git: Update from 2.16.3 to 2.17.0

[termux-packages] / packages / openssh / sshd.c.patch

Avoid calling setgroups(2).

Hardcode and do not require absolute path.

diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
--- ../openssh-7.2p1/sshd.c	2016-02-25 22:40:04.000000000 -0500
+++ ./sshd.c	2016-02-29 02:36:00.863344328 -0500
@@ -644,8 +644,10 @@
 		debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
 		    (u_int)privsep_pw->pw_gid);
 		gidset[0] = privsep_pw->pw_gid;
+#ifndef __ANDROID__
 		if (setgroups(1, gidset) < 0)
 			fatal("setgroups: %.100s", strerror(errno));
+#endif
 		permanently_set_uid(privsep_pw);
 	}
 }
@@ -1487,7 +1489,8 @@
 	saved_argc = ac;
 	rexec_argc = ac;
 	saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
-	for (i = 0; i < ac; i++)
+        saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
+	for (i = 1; i < ac; i++)
 		saved_argv[i] = xstrdup(av[i]);
 	saved_argv[i] = NULL;
 
@@ -1497,8 +1500,10 @@
 	av = saved_argv;
 #endif
 
+#ifndef __ANDROID__
 	if (geteuid() == 0 && setgroups(0, NULL) == -1)
 		debug("setgroups(): %.200s", strerror(errno));
+#endif
 
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();
@@ -1628,8 +1633,6 @@
 	}
 	if (rexeced_flag || inetd_flag)
 		rexec_flag = 0;
-	if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
-		fatal("sshd re-exec requires execution with an absolute path");
 	if (rexeced_flag)
 		closefrom(REEXEC_MIN_FREE_FD);
 	else
@@ -1764,7 +1767,9 @@
 		free(privsep_pw->pw_passwd);
 		privsep_pw->pw_passwd = xstrdup("*");
 	}
+#ifndef __ANDROID__
 	endpwent();
+#endif
 
 	/* load host keys */
 	sensitive_data.host_keys = xcalloc(options.num_host_key_files,
@@ -1948,8 +1953,10 @@
 	 * to create a file, and we can't control the code in every
 	 * module which might be used).
 	 */
+#ifndef __ANDROID__
 	if (setgroups(0, NULL) < 0)
 		debug("setgroups() failed: %.200s", strerror(errno));
+#endif
 
 	if (rexec_flag) {
 		rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *));