From 10613294b48e3736c0edf5f93c6ff34b52339079 Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Tue, 20 Feb 2018 22:02:40 -0600 Subject: system/openssh: add drastically simplified OpenSSH --- system/openssh/bsd-compatible-realpath.patch | 62 ++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 system/openssh/bsd-compatible-realpath.patch (limited to 'system/openssh/bsd-compatible-realpath.patch') diff --git a/system/openssh/bsd-compatible-realpath.patch b/system/openssh/bsd-compatible-realpath.patch new file mode 100644 index 000000000..1cdb4f7c5 --- /dev/null +++ b/system/openssh/bsd-compatible-realpath.patch @@ -0,0 +1,62 @@ +fix issues with fortify-headers and the way openssh handles the needed +BSD compatible realpath(3). + +unconditionally use the provided realpath() as otherwise cross-builds +would try to use musl realpath() which is posix compliant and not +working to openssh expectations. + +diff -ru openssh-7.2p2.orig/openbsd-compat/openbsd-compat.h openssh-7.2p2/openbsd-compat/openbsd-compat.h +--- openssh-7.2p2.orig/openbsd-compat/openbsd-compat.h 2016-03-09 20:04:48.000000000 +0200 ++++ openssh-7.2p2/openbsd-compat/openbsd-compat.h 2016-07-18 13:33:16.260357745 +0300 +@@ -68,17 +68,7 @@ + void *reallocarray(void *, size_t, size_t); + #endif + +-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) +-/* +- * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the +- * compat version. +- */ +-# ifdef BROKEN_REALPATH +-# define realpath(x, y) _ssh_compat_realpath(x, y) +-# endif +- +-char *realpath(const char *path, char *resolved); +-#endif ++char *ssh_realpath(const char *path, char *resolved); + + #ifndef HAVE_RRESVPORT_AF + int rresvport_af(int *alport, sa_family_t af); +diff -ru openssh-7.2p2.orig/openbsd-compat/realpath.c openssh-7.2p2/openbsd-compat/realpath.c +--- openssh-7.2p2.orig/openbsd-compat/realpath.c 2016-03-09 20:04:48.000000000 +0200 ++++ openssh-7.2p2/openbsd-compat/realpath.c 2016-07-18 13:33:45.420721690 +0300 +@@ -31,7 +31,7 @@ + + #include "includes.h" + +-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) ++#if 1 + + #include + #include +@@ -58,7 +58,7 @@ + * in which case the path which caused trouble is left in (resolved). + */ + char * +-realpath(const char *path, char *resolved) ++ssh_realpath(const char *path, char *resolved) + { + struct stat sb; + char *p, *q, *s; +diff -ru openssh-7.2p2.orig/sftp-server.c openssh-7.2p2/sftp-server.c +--- openssh-7.2p2.orig/sftp-server.c 2016-03-09 20:04:48.000000000 +0200 ++++ openssh-7.2p2/sftp-server.c 2016-07-18 13:34:29.131267241 +0300 +@@ -1162,7 +1162,7 @@ + } + debug3("request %u: realpath", id); + verbose("realpath \"%s\"", path); +- if (realpath(path, resolvedname) == NULL) { ++ if (ssh_realpath(path, resolvedname) == NULL) { + send_status(id, errno_to_portable(errno)); + } else { + Stat s; -- cgit v1.2.3-60-g2f50