diff options
author | zer0def | 2020-02-12 16:40:48 +0100 |
---|---|---|
committer | zer0def | 2020-02-12 16:40:48 +0100 |
commit | 5f180eec0b7f4beafa4717bd8ae95c3ecb5cffbd (patch) | |
tree | 50480fd4b061624e1d37e3ab730a8d8c8af618bb | |
parent | 4e08b8146f76d633e98aebd704d8ac60a4335b7f (diff) | |
download | aur-5f180eec0b7f4beafa4717bd8ae95c3ecb5cffbd.tar.gz |
Bump for glibc 2.31.
-rw-r--r-- | .SRCINFO | 4 | ||||
-rw-r--r-- | PKGBUILD | 5 | ||||
-rw-r--r-- | glibc-2.31.patch | 100 |
3 files changed, 107 insertions, 2 deletions
@@ -1,7 +1,7 @@ pkgbase = openssh-hpn pkgdesc = A Secure SHell server/client fork with High Performance patches included pkgver = 8.1p1.hpn14v20 - pkgrel = 1 + pkgrel = 2 url = https://www.psc.edu/index.php/hpn-ssh/ install = openssh-hpn.install arch = i686 @@ -27,6 +27,7 @@ pkgbase = openssh-hpn source = https://github.com/rapier1/openssh-portable/archive/hpn-8_1_P1.tar.gz source = http://www.eworm.de/download/linux/openssh-tests-scp.patch source = hpn-banner.patch + source = glibc-2.31.patch source = sshdgenkeys.service source = sshd@.service source = sshd.service @@ -35,6 +36,7 @@ pkgbase = openssh-hpn sha256sums = e159af51f51e6f78634b9fea0b8a4fe2c9e4f98609a07e1fe815e710f104c779 sha256sums = 007a8888855570296c36716df18e986b7265c283e8fc8f6dfd4b3c411905fdb3 sha256sums = 57bb8c4800afc5314ad1f3ac24bc838f1f63c626171d3c5ad4b843bfef2391fe + sha256sums = 25b4a4d9e2d9d3289ef30636a30e85fa1c71dd930d5efd712cca1a01a5019f93 sha256sums = ff3cbdd0e59ff7dac4dc797d5c0f2b1db4117ddbb49d52f1c4f1771961903878 sha256sums = 69cc2abaaae0aa8071b8eac338b2df725f60ce73381843179b74eaac78ba7f1d sha256sums = c5ed9fa629f8f8dbf3bae4edbad4441c36df535088553fe82695c52d7bde30aa @@ -45,7 +45,7 @@ _hpn_ver=hpn14v20 #_pkgver="`sed -e 's/\./_/' -e 's/p/_P/' <<< ${_openssh_ver}`_new" _pkgver="`sed -e 's/\./_/' -e 's/p/_P/' <<< ${_openssh_ver}`" pkgver="${_openssh_ver}.${_hpn_ver}" -pkgrel=1 +pkgrel=2 pkgdesc='A Secure SHell server/client fork with High Performance patches included' url='https://www.psc.edu/index.php/hpn-ssh/' license=('custom:BSD') @@ -63,6 +63,7 @@ source=("https://github.com/rapier1/openssh-portable/archive/hpn-${_pkgver}.tar. 'http://www.eworm.de/download/linux/openssh-tests-scp.patch' #'openssl11.patch' 'hpn-banner.patch' + 'glibc-2.31.patch' 'sshdgenkeys.service' 'sshd@.service' 'sshd.service' @@ -76,6 +77,7 @@ sha256sums=('e159af51f51e6f78634b9fea0b8a4fe2c9e4f98609a07e1fe815e710f104c779' '007a8888855570296c36716df18e986b7265c283e8fc8f6dfd4b3c411905fdb3' #'6c6deb799fc918b4d90899d664a23b3a99e2973d61b5a2cf68e1ea9a6604ca9a' '57bb8c4800afc5314ad1f3ac24bc838f1f63c626171d3c5ad4b843bfef2391fe' + '25b4a4d9e2d9d3289ef30636a30e85fa1c71dd930d5efd712cca1a01a5019f93' 'ff3cbdd0e59ff7dac4dc797d5c0f2b1db4117ddbb49d52f1c4f1771961903878' '69cc2abaaae0aa8071b8eac338b2df725f60ce73381843179b74eaac78ba7f1d' 'c5ed9fa629f8f8dbf3bae4edbad4441c36df535088553fe82695c52d7bde30aa' @@ -94,6 +96,7 @@ build() { # https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=371794f20c7eb2b88cae2619b6fa3444452aafb4 #patch -Np1 < ${srcdir}/openssl11.patch patch -Np1 < ${srcdir}/hpn-banner.patch + patch -Np1 < ${srcdir}/glibc-2.31.patch autoreconf -fi ./configure \ diff --git a/glibc-2.31.patch b/glibc-2.31.patch new file mode 100644 index 000000000000..187042870deb --- /dev/null +++ b/glibc-2.31.patch @@ -0,0 +1,100 @@ +From beee0ef61866cb567b9abc23bd850f922e59e3f0 Mon Sep 17 00:00:00 2001 +From: Darren Tucker <dtucker@dtucker.net> +Date: Wed, 13 Nov 2019 23:19:35 +1100 +Subject: [PATCH] seccomp: Allow clock_nanosleep() in sandbox. + +seccomp: Allow clock_nanosleep() to make OpenSSH working with latest +glibc. Patch from Jakub Jelen <jjelen@redhat.com> via bz #3093. +--- + sandbox-seccomp-filter.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index b5cda70bb..96ab141f7 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -242,6 +242,12 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_nanosleep + SC_ALLOW(__NR_nanosleep), + #endif ++#ifdef __NR_clock_nanosleep ++ SC_ALLOW(__NR_clock_nanosleep), ++#endif ++#ifdef __NR_clock_nanosleep ++ SC_ALLOW(__NR_clock_nanosleep), ++#endif + #ifdef __NR__newselect + SC_ALLOW(__NR__newselect), + #endif +From 69298ebfc2c066acee5d187eac8ce9f38c796630 Mon Sep 17 00:00:00 2001 +From: Darren Tucker <dtucker@dtucker.net> +Date: Wed, 13 Nov 2019 23:27:31 +1100 +Subject: [PATCH] Remove duplicate __NR_clock_nanosleep + +--- + sandbox-seccomp-filter.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 96ab141f7..be2397671 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -245,9 +245,6 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_clock_nanosleep + SC_ALLOW(__NR_clock_nanosleep), + #endif +-#ifdef __NR_clock_nanosleep +- SC_ALLOW(__NR_clock_nanosleep), +-#endif + #ifdef __NR__newselect + SC_ALLOW(__NR__newselect), + #endif +From 030b4c2b8029563bc8a9fd764288fde08fa2347c Mon Sep 17 00:00:00 2001 +From: Darren Tucker <dtucker@dtucker.net> +Date: Mon, 16 Dec 2019 13:55:56 +1100 +Subject: [PATCH] Allow clock_nanosleep_time64 in seccomp sandbox. + +Needed on Linux ARM. bz#3100, patch from jjelen@redhat.com. +--- + sandbox-seccomp-filter.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index be2397671..3ef30c9d5 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -245,6 +245,9 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_clock_nanosleep + SC_ALLOW(__NR_clock_nanosleep), + #endif ++#ifdef __NR_clock_nanosleep_time64 ++ SC_ALLOW(__NR_clock_nanosleep_time64), ++#endif + #ifdef __NR__newselect + SC_ALLOW(__NR__newselect), + #endif +From a991cc5ed5a7c455fefe909a30cf082011ef5dff Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 7 Jan 2020 16:26:45 -0800 +Subject: [PATCH] seccomp: Allow clock_gettime64() in sandbox. + +This helps sshd accept connections on mips platforms with +upcoming glibc ( 2.31 ) +--- + sandbox-seccomp-filter.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c +index 3ef30c9d5..999c46c9f 100644 +--- a/sandbox-seccomp-filter.c ++++ b/sandbox-seccomp-filter.c +@@ -248,6 +248,9 @@ static const struct sock_filter preauth_insns[] = { + #ifdef __NR_clock_nanosleep_time64 + SC_ALLOW(__NR_clock_nanosleep_time64), + #endif ++#ifdef __NR_clock_gettime64 ++ SC_ALLOW(__NR_clock_gettime64), ++#endif + #ifdef __NR__newselect + SC_ALLOW(__NR__newselect), + #endif |