From 70b82ae359a5538711e103b0e8dfb92654296644 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sat, 27 Oct 2018 12:48:57 +0100
Subject: gentoo resync : 27.10.2018

---
 net-misc/openssh/Manifest                          |  8 +-
 .../openssh/files/openssh-7.9_p1-X509-glue.patch   |  6 +-
 .../files/openssh-7.9_p1-hpn-openssl-1.1.patch     | 91 ++++++++++++++++++++++
 .../files/openssh-7.9_p1-include-stdlib.patch      | 48 ++++++++++++
 .../openssh-7.9_p1-openssl-1.0.2-compat.patch      |  4 +-
 net-misc/openssh/openssh-7.9_p1.ebuild             |  2 +
 6 files changed, 151 insertions(+), 8 deletions(-)
 create mode 100644 net-misc/openssh/files/openssh-7.9_p1-hpn-openssl-1.1.patch
 create mode 100644 net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch

(limited to 'net-misc/openssh')

diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest
index 20d91446e45f..590da7d54f99 100644
--- a/net-misc/openssh/Manifest
+++ b/net-misc/openssh/Manifest
@@ -17,11 +17,13 @@ AUX openssh-7.8_p1-X509-no-version.patch 878 BLAKE2B 2ed1a11e4b9066720057e5ae0a8
 AUX openssh-7.8_p1-hpn-X509-glue.patch 2786 BLAKE2B ef0651dc65ea1ab22c17e6ba0efe34141bc3af4dafcdbfba5c7fd80107a31fbc7c2671670c57153918bd626f4172e7e16ba22b4f36d67ced1b6e9d7b03c9dbaa SHA512 a205809bded3ac0aba1aec0f27ddc3948414fc3354cf8ec2945fc91effb9a0617ef259475347164c2f7b95de280704be1646725dae183c070efd104c4c515510
 AUX openssh-7.8_p1-hpn-glue.patch 3644 BLAKE2B eed002fc87362fa8bf3a86681fdaf8153137b7a9de7ba4f6fe47dbb39031f61773e9546f226f8035ce4391dce62a1487ba1450cd92e02e4d74fc0875ef2ca603 SHA512 f6410be5632e4f04f6ba4517afe279640ddc7050750f036fb3e57ab4318e59b86dc44a983deacd6b6f88c4cd0f78dae523f9dded424dce3600a3b1d7a0964435
 AUX openssh-7.8_p1-hpn-sctp-glue.patch 597 BLAKE2B d7ac82653c48467ebdc59e1444eead84d3de8cdd93acda6361cedd0cc1e2969e52610c10075463ade71e4c1bb1fcb243bd34d11d6c21cd4c500b6743dc628770 SHA512 4742112e3d0e7463d9194a5ab068d3b6cae6bc4a9b5755599d49a13db514014c7d406c16c7ff59197917b5c152b2a54d15323d88de942215fced4c628cacf2c0
-AUX openssh-7.9_p1-X509-glue.patch 1204 BLAKE2B 643163cce91bb4767ac6850dfd62e0100def09501b25191586bb0d62ea391745ff9d922b2b67c60b6a413d6e75dd22e70fd3f4ff35365d9a0ddaf735ecbf49ec SHA512 63b7bdda10acc6bdadf207becbad91ee739f2f346c1bc637117256cc6ce97115fcc28f332fefa6cb17a93daa98bd28f85a71a67329c08965ef79cec86f5613a9
+AUX openssh-7.9_p1-X509-glue.patch 1240 BLAKE2B 9b5423774e37a90cbad6414ff143319f744452f02cdfb740f59eb8ff9c92f65cb1f64ebb8543e5d25ea082b3104e43a54e07fbc76da202e94df69d4230b44d3e SHA512 e326f1a148f65aef9aa170c5d714e471b1b0dca38c8d267e4879a6a36f476104fae921cef18c0ce25e2023aa3056e609aac294f34a67c85a2758f1b1421f7d26
 AUX openssh-7.9_p1-hpn-X509-glue.patch 2786 BLAKE2B ef0651dc65ea1ab22c17e6ba0efe34141bc3af4dafcdbfba5c7fd80107a31fbc7c2671670c57153918bd626f4172e7e16ba22b4f36d67ced1b6e9d7b03c9dbaa SHA512 a205809bded3ac0aba1aec0f27ddc3948414fc3354cf8ec2945fc91effb9a0617ef259475347164c2f7b95de280704be1646725dae183c070efd104c4c515510
 AUX openssh-7.9_p1-hpn-glue.patch 3644 BLAKE2B eed002fc87362fa8bf3a86681fdaf8153137b7a9de7ba4f6fe47dbb39031f61773e9546f226f8035ce4391dce62a1487ba1450cd92e02e4d74fc0875ef2ca603 SHA512 f6410be5632e4f04f6ba4517afe279640ddc7050750f036fb3e57ab4318e59b86dc44a983deacd6b6f88c4cd0f78dae523f9dded424dce3600a3b1d7a0964435
+AUX openssh-7.9_p1-hpn-openssl-1.1.patch 3160 BLAKE2B fdf063bfd7855879a3cc8765d841f743cd07f3f3c96ecfeb219243680e46deec0d5ebe14f4f2b417cfce4f681b6baf493ee04d86aec74c61777b0485681406e1 SHA512 775d06a5b22cd306f884602dcc22533fe55f083f39ffeed252e7e33d44c52910f0fbe7705ef260d09503d3c26cf7b76b5fa3b0c7f1b263150e945f2ca6050b2d
 AUX openssh-7.9_p1-hpn-sctp-glue.patch 597 BLAKE2B d7ac82653c48467ebdc59e1444eead84d3de8cdd93acda6361cedd0cc1e2969e52610c10075463ade71e4c1bb1fcb243bd34d11d6c21cd4c500b6743dc628770 SHA512 4742112e3d0e7463d9194a5ab068d3b6cae6bc4a9b5755599d49a13db514014c7d406c16c7ff59197917b5c152b2a54d15323d88de942215fced4c628cacf2c0
-AUX openssh-7.9_p1-openssl-1.0.2-compat.patch 479 BLAKE2B 0550e0b7cb4bb4806b83dc6cc53836d8ad29311588099263e940223e131cd489965664b549a466a6a0ea572e4ab3a706c8b21af7a2b8d241443ff736f775d7b8 SHA512 d4f40fb05ddad61022124d1f9b8f9b01bb827403061abacd1f4ad13f4908400f42e8bda9e423d03755cef8bdff6fa5b0bc6b0fc0cd6e22363b358868e4d424ff
+AUX openssh-7.9_p1-include-stdlib.patch 914 BLAKE2B 9c7eb79f87ecd657a80821dfa979d8b0cc12a08d385ec085724f20aa6f5332593ffc7481bb9f816e91df3eb4d75d8f7b66383ff473d271270de128c3b2bf92e5 SHA512 7dade73bdafb0da484cbd396b4a644442f8ea12fef54c07e6308ae2e73a587fa4ddf401e8a0c467469b46fe7f00585e047462545182924c157b4d3894c707a70
+AUX openssh-7.9_p1-openssl-1.0.2-compat.patch 514 BLAKE2B e3859c2bed0e4116e558e7ea8c4679a8666316c26a650acd93ea023444bf69fafad6eba47a6faef7c017d812da76fe93a291e51c427ddecc1fe89bd362758403 SHA512 dde28496df7ee74a2bbcf0aba389abefade3dc41f7d10dc6d3c1a0aca087478bafe10d31ec5e61e758084fa0a2a7c64314502091d900d9cee487c1bdc92722a6
 AUX sshd-r1.confd 774 BLAKE2B df3f3f28cb4d35b49851399b52408c42e242ae3168ff3fc79add211903567da370cfe86a267932ca9cf13c3afbc38a8f1b53e753a31670ee61bf8ba8747832f8 SHA512 3a69752592126024319a95f1c1747af508fd639c86eca472106c5d6c23d5eeaa441ca74740d4b1aafaa0db759d38879e3c1cee742b08d6166ebc58cddac1e2fe
 AUX sshd.confd 396 BLAKE2B 2fc146e83512d729e120cfe331441e8fe27eba804906cc0c463b938ddaf052e7392efbcda6699467afde22652c599e7d55b0ce18a344137263cd78647fea255f SHA512 b9ae816af54a55e134a9307e376f05367b815f1b3fd545c2a2c312d18aedcf907f413e8bad8db980cdd9aad4011a72a79e1e94594f69500939a9cb46287f2f81
 AUX sshd.initd 2735 BLAKE2B c3fd3b653676b0e628d58939a55e0ff5cfdd177af18a9ef2d53dcb1717ce478ecb654da398752ee4fef0f6225416fd4fa5cfa6e83d7e977086744616d291dcd3 SHA512 9c3e908c79674bb070e99491dc587c1e6404b1e2eec711dc27cd54510ff68217c83e7ac6fcf7b89f62ba5393ff3e417774fd6d105422464203544e8fbc91c6bb
@@ -52,5 +54,5 @@ DIST openssh-lpk-7.5p1-0.3.14.patch.xz 17040 BLAKE2B 5b2204316dd244bb8dd11db50d5
 EBUILD openssh-7.5_p1-r4.ebuild 11161 BLAKE2B e6276f34a75fbce06ebefa246786db15aff3bd9a59c77c41d96576b6aeb77c5e6fa17aceb573d4d1f0518aa703d298eb292d0d157fb843a702cbede1f42c0296 SHA512 446414c8961458b812b768d18afe46d60ef4dd54111d95b99654cfb3dfef592812b30527fdda352a595bba815e0ffea4a813e3291bcc96bacb368267ff837bdd
 EBUILD openssh-7.7_p1-r9.ebuild 15943 BLAKE2B 459a0f5920b3d5b4da2835e7f3c9f1edd185e48c509e5150a1306dbca3c2f17d0d9d3f41166c4263dd60c0218c11b278a4eaa6f53ae1429710fc749994f70d11 SHA512 3aa9018173cc53de22b1e4693daf4ca2716cd0bc0066f797b6b66926481aaabb3e82942beb305a95523ba64dc9ff95f54232c7538c1d30834f38d88dd94f18a2
 EBUILD openssh-7.8_p1.ebuild 15333 BLAKE2B 4452bc6cc03ed9fb8242b15894133e6e224e1ac0818688b02bc17850050bc67c0dd8fefcbba66c96bfedc8fb452bbcde7282062ea372d220a2b1d77fb0b48b20 SHA512 bff6000cd8913a885bcad3ffb60bde7760a24d37a4987afd34f4b38d603c8bc72bfe0d07f8f109c238d11e49bed72ddbcbe26838cd9d69b379dbf7521f12626f
-EBUILD openssh-7.9_p1.ebuild 15516 BLAKE2B eec5ec15916ad1ac9d2360fe33ebf1fe25784dd6a84f23970dc7e3c1a467d8bdf576360ca1112f2c8f860afcd9774a103cc1dbeae2bd6ce8815baad5b1fa6f9e SHA512 e61ba1ca3e50a84c67379d8c0774ac91942a283370e58d91ebe9576b2d2aedc90a15a6d53ab5f88565ca4eadb3eb5d13d9a6d15f2000045dd18fcb199ac72764
+EBUILD openssh-7.9_p1.ebuild 15632 BLAKE2B 132f8a24977b010fbeb62644383d0c97b64887eb67e28f78f319c522550c5cd304ce6636a65e6b4f8034ed29cd8e8dd8bc3fb3bab51ed642e4b4cb8b7f3bc1dd SHA512 cc50dbcbf7a1bbc949fed7f9db7eb442e2d2a6e0e864a8c57dd2b68aaf23949e148ab8741af9e825761c5edd07e3355aba1fceeded3b58103212c0fe1b13c846
 MISC metadata.xml 2212 BLAKE2B 889550b17d2ba8072686ca5f398c64946fc04721fd7093c88fd7c1c5c7e4610fb01964f8e3d78e20cd0e9b9343895439772fee43b5635db893f3fc13ae9437cb SHA512 958845fbdfb4f1d267fdbc3a005c6338da54c6a0715180a1982416a841ab4865c536de5f10bb8493d07830e182786d0c3f2ac710c9168434b3d077a59ed2ddd5
diff --git a/net-misc/openssh/files/openssh-7.9_p1-X509-glue.patch b/net-misc/openssh/files/openssh-7.9_p1-X509-glue.patch
index e1d63ecc8aef..1f1ec4a4d773 100644
--- a/net-misc/openssh/files/openssh-7.9_p1-X509-glue.patch
+++ b/net-misc/openssh/files/openssh-7.9_p1-X509-glue.patch
@@ -1,11 +1,11 @@
---- a/openssh-7.9p1+x509-11.5.diff	2018-10-19 11:41:13.791285390 -0700
-+++ b/openssh-7.9p1+x509-11.5.diff	2018-10-19 11:45:42.584694215 -0700
+--- a/openssh-7.9p1+x509-11.5.diff	2018-10-23 16:21:22.580154353 -0700
++++ b/openssh-7.9p1+x509-11.5.diff	2018-10-23 16:22:39.600652048 -0700
 @@ -44045,7 +44045,7 @@
   	ENGINE_register_all_complete();
  +#endif
   
 --#if OPENSSL_VERSION_NUMBER < 0x10001000L
-+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
  +	/* OPENSSL_config will load buildin engines and engines
  +	 * specified in configuration file, i.e. method call
  +	 * ENGINE_load_builtin_engines. Latter is only for
diff --git a/net-misc/openssh/files/openssh-7.9_p1-hpn-openssl-1.1.patch b/net-misc/openssh/files/openssh-7.9_p1-hpn-openssl-1.1.patch
new file mode 100644
index 000000000000..78b754532740
--- /dev/null
+++ b/net-misc/openssh/files/openssh-7.9_p1-hpn-openssl-1.1.patch
@@ -0,0 +1,91 @@
+--- openssh-7.9p1.orig/cipher-ctr-mt.c	2018-10-24 20:48:00.909255466 -0000
++++ openssh-7.9p1/cipher-ctr-mt.c	2018-10-24 20:48:17.378155144 -0000
+@@ -46,7 +46,7 @@
+
+ /*-------------------- TUNABLES --------------------*/
+ /* maximum number of threads and queues */
+-#define MAX_THREADS      32
++#define MAX_THREADS      32
+ #define MAX_NUMKQ        (MAX_THREADS * 2)
+
+ /* Number of pregen threads to use */
+@@ -435,7 +435,7 @@
+ 		destp.u += AES_BLOCK_SIZE;
+ 		srcp.u += AES_BLOCK_SIZE;
+ 		len -= AES_BLOCK_SIZE;
+-		ssh_ctr_inc(ctx->iv, AES_BLOCK_SIZE);
++		ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE);
+
+ 		/* Increment read index, switch queues on rollover */
+ 		if ((ridx = (ridx + 1) % KQLEN) == 0) {
+@@ -481,8 +481,6 @@
+ 	/* get the number of cores in the system */
+ 	/* if it's not linux it currently defaults to 2 */
+ 	/* divide by 2 to get threads for each direction (MODE_IN||MODE_OUT) */
+-	/* NB: assigning a float to an int discards the remainder which is */
+-	/* acceptable (and wanted) in this case */
+ #ifdef __linux__
+ 	cipher_threads = sysconf(_SC_NPROCESSORS_ONLN) / 2;
+ #endif /*__linux__*/
+@@ -551,16 +550,16 @@
+ 	}
+
+ 	if (iv != NULL) {
+-		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
++		memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
+ 		c->state |= HAVE_IV;
+ 	}
+
+ 	if (c->state == (HAVE_KEY | HAVE_IV)) {
+ 		/* Clear queues */
+-		memcpy(c->q[0].ctr, ctx->iv, AES_BLOCK_SIZE);
++		memcpy(c->q[0].ctr, c->aes_counter, AES_BLOCK_SIZE);
+ 		c->q[0].qstate = KQINIT;
+ 		for (i = 1; i < numkq; i++) {
+-			memcpy(c->q[i].ctr, ctx->iv, AES_BLOCK_SIZE);
++			memcpy(c->q[i].ctr, c->aes_counter, AES_BLOCK_SIZE);
+ 			ssh_ctr_add(c->q[i].ctr, i * KQLEN, AES_BLOCK_SIZE);
+ 			c->q[i].qstate = KQEMPTY;
+ 		}
+@@ -644,8 +643,22 @@
+ const EVP_CIPHER *
+ evp_aes_ctr_mt(void)
+ {
++# if OPENSSL_VERSION_NUMBER >= 0x10100000UL && !defined(LIBRESSL_VERSION_NUMBER)
++	static EVP_CIPHER *aes_ctr;
++	aes_ctr = EVP_CIPHER_meth_new(NID_undef, 16/*block*/, 16/*key*/);
++	EVP_CIPHER_meth_set_iv_length(aes_ctr, AES_BLOCK_SIZE);
++	EVP_CIPHER_meth_set_init(aes_ctr, ssh_aes_ctr_init);
++	EVP_CIPHER_meth_set_cleanup(aes_ctr, ssh_aes_ctr_cleanup);
++	EVP_CIPHER_meth_set_do_cipher(aes_ctr, ssh_aes_ctr);
++#  ifndef SSH_OLD_EVP
++	EVP_CIPHER_meth_set_flags(aes_ctr, EVP_CIPH_CBC_MODE
++				      | EVP_CIPH_VARIABLE_LENGTH
++				      | EVP_CIPH_ALWAYS_CALL_INIT
++				      | EVP_CIPH_CUSTOM_IV);
++#  endif /*SSH_OLD_EVP*/
++	return (aes_ctr);
++# else /*earlier version of openssl*/
+ 	static EVP_CIPHER aes_ctr;
+-
+ 	memset(&aes_ctr, 0, sizeof(EVP_CIPHER));
+ 	aes_ctr.nid = NID_undef;
+ 	aes_ctr.block_size = AES_BLOCK_SIZE;
+@@ -654,11 +667,12 @@
+ 	aes_ctr.init = ssh_aes_ctr_init;
+ 	aes_ctr.cleanup = ssh_aes_ctr_cleanup;
+ 	aes_ctr.do_cipher = ssh_aes_ctr;
+-#ifndef SSH_OLD_EVP
+-	aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
+-	    EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
+-#endif
+-	return &aes_ctr;
++#  ifndef SSH_OLD_EVP
++        aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
++		EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
++#  endif /*SSH_OLD_EVP*/
++        return &aes_ctr;
++# endif /*OPENSSH_VERSION_NUMBER*/
+ }
+
+ #endif /* defined(WITH_OPENSSL) */
diff --git a/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch b/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch
new file mode 100644
index 000000000000..c5697c2b8bd1
--- /dev/null
+++ b/net-misc/openssh/files/openssh-7.9_p1-include-stdlib.patch
@@ -0,0 +1,48 @@
+diff --git a/auth-options.c b/auth-options.c
+index b05d6d6f..d1f42f04 100644
+--- a/auth-options.c
++++ b/auth-options.c
+@@ -26,6 +26,7 @@
+ #include <stdarg.h>
+ #include <ctype.h>
+ #include <limits.h>
++#include <stdlib.h>
+ 
+ #include "openbsd-compat/sys-queue.h"
+ 
+diff --git a/hmac.c b/hmac.c
+index 1c879640..a29f32c5 100644
+--- a/hmac.c
++++ b/hmac.c
+@@ -19,6 +19,7 @@
+ 
+ #include <sys/types.h>
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #include "sshbuf.h"
+ #include "digest.h"
+diff --git a/krl.c b/krl.c
+index 8e2d5d5d..c32e147a 100644
+--- a/krl.c
++++ b/krl.c
+@@ -28,6 +28,7 @@
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
++#include <stdlib.h>
+ 
+ #include "sshbuf.h"
+ #include "ssherr.h"
+diff --git a/mac.c b/mac.c
+index 51dc11d7..3d11eba6 100644
+--- a/mac.c
++++ b/mac.c
+@@ -29,6 +29,7 @@
+ 
+ #include <string.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ 
+ #include "digest.h"
+ #include "hmac.h"
diff --git a/net-misc/openssh/files/openssh-7.9_p1-openssl-1.0.2-compat.patch b/net-misc/openssh/files/openssh-7.9_p1-openssl-1.0.2-compat.patch
index 9fc6d0a9dcec..c1c310e8f14a 100644
--- a/net-misc/openssh/files/openssh-7.9_p1-openssl-1.0.2-compat.patch
+++ b/net-misc/openssh/files/openssh-7.9_p1-openssl-1.0.2-compat.patch
@@ -5,9 +5,9 @@ index 8b4a3627..590b66d1 100644
 @@ -76,7 +76,7 @@ ssh_OpenSSL_add_all_algorithms(void)
  	ENGINE_load_builtin_engines();
  	ENGINE_register_all_complete();
- 
+
 -#if OPENSSL_VERSION_NUMBER < 0x10001000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
  	OPENSSL_config(NULL);
  #else
  	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
diff --git a/net-misc/openssh/openssh-7.9_p1.ebuild b/net-misc/openssh/openssh-7.9_p1.ebuild
index e92fbbc06ee8..83ff7a4d299d 100644
--- a/net-misc/openssh/openssh-7.9_p1.ebuild
+++ b/net-misc/openssh/openssh-7.9_p1.ebuild
@@ -114,6 +114,7 @@ src_prepare() {
 	sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die
 
 	eapply "${FILESDIR}"/${PN}-7.9_p1-openssl-1.0.2-compat.patch
+	eapply "${FILESDIR}"/${PN}-7.9_p1-include-stdlib.patch
 	eapply "${FILESDIR}"/${PN}-7.8_p1-GSSAPI-dns.patch #165444 integrated into gsskex
 	eapply "${FILESDIR}"/${PN}-6.7_p1-openssl-ignore-status.patch
 	eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch
@@ -168,6 +169,7 @@ src_prepare() {
 		popd
 
 		eapply "${hpn_patchdir}"
+		eapply "${FILESDIR}/openssh-7.9_p1-hpn-openssl-1.1.patch"
 
 		einfo "Patching Makefile.in for HPN patch set ..."
 		sed -i \
-- 
cgit v1.2.3