diff --git a/ChangeLog b/ChangeLog index f9a84fddf..67cf0fc1d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,10 @@ downgrade an error() to a debug() - this particular case can be hit in normal operation for certain sequences of mux slave vs session closure and is harmless + - djm@cvs.openbsd.org 2010/01/29 00:20:41 + [sshd.c] + set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com + ok dtucker@ 20100129 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config() diff --git a/mux.c b/mux.c index 64781d44c..0e07883e4 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.12 2010/01/27 13:26:17 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.13 2010/01/29 20:16:17 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -212,7 +212,7 @@ mux_master_control_cleanup_cb(int cid, void *unused) sc->ctl_chan = -1; if (sc->type != SSH_CHANNEL_OPEN) { debug2("%s: channel %d: not open", __func__, sc->self); - chan_mark_dead(c); + chan_mark_dead(sc); } else { chan_read_failed(sc); chan_write_failed(sc); diff --git a/sshd.c b/sshd.c index d84db897c..bf2e76cc8 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.371 2010/01/13 03:48:13 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.372 2010/01/29 00:20:41 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1748,6 +1748,10 @@ main(int ac, char **av) sock_in, sock_out, newsock, startup_pipe, config_s[0]); } + /* Executed child processes don't need these. */ + fcntl(sock_out, F_SETFD, FD_CLOEXEC); + fcntl(sock_in, F_SETFD, FD_CLOEXEC); + /* * Disable the key regeneration alarm. We will not regenerate the * key since we are no longer in a position to give it to anyone. We