From 18401aefd87ec04bd42aae857b02d9204f20e392 Mon Sep 17 00:00:00 2001
From: renmingshuai <renmingshuai@huawei.com>
Date: Tue, 8 Feb 2022 14:34:13 +0800
Subject: [PATCH] change convtime form returning long to returning int

---
 ...form-returning-long-to-returning-int.patch | 71 +++++++++++++++++++
 ...n-convtime-unit-test-to-int-to-match.patch | 25 +++++++
 openssh.spec                                  | 12 +++-
 3 files changed, 107 insertions(+), 1 deletion(-)
 create mode 100644 backport-change-convtime-form-returning-long-to-returning-int.patch
 create mode 100644 backport-change-types-in-convtime-unit-test-to-int-to-match.patch

diff --git a/backport-change-convtime-form-returning-long-to-returning-int.patch b/backport-change-convtime-form-returning-long-to-returning-int.patch
new file mode 100644
index 0000000..4dfa552
--- /dev/null
+++ b/backport-change-convtime-form-returning-long-to-returning-int.patch
@@ -0,0 +1,71 @@
+Reference:https://github.com/openssh/openssh-portable/commit/6d30673fedec
+---
+ misc.c      | 8 ++++----
+ misc.h      | 2 +-
+ ssh-agent.c | 2 +-
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/misc.c b/misc.c
+index 45d93b6..aa36684 100644
+--- a/misc.c
++++ b/misc.c
+@@ -490,7 +490,7 @@ a2tun(const char *s, int *remote)
+  *
+  * Return -1 if time string is invalid.
+  */
+-long
++int
+ convtime(const char *s)
+ {
+ 	long total, secs, multiplier = 1;
+@@ -507,7 +507,7 @@ convtime(const char *s)
+ 	while (*p) {
+ 		secs = strtol(p, &endp, 10);
+ 		if (p == endp ||
+-		    (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) ||
++		    (errno == ERANGE && (secs == INT_MIN || secs == INT_MAX)) ||
+ 		    secs < 0)
+ 			return -1;
+ 
+@@ -537,10 +537,10 @@ convtime(const char *s)
+ 		default:
+ 			return -1;
+ 		}
+-		if (secs >= LONG_MAX / multiplier)
++		if (secs >= INT_MAX / multiplier)
+ 			return -1;
+ 		secs *= multiplier;
+-		if  (total >= LONG_MAX - secs)
++		if  (total >= INT_MAX - secs)
+ 			return -1;
+ 		total += secs;
+ 		if (total < 0)
+diff --git a/misc.h b/misc.h
+index 4a05db2..2f82f77 100644
+--- a/misc.h
++++ b/misc.h
+@@ -65,7 +65,7 @@ char	*colon(char *);
+ int	 parse_user_host_path(const char *, char **, char **, char **);
+ int	 parse_user_host_port(const char *, char **, char **, int *);
+ int	 parse_uri(const char *, const char *, char **, char **, int *, char **);
+-long	 convtime(const char *);
++int	 convtime(const char *);
+ char	*tilde_expand_filename(const char *, uid_t);
+ char	*percent_expand(const char *, ...) __attribute__((__sentinel__));
+ char	*tohex(const void *, size_t);
+diff --git a/ssh-agent.c b/ssh-agent.c
+index 3bac42d..4818e56 100644
+--- a/ssh-agent.c
++++ b/ssh-agent.c
+@@ -163,7 +163,7 @@ u_char lock_salt[LOCK_SALT_SIZE];
+ extern char *__progname;
+ 
+ /* Default lifetime in seconds (0 == forever) */
+-static long lifetime = 0;
++static int lifetime = 0;
+ 
+ static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
+ 
+-- 
+1.8.3.1
+
diff --git a/backport-change-types-in-convtime-unit-test-to-int-to-match.patch b/backport-change-types-in-convtime-unit-test-to-int-to-match.patch
new file mode 100644
index 0000000..06a4adc
--- /dev/null
+++ b/backport-change-types-in-convtime-unit-test-to-int-to-match.patch
@@ -0,0 +1,25 @@
+Reference:https://github.com/openssh/openssh-portable/commit/02da325f10b
+---
+ misc.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/misc.c b/misc.c
+index aa36684..ecd4ca0 100644
+--- a/misc.c
++++ b/misc.c
+@@ -537,10 +537,10 @@ convtime(const char *s)
+ 		default:
+ 			return -1;
+ 		}
+-		if (secs >= INT_MAX / multiplier)
++		if (secs > INT_MAX / multiplier)
+ 			return -1;
+ 		secs *= multiplier;
+-		if  (total >= INT_MAX - secs)
++		if  (total > INT_MAX - secs)
+ 			return -1;
+ 		total += secs;
+ 		if (total < 0)
+-- 
+1.8.3.1
+
diff --git a/openssh.spec b/openssh.spec
index 8deaf20..37f4181 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -6,7 +6,7 @@
 %{?no_gtk2:%global gtk2 0}
 
 %global sshd_uid    74
-%global openssh_release 16
+%global openssh_release 17
 
 Name:           openssh
 Version:        8.2p1
@@ -96,6 +96,8 @@ Patch63:        backport-CVE-2021-41617-1.patch
 Patch64:        backport-CVE-2021-41617-2.patch
 Patch65:	backport-upstream-Refactor-private-key-parsing.-Eliminates-a-.patch
 Patch66:	backport-CVE-2021-28041.patch
+Patch67:	backport-change-convtime-form-returning-long-to-returning-int.patch
+Patch68:	backport-change-types-in-convtime-unit-test-to-int-to-match.patch
 
 Requires:       /sbin/nologin
 Requires:       libselinux >= 2.3-5 audit-libs >= 1.0.8
@@ -264,6 +266,8 @@ popd
 %patch64 -p1
 %patch65 -p1
 %patch66 -p1
+%patch67 -p1
+%patch68 -p1
 
 autoreconf
 pushd pam_ssh_agent_auth-0.10.3
@@ -475,6 +479,12 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
 
 %changelog
+* Tue Feb 8 2022 renmingshuai<renmingshuai@huawei.com> - 8.2P1-17
+- Type:bugfix
+- CVE:
+- SUG:NA
+- DESC:fix change convtime form returning long to returning int
+
 * Wed Dec 15 2021 renmingshuai<renmingshuai@huawei.com> - 8.2P1-16
 - Type:cves
 - CVE:CVE-2021-28041
-- 
Gitee