rpms/openssh/devel openssh-5.2p1-sesftp.patch, NONE, 1.1 openssh-5.2p1-pathmax.patch, 1.1, 1.2 openssh-5.2p1-selabel.patch, 1.1, 1.2 openssh.spec, 1.151, 1.152
Jan F. Chadima
jfch2222 at fedoraproject.org
Fri Jul 17 07:07:00 UTC 2009
- Previous message (by thread): rpms/ibus-table-yong/devel .cvsignore, 1.2, 1.3 ibus-table-yong.spec, 1.3, 1.4 sources, 1.2, 1.3
- Next message (by thread): rpms/selinux-policy/F-11 policy-20090521.patch, 1.30, 1.31 selinux-policy.spec, 1.886, 1.887
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jfch2222
Update of /cvs/pkgs/rpms/openssh/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3410
Modified Files:
openssh-5.2p1-pathmax.patch openssh-5.2p1-selabel.patch
openssh.spec
Added Files:
openssh-5.2p1-sesftp.patch
Log Message:
changed internal-sftp context to sftpd_t
openssh-5.2p1-sesftp.patch:
session.c | 2 ++
1 file changed, 2 insertions(+)
--- NEW FILE openssh-5.2p1-sesftp.patch ---
diff -up openssh-5.2p1/session.c.sesftp openssh-5.2p1/session.c
--- openssh-5.2p1/session.c.sesftp 2009-07-16 22:34:26.000000000 +0200
+++ openssh-5.2p1/session.c 2009-07-16 22:59:22.000000000 +0200
@@ -58,6 +58,7 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <selinux/selinux.h>
#include "openbsd-compat/sys-queue.h"
#include "xmalloc.h"
@@ -1816,6 +1817,7 @@ do_child(Session *s, const char *command
argv[i] = NULL;
optind = optreset = 1;
__progname = argv[0];
+ setcon ("system_u:system_r:sftpd_t");
exit(sftp_server_main(i, argv, s->pw));
}
openssh-5.2p1-pathmax.patch:
ssh.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
Index: openssh-5.2p1-pathmax.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.2p1-pathmax.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- openssh-5.2p1-pathmax.patch 29 Jun 2009 20:51:17 -0000 1.1
+++ openssh-5.2p1-pathmax.patch 17 Jul 2009 07:06:58 -0000 1.2
@@ -1,6 +1,6 @@
diff -up openssh-5.2p1/ssh.c.pathmax openssh-5.2p1/ssh.c
---- openssh-5.2p1/ssh.c.pathmax 2009-06-29 22:13:17.251360372 +0200
-+++ openssh-5.2p1/ssh.c 2009-06-29 22:14:46.036292525 +0200
+--- openssh-5.2p1/ssh.c.pathmax 2009-07-08 14:23:19.000000000 +0200
++++ openssh-5.2p1/ssh.c 2009-07-08 14:26:26.000000000 +0200
@@ -49,6 +49,7 @@
#include <sys/resource.h>
#include <sys/ioctl.h>
@@ -9,12 +9,39 @@ diff -up openssh-5.2p1/ssh.c.pathmax ope
#include <ctype.h>
#include <errno.h>
-@@ -209,7 +210,7 @@ int
+@@ -208,8 +209,8 @@ void muxserver_listen(void);
+ int
main(int ac, char **av)
{
- int i, opt, exit_status, use_syslog;
+- int i, opt, exit_status, use_syslog;
- char *p, *cp, *line, buf[256];
-+ char *p, *cp, *line, buf[PATH_MAX];
++ int i, r, opt, exit_status, use_syslog;
++ char *p, *cp, *line, buf[MAXPATHLEN];
struct stat st;
struct passwd *pw;
int dummy, timeout_ms;
+@@ -624,9 +625,10 @@ main(int ac, char **av)
+ fatal("Can't open user config file %.100s: "
+ "%.100s", config, strerror(errno));
+ } else {
+- snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir,
++ r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir,
+ _PATH_SSH_USER_CONFFILE);
+- (void)read_config_file(buf, host, &options, 1);
++ if (r > 0 && (size_t)r < sizeof(buf))
++ (void)read_config_file(buf, host, &options, 1);
+
+ /* Read systemwide configuration file after use config. */
+ (void)read_config_file(_PATH_HOST_CONFIG_FILE, host,
+@@ -787,9 +789,9 @@ main(int ac, char **av)
+ * Now that we are back to our own permissions, create ~/.ssh
+ * directory if it doesn't already exist.
+ */
+- snprintf(buf, sizeof buf, "%.100s%s%.100s", pw->pw_dir,
++ r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
+ strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
+- if (stat(buf, &st) < 0)
++ if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0)
+ if (mkdir(buf, 0700) < 0)
+ error("Could not create directory '%.200s'.", buf);
+
openssh-5.2p1-selabel.patch:
Makefile.in | 2 +-
contrib/ssh-copy-id | 2 +-
ssh.c | 10 ++++++++--
3 files changed, 10 insertions(+), 4 deletions(-)
Index: openssh-5.2p1-selabel.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh-5.2p1-selabel.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- openssh-5.2p1-selabel.patch 30 Jun 2009 10:26:13 -0000 1.1
+++ openssh-5.2p1-selabel.patch 17 Jul 2009 07:06:59 -0000 1.2
@@ -1,6 +1,6 @@
diff -up openssh-5.2p1/contrib/ssh-copy-id.selabel openssh-5.2p1/contrib/ssh-copy-id
---- openssh-5.2p1/contrib/ssh-copy-id.selabel 2009-06-29 23:43:03.514390092 +0200
-+++ openssh-5.2p1/contrib/ssh-copy-id 2009-06-29 23:44:11.188382120 +0200
+--- openssh-5.2p1/contrib/ssh-copy-id.selabel 2009-01-21 10:29:21.000000000 +0100
++++ openssh-5.2p1/contrib/ssh-copy-id 2009-07-08 14:28:27.000000000 +0200
@@ -38,7 +38,7 @@ if [ "$#" -lt 1 ] || [ "$1" = "-h" ] ||
exit 1
fi
@@ -11,8 +11,8 @@ diff -up openssh-5.2p1/contrib/ssh-copy-
cat <<EOF
Now try logging into the machine, with "ssh '$1'", and check in:
diff -up openssh-5.2p1/Makefile.in.selabel openssh-5.2p1/Makefile.in
---- openssh-5.2p1/Makefile.in.selabel 2009-06-29 23:38:34.224128017 +0200
-+++ openssh-5.2p1/Makefile.in 2009-06-29 23:38:34.332123333 +0200
+--- openssh-5.2p1/Makefile.in.selabel 2009-07-08 14:28:25.000000000 +0200
++++ openssh-5.2p1/Makefile.in 2009-07-08 14:28:27.000000000 +0200
@@ -134,7 +134,7 @@ libssh.a: $(LIBSSH_OBJS)
$(RANLIB) $@
@@ -23,8 +23,8 @@ diff -up openssh-5.2p1/Makefile.in.selab
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) -lfipscheck $(LIBS)
diff -up openssh-5.2p1/ssh.c.selabel openssh-5.2p1/ssh.c
---- openssh-5.2p1/ssh.c.selabel 2009-06-29 23:38:34.314132116 +0200
-+++ openssh-5.2p1/ssh.c 2009-06-29 23:38:34.335927287 +0200
+--- openssh-5.2p1/ssh.c.selabel 2009-07-08 14:28:27.000000000 +0200
++++ openssh-5.2p1/ssh.c 2009-07-08 14:34:00.000000000 +0200
@@ -74,6 +74,7 @@
#include <openssl/err.h>
#include <openssl/fips.h>
@@ -33,12 +33,12 @@ diff -up openssh-5.2p1/ssh.c.selabel ope
#include "openbsd-compat/openssl-compat.h"
#include "openbsd-compat/sys-queue.h"
-@@ -790,10 +791,15 @@ main(int ac, char **av)
+@@ -791,10 +792,15 @@ main(int ac, char **av)
*/
- snprintf(buf, sizeof buf, "%.100s%s%.100s", pw->pw_dir,
+ r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
-- if (stat(buf, &st) < 0)
-+ if (stat(buf, &st) < 0) {
+- if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0)
++ if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
+ char *scon;
+
+ matchpathcon(buf, 0700, &scon);
Index: openssh.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.151
retrieving revision 1.152
diff -u -p -r1.151 -r1.152
--- openssh.spec 30 Jun 2009 10:26:13 -0000 1.151
+++ openssh.spec 17 Jul 2009 07:06:59 -0000 1.152
@@ -63,7 +63,7 @@
Summary: An open source implementation of SSH protocol versions 1 and 2
Name: openssh
Version: 5.2p1
-Release: 12%{?dist}%{?rescue_rel}
+Release: 14%{?dist}%{?rescue_rel}
URL: http://www.openssh.com/portable.html
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
@@ -101,6 +101,7 @@ Patch66: openssh-5.2p1-homechroot.patch
Patch67: openssh-5.2p1-xmodifiers.patch
Patch68: openssh-5.2p1-pathmax.patch
Patch69: openssh-5.2p1-selabel.patch
+Patch70: openssh-5.2p1-sesftp.patch
License: BSD
Group: Applications/Internet
@@ -236,6 +237,7 @@ an X11 passphrase dialog for OpenSSH.
%patch67 -p1 -b .xmodifiers
%patch68 -p1 -b .pathmax
%patch69 -p1 -b .selabel
+%patch70 -p1 -b .sesftp
autoreconf
@@ -470,7 +472,13 @@ fi
%endif
%changelog
-* Tue Jun 30 2009 Jan F. Chadima <jchadima at redhat.com> - 5.2p1-11
+* Fri Jul 17 2009 Jan F. Chadima <jchadima at redhat.com> - 5.2p1-14
+- changed internal-sftp context to sftpd_t
+
+* Fri Jul 3 2009 Jan F. Chadima <jchadima at redhat.com> - 5.2p1-13
+- changed home length path patch to upstream version
+
+* Tue Jun 30 2009 Jan F. Chadima <jchadima at redhat.com> - 5.2p1-12
- create '~/.ssh/known_hosts' within proper context
* Mon Jun 29 2009 Jan F. Chadima <jchadima at redhat.com> - 5.2p1-11
- Previous message (by thread): rpms/ibus-table-yong/devel .cvsignore, 1.2, 1.3 ibus-table-yong.spec, 1.3, 1.4 sources, 1.2, 1.3
- Next message (by thread): rpms/selinux-policy/F-11 policy-20090521.patch, 1.30, 1.31 selinux-policy.spec, 1.886, 1.887
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list