diff --git a/net-misc/openssh/openssh-8.4p1.recipe b/net-misc/openssh/openssh-8.6p1.recipe similarity index 95% rename from net-misc/openssh/openssh-8.4p1.recipe rename to net-misc/openssh/openssh-8.6p1.recipe index b7dda9ef8..069397438 100644 --- a/net-misc/openssh/openssh-8.4p1.recipe +++ b/net-misc/openssh/openssh-8.6p1.recipe @@ -16,12 +16,10 @@ ssh-keyscan, ssh-keygen and sftp-server." HOMEPAGE="http://www.openssh.com/" COPYRIGHT="2005-2020 Tatu Ylonen et al." LICENSE="OpenSSH" -REVISION="2" +REVISION="1" SOURCE_URI="https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-$portVersion.tar.gz" -CHECKSUM_SHA256="5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24" -PATCHES="openssh-$portVersion.patchset - 0001-Fix-EOF-command-not-found-error-in-ssh-copy-id.patch - " +CHECKSUM_SHA256="c3e6e4da1621762c850d03b47eed1e48dff4cc9608ddeb547202a234df8ed7ae" +PATCHES="openssh-$portVersion.patchset" ADDITIONAL_FILES=" sshd_keymaker.sh fix_openssh_config_paths.sh @@ -126,7 +124,8 @@ BUILD() --with-default-path="$defaultPath" \ --with-md5-passwords \ --disable-utmpx \ - --with-libedit + --with-libedit \ + --with-stackprotect=no make $jobArgs } diff --git a/net-misc/openssh/patches/0001-Fix-EOF-command-not-found-error-in-ssh-copy-id.patch b/net-misc/openssh/patches/0001-Fix-EOF-command-not-found-error-in-ssh-copy-id.patch deleted file mode 100644 index 5cd0054c7..000000000 --- a/net-misc/openssh/patches/0001-Fix-EOF-command-not-found-error-in-ssh-copy-id.patch +++ /dev/null @@ -1,33 +0,0 @@ -From d9e727dcc04a52caaac87543ea1d230e9e6b5604 Mon Sep 17 00:00:00 2001 -From: Oleg -Date: Thu, 1 Oct 2020 12:09:08 +0300 -Subject: [PATCH] Fix `EOF: command not found` error in ssh-copy-id - ---- - contrib/ssh-copy-id | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id -index 392f64f9..a7690771 100644 ---- a/contrib/ssh-copy-id -+++ b/contrib/ssh-copy-id -@@ -247,7 +247,7 @@ installkeys_sh() { - # the -z `tail ...` checks for a trailing newline. The echo adds one if was missing - # the cat adds the keys we're getting via STDIN - # and if available restorecon is used to restore the SELinux context -- INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF) -+ INSTALLKEYS_SH=$(tr '\t\n' ' ' <<-EOF - cd; - umask 077; - mkdir -p $(dirname "${AUTH_KEY_FILE}") && -@@ -258,6 +258,7 @@ installkeys_sh() { - restorecon -F .ssh ${AUTH_KEY_FILE}; - fi - EOF -+ ) - - # to defend against quirky remote shells: use 'exec sh -c' to get POSIX; - printf "exec sh -c '%s'" "${INSTALLKEYS_SH}" --- -2.29.1 - diff --git a/net-misc/openssh/patches/openssh-8.4p1.patchset b/net-misc/openssh/patches/openssh-8.6p1.patchset similarity index 92% rename from net-misc/openssh/patches/openssh-8.4p1.patchset rename to net-misc/openssh/patches/openssh-8.6p1.patchset index b153a7b47..90e9e6aed 100644 --- a/net-misc/openssh/patches/openssh-8.4p1.patchset +++ b/net-misc/openssh/patches/openssh-8.6p1.patchset @@ -1,4 +1,4 @@ -From 39792162b1c0679783f4e28d12427f7052f275c6 Mon Sep 17 00:00:00 2001 +From 42c3450f52a12e4f7e7687799c531bb92b1fbeb4 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch sshd_config.patch @@ -21,7 +21,7 @@ index 19b7c91..fcea4fb 100644 2.30.0 -From 8c4939b1fddd7e0e319371f00ce03dc7513979cf Mon Sep 17 00:00:00 2001 +From af8f152c80d30c88cba3ec8094e24c466adb8c6e Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch pathnames.patch @@ -44,17 +44,17 @@ index f7ca5a7..828e43e 100644 2.30.0 -From 0b0b1e14b4da2af06e7e20947447196c8e431479 Mon Sep 17 00:00:00 2001 +From 4ef4e19b20a4ed127a5e039f4de1a5ea497f701d Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch bzero.patch diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c -index 6ef9825..e03a569 100644 +index 68cd2c1..7f746e2 100644 --- a/openbsd-compat/explicit_bzero.c +++ b/openbsd-compat/explicit_bzero.c -@@ -27,6 +27,24 @@ explicit_bzero(void *p, size_t n) +@@ -35,6 +35,24 @@ explicit_bzero(void *p, size_t n) #else /* HAVE_MEMSET_S */ @@ -79,7 +79,7 @@ index 6ef9825..e03a569 100644 /* * Indirect bzero through a volatile pointer to hopefully avoid * dead-store optimisation eliminating the call. -@@ -52,6 +70,8 @@ explicit_bzero(void *p, size_t n) +@@ -60,6 +78,8 @@ explicit_bzero(void *p, size_t n) ssh_bzero(p, n); } @@ -92,7 +92,7 @@ index 6ef9825..e03a569 100644 2.30.0 -From dc92f925c10d44c142dd8d5241ac0e80507a1bfa Mon Sep 17 00:00:00 2001 +From 2c1f0d70374a63d2a8c512b9855c9979be4e36ae Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch ssh-copy-id.patch @@ -101,39 +101,39 @@ Subject: applying patch ssh-copy-id.patch diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id old mode 100644 new mode 100755 -index 392f64f..d0e657c +index cd122de..e5a320c --- a/contrib/ssh-copy-id +++ b/contrib/ssh-copy-id -@@ -60,7 +60,7 @@ then +@@ -61,7 +61,7 @@ then fi # shellcheck disable=SC2010 -DEFAULT_PUB_ID_FILE=$(ls -t "${HOME}"/.ssh/id*.pub 2>/dev/null | grep -v -- '-cert.pub$' | head -n 1) +DEFAULT_PUB_ID_FILE=$(ls -t `finddir B_USER_SETTINGS_DIRECTORY`/ssh/id*.pub 2>/dev/null | grep -v -- '-cert.pub$' | head -n 1) + SSH="ssh -a -x" + umask 0177 - usage () { - printf 'Usage: %s [-h|-?|-f|-n] [-i [identity_file]] [-p port] [-F alternative ssh_config file] [[-o ] ...] [user@]hostname\n' "$0" >&2 -@@ -182,7 +182,7 @@ populate_new_ids() { +@@ -296,7 +296,7 @@ installkeys_via_sftp() { - umask 0177 - local L_TMP_ID_FILE -- L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX) -+ L_TMP_ID_FILE=$(mktemp `finddir B_USER_SETTINGS_DIRECTORY`/ssh/ssh-copy-id_id.XXXXXXXXXX) - if test $? -ne 0 || test "x$L_TMP_ID_FILE" = "x" ; then - printf '%s: ERROR: mktemp failed\n' "$0" >&2 - exit 1 + + # create a scratch dir for any temporary files needed +-if SCRATCH_DIR=$(mktemp -d ~/.ssh/ssh-copy-id.XXXXXXXXXX) && ++if SCRATCH_DIR=$(mktemp -d `finddir B_USER_SETTINGS_DIRECTORY`/ssh/ssh-copy-id.XXXXXXXXXX) && + [ "$SCRATCH_DIR" ] && [ -d "$SCRATCH_DIR" ] + then + chmod 0700 "$SCRATCH_DIR" -- 2.30.0 -From 1de6eb24481e478cd92e6d2202201bff9f7351b0 Mon Sep 17 00:00:00 2001 +From 857dfea963954be6c9ece5130e1323e31e885fdc Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch sha2-gcc2-build-fix.patch diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c -index e36cc24..235d279 100644 +index 4f2ad8f..8946d87 100644 --- a/openbsd-compat/sha2.c +++ b/openbsd-compat/sha2.c @@ -616,11 +616,13 @@ SHA256Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context) @@ -182,14 +182,14 @@ index e36cc24..235d279 100644 2.30.0 -From 8c023a0eb279823a51064b109a0da926f221279d Mon Sep 17 00:00:00 2001 +From 76087a7d7b9ed21681d17b82456b981fae9da770 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch pkcs11-gcc2-build-fix.patch diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c -index 8a0ffef..cd75bf2 100644 +index e724736..5a94d56 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c @@ -248,6 +248,7 @@ pkcs11_start_helper_methods(void) @@ -212,17 +212,17 @@ index 8a0ffef..cd75bf2 100644 2.30.0 -From 43b8a12bbd266133d6e8b64024bc4c4646ee68c0 Mon Sep 17 00:00:00 2001 +From db999dcf93d9d81ea98b4c0294901078faf5a9b6 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 18:08:27 +0200 Subject: Fix configuration path in manpages diff --git a/contrib/ssh-copy-id.1 b/contrib/ssh-copy-id.1 -index b75a883..d5c83c7 100644 +index c141a29..fd27f1d 100644 --- a/contrib/ssh-copy-id.1 +++ b/contrib/ssh-copy-id.1 -@@ -53,7 +53,7 @@ this may result in you being repeatedly prompted for pass-phrases). +@@ -54,7 +54,7 @@ this may result in you being repeatedly prompted for pass-phrases). It then assembles a list of those that failed to log in, and using ssh, enables logins with those keys on the remote server. By default it adds the keys by appending them to the remote user's @@ -231,7 +231,7 @@ index b75a883..d5c83c7 100644 (creating the file, and directory, if necessary). It is also capable of detecting if the remote system is a NetScreen, and using its .Ql set ssh pka-dsa key ... -@@ -117,9 +117,9 @@ will be used. +@@ -124,9 +124,9 @@ will be used. The .Ic default_ID_file is the most recent file that matches: @@ -244,7 +244,7 @@ index b75a883..d5c83c7 100644 .Nm to use, just use diff --git a/ssh-add.0 b/ssh-add.0 -index d73af0f..d886569 100644 +index d955d32..a2ae8fa 100644 --- a/ssh-add.0 +++ b/ssh-add.0 @@ -13,8 +13,8 @@ SYNOPSIS @@ -321,7 +321,7 @@ index 2786df5..7eaef93 100644 authenticator-hosted Ed25519 or RSA authentication identity of the user. .El diff --git a/ssh-keygen.0 b/ssh-keygen.0 -index 111eb9e..6d50fa2 100644 +index 66372d5..b028426 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 @@ -53,9 +53,9 @@ DESCRIPTION @@ -337,7 +337,7 @@ index 111eb9e..6d50fa2 100644 administrator may use this to generate host keys, as seen in /etc/rc. Normally this program generates the key and asks for a file in which to -@@ -597,7 +597,7 @@ CERTIFICATES +@@ -603,7 +603,7 @@ CERTIFICATES no-pty Disable PTY allocation (permitted by default). no-user-rc @@ -346,7 +346,7 @@ index 111eb9e..6d50fa2 100644 no-x11-forwarding Disable X11 forwarding (permitted by default). -@@ -612,7 +612,7 @@ CERTIFICATES +@@ -618,7 +618,7 @@ CERTIFICATES Allows PTY allocation. permit-user-rc @@ -355,7 +355,7 @@ index 111eb9e..6d50fa2 100644 permit-X11-forwarding Allows X11 forwarding. -@@ -761,12 +761,12 @@ ENVIRONMENT +@@ -767,12 +767,12 @@ ENVIRONMENT the built-in USB HID support. FILES @@ -374,7 +374,7 @@ index 111eb9e..6d50fa2 100644 Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, authenticator-hosted Ed25519 or RSA authentication identity of the user. This file should not be readable by anyone but the -@@ -777,16 +777,16 @@ FILES +@@ -783,16 +783,16 @@ FILES the private key. ssh(1) will read this file when a login attempt is made. @@ -399,10 +399,10 @@ index 111eb9e..6d50fa2 100644 the contents of this file secret. diff --git a/ssh-keygen.1 b/ssh-keygen.1 -index 3ae596c..7b24618 100644 +index 43c8aa2..f67ad6c 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 -@@ -195,13 +195,13 @@ section for details. +@@ -197,13 +197,13 @@ section for details. Normally each user wishing to use SSH with public key authentication runs this once to create the authentication key in @@ -422,7 +422,7 @@ index 3ae596c..7b24618 100644 Additionally, the system administrator may use this to generate host keys, as seen in .Pa /etc/rc . -@@ -941,7 +941,7 @@ Disable PTY allocation (permitted by default). +@@ -952,7 +952,7 @@ Disable PTY allocation (permitted by default). .Pp .It Ic no-user-rc Disable execution of @@ -431,7 +431,7 @@ index 3ae596c..7b24618 100644 by .Xr sshd 8 (permitted by default). -@@ -962,7 +962,7 @@ Allows PTY allocation. +@@ -973,7 +973,7 @@ Allows PTY allocation. .Pp .It Ic permit-user-rc Allows execution of @@ -440,7 +440,7 @@ index 3ae596c..7b24618 100644 by .Xr sshd 8 . .Pp -@@ -1153,12 +1153,12 @@ the built-in USB HID support. +@@ -1164,12 +1164,12 @@ the built-in USB HID support. .El .Sh FILES .Bl -tag -width Ds -compact @@ -459,7 +459,7 @@ index 3ae596c..7b24618 100644 Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, authenticator-hosted Ed25519 or RSA authentication identity of the user. This file should not be readable by anyone but the user. -@@ -1171,16 +1171,16 @@ but it is offered as the default file for the private key. +@@ -1182,16 +1182,16 @@ but it is offered as the default file for the private key. .Xr ssh 1 will read this file when a login attempt is made. .Pp @@ -484,7 +484,7 @@ index 3ae596c..7b24618 100644 where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret. diff --git a/ssh.0 b/ssh.0 -index 86ae537..372d4eb 100644 +index 113fe49..4754827 100644 --- a/ssh.0 +++ b/ssh.0 @@ -109,7 +109,7 @@ DESCRIPTION @@ -518,7 +518,7 @@ index 86ae537..372d4eb 100644 hosts. -K Enables GSSAPI-based authentication and forwarding (delegation) -@@ -467,7 +467,7 @@ AUTHENTICATION +@@ -469,7 +469,7 @@ AUTHENTICATION the client machine and the name of the user on that machine, the user is considered for login. Additionally, the server must be able to verify the client's host key (see the description of /etc/ssh/ssh_known_hosts @@ -527,7 +527,7 @@ index 86ae537..372d4eb 100644 authentication method closes security holes due to IP spoofing, DNS spoofing, and routing spoofing. [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the rlogin/rsh protocol in general, are -@@ -483,7 +483,7 @@ AUTHENTICATION +@@ -485,7 +485,7 @@ AUTHENTICATION one of the DSA, ECDSA, Ed25519 or RSA algorithms. The HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA algorithms. @@ -536,7 +536,7 @@ index 86ae537..372d4eb 100644 for logging in. When the user logs in, the ssh program tells the server which key pair it would like to use for authentication. The client proves that it has access to the private key and the server checks that -@@ -495,15 +495,15 @@ AUTHENTICATION +@@ -497,15 +497,15 @@ AUTHENTICATION DEBUG or higher (e.g. by using the -v flag). The user creates his/her key pair by running ssh-keygen(1). This stores @@ -560,7 +560,7 @@ index 86ae537..372d4eb 100644 The authorized_keys file corresponds to the conventional ~/.rhosts file, and has one key per line, though the lines can be very long. After this, the user can log in without giving the password. -@@ -531,7 +531,7 @@ AUTHENTICATION +@@ -533,7 +533,7 @@ AUTHENTICATION ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are @@ -569,7 +569,7 @@ index 86ae537..372d4eb 100644 the file /etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any new hosts are automatically added to the user's file. If a host's identification ever changes, ssh warns about this and disables -@@ -686,7 +686,7 @@ VERIFYING HOST KEYS +@@ -688,7 +688,7 @@ VERIFYING HOST KEYS To get a listing of the fingerprints along with their random art for all known hosts, the following command line can be used: @@ -578,7 +578,7 @@ index 86ae537..372d4eb 100644 If the fingerprint is unknown, an alternative method of verification is available: SSH fingerprints verified by DNS. An additional resource -@@ -830,7 +830,7 @@ ENVIRONMENT +@@ -832,7 +832,7 @@ ENVIRONMENT USER Set to the name of the user logging in. @@ -587,7 +587,7 @@ index 86ae537..372d4eb 100644 M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and users are allowed to change their environment. For more information, see the PermitUserEnvironment option in sshd_config(5). -@@ -850,36 +850,36 @@ FILES +@@ -852,36 +852,36 @@ FILES host-based authentication without permitting login with rlogin/rsh. @@ -634,7 +634,7 @@ index 86ae537..372d4eb 100644 Contains the private key for authentication. These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute). ssh will simply -@@ -888,22 +888,22 @@ FILES +@@ -890,22 +890,22 @@ FILES will be used to encrypt the sensitive part of this file using AES-128. @@ -666,7 +666,7 @@ index 86ae537..372d4eb 100644 just before the user's shell (or command) is started. See the sshd(8) manual page for more information. diff --git a/sshd.0 b/sshd.0 -index e32e008..bd01527 100644 +index d9e77a3..8c60b3e 100644 --- a/sshd.0 +++ b/sshd.0 @@ -182,13 +182,13 @@ LOGIN PROCESS @@ -807,7 +807,7 @@ index e32e008..bd01527 100644 writable only by root, and should be world-readable. diff --git a/sshd.8 b/sshd.8 -index b2fad56..38fb936 100644 +index 1aa56ba..f3c219a 100644 --- a/sshd.8 +++ b/sshd.8 @@ -338,7 +338,7 @@ Changes to run with normal user privileges. @@ -956,7 +956,7 @@ index b2fad56..38fb936 100644 machine-specific login-time initializations globally. This file should be writable only by root, and should be world-readable. diff --git a/sshd_config.5 b/sshd_config.5 -index 6fa421c..a730b00 100644 +index 3b339aa..7e427f8 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -359,7 +359,7 @@ Note that @@ -968,7 +968,7 @@ index 6fa421c..a730b00 100644 though the .Cm principals= key option offers a similar facility (see -@@ -598,7 +598,7 @@ The default is +@@ -599,7 +599,7 @@ The default is Forces the execution of the command specified by .Cm ForceCommand , ignoring any command supplied by the client and @@ -977,7 +977,7 @@ index 6fa421c..a730b00 100644 if present. The command is invoked by using the user's login shell with the -c option. This applies to shell, command, or subsystem execution. -@@ -806,7 +806,7 @@ and +@@ -810,7 +810,7 @@ and Specifies whether .Xr sshd 8 should ignore the user's @@ -986,7 +986,7 @@ index 6fa421c..a730b00 100644 during .Cm HostbasedAuthentication and use only the system-wide known hosts file -@@ -1383,11 +1383,11 @@ Independent of this setting, the permissions of the selected +@@ -1415,11 +1415,11 @@ Independent of this setting, the permissions of the selected device must allow access to the user. .It Cm PermitUserEnvironment Specifies whether @@ -1000,7 +1000,7 @@ index 6fa421c..a730b00 100644 are processed by .Xr sshd 8 . Valid options are -@@ -1403,7 +1403,7 @@ restrictions in some configurations using mechanisms such as +@@ -1435,7 +1435,7 @@ restrictions in some configurations using mechanisms such as .Ev LD_PRELOAD . .It Cm PermitUserRC Specifies whether any @@ -1009,7 +1009,7 @@ index 6fa421c..a730b00 100644 file is executed. The default is .Cm yes . -@@ -1687,7 +1687,7 @@ very same IP address. +@@ -1737,7 +1737,7 @@ very same IP address. If this option is set to .Cm no (the default) then only addresses and not host names may be used in @@ -1022,29 +1022,29 @@ index 6fa421c..a730b00 100644 2.30.0 -From fad1d39aa045f923122f842be30052b1e50f156f Mon Sep 17 00:00:00 2001 +From f266db946ade7cfe9377551e921b38659fb36519 Mon Sep 17 00:00:00 2001 From: Zach Dykstra Date: Sun, 27 Dec 2020 21:38:07 -0600 Subject: mux.c: use rename instead of unsupported hard link diff --git a/mux.c b/mux.c -index 376f0d7..5a09151 100644 +index faf4ef1..15952ea 100644 --- a/mux.c +++ b/mux.c -@@ -1340,9 +1340,9 @@ muxserver_listen(struct ssh *ssh) +@@ -1325,9 +1325,9 @@ muxserver_listen(struct ssh *ssh) } /* Now atomically "move" the mux socket into position */ - if (link(options.control_path, orig_control_path) != 0) { + if (rename(options.control_path, orig_control_path) != 0) { if (errno != EEXIST) { -- fatal("%s: link mux listener %s => %s: %s", __func__, -+ fatal("%s: rename mux listener %s => %s: %s", __func__, +- fatal_f("link mux listener %s => %s: %s", ++ fatal_f("rename mux listener %s => %s: %s", options.control_path, orig_control_path, strerror(errno)); } -@@ -1351,7 +1351,6 @@ muxserver_listen(struct ssh *ssh) +@@ -1336,7 +1336,6 @@ muxserver_listen(struct ssh *ssh) unlink(options.control_path); goto disable_mux_master; } @@ -1055,3 +1055,35 @@ index 376f0d7..5a09151 100644 -- 2.30.0 +From 7af98b241ad7d5b978702299ebc9cb968c55a1a0 Mon Sep 17 00:00:00 2001 +From: Jerome Duval +Date: Tue, 8 Jun 2021 14:25:15 +0200 +Subject: [PATCH] gcc2 patch sntrup761.c + +--- + sntrup761.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sntrup761.c b/sntrup761.c +index c63e600..d75e701 100644 +--- a/sntrup761.c ++++ b/sntrup761.c +@@ -63,6 +63,7 @@ static void crypto_sort_int32(void *array,long long n) + for (q = top;q > p;q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) goto done; ++{ + int32 a = x[j + p]; + for (r = q;r > p;r >>= 1) + int32_MINMAX(a,x[j + r]); +@@ -72,6 +73,7 @@ static void crypto_sort_int32(void *array,long long n) + i += 2 * p; + break; + } ++} + } + while (i + p <= n - q) { + for (j = i;j < i + p;++j) { +-- +2.30.0 +