rpms/openssh/devel openssh-4.7p1-cloexec.patch, NONE, 1.1 openssh-4.7p1-packetdefsize.patch, NONE, 1.1 openssh-4.7p1-sftp-doclose.patch, NONE, 1.1 openssh.spec, 1.123, 1.124 openssh-4.7p1-revert-wsize.patch, 1.1, NONE
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Fri Feb 29 16:12:07 UTC 2008
- Previous message (by thread): rpms/usermode/devel .cvsignore, 1.54, 1.55 sources, 1.58, 1.59 usermode.spec, 1.76, 1.77
- Next message (by thread): rpms/system-config-keyboard/devel .cvsignore, 1.13, 1.14 sources, 1.16, 1.17 system-config-keyboard.spec, 1.32, 1.33
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25391
Modified Files:
openssh.spec
Added Files:
openssh-4.7p1-cloexec.patch openssh-4.7p1-packetdefsize.patch
openssh-4.7p1-sftp-doclose.patch
Removed Files:
openssh-4.7p1-revert-wsize.patch
Log Message:
* Fri Feb 29 2008 Tomas Mraz <tmraz at redhat.com> - 4.7p1-8
- set FD_CLOEXEC on client socket
- apply real fix for window size problem (#286181) from upstream
- apply fix for the spurious failed bind from upstream
- apply open handle leak in sftp fix from upstream
openssh-4.7p1-cloexec.patch:
--- NEW FILE openssh-4.7p1-cloexec.patch ---
diff -up openssh-4.7p1/sshconnect.c.cloexec openssh-4.7p1/sshconnect.c
--- openssh-4.7p1/sshconnect.c.cloexec 2006-10-23 19:02:24.000000000 +0200
+++ openssh-4.7p1/sshconnect.c 2008-02-05 23:14:28.000000000 +0100
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <fcntl.h>
#include "xmalloc.h"
#include "key.h"
@@ -189,8 +190,11 @@ ssh_create_socket(int privileged, struct
return sock;
}
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (sock < 0)
+ if (sock < 0) {
error("socket: %.100s", strerror(errno));
+ return -1;
+ }
+ fcntl(sock, F_SETFD, FD_CLOEXEC);
/* Bind the socket to an alternative local IP address */
if (options.bind_address == NULL)
openssh-4.7p1-packetdefsize.patch:
--- NEW FILE openssh-4.7p1-packetdefsize.patch ---
Index: clientloop.c
===================================================================
RCS file: /usr/local/src/security/openssh/cvs/openssh/clientloop.c,v
retrieving revision 1.170
diff -u -p -r1.170 clientloop.c
--- clientloop.c 28 Dec 2007 15:45:07 -0000 1.170
+++ clientloop.c 28 Dec 2007 18:14:10 -0000
@@ -1745,7 +1745,7 @@ client_request_forwarded_tcpip(const cha
}
c = channel_new("forwarded-tcpip",
SSH_CHANNEL_CONNECTING, sock, sock, -1,
- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
+ CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
originator_address, 1);
xfree(originator_address);
xfree(listen_address);
@@ -1803,7 +1803,7 @@ client_request_agent(const char *request
return NULL;
c = channel_new("authentication agent connection",
SSH_CHANNEL_OPEN, sock, sock, -1,
- CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
+ CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
"authentication agent connection", 1);
c->force_drain = 1;
return c;
openssh-4.7p1-sftp-doclose.patch:
--- NEW FILE openssh-4.7p1-sftp-doclose.patch ---
Without this do_close() I get "Couldn't get handle: Failure"
on every operation after N times through this failure path
where N = 100 on OpenBSD and N = 200 on GNU/Linux.
--- src/usr.bin/ssh/sftp-client.c.orig Sun Sep 16 00:55:52 2007
+++ src/usr.bin/ssh/sftp-client.c Mon Oct 15 10:12:50 2007
@@ -813,6 +813,7 @@ do_download(struct sftp_conn *conn, char
if (local_fd == -1) {
error("Couldn't open local file \"%s\" for writing: %s",
local_path, strerror(errno));
+ do_close(conn, handle, handle_len);
buffer_free(&msg);
xfree(handle);
return(-1);
Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.123
retrieving revision 1.124
diff -u -r1.123 -r1.124
--- openssh.spec 13 Feb 2008 03:52:43 -0000 1.123
+++ openssh.spec 29 Feb 2008 16:11:23 -0000 1.124
@@ -63,7 +63,7 @@
Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
Name: openssh
Version: 4.7p1
-Release: 8%{?dist}%{?rescue_rel}
+Release: 9%{?dist}%{?rescue_rel}
URL: http://www.openssh.com/portable.html
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
@@ -95,8 +95,12 @@
Patch49: openssh-4.3p2-gssapi-canohost.patch
Patch51: openssh-4.7p1-nss-keys.patch
Patch52: openssh-4.7p1-sftp-drain-acks.patch
-Patch53: openssh-4.7p1-revert-wsize.patch
+Patch53: openssh-4.7p1-packetdefsize.patch
Patch54: openssh-4.7p1-gssapi-role.patch
+Patch55: openssh-4.7p1-cloexec.patch
+Patch56: openssh-4.7p1-sshd-v6only.patch
+Patch57: openssh-4.7p1-sftp-doclose.patch
+
License: BSD
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -230,8 +234,11 @@
%patch49 -p1 -b .canohost
%patch51 -p1 -b .nss-keys
%patch52 -p1 -b .drain-acks
-%patch53 -p1 -b .revert-wsize
+%patch53 -p0 -b .defsize
%patch54 -p0 -b .gssapi-role
+%patch55 -p1 -b .cloexec
+%patch56 -p0 -b .sshd-v6only
+%patch57 -p3 -b .doclose
autoreconf
@@ -482,6 +489,12 @@
%endif
%changelog
+* Fri Feb 29 2008 Tomas Mraz <tmraz at redhat.com> - 4.7p1-9
+- set FD_CLOEXEC on client socket
+- apply real fix for window size problem (#286181) from upstream
+- apply fix for the spurious failed bind from upstream
+- apply open handle leak in sftp fix from upstream
+
* Tue Feb 12 2008 Dennis Gilmore <dennis at ausil.us> - 4.7p1-8
- we build for sparcv9 now and it needs -fPIE
--- openssh-4.7p1-revert-wsize.patch DELETED ---
- Previous message (by thread): rpms/usermode/devel .cvsignore, 1.54, 1.55 sources, 1.58, 1.59 usermode.spec, 1.76, 1.77
- Next message (by thread): rpms/system-config-keyboard/devel .cvsignore, 1.13, 1.14 sources, 1.16, 1.17 system-config-keyboard.spec, 1.32, 1.33
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list