/[pkgs]/rpms/openssh/devel/openssh-5.1p1-cloexec.patch
ViewVC logotype

Contents of /rpms/openssh/devel/openssh-5.1p1-cloexec.patch

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.2 - (show annotations) (download) (as text)
Thu Dec 11 21:48:41 2008 UTC (11 months, 1 week ago) by tmraz
Branch: MAIN
CVS Tags: openssh-5_2p1-28_fc12, F-12-split, openssh-5_2p1-24_fc12, openssh-5_2p1-27_fc12, openssh-5_2p1-20_fc12, openssh-5_2p1-26_fc12, openssh-5_2p1-23_fc12, openssh-5_2p1-22_fc12, openssh-5_3p1-2_fc13, openssh-5_2p1-4_fc12, openssh-5_1p1-8_fc11, openssh-5_1p1-5_fc11, openssh-5_3p1-8_fc13, openssh-5_2p1-15_fc12, openssh-5_2p1-21_fc12, openssh-5_2p1-16_fc12, openssh-5_3p1-10_fc13, openssh-5_2p1-25_fc12, openssh-5_2p1-1_fc11, openssh-5_2p1-2_fc11, F-11-split, openssh-5_3p1-9_fc13, openssh-5_2p1-10_fc12, openssh-5_1p1-6_fc11, openssh-5_2p1-14_fc12, openssh-5_2p1-11_fc12, openssh-5_2p1-12_fc12, openssh-5_1p1-4_fc11, openssh-5_2p1-9_fc12, openssh-5_2p1-6_fc12, openssh-5_2p1-19_fc12, openssh-5_3p1-7_fc13, openssh-5_3p1-1_fc13, openssh-5_2p1-8_fc12, openssh-5_3p1-3_fc13, openssh-5_1p1-7_fc11, openssh-5_2p1-7_fc12, openssh-5_2p1-18_fc12, openssh-5_2p1-17_fc12, openssh-5_3p1-4_fc13, openssh-5_3p1-5_fc13, openssh-5_3p1-6_fc13, openssh-5_2p1-29_fc13, openssh-5_2p1-5_fc12, HEAD
Changes since 1.1: +33 -3 lines
File MIME type: text/x-patch 
* Thu Dec 11 2008 Tomas Mraz <tmraz@redhat.com> - 5.1p1-4
- set FD_CLOEXEC on channel sockets (#475866)
- adjust summary
- adjust nss-keys patch so it is applicable without selinux patches (#470859)
1 diff -up openssh-5.1p1/channels.c.cloexec openssh-5.1p1/channels.c
2 --- openssh-5.1p1/channels.c.cloexec 2008-12-11 22:24:49.000000000 +0100
3 +++ openssh-5.1p1/channels.c 2008-12-11 22:29:52.000000000 +0100
4 @@ -60,6 +60,7 @@
5 #include <termios.h>
6 #include <unistd.h>
7 #include <stdarg.h>
8 +#include <fcntl.h>
9
10 #include "openbsd-compat/sys-queue.h"
11 #include "xmalloc.h"
12 @@ -230,6 +231,18 @@ channel_register_fds(Channel *c, int rfd
13
14 /* XXX set close-on-exec -markus */
15
16 + if (rfd != -1) {
17 + fcntl(rfd, F_SETFD, FD_CLOEXEC);
18 + }
19 +
20 + if (wfd != -1 && wfd != rfd) {
21 + fcntl(wfd, F_SETFD, FD_CLOEXEC);
22 + }
23 +
24 + if (efd != -1 && efd != rfd && efd != wfd) {
25 + fcntl(efd, F_SETFD, FD_CLOEXEC);
26 + }
27 +
28 c->rfd = rfd;
29 c->wfd = wfd;
30 c->sock = (rfd == wfd) ? rfd : -1;
31 diff -up openssh-5.1p1/sshconnect2.c.cloexec openssh-5.1p1/sshconnect2.c
32 --- openssh-5.1p1/sshconnect2.c.cloexec 2008-12-11 22:24:49.000000000 +0100
33 +++ openssh-5.1p1/sshconnect2.c 2008-12-11 22:24:49.000000000 +0100
34 @@ -38,6 +38,7 @@
35 #include <stdio.h>
36 #include <string.h>
37 #include <unistd.h>
38 +#include <fcntl.h>
39 #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H)
40 #include <vis.h>
41 #endif
42 @@ -1267,6 +1268,7 @@ ssh_keysign(Key *key, u_char **sigp, u_i
43 return -1;
44 }
45 if (pid == 0) {
46 + fcntl(packet_get_connection_in(), F_SETFD, 0); /* keep the socket on exec */
47 permanently_drop_suid(getuid());
48 close(from[0]);
49 if (dup2(from[1], STDOUT_FILENO) < 0)
50 diff -up openssh-5.1p1/sshconnect.c.cloexec openssh-5.1p1/sshconnect.c
51 --- openssh-5.1p1/sshconnect.c.cloexec 2008-07-02 14:34:30.000000000 +0200
52 +++ openssh-5.1p1/sshconnect.c 2008-12-11 22:24:49.000000000 +0100
53 @@ -38,6 +38,7 @@
54 #include <stdlib.h>
55 #include <string.h>
56 #include <unistd.h>
57 +#include <fcntl.h>
58
59 #include "xmalloc.h"
60 #include "key.h"
61 @@ -194,8 +195,11 @@ ssh_create_socket(int privileged, struct
62 return sock;
63 }
64 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
65 - if (sock < 0)
66 + if (sock < 0) {
67 error("socket: %.100s", strerror(errno));
68 + return -1;
69 + }
70 + fcntl(sock, F_SETFD, FD_CLOEXEC);
71
72 /* Bind the socket to an alternative local IP address */
73 if (options.bind_address == NULL)
admin@fedoraproject.org
 ViewVC Help
Powered by ViewVC 1.1.2