net-misc/openssh: Add patches for bugs #834019 and #834037

Bug: https://bugs.gentoo.org/834019
Bug: https://bugs.gentoo.org/834037
Package-Manager: Portage-3.0.30, Repoman-3.0.3
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>

4 files changed, 78 insertions, 4 deletions

diff --git a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch
index 91da09971acc..66617a17af2a 100644
--- a/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch
+++ b/net-misc/openssh/files/openssh-8.9_p1-X509-glue-13.3.patch
@@ -1,6 +1,6 @@
 diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-13.3.diff
 --- a/openssh-8.9p1+x509-13.3.diff	2022-02-24 17:19:30.830285922 -0800
-+++ b/openssh-8.9p1+x509-13.3.diff	2022-02-24 17:22:12.374625809 -0800
++++ b/openssh-8.9p1+x509-13.3.diff	2022-02-25 16:56:00.750829460 -0800
 @@ -993,15 +993,16 @@
   	char b[512];
  -	size_t len = ssh_digest_bytes(SSH_DIGEST_SHA512);
@@ -21,7 +21,33 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-
   	(void)snprintf(b, sizeof b, "%llu%s",
   	    (unsigned long long)options.timing_secret, user);
  -	if (ssh_digest_memory(SSH_DIGEST_SHA512, b, strlen(b), hash, len) != 0)
-@@ -52711,12 +52712,11 @@
+@@ -51970,7 +51971,7 @@
+ diff -ruN openssh-8.9p1/m4/openssh.m4 openssh-8.9p1+x509-13.3/m4/openssh.m4
+ --- openssh-8.9p1/m4/openssh.m4	2022-02-23 13:31:11.000000000 +0200
+ +++ openssh-8.9p1+x509-13.3/m4/openssh.m4	1970-01-01 02:00:00.000000000 +0200
+-@@ -1,200 +0,0 @@
++@@ -1,203 +0,0 @@
+ -dnl OpenSSH-specific autoconf macros
+ -dnl
+ -
+@@ -51987,6 +51988,8 @@
+ -	AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
+ -#include <stdlib.h>
+ -#include <stdio.h>
++-/* Trivial function to help test for -fzero-call-used-regs */
++-void f(int n) {}
+ -int main(int argc, char **argv) {
+ -	(void)argv;
+ -	/* Some math to catch -ftrapv problems in the toolchain */
+@@ -51994,6 +51997,7 @@
+ -	float l = i * 2.1;
+ -	double m = l / 0.5;
+ -	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
++-	f(0);
+ -	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
+ -	/*
+ -	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
+@@ -52711,12 +52715,11 @@
   
   install-files:
   	$(MKDIR_P) $(DESTDIR)$(bindir)
@@ -35,7 +61,7 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-
   	$(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH)
   	$(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT)
   	$(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT)
-@@ -73508,7 +73508,7 @@
+@@ -73508,7 +73511,7 @@
  +if test "$sshd_type" = "pkix" ; then
  +  unset_arg=''
  +else
@@ -44,7 +70,7 @@ diff -ur '--exclude=.*.un~' a/openssh-8.9p1+x509-13.3.diff b/openssh-8.9p1+x509-
  +fi
  +
   cat > $OBJ/sshd_config.i << _EOF
-@@ -137555,16 +137555,6 @@
+@@ -137555,16 +137558,6 @@
  +int	 asnmprintf(char **, size_t, int *, const char *, ...)
   	    __attribute__((format(printf, 4, 5)));
   void	 msetlocale(void);
diff --git a/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch
new file mode 100644
index 000000000000..8c46625aa29c
--- /dev/null
+++ b/net-misc/openssh/files/openssh-8.9_p1-allow-ppoll_time64.patch
@@ -0,0 +1,14 @@
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
+index 2e065ba3..4ce80cb2 100644
+--- a/sandbox-seccomp-filter.c
++++ b/sandbox-seccomp-filter.c
+@@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = {
+ #ifdef __NR_ppoll
+ 	SC_ALLOW(__NR_ppoll),
+ #endif
++#ifdef __NR_ppoll_time64
++	SC_ALLOW(__NR_ppoll_time64),
++#endif
+ #ifdef __NR_poll
+ 	SC_ALLOW(__NR_poll),
+ #endif
diff --git a/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch b/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch
new file mode 100644
index 000000000000..0231ce46d7b1
--- /dev/null
+++ b/net-misc/openssh/files/openssh-8.9_p1-fzero-call-used-regs.patch
@@ -0,0 +1,32 @@
+From f107467179428a0e3ea9e4aa9738ac12ff02822d Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Thu, 24 Feb 2022 16:04:18 +0000
+Subject: [PATCH] Improve detection of -fzero-call-used-regs=all support
+
+GCC doesn't tell us whether this option is supported unless it runs into
+the situation where it would need to emit corresponding code.
+---
+ m4/openssh.m4 | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/m4/openssh.m4 b/m4/openssh.m4
+index 4f9c3792dc1..8c33c701b8b 100644
+--- a/m4/openssh.m4
++++ b/m4/openssh.m4
+@@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{
+ 	AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
+ #include <stdlib.h>
+ #include <stdio.h>
++/* Trivial function to help test for -fzero-call-used-regs */
++void f(int n) {}
+ int main(int argc, char **argv) {
+ 	(void)argv;
+ 	/* Some math to catch -ftrapv problems in the toolchain */
+@@ -21,6 +23,7 @@ int main(int argc, char **argv) {
+ 	float l = i * 2.1;
+ 	double m = l / 0.5;
+ 	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
++	f(0);
+ 	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
+ 	/*
+ 	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does
diff --git a/net-misc/openssh/openssh-8.9_p1.ebuild b/net-misc/openssh/openssh-8.9_p1.ebuild
index 5b7b5d1c44db..bb334274000e 100644
--- a/net-misc/openssh/openssh-8.9_p1.ebuild
+++ b/net-misc/openssh/openssh-8.9_p1.ebuild
@@ -126,6 +126,8 @@ src_prepare() {
 	eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch
 	eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch
 	eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch
+	eapply "${FILESDIR}"/${PN}-8.9_p1-allow-ppoll_time64.patch #834019
+	eapply "${FILESDIR}"/${PN}-8.9_p1-fzero-call-used-regs.patch #834037
 
 	[[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches