rpms/openssh
6
0
Fork 1
Code Issues Pull Requests Releases Activity

fix fatal() cleanup in the audit patch (#1029074)

Browse Source
This commit is contained in:
Petr Lautrbach 2013-11-26 13:22:08 +01:00
parent 36a09e37e8
commit 82d2beb4d4
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
openssh-6.4p1-audit.patch
View File

@ -2148,6 +2148,15 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c
} }
/* Certs do not need demotion */ /* Certs do not need demotion */
} }
@@ -652,7 +703,7 @@ privsep_preauth(Authctxt *authctxt)
if (use_privsep == PRIVSEP_ON)
box = ssh_sandbox_init();
- pid = fork();
+ pmonitor->m_pid = pid = fork();
if (pid == -1) {
fatal("fork of unprivileged child failed");
} else if (pid != 0) {
@@ -708,6 +759,8 @@ privsep_preauth(Authctxt *authctxt) @@ -708,6 +759,8 @@ privsep_preauth(Authctxt *authctxt)
} }
} }
@ -2244,7 +2253,7 @@ diff -up openssh-6.3p1/sshd.c.audit openssh-6.3p1/sshd.c
pmonitor->m_pid, strerror(errno)); pmonitor->m_pid, strerror(errno));
} }
} }
+ is_privsep_child = use_privsep && pmonitor != NULL && !mm_is_monitor(); + is_privsep_child = use_privsep && pmonitor != NULL && pmonitor->m_pid == 0;
+ if (sensitive_data.host_keys != NULL) + if (sensitive_data.host_keys != NULL)
+ destroy_sensitive_data(is_privsep_child); + destroy_sensitive_data(is_privsep_child);
+ packet_destroy_all(1, is_privsep_child); + packet_destroy_all(1, is_privsep_child);