import openssh-8.0p1-13.el8
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
e254e19d0f
commit
46149c40f7
28
SOURCES/openssh-8.0p1-client_alive_count_max.patch
Normal file
28
SOURCES/openssh-8.0p1-client_alive_count_max.patch
Normal file
@ -0,0 +1,28 @@
|
||||
diff --git a/serverloop.c b/serverloop.c
|
||||
index e16eabe2..a8c99e2e 100644
|
||||
--- a/serverloop.c
|
||||
+++ b/serverloop.c
|
||||
@@ -184,7 +184,8 @@ client_alive_check(struct ssh *ssh)
|
||||
int r, channel_id;
|
||||
|
||||
/* timeout, check to see how many we have had */
|
||||
- if (ssh_packet_inc_alive_timeouts(ssh) >
|
||||
+ if (options.client_alive_count_max > 0 &&
|
||||
+ ssh_packet_inc_alive_timeouts(ssh) >
|
||||
options.client_alive_count_max) {
|
||||
sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
|
||||
logit("Timeout, client not responding from %s", remote_id);
|
||||
diff --git a/sshd_config.5 b/sshd_config.5
|
||||
index d47cb0d2..2cddbd59 100644
|
||||
--- a/sshd_config.5
|
||||
+++ b/sshd_config.5
|
||||
@@ -519,6 +519,9 @@ is set to 15, and
|
||||
.Cm ClientAliveCountMax
|
||||
is left at the default, unresponsive SSH clients
|
||||
will be disconnected after approximately 45 seconds.
|
||||
+Setting a zero
|
||||
+.Cm ClientAliveCountMax
|
||||
+disables connection termination.
|
||||
.It Cm ClientAliveInterval
|
||||
Sets a timeout interval in seconds after which if no data has been received
|
||||
from the client,
|
||||
@ -66,7 +66,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.0p1
|
||||
%global openssh_rel 12
|
||||
%global openssh_rel 13
|
||||
%global pam_ssh_agent_ver 0.10.3
|
||||
%global pam_ssh_agent_rel 7
|
||||
|
||||
@ -253,6 +253,10 @@ Patch980: openssh-8.7p1-upstream-cve-2021-41617.patch
|
||||
# 8bdc3bb7cf4c82c3344cfcb82495a43406e87e83
|
||||
# 47adfdc07f4f8ea0064a1495500244de08d311ed~1..7af1e92cd289b7eaa9a683e9a6f2fddd98f37a01
|
||||
Patch981: openssh-8.0p1-sshd_include.patch
|
||||
# Port upstream ClientAliveCountMax behaviour
|
||||
# upstream commit:
|
||||
# 69334996ae203c51c70bf01d414c918a44618f8e
|
||||
Patch982: openssh-8.0p1-client_alive_count_max.patch
|
||||
|
||||
License: BSD
|
||||
Group: Applications/Internet
|
||||
@ -480,6 +484,7 @@ popd
|
||||
%patch978 -p1 -b .sshd_config
|
||||
%patch980 -p1 -b .cve-2021-41617
|
||||
%patch981 -p1 -b .sshdinclude
|
||||
%patch982 -p1 -b .client_alive_count_max
|
||||
|
||||
%patch200 -p1 -b .audit
|
||||
%patch201 -p1 -b .audit-race
|
||||
@ -771,6 +776,9 @@ getent passwd sshd >/dev/null || \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Oct 26 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-13
|
||||
- Upstream: ClientAliveCountMax=0 disable the connection killing behaviour (#2015828)
|
||||
|
||||
* Wed Oct 20 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-12
|
||||
- Add support for "Include" directive in sshd_config file (#1926103)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user