tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

fix pledge violation with ssh -f; reported by Valentin
Kozamernik ok dtucker@

Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
This commit is contained in:
djm@openbsd.org 2016-07-23 02:54:08 +00:00 committed by Damien Miller
parent f00211e3c6
commit 368dd977ae
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
clientloop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.c,v 1.285 2016/07/11 21:38:13 tb Exp $ */
/* $OpenBSD: clientloop.c,v 1.286 2016/07/23 02:54:08 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -123,6 +123,9 @@ extern int stdin_null_flag;
/* Flag indicating that no shell has been requested */
extern int no_shell_flag;
/* Flag indicating that ssh should daemonise after authentication is complete */
extern int fork_after_authentication_flag;
/* Control socket */
extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */
@ -1510,7 +1513,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
debug("Entering interactive session.");
if (options.control_master &&
! option_clear_or_none(options.control_path)) {
!option_clear_or_none(options.control_path)) {
debug("pledge: id");
if (pledge("stdio rpath wpath cpath unix inet dns recvfd proc exec id tty",
NULL) == -1)
@ -1528,7 +1531,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno));
} else if (! option_clear_or_none(options.proxy_command)) {
} else if (!option_clear_or_none(options.proxy_command) ||
fork_after_authentication_flag) {
debug("pledge: proc");
if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1)
fatal("%s pledge(): %s", __func__, strerror(errno));