diff options
Diffstat (limited to 'standalone')
-rw-r--r-- | standalone/android/Makefile | 3 | ||||
-rw-r--r-- | standalone/android/openssh.config.h | 4 | ||||
-rw-r--r-- | standalone/android/openssh.patch | 109 |
3 files changed, 67 insertions, 49 deletions
diff --git a/standalone/android/Makefile b/standalone/android/Makefile index af825d5aa..261259bf4 100644 --- a/standalone/android/Makefile +++ b/standalone/android/Makefile @@ -30,7 +30,8 @@ $(GIT_ANNEX_ANDROID_SOURCETREE)/openssl/build-stamp: $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh/build-stamp: openssh.patch openssh.config.h # This is a known-good version that the patch works with. - cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && git reset --hard b82300f4fa6917298a137817afbbd674a066e5da + # TODO: Upgrade + cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && git reset --hard 0a8617ed5af2f0248d0e9648e26b224e16ada742 cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && ./configure --host=arm-linux-androideabi --with-ssl-dir=../openssl --without-openssl-header-check cat openssh.patch | (cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && patch -p1) cp openssh.config.h $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh/config.h diff --git a/standalone/android/openssh.config.h b/standalone/android/openssh.config.h index 3464947e6..31e78e0b8 100644 --- a/standalone/android/openssh.config.h +++ b/standalone/android/openssh.config.h @@ -1,6 +1,4 @@ #define DISABLE_SHADOW 1 -#define HAVE_MBLEN 1 -#define HAVE_USLEEP 1 #define DISABLE_UTMP 1 #define DISABLE_UTMPX 1 #define DISABLE_WTMP 1 @@ -219,7 +217,7 @@ #define LOCKED_PASSWD_PREFIX "!" #define LOGIN_PROGRAM_FALLBACK "/bin/login" #define MISSING_FD_MASK 1 -#define HAVE_DECL_HOWMANY 0 +#define MISSING_HOWMANY 1 #define OPENSSL_HAS_ECC 1 #define OPENSSL_PRNG_ONLY 1 #define PACKAGE_BUGREPORT "openssh-unix-dev@mindrot.org" diff --git a/standalone/android/openssh.patch b/standalone/android/openssh.patch index 7eb7211f9..996143d0e 100644 --- a/standalone/android/openssh.patch +++ b/standalone/android/openssh.patch @@ -1,8 +1,8 @@ diff --git a/auth.c b/auth.c -index 84fca58..63c3c3e 100644 +index 6623e0f..dd10253 100644 --- a/auth.c +++ b/auth.c -@@ -364,7 +364,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) +@@ -337,7 +337,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) char *file, ret[MAXPATHLEN]; int i; @@ -11,7 +11,7 @@ index 84fca58..63c3c3e 100644 "u", pw->pw_name, (char *)NULL); /* -@@ -374,7 +374,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) +@@ -347,7 +347,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) if (*file == '/') return (file); @@ -19,18 +19,18 @@ index 84fca58..63c3c3e 100644 + i = snprintf(ret, sizeof(ret), "%s/%s", _PATH_ROOT_HOME_PREFIX, file); if (i < 0 || (size_t)i >= sizeof(ret)) fatal("expand_authorized_keys: path too long"); - free(file); -@@ -463,7 +463,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, + xfree(file); +@@ -436,7 +436,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, strerror(errno)); return -1; } -- if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL) -+ if (_PATH_ROOT_HOME_PREFIX != NULL && realpath(_PATH_ROOT_HOME_PREFIX, homedir) != NULL) +- if (realpath(pw->pw_dir, homedir) != NULL) ++ if (realpath(_PATH_ROOT_HOME_PREFIX, homedir) != NULL) comparehome = 1; - if (!S_ISREG(stp->st_mode)) { + /* check the open file to avoid races */ diff --git a/authfile.c b/authfile.c -index 63ae16b..7b7841a 100644 +index 7dd4496..00462e9 100644 --- a/authfile.c +++ b/authfile.c @@ -613,6 +613,7 @@ int @@ -42,7 +42,7 @@ index 63ae16b..7b7841a 100644 if (fstat(fd, &st) < 0) return 0; diff --git a/misc.c b/misc.c -index 3b9792f..516e7ae 100644 +index 0bf2db6..4327d03 100644 --- a/misc.c +++ b/misc.c @@ -25,6 +25,7 @@ @@ -53,20 +53,39 @@ index 3b9792f..516e7ae 100644 #include <sys/types.h> #include <sys/ioctl.h> -@@ -539,8 +540,9 @@ tilde_expand_filename(const char *filename, uid_t uid) +@@ -538,12 +539,13 @@ tilde_expand_filename(const char *filename, uid_t uid) + } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */ fatal("tilde_expand_filename: No such uid %ld", (long)uid); +- if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret)) ++ char *pw_dir=_PATH_ROOT_HOME_PREFIX; ++ if (strlcpy(ret, pw_dir, sizeof(ret)) >= sizeof(ret)) + fatal("tilde_expand_filename: Path too long"); + /* Make sure directory has a trailing '/' */ - len = strlen(pw->pw_dir); -- if (len == 0 || pw->pw_dir[len - 1] != '/') -+ char *pw_dir=_PATH_ROOT_HOME_PREFIX; +- if ((len == 0 || pw->pw_dir[len - 1] != '/') && + len = strlen(pw_dir); -+ if (len == 0 || pw_dir[len - 1] != '/') - sep = "/"; - else - sep = ""; ++ if ((len == 0 || pw_dir[len - 1] != '/') && + strlcat(ret, "/", sizeof(ret)) >= sizeof(ret)) + fatal("tilde_expand_filename: Path too long"); + +diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c +index d2bea21..5b5d599 100644 +--- a/openbsd-compat/getrrsetbyname.c ++++ b/openbsd-compat/getrrsetbyname.c +@@ -56,8 +56,7 @@ + #include <arpa/inet.h> + + #include "getrrsetbyname.h" +-#include "nameser.h" +-#include "nameser_compat.h" ++#include "arpa/nameser.h" + + #if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO + extern int h_errno; diff --git a/pathnames.h b/pathnames.h -index 3b7584c..1103266 100644 +index b7b9d91..3c10b11 100644 --- a/pathnames.h +++ b/pathnames.h @@ -67,7 +67,7 @@ @@ -79,23 +98,23 @@ index 3b7584c..1103266 100644 /* diff --git a/readconf.c b/readconf.c -index e22c952..87c1c8a 100644 +index 097bb05..dcbc008 100644 --- a/readconf.c +++ b/readconf.c -@@ -1113,7 +1113,7 @@ read_config_file(const char *filename, const char *host, Options *options, +@@ -1085,7 +1085,7 @@ read_config_file(const char *filename, const char *host, Options *options, if ((f = fopen(filename, "r")) == NULL) return 0; -- if (flags & SSHCONF_CHECKPERM) { -+ if (0) { +- if (checkperm) { ++ if (checkperm && 0) { struct stat sb; if (fstat(fileno(f), &sb) == -1) diff --git a/ssh-add.c b/ssh-add.c -index 5e8166f..f0edc30 100644 +index 738644d..f6fce4a 100644 --- a/ssh-add.c +++ b/ssh-add.c -@@ -496,7 +496,7 @@ main(int argc, char **argv) +@@ -471,7 +471,7 @@ main(int argc, char **argv) } for (i = 0; default_files[i]; i++) { @@ -105,32 +124,32 @@ index 5e8166f..f0edc30 100644 if (stat(buf, &st) < 0) continue; diff --git a/ssh-keygen.c b/ssh-keygen.c -index 40ba5e3..82c2ebf 100644 +index 4baf7df..ef8bb25 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c -@@ -228,7 +228,7 @@ ask_filename(struct passwd *pw, const char *prompt) +@@ -224,7 +224,7 @@ ask_filename(struct passwd *pw, const char *prompt) } } snprintf(identity_file, sizeof(identity_file), "%s/%s", -- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, name); -+ _PATH_ROOT_HOME_PREFIX, name); +- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, name); ++ _PATH_ROOT_HOME_PREFIX, name); fprintf(stderr, "%s (%s): ", prompt, identity_file); if (fgets(buf, sizeof(buf), stdin) == NULL) exit(1); -@@ -2561,7 +2561,7 @@ main(int argc, char **argv) +@@ -2268,7 +2268,7 @@ main(int argc, char **argv) /* Create ~/.ssh directory if it doesn't already exist. */ snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", -- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, -+ _PATH_ROOT_HOME_PREFIX, - _PATH_SSH_USER_DIR); +- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, ++ _PATH_ROOT_HOME_PREFIX, + _PATH_SSH_USER_DIR); if (strstr(identity_file, dotsshdir) != NULL) { if (stat(dotsshdir, &st) < 0) { diff --git a/ssh.c b/ssh.c -index 1e2cdd5..cc48c2d 100644 +index 898e966..ef6c858 100644 --- a/ssh.c +++ b/ssh.c -@@ -707,7 +707,7 @@ main(int ac, char **av) +@@ -703,7 +703,7 @@ main(int ac, char **av) fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -138,8 +157,8 @@ index 1e2cdd5..cc48c2d 100644 + r = snprintf(buf, sizeof buf, "%s/%s", _PATH_ROOT_HOME_PREFIX, _PATH_SSH_USER_CONFFILE); if (r > 0 && (size_t)r < sizeof(buf)) - (void)read_config_file(buf, host, &options, -@@ -773,7 +773,7 @@ main(int ac, char **av) + (void)read_config_file(buf, host, &options, 1); +@@ -748,7 +748,7 @@ main(int ac, char **av) if (options.local_command != NULL) { debug3("expanding LocalCommand: %s", options.local_command); cp = options.local_command; @@ -148,16 +167,16 @@ index 1e2cdd5..cc48c2d 100644 "h", host, "l", thishost, "n", host_arg, "r", options.user, "p", portstr, "u", pw->pw_name, "L", shorthost, (char *)NULL); -@@ -913,7 +913,7 @@ main(int ac, char **av) +@@ -888,7 +888,7 @@ main(int ac, char **av) */ if (config == NULL) { r = snprintf(buf, sizeof buf, "%s/%s", -- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, -+ _PATH_ROOT_HOME_PREFIX, - _PATH_SSH_USER_DIR); +- strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, ++ _PATH_ROOT_HOME_PREFIX, + _PATH_SSH_USER_DIR); if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { #ifdef WITH_SELINUX -@@ -1565,7 +1565,7 @@ load_public_identity_files(void) +@@ -1532,7 +1532,7 @@ load_public_identity_files(void) if ((pw = getpwuid(original_real_uid)) == NULL) fatal("load_public_identity_files: getpwuid failed"); pwname = xstrdup(pw->pw_name); @@ -167,7 +186,7 @@ index 1e2cdd5..cc48c2d 100644 fatal("load_public_identity_files: gethostname: %s", strerror(errno)); diff --git a/uidswap.c b/uidswap.c -index 50d20d6..d226cc9 100644 +index bc6194e..5cbf5d1 100644 --- a/uidswap.c +++ b/uidswap.c @@ -28,7 +28,6 @@ @@ -175,10 +194,10 @@ index 50d20d6..d226cc9 100644 #ifdef ANDROID -#include <private/android_filesystem_config.h> - #include <sys/capability.h> + #include <linux/capability.h> #include <linux/prctl.h> #endif -@@ -216,7 +215,7 @@ permanently_set_uid(struct passwd *pw) +@@ -230,7 +229,7 @@ permanently_set_uid(struct passwd *pw) debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, (u_int)pw->pw_gid); @@ -187,7 +206,7 @@ index 50d20d6..d226cc9 100644 if (pw->pw_uid == AID_SHELL) { prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); -@@ -281,7 +280,7 @@ permanently_set_uid(struct passwd *pw) +@@ -317,7 +316,7 @@ permanently_set_uid(struct passwd *pw) (u_int)pw->pw_uid); } |