external/openssh: update to 6.8p1.
In preparation for some updates to external/openssh to make it work with
BoringSSL, this change updates the code to a recent version. The current
version (5.9p1) is coming up on four years old now.
* Confirmed that f5c67b478bef9992de9e9ec91ce10af4f6205e0d matches
OpenSSH 5.9p1 exactly (save for the removal of the scard
subdirectory).
* Downloaded openssh-6.8p1.tar.gz (SHA256:
3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160e)
and verified with PGP signature. (I've verified Damien's key in
person previously.)
* Applied changes between f5c67b478bef9992de9e9ec91ce10af4f6205e0d and
OpenSSH 5.9p1 to 6.8p1 and updated the build as best I can. The
ugliest change is probably the duplication of umac.c to umac128.c
because Android conditionally compiles that file twice. See the
comment in those files.
Change-Id: I63cb07a8118afb5a377f116087a0882914cea486
diff --git a/canohost.c b/canohost.c
index dabd8a3..223964e 100644
--- a/canohost.c
+++ b/canohost.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.c,v 1.66 2010/01/13 01:20:20 dtucker Exp $ */
+/* $OpenBSD: canohost.c,v 1.72 2015/03/01 15:44:40 millert Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -16,11 +16,11 @@
#include <sys/types.h>
#include <sys/socket.h>
+#include <sys/un.h>
#include <netinet/in.h>
#include <arpa/inet.h>
-#include <ctype.h>
#include <errno.h>
#include <netdb.h>
#include <stdio.h>
@@ -41,14 +41,13 @@
/*
* Return the canonical name of the host at the other end of the socket. The
- * caller should free the returned string with xfree.
+ * caller should free the returned string.
*/
static char *
get_remote_hostname(int sock, int use_dns)
{
struct sockaddr_storage from;
- int i;
socklen_t fromlen;
struct addrinfo hints, *ai, *aitop;
char name[NI_MAXHOST], ntop[NI_MAXHOST], ntop2[NI_MAXHOST];
@@ -99,13 +98,9 @@
return xstrdup(ntop);
}
- /*
- * Convert it to all lowercase (which is expected by the rest
- * of this software).
- */
- for (i = 0; name[i]; i++)
- if (isupper(name[i]))
- name[i] = (char)tolower(name[i]);
+ /* Names are stores in lowercase. */
+ lowercase(name);
+
/*
* Map it back to an IP address and check that the given
* address actually is an address of this host. This is
@@ -160,8 +155,7 @@
#ifdef IP_OPTIONS
u_char options[200];
char text[sizeof(options) * 3 + 1];
- socklen_t option_size;
- u_int i;
+ socklen_t option_size, i;
int ipproto;
struct protoent *ip;
@@ -199,7 +193,7 @@
memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr));
port = a6->sin6_port;
- bzero(a4, sizeof(*a4));
+ memset(a4, 0, sizeof(*a4));
a4->sin_family = AF_INET;
*len = sizeof(*a4);
@@ -266,19 +260,29 @@
}
/* Work around Linux IPv6 weirdness */
- if (addr.ss_family == AF_INET6)
+ if (addr.ss_family == AF_INET6) {
addrlen = sizeof(struct sockaddr_in6);
+ ipv64_normalise_mapped(&addr, &addrlen);
+ }
- ipv64_normalise_mapped(&addr, &addrlen);
-
- /* Get the address in ascii. */
- if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
- sizeof(ntop), NULL, 0, flags)) != 0) {
- error("get_socket_address: getnameinfo %d failed: %s", flags,
- ssh_gai_strerror(r));
+ switch (addr.ss_family) {
+ case AF_INET:
+ case AF_INET6:
+ /* Get the address in ascii. */
+ if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
+ sizeof(ntop), NULL, 0, flags)) != 0) {
+ error("get_socket_address: getnameinfo %d failed: %s",
+ flags, ssh_gai_strerror(r));
+ return NULL;
+ }
+ return xstrdup(ntop);
+ case AF_UNIX:
+ /* Get the Unix domain socket path. */
+ return xstrdup(((struct sockaddr_un *)&addr)->sun_path);
+ default:
+ /* We can't look up remote Unix domain sockets. */
return NULL;
}
- return xstrdup(ntop);
}
char *
@@ -323,10 +327,8 @@
void
clear_cached_addr(void)
{
- if (canonical_host_ip != NULL) {
- xfree(canonical_host_ip);
- canonical_host_ip = NULL;
- }
+ free(canonical_host_ip);
+ canonical_host_ip = NULL;
cached_port = -1;
}
@@ -393,6 +395,10 @@
if (from.ss_family == AF_INET6)
fromlen = sizeof(struct sockaddr_in6);
+ /* Non-inet sockets don't have a port number. */
+ if (from.ss_family != AF_INET && from.ss_family != AF_INET6)
+ return 0;
+
/* Return port number. */
if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
strport, sizeof(strport), NI_NUMERICSERV)) != 0)