openssh: Update to latest git and port to BearSSL

author: Michael Forney <mforney@mforney.org> 2020-04-22 02:19:18 -0700
committer: Michael Forney <mforney@mforney.org> 2020-04-22 22:55:05 -0700
commit: d36ce79317be230c6559f8e1abba88095f998fb1 (patch)
tree: 3cfa4dfc2445c282b3d82eb65f5dd931b7e40672 /pkg/openssh/patch
parent: 0dbae24a86415b956640738c921ddc4079a424c3 (diff)
4 files changed, 0 insertions, 226 deletions
diff --git a/pkg/openssh/patch/0001-Include-stdlib.h-for-arc4random_uniform.patch b/pkg/openssh/patch/0001-Include-stdlib.h-for-arc4random_uniform.patch
deleted file mode 100644
index e1a076f6..00000000
--- a/pkg/openssh/patch/0001-Include-stdlib.h-for-arc4random_uniform.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From 8e035c27bf466534db0b9233cb038973b1f9ffc5 Mon Sep 17 00:00:00 2001
-From: Michael Forney <mforney@mforney.org>
-Date: Wed, 19 Jun 2019 20:06:29 -0700
-Subject: [PATCH] Include stdlib.h for arc4random_uniform
-
----
- openbsd-compat/bindresvport.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c
-index eeb269d5..346c7fe5 100644
---- a/openbsd-compat/bindresvport.c
-+++ b/openbsd-compat/bindresvport.c
-@@ -40,6 +40,7 @@
- #include <arpa/inet.h>
- 
- #include <errno.h>
-+#include <stdlib.h>
- #include <string.h>
- 
- #define STARTPORT 600
--- 
-2.20.1
-
diff --git a/pkg/openssh/patch/0002-printf-p-specifier-requires-void-argument.patch b/pkg/openssh/patch/0002-printf-p-specifier-requires-void-argument.patch
deleted file mode 100644
index bf7cda22..00000000
--- a/pkg/openssh/patch/0002-printf-p-specifier-requires-void-argument.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-From de0c266e353663043097e1a8bc3a8959f1ee2bcd Mon Sep 17 00:00:00 2001
-From: Michael Forney <mforney@mforney.org>
-Date: Wed, 27 Nov 2019 19:16:26 -0800
-Subject: [PATCH] printf %p specifier requires `void *` argument
-
----
- monitor.c           |  4 ++--
- session.c           |  2 +-
- ssh-pkcs11-helper.c |  2 +-
- ssh-pkcs11.c        | 16 +++++++++-------
- sshbuf-misc.c       |  2 +-
- 5 files changed, 14 insertions(+), 12 deletions(-)
-
-diff --git a/monitor.c b/monitor.c
-index dc6d78d3..d5c91465 100644
---- a/monitor.c
-+++ b/monitor.c
-@@ -1166,7 +1166,7 @@ mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
- 	    (r = sshbuf_get_u32(m, &pubkey_auth_attempt)) != 0)
- 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
- 
--	debug3("%s: key_from_blob: %p", __func__, key);
-+	debug3("%s: key_from_blob: %p", __func__, (void *)key);
- 
- 	if (key != NULL && authctxt->valid) {
- 		/* These should not make it past the privsep child */
-@@ -1434,7 +1434,7 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
- 
- 	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
- 	    sigalg, ssh->compat, &sig_details);
--	debug3("%s: %s %p signature %s%s%s", __func__, auth_method, key,
-+	debug3("%s: %s %p signature %s%s%s", __func__, auth_method, (void *)key,
- 	    (ret == 0) ? "verified" : "unverified",
- 	    (ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : "");
- 
-diff --git a/session.c b/session.c
-index 8c0e54f7..86e02fb0 100644
---- a/session.c
-+++ b/session.c
-@@ -1791,7 +1791,7 @@ session_dump(void)
- 		    s->used,
- 		    s->next_unused,
- 		    s->self,
--		    s,
-+		    (void *)s,
- 		    s->chanid,
- 		    (long)s->pid);
- 	}
-diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
-index 17220d62..9269cc25 100644
---- a/ssh-pkcs11-helper.c
-+++ b/ssh-pkcs11-helper.c
-@@ -98,7 +98,7 @@ lookup_key(struct sshkey *k)
- 	struct pkcs11_keyinfo *ki;
- 
- 	TAILQ_FOREACH(ki, &pkcs11_keylist, next) {
--		debug("check %p %s %s", ki, ki->providername, ki->label);
-+		debug("check %p %s %s", (void *)ki, ki->providername, ki->label);
- 		if (sshkey_equal(k, ki->key))
- 			return (ki->key);
- 	}
-diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
-index a302c79c..255534ba 100644
---- a/ssh-pkcs11.c
-+++ b/ssh-pkcs11.c
-@@ -112,7 +112,7 @@ pkcs11_provider_finalize(struct pkcs11_provider *p)
- 	CK_ULONG i;
- 
- 	debug("pkcs11_provider_finalize: %p refcount %d valid %d",
--	    p, p->refcount, p->valid);
-+	    (void *)p, p->refcount, p->valid);
- 	if (!p->valid)
- 		return;
- 	for (i = 0; i < p->nslots; i++) {
-@@ -135,10 +135,12 @@ pkcs11_provider_finalize(struct pkcs11_provider *p)
- static void
- pkcs11_provider_unref(struct pkcs11_provider *p)
- {
--	debug("pkcs11_provider_unref: %p refcount %d", p, p->refcount);
-+	debug("pkcs11_provider_unref: %p refcount %d", (void *)p, p->refcount);
- 	if (--p->refcount <= 0) {
--		if (p->valid)
--			error("pkcs11_provider_unref: %p still valid", p);
-+		if (p->valid) {
-+			error("pkcs11_provider_unref: %p still valid",
-+			    (void *)p);
-+		}
- 		free(p->name);
- 		free(p->slotlist);
- 		free(p->slotinfo);
-@@ -166,7 +168,7 @@ pkcs11_provider_lookup(char *provider_id)
- 	struct pkcs11_provider *p;
- 
- 	TAILQ_FOREACH(p, &pkcs11_providers, next) {
--		debug("check %p %s", p, p->name);
-+		debug("check %p %s", (void *)p, p->name);
- 		if (!strcmp(provider_id, p->name))
- 			return (p);
- 	}
-@@ -323,7 +325,7 @@ pkcs11_check_obj_bool_attrib(struct pkcs11_key *k11, CK_OBJECT_HANDLE obj,
- 	}
- 	*val = flag != 0;
- 	debug("%s: provider %p slot %lu object %lu: attrib %lu = %d",
--	    __func__, k11->provider, k11->slotidx, obj, type, *val);
-+	    __func__, (void *)k11->provider, k11->slotidx, obj, type, *val);
- 	return (0);
- }
- 
-@@ -415,7 +417,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
- 	int			rval = -1;
- 
- 	if ((k11 = RSA_get_ex_data(rsa, rsa_idx)) == NULL) {
--		error("RSA_get_ex_data failed for rsa %p", rsa);
-+		error("RSA_get_ex_data failed for rsa %p", (void *)rsa);
- 		return (-1);
- 	}
- 
-diff --git a/sshbuf-misc.c b/sshbuf-misc.c
-index c0336e86..a0e01a80 100644
---- a/sshbuf-misc.c
-+++ b/sshbuf-misc.c
-@@ -65,7 +65,7 @@ sshbuf_dump_data(const void *s, size_t len, FILE *f)
- void
- sshbuf_dump(struct sshbuf *buf, FILE *f)
- {
--	fprintf(f, "buffer %p len = %zu\n", buf, sshbuf_len(buf));
-+	fprintf(f, "buffer %p len = %zu\n", (void *)buf, sshbuf_len(buf));
- 	sshbuf_dump_data(sshbuf_ptr(buf), sshbuf_len(buf), f);
- }
- 
--- 
-2.25.0
-
diff --git a/pkg/openssh/patch/0003-Remove-trailing-semicolon-after-RB_GENERATE_STATIC.patch b/pkg/openssh/patch/0003-Remove-trailing-semicolon-after-RB_GENERATE_STATIC.patch
deleted file mode 100644
index 98d41cec..00000000
--- a/pkg/openssh/patch/0003-Remove-trailing-semicolon-after-RB_GENERATE_STATIC.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From dc35250b8f316df340d56e45e14d05dc084f7289 Mon Sep 17 00:00:00 2001
-From: Michael Forney <mforney@mforney.org>
-Date: Wed, 27 Nov 2019 19:37:17 -0800
-Subject: [PATCH] Remove trailing semicolon after RB_GENERATE_STATIC
-
-This expands to a series of function definitions, so the semicolon is
-not necessary (in fact, it is not allowed in ISO C).
----
- krl.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/krl.c b/krl.c
-index aa8318cf..01522b8f 100644
---- a/krl.c
-+++ b/krl.c
-@@ -60,7 +60,7 @@ struct revoked_serial {
- };
- static int serial_cmp(struct revoked_serial *a, struct revoked_serial *b);
- RB_HEAD(revoked_serial_tree, revoked_serial);
--RB_GENERATE_STATIC(revoked_serial_tree, revoked_serial, tree_entry, serial_cmp);
-+RB_GENERATE_STATIC(revoked_serial_tree, revoked_serial, tree_entry, serial_cmp)
- 
- /* Tree of key IDs */
- struct revoked_key_id {
-@@ -69,7 +69,7 @@ struct revoked_key_id {
- };
- static int key_id_cmp(struct revoked_key_id *a, struct revoked_key_id *b);
- RB_HEAD(revoked_key_id_tree, revoked_key_id);
--RB_GENERATE_STATIC(revoked_key_id_tree, revoked_key_id, tree_entry, key_id_cmp);
-+RB_GENERATE_STATIC(revoked_key_id_tree, revoked_key_id, tree_entry, key_id_cmp)
- 
- /* Tree of blobs (used for keys and fingerprints) */
- struct revoked_blob {
-@@ -79,7 +79,7 @@ struct revoked_blob {
- };
- static int blob_cmp(struct revoked_blob *a, struct revoked_blob *b);
- RB_HEAD(revoked_blob_tree, revoked_blob);
--RB_GENERATE_STATIC(revoked_blob_tree, revoked_blob, tree_entry, blob_cmp);
-+RB_GENERATE_STATIC(revoked_blob_tree, revoked_blob, tree_entry, blob_cmp)
- 
- /* Tracks revoked certs for a single CA */
- struct revoked_certs {
--- 
-2.25.0
-
diff --git a/pkg/openssh/patch/0004-Add-missing-include-for-NID_X9_62_prime256v1.patch b/pkg/openssh/patch/0004-Add-missing-include-for-NID_X9_62_prime256v1.patch
deleted file mode 100644
index 7cb9f959..00000000
--- a/pkg/openssh/patch/0004-Add-missing-include-for-NID_X9_62_prime256v1.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From 0314faf20f9a19100250cbe7d40f6b34be42862b Mon Sep 17 00:00:00 2001
-From: Michael Forney <mforney@mforney.org>
-Date: Tue, 14 Apr 2020 22:54:17 -0700
-Subject: [PATCH] Add missing include for NID_X9_62_prime256v1
-
----
- sk-usbhid.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/sk-usbhid.c b/sk-usbhid.c
-index ad83054a..92483c3a 100644
---- a/sk-usbhid.c
-+++ b/sk-usbhid.c
-@@ -31,6 +31,7 @@
- #include <openssl/bn.h>
- #include <openssl/ec.h>
- #include <openssl/ecdsa.h>
-+#include <openssl/evp.h>
- #endif /* WITH_OPENSSL */
- 
- #include <fido.h>
--- 
-2.26.1
-
author	Michael Forney <mforney@mforney.org>	2020-04-22 02:19:18 -0700
committer	Michael Forney <mforney@mforney.org>	2020-04-22 22:55:05 -0700
commit	d36ce79317be230c6559f8e1abba88095f998fb1 (patch)
tree	3cfa4dfc2445c282b3d82eb65f5dd931b7e40672 /pkg/openssh/patch
parent	0dbae24a86415b956640738c921ddc4079a424c3 (diff)