openssh: Update from 7.6 to 7.7

7 years ago · 1ff10e5c36
3 changed files with 27 additions and 30 deletions
--- a/packages/openssh/build.sh
+++ b/packages/openssh/build.sh
@ -1,8 +1,8 @@
 TERMUX_PKG_HOMEPAGE=https://www.openssh.com/
 TERMUX_PKG_DESCRIPTION="Secure shell for logging into a remote machine"
-TERMUX_PKG_VERSION=7.6p1
+TERMUX_PKG_VERSION=7.7p1
 TERMUX_PKG_SHA256=d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f
 TERMUX_PKG_SRCURL=https://fastly.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${TERMUX_PKG_VERSION}.tar.gz
 TERMUX_PKG_SHA256=a323caeeddfe145baaa0db16e98d784b1fbc7dd436a6bf1f479dfd5cd1d21723
 TERMUX_PKG_DEPENDS="libandroid-support, ldns, openssl, libedit, libutil"
 # --disable-strip to prevent host "install" command to use "-s", which won't work for target binaries:
 TERMUX_PKG_EXTRA_CONFIGURE_ARGS="
@ -33,6 +33,7 @@ ac_cv_func_readpassphrase=no
 ac_cv_func_strnvis=no
 ac_cv_header_sys_un_h=yes
 ac_cv_search_getrrsetbyname=no
 ac_cv_func_bzero=yes
 "
 TERMUX_PKG_MAKE_INSTALL_TARGET="install-nokeys"
 TERMUX_PKG_RM_AFTER_INSTALL="bin/slogin share/man/man1/slogin.1"
--- a/packages/openssh/session.c.patch
+++ b/packages/openssh/session.c.patch
@ -1,7 +1,7 @@
-diff -u -r ../openssh-7.5p1/session.c ./session.c
+diff -u -r ../openssh-7.7p1/session.c ./session.c
--- ../openssh-7.5p1/session.c	2017-03-20 03:39:27.000000000 +0100
+--- ../openssh-7.7p1/session.c	2018-04-02 07:38:28.000000000 +0200
-+++ ./session.c	2017-06-30 22:51:57.404787949 +0200
+++ ./session.c	2018-04-03 23:46:30.670337636 +0200
-@@ -194,7 +194,7 @@
+@@ -199,7 +199,7 @@
 	temporarily_use_uid(pw);
 	/* Allocate a buffer for the socket name, and format the name. */
@ -10,7 +10,7 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
 	/* Create private directory for socket */
 	if (mkdtemp(auth_sock_dir) == NULL) {
-@@ -756,7 +756,7 @@
+@@ -802,7 +802,7 @@
 		f = fopen(login_getcapstr(lc, "welcome", "/etc/motd",
 		    "/etc/motd"), "r");
 #else
@ -19,7 +19,7 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
 #endif
 		if (f) {
 			while (fgets(buf, sizeof(buf), f))
-@@ -1047,8 +1047,10 @@
+@@ -1044,8 +1044,10 @@
 # endif /* HAVE_CYGWIN */
 #endif /* HAVE_LOGIN_CAP */
@ -30,7 +30,7 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
 	/* Normal systems set SHELL by default. */
 	child_set_env(&env, &envsize, "SHELL", shell);
-@@ -1056,6 +1058,15 @@
+@@ -1053,6 +1055,15 @@
 	if (getenv("TZ"))
 		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
@ -43,6 +43,6 @@ diff -u -r ../openssh-7.5p1/session.c ./session.c
 +	}
 +#endif
 +
- 	/* Set custom environment options from RSA authentication. */
+ 	/* Set custom environment options from pubkey authentication. */
- 	while (custom_environment) {
+ 	if (options.permit_user_env) {
- 		struct envstring *ce = custom_environment;
+ 		for (n = 0 ; n < auth_opts->nenv; n++) {
--- a/packages/openssh/sshd.c.patch
+++ b/packages/openssh/sshd.c.patch
@ -1,11 +1,7 @@
-Avoid calling setgroups(2).
+diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
-
+--- ../openssh-7.7p1/sshd.c	2018-04-02 07:38:28.000000000 +0200
-Hardcode and do not require absolute path.
+++ ./sshd.c	2018-04-03 23:48:49.605335389 +0200
-
+@@ -553,8 +553,10 @@
 diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 --- ../openssh-7.2p1/sshd.c	2016-02-25 22:40:04.000000000 -0500
 +++ ./sshd.c	2016-02-29 02:36:00.863344328 -0500
@@ -644,8 +644,10 @@
 		debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
 		    (u_int)privsep_pw->pw_gid);
 		gidset[0] = privsep_pw->pw_gid;
@ -16,17 +12,17 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 		permanently_set_uid(privsep_pw);
 	}
 }
-@@ -1487,7 +1489,8 @@
+@@ -1447,7 +1449,8 @@
 	saved_argc = ac;
 	rexec_argc = ac;
 	saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
-	for (i = 0; i < ac; i++)
+-	for (i = 0; (int)i < ac; i++)
-+        saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
+	saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
-+	for (i = 1; i < ac; i++)
+	for (i = 1; (int)i < ac; i++)
 		saved_argv[i] = xstrdup(av[i]);
 	saved_argv[i] = NULL;
-@@ -1497,8 +1500,10 @@
+@@ -1457,8 +1460,10 @@
 	av = saved_argv;
 #endif
@ -37,7 +33,7 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();
-@@ -1628,8 +1633,6 @@
+@@ -1577,8 +1582,6 @@
 	}
 	if (rexeced_flag || inetd_flag)
 		rexec_flag = 0;
@ -46,8 +42,8 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 	if (rexeced_flag)
 		closefrom(REEXEC_MIN_FREE_FD);
 	else
-@@ -1764,7 +1767,9 @@
+@@ -1692,7 +1695,9 @@
- 		free(privsep_pw->pw_passwd);
+ 		freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd));
 		privsep_pw->pw_passwd = xstrdup("*");
 	}
 +#ifndef __ANDROID__
@ -56,7 +52,7 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 	/* load host keys */
 	sensitive_data.host_keys = xcalloc(options.num_host_key_files,
-@@ -1948,8 +1953,10 @@
+@@ -1842,8 +1847,10 @@
 	 * to create a file, and we can't control the code in every
 	 * module which might be used).
 	 */
@ -66,4 +62,4 @@ diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c
 +#endif
 	if (rexec_flag) {
- 		rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *));
+ 		if (rexec_argc < 0)