commit: a7f7ca5a1a424c5ef287dfe4e79c9d62f33defba
parent 1995df90e37b0f9498365d143210e84c178b54a2
Author: Michael Forney <mforney@mforney.org>
Date: Wed, 19 Jun 2019 19:33:01 -0700
openssh: Fix a few portability issues
Diffstat:
6 files changed, 303 insertions(+), 1 deletion(-)
diff --git a/.gitmodules b/.gitmodules
@@ -186,6 +186,7 @@
[submodule "pkg/openssh/src"]
path = pkg/openssh/src
url = https://github.com/openssh/openssh-portable
+ ignore = all
[submodule "pkg/pigz/src"]
path = pkg/pigz/src
url = https://github.com/madler/pigz
diff --git a/pkg/openssh/patch/0001-Include-stdio.h-for-vsnprintf.patch b/pkg/openssh/patch/0001-Include-stdio.h-for-vsnprintf.patch
@@ -0,0 +1,25 @@
+From 0584947cce192034cbbaea92db1a628a5496a51a Mon Sep 17 00:00:00 2001
+From: Darren Tucker <dtucker@dtucker.net>
+Date: Sun, 16 Jun 2019 12:55:27 +1000
+Subject: [PATCH] Include stdio.h for vsnprintf.
+
+Patch from mforney at mforney.org.
+---
+ openbsd-compat/setproctitle.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
+index dbd1a95a..e4064323 100644
+--- a/openbsd-compat/setproctitle.c
++++ b/openbsd-compat/setproctitle.c
+@@ -36,6 +36,7 @@
+ #ifndef HAVE_SETPROCTITLE
+
+ #include <stdarg.h>
++#include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
+ #ifdef HAVE_SYS_PSTAT_H
+--
+2.20.1
+
diff --git a/pkg/openssh/patch/0002-Always-replace-realpath.patch b/pkg/openssh/patch/0002-Always-replace-realpath.patch
@@ -0,0 +1,120 @@
+From f16d8ca1735373b9da42f15955a50c2cfff4e6e3 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Wed, 19 Jun 2019 19:32:01 -0700
+Subject: [PATCH] Always replace realpath
+
+---
+ misc.c | 4 ++--
+ openbsd-compat/openbsd-compat.h | 12 +-----------
+ openbsd-compat/realpath.c | 5 +----
+ sftp-server.c | 2 +-
+ ssh-agent.c | 4 ++--
+ 5 files changed, 7 insertions(+), 20 deletions(-)
+
+diff --git a/misc.c b/misc.c
+index 009e02bc..8669e7d0 100644
+--- a/misc.c
++++ b/misc.c
+@@ -1848,12 +1848,12 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
+ int comparehome = 0;
+ struct stat st;
+
+- if (realpath(name, buf) == NULL) {
++ if (_ssh_compat_realpath(name, buf) == NULL) {
+ snprintf(err, errlen, "realpath %s failed: %s", name,
+ strerror(errno));
+ return -1;
+ }
+- if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL)
++ if (pw_dir != NULL && _ssh_compat_realpath(pw_dir, homedir) != NULL)
+ comparehome = 1;
+
+ if (!S_ISREG(stp->st_mode)) {
+diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
+index 865aaee5..4a5fd8cb 100644
+--- a/openbsd-compat/openbsd-compat.h
++++ b/openbsd-compat/openbsd-compat.h
+@@ -81,17 +81,7 @@ void *reallocarray(void *, size_t, size_t);
+ void *recallocarray(void *, size_t, size_t, size_t);
+ #endif
+
+-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
+-/*
+- * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the
+- * compat version.
+- */
+-# ifdef BROKEN_REALPATH
+-# define realpath(x, y) _ssh_compat_realpath(x, y)
+-# endif
+-
+-char *realpath(const char *path, char *resolved);
+-#endif
++char *_ssh_compat_realpath(const char *path, char *resolved);
+
+ #ifndef HAVE_RRESVPORT_AF
+ int rresvport_af(int *alport, sa_family_t af);
+diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
+index a2f090e5..0f0cea78 100644
+--- a/openbsd-compat/realpath.c
++++ b/openbsd-compat/realpath.c
+@@ -31,8 +31,6 @@
+
+ #include "includes.h"
+
+-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
+-
+ #include <sys/types.h>
+ #include <sys/param.h>
+ #include <sys/stat.h>
+@@ -58,7 +56,7 @@
+ * in which case the path which caused trouble is left in (resolved).
+ */
+ char *
+-realpath(const char *path, char *resolved)
++_ssh_compat_realpath(const char *path, char *resolved)
+ {
+ struct stat sb;
+ char *p, *q, *s;
+@@ -226,4 +224,3 @@ err:
+ free(resolved);
+ return (NULL);
+ }
+-#endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */
+diff --git a/sftp-server.c b/sftp-server.c
+index 19a132bd..bc0257af 100644
+--- a/sftp-server.c
++++ b/sftp-server.c
+@@ -1174,7 +1174,7 @@ process_realpath(u_int32_t id)
+ }
+ debug3("request %u: realpath", id);
+ verbose("realpath \"%s\"", path);
+- if (realpath(path, resolvedname) == NULL) {
++ if (_ssh_compat_realpath(path, resolvedname) == NULL) {
+ send_status(id, errno_to_portable(errno));
+ } else {
+ Stat s;
+diff --git a/ssh-agent.c b/ssh-agent.c
+index d06ecfd9..04a684de 100644
+--- a/ssh-agent.c
++++ b/ssh-agent.c
+@@ -587,7 +587,7 @@ process_add_smartcard_key(SocketEntry *e)
+ goto send;
+ }
+ }
+- if (realpath(provider, canonical_provider) == NULL) {
++ if (_ssh_compat_realpath(provider, canonical_provider) == NULL) {
+ verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
+ provider, strerror(errno));
+ goto send;
+@@ -640,7 +640,7 @@ process_remove_smartcard_key(SocketEntry *e)
+ }
+ free(pin);
+
+- if (realpath(provider, canonical_provider) == NULL) {
++ if (_ssh_compat_realpath(provider, canonical_provider) == NULL) {
+ verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
+ provider, strerror(errno));
+ goto send;
+--
+2.20.1
+
diff --git a/pkg/openssh/patch/0003-Remove-some-empty-top-level-declarations.patch b/pkg/openssh/patch/0003-Remove-some-empty-top-level-declarations.patch
@@ -0,0 +1,132 @@
+From a98535df996adc9e1028760b699b38bdb417a638 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Wed, 19 Jun 2019 20:00:52 -0700
+Subject: [PATCH] Remove some empty top-level declarations
+
+---
+ defines.h | 7 -------
+ krl.c | 6 +++---
+ openbsd-compat/readpassphrase.c | 1 -
+ openbsd-compat/recallocarray.c | 1 -
+ openbsd-compat/strcasestr.c | 1 -
+ openbsd-compat/strndup.c | 2 +-
+ openbsd-compat/vis.c | 2 --
+ 7 files changed, 4 insertions(+), 16 deletions(-)
+
+diff --git a/defines.h b/defines.h
+index 8f421306..7a54ee2e 100644
+--- a/defines.h
++++ b/defines.h
+@@ -831,13 +831,6 @@ struct winsize {
+ # define SSH_IOBUFSZ 8192
+ #endif
+
+-/*
+- * We want functions in openbsd-compat, if enabled, to override system ones.
+- * We no-op out the weak symbol definition rather than remove it to reduce
+- * future sync problems.
+- */
+-#define DEF_WEAK(x)
+-
+ /*
+ * Platforms that have arc4random_uniform() and not arc4random_stir()
+ * shouldn't need the latter.
+diff --git a/krl.c b/krl.c
+index 8e2d5d5d..65f40205 100644
+--- a/krl.c
++++ b/krl.c
+@@ -59,7 +59,7 @@ struct revoked_serial {
+ };
+ static int serial_cmp(struct revoked_serial *a, struct revoked_serial *b);
+ RB_HEAD(revoked_serial_tree, revoked_serial);
+-RB_GENERATE_STATIC(revoked_serial_tree, revoked_serial, tree_entry, serial_cmp);
++RB_GENERATE_STATIC(revoked_serial_tree, revoked_serial, tree_entry, serial_cmp)
+
+ /* Tree of key IDs */
+ struct revoked_key_id {
+@@ -68,7 +68,7 @@ struct revoked_key_id {
+ };
+ static int key_id_cmp(struct revoked_key_id *a, struct revoked_key_id *b);
+ RB_HEAD(revoked_key_id_tree, revoked_key_id);
+-RB_GENERATE_STATIC(revoked_key_id_tree, revoked_key_id, tree_entry, key_id_cmp);
++RB_GENERATE_STATIC(revoked_key_id_tree, revoked_key_id, tree_entry, key_id_cmp)
+
+ /* Tree of blobs (used for keys and fingerprints) */
+ struct revoked_blob {
+@@ -78,7 +78,7 @@ struct revoked_blob {
+ };
+ static int blob_cmp(struct revoked_blob *a, struct revoked_blob *b);
+ RB_HEAD(revoked_blob_tree, revoked_blob);
+-RB_GENERATE_STATIC(revoked_blob_tree, revoked_blob, tree_entry, blob_cmp);
++RB_GENERATE_STATIC(revoked_blob_tree, revoked_blob, tree_entry, blob_cmp)
+
+ /* Tracks revoked certs for a single CA */
+ struct revoked_certs {
+diff --git a/openbsd-compat/readpassphrase.c b/openbsd-compat/readpassphrase.c
+index ff8ff3de..6862a5e9 100644
+--- a/openbsd-compat/readpassphrase.c
++++ b/openbsd-compat/readpassphrase.c
+@@ -191,7 +191,6 @@ restart:
+ errno = save_errno;
+ return(nr == -1 ? NULL : buf);
+ }
+-DEF_WEAK(readpassphrase);
+
+ #if 0
+ char *
+diff --git a/openbsd-compat/recallocarray.c b/openbsd-compat/recallocarray.c
+index 3e1156ce..e391b979 100644
+--- a/openbsd-compat/recallocarray.c
++++ b/openbsd-compat/recallocarray.c
+@@ -85,6 +85,5 @@ recallocarray(void *ptr, size_t oldnmemb, size_t newnmemb, size_t size)
+
+ return newptr;
+ }
+-/* DEF_WEAK(recallocarray); */
+
+ #endif /* HAVE_RECALLOCARRAY */
+diff --git a/openbsd-compat/strcasestr.c b/openbsd-compat/strcasestr.c
+index 4c4d1475..020f3475 100644
+--- a/openbsd-compat/strcasestr.c
++++ b/openbsd-compat/strcasestr.c
+@@ -64,6 +64,5 @@ strcasestr(const char *s, const char *find)
+ }
+ return ((char *)s);
+ }
+-DEF_WEAK(strcasestr);
+
+ #endif
+diff --git a/openbsd-compat/strndup.c b/openbsd-compat/strndup.c
+index 30ac6f04..30e47544 100644
+--- a/openbsd-compat/strndup.c
++++ b/openbsd-compat/strndup.c
+@@ -39,5 +39,5 @@ strndup(const char *str, size_t maxlen)
+
+ return copy;
+ }
+-DEF_WEAK(strndup);
++
+ #endif /* HAVE_STRNDUP */
+diff --git a/openbsd-compat/vis.c b/openbsd-compat/vis.c
+index 0e04ed02..a5a05b1b 100644
+--- a/openbsd-compat/vis.c
++++ b/openbsd-compat/vis.c
+@@ -142,7 +142,6 @@ done:
+ *dst = '\0';
+ return (dst);
+ }
+-DEF_WEAK(vis);
+
+ /*
+ * strvis, strnvis, strvisx - visually encode characters from src into dst
+@@ -168,7 +167,6 @@ strvis(char *dst, const char *src, int flag)
+ *dst = '\0';
+ return (dst - start);
+ }
+-DEF_WEAK(strvis);
+
+ int
+ strnvis(char *dst, const char *src, size_t siz, int flag)
+--
+2.20.1
+
diff --git a/pkg/openssh/patch/0004-Include-stdlib.h-for-arc4random_uniform.patch b/pkg/openssh/patch/0004-Include-stdlib.h-for-arc4random_uniform.patch
@@ -0,0 +1,24 @@
+From 8e035c27bf466534db0b9233cb038973b1f9ffc5 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Wed, 19 Jun 2019 20:06:29 -0700
+Subject: [PATCH] Include stdlib.h for arc4random_uniform
+
+---
+ openbsd-compat/bindresvport.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c
+index eeb269d5..346c7fe5 100644
+--- a/openbsd-compat/bindresvport.c
++++ b/openbsd-compat/bindresvport.c
+@@ -40,6 +40,7 @@
+ #include <arpa/inet.h>
+
+ #include <errno.h>
++#include <stdlib.h>
+ #include <string.h>
+
+ #define STARTPORT 600
+--
+2.20.1
+
diff --git a/pkg/openssh/ver b/pkg/openssh/ver
@@ -1 +1 @@
-8.0p1 r0
+8.0p1 r1
