1 |
commit: 9cbbc55aee6b2534bbc8d8fe12128c1083ee6850 |
2 |
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Feb 26 01:06:59 2022 +0000 |
4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Feb 26 01:06:59 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9cbbc55a |
7 |
|
8 |
net-misc/openssh: Add patches for bugs #834019 and #834037 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/834019 |
11 |
Bug: https://bugs.gentoo.org/834037 |
12 |
Package-Manager: Portage-3.0.30, Repoman-3.0.3 |
13 |
Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org> |
14 |
|
15 |
.../files/openssh-8.9_p1-X509-glue-13.3.patch | 34 +++++++++++++++++++--- |
16 |
.../files/openssh-8.9_p1-allow-ppoll_time64.patch | 14 +++++++++ |
17 |
.../openssh-8.9_p1-fzero-call-used-regs.patch | 32 ++++++++++++++++++++ |
18 |
net-misc/openssh/openssh-8.9_p1.ebuild | 2 ++ |
19 |
4 files changed, 78 insertions(+), 4 deletions(-) |
20 |
|
21 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
22 |
index 91da09971acc..66617a17af2a 100644 |
23 |
--- a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
24 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
25 |
@@ -1,6 +1,6 @@ |
26 |
diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-13.3.diff |
27 |
--- a/openssh-8.9p1+x509-13.3.diff 2022-02-24 17:19:30.830285922 -0800 |
28 |
-+++ b/openssh-8.9p1+x509-13.3.diff 2022-02-24 17:22:12.374625809 -0800 |
29 |
++++ b/openssh-8.9p1+x509-13.3.diff 2022-02-25 16:56:00.750829460 -0800 |
30 |
@@ -993,15 +993,16 @@ |
31 |
char b[512]; |
32 |
- size_t len = ssh_digest_bytes(SSH_DIGEST_SHA512); |
33 |
@@ -21,7 +21,33 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
34 |
(void)snprintf(b, sizeof b, "%llu%s", |
35 |
(unsigned long long)options.timing_secret, user); |
36 |
- if (ssh_digest_memory(SSH_DIGEST_SHA512, b, strlen(b), hash, len) != 0) |
37 |
-@@ -52711,12 +52712,11 @@ |
38 |
+@@ -51970,7 +51971,7 @@ |
39 |
+ diff -ruN openssh-8.9p1/m4/openssh.m4 openssh-8.9p1+x509-13.3/m4/openssh.m4 |
40 |
+ --- openssh-8.9p1/m4/openssh.m4 2022-02-23 13:31:11.000000000 +0200 |
41 |
+ +++ openssh-8.9p1+x509-13.3/m4/openssh.m4 1970-01-01 02:00:00.000000000 +0200 |
42 |
+-@@ -1,200 +0,0 @@ |
43 |
++@@ -1,203 +0,0 @@ |
44 |
+ -dnl OpenSSH-specific autoconf macros |
45 |
+ -dnl |
46 |
+ - |
47 |
+@@ -51987,6 +51988,8 @@ |
48 |
+ - AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ |
49 |
+ -#include <stdlib.h> |
50 |
+ -#include <stdio.h> |
51 |
++-/* Trivial function to help test for -fzero-call-used-regs */ |
52 |
++-void f(int n) {} |
53 |
+ -int main(int argc, char **argv) { |
54 |
+ - (void)argv; |
55 |
+ - /* Some math to catch -ftrapv problems in the toolchain */ |
56 |
+@@ -51994,6 +51997,7 @@ |
57 |
+ - float l = i * 2.1; |
58 |
+ - double m = l / 0.5; |
59 |
+ - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; |
60 |
++- f(0); |
61 |
+ - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); |
62 |
+ - /* |
63 |
+ - * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does |
64 |
+@@ -52711,12 +52715,11 @@ |
65 |
|
66 |
install-files: |
67 |
$(MKDIR_P) $(DESTDIR)$(bindir) |
68 |
@@ -35,7 +61,7 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
69 |
$(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH) |
70 |
$(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT) |
71 |
$(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT) |
72 |
-@@ -73508,7 +73508,7 @@ |
73 |
+@@ -73508,7 +73511,7 @@ |
74 |
+if test "$sshd_type" = "pkix" ; then |
75 |
+ unset_arg='' |
76 |
+else |
77 |
@@ -44,7 +70,7 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
78 |
+fi |
79 |
+ |
80 |
cat > $OBJ/sshd_config.i << _EOF |
81 |
-@@ -137555,16 +137555,6 @@ |
82 |
+@@ -137555,16 +137558,6 @@ |
83 |
+int asnmprintf(char **, size_t, int *, const char *, ...) |
84 |
__attribute__((format(printf, 4, 5))); |
85 |
void msetlocale(void); |
86 |
|
87 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch |
88 |
new file mode 100644 |
89 |
index 000000000000..8c46625aa29c |
90 |
--- /dev/null |
91 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch |
92 |
@@ -0,0 +1,14 @@ |
93 |
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c |
94 |
+index 2e065ba3..4ce80cb2 100644 |
95 |
+--- a/sandbox-seccomp-filter.c |
96 |
++++ b/sandbox-seccomp-filter.c |
97 |
+@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = { |
98 |
+ #ifdef __NR_ppoll |
99 |
+ SC_ALLOW(__NR_ppoll), |
100 |
+ #endif |
101 |
++#ifdef __NR_ppoll_time64 |
102 |
++ SC_ALLOW(__NR_ppoll_time64), |
103 |
++#endif |
104 |
+ #ifdef __NR_poll |
105 |
+ SC_ALLOW(__NR_poll), |
106 |
+ #endif |
107 |
|
108 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch b/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch |
109 |
new file mode 100644 |
110 |
index 000000000000..0231ce46d7b1 |
111 |
--- /dev/null |
112 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch |
113 |
@@ -0,0 +1,32 @@ |
114 |
+From f107467179428a0e3ea9e4aa9738ac12ff02822d Mon Sep 17 00:00:00 2001 |
115 |
+From: Colin Watson <cjwatson@××××××.org> |
116 |
+Date: Thu, 24 Feb 2022 16:04:18 +0000 |
117 |
+Subject: [PATCH] Improve detection of -fzero-call-used-regs=all support |
118 |
+ |
119 |
+GCC doesn't tell us whether this option is supported unless it runs into |
120 |
+the situation where it would need to emit corresponding code. |
121 |
+--- |
122 |
+ m4/openssh.m4 | 3 +++ |
123 |
+ 1 file changed, 3 insertions(+) |
124 |
+ |
125 |
+diff --git a/m4/openssh.m4 b/m4/openssh.m4 |
126 |
+index 4f9c3792dc1..8c33c701b8b 100644 |
127 |
+--- a/m4/openssh.m4 |
128 |
++++ b/m4/openssh.m4 |
129 |
+@@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ |
130 |
+ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ |
131 |
+ #include <stdlib.h> |
132 |
+ #include <stdio.h> |
133 |
++/* Trivial function to help test for -fzero-call-used-regs */ |
134 |
++void f(int n) {} |
135 |
+ int main(int argc, char **argv) { |
136 |
+ (void)argv; |
137 |
+ /* Some math to catch -ftrapv problems in the toolchain */ |
138 |
+@@ -21,6 +23,7 @@ int main(int argc, char **argv) { |
139 |
+ float l = i * 2.1; |
140 |
+ double m = l / 0.5; |
141 |
+ long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; |
142 |
++ f(0); |
143 |
+ printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); |
144 |
+ /* |
145 |
+ * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does |
146 |
|
147 |
diff --git a/net-misc/openssh/openssh-8.9_p1.ebuild b/net-misc/openssh/openssh-8.9_p1.ebuild |
148 |
index 5b7b5d1c44db..bb334274000e 100644 |
149 |
--- a/net-misc/openssh/openssh-8.9_p1.ebuild |
150 |
+++ b/net-misc/openssh/openssh-8.9_p1.ebuild |
151 |
@@ -126,6 +126,8 @@ src_prepare() { |
152 |
eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch |
153 |
eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch |
154 |
eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch |
155 |
+ eapply "${FILESDIR}"/${PN}-8.9_p1-allow-ppoll_time64.patch #834019 |
156 |
+ eapply "${FILESDIR}"/${PN}-8.9_p1-fzero-call-used-regs.patch #834037 |
157 |
|
158 |
[[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches |