From 167e6ec7a8d68f1c87833d77e2e290230c0399e0 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 1 Feb 2014 16:15:10 +0100
Subject: [PATCH] openssh: Update to 6.5p1.

Adds support for ed25519.
---
 config/rootfiles/common/openssh            |  2 ++
 config/rootfiles/core/76/filelists/openssh |  1 +
 lfs/openssh                                |  4 +--
 src/initscripts/init.d/sshd                | 29 ++++++++++++++++------
 4 files changed, 27 insertions(+), 9 deletions(-)
 create mode 120000 config/rootfiles/core/76/filelists/openssh

diff --git a/config/rootfiles/common/openssh b/config/rootfiles/common/openssh
index 6737b6cca3..1b6ded3bab 100644
--- a/config/rootfiles/common/openssh
+++ b/config/rootfiles/common/openssh
@@ -5,6 +5,8 @@ etc/ssh/ssh_config
 #etc/ssh/ssh_host_dsa_key.pub
 #etc/ssh/ssh_host_ecdsa_key
 #etc/ssh/ssh_host_ecdsa_key.pub
+#etc/ssh/ssh_host_ed25519_key
+#etc/ssh/ssh_host_ed25519_key.pub
 #etc/ssh/ssh_host_key
 #etc/ssh/ssh_host_key.pub
 #etc/ssh/ssh_host_rsa_key
diff --git a/config/rootfiles/core/76/filelists/openssh b/config/rootfiles/core/76/filelists/openssh
new file mode 120000
index 0000000000..d8c77fd8e7
--- /dev/null
+++ b/config/rootfiles/core/76/filelists/openssh
@@ -0,0 +1 @@
+../../../common/openssh
\ No newline at end of file
diff --git a/lfs/openssh b/lfs/openssh
index 17772c14db..d651162dca 100644
--- a/lfs/openssh
+++ b/lfs/openssh
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 6.4p1
+VER        = 6.5p1
 
 THISAPP    = openssh-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = a62b88b884df0b09b8a8c5789ac9e51b
+$(DL_FILE)_MD5 = a084e7272b8cbd25afe0f5dce4802fef
 
 install : $(TARGET)
 
diff --git a/src/initscripts/init.d/sshd b/src/initscripts/init.d/sshd
index e99e694056..8aab83fa5e 100644
--- a/src/initscripts/init.d/sshd
+++ b/src/initscripts/init.d/sshd
@@ -12,13 +12,28 @@
 
 case "$1" in
     start)
-    if [ ! -e /etc/ssh/ssh_host_rsa_key ]; then
-       echo "Generating SSH Keys"
-       ssh-keygen -qf /etc/ssh/ssh_host_rsa_key -N ''
-       ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
-       ssh-keygen -qf /etc/ssh/ssh_host_dsa_key -N '' -t dsa
-       ssh-keygen -qf /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
-    fi
+	if [ ! -e "/etc/ssh/ssh_host_key" ]; then
+		boot_mesg "Generating SSH host key..."
+		ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
+		evaluate_retval
+	fi
+
+	for algo in rsa dsa ecdsa ed25519; do
+		keyfile="/etc/ssh/ssh_host_${algo}_key"
+
+		# If the key already exists, there is nothing to do.
+		[ -e "${keyfile}" ] && continue
+
+		case "${algo}" in
+			rsa)
+				algo="rsa1"
+				;;
+		esac
+
+		boot_mesg "Generating SSH key (${algo})..."
+		ssh-keygen -qf "${keyfile}" -N '' -t ${algo}
+		evaluate_retval
+	done
 
         [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
         boot_mesg "Starting SSH Server..."
-- 
2.39.5