openssh: Update from 7.9p1 to 8.0p1
This commit is contained in:
Fredrik Fornwall
parent
3f43bab10c
commit
90ef6f9cef
@ -1,9 +1,9 @@
|
||||
TERMUX_PKG_HOMEPAGE=https://www.openssh.com/
|
||||
TERMUX_PKG_DESCRIPTION="Secure shell for logging into a remote machine"
|
||||
TERMUX_PKG_LICENSE="BSD"
|
||||
TERMUX_PKG_VERSION=7.9p1
|
||||
TERMUX_PKG_REVISION=7
|
||||
TERMUX_PKG_SHA256=6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad
|
||||
TERMUX_PKG_VERSION=8.0p1
|
||||
TERMUX_PKG_REVISION=1
|
||||
TERMUX_PKG_SHA256=bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68
|
||||
TERMUX_PKG_SRCURL=https://fastly.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${TERMUX_PKG_VERSION}.tar.gz
|
||||
TERMUX_PKG_DEPENDS="libandroid-support, ldns, openssl, libedit, termux-auth, krb5, zlib"
|
||||
TERMUX_PKG_CONFLICTS="dropbear"
|
||||
|
||||
@ -1,25 +1,25 @@
|
||||
diff -uNr openssh-7.9p1/session.c openssh-7.9p1.mod/session.c
|
||||
--- openssh-7.9p1/session.c 2018-10-17 03:01:20.000000000 +0300
|
||||
+++ openssh-7.9p1.mod/session.c 2019-03-01 23:13:36.360949253 +0200
|
||||
@@ -200,7 +200,7 @@
|
||||
diff -u -r ../openssh-8.0p1/session.c ./session.c
|
||||
--- ../openssh-8.0p1/session.c 2019-04-17 22:52:57.000000000 +0000
|
||||
+++ ./session.c 2019-04-18 06:48:19.351575794 +0000
|
||||
@@ -197,7 +197,7 @@
|
||||
temporarily_use_uid(pw);
|
||||
|
||||
|
||||
/* Allocate a buffer for the socket name, and format the name. */
|
||||
- auth_sock_dir = xstrdup("/tmp/ssh-XXXXXXXXXX");
|
||||
+ auth_sock_dir = xstrdup("@TERMUX_PREFIX@/tmp/ssh-XXXXXXXXXX");
|
||||
|
||||
|
||||
/* Create private directory for socket */
|
||||
if (mkdtemp(auth_sock_dir) == NULL) {
|
||||
@@ -268,7 +268,7 @@
|
||||
@@ -267,7 +267,7 @@
|
||||
return;
|
||||
|
||||
|
||||
temporarily_use_uid(pw);
|
||||
- auth_info_file = xstrdup("/tmp/sshauth.XXXXXXXXXXXXXXX");
|
||||
+ auth_info_file = xstrdup("@TERMUX_PREFIX@/tmp/sshauth.XXXXXXXXXXXXXXX");
|
||||
if ((fd = mkstemp(auth_info_file)) == -1) {
|
||||
error("%s: mkstemp: %s", __func__, strerror(errno));
|
||||
goto out;
|
||||
@@ -833,7 +833,7 @@
|
||||
@@ -803,7 +803,7 @@
|
||||
f = fopen(login_getcapstr(lc, "welcome", "/etc/motd",
|
||||
"/etc/motd"), "r");
|
||||
#else
|
||||
@ -28,21 +28,24 @@ diff -uNr openssh-7.9p1/session.c openssh-7.9p1.mod/session.c
|
||||
#endif
|
||||
if (f) {
|
||||
while (fgets(buf, sizeof(buf), f))
|
||||
@@ -1082,8 +1082,10 @@
|
||||
@@ -1052,11 +1052,13 @@
|
||||
# endif /* HAVE_CYGWIN */
|
||||
#endif /* HAVE_LOGIN_CAP */
|
||||
|
||||
|
||||
+#ifdef _PATH_MAILDIR
|
||||
snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name);
|
||||
child_set_env(&env, &envsize, "MAIL", buf);
|
||||
if (!options.use_pam) {
|
||||
snprintf(buf, sizeof buf, "%.200s/%.50s",
|
||||
_PATH_MAILDIR, pw->pw_name);
|
||||
child_set_env(&env, &envsize, "MAIL", buf);
|
||||
}
|
||||
+#endif
|
||||
|
||||
|
||||
/* Normal systems set SHELL by default. */
|
||||
child_set_env(&env, &envsize, "SHELL", shell);
|
||||
@@ -1127,6 +1129,15 @@
|
||||
@@ -1100,6 +1102,15 @@
|
||||
auth_sock_name);
|
||||
|
||||
|
||||
|
||||
|
||||
+#ifdef __ANDROID__
|
||||
+ char const* envs_to_keep[] = {"LD_LIBRARY_PATH", "PATH", "ANDROID_ROOT", "ANDROID_DATA", "EXTERNAL_STORAGE", "LANG", "PREFIX", "TMPDIR"};
|
||||
+ for (i = 0; i < (sizeof(envs_to_keep) / sizeof(envs_to_keep[0])); i++) {
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
|
||||
--- ../openssh-7.7p1/sshd.c 2018-04-02 07:38:28.000000000 +0200
|
||||
+++ ./sshd.c 2018-04-03 23:48:49.605335389 +0200
|
||||
@@ -553,8 +553,10 @@
|
||||
diff -u -r ../openssh-8.0p1/sshd.c ./sshd.c
|
||||
--- ../openssh-8.0p1/sshd.c 2019-04-17 22:52:57.000000000 +0000
|
||||
+++ ./sshd.c 2019-04-18 06:50:06.774278599 +0000
|
||||
@@ -468,8 +468,10 @@
|
||||
debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
|
||||
(u_int)privsep_pw->pw_gid);
|
||||
gidset[0] = privsep_pw->pw_gid;
|
||||
@ -12,7 +12,7 @@ diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
|
||||
permanently_set_uid(privsep_pw);
|
||||
}
|
||||
}
|
||||
@@ -1447,7 +1449,8 @@
|
||||
@@ -1444,7 +1446,8 @@
|
||||
saved_argc = ac;
|
||||
rexec_argc = ac;
|
||||
saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
|
||||
@ -22,7 +22,7 @@ diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
|
||||
saved_argv[i] = xstrdup(av[i]);
|
||||
saved_argv[i] = NULL;
|
||||
|
||||
@@ -1457,8 +1460,10 @@
|
||||
@@ -1454,8 +1457,10 @@
|
||||
av = saved_argv;
|
||||
#endif
|
||||
|
||||
@ -33,16 +33,18 @@ diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
|
||||
|
||||
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
||||
sanitise_stdfd();
|
||||
@@ -1577,8 +1582,6 @@
|
||||
@@ -1576,8 +1581,10 @@
|
||||
}
|
||||
if (rexeced_flag || inetd_flag)
|
||||
rexec_flag = 0;
|
||||
- if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
|
||||
- fatal("sshd re-exec requires execution with an absolute path");
|
||||
+#ifndef __ANDROID__
|
||||
if (!test_flag && rexec_flag && !path_absolute(av[0]))
|
||||
fatal("sshd re-exec requires execution with an absolute path");
|
||||
+#endif
|
||||
if (rexeced_flag)
|
||||
closefrom(REEXEC_MIN_FREE_FD);
|
||||
else
|
||||
@@ -1692,7 +1695,9 @@
|
||||
@@ -1696,7 +1703,9 @@
|
||||
freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd));
|
||||
privsep_pw->pw_passwd = xstrdup("*");
|
||||
}
|
||||
@ -52,7 +54,7 @@ diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
|
||||
|
||||
/* load host keys */
|
||||
sensitive_data.host_keys = xcalloc(options.num_host_key_files,
|
||||
@@ -1842,8 +1847,10 @@
|
||||
@@ -1858,8 +1867,10 @@
|
||||
* to create a file, and we can't control the code in every
|
||||
* module which might be used).
|
||||
*/
|
||||
|
||||
Loading…
Reference in New Issue
Block a user