commit: 1e081a9e9c25e96a44c49a08148833495f2f9a24
parent 6dc989bb98ed7c9348ebb5934ba6387a8651ac8b
Author: Michael Forney <mforney@mforney.org>
Date: Wed, 5 Feb 2020 18:08:40 -0800
openssh: Update to latest git
Diffstat:
9 files changed, 26 insertions(+), 91 deletions(-)
diff --git a/pkg/libfido2/gen.lua b/pkg/libfido2/gen.lua
@@ -11,6 +11,7 @@ cflags{
pkg.hdrs = copy('$outdir/include', '$srcdir/src', {
'fido.h',
+ 'fido/credman.h',
'fido/err.h',
'fido/param.h',
})
diff --git a/pkg/openssh/README.md b/pkg/openssh/README.md
@@ -8,6 +8,7 @@ Generated with
--disable-wtmp \
--enable-security-key \
--without-pie \
+ --with-security-key-builtin \
CPPFLAGS='-I/src/oasis/pkg/openbsd/include -I/src/oasis/out/pkg/libfido2/include -I/src/oasis/out/pkg/zlib/include' \
LDFLAGS='-L/src/oasis/out/pkg/libressl -L/src/oasis/out/pkg/openbsd -L/src/oasis/out/pkg/libfido2 -L/src/oasis/out/pkg/libcbor -L/src/oasis/out/pkg/zlib' \
LIBS='-lcrypto -lbsd'
diff --git a/pkg/openssh/config.h b/pkg/openssh/config.h
@@ -122,6 +122,7 @@
/* #undef HAVE_DECL_LOGINRESTRICTIONS */
/* #undef HAVE_DECL_LOGINSUCCESS */
#define HAVE_DECL_MAXSYMLINKS 1
+#define HAVE_DECL_MEMMEM 0
#define HAVE_DECL_NFDBITS 1
#define HAVE_DECL_OFFSETOF 1
#define HAVE_DECL_O_NONBLOCK 1
@@ -177,7 +178,6 @@
#define HAVE_EVP_MD_CTX_INIT 1
#define HAVE_EVP_MD_CTX_NEW 1
#define HAVE_EVP_PKEY_GET0_RSA 1
-#define HAVE_EVP_RIPEMD160 1
#define HAVE_EVP_SHA256 1
#define HAVE_EVP_SHA384 1
#define HAVE_EVP_SHA512 1
@@ -630,6 +630,7 @@
/* #undef SUPERUSER_PATH */
/* #undef SYSLOG_R_SAFE_IN_SIGHAND */
#define SYS_RDOMAIN_LINUX 1
+#define TIME_WITH_SYS_TIME 1
/* #undef UNIXWARE_LONG_PASSWORDS */
#define USER_PATH "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin"
/* #undef USE_AFS */
@@ -651,6 +652,7 @@
/* #undef WITH_IRIX_PROJECT */
#define WITH_OPENSSL 1
/* #undef WITH_SELINUX */
+#define WITH_ZLIB 1
#if defined AC_APPLE_UNIVERSAL_BUILD
# if defined __BIG_ENDIAN__
# define WORDS_BIGENDIAN 1
diff --git a/pkg/openssh/gen.lua b/pkg/openssh/gen.lua
@@ -27,10 +27,10 @@ lib('libopenbsd-compat.a', [[openbsd-compat/(
dirname.c explicit_bzero.c fmt_scaled.c freezero.c getcwd.c
getgrouplist.c getopt_long.c getrrsetbyname.c glob.c inet_aton.c
inet_ntoa.c inet_ntop.c md5.c memmem.c mktemp.c pwcache.c
- readpassphrase.c reallocarray.c recallocarray.c rmd160.c rresvport.c
- setenv.c setproctitle.c sha1.c sha2.c sigact.c strcasestr.c strlcat.c
- strlcpy.c strmode.c strndup.c strnlen.c strptime.c strsep.c strtoll.c
- strtonum.c strtoull.c strtoul.c timingsafe_bcmp.c vis.c
+ readpassphrase.c reallocarray.c recallocarray.c rresvport.c setenv.c
+ setproctitle.c sha1.c sha2.c sigact.c strcasestr.c strlcat.c strlcpy.c
+ strmode.c strndup.c strnlen.c strptime.c strsep.c strtoll.c strtonum.c
+ strtoull.c strtoul.c timingsafe_bcmp.c vis.c
arc4random.c bsd-asprintf.c bsd-closefrom.c bsd-cygwin_util.c bsd-err.c
bsd-flock.c bsd-getpagesize.c bsd-getpeereid.c bsd-malloc.c bsd-misc.c
@@ -75,12 +75,16 @@ lib('libssh.a', [[
msg.c progressmeter.c dns.c entropy.c gss-genr.c umac.c umac128.c
ssh-pkcs11.c smult_curve25519_ref.c
poly1305.c chacha.c cipher-chachapoly.c
- ssh-ed25519.c ssh-sk.c sk-usbhid.c digest-openssl.c digest-libc.c
+ ssh-ed25519.c digest-openssl.c digest-libc.c
hmac.c sc25519.c ge25519.c fe25519.c ed25519.c verify.c hash.c
kex.c kexdh.c kexgex.c kexecdh.c kexc25519.c
kexgexc.c kexgexs.c
sntrup4591761.c kexsntrup4591761x25519.c kexgen.c
sftp-realpath.c platform-pledge.c platform-tracing.c platform-misc.c
+ sshbuf-io.c
+
+ ssh-sk-client.c
+
libopenbsd-compat.a
$builddir/pkg/(libressl/libcrypto.a.d zlib/libz.a)
$builddir/pkg/(libfido2/libfido2.a.d)
@@ -127,7 +131,7 @@ file('bin/ssh-agent', '755', '$outdir/ssh-agent')
exe('ssh-keygen', {'ssh-keygen.c', 'sshsig.c', 'libssh.a.d'})
file('bin/ssh-keygen', '755', '$outdir/ssh-keygen')
-exe('ssh-sk-helper', {'ssh-sk-helper.c', 'libssh.a.d'})
+exe('ssh-sk-helper', {'ssh-sk-helper.c', 'ssh-sk.c', 'sk-usbhid.c', 'libssh.a.d'})
file('libexec/ssh-sk-helper', '755', '$outdir/ssh-sk-helper')
exe('sftp-server', {'sftp-common.c.o', 'sftp-server.c.o', 'sftp-server-main.c', 'libssh.a.d'})
diff --git a/pkg/openssh/patch/0002-printf-p-specifier-requires-void-argument.patch b/pkg/openssh/patch/0002-printf-p-specifier-requires-void-argument.patch
@@ -1,4 +1,4 @@
-From 7e5f0db8d1f2c7a3da682c716e85430d2d2b4358 Mon Sep 17 00:00:00 2001
+From de0c266e353663043097e1a8bc3a8959f1ee2bcd Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Wed, 27 Nov 2019 19:16:26 -0800
Subject: [PATCH] printf %p specifier requires `void *` argument
@@ -12,7 +12,7 @@ Subject: [PATCH] printf %p specifier requires `void *` argument
5 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/monitor.c b/monitor.c
-index 64eca98d..e021c81c 100644
+index dc6d78d3..d5c91465 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1166,7 +1166,7 @@ mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
@@ -34,10 +34,10 @@ index 64eca98d..e021c81c 100644
(ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : "");
diff --git a/session.c b/session.c
-index 80738b92..2b1a5d4e 100644
+index 8c0e54f7..86e02fb0 100644
--- a/session.c
+++ b/session.c
-@@ -1787,7 +1787,7 @@ session_dump(void)
+@@ -1791,7 +1791,7 @@ session_dump(void)
s->used,
s->next_unused,
s->self,
@@ -47,20 +47,20 @@ index 80738b92..2b1a5d4e 100644
(long)s->pid);
}
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
-index 219ce9b5..1131832c 100644
+index 17220d62..9269cc25 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
-@@ -96,7 +96,7 @@ lookup_key(struct sshkey *k)
+@@ -98,7 +98,7 @@ lookup_key(struct sshkey *k)
struct pkcs11_keyinfo *ki;
TAILQ_FOREACH(ki, &pkcs11_keylist, next) {
-- debug("check %p %s", ki, ki->providername);
-+ debug("check %p %s", (void *)ki, ki->providername);
+- debug("check %p %s %s", ki, ki->providername, ki->label);
++ debug("check %p %s %s", (void *)ki, ki->providername, ki->label);
if (sshkey_equal(k, ki->key))
return (ki->key);
}
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
-index 09f1ea34..89a83b39 100644
+index a302c79c..255534ba 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -112,7 +112,7 @@ pkcs11_provider_finalize(struct pkcs11_provider *p)
@@ -116,7 +116,7 @@ index 09f1ea34..89a83b39 100644
}
diff --git a/sshbuf-misc.c b/sshbuf-misc.c
-index a73f008b..d4714ee1 100644
+index c0336e86..a0e01a80 100644
--- a/sshbuf-misc.c
+++ b/sshbuf-misc.c
@@ -65,7 +65,7 @@ sshbuf_dump_data(const void *s, size_t len, FILE *f)
diff --git a/pkg/openssh/patch/0003-Fix-sha2-MAKE_CLONE-no-op-definition.patch b/pkg/openssh/patch/0003-Fix-sha2-MAKE_CLONE-no-op-definition.patch
@@ -1,29 +0,0 @@
-From 57cf02e5159e39a013a67042a9740d5a13187fb3 Mon Sep 17 00:00:00 2001
-From: Michael Forney <mforney@mforney.org>
-Date: Wed, 27 Nov 2019 19:17:26 -0800
-Subject: [PATCH] Fix sha2 MAKE_CLONE no-op definition
-
-The point of the dummy declaration is so that MAKE_CLONE(...) can have
-a trailing semicolon without introducing an empty declaration. So,
-the macro replacement text should *not* have a trailing semicolon,
-just like DEF_WEAK.
----
- openbsd-compat/sha2.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
-index e63324c9..e36cc24e 100644
---- a/openbsd-compat/sha2.c
-+++ b/openbsd-compat/sha2.c
-@@ -42,7 +42,7 @@
- !defined(HAVE_SHA512UPDATE)
-
- /* no-op out, similar to DEF_WEAK but only needed here */
--#define MAKE_CLONE(x, y) void __ssh_compat_make_clone_##x_##y(void);
-+#define MAKE_CLONE(x, y) void __ssh_compat_make_clone_##x_##y(void)
-
- #include <string.h>
- #include <sha2.h>
---
-2.25.0
-
diff --git a/pkg/openssh/patch/0004-Remove-trailing-semicolon-after-RB_GENERATE_STATIC.patch b/pkg/openssh/patch/0003-Remove-trailing-semicolon-after-RB_GENERATE_STATIC.patch
diff --git a/pkg/openssh/patch/0005-upstream-remove-stray-semicolon-after-closing-brace-.patch b/pkg/openssh/patch/0005-upstream-remove-stray-semicolon-after-closing-brace-.patch
@@ -1,44 +0,0 @@
-From 0bf705b94187d72f8964083039fcc24cfa197a83 Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Wed, 27 Nov 2019 22:32:11 +0000
-Subject: [PATCH] upstream: remove stray semicolon after closing brace of
- function;
-
-from Michael Forney
-
-OpenBSD-Commit-ID: fda95acb799bb160d15e205ee126117cf33da3a7
----
- ssh-sk.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/ssh-sk.c b/ssh-sk.c
-index 2b25c42f..7c63536e 100644
---- a/ssh-sk.c
-+++ b/ssh-sk.c
-@@ -1,4 +1,4 @@
--/* $OpenBSD: ssh-sk.c,v 1.16 2019/11/19 22:23:19 djm Exp $ */
-+/* $OpenBSD: ssh-sk.c,v 1.17 2019/11/27 22:32:11 djm Exp $ */
- /*
- * Copyright (c) 2019 Google LLC
- *
-@@ -153,7 +153,7 @@ sshsk_free_enroll_response(struct sk_enroll_response *r)
- freezero(r->signature, r->signature_len);
- freezero(r->attestation_cert, r->attestation_cert_len);
- freezero(r, sizeof(*r));
--};
-+}
-
- static void
- sshsk_free_sign_response(struct sk_sign_response *r)
-@@ -163,7 +163,7 @@ sshsk_free_sign_response(struct sk_sign_response *r)
- freezero(r->sig_r, r->sig_r_len);
- freezero(r->sig_s, r->sig_s_len);
- freezero(r, sizeof(*r));
--};
-+}
-
- #ifdef WITH_OPENSSL
- /* Assemble key from response */
---
-2.25.0
-
diff --git a/pkg/openssh/ver b/pkg/openssh/ver
@@ -1 +1 @@
-8.1p1-168-gad44ca81 r1
+8.1p1-397-g849a9b87 r0
