rpm/libssh2_org
SHA256
1
0
Fork 0
forked from pool/libssh2_org
Code Pull Requests Activity
libssh2_org/libssh2-ocloexec.patch
Pedro Monreal Gonzalez 9307041c2f Accepting request 711121 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ 
- Version update to 1.9.0:
   Enhancements and bugfixes:
    * adds ECDSA keys and host key support when using OpenSSL
    * adds ED25519 key and host key support when using OpenSSL 1.1.1
    * adds OpenSSH style key file reading
    * adds AES CTR mode support when using WinCNG
    * adds PEM passphrase protected file support for Libgcrypt and WinCNG
    * adds SHA256 hostkey fingerprint
    * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path()
    * adds explicit zeroing of sensitive data in memory
    * adds additional bounds checks to network buffer reads
    * adds the ability to use the server default permissions when creating sftp directories
    * adds support for building with OpenSSL no engine flag
    * adds support for building with LibreSSL
    * increased sftp packet size to 256k
    * fixed oversized packet handling in sftp
    * fixed building with OpenSSL 1.1
    * fixed a possible crash if sftp stat gets an unexpected response
    * fixed incorrect parsing of the KEX preference string value
    * fixed conditional RSA and AES-CTR support
    * fixed a small memory leak during the key exchange process
    * fixed a possible memory leak of the ssh banner string
    * fixed various small memory leaks in the backends
    * fixed possible out of bounds read when parsing public keys from the server
    * fixed possible out of bounds read when parsing invalid PEM files
    * no longer null terminates the scp remote exec command
    * now handle errors when diffie hellman key pair generation fails
    * improved building instructions
    * improved unit tests
- Rebased patch libssh2-ocloexec.patch

OBS-URL: https://build.opensuse.org/request/show/711121
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libssh2_org?expand=0&rev=65
2019-06-21 09:50:59 +00:00

73 lines
2.9 KiB
Diff
Raw Blame History

From 33a59a1905feb5d786e9d457f287dd9e81a9f747 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
Date: Tue, 27 Dec 2011 00:33:28 -0300
Subject: [PATCH] Use O_CLOEXEC where needed
---
src/agent.c | 2 +-
src/knownhost.c | 4 ++--
src/userauth.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
Index: libssh2-1.9.0/src/agent.c
===================================================================
--- libssh2-1.9.0.orig/src/agent.c
+++ libssh2-1.9.0/src/agent.c
@@ -157,7 +157,7 @@ agent_connect_unix(LIBSSH2_AGENT *agent)
"no auth sock variable");
}
- agent->fd = socket(PF_UNIX, SOCK_STREAM, 0);
+ agent->fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
if(agent->fd < 0)
return _libssh2_error(agent->session, LIBSSH2_ERROR_BAD_SOCKET,
"failed creating socket");
Index: libssh2-1.9.0/src/knownhost.c
===================================================================
--- libssh2-1.9.0.orig/src/knownhost.c
+++ libssh2-1.9.0/src/knownhost.c
@@ -963,7 +963,7 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWN
"Unsupported type of known-host information "
"store");
- file = fopen(filename, FOPEN_READTEXT);
+ file = fopen(filename, FOPEN_READTEXT_CLOEXEC);
if(file) {
while(fgets(buf, sizeof(buf), file)) {
if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) {
@@ -1204,7 +1204,7 @@ libssh2_knownhost_writefile(LIBSSH2_KNOW
"Unsupported type of known-host information "
"store");
- file = fopen(filename, FOPEN_WRITETEXT);
+ file = fopen(filename, FOPEN_WRITETEXT_CLOEXEC);
if(!file)
return _libssh2_error(hosts->session, LIBSSH2_ERROR_FILE,
"Failed to open file");
Index: libssh2-1.9.0/src/userauth.c
===================================================================
--- libssh2-1.9.0.orig/src/userauth.c
+++ libssh2-1.9.0/src/userauth.c
@@ -578,7 +578,7 @@ file_read_publickey(LIBSSH2_SESSION * se
_libssh2_debug(session, LIBSSH2_TRACE_AUTH, "Loading public key file: %s",
pubkeyfile);
/* Read Public Key */
- fd = fopen(pubkeyfile, FOPEN_READTEXT);
+ fd = fopen(pubkeyfile, FOPEN_READTEXT_CLOEXEC);
if(!fd) {
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
"Unable to open public key file");
Index: libssh2-1.9.0/src/libssh2_priv.h
===================================================================
--- libssh2-1.9.0.orig/src/libssh2_priv.h
+++ libssh2-1.9.0/src/libssh2_priv.h
@@ -1138,6 +1138,8 @@ endings either CRLF or LF so 't' is appr
#define FOPEN_READTEXT "r"
#define FOPEN_WRITETEXT "w"
#define FOPEN_APPENDTEXT "a"
+#define FOPEN_READTEXT_CLOEXEC "re"
+#define FOPEN_WRITETEXT_CLOEXEC "we"
#endif
#endif /* LIBSSH2_H */
View Git Blame Copy Permalink