From: Fredrik Fornwall <fredrik@fornwall.net>
Date: Tue, 3 Apr 2018 22:09:47 +0000 (+0200)
Subject: openssh: Update from 7.6 to 7.7
X-Git-Url: https://git.distorted.org.uk/~mdw/termux-packages/commitdiff_plain/1ff10e5c361fab8faf2b107dd206f75d4be3dbbd

openssh: Update from 7.6 to 7.7
---

diff --git a/packages/openssh/build.sh b/packages/openssh/build.sh
index 515ec96f..09f9f452 100755
--- a/packages/openssh/build.sh
+++ b/packages/openssh/build.sh
@@ -1,8 +1,8 @@
 TERMUX_PKG_HOMEPAGE=https://www.openssh.com/
 TERMUX_PKG_DESCRIPTION="Secure shell for logging into a remote machine"
-TERMUX_PKG_VERSION=7.6p1
+TERMUX_PKG_VERSION=7.7p1
+TERMUX_PKG_SHA256=d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f
 TERMUX_PKG_SRCURL=https://fastly.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${TERMUX_PKG_VERSION}.tar.gz
-TERMUX_PKG_SHA256=a323caeeddfe145baaa0db16e98d784b1fbc7dd436a6bf1f479dfd5cd1d21723
 TERMUX_PKG_DEPENDS="libandroid-support, ldns, openssl, libedit, libutil"
 # --disable-strip to prevent host "install" command to use "-s", which won't work for target binaries:
 TERMUX_PKG_EXTRA_CONFIGURE_ARGS="
@@ -33,6 +33,7 @@ ac_cv_func_readpassphrase=no
 ac_cv_func_strnvis=no
 ac_cv_header_sys_un_h=yes
 ac_cv_search_getrrsetbyname=no
+ac_cv_func_bzero=yes
 "
 TERMUX_PKG_MAKE_INSTALL_TARGET="install-nokeys"
 TERMUX_PKG_RM_AFTER_INSTALL="bin/slogin share/man/man1/slogin.1"
diff --git a/packages/openssh/session.c.patch b/packages/openssh/session.c.patch
index b6821e20..dda7c875 100644
--- a/packages/openssh/session.c.patch
+++ b/packages/openssh/session.c.patch
@@ -1,7 +1,7 @@
-diff -u -r ../openssh-7.5p1/session.c ./session.c
---- ../openssh-7.5p1/session.c	2017-03-20 03:39:27.000000000 +0100
-+++ ./session.c	2017-06-30 22:51:57.404787949 +0200
-@@ -194,7 +194,7 @@
+diff -u -r ../openssh-7.7p1/session.c ./session.c
+--- ../openssh-7.7p1/session.c	2018-04-02 07:38:28.000000000 +0200
++++ ./session.c	2018-04-03 23:46:30.670337636 +0200
+@@ -199,7 +199,7 @@
  	temporarily_use_uid(pw);
  
  	/* Allocate a buffer for the socket name, and format the name. */
@@ -10,7 +10,7 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
  
  	/* Create private directory for socket */
  	if (mkdtemp(auth_sock_dir) == NULL) {
-@@ -756,7 +756,7 @@
+@@ -802,7 +802,7 @@
  		f = fopen(login_getcapstr(lc, "welcome", "/etc/motd",
  		    "/etc/motd"), "r");
  #else
@@ -19,7 +19,7 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
  #endif
  		if (f) {
  			while (fgets(buf, sizeof(buf), f))
-@@ -1047,8 +1047,10 @@
+@@ -1044,8 +1044,10 @@
  # endif /* HAVE_CYGWIN */
  #endif /* HAVE_LOGIN_CAP */
  
@@ -30,7 +30,7 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
  
  	/* Normal systems set SHELL by default. */
  	child_set_env(&env, &envsize, "SHELL", shell);
-@@ -1056,6 +1058,15 @@
+@@ -1053,6 +1055,15 @@
  	if (getenv("TZ"))
  		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
  
@@ -43,6 +43,6 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
 +	}
 +#endif
 +
- 	/* Set custom environment options from RSA authentication. */
- 	while (custom_environment) {
- 		struct envstring *ce = custom_environment;
+ 	/* Set custom environment options from pubkey authentication. */
+ 	if (options.permit_user_env) {
+ 		for (n = 0 ; n < auth_opts->nenv; n++) {
diff --git a/packages/openssh/sshd.c.patch b/packages/openssh/sshd.c.patch
index 86c70e44..af7e5f28 100644
--- a/packages/openssh/sshd.c.patch
+++ b/packages/openssh/sshd.c.patch
@@ -1,11 +1,7 @@
-Avoid calling setgroups(2).
-
-Hardcode and do not require absolute path.
-
-diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
---- ../openssh-7.2p1/sshd.c	2016-02-25 22:40:04.000000000 -0500
-+++ ./sshd.c	2016-02-29 02:36:00.863344328 -0500
-@@ -644,8 +644,10 @@
+diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
+--- ../openssh-7.7p1/sshd.c	2018-04-02 07:38:28.000000000 +0200
++++ ./sshd.c	2018-04-03 23:48:49.605335389 +0200
+@@ -553,8 +553,10 @@
  		debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
  		    (u_int)privsep_pw->pw_gid);
  		gidset[0] = privsep_pw->pw_gid;
@@ -16,17 +12,17 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
  		permanently_set_uid(privsep_pw);
  	}
  }
-@@ -1487,7 +1489,8 @@
+@@ -1447,7 +1449,8 @@
  	saved_argc = ac;
  	rexec_argc = ac;
  	saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
--	for (i = 0; i < ac; i++)
-+        saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
-+	for (i = 1; i < ac; i++)
+-	for (i = 0; (int)i < ac; i++)
++	saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
++	for (i = 1; (int)i < ac; i++)
  		saved_argv[i] = xstrdup(av[i]);
  	saved_argv[i] = NULL;
  
-@@ -1497,8 +1500,10 @@
+@@ -1457,8 +1460,10 @@
  	av = saved_argv;
  #endif
  
@@ -37,7 +33,7 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
  
  	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
  	sanitise_stdfd();
-@@ -1628,8 +1633,6 @@
+@@ -1577,8 +1582,6 @@
  	}
  	if (rexeced_flag || inetd_flag)
  		rexec_flag = 0;
@@ -46,8 +42,8 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
  	if (rexeced_flag)
  		closefrom(REEXEC_MIN_FREE_FD);
  	else
-@@ -1764,7 +1767,9 @@
- 		free(privsep_pw->pw_passwd);
+@@ -1692,7 +1695,9 @@
+ 		freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd));
  		privsep_pw->pw_passwd = xstrdup("*");
  	}
 +#ifndef __ANDROID__
@@ -56,7 +52,7 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
  
  	/* load host keys */
  	sensitive_data.host_keys = xcalloc(options.num_host_key_files,
-@@ -1948,8 +1953,10 @@
+@@ -1842,8 +1847,10 @@
  	 * to create a file, and we can't control the code in every
  	 * module which might be used).
  	 */
@@ -66,4 +62,4 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 +#endif
  
  	if (rexec_flag) {
- 		rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *));
+ 		if (rexec_argc < 0)