From 817071dc4d9455adfe1ecc3a9260bbcbdcdb9927 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 17 Jul 2014 14:26:49 +0200
Subject: [PATCH] standardise on NI_MAXHOST for gethostname() string lengths
 (#1051490)

---
 openssh-6.6.1p1-NI_MAXHOST.patch | 76 ++++++++++++++++++++++++++++++++
 openssh.spec                     |  3 ++
 2 files changed, 79 insertions(+)
 create mode 100644 openssh-6.6.1p1-NI_MAXHOST.patch

diff --git a/openssh-6.6.1p1-NI_MAXHOST.patch b/openssh-6.6.1p1-NI_MAXHOST.patch
new file mode 100644
index 0000000..7eeee50
--- /dev/null
+++ b/openssh-6.6.1p1-NI_MAXHOST.patch
@@ -0,0 +1,76 @@
+diff --git a/ChangeLog b/ChangeLog
+index 928999d..3887495 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,10 @@
++20140703
++ - OpenBSD CVS Sync
++   - djm@cvs.openbsd.org 2014/07/03 03:34:09
++     [gss-serv.c session.c ssh-keygen.c]
++     standardise on NI_MAXHOST for gethostname() string lengths; about
++     1/2 the cases were using it already. Fixes bz#2239 en passant
++
+ 20140420
+  - (djm) [bufaux.c compat.c compat.h sshconnect2.c sshd.c version.h]
+    OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519
+diff --git a/gss-serv.c b/gss-serv.c
+index 14f540e..29916d3 100644
+--- a/gss-serv.c
++++ b/gss-serv.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: gss-serv.c,v 1.26 2014/02/26 20:28:44 djm Exp $ */
++/* $OpenBSD: gss-serv.c,v 1.27 2014/07/03 03:34:09 djm Exp $ */
+ 
+ /*
+  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+@@ -102,14 +102,14 @@ static OM_uint32
+ ssh_gssapi_acquire_cred(Gssctxt *ctx)
+ {
+ 	OM_uint32 status;
+-	char lname[MAXHOSTNAMELEN];
++	char lname[NI_MAXHOST];
+ 	gss_OID_set oidset;
+ 
+ 	if (options.gss_strict_acceptor) {
+ 		gss_create_empty_oid_set(&status, &oidset);
+ 		gss_add_oid_set_member(&status, ctx->oid, &oidset);
+ 
+-		if (gethostname(lname, MAXHOSTNAMELEN)) {
++		if (gethostname(lname, sizeof(lname))) {
+ 			gss_release_oid_set(&status, &oidset);
+ 			return (-1);
+ 		}
+diff --git a/session.c b/session.c
+index ba4589b..e4add93 100644
+--- a/session.c
++++ b/session.c
+@@ -49,6 +49,7 @@
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <grp.h>
++#include <netdb.h>
+ #ifdef HAVE_PATHS_H
+ #include <paths.h>
+ #endif
+@@ -2669,7 +2670,7 @@ session_setup_x11fwd(Session *s)
+ {
+ 	struct stat st;
+ 	char display[512], auth_display[512];
+-	char hostname[MAXHOSTNAMELEN];
++	char hostname[NI_MAXHOST];
+ 	u_int i;
+ 
+ 	if (no_x11_forwarding_flag) {
+diff --git a/ssh-keygen.c b/ssh-keygen.c
+index 482dc1c..66198e6 100644
+--- a/ssh-keygen.c
++++ b/ssh-keygen.c
+@@ -165,7 +165,7 @@ int rounds = 0;
+ /* argv0 */
+ extern char *__progname;
+ 
+-char hostname[MAXHOSTNAMELEN];
++char hostname[NI_MAXHOST];
+ 
+ /* moduli.c */
+ int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
diff --git a/openssh.spec b/openssh.spec
index d5f5284..699cc96 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -189,6 +189,8 @@ Patch908: openssh-6.6p1-CVE-2014-2653.patch
 # OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519 key exchange incorrectly
 # Disable the curve25519 KEX when speaking to OpenSSH 6.5 or 6.6
 Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch
+# standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
+Patch910: openssh-6.6.1p1-NI_MAXHOST.patch
 
 License: BSD
 Group: Applications/Internet
@@ -392,6 +394,7 @@ popd
 %patch907 -p1 -b .CLOCK_BOOTTIME
 %patch908 -p1 -b .CVE-2014-2653
 %patch909 -p1 -b .6.6.1
+%patch910 -p1 -b .NI_MAXHOST
 
 %patch200 -p1 -b .audit
 %patch700 -p1 -b .fips