forked from rpms/openssh
Coverity second pass
Reenable akc patch
This commit is contained in:
parent
fc87f2dced
commit
ea97ffa1ed
@ -1,6 +1,6 @@
|
||||
diff -up openssh-5.9p1/auth2-pubkey.c.akc openssh-5.9p1/auth2-pubkey.c
|
||||
--- openssh-5.9p1/auth2-pubkey.c.akc 2011-09-09 17:26:31.000000000 +0200
|
||||
+++ openssh-5.9p1/auth2-pubkey.c 2011-09-09 17:28:15.000000000 +0200
|
||||
--- openssh-5.9p1/auth2-pubkey.c.akc 2011-09-09 19:27:15.369501615 +0200
|
||||
+++ openssh-5.9p1/auth2-pubkey.c 2011-09-09 19:30:32.958509941 +0200
|
||||
@@ -27,6 +27,7 @@
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -47,7 +47,7 @@ diff -up openssh-5.9p1/auth2-pubkey.c.akc openssh-5.9p1/auth2-pubkey.c
|
||||
key_free(found);
|
||||
if (!found_key)
|
||||
debug2("key not found");
|
||||
@@ -452,13 +439,191 @@ user_cert_trusted_ca(struct passwd *pw,
|
||||
@@ -452,13 +439,191 @@ user_cert_trusted_ca(struct passwd *pw,
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -242,7 +242,7 @@ diff -up openssh-5.9p1/auth2-pubkey.c.akc openssh-5.9p1/auth2-pubkey.c
|
||||
if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
|
||||
diff -up openssh-5.9p1/configure.ac.akc openssh-5.9p1/configure.ac
|
||||
--- openssh-5.9p1/configure.ac.akc 2011-08-18 06:48:24.000000000 +0200
|
||||
+++ openssh-5.9p1/configure.ac 2011-09-09 17:26:31.000000000 +0200
|
||||
+++ openssh-5.9p1/configure.ac 2011-09-09 19:27:17.548440048 +0200
|
||||
@@ -1421,6 +1421,18 @@ AC_ARG_WITH([audit],
|
||||
esac ]
|
||||
)
|
||||
@ -271,9 +271,9 @@ diff -up openssh-5.9p1/configure.ac.akc openssh-5.9p1/configure.ac
|
||||
echo " libedit support: $LIBEDIT_MSG"
|
||||
echo " Solaris process contract support: $SPC_MSG"
|
||||
diff -up openssh-5.9p1/servconf.c.akc openssh-5.9p1/servconf.c
|
||||
--- openssh-5.9p1/servconf.c.akc 2011-09-09 17:26:30.000000000 +0200
|
||||
+++ openssh-5.9p1/servconf.c 2011-09-09 17:26:31.000000000 +0200
|
||||
@@ -139,6 +139,8 @@ initialize_server_options(ServerOptions
|
||||
--- openssh-5.9p1/servconf.c.akc 2011-09-09 19:27:03.490455245 +0200
|
||||
+++ openssh-5.9p1/servconf.c 2011-09-09 19:27:17.666565662 +0200
|
||||
@@ -139,6 +139,8 @@ initialize_server_options(ServerOptions
|
||||
options->num_permitted_opens = -1;
|
||||
options->adm_forced_command = NULL;
|
||||
options->chroot_directory = NULL;
|
||||
@ -344,8 +344,8 @@ diff -up openssh-5.9p1/servconf.c.akc openssh-5.9p1/servconf.c
|
||||
/* string arguments requiring a lookup */
|
||||
dump_cfg_string(sLogLevel, log_level_name(o->log_level));
|
||||
diff -up openssh-5.9p1/servconf.h.akc openssh-5.9p1/servconf.h
|
||||
--- openssh-5.9p1/servconf.h.akc 2011-09-09 17:26:30.000000000 +0200
|
||||
+++ openssh-5.9p1/servconf.h 2011-09-09 17:26:31.000000000 +0200
|
||||
--- openssh-5.9p1/servconf.h.akc 2011-09-09 19:27:03.614494286 +0200
|
||||
+++ openssh-5.9p1/servconf.h 2011-09-09 19:27:18.043502934 +0200
|
||||
@@ -174,6 +174,8 @@ typedef struct {
|
||||
char *revoked_keys_file;
|
||||
char *trusted_user_ca_keys;
|
||||
@ -355,22 +355,9 @@ diff -up openssh-5.9p1/servconf.h.akc openssh-5.9p1/servconf.h
|
||||
} ServerOptions;
|
||||
|
||||
/*
|
||||
diff -up openssh-5.9p1/sshd_config.akc openssh-5.9p1/sshd_config
|
||||
--- openssh-5.9p1/sshd_config.akc 2011-09-09 17:26:30.000000000 +0200
|
||||
+++ openssh-5.9p1/sshd_config 2011-09-09 17:26:31.000000000 +0200
|
||||
@@ -49,6 +49,9 @@
|
||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
+#AuthorizedKeysCommand none
|
||||
+#AuthorizedKeysCommandRunAs nobody
|
||||
+
|
||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
|
||||
#RhostsRSAAuthentication no
|
||||
# similar for protocol version 2
|
||||
diff -up openssh-5.9p1/sshd_config.0.akc openssh-5.9p1/sshd_config.0
|
||||
--- openssh-5.9p1/sshd_config.0.akc 2011-09-07 01:16:30.000000000 +0200
|
||||
+++ openssh-5.9p1/sshd_config.0 2011-09-09 17:26:31.000000000 +0200
|
||||
+++ openssh-5.9p1/sshd_config.0 2011-09-09 19:27:18.168626976 +0200
|
||||
@@ -71,6 +71,23 @@ DESCRIPTION
|
||||
|
||||
See PATTERNS in ssh_config(5) for more information on patterns.
|
||||
@ -406,8 +393,8 @@ diff -up openssh-5.9p1/sshd_config.0.akc openssh-5.9p1/sshd_config.0
|
||||
GSSAPIAuthentication, HostbasedAuthentication,
|
||||
HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
|
||||
diff -up openssh-5.9p1/sshd_config.5.akc openssh-5.9p1/sshd_config.5
|
||||
--- openssh-5.9p1/sshd_config.5.akc 2011-09-09 17:26:30.000000000 +0200
|
||||
+++ openssh-5.9p1/sshd_config.5 2011-09-09 17:26:31.000000000 +0200
|
||||
--- openssh-5.9p1/sshd_config.5.akc 2011-09-09 19:27:03.912515059 +0200
|
||||
+++ openssh-5.9p1/sshd_config.5 2011-09-09 19:27:18.292494317 +0200
|
||||
@@ -706,6 +706,8 @@ Available keywords are
|
||||
.Cm AllowAgentForwarding ,
|
||||
.Cm AllowTcpForwarding ,
|
||||
@ -446,3 +433,16 @@ diff -up openssh-5.9p1/sshd_config.5.akc openssh-5.9p1/sshd_config.5
|
||||
.It Cm RhostsRSAAuthentication
|
||||
Specifies whether rhosts or /etc/hosts.equiv authentication together
|
||||
with successful RSA host authentication is allowed.
|
||||
diff -up openssh-5.9p1/sshd_config.akc openssh-5.9p1/sshd_config
|
||||
--- openssh-5.9p1/sshd_config.akc 2011-09-09 19:27:03.754502770 +0200
|
||||
+++ openssh-5.9p1/sshd_config 2011-09-09 19:27:18.446471121 +0200
|
||||
@@ -49,6 +49,9 @@
|
||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
+#AuthorizedKeysCommand none
|
||||
+#AuthorizedKeysCommandRunAs nobody
|
||||
+
|
||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
|
||||
#RhostsRSAAuthentication no
|
||||
# similar for protocol version 2
|
||||
|
@ -1,6 +1,6 @@
|
||||
diff -up openssh-5.9p1/auth-pam.c.coverity openssh-5.9p1/auth-pam.c
|
||||
--- openssh-5.9p1/auth-pam.c.coverity 2009-07-12 14:07:21.000000000 +0200
|
||||
+++ openssh-5.9p1/auth-pam.c 2011-09-08 14:13:59.596485750 +0200
|
||||
+++ openssh-5.9p1/auth-pam.c 2011-09-09 15:13:32.820565436 +0200
|
||||
@@ -216,7 +216,7 @@ pthread_join(sp_pthread_t thread, void *
|
||||
if (sshpam_thread_status != -1)
|
||||
return (sshpam_thread_status);
|
||||
@ -12,7 +12,7 @@ diff -up openssh-5.9p1/auth-pam.c.coverity openssh-5.9p1/auth-pam.c
|
||||
#endif
|
||||
diff -up openssh-5.9p1/channels.c.coverity openssh-5.9p1/channels.c
|
||||
--- openssh-5.9p1/channels.c.coverity 2011-06-23 00:31:57.000000000 +0200
|
||||
+++ openssh-5.9p1/channels.c 2011-09-08 14:13:59.724564062 +0200
|
||||
+++ openssh-5.9p1/channels.c 2011-09-09 15:13:32.911439569 +0200
|
||||
@@ -229,11 +229,11 @@ channel_register_fds(Channel *c, int rfd
|
||||
channel_max_fd = MAX(channel_max_fd, wfd);
|
||||
channel_max_fd = MAX(channel_max_fd, efd);
|
||||
@ -45,7 +45,7 @@ diff -up openssh-5.9p1/channels.c.coverity openssh-5.9p1/channels.c
|
||||
}
|
||||
diff -up openssh-5.9p1/clientloop.c.coverity openssh-5.9p1/clientloop.c
|
||||
--- openssh-5.9p1/clientloop.c.coverity 2011-06-23 00:31:58.000000000 +0200
|
||||
+++ openssh-5.9p1/clientloop.c 2011-09-08 14:13:59.829450205 +0200
|
||||
+++ openssh-5.9p1/clientloop.c 2011-09-09 15:13:33.017564323 +0200
|
||||
@@ -1970,6 +1970,7 @@ client_input_global_request(int type, u_
|
||||
char *rtype;
|
||||
int want_reply;
|
||||
@ -56,7 +56,7 @@ diff -up openssh-5.9p1/clientloop.c.coverity openssh-5.9p1/clientloop.c
|
||||
want_reply = packet_get_char();
|
||||
diff -up openssh-5.9p1/key.c.coverity openssh-5.9p1/key.c
|
||||
--- openssh-5.9p1/key.c.coverity 2011-05-20 11:03:08.000000000 +0200
|
||||
+++ openssh-5.9p1/key.c 2011-09-08 14:13:59.959563856 +0200
|
||||
+++ openssh-5.9p1/key.c 2011-09-09 15:13:33.145442605 +0200
|
||||
@@ -803,8 +803,10 @@ key_read(Key *ret, char **cpp)
|
||||
success = 1;
|
||||
/*XXXX*/
|
||||
@ -68,9 +68,45 @@ diff -up openssh-5.9p1/key.c.coverity openssh-5.9p1/key.c
|
||||
/* advance cp: skip whitespace and data */
|
||||
while (*cp == ' ' || *cp == '\t')
|
||||
cp++;
|
||||
diff -up openssh-5.9p1/monitor.c.coverity openssh-5.9p1/monitor.c
|
||||
--- openssh-5.9p1/monitor.c.coverity 2011-09-09 17:13:15.937439833 +0200
|
||||
+++ openssh-5.9p1/monitor.c 2011-09-09 17:15:18.625466696 +0200
|
||||
@@ -1161,6 +1161,10 @@ mm_answer_keyallowed(int sock, Buffer *m
|
||||
break;
|
||||
}
|
||||
}
|
||||
+
|
||||
+ debug3("%s: key %p is %s",
|
||||
+ __func__, key, allowed ? "allowed" : "not allowed");
|
||||
+
|
||||
if (key != NULL)
|
||||
key_free(key);
|
||||
|
||||
@@ -1182,9 +1186,6 @@ mm_answer_keyallowed(int sock, Buffer *m
|
||||
xfree(chost);
|
||||
}
|
||||
|
||||
- debug3("%s: key %p is %s",
|
||||
- __func__, key, allowed ? "allowed" : "not allowed");
|
||||
-
|
||||
buffer_clear(m);
|
||||
buffer_put_int(m, allowed);
|
||||
buffer_put_int(m, forced_command != NULL);
|
||||
diff -up openssh-5.9p1/openbsd-compat/bindresvport.c.coverity openssh-5.9p1/openbsd-compat/bindresvport.c
|
||||
--- openssh-5.9p1/openbsd-compat/bindresvport.c.coverity 2011-09-09 17:29:14.709442881 +0200
|
||||
+++ openssh-5.9p1/openbsd-compat/bindresvport.c 2011-09-09 17:32:48.770563974 +0200
|
||||
@@ -58,7 +58,7 @@ bindresvport_sa(int sd, struct sockaddr
|
||||
struct sockaddr_in6 *in6;
|
||||
u_int16_t *portp;
|
||||
u_int16_t port;
|
||||
- socklen_t salen;
|
||||
+ socklen_t salen = sizeof(struct sockaddr_storage);
|
||||
int i;
|
||||
|
||||
if (sa == NULL) {
|
||||
diff -up openssh-5.9p1/packet.c.coverity openssh-5.9p1/packet.c
|
||||
--- openssh-5.9p1/packet.c.coverity 2011-05-15 00:58:15.000000000 +0200
|
||||
+++ openssh-5.9p1/packet.c 2011-09-08 14:14:00.075501777 +0200
|
||||
+++ openssh-5.9p1/packet.c 2011-09-09 15:13:33.263447887 +0200
|
||||
@@ -1177,6 +1177,7 @@ packet_read_poll1(void)
|
||||
case DEATTACK_DETECTED:
|
||||
packet_disconnect("crc32 compensation attack: "
|
||||
@ -90,7 +126,7 @@ diff -up openssh-5.9p1/packet.c.coverity openssh-5.9p1/packet.c
|
||||
setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,
|
||||
diff -up openssh-5.9p1/progressmeter.c.coverity openssh-5.9p1/progressmeter.c
|
||||
--- openssh-5.9p1/progressmeter.c.coverity 2006-08-05 04:39:40.000000000 +0200
|
||||
+++ openssh-5.9p1/progressmeter.c 2011-09-08 14:14:00.186620217 +0200
|
||||
+++ openssh-5.9p1/progressmeter.c 2011-09-09 15:13:33.382566039 +0200
|
||||
@@ -65,7 +65,7 @@ static void update_progress_meter(int);
|
||||
|
||||
static time_t start; /* start progress */
|
||||
@ -111,7 +147,7 @@ diff -up openssh-5.9p1/progressmeter.c.coverity openssh-5.9p1/progressmeter.c
|
||||
file = f;
|
||||
diff -up openssh-5.9p1/progressmeter.h.coverity openssh-5.9p1/progressmeter.h
|
||||
--- openssh-5.9p1/progressmeter.h.coverity 2006-03-26 05:30:02.000000000 +0200
|
||||
+++ openssh-5.9p1/progressmeter.h 2011-09-08 14:14:00.299626834 +0200
|
||||
+++ openssh-5.9p1/progressmeter.h 2011-09-09 15:13:33.501438992 +0200
|
||||
@@ -23,5 +23,5 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
@ -121,7 +157,7 @@ diff -up openssh-5.9p1/progressmeter.h.coverity openssh-5.9p1/progressmeter.h
|
||||
void stop_progress_meter(void);
|
||||
diff -up openssh-5.9p1/scp.c.coverity openssh-5.9p1/scp.c
|
||||
--- openssh-5.9p1/scp.c.coverity 2011-01-06 12:41:21.000000000 +0100
|
||||
+++ openssh-5.9p1/scp.c 2011-09-08 14:14:00.404502349 +0200
|
||||
+++ openssh-5.9p1/scp.c 2011-09-09 15:13:33.607564009 +0200
|
||||
@@ -155,7 +155,7 @@ killchild(int signo)
|
||||
{
|
||||
if (do_cmd_pid > 1) {
|
||||
@ -131,9 +167,21 @@ diff -up openssh-5.9p1/scp.c.coverity openssh-5.9p1/scp.c
|
||||
}
|
||||
|
||||
if (signo)
|
||||
diff -up openssh-5.9p1/servconf.c.coverity openssh-5.9p1/servconf.c
|
||||
--- openssh-5.9p1/servconf.c.coverity 2011-09-09 17:24:09.333561142 +0200
|
||||
+++ openssh-5.9p1/servconf.c 2011-09-09 17:26:41.488502345 +0200
|
||||
@@ -1171,7 +1171,7 @@ process_server_config_line(ServerOptions
|
||||
fatal("%s line %d: Missing subsystem name.",
|
||||
filename, linenum);
|
||||
if (!*activep) {
|
||||
- arg = strdelim(&cp);
|
||||
+ /*arg =*/ (void) strdelim(&cp);
|
||||
break;
|
||||
}
|
||||
for (i = 0; i < options->num_subsystems; i++)
|
||||
diff -up openssh-5.9p1/serverloop.c.coverity openssh-5.9p1/serverloop.c
|
||||
--- openssh-5.9p1/serverloop.c.coverity 2011-05-20 11:02:50.000000000 +0200
|
||||
+++ openssh-5.9p1/serverloop.c 2011-09-08 14:14:00.516501505 +0200
|
||||
+++ openssh-5.9p1/serverloop.c 2011-09-09 15:13:33.723564433 +0200
|
||||
@@ -147,13 +147,13 @@ notify_setup(void)
|
||||
static void
|
||||
notify_parent(void)
|
||||
@ -245,7 +293,7 @@ diff -up openssh-5.9p1/serverloop.c.coverity openssh-5.9p1/serverloop.c
|
||||
tun = forced_tun_device;
|
||||
diff -up openssh-5.9p1/sftp-client.c.coverity openssh-5.9p1/sftp-client.c
|
||||
--- openssh-5.9p1/sftp-client.c.coverity 2010-12-04 23:02:48.000000000 +0100
|
||||
+++ openssh-5.9p1/sftp-client.c 2011-09-08 14:14:00.640502358 +0200
|
||||
+++ openssh-5.9p1/sftp-client.c 2011-09-09 15:13:33.845564522 +0200
|
||||
@@ -149,7 +149,7 @@ get_msg(struct sftp_conn *conn, Buffer *
|
||||
}
|
||||
|
||||
@ -470,7 +518,7 @@ diff -up openssh-5.9p1/sftp-client.c.coverity openssh-5.9p1/sftp-client.c
|
||||
size_t len = strlen(p1) + strlen(p2) + 2;
|
||||
diff -up openssh-5.9p1/sftp-client.h.coverity openssh-5.9p1/sftp-client.h
|
||||
--- openssh-5.9p1/sftp-client.h.coverity 2010-12-04 23:02:48.000000000 +0100
|
||||
+++ openssh-5.9p1/sftp-client.h 2011-09-08 14:14:00.750502818 +0200
|
||||
+++ openssh-5.9p1/sftp-client.h 2011-09-09 15:13:33.954567073 +0200
|
||||
@@ -56,49 +56,49 @@ struct sftp_conn *do_init(int, int, u_in
|
||||
u_int sftp_proto_version(struct sftp_conn *);
|
||||
|
||||
@ -570,7 +618,16 @@ diff -up openssh-5.9p1/sftp-client.h.coverity openssh-5.9p1/sftp-client.h
|
||||
#endif
|
||||
diff -up openssh-5.9p1/sftp.c.coverity openssh-5.9p1/sftp.c
|
||||
--- openssh-5.9p1/sftp.c.coverity 2010-12-04 23:02:48.000000000 +0100
|
||||
+++ openssh-5.9p1/sftp.c 2011-09-08 14:25:08.647440423 +0200
|
||||
+++ openssh-5.9p1/sftp.c 2011-09-09 15:13:34.086441893 +0200
|
||||
@@ -206,7 +206,7 @@ killchild(int signo)
|
||||
{
|
||||
if (sshpid > 1) {
|
||||
kill(sshpid, SIGTERM);
|
||||
- waitpid(sshpid, NULL, 0);
|
||||
+ (void) waitpid(sshpid, NULL, 0);
|
||||
}
|
||||
|
||||
_exit(1);
|
||||
@@ -316,7 +316,7 @@ local_do_ls(const char *args)
|
||||
|
||||
/* Strip one path (usually the pwd) from the start of another */
|
||||
@ -674,9 +731,23 @@ diff -up openssh-5.9p1/sftp.c.coverity openssh-5.9p1/sftp.c
|
||||
{
|
||||
struct sftp_statvfs st;
|
||||
char s_used[FMT_SCALED_STRSIZE];
|
||||
diff -up openssh-5.9p1/ssh-agent.c.coverity openssh-5.9p1/ssh-agent.c
|
||||
--- openssh-5.9p1/ssh-agent.c.coverity 2011-06-03 06:14:16.000000000 +0200
|
||||
+++ openssh-5.9p1/ssh-agent.c 2011-09-09 15:13:34.203567987 +0200
|
||||
@@ -1147,8 +1147,8 @@ main(int ac, char **av)
|
||||
sanitise_stdfd();
|
||||
|
||||
/* drop */
|
||||
- setegid(getgid());
|
||||
- setgid(getgid());
|
||||
+ (void) setegid(getgid());
|
||||
+ (void) setgid(getgid());
|
||||
|
||||
#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
|
||||
/* Disable ptrace on Linux without sgid bit */
|
||||
diff -up openssh-5.9p1/sshd.c.coverity openssh-5.9p1/sshd.c
|
||||
--- openssh-5.9p1/sshd.c.coverity 2011-06-23 11:45:51.000000000 +0200
|
||||
+++ openssh-5.9p1/sshd.c 2011-09-08 14:14:01.018565321 +0200
|
||||
+++ openssh-5.9p1/sshd.c 2011-09-09 15:13:34.317564195 +0200
|
||||
@@ -1302,6 +1302,9 @@ server_accept_loop(int *sock_in, int *so
|
||||
if (num_listen_socks < 0)
|
||||
break;
|
||||
|
@ -1,7 +1,7 @@
|
||||
diff -up openssh-5.2p1/dns.c.rh205842 openssh-5.2p1/dns.c
|
||||
--- openssh-5.2p1/dns.c.rh205842 2009-07-27 16:25:28.000000000 +0200
|
||||
+++ openssh-5.2p1/dns.c 2009-07-27 16:40:59.000000000 +0200
|
||||
@@ -176,6 +176,7 @@ verify_host_key_dns(const char *hostname
|
||||
diff -up openssh-5.9p1/dns.c.edns openssh-5.9p1/dns.c
|
||||
--- openssh-5.9p1/dns.c.edns 2010-08-31 14:41:14.000000000 +0200
|
||||
+++ openssh-5.9p1/dns.c 2011-09-09 08:05:27.782440497 +0200
|
||||
@@ -177,6 +177,7 @@ verify_host_key_dns(const char *hostname
|
||||
{
|
||||
u_int counter;
|
||||
int result;
|
||||
@ -9,7 +9,7 @@ diff -up openssh-5.2p1/dns.c.rh205842 openssh-5.2p1/dns.c
|
||||
struct rrsetinfo *fingerprints = NULL;
|
||||
|
||||
u_int8_t hostkey_algorithm;
|
||||
@@ -199,8 +200,19 @@ verify_host_key_dns(const char *hostname
|
||||
@@ -200,8 +201,19 @@ verify_host_key_dns(const char *hostname
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -30,9 +30,9 @@ diff -up openssh-5.2p1/dns.c.rh205842 openssh-5.2p1/dns.c
|
||||
if (result) {
|
||||
verbose("DNS lookup error: %s", dns_result_totext(result));
|
||||
return -1;
|
||||
diff -up openssh-5.2p1/openbsd-compat/getrrsetbyname.c.rh205842 openssh-5.2p1/openbsd-compat/getrrsetbyname.c
|
||||
--- openssh-5.2p1/openbsd-compat/getrrsetbyname.c.rh205842 2009-07-27 16:22:23.000000000 +0200
|
||||
+++ openssh-5.2p1/openbsd-compat/getrrsetbyname.c 2009-07-27 16:41:55.000000000 +0200
|
||||
diff -up openssh-5.9p1/openbsd-compat/getrrsetbyname.c.edns openssh-5.9p1/openbsd-compat/getrrsetbyname.c
|
||||
--- openssh-5.9p1/openbsd-compat/getrrsetbyname.c.edns 2009-07-13 03:38:23.000000000 +0200
|
||||
+++ openssh-5.9p1/openbsd-compat/getrrsetbyname.c 2011-09-09 15:03:39.930500801 +0200
|
||||
@@ -209,8 +209,8 @@ getrrsetbyname(const char *hostname, uns
|
||||
goto fail;
|
||||
}
|
||||
@ -40,7 +40,7 @@ diff -up openssh-5.2p1/openbsd-compat/getrrsetbyname.c.rh205842 openssh-5.2p1/op
|
||||
- /* don't allow flags yet, unimplemented */
|
||||
- if (flags) {
|
||||
+ /* Allow RRSET_FORCE_EDNS0 flag only. */
|
||||
+ if ((flags & !RRSET_FORCE_EDNS0) != 0) {
|
||||
+ if ((flags & ~RRSET_FORCE_EDNS0) != 0) {
|
||||
result = ERRSET_INVAL;
|
||||
goto fail;
|
||||
}
|
||||
@ -57,9 +57,9 @@ diff -up openssh-5.2p1/openbsd-compat/getrrsetbyname.c.rh205842 openssh-5.2p1/op
|
||||
#endif /* RES_USE_DNSEC */
|
||||
|
||||
/* make query */
|
||||
diff -up openssh-5.2p1/openbsd-compat/getrrsetbyname.h.rh205842 openssh-5.2p1/openbsd-compat/getrrsetbyname.h
|
||||
--- openssh-5.2p1/openbsd-compat/getrrsetbyname.h.rh205842 2009-07-27 16:35:02.000000000 +0200
|
||||
+++ openssh-5.2p1/openbsd-compat/getrrsetbyname.h 2009-07-27 16:36:09.000000000 +0200
|
||||
diff -up openssh-5.9p1/openbsd-compat/getrrsetbyname.h.edns openssh-5.9p1/openbsd-compat/getrrsetbyname.h
|
||||
--- openssh-5.9p1/openbsd-compat/getrrsetbyname.h.edns 2007-10-26 08:26:50.000000000 +0200
|
||||
+++ openssh-5.9p1/openbsd-compat/getrrsetbyname.h 2011-09-09 08:05:27.965438689 +0200
|
||||
@@ -72,6 +72,9 @@
|
||||
#ifndef RRSET_VALIDATED
|
||||
# define RRSET_VALIDATED 1
|
@ -79,7 +79,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%define openssh_ver 5.9p1
|
||||
%define openssh_rel 2
|
||||
%define openssh_rel 3
|
||||
%define pam_ssh_agent_ver 0.9.2
|
||||
%define pam_ssh_agent_rel 32
|
||||
|
||||
@ -183,7 +183,7 @@ Patch702: openssh-5.1p1-askpass-progress.patch
|
||||
#?
|
||||
Patch703: openssh-4.3p2-askpass-grab-info.patch
|
||||
#?
|
||||
Patch704: openssh-5.2p1-edns.patch
|
||||
Patch704: openssh-5.9p1-edns.patch
|
||||
#?
|
||||
Patch705: openssh-5.1p1-scp-manpage.patch
|
||||
#?
|
||||
@ -785,6 +785,10 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Sep 9 2011 Jan F. Chadima <jchadima@redhat.com> - 5.9p1-3 + 0.9.2-32
|
||||
- Coverity second pass
|
||||
- Reenable akc patch
|
||||
|
||||
* Thu Sep 8 2011 Jan F. Chadima <jchadima@redhat.com> - 5.9p1-2 + 0.9.2-32
|
||||
- Coverity first pass
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user