diff --git a/openssh-5.5p1-x11.patch b/openssh-5.5p1-x11.patch deleted file mode 100644 index 70a3c85..0000000 --- a/openssh-5.5p1-x11.patch +++ /dev/null @@ -1,51 +0,0 @@ -diff -up openssh-5.3p1/channels.c.bz595935 openssh-5.3p1/channels.c ---- openssh-5.3p1/channels.c.bz595935 2010-08-12 14:19:28.000000000 +0200 -+++ openssh-5.3p1/channels.c 2010-08-12 14:33:51.000000000 +0200 -@@ -3185,7 +3185,7 @@ x11_create_display_inet(int x11_display_ - } - - static int --connect_local_xsocket_path(const char *pathname) -+connect_local_xsocket_path(const char *pathname, int len) - { - int sock; - struct sockaddr_un addr; -@@ -3195,11 +3195,14 @@ connect_local_xsocket_path(const char *p - error("socket: %.100s", strerror(errno)); - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; -- strlcpy(addr.sun_path, pathname, sizeof addr.sun_path); -- if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == 0) -+ if (len <= 0) -+ return -1; -+ if (len > sizeof addr.sun_path) -+ len = sizeof addr.sun_path; -+ memcpy(addr.sun_path, pathname, len); -+ if (connect(sock, (struct sockaddr *)&addr, sizeof addr - (sizeof addr.sun_path - len) ) == 0) - return sock; - close(sock); -- error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); - return -1; - } - -@@ -3207,8 +3210,18 @@ static int - connect_local_xsocket(u_int dnr) - { - char buf[1024]; -- snprintf(buf, sizeof buf, _PATH_UNIX_X, dnr); -- return connect_local_xsocket_path(buf); -+ int len, ret; -+ len = snprintf(buf + 1, sizeof (buf) - 1, _PATH_UNIX_X, dnr); -+#ifdef linux -+ /* try abstract socket first */ -+ buf[0] = '\0'; -+ if ((ret = connect_local_xsocket_path(buf, len + 1)) >= 0) -+ return ret; -+#endif -+ if ((ret = connect_local_xsocket_path(buf + 1, len)) >= 0) -+ return ret; -+ error("connect %.100s: %.100s", buf + 1, strerror(errno)); -+ return -1; - } - - int diff --git a/openssh-6.7p1-coverity.patch b/openssh-6.7p1-coverity.patch index 8834903..51aa0bf 100644 --- a/openssh-6.7p1-coverity.patch +++ b/openssh-6.7p1-coverity.patch @@ -48,33 +48,6 @@ diff -up openssh-6.8p1/channels.c.coverity openssh-6.8p1/channels.c set_nonblock(efd); } } -@@ -3972,13 +3972,13 @@ connect_local_xsocket_path(const char *p - int sock; - struct sockaddr_un addr; - -+ if (len <= 0) -+ return -1; - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - error("socket: %.100s", strerror(errno)); - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; -- if (len <= 0) -- return -1; - if (len > sizeof addr.sun_path) - len = sizeof addr.sun_path; - memcpy(addr.sun_path, pathname, len); -diff -up openssh-6.8p1/entropy.c.coverity openssh-6.8p1/entropy.c ---- openssh-6.8p1/entropy.c.coverity 2015-03-18 17:21:51.891264843 +0100 -+++ openssh-6.8p1/entropy.c 2015-03-18 17:21:51.897264831 +0100 -@@ -46,6 +46,7 @@ - #include - - #include "openbsd-compat/openssl-compat.h" -+#include "openbsd-compat/port-linux.h" - - #include "ssh.h" - #include "misc.h" diff -up openssh-6.8p1/monitor.c.coverity openssh-6.8p1/monitor.c --- openssh-6.8p1/monitor.c.coverity 2015-03-18 17:21:51.887264852 +0100 +++ openssh-6.8p1/monitor.c 2015-03-18 17:21:51.897264831 +0100 diff --git a/openssh-7.2p2-x11.patch b/openssh-7.2p2-x11.patch new file mode 100644 index 0000000..09e56e9 --- /dev/null +++ b/openssh-7.2p2-x11.patch @@ -0,0 +1,53 @@ +diff -up openssh-7.2p2/channels.c.x11 openssh-7.2p2/channels.c +--- openssh-7.2p2/channels.c.x11 2016-03-09 19:04:48.000000000 +0100 ++++ openssh-7.2p2/channels.c 2016-06-03 10:42:04.775164520 +0200 +@@ -3990,21 +3990,24 @@ x11_create_display_inet(int x11_display_ + } + + static int +-connect_local_xsocket_path(const char *pathname) ++connect_local_xsocket_path(const char *pathname, int len) + { + int sock; + struct sockaddr_un addr; + ++ if (len <= 0) ++ return -1; + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) + error("socket: %.100s", strerror(errno)); + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; +- strlcpy(addr.sun_path, pathname, sizeof addr.sun_path); +- if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == 0) ++ if (len > sizeof addr.sun_path) ++ len = sizeof addr.sun_path; ++ memcpy(addr.sun_path, pathname, len); ++ if (connect(sock, (struct sockaddr *)&addr, sizeof addr - (sizeof addr.sun_path - len) ) == 0) + return sock; + close(sock); +- error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); + return -1; + } + +@@ -4012,8 +4015,18 @@ static int + connect_local_xsocket(u_int dnr) + { + char buf[1024]; +- snprintf(buf, sizeof buf, _PATH_UNIX_X, dnr); +- return connect_local_xsocket_path(buf); ++ int len, ret; ++ len = snprintf(buf + 1, sizeof (buf) - 1, _PATH_UNIX_X, dnr); ++#ifdef linux ++ /* try abstract socket first */ ++ buf[0] = '\0'; ++ if ((ret = connect_local_xsocket_path(buf, len + 1)) >= 0) ++ return ret; ++#endif ++ if ((ret = connect_local_xsocket_path(buf + 1, len)) >= 0) ++ return ret; ++ error("connect %.100s: %.100s", buf + 1, strerror(errno)); ++ return -1; + } + + int diff --git a/openssh.spec b/openssh.spec index 439906e..1dcbbd2 100644 --- a/openssh.spec +++ b/openssh.spec @@ -144,7 +144,7 @@ Patch606: openssh-5.9p1-ipv6man.patch #? Patch607: openssh-5.8p2-sigpipe.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1789 -Patch609: openssh-5.5p1-x11.patch +Patch609: openssh-7.2p2-x11.patch #? Patch700: openssh-7.2p1-fips.patch