[arch-commits] Commit in openssh/repos (22 files)
Evangelos Foutras
foutrelis at archlinux.org
Thu Jan 14 15:51:49 UTC 2016
Date: Thursday, January 14, 2016 @ 16:51:48
Author: foutrelis
Revision: 258310
archrelease: copy trunk to testing-i686, testing-x86_64
Added:
openssh/repos/testing-i686/
openssh/repos/testing-i686/PKGBUILD
(from rev 258309, openssh/trunk/PKGBUILD)
openssh/repos/testing-i686/dispatch.patch
(from rev 258309, openssh/trunk/dispatch.patch)
openssh/repos/testing-i686/error.patch
(from rev 258309, openssh/trunk/error.patch)
openssh/repos/testing-i686/install
(from rev 258309, openssh/trunk/install)
openssh/repos/testing-i686/sshd.conf
(from rev 258309, openssh/trunk/sshd.conf)
openssh/repos/testing-i686/sshd.pam
(from rev 258309, openssh/trunk/sshd.pam)
openssh/repos/testing-i686/sshd.service
(from rev 258309, openssh/trunk/sshd.service)
openssh/repos/testing-i686/sshd.socket
(from rev 258309, openssh/trunk/sshd.socket)
openssh/repos/testing-i686/sshd at .service
(from rev 258309, openssh/trunk/sshd at .service)
openssh/repos/testing-i686/sshdgenkeys.service
(from rev 258309, openssh/trunk/sshdgenkeys.service)
openssh/repos/testing-x86_64/
openssh/repos/testing-x86_64/PKGBUILD
(from rev 258309, openssh/trunk/PKGBUILD)
openssh/repos/testing-x86_64/dispatch.patch
(from rev 258309, openssh/trunk/dispatch.patch)
openssh/repos/testing-x86_64/error.patch
(from rev 258309, openssh/trunk/error.patch)
openssh/repos/testing-x86_64/install
(from rev 258309, openssh/trunk/install)
openssh/repos/testing-x86_64/sshd.conf
(from rev 258309, openssh/trunk/sshd.conf)
openssh/repos/testing-x86_64/sshd.pam
(from rev 258309, openssh/trunk/sshd.pam)
openssh/repos/testing-x86_64/sshd.service
(from rev 258309, openssh/trunk/sshd.service)
openssh/repos/testing-x86_64/sshd.socket
(from rev 258309, openssh/trunk/sshd.socket)
openssh/repos/testing-x86_64/sshd at .service
(from rev 258309, openssh/trunk/sshd at .service)
openssh/repos/testing-x86_64/sshdgenkeys.service
(from rev 258309, openssh/trunk/sshdgenkeys.service)
------------------------------------+
testing-i686/PKGBUILD | 92 +++++++++++++++++++++++++++++++++++
testing-i686/dispatch.patch | 81 ++++++++++++++++++++++++++++++
testing-i686/error.patch | 25 +++++++++
testing-i686/install | 10 +++
testing-i686/sshd.conf | 1
testing-i686/sshd.pam | 6 ++
testing-i686/sshd.service | 17 ++++++
testing-i686/sshd.socket | 10 +++
testing-i686/sshd at .service | 8 +++
testing-i686/sshdgenkeys.service | 17 ++++++
testing-x86_64/PKGBUILD | 92 +++++++++++++++++++++++++++++++++++
testing-x86_64/dispatch.patch | 81 ++++++++++++++++++++++++++++++
testing-x86_64/error.patch | 25 +++++++++
testing-x86_64/install | 10 +++
testing-x86_64/sshd.conf | 1
testing-x86_64/sshd.pam | 6 ++
testing-x86_64/sshd.service | 17 ++++++
testing-x86_64/sshd.socket | 10 +++
testing-x86_64/sshd at .service | 8 +++
testing-x86_64/sshdgenkeys.service | 17 ++++++
20 files changed, 534 insertions(+)
Copied: openssh/repos/testing-i686/PKGBUILD (from rev 258309, openssh/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD (rev 0)
+++ testing-i686/PKGBUILD 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,92 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Aaron Griffin <aaron at archlinux.org>
+# Contributor: judd <jvinet at zeroflux.org>
+
+pkgname=openssh
+pkgver=7.1p2
+pkgrel=1
+pkgdesc='Free version of the SSH connectivity tools'
+url='http://www.openssh.org/portable.html'
+license=('custom:BSD')
+arch=('i686' 'x86_64')
+makedepends=('linux-headers')
+depends=('krb5' 'openssl' 'libedit' 'ldns')
+optdepends=('xorg-xauth: X11 forwarding'
+ 'x11-ssh-askpass: input passphrase in X')
+validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30')
+source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
+ 'sshdgenkeys.service'
+ 'sshd at .service'
+ 'sshd.service'
+ 'sshd.socket'
+ 'sshd.conf'
+ 'sshd.pam')
+sha1sums=('9202f5a2a50c8a55ecfb830609df1e1fde97f758' 'SKIP'
+ 'cc1ceec606c98c7407e7ac21ade23aed81e31405'
+ '6a0ff3305692cf83aca96e10f3bb51e1c26fccda'
+ 'ec49c6beba923e201505f5669cea48cad29014db'
+ 'e12fa910b26a5634e5a6ac39ce1399a132cf6796'
+ 'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f'
+ 'd93dca5ebda4610ff7647187f8928a3de28703f3')
+
+backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd')
+
+install=install
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ ./configure \
+ --prefix=/usr \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib/ssh \
+ --sysconfdir=/etc/ssh \
+ --with-ldns \
+ --with-libedit \
+ --with-ssl-engine \
+ --with-pam \
+ --with-privsep-user=nobody \
+ --with-kerberos5=/usr \
+ --with-xauth=/usr/bin/xauth \
+ --with-mantype=man \
+ --with-md5-passwords \
+ --with-pid-dir=/run \
+
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ make tests || true
+ # hard to suitably test connectivity:
+ # - fails with /bin/false as login shell
+ # - fails with firewall activated, etc.
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ make DESTDIR="${pkgdir}" install
+
+ ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
+ install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
+
+ install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service
+ install -Dm644 ../sshd at .service "${pkgdir}"/usr/lib/systemd/system/sshd at .service
+ install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service
+ install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket
+ install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf
+ install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
+
+ install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
+ install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
+ install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
+
+ sed \
+ -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
+ -e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \
+ -e '/^#UsePAM no$/c UsePAM yes' \
+ -i "${pkgdir}"/etc/ssh/sshd_config
+}
Copied: openssh/repos/testing-i686/dispatch.patch (from rev 258309, openssh/trunk/dispatch.patch)
===================================================================
--- testing-i686/dispatch.patch (rev 0)
+++ testing-i686/dispatch.patch 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,81 @@
+From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001
+From: djm at openbsd.org <djm at openbsd.org>
+Date: Fri, 01 May 2015 07:10:01 +0000
+Subject: upstream commit
+
+refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
+ to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
+
+Improves error messages on TCP connection resets. bz#2257
+
+ok dtucker@
+---
+diff --git a/dispatch.c b/dispatch.c
+index afe6182..aac933e 100644
+--- a/dispatch.c
++++ b/dispatch.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */
++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */
+ /*
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done,
+ {
+ int r;
+
+- if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) {
+- switch (r) {
+- case SSH_ERR_CONN_CLOSED:
+- logit("Connection closed by %.200s",
+- ssh_remote_ipaddr(ssh));
+- cleanup_exit(255);
+- case SSH_ERR_CONN_TIMEOUT:
+- logit("Connection to %.200s timed out while "
+- "waiting to read", ssh_remote_ipaddr(ssh));
+- cleanup_exit(255);
+- case SSH_ERR_DISCONNECTED:
+- logit("Disconnected from %.200s",
+- ssh_remote_ipaddr(ssh));
+- cleanup_exit(255);
+- default:
+- fatal("%s: %s", __func__, ssh_err(r));
+- }
+- }
++ if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0)
++ sshpkt_fatal(ssh, __func__, r);
+ }
+diff --git a/packet.c b/packet.c
+index 4922573..a7727ef 100644
+--- a/packet.c
++++ b/packet.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */
+ /*
+ * Author: Tatu Ylonen <ylo at cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
+@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
+ logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh));
+ cleanup_exit(255);
+ case SSH_ERR_CONN_TIMEOUT:
+- logit("Connection to %.200s timed out while "
+- "waiting to write", ssh_remote_ipaddr(ssh));
++ logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh));
+ cleanup_exit(255);
++ case SSH_ERR_DISCONNECTED:
++ logit("Disconnected from %.200s",
++ ssh_remote_ipaddr(ssh));
++ cleanup_exit(255);
++ case SSH_ERR_SYSTEM_ERROR:
++ if (errno == ECONNRESET) {
++ logit("Connection reset by %.200s",
++ ssh_remote_ipaddr(ssh));
++ cleanup_exit(255);
++ }
++ /* FALLTHROUGH */
+ default:
+ fatal("%s%sConnection to %.200s: %s",
+ tag != NULL ? tag : "", tag != NULL ? ": " : "",
+--
+cgit v0.9.2
Copied: openssh/repos/testing-i686/error.patch (from rev 258309, openssh/trunk/error.patch)
===================================================================
--- testing-i686/error.patch (rev 0)
+++ testing-i686/error.patch 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,25 @@
+From 4d24b3b6a4a6383e05e7da26d183b79fa8663697 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm at mindrot.org>
+Date: Thu, 19 Mar 2015 22:11:59 +0000
+Subject: remove error() accidentally inserted for debugging
+
+pointed out by Christian Hesse
+---
+diff --git a/monitor_wrap.c b/monitor_wrap.c
+index b379f05..d39d491 100644
+--- a/monitor_wrap.c
++++ b/monitor_wrap.c
+@@ -153,10 +153,8 @@ mm_request_receive(int sock, Buffer *m)
+ debug3("%s entering", __func__);
+
+ if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
+- if (errno == EPIPE) {
+- error("%s: socket closed", __func__);
++ if (errno == EPIPE)
+ cleanup_exit(255);
+- }
+ fatal("%s: read: %s", __func__, strerror(errno));
+ }
+ msg_len = get_u32(buf);
+--
+cgit v0.9.2
Copied: openssh/repos/testing-i686/install (from rev 258309, openssh/trunk/install)
===================================================================
--- testing-i686/install (rev 0)
+++ testing-i686/install 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+post_upgrade() {
+ if [[ $(vercmp $2 6.2p2) = -1 ]]; then
+ cat <<EOF
+
+==> The sshd daemon has been moved to /usr/bin alongside all binaries.
+==> Please update this path in your scripts if applicable.
+
+EOF
+ fi
+}
Copied: openssh/repos/testing-i686/sshd.conf (from rev 258309, openssh/trunk/sshd.conf)
===================================================================
--- testing-i686/sshd.conf (rev 0)
+++ testing-i686/sshd.conf 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1 @@
+d /var/empty 0755 root root
Copied: openssh/repos/testing-i686/sshd.pam (from rev 258309, openssh/trunk/sshd.pam)
===================================================================
--- testing-i686/sshd.pam (rev 0)
+++ testing-i686/sshd.pam 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,6 @@
+#%PAM-1.0
+#auth required pam_securetty.so #disable remote root
+auth include system-remote-login
+account include system-remote-login
+password include system-remote-login
+session include system-remote-login
Copied: openssh/repos/testing-i686/sshd.service (from rev 258309, openssh/trunk/sshd.service)
===================================================================
--- testing-i686/sshd.service (rev 0)
+++ testing-i686/sshd.service 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=OpenSSH Daemon
+Wants=sshdgenkeys.service
+After=sshdgenkeys.service
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sshd -D
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+
+# This service file runs an SSH daemon that forks for each incoming connection.
+# If you prefer to spawn on-demand daemons, use sshd.socket and sshd at .service.
Copied: openssh/repos/testing-i686/sshd.socket (from rev 258309, openssh/trunk/sshd.socket)
===================================================================
--- testing-i686/sshd.socket (rev 0)
+++ testing-i686/sshd.socket 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+[Unit]
+Conflicts=sshd.service
+Wants=sshdgenkeys.service
+
+[Socket]
+ListenStream=22
+Accept=yes
+
+[Install]
+WantedBy=sockets.target
Copied: openssh/repos/testing-i686/sshd at .service (from rev 258309, openssh/trunk/sshd at .service)
===================================================================
--- testing-i686/sshd at .service (rev 0)
+++ testing-i686/sshd at .service 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,8 @@
+[Unit]
+Description=OpenSSH Per-Connection Daemon
+After=sshdgenkeys.service
+
+[Service]
+ExecStart=-/usr/bin/sshd -i
+StandardInput=socket
+StandardError=syslog
Copied: openssh/repos/testing-i686/sshdgenkeys.service (from rev 258309, openssh/trunk/sshdgenkeys.service)
===================================================================
--- testing-i686/sshdgenkeys.service (rev 0)
+++ testing-i686/sshdgenkeys.service 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=SSH Key Generation
+ConditionPathExists=|!/etc/ssh/ssh_host_key
+ConditionPathExists=|!/etc/ssh/ssh_host_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
+
+[Service]
+ExecStart=/usr/bin/ssh-keygen -A
+Type=oneshot
+RemainAfterExit=yes
Copied: openssh/repos/testing-x86_64/PKGBUILD (from rev 258309, openssh/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,92 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Aaron Griffin <aaron at archlinux.org>
+# Contributor: judd <jvinet at zeroflux.org>
+
+pkgname=openssh
+pkgver=7.1p2
+pkgrel=1
+pkgdesc='Free version of the SSH connectivity tools'
+url='http://www.openssh.org/portable.html'
+license=('custom:BSD')
+arch=('i686' 'x86_64')
+makedepends=('linux-headers')
+depends=('krb5' 'openssl' 'libedit' 'ldns')
+optdepends=('xorg-xauth: X11 forwarding'
+ 'x11-ssh-askpass: input passphrase in X')
+validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30')
+source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
+ 'sshdgenkeys.service'
+ 'sshd at .service'
+ 'sshd.service'
+ 'sshd.socket'
+ 'sshd.conf'
+ 'sshd.pam')
+sha1sums=('9202f5a2a50c8a55ecfb830609df1e1fde97f758' 'SKIP'
+ 'cc1ceec606c98c7407e7ac21ade23aed81e31405'
+ '6a0ff3305692cf83aca96e10f3bb51e1c26fccda'
+ 'ec49c6beba923e201505f5669cea48cad29014db'
+ 'e12fa910b26a5634e5a6ac39ce1399a132cf6796'
+ 'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f'
+ 'd93dca5ebda4610ff7647187f8928a3de28703f3')
+
+backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd')
+
+install=install
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ ./configure \
+ --prefix=/usr \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib/ssh \
+ --sysconfdir=/etc/ssh \
+ --with-ldns \
+ --with-libedit \
+ --with-ssl-engine \
+ --with-pam \
+ --with-privsep-user=nobody \
+ --with-kerberos5=/usr \
+ --with-xauth=/usr/bin/xauth \
+ --with-mantype=man \
+ --with-md5-passwords \
+ --with-pid-dir=/run \
+
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ make tests || true
+ # hard to suitably test connectivity:
+ # - fails with /bin/false as login shell
+ # - fails with firewall activated, etc.
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ make DESTDIR="${pkgdir}" install
+
+ ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
+ install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
+
+ install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service
+ install -Dm644 ../sshd at .service "${pkgdir}"/usr/lib/systemd/system/sshd at .service
+ install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service
+ install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket
+ install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf
+ install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
+
+ install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
+ install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
+ install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
+
+ sed \
+ -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
+ -e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \
+ -e '/^#UsePAM no$/c UsePAM yes' \
+ -i "${pkgdir}"/etc/ssh/sshd_config
+}
Copied: openssh/repos/testing-x86_64/dispatch.patch (from rev 258309, openssh/trunk/dispatch.patch)
===================================================================
--- testing-x86_64/dispatch.patch (rev 0)
+++ testing-x86_64/dispatch.patch 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,81 @@
+From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001
+From: djm at openbsd.org <djm at openbsd.org>
+Date: Fri, 01 May 2015 07:10:01 +0000
+Subject: upstream commit
+
+refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
+ to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
+
+Improves error messages on TCP connection resets. bz#2257
+
+ok dtucker@
+---
+diff --git a/dispatch.c b/dispatch.c
+index afe6182..aac933e 100644
+--- a/dispatch.c
++++ b/dispatch.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */
++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */
+ /*
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done,
+ {
+ int r;
+
+- if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) {
+- switch (r) {
+- case SSH_ERR_CONN_CLOSED:
+- logit("Connection closed by %.200s",
+- ssh_remote_ipaddr(ssh));
+- cleanup_exit(255);
+- case SSH_ERR_CONN_TIMEOUT:
+- logit("Connection to %.200s timed out while "
+- "waiting to read", ssh_remote_ipaddr(ssh));
+- cleanup_exit(255);
+- case SSH_ERR_DISCONNECTED:
+- logit("Disconnected from %.200s",
+- ssh_remote_ipaddr(ssh));
+- cleanup_exit(255);
+- default:
+- fatal("%s: %s", __func__, ssh_err(r));
+- }
+- }
++ if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0)
++ sshpkt_fatal(ssh, __func__, r);
+ }
+diff --git a/packet.c b/packet.c
+index 4922573..a7727ef 100644
+--- a/packet.c
++++ b/packet.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */
+ /*
+ * Author: Tatu Ylonen <ylo at cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
+@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
+ logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh));
+ cleanup_exit(255);
+ case SSH_ERR_CONN_TIMEOUT:
+- logit("Connection to %.200s timed out while "
+- "waiting to write", ssh_remote_ipaddr(ssh));
++ logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh));
+ cleanup_exit(255);
++ case SSH_ERR_DISCONNECTED:
++ logit("Disconnected from %.200s",
++ ssh_remote_ipaddr(ssh));
++ cleanup_exit(255);
++ case SSH_ERR_SYSTEM_ERROR:
++ if (errno == ECONNRESET) {
++ logit("Connection reset by %.200s",
++ ssh_remote_ipaddr(ssh));
++ cleanup_exit(255);
++ }
++ /* FALLTHROUGH */
+ default:
+ fatal("%s%sConnection to %.200s: %s",
+ tag != NULL ? tag : "", tag != NULL ? ": " : "",
+--
+cgit v0.9.2
Copied: openssh/repos/testing-x86_64/error.patch (from rev 258309, openssh/trunk/error.patch)
===================================================================
--- testing-x86_64/error.patch (rev 0)
+++ testing-x86_64/error.patch 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,25 @@
+From 4d24b3b6a4a6383e05e7da26d183b79fa8663697 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm at mindrot.org>
+Date: Thu, 19 Mar 2015 22:11:59 +0000
+Subject: remove error() accidentally inserted for debugging
+
+pointed out by Christian Hesse
+---
+diff --git a/monitor_wrap.c b/monitor_wrap.c
+index b379f05..d39d491 100644
+--- a/monitor_wrap.c
++++ b/monitor_wrap.c
+@@ -153,10 +153,8 @@ mm_request_receive(int sock, Buffer *m)
+ debug3("%s entering", __func__);
+
+ if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
+- if (errno == EPIPE) {
+- error("%s: socket closed", __func__);
++ if (errno == EPIPE)
+ cleanup_exit(255);
+- }
+ fatal("%s: read: %s", __func__, strerror(errno));
+ }
+ msg_len = get_u32(buf);
+--
+cgit v0.9.2
Copied: openssh/repos/testing-x86_64/install (from rev 258309, openssh/trunk/install)
===================================================================
--- testing-x86_64/install (rev 0)
+++ testing-x86_64/install 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+post_upgrade() {
+ if [[ $(vercmp $2 6.2p2) = -1 ]]; then
+ cat <<EOF
+
+==> The sshd daemon has been moved to /usr/bin alongside all binaries.
+==> Please update this path in your scripts if applicable.
+
+EOF
+ fi
+}
Copied: openssh/repos/testing-x86_64/sshd.conf (from rev 258309, openssh/trunk/sshd.conf)
===================================================================
--- testing-x86_64/sshd.conf (rev 0)
+++ testing-x86_64/sshd.conf 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1 @@
+d /var/empty 0755 root root
Copied: openssh/repos/testing-x86_64/sshd.pam (from rev 258309, openssh/trunk/sshd.pam)
===================================================================
--- testing-x86_64/sshd.pam (rev 0)
+++ testing-x86_64/sshd.pam 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,6 @@
+#%PAM-1.0
+#auth required pam_securetty.so #disable remote root
+auth include system-remote-login
+account include system-remote-login
+password include system-remote-login
+session include system-remote-login
Copied: openssh/repos/testing-x86_64/sshd.service (from rev 258309, openssh/trunk/sshd.service)
===================================================================
--- testing-x86_64/sshd.service (rev 0)
+++ testing-x86_64/sshd.service 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=OpenSSH Daemon
+Wants=sshdgenkeys.service
+After=sshdgenkeys.service
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sshd -D
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+
+# This service file runs an SSH daemon that forks for each incoming connection.
+# If you prefer to spawn on-demand daemons, use sshd.socket and sshd at .service.
Copied: openssh/repos/testing-x86_64/sshd.socket (from rev 258309, openssh/trunk/sshd.socket)
===================================================================
--- testing-x86_64/sshd.socket (rev 0)
+++ testing-x86_64/sshd.socket 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+[Unit]
+Conflicts=sshd.service
+Wants=sshdgenkeys.service
+
+[Socket]
+ListenStream=22
+Accept=yes
+
+[Install]
+WantedBy=sockets.target
Copied: openssh/repos/testing-x86_64/sshd at .service (from rev 258309, openssh/trunk/sshd at .service)
===================================================================
--- testing-x86_64/sshd at .service (rev 0)
+++ testing-x86_64/sshd at .service 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,8 @@
+[Unit]
+Description=OpenSSH Per-Connection Daemon
+After=sshdgenkeys.service
+
+[Service]
+ExecStart=-/usr/bin/sshd -i
+StandardInput=socket
+StandardError=syslog
Copied: openssh/repos/testing-x86_64/sshdgenkeys.service (from rev 258309, openssh/trunk/sshdgenkeys.service)
===================================================================
--- testing-x86_64/sshdgenkeys.service (rev 0)
+++ testing-x86_64/sshdgenkeys.service 2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=SSH Key Generation
+ConditionPathExists=|!/etc/ssh/ssh_host_key
+ConditionPathExists=|!/etc/ssh/ssh_host_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
+
+[Service]
+ExecStart=/usr/bin/ssh-keygen -A
+Type=oneshot
+RemainAfterExit=yes
More information about the arch-commits
mailing list