summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog2
-rw-r--r--doc/bugs/android_ed25519_algorithm/comment_1_64bc9b8b7de6084a837f8b17269447b7._comment12
-rw-r--r--standalone/android/Makefile3
-rw-r--r--standalone/android/openssh.config.h4
-rw-r--r--standalone/android/openssh.patch109
5 files changed, 67 insertions, 63 deletions
diff --git a/debian/changelog b/debian/changelog
index 389160121..fc7fcd46c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -27,7 +27,6 @@ git-annex (5.20150421) UNRELEASED; urgency=medium
symlinks when downloading from ftp.
* Support checking ftp urls for file presence.
* Fix bogus failure of fsck --fast.
- * contentlocation, examinekey, lookupkey: Added --batch mode option.
* fsck: Ignore error recording the fsck in the activity log,
which can happen when running fsck in a read-only repository.
Closes: #698559
@@ -41,7 +40,6 @@ git-annex (5.20150421) UNRELEASED; urgency=medium
to build the webapp on arm, and enable DAV support on arm. \o/
* Adjust some other arch specific build dependencies that are now
available on more architectures in Devian unstable.
- * Android: Updated bundled ssh from 6.1p1 to 6.4p1.
* Windows: Remove cygwin ssh, the newer version of which has stopped
honoring the setting of HOME. Instead, copy msysgit's ssh into PATH.
* Windows: Roll back to an older version of rsync from cygwin.
diff --git a/doc/bugs/android_ed25519_algorithm/comment_1_64bc9b8b7de6084a837f8b17269447b7._comment b/doc/bugs/android_ed25519_algorithm/comment_1_64bc9b8b7de6084a837f8b17269447b7._comment
deleted file mode 100644
index 083a05ce5..000000000
--- a/doc/bugs/android_ed25519_algorithm/comment_1_64bc9b8b7de6084a837f8b17269447b7._comment
+++ /dev/null
@@ -1,12 +0,0 @@
-[[!comment format=mdwn
- username="joey"
- subject="""comment 1"""
- date="2015-05-01T19:24:18Z"
- content="""
-git-annex for android bundles ssh from
-git://github.com/CyanogenMod/android_external_openssh.git
-
-That has not yet been updated to a new enough ssh version to have this
-feature. Will have to wait for it to be updated, or if I learn of a newer
-port of ssh to android someplace I could change to it.
-"""]]
diff --git a/standalone/android/Makefile b/standalone/android/Makefile
index af825d5aa..261259bf4 100644
--- a/standalone/android/Makefile
+++ b/standalone/android/Makefile
@@ -30,7 +30,8 @@ $(GIT_ANNEX_ANDROID_SOURCETREE)/openssl/build-stamp:
$(GIT_ANNEX_ANDROID_SOURCETREE)/openssh/build-stamp: openssh.patch openssh.config.h
# This is a known-good version that the patch works with.
- cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && git reset --hard b82300f4fa6917298a137817afbbd674a066e5da
+ # TODO: Upgrade
+ cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && git reset --hard 0a8617ed5af2f0248d0e9648e26b224e16ada742
cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && ./configure --host=arm-linux-androideabi --with-ssl-dir=../openssl --without-openssl-header-check
cat openssh.patch | (cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && patch -p1)
cp openssh.config.h $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh/config.h
diff --git a/standalone/android/openssh.config.h b/standalone/android/openssh.config.h
index 3464947e6..31e78e0b8 100644
--- a/standalone/android/openssh.config.h
+++ b/standalone/android/openssh.config.h
@@ -1,6 +1,4 @@
#define DISABLE_SHADOW 1
-#define HAVE_MBLEN 1
-#define HAVE_USLEEP 1
#define DISABLE_UTMP 1
#define DISABLE_UTMPX 1
#define DISABLE_WTMP 1
@@ -219,7 +217,7 @@
#define LOCKED_PASSWD_PREFIX "!"
#define LOGIN_PROGRAM_FALLBACK "/bin/login"
#define MISSING_FD_MASK 1
-#define HAVE_DECL_HOWMANY 0
+#define MISSING_HOWMANY 1
#define OPENSSL_HAS_ECC 1
#define OPENSSL_PRNG_ONLY 1
#define PACKAGE_BUGREPORT "openssh-unix-dev@mindrot.org"
diff --git a/standalone/android/openssh.patch b/standalone/android/openssh.patch
index 7eb7211f9..996143d0e 100644
--- a/standalone/android/openssh.patch
+++ b/standalone/android/openssh.patch
@@ -1,8 +1,8 @@
diff --git a/auth.c b/auth.c
-index 84fca58..63c3c3e 100644
+index 6623e0f..dd10253 100644
--- a/auth.c
+++ b/auth.c
-@@ -364,7 +364,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
+@@ -337,7 +337,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
char *file, ret[MAXPATHLEN];
int i;
@@ -11,7 +11,7 @@ index 84fca58..63c3c3e 100644
"u", pw->pw_name, (char *)NULL);
/*
-@@ -374,7 +374,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
+@@ -347,7 +347,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
if (*file == '/')
return (file);
@@ -19,18 +19,18 @@ index 84fca58..63c3c3e 100644
+ i = snprintf(ret, sizeof(ret), "%s/%s", _PATH_ROOT_HOME_PREFIX, file);
if (i < 0 || (size_t)i >= sizeof(ret))
fatal("expand_authorized_keys: path too long");
- free(file);
-@@ -463,7 +463,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+ xfree(file);
+@@ -436,7 +436,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
strerror(errno));
return -1;
}
-- if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL)
-+ if (_PATH_ROOT_HOME_PREFIX != NULL && realpath(_PATH_ROOT_HOME_PREFIX, homedir) != NULL)
+- if (realpath(pw->pw_dir, homedir) != NULL)
++ if (realpath(_PATH_ROOT_HOME_PREFIX, homedir) != NULL)
comparehome = 1;
- if (!S_ISREG(stp->st_mode)) {
+ /* check the open file to avoid races */
diff --git a/authfile.c b/authfile.c
-index 63ae16b..7b7841a 100644
+index 7dd4496..00462e9 100644
--- a/authfile.c
+++ b/authfile.c
@@ -613,6 +613,7 @@ int
@@ -42,7 +42,7 @@ index 63ae16b..7b7841a 100644
if (fstat(fd, &st) < 0)
return 0;
diff --git a/misc.c b/misc.c
-index 3b9792f..516e7ae 100644
+index 0bf2db6..4327d03 100644
--- a/misc.c
+++ b/misc.c
@@ -25,6 +25,7 @@
@@ -53,20 +53,39 @@ index 3b9792f..516e7ae 100644
#include <sys/types.h>
#include <sys/ioctl.h>
-@@ -539,8 +540,9 @@ tilde_expand_filename(const char *filename, uid_t uid)
+@@ -538,12 +539,13 @@ tilde_expand_filename(const char *filename, uid_t uid)
+ } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */
fatal("tilde_expand_filename: No such uid %ld", (long)uid);
+- if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
++ char *pw_dir=_PATH_ROOT_HOME_PREFIX;
++ if (strlcpy(ret, pw_dir, sizeof(ret)) >= sizeof(ret))
+ fatal("tilde_expand_filename: Path too long");
+
/* Make sure directory has a trailing '/' */
- len = strlen(pw->pw_dir);
-- if (len == 0 || pw->pw_dir[len - 1] != '/')
-+ char *pw_dir=_PATH_ROOT_HOME_PREFIX;
+- if ((len == 0 || pw->pw_dir[len - 1] != '/') &&
+ len = strlen(pw_dir);
-+ if (len == 0 || pw_dir[len - 1] != '/')
- sep = "/";
- else
- sep = "";
++ if ((len == 0 || pw_dir[len - 1] != '/') &&
+ strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
+ fatal("tilde_expand_filename: Path too long");
+
+diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
+index d2bea21..5b5d599 100644
+--- a/openbsd-compat/getrrsetbyname.c
++++ b/openbsd-compat/getrrsetbyname.c
+@@ -56,8 +56,7 @@
+ #include <arpa/inet.h>
+
+ #include "getrrsetbyname.h"
+-#include "nameser.h"
+-#include "nameser_compat.h"
++#include "arpa/nameser.h"
+
+ #if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO
+ extern int h_errno;
diff --git a/pathnames.h b/pathnames.h
-index 3b7584c..1103266 100644
+index b7b9d91..3c10b11 100644
--- a/pathnames.h
+++ b/pathnames.h
@@ -67,7 +67,7 @@
@@ -79,23 +98,23 @@ index 3b7584c..1103266 100644
/*
diff --git a/readconf.c b/readconf.c
-index e22c952..87c1c8a 100644
+index 097bb05..dcbc008 100644
--- a/readconf.c
+++ b/readconf.c
-@@ -1113,7 +1113,7 @@ read_config_file(const char *filename, const char *host, Options *options,
+@@ -1085,7 +1085,7 @@ read_config_file(const char *filename, const char *host, Options *options,
if ((f = fopen(filename, "r")) == NULL)
return 0;
-- if (flags & SSHCONF_CHECKPERM) {
-+ if (0) {
+- if (checkperm) {
++ if (checkperm && 0) {
struct stat sb;
if (fstat(fileno(f), &sb) == -1)
diff --git a/ssh-add.c b/ssh-add.c
-index 5e8166f..f0edc30 100644
+index 738644d..f6fce4a 100644
--- a/ssh-add.c
+++ b/ssh-add.c
-@@ -496,7 +496,7 @@ main(int argc, char **argv)
+@@ -471,7 +471,7 @@ main(int argc, char **argv)
}
for (i = 0; default_files[i]; i++) {
@@ -105,32 +124,32 @@ index 5e8166f..f0edc30 100644
if (stat(buf, &st) < 0)
continue;
diff --git a/ssh-keygen.c b/ssh-keygen.c
-index 40ba5e3..82c2ebf 100644
+index 4baf7df..ef8bb25 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
-@@ -228,7 +228,7 @@ ask_filename(struct passwd *pw, const char *prompt)
+@@ -224,7 +224,7 @@ ask_filename(struct passwd *pw, const char *prompt)
}
}
snprintf(identity_file, sizeof(identity_file), "%s/%s",
-- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, name);
-+ _PATH_ROOT_HOME_PREFIX, name);
+- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, name);
++ _PATH_ROOT_HOME_PREFIX, name);
fprintf(stderr, "%s (%s): ", prompt, identity_file);
if (fgets(buf, sizeof(buf), stdin) == NULL)
exit(1);
-@@ -2561,7 +2561,7 @@ main(int argc, char **argv)
+@@ -2268,7 +2268,7 @@ main(int argc, char **argv)
/* Create ~/.ssh directory if it doesn't already exist. */
snprintf(dotsshdir, sizeof dotsshdir, "%s/%s",
-- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
-+ _PATH_ROOT_HOME_PREFIX,
- _PATH_SSH_USER_DIR);
+- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
++ _PATH_ROOT_HOME_PREFIX,
+ _PATH_SSH_USER_DIR);
if (strstr(identity_file, dotsshdir) != NULL) {
if (stat(dotsshdir, &st) < 0) {
diff --git a/ssh.c b/ssh.c
-index 1e2cdd5..cc48c2d 100644
+index 898e966..ef6c858 100644
--- a/ssh.c
+++ b/ssh.c
-@@ -707,7 +707,7 @@ main(int ac, char **av)
+@@ -703,7 +703,7 @@ main(int ac, char **av)
fatal("Can't open user config file %.100s: "
"%.100s", config, strerror(errno));
} else {
@@ -138,8 +157,8 @@ index 1e2cdd5..cc48c2d 100644
+ r = snprintf(buf, sizeof buf, "%s/%s", _PATH_ROOT_HOME_PREFIX,
_PATH_SSH_USER_CONFFILE);
if (r > 0 && (size_t)r < sizeof(buf))
- (void)read_config_file(buf, host, &options,
-@@ -773,7 +773,7 @@ main(int ac, char **av)
+ (void)read_config_file(buf, host, &options, 1);
+@@ -748,7 +748,7 @@ main(int ac, char **av)
if (options.local_command != NULL) {
debug3("expanding LocalCommand: %s", options.local_command);
cp = options.local_command;
@@ -148,16 +167,16 @@ index 1e2cdd5..cc48c2d 100644
"h", host, "l", thishost, "n", host_arg, "r", options.user,
"p", portstr, "u", pw->pw_name, "L", shorthost,
(char *)NULL);
-@@ -913,7 +913,7 @@ main(int ac, char **av)
+@@ -888,7 +888,7 @@ main(int ac, char **av)
*/
if (config == NULL) {
r = snprintf(buf, sizeof buf, "%s/%s",
-- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
-+ _PATH_ROOT_HOME_PREFIX,
- _PATH_SSH_USER_DIR);
+- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
++ _PATH_ROOT_HOME_PREFIX,
+ _PATH_SSH_USER_DIR);
if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
#ifdef WITH_SELINUX
-@@ -1565,7 +1565,7 @@ load_public_identity_files(void)
+@@ -1532,7 +1532,7 @@ load_public_identity_files(void)
if ((pw = getpwuid(original_real_uid)) == NULL)
fatal("load_public_identity_files: getpwuid failed");
pwname = xstrdup(pw->pw_name);
@@ -167,7 +186,7 @@ index 1e2cdd5..cc48c2d 100644
fatal("load_public_identity_files: gethostname: %s",
strerror(errno));
diff --git a/uidswap.c b/uidswap.c
-index 50d20d6..d226cc9 100644
+index bc6194e..5cbf5d1 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -28,7 +28,6 @@
@@ -175,10 +194,10 @@ index 50d20d6..d226cc9 100644
#ifdef ANDROID
-#include <private/android_filesystem_config.h>
- #include <sys/capability.h>
+ #include <linux/capability.h>
#include <linux/prctl.h>
#endif
-@@ -216,7 +215,7 @@ permanently_set_uid(struct passwd *pw)
+@@ -230,7 +229,7 @@ permanently_set_uid(struct passwd *pw)
debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
(u_int)pw->pw_gid);
@@ -187,7 +206,7 @@ index 50d20d6..d226cc9 100644
if (pw->pw_uid == AID_SHELL) {
prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
-@@ -281,7 +280,7 @@ permanently_set_uid(struct passwd *pw)
+@@ -317,7 +316,7 @@ permanently_set_uid(struct passwd *pw)
(u_int)pw->pw_uid);
}