scan_info info = {
-+ .aborted = true,
-+ };
-+ WL_DBG(("%s: Aborting scan\n", __FUNCTION__));
-+ cfg80211_scan_done(wl->scan_request, &info);
-+#else
- WL_DBG(("%s: Aborting scan\n", __FUNCTION__));
- cfg80211_scan_done(wl->scan_request, true);
-+#endif
- wl->scan_request = NULL;
- }
-
-@@ -2490,7 +2498,14 @@ wl_notify_scan_status(struct wl_cfg80211_priv *wl, struct net_device *ndev,
-
- scan_done_out:
- if (wl->scan_request) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 8, 0)
-+ struct cfg80211_scan_info info = {
-+ .aborted = false,
-+ };
-+ cfg80211_scan_done(wl->scan_request, &info);
-+#else
- cfg80211_scan_done(wl->scan_request, false);
-+#endif
- wl->scan_request = NULL;
- }
- rtnl_unlock();
-@@ -2909,7 +2924,14 @@ s32 wl_cfg80211_down(struct net_device *ndev)
- s32 err = 0;
-
- if (wl->scan_request) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 8, 0)
-+ struct cfg80211_scan_info info = {
-+ .aborted = true,
-+ };
-+ cfg80211_scan_done(wl->scan_request, &info);
-+#else
- cfg80211_scan_done(wl->scan_request, true);
-+#endif
- wl->scan_request = NULL;
- }
-
---
-2.7.4
-
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r5-linux-4.15.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r5-linux-4.15.patch
deleted file mode 100644
index 91c4d8951..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r5-linux-4.15.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-diff --git a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c
-index 489c9f5..f8278ad 100644
---- a/src/wl/sys/wl_linux.c
-+++ b/src/wl/sys/wl_linux.c
-@@ -93,7 +93,11 @@
-
- #include
-
-+#ifdef HAVE_TIMER_SETUP
-+static void wl_timer(struct timer_list *list);
-+#else
- static void wl_timer(ulong data);
-+#endif
- static void _wl_timer(wl_timer_t *t);
- static struct net_device *wl_alloc_linux_if(wl_if_t *wlif);
-
-@@ -2296,12 +2300,17 @@
-
- atomic_dec(&t->wl->callbacks);
- }
--
-+#ifdef HAVE_TIMER_SETUP
-+static void
-+wl_timer(struct timer_list *list)
-+{
-+ wl_timer_t *t = from_timer(t,list,timer);
-+#else
- static void
- wl_timer(ulong data)
- {
- wl_timer_t *t = (wl_timer_t *)data;
--
-+#endif
- if (!WL_ALL_PASSIVE_ENAB(t->wl))
- _wl_timer(t);
- else
-@@ -2351,10 +2360,13 @@
- }
-
- bzero(t, sizeof(wl_timer_t));
--
-+#ifdef HAVE_TIMER_SETUP
-+ timer_setup(&t->timer, wl_timer,0);
-+#else
- init_timer(&t->timer);
- t->timer.data = (ulong) t;
- t->timer.function = wl_timer;
-+#endif
- t->wl = wl;
- t->fn = fn;
- t->arg = arg;
-diff --git a/src/wl/sys/wl_linux.h b/src/wl/sys/wl_linux.h
-index 489c9f5..f8278ad 100644
---- a/src/wl/sys/wl_linux.h
-+++ b/src/wl/sys/wl_linux.h
-@@ -190,3 +190,7 @@
- extern struct net_device * wl_netdev_get(wl_info_t *wl);
-
- #endif
-+
-+#if defined(timer_setup) && defined(from_timer)
-+#define HAVE_TIMER_SETUP
-+#endif
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r6-kernel-ds.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r6-kernel-ds.patch
deleted file mode 100644
index 0dec5dae2..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r6-kernel-ds.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- src/wl/sys/wl_iw.c.old 2019-05-12 19:20:14.980551538 +1000
-+++ src/wl/sys/wl_iw.c 2019-05-12 19:19:19.815976398 +1000
-@@ -117,7 +117,7 @@
- ifr.ifr_data = (caddr_t) &ioc;
-
- fs = get_fs();
-- set_fs(get_ds());
-+ set_fs(KERNEL_DS);
- #if defined(WL_USE_NETDEV_OPS)
- ret = dev->netdev_ops->ndo_do_ioctl(dev, &ifr, SIOCDEVPRIVATE);
- #else
---- src/wl/sys/wl_cfg80211_hybrid.c.old 2019-05-12 19:20:56.394980347 +1000
-+++ src/wl/sys/wl_cfg80211_hybrid.c 2019-05-12 19:18:21.852575023 +1000
-@@ -458,7 +458,7 @@
- ifr.ifr_data = (caddr_t)&ioc;
-
- fs = get_fs();
-- set_fs(get_ds());
-+ set_fs(KERNEL_DS);
- #if defined(WL_USE_NETDEV_OPS)
- err = dev->netdev_ops->ndo_do_ioctl(dev, &ifr, SIOCDEVPRIVATE);
- #else
diff --git a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r6-linux-5.1.patch b/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r6-linux-5.1.patch
deleted file mode 100644
index 6be2c4f52..000000000
--- a/net-wireless/broadcom-sta/files/broadcom-sta-6.30.223.271-r6-linux-5.1.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff --git a/src/wl/sys/wl_cfg80211_hybrid.c b/src/wl/sys/wl_cfg80211_hybrid.c
-index cdf8c01..63b5650 100644
---- a/src/wl/sys/wl_cfg80211_hybrid.c
-+++ b/src/wl/sys/wl_cfg80211_hybrid.c
-@@ -52,6 +52,10 @@ u32 wl_dbg_level = WL_DBG_ERR | WL_DBG_INFO;
- u32 wl_dbg_level = WL_DBG_ERR;
- #endif
-
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 1, 0)
-+#define get_ds() ((mm_segment_t) { (-1UL) })
-+#endif
-+
- #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
- static s32 wl_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
- enum nl80211_iftype type, struct vif_params *params);
diff --git a/net-wireless/broadcom-sta/metadata.xml b/net-wireless/broadcom-sta/metadata.xml
deleted file mode 100644
index 29b7c78b1..000000000
--- a/net-wireless/broadcom-sta/metadata.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-
-
-
-
- tomboy64@sina.cn
- M.B.
-
-
- ~albertomilone
-
-
diff --git a/net-wireless/gnuradio/Manifest b/net-wireless/gnuradio/Manifest
deleted file mode 100644
index e3c7c6657..000000000
--- a/net-wireless/gnuradio/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST gnuradio-3.8.1.0-rc1.tar.xz 2434744 BLAKE2B d85c72ca06e7e80eb59d82faf8f86f3ec182a14ac8add699619dcf8f0dd97562765c1759d0ee302d2f3bec027d1c2bf48af6631bd6441a0df3ad3bf00d76c79d SHA512 0fbe47b8df62214e4b4095445962ec9874121c4af5a364b292ac3db09cfc762253f35f402f50cf9ff408a3263bf0e635d5674b1867d980bde36063acedfeeffa
diff --git a/net-wireless/gnuradio/gnuradio-3.8.1.0_rc1.ebuild b/net-wireless/gnuradio/gnuradio-3.8.1.0_rc1.ebuild
deleted file mode 100644
index 29146972a..000000000
--- a/net-wireless/gnuradio/gnuradio-3.8.1.0_rc1.ebuild
+++ /dev/null
@@ -1,222 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-PYTHON_COMPAT=( python2_7 python3_{6,7} )
-
-CMAKE_BUILD_TYPE="None"
-inherit cmake-utils python-single-r1 virtualx xdg-utils
-
-DESCRIPTION="Toolkit that provides signal processing blocks to implement software radios"
-HOMEPAGE="https://www.gnuradio.org/"
-LICENSE="GPL-3"
-SLOT="0/${PV}"
-
-MY_PV=${PV/_rc/-rc}
-MY_P=${PN}-${MY_PV}
-
-if [[ ${PV} =~ "9999" ]]; then
- EGIT_REPO_URI="https://www.gnuradio.org/cgit/gnuradio.git"
- inherit git-r3
- KEYWORDS=""
-else
- SRC_URI="https://github.com/gnuradio/gnuradio/releases/download/v${MY_PV}/${MY_P}.tar.xz"
- KEYWORDS="amd64 ~x86"
-fi
-
-S="${WORKDIR}/${P/_rc*/}"
-
-IUSE="+audio +alsa +analog +digital channels doc dtv examples fec +filter grc jack modtool oss performance-counters portaudio +qt5 sdl test trellis -uhd vocoder +utils wavelet zeromq"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- audio? ( || ( alsa oss jack portaudio ) )
- alsa? ( audio )
- jack? ( audio )
- oss? ( audio )
- portaudio? ( audio )
- analog? ( filter )
- channels? ( filter analog qt5 )
- digital? ( filter analog )
- dtv? ( filter analog fec )
- modtool? ( utils )
- qt5? ( filter )
- trellis? ( analog digital )
- uhd? ( filter analog )
- vocoder? ( filter analog )
- wavelet? ( analog )
-"
-
-RDEPEND="${PYTHON_DEPS}
- $(python_gen_cond_dep '
- >=dev-libs/boost-1.53[python,${PYTHON_MULTI_USEDEP}]
- dev-python/six[${PYTHON_MULTI_USEDEP}]
- ')
- >=dev-lang/orc-0.4.12
- dev-libs/log4cpp
- sci-libs/fftw:3.0
- >=sci-libs/mpir-3.0.0
- alsa? ( media-libs/alsa-lib )
- fec? (
- >=sci-libs/gsl-1.10
- $(python_gen_cond_dep 'sci-libs/scipy[${PYTHON_MULTI_USEDEP}]')
- )
- filter? (
- $(python_gen_cond_dep 'sci-libs/scipy[${PYTHON_MULTI_USEDEP}]')
- )
- grc? (
- $(python_gen_cond_dep '
- >=dev-python/mako-0.4.2[${PYTHON_MULTI_USEDEP}]
- dev-python/numpy[${PYTHON_MULTI_USEDEP}]
- dev-python/pygobject:3[${PYTHON_MULTI_USEDEP}]
- dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
- ')
- x11-libs/gtk+:3[introspection]
- x11-libs/pango[introspection]
- )
- jack? ( media-sound/jack-audio-connection-kit )
- portaudio? ( >=media-libs/portaudio-19_pre )
- qt5? (
- $(python_gen_cond_dep 'dev-python/PyQt5[opengl,${PYTHON_MULTI_USEDEP}]')
- dev-qt/qtcore:5
- dev-qt/qtgui:5
- x11-libs/qwt:6[qt5(+)]
- dev-qt/qtwidgets:5
- )
- sdl? ( >=media-libs/libsdl-1.2.0 )
- trellis? (
- $(python_gen_cond_dep 'sci-libs/scipy[${PYTHON_MULTI_USEDEP}]')
- )
- uhd? (
- $(python_gen_cond_dep '>=net-wireless/uhd-3.9.6:=[${PYTHON_SINGLE_USEDEP}]')
- )
- utils? (
- $(python_gen_cond_dep '
- dev-python/click[${PYTHON_MULTI_USEDEP}]
- dev-python/click-plugins[${PYTHON_MULTI_USEDEP}]
- dev-python/mako[${PYTHON_MULTI_USEDEP}]
- dev-python/matplotlib[${PYTHON_MULTI_USEDEP}]
- ')
- )
- vocoder? (
- media-sound/gsm
- >=media-libs/codec2-0.8.1
- )
- wavelet? ( sci-libs/gsl )
- zeromq? ( >=net-libs/zeromq-2.1.11 )
-"
-
-DEPEND="${RDEPEND}
- app-text/docbook-xml-dtd:4.2
- >=dev-lang/swig-3.0.8
- virtual/pkgconfig
- doc? (
- >=app-doc/doxygen-1.5.7.1
- dev-python/sphinx[${PYTHON_SINGLE_USEDEP}]
- )
- grc? ( x11-misc/xdg-utils )
- oss? ( virtual/os-headers )
- test? ( >=dev-util/cppunit-1.9.14 )
- zeromq? ( net-libs/cppzmq )
-"
-
-src_prepare() {
- xdg_environment_reset #534582
-
- use !alsa && sed -i 's#version.h#version-nonexistent.h#' cmake/Modules/FindALSA.cmake
- use !jack && sed -i 's#jack.h#jack-nonexistent.h#' cmake/Modules/FindJACK.cmake
- use !oss && sed -i 's#soundcard.h#oss-nonexistent.h#g' cmake/Modules/FindOSS.cmake
- use !portaudio && sed -i 's#portaudio.h#portaudio-nonexistent.h#g' cmake/Modules/FindPORTAUDIO.cmake
-
- cmake-utils_src_prepare
-}
-
-src_configure() {
- #zeromq missing deps isn't fatal
- python_export PYTHON_SITEDIR
- mycmakeargs=(
- -DENABLE_DEFAULT=OFF
- -DENABLE_GNURADIO_RUNTIME=ON
- -DENABLE_VOLK=ON
- -DENABLE_PYTHON=ON
- -DENABLE_GR_BLOCKS=ON
- -DENABLE_GR_CTRLPORT=ON
- -DENABLE_GR_FFT=ON
- -DENABLE_GR_AUDIO="$(usex audio)"
- -DENABLE_GR_ANALOG="$(usex analog)"
- -DENABLE_GR_CHANNELS="$(usex channels)"
- -DENABLE_GR_DIGITAL="$(usex digital)"
- -DENABLE_DOXYGEN="$(usex doc)"
- -DENABLE_SPHINX="$(usex doc)"
- -DENABLE_GR_DTV="$(usex dtv)"
- -DENABLE_GR_FEC="$(usex fec)"
- -DENABLE_GR_FILTER="$(usex filter)"
- -DENABLE_GRC="$(usex grc)"
- -DENABLE_GR_MODTOOL="$(usex modtool)"
- -DENABLE_PERFORMANCE_COUNTERS="$(usex performance-counters)"
- -DENABLE_TESTING="$(usex test)"
- -DENABLE_GR_TRELLIS="$(usex trellis)"
- -DENABLE_GR_UHD="$(usex uhd)"
- -DENABLE_GR_UTILS="$(usex utils)"
- -DENABLE_GR_VOCODER="$(usex vocoder)"
- -DENABLE_GR_WAVELET="$(usex wavelet)"
- -DENABLE_GR_QTGUI="$(usex qt5)"
- -DENABLE_GR_VIDEO_SDL="$(usex sdl)"
- -DENABLE_GR_ZEROMQ="$(usex zeromq)"
- -DSYSCONFDIR="${EPREFIX}"/etc
- -DPYTHON_EXECUTABLE="${PYTHON}"
- -DGR_PYTHON_DIR="${PYTHON_SITEDIR}"
- -DGR_PKG_DOC_DIR="${EPREFIX}/usr/share/doc/${PF}"
- )
- cmake-utils_src_configure
-}
-
-src_install() {
- cmake-utils_src_install
-
- if use examples ; then
- dodir /usr/share/doc/${PF}/
- mv "${ED}"/usr/share/${PN}/examples "${ED}"/usr/share/doc/${PF}/ || die
- docompress -x /usr/share/doc/${PF}/examples
- else
- # It seems that the examples are always installed
- rm -rf "${ED}"/usr/share/${PN}/examples || die
- fi
-
- if use doc || use examples; then
- # This doesn't appear useful
- rm -rf "${ED}"/usr/share/doc/${PF}/xml || die
- fi
-
- # Remove duplicated icons, MIME and desktop files and installation script
- rm -rf "${ED}"/usr/share/${PN}/grc/freedesktop || die
- rm -f "${ED}"/usr/libexec/${PN}/grc_setup_freedesktop || die
-
- # Remove incorrectly byte-compiled Python files and replace
- find "${ED}"/usr/$(get_libdir) -name "*.py[co]" -exec rm {} \; || die
- python_optimize
-}
-
-src_test()
-{
- virtx cmake-utils_src_test
-}
-
-pkg_postinst()
-{
- if use grc ; then
- xdg_desktop_database_update
- xdg_icon_cache_update
- xdg_mimeinfo_database_update
- fi
-}
-
-pkg_postrm()
-{
- if use grc ; then
- xdg_desktop_database_update
- xdg_icon_cache_update
- xdg_mimeinfo_database_update
- fi
-}
diff --git a/sys-boot/os-prober/Manifest b/sys-boot/os-prober/Manifest
deleted file mode 100644
index cd5fa277d..000000000
--- a/sys-boot/os-prober/Manifest
+++ /dev/null
@@ -1,2 +0,0 @@
-DIST os-prober_1.71.tar.xz 25540 BLAKE2B 8b55b763fd859cc0a62f10d919a7188eeadfedcbfa45738b25f74a1d4651d0e656ecadbc84b8fd7aad97e75179b64a51e58382f2c8c0bb36acf309fea724470c SHA512 adb7b8cf54c6169510c7ce2bf40e4b659c97eecfb7c1dd149269520ef13cdc2b6587f221fcfcb95c18caf9dba8144bbba561abb158e986ab02f4e0d338317d04
-DIST os-prober_1.77.tar.xz 26660 BLAKE2B cff8d96927cf251e9d8ee95561289e9c49a89fbcf9045e7c7169f73b1eeb151797db7b075ebc14dbbdd96996d007b07001e2843cf835defd675f63595614297b SHA512 4d9c22ccc4d950644a06a17ec4424aca5ff82aeb20052dc389dd451b6b9a1799c5a9438644a29093153730af42066abbbbb78f593f2564314c9adbd43f60e39b
diff --git a/sys-boot/os-prober/files/os-prober-1.76-exherbo.patch b/sys-boot/os-prober/files/os-prober-1.76-exherbo.patch
deleted file mode 100644
index 6ef83dca2..000000000
--- a/sys-boot/os-prober/files/os-prober-1.76-exherbo.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 09fefdb360b69c2de03a2f1c881db87f924d3c76 Mon Sep 17 00:00:00 2001
-From: Timo Gurr
-Date: Mon, 20 Feb 2017 17:33:14 +0100
-Subject: [PATCH] Add Exherbo Linux detection
-
----
- os-probes/mounted/common/90linux-distro | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/os-probes/mounted/common/90linux-distro b/os-probes/mounted/common/90linux-distro
-index badfbb1..41a5553 100755
---- a/os-probes/mounted/common/90linux-distro
-+++ b/os-probes/mounted/common/90linux-distro
-@@ -137,6 +137,9 @@ if (ls "$dir"/lib*/ld*.so* && [ -d "$dir/boot" ] || ls "$dir"/usr/lib*/ld*.so*)
- elif [ -e "$dir/etc/devuan_version" ]; then
- short="Devuan"
- long="$(printf "Devuan GNU/Linux (%s)\n" "$(cat "$dir/etc/devuan_version")")"
-+ elif [ -e "$dir/etc/exherbo-release" ]; then
-+ short="Exherbo"
-+ long="Exherbo Linux"
- else
- short="Linux"
- long="unknown Linux distribution"
---
-2.11.1
-
diff --git a/sys-boot/os-prober/os-prober-1.71.ebuild b/sys-boot/os-prober/os-prober-1.71.ebuild
deleted file mode 100644
index 83b93c9e5..000000000
--- a/sys-boot/os-prober/os-prober-1.71.ebuild
+++ /dev/null
@@ -1,77 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-#inherit eutils multilib toolchain-funcs
-inherit toolchain-funcs
-
-DESCRIPTION="Utility to detect other OSs on a set of drives"
-HOMEPAGE="http://packages.debian.org/source/sid/os-prober"
-SRC_URI="mirror://debian/pool/main/${PN::1}/${PN}/${PN}_${PV}.tar.xz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-src_prepare() {
- # use default GNU rules
- rm Makefile || die 'rm Makefile failed'
- # Fix references to grub-mount
- sed -i -e 's:grub-mount:grub2-mount:g' \
- common.sh \
- linux-boot-probes/common/50mounted-tests \
- os-probes/common/50mounted-tests || die
-}
-
-src_compile() {
- tc-export CC
- emake newns
-}
-
-src_install() {
- dobin os-prober linux-boot-prober
-
- # Note: as no shared libraries are installed, /usr/lib is correct
- exeinto /usr/lib/os-prober
- doexe newns
-
- insinto /usr/share/os-prober
- doins common.sh
-
- keepdir /var/lib/os-prober
-
- local debarch=${ARCH%-*} dir
-
- case ${debarch} in
- amd64) debarch=x86 ;;
- ppc|ppc64) debarch=powerpc ;;
- esac
-
- for dir in os-probes{,/mounted,/init} linux-boot-probes{,/mounted}; do
- exeinto /usr/lib/$dir
- doexe $dir/common/*
- if [[ -d $dir/$debarch ]]; then
- doexe $dir/$debarch/*
- fi
- if [[ -d $dir/$debarch/efi ]]; then
- exeinto /usr/lib/$dir/efi
- doexe $dir/$debarch/efi/*
- fi
- done
-
- if use amd64 || use x86; then
- exeinto /usr/lib/os-probes/mounted
- doexe os-probes/mounted/powerpc/20macosx
- fi
-
- dodoc README TODO debian/changelog
-}
-
-pkg_postinst() {
- elog "If you intend for os-prober to detect versions of Windows installed on"
- elog "NTFS-formatted partitions, your system must be capable of reading the"
- elog "NTFS filesystem. One way to do this is by installing sys-fs/ntfs3g"
-}
diff --git a/sys-boot/os-prober/os-prober-1.77.ebuild b/sys-boot/os-prober/os-prober-1.77.ebuild
deleted file mode 100644
index d13fb583d..000000000
--- a/sys-boot/os-prober/os-prober-1.77.ebuild
+++ /dev/null
@@ -1,92 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=7
-inherit readme.gentoo-r1 toolchain-funcs
-
-DESCRIPTION="Utility to detect other OSs on a set of drives"
-HOMEPAGE="http://packages.debian.org/source/sid/os-prober"
-SRC_URI="mirror://debian/pool/main/${PN::1}/${PN}/${PN}_${PV}.tar.xz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-# grub-mount needed per bug #607518
-RDEPEND="sys-boot/grub:2[mount]"
-DEPEND=""
-
-# bug 594250
-QA_MULTILIB_PATHS="usr/lib/os-prober/.*"
-
-PATCHES=( "${FILESDIR}"/${PN}-1.76-exherbo.patch )
-
-DOC_CONTENTS="
- If you intend for os-prober to detect versions of Windows installed on
- NTFS-formatted partitions, your system must be capable of reading the
- NTFS filesystem. One way to do this is by installing sys-fs/ntfs3g
-"
-
-src_prepare() {
- default
- # use default GNU rules
- rm Makefile || die 'rm Makefile failed'
- # Fix references to grub-mount
- sed -i -e 's:grub-mount:grub2-mount:g' \
- common.sh \
- linux-boot-probes/common/50mounted-tests \
- os-probes/common/50mounted-tests || die
-}
-
-src_compile() {
- tc-export CC
- emake newns
-}
-
-src_install() {
- dobin os-prober linux-boot-prober
-
- # Note: as no shared libraries are installed, /usr/lib is correct
- exeinto /usr/lib/os-prober
- doexe newns
-
- insinto /usr/share/os-prober
- doins common.sh
-
- keepdir /var/lib/os-prober
-
- local debarch=${ARCH%-*} dir
-
- case ${debarch} in
- amd64) debarch=x86 ;;
- ppc|ppc64) debarch=powerpc ;;
- esac
-
- for dir in os-probes{,/mounted,/init} linux-boot-probes{,/mounted}; do
- exeinto /usr/lib/${dir}
- doexe ${dir}/common/*
- if [[ -d ${dir}/${debarch} ]]; then
- doexe ${dir}/${debarch}/*
- fi
- if [[ -d ${dir}/${debarch}/efi ]]; then
- exeinto /usr/lib/${dir}/efi
- doexe ${dir}/${debarch}/efi/*
- fi
- done
-
- if use amd64 || use x86; then
- exeinto /usr/lib/os-probes/mounted
- doexe os-probes/mounted/powerpc/20macosx
- fi
-
- einstalldocs
- dodoc debian/changelog
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
-}
diff --git a/sys-fs/multipath-tools/Manifest b/sys-fs/multipath-tools/Manifest
deleted file mode 100644
index 23af9e77a..000000000
--- a/sys-fs/multipath-tools/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST multipath-tools-0.5.0.tar.bz2 184024 SHA256 f13cf1eb84e94e83b2019e68f7965526903c13e94246db43965d181668a0a6f9 SHA512 dfad21c45d0f69e39041d30d203a582c8ee8329bf390c51cde10155b3de379e7ad8fead2ac4beb268a924fd7e7dc8e1cf538ea3c70d41479fd8786fa30ba22a9 WHIRLPOOL bc8a365d66d1c5f584de04304125949926d4a1576cba4a00acca0f1333eb13d83318da36d9d88c5dc92691a331d427ad6b99eb1f2983fbc387303dbfdbae11ff
diff --git a/sys-fs/multipath-tools/REASONS b/sys-fs/multipath-tools/REASONS
deleted file mode 100644
index 40cc893d0..000000000
--- a/sys-fs/multipath-tools/REASONS
+++ /dev/null
@@ -1 +0,0 @@
-Anaconda 22 requires the mpathconf binary to start.
diff --git a/sys-fs/multipath-tools/files/fedora/0001-RH-dont_start_with_no_config.patch b/sys-fs/multipath-tools/files/fedora/0001-RH-dont_start_with_no_config.patch
deleted file mode 100644
index e894632ef..000000000
--- a/sys-fs/multipath-tools/files/fedora/0001-RH-dont_start_with_no_config.patch
+++ /dev/null
@@ -1,16 +0,0 @@
----
- multipathd/multipathd.service | 1 +
- 1 file changed, 1 insertion(+)
-
-Index: multipath-tools-130222/multipathd/multipathd.service
-===================================================================
---- multipath-tools-130222.orig/multipathd/multipathd.service
-+++ multipath-tools-130222/multipathd/multipathd.service
-@@ -2,6 +2,7 @@
- Description=Device-Mapper Multipath Device Controller
- Before=iscsi.service iscsid.service lvm2-activation-early.service
- After=syslog.target
-+ConditionPathExists=/etc/multipath.conf
- DefaultDependencies=no
- Conflicts=shutdown.target
-
diff --git a/sys-fs/multipath-tools/files/fedora/0002-RH-multipath.rules.patch b/sys-fs/multipath-tools/files/fedora/0002-RH-multipath.rules.patch
deleted file mode 100644
index 93940c358..000000000
--- a/sys-fs/multipath-tools/files/fedora/0002-RH-multipath.rules.patch
+++ /dev/null
@@ -1,52 +0,0 @@
----
- multipath/Makefile | 3 +++
- multipath/multipath.rules | 24 ++++++++++++++++++++++++
- 2 files changed, 27 insertions(+)
-
-Index: multipath-tools-130222/multipath/multipath.rules
-===================================================================
---- a/multipath/Makefile
-+++ b/multipath/Makefile
-@@ -19,12 +19,15 @@ $(EXEC): $(OBJS)
- install:
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(bindir)
- $(INSTALL_PROGRAM) -m 755 $(EXEC) $(DESTDIR)$(bindir)/
-+ $(INSTALL_PROGRAM) -d $(DESTDIR)/lib/udev/rules.d
-+ $(INSTALL_PROGRAM) -m 644 multipath.rules $(DESTDIR)/lib/udev/rules.d/62-multipath.rules
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(mandir)
- $(INSTALL_PROGRAM) -m 644 $(EXEC).8 $(DESTDIR)$(mandir)
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(man5dir)
- $(INSTALL_PROGRAM) -m 644 $(EXEC).conf.5 $(DESTDIR)$(man5dir)
-
- uninstall:
-+ rm $(DESTDIR)/lib/udev/rules.d/62-multipath.rules
- rm $(DESTDIR)$(bindir)/$(EXEC)
- rm $(DESTDIR)$(mandir)/$(EXEC).8
- rm $(DESTDIR)$(man5dir)/$(EXEC).conf.5
---- /dev/null
-+++ b/multipath/multipath.rules
-@@ -0,0 +1,24 @@
-+# multipath wants the devmaps presented as meaninglful device names
-+# so name them after their devmap name
-+SUBSYSTEM!="block", GOTO="end_mpath"
-+
-+ENV{MPATH_SBIN_PATH}="/sbin"
-+TEST!="$env{MPATH_SBIN_PATH}/multipath", ENV{MPATH_SBIN_PATH}="/usr/sbin"
-+
-+ACTION=="add", ENV{DEVTYPE}!="partition", \
-+ ENV{DM_MULTIPATH_DEVICE_PATH}!="1", \
-+ TEST=="/etc/multipath.conf", \
-+ PROGRAM=="$env{MPATH_SBIN_PATH}/multipath -c $tempnode", \
-+ ENV{DM_MULTIPATH_DEVICE_PATH}="1"
-+
-+ENV{DM_MULTIPATH_DEVICE_PATH}=="1", ENV{DEVTYPE}!="partition", \
-+ RUN+="/sbin/partx -d --nr 1-1024 $env{DEVNAME}"
-+
-+KERNEL!="dm-*", GOTO="end_mpath"
-+ENV{DM_UUID}=="mpath-?*|part[0-9]*-mpath-?*", OPTIONS+="link_priority=10"
-+ACTION!="change", GOTO="end_mpath"
-+ENV{DM_UUID}!="mpath-?*", GOTO="end_mpath"
-+ENV{DM_SUSPENDED}=="1", GOTO="end_mpath"
-+ENV{DM_ACTION}=="PATH_FAILED", GOTO="end_mpath"
-+RUN+="$env{MPATH_SBIN_PATH}/kpartx -a $tempnode"
-+LABEL="end_mpath"
diff --git a/sys-fs/multipath-tools/files/fedora/0004-RH-multipathd-blacklist-all-by-default.patch b/sys-fs/multipath-tools/files/fedora/0004-RH-multipathd-blacklist-all-by-default.patch
deleted file mode 100644
index 2dda63c73..000000000
--- a/sys-fs/multipath-tools/files/fedora/0004-RH-multipathd-blacklist-all-by-default.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 61b2002c6b2752c15b431e400cd614edc8c5b039 Mon Sep 17 00:00:00 2001
-From: Fabio M. Di Nitto
-Date: Mon, 19 Oct 2009 07:05:45 +0200
-Subject: [PATCH 09/12] RH: multipathd blacklist all by default
-
-If there is no configuration installed on the system, blacklist
-everything by default.
-
-BZ#528059
-
-Signed-off-by: Fabio M. Di Nitto
----
-:100644 100644 e7e962e... 5aa1ab0... M libmultipath/config.c
-:100644 100644 86b1320... 7e90e75... M libmultipath/config.h
- libmultipath/config.c | 16 ++++++++++++++++
- libmultipath/config.h | 1 +
- 2 files changed, 17 insertions(+)
-
-Index: multipath-tools-130222/libmultipath/config.c
-===================================================================
---- multipath-tools-130222.orig/libmultipath/config.c
-+++ multipath-tools-130222/libmultipath/config.c
-@@ -21,6 +21,7 @@
- #include "defaults.h"
- #include "prio.h"
- #include "devmapper.h"
-+#include "version.h"
-
- static int
- hwe_strmatch (struct hwentry *hwe1, struct hwentry *hwe2)
-@@ -585,6 +586,21 @@ load_config (char * file)
-
- } else {
- init_keywords();
-+ condlog(0, "/etc/multipath.conf does not exist, blacklisting all devices.");
-+ condlog(0, "A default multipath.conf file is located at");
-+ condlog(0, "/usr/share/doc/device-mapper-multipath-%d.%d.%d/multipath.conf", MULTIPATH_VERSION(VERSION_CODE));
-+ if (conf->blist_devnode == NULL) {
-+ conf->blist_devnode = vector_alloc();
-+ if (!conf->blist_devnode) {
-+ condlog(0, "cannot allocate blacklist\n");
-+ goto out;
-+ }
-+ }
-+ if (store_ble(conf->blist_devnode, strdup(".*"),
-+ ORIGIN_NO_CONFIG)) {
-+ condlog(0, "cannot store default no-config blacklist\n");
-+ goto out;
-+ }
- }
-
- /*
-Index: multipath-tools-130222/libmultipath/config.h
-===================================================================
---- multipath-tools-130222.orig/libmultipath/config.h
-+++ multipath-tools-130222/libmultipath/config.h
-@@ -6,6 +6,7 @@
-
- #define ORIGIN_DEFAULT 0
- #define ORIGIN_CONFIG 1
-+#define ORIGIN_NO_CONFIG 2
-
- /*
- * In kernel, fast_io_fail == 0 means immediate failure on rport delete.
diff --git a/sys-fs/multipath-tools/files/fedora/0005-RH-add-mpathconf.patch b/sys-fs/multipath-tools/files/fedora/0005-RH-add-mpathconf.patch
deleted file mode 100644
index da1454f43..000000000
--- a/sys-fs/multipath-tools/files/fedora/0005-RH-add-mpathconf.patch
+++ /dev/null
@@ -1,452 +0,0 @@
---- multipath-tools-0.5.0.orig/libmultipath/config.c
-+++ multipath-tools-0.5.0/libmultipath/config.c
-@@ -601,6 +601,7 @@ load_config (char * file, struct udev *u
- condlog(0, "/etc/multipath.conf does not exist, blacklisting all devices.");
- condlog(0, "A default multipath.conf file is located at");
- condlog(0, "/usr/share/doc/device-mapper-multipath-%d.%d.%d/multipath.conf", MULTIPATH_VERSION(VERSION_CODE));
-+ condlog(0, "You can run /sbin/mpathconf to create or modify /etc/multipath.conf");
- if (conf->blist_devnode == NULL) {
- conf->blist_devnode = vector_alloc();
- if (!conf->blist_devnode) {
---- multipath-tools-0.5.0.orig/multipath/Makefile
-+++ multipath-tools-0.5.0/multipath/Makefile
-@@ -19,6 +19,7 @@ $(EXEC): $(OBJS)
- install:
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(bindir)
- $(INSTALL_PROGRAM) -m 755 $(EXEC) $(DESTDIR)$(bindir)/
-+ $(INSTALL_PROGRAM) -m 755 mpathconf $(DESTDIR)$(bindir)/
- $(INSTALL_PROGRAM) -d $(DESTDIR)/lib/udev/rules.d
- $(INSTALL_PROGRAM) -m 644 multipath.rules $(DESTDIR)/lib/udev/rules.d/62-multipath.rules
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(mandir)
-@@ -29,8 +30,10 @@ install:
- uninstall:
- rm $(DESTDIR)/lib/udev/rules.d/62-multipath.rules
- rm $(DESTDIR)$(bindir)/$(EXEC)
-+ rm $(DESTDIR)$(bindir)/mpathconf
- rm $(DESTDIR)$(mandir)/$(EXEC).8
- rm $(DESTDIR)$(man5dir)/$(EXEC).conf.5
-+ rm $(DESTDIR)$(mandir)/mpathconf.8.gz
-
- clean:
- rm -f core *.o $(EXEC)
---- multipath-tools-0.5.0.orig/multipath/mpathconf
-+++ multipath-tools-0.5.0/multipath/mpathconf
-@@ -0,0 +1,312 @@
-+#!/bin/sh
-+#
-+# Copyright (C) 2010 Red Hat, Inc. All rights reserved.
-+#
-+# This file is part of the device-mapper-multipath package.
-+#
-+# This copyrighted material is made available to anyone wishing to use,
-+# modify, copy, or redistribute it subject to the terms and conditions
-+# of the GNU General Public License v.2.
-+#
-+# You should have received a copy of the GNU General Public License
-+# along with this program; if not, write to the Free Software Foundation,
-+# Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-+
-+#
-+# Simple editting of /etc/multipath.conf
-+# This program was largely ripped off from lvmconf
-+#
-+
-+unset ENABLE FIND FRIENDLY MODULE MULTIPATHD HAVE_DISABLE HAVE_FIND HAVE_BLACKLIST HAVE_DEFAULTS HAVE_FRIENDLY HAVE_MULTIPATHD HAVE_MODULE SHOW_STATUS CHANGED_CONFIG
-+
-+DEFAULT_CONFIGFILE="/usr/share/doc/device-mapper-multipath-0.4.9/multipath.conf"
-+CONFIGFILE="/etc/multipath.conf"
-+MULTIPATHDIR="/etc/multipath"
-+TMPFILE=/etc/multipath/.multipath.conf.tmp
-+
-+function usage
-+{
-+ echo "usage: $0 "
-+ echo ""
-+ echo "Commands:"
-+ echo "Enable: --enable "
-+ echo "Disable: --disable"
-+ echo "Set user_friendly_names (Default n): --user_friendly_names "
-+ echo "Set find_multipaths (Default n): --find_multipaths "
-+ echo "Load the dm-multipath modules on enable (Default y): --with_module "
-+ echo "start/stop/reload multipathd (Default n): --with_multipathd "
-+ echo ""
-+}
-+
-+function parse_args
-+{
-+ while [ -n "$1" ]; do
-+ case $1 in
-+ --enable)
-+ ENABLE=1
-+ shift
-+ ;;
-+ --disable)
-+ ENABLE=0
-+ shift
-+ ;;
-+ --user_friendly_names)
-+ if [ -n "$2" ]; then
-+ FRIENDLY=$2
-+ shift 2
-+ else
-+ usage
-+ exit 1
-+ fi
-+ ;;
-+ --find_multipaths)
-+ if [ -n "$2" ]; then
-+ FIND=$2
-+ shift 2
-+ else
-+ usage
-+ exit 1
-+ fi
-+ ;;
-+ --with_module)
-+ if [ -n "$2" ]; then
-+ MODULE=$2
-+ shift 2
-+ else
-+ usage
-+ exit 1
-+ fi
-+ ;;
-+ --with_multipathd)
-+ if [ -n "$2" ]; then
-+ MULTIPATHD=$2
-+ shift 2
-+ else
-+ usage
-+ exit 1
-+ fi
-+ ;;
-+ *)
-+ usage
-+ exit
-+ esac
-+ done
-+}
-+
-+function validate_args
-+{
-+ if [ "$ENABLE" = "0" ] && [ -n "$FRIENDLY" -o -n "$FIND" -o -n "$MODULE" ]; then
-+ echo "ignoring extra parameters on disable"
-+ FRIENDLY=""
-+ FIND=""
-+ MODULE=""
-+ fi
-+ if [ -n "$FRIENDLY" ] && [ "$FRIENDLY" != "y" -a "$FRIENDLY" != "n" ]; then
-+ echo "--user_friendly_names must be either 'y' or 'n'"
-+ exit 1
-+ fi
-+ if [ -n "$FIND" ] && [ "$FIND" != "y" -a "$FIND" != "n" ]; then
-+ echo "--find_multipaths must be either 'y' or 'n'"
-+ exit 1
-+ fi
-+ if [ -z "$ENABLE" -a -z "$FIND" -a -z "$FRIENDLY" ]; then
-+ SHOW_STATUS=1
-+ fi
-+ if [ -n "$MODULE" ] && [ "$MODULE" != "y" -a "$MODULE" != "n" ]; then
-+ echo "--with_module must be either 'y' or 'n'"
-+ exit 1
-+ fi
-+ if [ -n "$MULTIPATHD" ] && [ "$MULTIPATHD" != "y" -a "$MULTIPATHD" != "n" ]; then
-+ echo "--with_multipathd must be either 'y' or 'n'"
-+ exit 1
-+ fi
-+}
-+
-+umask 0077
-+
-+parse_args "$@"
-+
-+validate_args
-+
-+if [ ! -d "$MULTIPATHDIR" ]; then
-+ echo "/etc/multipath/ does not exist. failing"
-+ exit 1
-+fi
-+
-+rm $TMPFILE 2> /dev/null
-+if [ -f "$CONFIGFILE" ]; then
-+ cp $CONFIGFILE $TMPFILE
-+elif [ -f "$DEFAULT_CONFIGFILE" ]; then
-+ cp $DEFAULT_CONFIGFILE $TMPFILE
-+else
-+ touch $TMPFILE
-+fi
-+
-+if grep -q "^blacklist[[:space:]]*{" $TMPFILE ; then
-+ HAVE_BLACKLIST=1
-+fi
-+
-+if grep -q "^defaults[[:space:]]*{" $TMPFILE ; then
-+ HAVE_DEFAULTS=1
-+fi
-+
-+if [ -z "$MODULE" -o "$MODULE" = "y" ]; then
-+ if lsmod | grep -q "dm_multipath" ; then
-+ HAVE_MODULE=1
-+ else
-+ HAVE_MODULE=0
-+ fi
-+fi
-+
-+if [ "$MULTIPATHD" = "y" ]; then
-+ if service multipathd status > /dev/null ; then
-+ HAVE_MULTIPATHD=1
-+ else
-+ HAVE_MULTIPATHD=0
-+ fi
-+fi
-+
-+if [ "$HAVE_BLACKLIST" = "1" ]; then
-+ if sed -n '/^blacklist[[:space:]]*{/,/^}/ p' $TMPFILE | grep -q "^[[:space:]]*devnode \"\.\?\*\"" ; then
-+ HAVE_DISABLE=1
-+ elif sed -n '/^blacklist[[:space:]]*{/,/^}/ p' $TMPFILE | grep -q "^[[:space:]]*#[#[:space:]]*devnode \"\.\?\*\"" ; then
-+ HAVE_DISABLE=0
-+ fi
-+fi
-+
-+if [ "$HAVE_DEFAULTS" = "1" ]; then
-+ if sed -n '/^defaults[[:space:]]*{/,/^}/ p' $TMPFILE | grep -q "^[[:space:]]*find_multipaths[[:space:]]*\(yes\|1\)" ; then
-+ HAVE_FIND=1
-+ elif sed -n '/^defaults[[:space:]]*{/,/^}/ p' $TMPFILE | grep -q "^[[:space:]]*find_multipaths[[:space:]]*\(no\|0\)" ; then
-+ HAVE_FIND=0
-+ fi
-+ if sed -n '/^defaults[[:space:]]*{/,/^}/ p' $TMPFILE | grep -q "^[[:space:]]*user_friendly_names[[:space:]]*\(yes\|1\)" ; then
-+ HAVE_FRIENDLY=1
-+ elif sed -n '/^defaults[[:space:]]*{/,/^}/ p' $TMPFILE | grep -q "^[[:space:]]*user_friendly_names[[:space:]]*\(no\|0\)" ; then
-+ HAVE_FRIENDLY=0
-+ fi
-+fi
-+
-+if [ -n "$SHOW_STATUS" ]; then
-+ if [ -z "$HAVE_DISABLE" -o "$HAVE_DISABLE" = 0 ]; then
-+ echo "multipath is enabled"
-+ else
-+ echo "multipath is disabled"
-+ fi
-+ if [ -z "$HAVE_FIND" -o "$HAVE_FIND" = 0 ]; then
-+ echo "find_multipaths is disabled"
-+ else
-+ echo "find_multipaths is enabled"
-+ fi
-+ if [ -z "$HAVE_FRIENDLY" -o "$HAVE_FRIENDLY" = 0 ]; then
-+ echo "user_friendly_names is disabled"
-+ else
-+ echo "user_friendly_names is enabled"
-+ fi
-+ if [ -n "$HAVE_MODULE" ]; then
-+ if [ "$HAVE_MODULE" = 1 ]; then
-+ echo "dm_multipath module is loaded"
-+ else
-+ echo "dm_multipath module is not loaded"
-+ fi
-+ fi
-+ if [ -n "$HAVE_MULTIPATHD" ]; then
-+ service multipathd status
-+ fi
-+ exit 0
-+fi
-+
-+if [ -z "$HAVE_BLACKLIST" ]; then
-+ cat >> $TMPFILE <<- _EOF_
-+
-+blacklist {
-+}
-+_EOF_
-+fi
-+
-+if [ -z "$HAVE_DEFAULTS" ]; then
-+ cat >> $TMPFILE <<- _EOF_
-+
-+defaults {
-+}
-+_EOF_
-+fi
-+
-+if [ "$ENABLE" = 1 ]; then
-+ if [ "$HAVE_DISABLE" = 1 ]; then
-+ sed -i '/^blacklist[[:space:]]*{/,/^}/ s/^[[:space:]]*devnode \"\.\?\*\"/# devnode ".*"/' $TMPFILE
-+ fi
-+elif [ "$ENABLE" = 0 ]; then
-+ if [ -z "$HAVE_DISABLE" ]; then
-+ sed -i '/^blacklist[[:space:]]*{/ a\
-+ devnode "*"
-+' $TMPFILE
-+ elif [ "$HAVE_DISABLE" = 0 ]; then
-+ sed -i '/^blacklist[[:space:]]*{/,/^}/ s/^[[:space:]]*#[#[:space:]]*devnode \"\.\?\*\"/ devnode ".*"/' $TMPFILE
-+ fi
-+fi
-+
-+if [ "$FIND" = "n" ]; then
-+ if [ "$HAVE_FIND" = 1 ]; then
-+ sed -i '/^defaults[[:space:]]*{/,/^}/ s/^[[:space:]]*find_multipaths[[:space:]]*\(yes\|1\)/ find_multipaths no/' $TMPFILE
-+ CHANGED_CONFIG=1
-+ fi
-+elif [ "$FIND" = "y" ]; then
-+ if [ -z "$HAVE_FIND" ]; then
-+ sed -i '/^defaults[[:space:]]*{/ a\
-+ find_multipaths yes
-+' $TMPFILE
-+ CHANGED_CONFIG=1
-+ elif [ "$HAVE_FIND" = 0 ]; then
-+ sed -i '/^defaults[[:space:]]*{/,/^}/ s/^[[:space:]]*find_multipaths[[:space:]]*\(no\|0\)/ find_multipaths yes/' $TMPFILE
-+ CHANGED_CONFIG=1
-+ fi
-+fi
-+
-+if [ "$FRIENDLY" = "n" ]; then
-+ if [ "$HAVE_FRIENDLY" = 1 ]; then
-+ sed -i '/^defaults[[:space:]]*{/,/^}/ s/^[[:space:]]*user_friendly_names[[:space:]]*\(yes\|1\)/ user_friendly_names no/' $TMPFILE
-+ CHANGED_CONFIG=1
-+ fi
-+elif [ "$FRIENDLY" = "y" ]; then
-+ if [ -z "$HAVE_FRIENDLY" ]; then
-+ sed -i '/^defaults[[:space:]]*{/ a\
-+ user_friendly_names yes
-+' $TMPFILE
-+ CHANGED_CONFIG=1
-+ elif [ "$HAVE_FRIENDLY" = 0 ]; then
-+ sed -i '/^defaults[[:space:]]*{/,/^}/ s/^[[:space:]]*user_friendly_names[[:space:]]*\(no\|0\)/ user_friendly_names yes/' $TMPFILE
-+ CHANGED_CONFIG=1
-+ fi
-+fi
-+
-+if [ -f "$CONFIGFILE" ]; then
-+ cp $CONFIGFILE $CONFIGFILE.old
-+ if [ $? != 0 ]; then
-+ echo "failed to backup old config file, $CONFIGFILE not updated"
-+ exit 1
-+ fi
-+fi
-+
-+cp $TMPFILE $CONFIGFILE
-+if [ $? != 0 ]; then
-+ echo "failed to copy new config file into place, check $CONFIGFILE is still OK"
-+ exit 1
-+fi
-+
-+rm -f $TMPFILE
-+
-+if [ "$ENABLE" = 1 ]; then
-+ if [ "$HAVE_MODULE" = 0 ]; then
-+ modprobe dm_multipath
-+ fi
-+ if [ "$HAVE_MULTIPATHD" = 0 ]; then
-+ service multipathd start
-+ fi
-+elif [ "$ENABLE" = 0 ]; then
-+ if [ "$HAVE_MULTIPATHD" = 1 ]; then
-+ service multipathd stop
-+ fi
-+elif [ -n "$CHANGED_CONFIG" -a "$HAVE_MULTIPATHD" = 1 ]; then
-+ service multipathd reload
-+fi
---- multipath-tools-0.5.0.orig/multipath/mpathconf.8
-+++ multipath-tools-0.5.0/multipath/mpathconf.8
-@@ -0,0 +1,103 @@
-+.TH MPATHCONF 8 "June 2010" "" "Linux Administrator's Manual"
-+.SH NAME
-+mpathconf - A tool for configuring device-mapper-multipath
-+.SH SYNOPSIS
-+.B mpathconf
-+.RB [\| commands \|]
-+.RB [\| options \|]
-+.SH DESCRIPTION
-+.B mpathconf
-+is a utility that creates or modifies
-+.B /etc/multipath.conf.
-+It can enable or disable multipathing and configure some common options.
-+.B mpathconf
-+can also load the
-+.B dm_multipath
-+module, start and stop the
-+.B multipathd
-+daemon, and configure the
-+.B multipathd
-+service to start automatically or not. If
-+.B mpathconf
-+is called with no commands, it will display the current configuration.
-+
-+The default options for mpathconf are
-+.B --with_module
-+The
-+.B --with_multipathd
-+option is not set by default. Enabling multipathing will load the
-+.B dm_multipath
-+module but it will not immediately start it. This is so
-+that users can manually edit their config file if necessary, before starting
-+.B multipathd.
-+
-+If
-+.B /etc/multipath.conf
-+already exists, mpathconf will edit it. If it does not exist, mpathconf will
-+use
-+.B /usr/share/doc/device-mapper-multipath-0.4.9/multipath.conf
-+as the starting file. This file has
-+.B user_friendly_names
-+set. If this file does not exist, mpathconf will create
-+.B /etc/multipath.conf
-+from scratch. For most users, this means that
-+.B user_friendly_names
-+will be set by default, unless they use the
-+.B --user_friendly_names n
-+command.
-+.SH COMMANDS
-+.TP
-+.B --enable
-+Removes any line that blacklists all device nodes from the
-+.B /etc/multipath.conf
-+blacklist section.
-+.TP
-+.B --disable
-+Adds a line that blacklists all device nodes to the
-+.B /etc/multipath.conf
-+blacklist section. If no blacklist section exists, it will create one.
-+.TP
-+.B --user_friendly_name \fP { \fBy\fP | \fBn\fP }
-+If set to \fBy\fP, this adds the line
-+.B user_friendly_names yes
-+to the
-+.B /etc/multipath.conf
-+defaults section. If set to \fBn\fP, this removes the line, if present. This
-+command can be used along with any other command.
-+.TP
-+.B --find_multipaths\fP { \fBy\fP | \fBn\fP }
-+If set to \fBy\fP, this adds the line
-+.B find_multipaths yes
-+to the
-+.B /etc/multipath.conf
-+defaults section. If set to \fBn\fP, this removes the line, if present. This
-+command can be used aldong with any other command.
-+.SH OPTIONS
-+.TP
-+.B --with_module\fP { \fBy\fP | \fBn\fP }
-+If set to \fBy\fP, this runs
-+.B modprobe dm_multipath
-+to install the multipath modules. This option only works with the
-+.B --enable
-+command. This option is set to \fBy\fP by default.
-+.TP
-+.B --with_multipathd { \fBy\fP | \fBn\fP }
-+If set to \fBy\fP, this runs
-+.B service multipathd start
-+to start the multipathd daemon on \fB--enable\fP,
-+.B service multipathd stop
-+to start the multipathd daemon on \fB--disable\fP, and
-+.B service multipathd reload
-+to reconfigure multipathd on \fB--user_frindly_names\fP and
-+\fB--find_multipaths\fP.
-+This option is set to \fBn\fP by default.
-+.SH FILES
-+.BR /etc/multipath.conf
-+.SH "SEE ALSO"
-+.BR multipath.conf (5),
-+.BR modprobe (8),
-+.BR multipath (8),
-+.BR multipathd (8),
-+.BR service (8),
-+.SH AUTHOR
-+Benjamin Marzinski
diff --git a/sys-fs/multipath-tools/files/fedora/0032-RHBZ-956464-mpathconf-defaults.patch b/sys-fs/multipath-tools/files/fedora/0032-RHBZ-956464-mpathconf-defaults.patch
deleted file mode 100644
index d63c32e2a..000000000
--- a/sys-fs/multipath-tools/files/fedora/0032-RHBZ-956464-mpathconf-defaults.patch
+++ /dev/null
@@ -1,19 +0,0 @@
----
- multipath/mpathconf | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-Index: multipath-tools-130222/multipath/mpathconf
-===================================================================
---- multipath-tools-130222.orig/multipath/mpathconf
-+++ multipath-tools-130222/multipath/mpathconf
-@@ -31,8 +31,8 @@ function usage
- echo "Commands:"
- echo "Enable: --enable "
- echo "Disable: --disable"
-- echo "Set user_friendly_names (Default n): --user_friendly_names "
-- echo "Set find_multipaths (Default n): --find_multipaths "
-+ echo "Set user_friendly_names (Default y): --user_friendly_names "
-+ echo "Set find_multipaths (Default y): --find_multipaths "
- echo "Load the dm-multipath modules on enable (Default y): --with_module "
- echo "start/stop/reload multipathd (Default n): --with_multipathd "
- echo ""
diff --git a/sys-fs/multipath-tools/files/fedora/0034-RHBZ-851416-mpathconf-display.patch b/sys-fs/multipath-tools/files/fedora/0034-RHBZ-851416-mpathconf-display.patch
deleted file mode 100644
index e9e00ceb4..000000000
--- a/sys-fs/multipath-tools/files/fedora/0034-RHBZ-851416-mpathconf-display.patch
+++ /dev/null
@@ -1,53 +0,0 @@
----
- multipath/mpathconf | 21 +++++++++++++++------
- 1 file changed, 15 insertions(+), 6 deletions(-)
-
-Index: multipath-tools-130222/multipath/mpathconf
-===================================================================
---- multipath-tools-130222.orig/multipath/mpathconf
-+++ multipath-tools-130222/multipath/mpathconf
-@@ -159,7 +159,7 @@ if [ -z "$MODULE" -o "$MODULE" = "y" ];
- fi
-
- if [ "$MULTIPATHD" = "y" ]; then
-- if service multipathd status > /dev/null ; then
-+ if /bin/systemctl status multipathd.service > /dev/null 2>&1 ; then
- HAVE_MULTIPATHD=1
- else
- HAVE_MULTIPATHD=0
-@@ -210,8 +210,17 @@ if [ -n "$SHOW_STATUS" ]; then
- echo "dm_multipath module is not loaded"
- fi
- fi
-- if [ -n "$HAVE_MULTIPATHD" ]; then
-- service multipathd status
-+ if [ -z "$HAVE_MULTIPATHD" ]; then
-+ if /bin/systemctl status multipathd.service > /dev/null 2>&1 ; then
-+ HAVE_MULTIPATHD=1
-+ else
-+ HAVE_MULTIPATHD=0
-+ fi
-+ fi
-+ if [ "$HAVE_MULTIPATHD" = 1 ]; then
-+ echo "multipathd is running"
-+ else
-+ echo "multipathd is not running"
- fi
- exit 0
- fi
-@@ -301,12 +310,12 @@ if [ "$ENABLE" = 1 ]; then
- modprobe dm_multipath
- fi
- if [ "$HAVE_MULTIPATHD" = 0 ]; then
-- service multipathd start
-+ systemctl start multipathd.service
- fi
- elif [ "$ENABLE" = 0 ]; then
- if [ "$HAVE_MULTIPATHD" = 1 ]; then
-- service multipathd stop
-+ systemctl stop multipathd.service
- fi
- elif [ -n "$CHANGED_CONFIG" -a "$HAVE_MULTIPATHD" = 1 ]; then
-- service multipathd reload
-+ systemctl reload multipathd.service
- fi
diff --git a/sys-fs/multipath-tools/files/fedora/0078-RHBZ-1054044-fix-mpathconf-manpage.patch b/sys-fs/multipath-tools/files/fedora/0078-RHBZ-1054044-fix-mpathconf-manpage.patch
deleted file mode 100644
index b06b4101f..000000000
--- a/sys-fs/multipath-tools/files/fedora/0078-RHBZ-1054044-fix-mpathconf-manpage.patch
+++ /dev/null
@@ -1,17 +0,0 @@
----
- multipath/mpathconf.8 | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: multipath-tools-130222/multipath/mpathconf.8
-===================================================================
---- multipath-tools-130222.orig/multipath/mpathconf.8
-+++ multipath-tools-130222/multipath/mpathconf.8
-@@ -86,7 +86,7 @@ If set to \fBy\fP, this runs
- .B service multipathd start
- to start the multipathd daemon on \fB--enable\fP,
- .B service multipathd stop
--to start the multipathd daemon on \fB--disable\fP, and
-+to stop the multipathd daemon on \fB--disable\fP, and
- .B service multipathd reload
- to reconfigure multipathd on \fB--user_frindly_names\fP and
- \fB--find_multipaths\fP.
diff --git a/sys-fs/multipath-tools/files/fedora/0102-RHBZ-1160478-mpathconf-template.patch b/sys-fs/multipath-tools/files/fedora/0102-RHBZ-1160478-mpathconf-template.patch
deleted file mode 100644
index 3c0e44346..000000000
--- a/sys-fs/multipath-tools/files/fedora/0102-RHBZ-1160478-mpathconf-template.patch
+++ /dev/null
@@ -1,52 +0,0 @@
----
- multipath/mpathconf | 26 ++++++++++++++++++++------
- 1 file changed, 20 insertions(+), 6 deletions(-)
-
-Index: multipath-tools-130222/multipath/mpathconf
-===================================================================
---- multipath-tools-130222.orig/multipath/mpathconf
-+++ multipath-tools-130222/multipath/mpathconf
-@@ -19,10 +19,27 @@
-
- unset ENABLE FIND FRIENDLY MODULE MULTIPATHD HAVE_DISABLE HAVE_FIND HAVE_BLACKLIST HAVE_DEFAULTS HAVE_FRIENDLY HAVE_MULTIPATHD HAVE_MODULE SHOW_STATUS CHANGED_CONFIG
-
--DEFAULT_CONFIGFILE="/usr/share/doc/device-mapper-multipath-0.4.9/multipath.conf"
-+DEFAULT_CONFIG="# device-mapper-multipath configuration file
-+
-+# For a complete list of the default configuration values, run either:
-+# # multipath -t
-+# or
-+# # multipathd show config
-+
-+# For a list of configuration options with descriptions, see the
-+# multipath.conf man page.
-+
-+# For an example configuration file, see:
-+# /user/share/doc/device-mapper-multipath/multipath.conf
-+
-+defaults {
-+ user_friendly_names yes
-+ find_multipaths yes
-+}"
-+
- CONFIGFILE="/etc/multipath.conf"
- MULTIPATHDIR="/etc/multipath"
--TMPFILE=/etc/multipath/.multipath.conf.tmp
-+TMPFILE="/etc/multipath/.multipath.conf.tmp"
-
- function usage
- {
-@@ -134,12 +151,9 @@ if [ ! -d "$MULTIPATHDIR" ]; then
- fi
-
- rm $TMPFILE 2> /dev/null
-+echo "$DEFAULT_CONFIG" > $TMPFILE
- if [ -f "$CONFIGFILE" ]; then
- cp $CONFIGFILE $TMPFILE
--elif [ -f "$DEFAULT_CONFIGFILE" ]; then
-- cp $DEFAULT_CONFIGFILE $TMPFILE
--else
-- touch $TMPFILE
- fi
-
- if grep -q "^blacklist[[:space:]]*{" $TMPFILE ; then
diff --git a/sys-fs/multipath-tools/files/multipath-tools-0.5.0-makefile.patch b/sys-fs/multipath-tools/files/multipath-tools-0.5.0-makefile.patch
deleted file mode 100644
index 691b13873..000000000
--- a/sys-fs/multipath-tools/files/multipath-tools-0.5.0-makefile.patch
+++ /dev/null
@@ -1,200 +0,0 @@
---- multipath-tools-0.5.0/kpartx/Makefile
-+++ multipath-tools-0.5.0/kpartx/Makefile
-@@ -12,7 +12,7 @@
- CFLAGS += -DLIBDM_API_COOKIE
- endif
-
--LDFLAGS = -ldevmapper
-+LIBS = -ldevmapper
- OBJS = bsd.o dos.o kpartx.o solaris.o unixware.o dasd.o sun.o \
- gpt.o mac.o ps3.o crc32.o lopart.o xstrncpy.o devmapper.o
- EXEC = kpartx
-@@ -20,8 +20,7 @@
- all: $(EXEC)
-
- $(EXEC): $(OBJS)
-- $(CC) $(OBJS) -o $(EXEC) $(LDFLAGS)
-- $(GZIP) $(EXEC).8 > $(EXEC).8.gz
-+ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o $(EXEC)
-
- install: $(EXEC) $(EXEC).8
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(bindir)
-@@ -29,14 +28,15 @@
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(libudevdir)
- $(INSTALL_PROGRAM) -m 755 kpartx_id $(DESTDIR)$(libudevdir)
- $(INSTALL_PROGRAM) -d $(DESTDIR)/etc/udev/rules.d
-- $(INSTALL_PROGRAM) -m 644 kpartx.rules $(DESTDIR)/etc/udev/rules.d/
-+ $(INSTALL_PROGRAM) -m 644 kpartx.rules $(DESTDIR)/etc/udev/rules.d/66-kpartx.rules
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(mandir)
-- $(INSTALL_PROGRAM) -m 644 $(EXEC).8.gz $(DESTDIR)$(mandir)
-+ $(INSTALL_PROGRAM) -m 644 $(EXEC).8 $(DESTDIR)$(mandir)
-
- uninstall:
- rm -f $(DESTDIR)$(bindir)/$(EXEC)
-- rm -f $(DESTDIR)$(mandir)/$(EXEC).8.gz
-+ rm -f $(DESTDIR)$(mandir)/$(EXEC).8
- rm -f $(DESTDIR)$(libudevdir)/kpartx_id
-+ rm -f $(DESTDIR)/etc/udev/rules.d/66-kpartx.rules
-
- clean:
-- rm -f core *.o $(EXEC) *.gz
-+ rm -f core *.o $(EXEC)
---- multipath-tools-0.5.0/libmpathpersist/Makefile
-+++ multipath-tools-0.5.0/libmpathpersist/Makefile
-@@ -22,8 +22,6 @@
- $(CC) -Wall -fPIC -c $(CFLAGS) *.c
- $(CC) -shared $(LIBDEPS) -Wl,-soname=$@ $(CFLAGS) -o $@ $(OBJS)
- ln -s $(LIBS) $(DEVLIB)
-- $(GZIP) mpath_persistent_reserve_in.3 > mpath_persistent_reserve_in.3.gz
-- $(GZIP) mpath_persistent_reserve_out.3 > mpath_persistent_reserve_out.3.gz
-
- install: $(LIBS)
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(syslibdir)
-@@ -31,19 +29,17 @@
- $(INSTALL_PROGRAM) -m 755 -d $(DESTDIR)$(syslibdir)
- $(INSTALL_PROGRAM) -m 755 -d $(DESTDIR)$(man3dir)
- $(INSTALL_PROGRAM) -m 755 -d $(DESTDIR)/usr/include/
-- $(INSTALL_PROGRAM) -m 755 -d $(DESTDIR)/usr/share/doc/mpathpersist/
-- ln -sf $(DESTDIR)$(syslibdir)/$(LIBS) $(DESTDIR)$(syslibdir)/$(DEVLIB)
-- install -m 644 mpath_persistent_reserve_in.3.gz $(DESTDIR)$(man3dir)
-- install -m 644 mpath_persistent_reserve_out.3.gz $(DESTDIR)$(man3dir)
-- install -m 644 mpath_persist.h $(DESTDIR)/usr/include/
-+ $(INSTALL_PROGRAM) -m 644 mpath_persistent_reserve_in.3 $(DESTDIR)$(man3dir)
-+ $(INSTALL_PROGRAM) -m 644 mpath_persistent_reserve_out.3 $(DESTDIR)$(man3dir)
-+ $(INSTALL_PROGRAM) -m 644 mpath_persist.h $(DESTDIR)/usr/include/
-
- uninstall:
- rm -f $(DESTDIR)$(syslibdir)/$(LIBS)
-- rm $(DESTDIR)$(mandir)/mpath_persistent_reserve_in.3.gz
-- rm $(DESTDIR)$(mandir)/mpath_persistent_reserve_out.3.gz
-+ rm $(DESTDIR)$(mandir)/mpath_persistent_reserve_in.3
-+ rm $(DESTDIR)$(mandir)/mpath_persistent_reserve_out.3
-
- clean:
- rm -f core *.a *.o
- rm -f libmpathpersist.so.0
- rm -f libmpathpersist.so
-- rm -f mpath_persistent_reserve_in.3.gz mpath_persistent_reserve_out.3.gz
-+ rm -f mpath_persistent_reserve_in.3 mpath_persistent_reserve_out.3
---- multipath-tools-0.5.0/Makefile.inc
-+++ multipath-tools-0.5.0/Makefile.inc
-@@ -48,8 +48,8 @@
- RPM_OPT_FLAGS = -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4
- endif
-
--OPTFLAGS = $(RPM_OPT_FLAGS) -Wunused -Wstrict-prototypes
--CFLAGS = $(OPTFLAGS) -fPIC -DLIB_STRING=\"${LIB}\"
-+OPTFLAGS = -Wall -Wunused -Wstrict-prototypes
-+CFLAGS += $(OPTFLAGS) -fPIC -DLIB_STRING=\"${LIB}\"
- SHARED_FLAGS = -shared
-
- %.o: %.c
---- multipath-tools-0.5.0/mpathpersist/Makefile
-+++ multipath-tools-0.5.0/mpathpersist/Makefile
-@@ -13,18 +13,17 @@
-
- $(EXEC): $(OBJS)
- $(CC) -g $(OBJS) -o $(EXEC) $(LDFLAGS) $(CFLAGS)
-- $(GZIP) $(EXEC).8 > $(EXEC).8.gz
-
- install:
- install -d $(DESTDIR)$(bindir)
- install -m 755 $(EXEC) $(DESTDIR)$(bindir)/
- install -d $(DESTDIR)$(mandir)
-- install -m 644 $(EXEC).8.gz $(DESTDIR)$(mandir)
-+ install -m 644 $(EXEC).8 $(DESTDIR)$(mandir)
-
- clean:
- rm -f *.o $(EXEC)
-- rm -f mpathpersist.8.gz
-+ rm -f mpathpersist.8
-
- uninstall:
- rm $(DESTDIR)$(bindir)/$(EXEC)
-- rm $(DESTDIR)$(mandir)/$(EXEC).8.gz
-+ rm $(DESTDIR)$(mandir)/$(EXEC).8
---- multipath-tools-0.5.0/multipath/Makefile
-+++ multipath-tools-0.5.0/multipath/Makefile
-@@ -7,29 +7,27 @@
- OBJS = main.o
-
- CFLAGS += -I$(multipathdir)
--LDFLAGS += -lpthread -ldevmapper -ldl -L$(multipathdir) -lmultipath -ludev
-+LIBS += -lpthread -ldevmapper -ldl -L$(multipathdir) -lmultipath -ludev
-
- EXEC = multipath
-
- all: $(EXEC)
-
- $(EXEC): $(OBJS)
-- $(CC) $(CFLAGS) $(OBJS) -o $(EXEC) $(LDFLAGS)
-- $(GZIP) $(EXEC).8 > $(EXEC).8.gz
-- $(GZIP) $(EXEC).conf.5 > $(EXEC).conf.5.gz
-+ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o $(EXEC)
-
- install:
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(bindir)
- $(INSTALL_PROGRAM) -m 755 $(EXEC) $(DESTDIR)$(bindir)/
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(mandir)
-- $(INSTALL_PROGRAM) -m 644 $(EXEC).8.gz $(DESTDIR)$(mandir)
-+ $(INSTALL_PROGRAM) -m 644 $(EXEC).8 $(DESTDIR)$(mandir)
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(man5dir)
-- $(INSTALL_PROGRAM) -m 644 $(EXEC).conf.5.gz $(DESTDIR)$(man5dir)
-+ $(INSTALL_PROGRAM) -m 644 $(EXEC).conf.5 $(DESTDIR)$(man5dir)
-
- uninstall:
- rm $(DESTDIR)$(bindir)/$(EXEC)
-- rm $(DESTDIR)$(mandir)/$(EXEC).8.gz
-- rm $(DESTDIR)$(man5dir)/$(EXEC).conf.5.gz
-+ rm $(DESTDIR)$(mandir)/$(EXEC).8
-+ rm $(DESTDIR)$(man5dir)/$(EXEC).conf.5
-
- clean:
-- rm -f core *.o $(EXEC) *.gz
-+ rm -f core *.o $(EXEC)
---- multipath-tools-0.5.0/multipathd/Makefile
-+++ multipath-tools-0.5.0/multipathd/Makefile
-@@ -9,11 +9,11 @@
- ifdef SYSTEMD
- CFLAGS += -DUSE_SYSTEMD=$(SYSTEMD)
- endif
--LDFLAGS += -lpthread -ldevmapper -lreadline
-+LIBS += -lpthread -ldevmapper -lreadline
- ifdef SYSTEMD
-- LDFLAGS += -lsystemd-daemon
-+ LIBS += -lsystemd-daemon
- endif
--LDFLAGS += -ludev -ldl \
-+LIBS += -ludev -ldl \
- -L$(multipathdir) -lmultipath -L$(mpathpersistdir) -lmpathpersist
-
- #
-@@ -35,8 +35,7 @@
- all : $(EXEC)
-
- $(EXEC): $(OBJS)
-- $(CC) $(CFLAGS) $(OBJS) $(LDFLAGS) -o $(EXEC)
-- $(GZIP) $(EXEC).8 > $(EXEC).8.gz
-+ $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(LIBS) -o $(EXEC)
-
- install:
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(bindir)
-@@ -48,15 +47,15 @@
- $(INSTALL_PROGRAM) -m 644 $(EXEC).socket $(DESTDIR)$(unitdir)
- endif
- $(INSTALL_PROGRAM) -d $(DESTDIR)$(mandir)
-- $(INSTALL_PROGRAM) -m 644 $(EXEC).8.gz $(DESTDIR)$(mandir)
-+ $(INSTALL_PROGRAM) -m 644 $(EXEC).8 $(DESTDIR)$(mandir)
-
- uninstall:
- rm -f $(DESTDIR)$(bindir)/$(EXEC)
- rm -f $(DESTDIR)$(rcdir)/$(EXEC)
-- rm -f $(DESTDIR)$(mandir)/$(EXEC).8.gz
-+ rm -f $(DESTDIR)$(mandir)/$(EXEC).8
- rm -f $(DESTDIR)$(unitdir)/$(EXEC).service
- rm -f $(DESTDIR)$(unitdir)/$(EXEC).socket
-
- clean:
-- rm -f core *.o $(EXEC) *.gz
-+ rm -f core *.o $(EXEC)
-
diff --git a/sys-fs/multipath-tools/files/multipath-tools-0.5.0-systemd-pkgconfig.patch b/sys-fs/multipath-tools/files/multipath-tools-0.5.0-systemd-pkgconfig.patch
deleted file mode 100644
index d75f84136..000000000
--- a/sys-fs/multipath-tools/files/multipath-tools-0.5.0-systemd-pkgconfig.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -ru multipath-tools-0.5.0/libmultipath/Makefile multipath-tools-0.5.0-modified/libmultipath/Makefile
---- multipath-tools-0.5.0/libmultipath/Makefile 2013-12-17 22:40:41.000000000 +0100
-+++ multipath-tools-0.5.0-modified/libmultipath/Makefile 2014-03-07 04:03:45.963309627 +0100
-@@ -9,7 +9,7 @@
- LIBS = $(DEVLIB).$(SONAME)
- LIBDEPS = -lpthread -ldl -ldevmapper -ludev
- ifdef SYSTEMD
-- LIBDEPS += -lsystemd-daemon
-+ LIBDEPS += $(shell pkg-config --libs libsystemd 2>/dev/null || pkg-config --libs libsystemd-daemon 2>/dev/null)
- endif
-
- OBJS = memory.o parser.o vector.o devmapper.o callout.o \
-diff -ru multipath-tools-0.5.0/multipathd/Makefile multipath-tools-0.5.0-modified/multipathd/Makefile
---- multipath-tools-0.5.0/multipathd/Makefile 2014-03-07 04:05:09.340307633 +0100
-+++ multipath-tools-0.5.0-modified/multipathd/Makefile 2014-03-07 04:04:03.555309206 +0100
-@@ -11,7 +11,7 @@
- endif
- LIBS += -lpthread -ldevmapper -lreadline
- ifdef SYSTEMD
-- LIBS += -lsystemd-daemon
-+ LIBS += $(shell pkg-config --libs libsystemd 2>/dev/null || pkg-config --libs libsystemd-daemon 2>/dev/null)
- endif
- LIBS += -ludev -ldl \
- -L$(multipathdir) -lmultipath -L$(mpathpersistdir) -lmpathpersist
diff --git a/sys-fs/multipath-tools/files/multipath.rc b/sys-fs/multipath-tools/files/multipath.rc
deleted file mode 100644
index 68f8d5edb..000000000
--- a/sys-fs/multipath-tools/files/multipath.rc
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-depend() {
- before checkfs fsck multipathd lvm
- after modules device-mapper
-}
-
-start() {
- if ! grep -qs device-mapper /proc/devices /proc/misc ; then
- [ -e /proc/modules ] && modprobe -q dm-mod
- fi
-
- ebegin "Activating Multipath devices"
- multipath -v0 >/dev/null
- eend $?
-}
-
-stop() {
- ebegin "Shutting down Multipath devices"
- multipath -v0 -F >/dev/null
- eend $?
-}
-
-# vim:ts=4
diff --git a/sys-fs/multipath-tools/files/rc-multipathd b/sys-fs/multipath-tools/files/rc-multipathd
deleted file mode 100644
index aba0c2462..000000000
--- a/sys-fs/multipath-tools/files/rc-multipathd
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-depend() {
- need localmount
- after modules
-}
-
-start() {
- ebegin "Starting multipathd"
- start-stop-daemon --start --quiet --exec /sbin/multipathd
- eend $?
-}
-
-stop() {
- ebegin "Stopping multipathd"
- start-stop-daemon --stop --quiet --pidfile /var/run/multipathd.pid
- eend $?
-}
diff --git a/sys-fs/multipath-tools/metadata.xml b/sys-fs/multipath-tools/metadata.xml
deleted file mode 100644
index 56c124413..000000000
--- a/sys-fs/multipath-tools/metadata.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
- base-system@gentoo.org
- Gentoo Base System
-
-
diff --git a/sys-fs/multipath-tools/multipath-tools-0.5.0-r99.ebuild b/sys-fs/multipath-tools/multipath-tools-0.5.0-r99.ebuild
deleted file mode 100644
index 38e7124a7..000000000
--- a/sys-fs/multipath-tools/multipath-tools-0.5.0-r99.ebuild
+++ /dev/null
@@ -1,83 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=4
-inherit eutils systemd toolchain-funcs udev
-
-DESCRIPTION="Device mapper target autoconfig"
-HOMEPAGE="http://christophe.varoqui.free.fr/"
-SRC_URI="http://christophe.varoqui.free.fr/${PN}/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~arm64 ~ia64 ppc ppc64 ~sparc x86"
-IUSE="systemd"
-
-RDEPEND=">=sys-fs/lvm2-2.02.45
- >=virtual/udev-171
- dev-libs/libaio
- sys-libs/readline
- systemd? ( sys-apps/systemd )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig"
-
-src_prepare() {
- epatch "${FILESDIR}"/${P}-makefile.patch
- epatch "${FILESDIR}"/${P}-systemd-pkgconfig.patch
-
- # Anaconda 22 (Sabayon installer) patches.
- local fedoradir="${FILESDIR}/fedora"
- local fedora_patches=(
- "0001-RH-dont_start_with_no_config.patch"
- "0002-RH-multipath.rules.patch"
- "0004-RH-multipathd-blacklist-all-by-default.patch"
- "0005-RH-add-mpathconf.patch"
- "0032-RHBZ-956464-mpathconf-defaults.patch"
- "0034-RHBZ-851416-mpathconf-display.patch"
- "0078-RHBZ-1054044-fix-mpathconf-manpage.patch"
- "0102-RHBZ-1160478-mpathconf-template.patch"
- )
- for p in "${fedora_patches[@]}"; do
- epatch "${fedoradir}/${p}"
- done
-
- epatch_user
-}
-
-src_compile() {
- # LIBDM_API_FLUSH involves grepping files in /usr/include,
- # so force the test to go the way we want #411337.
- emake LIBDM_API_FLUSH=1 CC="$(tc-getCC)" SYSTEMD=$(usex systemd 1 "")
-}
-
-src_install() {
- local udevdir="$(get_udevdir)"
-
- dodir /sbin /usr/share/man/man8
- emake \
- DESTDIR="${D}" \
- SYSTEMD=$(usex systemd 1 "") \
- unitdir="$(systemd_get_unitdir)" \
- libudevdir='${prefix}'/"${udevdir}" \
- install
-
- insinto /etc
- newins "${S}"/multipath.conf.annotated multipath.conf
- # /etc/udev is reserved for user modified rules!
- mv "${D}"/etc/udev/rules.d/* "${D}/${udevdir}"/rules.d/ || die
- dodir /etc/multipath # fedora: this must exist
- fperms 644 "${udevdir}"/rules.d/66-kpartx.rules
- newinitd "${FILESDIR}"/rc-multipathd multipathd
- newinitd "${FILESDIR}"/multipath.rc multipath
-
- dodoc multipath.conf.* AUTHOR ChangeLog FAQ
- docinto kpartx
- dodoc kpartx/ChangeLog kpartx/README
-}
-
-pkg_postinst() {
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog "If you need multipath on your system, you must"
- elog "add 'multipath' into your boot runlevel!"
- fi
-}
diff --git a/www-client/firefox/Manifest b/www-client/firefox/Manifest
deleted file mode 100644
index 0dcfc63bd..000000000
--- a/www-client/firefox/Manifest
+++ /dev/null
@@ -1,93 +0,0 @@
-DIST firefox-78.0-patches-05.tar.xz 31096 BLAKE2B 83915ede6e9dc2241f6c72eb41f1ba9e26d70cb1f968bc6f3506aa4596d282f6c9a433ce5151c1e0e69dc8343bcd17ed517db5ad5990f744362cc80c50154886 SHA512 4cc967dbdd0c76000ce565d85064884b7040e1f50fba830203256d06a6ee1f8004f4e64682b98fbfb5580254d67e8984b19ec34cee2c3d85190a8f214b05afa2
-DIST firefox-78.0.2-ach.xpi 500654 BLAKE2B bf3fef912634343b67525a5e7c9c0d655ed4a29ed18d526d4a700e84051e7bf44f2198dfdefd1f2bfcf988fd28473737fd268fbbf8b2fb6dce1c513e2d28c18e SHA512 56d25bb5a42959516ef75eb7f6d04f20dc003de69febea872706a4ae1d48115ba42ea678c84f9cf8685cda12268475916337fded23498bdf90eafbbafb553fcd
-DIST firefox-78.0.2-af.xpi 444068 BLAKE2B a152864485b8d31194851de9360c8665ff0ee67c0c2e20aa685249c9bcda4ba066dfb1c0974586adead9e4cabdd3f8866ed4f5120955bc830229738cfd38addc SHA512 5016b0f236f9b1943409dd50c562235cb742eec78957eeda5bb6d154ba7c901d97342ae91fbebf7f0d5615ea6a311deaa23bd5a45fd24159c3fc3c58216b3aa2
-DIST firefox-78.0.2-an.xpi 511452 BLAKE2B 7aab5c2295d471d1c8c349286f7c9d3adb36c19feee3e2833916f9c283c5e0a168ab82846ff07c18aee3cd9ada3815db932e7e2bbd6b05dc19e4563239854beb SHA512 de59618a6761cb4961ffc215b159eb1a104d17f995e471b7ffe6051143ec8617ed8d0e884ae80d9465985483d2e63ec650346a2daee3733d97a6620133ccc274
-DIST firefox-78.0.2-ar.xpi 588704 BLAKE2B ad32738e1367a0352d9d4005d4ae7fc3cf30ad75c0d921dbe058b522d25294e6d1261d54be1068afcbec3726dd3f1d4f3c1f1b16c28f528aa22668b87ec23cf6 SHA512 a59080b98b5ec91a3b887b3756653a3ef291489cb55c5e9b26e76cafc5f95e1f64724fdf9e7a120ae65a9bfabcc93553ce4ed88e0755c87ec261d789034e2952
-DIST firefox-78.0.2-ast.xpi 500545 BLAKE2B 3d9ef360d8f344a2bf5c3af560d400d1ebd4aed0d5588c7e2249be886cce23b5cc8a62abd731841c10ec4766d8c76473edb08b11fd83d8f8b345390e7ef1963d SHA512 30b5192cd7d4e4ab4de8fd60429ce69d402dbd7cb698c29c9d3e30ce3fb68d0e4798c3ec472b279d334d93937eddd5f2e55769f08a35a773ce06cd134037e403
-DIST firefox-78.0.2-az.xpi 537587 BLAKE2B ed9ad6093f5921c74d1dc32447074aceab2f730c7daa9cc96e71daca75ed622386f51f4a998d22bf404483d722bb93603f11cc38fdcfb5a6208f7f7b6d6ead8d SHA512 3e1025ba841b8337cd2315c0e50d3f3557e574a1238deaf8d6971a9280e36c76eb27b3548e6e61c8c6a201346b38d1bff6c1c2fde5d85dd4c33d67c79e649eec
-DIST firefox-78.0.2-be.xpi 647660 BLAKE2B 94cba38257d7134d6e90458d5a9c0743904d03aa9fe2587f26ec1cb4de6aee210a231e68fcf9dd16168fe0a4937363eafc83775b62f4f0178e2ef5ce5e0ed3d0 SHA512 ebc88638d682980a33d700cdc5847738dde59b4b0c52e2bb2bd1d707b2a75082fa0252d56f97079db2230bfd6951c237724cda4d856ead64c5adf25fff78eaca
-DIST firefox-78.0.2-bg.xpi 608528 BLAKE2B faeff122e24a31da06908b608bbe34687bf86914eeb919edfffb474d01a51b521018f7be1d861e6e6f39b4d1cbcf82f564d04c443bc13c10124ab5fcb0901e7c SHA512 831c99c9740970c65c28b722d52e46ff170650a0e960289e3595930a1d6b528678115f2361a7616d788047e7d6946a3720f4b7d00ce4dfa1709298b95011ebfe
-DIST firefox-78.0.2-bn.xpi 634051 BLAKE2B 771e24876f879dbc9dffd865e88531ea1859d6e1dc934c9c8ce42265ac83287f703d18851c90093813c5851cf5be96dd223242b86ce7e1f67781ea8d285f8058 SHA512 1ac4ac6fc9ef06b5ee2e1e5b44ee219130d83ab01e9c5c3bc24e23ad14bfd325c4dc499d5546da2b09ab9b646f9e32b0e60944086cb3f7f9ad514d760014f5fd
-DIST firefox-78.0.2-br.xpi 551260 BLAKE2B f0b294801629c30396066fc4ec18828bde623d00149f3325d3d5e79e51976d5ef5e8d3b2d1bba972afd76211b0b20128594df20f807435b52f8ed6bb54b81fb4 SHA512 45cb812e6e99bc9072e0a5485e7c896a4de93c5b43ca2fccc06c16ab1b13adb31814698bd95da9379f02322cf54e440419b161e02f8757e21a94198cec972bb1
-DIST firefox-78.0.2-bs.xpi 506403 BLAKE2B 68c341502fcbe46b2e18cb6e1265100eef7c0a9ea7b4b3af0f10e88a748dee3a3048bdd5cdcac6049de9026e2617e17b2ca98afba6c96681fc927224fb8335ee SHA512 cda85620feaa917b5da0aad97c9224d374cfcb2586c6dd8328fd15ebba5ef34f42dc3b12e565497784c97d369865d717a4541bbd8e2b7ec838cee67a96cec5ba
-DIST firefox-78.0.2-ca.xpi 552876 BLAKE2B c303bf42c811e9342443bee4f8554fd6545e423d809e2108b26fcb3ec67ffaab1906f4b7c3e8f6d3d97386726bcb6bd62fce1d2c924eeb5d32d221f18b4616dd SHA512 efd8f86b2d32212acaa8078afdb414b921539245d89c38d0e149bde028e77fa3de8b0407f86858b1a4c04bbb5dc1b11547640e2d6564a0265cec8c0c536fd93c
-DIST firefox-78.0.2-cak.xpi 584936 BLAKE2B 96aff08f88471dad243324a89be76275efb77e4acb0ef928aa0610f9b073a290f78cb809ddb8c67232a1f6e3c4cf156506fad4e48194dbf16450b883b94757ee SHA512 1201d00af5a9e929fb805781b833937526ad82f526355ba90f5b808306a1d164984446215610e40d1224da96c8ce96ace5e4abbad1cc0b33d362eea78dbcc47a
-DIST firefox-78.0.2-cs.xpi 585532 BLAKE2B 24d98e1f78a55e10bba9164469c69b559ec1173702d06f3f74475ef35ec09f7b2acfa2dc17bd94c76a3704c1a503e20272bf1d7060ce61f26b84ec98d97988c3 SHA512 59f324ff33fd2aec7380450a1486f6cc68f1043038911ea0e643dc1eea8fb5298f93dec84f9ef2a144a3d1564b2dd1d90c0bbec3cdb89cf15c442523c3b619f3
-DIST firefox-78.0.2-cy.xpi 563238 BLAKE2B 751eceac9a46898953237bb3b454b6f9b0dc3aa69026184f81d4708e0fa8bb9ab1a5b42b3ee955defbc99677347597925ed60066f80ec50e453bd0ace4bbf03f SHA512 506f17cdd27d07a1b0179d67d14f0f1d5cb04e99e9141b5de32305924dc1e51de7f9f60a2ddbf1d6c5398554fc90eb057728b1914367e3a7409320bff09e043c
-DIST firefox-78.0.2-da.xpi 552310 BLAKE2B 89aee395a0c361920593bf3cd64c373d51bde5bb2dfc004ff11ff36a8d0f294e78d0e5bd3cd722d328d118e7337a5ee4ac815a3d6436ea5a57d415f995bfdba0 SHA512 1186aed12d1d5e6fa7578265dd20d0feeceb828ec8086f792c0c26a1b41c15755ca843a279d3e89719cb1a0255b339436c2b3448c38e726e3a10bd3847798830
-DIST firefox-78.0.2-de.xpi 576941 BLAKE2B 740e753f229591cdc43ea2eb2540d97fd73007a125a567c1a45c488747cb81ce1ecf08d1004c2e8077e39e3af97b45d00d524133d3f833276c933ce47036ea3d SHA512 5aea079772ff90cb251438e9f81de49b982d4faa967003d5c275984764f2b5622ea10fbd78a4950aeae1192efc418c2811a8208cdb90691e187704624ca82270
-DIST firefox-78.0.2-dsb.xpi 589026 BLAKE2B 863f6121517ba0b67ee302fbc10a6484e6bd1c12c7ec1363884dd149b83eeab534c8568c41f38c0c1ad3c5e2c632151bb2cede2a6a17295ffa98dd056067187f SHA512 70fe776e536d5af95d33b43bd56037be7d3905580ae26326a7235e2f7b9a2c9a9453d3bf2275852a4eda17397715448740fa84b49a1d3efaa4501bc8ae089179
-DIST firefox-78.0.2-el.xpi 665908 BLAKE2B 39045be9285e56e266de62a4e236789608cf8d72ecb25b54882a53e2f1ef63fc8eedaececed828f37cde68475ec98504eced6eaa274019eaaf8b33144bf4e81a SHA512 06a7b514a982cbfcbedf011bec5d964fffeb3c8257a2f59b0707b1793a818ac141cca48ae8f4cc00a02801012b4aca0e805b8a63b21b715b11cd2bf62c764cc5
-DIST firefox-78.0.2-en-CA.xpi 531414 BLAKE2B ca255e92547ea23cf073f8ccab14118a143bd5bde95d4e45392c6b10a5c155e690829afa049ce0ccce5d7bd32ac150113dc1c06bd03a0428130be7f67beb6dab SHA512 0e5fcb1ebdf4ee4eb8b66d7f8e778eedf3347e99cda6e2e7a822ad305cbefabba1306d9b2d363f2d3ca3eed8f29629a77472b0cafd960e7a33265c8a6ef5ae3e
-DIST firefox-78.0.2-en-GB.xpi 531200 BLAKE2B aee748ec0373c527836bb102378e32f500b9f4e10e3f8af86d61c8f2add4c00a948bd5a4814e7bfde010a7aecaf28e48fd28401a8bf40ed593f547c171e425b6 SHA512 193685743085bfcc648e23f282386d8076f5dd374546304db32299c0dedf103b452a20ffd9f2e684868060474f6f8db66a053dfb5feec6d244e0a8a7ca42f83d
-DIST firefox-78.0.2-eo.xpi 558624 BLAKE2B 5408b11170083a2df48b5dc46da823ad8bad3b715486297884e4015644c81782569b4630ed689f82597d0eba12ce27149b786c05291f5afb45f45e3d7224db26 SHA512 21a313af6d8667e75593a15f24b09a0ae8e86381a03c8e62a026e2e3dd7b39879d9aa964859ac555cdb4ff3bdf77d7cd62b8086b0f6a2cf84d5610af924851eb
-DIST firefox-78.0.2-es-AR.xpi 568400 BLAKE2B 9a6a1ccac9cd2860ff190bfa1bb489faf15f544229db58901e365df7ab2a1722ac2b2e9c8accb361fa5e5f498d88f078f554344a873adc2ad7a7909f5430d462 SHA512 ce789af837d6fdef6b52bd63f7421f8c705edc4b29d7e7725c765caa6478c7f66f013a8fea8546df03f5009702f5984f6a380b8ead4faad4f72a1a22d3de7846
-DIST firefox-78.0.2-es-CL.xpi 567594 BLAKE2B 8a0a9b6e505934da7585af91911a1baf340624fe479e26e7150d6d4982041e9dc0380bdf68cbd771967fc258df8dacccbbc888928e7901a9af5db5096228e76f SHA512 b5cf4dddda9cadf361d9d921612d4d3a0fae200d345dab2be4bc2d9e7db88b782369cf2017d7ac9b0e67731629322fb8d34e760c400aeee91ce63e6418cb858b
-DIST firefox-78.0.2-es-ES.xpi 551510 BLAKE2B 8692a853c97731e8a0922a24b4b6a330232237a1377d615230e1c6ed9efe639a052561190a354515a9e29e881df4d71f739f75db866dab4837b1988953f41115 SHA512 66ed66bae2ca78cb48058fcd160b56a72e0249141ad5503f460be1f2eb71db25a8b1100e2a98961d51b3c8d5ee4a4dcad92726121fe2ebde539eb39f45b803aa
-DIST firefox-78.0.2-es-MX.xpi 569783 BLAKE2B b9732c562722821a5c4315f8cc73d01966a7a53fce60c68fb0369fdc26a8f72f43794bcc114c2c117e92fa3b7d87d0931dd7e2577b15bacddff66cca14d623f5 SHA512 2fc5d3d149798ef26ac06fd4f5b24a006d1820c3f955b7b1611fd1db1884e27b58edd2c6c9dd497a236d34e40f5746365a8f23ded196e666bd43e730e8f1c895
-DIST firefox-78.0.2-et.xpi 535625 BLAKE2B e03a9aba686730a6b7bd99793a73fa57091327dc4a501b089336cee7e225aa2ac9309d2473f548f05a7d9d1f0773be905b25f7581cd65ca926b31ad53f7308a1 SHA512 1eb284ba0724d10e560532bce88736055139cd5bc2216b00e46b22ceaa7712d7480facd256051a1db2cdb02e70234f2dba0528e872e74bd22c850a927e5f04f0
-DIST firefox-78.0.2-eu.xpi 556806 BLAKE2B c369e66a2346ca648cc12ee7cd295edebf2ffb2339e49aa171c4226c0bd7f6b4ae9a6ae366b0421a5bee9d7efdd4c2d0cd5dc511afbe889615aae21864726851 SHA512 e65dbe91cbf945cfc52a76056eee872377d3348c899b07019b052c719c4baec0b9b1eecb84ccd4144cb62fdc24678f37e6d4ed2af36de370238d8d8aa9d02b71
-DIST firefox-78.0.2-fa.xpi 593505 BLAKE2B 1ade6b88b0d490c65b2681af3872357659567365e471a85231acfc65d0410a0635890ef7fcbba18f24e8e7892ee26c53053a3c19a159e380a4f324936bbbbca5 SHA512 3e4579f4d967daf23174471dc56e2e0da0273cf9379762c5a93d58e26e3a67add825ec8b2cd56be87368f2cb5160fad9bf7b351af134f2c31df95ad40ec5b6d6
-DIST firefox-78.0.2-ff.xpi 531570 BLAKE2B 2a36f227bd161f1fcb7687aacd0e0d5580437157cadc312f9bc960644821b3d8af76cfa5553c3af1074d4e568eab345dbe5cb87f5a810c945d8f8808892a5148 SHA512 b6e1a5c0d79b38527e1c6bc07d10c27aab295da1f4537dba24a8caa98aea78a1e2c865600d3cdf64c4f0bc47fc2c2a401c99bd2123c6fafcfbcb4ed3036d8287
-DIST firefox-78.0.2-fi.xpi 554032 BLAKE2B cef6e2c318e4f28fe23f2ef3407da2778f123c709a3db96cc745e4c6d056d34755193c8b22a6c477ef914e38b0603a34e7b22142bef5a533cbd87e95aa653b1e SHA512 006ad38ce02fdee352399a36db99be98fba454f5c283b02c522438a49837a9eb1d3574210b32f816a058e26c7459b3cf401d9548f259690ae4a2e74e31b11728
-DIST firefox-78.0.2-fr.xpi 580680 BLAKE2B 079558908e869e27ca1e8f158585c0b8b49f3bae983f8469f52515222baf3dc4bedd58c192b752d6e84b8b9a2a5c088eadb9cfa5262db783abf028ba8993b6cb SHA512 c856e5533955f1827846b3cf1f859299eb346989c517b4cc7913a099d33b9bbb49e62f626a69b0d2ec08511dea46e879de76d09dfc579fa0cbe65b5aa803a5ea
-DIST firefox-78.0.2-fy-NL.xpi 565456 BLAKE2B 0bc5446f7a6e0e4ea90fb871f1121f67aa6c20bd93805aecfcab3313dce826f5714a0f9a0e35144c44903a40bb8ebee53c8555b1e2e883b6a63f1584aa3a6de6 SHA512 4d39f8ae90916f87a178c59dd98ed0f41d496b5aafa4e106365cd4b4f6b55acb35d7446e16be59dea5e293f5832af8d3c77fbc9500e7c262d8a71cd443a18f92
-DIST firefox-78.0.2-ga-IE.xpi 514579 BLAKE2B 8bd6ec1c5416616332e09ca4073a0f4587524728762f00fd0365706b967be69ecfd2d952c5420e0a902264676bfe0e0245ff8869efea7062c338834d08fe6917 SHA512 27ac54219b902613d1d0d945ef882635149892941ecea78995525de28880389c42efd4ba24b51ac0608fc2e9d3bc74065e03ea5ab17d5b18f200c30d0b393170
-DIST firefox-78.0.2-gd.xpi 544419 BLAKE2B ff7a3757b69e4468a748a83853fef5363c99d5fcd1408c41c9620cb6e2b9d02fafc4ac3c8a55ceb2e1a22ab18e7b33707b0d881fcb49cfbf6cf89564fcc7e8bb SHA512 607913cef428b8f3ca2efa83a608fc6ca87597961b6ae9236a305c9637d8cc4146da5808af742e81a14ac920dbe3cf18473a73915bb4d24980f179ca2c0d4a57
-DIST firefox-78.0.2-gl.xpi 508283 BLAKE2B bad499e35cb14bee19c4275ee8cb09bcea7cf68a3c58a8465236a10af2ac4af6103e7e1c0de8aa6e417d13136bc6e8c03df589bc5181cfbfcbd4388aad90b6a3 SHA512 48516418d3010a15dda0518f55a0860f90921ae2225e8335e40e06ad9243a6a14b6795cdf4043aad1235787d0d11ea1f8c26010b2807bb87c4dc756ee84bcdf5
-DIST firefox-78.0.2-gn.xpi 582166 BLAKE2B 7c42a6f9b765f809c6c42ddb167bfff71a1debafbcd92263dcc9ee6f5d129c1f9d39c13cb663fba4708026e4832131e9a74e4b24eeba5cbfedd043f897144c33 SHA512 df6b6d13a1a8bea98903d2ab0e1cf90dfd7b4f3c4786be342c519a00e86ae0c36743f49502b0be2fab8cf7af9c60a824d5dcccd22998a7019bffb53931dbe803
-DIST firefox-78.0.2-gu-IN.xpi 602914 BLAKE2B c5699cc3e197f6b90e4125e8cc9d578ef60a5691661a2c8dfc7e4a8c5ea8fe184cf4979be7028040b1b4c25316301b1c81ad5654805e57e1620ba56af6e0d91c SHA512 9f8c0317de2724ee6cb7f3a0190ef5d3a29617a011415fe6c46f23a09d4ed3cfe3b0732430ca341deb50a3d1f0772ee163683e8c62e6efc0d7f17dd58614ff6a
-DIST firefox-78.0.2-he.xpi 582418 BLAKE2B 08a46e34e08b135b583526ad2187c4f1b962cdba461aed2b1017abeafe3b18a889372abb368996a85fe0e139f6c1a74106046936e9b22337b82e293ece386dfc SHA512 0e3373892e9179143e65009e44b54059e40da0d02d6ad631188b445af84ae60bcf7303db4fff8543f0b09419f72a7b12f435d02dc1e68fe7a48d0541d7c32c8e
-DIST firefox-78.0.2-hi-IN.xpi 622444 BLAKE2B 78c7a3ab28e64a84ac385b32d0cd1d644de09d30a9b82109c89b5f04c13efe2328aff8e2717d3f2431b3095a33507475f87bb33e64a7bd8eb8707911f773ab1d SHA512 3d536f5478194e0d48b321ed2cb38eab6c123d8ea8b04e41f3665f6403813ad9560dfac601426e8767b3a53af4048a197a9aee1abd489f0fdcac8c575670d9eb
-DIST firefox-78.0.2-hr.xpi 560786 BLAKE2B e5e967103080da9b375913098a5cc01d64282953ce341fba4e5b0eca5cd1bf2f098cff8e42670db4e5a9c3bd7fbebc746ffa5185e888a8dddf734479bc0c89cc SHA512 b771ef8096c8274f17aa0a9495fbfe9b77e67bd23fdf394e979471d23d46731aa32fc7c50d3a7af5fec8d0a6045bfe2929ec1917439487272962befdd97687d5
-DIST firefox-78.0.2-hsb.xpi 585290 BLAKE2B a22a83556fba35148f4eb4f7b0d12819e489e13600301b5ccee54b838f59452d207b8d12e2e732a6db42ba4567ee33ad8377eecc1d5932e3e950f7c5fd91e877 SHA512 6a81156afd1ab924a5896b97766ad6c93bb4db98ecfec887e8eb46db1a69f5c49770bf18ebf7353616668d6f88c5b1f39c5afa2cdf6956910e035aa1b9d37b67
-DIST firefox-78.0.2-hu.xpi 588748 BLAKE2B d4d0ad59ddd7dd4451c6cba98948ba78e37f9bc3bb05623d5fb6f0c7d23d0a344e7e5535fd60791ec3207ab68302e3da7344d473e96669922b53004c2577a1dc SHA512 dea3571c1f34ceb0d2f2764ac2e74d4a8d303cb04be0fd652ca73ad5a050addd7a0cf4e0be85a24c6cf2dca63da4c580372c086aed9f359640a30f4999ab1352
-DIST firefox-78.0.2-hy-AM.xpi 649327 BLAKE2B f7d8ded6b3f4c18aa0c179d38c46d4cc6b3e04d943aa65db3d504f265d96c31dc3b33e05db0a0e15d951b66933544ebcec526b77446d69c9461d25c0696beb6f SHA512 93c8b76215003c7b085fea61d0a3992a75e5a78e6dfcad9a6440472d443fbdb8c8bb2be28ed9fb6d8ffa26f918225b66143fe0aa02ce3dabcb2ee3043b922c02
-DIST firefox-78.0.2-ia.xpi 554118 BLAKE2B bd5f3ab4567fba9a85de26e1b43f3a1d4c44049472d15c7c127c911127b052be875640d93cb033d0b5048034696b2c35167f25884930d8103263e3714499e6a1 SHA512 d43e1c48a00e96974a23c448bef689d458b0e9173c065ceb33960e80a8645d93e75399a2fe04529fc410090e2b6ab6a5e29f7bcd8d06aed99cd9c00974e3a661
-DIST firefox-78.0.2-id.xpi 551946 BLAKE2B ccafff682cf346815f5c03a1cf17cc2f24e491b528d5f75e2aa2ec85ad0cf9f3a565fa966757506fa09a8dca500a9cb0d7d2f1d23a6fd240a0eed8c991ad5bdc SHA512 9ec28fbbf500f469cc4210f0f1859015ae9aae7cf912b66f843d940caadeb8acd2afa7c33dbc3310ae6cef470d4fc564acc3754c4816a5364f64bfa967950b33
-DIST firefox-78.0.2-is.xpi 527499 BLAKE2B 4087a4160b2176a83fcbb8b0522cc68b0fa58dba099fb114acb3444fb73d4ffb3f2a686cb123507ec5caf33c665dbc9c6f3e8414c84c334cc161de09bd85940f SHA512 0239eea5cc3e5e6e90365b507f372b35a4ecb193a973ca7f2b549d5f16d05fdf33a182e655c780fa20c8dd08468cf43e4116f35499801c1d2a1c99c69fbefe49
-DIST firefox-78.0.2-it.xpi 454998 BLAKE2B 4d23e7d1a3be1d21607f4f434e989119fffc77fbb6cc6ed5a22388327b6485be25543aa8247b0a7f67b62f2266e2a64206429ce928e65c3456f152acb5e9af0e SHA512 b5c1b435b62e82c041ea3955c560926743edb741c4411ed88c3bacd483e0000383eaf59df3d963fdc04d3b256b65959726bb42813460b4e1f853d0d430c17aa8
-DIST firefox-78.0.2-ja.xpi 615921 BLAKE2B 4c30b7d374042304cf2ab2b60ab70ed8260820335b86dd19ab3186ff784430802a1b767fc7e3c9462906372c31aa2ff600c793c4c407068ffa61e1c47fcad80b SHA512 1a65a805d1789e24a2042e6036b6320b6f3b396b52d0438fe73b7c21794b05288baf5148a1fe8e6c6fab8e2b7c48fb1dd981e1b7512fa1522356d3c9089e4f76
-DIST firefox-78.0.2-ka.xpi 612304 BLAKE2B 5ccbc62550aff429305048cda81f0786a639772667b145f0b3f1239c504c1bbde2e30ab106f488327ad7a5242b992584c6ec3efae917757e08d567c753618ac3 SHA512 183fa9c16cf9d212f1af18ef18c9a1ef337de8722840c5a2efbbd007d527929d7830360a1c822ddaac7bcc8e0334ee3ef393407cb81239f37e147e1d2018977b
-DIST firefox-78.0.2-kab.xpi 574013 BLAKE2B 6a59322839ccef91339f6556262f36fae51581f3325de6bccd9ff9035cec84174cee1b8464b7481e7ad2c58b701ab2712ac4f83518924ba1e9ad12ba51bfaae1 SHA512 142f46b584f44260a9a25a62b9d9f5ac809f5fe17795d2d4b91b3f4527a0bb4862382b55ef858681173455cd508922577d2f7a3bbf2ed2a9b1469dafbfa16312
-DIST firefox-78.0.2-kk.xpi 642139 BLAKE2B 33d5f2abf19efd2c6e4ec99f696e552f5bf34bbe3cdc9f95e235a94ed62568e7bdf0c92c18527ffa86b94fdf85df3dd456bcc2db7818fbd28eb0d55b8500c2ca SHA512 cbd256fd0d6a98e1b99e27a62785bdc993aa936efd0ea8a14cb293c8211d8bd7487a684ce4daf3d64e589f26224a3767060a020ec341fdc64b6c11457dad1273
-DIST firefox-78.0.2-km.xpi 567231 BLAKE2B dbfed5b0c772114326eebee0ac946bf8cfbd10e78970a1d625e778a47227c6d3eea4b8a9f7d605b99202abc2badb821e0a59c61aba0facc7162a0ea5d1e79f43 SHA512 4965b4bf13d77a5a0316809e2f341918579726e3b57723090e1748ed5f4c343939e376bfd3c4619f04f3b21c1b28481caaf15c3132794c8c05b405cceeb816b7
-DIST firefox-78.0.2-kn.xpi 558806 BLAKE2B f216c49c89d6c32e1ae216180799b62f95834cf695af5bd216513301b78a369ef9855bf9c5066a2b98fe57b531d679172267389a35e767d76df8fa07e174c407 SHA512 af9358112304576cec914dce6208490dc895c77bd074d28d5c05d157634d2fcc5fdc0983e6e3ca607bef0aa1ec507440e8cc1f68f81d9bf380235743205b128e
-DIST firefox-78.0.2-ko.xpi 602762 BLAKE2B 7d3b615c03122ee26f3f7610f81230e7eef0b9274dc78e3ffb8ff16905d197f4ca5980e45c7077dfc6b08cf6ea34fd32058f6e1d6d83241205b9cdf2d65d0598 SHA512 19bb88a9bfd1cf17ddaa8acfc953cab0976d3854d20e1f8ebdb95f70cbdf46f42fa43c44f371a9b6aa8cb7875b0d9d5cf2f6a0ea181738b817b72f8130383a1d
-DIST firefox-78.0.2-lij.xpi 526112 BLAKE2B ffff708cd07d77d2d6222a0563623685d94e0fbd13f670bb31ae22ca3b9aa7d76bc4ad6f606cd20c7529feff16005c5432b57e67027b41e8f37b14bb95d90382 SHA512 cc24878ca1487c8d1eab4c52bceb0ca3e3f4b750e7bb64ba47b3f125a9aa8e956244119154d92a496e172d2561968712b5979e57ff945e07df9e2a9989712bed
-DIST firefox-78.0.2-lt.xpi 579632 BLAKE2B f2891910b9195d87a0821acbba5c9ccfa88de205c0cfa08504e64bf535c5861e0fd14b43b28f2eabdf05b2dc8d949cfa16ce6bb2f362553e3d7db3b68f012ebf SHA512 4467844055fcce7aa24633bd2440b9730674e96c99b566a8889107a685c01e5c2850d8c8cc2112faca896eb9837f41e14c8e7caa14ffdc8775abad41ef997347
-DIST firefox-78.0.2-lv.xpi 516883 BLAKE2B f9190e768c52bc0b6643f8859c21ac5c6f36bad6e975340eb7423bd63a115f7d1a7843b37056c7d63c097cdd388f6d90dbc0f39c77a30dc2af627c0cd05fa45b SHA512 f8199169ebf790978afec332b79d4e6a799016ba2734e9e920bdeb8904fdf9df8631a0a00a652e605ba17c33787a7668bd548b3c2fc6d34aed66733446e61094
-DIST firefox-78.0.2-mk.xpi 482942 BLAKE2B 1109c1bfca6df35869207a2b0e758592a530d4a6f8cfeb66587cb0975a8269c06f29e9ca968c9f21b319935983a6fcbc0884ac4fe04151cf0bd9368830de88bc SHA512 179bc2a43eb02e5cc9bbd60e91777636746044a788aadbab6084c2d41796c5633ff6ec47be5be0c7a244728fd14d0b2dda266ef253213b1d88b2bf4e6db69ffa
-DIST firefox-78.0.2-mr.xpi 599907 BLAKE2B 77f47a35b2cb43e4c97812f2019b695a6a1ccab79a4019c81fcccc534e03066855e2e1961924c05b533c8b3fbd20e74a85580d9c5bd516c3e44425673059870e SHA512 4b4a21ecb72bbf324600f8bfc451e41a97970aa6364c496ba6d28c3d94adc5bf14138f639fa7bd11d4bbe986161a9c24b8e000e5f4b0f219055a80454f2cac7f
-DIST firefox-78.0.2-ms.xpi 500966 BLAKE2B 0da28df093b793c8c63ae4c76a903fb4f0f54b28ed74ef6f540c8d81ff09ad8e5de9e773b91beec6546ef706723a04c523524e2c4d825c8aea852bd76872d7ef SHA512 94e2908186b6a0e062b0a276f8d1ba3239e3159d9cba2eb91635bac6bde4106cec7c5468fcccdaedb7e0e1bb72b1389c9614abaf23bb5314619d5158da266f7b
-DIST firefox-78.0.2-my.xpi 557205 BLAKE2B edcd002b29cf51309220d2abadbe382dbab00f6e612d12ffcda16b501a3e791fe58c1e57b0e9cdebecd14d7124b8b8e4a32d75c405ce9b9ead1751976371a7f7 SHA512 80ce551365a7168b1d57e04b4d2ffd3870d7299669d61bbc837f4260b39be4407eb5d6bfe06ecd29a71cbf316613cbbd8cff8bb20e36b983d354219f9f8e6a28
-DIST firefox-78.0.2-nb-NO.xpi 549591 BLAKE2B f14759ab55b05169255a610e00b3f65a8451b603b3d0d53007af6665eb50cb29d69f59947212cf06d682176c79b9979ae3437e97ae74d17580ed5ca7b7e78d49 SHA512 b8fe2c08ac334acf62b4555f5bf8a483b361381bda3770416b03f791ca82e65763762c7cdb85172179ebdb83a98d2e37aa18deb2b0eecedf43a751b13188b0cf
-DIST firefox-78.0.2-nl.xpi 558784 BLAKE2B a72ae73b21b2c177cd0e03782d53c1f9a9d47028b6955982dd2e52dbb83e66b6bb9de605d9ac98d95044e4877875f88f002a205be6d4b27b0fa22b978beb2a8c SHA512 81bf078623ba72822d27309706d4850c1fda4dbc7474c3a82aea5d9e71d9353010c498e1136a29d5dd0b4e8e7426400e422d5de952fb5dac6aada9d6a00b7e8a
-DIST firefox-78.0.2-nn-NO.xpi 552139 BLAKE2B 3ff432eea0e53d4d5599993d195a77fbc102c18bd86d6f8a5e1fc2b74f762a2fc5208b8002f268506a8480133933a0aec87f6e00e4a34ec7668a0c76b8343e1e SHA512 56b89988d24aee6213764e9bdf31b6457ac2895c0a9a6dfa8b55a76cee8565b6132adf7820c1c5b74e1870219853bcfe876df94010b127ae57480a6685e86f42
-DIST firefox-78.0.2-oc.xpi 576253 BLAKE2B c039ca9078de54ff9c509f3f0cf451c0039850e70b28e01c8da4b875b60d8ec73b5224017b0980f1a87ddff01a439d6a9c7e107b6a5b27efcd4d6c852eb39adc SHA512 401ce7ca2edcc26778a2aca6680afd84be5567780943315f7290401ff58be9c84b3178ef4be16197a71873d284b76cddf0215b6e91991d92ee0d12c867626ba2
-DIST firefox-78.0.2-pa-IN.xpi 606175 BLAKE2B b734574fdbc603abedc068292fd2a1e71ee461955071a918dedc231a760e9594a51f8f315ed363f583a6842fb1198e059fcb9052859022f77160913547498807 SHA512 8546927fa84e57fef201017440e4cf66d647605cfd28b8ea937ccc3c3058c93b3e54cb4f5db5cb9aad842eeffecbb6d841cc11816d84c27ee339346567c32ca6
-DIST firefox-78.0.2-pl.xpi 574895 BLAKE2B 3302c8446c1910551678d109a696ec99e76fc37b22306af83b104f6cf465db407b54e7c759c27e0ea6f97241a18777997ea1a23eb4c25e1b302a5d72d5b0b728 SHA512 661e5f9b14bc0af714e81b8e9fb04ccad491dca52fce3ef2d696b95e599064c09a9fd27604b446831c2816f5e575979680c87234a66d2b55f9a63b82d39fe267
-DIST firefox-78.0.2-pt-BR.xpi 558017 BLAKE2B 65e1923bf356b0f7430d0f367dfed48930f80c8e430410319dc72bd96f5151bad55f0349bafaff5f9324fa30902b13ce3607222a904157bce6136478e66102a6 SHA512 f05c0df3a38b2f5b6939d5cf40a28e1bb9e804c08d155a7a3526caf6fef8207f7ccba3fad57cb14a2a3386629e2156d2b44430514239903fa4517776f93824cb
-DIST firefox-78.0.2-pt-PT.xpi 565637 BLAKE2B 0430ec52e7ba581bb19590d6d408076bfe3134f2726190c5e92bf3439e088c1bd86561cd53d0c83102238ee23c00714c8f49161785b9566c312507bc1175745a SHA512 983c345406070cdfb65de99c5b3efb30f6142e3e3284a60fe419aeb7be86ab0eb8d6afc42467f7c493a42e94b65581eaa437ffa3a29796b0525b9c86065718aa
-DIST firefox-78.0.2-rm.xpi 557918 BLAKE2B 2d1da1dc5020098d79b2b59bdd6c4e11dd9792736cba5fd90dfbbd2d47cc0e10dc9b8b49e3b5f5a35c94284622efa027f31275d9f395c4e4a78373467f14f45b SHA512 072265c3af5b17027049faf45608805dbf93f3e2a6f2192bfb098d6819f778411ddeb8b88a816c5bd016c320df21804c062ae5944d95172fcdc73ce2a556a40d
-DIST firefox-78.0.2-ro.xpi 569376 BLAKE2B 4ae4c5880290efbb597ef5bdb1e93720da0590d892010e5cab4f1d77d59688622883468f3170de9b3c7923f92d2d95dd80dacfd9d9f1af9720e3d1787290b9d0 SHA512 6100a08560ca26190efb6b85b3cf20da75d79acece21b64f6d0f938effc2e5f25374ced1bd61ba62c64671d206525bff982f5d4e6efe4c3505ea4ed92fc0ad93
-DIST firefox-78.0.2-ru.xpi 650703 BLAKE2B cd11d3b06e24e2518c2ac5542a36e02908b8cf506b8f8ad0ed08fd899377a159e0a22a91ac0ee25b72af23dc795ca5180c864d5e625af048e85d2c3247ffb68f SHA512 f66399bc87051ae1c5a83b5054e79c75f53b2b467bcf312044f4c3284dbc9085a2f1e01992e146aea3661a5a436107c0e7b729ae37642cdb44df85e3a4bc8230
-DIST firefox-78.0.2-si.xpi 534197 BLAKE2B dc1c49b91e9688cc1037eb4d265e7dff204281ced39a05e74e12cd60eb921d6424f347ad4c38c3efba09b63a912e14970f939e1cc3cea5278f0b93558d7f8850 SHA512 c66e6e67fb456bb0bc80c9030af5adfcd84c44405801dbad94abc9c55d0c2fbe126980bae8a127a6f91248b1fe452fb5337065b3818f0e042b7977aaa4392620
-DIST firefox-78.0.2-sk.xpi 578535 BLAKE2B f25a1da52c36f898cf3da19ab34f023327d43f3bc23220f172cc172606137e33ca8d8b01ab4986cbd2a8a9d3c45032a7491c08c82e4aafa5861f5dca3c8c6a70 SHA512 0e8f8e1c271d053e06af774b2d6c9edea51e63516a18534c51383ea2937406f75979b5776f2a543d72562212b1de7640d2c48eb91099034e7c329a10d47b3342
-DIST firefox-78.0.2-sl.xpi 563038 BLAKE2B b0077cd719ab2e10008cc45e41ae080c2e7d6a570b87854d08ac188618277c2a6a9d1544446b7cba10dbffafb33e5ae4c84c3bfa03c3e436c37055ace68deffe SHA512 cdbc2b72b7b891e6bd12ab3ef156b3063b4ffca6f5af870109b708136d34d461bbd9fbc46a2241a82a9c33e5288bf18b482eb3660a0ef158874fc75eae2d2f60
-DIST firefox-78.0.2-son.xpi 454246 BLAKE2B f7d0f11084e125be5132c54293012813cd0ad334a6cc962ef236ada2e2b085f27cbcf8db1341639c74c9b8a76132fdc9ef690765a815b4dc7fec40ab754e1321 SHA512 a426b2e2137b717ca9b09496db08c68e6fd16802376452539f260b5c29dc91be1d8224a6cf1e81aaa9299da6ac090de6650c07293f97c281cb806cf5603ee854
-DIST firefox-78.0.2-sq.xpi 580008 BLAKE2B 38fa940006469b7b6cfb948ef612f4a1235cb4567f1c9d9a634e221f42b1656b59d643f037d2f840fda4149056144c77035fc27f98c43779e026911df219b895 SHA512 8578769ea79100146c024e853d7dd8138663dd304ee9050d5c6ea2333015c898f02ab27da1e386b0c2dc70c8c6774aa8ee1046c3bc6715c514a6037e46a3bf0d
-DIST firefox-78.0.2-sr.xpi 604540 BLAKE2B c3d2771034ac6e5fc82b4ebe7e106d44edfa7ec33f185b6df1fbf1ee5fd79356a4636d9b803db8b6e9d03f8b04a0776bc4b0427762c5a6eebdf76cfcc077fbca SHA512 0b151cbce3239d8f80ba84a51d33b7cfb2258c8e2372c401a32643858f12cf7a27c4a4f725d60455d746d9636fbabfedf76290fb88f8da03acc29071716093bc
-DIST firefox-78.0.2-sv-SE.xpi 561863 BLAKE2B e90ffdd603f8a1655edca48b9974fb5c042173676052a3ad66a03fa3d014a750f884a94a4eea7cc2407987f5d6200f0d76dba0404b438a0d9a28350a4ac5bc03 SHA512 3c27c8098fb659eba75b3f2e73ab717882e12e1d44269da85dc6ea251e41ac9c27a0d9c5b2a3443a385efcd182740cf41eab9558a3b1123c7583174f3277a7b0
-DIST firefox-78.0.2-ta.xpi 572336 BLAKE2B 48a0ba1bf90e9338e5c494339205e96d8d9eee8ba141be5cab7d7703d5acf2fa6e0b0b9a807c72b0bf31fdd19a16bba988ed6970c243003156c98d03c30473d5 SHA512 f906f8feb8a356a77b5be12bc01596916824e2782f61387d814a40e6c7deebf2511611bc19bb66c8e8208c947a00bf8de296d826ea6b1b5bfba84ce0ca0fa628
-DIST firefox-78.0.2-te.xpi 591642 BLAKE2B adab23edd9beaebb81f73025f66a5cee184db7932b07385a1dd529ab150e9af66b16055297332e1b658f58962b40888c77da5f10d7004d15814c68dc84e6fb7c SHA512 8b676fde6249f66d4e819db01ce9ca8221b75a5025f68c31bbafa9d09daf02d19d490a4fcbd2253fa68475d50c6dc2793142a504c9a7f090569c5b11c9c4bb42
-DIST firefox-78.0.2-th.xpi 628317 BLAKE2B f4740071921e76952e6bf06a7676c718686b8f4860082e573014efad1b66e99bbc9ca549a30129301243b008a7f30e5a8b5510b065bf5177cf9cb335956950e8 SHA512 1c2fb8b5792660e2d4d25ca1909f726092a5c0c025edb2a089384c48804ac5d592db0393d7e4d236fe925b1f00c55b27b10b15f49c7ccd07e110da276bdcea21
-DIST firefox-78.0.2-tr.xpi 576348 BLAKE2B 7a4e720d2cfe0481208a41a6cf3ea1fc7aec23722f14f951f5aa2da7374398dd3ff2ff8e4885c7c7c8305abac05e067de8f556428d6e3d0495de0cb946e6baf3 SHA512 a365bccd6fcc973a0e27a491e2b1bf4c6ee4ced65ff4916942c63830b07847efaf582611bb3b781cb8dea9bb929d37b12c55833e46459bc090a61ca698270e10
-DIST firefox-78.0.2-uk.xpi 646853 BLAKE2B eb1011c17c73b9ce2da2569f42f3ebd8fac483bdc0ff800298c449daedd7b68897d2c526343d154a2eb4cc57b8680e9d9018d89355d6f39ba92c99abf94a5417 SHA512 12a54535da90bae1c0f0dc7929912ae3a06027f06d76d44aae31640964a26ab6848217ff64c3b5c777f6601ef3a198dbbfb478e6bf8d9f8ae1efed0c0c0444b1
-DIST firefox-78.0.2-ur.xpi 608128 BLAKE2B af96c238ca788d6c9107080466199644ab858615bd9e6b4d4ccbcdc4f94705c6456aa18788f1a5ef2f8599ba5712e5b6dda45e173dd93b103a440f370dd56f45 SHA512 a97a1a44beb40f2792b8e9b2af8b1a1cb4c65ba655ffd17bde7e2ea0fcd199c9004b9ae20522e06b0077b5df0b5661fd7e9e98baa423d34539960fe8742d48b8
-DIST firefox-78.0.2-uz.xpi 521137 BLAKE2B 84657ae37696ef2f6698e64aebd553c3f844f5411b6a403ee4473164cb361d95a57592d7b13ae956f9cfe8507984af34fe3c62dbc60b406f6d28a8d2d318276d SHA512 216fd71e9a2d629239b97b89d615e490152ff1f4decc1b2d74cb2453897cd7e06a525df73c670accd2105ad997d2f8b4ea898ce8c30fd93c4136354696fb2493
-DIST firefox-78.0.2-vi.xpi 596833 BLAKE2B 71b198f15986029e5f93cb3ca0f52fc3abd59611faefdce88c541c53d59df67afbf691cfdc810915510e0fc59ce77474105399e8066e0835d544dd1d3cd93fe7 SHA512 57148e969ae64aebd009896239b96e70b0f8cacb00ad121b49b7d122071de1789cb08812765e2b6565d228870ff06639353776a4fb5151c2a8835310728ba41c
-DIST firefox-78.0.2-xh.xpi 458898 BLAKE2B 1357c2a37ea0d5a6eb3b25b79793a3be744c51c2930d0515fb386c81314d479e7978bf955d020af227a84152910b037186ded92cdb89c0146ea011ab1e2c35a4 SHA512 2aded0092cd9bf77c89be91ff9f0818213566d2293e6693d8ba8aff5ba7ee463d2f5ca1a770d4cbff1b17db2e487f544f96f009eab5fa2edad3ec9899e44ae3e
-DIST firefox-78.0.2-zh-CN.xpi 600177 BLAKE2B dd3909d4c3777a5259f92ab499b354a3ae97839cadb504edadfaad92ac9af12bf5cb637775765f0d24c50c435ecad4621a53ac105165d8ff013ef6350c208513 SHA512 1f56ef51b8a5226477d623f886ba5622fe6ccc3e1e99abeab64a60dfd656920aca248fc80efc58d71f7126076f3ecca07f3b135b40d922686886ffa6194a17b3
-DIST firefox-78.0.2-zh-TW.xpi 599268 BLAKE2B 5f2d2ac97f146f13ff3a16756c5d2208a3fb5f37277f0037c3f13dbb0530ff44478c290afcff4d2312167cf75915f65af1ec1c60480853a1d5ac3683d4c9df7e SHA512 03152b433cb8c80960b081f9ecf97447e492c1f2e8719397ea2dbf9865d0b60f8b24d653c7564dd866ca38068b92c6aa4978bfe78450989522dac160c125e43d
-DIST firefox-78.0.2.source.tar.xz 334406116 BLAKE2B ecddeee641a61409cf603afe97c3e97854700d3858bef8ec0d09c58b39023162e2939a3619481c1b9ac7f5b98bf6c7082108db3c9736332f2e30a6ac14b34b2c SHA512 4aa753fb51459301379d186f3c93e15755530e5e1ea17795d620cc9da56eb5e76cce483ca57f4af339b6f17e47101dff772ca01fb1b469201a09283f14f567be
diff --git a/www-client/firefox/files/disable-auto-update.policy.json b/www-client/firefox/files/disable-auto-update.policy.json
deleted file mode 100644
index f36622021..000000000
--- a/www-client/firefox/files/disable-auto-update.policy.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- "policies": {
- "DisableAppUpdate": true
- }
-}
diff --git a/www-client/firefox/files/firefox-wayland.sh b/www-client/firefox/files/firefox-wayland.sh
deleted file mode 100644
index 44280250f..000000000
--- a/www-client/firefox/files/firefox-wayland.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-#
-# Run Mozilla Firefox under Wayland
-#
-export MOZ_ENABLE_WAYLAND=1
-exec @PREFIX@/bin/firefox "$@"
diff --git a/www-client/firefox/files/firefox-x11.sh b/www-client/firefox/files/firefox-x11.sh
deleted file mode 100644
index 756556690..000000000
--- a/www-client/firefox/files/firefox-x11.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-#
-# Run Mozilla Firefox on X11
-#
-export MOZ_DISABLE_WAYLAND=1
-exec @PREFIX@/bin/firefox "$@"
diff --git a/www-client/firefox/files/firefox.sh b/www-client/firefox/files/firefox.sh
deleted file mode 100644
index c08d55519..000000000
--- a/www-client/firefox/files/firefox.sh
+++ /dev/null
@@ -1,128 +0,0 @@
-#!/bin/bash
-
-##
-## Usage:
-##
-## $ firefox
-##
-## This script is meant to run Mozilla Firefox in Gentoo.
-
-cmdname=$(basename "$0")
-
-##
-## Variables
-##
-MOZ_ARCH=$(uname -m)
-case ${MOZ_ARCH} in
- x86_64|s390x|sparc64)
- MOZ_LIB_DIR="@PREFIX@/lib64"
- SECONDARY_LIB_DIR="@PREFIX@/lib"
- ;;
- *)
- MOZ_LIB_DIR="@PREFIX@/lib"
- SECONDARY_LIB_DIR="@PREFIX@/lib64"
- ;;
-esac
-
-MOZ_FIREFOX_FILE="firefox"
-
-if [[ ! -r ${MOZ_LIB_DIR}/firefox/${MOZ_FIREFOX_FILE} ]]; then
- if [[ ! -r ${SECONDARY_LIB_DIR}/firefox/${MOZ_FIREFOX_FILE} ]]; then
- echo "Error: ${MOZ_LIB_DIR}/firefox/${MOZ_FIREFOX_FILE} not found" >&2
- if [[ -d $SECONDARY_LIB_DIR ]]; then
- echo " ${SECONDARY_LIB_DIR}/firefox/${MOZ_FIREFOX_FILE} not found" >&2
- fi
- exit 1
- fi
- MOZ_LIB_DIR="$SECONDARY_LIB_DIR"
-fi
-MOZILLA_FIVE_HOME="${MOZ_LIB_DIR}/firefox"
-MOZ_EXTENSIONS_PROFILE_DIR="${HOME}/.mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
-MOZ_PROGRAM="${MOZILLA_FIVE_HOME}/${MOZ_FIREFOX_FILE}"
-DESKTOP_FILE="firefox"
-
-##
-## Enable Wayland backend?
-##
-if @DEFAULT_WAYLAND@ && [[ -z ${MOZ_DISABLE_WAYLAND} ]]; then
- if [[ -n "$WAYLAND_DISPLAY" ]]; then
- DESKTOP_FILE="firefox-wayland"
- export MOZ_ENABLE_WAYLAND=1
- fi
-elif [[ -n ${MOZ_DISABLE_WAYLAND} ]]; then
- DESKTOP_FILE="firefox-x11"
-fi
-
-##
-## Use D-Bus remote exclusively when there's Wayland display.
-##
-if [[ -n "${WAYLAND_DISPLAY}" ]]; then
- export MOZ_DBUS_REMOTE=1
-fi
-
-##
-## Make sure that we set the plugin path
-##
-MOZ_PLUGIN_DIR="plugins"
-
-if [[ -n "${MOZ_PLUGIN_PATH}" ]]; then
- MOZ_PLUGIN_PATH=${MOZ_PLUGIN_PATH}:${MOZ_LIB_DIR}/mozilla/${MOZ_PLUGIN_DIR}
-else
- MOZ_PLUGIN_PATH=${MOZ_LIB_DIR}/mozilla/${MOZ_PLUGIN_DIR}
-fi
-
-if [[ -d "${SECONDARY_LIB_DIR}/mozilla/${MOZ_PLUGIN_DIR}" ]]; then
- MOZ_PLUGIN_PATH=${MOZ_PLUGIN_PATH}:${SECONDARY_LIB_DIR}/mozilla/${MOZ_PLUGIN_DIR}
-fi
-
-export MOZ_PLUGIN_PATH
-
-##
-## Set MOZ_APP_LAUNCHER for gnome-session
-##
-export MOZ_APP_LAUNCHER="@PREFIX@/bin/${cmdname}"
-
-##
-## Disable the GNOME crash dialog, Moz has it's own
-##
-if [[ "$XDG_CURRENT_DESKTOP" == "GNOME" ]]; then
- GNOME_DISABLE_CRASH_DIALOG=1
- export GNOME_DISABLE_CRASH_DIALOG
-fi
-
-##
-## Enable Xinput2 (#617344)
-##
-
-# respect user settings
-MOZ_USE_XINPUT2=${MOZ_USE_XINPUT2:-auto}
-
-if [[ ${MOZ_USE_XINPUT2} == auto && -n ${WAYLAND_DISPLAY} ]]; then
- # enabling XINPUT2 should be safe for all wayland users
- MOZ_USE_XINPUT2=1
-elif [[ ${MOZ_USE_XINPUT2} == auto && ${XDG_CURRENT_DESKTOP^^} == KDE ]]; then
- # XINPUT2 is known to cause problems for KWin users
- MOZ_USE_XINPUT2=0
-elif [[ ${MOZ_USE_XINPUT2} == auto && ${XDG_CURRENT_DESKTOP^^} == LXQT ]]; then
- # LXQt uses KWin
- MOZ_USE_XINPUT2=0
-elif [[ ${MOZ_USE_XINPUT2} == auto ]]; then
- # should work on Mate, Xfce, FluxBox, OpenBox and all the others ...
- MOZ_USE_XINPUT2=1
-fi
-
-[[ ${MOZ_USE_XINPUT2} != 0 ]] && export MOZ_USE_XINPUT2=${MOZ_USE_XINPUT2}
-
-# Don't throw "old profile" dialog box.
-export MOZ_ALLOW_DOWNGRADE=1
-
-##
-## Route to the correct .desktop file to get proper
-## name and actions
-##
-if [[ $@ != *"--name "* ]]; then
- set -- --name "${DESKTOP_FILE}" "$@"
-fi
-
-# Run the browser
-exec ${MOZ_PROGRAM} "$@"
diff --git a/www-client/firefox/files/gentoo-default-prefs.js-3 b/www-client/firefox/files/gentoo-default-prefs.js-3
deleted file mode 100644
index 073ea77e5..000000000
--- a/www-client/firefox/files/gentoo-default-prefs.js-3
+++ /dev/null
@@ -1,19 +0,0 @@
-pref("app.update.enabled", false);
-pref("app.update.autoInstallEnabled", false);
-pref("browser.display.use_system_colors", true);
-pref("browser.link.open_external", 3);
-pref("general.smoothScroll", true);
-pref("general.autoScroll", false);
-pref("browser.tabs.tabMinWidth", 15);
-pref("browser.backspace_action", 0);
-pref("browser.urlbar.hideGoButton", true);
-pref("accessibility.typeaheadfind", true);
-pref("browser.shell.checkDefaultBrowser", false);
-pref("browser.EULA.override", true);
-pref("general.useragent.vendor", "Gentoo");
-pref("general.useragent.locale", "chrome://global/locale/intl.properties");
-pref("intl.locale.requested", "");
-pref("extensions.autoDisableScopes", 0);
-pref("layout.css.dpi", 0);
-pref("network.trr.mode", 5);
-pref("app.normandy.enabled", false);
diff --git a/www-client/firefox/files/gentoo-hwaccel-prefs.js-1 b/www-client/firefox/files/gentoo-hwaccel-prefs.js-1
deleted file mode 100644
index 0cb92b046..000000000
--- a/www-client/firefox/files/gentoo-hwaccel-prefs.js-1
+++ /dev/null
@@ -1,2 +0,0 @@
-pref("layers.acceleration.force-enabled", true);
-pref("webgl.force-enabled", true);
diff --git a/www-client/firefox/files/icon/firefox-r1.desktop b/www-client/firefox/files/icon/firefox-r1.desktop
deleted file mode 100644
index a000dffda..000000000
--- a/www-client/firefox/files/icon/firefox-r1.desktop
+++ /dev/null
@@ -1,230 +0,0 @@
-[Desktop Entry]
-Version=1.0
-Name=@NAME@
-GenericName=Web Browser
-Comment=Browse the Web
-Exec=@EXEC@ %u
-Icon=@ICON@
-Terminal=false
-Type=Application
-MimeType=application/pdf;application/vnd.mozilla.xul+xml;application/xhtml+xml;text/html;text/mml;text/xml;x-scheme-handler/ftp;x-scheme-handler/http;x-scheme-handler/https;
-StartupNotify=@STARTUP_NOTIFY@
-Categories=Network;WebBrowser;
-Keywords=web;browser;internet;
-Actions=new-window;new-private-window;
-
-[Desktop Action new-window]
-Name=Open a New Window
-Name[ach]=Dirica manyen
-Name[af]=Nuwe venster
-Name[an]=Nueva finestra
-Name[ar]=نافذة جديدة
-Name[as]=নতুন উইন্ডো
-Name[ast]=Ventana nueva
-Name[az]=Yeni Pəncərə
-Name[be]=Новае акно
-Name[bg]=Нов прозорец
-Name[bn_BD]=নতুন উইন্ডো (N)
-Name[bn_IN]=নতুন উইন্ডো
-Name[br]=Prenestr nevez
-Name[brx]=गोदान उइन्ड'(N)
-Name[bs]=Novi prozor
-Name[ca]=Finestra nova
-Name[cak]=K'ak'a' tzuwäch
-Name[cs]=Nové okno
-Name[cy]=Ffenestr Newydd
-Name[da]=Nyt vindue
-Name[de]=Neues Fenster
-Name[dsb]=Nowe wokno
-Name[el]=Νέο παράθυρο
-Name[en_GB]=New Window
-Name[en_US]=New Window
-Name[en_ZA]=New Window
-Name[eo]=Nova fenestro
-Name[es_AR]=Nueva ventana
-Name[es_CL]=Nueva ventana
-Name[es_ES]=Nueva ventana
-Name[es_MX]=Nueva ventana
-Name[et]=Uus aken
-Name[eu]=Leiho berria
-Name[fa]=پنجره جدید
-Name[ff]=Henorde Hesere
-Name[fi]=Uusi ikkuna
-Name[fr]=Nouvelle fenêtre
-Name[fy_NL]=Nij finster
-Name[ga_IE]=Fuinneog Nua
-Name[gd]=Uinneag ùr
-Name[gl]=Nova xanela
-Name[gn]=Ovetã pyahu
-Name[gu_IN]=નવી વિન્ડો
-Name[he]=חלון חדש
-Name[hi_IN]=नया विंडो
-Name[hr]=Novi prozor
-Name[hsb]=Nowe wokno
-Name[hu]=Új ablak
-Name[hy_AM]=Նոր Պատուհան
-Name[id]=Jendela Baru
-Name[is]=Nýr gluggi
-Name[it]=Nuova finestra
-Name[ja]=新しいウィンドウ
-Name[ja_JP-mac]=新規ウインドウ
-Name[ka]=ახალი ფანჯარა
-Name[kk]=Жаңа терезе
-Name[km]=បង្អួចថ្មី
-Name[kn]=ಹೊಸ ಕಿಟಕಿ
-Name[ko]=새 창
-Name[kok]=नवें जनेल
-Name[ks]=نئئ وِنڈو
-Name[lij]=Neuvo barcon
-Name[lo]=ຫນ້າຕ່າງໃຫມ່
-Name[lt]=Naujas langas
-Name[ltg]=Jauns lūgs
-Name[lv]=Jauns logs
-Name[mai]=नव विंडो
-Name[mk]=Нов прозорец
-Name[ml]=പുതിയ ജാലകം
-Name[mr]=नवीन पटल
-Name[ms]=Tetingkap Baru
-Name[my]=ဝင်းဒိုးအသစ်
-Name[nb_NO]=Nytt vindu
-Name[ne_NP]=नयाँ सञ्झ्याल
-Name[nl]=Nieuw venster
-Name[nn_NO]=Nytt vindauge
-Name[or]=ନୂତନ ୱିଣ୍ଡୋ
-Name[pa_IN]=ਨਵੀਂ ਵਿੰਡੋ
-Name[pl]=Nowe okno
-Name[pt_BR]=Nova janela
-Name[pt_PT]=Nova janela
-Name[rm]=Nova fanestra
-Name[ro]=Fereastră nouă
-Name[ru]=Новое окно
-Name[sat]=नावा विंडो (N)
-Name[si]=නව කවුළුවක්
-Name[sk]=Nové okno
-Name[sl]=Novo okno
-Name[son]=Zanfun taaga
-Name[sq]=Dritare e Re
-Name[sr]=Нови прозор
-Name[sv_SE]=Nytt fönster
-Name[ta]=புதிய சாளரம்
-Name[te]=కొత్త విండో
-Name[th]=หน้าต่างใหม่
-Name[tr]=Yeni pencere
-Name[tsz]=Eraatarakua jimpani
-Name[uk]=Нове вікно
-Name[ur]=نیا دریچہ
-Name[uz]=Yangi oyna
-Name[vi]=Cửa sổ mới
-Name[wo]=Palanteer bu bees
-Name[xh]=Ifestile entsha
-Name[zh_CN]=新建窗口
-Name[zh_TW]=開新視窗
-Exec=@EXEC@ --new-window %u
-
-[Desktop Action new-private-window]
-Name=Open a New Private Window
-Name[ach]=Dirica manyen me mung
-Name[af]=Nuwe privaatvenster
-Name[an]=Nueva finestra privada
-Name[ar]=نافذة خاصة جديدة
-Name[as]=নতুন ব্যক্তিগত উইন্ডো
-Name[ast]=Ventana privada nueva
-Name[az]=Yeni Məxfi Pəncərə
-Name[be]=Новае акно адасаблення
-Name[bg]=Нов прозорец за поверително сърфиране
-Name[bn_BD]=নতুন ব্যক্তিগত উইন্ডো
-Name[bn_IN]=নতুন ব্যক্তিগত উইন্ডো
-Name[br]=Prenestr merdeiñ prevez nevez
-Name[brx]=गोदान प्राइभेट उइन्ड'
-Name[bs]=Novi privatni prozor
-Name[ca]=Finestra privada nova
-Name[cak]=K'ak'a' ichinan tzuwäch
-Name[cs]=Nové anonymní okno
-Name[cy]=Ffenestr Breifat Newydd
-Name[da]=Nyt privat vindue
-Name[de]=Neues privates Fenster
-Name[dsb]=Nowe priwatne wokno
-Name[el]=Νέο παράθυρο ιδιωτικής περιήγησης
-Name[en_GB]=New Private Window
-Name[en_US]=New Private Window
-Name[en_ZA]=New Private Window
-Name[eo]=Nova privata fenestro
-Name[es_AR]=Nueva ventana privada
-Name[es_CL]=Nueva ventana privada
-Name[es_ES]=Nueva ventana privada
-Name[es_MX]=Nueva ventana privada
-Name[et]=Uus privaatne aken
-Name[eu]=Leiho pribatu berria
-Name[fa]=پنجره ناشناس جدید
-Name[ff]=Henorde Suturo Hesere
-Name[fi]=Uusi yksityinen ikkuna
-Name[fr]=Nouvelle fenêtre de navigation privée
-Name[fy_NL]=Nij priveefinster
-Name[ga_IE]=Fuinneog Nua Phríobháideach
-Name[gd]=Uinneag phrìobhaideach ùr
-Name[gl]=Nova xanela privada
-Name[gn]=Ovetã ñemi pyahu
-Name[gu_IN]=નવી ખાનગી વિન્ડો
-Name[he]=חלון פרטי חדש
-Name[hi_IN]=नयी निजी विंडो
-Name[hr]=Novi privatni prozor
-Name[hsb]=Nowe priwatne wokno
-Name[hu]=Új privát ablak
-Name[hy_AM]=Սկսել Գաղտնի դիտարկում
-Name[id]=Jendela Mode Pribadi Baru
-Name[is]=Nýr huliðsgluggi
-Name[it]=Nuova finestra anonima
-Name[ja]=新しいプライベートウィンドウ
-Name[ja_JP-mac]=新規プライベートウインドウ
-Name[ka]=ახალი პირადი ფანჯარა
-Name[kk]=Жаңа жекелік терезе
-Name[km]=បង្អួចឯកជនថ្មី
-Name[kn]=ಹೊಸ ಖಾಸಗಿ ಕಿಟಕಿ
-Name[ko]=새 사생활 보호 모드
-Name[kok]=नवो खाजगी विंडो
-Name[ks]=نْو پرایوٹ وینڈو&
-Name[lij]=Neuvo barcon privou
-Name[lo]=ເປີດຫນ້າຕ່າງສວນຕົວຂື້ນມາໃຫມ່
-Name[lt]=Naujas privataus naršymo langas
-Name[ltg]=Jauns privatais lūgs
-Name[lv]=Jauns privātais logs
-Name[mai]=नया निज विंडो (W)
-Name[mk]=Нов приватен прозорец
-Name[ml]=പുതിയ സ്വകാര്യ ജാലകം
-Name[mr]=नवीन वैयक्तिक पटल
-Name[ms]=Tetingkap Persendirian Baharu
-Name[my]=New Private Window
-Name[nb_NO]=Nytt privat vindu
-Name[ne_NP]=नयाँ निजी सञ्झ्याल
-Name[nl]=Nieuw privévenster
-Name[nn_NO]=Nytt privat vindauge
-Name[or]=ନୂତନ ବ୍ୟକ୍ତିଗତ ୱିଣ୍ଡୋ
-Name[pa_IN]=ਨਵੀਂ ਪ੍ਰਾਈਵੇਟ ਵਿੰਡੋ
-Name[pl]=Nowe okno prywatne
-Name[pt_BR]=Nova janela privativa
-Name[pt_PT]=Nova janela privada
-Name[rm]=Nova fanestra privata
-Name[ro]=Fereastră privată nouă
-Name[ru]=Новое приватное окно
-Name[sat]=नावा निजेराक् विंडो (W )
-Name[si]=නව පුද්ගලික කවුළුව (W)
-Name[sk]=Nové okno v režime Súkromné prehliadanie
-Name[sl]=Novo zasebno okno
-Name[son]=Sutura zanfun taaga
-Name[sq]=Dritare e Re Private
-Name[sr]=Нови приватан прозор
-Name[sv_SE]=Nytt privat fönster
-Name[ta]=புதிய தனிப்பட்ட சாளரம்
-Name[te]=కొత్త ఆంతరంగిక విండో
-Name[th]=หน้าต่างส่วนตัวใหม่
-Name[tr]=Yeni gizli pencere
-Name[tsz]=Juchiiti eraatarakua jimpani
-Name[uk]=Приватне вікно
-Name[ur]=نیا نجی دریچہ
-Name[uz]=Yangi maxfiy oyna
-Name[vi]=Cửa sổ riêng tư mới
-Name[wo]=Panlanteeru biir bu bees
-Name[xh]=Ifestile yangasese entsha
-Name[zh_CN]=新建隐私浏览窗口
-Name[zh_TW]=新增隱私視窗
-Exec=@EXEC@ --private-window %u
diff --git a/www-client/firefox/files/icon/firefox-r2.desktop b/www-client/firefox/files/icon/firefox-r2.desktop
deleted file mode 100644
index 45d5f11ff..000000000
--- a/www-client/firefox/files/icon/firefox-r2.desktop
+++ /dev/null
@@ -1,236 +0,0 @@
-[Desktop Entry]
-Version=1.0
-Name=@NAME@
-GenericName=Web Browser
-Comment=Browse the Web
-Exec=@EXEC@ %u
-Icon=@ICON@
-Terminal=false
-Type=Application
-MimeType=application/pdf;application/vnd.mozilla.xul+xml;application/xhtml+xml;text/html;text/mml;text/xml;x-scheme-handler/ftp;x-scheme-handler/http;x-scheme-handler/https;
-StartupNotify=true
-Categories=Network;WebBrowser;
-Keywords=web;browser;internet;
-Actions=new-window;new-private-window;profile-manager-window;
-
-[Desktop Action new-window]
-Name=Open a New Window
-Name[ach]=Dirica manyen
-Name[af]=Nuwe venster
-Name[an]=Nueva finestra
-Name[ar]=نافذة جديدة
-Name[as]=নতুন উইন্ডো
-Name[ast]=Ventana nueva
-Name[az]=Yeni Pəncərə
-Name[be]=Новае акно
-Name[bg]=Нов прозорец
-Name[bn_BD]=নতুন উইন্ডো (N)
-Name[bn_IN]=নতুন উইন্ডো
-Name[br]=Prenestr nevez
-Name[brx]=गोदान उइन्ड'(N)
-Name[bs]=Novi prozor
-Name[ca]=Finestra nova
-Name[cak]=K'ak'a' tzuwäch
-Name[cs]=Nové okno
-Name[cy]=Ffenestr Newydd
-Name[da]=Nyt vindue
-Name[de]=Neues Fenster
-Name[dsb]=Nowe wokno
-Name[el]=Νέο παράθυρο
-Name[en_GB]=New Window
-Name[en_US]=New Window
-Name[en_ZA]=New Window
-Name[eo]=Nova fenestro
-Name[es_AR]=Nueva ventana
-Name[es_CL]=Nueva ventana
-Name[es_ES]=Nueva ventana
-Name[es_MX]=Nueva ventana
-Name[et]=Uus aken
-Name[eu]=Leiho berria
-Name[fa]=پنجره جدید
-Name[ff]=Henorde Hesere
-Name[fi]=Uusi ikkuna
-Name[fr]=Nouvelle fenêtre
-Name[fy_NL]=Nij finster
-Name[ga_IE]=Fuinneog Nua
-Name[gd]=Uinneag ùr
-Name[gl]=Nova xanela
-Name[gn]=Ovetã pyahu
-Name[gu_IN]=નવી વિન્ડો
-Name[he]=חלון חדש
-Name[hi_IN]=नया विंडो
-Name[hr]=Novi prozor
-Name[hsb]=Nowe wokno
-Name[hu]=Új ablak
-Name[hy_AM]=Նոր Պատուհան
-Name[id]=Jendela Baru
-Name[is]=Nýr gluggi
-Name[it]=Nuova finestra
-Name[ja]=新しいウィンドウ
-Name[ja_JP-mac]=新規ウインドウ
-Name[ka]=ახალი ფანჯარა
-Name[kk]=Жаңа терезе
-Name[km]=បង្អួចថ្មី
-Name[kn]=ಹೊಸ ಕಿಟಕಿ
-Name[ko]=새 창
-Name[kok]=नवें जनेल
-Name[ks]=نئئ وِنڈو
-Name[lij]=Neuvo barcon
-Name[lo]=ຫນ້າຕ່າງໃຫມ່
-Name[lt]=Naujas langas
-Name[ltg]=Jauns lūgs
-Name[lv]=Jauns logs
-Name[mai]=नव विंडो
-Name[mk]=Нов прозорец
-Name[ml]=പുതിയ ജാലകം
-Name[mr]=नवीन पटल
-Name[ms]=Tetingkap Baru
-Name[my]=ဝင်းဒိုးအသစ်
-Name[nb_NO]=Nytt vindu
-Name[ne_NP]=नयाँ सञ्झ्याल
-Name[nl]=Nieuw venster
-Name[nn_NO]=Nytt vindauge
-Name[or]=ନୂତନ ୱିଣ୍ଡୋ
-Name[pa_IN]=ਨਵੀਂ ਵਿੰਡੋ
-Name[pl]=Nowe okno
-Name[pt_BR]=Nova janela
-Name[pt_PT]=Nova janela
-Name[rm]=Nova fanestra
-Name[ro]=Fereastră nouă
-Name[ru]=Новое окно
-Name[sat]=नावा विंडो (N)
-Name[si]=නව කවුළුවක්
-Name[sk]=Nové okno
-Name[sl]=Novo okno
-Name[son]=Zanfun taaga
-Name[sq]=Dritare e Re
-Name[sr]=Нови прозор
-Name[sv_SE]=Nytt fönster
-Name[ta]=புதிய சாளரம்
-Name[te]=కొత్త విండో
-Name[th]=หน้าต่างใหม่
-Name[tr]=Yeni pencere
-Name[tsz]=Eraatarakua jimpani
-Name[uk]=Нове вікно
-Name[ur]=نیا دریچہ
-Name[uz]=Yangi oyna
-Name[vi]=Cửa sổ mới
-Name[wo]=Palanteer bu bees
-Name[xh]=Ifestile entsha
-Name[zh_CN]=新建窗口
-Name[zh_TW]=開新視窗
-Exec=@EXEC@ --new-window %u
-
-[Desktop Action new-private-window]
-Name=Open a New Private Window
-Name[ach]=Dirica manyen me mung
-Name[af]=Nuwe privaatvenster
-Name[an]=Nueva finestra privada
-Name[ar]=نافذة خاصة جديدة
-Name[as]=নতুন ব্যক্তিগত উইন্ডো
-Name[ast]=Ventana privada nueva
-Name[az]=Yeni Məxfi Pəncərə
-Name[be]=Новае акно адасаблення
-Name[bg]=Нов прозорец за поверително сърфиране
-Name[bn_BD]=নতুন ব্যক্তিগত উইন্ডো
-Name[bn_IN]=নতুন ব্যক্তিগত উইন্ডো
-Name[br]=Prenestr merdeiñ prevez nevez
-Name[brx]=गोदान प्राइभेट उइन्ड'
-Name[bs]=Novi privatni prozor
-Name[ca]=Finestra privada nova
-Name[cak]=K'ak'a' ichinan tzuwäch
-Name[cs]=Nové anonymní okno
-Name[cy]=Ffenestr Breifat Newydd
-Name[da]=Nyt privat vindue
-Name[de]=Neues privates Fenster
-Name[dsb]=Nowe priwatne wokno
-Name[el]=Νέο παράθυρο ιδιωτικής περιήγησης
-Name[en_GB]=New Private Window
-Name[en_US]=New Private Window
-Name[en_ZA]=New Private Window
-Name[eo]=Nova privata fenestro
-Name[es_AR]=Nueva ventana privada
-Name[es_CL]=Nueva ventana privada
-Name[es_ES]=Nueva ventana privada
-Name[es_MX]=Nueva ventana privada
-Name[et]=Uus privaatne aken
-Name[eu]=Leiho pribatu berria
-Name[fa]=پنجره ناشناس جدید
-Name[ff]=Henorde Suturo Hesere
-Name[fi]=Uusi yksityinen ikkuna
-Name[fr]=Nouvelle fenêtre de navigation privée
-Name[fy_NL]=Nij priveefinster
-Name[ga_IE]=Fuinneog Nua Phríobháideach
-Name[gd]=Uinneag phrìobhaideach ùr
-Name[gl]=Nova xanela privada
-Name[gn]=Ovetã ñemi pyahu
-Name[gu_IN]=નવી ખાનગી વિન્ડો
-Name[he]=חלון פרטי חדש
-Name[hi_IN]=नयी निजी विंडो
-Name[hr]=Novi privatni prozor
-Name[hsb]=Nowe priwatne wokno
-Name[hu]=Új privát ablak
-Name[hy_AM]=Սկսել Գաղտնի դիտարկում
-Name[id]=Jendela Mode Pribadi Baru
-Name[is]=Nýr huliðsgluggi
-Name[it]=Nuova finestra anonima
-Name[ja]=新しいプライベートウィンドウ
-Name[ja_JP-mac]=新規プライベートウインドウ
-Name[ka]=ახალი პირადი ფანჯარა
-Name[kk]=Жаңа жекелік терезе
-Name[km]=បង្អួចឯកជនថ្មី
-Name[kn]=ಹೊಸ ಖಾಸಗಿ ಕಿಟಕಿ
-Name[ko]=새 사생활 보호 모드
-Name[kok]=नवो खाजगी विंडो
-Name[ks]=نْو پرایوٹ وینڈو&
-Name[lij]=Neuvo barcon privou
-Name[lo]=ເປີດຫນ້າຕ່າງສວນຕົວຂື້ນມາໃຫມ່
-Name[lt]=Naujas privataus naršymo langas
-Name[ltg]=Jauns privatais lūgs
-Name[lv]=Jauns privātais logs
-Name[mai]=नया निज विंडो (W)
-Name[mk]=Нов приватен прозорец
-Name[ml]=പുതിയ സ്വകാര്യ ജാലകം
-Name[mr]=नवीन वैयक्तिक पटल
-Name[ms]=Tetingkap Persendirian Baharu
-Name[my]=New Private Window
-Name[nb_NO]=Nytt privat vindu
-Name[ne_NP]=नयाँ निजी सञ्झ्याल
-Name[nl]=Nieuw privévenster
-Name[nn_NO]=Nytt privat vindauge
-Name[or]=ନୂତନ ବ୍ୟକ୍ତିଗତ ୱିଣ୍ଡୋ
-Name[pa_IN]=ਨਵੀਂ ਪ੍ਰਾਈਵੇਟ ਵਿੰਡੋ
-Name[pl]=Nowe okno prywatne
-Name[pt_BR]=Nova janela privativa
-Name[pt_PT]=Nova janela privada
-Name[rm]=Nova fanestra privata
-Name[ro]=Fereastră privată nouă
-Name[ru]=Новое приватное окно
-Name[sat]=नावा निजेराक् विंडो (W )
-Name[si]=නව පුද්ගලික කවුළුව (W)
-Name[sk]=Nové okno v režime Súkromné prehliadanie
-Name[sl]=Novo zasebno okno
-Name[son]=Sutura zanfun taaga
-Name[sq]=Dritare e Re Private
-Name[sr]=Нови приватан прозор
-Name[sv_SE]=Nytt privat fönster
-Name[ta]=புதிய தனிப்பட்ட சாளரம்
-Name[te]=కొత్త ఆంతరంగిక విండో
-Name[th]=หน้าต่างส่วนตัวใหม่
-Name[tr]=Yeni gizli pencere
-Name[tsz]=Juchiiti eraatarakua jimpani
-Name[uk]=Приватне вікно
-Name[ur]=نیا نجی دریچہ
-Name[uz]=Yangi maxfiy oyna
-Name[vi]=Cửa sổ riêng tư mới
-Name[wo]=Panlanteeru biir bu bees
-Name[xh]=Ifestile yangasese entsha
-Name[zh_CN]=新建隐私浏览窗口
-Name[zh_TW]=新增隱私視窗
-Exec=@EXEC@ --private-window %u
-
-[Desktop Action profile-manager-window]
-Name=Open the Profile Manager
-Name[de]=Profilverwaltung öffnen
-Name[cs]=Správa profilů
-Exec=@EXEC@ --ProfileManager
diff --git a/www-client/firefox/files/icon/firefox.desktop b/www-client/firefox/files/icon/firefox.desktop
deleted file mode 100644
index 1affce8f5..000000000
--- a/www-client/firefox/files/icon/firefox.desktop
+++ /dev/null
@@ -1,10 +0,0 @@
-[Desktop Entry]
-Name=@NAME@
-Comment=Web Browser
-Exec=firefox %u
-Icon=@ICON@
-Terminal=false
-Type=Application
-MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;
-Categories=Network;WebBrowser;
-
diff --git a/www-client/firefox/firefox-78.0.2.ebuild b/www-client/firefox/firefox-78.0.2.ebuild
deleted file mode 100644
index db0db9940..000000000
--- a/www-client/firefox/firefox-78.0.2.ebuild
+++ /dev/null
@@ -1,921 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-VIRTUALX_REQUIRED="pgo"
-WANT_AUTOCONF="2.1"
-MOZ_ESR=""
-
-PYTHON_COMPAT=( python3_{6,7,8,9} )
-PYTHON_REQ_USE='ncurses,sqlite,ssl,threads(+)'
-
-# This list can be updated with scripts/get_langs.sh from the mozilla overlay
-MOZ_LANGS=( ach af an ar ast az be bg bn br bs ca cak cs cy da de dsb
-el en en-CA en-GB en-US eo es-AR es-CL es-ES es-MX et eu fa ff fi fr
-fy-NL ga-IE gd gl gn gu-IN he hi-IN hr hsb hu hy-AM ia id is it ja ka
-kab kk km kn ko lij lt lv mk mr ms my nb-NO nl nn-NO oc pa-IN pl pt-BR
-pt-PT rm ro ru si sk sl son sq sr sv-SE ta te th tr uk ur uz vi xh
-zh-CN zh-TW )
-
-# Convert the ebuild version to the upstream mozilla version, used by mozlinguas
-MOZ_PV="${PV/_alpha/a}" # Handle alpha for SRC_URI
-MOZ_PV="${MOZ_PV/_beta/b}" # Handle beta for SRC_URI
-MOZ_PV="${MOZ_PV%%_rc*}" # Handle rc for SRC_URI
-
-if [[ ${MOZ_ESR} == 1 ]] ; then
- # ESR releases have slightly different version numbers
- MOZ_PV="${MOZ_PV}esr"
-fi
-
-# Patch version
-PATCH="${PN}-78.0-patches-05"
-
-MOZ_HTTP_URI="https://archive.mozilla.org/pub/${PN}/releases"
-MOZ_SRC_URI="${MOZ_HTTP_URI}/${MOZ_PV}/source/${PN}-${MOZ_PV}.source.tar.xz"
-
-if [[ "${PV}" == *_rc* ]]; then
- MOZ_HTTP_URI="https://archive.mozilla.org/pub/${PN}/candidates/${MOZ_PV}-candidates/build${PV##*_rc}"
- MOZ_LANGPACK_PREFIX="linux-i686/xpi/"
- MOZ_SRC_URI="${MOZ_HTTP_URI}/source/${PN}-${MOZ_PV}.source.tar.xz -> $P.tar.xz"
-fi
-
-LLVM_MAX_SLOT=10
-
-inherit check-reqs eapi7-ver flag-o-matic toolchain-funcs eutils \
- gnome2-utils llvm mozcoreconf-v6 pax-utils xdg-utils \
- autotools mozlinguas-v2 multiprocessing virtualx
-
-DESCRIPTION="Firefox Web Browser"
-HOMEPAGE="https://www.mozilla.com/firefox"
-
-KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"
-
-SLOT="0"
-LICENSE="MPL-2.0 GPL-2 LGPL-2.1"
-IUSE="bindist clang cpu_flags_x86_avx2 debug eme-free geckodriver
- +gmp-autoupdate hardened hwaccel jack lto cpu_flags_arm_neon
- +openh264 pgo pulseaudio screencast +screenshot selinux +system-av1
- +system-harfbuzz +system-icu +system-jpeg +system-libevent
- +system-libvpx +system-webp test wayland wifi"
-
-REQUIRED_USE="pgo? ( lto )"
-
-RESTRICT="!bindist? ( bindist )
- !test? ( test )"
-
-PATCH_URIS=( https://dev.gentoo.org/~{whissi,polynomial-c,axs}/mozilla/patchsets/${PATCH}.tar.xz )
-SRC_URI="${SRC_URI}
- ${MOZ_SRC_URI}
- ${PATCH_URIS[@]}"
-
-CDEPEND="
- >=dev-libs/nss-3.53.1
- >=dev-libs/nspr-4.25
- dev-libs/atk
- dev-libs/expat
- >=x11-libs/cairo-1.10[X]
- >=x11-libs/gtk+-2.18:2
- >=x11-libs/gtk+-3.4.0:3[X]
- x11-libs/gdk-pixbuf
- >=x11-libs/pango-1.22.0
- >=media-libs/libpng-1.6.35:0=[apng]
- >=media-libs/mesa-10.2:*
- media-libs/fontconfig
- >=media-libs/freetype-2.4.10
- kernel_linux? ( !pulseaudio? ( media-libs/alsa-lib ) )
- virtual/freedesktop-icon-theme
- sys-apps/dbus
- dev-libs/dbus-glib
- >=x11-libs/pixman-0.19.2
- >=dev-libs/glib-2.26:2
- >=sys-libs/zlib-1.2.3
- >=dev-libs/libffi-3.0.10:=
- media-video/ffmpeg
- x11-libs/libX11
- x11-libs/libXcomposite
- x11-libs/libXdamage
- x11-libs/libXext
- x11-libs/libXfixes
- x11-libs/libXrender
- x11-libs/libXt
- screencast? ( media-video/pipewire:0/0.3 )
- system-av1? (
- >=media-libs/dav1d-0.3.0:=
- >=media-libs/libaom-1.0.0:=
- )
- system-harfbuzz? (
- >=media-libs/harfbuzz-2.6.4:0=
- >=media-gfx/graphite2-1.3.13
- )
- system-icu? ( >=dev-libs/icu-67.1:= )
- system-jpeg? ( >=media-libs/libjpeg-turbo-1.2.1 )
- system-libevent? ( >=dev-libs/libevent-2.0:0=[threads] )
- system-libvpx? ( >=media-libs/libvpx-1.8.2:0=[postproc] )
- system-webp? ( >=media-libs/libwebp-1.1.0:0= )
- wifi? (
- kernel_linux? (
- net-misc/networkmanager
- )
- )
- jack? ( virtual/jack )
- selinux? ( sec-policy/selinux-mozilla )"
-
-RDEPEND="${CDEPEND}
- jack? ( virtual/jack )
- openh264? ( media-libs/openh264:*[plugin] )
- pulseaudio? (
- || (
- media-sound/pulseaudio
- >=media-sound/apulse-0.1.12-r4
- )
- )
- selinux? ( sec-policy/selinux-mozilla )"
-
-DEPEND="${CDEPEND}
- app-arch/zip
- app-arch/unzip
- >=dev-util/cbindgen-0.14.1
- >=net-libs/nodejs-10.19.0
- >=sys-devel/binutils-2.30
- sys-apps/findutils
- virtual/pkgconfig
- >=virtual/rust-1.41.0
- || (
- (
- sys-devel/clang:10
- !clang? ( sys-devel/llvm:10 )
- clang? (
- =sys-devel/lld-10*
- sys-devel/llvm:10[gold]
- pgo? ( =sys-libs/compiler-rt-sanitizers-10*[profile] )
- )
- )
- (
- sys-devel/clang:9
- !clang? ( sys-devel/llvm:9 )
- clang? (
- =sys-devel/lld-9*
- sys-devel/llvm:9[gold]
- pgo? ( =sys-libs/compiler-rt-sanitizers-9*[profile] )
- )
- )
- (
- sys-devel/clang:8
- !clang? ( sys-devel/llvm:8 )
- clang? (
- =sys-devel/lld-8*
- sys-devel/llvm:8[gold]
- pgo? ( =sys-libs/compiler-rt-sanitizers-8*[profile] )
- )
- )
- (
- sys-devel/clang:7
- !clang? ( sys-devel/llvm:7 )
- clang? (
- =sys-devel/lld-7*
- sys-devel/llvm:7[gold]
- pgo? ( =sys-libs/compiler-rt-sanitizers-7*[profile] )
- )
- )
- )
- pulseaudio? (
- || (
- media-sound/pulseaudio
- >=media-sound/apulse-0.1.12-r4[sdk]
- )
- )
- wayland? ( >=x11-libs/gtk+-3.11:3[wayland] )
- amd64? ( >=dev-lang/yasm-1.1 virtual/opengl )
- x86? ( >=dev-lang/yasm-1.1 virtual/opengl )
- !system-av1? (
- amd64? ( >=dev-lang/nasm-2.13 )
- x86? ( >=dev-lang/nasm-2.13 )
- )"
-
-S="${WORKDIR}/firefox-${PV%_*}"
-
-BUILD_OBJ_DIR="${S}/ff"
-
-# allow GMP_PLUGIN_LIST to be set in an eclass or
-# overridden in the enviromnent (advanced hackers only)
-if [[ -z $GMP_PLUGIN_LIST ]] ; then
- GMP_PLUGIN_LIST=( gmp-gmpopenh264 gmp-widevinecdm )
-fi
-
-llvm_check_deps() {
- if ! has_version --host-root "sys-devel/clang:${LLVM_SLOT}" ; then
- ewarn "sys-devel/clang:${LLVM_SLOT} is missing! Cannot use LLVM slot ${LLVM_SLOT} ..." >&2
- return 1
- fi
-
- if use clang ; then
- if ! has_version --host-root "=sys-devel/lld-${LLVM_SLOT}*" ; then
- ewarn "=sys-devel/lld-${LLVM_SLOT}* is missing! Cannot use LLVM slot ${LLVM_SLOT} ..." >&2
- return 1
- fi
-
- if use pgo ; then
- if ! has_version --host-root "=sys-libs/compiler-rt-sanitizers-${LLVM_SLOT}*" ; then
- ewarn "=sys-libs/compiler-rt-sanitizers-${LLVM_SLOT}* is missing! Cannot use LLVM slot ${LLVM_SLOT} ..." >&2
- return 1
- fi
- fi
- fi
-
- einfo "Will use LLVM slot ${LLVM_SLOT}!" >&2
-}
-
-pkg_pretend() {
- if use pgo ; then
- if ! has usersandbox $FEATURES ; then
- die "You must enable usersandbox as X server can not run as root!"
- fi
- fi
-
- # Ensure we have enough disk space to compile
- if use pgo || use lto || use debug || use test ; then
- CHECKREQS_DISK_BUILD="10G"
- else
- CHECKREQS_DISK_BUILD="5G"
- fi
-
- check-reqs_pkg_pretend
-}
-
-pkg_setup() {
- moz_pkgsetup
-
- # Ensure we have enough disk space to compile
- if use pgo || use lto || use debug || use test ; then
- CHECKREQS_DISK_BUILD="10G"
- else
- CHECKREQS_DISK_BUILD="5G"
- fi
-
- check-reqs_pkg_setup
-
- # Avoid PGO profiling problems due to enviroment leakage
- # These should *always* be cleaned up anyway
- unset DBUS_SESSION_BUS_ADDRESS \
- DISPLAY \
- ORBIT_SOCKETDIR \
- SESSION_MANAGER \
- XDG_CACHE_HOME \
- XDG_SESSION_COOKIE \
- XAUTHORITY
-
- if ! use bindist ; then
- einfo
- elog "You are enabling official branding. You may not redistribute this build"
- elog "to any users on your network or the internet. Doing so puts yourself into"
- elog "a legal problem with Mozilla Foundation."
- elog "You can disable it by emerging ${PN} _with_ the bindist USE-flag."
- fi
-
- addpredict /proc/self/oom_score_adj
-
- llvm_pkg_setup
-}
-
-src_unpack() {
- default
-
- # Unpack language packs
- mozlinguas_src_unpack
-}
-
-src_prepare() {
- eapply "${WORKDIR}/firefox"
-
- # Make LTO respect MAKEOPTS
- sed -i \
- -e "s/multiprocessing.cpu_count()/$(makeopts_jobs)/" \
- "${S}"/build/moz.configure/lto-pgo.configure \
- || die "sed failed to set num_cores"
-
- # Make ICU respect MAKEOPTS
- sed -i \
- -e "s/multiprocessing.cpu_count()/$(makeopts_jobs)/" \
- "${S}"/intl/icu_sources_data.py \
- || die "sed failed to set num_cores"
-
- # sed-in toolchain prefix
- sed -i \
- -e "s/objdump/${CHOST}-objdump/" \
- "${S}"/python/mozbuild/mozbuild/configure/check_debug_ranges.py \
- || die "sed failed to set toolchain prefix"
-
- # Allow user to apply any additional patches without modifing ebuild
- eapply_user
-
- einfo "Removing pre-built binaries ..."
- find "${S}"/third_party -type f \( -name '*.so' -o -name '*.o' \) -print -delete || die
-
- # Enable gnomebreakpad
- if use debug ; then
- sed -i -e "s:GNOME_DISABLE_CRASH_DIALOG=1:GNOME_DISABLE_CRASH_DIALOG=0:g" \
- "${S}"/build/unix/run-mozilla.sh || die "sed failed!"
- fi
-
- # Drop -Wl,--as-needed related manipulation for ia64 as it causes ld sefgaults, bug #582432
- if use ia64 ; then
- sed -i \
- -e '/^OS_LIBS += no_as_needed/d' \
- -e '/^OS_LIBS += as_needed/d' \
- "${S}"/widget/gtk/mozgtk/gtk2/moz.build \
- "${S}"/widget/gtk/mozgtk/gtk3/moz.build \
- || die "sed failed to drop --as-needed for ia64"
- fi
-
- # Fix sandbox violations during make clean, bug 372817
- sed -e "s:\(/no-such-file\):${T}\1:g" \
- -i "${S}"/config/rules.mk \
- -i "${S}"/nsprpub/configure{.in,} \
- || die
-
- # Don't exit with error when some libs are missing which we have in
- # system.
- sed '/^MOZ_PKG_FATAL_WARNINGS/s@= 1@= 0@' \
- -i "${S}"/browser/installer/Makefile.in || die
-
- # Don't error out when there's no files to be removed:
- sed 's@\(xargs rm\)$@\1 -f@' \
- -i "${S}"/toolkit/mozapps/installer/packager.mk || die
-
- # Keep codebase the same even if not using official branding
- sed '/^MOZ_DEV_EDITION=1/d' \
- -i "${S}"/browser/branding/aurora/configure.sh || die
-
- # rustfmt, a tool to format Rust code, is optional and not required to build Firefox.
- # However, when available, an unsupported version can cause problems, bug #669548
- sed -i -e "s@check_prog('RUSTFMT', add_rustup_path('rustfmt')@check_prog('RUSTFMT', add_rustup_path('rustfmt_do_not_use')@" \
- "${S}"/build/moz.configure/rust.configure || die
-
- # Autotools configure is now called old-configure.in
- # This works because there is still a configure.in that happens to be for the
- # shell wrapper configure script
- eautoreconf old-configure.in
-
- # Must run autoconf in js/src
- cd "${S}"/js/src || die
- eautoconf old-configure.in
-
- # Clear checksums that present a problem
- sed -i 's/\("files":{\)[^}]*/\1/' "${S}"/third_party/rust/target-lexicon-0.9.0/.cargo-checksum.json || die
-}
-
-src_configure() {
- MEXTENSIONS="default"
- # Google API keys (see http://www.chromium.org/developers/how-tos/api-keys)
- # Note: These are for Gentoo Linux use ONLY. For your own distribution, please
- # get your own set of keys.
- _google_api_key=AIzaSyDEAOvatFo0eTgsV_ZlEzx0ObmepsMzfAc
-
- # Add information about TERM to output (build.log) to aid debugging
- # blessings problems
- if [[ -n "${TERM}" ]] ; then
- einfo "TERM is set to: \"${TERM}\""
- else
- einfo "TERM is unset."
- fi
-
- if use clang && ! tc-is-clang ; then
- # Force clang
- einfo "Enforcing the use of clang due to USE=clang ..."
- CC=${CHOST}-clang
- CXX=${CHOST}-clang++
- strip-unsupported-flags
- elif ! use clang && ! tc-is-gcc ; then
- # Force gcc
- einfo "Enforcing the use of gcc due to USE=-clang ..."
- CC=${CHOST}-gcc
- CXX=${CHOST}-g++
- strip-unsupported-flags
- fi
-
- ####################################
- #
- # mozconfig, CFLAGS and CXXFLAGS setup
- #
- ####################################
-
- mozconfig_init
- # common config components
- mozconfig_annotate 'system_libs' \
- --with-system-zlib
-
- # Must pass release in order to properly select linker
- mozconfig_annotate 'Enable by Gentoo' --enable-release
-
- # libclang.so is not properly detected work around issue
- mozconfig_annotate '' --with-libclang-path="$(llvm-config --libdir)"
-
- if use pgo ; then
- if ! has userpriv $FEATURES ; then
- eerror "Building firefox with USE=pgo and FEATURES=-userpriv is not supported!"
- fi
- fi
-
- # Don't let user's LTO flags clash with upstream's flags
- filter-flags -flto*
-
- if use lto ; then
- local show_old_compiler_warning=
-
- if use clang ; then
- # At this stage CC is adjusted and the following check will
- # will work
- if [[ $(clang-major-version) -lt 7 ]] ; then
- show_old_compiler_warning=1
- fi
-
- # Upstream only supports lld when using clang
- mozconfig_annotate "forcing ld=lld due to USE=clang and USE=lto" --enable-linker=lld
- else
- if [[ $(gcc-major-version) -lt 8 ]] ; then
- show_old_compiler_warning=1
- fi
-
- if ! use cpu_flags_x86_avx2 ; then
- local _gcc_version_with_ipa_cdtor_fix="8.3"
- local _current_gcc_version="$(gcc-major-version).$(gcc-minor-version)"
-
- if ver_test "${_current_gcc_version}" -lt "${_gcc_version_with_ipa_cdtor_fix}" ; then
- # due to a GCC bug, GCC will produce AVX2 instructions
- # even if the CPU doesn't support AVX2, https://gcc.gnu.org/ml/gcc-patches/2018-12/msg01142.html
- einfo "Disable IPA cdtor due to bug in GCC and missing AVX2 support -- triggered by USE=lto"
- append-ldflags -fdisable-ipa-cdtor
- else
- einfo "No GCC workaround required, GCC version is already patched!"
- fi
- else
- einfo "No GCC workaround required, system supports AVX2"
- fi
-
- # Linking only works when using ld.gold when LTO is enabled
- mozconfig_annotate "forcing ld=gold due to USE=lto" --enable-linker=gold
- fi
-
- if [[ -n "${show_old_compiler_warning}" ]] ; then
- # Checking compiler's major version uses CC variable. Because we allow
- # user to control used compiler via USE=clang flag, we cannot use
- # initial value. So this is the earliest stage where we can do this check
- # because pkg_pretend is not called in the main phase function sequence
- # environment saving is not guaranteed so we don't know if we will have
- # correct compiler until now.
- ewarn ""
- ewarn "USE=lto requires up-to-date compiler (>=gcc-8 or >=clang-7)."
- ewarn "You are on your own -- expect build failures. Don't file bugs using that unsupported configuration!"
- ewarn ""
- sleep 5
- fi
-
- mozconfig_annotate '+lto' --enable-lto=thin
-
- if use pgo ; then
- mozconfig_annotate '+pgo' MOZ_PGO=1
- fi
- else
- # Avoid auto-magic on linker
- if use clang ; then
- # This is upstream's default
- mozconfig_annotate "forcing ld=lld due to USE=clang" --enable-linker=lld
- elif tc-ld-is-gold ; then
- mozconfig_annotate "linker is set to gold" --enable-linker=gold
- else
- mozconfig_annotate "linker is set to bfd" --enable-linker=bfd
- fi
- fi
-
- # It doesn't compile on alpha without this LDFLAGS
- use alpha && append-ldflags "-Wl,--no-relax"
-
- # Add full relro support for hardened
- use hardened && append-ldflags "-Wl,-z,now"
-
- # Modifications to better support ARM, bug 553364
- if use cpu_flags_arm_neon ; then
- mozconfig_annotate '' --with-fpu=neon
-
- if ! tc-is-clang ; then
- # thumb options aren't supported when using clang, bug 666966
- mozconfig_annotate '' --with-thumb=yes
- mozconfig_annotate '' --with-thumb-interwork=no
- fi
- fi
-
- if [[ ${CHOST} == armv*h* ]] ; then
- mozconfig_annotate '' --with-float-abi=hard
- if ! use system-libvpx ; then
- sed -i -e "s|softfp|hard|" \
- "${S}"/media/libvpx/moz.build
- fi
- fi
-
- mozconfig_use_enable !bindist official-branding
-
- mozconfig_use_enable debug
- mozconfig_use_enable debug tests
- if ! use debug ; then
- mozconfig_annotate 'disabled by Gentoo' --disable-debug-symbols
- else
- mozconfig_annotate 'enabled by Gentoo' --enable-debug-symbols
- fi
- # These are enabled by default in all mozilla applications
- mozconfig_annotate '' --with-system-nspr
- mozconfig_annotate '' --with-system-nss
- mozconfig_annotate '' --x-includes="${SYSROOT}${EPREFIX}"/usr/include \
- --x-libraries="${SYSROOT}${EPREFIX}"/usr/$(get_libdir)
- mozconfig_annotate '' --prefix="${EPREFIX}"/usr
- mozconfig_annotate '' --libdir="${EPREFIX}"/usr/$(get_libdir)
- mozconfig_annotate '' --disable-crashreporter
- mozconfig_annotate 'Gentoo default' --with-system-png
- mozconfig_annotate '' --enable-system-ffi
- mozconfig_annotate '' --with-intl-api
- mozconfig_annotate '' --enable-system-pixman
- # Instead of the standard --build= and --host=, mozilla uses --host instead
- # of --build, and --target intstead of --host.
- # Note, mozilla also has --build but it does not do what you think it does.
- # Set both --target and --host as mozilla uses python to guess values otherwise
- mozconfig_annotate '' --target="${CHOST}"
- mozconfig_annotate '' --host="${CBUILD:-${CHOST}}"
- mozconfig_annotate '' --with-toolchain-prefix="${CHOST}-"
- if use system-libevent ; then
- mozconfig_annotate '' --with-system-libevent="${SYSROOT}${EPREFIX}"/usr
- fi
-
- if ! use x86 && [[ ${CHOST} != armv*h* ]] ; then
- mozconfig_annotate '' --enable-rust-simd
- fi
-
- # use the gtk3 toolkit (the only one supported at this point)
- # TODO: Will this result in automagic dependency on x11-libs/gtk+[wayland]?
- if use wayland ; then
- mozconfig_annotate '' --enable-default-toolkit=cairo-gtk3-wayland
- else
- mozconfig_annotate '' --enable-default-toolkit=cairo-gtk3
- fi
-
- mozconfig_use_with system-av1
- mozconfig_use_with system-harfbuzz
- mozconfig_use_with system-harfbuzz system-graphite2
- mozconfig_use_with system-icu
- mozconfig_use_with system-jpeg
- mozconfig_use_with system-libvpx
- mozconfig_use_with system-webp
- mozconfig_use_enable pulseaudio
- # force the deprecated alsa sound code if pulseaudio is disabled
- if use kernel_linux && ! use pulseaudio ; then
- mozconfig_annotate '-pulseaudio' --enable-alsa
- fi
-
- # Disable built-in ccache support to avoid sandbox violation, #665420
- # Use FEATURES=ccache instead!
- mozconfig_annotate '' --without-ccache
- sed -i -e 's/ccache_stats = None/return None/' \
- python/mozbuild/mozbuild/controller/building.py || \
- die "Failed to disable ccache stats call"
-
- mozconfig_use_enable wifi necko-wifi
-
- mozconfig_use_enable geckodriver
-
- # enable JACK, bug 600002
- mozconfig_use_enable jack
-
- mozconfig_use_enable screencast pipewire
-
- # Enable/Disable eme support
- use eme-free && mozconfig_annotate '+eme-free' --disable-eme
-
- # Setup api key for location services and safebrowsing, https://bugzilla.mozilla.org/show_bug.cgi?id=1531176#c34
- echo -n "${_google_api_key}" > "${S}"/google-api-key
- mozconfig_annotate '' --with-google-location-service-api-keyfile="${S}/google-api-key"
- mozconfig_annotate '' --with-google-safebrowsing-api-keyfile="${S}/google-api-key"
-
- mozconfig_annotate '' --enable-extensions="${MEXTENSIONS}"
-
- # allow elfhack to work in combination with unstripped binaries
- # when they would normally be larger than 2GiB.
- append-ldflags "-Wl,--compress-debug-sections=zlib"
-
- if use clang ; then
- # https://bugzilla.mozilla.org/show_bug.cgi?id=1482204
- # https://bugzilla.mozilla.org/show_bug.cgi?id=1483822
- # toolkit/moz.configure Elfhack section: target.cpu in ('arm', 'x86', 'x86_64')
- local disable_elf_hack=
- if use amd64 ; then
- disable_elf_hack=yes
- elif use x86 ; then
- disable_elf_hack=yes
- elif use arm ; then
- disable_elf_hack=yes
- fi
-
- if [[ -n ${disable_elf_hack} ]] ; then
- mozconfig_annotate 'elf-hack is broken when using Clang' --disable-elf-hack
- fi
- fi
-
- echo "mk_add_options MOZ_OBJDIR=${BUILD_OBJ_DIR}" >> "${S}"/.mozconfig
- echo "mk_add_options XARGS=/usr/bin/xargs" >> "${S}"/.mozconfig
-
- # Finalize and report settings
- mozconfig_final
-
- mkdir -p "${S}"/third_party/rust/libloading/.deps
-
- # workaround for funky/broken upstream configure...
- SHELL="${SHELL:-${EPREFIX}/bin/bash}" MOZ_NOSPAM=1 \
- ./mach configure || die
-}
-
-src_compile() {
- local _virtx=
- if use pgo ; then
- _virtx=virtx
-
- # Reset and cleanup environment variables used by GNOME/XDG
- gnome2_environment_reset
-
- addpredict /root
- fi
-
- GDK_BACKEND=x11 \
- MOZ_MAKE_FLAGS="${MAKEOPTS} -O" \
- SHELL="${SHELL:-${EPREFIX}/bin/bash}" \
- MOZ_NOSPAM=1 \
- ${_virtx} \
- ./mach build --verbose \
- || die
-}
-
-src_install() {
- cd "${BUILD_OBJ_DIR}" || die
-
- # Pax mark xpcshell for hardened support, only used for startupcache creation.
- pax-mark m "${BUILD_OBJ_DIR}"/dist/bin/xpcshell
-
- # Add our default prefs for firefox
- cp "${FILESDIR}"/gentoo-default-prefs.js-3 \
- "${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
- || die
-
- # set dictionary path, to use system hunspell
- echo "pref(\"spellchecker.dictionary_path\", \"${EPREFIX}/usr/share/myspell\");" \
- >>"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" || die
-
- # force the graphite pref if system-harfbuzz is enabled, since the pref cant disable it
- if use system-harfbuzz ; then
- echo "sticky_pref(\"gfx.font_rendering.graphite.enabled\",true);" \
- >>"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" || die
- fi
-
- # force cairo as the canvas renderer on platforms without skia support
- if [[ $(tc-endian) == "big" ]] ; then
- echo "sticky_pref(\"gfx.canvas.azure.backends\",\"cairo\");" \
- >>"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" || die
- echo "sticky_pref(\"gfx.content.azure.backends\",\"cairo\");" \
- >>"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" || die
- fi
-
- # Augment this with hwaccel prefs
- if use hwaccel ; then
- cat "${FILESDIR}"/gentoo-hwaccel-prefs.js-1 >> \
- "${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
- || die
- fi
-
- if ! use screenshot ; then
- echo "pref(\"extensions.screenshots.disabled\", true);" >> \
- "${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
- || die
- fi
-
- echo "pref(\"extensions.autoDisableScopes\", 3);" >> \
- "${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
- || die
-
- if ! use gmp-autoupdate ; then
- local plugin
- for plugin in "${GMP_PLUGIN_LIST[@]}" ; do
- echo "pref(\"media.${plugin}.autoupdate\", false);" >> \
- "${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" \
- || die
- done
- fi
-
- cd "${S}"
- MOZ_MAKE_FLAGS="${MAKEOPTS}" SHELL="${SHELL:-${EPREFIX}/bin/bash}" MOZ_NOSPAM=1 \
- DESTDIR="${D}" ./mach install || die
-
- if use geckodriver ; then
- cp "${BUILD_OBJ_DIR}"/dist/bin/geckodriver "${ED%/}"${MOZILLA_FIVE_HOME} || die
- pax-mark m "${ED%/}"${MOZILLA_FIVE_HOME}/geckodriver
-
- dosym ${MOZILLA_FIVE_HOME}/geckodriver /usr/bin/geckodriver
- fi
-
- # Install language packs
- MOZEXTENSION_TARGET="distribution/extensions" MOZ_INSTALL_L10N_XPIFILE="1" mozlinguas_src_install
-
- local size sizes icon_path icon name
- if use bindist ; then
- sizes="16 32 48"
- icon_path="${S}/browser/branding/aurora"
- # Firefox's new rapid release cycle means no more codenames
- # Let's just stick with this one...
- icon="aurora"
- name="Aurora"
-
- # Override preferences to set the MOZ_DEV_EDITION defaults, since we
- # don't define MOZ_DEV_EDITION to avoid profile debaucles.
- # (source: browser/app/profile/firefox.js)
- cat >>"${BUILD_OBJ_DIR}/dist/bin/browser/defaults/preferences/all-gentoo.js" <=media-sound/apulse-0.1.12-r4" ; then
- einfo "APULSE found - Generating library symlinks for sound support"
- local lib
- pushd "${ED}"${MOZILLA_FIVE_HOME} &>/dev/null || die
- for lib in ../apulse/libpulse{.so{,.0},-simple.so{,.0}} ; do
- # a quickpkg rolled by hand will grab symlinks as part of the package,
- # so we need to avoid creating them if they already exist.
- if [[ ! -L ${lib##*/} ]] ; then
- ln -s "${lib}" ${lib##*/} || die
- fi
- done
- popd &>/dev/null || die
- fi
-}
-
-pkg_postinst() {
- xdg_desktop_database_update
- xdg_icon_cache_update
-
- if ! use gmp-autoupdate ; then
- elog "USE='-gmp-autoupdate' has disabled the following plugins from updating or"
- elog "installing into new profiles:"
- local plugin
- for plugin in "${GMP_PLUGIN_LIST[@]}" ; do
- elog "\t ${plugin}"
- done
- elog
- fi
-
- if use pulseaudio && has_version ">=media-sound/apulse-0.1.12-r4" ; then
- elog "Apulse was detected at merge time on this system and so it will always be"
- elog "used for sound. If you wish to use pulseaudio instead please unmerge"
- elog "media-sound/apulse."
- elog
- fi
-
- local show_doh_information show_normandy_information
-
- if [[ -z "${REPLACING_VERSIONS}" ]] ; then
- # New install; Tell user that DoH is disabled by default
- show_doh_information=yes
- show_normandy_information=yes
- else
- local replacing_version
- for replacing_version in ${REPLACING_VERSIONS} ; do
- if ver_test "${replacing_version}" -lt 70 ; then
- # Tell user only once about our DoH default
- show_doh_information=yes
- fi
-
- if ver_test "${replacing_version}" -lt 74.0-r2 ; then
- # Tell user only once about our Normandy default
- show_normandy_information=yes
- fi
- done
- fi
-
- if [[ -n "${show_doh_information}" ]] ; then
- elog
- elog "Note regarding Trusted Recursive Resolver aka DNS-over-HTTPS (DoH):"
- elog "Due to privacy concerns (encrypting DNS might be a good thing, sending all"
- elog "DNS traffic to Cloudflare by default is not a good idea and applications"
- elog "should respect OS configured settings), \"network.trr.mode\" was set to 5"
- elog "(\"Off by choice\") by default."
- elog "You can enable DNS-over-HTTPS in ${PN^}'s preferences."
- fi
-
- # bug 713782
- if [[ -n "${show_normandy_information}" ]] ; then
- elog
- elog "Upstream operates a service named Normandy which allows Mozilla to"
- elog "push changes for default settings or even install new add-ons remotely."
- elog "While this can be useful to address problems like 'Armagadd-on 2.0' or"
- elog "revert previous decisions to disable TLS 1.0/1.1, privacy and security"
- elog "concerns prevail, which is why we have switched off the use of this"
- elog "service by default."
- elog
- elog "To re-enable this service set"
- elog
- elog " app.normandy.enabled=true"
- elog
- elog "in about:config."
- fi
-}
-
-pkg_postrm() {
- xdg_desktop_database_update
- xdg_icon_cache_update
-}
diff --git a/www-servers/apache/Manifest b/www-servers/apache/Manifest
deleted file mode 100644
index bad25e94a..000000000
--- a/www-servers/apache/Manifest
+++ /dev/null
@@ -1,2 +0,0 @@
-DIST gentoo-apache-2.4.39-20190402.tar.bz2 25491 BLAKE2B ce230b07ec156048c7d7c1eb4b0e732fa6140f55d136e317714591327bde3f85bab7780424e6eef04b7a4518cbdcfdddcbc094409f4ca19ffea1ce967bdf7cf1 SHA512 bc0ffa20cffd9a89c2ea64420fa2243d77e97d7922bcd0b387a7fcfcc3c6908a056972b499a81344f7c3e3e19b55ffc300fd034c54b287f4f32d8931bd50cde4
-DIST httpd-2.4.41.tar.bz2 7072373 BLAKE2B 88a2390736209d5ef04bffcb867bc8d6019302885e6f3cc63d18123336d4d0657252105a3bfebf4e91b8daa02119d4a61f4c0a9702244858a3193ec6cf681c0f SHA512 350cc7dcd2c439e0590338fa6da3f44df44f9bb885c381e91f91b14c2f48597f6f0bbac0ea118a8a67eaa70ae7edbb769beace368643ed73f6daee44c307b335
diff --git a/www-servers/apache/apache-2.4.41.ebuild b/www-servers/apache/apache-2.4.41.ebuild
deleted file mode 100644
index 8c28f2265..000000000
--- a/www-servers/apache/apache-2.4.41.ebuild
+++ /dev/null
@@ -1,275 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-# latest gentoo apache files
-GENTOO_PATCHSTAMP="20190402"
-GENTOO_DEVELOPER="polynomial-c"
-GENTOO_PATCHNAME="gentoo-apache-2.4.39"
-
-# IUSE/USE_EXPAND magic
-IUSE_MPMS_FORK="prefork"
-IUSE_MPMS_THREAD="event worker"
-
-# << obsolete modules:
-# authn_default authz_default mem_cache
-# mem_cache is replaced by cache_disk
-# ?? buggy modules
-# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found
-# >> added modules for reason:
-# compat: compatibility with 2.2 access control
-# authz_host: new module for access control
-# authn_core: functionality provided by authn_alias in previous versions
-# authz_core: new module, provides core authorization capabilities
-# cache_disk: replacement for mem_cache
-# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3
-# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3
-# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3
-# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3
-# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests).
-# socache_shmcb: shared object cache provider. Default config with ssl needs it
-# unixd: fixes startup error: Invalid command 'User'
-IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest auth_form
-authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authn_socache authz_core
-authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex
-brotli cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock
-dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2
-ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness
-lbmethod_heartbeat log_config log_forensic logio macro md mime mime_magic negotiation
-proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi
-proxy_http2 proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout
-session session_cookie session_crypto session_dbd setenvif slotmem_shm speling
-socache_shmcb status substitute unique_id userdir usertrack unixd version vhost_alias
-watchdog xml2enc"
-# The following are also in the source as of this version, but are not available
-# for user selection:
-# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
-# optional_fn_import optional_hook_export optional_hook_import
-
-# inter-module dependencies
-# TODO: this may still be incomplete
-MODULE_DEPENDS="
- auth_form:session
- brotli:filter
- dav_fs:dav
- dav_lock:dav
- deflate:filter
- cache_disk:cache
- ext_filter:filter
- file_cache:cache
- lbmethod_byrequests:proxy_balancer
- lbmethod_byrequests:slotmem_shm
- lbmethod_bytraffic:proxy_balancer
- lbmethod_bybusyness:proxy_balancer
- lbmethod_heartbeat:proxy_balancer
- log_forensic:log_config
- logio:log_config
- cache_disk:cache
- cache_socache:cache
- md:watchdog
- mime_magic:mime
- proxy_ajp:proxy
- proxy_balancer:proxy
- proxy_balancer:slotmem_shm
- proxy_connect:proxy
- proxy_ftp:proxy
- proxy_html:proxy
- proxy_html:xml2enc
- proxy_http:proxy
- proxy_http2:proxy
- proxy_scgi:proxy
- proxy_fcgi:proxy
- proxy_wstunnel:proxy
- session_cookie:session
- session_dbd:dbd
- session_dbd:session
- substitute:filter
-"
-
-# module<->define mappings
-MODULE_DEFINES="
- auth_digest:AUTH_DIGEST
- authnz_ldap:AUTHNZ_LDAP
- cache:CACHE
- cache_disk:CACHE
- cache_socache:CACHE
- dav:DAV
- dav_fs:DAV
- dav_lock:DAV
- file_cache:CACHE
- http2:HTTP2
- info:INFO
- ldap:LDAP
- md:SSL
- proxy:PROXY
- proxy_ajp:PROXY
- proxy_balancer:PROXY
- proxy_connect:PROXY
- proxy_ftp:PROXY
- proxy_html:PROXY
- proxy_http:PROXY
- proxy_fcgi:PROXY
- proxy_scgi:PROXY
- proxy_wstunnel:PROXY
- socache_shmcb:SSL
- ssl:SSL
- status:STATUS
- suexec:SUEXEC
- userdir:USERDIR
-"
-
-# critical modules for the default config
-MODULE_CRITICAL="
- authn_core
- authz_core
- authz_host
- dir
- mime
- unixd
-"
-inherit apache-2 systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="The Apache Web Server"
-HOMEPAGE="https://httpd.apache.org/"
-
-# some helper scripts are Apache-1.1, thus both are here
-LICENSE="Apache-2.0 Apache-1.1"
-SLOT="2"
-KEYWORDS="alpha amd64 ~arm arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
-
-# Enable http2 by default (bug #563452)
-# FIXME: Move to apache-2.eclass once this has reached stable.
-IUSE="${IUSE/apache2_modules_http2/+apache2_modules_http2}"
-# New suexec options (since 2.4.34)
-IUSE="${IUSE} +suexec-caps suexec-syslog libressl"
-
-CDEPEND="apache2_modules_brotli? ( >=app-arch/brotli-0.6.0:= )
- apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )
- apache2_modules_proxy_http2? ( >=net-libs/nghttp2-1.2.1 )
- apache2_modules_md? ( >=dev-libs/jansson-2.10 )
- apache2_modules_session_crypto? (
- libressl? ( dev-libs/apr-util[libressl] )
- !libressl? ( dev-libs/apr-util[openssl] )
- )"
-
-DEPEND+="${CDEPEND}
- suexec? ( suexec-caps? ( sys-libs/libcap ) )"
-RDEPEND+="${CDEPEND}"
-
-REQUIRED_USE="apache2_modules_http2? ( ssl )
- apache2_modules_md? ( ssl )"
-
-pkg_setup() {
- # dependend critical modules which are not allowed in global scope due
- # to USE flag conditionals (bug #499260)
- use ssl && MODULE_CRITICAL+=" socache_shmcb"
- use doc && MODULE_CRITICAL+=" alias negotiation setenvif"
- apache-2_pkg_setup
-}
-
-src_configure() {
- # Brain dead check.
- tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
-
- apache-2_src_configure
-}
-
-src_compile() {
- if tc-is-cross-compiler; then
- # This header is the same across targets, so use the build compiler.
- pushd server >/dev/null
- emake gen_test_char
- tc-export_build_env BUILD_CC
- ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \
- gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die
- popd >/dev/null
- fi
-
- default
-}
-
-src_install() {
- apache-2_src_install
-
- # systemd support for logrotate scripts
- # override Gentoo logrotate script with a version
- # that works for both openrc and systemd
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/apache2-logrotate apache2
-
- local i
- local apache_tools_prune_list=(
- /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}
- /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}
- /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}
- /usr/share/man/man8/{rotatelogs.8,htcacheclean.8}
- )
- for i in ${apache_tools_prune_list[@]} ; do
- rm "${ED%/}"/${i} || die "Failed to prune apache-tools bits"
- done
-
- # install apxs in /usr/bin (bug #502384) and put a symlink into the
- # old location until all ebuilds and eclasses have been modified to
- # use the new location.
- dobin support/apxs
- dosym ../bin/apxs /usr/sbin/apxs
-
- # Note: wait for mod_systemd to be included in some forthcoming release,
- # Then apache2.4.service can be used and systemd support controlled
- # through --enable-systemd
- systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service"
- systemd_dotmpfilesd "${FILESDIR}/apache.conf"
- #insinto /etc/apache2/modules.d
- #doins "${FILESDIR}/00_systemd.conf"
-
- # Install http2 module config
- insinto /etc/apache2/modules.d
- doins "${FILESDIR}"/41_mod_http2.conf
-
- # Fix path to apache libdir
- sed "s|@LIBDIR@|$(get_libdir)|" -i "${ED%/}"/usr/sbin/apache2ctl || die
-}
-
-pkg_postinst() {
- apache-2_pkg_postinst || die "apache-2_pkg_postinst failed"
-
- tmpfiles_process apache.conf #662544
-
- # warnings that default config might not work out of the box
- local mod cmod
- for mod in ${MODULE_CRITICAL} ; do
- if ! use "apache2_modules_${mod}"; then
- echo
- ewarn "Warning: Critical module not installed!"
- ewarn "Modules 'authn_core', 'authz_core' and 'unixd'"
- ewarn "are highly recomended but might not be in the base profile yet."
- ewarn "Default config for ssl needs module 'socache_shmcb'."
- ewarn "Enabling the following flags is highly recommended:"
- for cmod in ${MODULE_CRITICAL} ; do
- use "apache2_modules_${cmod}" || \
- ewarn "+ apache2_modules_${cmod}"
- done
- echo
- break
- fi
- done
- # warning for proxy_balancer and missing load balancing scheduler
- if use apache2_modules_proxy_balancer; then
- local lbset=
- for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do
- if use "apache2_modules_${mod}"; then
- lbset=1 && break
- fi
- done
- if [ ! ${lbset} ] ; then
- echo
- ewarn "Info: Missing load balancing scheduler algorithm module"
- ewarn "(They were split off from proxy_balancer in 2.3)"
- ewarn "In order to get the ability of load balancing, at least"
- ewarn "one of these modules has to be present:"
- ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat"
- echo
- fi
- fi
-}
diff --git a/www-servers/apache/files/41_mod_http2.conf b/www-servers/apache/files/41_mod_http2.conf
deleted file mode 100644
index e4c9454e0..000000000
--- a/www-servers/apache/files/41_mod_http2.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
- # enable debugging for this module
- #LogLevel http2:info
-
- #Enable HTTP/2 support
- Protocols h2 h2c http/1.1
-
-
diff --git a/www-servers/apache/files/apache-2.4.12-alpn.patch b/www-servers/apache/files/apache-2.4.12-alpn.patch
deleted file mode 100644
index 25bb6e1b5..000000000
--- a/www-servers/apache/files/apache-2.4.12-alpn.patch
+++ /dev/null
@@ -1,476 +0,0 @@
-https://bugs.gentoo.org/471512
-
-upstream apache has merged alpn into trunk:
-https://issues.apache.org/bugzilla/show_bug.cgi?id=52210
-note: the bug is closed INVALID due to the npn discussion; go to the bottom to
-see alpn merged into it trunk. unfortunately, it wasn't merged into the 2.4
-branch.
-
-the mod_h2 project has backported it to the 2.4 branch:
-https://github.com/icing/mod_h2/tree/master/sandbox/httpd/patches
-commit 73e4d0e9c813b58581a32a6948780fa948094cc1
-
---- modules/ssl/mod_ssl.c
-+++ modules/ssl/mod_ssl.c
-@@ -273,6 +273,12 @@
- "OpenSSL configuration command")
- #endif
-
-+#ifdef HAVE_TLS_ALPN
-+ SSL_CMD_SRV(ALPNPreference, ITERATE,
-+ "Preference in Application-Layer Protocol Negotiation (ALPN), "
-+ "protocols are chosen in the specified order")
-+#endif
-+
- /* Deprecated directives. */
- AP_INIT_RAW_ARGS("SSLLog", ap_set_deprecated, NULL, OR_ALL,
- "SSLLog directive is no longer supported - use ErrorLog."),
-@@ -423,12 +448,44 @@
- return 1;
- }
-
-+static int modssl_register_alpn(conn_rec *c,
-+ ssl_alpn_propose_protos advertisefn,
-+ ssl_alpn_proto_negotiated negotiatedfn)
-+{
-+#ifdef HAVE_TLS_ALPN
-+ SSLConnRec *sslconn = myConnConfig(c);
-+
-+ if (!sslconn) {
-+ return DECLINED;
-+ }
-+
-+ if (!sslconn->alpn_proposefns) {
-+ sslconn->alpn_proposefns =
-+ apr_array_make(c->pool, 5, sizeof(ssl_alpn_propose_protos));
-+ sslconn->alpn_negofns =
-+ apr_array_make(c->pool, 5, sizeof(ssl_alpn_proto_negotiated));
-+ }
-+
-+ if (advertisefn)
-+ APR_ARRAY_PUSH(sslconn->alpn_proposefns, ssl_alpn_propose_protos) =
-+ advertisefn;
-+ if (negotiatedfn)
-+ APR_ARRAY_PUSH(sslconn->alpn_negofns, ssl_alpn_proto_negotiated) =
-+ negotiatedfn;
-+
-+ return OK;
-+#else
-+ return DECLINED;
-+#endif
-+}
-+
- int ssl_init_ssl_connection(conn_rec *c, request_rec *r)
- {
- SSLSrvConfigRec *sc;
- SSL *ssl;
- SSLConnRec *sslconn = myConnConfig(c);
- char *vhost_md5;
-+ int rc;
- modssl_ctx_t *mctx;
- server_rec *server;
-
-@@ -585,6 +647,7 @@
-
- APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable);
- APR_REGISTER_OPTIONAL_FN(ssl_engine_disable);
-+ APR_REGISTER_OPTIONAL_FN(modssl_register_alpn);
-
- ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "ssl",
- AUTHZ_PROVIDER_VERSION,
---- modules/ssl/mod_ssl.h
-+++ modules/ssl/mod_ssl.h
-@@ -63,5 +93,46 @@
-
- APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
-
-+/** The alpn_propose_proto callback allows other modules to propose
-+ * the name of the protocol that will be chosen during the
-+ * Application-Layer Protocol Negotiation (ALPN) portion of the SSL handshake.
-+ * The callback is given the connection and a list of NULL-terminated
-+ * protocol strings as supported by the client. If this client_protos is
-+ * non-empty, it must pick its preferred protocol from that list. Otherwise
-+ * it should add its supported protocols in order of precedence.
-+ * The callback should not yet modify the connection or install any filters
-+ * as its proposal(s) may be overridden by another callback or server
-+ * configuration.
-+ * It should return OK or, to prevent further processing of (other modules')
-+ * callbacks, return DONE.
-+ */
-+typedef int (*ssl_alpn_propose_protos)(conn_rec *connection,
-+ apr_array_header_t *client_protos,
-+ apr_array_header_t *proposed_protos);
-+
-+/** The alpn_proto_negotiated callback allows other modules to discover
-+ * the name of the protocol that was chosen during the Application-Layer
-+ * Protocol Negotiation (ALPN) portion of the SSL handshake.
-+ * The callback is given the connection, a
-+ * non-NUL-terminated string containing the protocol name, and the
-+ * length of the string; it should do something appropriate
-+ * (i.e. insert or remove filters) and return OK. To prevent further
-+ * processing of (other modules') callbacks, return DONE. */
-+typedef int (*ssl_alpn_proto_negotiated)(conn_rec *connection,
-+ const char *proto_name,
-+ apr_size_t proto_name_len);
-+
-+/* An optional function which can be used to register a pair of callbacks
-+ * for ALPN handling.
-+ * This optional function should be invoked from a pre_connection hook
-+ * which runs *after* mod_ssl.c's pre_connection hook. The function returns
-+ * OK if the callbacks are registered, or DECLINED otherwise (for example if
-+ * mod_ssl does not support ALPN).
-+ */
-+APR_DECLARE_OPTIONAL_FN(int, modssl_register_alpn,
-+ (conn_rec *conn,
-+ ssl_alpn_propose_protos proposefn,
-+ ssl_alpn_proto_negotiated negotiatedfn));
-+
- #endif /* __MOD_SSL_H__ */
- /** @} */
---- modules/ssl/ssl_engine_config.c
-+++ modules/ssl/ssl_engine_config.c
-@@ -159,6 +160,9 @@
- SSL_CONF_CTX_set_flags(mctx->ssl_ctx_config, SSL_CONF_FLAG_CERTIFICATE);
- mctx->ssl_ctx_param = apr_array_make(p, 5, sizeof(ssl_ctx_param_t));
- #endif
-+#ifdef HAVE_TLS_ALPN
-+ mctx->ssl_alpn_pref = apr_array_make(p, 5, sizeof(const char *));
-+#endif
- }
-
- static void modssl_ctx_init_proxy(SSLSrvConfigRec *sc,
-@@ -301,6 +307,9 @@
- #ifdef HAVE_SSL_CONF_CMD
- cfgMergeArray(ssl_ctx_param);
- #endif
-+#ifdef HAVE_TLS_ALPN
-+ cfgMergeArray(ssl_alpn_pref);
-+#endif
- }
-
- static void modssl_ctx_cfg_merge_proxy(apr_pool_t *p,
-@@ -1875,6 +1868,16 @@
- }
- #endif
-
-+#ifdef HAVE_TLS_ALPN
-+const char *ssl_cmd_SSLALPNPreference(cmd_parms *cmd, void *dcfg,
-+ const char *protocol)
-+{
-+ SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
-+ APR_ARRAY_PUSH(sc->server->ssl_alpn_pref, const char *) = protocol;
-+ return NULL;
-+}
-+#endif
-+
- #ifdef HAVE_SRP
-
- const char *ssl_cmd_SSLSRPVerifierFile(cmd_parms *cmd, void *dcfg,
---- modules/ssl/ssl_engine_init.c
-+++ modules/ssl/ssl_engine_init.c
-@@ -623,6 +646,11 @@
- SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH);
-
- SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
-+
-+#ifdef HAVE_TLS_ALPN
-+ SSL_CTX_set_alpn_select_cb(
-+ ctx, ssl_callback_alpn_select, NULL);
-+#endif
- }
-
- static apr_status_t ssl_init_ctx_verify(server_rec *s,
---- modules/ssl/ssl_engine_io.c
-+++ modules/ssl/ssl_engine_io.c
-@@ -28,6 +28,7 @@
- core keeps dumping.''
- -- Unknown */
- #include "ssl_private.h"
-+#include "mod_ssl.h"
- #include "apr_date.h"
-
- /* _________________________________________________________________
-@@ -297,6 +315,9 @@
- apr_pool_t *pool;
- char buffer[AP_IOBUFSIZE];
- ssl_filter_ctx_t *filter_ctx;
-+#ifdef HAVE_TLS_ALPN
-+ int alpn_finished; /* 1 if ALPN has finished, 0 otherwise */
-+#endif
- } bio_filter_in_ctx_t;
-
- /*
-@@ -1412,6 +1485,37 @@
- APR_BRIGADE_INSERT_TAIL(bb, bucket);
- }
-
-+#ifdef HAVE_TLS_ALPN
-+ /* By this point, Application-Layer Protocol Negotiation (ALPN) should be
-+ * completed (if our version of OpenSSL supports it). If we haven't already,
-+ * find out which protocol was decided upon and inform other modules
-+ * by calling alpn_proto_negotiated_hook.
-+ */
-+ if (!inctx->alpn_finished) {
-+ SSLConnRec *sslconn = myConnConfig(f->c);
-+ const unsigned char *next_proto = NULL;
-+ unsigned next_proto_len = 0;
-+ int n;
-+
-+ if (sslconn->alpn_negofns) {
-+ SSL_get0_alpn_selected(inctx->ssl, &next_proto, &next_proto_len);
-+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c,
-+ APLOGNO(02836) "SSL negotiated protocol: '%s'",
-+ (next_proto && next_proto_len)?
-+ apr_pstrmemdup(f->c->pool, (const char *)next_proto,
-+ next_proto_len) : "(null)");
-+ for (n = 0; n < sslconn->alpn_negofns->nelts; n++) {
-+ ssl_alpn_proto_negotiated fn =
-+ APR_ARRAY_IDX(sslconn->alpn_negofns, n, ssl_alpn_proto_negotiated);
-+
-+ if (fn(f->c, (const char *)next_proto, next_proto_len) == DONE)
-+ break;
-+ }
-+ }
-+ inctx->alpn_finished = 1;
-+ }
-+#endif
-+
- return APR_SUCCESS;
- }
-
-@@ -1893,6 +1996,9 @@
- inctx->block = APR_BLOCK_READ;
- inctx->pool = c->pool;
- inctx->filter_ctx = filter_ctx;
-+#ifdef HAVE_TLS_ALPN
-+ inctx->alpn_finished = 0;
-+#endif
- }
-
- /* The request_rec pointer is passed in here only to ensure that the
---- modules/ssl/ssl_engine_kernel.c
-+++ modules/ssl/ssl_engine_kernel.c
-@@ -29,6 +29,7 @@
- time I was too famous.''
- -- Unknown */
- #include "ssl_private.h"
-+#include "mod_ssl.h"
- #include "util_md5.h"
-
- static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
-@@ -2137,6 +2162,153 @@
- }
- #endif /* HAVE_TLS_SESSION_TICKETS */
-
-+#ifdef HAVE_TLS_ALPN
-+static int ssl_array_index(apr_array_header_t *array,
-+ const char *s)
-+{
-+ int i;
-+ for (i = 0; i < array->nelts; i++) {
-+ const char *p = APR_ARRAY_IDX(array, i, const char*);
-+ if (!strcmp(p, s)) {
-+ return i;
-+ }
-+ }
-+ return -1;
-+}
-+
-+/*
-+ * Compare two ALPN protocol proposal. Result is similar to strcmp():
-+ * 0 gives same precedence, >0 means proto1 is prefered.
-+ */
-+static int ssl_cmp_alpn_protos(modssl_ctx_t *ctx,
-+ const char *proto1,
-+ const char *proto2)
-+{
-+ /* TODO: we should have a mod_ssl configuration parameter. */
-+ if (ctx && ctx->ssl_alpn_pref) {
-+ int index1 = ssl_array_index(ctx->ssl_alpn_pref, proto1);
-+ int index2 = ssl_array_index(ctx->ssl_alpn_pref, proto2);
-+ if (index2 > index1) {
-+ return (index1 >= 0)? 1 : -1;
-+ }
-+ else if (index1 > index2) {
-+ return (index2 >= 0)? -1 : 1;
-+ }
-+ }
-+ /* both have the same index (mabye -1 or no pref configured) and we compare
-+ * the names so that spdy3 gets precedence over spdy2. That makes
-+ * the outcome at least deterministic. */
-+ return strcmp((const char *)proto1, (const char *)proto2);
-+}
-+
-+/*
-+ * This callback function is executed when the TLS Application Layer
-+ * Protocol Negotiate Extension (ALPN, RFC 7301) is triggered by the client
-+ * hello, giving a list of desired protocol names (in descending preference)
-+ * to the server.
-+ * The callback has to select a protocol name or return an error if none of
-+ * the clients preferences is supported.
-+ * The selected protocol does not have to be on the client list, according
-+ * to RFC 7301, so no checks are performed.
-+ * The client protocol list is serialized as length byte followed by ascii
-+ * characters (not null-terminated), followed by the next protocol name.
-+ */
-+int ssl_callback_alpn_select(SSL *ssl,
-+ const unsigned char **out, unsigned char *outlen,
-+ const unsigned char *in, unsigned int inlen, void *arg)
-+{
-+ conn_rec *c = (conn_rec*)SSL_get_app_data(ssl);
-+ SSLConnRec *sslconn = myConnConfig(c);
-+ server_rec *s = mySrvFromConn(c);
-+ SSLSrvConfigRec *sc = mySrvConfig(s);
-+ modssl_ctx_t *mctx = myCtxConfig(sslconn, sc);
-+ const char *alpn_http1 = "http/1.1";
-+ apr_array_header_t *client_protos;
-+ apr_array_header_t *proposed_protos;
-+ int i;
-+ size_t len;
-+
-+ /* If the connection object is not available,
-+ * then there's nothing for us to do. */
-+ if (c == NULL) {
-+ return SSL_TLSEXT_ERR_OK;
-+ }
-+
-+ if (inlen == 0) {
-+ // someone tries to trick us?
-+ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02837)
-+ "ALPN client protocol list empty");
-+ return SSL_TLSEXT_ERR_ALERT_FATAL;
-+ }
-+
-+ client_protos = apr_array_make(c->pool, 0, sizeof(char *));
-+ for (i = 0; i < inlen; /**/) {
-+ unsigned int plen = in[i++];
-+ if (plen + i > inlen) {
-+ // someone tries to trick us?
-+ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02838)
-+ "ALPN protocol identier too long");
-+ return SSL_TLSEXT_ERR_ALERT_FATAL;
-+ }
-+ APR_ARRAY_PUSH(client_protos, char*) =
-+ apr_pstrndup(c->pool, (const char *)in+i, plen);
-+ i += plen;
-+ }
-+
-+ proposed_protos = apr_array_make(c->pool, client_protos->nelts+1,
-+ sizeof(char *));
-+
-+ if (sslconn->alpn_proposefns != NULL) {
-+ /* Invoke our alpn_propos_proto hooks, giving other modules a chance to
-+ * propose protocol names for selection. We might have several such
-+ * hooks installed and if two make a proposal, we need to give
-+ * preference to one.
-+ */
-+ for (i = 0; i < sslconn->alpn_proposefns->nelts; i++) {
-+ ssl_alpn_propose_protos fn =
-+ APR_ARRAY_IDX(sslconn->alpn_proposefns, i,
-+ ssl_alpn_propose_protos);
-+
-+ if (fn(c, client_protos, proposed_protos) == DONE)
-+ break;
-+ }
-+ }
-+
-+ if (proposed_protos->nelts <= 0) {
-+ /* Regardless of installed hooks, the http/1.1 protocol is always
-+ * supported by us. Choose it if none other matches. */
-+ if (ssl_array_index(client_protos, alpn_http1) < 0) {
-+ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02839)
-+ "none of the client ALPN protocols are supported");
-+ return SSL_TLSEXT_ERR_ALERT_FATAL;
-+ }
-+ *out = (const unsigned char*)alpn_http1;
-+ *outlen = (unsigned char)strlen(alpn_http1);
-+ return SSL_TLSEXT_ERR_OK;
-+ }
-+
-+ /* Now select the most preferred protocol from the proposals. */
-+ *out = APR_ARRAY_IDX(proposed_protos, 0, const unsigned char *);
-+ for (i = 1; i < proposed_protos->nelts; ++i) {
-+ const char *proto = APR_ARRAY_IDX(proposed_protos, i, const char*);
-+ /* Do we prefer it over existing candidate? */
-+ if (ssl_cmp_alpn_protos(mctx, (const char *)*out, proto) < 0) {
-+ *out = (const unsigned char*)proto;
-+ }
-+ }
-+
-+ len = strlen((const char*)*out);
-+ if (len > 255) {
-+ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02840)
-+ "ALPN negotiated protocol name too long");
-+ return SSL_TLSEXT_ERR_ALERT_FATAL;
-+ }
-+ *outlen = (unsigned char)len;
-+
-+ return SSL_TLSEXT_ERR_OK;
-+}
-+#endif
-+
- #ifdef HAVE_SRP
-
- int ssl_callback_SRPServerParams(SSL *ssl, int *ad, void *arg)
---- modules/ssl/ssl_private.h
-+++ modules/ssl/ssl_private.h
-@@ -182,6 +182,11 @@
- #include
- #endif
-
-+/* ALPN Protocol Negotiation */
-+#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
-+#define HAVE_TLS_ALPN
-+#endif
-+
- #endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */
-
- /* mod_ssl headers */
-@@ -443,6 +438,12 @@
- * connection */
- } reneg_state;
-
-+#ifdef HAVE_TLS_ALPN
-+ /* Poor man's inter-module optional hooks for ALPN. */
-+ apr_array_header_t *alpn_proposefns; /* list of ssl_alpn_propose_protos callbacks */
-+ apr_array_header_t *alpn_negofns; /* list of ssl_alpn_proto_negotiated callbacks. */
-+#endif
-+
- server_rec *server;
- } SSLConnRec;
-
-@@ -633,6 +633,10 @@
- SSL_CONF_CTX *ssl_ctx_config; /* Configuration context */
- apr_array_header_t *ssl_ctx_param; /* parameters to pass to SSL_CTX */
- #endif
-+
-+#ifdef HAVE_TLS_ALPN
-+ apr_array_header_t *ssl_alpn_pref; /* protocol names in order of preference */
-+#endif
- } modssl_ctx_t;
-
- struct SSLSrvConfigRec {
-@@ -763,6 +763,10 @@
- const char *ssl_cmd_SSLOpenSSLConfCmd(cmd_parms *cmd, void *dcfg, const char *arg1, const char *arg2);
- #endif
-
-+#ifdef HAVE_TLS_ALPN
-+const char *ssl_cmd_SSLALPNPreference(cmd_parms *cmd, void *dcfg, const char *protocol);
-+#endif
-+
- #ifdef HAVE_SRP
- const char *ssl_cmd_SSLSRPVerifierFile(cmd_parms *cmd, void *dcfg, const char *arg);
- const char *ssl_cmd_SSLSRPUnknownUserSeed(cmd_parms *cmd, void *dcfg, const char *arg);
-@@ -815,6 +815,12 @@
- EVP_CIPHER_CTX *, HMAC_CTX *, int);
- #endif
-
-+#ifdef HAVE_TLS_ALPN
-+int ssl_callback_alpn_select(SSL *ssl, const unsigned char **out,
-+ unsigned char *outlen, const unsigned char *in,
-+ unsigned int inlen, void *arg);
-+#endif
-+
- /** Session Cache Support */
- apr_status_t ssl_scache_init(server_rec *, apr_pool_t *);
- void ssl_scache_status_register(apr_pool_t *p);
diff --git a/www-servers/apache/files/apache.conf b/www-servers/apache/files/apache.conf
deleted file mode 100644
index 56e23aefa..000000000
--- a/www-servers/apache/files/apache.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-d /run/apache2 710 root apache
-d /run/apache_ssl_mutex
diff --git a/www-servers/apache/files/apache2-logrotate b/www-servers/apache/files/apache2-logrotate
deleted file mode 100644
index 00a127c1d..000000000
--- a/www-servers/apache/files/apache2-logrotate
+++ /dev/null
@@ -1,12 +0,0 @@
-# Apache2 logrotate snipet for Gentoo Linux
-# Contributes by Chuck Short
-#
-/var/log/apache2/*log {
- missingok
- notifempty
- sharedscripts
- postrotate
- test -e /run/openrc/softlevel && /etc/init.d/apache2 reload > /dev/null 2>&1 || true
- test -e /run/systemd/system && systemctl reload apache2 > /dev/null 2>&1 || true
- endscript
-}
diff --git a/www-servers/apache/files/apache2.2-hardened.service b/www-servers/apache/files/apache2.2-hardened.service
deleted file mode 100644
index 7a512a733..000000000
--- a/www-servers/apache/files/apache2.2-hardened.service
+++ /dev/null
@@ -1,27 +0,0 @@
-[Unit]
-Description=The Apache HTTP Server
-After=network.target remote-fs.target nss-lookup.target
-
-[Service]
-EnvironmentFile=/etc/conf.d/apache2
-ExecStart=/usr/sbin/apache2 $APACHE2_OPTS -DFOREGROUND
-ExecReload=/usr/sbin/apache2 $APACHE2_OPTS -k graceful
-ExecStop=/usr/sbin/apache2 $APACHE2_OPTS -k graceful-stop
-# We want systemd to give httpd some time to finish gracefully, but still want
-# it to kill httpd after TimeoutStopSec if something went wrong during the
-# graceful stop. Normally, Systemd sends SIGTERM signal right after the
-# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
-# httpd time to finish.
-KillSignal=SIGCONT
-PrivateTmp=true
-#Hardening
-PrivateTmp=true
-CapabilityBoundingSet=CAP_CHOWN CAP_SETGID CAP_SETUID CAP_DAC_OVERRIDE CAP_KILL CAP_NET_BIND_SERVICE CAP_IPC_LOCK
-SecureBits=noroot-locked
-ProtectSystem=full
-NoNewPrivileges=true
-PrivateDevices=true
-MemoryDenyWriteExecute=true
-
-[Install]
-WantedBy=multi-user.target
diff --git a/x11-libs/libxklavier/Manifest b/x11-libs/libxklavier/Manifest
deleted file mode 100644
index abd3744ec..000000000
--- a/x11-libs/libxklavier/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST libxklavier-5.4.tar.bz2 390428 SHA256 17a34194df5cbcd3b7bfd0f561d95d1f723aa1c87fca56bc2c209514460a9320 SHA512 e9342d94f6cd67e900e44d9751ee0d8c75bec8e3a7b30989612bd71a5f890be52ff843465162dbbe0bfc9004da76e1d47158a4671b8f915e51c91f9d82f7baae WHIRLPOOL 93e2b73d8035e6ef01c0286c98e36d8f0ad5981238de49c9e93fedd97efc5247feadefa30cfc8fbf924980aa0e95fe6f24d1702b00171e0fdb3f4a430bab1a1f
diff --git a/x11-libs/libxklavier/libxklavier-5.4.ebuild b/x11-libs/libxklavier/libxklavier-5.4.ebuild
deleted file mode 100644
index 851bacd21..000000000
--- a/x11-libs/libxklavier/libxklavier-5.4.ebuild
+++ /dev/null
@@ -1,57 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit eutils gnome.org libtool vala xdg-utils
-
-DESCRIPTION="A library for the X Keyboard Extension (high-level API)"
-HOMEPAGE="https://www.freedesktop.org/wiki/Software/LibXklavier"
-
-LICENSE="LGPL-2"
-SLOT="0/16"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-interix ~amd64-linux ~x86-linux ~x86-solaris"
-IUSE="+introspection vala"
-REQUIRED_USE="vala? ( introspection )"
-RESTRICT=nomirror
-SRC_URI="http://distfiles.sabayon.org/${CATEGORY}/${P}.tar.bz2"
-
-RDEPEND="
- app-text/iso-codes
- >=dev-libs/glib-2.16:2
- dev-libs/libxml2:2
- x11-apps/xkbcomp
- x11-libs/libX11
- >=x11-libs/libXi-1.1.3
- x11-libs/libxkbfile
- >=x11-misc/xkeyboard-config-2.4.1-r3
- introspection? ( >=dev-libs/gobject-introspection-1.30:= )
-"
-DEPEND="${RDEPEND}
- >=dev-util/gtk-doc-am-1.4
- sys-devel/gettext
- vala? ( $(vala_depend) )
- virtual/pkgconfig
-"
-
-src_prepare() {
- xdg_environment_reset
- elibtoolize
- use vala && vala_src_prepare
-}
-
-src_configure() {
- econf \
- --disable-static \
- --disable-gtk-doc \
- $(use_enable vala) \
- $(use_enable introspection) \
- --with-xkb-base="${EPREFIX}"/usr/share/X11/xkb \
- --with-xkb-bin-base="${EPREFIX}"/usr/bin
-}
-
-src_install() {
- default
- dodoc AUTHORS ChangeLog CREDITS NEWS README
- prune_libtool_files
-}
diff --git a/x11-libs/libxklavier/metadata.xml b/x11-libs/libxklavier/metadata.xml
deleted file mode 100644
index f3cab85cf..000000000
--- a/x11-libs/libxklavier/metadata.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-
-
-
-
- freedesktop-bugs@gentoo.org
-
-
diff --git a/x11-plugins/pidgin-libnotify/Manifest b/x11-plugins/pidgin-libnotify/Manifest
deleted file mode 100644
index 825fed32e..000000000
--- a/x11-plugins/pidgin-libnotify/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST pidgin-libnotify-0.14.tar.gz 316365 SHA256 74f4a9f20e0a483df39974178f1f2380786176189512bcd438e4ada280ec3abe
diff --git a/x11-plugins/pidgin-libnotify/files/fix-notify-osd.diff b/x11-plugins/pidgin-libnotify/files/fix-notify-osd.diff
deleted file mode 100644
index 25b678d64..000000000
--- a/x11-plugins/pidgin-libnotify/files/fix-notify-osd.diff
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -urN pidgin-libnotify-0.14.orig/src/pidgin-libnotify.c pidgin-libnotify-0.14/src/pidgin-libnotify.c
---- pidgin-libnotify-0.14.orig/src/pidgin-libnotify.c 2010-01-24 13:22:41.000000000 -0500
-+++ pidgin-libnotify-0.14/src/pidgin-libnotify.c 2010-01-24 13:22:51.000000000 -0500
-@@ -317,7 +317,11 @@
-
- notify_notification_set_urgency (notification, NOTIFY_URGENCY_NORMAL);
-
-- notify_notification_add_action (notification, "show", _("Show"), action_cb, NULL, NULL);
-+ GList *caps;
-+ caps = notify_get_server_caps();
-+ if (g_list_index(caps, "action") != -1) {
-+ notify_notification_add_action (notification, "show", _("Show"), action_cb, NULL, NULL);
-+ }
-
- if (!notify_notification_show (notification, NULL)) {
- purple_debug_error (PLUGIN_ID, "notify(), failed to send notification\n");
diff --git a/x11-plugins/pidgin-libnotify/files/no_text_in_messages.diff b/x11-plugins/pidgin-libnotify/files/no_text_in_messages.diff
deleted file mode 100644
index f0745e486..000000000
--- a/x11-plugins/pidgin-libnotify/files/no_text_in_messages.diff
+++ /dev/null
@@ -1,43 +0,0 @@
-diff -ur pidgin-libnotify-0.14.orig/src/pidgin-libnotify.c pidgin-libnotify-0.14.mine/src/pidgin-libnotify.c
---- pidgin-libnotify-0.14.orig/src/pidgin-libnotify.c 2008-12-14 17:45:51.000000000 +0000
-+++ pidgin-libnotify-0.14.mine/src/pidgin-libnotify.c 2010-12-29 21:06:56.764904502 +0000
-@@ -58,6 +58,11 @@
- purple_plugin_pref_frame_add (frame, ppref);
-
- ppref = purple_plugin_pref_new_with_name_and_label (
-+ "/plugins/gtk/libnotify/newmsgshowtext",
-+ _("Show the message inside the popup"));
-+ purple_plugin_pref_frame_add (frame, ppref);
-+
-+ ppref = purple_plugin_pref_new_with_name_and_label (
- "/plugins/gtk/libnotify/newconvonly",
- _("Only new conversations"));
- purple_plugin_pref_frame_add (frame, ppref);
-@@ -408,8 +413,17 @@
-
- tr_name = truncate_escape_string (best_name (buddy), 25);
-
-- title = g_strdup_printf (_("%s says:"), tr_name);
-- body = purple_markup_strip_html (message);
-+
-+ if (purple_prefs_get_bool ("/plugins/gtk/libnotify/newmsgshowtext"))
-+ {
-+ title = g_strdup_printf (_("%s says:"), tr_name);
-+ body = purple_markup_strip_html (message);
-+ }
-+ else
-+ {
-+ title = g_strdup_printf ("%s", tr_name);
-+ body = g_strdup_printf(_("New message!"));
-+ }
-
- notify (title, body, buddy);
-
-@@ -585,6 +599,7 @@
- purple_prefs_add_bool ("/plugins/gtk/libnotify/signon", TRUE);
- purple_prefs_add_bool ("/plugins/gtk/libnotify/signoff", FALSE);
- purple_prefs_add_bool ("/plugins/gtk/libnotify/only_available", FALSE);
-+ purple_prefs_add_bool ("/plugins/gtk/libnotify/newmsgshowtext", TRUE);
- }
-
- PURPLE_INIT_PLUGIN(notify, init_plugin, info)
diff --git a/x11-plugins/pidgin-libnotify/files/notify_file_transfers.diff b/x11-plugins/pidgin-libnotify/files/notify_file_transfers.diff
deleted file mode 100644
index ace92e17e..000000000
--- a/x11-plugins/pidgin-libnotify/files/notify_file_transfers.diff
+++ /dev/null
@@ -1,160 +0,0 @@
-#
-# LP BUG: https://bugs.launchpad.net/ubuntu/+source/pidgin-libnotify/+bug/345522
-# DESCRIPTION: adds notifications for file transfers (request, end, fail)
-#
-
---- pidgin-libnotify-0.14.old/src/pidgin-libnotify.c 2008-12-14 18:45:51.000000000 +0100
-+++ pidgin-libnotify-0.14.new/src/pidgin-libnotify.c 2009-03-19 20:04:39.000000000 +0100
-@@ -58,6 +58,11 @@
- purple_plugin_pref_frame_add (frame, ppref);
-
- ppref = purple_plugin_pref_new_with_name_and_label (
-+ "/plugins/gtk/libnotify/filetransfer",
-+ _("File transfers"));
-+ purple_plugin_pref_frame_add (frame, ppref);
-+
-+ ppref = purple_plugin_pref_new_with_name_and_label (
- "/plugins/gtk/libnotify/newconvonly",
- _("Only new conversations"));
- purple_plugin_pref_frame_add (frame, ppref);
-@@ -469,10 +474,62 @@
- notify_msg_sent (account, sender, message);
- }
-
-+static void
-+notify_transfer_with_message(const char* message, PurpleXfer *xfer)
-+{
-+ PurpleBuddy *buddy;
-+ gchar *title, *body, *tr_name;
-+ gboolean blocked;
-+
-+ if (!purple_prefs_get_bool ("/plugins/gtk/libnotify/filetransfer"))
-+ return;
-+
-+
-+ buddy = purple_find_buddy (xfer->account, xfer->who);
-+ if (!buddy)
-+ {
-+ purple_debug_info (PLUGIN_ID, "Buddy non trovato\n");
-+ return;
-+ }
-+
-+ blocked = purple_prefs_get_bool ("/plugins/gtk/libnotify/blocked");
-+ if (!purple_privacy_check(xfer->account, xfer->who) && blocked)
-+ return;
-+
-+ tr_name = truncate_escape_string (best_name (buddy), 25);
-+
-+ title = g_strdup_printf (_("%s file transfer:"), tr_name);
-+ body = g_strdup_printf("%s: %s", message, xfer->filename);
-+
-+ notify (title, body, buddy);
-+
-+ g_free (tr_name);
-+ g_free (title);
-+ g_free (body);
-+}
-+
-+static void
-+event_file_transfer_request (PurpleXfer *xfer, gpointer data)
-+{
-+ notify_transfer_with_message(_("Request"), xfer);
-+}
-+
-+static void
-+event_file_transfer_complete (PurpleXfer *xfer, gpointer data)
-+{
-+ notify_transfer_with_message(_("Complete"), xfer);
-+}
-+
-+static void
-+event_file_transfer_cancel (PurpleXfer *xfer, gpointer data)
-+{
-+ notify_transfer_with_message(_("Failed"), xfer);
-+}
-+
- static gboolean
- plugin_load (PurplePlugin *plugin)
- {
-- void *conv_handle, *blist_handle, *conn_handle;
-+ void *conv_handle, *blist_handle, *conn_handle, *xfer_handle;
-
- if (!notify_is_initted () && !notify_init ("Pidgin")) {
- purple_debug_error (PLUGIN_ID, "libnotify not running!\n");
-@@ -482,6 +539,7 @@
- conv_handle = purple_conversations_get_handle ();
- blist_handle = purple_blist_get_handle ();
- conn_handle = purple_connections_get_handle();
-+ xfer_handle = purple_xfers_get_handle ();
-
- buddy_hash = g_hash_table_new (NULL, NULL);
-
-@@ -496,6 +554,21 @@
-
- purple_signal_connect (conv_handle, "received-chat-msg", plugin,
- PURPLE_CALLBACK(notify_chat_nick), NULL);
-+
-+ purple_signal_connect (xfer_handle, "file-recv-request", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_request), NULL);
-+
-+ purple_signal_connect (xfer_handle, "file-recv-complete", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_complete), NULL);
-+
-+ purple_signal_connect (xfer_handle, "file-recv-cancel", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_cancel), NULL);
-+
-+ purple_signal_connect (xfer_handle, "file-send-complete", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_complete), NULL);
-+
-+ purple_signal_connect (xfer_handle, "file-send-cancel", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_cancel), NULL);
-
- /* used just to not display the flood of guifications we'd get */
- purple_signal_connect (conn_handle, "signed-on", plugin,
-@@ -507,11 +580,12 @@
- static gboolean
- plugin_unload (PurplePlugin *plugin)
- {
-- void *conv_handle, *blist_handle, *conn_handle;
-+ void *conv_handle, *blist_handle, *conn_handle, *xfer_handle;
-
- conv_handle = purple_conversations_get_handle ();
- blist_handle = purple_blist_get_handle ();
- conn_handle = purple_connections_get_handle();
-+ xfer_handle = purple_xfers_get_handle ();
-
- purple_signal_disconnect (blist_handle, "buddy-signed-on", plugin,
- PURPLE_CALLBACK(notify_buddy_signon_cb));
-@@ -527,6 +601,24 @@
-
- purple_signal_disconnect (conn_handle, "signed-on", plugin,
- PURPLE_CALLBACK(event_connection_throttle));
-+
-+ purple_signal_disconnect (conn_handle, "signed-on", plugin,
-+ PURPLE_CALLBACK(event_connection_throttle));
-+
-+ purple_signal_disconnect (xfer_handle, "file-recv-request", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_request));
-+
-+ purple_signal_disconnect (xfer_handle, "file-recv-complete", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_complete));
-+
-+ purple_signal_disconnect (xfer_handle, "file-recv-cancel", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_cancel));
-+
-+ purple_signal_disconnect (xfer_handle, "file-send-complete", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_complete));
-+
-+ purple_signal_disconnect (xfer_handle, "file-send-cancel", plugin,
-+ PURPLE_CALLBACK(event_file_transfer_cancel));
-
- g_hash_table_destroy (buddy_hash);
-
-@@ -580,6 +672,7 @@
-
- purple_prefs_add_none ("/plugins/gtk/libnotify");
- purple_prefs_add_bool ("/plugins/gtk/libnotify/newmsg", TRUE);
-+ purple_prefs_add_bool ("/plugins/gtk/libnotify/filetransfer", TRUE);
- purple_prefs_add_bool ("/plugins/gtk/libnotify/blocked", TRUE);
- purple_prefs_add_bool ("/plugins/gtk/libnotify/newconvonly", FALSE);
- purple_prefs_add_bool ("/plugins/gtk/libnotify/signon", TRUE);
diff --git a/x11-plugins/pidgin-libnotify/files/pidgin-libnotify-0.14-libnotify-0.7-support.patch b/x11-plugins/pidgin-libnotify/files/pidgin-libnotify-0.14-libnotify-0.7-support.patch
deleted file mode 100644
index 649da35a9..000000000
--- a/x11-plugins/pidgin-libnotify/files/pidgin-libnotify-0.14-libnotify-0.7-support.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -ur pidgin-libnotify-0.14/src/pidgin-libnotify.c pidgin-libnotify-0.14.new/src/pidgin-libnotify.c
---- pidgin-libnotify-0.14/src/pidgin-libnotify.c 2008-12-14 17:45:51.000000000 +0000
-+++ pidgin-libnotify-0.14.new/src/pidgin-libnotify.c 2011-03-14 21:09:23.523914000 +0000
-@@ -286,7 +286,12 @@
- g_free (tr_body);
- return;
- }
-+/* the fourth argument was removed in libnotify 0.7.0 */
-+#if !defined(NOTIFY_VERSION_MINOR) || (NOTIFY_VERSION_MAJOR == 0 && NOTIFY_VERSION_MINOR < 7)
- notification = notify_notification_new (title, tr_body, NULL, NULL);
-+#else
-+ notification = notify_notification_new (title, tr_body, NULL);
-+#endif
- purple_debug_info (PLUGIN_ID, "notify(), new: "
- "title: '%s', body: '%s', buddy: '%s'\n",
- title, tr_body, best_name (buddy));
diff --git a/x11-plugins/pidgin-libnotify/files/pidgin-libnotify-showbutton.patch b/x11-plugins/pidgin-libnotify/files/pidgin-libnotify-showbutton.patch
deleted file mode 100644
index 1f84e6025..000000000
--- a/x11-plugins/pidgin-libnotify/files/pidgin-libnotify-showbutton.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- src/pidgin-libnotify.c.orig 2007-10-01 20:52:38.000000000 +1000
-+++ src/pidgin-libnotify.c 2007-10-01 20:53:20.000000000 +1000
-@@ -307,6 +307,7 @@
- g_hash_table_insert (buddy_hash, contact, notification);
-
- g_object_set_data (G_OBJECT(notification), "contact", contact);
-+ g_object_set_data (G_OBJECT(notification), "buddy", buddy);
-
- g_signal_connect (notification, "closed", G_CALLBACK(closed_cb), NULL);
-
diff --git a/x11-plugins/pidgin-libnotify/files/pidgin-libnotify_best_name.diff b/x11-plugins/pidgin-libnotify/files/pidgin-libnotify_best_name.diff
deleted file mode 100644
index d445f3c9d..000000000
--- a/x11-plugins/pidgin-libnotify/files/pidgin-libnotify_best_name.diff
+++ /dev/null
@@ -1,22 +0,0 @@
-diff -ur pidgin-libnotify-0.14.orig/src/pidgin-libnotify.c pidgin-libnotify-0.14.mine/src/pidgin-libnotify.c
---- pidgin-libnotify-0.14.orig/src/pidgin-libnotify.c 2008-12-14 17:45:51.000000000 +0000
-+++ pidgin-libnotify-0.14.mine/src/pidgin-libnotify.c 2010-12-29 21:19:33.495080501 +0000
-@@ -131,16 +131,10 @@
- }
-
- /* do NOT g_free() the string returned by this function */
--static gchar *
-+const static gchar *
- best_name (PurpleBuddy *buddy)
- {
-- if (buddy->alias) {
-- return buddy->alias;
-- } else if (buddy->server_alias) {
-- return buddy->server_alias;
-- } else {
-- return buddy->name;
-- }
-+ return purple_buddy_get_contact_alias(buddy);
- }
-
- static GdkPixbuf *
diff --git a/x11-plugins/pidgin-libnotify/pidgin-libnotify-0.14-r2.ebuild b/x11-plugins/pidgin-libnotify/pidgin-libnotify-0.14-r2.ebuild
deleted file mode 100644
index 8c78c20a7..000000000
--- a/x11-plugins/pidgin-libnotify/pidgin-libnotify-0.14-r2.ebuild
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="2"
-
-inherit eutils
-
-DESCRIPTION="pidgin-libnotify provides popups for pidgin via a libnotify interface"
-HOMEPAGE="http://gaim-libnotify.sourceforge.net/"
-SRC_URI="mirror://sourceforge/gaim-libnotify/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 ppc x86"
-IUSE="nls debug"
-
-RDEPEND=">=x11-libs/libnotify-0.3.2
- net-im/pidgin[gtk]
- >=x11-libs/gtk+-2:2"
-
-DEPEND="${RDEPEND}
- virtual/pkgconfig"
-
-src_prepare() {
- epatch "${FILESDIR}"/${P}-libnotify-0.7-support.patch
- # Source: Thev00d00
- # Make it build with libnotify 0.7
- epatch "${FILESDIR}"/pidgin-libnotify-showbutton.patch
- # A collection of patches submitted to the (dead?) upstream
- # Source: Debian
- # needed to work with Notify OSD correctly.
- epatch "${FILESDIR}"/fix-notify-osd.diff
- # Source: Thev00d00
- # A version of the same patch found on ${HOMEPAGE}
- # Adds an option to not show the message content in the message
- epatch "${FILESDIR}"/no_text_in_messages.diff
- # Source: Sourceforge patches page
- # Enables file transfer notifications
- epatch "${FILESDIR}"/notify_file_transfers.diff
- # Source: Thev00d00
- # A version of the same patch found on ${HOMEPAGE}
- # Use what Purple thinks is the most appropriate name
- epatch "${FILESDIR}"/pidgin-libnotify_best_name.diff
-}
-
-src_configure() {
- econf \
- --disable-static \
- --disable-deprecated \
- $(use_enable debug) \
- $(use_enable nls)
-}
-
-src_install() {
- emake install DESTDIR="${D}" || die "make install failed"
- find "${D}" -name '*.la' -delete
- dodoc AUTHORS ChangeLog INSTALL NEWS README TODO VERSION || die
-}