Re: bin/58412: ssh update breaks sshd

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,martin%NetBSD.org@localhost
Subject: Re: bin/58412: ssh update breaks sshd
From: RVP <rvp%SDF.ORG@localhost>
Date: Wed, 10 Jul 2024 13:00:03 +0000 (UTC)

The following reply was made to PR bin/58412; it has been noted by GNATS.

From: RVP <rvp%SDF.ORG@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: bin/58412: ssh update breaks sshd
Date: Wed, 10 Jul 2024 12:57:22 +0000 (UTC)

 In our src/crypto/external/bsd/openssh/dist/auth-pam.c, we have:
 
 #define SSHD_PAM_SERVICE		getprogname()
 
 but, in one of the commit messages leading to 9.8, we read:
 
 ```
 commit a8fbe2f7d0d96d299ee8e69769e3b51067978748
 Author: Damien Miller <djm%mindrot.org@localhost>
 Date:   Thu Jun 13 16:41:29 2024 +1000
 
      sshd: don't use argv[0] as PAM service name
 
      sshd would implicitly use argv[0] as the PAM service name to
      allow people to select different PAM service names by making
      differently-named copies/links to the sshd binary.
 
      Splitting sshd into sshd/sshd-session broke this, as the process
      that starts PAM is always sshd-session and the user has no control
      over this.
 
      Hardcode "sshd" as the default PAM service name unless/until we
      figure out a better way. Should unbreak OSX integration tests.
 ```
 
 So, hard-code it to "sshd" or set a `PAMServiceName "sshd"' in sshd_config
 as an override.
 
 -RVP

Prev by Date: Re: toolchain/58411: GCC/x86_64 10.5 and 12.4 miscompile GCC/sh3 12.4
Next by Date: PR/58412 CVS commit: src/crypto/external/bsd/openssh/dist
Previous by Thread: bin/58412: ssh update breaks sshd
Next by Thread: PR/58412 CVS commit: src/crypto/external/bsd/openssh/dist
Indexes:

Home | Main Index | Thread Index | Old Index