diff --git a/packages/openssh/build.sh b/packages/openssh/build.sh index d3756b79f..6f59b1a61 100755 --- a/packages/openssh/build.sh +++ b/packages/openssh/build.sh @@ -1,6 +1,6 @@ TERMUX_PKG_HOMEPAGE=http://www.openssh.com/ TERMUX_PKG_DESCRIPTION="Secure shell for logging into a remote machine" -TERMUX_PKG_VERSION=7.1p2 +TERMUX_PKG_VERSION=7.2p1 TERMUX_PKG_SRCURL=http://ftp.eu.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${TERMUX_PKG_VERSION}.tar.gz TERMUX_PKG_DEPENDS="libandroid-support, ldns, openssl" # --disable-strip to prevent host "install" command to use "-s", which won't work for target binaries: diff --git a/packages/openssh/sshd.c.patch b/packages/openssh/sshd.c.patch index 71d463b5e..86c70e440 100644 --- a/packages/openssh/sshd.c.patch +++ b/packages/openssh/sshd.c.patch @@ -2,21 +2,21 @@ Avoid calling setgroups(2). Hardcode and do not require absolute path. -diff -u -r ../openssh-6.6p1/sshd.c ./sshd.c ---- ../openssh-6.6p1/sshd.c 2014-02-27 00:20:08.000000000 +0100 -+++ ./sshd.c 2014-06-04 13:25:00.476658070 +0200 -@@ -647,8 +647,10 @@ - do_setusercontext(privsep_pw); - #else - gidset[0] = privsep_pw->pw_gid; +diff -u -r ../openssh-7.2p1/sshd.c ./sshd.c +--- ../openssh-7.2p1/sshd.c 2016-02-25 22:40:04.000000000 -0500 ++++ ./sshd.c 2016-02-29 02:36:00.863344328 -0500 +@@ -644,8 +644,10 @@ + debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, + (u_int)privsep_pw->pw_gid); + gidset[0] = privsep_pw->pw_gid; +#ifndef __ANDROID__ - if (setgroups(1, gidset) < 0) - fatal("setgroups: %.100s", strerror(errno)); + if (setgroups(1, gidset) < 0) + fatal("setgroups: %.100s", strerror(errno)); +#endif - permanently_set_uid(privsep_pw); - #endif + permanently_set_uid(privsep_pw); + } } -@@ -1403,7 +1405,8 @@ +@@ -1487,7 +1489,8 @@ saved_argc = ac; rexec_argc = ac; saved_argv = xcalloc(ac + 1, sizeof(*saved_argv)); @@ -26,7 +26,7 @@ diff -u -r ../openssh-6.6p1/sshd.c ./sshd.c saved_argv[i] = xstrdup(av[i]); saved_argv[i] = NULL; -@@ -1413,8 +1416,10 @@ +@@ -1497,8 +1500,10 @@ av = saved_argv; #endif @@ -37,7 +37,7 @@ diff -u -r ../openssh-6.6p1/sshd.c ./sshd.c /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); -@@ -1543,8 +1548,6 @@ +@@ -1628,8 +1633,6 @@ } if (rexeced_flag || inetd_flag) rexec_flag = 0; @@ -46,7 +46,7 @@ diff -u -r ../openssh-6.6p1/sshd.c ./sshd.c if (rexeced_flag) closefrom(REEXEC_MIN_FREE_FD); else -@@ -1669,7 +1672,9 @@ +@@ -1764,7 +1767,9 @@ free(privsep_pw->pw_passwd); privsep_pw->pw_passwd = xstrdup("*"); } @@ -56,7 +56,7 @@ diff -u -r ../openssh-6.6p1/sshd.c ./sshd.c /* load host keys */ sensitive_data.host_keys = xcalloc(options.num_host_key_files, -@@ -1838,8 +1843,10 @@ +@@ -1948,8 +1953,10 @@ * to create a file, and we can't control the code in every * module which might be used). */