net-misc/openssh-contrib: new package, add 9.3_p1

This package will include the three big third-party patch series for
HPN/SCTP/X509 functionality in OpenSSH. Historically, these patches
have caused numerous issues for users in the OpenSSH package and they
are of questionable quality. By maintaining these patches in a
separate package, we can minimize the effect of them on the garden
path, which should be to provide our users with a minimally patched
OpenSSH experience. Furthermore, since vanilla OpenSSH package will
not require a large chunk of rebasing for these patches, we can more
easily bump OpenSSH for new releases.

Signed-off-by: David Seifert <soap@gentoo.org>
Signed-off-by: Sam James <sam@gentoo.org>

1 files changed, 17 insertions, 0 deletions

diff --git a/net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch b/net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch
new file mode 100644
index 000000000000..fa33af39b6f8
--- /dev/null
+++ b/net-misc/openssh-contrib/files/openssh-6.7_p1-openssl-ignore-status.patch
@@ -0,0 +1,17 @@
+the last nibble of the openssl version represents the status.  that is,
+whether it is a beta or release.  when it comes to version checks in
+openssh, this component does not matter, so ignore it.
+
+https://bugzilla.mindrot.org/show_bug.cgi?id=2212
+
+--- a/openbsd-compat/openssl-compat.c
++++ b/openbsd-compat/openssl-compat.c
+@@ -58,7 +58,7 @@ ssh_compatible_openssl(long headerver, long libver)
+ 	 * For versions >= 1.0.0, major,minor,status must match and library
+ 	 * fix version must be equal to or newer than the header.
+ 	 */
+-	mask = 0xfff0000fL; /* major,minor,status */
++	mask = 0xfff00000L; /* major,minor,status */
+ 	hfix = (headerver & 0x000ff000) >> 12;
+ 	lfix = (libver & 0x000ff000) >> 12;
+ 	if ( (headerver & mask) == (libver & mask) && lfix >= hfix)