Fix after-release bug in PermitOpen (posted on ML)
This commit is contained in:
Jakub Jelen
parent
5b55d0951d
commit
c08aa4b8b1
47
openssh-7.6p1-permitopen-bug.patch
Normal file
47
openssh-7.6p1-permitopen-bug.patch
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
From 7c9613fac3371cf65fb07739212cdd1ebf6575da Mon Sep 17 00:00:00 2001
|
||||||
|
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||||
|
Date: Wed, 4 Oct 2017 18:49:30 +0000
|
||||||
|
Subject: [PATCH] upstream commit
|
||||||
|
|
||||||
|
fix (another) problem in PermitOpen introduced during the
|
||||||
|
channels.c refactor: the third and subsequent arguments to PermitOpen were
|
||||||
|
being silently ignored; ok markus@
|
||||||
|
|
||||||
|
Upstream-ID: 067c89f1f53cbc381628012ba776d6861e6782fd
|
||||||
|
---
|
||||||
|
servconf.c | 8 ++++----
|
||||||
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servconf.c b/servconf.c
|
||||||
|
index 2c321a4ad..956862959 100644
|
||||||
|
--- a/servconf.c
|
||||||
|
+++ b/servconf.c
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
|
||||||
|
-/* $OpenBSD: servconf.c,v 1.312 2017/10/02 19:33:20 djm Exp $ */
|
||||||
|
+/* $OpenBSD: servconf.c,v 1.313 2017/10/04 18:49:30 djm Exp $ */
|
||||||
|
/*
|
||||||
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
* All rights reserved
|
||||||
|
@@ -1663,9 +1663,9 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||||
|
if (!arg || *arg == '\0')
|
||||||
|
fatal("%s line %d: missing PermitOpen specification",
|
||||||
|
filename, linenum);
|
||||||
|
- i = options->num_permitted_opens; /* modified later */
|
||||||
|
+ value = options->num_permitted_opens; /* modified later */
|
||||||
|
if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
|
||||||
|
- if (*activep && i == 0) {
|
||||||
|
+ if (*activep && value == 0) {
|
||||||
|
options->num_permitted_opens = 1;
|
||||||
|
options->permitted_opens = xcalloc(1,
|
||||||
|
sizeof(*options->permitted_opens));
|
||||||
|
@@ -1683,7 +1683,7 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||||
|
if (arg == NULL || ((port = permitopen_port(arg)) < 0))
|
||||||
|
fatal("%s line %d: bad port number in "
|
||||||
|
"PermitOpen", filename, linenum);
|
||||||
|
- if (*activep && i == 0) {
|
||||||
|
+ if (*activep && value == 0) {
|
||||||
|
options->permitted_opens = xrecallocarray(
|
||||||
|
options->permitted_opens,
|
||||||
|
options->num_permitted_opens,
|
||||||
|
|
||||||
@ -231,6 +231,8 @@ Patch948: openssh-7.4p1-systemd.patch
|
|||||||
Patch949: openssh-7.6p1-cleanup-selinux.patch
|
Patch949: openssh-7.6p1-cleanup-selinux.patch
|
||||||
# Sandbox adjustments for s390 and audit
|
# Sandbox adjustments for s390 and audit
|
||||||
Patch950: openssh-7.5p1-sandbox.patch
|
Patch950: openssh-7.5p1-sandbox.patch
|
||||||
|
# PermitOpen bug in OpenSSH 7.6:
|
||||||
|
Patch951: openssh-7.6p1-permitopen-bug.patch
|
||||||
|
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
@ -455,6 +457,7 @@ popd
|
|||||||
%patch807 -p1 -b .gsskex-ec
|
%patch807 -p1 -b .gsskex-ec
|
||||||
%patch949 -p1 -b .refactor
|
%patch949 -p1 -b .refactor
|
||||||
%patch950 -p1 -b .sandbox
|
%patch950 -p1 -b .sandbox
|
||||||
|
%patch951 -p1 -b .permitOpen
|
||||||
|
|
||||||
%patch200 -p1 -b .audit
|
%patch200 -p1 -b .audit
|
||||||
%patch201 -p1 -b .audit-race
|
%patch201 -p1 -b .audit-race
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user