diff --git a/overlays/openssh.nix b/overlays/openssh.nix index 34bf39d..a0900b9 100644 --- a/overlays/openssh.nix +++ b/overlays/openssh.nix @@ -7,15 +7,7 @@ let hash = "sha256-P2bb8WVftF9Q4cVtpiqwEhjCKIB7ITONY068351xz0Y="; }; - extraPatches = [ - (super.fetchpatch { - name = "ssh-keysign-7.5.patch"; - url = - "https://raw.githubusercontent.com/NixOS/nixpkgs/c99c4998fd92f284b1c2ff542878e06ea15d3d3d/pkgs/tools/networking/openssh/ssh-keysign-8.5.patch"; - stripLen = 1; - sha256 = "sha256-vcKosAxFtwszCJVdFPIGYTqa12ea6lxePDOgVhUlxlM="; - }) - ]; + patches = [ ./ssh-keysign-8.5.patch ]; }); }; diff --git a/overlays/ssh-keysign-8.5.patch b/overlays/ssh-keysign-8.5.patch new file mode 100644 index 0000000..67c45b6 --- /dev/null +++ b/overlays/ssh-keysign-8.5.patch @@ -0,0 +1,24 @@ +diff --git a/pathnames.h b/pathnames.h +index cb44caa4..354fdf05 100644 +--- a/pathnames.h ++++ b/pathnames.h +@@ -124,7 +124,7 @@ + + /* Location of ssh-keysign for hostbased authentication */ + #ifndef _PATH_SSH_KEY_SIGN +-#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign" ++#define _PATH_SSH_KEY_SIGN "ssh-keysign" + #endif + + /* Location of ssh-pkcs11-helper to support keys in tokens */ +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -2021,7 +2021,7 @@ + + debug3_f("[child] pid=%ld, exec %s", + (long)getpid(), _PATH_SSH_KEY_SIGN); +- execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL); ++ execlp(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL); + fatal_f("exec(%s): %s", _PATH_SSH_KEY_SIGN, + strerror(errno)); + }