Last active
December 21, 2015 06:38
-
-
Save hnw/6265015 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -r -c openssh-6.2p1-orig/auth.c openssh-6.2p1/auth.c | |
| *** openssh-6.2p1-orig/auth.c 2013-03-12 09:31:05.000000000 +0900 | |
| --- openssh-6.2p1/auth.c 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 721,727 **** | |
| --- 721,729 ---- | |
| fake.pw_name = "NOUSER"; | |
| fake.pw_passwd = | |
| "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; | |
| + #ifdef HAVE_STRUCT_PASSWD_PW_GECOS | |
| fake.pw_gecos = "NOUSER"; | |
| + #endif | |
| fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid; | |
| fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid; | |
| #ifdef HAVE_PW_CLASS_IN_PASSWD | |
| diff -r -c openssh-6.2p1-orig/configure.ac openssh-6.2p1/configure.ac | |
| *** openssh-6.2p1-orig/configure.ac 2013-03-20 10:55:15.000000000 +0900 | |
| --- openssh-6.2p1/configure.ac 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 381,386 **** | |
| --- 381,392 ---- | |
| #include <sys/param.h> | |
| ]) | |
| + # Android requires sys/socket.h to be included before sys/un.h | |
| + AC_CHECK_HEADERS([sys/un.h], [], [], [ | |
| + #include <sys/types.h> | |
| + #include <sys/socket.h> | |
| + ]) | |
| + | |
| # Messages for features tested for in target-specific section | |
| SIA_MSG="no" | |
| SPC_MSG="no" | |
| *************** | |
| *** 482,487 **** | |
| --- 488,497 ---- | |
| AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd]) | |
| AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)]) | |
| ;; | |
| + *-*-android*) | |
| + AC_DEFINE([DISABLE_UTMP], [1], [Define if you don't want to use utmp]) | |
| + AC_DEFINE([DISABLE_WTMP], [1], [Define if you don't want to use wtmp]) | |
| + ;; | |
| *-*-cygwin*) | |
| check_for_libcrypt_later=1 | |
| LIBS="$LIBS /usr/lib/textreadmode.o" | |
| *************** | |
| *** 975,982 **** | |
| AC_DEFINE([USE_PIPES]) | |
| AC_DEFINE([NO_X11_UNIX_SOCKETS]) | |
| AC_DEFINE([MISSING_NFDBITS], [1], [Define on *nto-qnx systems]) | |
| - AC_DEFINE([MISSING_HOWMANY], [1], [Define on *nto-qnx systems]) | |
| - AC_DEFINE([MISSING_FD_MASK], [1], [Define on *nto-qnx systems]) | |
| AC_DEFINE([DISABLE_LASTLOG]) | |
| AC_DEFINE([SSHD_ACQUIRES_CTTY]) | |
| AC_DEFINE([BROKEN_SHADOW_EXPIRE], [1], [QNX shadow support is broken]) | |
| --- 985,990 ---- | |
| *************** | |
| *** 997,1003 **** | |
| *-*-lynxos) | |
| CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" | |
| - AC_DEFINE([MISSING_HOWMANY]) | |
| AC_DEFINE([BROKEN_SETVBUF], [1], [LynxOS has broken setvbuf() implementation]) | |
| ;; | |
| esac | |
| --- 1005,1010 ---- | |
| *************** | |
| *** 1367,1407 **** | |
| ] | |
| ) | |
| - # Check whether user wants to use ldns | |
| - LDNS_MSG="no" | |
| - AC_ARG_WITH(ldns, | |
| - [ --with-ldns[[=PATH]] Use ldns for DNSSEC support (optionally in PATH)], | |
| - [ | |
| - if test "x$withval" != "xno" ; then | |
| - | |
| - if test "x$withval" != "xyes" ; then | |
| - CPPFLAGS="$CPPFLAGS -I${withval}/include" | |
| - LDFLAGS="$LDFLAGS -L${withval}/lib" | |
| - fi | |
| - | |
| - AC_DEFINE(HAVE_LDNS, 1, [Define if you want ldns support]) | |
| - LIBS="-lldns $LIBS" | |
| - LDNS_MSG="yes" | |
| - | |
| - AC_MSG_CHECKING([for ldns support]) | |
| - AC_LINK_IFELSE( | |
| - [AC_LANG_SOURCE([[ | |
| - #include <stdio.h> | |
| - #include <stdlib.h> | |
| - #include <stdint.h> | |
| - #include <ldns/ldns.h> | |
| - int main() { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); status=LDNS_STATUS_OK; exit(0); } | |
| - ]]) | |
| - ], | |
| - [AC_MSG_RESULT(yes)], | |
| - [ | |
| - AC_MSG_RESULT(no) | |
| - AC_MSG_ERROR([** Incomplete or missing ldns libraries.]) | |
| - ]) | |
| - fi | |
| - ] | |
| - ) | |
| - | |
| # Check whether user wants libedit support | |
| LIBEDIT_MSG="no" | |
| AC_ARG_WITH([libedit], | |
| --- 1374,1379 ---- | |
| *************** | |
| *** 1524,1529 **** | |
| --- 1496,1502 ---- | |
| clock \ | |
| closefrom \ | |
| dirfd \ | |
| + endgrent \ | |
| fchmod \ | |
| fchown \ | |
| freeaddrinfo \ | |
| *************** | |
| *** 1695,1700 **** | |
| --- 1668,1704 ---- | |
| #include <stddef.h> | |
| ]) | |
| + # extra bits for select(2) | |
| + AC_CHECK_DECLS([howmany], [], [], [[ | |
| + #include <sys/param.h> | |
| + #include <sys/types.h> | |
| + #ifdef HAVE_SYS_SYSMACROS_H | |
| + #include <sys/sysmacros.h> | |
| + #endif | |
| + #ifdef HAVE_SYS_SELECT_H | |
| + #include <sys/select.h> | |
| + #endif | |
| + #ifdef HAVE_SYS_TIME_H | |
| + #include <sys/time.h> | |
| + #endif | |
| + #ifdef HAVE_UNISTD_H | |
| + #include <unistd.h> | |
| + #endif | |
| + ]]) | |
| + AC_CHECK_TYPES([fd_mask], [], [], [[ | |
| + #include <sys/param.h> | |
| + #include <sys/types.h> | |
| + #ifdef HAVE_SYS_SELECT_H | |
| + #include <sys/select.h> | |
| + #endif | |
| + #ifdef HAVE_SYS_TIME_H | |
| + #include <sys/time.h> | |
| + #endif | |
| + #ifdef HAVE_UNISTD_H | |
| + #include <unistd.h> | |
| + #endif | |
| + ]]) | |
| + | |
| AC_CHECK_FUNCS([setresuid], [ | |
| dnl Some platorms have setresuid that isn't implemented, test for this | |
| AC_MSG_CHECKING([if setresuid seems to work]) | |
| *************** | |
| *** 2386,2391 **** | |
| --- 2390,2397 ---- | |
| [TEST_SSH_SHA256=no]) | |
| AC_SUBST([TEST_SSH_SHA256]) | |
| + AC_CHECK_FUNCS([crypt DES_crypt]) | |
| + | |
| # Check complete ECC support in OpenSSL | |
| AC_MSG_CHECKING([whether OpenSSL has complete ECC support]) | |
| AC_LINK_IFELSE( | |
| *************** | |
| *** 2579,2584 **** | |
| --- 2585,2625 ---- | |
| ] | |
| ) | |
| + # Check whether user wants to use ldns | |
| + LDNS_MSG="no" | |
| + AC_ARG_WITH(ldns, | |
| + [ --with-ldns[[=PATH]] Use ldns for DNSSEC support (optionally in PATH)], | |
| + [ | |
| + if test "x$withval" != "xno" ; then | |
| + | |
| + if test "x$withval" != "xyes" ; then | |
| + CPPFLAGS="$CPPFLAGS -I${withval}/include" | |
| + LDFLAGS="$LDFLAGS -L${withval}/lib" | |
| + fi | |
| + | |
| + AC_DEFINE(HAVE_LDNS, 1, [Define if you want ldns support]) | |
| + LIBS="-lldns $LIBS" | |
| + LDNS_MSG="yes" | |
| + | |
| + AC_MSG_CHECKING([for ldns support]) | |
| + AC_LINK_IFELSE( | |
| + [AC_LANG_SOURCE([[ | |
| + #include <stdio.h> | |
| + #include <stdlib.h> | |
| + #include <stdint.h> | |
| + #include <ldns/ldns.h> | |
| + int main() { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); status=LDNS_STATUS_OK; exit(0); } | |
| + ]]) | |
| + ], | |
| + [AC_MSG_RESULT(yes)], | |
| + [ | |
| + AC_MSG_RESULT(no) | |
| + AC_MSG_ERROR([** Incomplete or missing ldns libraries.]) | |
| + ]) | |
| + fi | |
| + ] | |
| + ) | |
| + | |
| # Check for older PAM | |
| if test "x$PAM_MSG" = "xyes" ; then | |
| # Check PAM strerror arguments (old PAM) | |
| *************** | |
| *** 3301,3306 **** | |
| --- 3342,3353 ---- | |
| OSSH_CHECK_HEADER_FOR_FIELD([ut_tv], [utmpx.h], [HAVE_TV_IN_UTMPX]) | |
| AC_CHECK_MEMBERS([struct stat.st_blksize]) | |
| + AC_CHECK_MEMBERS([struct passwd.pw_gecos], | |
| + [], [], [[ | |
| + #include <sys/types.h> | |
| + #include <pwd.h> | |
| + ]]) | |
| + | |
| AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE([__res_state], [state], | |
| [Define if we don't have struct __res_state in resolv.h])], | |
| [ | |
| diff -r -c openssh-6.2p1-orig/defines.h openssh-6.2p1/defines.h | |
| *** openssh-6.2p1-orig/defines.h 2013-03-07 18:06:13.000000000 +0900 | |
| --- openssh-6.2p1/defines.h 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 355,365 **** | |
| }; | |
| #endif | |
| ! /* *-*-nto-qnx does not define this type in the system headers */ | |
| ! #ifdef MISSING_FD_MASK | |
| typedef unsigned long int fd_mask; | |
| #endif | |
| /* Paths */ | |
| #ifndef _PATH_BSHELL | |
| --- 355,369 ---- | |
| }; | |
| #endif | |
| ! /* bits needed for select that may not be in the system headers */ | |
| ! #ifndef HAVE_FD_MASK | |
| typedef unsigned long int fd_mask; | |
| #endif | |
| + #if defined(HAVE_DECL_HOWMANY) && HAVE_DECL_HOWMANY == 0 | |
| + # define howmany(x,y) (((x)+((y)-1))/(y)) | |
| + #endif | |
| + | |
| /* Paths */ | |
| #ifndef _PATH_BSHELL | |
| *************** | |
| *** 484,494 **** | |
| # define __nonnull__(x) | |
| #endif | |
| - /* *-*-nto-qnx doesn't define this macro in the system headers */ | |
| - #ifdef MISSING_HOWMANY | |
| - # define howmany(x,y) (((x)+((y)-1))/(y)) | |
| - #endif | |
| - | |
| #ifndef OSSH_ALIGNBYTES | |
| #define OSSH_ALIGNBYTES (sizeof(int) - 1) | |
| #endif | |
| --- 488,493 ---- | |
| diff -r -c openssh-6.2p1-orig/misc.c openssh-6.2p1/misc.c | |
| *** openssh-6.2p1-orig/misc.c 2011-09-22 20:34:36.000000000 +0900 | |
| --- openssh-6.2p1/misc.c 2013-08-19 11:25:39.000000000 +0900 | |
| *************** | |
| *** 205,212 **** | |
| struct passwd *copy = xcalloc(1, sizeof(*copy)); | |
| copy->pw_name = xstrdup(pw->pw_name); | |
| ! copy->pw_passwd = xstrdup(pw->pw_passwd); | |
| copy->pw_gecos = xstrdup(pw->pw_gecos); | |
| copy->pw_uid = pw->pw_uid; | |
| copy->pw_gid = pw->pw_gid; | |
| #ifdef HAVE_PW_EXPIRE_IN_PASSWD | |
| --- 205,218 ---- | |
| struct passwd *copy = xcalloc(1, sizeof(*copy)); | |
| copy->pw_name = xstrdup(pw->pw_name); | |
| ! if (pw->pw_passwd) { | |
| ! copy->pw_passwd = xstrdup(pw->pw_passwd); | |
| ! } else { | |
| ! copy->pw_passwd = NULL; | |
| ! } | |
| ! #ifdef HAVE_STRUCT_PASSWD_PW_GECOS | |
| copy->pw_gecos = xstrdup(pw->pw_gecos); | |
| + #endif | |
| copy->pw_uid = pw->pw_uid; | |
| copy->pw_gid = pw->pw_gid; | |
| #ifdef HAVE_PW_EXPIRE_IN_PASSWD | |
| diff -r -c openssh-6.2p1-orig/monitor.c openssh-6.2p1/monitor.c | |
| *** openssh-6.2p1-orig/monitor.c 2012-12-12 08:44:39.000000000 +0900 | |
| --- openssh-6.2p1/monitor.c 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 778,784 **** | |
| --- 778,786 ---- | |
| buffer_put_string(m, pwent, sizeof(struct passwd)); | |
| buffer_put_cstring(m, pwent->pw_name); | |
| buffer_put_cstring(m, "*"); | |
| + #ifdef HAVE_STRUCT_PASSWD_PW_GECOS | |
| buffer_put_cstring(m, pwent->pw_gecos); | |
| + #endif | |
| #ifdef HAVE_PW_CLASS_IN_PASSWD | |
| buffer_put_cstring(m, pwent->pw_class); | |
| #endif | |
| diff -r -c openssh-6.2p1-orig/monitor_wrap.c openssh-6.2p1/monitor_wrap.c | |
| *** openssh-6.2p1-orig/monitor_wrap.c 2013-01-09 14:12:19.000000000 +0900 | |
| --- openssh-6.2p1/monitor_wrap.c 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 259,265 **** | |
| --- 259,267 ---- | |
| fatal("%s: struct passwd size mismatch", __func__); | |
| pw->pw_name = buffer_get_string(&m, NULL); | |
| pw->pw_passwd = buffer_get_string(&m, NULL); | |
| + #ifdef HAVE_STRUCT_PASSWD_PW_GECOS | |
| pw->pw_gecos = buffer_get_string(&m, NULL); | |
| + #endif | |
| #ifdef HAVE_PW_CLASS_IN_PASSWD | |
| pw->pw_class = buffer_get_string(&m, NULL); | |
| #endif | |
| diff -r -c openssh-6.2p1-orig/openbsd-compat/bsd-misc.h openssh-6.2p1/openbsd-compat/bsd-misc.h | |
| *** openssh-6.2p1-orig/openbsd-compat/bsd-misc.h 2013-03-15 08:34:27.000000000 +0900 | |
| --- openssh-6.2p1/openbsd-compat/bsd-misc.h 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 110,113 **** | |
| --- 110,117 ---- | |
| pid_t getpgid(pid_t); | |
| #endif | |
| + #ifndef HAVE_ENDGRENT | |
| + # define endgrent() {} | |
| + #endif | |
| + | |
| #endif /* _BSD_MISC_H */ | |
| diff -r -c openssh-6.2p1-orig/openbsd-compat/xcrypt.c openssh-6.2p1/openbsd-compat/xcrypt.c | |
| *** openssh-6.2p1-orig/openbsd-compat/xcrypt.c 2009-01-08 03:04:12.000000000 +0900 | |
| --- openssh-6.2p1/openbsd-compat/xcrypt.c 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 57,62 **** | |
| --- 57,67 ---- | |
| # include "md5crypt.h" | |
| # endif | |
| + # if !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT) | |
| + # include <openssl/des.h> | |
| + # define crypt DES_crypt | |
| + # endif | |
| + | |
| char * | |
| xcrypt(const char *password, const char *salt) | |
| { | |
| diff -r -c openssh-6.2p1-orig/scp.c openssh-6.2p1/scp.c | |
| *** openssh-6.2p1-orig/scp.c 2013-03-20 10:55:15.000000000 +0900 | |
| --- openssh-6.2p1/scp.c 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 1068,1074 **** | |
| continue; | |
| } | |
| omode = mode; | |
| ! mode |= S_IWRITE; | |
| if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { | |
| bad: run_err("%s: %s", np, strerror(errno)); | |
| continue; | |
| --- 1068,1074 ---- | |
| continue; | |
| } | |
| omode = mode; | |
| ! mode |= S_IWUSR; | |
| if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { | |
| bad: run_err("%s: %s", np, strerror(errno)); | |
| continue; | |
| diff -r -c openssh-6.2p1-orig/sftp-client.c openssh-6.2p1/sftp-client.c | |
| *** openssh-6.2p1-orig/sftp-client.c 2012-07-02 21:15:39.000000000 +0900 | |
| --- openssh-6.2p1/sftp-client.c 2013-08-19 10:37:15.000000000 +0900 | |
| *************** | |
| *** 1051,1057 **** | |
| } | |
| local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, | |
| ! mode | S_IWRITE); | |
| if (local_fd == -1) { | |
| error("Couldn't open local file \"%s\" for writing: %s", | |
| local_path, strerror(errno)); | |
| --- 1051,1057 ---- | |
| } | |
| local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, | |
| ! mode | S_IWUSR); | |
| if (local_fd == -1) { | |
| error("Couldn't open local file \"%s\" for writing: %s", | |
| local_path, strerror(errno)); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment