Revert "Android: Updated bundled ssh from 6.1p1 to 6.4p1."

This reverts commit 27836a2af9.

Build didn't actually seem to succeed, for both versions of android, so
I'll need to revisit this later.

debian/changelog

@@ -27,7 +27,6 @@ git-annex (5.20150421) UNRELEASED; urgency=medium
     symlinks when downloading from ftp.
   * Support checking ftp urls for file presence.
   * Fix bogus failure of fsck --fast.
-  * contentlocation, examinekey, lookupkey: Added --batch mode option.
   * fsck: Ignore error recording the fsck in the activity log,
     which can happen when running fsck in a read-only repository.
     Closes: #698559
@@ -41,7 +40,6 @@ git-annex (5.20150421) UNRELEASED; urgency=medium
     to build the webapp on arm, and enable DAV support on arm. \o/
   * Adjust some other arch specific build dependencies that are now
     available on more architectures in Devian unstable.
-  * Android: Updated bundled ssh from 6.1p1 to 6.4p1.
   * Windows: Remove cygwin ssh, the newer version of which has stopped
     honoring the setting of HOME. Instead, copy msysgit's ssh into PATH.
   * Windows: Roll back to an older version of rsync from cygwin.

doc/bugs/android_ed25519_algorithm/comment_1_64bc9b8b7de6084a837f8b17269447b7._comment

@@ -1,12 +0,0 @@
-[[!comment format=mdwn
- username="joey"
- subject="""comment 1"""
- date="2015-05-01T19:24:18Z"
- content="""
-git-annex for android bundles ssh from
-git://github.com/CyanogenMod/android_external_openssh.git
-
-That has not yet been updated to a new enough ssh version to have this
-feature. Will have to wait for it to be updated, or if I learn of a newer
-port of ssh to android someplace I could change to it.
-"""]]

standalone/android/Makefile

@@ -30,7 +30,8 @@ $(GIT_ANNEX_ANDROID_SOURCETREE)/openssl/build-stamp:
 
 $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh/build-stamp: openssh.patch openssh.config.h
 	# This is a known-good version that the patch works with.
-	cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && git reset --hard b82300f4fa6917298a137817afbbd674a066e5da
+	# TODO: Upgrade
+	cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && git reset --hard 0a8617ed5af2f0248d0e9648e26b224e16ada742
 	cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && ./configure --host=arm-linux-androideabi --with-ssl-dir=../openssl --without-openssl-header-check
 	cat openssh.patch | (cd $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh && patch -p1)
 	cp openssh.config.h $(GIT_ANNEX_ANDROID_SOURCETREE)/openssh/config.h

standalone/android/openssh.config.h

@@ -1,6 +1,4 @@
 #define DISABLE_SHADOW 1
-#define HAVE_MBLEN 1
-#define HAVE_USLEEP 1
 #define DISABLE_UTMP 1
 #define DISABLE_UTMPX 1
 #define DISABLE_WTMP 1
@@ -219,7 +217,7 @@
 #define LOCKED_PASSWD_PREFIX "!"
 #define LOGIN_PROGRAM_FALLBACK "/bin/login"
 #define MISSING_FD_MASK 1
-#define HAVE_DECL_HOWMANY 0
+#define MISSING_HOWMANY 1
 #define OPENSSL_HAS_ECC 1
 #define OPENSSL_PRNG_ONLY 1
 #define PACKAGE_BUGREPORT "openssh-unix-dev@mindrot.org"

standalone/android/openssh.patch

@@ -1,8 +1,8 @@
 diff --git a/auth.c b/auth.c
-index 84fca58..63c3c3e 100644
+index 6623e0f..dd10253 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -364,7 +364,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
+@@ -337,7 +337,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
  	char *file, ret[MAXPATHLEN];
  	int i;
  
@@ -11,7 +11,7 @@ index 84fca58..63c3c3e 100644
  	    "u", pw->pw_name, (char *)NULL);
  
  	/*
-@@ -374,7 +374,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
+@@ -347,7 +347,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
  	if (*file == '/')
  		return (file);
  
@@ -19,18 +19,18 @@ index 84fca58..63c3c3e 100644
 +	i = snprintf(ret, sizeof(ret), "%s/%s", _PATH_ROOT_HOME_PREFIX, file);
  	if (i < 0 || (size_t)i >= sizeof(ret))
  		fatal("expand_authorized_keys: path too long");
- 	free(file);
-@@ -463,7 +463,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+ 	xfree(file);
+@@ -436,7 +436,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
  		    strerror(errno));
  		return -1;
  	}
--	if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL)
-+	if (_PATH_ROOT_HOME_PREFIX != NULL && realpath(_PATH_ROOT_HOME_PREFIX, homedir) != NULL)
+-	if (realpath(pw->pw_dir, homedir) != NULL)
++	if (realpath(_PATH_ROOT_HOME_PREFIX, homedir) != NULL)
  		comparehome = 1;
  
- 	if (!S_ISREG(stp->st_mode)) {
+ 	/* check the open file to avoid races */
 diff --git a/authfile.c b/authfile.c
-index 63ae16b..7b7841a 100644
+index 7dd4496..00462e9 100644
 --- a/authfile.c
 +++ b/authfile.c
 @@ -613,6 +613,7 @@ int
@@ -42,7 +42,7 @@ index 63ae16b..7b7841a 100644
  	if (fstat(fd, &st) < 0)
  		return 0;
 diff --git a/misc.c b/misc.c
-index 3b9792f..516e7ae 100644
+index 0bf2db6..4327d03 100644
 --- a/misc.c
 +++ b/misc.c
 @@ -25,6 +25,7 @@
@@ -53,20 +53,39 @@ index 3b9792f..516e7ae 100644
  
  #include <sys/types.h>
  #include <sys/ioctl.h>
-@@ -539,8 +540,9 @@ tilde_expand_filename(const char *filename, uid_t uid)
+@@ -538,12 +539,13 @@ tilde_expand_filename(const char *filename, uid_t uid)
+ 	} else if ((pw = getpwuid(uid)) == NULL)	/* ~/path */
  		fatal("tilde_expand_filename: No such uid %ld", (long)uid);
  
+-	if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
++	char *pw_dir=_PATH_ROOT_HOME_PREFIX;
++	if (strlcpy(ret, pw_dir, sizeof(ret)) >= sizeof(ret))
+ 		fatal("tilde_expand_filename: Path too long");
+ 
  	/* Make sure directory has a trailing '/' */
 -	len = strlen(pw->pw_dir);
--	if (len == 0 || pw->pw_dir[len - 1] != '/')
-+	char *pw_dir=_PATH_ROOT_HOME_PREFIX;
+-	if ((len == 0 || pw->pw_dir[len - 1] != '/') &&
 +	len = strlen(pw_dir);
-+	if (len == 0 || pw_dir[len - 1] != '/')
- 		sep = "/";
- 	else
- 		sep = "";
++	if ((len == 0 || pw_dir[len - 1] != '/') &&
+ 	    strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
+ 		fatal("tilde_expand_filename: Path too long");
+ 
+diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
+index d2bea21..5b5d599 100644
+--- a/openbsd-compat/getrrsetbyname.c
++++ b/openbsd-compat/getrrsetbyname.c
+@@ -56,8 +56,7 @@
+ #include <arpa/inet.h>
+ 
+ #include "getrrsetbyname.h"
+-#include "nameser.h"
+-#include "nameser_compat.h"
++#include "arpa/nameser.h"
+ 
+ #if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO
+ extern int h_errno;
 diff --git a/pathnames.h b/pathnames.h
-index 3b7584c..1103266 100644
+index b7b9d91..3c10b11 100644
 --- a/pathnames.h
 +++ b/pathnames.h
 @@ -67,7 +67,7 @@
@@ -79,23 +98,23 @@ index 3b7584c..1103266 100644
  
  /*
 diff --git a/readconf.c b/readconf.c
-index e22c952..87c1c8a 100644
+index 097bb05..dcbc008 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1113,7 +1113,7 @@ read_config_file(const char *filename, const char *host, Options *options,
+@@ -1085,7 +1085,7 @@ read_config_file(const char *filename, const char *host, Options *options,
  	if ((f = fopen(filename, "r")) == NULL)
  		return 0;
  
--	if (flags & SSHCONF_CHECKPERM) {
-+	if (0) {
+-	if (checkperm) {
++	if (checkperm && 0) {
  		struct stat sb;
  
  		if (fstat(fileno(f), &sb) == -1)
 diff --git a/ssh-add.c b/ssh-add.c
-index 5e8166f..f0edc30 100644
+index 738644d..f6fce4a 100644
 --- a/ssh-add.c
 +++ b/ssh-add.c
-@@ -496,7 +496,7 @@ main(int argc, char **argv)
+@@ -471,7 +471,7 @@ main(int argc, char **argv)
  		}
  
  		for (i = 0; default_files[i]; i++) {
@@ -105,32 +124,32 @@ index 5e8166f..f0edc30 100644
  			if (stat(buf, &st) < 0)
  				continue;
 diff --git a/ssh-keygen.c b/ssh-keygen.c
-index 40ba5e3..82c2ebf 100644
+index 4baf7df..ef8bb25 100644
 --- a/ssh-keygen.c
 +++ b/ssh-keygen.c
-@@ -228,7 +228,7 @@ ask_filename(struct passwd *pw, const char *prompt)
+@@ -224,7 +224,7 @@ ask_filename(struct passwd *pw, const char *prompt)
  		}
  	}
  	snprintf(identity_file, sizeof(identity_file), "%s/%s",
--		strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, name);
-+		_PATH_ROOT_HOME_PREFIX, name);
+-	    strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX, name);
++	    _PATH_ROOT_HOME_PREFIX, name);
  	fprintf(stderr, "%s (%s): ", prompt, identity_file);
  	if (fgets(buf, sizeof(buf), stdin) == NULL)
  		exit(1);
-@@ -2561,7 +2561,7 @@ main(int argc, char **argv)
+@@ -2268,7 +2268,7 @@ main(int argc, char **argv)
  
  	/* Create ~/.ssh directory if it doesn't already exist. */
  	snprintf(dotsshdir, sizeof dotsshdir, "%s/%s",
--		strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
-+		_PATH_ROOT_HOME_PREFIX,
- 		_PATH_SSH_USER_DIR);
+-	    strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
++	    _PATH_ROOT_HOME_PREFIX,
+ 	    _PATH_SSH_USER_DIR);
  	if (strstr(identity_file, dotsshdir) != NULL) {
  		if (stat(dotsshdir, &st) < 0) {
 diff --git a/ssh.c b/ssh.c
-index 1e2cdd5..cc48c2d 100644
+index 898e966..ef6c858 100644
 --- a/ssh.c
 +++ b/ssh.c
-@@ -707,7 +707,7 @@ main(int ac, char **av)
+@@ -703,7 +703,7 @@ main(int ac, char **av)
  			fatal("Can't open user config file %.100s: "
  			    "%.100s", config, strerror(errno));
  	} else {
@@ -138,8 +157,8 @@ index 1e2cdd5..cc48c2d 100644
 +		r = snprintf(buf, sizeof buf, "%s/%s", _PATH_ROOT_HOME_PREFIX,
  		    _PATH_SSH_USER_CONFFILE);
  		if (r > 0 && (size_t)r < sizeof(buf))
- 			(void)read_config_file(buf, host, &options,
-@@ -773,7 +773,7 @@ main(int ac, char **av)
+ 			(void)read_config_file(buf, host, &options, 1);
+@@ -748,7 +748,7 @@ main(int ac, char **av)
  	if (options.local_command != NULL) {
  		debug3("expanding LocalCommand: %s", options.local_command);
  		cp = options.local_command;
@@ -148,16 +167,16 @@ index 1e2cdd5..cc48c2d 100644
  		    "h", host, "l", thishost, "n", host_arg, "r", options.user,
  		    "p", portstr, "u", pw->pw_name, "L", shorthost,
  		    (char *)NULL);
-@@ -913,7 +913,7 @@ main(int ac, char **av)
+@@ -888,7 +888,7 @@ main(int ac, char **av)
  	 */
  	if (config == NULL) {
  		r = snprintf(buf, sizeof buf, "%s/%s",
--			strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
-+			_PATH_ROOT_HOME_PREFIX,
- 			_PATH_SSH_USER_DIR);
+-		    strcmp(pw->pw_dir, "/") ? pw->pw_dir : _PATH_ROOT_HOME_PREFIX,
++		    _PATH_ROOT_HOME_PREFIX,
+ 		    _PATH_SSH_USER_DIR);
  		if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
  #ifdef WITH_SELINUX
-@@ -1565,7 +1565,7 @@ load_public_identity_files(void)
+@@ -1532,7 +1532,7 @@ load_public_identity_files(void)
  	if ((pw = getpwuid(original_real_uid)) == NULL)
  		fatal("load_public_identity_files: getpwuid failed");
  	pwname = xstrdup(pw->pw_name);
@@ -167,7 +186,7 @@ index 1e2cdd5..cc48c2d 100644
  		fatal("load_public_identity_files: gethostname: %s",
  		    strerror(errno));
 diff --git a/uidswap.c b/uidswap.c
-index 50d20d6..d226cc9 100644
+index bc6194e..5cbf5d1 100644
 --- a/uidswap.c
 +++ b/uidswap.c
 @@ -28,7 +28,6 @@
@@ -175,10 +194,10 @@ index 50d20d6..d226cc9 100644
  
  #ifdef ANDROID
 -#include <private/android_filesystem_config.h>
- #include <sys/capability.h>
+ #include <linux/capability.h>
  #include <linux/prctl.h>
  #endif
-@@ -216,7 +215,7 @@ permanently_set_uid(struct passwd *pw)
+@@ -230,7 +229,7 @@ permanently_set_uid(struct passwd *pw)
  	debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
  	    (u_int)pw->pw_gid);
  
@@ -187,7 +206,7 @@ index 50d20d6..d226cc9 100644
  	if (pw->pw_uid == AID_SHELL) {
  		prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
  
-@@ -281,7 +280,7 @@ permanently_set_uid(struct passwd *pw)
+@@ -317,7 +316,7 @@ permanently_set_uid(struct passwd *pw)
  		    (u_int)pw->pw_uid);
  	}