ssh: Partial blocklistd rename
AcceptedPublic
Actions

Authored by emaste on Feb 24 2025, 3:37 PM.

Details

Reviewers

dch
jlduran

Summary

The upstream project was renamed blocklistd. Chase the rename in ssh to go along with an upcoming vendor update, and document UseBlacklist as the backwards-compatibility alias.

(This has been sitting in my WIP tree for 1.5 years.)

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

emaste created this revision.Feb 24 2025, 3:37 PM

Herald added a subscriber: ziaee. · View Herald TranscriptFeb 24 2025, 3:37 PM

emaste requested review of this revision.Feb 24 2025, 3:37 PM

Correct rebase errors

crypto/openssh/servconf.h
256	extra blank line presumably from rebasing, will remove

emaste added inline comments.Feb 24 2025, 3:42 PM

crypto/openssh/sshd_config.5
2016	This one will come with the rename itself in a future commit

While this is perfect, I fear this could make automated changes more difficult.
This is our current diff once the latest changes from upstream are pulled in:
https://github.com/jlduran/freebsd-src/pull/104
The shell script in the GitHub pull request is very straightforward. Perhaps we could include it as part of a FreeBSD-upgrade guide.
The main problem with this change is that it is an API change (OK for 15, but not for the rest).

Also missing:

libexec/ftpd/blacklist_client.hlibexec/ftpd/blacklist_client.h
libexec/ftpd/ftpd.c

Sorry, I just realized this is just for openssh.

Sorry for the confusion. This is a step forward in the naming transition. Thank you!

This revision is now accepted and ready to land.Feb 24 2025, 7:03 PM

jlduran added inline comments.Feb 26 2025, 12:13 AM

crypto/openssh/auth-pam.c
940	Somewhat related, passing `NULL` as the first parameter does nothing (`ssh_packet_connection_is_on_socket(NULL);`). Given `BLOCKLIST_BAD_USER` has been implemented upstream.