forked from pool/openssh
7bccbbd821
- Update to 7.8p1: * no actual changes for the askpass - Format with spec-cleaner - Respect cflags - Use gtk3 rather than gtk2 which is being phased out - Remove the mention of the SLE12 in the README.SUSE - Install firewall rules only when really needed (<SLE15) - Version update to 7.8p1: * For most details see release notes file * ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format - Rebase patches to apply on 7.8p1 release: * openssh-7.7p1-fips.patch * openssh-7.7p1-cavstest-kdf.patch * openssh-7.7p1-fips_checks.patch * openssh-7.7p1-gssapi_key_exchange.patch * openssh-7.7p1-audit.patch * openssh-7.7p1-openssl_1.1.0.patch * openssh-7.7p1-ldap.patch * openssh-7.7p1-IPv6_X_forwarding.patch * openssh-7.7p1-sftp_print_diagnostic_messages.patch * openssh-7.7p1-disable_short_DH_parameters.patch * openssh-7.7p1-hostname_changes_when_forwarding_X.patch * openssh-7.7p1-pam_check_locks.patch * openssh-7.7p1-seed-prng.patch * openssh-7.7p1-systemd-notify.patch * openssh-7.7p1-X11_trusted_forwarding.patch - Dropped patches: OBS-URL: https://build.opensuse.org/request/show/642573 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=153
56 lines
1.5 KiB
Diff
56 lines
1.5 KiB
Diff
# HG changeset patch
|
|
# Parent a60c0d88667efe0a64c030168950b69476af1622
|
|
# --used to be called '-xauth'
|
|
try to remove xauth cookies on logout
|
|
|
|
bnc#98815
|
|
|
|
diff --git a/openssh-7.7p1/session.c b/openssh-7.7p1/session.c
|
|
--- openssh-7.7p1/session.c
|
|
+++ openssh-7.7p1/session.c
|
|
@@ -2302,16 +2302,44 @@ session_close(struct ssh *ssh, Session *
|
|
u_int i;
|
|
|
|
verbose("Close session: user %s from %.200s port %d id %d",
|
|
s->pw->pw_name,
|
|
ssh_remote_ipaddr(ssh),
|
|
ssh_remote_port(ssh),
|
|
s->self);
|
|
|
|
+ if ((s->display != NULL) && (s->auth_proto != NULL) &&
|
|
+ (s->auth_data != NULL) && (options.xauth_location != NULL)) {
|
|
+ pid_t pid;
|
|
+ FILE *f;
|
|
+ char cmd[1024];
|
|
+ struct passwd * pw = s->pw;
|
|
+
|
|
+ if (!(pid = fork())) {
|
|
+ permanently_set_uid(pw);
|
|
+
|
|
+ /* Remove authority data from .Xauthority if appropriate. */
|
|
+ debug("Running %.500s remove %.100s\n",
|
|
+ options.xauth_location, s->auth_display);
|
|
+
|
|
+ snprintf(cmd, sizeof cmd, "unset XAUTHORITY && HOME=\"%.200s\" %s -q -",
|
|
+ s->pw->pw_dir, options.xauth_location);
|
|
+ f = popen(cmd, "w");
|
|
+ if (f) {
|
|
+ fprintf(f, "remove %s\n", s->auth_display);
|
|
+ pclose(f);
|
|
+ } else
|
|
+ error("Could not run %s\n", cmd);
|
|
+ exit(0);
|
|
+ } else if (pid > 0) {
|
|
+ waitpid(pid, NULL, 0);
|
|
+ }
|
|
+ }
|
|
+
|
|
if (s->ttyfd != -1)
|
|
session_pty_cleanup(s);
|
|
free(s->term);
|
|
free(s->display);
|
|
free(s->x11_chanids);
|
|
free(s->auth_display);
|
|
free(s->auth_data);
|
|
free(s->auth_proto);
|