Browse Source

openssh: update to 7.9p1

Signed-off-by: Peter Wagner <tripolar@gmx.at>
lilik-openwrt-22.03
Peter Wagner 6 years ago
parent
commit
2759048914
6 changed files with 3 additions and 3842 deletions
  1. +3
    -3
      net/openssh/Makefile
  2. +0
    -2161
      net/openssh/patches/0001-upstream-hold-our-collective-noses-and-use-the-opens.patch
  3. +0
    -1232
      net/openssh/patches/0002-adapt-portable-to-OpenSSL-1.1x-API.patch
  4. +0
    -181
      net/openssh/patches/0003-upstream-use-only-openssl-1.1.x-API-here-too.patch
  5. +0
    -240
      net/openssh/patches/0004-upstream-missed-a-bit-of-openssl-1.0.x-API-in-this-u.patch
  6. +0
    -25
      net/openssh/patches/0005-add-compat-header.patch

+ 3
- 3
net/openssh/Makefile View File

@ -8,14 +8,14 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=openssh PKG_NAME:=openssh
PKG_VERSION:=7.8p1
PKG_RELEASE:=2
PKG_VERSION:=7.9p1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
https://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/ \ https://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/ \
https://anorien.csc.warwick.ac.uk/pub/OpenBSD/OpenSSH/portable/ https://anorien.csc.warwick.ac.uk/pub/OpenBSD/OpenSSH/portable/
PKG_HASH:=1a484bb15152c183bb2514e112aa30dd34138c3cfb032eee5490a66c507144ca
PKG_HASH:=6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad
PKG_LICENSE:=BSD ISC PKG_LICENSE:=BSD ISC
PKG_LICENSE_FILES:=LICENCE PKG_LICENSE_FILES:=LICENCE


+ 0
- 2161
net/openssh/patches/0001-upstream-hold-our-collective-noses-and-use-the-opens.patch
File diff suppressed because it is too large
View File


+ 0
- 1232
net/openssh/patches/0002-adapt-portable-to-OpenSSL-1.1x-API.patch
File diff suppressed because it is too large
View File


+ 0
- 181
net/openssh/patches/0003-upstream-use-only-openssl-1.1.x-API-here-too.patch View File

@ -1,181 +0,0 @@
From 14a6994ae89f54218c2c509c7e68323b7a9a2cbf Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Thu, 13 Sep 2018 05:06:51 +0000
Subject: [PATCH 3/5] upstream: use only openssl-1.1.x API here too
OpenBSD-Regress-ID: ae877064597c349954b1b443769723563cecbc8f
---
regress/unittests/sshkey/test_sshkey.c | 104 +++++++++++++++++++++------------
1 file changed, 67 insertions(+), 37 deletions(-)
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 72367bde..a32d2884 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,5 @@
/* $OpenBSD: test_sshkey.c,v 1.14 2018/07/13 02:13:19 djm Exp $ */
+/* Incorporates changes from 1.16 */
/*
* Regress test for sshkey.h key management API
*
@@ -173,6 +174,61 @@ get_private(const char *n)
return ret;
}
+static const BIGNUM *
+rsa_n(struct sshkey *k)
+{
+ const BIGNUM *n = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_key(k->rsa, &n, NULL, NULL);
+ return n;
+}
+
+static const BIGNUM *
+rsa_e(struct sshkey *k)
+{
+ const BIGNUM *e = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_key(k->rsa, NULL, &e, NULL);
+ return e;
+}
+
+static const BIGNUM *
+rsa_p(struct sshkey *k)
+{
+ const BIGNUM *p = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_factors(k->rsa, &p, NULL);
+ return p;
+}
+
+static const BIGNUM *
+dsa_g(struct sshkey *k)
+{
+ const BIGNUM *g = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->dsa, NULL);
+ DSA_get0_pqg(k->dsa, NULL, NULL, &g);
+ return g;
+}
+
+static const BIGNUM *
+dsa_priv_key(struct sshkey *k)
+{
+ const BIGNUM *priv_key = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->dsa, NULL);
+ DSA_get0_key(k->dsa, NULL, &priv_key);
+ return priv_key;
+}
+
void
sshkey_tests(void)
{
@@ -197,9 +253,6 @@ sshkey_tests(void)
k1 = sshkey_new(KEY_RSA);
ASSERT_PTR_NE(k1, NULL);
ASSERT_PTR_NE(k1->rsa, NULL);
- ASSERT_PTR_NE(k1->rsa->n, NULL);
- ASSERT_PTR_NE(k1->rsa->e, NULL);
- ASSERT_PTR_EQ(k1->rsa->p, NULL);
sshkey_free(k1);
TEST_DONE();
@@ -207,8 +260,6 @@ sshkey_tests(void)
k1 = sshkey_new(KEY_DSA);
ASSERT_PTR_NE(k1, NULL);
ASSERT_PTR_NE(k1->dsa, NULL);
- ASSERT_PTR_NE(k1->dsa->g, NULL);
- ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
sshkey_free(k1);
TEST_DONE();
@@ -230,27 +281,6 @@ sshkey_tests(void)
sshkey_free(k1);
TEST_DONE();
- TEST_START("new_private KEY_RSA");
- k1 = sshkey_new_private(KEY_RSA);
- ASSERT_PTR_NE(k1, NULL);
- ASSERT_PTR_NE(k1->rsa, NULL);
- ASSERT_PTR_NE(k1->rsa->n, NULL);
- ASSERT_PTR_NE(k1->rsa->e, NULL);
- ASSERT_PTR_NE(k1->rsa->p, NULL);
- ASSERT_INT_EQ(sshkey_add_private(k1), 0);
- sshkey_free(k1);
- TEST_DONE();
-
- TEST_START("new_private KEY_DSA");
- k1 = sshkey_new_private(KEY_DSA);
- ASSERT_PTR_NE(k1, NULL);
- ASSERT_PTR_NE(k1->dsa, NULL);
- ASSERT_PTR_NE(k1->dsa->g, NULL);
- ASSERT_PTR_NE(k1->dsa->priv_key, NULL);
- ASSERT_INT_EQ(sshkey_add_private(k1), 0);
- sshkey_free(k1);
- TEST_DONE();
-
TEST_START("generate KEY_RSA too small modulus");
ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 128, &k1),
SSH_ERR_KEY_LENGTH);
@@ -285,18 +315,18 @@ sshkey_tests(void)
ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &kr), 0);
ASSERT_PTR_NE(kr, NULL);
ASSERT_PTR_NE(kr->rsa, NULL);
- ASSERT_PTR_NE(kr->rsa->n, NULL);
- ASSERT_PTR_NE(kr->rsa->e, NULL);
- ASSERT_PTR_NE(kr->rsa->p, NULL);
- ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 1024);
+ ASSERT_PTR_NE(rsa_n(kr), NULL);
+ ASSERT_PTR_NE(rsa_e(kr), NULL);
+ ASSERT_PTR_NE(rsa_p(kr), NULL);
+ ASSERT_INT_EQ(BN_num_bits(rsa_n(kr)), 1024);
TEST_DONE();
TEST_START("generate KEY_DSA");
ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0);
ASSERT_PTR_NE(kd, NULL);
ASSERT_PTR_NE(kd->dsa, NULL);
- ASSERT_PTR_NE(kd->dsa->g, NULL);
- ASSERT_PTR_NE(kd->dsa->priv_key, NULL);
+ ASSERT_PTR_NE(dsa_g(kd), NULL);
+ ASSERT_PTR_NE(dsa_priv_key(kd), NULL);
TEST_DONE();
#ifdef OPENSSL_HAS_ECC
@@ -323,9 +353,9 @@ sshkey_tests(void)
ASSERT_PTR_NE(kr, k1);
ASSERT_INT_EQ(k1->type, KEY_RSA);
ASSERT_PTR_NE(k1->rsa, NULL);
- ASSERT_PTR_NE(k1->rsa->n, NULL);
- ASSERT_PTR_NE(k1->rsa->e, NULL);
- ASSERT_PTR_EQ(k1->rsa->p, NULL);
+ ASSERT_PTR_NE(rsa_n(k1), NULL);
+ ASSERT_PTR_NE(rsa_e(k1), NULL);
+ ASSERT_PTR_EQ(rsa_p(k1), NULL);
TEST_DONE();
TEST_START("equal KEY_RSA/demoted KEY_RSA");
@@ -339,8 +369,8 @@ sshkey_tests(void)
ASSERT_PTR_NE(kd, k1);
ASSERT_INT_EQ(k1->type, KEY_DSA);
ASSERT_PTR_NE(k1->dsa, NULL);
- ASSERT_PTR_NE(k1->dsa->g, NULL);
- ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
+ ASSERT_PTR_NE(dsa_g(k1), NULL);
+ ASSERT_PTR_EQ(dsa_priv_key(k1), NULL);
TEST_DONE();
TEST_START("equal KEY_DSA/demoted KEY_DSA");
--
2.16.4

+ 0
- 240
net/openssh/patches/0004-upstream-missed-a-bit-of-openssl-1.0.x-API-in-this-u.patch View File

@ -1,240 +0,0 @@
From d100d85cc797d9871e0c34a09104b02b0452b4f4 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Thu, 13 Sep 2018 09:03:20 +0000
Subject: [PATCH 4/5] upstream: missed a bit of openssl-1.0.x API in this
unittest
OpenBSD-Regress-ID: a73a54d7f7381856a3f3a2d25947bee7a9a5dbc9
---
regress/unittests/sshkey/common.c | 79 +++++++++++++++++++++++++++++++++-
regress/unittests/sshkey/common.h | 11 ++++-
regress/unittests/sshkey/test_file.c | 13 +++---
regress/unittests/sshkey/test_sshkey.c | 57 +-----------------------
4 files changed, 96 insertions(+), 64 deletions(-)
diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c
index b598f05c..548da684 100644
--- a/regress/unittests/sshkey/common.c
+++ b/regress/unittests/sshkey/common.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: common.c,v 1.2 2015/01/08 13:10:58 djm Exp $ */
+/* $OpenBSD: common.c,v 1.3 2018/09/13 09:03:20 djm Exp $ */
/*
* Helpers for key API tests
*
@@ -82,3 +82,80 @@ load_bignum(const char *name)
return ret;
}
+const BIGNUM *
+rsa_n(struct sshkey *k)
+{
+ const BIGNUM *n = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_key(k->rsa, &n, NULL, NULL);
+ return n;
+}
+
+const BIGNUM *
+rsa_e(struct sshkey *k)
+{
+ const BIGNUM *e = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_key(k->rsa, NULL, &e, NULL);
+ return e;
+}
+
+const BIGNUM *
+rsa_p(struct sshkey *k)
+{
+ const BIGNUM *p = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_factors(k->rsa, &p, NULL);
+ return p;
+}
+
+const BIGNUM *
+rsa_q(struct sshkey *k)
+{
+ const BIGNUM *q = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->rsa, NULL);
+ RSA_get0_factors(k->rsa, NULL, &q);
+ return q;
+}
+
+const BIGNUM *
+dsa_g(struct sshkey *k)
+{
+ const BIGNUM *g = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->dsa, NULL);
+ DSA_get0_pqg(k->dsa, NULL, NULL, &g);
+ return g;
+}
+
+const BIGNUM *
+dsa_pub_key(struct sshkey *k)
+{
+ const BIGNUM *pub_key = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->dsa, NULL);
+ DSA_get0_key(k->dsa, &pub_key, NULL);
+ return pub_key;
+}
+
+const BIGNUM *
+dsa_priv_key(struct sshkey *k)
+{
+ const BIGNUM *priv_key = NULL;
+
+ ASSERT_PTR_NE(k, NULL);
+ ASSERT_PTR_NE(k->dsa, NULL);
+ DSA_get0_key(k->dsa, NULL, &priv_key);
+ return priv_key;
+}
+
diff --git a/regress/unittests/sshkey/common.h b/regress/unittests/sshkey/common.h
index bf7d19dc..7a514fdc 100644
--- a/regress/unittests/sshkey/common.h
+++ b/regress/unittests/sshkey/common.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: common.h,v 1.1 2014/06/24 01:14:18 djm Exp $ */
+/* $OpenBSD: common.h,v 1.2 2018/09/13 09:03:20 djm Exp $ */
/*
* Helpers for key API tests
*
@@ -14,3 +14,12 @@ struct sshbuf *load_text_file(const char *name);
/* Load a bignum from a file */
BIGNUM *load_bignum(const char *name);
+/* Accessors for key components */
+const BIGNUM *rsa_n(struct sshkey *k);
+const BIGNUM *rsa_e(struct sshkey *k);
+const BIGNUM *rsa_p(struct sshkey *k);
+const BIGNUM *rsa_q(struct sshkey *k);
+const BIGNUM *dsa_g(struct sshkey *k);
+const BIGNUM *dsa_pub_key(struct sshkey *k);
+const BIGNUM *dsa_priv_key(struct sshkey *k);
+
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
index 99b7e21c..596c166b 100644
--- a/regress/unittests/sshkey/test_file.c
+++ b/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,5 @@
/* $OpenBSD: test_file.c,v 1.6 2017/04/30 23:33:48 djm Exp $ */
+/* Incorporates changes from 1.8 */
/*
* Regress test for sshkey.h key management API
*
@@ -60,9 +61,9 @@ sshkey_file_tests(void)
a = load_bignum("rsa_1.param.n");
b = load_bignum("rsa_1.param.p");
c = load_bignum("rsa_1.param.q");
- ASSERT_BIGNUM_EQ(k1->rsa->n, a);
- ASSERT_BIGNUM_EQ(k1->rsa->p, b);
- ASSERT_BIGNUM_EQ(k1->rsa->q, c);
+ ASSERT_BIGNUM_EQ(rsa_n(k1), a);
+ ASSERT_BIGNUM_EQ(rsa_p(k1), b);
+ ASSERT_BIGNUM_EQ(rsa_q(k1), c);
BN_free(a);
BN_free(b);
BN_free(c);
@@ -151,9 +152,9 @@ sshkey_file_tests(void)
a = load_bignum("dsa_1.param.g");
b = load_bignum("dsa_1.param.priv");
c = load_bignum("dsa_1.param.pub");
- ASSERT_BIGNUM_EQ(k1->dsa->g, a);
- ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
- ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
+ ASSERT_BIGNUM_EQ(dsa_g(k1), a);
+ ASSERT_BIGNUM_EQ(dsa_priv_key(k1), b);
+ ASSERT_BIGNUM_EQ(dsa_pub_key(k1), c);
BN_free(a);
BN_free(b);
BN_free(c);
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index a32d2884..deeb23a0 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,5 +1,5 @@
/* $OpenBSD: test_sshkey.c,v 1.14 2018/07/13 02:13:19 djm Exp $ */
-/* Incorporates changes from 1.16 */
+/* Incorporates changes from 1.16 and 1.17 */
/*
* Regress test for sshkey.h key management API
*
@@ -174,61 +174,6 @@ get_private(const char *n)
return ret;
}
-static const BIGNUM *
-rsa_n(struct sshkey *k)
-{
- const BIGNUM *n = NULL;
-
- ASSERT_PTR_NE(k, NULL);
- ASSERT_PTR_NE(k->rsa, NULL);
- RSA_get0_key(k->rsa, &n, NULL, NULL);
- return n;
-}
-
-static const BIGNUM *
-rsa_e(struct sshkey *k)
-{
- const BIGNUM *e = NULL;
-
- ASSERT_PTR_NE(k, NULL);
- ASSERT_PTR_NE(k->rsa, NULL);
- RSA_get0_key(k->rsa, NULL, &e, NULL);
- return e;
-}
-
-static const BIGNUM *
-rsa_p(struct sshkey *k)
-{
- const BIGNUM *p = NULL;
-
- ASSERT_PTR_NE(k, NULL);
- ASSERT_PTR_NE(k->rsa, NULL);
- RSA_get0_factors(k->rsa, &p, NULL);
- return p;
-}
-
-static const BIGNUM *
-dsa_g(struct sshkey *k)
-{
- const BIGNUM *g = NULL;
-
- ASSERT_PTR_NE(k, NULL);
- ASSERT_PTR_NE(k->dsa, NULL);
- DSA_get0_pqg(k->dsa, NULL, NULL, &g);
- return g;
-}
-
-static const BIGNUM *
-dsa_priv_key(struct sshkey *k)
-{
- const BIGNUM *priv_key = NULL;
-
- ASSERT_PTR_NE(k, NULL);
- ASSERT_PTR_NE(k->dsa, NULL);
- DSA_get0_key(k->dsa, NULL, &priv_key);
- return priv_key;
-}
-
void
sshkey_tests(void)
{
--
2.16.4

+ 0
- 25
net/openssh/patches/0005-add-compat-header.patch View File

@ -1,25 +0,0 @@
From a3fc79d9cdab61ed58dafc4c49b295ec1bbe1d84 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 13 Sep 2018 19:05:48 +1000
Subject: [PATCH 5/5] add compat header
---
regress/unittests/sshkey/common.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/regress/unittests/sshkey/common.c b/regress/unittests/sshkey/common.c
index 548da684..e63465c4 100644
--- a/regress/unittests/sshkey/common.c
+++ b/regress/unittests/sshkey/common.c
@@ -27,6 +27,8 @@
# include <openssl/ec.h>
#endif
+#include "openbsd-compat/openssl-compat.h"
+
#include "../test_helper/test_helper.h"
#include "ssherr.h"
--
2.16.4

Loading…
Cancel
Save