| 1 |
commit: 9cbbc55aee6b2534bbc8d8fe12128c1083ee6850 |
| 2 |
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sat Feb 26 01:06:59 2022 +0000 |
| 4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sat Feb 26 01:06:59 2022 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9cbbc55a |
| 7 |
|
| 8 |
net-misc/openssh: Add patches for bugs #834019 and #834037 |
| 9 |
|
| 10 |
Bug: https://bugs.gentoo.org/834019 |
| 11 |
Bug: https://bugs.gentoo.org/834037 |
| 12 |
Package-Manager: Portage-3.0.30, Repoman-3.0.3 |
| 13 |
Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org> |
| 14 |
|
| 15 |
.../files/openssh-8.9_p1-X509-glue-13.3.patch | 34 +++++++++++++++++++--- |
| 16 |
.../files/openssh-8.9_p1-allow-ppoll_time64.patch | 14 +++++++++ |
| 17 |
.../openssh-8.9_p1-fzero-call-used-regs.patch | 32 ++++++++++++++++++++ |
| 18 |
net-misc/openssh/openssh-8.9_p1.ebuild | 2 ++ |
| 19 |
4 files changed, 78 insertions(+), 4 deletions(-) |
| 20 |
|
| 21 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
| 22 |
index 91da09971acc..66617a17af2a 100644 |
| 23 |
--- a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
| 24 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
| 25 |
@@ -1,6 +1,6 @@ |
| 26 |
diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-13.3.diff |
| 27 |
--- a/openssh-8.9p1+x509-13.3.diff 2022-02-24 17:19:30.830285922 -0800 |
| 28 |
-+++ b/openssh-8.9p1+x509-13.3.diff 2022-02-24 17:22:12.374625809 -0800 |
| 29 |
++++ b/openssh-8.9p1+x509-13.3.diff 2022-02-25 16:56:00.750829460 -0800 |
| 30 |
@@ -993,15 +993,16 @@ |
| 31 |
char b[512]; |
| 32 |
- size_t len = ssh_digest_bytes(SSH_DIGEST_SHA512); |
| 33 |
@@ -21,7 +21,33 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
| 34 |
(void)snprintf(b, sizeof b, "%llu%s", |
| 35 |
(unsigned long long)options.timing_secret, user); |
| 36 |
- if (ssh_digest_memory(SSH_DIGEST_SHA512, b, strlen(b), hash, len) != 0) |
| 37 |
-@@ -52711,12 +52712,11 @@ |
| 38 |
+@@ -51970,7 +51971,7 @@ |
| 39 |
+ diff -ruN openssh-8.9p1/m4/openssh.m4 openssh-8.9p1+x509-13.3/m4/openssh.m4 |
| 40 |
+ --- openssh-8.9p1/m4/openssh.m4 2022-02-23 13:31:11.000000000 +0200 |
| 41 |
+ +++ openssh-8.9p1+x509-13.3/m4/openssh.m4 1970-01-01 02:00:00.000000000 +0200 |
| 42 |
+-@@ -1,200 +0,0 @@ |
| 43 |
++@@ -1,203 +0,0 @@ |
| 44 |
+ -dnl OpenSSH-specific autoconf macros |
| 45 |
+ -dnl |
| 46 |
+ - |
| 47 |
+@@ -51987,6 +51988,8 @@ |
| 48 |
+ - AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ |
| 49 |
+ -#include <stdlib.h> |
| 50 |
+ -#include <stdio.h> |
| 51 |
++-/* Trivial function to help test for -fzero-call-used-regs */ |
| 52 |
++-void f(int n) {} |
| 53 |
+ -int main(int argc, char **argv) { |
| 54 |
+ - (void)argv; |
| 55 |
+ - /* Some math to catch -ftrapv problems in the toolchain */ |
| 56 |
+@@ -51994,6 +51997,7 @@ |
| 57 |
+ - float l = i * 2.1; |
| 58 |
+ - double m = l / 0.5; |
| 59 |
+ - long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; |
| 60 |
++- f(0); |
| 61 |
+ - printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); |
| 62 |
+ - /* |
| 63 |
+ - * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does |
| 64 |
+@@ -52711,12 +52715,11 @@ |
| 65 |
|
| 66 |
install-files: |
| 67 |
$(MKDIR_P) $(DESTDIR)$(bindir) |
| 68 |
@@ -35,7 +61,7 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
| 69 |
$(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH) |
| 70 |
$(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT) |
| 71 |
$(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT) |
| 72 |
-@@ -73508,7 +73508,7 @@ |
| 73 |
+@@ -73508,7 +73511,7 @@ |
| 74 |
+if test "$sshd_type" = "pkix" ; then |
| 75 |
+ unset_arg='' |
| 76 |
+else |
| 77 |
@@ -44,7 +70,7 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
| 78 |
+fi |
| 79 |
+ |
| 80 |
cat > $OBJ/sshd_config.i << _EOF |
| 81 |
-@@ -137555,16 +137555,6 @@ |
| 82 |
+@@ -137555,16 +137558,6 @@ |
| 83 |
+int asnmprintf(char **, size_t, int *, const char *, ...) |
| 84 |
__attribute__((format(printf, 4, 5))); |
| 85 |
void msetlocale(void); |
| 86 |
|
| 87 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch |
| 88 |
new file mode 100644 |
| 89 |
index 000000000000..8c46625aa29c |
| 90 |
--- /dev/null |
| 91 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch |
| 92 |
@@ -0,0 +1,14 @@ |
| 93 |
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c |
| 94 |
+index 2e065ba3..4ce80cb2 100644 |
| 95 |
+--- a/sandbox-seccomp-filter.c |
| 96 |
++++ b/sandbox-seccomp-filter.c |
| 97 |
+@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = { |
| 98 |
+ #ifdef __NR_ppoll |
| 99 |
+ SC_ALLOW(__NR_ppoll), |
| 100 |
+ #endif |
| 101 |
++#ifdef __NR_ppoll_time64 |
| 102 |
++ SC_ALLOW(__NR_ppoll_time64), |
| 103 |
++#endif |
| 104 |
+ #ifdef __NR_poll |
| 105 |
+ SC_ALLOW(__NR_poll), |
| 106 |
+ #endif |
| 107 |
|
| 108 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch b/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch |
| 109 |
new file mode 100644 |
| 110 |
index 000000000000..0231ce46d7b1 |
| 111 |
--- /dev/null |
| 112 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch |
| 113 |
@@ -0,0 +1,32 @@ |
| 114 |
+From f107467179428a0e3ea9e4aa9738ac12ff02822d Mon Sep 17 00:00:00 2001 |
| 115 |
+From: Colin Watson <cjwatson@××××××.org> |
| 116 |
+Date: Thu, 24 Feb 2022 16:04:18 +0000 |
| 117 |
+Subject: [PATCH] Improve detection of -fzero-call-used-regs=all support |
| 118 |
+ |
| 119 |
+GCC doesn't tell us whether this option is supported unless it runs into |
| 120 |
+the situation where it would need to emit corresponding code. |
| 121 |
+--- |
| 122 |
+ m4/openssh.m4 | 3 +++ |
| 123 |
+ 1 file changed, 3 insertions(+) |
| 124 |
+ |
| 125 |
+diff --git a/m4/openssh.m4 b/m4/openssh.m4 |
| 126 |
+index 4f9c3792dc1..8c33c701b8b 100644 |
| 127 |
+--- a/m4/openssh.m4 |
| 128 |
++++ b/m4/openssh.m4 |
| 129 |
+@@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ |
| 130 |
+ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ |
| 131 |
+ #include <stdlib.h> |
| 132 |
+ #include <stdio.h> |
| 133 |
++/* Trivial function to help test for -fzero-call-used-regs */ |
| 134 |
++void f(int n) {} |
| 135 |
+ int main(int argc, char **argv) { |
| 136 |
+ (void)argv; |
| 137 |
+ /* Some math to catch -ftrapv problems in the toolchain */ |
| 138 |
+@@ -21,6 +23,7 @@ int main(int argc, char **argv) { |
| 139 |
+ float l = i * 2.1; |
| 140 |
+ double m = l / 0.5; |
| 141 |
+ long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; |
| 142 |
++ f(0); |
| 143 |
+ printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); |
| 144 |
+ /* |
| 145 |
+ * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does |
| 146 |
|
| 147 |
diff --git a/net-misc/openssh/openssh-8.9_p1.ebuild b/net-misc/openssh/openssh-8.9_p1.ebuild |
| 148 |
index 5b7b5d1c44db..bb334274000e 100644 |
| 149 |
--- a/net-misc/openssh/openssh-8.9_p1.ebuild |
| 150 |
+++ b/net-misc/openssh/openssh-8.9_p1.ebuild |
| 151 |
@@ -126,6 +126,8 @@ src_prepare() { |
| 152 |
eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch |
| 153 |
eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch |
| 154 |
eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch |
| 155 |
+ eapply "${FILESDIR}"/${PN}-8.9_p1-allow-ppoll_time64.patch #834019 |
| 156 |
+ eapply "${FILESDIR}"/${PN}-8.9_p1-fzero-call-used-regs.patch #834037 |
| 157 |
|
| 158 |
[[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches |
Archives