Ports: Update openssh to 9.0

This commit is contained in:
Patrick Meyer 2022-04-30 10:58:10 +00:00 committed by Brian Gianforcaro
parent 6020364476
commit 7b76bc2b49
8 changed files with 129 additions and 127 deletions

View file

@ -153,7 +153,7 @@ Please make sure to keep this list up to date when adding and updating ports. :^
| [`npth`](npth/) | New GNU Portable Threads Library | 1.6 | https://gnupg.org/software/npth/index.html | | [`npth`](npth/) | New GNU Portable Threads Library | 1.6 | https://gnupg.org/software/npth/index.html |
| [`ntbtls`](ntbtls/) | The Not Too Bad TLS Library | 0.2.0 | https://gnupg.org/software/ntbtls/index.html | | [`ntbtls`](ntbtls/) | The Not Too Bad TLS Library | 0.2.0 | https://gnupg.org/software/ntbtls/index.html |
| [`nyancat`](nyancat/) | Nyancat | | https://github.com/klange/nyancat | | [`nyancat`](nyancat/) | Nyancat | | https://github.com/klange/nyancat |
| [`openssh`](openssh/) | OpenSSH | 8.3-9ca7e9c | https://github.com/openssh/openssh-portable | | [`openssh`](openssh/) | OpenSSH | 9.0-94eb685 | https://github.com/openssh/openssh-portable |
| [`openssl`](openssl/) | OpenSSL | 1.1.1n | https://www.openssl.org/ | | [`openssl`](openssl/) | OpenSSL | 1.1.1n | https://www.openssl.org/ |
| [`openttd`](openttd/) | OpenTTD | 12.2 | https://www.openttd.org/ | | [`openttd`](openttd/) | OpenTTD | 12.2 | https://www.openttd.org/ |
| [`openttd-opengfx`](openttd-opengfx/) | OpenGFX graphics for OpenTTD | 7.1 | https://www.openttd.org/ | | [`openttd-opengfx`](openttd-opengfx/) | OpenGFX graphics for OpenTTD | 7.1 | https://www.openttd.org/ |

View file

@ -1,8 +1,8 @@
#!/usr/bin/env -S bash ../.port_include.sh #!/usr/bin/env -S bash ../.port_include.sh
port=openssh port=openssh
workdir=openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676 workdir=openssh-portable-94eb6858efecc1b4f02d8a6bd35e149f55c814c8
version=8.3-9ca7e9c version=9.0-94eb685
files="https://github.com/openssh/openssh-portable/archive/9ca7e9c861775dd6c6312bc8aaab687403d24676.tar.gz openssh-8.3-9ca7e9c.tar.gz 78e3051cd76e505b1c9ea4fdcc108f47c64d4db058dad4f776908ed0229f6234" files="https://github.com/openssh/openssh-portable/archive/94eb6858efecc1b4f02d8a6bd35e149f55c814c8.tar.gz openssh-9.0-94eb685.tar.gz 8a6bfb4c21d32f4e82d6d7734cd68585337cdd57428a2799295e1b1e72c332b5"
auth_type=sha256 auth_type=sha256
depends=("zlib" "openssl") depends=("zlib" "openssl")
useconfigure=true useconfigure=true

View file

@ -1,9 +1,9 @@
08ba07f3ef1eb9cc40204cda0af3886ee071fd47 Ifdef out unimplemented functionality Ifdef out unimplemented functionality
diff --git a/atomicio.c b/atomicio.c diff --git a/atomicio.c b/atomicio.c
index e00c9f0d..e51a9999 100644 index 7650733..7a195f5 100644
--- a/atomicio.c --- a/atomicio.c
+++ b/atomicio.c +++ b/atomicio.c
@@ -120,7 +120,7 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, @@ -119,7 +119,7 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd,
memcpy(iov, _iov, (size_t)iovcnt * sizeof(*_iov)); memcpy(iov, _iov, (size_t)iovcnt * sizeof(*_iov));
pfd.fd = fd; pfd.fd = fd;
@ -13,7 +13,7 @@ index e00c9f0d..e51a9999 100644
#else #else
pfd.events = POLLIN|POLLOUT; pfd.events = POLLIN|POLLOUT;
diff --git a/defines.h b/defines.h diff --git a/defines.h b/defines.h
index b8ea88b2..1089ee18 100644 index 279e509..5fb970a 100644
--- a/defines.h --- a/defines.h
+++ b/defines.h +++ b/defines.h
@@ -55,8 +55,13 @@ enum @@ -55,8 +55,13 @@ enum
@ -31,7 +31,7 @@ index b8ea88b2..1089ee18 100644
# define IPTOS_LOWDELAY 0x10 # define IPTOS_LOWDELAY 0x10
# define IPTOS_THROUGHPUT 0x08 # define IPTOS_THROUGHPUT 0x08
diff --git a/dns.c b/dns.c diff --git a/dns.c b/dns.c
index e4f9bf83..779886fa 100644 index f2310be..f39db58 100644
--- a/dns.c --- a/dns.c
+++ b/dns.c +++ b/dns.c
@@ -25,6 +25,8 @@ @@ -25,6 +25,8 @@
@ -43,14 +43,14 @@ index e4f9bf83..779886fa 100644
#include "includes.h" #include "includes.h"
#include <sys/types.h> #include <sys/types.h>
@@ -353,3 +355,5 @@ export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic) @@ -338,3 +340,5 @@ export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic)
return success; return success;
} }
+ +
+#endif +#endif
diff --git a/dns.h b/dns.h diff --git a/dns.h b/dns.h
index 91f3c632..0de0a81b 100644 index c9b61c4..2b9f153 100644
--- a/dns.h --- a/dns.h
+++ b/dns.h +++ b/dns.h
@@ -25,6 +25,8 @@ @@ -25,6 +25,8 @@
@ -62,14 +62,14 @@ index 91f3c632..0de0a81b 100644
#ifndef DNS_H #ifndef DNS_H
#define DNS_H #define DNS_H
@@ -56,3 +58,5 @@ int verify_host_key_dns(const char *, struct sockaddr *, @@ -57,3 +59,5 @@ int verify_host_key_dns(const char *, struct sockaddr *,
int export_dns_rr(const char *, struct sshkey *, FILE *, int); int export_dns_rr(const char *, struct sshkey *, FILE *, int);
#endif /* DNS_H */ #endif /* DNS_H */
+ +
+#endif +#endif
diff --git a/hostfile.c b/hostfile.c diff --git a/hostfile.c b/hostfile.c
index a4a35597..699d7f2c 100644 index bd49e3a..34030f1 100644
--- a/hostfile.c --- a/hostfile.c
+++ b/hostfile.c +++ b/hostfile.c
@@ -44,7 +44,9 @@ @@ -44,7 +44,9 @@
@ -83,10 +83,10 @@ index a4a35597..699d7f2c 100644
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
diff --git a/includes.h b/includes.h diff --git a/includes.h b/includes.h
index 0fd71792..405d3aa2 100644 index 6d17ef6..eef913a 100644
--- a/includes.h --- a/includes.h
+++ b/includes.h +++ b/includes.h
@@ -110,7 +110,9 @@ @@ -109,7 +109,9 @@
#endif #endif
#include <netinet/in.h> #include <netinet/in.h>
@ -97,10 +97,10 @@ index 0fd71792..405d3aa2 100644
# include <rpc/types.h> /* For INADDR_LOOPBACK */ # include <rpc/types.h> /* For INADDR_LOOPBACK */
#endif #endif
diff --git a/loginrec.c b/loginrec.c diff --git a/loginrec.c b/loginrec.c
index e5289deb..c670f0be 100644 index 4f21499..574e3a1 100644
--- a/loginrec.c --- a/loginrec.c
+++ b/loginrec.c +++ b/loginrec.c
@@ -460,7 +460,7 @@ login_write(struct logininfo *li) @@ -461,7 +461,7 @@ login_write(struct logininfo *li)
#ifdef USE_WTMP #ifdef USE_WTMP
wtmp_write_entry(li); wtmp_write_entry(li);
#endif #endif
@ -109,7 +109,7 @@ index e5289deb..c670f0be 100644
utmpx_write_entry(li); utmpx_write_entry(li);
#endif #endif
#ifdef USE_WTMPX #ifdef USE_WTMPX
@@ -493,7 +493,7 @@ login_utmp_only(struct logininfo *li) @@ -494,7 +494,7 @@ login_utmp_only(struct logininfo *li)
# ifdef USE_WTMP # ifdef USE_WTMP
wtmp_write_entry(li); wtmp_write_entry(li);
# endif # endif
@ -118,7 +118,7 @@ index e5289deb..c670f0be 100644
utmpx_write_entry(li); utmpx_write_entry(li);
# endif # endif
# ifdef USE_WTMPX # ifdef USE_WTMPX
@@ -724,7 +724,7 @@ construct_utmp(struct logininfo *li, @@ -725,7 +725,7 @@ construct_utmp(struct logininfo *li,
** variations. ** variations.
**/ **/
@ -127,7 +127,7 @@ index e5289deb..c670f0be 100644
/* build the utmpx structure */ /* build the utmpx structure */
void void
set_utmpx_time(struct logininfo *li, struct utmpx *utx) set_utmpx_time(struct logininfo *li, struct utmpx *utx)
@@ -983,7 +983,7 @@ utmp_write_entry(struct logininfo *li) @@ -987,7 +987,7 @@ utmp_write_entry(struct logininfo *li)
**/ **/
/* not much point if we don't want utmpx entries */ /* not much point if we don't want utmpx entries */
@ -137,10 +137,10 @@ index e5289deb..c670f0be 100644
/* if we have the wherewithall, use pututxline etc. */ /* if we have the wherewithall, use pututxline etc. */
# if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \ # if !defined(DISABLE_PUTUTXLINE) && defined(HAVE_SETUTXENT) && \
diff --git a/misc.c b/misc.c diff --git a/misc.c b/misc.c
index 554ceb0b..67464ef2 100644 index 85d2236..bc06094 100644
--- a/misc.c --- a/misc.c
+++ b/misc.c +++ b/misc.c
@@ -50,7 +50,9 @@ @@ -44,7 +44,9 @@
#include <unistd.h> #include <unistd.h>
#include <netinet/in.h> #include <netinet/in.h>
@ -151,7 +151,7 @@ index 554ceb0b..67464ef2 100644
#include <netinet/tcp.h> #include <netinet/tcp.h>
#include <arpa/inet.h> #include <arpa/inet.h>
diff --git a/openbsd-compat/getrrsetbyname-ldns.c b/openbsd-compat/getrrsetbyname-ldns.c diff --git a/openbsd-compat/getrrsetbyname-ldns.c b/openbsd-compat/getrrsetbyname-ldns.c
index 4647b623..d684f6fb 100644 index 4647b62..d684f6f 100644
--- a/openbsd-compat/getrrsetbyname-ldns.c --- a/openbsd-compat/getrrsetbyname-ldns.c
+++ b/openbsd-compat/getrrsetbyname-ldns.c +++ b/openbsd-compat/getrrsetbyname-ldns.c
@@ -43,6 +43,8 @@ @@ -43,6 +43,8 @@
@ -170,7 +170,7 @@ index 4647b623..d684f6fb 100644
+ +
+#endif +#endif
diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
index dc6fe053..9e7fefd0 100644 index cc1f8ae..57999ed 100644
--- a/openbsd-compat/getrrsetbyname.c --- a/openbsd-compat/getrrsetbyname.c
+++ b/openbsd-compat/getrrsetbyname.c +++ b/openbsd-compat/getrrsetbyname.c
@@ -45,6 +45,8 @@ @@ -45,6 +45,8 @@
@ -182,14 +182,14 @@ index dc6fe053..9e7fefd0 100644
#include "includes.h" #include "includes.h"
#if !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS) #if !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS)
@@ -608,3 +610,5 @@ count_dns_rr(struct dns_rr *p, u_int16_t class, u_int16_t type) @@ -607,3 +609,5 @@ count_dns_rr(struct dns_rr *p, u_int16_t class, u_int16_t type)
} }
#endif /* !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS) */ #endif /* !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS) */
+ +
+#endif +#endif
diff --git a/openbsd-compat/getrrsetbyname.h b/openbsd-compat/getrrsetbyname.h diff --git a/openbsd-compat/getrrsetbyname.h b/openbsd-compat/getrrsetbyname.h
index 1283f550..0b33705e 100644 index 1283f55..0b33705 100644
--- a/openbsd-compat/getrrsetbyname.h --- a/openbsd-compat/getrrsetbyname.h
+++ b/openbsd-compat/getrrsetbyname.h +++ b/openbsd-compat/getrrsetbyname.h
@@ -45,6 +45,8 @@ @@ -45,6 +45,8 @@
@ -208,20 +208,20 @@ index 1283f550..0b33705e 100644
+ +
+#endif +#endif
diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c
index 4eb52f42..50e1bb12 100644 index ac922c1..1ebb975 100644
--- a/openbsd-compat/mktemp.c --- a/openbsd-compat/mktemp.c
+++ b/openbsd-compat/mktemp.c +++ b/openbsd-compat/mktemp.c
@@ -34,7 +34,7 @@ @@ -34,7 +34,7 @@
#include <ctype.h> #include <ctype.h>
#include <unistd.h> #include <unistd.h>
-#if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) -#if !defined(HAVE_MKDTEMP)
+#if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) && !defined(__serenity__) +#if !defined(HAVE_MKDTEMP) || !defined(__serenity__)
#define MKTEMP_NAME 0 #define MKTEMP_NAME 0
#define MKTEMP_FILE 1 #define MKTEMP_FILE 1
diff --git a/readconf.c b/readconf.c diff --git a/readconf.c b/readconf.c
index 2afcbaec..034ad492 100644 index f26faba..56122d8 100644
--- a/readconf.c --- a/readconf.c
+++ b/readconf.c +++ b/readconf.c
@@ -21,7 +21,9 @@ @@ -21,7 +21,9 @@
@ -234,7 +234,7 @@ index 2afcbaec..034ad492 100644
#include <netinet/ip.h> #include <netinet/ip.h>
#include <arpa/inet.h> #include <arpa/inet.h>
@@ -1064,11 +1066,12 @@ parse_time: @@ -1134,11 +1136,12 @@ parse_time:
case oCheckHostIP: case oCheckHostIP:
intptr = &options->check_host_ip; intptr = &options->check_host_ip;
goto parse_flag; goto parse_flag;
@ -249,10 +249,10 @@ index 2afcbaec..034ad492 100644
case oStrictHostKeyChecking: case oStrictHostKeyChecking:
intptr = &options->strict_host_key_checking; intptr = &options->strict_host_key_checking;
diff --git a/regress/netcat.c b/regress/netcat.c diff --git a/regress/netcat.c b/regress/netcat.c
index fe94dd90..57c52d3b 100644 index 20ec3f5..55e087e 100644
--- a/regress/netcat.c --- a/regress/netcat.c
+++ b/regress/netcat.c +++ b/regress/netcat.c
@@ -1369,7 +1369,9 @@ usage(int ret) @@ -1384,7 +1384,9 @@ usage(int ret)
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
@ -263,7 +263,7 @@ index fe94dd90..57c52d3b 100644
#define SOCKS_PORT "1080" #define SOCKS_PORT "1080"
#define HTTP_PROXY_PORT "3128" #define HTTP_PROXY_PORT "3128"
diff --git a/sandbox-pledge.c b/sandbox-pledge.c diff --git a/sandbox-pledge.c b/sandbox-pledge.c
index d28fc272..a244241c 100644 index 302f1cf..693a443 100644
--- a/sandbox-pledge.c --- a/sandbox-pledge.c
+++ b/sandbox-pledge.c +++ b/sandbox-pledge.c
@@ -21,7 +21,9 @@ @@ -21,7 +21,9 @@
@ -277,10 +277,10 @@ index d28fc272..a244241c 100644
#include <sys/wait.h> #include <sys/wait.h>
diff --git a/servconf.c b/servconf.c diff --git a/servconf.c b/servconf.c
index ba0a92c7..02b68a9a 100644 index 9d9681f..c418509 100644
--- a/servconf.c --- a/servconf.c
+++ b/servconf.c +++ b/servconf.c
@@ -20,7 +20,9 @@ @@ -21,7 +21,9 @@
#endif #endif
#include <netinet/in.h> #include <netinet/in.h>
@ -291,18 +291,18 @@ index ba0a92c7..02b68a9a 100644
#ifdef HAVE_NET_ROUTE_H #ifdef HAVE_NET_ROUTE_H
#include <net/route.h> #include <net/route.h>
diff --git a/ssh-add.c b/ssh-add.c diff --git a/ssh-add.c b/ssh-add.c
index a40198ab..e218270b 100644 index 7555477..ea8e27c 100644
--- a/ssh-add.c --- a/ssh-add.c
+++ b/ssh-add.c +++ b/ssh-add.c
@@ -535,6 +535,7 @@ lock_agent(int agent_fd, int lock) @@ -577,6 +577,7 @@ lock_agent(int agent_fd, int lock)
return (ret); return (ret);
} }
+#ifndef __serenity__ +#ifndef __serenity__
static int static int
load_resident_keys(int agent_fd, const char *skprovider, int qflag) load_resident_keys(int agent_fd, const char *skprovider, int qflag,
{ struct dest_constraint **dest_constraints, size_t ndest_constraints)
@@ -583,6 +584,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag) @@ -628,6 +629,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag,
return SSH_ERR_KEY_NOT_FOUND; return SSH_ERR_KEY_NOT_FOUND;
return ok == 1 ? 0 : ok; return ok == 1 ? 0 : ok;
} }
@ -310,7 +310,7 @@ index a40198ab..e218270b 100644
static int static int
do_file(int agent_fd, int deleting, int key_only, char *file, int qflag, do_file(int agent_fd, int deleting, int key_only, char *file, int qflag,
@@ -775,6 +777,7 @@ main(int argc, char **argv) @@ -964,6 +966,7 @@ main(int argc, char **argv)
ret = 1; ret = 1;
goto done; goto done;
} }
@ -318,7 +318,7 @@ index a40198ab..e218270b 100644
if (do_download) { if (do_download) {
if (skprovider == NULL) if (skprovider == NULL)
fatal("Cannot download keys without provider"); fatal("Cannot download keys without provider");
@@ -782,6 +785,7 @@ main(int argc, char **argv) @@ -972,6 +975,7 @@ main(int argc, char **argv)
ret = 1; ret = 1;
goto done; goto done;
} }
@ -327,10 +327,10 @@ index a40198ab..e218270b 100644
char buf[PATH_MAX]; char buf[PATH_MAX];
struct passwd *pw; struct passwd *pw;
diff --git a/ssh-agent.c b/ssh-agent.c diff --git a/ssh-agent.c b/ssh-agent.c
index e081413b..811dc115 100644 index 03ae2b0..c1b6350 100644
--- a/ssh-agent.c --- a/ssh-agent.c
+++ b/ssh-agent.c +++ b/ssh-agent.c
@@ -1308,10 +1308,12 @@ main(int ac, char **av) @@ -2146,10 +2146,12 @@ main(int ac, char **av)
* a few spare for libc / stack protectors / sanitisers, etc. * a few spare for libc / stack protectors / sanitisers, etc.
*/ */
#define SSH_AGENT_MIN_FDS (3+1+1+1+4) #define SSH_AGENT_MIN_FDS (3+1+1+1+4)
@ -344,10 +344,10 @@ index e081413b..811dc115 100644
parent_pid = getpid(); parent_pid = getpid();
diff --git a/ssh-keygen.c b/ssh-keygen.c diff --git a/ssh-keygen.c b/ssh-keygen.c
index 2c5c75db..85e8a9e2 100644 index d62fab3..1443c9c 100644
--- a/ssh-keygen.c --- a/ssh-keygen.c
+++ b/ssh-keygen.c +++ b/ssh-keygen.c
@@ -1464,6 +1464,7 @@ do_change_passphrase(struct passwd *pw) @@ -1471,6 +1471,7 @@ do_change_passphrase(struct passwd *pw)
exit(0); exit(0);
} }
@ -355,7 +355,7 @@ index 2c5c75db..85e8a9e2 100644
/* /*
* Print the SSHFP RR. * Print the SSHFP RR.
*/ */
@@ -1491,6 +1492,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname, @@ -1497,6 +1498,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname,
free(comment); free(comment);
return 1; return 1;
} }
@ -363,23 +363,23 @@ index 2c5c75db..85e8a9e2 100644
/* /*
* Change the comment of a private key file. * Change the comment of a private key file.
@@ -2929,6 +2931,7 @@ skip_ssh_url_preamble(const char *s) @@ -3075,6 +3077,7 @@ sk_suffix(const char *application, const uint8_t *user, size_t userlen)
return s; return ret;
} }
+#ifndef __serenity__ +#ifndef __serenity__
static int static int
do_download_sk(const char *skprovider, const char *device) do_download_sk(const char *skprovider, const char *device)
{ {
@@ -3026,6 +3029,7 @@ do_download_sk(const char *skprovider, const char *device) @@ -3185,6 +3188,7 @@ save_attestation(struct sshbuf *attest, const char *path)
free(keys); printf("Your FIDO attestation certificate has been saved in "
return ok ? 0 : -1; "%s\n", path);
} }
+#endif +#endif
static void static void
usage(void) usage(void)
@@ -3437,6 +3441,7 @@ main(int argc, char **argv) @@ -3627,6 +3631,7 @@ main(int argc, char **argv)
} }
if (pkcs11provider != NULL) if (pkcs11provider != NULL)
do_download(pw); do_download(pw);
@ -387,7 +387,7 @@ index 2c5c75db..85e8a9e2 100644
if (download_sk) { if (download_sk) {
for (i = 0; i < nopts; i++) { for (i = 0; i < nopts; i++) {
if (strncasecmp(opts[i], "device=", 7) == 0) { if (strncasecmp(opts[i], "device=", 7) == 0) {
@@ -3448,6 +3453,7 @@ main(int argc, char **argv) @@ -3638,6 +3643,7 @@ main(int argc, char **argv)
} }
return do_download_sk(sk_provider, sk_device); return do_download_sk(sk_provider, sk_device);
} }
@ -395,7 +395,7 @@ index 2c5c75db..85e8a9e2 100644
if (print_fingerprint || print_bubblebabble) if (print_fingerprint || print_bubblebabble)
do_fingerprint(pw); do_fingerprint(pw);
if (change_passphrase) if (change_passphrase)
@@ -3465,6 +3471,8 @@ main(int argc, char **argv) @@ -3655,6 +3661,8 @@ main(int argc, char **argv)
#endif /* WITH_OPENSSL */ #endif /* WITH_OPENSSL */
if (print_public) if (print_public)
do_print_public(pw); do_print_public(pw);
@ -404,7 +404,7 @@ index 2c5c75db..85e8a9e2 100644
if (rr_hostname != NULL) { if (rr_hostname != NULL) {
unsigned int n = 0; unsigned int n = 0;
@@ -3496,6 +3504,7 @@ main(int argc, char **argv) @@ -3686,6 +3694,7 @@ main(int argc, char **argv)
exit(0); exit(0);
} }
} }
@ -412,7 +412,7 @@ index 2c5c75db..85e8a9e2 100644
if (do_gen_candidates || do_screen_candidates) { if (do_gen_candidates || do_screen_candidates) {
if (argc <= 0) if (argc <= 0)
@@ -3527,6 +3536,7 @@ main(int argc, char **argv) @@ -3717,6 +3726,7 @@ main(int argc, char **argv)
printf("Generating public/private %s key pair.\n", printf("Generating public/private %s key pair.\n",
key_type_name); key_type_name);
switch (type) { switch (type) {
@ -420,7 +420,7 @@ index 2c5c75db..85e8a9e2 100644
case KEY_ECDSA_SK: case KEY_ECDSA_SK:
case KEY_ED25519_SK: case KEY_ED25519_SK:
for (i = 0; i < nopts; i++) { for (i = 0; i < nopts; i++) {
@@ -3593,6 +3603,7 @@ main(int argc, char **argv) @@ -3795,6 +3805,7 @@ main(int argc, char **argv)
passphrase = NULL; passphrase = NULL;
} }
break; break;
@ -429,10 +429,10 @@ index 2c5c75db..85e8a9e2 100644
if ((r = sshkey_generate(type, bits, &private)) != 0) if ((r = sshkey_generate(type, bits, &private)) != 0)
fatal("sshkey_generate failed"); fatal("sshkey_generate failed");
diff --git a/ssh-keyscan.c b/ssh-keyscan.c diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index a5e64407..c7964ae9 100644 index d29a03b..e6aac3d 100644
--- a/ssh-keyscan.c --- a/ssh-keyscan.c
+++ b/ssh-keyscan.c +++ b/ssh-keyscan.c
@@ -311,7 +311,9 @@ keyprint_one(const char *host, struct sshkey *key) @@ -313,7 +313,9 @@ keyprint_one(const char *host, struct sshkey *key)
found_one = 1; found_one = 1;
if (print_sshfp) { if (print_sshfp) {
@ -443,11 +443,11 @@ index a5e64407..c7964ae9 100644
} }
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index 8a0ffef5..12d05317 100644 index cfd833d..de8fb90 100644
--- a/ssh-pkcs11-client.c --- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c
@@ -241,6 +241,7 @@ wrap_key(struct sshkey *k) @@ -241,6 +241,7 @@ wrap_key(struct sshkey *k)
fatal("%s: unknown key type", __func__); fatal_f("unknown key type");
} }
+#ifndef __serenity__ +#ifndef __serenity__
@ -467,7 +467,7 @@ index 8a0ffef5..12d05317 100644
struct sshbuf *msg; struct sshbuf *msg;
- if (fd < 0 && pkcs11_start_helper() < 0) - if (fd < 0 && pkcs11_start_helper() < 0)
+ if (fd < 0 + if (fd < 0
+#ifndef __serenity__ +#ifndef __serenity__
+ && pkcs11_start_helper() < 0 + && pkcs11_start_helper() < 0
+#endif +#endif
@ -476,7 +476,7 @@ index 8a0ffef5..12d05317 100644
if ((msg = sshbuf_new()) == NULL) if ((msg = sshbuf_new()) == NULL)
diff --git a/ssh-sk-client.c b/ssh-sk-client.c diff --git a/ssh-sk-client.c b/ssh-sk-client.c
index 8d7e6c30..21b3ab39 100644 index 321fe53..984aa6a 100644
--- a/ssh-sk-client.c --- a/ssh-sk-client.c
+++ b/ssh-sk-client.c +++ b/ssh-sk-client.c
@@ -15,6 +15,8 @@ @@ -15,6 +15,8 @@
@ -488,14 +488,14 @@ index 8d7e6c30..21b3ab39 100644
#include "includes.h" #include "includes.h"
#include <sys/types.h> #include <sys/types.h>
@@ -447,3 +449,5 @@ sshsk_load_resident(const char *provider_path, const char *device, @@ -478,3 +480,5 @@ sshsk_load_resident(const char *provider_path, const char *device,
errno = oerrno; errno = oerrno;
return r; return r;
} }
+ +
+#endif +#endif
diff --git a/sshbuf-misc.c b/sshbuf-misc.c diff --git a/sshbuf-misc.c b/sshbuf-misc.c
index 9b5aa208..20c526b1 100644 index 9c5c42b..1759ed2 100644
--- a/sshbuf-misc.c --- a/sshbuf-misc.c
+++ b/sshbuf-misc.c +++ b/sshbuf-misc.c
@@ -28,7 +28,9 @@ @@ -28,7 +28,9 @@
@ -506,21 +506,21 @@ index 9b5aa208..20c526b1 100644
#include <resolv.h> #include <resolv.h>
+#endif +#endif
#include <ctype.h> #include <ctype.h>
#include <unistd.h>
#include "ssherr.h"
diff --git a/sshconnect.c b/sshconnect.c diff --git a/sshconnect.c b/sshconnect.c
index af08be41..9e748a23 100644 index ebecc83..81df612 100644
--- a/sshconnect.c --- a/sshconnect.c
+++ b/sshconnect.c +++ b/sshconnect.c
@@ -120,6 +120,7 @@ stderr_null(void) @@ -106,6 +106,7 @@ expand_proxy_command(const char *proxy_command, const char *user,
close(devnull); return ret;
} }
+#ifndef __serenity__ +#ifndef __serenity__
/* /*
* Connect to the given ssh server using a proxy command that passes a * Connect to the given ssh server using a proxy command that passes a
* a connected fd back to us. * a connected fd back to us.
@@ -202,6 +203,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, @@ -188,6 +189,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host,
return 0; return 0;
} }
@ -528,12 +528,12 @@ index af08be41..9e748a23 100644
/* /*
* Connect to the given ssh server using a proxy command. * Connect to the given ssh server using a proxy command.
@@ -566,10 +568,13 @@ ssh_connect(struct ssh *ssh, const char *host, const char *host_arg, @@ -555,10 +557,13 @@ ssh_connect(struct ssh *ssh, const char *host, const char *host_arg,
if ((ssh_packet_set_connection(ssh, in, out)) == NULL) if ((ssh_packet_set_connection(ssh, in, out)) == NULL)
return -1; /* ssh_packet_set_connection logs error */ return -1; /* ssh_packet_set_connection logs error */
return 0; return 0;
- } else if (options.proxy_use_fdpass) { - } else if (options.proxy_use_fdpass) {
+ } + }
+ #ifndef __serenity__ + #ifndef __serenity__
+ else if (options.proxy_use_fdpass) { + else if (options.proxy_use_fdpass) {
return ssh_proxy_fdpass_connect(ssh, host, host_arg, port, return ssh_proxy_fdpass_connect(ssh, host, host_arg, port,
@ -543,7 +543,7 @@ index af08be41..9e748a23 100644
return ssh_proxy_connect(ssh, host, host_arg, port, return ssh_proxy_connect(ssh, host, host_arg, port,
options.proxy_command); options.proxy_command);
} }
@@ -1218,7 +1223,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key) @@ -1483,7 +1488,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key,
goto out; goto out;
} }
} }
@ -552,16 +552,16 @@ index af08be41..9e748a23 100644
if (options.verify_host_key_dns) { if (options.verify_host_key_dns) {
/* /*
* XXX certs are not yet supported for DNS, so downgrade * XXX certs are not yet supported for DNS, so downgrade
@@ -1247,6 +1252,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key) @@ -1512,6 +1517,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key,
} }
} }
} }
+#endif +#endif
r = check_host_key(host, hostaddr, options.port, host_key, RDRW, r = check_host_key(host, cinfo, hostaddr, options.port, host_key,
options.user_hostfiles, options.num_user_hostfiles, RDRW, 0, options.user_hostfiles, options.num_user_hostfiles,
options.system_hostfiles, options.num_system_hostfiles); options.system_hostfiles, options.num_system_hostfiles,
diff --git a/sshkey.c b/sshkey.c diff --git a/sshkey.c b/sshkey.c
index 1571e3d9..2b5c611c 100644 index f1e9200..564ff40 100644
--- a/sshkey.c --- a/sshkey.c
+++ b/sshkey.c +++ b/sshkey.c
@@ -42,7 +42,9 @@ @@ -42,7 +42,9 @@
@ -574,19 +574,19 @@ index 1571e3d9..2b5c611c 100644
#include <time.h> #include <time.h>
#ifdef HAVE_UTIL_H #ifdef HAVE_UTIL_H
#include <util.h> #include <util.h>
@@ -2759,6 +2761,7 @@ sshkey_sign(struct sshkey *key, @@ -2790,6 +2792,7 @@ sshkey_sign(struct sshkey *key,
case KEY_ED25519_CERT: case KEY_ED25519_CERT:
r = ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat); r = ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat);
break; break;
+ #ifndef __serenity__ +#ifndef __serenity__
case KEY_ED25519_SK: case KEY_ED25519_SK:
case KEY_ED25519_SK_CERT: case KEY_ED25519_SK_CERT:
case KEY_ECDSA_SK_CERT: case KEY_ECDSA_SK_CERT:
@@ -2766,6 +2769,7 @@ sshkey_sign(struct sshkey *key, @@ -2797,6 +2800,7 @@ sshkey_sign(struct sshkey *key,
r = sshsk_sign(sk_provider, key, sigp, lenp, data, r = sshsk_sign(sk_provider, key, sigp, lenp, data,
datalen, compat, /* XXX PIN */ NULL); datalen, compat, sk_pin);
break; break;
+ #endif +#endif
#ifdef WITH_XMSS #ifdef WITH_XMSS
case KEY_XMSS: case KEY_XMSS:
case KEY_XMSS_CERT: case KEY_XMSS_CERT:

View file

@ -1,50 +1,51 @@
f524cc245e63092372d78c3d80959b589aeebcc2 Add missing sigaction pledges and remove dns Add missing sigaction pledges and remove dns
diff --git a/clientloop.c b/clientloop.c diff --git a/clientloop.c b/clientloop.c
index da396c72..3ff4ea89 100644 index f8350e6..00bf4b6 100644
--- a/clientloop.c --- a/clientloop.c
+++ b/clientloop.c +++ b/clientloop.c
@@ -1239,31 +1239,31 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, @@ -1227,31 +1227,31 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
if (options.control_master && if (options.control_master &&
!option_clear_or_none(options.control_path)) { !option_clear_or_none(options.control_path)) {
debug("pledge: id"); debug("pledge: id");
- if (pledge("stdio rpath wpath cpath unix inet dns recvfd sendfd proc exec id tty", - if (pledge("stdio rpath wpath cpath unix inet dns recvfd sendfd proc exec id tty",
+ if (pledge("stdio rpath wpath cpath unix inet recvfd sendfd proc exec id tty sigaction", + if (pledge("stdio rpath wpath cpath unix inet recvfd sendfd proc exec id tty sigaction",
NULL) == -1) NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno)); fatal_f("pledge(): %s", strerror(errno));
} else if (options.forward_x11 || options.permit_local_command) { } else if (options.forward_x11 || options.permit_local_command) {
debug("pledge: exec"); debug("pledge: exec");
- if (pledge("stdio rpath wpath cpath unix inet dns proc exec tty", - if (pledge("stdio rpath wpath cpath unix inet dns proc exec tty",
+ if (pledge("stdio rpath wpath cpath unix inet proc exec tty sigaction", + if (pledge("stdio rpath wpath cpath unix inet proc exec tty sigaction",
NULL) == -1) NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno)); fatal_f("pledge(): %s", strerror(errno));
} else if (options.update_hostkeys) { } else if (options.update_hostkeys) {
debug("pledge: filesystem full"); debug("pledge: filesystem");
- if (pledge("stdio rpath wpath cpath unix inet dns proc tty", - if (pledge("stdio rpath wpath cpath unix inet dns proc tty",
+ if (pledge("stdio rpath wpath cpath unix inet proc tty sigaction", + if (pledge("stdio rpath wpath cpath unix inet proc tty sigaction",
NULL) == -1) NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno)); fatal_f("pledge(): %s", strerror(errno));
} else if (!option_clear_or_none(options.proxy_command) || } else if (!option_clear_or_none(options.proxy_command) ||
fork_after_authentication_flag) { options.fork_after_authentication) {
debug("pledge: proc"); debug("pledge: proc");
- if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1) - if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1)
+ if (pledge("stdio cpath unix inet proc tty sigaction", NULL) == -1) + if (pledge("stdio cpath unix inet proc tty sigaction", NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno)); fatal_f("pledge(): %s", strerror(errno));
} else { } else {
debug("pledge: network"); debug("pledge: network");
- if (pledge("stdio unix inet dns proc tty", NULL) == -1) - if (pledge("stdio unix inet dns proc tty", NULL) == -1)
+ if (pledge("stdio unix inet proc tty sigaction", NULL) == -1) + if (pledge("stdio unix inet proc tty sigaction", NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno)); fatal_f("pledge(): %s", strerror(errno));
} }
diff -Naur openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/ssh-keysign.c openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676.serenity/ssh-keysign.c diff --git a/ssh-keysign.c b/ssh-keysign.c
--- openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/ssh-keysign.c 2020-05-27 02:38:00.000000000 +0200 index c52321e..9ae4dbf 100644
+++ openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676.serenity/ssh-keysign.c 2021-05-18 00:09:01.831610440 +0200 --- a/ssh-keysign.c
@@ -173,7 +173,7 @@ +++ b/ssh-keysign.c
char *host, *fp; @@ -187,7 +187,7 @@ main(int argc, char **argv)
char *host, *fp, *pkalg;
size_t slen, dlen; size_t slen, dlen;
- if (pledge("stdio rpath getpw dns id", NULL) != 0) - if (pledge("stdio rpath getpw dns id", NULL) != 0)
@ -52,12 +53,12 @@ diff -Naur openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/ssh-keysign
fatal("%s: pledge: %s", __progname, strerror(errno)); fatal("%s: pledge: %s", __progname, strerror(errno));
/* Ensure that stdin and stdout are connected */ /* Ensure that stdin and stdout are connected */
@@ -237,7 +237,7 @@ @@ -226,7 +226,7 @@ main(int argc, char **argv)
if (!found) fatal("ssh-keysign not enabled in %s",
fatal("no hostkey found"); _PATH_HOST_CONFIG_FILE);
- if (pledge("stdio dns", NULL) != 0) - if (pledge("stdio dns", NULL) != 0)
+ if (pledge("stdio", NULL) != 0) + if (pledge("stdio", NULL) != 0)
fatal("%s: pledge: %s", __progname, strerror(errno)); fatal("%s: pledge: %s", __progname, strerror(errno));
if ((b = sshbuf_new()) == NULL) for (i = found = 0; i < NUM_KEYTYPES; i++) {

View file

@ -1,6 +1,6 @@
bf47ca1400b0548fdabff37c797c6afe89c2ce60 Remove inet_aton redefinition Remove inet_aton redefinition
diff --git a/openbsd-compat/inet_aton.c b/openbsd-compat/inet_aton.c diff --git a/openbsd-compat/inet_aton.c b/openbsd-compat/inet_aton.c
index 093a1720..8b0a0c5d 100644 index 5efcc5f..14aa47b 100644
--- a/openbsd-compat/inet_aton.c --- a/openbsd-compat/inet_aton.c
+++ b/openbsd-compat/inet_aton.c +++ b/openbsd-compat/inet_aton.c
@@ -53,7 +53,7 @@ @@ -53,7 +53,7 @@
@ -11,8 +11,8 @@ index 093a1720..8b0a0c5d 100644
+#if !defined(__serenity__) +#if !defined(__serenity__)
#include <sys/types.h> #include <sys/types.h>
#include <sys/param.h> #include <netinet/in.h>
@@ -84,96 +84,96 @@ inet_addr(const char *cp) @@ -83,96 +83,96 @@ inet_addr(const char *cp)
* This replaces inet_addr, the return value from which * This replaces inet_addr, the return value from which
* cannot distinguish between failure and a local broadcast address. * cannot distinguish between failure and a local broadcast address.
*/ */
@ -195,10 +195,10 @@ index 093a1720..8b0a0c5d 100644
#endif /* !defined(HAVE_INET_ATON) */ #endif /* !defined(HAVE_INET_ATON) */
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index e5fd6f5b..cb9e1aa0 100644 index 4316ab8..1c5c338 100644
--- a/openbsd-compat/openbsd-compat.h --- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h
@@ -153,7 +153,7 @@ char *inet_ntoa(struct in_addr in); @@ -166,7 +166,7 @@ char *inet_ntoa(struct in_addr in);
const char *inet_ntop(int af, const void *src, char *dst, socklen_t size); const char *inet_ntop(int af, const void *src, char *dst, socklen_t size);
#endif #endif

View file

@ -1,18 +1,18 @@
05b4800c752f5c57deec758118b28fc329a226e8 %.100s and sscanf doesn't do as expected %.100s and sscanf doesn't work as expected
diff --git a/kex.c b/kex.c diff --git a/kex.c b/kex.c
index 09c7258e..4c670986 100644 index 0bcd27d..2539cc2 100644
--- a/kex.c --- a/kex.c
+++ b/kex.c +++ b/kex.c
@@ -1182,7 +1182,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, @@ -1229,7 +1229,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
sshbuf_reset(our_version); sshbuf_reset(our_version);
if (version_addendum != NULL && *version_addendum == '\0') if (version_addendum != NULL && *version_addendum == '\0')
version_addendum = NULL; version_addendum = NULL;
- if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", - if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
+ if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", + if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n",
PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : " ",
version_addendum == NULL ? "" : version_addendum)) != 0) { version_addendum == NULL ? "" : version_addendum)) != 0) {
@@ -1210,7 +1210,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, @@ -1257,7 +1257,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
r = SSH_ERR_ALLOC_FAIL; r = SSH_ERR_ALLOC_FAIL;
goto out; goto out;
} }
@ -21,7 +21,7 @@ index 09c7258e..4c670986 100644
/* Read other side's version identification. */ /* Read other side's version identification. */
for (n = 0; ; n++) { for (n = 0; ; n++) {
@@ -1310,6 +1310,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, @@ -1353,6 +1353,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
goto out; goto out;
} }
@ -29,7 +29,7 @@ index 09c7258e..4c670986 100644
/* /*
* Check that the versions match. In future this might accept * Check that the versions match. In future this might accept
* several versions and set appropriate flags to handle them. * several versions and set appropriate flags to handle them.
@@ -1318,11 +1319,19 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, @@ -1361,11 +1362,19 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
&remote_major, &remote_minor, remote_version) != 3) { &remote_major, &remote_minor, remote_version) != 3) {
error("Bad remote protocol version identification: '%.100s'", error("Bad remote protocol version identification: '%.100s'",
peer_version_string); peer_version_string);
@ -48,4 +48,4 @@ index 09c7258e..4c670986 100644
+#endif +#endif
debug("Remote protocol version %d.%d, remote software version %.100s", debug("Remote protocol version %d.%d, remote software version %.100s",
remote_major, remote_minor, remote_version); remote_major, remote_minor, remote_version);
ssh->compat = compat_datafellows(remote_version); compat_banner(ssh, remote_version);

View file

@ -1,6 +1,7 @@
diff -Naur openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/monitor_fdpass.c openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676.serenity/monitor_fdpass.c diff --git a/monitor_fdpass.c b/monitor_fdpass.c
--- openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/monitor_fdpass.c 2020-05-27 02:38:00.000000000 +0200 index a07727a..0a9fe75 100644
+++ openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676.serenity/monitor_fdpass.c 2021-05-01 12:32:21.145854477 +0200 --- a/monitor_fdpass.c
+++ b/monitor_fdpass.c
@@ -51,6 +51,7 @@ @@ -51,6 +51,7 @@
int int
mm_send_fd(int sock, int fd) mm_send_fd(int sock, int fd)
@ -9,7 +10,7 @@ diff -Naur openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/monitor_fdp
#if defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) #if defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR))
struct msghdr msg; struct msghdr msg;
#ifndef HAVE_ACCRIGHTS_IN_MSGHDR #ifndef HAVE_ACCRIGHTS_IN_MSGHDR
@@ -107,11 +108,15 @@ @@ -106,11 +107,15 @@ mm_send_fd(int sock, int fd)
error("%s: file descriptor passing not supported", __func__); error("%s: file descriptor passing not supported", __func__);
return -1; return -1;
#endif #endif
@ -25,8 +26,8 @@ diff -Naur openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/monitor_fdp
#if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) #if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR))
struct msghdr msg; struct msghdr msg;
#ifndef HAVE_ACCRIGHTS_IN_MSGHDR #ifndef HAVE_ACCRIGHTS_IN_MSGHDR
@@ -184,4 +189,7 @@ @@ -182,4 +187,7 @@ mm_receive_fd(int sock)
error("%s: file descriptor passing not supported", __func__); error_f("file descriptor passing not supported");
return -1; return -1;
#endif #endif
+#else +#else

View file

@ -1,8 +1,8 @@
diff --git a/sshd.c b/sshd.c diff --git a/sshd.c b/sshd.c
index 6f8f11a..cdbc003 100644 index 0ee65b5..e2f84de 100644
--- a/sshd.c --- a/sshd.c
+++ b/sshd.c +++ b/sshd.c
@@ -461,12 +461,9 @@ privsep_preauth_child(void) @@ -452,12 +452,9 @@ privsep_preauth_child(void)
/* Demote the child */ /* Demote the child */
if (privsep_chroot) { if (privsep_chroot) {
@ -18,7 +18,7 @@ index 6f8f11a..cdbc003 100644
/* Drop our privileges */ /* Drop our privileges */
debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
@@ -1899,25 +1896,6 @@ main(int ac, char **av) @@ -1952,25 +1949,6 @@ main(int ac, char **av)
sshkey_type(key)); sshkey_type(key));
} }