From 2540e60f643808f83b2271e49cf16749e93a2bbb Mon Sep 17 00:00:00 2001 From: Raymond Colebaugh Date: May 03 2024 17:19:32 +0000 Subject: Merge "Add LOG_SESSION_ID for everyone" patch into fb87_log_session_id.patch, update fb87_pass_principals_to_child.patch to account for this change --- diff --git a/fb87_log_session_id.patch b/fb87_log_session_id.patch index ac9d6a3..a86aa72 100644 --- a/fb87_log_session_id.patch +++ b/fb87_log_session_id.patch @@ -11,32 +11,6 @@ Index: b/sshd.c if (rexec_flag) close(config_s[0]); else { -Index: b/auth-pam.c -=================================================================== ---- b.orig/auth-pam.c -+++ b/auth-pam.c -@@ -766,7 +766,20 @@ sshpam_init(struct ssh *ssh, Authctxt *a - return (-1); - } - #endif -- return (0); -+ debug("PAM: setting PAM LOG_SESSION_ID to \"%s\"", get_log_session_id()); -+ { -+ char log_session_id_env[HOST_NAME_MAX + 50]; -+ snprintf(log_session_id_env, sizeof(log_session_id_env), -+ "LOG_SESSION_ID=%s", get_log_session_id()); -+ sshpam_err = pam_putenv(sshpam_handle, log_session_id_env); -+ if (sshpam_err != PAM_SUCCESS) { -+ pam_end(sshpam_handle, sshpam_err); -+ sshpam_handle = NULL; -+ return (-1); -+ } -+ } -+ -+ return (0); - } - - static void Index: b/log.c =================================================================== --- b.orig/log.c @@ -139,3 +113,18 @@ Index: b/log.h void sshlog(const char *, const char *, int, int, LogLevel, const char *, const char *, ...) __attribute__((format(printf, 7, 8))); +Index: b/session.c +=================================================================== +--- b.orig/session.c ++++ b/session.c +@@ -1256,6 +1256,10 @@ do_setup_env(struct ssh *ssh, Session *s + child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", + original_command); + ++ /* set LOG_SESSION_ID for child */ ++ child_set_env(&env, &envsize, "LOG_SESSION_ID", get_log_session_id()); ++ debug("set LOG_SESION_ID to: %s", get_log_session_id()); ++ + if (debug_flag) { + /* dump the environment */ + fprintf(stderr, "Environment:\n"); diff --git a/fb87_pass_principals_to_child.patch b/fb87_pass_principals_to_child.patch index 742629a..21d907c 100644 --- a/fb87_pass_principals_to_child.patch +++ b/fb87_pass_principals_to_child.patch @@ -87,8 +87,8 @@ Index: b/session.c + } + } - if (debug_flag) { - /* dump the environment */ + /* set LOG_SESSION_ID for child */ + child_set_env(&env, &envsize, "LOG_SESSION_ID", get_log_session_id()); Index: b/regress/cert-princ-env.sh =================================================================== --- /dev/null diff --git a/openssh.spec b/openssh.spec index 7360191..dcfcc40 100644 --- a/openssh.spec +++ b/openssh.spec @@ -868,6 +868,10 @@ test -f %{sysconfig_anaconda} && \ %endif %changelog +* Fri May 3 2024 Raymond Colebaugh - 8.7p1-38.8 + 0.10.4-5.7 +- Merge "Add LOG_SESSION_ID for everyone" patch into fb87_log_session_id.patch, + update fb87_pass_principals_to_child.patch to account for this change + * Mon Apr 15 2024 Raymond Colebaugh - 8.7p1-38.8 + 0.10.4-5.7 - Disable openssh-6.6p1-keyperm.patch in hs+fb builds