|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/log.c.log-in-chroot openssh-6.8p1/log.c
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/log.c.log-in-chroot 2015-03-17 06:49:20.000000000 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/log.c 2015-03-18 12:59:29.694022313 +0100
|
|
Petr Lautrbach |
7a7b8f |
@@ -241,6 +241,11 @@ debug3(const char *fmt,...)
|
|
Petr Lautrbach |
7a7b8f |
void
|
|
Petr Lautrbach |
7a7b8f |
log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
|
|
Petr Lautrbach |
7a7b8f |
{
|
|
Petr Lautrbach |
7a7b8f |
+ log_init_handler(av0, level, facility, on_stderr, 1);
|
|
Petr Lautrbach |
7a7b8f |
+}
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
+void
|
|
Petr Lautrbach |
7a7b8f |
+log_init_handler(char *av0, LogLevel level, SyslogFacility facility, int on_stderr, int reset_handler) {
|
|
Petr Lautrbach |
7a7b8f |
#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
|
|
Petr Lautrbach |
7a7b8f |
struct syslog_data sdata = SYSLOG_DATA_INIT;
|
|
Petr Lautrbach |
7a7b8f |
#endif
|
|
Jakub Jelen |
132f8f |
@@ -264,8 +269,10 @@ log_init(char *av0, LogLevel level, Sysl
|
|
Petr Lautrbach |
7a7b8f |
exit(1);
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
- log_handler = NULL;
|
|
Petr Lautrbach |
7a7b8f |
- log_handler_ctx = NULL;
|
|
Petr Lautrbach |
7a7b8f |
+ if (reset_handler) {
|
|
Petr Lautrbach |
7a7b8f |
+ log_handler = NULL;
|
|
Petr Lautrbach |
7a7b8f |
+ log_handler_ctx = NULL;
|
|
Petr Lautrbach |
7a7b8f |
+ }
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
log_on_stderr = on_stderr;
|
|
Petr Lautrbach |
7a7b8f |
if (on_stderr)
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/log.h.log-in-chroot openssh-6.8p1/log.h
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/log.h.log-in-chroot 2015-03-17 06:49:20.000000000 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/log.h 2015-03-18 12:59:29.694022313 +0100
|
|
Petr Lautrbach |
7a7b8f |
@@ -49,6 +49,7 @@ typedef enum {
|
|
Petr Lautrbach |
7a7b8f |
typedef void (log_handler_fn)(LogLevel, const char *, void *);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
void log_init(char *, LogLevel, SyslogFacility, int);
|
|
Petr Lautrbach |
7a7b8f |
+void log_init_handler(char *, LogLevel, SyslogFacility, int, int);
|
|
Petr Lautrbach |
7a7b8f |
void log_change_level(LogLevel);
|
|
Petr Lautrbach |
7a7b8f |
int log_is_on_stderr(void);
|
|
Petr Lautrbach |
7a7b8f |
void log_redirect_stderr_to(const char *);
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/monitor.c.log-in-chroot openssh-6.8p1/monitor.c
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/monitor.c.log-in-chroot 2015-03-18 12:59:29.669022374 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/monitor.c 2015-03-18 13:01:52.894671198 +0100
|
|
Jakub Jelen |
132f8f |
@@ -357,6 +357,8 @@ monitor_child_preauth(Authctxt *_authctx
|
|
Petr Lautrbach |
7a7b8f |
close(pmonitor->m_log_sendfd);
|
|
Petr Lautrbach |
7a7b8f |
pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
+ pmonitor->m_state = "preauth";
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
authctxt = _authctxt;
|
|
Petr Lautrbach |
7a7b8f |
memset(authctxt, 0, sizeof(*authctxt));
|
|
Petr Lautrbach |
7a7b8f |
|
|
Jakub Jelen |
132f8f |
@@ -465,6 +467,8 @@ monitor_child_postauth(struct monitor *p
|
|
Petr Lautrbach |
7a7b8f |
close(pmonitor->m_recvfd);
|
|
Petr Lautrbach |
7a7b8f |
pmonitor->m_recvfd = -1;
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
+ pmonitor->m_state = "postauth";
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
monitor_set_child_handler(pmonitor->m_pid);
|
|
Petr Lautrbach |
7a7b8f |
signal(SIGHUP, &monitor_child_handler);
|
|
Petr Lautrbach |
7a7b8f |
signal(SIGTERM, &monitor_child_handler);
|
|
Jakub Jelen |
132f8f |
@@ -566,7 +570,7 @@ monitor_read_log(struct monitor *pmonito
|
|
Petr Lautrbach |
7a7b8f |
if (log_level_name(level) == NULL)
|
|
Petr Lautrbach |
7a7b8f |
fatal("%s: invalid log level %u (corrupted message?)",
|
|
Petr Lautrbach |
7a7b8f |
__func__, level);
|
|
Petr Lautrbach |
7a7b8f |
- do_log2(level, "%s [preauth]", msg);
|
|
Petr Lautrbach |
7a7b8f |
+ do_log2(level, "%s [%s]", msg, pmonitor->m_state);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
buffer_free(&logmsg);
|
|
Petr Lautrbach |
7a7b8f |
free(msg);
|
|
Jakub Jelen |
132f8f |
@@ -1998,13 +2002,28 @@ monitor_init(void)
|
|
Jakub Jelen |
132f8f |
(ssh_packet_comp_free_func *)mm_zfree);
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
+ mon->m_state = "";
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
return mon;
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
void
|
|
Petr Lautrbach |
7a7b8f |
-monitor_reinit(struct monitor *mon)
|
|
Petr Lautrbach |
7a7b8f |
+monitor_reinit(struct monitor *mon, const char *chroot_dir)
|
|
Petr Lautrbach |
7a7b8f |
{
|
|
Petr Lautrbach |
7a7b8f |
- monitor_openfds(mon, 0);
|
|
Petr Lautrbach |
7a7b8f |
+ struct stat dev_log_stat;
|
|
Petr Lautrbach |
7a7b8f |
+ char *dev_log_path;
|
|
Petr Lautrbach |
7a7b8f |
+ int do_logfds = 0;
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
+ if (chroot_dir != NULL) {
|
|
Petr Lautrbach |
7a7b8f |
+ xasprintf(&dev_log_path, "%s/dev/log", chroot_dir);
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
+ if (stat(dev_log_path, &dev_log_stat) != 0) {
|
|
Petr Lautrbach |
7a7b8f |
+ debug("%s: /dev/log doesn't exist in %s chroot - will try to log via monitor using [postauth] suffix", __func__, chroot_dir);
|
|
Petr Lautrbach |
7a7b8f |
+ do_logfds = 1;
|
|
Petr Lautrbach |
7a7b8f |
+ }
|
|
Petr Lautrbach |
7a7b8f |
+ free(dev_log_path);
|
|
Petr Lautrbach |
7a7b8f |
+ }
|
|
Petr Lautrbach |
7a7b8f |
+ monitor_openfds(mon, do_logfds);
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
#ifdef GSSAPI
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/monitor.h.log-in-chroot openssh-6.8p1/monitor.h
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/monitor.h.log-in-chroot 2015-03-18 12:59:29.695022310 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/monitor.h 2015-03-18 13:02:56.926514197 +0100
|
|
Petr Lautrbach |
7a7b8f |
@@ -83,10 +83,11 @@ struct monitor {
|
|
Petr Lautrbach |
7a7b8f |
struct mm_master *m_zlib;
|
|
Jakub Jelen |
132f8f |
struct kex **m_pkex;
|
|
Petr Lautrbach |
7a7b8f |
pid_t m_pid;
|
|
Petr Lautrbach |
7a7b8f |
+ char *m_state;
|
|
Petr Lautrbach |
7a7b8f |
};
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
struct monitor *monitor_init(void);
|
|
Petr Lautrbach |
7a7b8f |
-void monitor_reinit(struct monitor *);
|
|
Petr Lautrbach |
7a7b8f |
+void monitor_reinit(struct monitor *, const char *);
|
|
Petr Lautrbach |
7a7b8f |
void monitor_sync(struct monitor *);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
struct Authctxt;
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/session.c.log-in-chroot openssh-6.8p1/session.c
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/session.c.log-in-chroot 2015-03-18 12:59:29.675022359 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/session.c 2015-03-18 12:59:29.696022308 +0100
|
|
Jakub Jelen |
13073f |
@@ -161,6 +161,7 @@ login_cap_t *lc;
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
static int is_child = 0;
|
|
Jakub Jelen |
13073f |
static int in_chroot = 0;
|
|
Petr Lautrbach |
7a7b8f |
+static int have_dev_log = 1;
|
|
Jakub Jelen |
13073f |
|
|
Petr Lautrbach |
7a7b8f |
/* Name and directory of socket for authentication agent forwarding. */
|
|
Petr Lautrbach |
7a7b8f |
static char *auth_sock_name = NULL;
|
|
Jakub Jelen |
132f8f |
@@ -506,8 +508,8 @@ do_exec_no_pty(Session *s, const char *c
|
|
Petr Lautrbach |
7a7b8f |
is_child = 1;
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
/* Child. Reinitialize the log since the pid has changed. */
|
|
Petr Lautrbach |
7a7b8f |
- log_init(__progname, options.log_level,
|
|
Petr Lautrbach |
7a7b8f |
- options.log_facility, log_stderr);
|
|
Petr Lautrbach |
7a7b8f |
+ log_init_handler(__progname, options.log_level,
|
|
Petr Lautrbach |
7a7b8f |
+ options.log_facility, log_stderr, have_dev_log);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
/*
|
|
Petr Lautrbach |
7a7b8f |
* Create a new session and process group since the 4.4BSD
|
|
Jakub Jelen |
132f8f |
@@ -675,8 +677,8 @@ do_exec_pty(Session *s, const char *comm
|
|
Petr Lautrbach |
7a7b8f |
close(ptymaster);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
/* Child. Reinitialize the log because the pid has changed. */
|
|
Petr Lautrbach |
7a7b8f |
- log_init(__progname, options.log_level,
|
|
Petr Lautrbach |
7a7b8f |
- options.log_facility, log_stderr);
|
|
Petr Lautrbach |
7a7b8f |
+ log_init_handler(__progname, options.log_level,
|
|
Petr Lautrbach |
7a7b8f |
+ options.log_facility, log_stderr, have_dev_log);
|
|
Petr Lautrbach |
7a7b8f |
/* Close the master side of the pseudo tty. */
|
|
Petr Lautrbach |
7a7b8f |
close(ptyfd);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Jakub Jelen |
132f8f |
@@ -780,6 +782,7 @@ do_exec(Session *s, const char *command)
|
|
Petr Lautrbach |
7a7b8f |
int ret;
|
|
Jakub Jelen |
13073f |
const char *forced = NULL, *tty = NULL;
|
|
Jakub Jelen |
13073f |
char session_type[1024];
|
|
Petr Lautrbach |
7a7b8f |
+ struct stat dev_log_stat;
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
if (options.adm_forced_command) {
|
|
Petr Lautrbach |
7a7b8f |
original_command = command;
|
|
Jakub Jelen |
132f8f |
@@ -837,6 +840,10 @@ do_exec(Session *s, const char *command)
|
|
Petr Lautrbach |
7a7b8f |
tty += 5;
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
+ if (lstat("/dev/log", &dev_log_stat) != 0) {
|
|
Petr Lautrbach |
7a7b8f |
+ have_dev_log = 0;
|
|
Petr Lautrbach |
7a7b8f |
+ }
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Jakub Jelen |
13073f |
verbose("Starting session: %s%s%s for %s from %.200s port %d id %d",
|
|
Petr Lautrbach |
7a7b8f |
session_type,
|
|
Petr Lautrbach |
7a7b8f |
tty == NULL ? "" : " on ",
|
|
Jakub Jelen |
132f8f |
@@ -1678,14 +1685,6 @@ child_close_fds(void)
|
|
Petr Lautrbach |
7a7b8f |
* descriptors left by system functions. They will be closed later.
|
|
Petr Lautrbach |
7a7b8f |
*/
|
|
Petr Lautrbach |
7a7b8f |
endpwent();
|
|
Petr Lautrbach |
7a7b8f |
-
|
|
Petr Lautrbach |
7a7b8f |
- /*
|
|
Petr Lautrbach |
7a7b8f |
- * Close any extra open file descriptors so that we don't have them
|
|
Petr Lautrbach |
7a7b8f |
- * hanging around in clients. Note that we want to do this after
|
|
Petr Lautrbach |
7a7b8f |
- * initgroups, because at least on Solaris 2.3 it leaves file
|
|
Petr Lautrbach |
7a7b8f |
- * descriptors open.
|
|
Petr Lautrbach |
7a7b8f |
- */
|
|
Petr Lautrbach |
7a7b8f |
- closefrom(STDERR_FILENO + 1);
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
/*
|
|
Jakub Jelen |
132f8f |
@@ -1831,8 +1830,6 @@ do_child(Session *s, const char *command
|
|
Petr Lautrbach |
7a7b8f |
exit(1);
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
- closefrom(STDERR_FILENO + 1);
|
|
Petr Lautrbach |
7a7b8f |
-
|
|
Petr Lautrbach |
7a7b8f |
if (!options.use_login)
|
|
Petr Lautrbach |
7a7b8f |
do_rc_files(s, shell);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Jakub Jelen |
132f8f |
@@ -1856,9 +1853,17 @@ do_child(Session *s, const char *command
|
|
Petr Lautrbach |
7a7b8f |
argv[i] = NULL;
|
|
Petr Lautrbach |
7a7b8f |
optind = optreset = 1;
|
|
Petr Lautrbach |
7a7b8f |
__progname = argv[0];
|
|
Petr Lautrbach |
7a7b8f |
- exit(sftp_server_main(i, argv, s->pw));
|
|
Petr Lautrbach |
7a7b8f |
+ exit(sftp_server_main(i, argv, s->pw, have_dev_log));
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
+ /*
|
|
Petr Lautrbach |
7a7b8f |
+ * Close any extra open file descriptors so that we don't have them
|
|
Petr Lautrbach |
7a7b8f |
+ * hanging around in clients. Note that we want to do this after
|
|
Petr Lautrbach |
7a7b8f |
+ * initgroups, because at least on Solaris 2.3 it leaves file
|
|
Petr Lautrbach |
7a7b8f |
+ * descriptors open.
|
|
Petr Lautrbach |
7a7b8f |
+ */
|
|
Petr Lautrbach |
7a7b8f |
+ closefrom(STDERR_FILENO + 1);
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
fflush(NULL);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
if (options.use_login) {
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/sftp-server-main.c.log-in-chroot openssh-6.8p1/sftp-server-main.c
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/sftp-server-main.c.log-in-chroot 2015-03-17 06:49:20.000000000 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/sftp-server-main.c 2015-03-18 12:59:29.696022308 +0100
|
|
Petr Lautrbach |
7a7b8f |
@@ -47,5 +47,5 @@ main(int argc, char **argv)
|
|
Petr Lautrbach |
7a7b8f |
return 1;
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
- return (sftp_server_main(argc, argv, user_pw));
|
|
Petr Lautrbach |
7a7b8f |
+ return (sftp_server_main(argc, argv, user_pw, 0));
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/sftp-server.c.log-in-chroot openssh-6.8p1/sftp-server.c
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/sftp-server.c.log-in-chroot 2015-03-17 06:49:20.000000000 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/sftp-server.c 2015-03-18 13:03:52.510377911 +0100
|
|
Jakub Jelen |
132f8f |
@@ -1502,7 +1502,7 @@ sftp_server_usage(void)
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
int
|
|
Petr Lautrbach |
7a7b8f |
-sftp_server_main(int argc, char **argv, struct passwd *user_pw)
|
|
Petr Lautrbach |
7a7b8f |
+sftp_server_main(int argc, char **argv, struct passwd *user_pw, int reset_handler)
|
|
Petr Lautrbach |
7a7b8f |
{
|
|
Petr Lautrbach |
7a7b8f |
fd_set *rset, *wset;
|
|
Jakub Jelen |
132f8f |
int i, r, in, out, max, ch, skipargs = 0, log_stderr = 0;
|
|
Jakub Jelen |
132f8f |
@@ -1515,7 +1515,7 @@ sftp_server_main(int argc, char **argv,
|
|
Petr Lautrbach |
7a7b8f |
|
|
Jakub Jelen |
13073f |
ssh_malloc_init(); /* must be called before any mallocs */
|
|
Petr Lautrbach |
7a7b8f |
__progname = ssh_get_progname(argv[0]);
|
|
Petr Lautrbach |
7a7b8f |
- log_init(__progname, log_level, log_facility, log_stderr);
|
|
Petr Lautrbach |
7a7b8f |
+ log_init_handler(__progname, log_level, log_facility, log_stderr, reset_handler);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
pw = pwcopy(user_pw);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Jakub Jelen |
132f8f |
@@ -1586,7 +1586,7 @@ sftp_server_main(int argc, char **argv,
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
- log_init(__progname, log_level, log_facility, log_stderr);
|
|
Petr Lautrbach |
7a7b8f |
+ log_init_handler(__progname, log_level, log_facility, log_stderr, reset_handler);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
190035 |
#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
|
|
Petr Lautrbach |
190035 |
/*
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/sftp.h.log-in-chroot openssh-6.8p1/sftp.h
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/sftp.h.log-in-chroot 2015-03-17 06:49:20.000000000 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/sftp.h 2015-03-18 12:59:29.696022308 +0100
|
|
Petr Lautrbach |
7a7b8f |
@@ -97,5 +97,5 @@
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
struct passwd;
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
-int sftp_server_main(int, char **, struct passwd *);
|
|
Petr Lautrbach |
7a7b8f |
+int sftp_server_main(int, char **, struct passwd *, int);
|
|
Petr Lautrbach |
7a7b8f |
void sftp_server_cleanup_exit(int) __attribute__((noreturn));
|
|
Jakub Jelen |
132f8f |
diff -up openssh-6.8p1/sshd.c.log-in-chroot openssh-6.8p1/sshd.c
|
|
Jakub Jelen |
132f8f |
--- openssh-6.8p1/sshd.c.log-in-chroot 2015-03-18 12:59:29.691022320 +0100
|
|
Jakub Jelen |
132f8f |
+++ openssh-6.8p1/sshd.c 2015-03-18 12:59:29.697022305 +0100
|
|
Jakub Jelen |
132f8f |
@@ -744,7 +744,7 @@ privsep_postauth(Authctxt *authctxt)
|
|
Petr Lautrbach |
7a7b8f |
}
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
/* New socket pair */
|
|
Petr Lautrbach |
7a7b8f |
- monitor_reinit(pmonitor);
|
|
Petr Lautrbach |
7a7b8f |
+ monitor_reinit(pmonitor, options.chroot_directory);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
pmonitor->m_pid = fork();
|
|
Petr Lautrbach |
7a7b8f |
if (pmonitor->m_pid == -1)
|
|
Jakub Jelen |
132f8f |
@@ -762,6 +762,11 @@ privsep_postauth(Authctxt *authctxt)
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
close(pmonitor->m_sendfd);
|
|
Petr Lautrbach |
7a7b8f |
pmonitor->m_sendfd = -1;
|
|
Petr Lautrbach |
7a7b8f |
+ close(pmonitor->m_log_recvfd);
|
|
Petr Lautrbach |
7a7b8f |
+ pmonitor->m_log_recvfd = -1;
|
|
Petr Lautrbach |
7a7b8f |
+
|
|
Petr Lautrbach |
7a7b8f |
+ if (pmonitor->m_log_sendfd != -1)
|
|
Petr Lautrbach |
7a7b8f |
+ set_log_handler(mm_log_handler, pmonitor);
|
|
Petr Lautrbach |
7a7b8f |
|
|
Petr Lautrbach |
7a7b8f |
/* Demote the private keys to public keys. */
|
|
Petr Lautrbach |
7a7b8f |
demote_sensitive_data();
|