1 |
commit: 126e92820579e58d391f55fdfefe425a685fc217 |
2 |
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Feb 26 01:37:51 2022 +0000 |
4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Feb 26 01:37:51 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=126e9282 |
7 |
|
8 |
net-misc/openssh: Add patch to fix #834044 |
9 |
|
10 |
I can't reproduce this locally, however this should be a fairly simple |
11 |
fix. |
12 |
Closes: https://bugs.gentoo.org/834044 |
13 |
Package-Manager: Portage-3.0.30, Repoman-3.0.3 |
14 |
Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org> |
15 |
|
16 |
.../files/openssh-8.9_p1-X509-glue-13.3.patch | 13 ++++++++++- |
17 |
.../openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch | 27 ++++++++++++++++++++++ |
18 |
net-misc/openssh/openssh-8.9_p1.ebuild | 1 + |
19 |
3 files changed, 40 insertions(+), 1 deletion(-) |
20 |
|
21 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
22 |
index 66617a17af2a..7c7767109dd5 100644 |
23 |
--- a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
24 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch |
25 |
@@ -1,6 +1,6 @@ |
26 |
diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-13.3.diff |
27 |
--- a/openssh-8.9p1+x509-13.3.diff 2022-02-24 17:19:30.830285922 -0800 |
28 |
-+++ b/openssh-8.9p1+x509-13.3.diff 2022-02-25 16:56:00.750829460 -0800 |
29 |
++++ b/openssh-8.9p1+x509-13.3.diff 2022-02-25 17:35:40.885492007 -0800 |
30 |
@@ -993,15 +993,16 @@ |
31 |
char b[512]; |
32 |
- size_t len = ssh_digest_bytes(SSH_DIGEST_SHA512); |
33 |
@@ -21,6 +21,17 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509- |
34 |
(void)snprintf(b, sizeof b, "%llu%s", |
35 |
(unsigned long long)options.timing_secret, user); |
36 |
- if (ssh_digest_memory(SSH_DIGEST_SHA512, b, strlen(b), hash, len) != 0) |
37 |
+@@ -44573,8 +44574,8 @@ |
38 |
+ gss_create_empty_oid_set(&status, &oidset); |
39 |
+ gss_add_oid_set_member(&status, ctx->oid, &oidset); |
40 |
+ |
41 |
+-- if (gethostname(lname, MAXHOSTNAMELEN)) { |
42 |
+-+ if (gethostname(lname, MAXHOSTNAMELEN) == -1) { |
43 |
++- if (gethostname(lname, HOST_NAME_MAX)) { |
44 |
+++ if (gethostname(lname, HOST_NAME_MAX) == -1) { |
45 |
+ gss_release_oid_set(&status, &oidset); |
46 |
+ return (-1); |
47 |
+ } |
48 |
@@ -51970,7 +51971,7 @@ |
49 |
diff -ruN openssh-8.9p1/m4/openssh.m4 openssh-8.9p1+x509-13.3/m4/openssh.m4 |
50 |
--- openssh-8.9p1/m4/openssh.m4 2022-02-23 13:31:11.000000000 +0200 |
51 |
|
52 |
diff --git a/net-misc/openssh/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch b/net-misc/openssh/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch |
53 |
new file mode 100644 |
54 |
index 000000000000..98c87ecf5f47 |
55 |
--- /dev/null |
56 |
+++ b/net-misc/openssh/files/openssh-8.9_p1-gss-use-HOST_NAME_MAX.patch |
57 |
@@ -0,0 +1,27 @@ |
58 |
+diff --git a/gss-serv.c b/gss-serv.c |
59 |
+index b5d4bb2d..00e3d118 100644 |
60 |
+--- a/gss-serv.c |
61 |
++++ b/gss-serv.c |
62 |
+@@ -105,7 +105,7 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx) |
63 |
+ gss_create_empty_oid_set(&status, &oidset); |
64 |
+ gss_add_oid_set_member(&status, ctx->oid, &oidset); |
65 |
+ |
66 |
+- if (gethostname(lname, MAXHOSTNAMELEN)) { |
67 |
++ if (gethostname(lname, HOST_NAME_MAX)) { |
68 |
+ gss_release_oid_set(&status, &oidset); |
69 |
+ return (-1); |
70 |
+ } |
71 |
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c |
72 |
+index 2e065ba3..4ce80cb2 100644 |
73 |
+--- a/sandbox-seccomp-filter.c |
74 |
++++ b/sandbox-seccomp-filter.c |
75 |
+@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = { |
76 |
+ #ifdef __NR_ppoll |
77 |
+ SC_ALLOW(__NR_ppoll), |
78 |
+ #endif |
79 |
++#ifdef __NR_ppoll_time64 |
80 |
++ SC_ALLOW(__NR_ppoll_time64), |
81 |
++#endif |
82 |
+ #ifdef __NR_poll |
83 |
+ SC_ALLOW(__NR_poll), |
84 |
+ #endif |
85 |
|
86 |
diff --git a/net-misc/openssh/openssh-8.9_p1.ebuild b/net-misc/openssh/openssh-8.9_p1.ebuild |
87 |
index bb334274000e..562d5b5a4914 100644 |
88 |
--- a/net-misc/openssh/openssh-8.9_p1.ebuild |
89 |
+++ b/net-misc/openssh/openssh-8.9_p1.ebuild |
90 |
@@ -128,6 +128,7 @@ src_prepare() { |
91 |
eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch |
92 |
eapply "${FILESDIR}"/${PN}-8.9_p1-allow-ppoll_time64.patch #834019 |
93 |
eapply "${FILESDIR}"/${PN}-8.9_p1-fzero-call-used-regs.patch #834037 |
94 |
+ eapply "${FILESDIR}"/${PN}-8.9_p1-gss-use-HOST_NAME_MAX.patch #834044 |
95 |
|
96 |
[[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches |