rpms/openssh/F-12 openssh-5.1p1-cloexec.patch, 1.2, 1.3 openssh.spec, 1.176, 1.177

Jan F. Chadima jfch2222 at fedoraproject.org
Tue Jan 19 09:24:07 UTC 2010 

Author: jfch2222

Update of /cvs/pkgs/rpms/openssh/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12648

Modified Files:
	openssh-5.1p1-cloexec.patch openssh.spec 
Log Message:
set FD_CLOEXEC on accepted socket

openssh-5.1p1-cloexec.patch:
 channels.c    |   13 +++++++++++++
 sshconnect.c  |    6 +++++-
 sshconnect2.c |    2 ++
 sshd.c        |    1 +
 4 files changed, 21 insertions(+), 1 deletion(-)

Index: openssh-5.1p1-cloexec.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/F-12/openssh-5.1p1-cloexec.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- openssh-5.1p1-cloexec.patch	11 Dec 2008 21:48:41 -0000	1.2
+++ openssh-5.1p1-cloexec.patch	19 Jan 2010 09:24:07 -0000	1.3
@@ -1,6 +1,6 @@
-diff -up openssh-5.1p1/channels.c.cloexec openssh-5.1p1/channels.c
---- openssh-5.1p1/channels.c.cloexec	2008-12-11 22:24:49.000000000 +0100
-+++ openssh-5.1p1/channels.c	2008-12-11 22:29:52.000000000 +0100
+diff -up openssh-5.3p1/channels.c.cloexec openssh-5.3p1/channels.c
+--- openssh-5.3p1/channels.c.cloexec	2010-01-19 09:26:50.000000000 +0100
++++ openssh-5.3p1/channels.c	2010-01-19 09:26:51.000000000 +0100
 @@ -60,6 +60,7 @@
  #include <termios.h>
  #include <unistd.h>
@@ -28,10 +28,10 @@ diff -up openssh-5.1p1/channels.c.cloexe
  	c->rfd = rfd;
  	c->wfd = wfd;
  	c->sock = (rfd == wfd) ? rfd : -1;
-diff -up openssh-5.1p1/sshconnect2.c.cloexec openssh-5.1p1/sshconnect2.c
---- openssh-5.1p1/sshconnect2.c.cloexec	2008-12-11 22:24:49.000000000 +0100
-+++ openssh-5.1p1/sshconnect2.c	2008-12-11 22:24:49.000000000 +0100
-@@ -38,6 +38,7 @@
+diff -up openssh-5.3p1/sshconnect2.c.cloexec openssh-5.3p1/sshconnect2.c
+--- openssh-5.3p1/sshconnect2.c.cloexec	2010-01-19 09:26:50.000000000 +0100
++++ openssh-5.3p1/sshconnect2.c	2010-01-19 09:26:51.000000000 +0100
+@@ -39,6 +39,7 @@
  #include <stdio.h>
  #include <string.h>
  #include <unistd.h>
@@ -39,7 +39,7 @@ diff -up openssh-5.1p1/sshconnect2.c.clo
  #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H)
  #include <vis.h>
  #endif
-@@ -1267,6 +1268,7 @@ ssh_keysign(Key *key, u_char **sigp, u_i
+@@ -1512,6 +1513,7 @@ ssh_keysign(Key *key, u_char **sigp, u_i
  		return -1;
  	}
  	if (pid == 0) {
@@ -47,9 +47,9 @@ diff -up openssh-5.1p1/sshconnect2.c.clo
  		permanently_drop_suid(getuid());
  		close(from[0]);
  		if (dup2(from[1], STDOUT_FILENO) < 0)
-diff -up openssh-5.1p1/sshconnect.c.cloexec openssh-5.1p1/sshconnect.c
---- openssh-5.1p1/sshconnect.c.cloexec	2008-07-02 14:34:30.000000000 +0200
-+++ openssh-5.1p1/sshconnect.c	2008-12-11 22:24:49.000000000 +0100
+diff -up openssh-5.3p1/sshconnect.c.cloexec openssh-5.3p1/sshconnect.c
+--- openssh-5.3p1/sshconnect.c.cloexec	2009-06-21 10:53:53.000000000 +0200
++++ openssh-5.3p1/sshconnect.c	2010-01-19 09:26:51.000000000 +0100
 @@ -38,6 +38,7 @@
  #include <stdlib.h>
  #include <string.h>
@@ -58,7 +58,7 @@ diff -up openssh-5.1p1/sshconnect.c.cloe
  
  #include "xmalloc.h"
  #include "key.h"
-@@ -194,8 +195,11 @@ ssh_create_socket(int privileged, struct
+@@ -191,8 +192,11 @@ ssh_create_socket(int privileged, struct
  		return sock;
  	}
  	sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
@@ -71,3 +71,14 @@ diff -up openssh-5.1p1/sshconnect.c.cloe
  
  	/* Bind the socket to an alternative local IP address */
  	if (options.bind_address == NULL)
+diff -up openssh-5.3p1/sshd.c.cloexec openssh-5.3p1/sshd.c
+--- openssh-5.3p1/sshd.c.cloexec	2010-01-19 09:43:45.000000000 +0100
++++ openssh-5.3p1/sshd.c	2010-01-19 09:47:04.000000000 +0100
+@@ -1105,6 +1105,7 @@ server_accept_loop(int *sock_in, int *so
+ 					error("accept: %.100s", strerror(errno));
+ 				continue;
+ 			}
++			fcntl(*newsock, F_SETFD, FD_CLOEXEC);
+ 			if (unset_nonblock(*newsock) == -1) {
+ 				close(*newsock);
+ 				continue;


Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/F-12/openssh.spec,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -p -r1.176 -r1.177
--- openssh.spec	5 Jan 2010 09:37:18 -0000	1.176
+++ openssh.spec	19 Jan 2010 09:24:07 -0000	1.177
@@ -69,7 +69,7 @@
 Summary: An open source implementation of SSH protocol versions 1 and 2
 Name: openssh
 Version: 5.3p1
-Release: 14%{?dist}%{?rescue_rel}
+Release: 15%{?dist}%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #URL1: http://pamsshauth.sourceforge.net
 #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
@@ -525,6 +525,9 @@ fi
 %endif
 
 %changelog
+* Tue Jan 19 2010 Jan F. Chadima <jchadima at redhat.com> - 5.3p1-15
+- set FD_CLOEXEC on accepted socket (#541809)
+
 * Tue Jan  5 2010 Jan F. Chadima <jchadima at redhat.com> - 5.3p1-14
 - Update the pka patch

More information about the scm-commits mailing list