rpms/openssh/devel openssh-5.1p1-cloexec.patch, 1.2, 1.3 openssh.spec, 1.186, 1.187
Jan F. Chadima
jfch2222 at fedoraproject.org
Tue Jan 19 09:07:39 UTC 2010
Author: jfch2222
Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10922
Modified Files:
openssh-5.1p1-cloexec.patch openssh.spec
Log Message:
set FD_CLOEXEC on accepted socket
openssh-5.1p1-cloexec.patch:
channels.c | 13 +++++++++++++
sshconnect.c | 6 +++++-
sshconnect2.c | 2 ++
sshd.c | 1 +
4 files changed, 21 insertions(+), 1 deletion(-)
Index: openssh-5.1p1-cloexec.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.1p1-cloexec.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- openssh-5.1p1-cloexec.patch 11 Dec 2008 21:48:41 -0000 1.2
+++ openssh-5.1p1-cloexec.patch 19 Jan 2010 09:07:39 -0000 1.3
@@ -1,6 +1,6 @@
-diff -up openssh-5.1p1/channels.c.cloexec openssh-5.1p1/channels.c
---- openssh-5.1p1/channels.c.cloexec 2008-12-11 22:24:49.000000000 +0100
-+++ openssh-5.1p1/channels.c 2008-12-11 22:29:52.000000000 +0100
+diff -up openssh-5.3p1/channels.c.cloexec openssh-5.3p1/channels.c
+--- openssh-5.3p1/channels.c.cloexec 2010-01-19 09:26:50.000000000 +0100
++++ openssh-5.3p1/channels.c 2010-01-19 09:26:51.000000000 +0100
@@ -60,6 +60,7 @@
#include <termios.h>
#include <unistd.h>
@@ -28,10 +28,10 @@ diff -up openssh-5.1p1/channels.c.cloexe
c->rfd = rfd;
c->wfd = wfd;
c->sock = (rfd == wfd) ? rfd : -1;
-diff -up openssh-5.1p1/sshconnect2.c.cloexec openssh-5.1p1/sshconnect2.c
---- openssh-5.1p1/sshconnect2.c.cloexec 2008-12-11 22:24:49.000000000 +0100
-+++ openssh-5.1p1/sshconnect2.c 2008-12-11 22:24:49.000000000 +0100
-@@ -38,6 +38,7 @@
+diff -up openssh-5.3p1/sshconnect2.c.cloexec openssh-5.3p1/sshconnect2.c
+--- openssh-5.3p1/sshconnect2.c.cloexec 2010-01-19 09:26:50.000000000 +0100
++++ openssh-5.3p1/sshconnect2.c 2010-01-19 09:26:51.000000000 +0100
+@@ -39,6 +39,7 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
@@ -39,7 +39,7 @@ diff -up openssh-5.1p1/sshconnect2.c.clo
#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H)
#include <vis.h>
#endif
-@@ -1267,6 +1268,7 @@ ssh_keysign(Key *key, u_char **sigp, u_i
+@@ -1512,6 +1513,7 @@ ssh_keysign(Key *key, u_char **sigp, u_i
return -1;
}
if (pid == 0) {
@@ -47,9 +47,9 @@ diff -up openssh-5.1p1/sshconnect2.c.clo
permanently_drop_suid(getuid());
close(from[0]);
if (dup2(from[1], STDOUT_FILENO) < 0)
-diff -up openssh-5.1p1/sshconnect.c.cloexec openssh-5.1p1/sshconnect.c
---- openssh-5.1p1/sshconnect.c.cloexec 2008-07-02 14:34:30.000000000 +0200
-+++ openssh-5.1p1/sshconnect.c 2008-12-11 22:24:49.000000000 +0100
+diff -up openssh-5.3p1/sshconnect.c.cloexec openssh-5.3p1/sshconnect.c
+--- openssh-5.3p1/sshconnect.c.cloexec 2009-06-21 10:53:53.000000000 +0200
++++ openssh-5.3p1/sshconnect.c 2010-01-19 09:26:51.000000000 +0100
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
@@ -58,7 +58,7 @@ diff -up openssh-5.1p1/sshconnect.c.cloe
#include "xmalloc.h"
#include "key.h"
-@@ -194,8 +195,11 @@ ssh_create_socket(int privileged, struct
+@@ -191,8 +192,11 @@ ssh_create_socket(int privileged, struct
return sock;
}
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
@@ -71,3 +71,14 @@ diff -up openssh-5.1p1/sshconnect.c.cloe
/* Bind the socket to an alternative local IP address */
if (options.bind_address == NULL)
+diff -up openssh-5.3p1/sshd.c.cloexec openssh-5.3p1/sshd.c
+--- openssh-5.3p1/sshd.c.cloexec 2010-01-19 09:43:45.000000000 +0100
++++ openssh-5.3p1/sshd.c 2010-01-19 09:47:04.000000000 +0100
+@@ -1105,6 +1105,7 @@ server_accept_loop(int *sock_in, int *so
+ error("accept: %.100s", strerror(errno));
+ continue;
+ }
++ fcntl(*newsock, F_SETFD, FD_CLOEXEC);
+ if (unset_nonblock(*newsock) == -1) {
+ close(*newsock);
+ continue;
Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.186
retrieving revision 1.187
diff -u -p -r1.186 -r1.187
--- openssh.spec 11 Jan 2010 08:32:06 -0000 1.186
+++ openssh.spec 19 Jan 2010 09:07:39 -0000 1.187
@@ -69,7 +69,7 @@
Summary: An open source implementation of SSH protocol versions 1 and 2
Name: openssh
Version: 5.3p1
-Release: 15%{?dist}%{?rescue_rel}
+Release: 16%{?dist}%{?rescue_rel}
URL: http://www.openssh.com/portable.html
#URL1: http://pamsshauth.sourceforge.net
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
@@ -525,6 +525,9 @@ fi
%endif
%changelog
+* Tue Jan 19 2010 Jan F. Chadima <jchadima at redhat.com> - 5.3p1-16
+- set FD_CLOEXEC on accepted socket (#541809)
+
* Fri Jan 8 2010 Jan F. Chadima <jchadima at redhat.com> - 5.3p1-15
- replaced define by global in macros
@@ -1144,7 +1147,7 @@ fi
- update to 3.6.1p2
* Wed Jun 04 2003 Elliot Lee <sopwith at redhat.com>
-- rebuilt
+6 rebuilt
* Mon Mar 24 2003 Florian La Roche <Florian.LaRoche at redhat.de>
- add patch for getsockopt() call to work on bigendian 64bit archs
More information about the scm-commits
mailing list