pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
openssh: untested update to 7.2p2
Module Name: pkgsrc-wip
Committed By: coypu <coypu%sdf.org@localhost>
Pushed By: coypu
Date: Thu Mar 10 16:51:57 2016 +0200
Changeset: 59fb60c56460125deaf670aa9d4c20a0043724ba
Modified Files:
openssh/Makefile
openssh/PLIST
openssh/distinfo
openssh/patches/patch-sandbox-darwin.c
openssh/patches/patch-session.c
openssh/patches/patch-sshd.c
Added Files:
openssh/TODO
Removed Files:
openssh/patches/patch-clientloop.c
openssh/patches/patch-packet.c
openssh/patches/patch-readconf.c
openssh/patches/patch-ssh.c
Log Message:
openssh: untested update to 7.2p2
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=59fb60c56460125deaf670aa9d4c20a0043724ba
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
openssh/Makefile | 5 ++-
openssh/PLIST | 8 +----
openssh/TODO | 6 ++++
openssh/distinfo | 21 ++++--------
openssh/patches/patch-clientloop.c | 63 ----------------------------------
openssh/patches/patch-packet.c | 16 ---------
openssh/patches/patch-readconf.c | 25 --------------
openssh/patches/patch-sandbox-darwin.c | 4 +--
openssh/patches/patch-session.c | 21 ++++++++----
openssh/patches/patch-ssh.c | 26 --------------
openssh/patches/patch-sshd.c | 54 +++++++++++++----------------
11 files changed, 57 insertions(+), 192 deletions(-)
diffs:
diff --git a/openssh/Makefile b/openssh/Makefile
index 9a2378d..66d990c 100644
--- a/openssh/Makefile
+++ b/openssh/Makefile
@@ -1,8 +1,7 @@
# $NetBSD: Makefile,v 1.242 2016/03/05 11:29:23 jperkin Exp $
-DISTNAME= openssh-7.1p1
-PKGNAME= ${DISTNAME:S/p1/.1/}
-PKGREVISION= 4
+DISTNAME= openssh-7.2p2
+PKGNAME= ${DISTNAME:S/p2/.2/}
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
diff --git a/openssh/PLIST b/openssh/PLIST
index ebe150a..d0a6ca1 100644
--- a/openssh/PLIST
+++ b/openssh/PLIST
@@ -1,7 +1,6 @@
-@comment $NetBSD: PLIST,v 1.17 2015/08/14 08:57:00 jperkin Exp $
+@comment $NetBSD$
bin/scp
bin/sftp
-bin/slogin
bin/ssh
bin/ssh-add
bin/ssh-agent
@@ -10,10 +9,8 @@ bin/ssh-keyscan
libexec/sftp-server
libexec/ssh-keysign
libexec/ssh-pkcs11-helper
-${PLIST.prng}libexec/ssh-rand-helper
man/man1/scp.1
man/man1/sftp.1
-man/man1/slogin.1
man/man1/ssh-add.1
man/man1/ssh-agent.1
man/man1/ssh-keygen.1
@@ -28,8 +25,5 @@ man/man8/ssh-pkcs11-helper.8
man/man8/sshd.8
sbin/sshd
share/examples/openssh/moduli
-${PLIST.darwin}share/examples/openssh/org.openssh.sshd.sb
share/examples/openssh/ssh_config
-${PLIST.prng}share/examples/openssh/ssh_prng_cmds
-${PLIST.pam}share/examples/openssh/sshd.pam
share/examples/openssh/sshd_config
diff --git a/openssh/TODO b/openssh/TODO
new file mode 100644
index 0000000..1d15069
--- /dev/null
+++ b/openssh/TODO
@@ -0,0 +1,6 @@
+This probably breaks OS X X11 forwarding.
+The relevant code has changed, check macports when they update.
+
+segfaults for me on netbsd-current (running ssh@host)
+but so does the previous version.
+(base openssl)
diff --git a/openssh/distinfo b/openssh/distinfo
index 747daee..e4e6989 100644
--- a/openssh/distinfo
+++ b/openssh/distinfo
@@ -1,12 +1,9 @@
$NetBSD: distinfo,v 1.99 2016/02/26 21:06:38 tez Exp $
-SHA1 (openssh-7.1p1-hpn-20150822.diff.bz2) = 444a2fbd80d57ff93b53ade84ec162e2a2f3aa67
-RMD160 (openssh-7.1p1-hpn-20150822.diff.bz2) = 87fb6887d9ccb4b305ff3c25fd5f67847d9996d1
-Size (openssh-7.1p1-hpn-20150822.diff.bz2) = 12173 bytes
-SHA1 (openssh-7.1p1.tar.gz) = ed22af19f962262c493fcc6ed8c8826b2761d9b6
-RMD160 (openssh-7.1p1.tar.gz) = 2c97ea10099fa8658156c0351d60d715655b9b07
-SHA512 (openssh-7.1p1.tar.gz) = f1491ca5a0a733eb27ede966590642a412cb7be7178dcb7b9e5844bbdc8383032f4b00435192b95fc0365b6fe74d6c5ac8d6facbe9d51e1532d049e2f784e8f7
-Size (openssh-7.1p1.tar.gz) = 1493170 bytes
+SHA1 (openssh-7.2p2.tar.gz) = 70e35d7d6386fe08abbd823b3a12a3ca44ac6d38
+RMD160 (openssh-7.2p2.tar.gz) = d18d73719ceeefa5116b5b741124f3604d7ddb99
+SHA512 (openssh-7.2p2.tar.gz) = 44f62b3a7bc50a0735d496a5aedeefb71550d8c10ad8f22b94e29fcc8084842db96e8c4ca41fced17af69e1aab09ed1182a12ad8650d9a46fd8743a0344df95b
+Size (openssh-7.2p2.tar.gz) = 1499808 bytes
SHA1 (patch-Makefile.in) = 98960119bda68a663214c8880484552f1207bcfc
SHA1 (patch-auth-passwd.c) = 92c487cc3c092efb56f8b4ac4ca08ccd67803a83
SHA1 (patch-auth-rhosts.c) = a5e6131e63b83a7e8a06cd80f22def449d6bc2c4
@@ -14,7 +11,6 @@ SHA1 (patch-auth.c) = cd13f8b31b45d668c5e09eca098b17ec8a7c1039
SHA1 (patch-auth1.c) = cdac14ffa4008e62926526e66316b0a553435374
SHA1 (patch-auth2.c) = efc1eb6d28cb6ec2bd87723943f3e36c612d93aa
SHA1 (patch-channels.c) = edcce67664bbbc30a8d10ed2fe58dcece944726c
-SHA1 (patch-clientloop.c) = a99fa9ff36e0068c059ee9daa392d06c01d1761c
SHA1 (patch-config.h.in) = 7406f10b568d2b8237ee575922ce712658d90d59
SHA1 (patch-configure.ac) = d7ba54f34e03fd204eb1a9804fcae7fd16e285e2
SHA1 (patch-defines.h) = bd8687a9a2857f3b8d15ae94095f27f9344003c4
@@ -23,15 +19,12 @@ SHA1 (patch-loginrec.c) = 28082deb14258fe63cbecad8ac96afc016de439c
SHA1 (patch-openbsd-compat_bsd-openpty.c) = eaac72830e36e307c19a7b679e6018ece9aebaac
SHA1 (patch-openbsd-compat_openbsd-compat.h) = bedbede16ab2fe918419c994ba15a20167b411b4
SHA1 (patch-openbsd-compat_port-tun.c) = 690dfb1f945d186dd3de5bea70ed8fab86e590ee
-SHA1 (patch-packet.c) = d302a0802861287e9a5230bbe2a1018c5dc17d28
SHA1 (patch-platform.c) = f8f211dbc5e596c0f82eb86324d18a84c6151ec5
-SHA1 (patch-readconf.c) = e1663d4d9a7ca8de8f87ba42d7b764923cdcc5db
-SHA1 (patch-sandbox-darwin.c) = c9a1fe2e4dbf98e929d983b4206a244e0e354b75
+SHA1 (patch-sandbox-darwin.c) = d8f0b991cee3ee1e0d22299aa5e1636d64ade549
SHA1 (patch-scp.c) = 9c2317b0f796641903a826db355ba06595a26ea1
-SHA1 (patch-session.c) = 2aa1d95a35b52519c4921494855f861dc1380f3b
+SHA1 (patch-session.c) = ad85bc1f809e57e8abb380cbdf93e8f60bb86363
SHA1 (patch-sftp-common.c) = 6819aa040c8f1caa30a704cf6f0588e498df8778
-SHA1 (patch-ssh.c) = 00897c09b7d3037713c579cbc41301623d4c2ebf
SHA1 (patch-sshd.8) = 5bf48cd27cef8e8810b9dc7115f5180102a345d1
-SHA1 (patch-sshd.c) = 85a9f50c8b1bdcc44156e2b457a583ccdbc5821b
+SHA1 (patch-sshd.c) = 211297ad6bc66cc50c517234d6c3fd619c01300a
SHA1 (patch-sshpty.c) = cb691d4fbde808927f2fbcc12b87ad983cf21938
SHA1 (patch-uidswap.c) = 68c4f5ffab7f4c5c9c00b7443a74b2da52809b7e
diff --git a/openssh/patches/patch-clientloop.c b/openssh/patches/patch-clientloop.c
deleted file mode 100644
index a093795..0000000
--- a/openssh/patches/patch-clientloop.c
+++ /dev/null
@@ -1,63 +0,0 @@
-$NetBSD: patch-clientloop.c,v 1.3 2016/01/18 12:53:26 jperkin Exp $
-
-Fix X11 forwarding under Mac OS X Yosemite. Patch taken from MacPorts.
-
-https://trac.macports.org/browser/trunk/dports/net/openssh/files/launchd.patch?rev=121205
-
---- clientloop.c.orig 2015-08-21 04:49:03.000000000 +0000
-+++ clientloop.c
-@@ -315,6 +315,10 @@ client_x11_get_proto(const char *display
- struct stat st;
- u_int now, x11_timeout_real;
-
-+#if __APPLE__
-+ int is_path_to_socket = 0;
-+#endif /* __APPLE__ */
-+
- xauthdir = xauthfile = NULL;
- *_proto = proto;
- *_data = data;
-@@ -330,6 +334,33 @@ client_x11_get_proto(const char *display
- debug("x11_get_proto: DISPLAY not set");
- return;
- }
-+#if __APPLE__
-+ {
-+ /*
-+ * If using launchd socket, remove the screen number from the end
-+ * of $DISPLAY. is_path_to_socket is used later in this function
-+ * to determine if an error should be displayed.
-+ */
-+ char path[PATH_MAX];
-+ struct stat sbuf;
-+
-+ strlcpy(path, display, sizeof(path));
-+ if (0 == stat(path, &sbuf)) {
-+ is_path_to_socket = 1;
-+ } else {
-+ char *dot = strrchr(path, '.');
-+ if (dot) {
-+ *dot = '\0';
-+ /* screen = atoi(dot + 1); */
-+ if (0 == stat(path, &sbuf)) {
-+ is_path_to_socket = 1;
-+ debug("x11_get_proto: $DISPLAY is launchd, removing screennum");
-+ setenv("DISPLAY", path, 1);
-+ }
-+ }
-+ }
-+ }
-+#endif /* __APPLE__ */
- /*
- * Handle FamilyLocal case where $DISPLAY does
- * not match an authorization entry. For this we
-@@ -421,6 +452,9 @@ client_x11_get_proto(const char *display
- if (!got_data) {
- u_int32_t rnd = 0;
-
-+#if __APPLE__
-+ if (!is_path_to_socket)
-+#endif /* __APPLE__ */
- logit("Warning: No xauth data; "
- "using fake authentication data for X11 forwarding.");
- strlcpy(proto, SSH_X11_PROTO, sizeof proto);
diff --git a/openssh/patches/patch-packet.c b/openssh/patches/patch-packet.c
deleted file mode 100644
index 2c5f1a4..0000000
--- a/openssh/patches/patch-packet.c
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-packet.c,v 1.1 2016/02/26 21:06:38 tez Exp $
-
-Fix for CVE-2016-1907
-from https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
-
-
---- packet.c.orig 2016-02-26 18:42:38.037291000 +0000
-+++ packet.c
-@@ -1581,6 +1581,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u
- logit("Bad packet length %u.", state->packlen);
- if ((r = sshpkt_disconnect(ssh, "Packet corrupt")) != 0)
- return r;
-+ return SSH_ERR_CONN_CORRUPT;
- }
- sshbuf_reset(state->incoming_packet);
- } else if (state->packlen == 0) {
diff --git a/openssh/patches/patch-readconf.c b/openssh/patches/patch-readconf.c
deleted file mode 100644
index 79e5a01..0000000
--- a/openssh/patches/patch-readconf.c
+++ /dev/null
@@ -1,25 +0,0 @@
-$NetBSD: patch-readconf.c,v 1.1 2016/01/18 12:53:26 jperkin Exp $
-
-Disable roaming.
-
---- readconf.c.orig 2015-08-21 04:49:03.000000000 +0000
-+++ readconf.c
-@@ -1660,7 +1660,7 @@ initialize_options(Options * options)
- options->tun_remote = -1;
- options->local_command = NULL;
- options->permit_local_command = -1;
-- options->use_roaming = -1;
-+ options->use_roaming = 0;
- options->visual_host_key = -1;
- options->ip_qos_interactive = -1;
- options->ip_qos_bulk = -1;
-@@ -1833,8 +1833,7 @@ fill_default_options(Options * options)
- options->tun_remote = SSH_TUNID_ANY;
- if (options->permit_local_command == -1)
- options->permit_local_command = 0;
-- if (options->use_roaming == -1)
-- options->use_roaming = 1;
-+ options->use_roaming = 0;
- if (options->visual_host_key == -1)
- options->visual_host_key = 0;
- if (options->ip_qos_interactive == -1)
diff --git a/openssh/patches/patch-sandbox-darwin.c b/openssh/patches/patch-sandbox-darwin.c
index b6624a0..04070d9 100644
--- a/openssh/patches/patch-sandbox-darwin.c
+++ b/openssh/patches/patch-sandbox-darwin.c
@@ -2,7 +2,7 @@ $NetBSD: patch-sandbox-darwin.c,v 1.2 2016/01/18 12:53:26 jperkin Exp $
Support sandbox on newer OSX, from MacPorts.
---- sandbox-darwin.c.orig 2015-08-21 04:49:03.000000000 +0000
+--- sandbox-darwin.c.orig 2016-03-09 18:04:48.000000000 +0000
+++ sandbox-darwin.c
@@ -62,8 +62,16 @@ ssh_sandbox_child(struct ssh_sandbox *bo
struct rlimit rl_zero;
@@ -12,7 +12,7 @@ Support sandbox on newer OSX, from MacPorts.
+#ifndef SANDBOX_NAMED_EXTERNAL
+#define SANDBOX_NAMED_EXTERNAL (0x3)
+#endif
-+ if (sandbox_init("@PKG_SYSCONFDIR@/org.openssh.sshd.sb",
++ if (sandbox_init("/usr/pkg/etc/ssh/org.openssh.sshd.sb",
+ SANDBOX_NAMED_EXTERNAL, &errmsg) == -1)
+#else
if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED,
diff --git a/openssh/patches/patch-session.c b/openssh/patches/patch-session.c
index 6a4285c..7e033af 100644
--- a/openssh/patches/patch-session.c
+++ b/openssh/patches/patch-session.c
@@ -2,9 +2,18 @@ $NetBSD: patch-session.c,v 1.5 2016/01/18 12:53:26 jperkin Exp $
Interix support
---- session.c.orig 2015-08-21 04:49:03.000000000 +0000
+--- session.c.orig 2016-03-09 18:04:48.000000000 +0000
+++ session.c
-@@ -1093,7 +1093,7 @@ read_etc_default_login(char ***env, u_in
+@@ -398,7 +398,7 @@ do_authenticated1(Authctxt *authctxt)
+ break;
+ }
+ debug("Received TCP/IP port forwarding request.");
+- if (channel_input_port_forward_request(s->pw->pw_uid == 0,
++ if (channel_input_port_forward_request(s->pw->pw_uid == ROOTUID,
+ &options.fwd_opts) < 0) {
+ debug("Port forwarding failed.");
+ break;
+@@ -1117,7 +1117,7 @@ read_etc_default_login(char ***env, u_in
if (tmpenv == NULL)
return;
@@ -13,7 +22,7 @@ Interix support
var = child_get_env(tmpenv, "SUPATH");
else
var = child_get_env(tmpenv, "PATH");
-@@ -1202,7 +1202,7 @@ do_setup_env(Session *s, const char *she
+@@ -1226,7 +1226,7 @@ do_setup_env(Session *s, const char *she
# endif /* HAVE_ETC_DEFAULT_LOGIN */
if (path == NULL || *path == '\0') {
child_set_env(&env, &envsize, "PATH",
@@ -22,7 +31,7 @@ Interix support
SUPERUSER_PATH : _PATH_STDPATH);
}
# endif /* HAVE_CYGWIN */
-@@ -1316,6 +1316,18 @@ do_setup_env(Session *s, const char *she
+@@ -1340,6 +1340,18 @@ do_setup_env(Session *s, const char *she
strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
read_environment_file(&env, &envsize, buf);
}
@@ -41,7 +50,7 @@ Interix support
if (debug_flag) {
/* dump the environment */
fprintf(stderr, "Environment:\n");
-@@ -1510,11 +1522,13 @@ do_setusercontext(struct passwd *pw)
+@@ -1531,11 +1543,13 @@ do_setusercontext(struct passwd *pw)
perror("setgid");
exit(1);
}
@@ -55,7 +64,7 @@ Interix support
endgrent();
#endif
-@@ -2356,7 +2370,7 @@ session_pty_cleanup2(Session *s)
+@@ -2381,7 +2395,7 @@ session_pty_cleanup2(Session *s)
record_logout(s->pid, s->tty, s->pw->pw_name);
/* Release the pseudo-tty. */
diff --git a/openssh/patches/patch-ssh.c b/openssh/patches/patch-ssh.c
deleted file mode 100644
index 32c1235..0000000
--- a/openssh/patches/patch-ssh.c
+++ /dev/null
@@ -1,26 +0,0 @@
-$NetBSD: patch-ssh.c,v 1.5 2016/01/18 12:53:26 jperkin Exp $
-
-Interix support
-Disable roaming
-
---- ssh.c.orig 2015-08-21 04:49:03.000000000 +0000
-+++ ssh.c
-@@ -1084,7 +1084,7 @@ main(int ac, char **av)
- "disabling");
- options.update_hostkeys = 0;
- }
--#ifndef HAVE_CYGWIN
-+#if defined(HAVE_CYGWIN) || defined(HAVE_INTERIX)
- if (original_effective_uid != 0)
- options.use_privileged_port = 0;
- #endif
-@@ -1932,9 +1932,6 @@ ssh_session2(void)
- fork_postauth();
- }
-
-- if (options.use_roaming)
-- request_roaming();
--
- return client_loop(tty_flag, tty_flag ?
- options.escape_char : SSH_ESCAPECHAR_NONE, id);
- }
diff --git a/openssh/patches/patch-sshd.c b/openssh/patches/patch-sshd.c
index 36b0419..0057a5b 100644
--- a/openssh/patches/patch-sshd.c
+++ b/openssh/patches/patch-sshd.c
@@ -3,9 +3,9 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
* Interix support
* Revive tcp_wrappers support.
---- sshd.c.orig 2015-08-21 04:49:03.000000000 +0000
+--- sshd.c.orig 2016-03-09 18:04:48.000000000 +0000
+++ sshd.c
-@@ -126,6 +126,13 @@
+@@ -125,6 +125,13 @@
#include "version.h"
#include "ssherr.h"
@@ -19,7 +19,7 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
#ifndef O_NOCTTY
#define O_NOCTTY 0
#endif
-@@ -237,7 +244,11 @@ int *startup_pipes = NULL;
+@@ -236,7 +243,11 @@ int *startup_pipes = NULL;
int startup_pipe; /* in child */
/* variables used for privilege separation */
@@ -31,34 +31,28 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
struct monitor *pmonitor = NULL;
int privsep_is_preauth = 1;
-@@ -644,10 +655,15 @@ privsep_preauth_child(void)
- /* XXX not ready, too heavy after chroot */
- do_setusercontext(privsep_pw);
- #else
+@@ -643,6 +654,10 @@ privsep_preauth_child(void)
+ /* Drop our privileges */
+ debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
+ (u_int)privsep_pw->pw_gid);
+#ifdef HAVE_INTERIX
-+ if (setuser(privsep_pw->pw_name, NULL, SU_COMPLETE))
-+ fatal("setuser: %.100s", strerror(errno));
-+#else
- gidset[0] = privsep_pw->pw_gid;
- if (setgroups(1, gidset) < 0)
- fatal("setgroups: %.100s", strerror(errno));
- permanently_set_uid(privsep_pw);
-+#endif /* HAVE_INTERIX */
- #endif
- }
++ if (setuser(privsep_pw->pw_name, NULL, SU_COMPLETE))
++ fatal("setuser: %.100s", strerror(errno));
++#endif
+ gidset[0] = privsep_pw->pw_gid;
+ if (setgroups(1, gidset) < 0)
+ fatal("setgroups: %.100s", strerror(errno));
+@@ -712,11 +727,17 @@ privsep_preauth(Authctxt *authctxt)
-@@ -715,11 +731,18 @@ privsep_preauth(Authctxt *authctxt)
+ /* Arrange for logging to be sent to the monitor */
set_log_handler(mm_log_handler, pmonitor);
-
- /* Demote the child */
-- if (getuid() == 0 || geteuid() == 0)
-+#ifdef __APPLE_SANDBOX_NAMED_EXTERNAL__
+-
++#ifdef __APPLE_SANDBOX_NAMED_EXTERNAL_
+ /* We need to do this before we chroot() so we can read sshd.sb */
+ if (box != NULL)
-+ ssh_sandbox_child(box);
++ ssh_sandbox_child(box);_
+#endif
-+ if (getuid() == ROOTUID || geteuid() == ROOTUID)
- privsep_preauth_child();
+ privsep_preauth_child();
setproctitle("%s", "[net]");
+#ifndef __APPLE_SANDBOX_NAMED_EXTERNAL__
if (box != NULL)
@@ -67,7 +61,7 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
return 0;
}
-@@ -733,7 +756,7 @@ privsep_postauth(Authctxt *authctxt)
+@@ -730,7 +751,7 @@ privsep_postauth(Authctxt *authctxt)
#ifdef DISABLE_FD_PASSING
if (1) {
#else
@@ -76,7 +70,7 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
#endif
/* File descriptor passing is broken or root login */
use_privsep = 0;
-@@ -1489,8 +1512,10 @@ main(int ac, char **av)
+@@ -1497,8 +1518,10 @@ main(int ac, char **av)
av = saved_argv;
#endif
@@ -88,7 +82,7 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
-@@ -1919,7 +1944,7 @@ main(int ac, char **av)
+@@ -1925,7 +1948,7 @@ main(int ac, char **av)
(st.st_uid != getuid () ||
(st.st_mode & (S_IWGRP|S_IWOTH)) != 0))
#else
@@ -97,7 +91,7 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
#endif
fatal("%s must be owned by root and not group or "
"world-writable.", _PATH_PRIVSEP_CHROOT_DIR);
-@@ -1942,8 +1967,10 @@ main(int ac, char **av)
+@@ -1948,8 +1971,10 @@ main(int ac, char **av)
* to create a file, and we can't control the code in every
* module which might be used).
*/
@@ -108,7 +102,7 @@ $NetBSD: patch-sshd.c,v 1.6 2016/01/18 12:53:26 jperkin Exp $
if (rexec_flag) {
rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *));
-@@ -2139,6 +2166,25 @@ main(int ac, char **av)
+@@ -2145,6 +2170,25 @@ main(int ac, char **av)
audit_connection_from(remote_ip, remote_port);
#endif
Home |
Main Index |
Thread Index |
Old Index