From cf1899038fa75bb827eb73fddc6cc5ebf00dda09 Mon Sep 17 00:00:00 2001 From: Sergei Reznikov Date: Wed, 20 Oct 2021 17:16:46 +0300 Subject: [PATCH] openssh: don't use hardlink when updating known_hosts file Fixes #6018. --- net-misc/openssh/openssh-8.6p1.recipe | 2 +- .../openssh/patches/openssh-8.6p1.patchset | 86 ++++++++++++++----- 2 files changed, 65 insertions(+), 23 deletions(-) diff --git a/net-misc/openssh/openssh-8.6p1.recipe b/net-misc/openssh/openssh-8.6p1.recipe index 3de796478..9ceac0e49 100644 --- a/net-misc/openssh/openssh-8.6p1.recipe +++ b/net-misc/openssh/openssh-8.6p1.recipe @@ -16,7 +16,7 @@ ssh-keyscan, ssh-keygen and sftp-server." HOMEPAGE="http://www.openssh.com/" COPYRIGHT="2005-2020 Tatu Ylonen et al." LICENSE="OpenSSH" -REVISION="2" +REVISION="3" SOURCE_URI="https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-$portVersion.tar.gz" CHECKSUM_SHA256="c3e6e4da1621762c850d03b47eed1e48dff4cc9608ddeb547202a234df8ed7ae" PATCHES="openssh-$portVersion.patchset" diff --git a/net-misc/openssh/patches/openssh-8.6p1.patchset b/net-misc/openssh/patches/openssh-8.6p1.patchset index 90e9e6aed..6d4aea32a 100644 --- a/net-misc/openssh/patches/openssh-8.6p1.patchset +++ b/net-misc/openssh/patches/openssh-8.6p1.patchset @@ -1,4 +1,4 @@ -From 42c3450f52a12e4f7e7687799c531bb92b1fbeb4 Mon Sep 17 00:00:00 2001 +From 538056ef5250c4ed2999476b6f7b074de68f2216 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch sshd_config.patch @@ -18,10 +18,10 @@ index 19b7c91..fcea4fb 100644 #AuthorizedPrincipalsFile none -- -2.30.0 +2.30.2 -From af8f152c80d30c88cba3ec8094e24c466adb8c6e Mon Sep 17 00:00:00 2001 +From 827f502e596303e702984f2bd7251f1465345711 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch pathnames.patch @@ -41,10 +41,10 @@ index f7ca5a7..828e43e 100644 /* * Per-user file containing host keys of known hosts. This file need not be -- -2.30.0 +2.30.2 -From 4ef4e19b20a4ed127a5e039f4de1a5ea497f701d Mon Sep 17 00:00:00 2001 +From aaf971cafe6e06dcaca1bd12b8de43ce105b71a1 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch bzero.patch @@ -89,10 +89,10 @@ index 68cd2c1..7f746e2 100644 #endif /* HAVE_EXPLICIT_BZERO */ -- -2.30.0 +2.30.2 -From 2c1f0d70374a63d2a8c512b9855c9979be4e36ae Mon Sep 17 00:00:00 2001 +From c156f9f6af8df6b2cd2719f989b21a82a6e8451f Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch ssh-copy-id.patch @@ -123,10 +123,10 @@ index cd122de..e5a320c then chmod 0700 "$SCRATCH_DIR" -- -2.30.0 +2.30.2 -From 857dfea963954be6c9ece5130e1323e31e885fdc Mon Sep 17 00:00:00 2001 +From 38d5b65b0cc0f945578b2e2e68dee603c14f2f76 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch sha2-gcc2-build-fix.patch @@ -179,10 +179,10 @@ index 4f2ad8f..8946d87 100644 memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH); #endif -- -2.30.0 +2.30.2 -From 76087a7d7b9ed21681d17b82456b981fae9da770 Mon Sep 17 00:00:00 2001 +From f0ec8f187e5dad219f9d9ca203e05f63320ead95 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 17:57:38 +0200 Subject: applying patch pkcs11-gcc2-build-fix.patch @@ -209,10 +209,10 @@ index e724736..5a94d56 100644 if ((helper_rsa = RSA_meth_dup(RSA_get_default_method())) == NULL) -- -2.30.0 +2.30.2 -From db999dcf93d9d81ea98b4c0294901078faf5a9b6 Mon Sep 17 00:00:00 2001 +From bc4de4b9254c33bc70cc2b20e2e99d565a652c6b Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Thu, 16 Jul 2020 18:08:27 +0200 Subject: Fix configuration path in manpages @@ -1019,10 +1019,10 @@ index 3b339aa..7e427f8 100644 and .Nm -- -2.30.0 +2.30.2 -From f266db946ade7cfe9377551e921b38659fb36519 Mon Sep 17 00:00:00 2001 +From e305e624ec274211064c9d5a0e21d470abc31432 Mon Sep 17 00:00:00 2001 From: Zach Dykstra Date: Sun, 27 Dec 2020 21:38:07 -0600 Subject: mux.c: use rename instead of unsupported hard link @@ -1053,16 +1053,14 @@ index faf4ef1..15952ea 100644 options.control_path = orig_control_path; -- -2.30.0 +2.30.2 -From 7af98b241ad7d5b978702299ebc9cb968c55a1a0 Mon Sep 17 00:00:00 2001 + +From 7be4d94439ce0ba59f705667684c3600279969dc Mon Sep 17 00:00:00 2001 From: Jerome Duval Date: Tue, 8 Jun 2021 14:25:15 +0200 -Subject: [PATCH] gcc2 patch sntrup761.c +Subject: gcc2 patch sntrup761.c ---- - sntrup761.c | 2 ++ - 1 file changed, 2 insertions(+) diff --git a/sntrup761.c b/sntrup761.c index c63e600..d75e701 100644 @@ -1085,5 +1083,49 @@ index c63e600..d75e701 100644 while (i + p <= n - q) { for (j = i;j < i + p;++j) { -- -2.30.0 +2.30.2 + + +From e75f0b08b32308a9e8582443f2ca91534b0fc96c Mon Sep 17 00:00:00 2001 +From: Sergei Reznikov +Date: Wed, 20 Oct 2021 16:57:50 +0300 +Subject: Use a link to take a backup while replacing the known_hosts file + +Based on https://github.com/termux/termux-packages/commit/e696010d8907854dd194311ce8a02da0ca77a121 + + +diff --git a/hostfile.c b/hostfile.c +index 5f0e351..a18be07 100644 +--- a/hostfile.c ++++ b/hostfile.c +@@ -691,7 +691,11 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip, + r = SSH_ERR_SYSTEM_ERROR; + goto fail; + } ++#ifdef __HAIKU__ ++ if (rename(filename, back) == -1) { ++#else + if (link(filename, back) == -1) { ++#endif + oerrno = errno; + error_f("link %.100s to %.100s: %s", filename, + back, strerror(errno)); +diff --git a/ssh-keygen.c b/ssh-keygen.c +index 027c6db..c350bb2 100644 +--- a/ssh-keygen.c ++++ b/ssh-keygen.c +@@ -1366,7 +1366,11 @@ do_known_hosts(struct passwd *pw, const char *name, int find_host, + /* Backup existing file */ + if (unlink(old) == -1 && errno != ENOENT) + fatal("unlink %.100s: %s", old, strerror(errno)); ++#ifdef __HAIKU__ ++ if (rename(identity_file, old) == -1) ++#else + if (link(identity_file, old) == -1) ++#endif + fatal("link %.100s to %.100s: %s", identity_file, old, + strerror(errno)); + /* Move new one into place */ +-- +2.30.2