overlays/openssh: override the correct patch entry, bring patch into tree

2023-02-15 07:31:02 -07:00 · 2023-02-15 07:31:02 -07:00 · da5f8bc0ad
commit da5f8bc0ad
parent b091c91da2
2 changed files with 25 additions and 9 deletions
--- a/overlays/openssh.nix
+++ b/overlays/openssh.nix
@ -7,15 +7,7 @@ let
        hash = "sha256-P2bb8WVftF9Q4cVtpiqwEhjCKIB7ITONY068351xz0Y=";
      };

-      extraPatches = [
-        (super.fetchpatch {
-          name = "ssh-keysign-7.5.patch";
-          url =
-            "https://raw.githubusercontent.com/NixOS/nixpkgs/c99c4998fd92f284b1c2ff542878e06ea15d3d3d/pkgs/tools/networking/openssh/ssh-keysign-8.5.patch";
-          stripLen = 1;
-          sha256 = "sha256-vcKosAxFtwszCJVdFPIGYTqa12ea6lxePDOgVhUlxlM=";
-        })
-      ];
+      patches = [ ./ssh-keysign-8.5.patch ];
    });
  };

--- a/overlays/ssh-keysign-8.5.patch
+++ b/overlays/ssh-keysign-8.5.patch
@ -0,0 +1,24 @@
+diff --git a/pathnames.h b/pathnames.h
+index cb44caa4..354fdf05 100644
+--- a/pathnames.h
+++ b/pathnames.h
+@@ -124,7 +124,7 @@
+ 
+ /* Location of ssh-keysign for hostbased authentication */
+ #ifndef _PATH_SSH_KEY_SIGN
+-#define _PATH_SSH_KEY_SIGN		"/usr/libexec/ssh-keysign"
+#define _PATH_SSH_KEY_SIGN		"ssh-keysign"
+ #endif
+ 
+ /* Location of ssh-pkcs11-helper to support keys in tokens */
+--- a/sshconnect2.c
+++ b/sshconnect2.c
+@@ -2021,7 +2021,7 @@
+ 
+ 		debug3_f("[child] pid=%ld, exec %s",
+ 		    (long)getpid(), _PATH_SSH_KEY_SIGN);
+-		execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL);
+		execlp(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL);
+ 		fatal_f("exec(%s): %s", _PATH_SSH_KEY_SIGN,
+ 		    strerror(errno));
+ 	}