From 1512c792951d7fbd2c9c336f9bf35654bbb85cc6 Mon Sep 17 00:00:00 2001
From: root <root@rshg054.dnsready.net>
Date: Fri, 23 Mar 2012 00:01:14 +0000
Subject: Fri Mar 23 00:01:14 UTC 2012

---
 core/openssh/PKGBUILD            |  9 +++++----
 core/openssh/sshd.close-sessions | 17 +++++++++++++++++
 core/openssl/PKGBUILD            | 15 +++++++++------
 3 files changed, 31 insertions(+), 10 deletions(-)
 create mode 100644 core/openssh/sshd.close-sessions

(limited to 'core')

diff --git a/core/openssh/PKGBUILD b/core/openssh/PKGBUILD
index a09087ac1..5acc1fdfd 100644
--- a/core/openssh/PKGBUILD
+++ b/core/openssh/PKGBUILD
@@ -1,11 +1,11 @@
-# $Id: PKGBUILD 143647 2011-11-28 00:51:52Z bisson $
+# $Id: PKGBUILD 153965 2012-03-21 06:20:49Z pierre $
 # Maintainer: Gaetan Bisson <bisson@archlinux.org>
 # Contributor: Aaron Griffin <aaron@archlinux.org>
 # Contributor: judd <jvinet@zeroflux.org>
 
 pkgname=openssh
 pkgver=5.9p1
-pkgrel=5
+pkgrel=8
 pkgdesc='Free version of the SSH connectivity tools'
 arch=('i686' 'x86_64')
 license=('custom:BSD')
@@ -14,10 +14,12 @@ backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd' 'etc/conf.d/
 depends=('krb5' 'openssl' 'libedit')
 optdepends=('x11-ssh-askpass: input passphrase in X without a terminal')
 source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"
+        'sshd.close-sessions'
         'sshd.confd'
         'sshd.pam'
         'sshd')
 sha1sums=('ac4e0055421e9543f0af5da607a72cf5922dcc56'
+          '954bf1660aa32620c37034320877f4511b767ccb'
           'ec102deb69cad7d14f406289d2fc11fee6eddbdd'
           '3413909fd45a28701c92e6e5b59c6b65346ddb0f'
           '21fa88de6cc1c7912e71655f50896ba17991a1c2')
@@ -50,16 +52,15 @@ package() {
 	install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
 	install -Dm644 ../sshd.confd "${pkgdir}"/etc/conf.d/sshd
 	install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
+	install -Dm755 ../sshd.close-sessions "${pkgdir}/etc/rc.d/functions.d/sshd-close-sessions" # FS#17389
 
 	rm "${pkgdir}"/usr/share/man/man1/slogin.1
 	ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
 
-	# additional contrib scripts that we like
 	install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
 	install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
 	install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
 
-	# PAM is a common, standard feature to have
 	sed \
 		-e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
 		-e '/^#UsePAM no$/c UsePAM yes' \
diff --git a/core/openssh/sshd.close-sessions b/core/openssh/sshd.close-sessions
new file mode 100644
index 000000000..be2a709fc
--- /dev/null
+++ b/core/openssh/sshd.close-sessions
@@ -0,0 +1,17 @@
+# Close sshd sessions before shutting down the network; see FS#17389.
+
+sshd_close_sessions () {
+	if ck_daemon sshd; then
+		return
+	fi
+	/etc/rc.d/sshd stop
+	stat_busy "Stopping Secure Shell Sessions"
+	for i in $(pgrep sshd); do
+		if readlink -q /proc/$i/exe | grep -q '^/usr/sbin/sshd'; then
+			kill $i
+		fi
+	done &>/dev/null
+	stat_done
+}
+
+add_hook shutdown_start sshd_close_sessions
diff --git a/core/openssl/PKGBUILD b/core/openssl/PKGBUILD
index 28986aebb..d64577707 100644
--- a/core/openssl/PKGBUILD
+++ b/core/openssl/PKGBUILD
@@ -1,10 +1,11 @@
-# $Id: PKGBUILD 153454 2012-03-14 16:44:04Z pierre $
+# $Id: PKGBUILD 153962 2012-03-21 06:20:46Z pierre $
 # Maintainer: Pierre Schmitz <pierre@archlinux.de>
 
 pkgname=openssl
-_ver=1.0.0h
+_ver=1.0.1
 # use a pacman compatible version scheme
-pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+# pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+pkgver=$_ver
 pkgrel=1
 pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
 arch=('i686' 'x86_64')
@@ -19,8 +20,8 @@ source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
         'fix-manpages.patch'
         'no-rpath.patch'
         'ca-dir.patch')
-md5sums=('a5bc483c570f2ac3758ce5c19b667fab'
-         'ed51bb7b3ed58f5e1e1b642050bdd7c1'
+md5sums=('134f168bc2a8333f19f81d684841710b'
+         'efbe93c11747fed52e60567819409d8a'
          '5bbc0655bda2af95bc8eb568963ce8ba'
          'dc78d3d06baffc16217519242ce92478'
          '3bf51be3a1bbd262be46dc619f92aa90')
@@ -30,8 +31,10 @@ build() {
 
 	if [ "${CARCH}" == 'x86_64' ]; then
 		openssltarget='linux-x86_64'
+		optflags='enable-ec_nistp_64_gcc_128'
 	elif [ "${CARCH}" == 'i686' ]; then
 		openssltarget='linux-elf'
+		optflags=''
 	fi
 
 	# avoid conflicts with other man pages
@@ -43,7 +46,7 @@ build() {
 	patch -p0 -i $srcdir/ca-dir.patch
 	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
 	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
-		shared zlib enable-md2 \
+		shared zlib enable-md2 ${optflags} \
 		"${openssltarget}" \
 		-Wa,--noexecstack "${CFLAGS}" "${LDFLAGS}"
 
-- 
cgit v1.2.3-54-g00ecf