-
Notifications
You must be signed in to change notification settings - Fork 4
/
security-openssh.diff
112 lines (110 loc) · 3.39 KB
/
security-openssh.diff
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# HG changeset patch
# Parent 43de87d68352a0be0eab15c08ff55bac42b3ba97
diff -r 43de87d68352 security/openssh/Makefile
--- a/security/openssh/Makefile Sat Mar 14 00:05:54 2015 -0400
+++ b/security/openssh/Makefile Sat Mar 14 00:06:01 2015 -0400
@@ -199,4 +199,7 @@
${DESTDIR}${EGDIR}/sshd.pam
.endif
+# [Gregor] misdetection
+CONFIGURE_ARGS+=--without-stackprotect
+
.include "../../mk/bsd.pkg.mk"
diff -r 43de87d68352 security/openssh/distinfo
--- a/security/openssh/distinfo Sat Mar 14 00:05:54 2015 -0400
+++ b/security/openssh/distinfo Sat Mar 14 00:06:01 2015 -0400
@@ -30,3 +30,4 @@
SHA1 (patch-sshd.c) = 43b3e4383142303a5d1158f08baee4a27f2f7b13
SHA1 (patch-sshpty.c) = 9f08f899919d05567998087a060b90800c2c7b11
SHA1 (patch-uidswap.c) = 0b76322d47b9e14bb2828bc143645d38028bdafd
+SHA1 (patch-qq) = ae5da142fcea297d237d5bf32abbed332b3550aa
diff -r 43de87d68352 security/openssh/patches/patch-qq
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh/patches/patch-qq Sat Mar 14 00:06:01 2015 -0400
@@ -0,0 +1,86 @@
+diff -r 989278cadbd7 loginrec.c
+--- loginrec.c Sat Jul 14 01:30:04 2012 +0000
++++ loginrec.c Sat Jul 14 01:35:20 2012 +0000
+@@ -777,6 +777,7 @@
+ strncpy(utx->ut_host, li->hostname,
+ MIN_SIZEOF(utx->ut_host, li->hostname));
+ # endif
++#if 0
+ # ifdef HAVE_ADDR_IN_UTMPX
+ /* this is just a 32-bit IP address */
+ if (li->hostaddr.sa.sa_family == AF_INET)
+@@ -795,6 +796,7 @@
+ }
+ }
+ # endif
++#endif
+ # ifdef HAVE_SYSLEN_IN_UTMPX
+ /* ut_syslen is the length of the utx_host string */
+ utx->ut_syslen = MIN(strlen(li->hostname), sizeof(utx->ut_host));
+@@ -1703,8 +1705,10 @@
+ ipv64_normalise_mapped(&from, &fromlen);
+ if (from.ss_family == AF_INET) {
+ a4 = (struct sockaddr_in *)&from;
++#if 0
+ memcpy(&ut.ut_addr, &(a4->sin_addr),
+ MIN_SIZEOF(ut.ut_addr, a4->sin_addr));
++#endif
+ }
+ #ifdef HAVE_ADDR_V6_IN_UTMP
+ if (from.ss_family == AF_INET6) {
+diff -r 989278cadbd7 misc.c
+--- misc.c Sat Jul 14 01:30:04 2012 +0000
++++ misc.c Sat Jul 14 01:35:20 2012 +0000
+@@ -54,6 +54,8 @@
+ #include <net/if.h>
+ #endif
+
++#include <sys/time.h>
++
+ #include "xmalloc.h"
+ #include "misc.h"
+ #include "log.h"
+diff -r 989278cadbd7 sftp-server.c
+--- sftp-server.c Sat Jul 14 01:30:04 2012 +0000
++++ sftp-server.c Sat Jul 14 01:35:20 2012 +0000
+@@ -51,6 +51,10 @@
+ #include "sftp.h"
+ #include "sftp-common.h"
+
++#ifndef NFDBITS
++#define NFDBITS (8*sizeof(unsigned long))
++#endif
++
+ /* helper */
+ #define get_int64() buffer_get_int64(&iqueue);
+ #define get_int() buffer_get_int(&iqueue);
+diff -r 989278cadbd7 ssh-pkcs11-helper.c
+--- ssh-pkcs11-helper.c Sat Jul 14 01:30:04 2012 +0000
++++ ssh-pkcs11-helper.c Sat Jul 14 01:35:20 2012 +0000
+@@ -37,6 +37,11 @@
+ #include "authfd.h"
+ #include "ssh-pkcs11.h"
+
++#include <sys/param.h>
++#ifndef NFDBITS
++#define NFDBITS (8*sizeof(unsigned long))
++#endif
++
+ #ifdef ENABLE_PKCS11
+
+ /* borrows code from sftp-server and ssh-agent */
+diff -r 989278cadbd7 ssh.h
+--- ssh.h Sat Jul 14 01:30:04 2012 +0000
++++ ssh.h Sat Jul 14 01:35:20 2012 +0000
+@@ -11,6 +11,11 @@
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
++
++#include <sys/param.h>
++#ifndef NFDBITS
++#define NFDBITS (8*sizeof(unsigned long))
++#endif
+
+ /* Cipher used for encrypting authentication files. */
+ #define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES