712ccf3395
- Update of the underlying OpenSSH to 6.4p1
- Update to 6.4p1
Features since 6.2p2:
* ssh-agent(1) support in sshd(8); allows encrypted hostkeys, or
hostkeys on smartcards.
* ssh(1)/sshd(8): allow optional time-based rekeying via a
second argument to the existing RekeyLimit option. RekeyLimit
is now supported in sshd_config as well as on the client.
* sshd(8): standardise logging of information during user
authentication.
* The presented key/cert and the remote username (if available)
is now logged in the authentication success/failure message on
the same log line as the local username, remote host/port and
protocol in use. Certificates contents and the key
fingerprint of the signing CA are logged too.
* ssh(1) ability to query what cryptographic algorithms are
supported in the binary.
* ssh(1): ProxyCommand=- for cases where stdin and stdout
already point to the proxy.
* ssh(1): allow IdentityFile=none
* ssh(1)/sshd(8): -E option to append debugging logs to a
specified file instead of stderr or syslog.
* sftp(1): support resuming partial downloads with the "reget"
command and on the sftp commandline or on the "get"
commandline with the "-a" (append) option.
* ssh(1): "IgnoreUnknown" configuration option to selectively
suppress errors arising from unknown configuration directives.
* sshd(8): support for submethods to be appended to required
authentication methods listed via AuthenticationMethods.
OBS-URL: https://build.opensuse.org/request/show/220466
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=58
47 lines
1.3 KiB
Diff
47 lines
1.3 KiB
Diff
# related to bnc#49845, upstream bug #529
|
|
|
|
diff --git a/openssh-6.4p1/sshd.c b/openssh-6.4p1/sshd.c
|
|
--- a/openssh-6.4p1/sshd.c
|
|
+++ b/openssh-6.4p1/sshd.c
|
|
@@ -309,16 +309,17 @@ sighup_handler(int sig)
|
|
|
|
/*
|
|
* Called from the main program after receiving SIGHUP.
|
|
* Restarts the server.
|
|
*/
|
|
static void
|
|
sighup_restart(void)
|
|
{
|
|
+ int i;
|
|
logit("Received SIGHUP; restarting.");
|
|
close_listen_socks();
|
|
close_startup_pipes();
|
|
alarm(0); /* alarm timer persists across exec */
|
|
signal(SIGHUP, SIG_IGN); /* will be restored after exec */
|
|
execv(saved_argv[0], saved_argv);
|
|
logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
|
|
strerror(errno));
|
|
@@ -1382,17 +1383,21 @@ main(int ac, char **av)
|
|
saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
|
|
for (i = 0; i < ac; i++)
|
|
saved_argv[i] = xstrdup(av[i]);
|
|
saved_argv[i] = NULL;
|
|
|
|
#ifndef HAVE_SETPROCTITLE
|
|
/* Prepare for later setproctitle emulation */
|
|
compat_init_setproctitle(ac, av);
|
|
- av = saved_argv;
|
|
+
|
|
+ av = xmalloc(sizeof(*saved_argv) * (saved_argc + 1));
|
|
+ for (i = 0; i < saved_argc; i++)
|
|
+ av[i] = xstrdup(saved_argv[i]);
|
|
+ av[i] = NULL;
|
|
#endif
|
|
|
|
if (geteuid() == 0 && setgroups(0, NULL) == -1)
|
|
debug("setgroups(): %.200s", strerror(errno));
|
|
|
|
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
sanitise_stdfd();
|
|
|