[arch-commits] Commit in openssh/repos (22 files)

Evangelos Foutras foutrelis at archlinux.org
Thu Jan 14 15:51:49 UTC 2016


    Date: Thursday, January 14, 2016 @ 16:51:48
  Author: foutrelis
Revision: 258310

archrelease: copy trunk to testing-i686, testing-x86_64

Added:
  openssh/repos/testing-i686/
  openssh/repos/testing-i686/PKGBUILD
    (from rev 258309, openssh/trunk/PKGBUILD)
  openssh/repos/testing-i686/dispatch.patch
    (from rev 258309, openssh/trunk/dispatch.patch)
  openssh/repos/testing-i686/error.patch
    (from rev 258309, openssh/trunk/error.patch)
  openssh/repos/testing-i686/install
    (from rev 258309, openssh/trunk/install)
  openssh/repos/testing-i686/sshd.conf
    (from rev 258309, openssh/trunk/sshd.conf)
  openssh/repos/testing-i686/sshd.pam
    (from rev 258309, openssh/trunk/sshd.pam)
  openssh/repos/testing-i686/sshd.service
    (from rev 258309, openssh/trunk/sshd.service)
  openssh/repos/testing-i686/sshd.socket
    (from rev 258309, openssh/trunk/sshd.socket)
  openssh/repos/testing-i686/sshd at .service
    (from rev 258309, openssh/trunk/sshd at .service)
  openssh/repos/testing-i686/sshdgenkeys.service
    (from rev 258309, openssh/trunk/sshdgenkeys.service)
  openssh/repos/testing-x86_64/
  openssh/repos/testing-x86_64/PKGBUILD
    (from rev 258309, openssh/trunk/PKGBUILD)
  openssh/repos/testing-x86_64/dispatch.patch
    (from rev 258309, openssh/trunk/dispatch.patch)
  openssh/repos/testing-x86_64/error.patch
    (from rev 258309, openssh/trunk/error.patch)
  openssh/repos/testing-x86_64/install
    (from rev 258309, openssh/trunk/install)
  openssh/repos/testing-x86_64/sshd.conf
    (from rev 258309, openssh/trunk/sshd.conf)
  openssh/repos/testing-x86_64/sshd.pam
    (from rev 258309, openssh/trunk/sshd.pam)
  openssh/repos/testing-x86_64/sshd.service
    (from rev 258309, openssh/trunk/sshd.service)
  openssh/repos/testing-x86_64/sshd.socket
    (from rev 258309, openssh/trunk/sshd.socket)
  openssh/repos/testing-x86_64/sshd at .service
    (from rev 258309, openssh/trunk/sshd at .service)
  openssh/repos/testing-x86_64/sshdgenkeys.service
    (from rev 258309, openssh/trunk/sshdgenkeys.service)

------------------------------------+
 testing-i686/PKGBUILD              |   92 +++++++++++++++++++++++++++++++++++
 testing-i686/dispatch.patch        |   81 ++++++++++++++++++++++++++++++
 testing-i686/error.patch           |   25 +++++++++
 testing-i686/install               |   10 +++
 testing-i686/sshd.conf             |    1 
 testing-i686/sshd.pam              |    6 ++
 testing-i686/sshd.service          |   17 ++++++
 testing-i686/sshd.socket           |   10 +++
 testing-i686/sshd at .service         |    8 +++
 testing-i686/sshdgenkeys.service   |   17 ++++++
 testing-x86_64/PKGBUILD            |   92 +++++++++++++++++++++++++++++++++++
 testing-x86_64/dispatch.patch      |   81 ++++++++++++++++++++++++++++++
 testing-x86_64/error.patch         |   25 +++++++++
 testing-x86_64/install             |   10 +++
 testing-x86_64/sshd.conf           |    1 
 testing-x86_64/sshd.pam            |    6 ++
 testing-x86_64/sshd.service        |   17 ++++++
 testing-x86_64/sshd.socket         |   10 +++
 testing-x86_64/sshd at .service       |    8 +++
 testing-x86_64/sshdgenkeys.service |   17 ++++++
 20 files changed, 534 insertions(+)

Copied: openssh/repos/testing-i686/PKGBUILD (from rev 258309, openssh/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD	                        (rev 0)
+++ testing-i686/PKGBUILD	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,92 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Aaron Griffin <aaron at archlinux.org>
+# Contributor: judd <jvinet at zeroflux.org>
+
+pkgname=openssh
+pkgver=7.1p2
+pkgrel=1
+pkgdesc='Free version of the SSH connectivity tools'
+url='http://www.openssh.org/portable.html'
+license=('custom:BSD')
+arch=('i686' 'x86_64')
+makedepends=('linux-headers')
+depends=('krb5' 'openssl' 'libedit' 'ldns')
+optdepends=('xorg-xauth: X11 forwarding'
+            'x11-ssh-askpass: input passphrase in X')
+validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30')
+source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
+        'sshdgenkeys.service'
+        'sshd at .service'
+        'sshd.service'
+        'sshd.socket'
+        'sshd.conf'
+        'sshd.pam')
+sha1sums=('9202f5a2a50c8a55ecfb830609df1e1fde97f758' 'SKIP'
+          'cc1ceec606c98c7407e7ac21ade23aed81e31405'
+          '6a0ff3305692cf83aca96e10f3bb51e1c26fccda'
+          'ec49c6beba923e201505f5669cea48cad29014db'
+          'e12fa910b26a5634e5a6ac39ce1399a132cf6796'
+          'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f'
+          'd93dca5ebda4610ff7647187f8928a3de28703f3')
+
+backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd')
+
+install=install
+
+build() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	./configure \
+		--prefix=/usr \
+		--sbindir=/usr/bin \
+		--libexecdir=/usr/lib/ssh \
+		--sysconfdir=/etc/ssh \
+		--with-ldns \
+		--with-libedit \
+		--with-ssl-engine \
+		--with-pam \
+		--with-privsep-user=nobody \
+		--with-kerberos5=/usr \
+		--with-xauth=/usr/bin/xauth \
+		--with-mantype=man \
+		--with-md5-passwords \
+		--with-pid-dir=/run \
+
+	make
+}
+
+check() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	make tests || true
+	# hard to suitably test connectivity:
+	# - fails with /bin/false as login shell
+	# - fails with firewall activated, etc.
+}
+
+package() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	make DESTDIR="${pkgdir}" install
+
+	ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
+	install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
+
+	install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service
+	install -Dm644 ../sshd at .service "${pkgdir}"/usr/lib/systemd/system/sshd at .service
+	install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service
+	install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket
+	install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf
+	install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
+
+	install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
+	install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
+	install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
+
+	sed \
+		-e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
+		-e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \
+		-e '/^#UsePAM no$/c UsePAM yes' \
+		-i "${pkgdir}"/etc/ssh/sshd_config
+}

Copied: openssh/repos/testing-i686/dispatch.patch (from rev 258309, openssh/trunk/dispatch.patch)
===================================================================
--- testing-i686/dispatch.patch	                        (rev 0)
+++ testing-i686/dispatch.patch	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,81 @@
+From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001
+From: djm at openbsd.org <djm at openbsd.org>
+Date: Fri, 01 May 2015 07:10:01 +0000
+Subject: upstream commit
+
+refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
+ to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
+
+Improves error messages on TCP connection resets. bz#2257
+
+ok dtucker@
+---
+diff --git a/dispatch.c b/dispatch.c
+index afe6182..aac933e 100644
+--- a/dispatch.c
++++ b/dispatch.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */
++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */
+ /*
+  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
+  *
+@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done,
+ {
+ 	int r;
+ 
+-	if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) {
+-		switch (r) {
+-		case SSH_ERR_CONN_CLOSED:
+-			logit("Connection closed by %.200s",
+-			    ssh_remote_ipaddr(ssh));
+-			cleanup_exit(255);
+-		case SSH_ERR_CONN_TIMEOUT:
+-			logit("Connection to %.200s timed out while "
+-			    "waiting to read", ssh_remote_ipaddr(ssh));
+-			cleanup_exit(255);
+-		case SSH_ERR_DISCONNECTED:
+-			logit("Disconnected from %.200s",
+-			    ssh_remote_ipaddr(ssh));
+-			cleanup_exit(255);
+-		default:
+-			fatal("%s: %s", __func__, ssh_err(r));
+-		}
+-	}
++	if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0)
++		sshpkt_fatal(ssh, __func__, r);
+ }
+diff --git a/packet.c b/packet.c
+index 4922573..a7727ef 100644
+--- a/packet.c
++++ b/packet.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */
+ /*
+  * Author: Tatu Ylonen <ylo at cs.hut.fi>
+  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
+@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
+ 		logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh));
+ 		cleanup_exit(255);
+ 	case SSH_ERR_CONN_TIMEOUT:
+-		logit("Connection to %.200s timed out while "
+-		    "waiting to write", ssh_remote_ipaddr(ssh));
++		logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh));
+ 		cleanup_exit(255);
++	case SSH_ERR_DISCONNECTED:
++		logit("Disconnected from %.200s",
++		    ssh_remote_ipaddr(ssh));
++		cleanup_exit(255);
++	case SSH_ERR_SYSTEM_ERROR:
++		if (errno == ECONNRESET) {
++			logit("Connection reset by %.200s",
++			    ssh_remote_ipaddr(ssh));
++			cleanup_exit(255);
++		}
++		/* FALLTHROUGH */
+ 	default:
+ 		fatal("%s%sConnection to %.200s: %s",
+ 		    tag != NULL ? tag : "", tag != NULL ? ": " : "",
+--
+cgit v0.9.2

Copied: openssh/repos/testing-i686/error.patch (from rev 258309, openssh/trunk/error.patch)
===================================================================
--- testing-i686/error.patch	                        (rev 0)
+++ testing-i686/error.patch	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,25 @@
+From 4d24b3b6a4a6383e05e7da26d183b79fa8663697 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm at mindrot.org>
+Date: Thu, 19 Mar 2015 22:11:59 +0000
+Subject: remove error() accidentally inserted for debugging
+
+pointed out by Christian Hesse
+---
+diff --git a/monitor_wrap.c b/monitor_wrap.c
+index b379f05..d39d491 100644
+--- a/monitor_wrap.c
++++ b/monitor_wrap.c
+@@ -153,10 +153,8 @@ mm_request_receive(int sock, Buffer *m)
+ 	debug3("%s entering", __func__);
+ 
+ 	if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
+-		if (errno == EPIPE) {
+-			error("%s: socket closed", __func__);
++		if (errno == EPIPE)
+ 			cleanup_exit(255);
+-		}
+ 		fatal("%s: read: %s", __func__, strerror(errno));
+ 	}
+ 	msg_len = get_u32(buf);
+--
+cgit v0.9.2

Copied: openssh/repos/testing-i686/install (from rev 258309, openssh/trunk/install)
===================================================================
--- testing-i686/install	                        (rev 0)
+++ testing-i686/install	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+post_upgrade() {
+	if [[ $(vercmp $2 6.2p2) = -1 ]]; then
+		cat <<EOF
+
+==> The sshd daemon has been moved to /usr/bin alongside all binaries.
+==> Please update this path in your scripts if applicable.
+
+EOF
+	fi
+}

Copied: openssh/repos/testing-i686/sshd.conf (from rev 258309, openssh/trunk/sshd.conf)
===================================================================
--- testing-i686/sshd.conf	                        (rev 0)
+++ testing-i686/sshd.conf	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1 @@
+d /var/empty 0755 root root

Copied: openssh/repos/testing-i686/sshd.pam (from rev 258309, openssh/trunk/sshd.pam)
===================================================================
--- testing-i686/sshd.pam	                        (rev 0)
+++ testing-i686/sshd.pam	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,6 @@
+#%PAM-1.0
+#auth     required  pam_securetty.so     #disable remote root
+auth      include   system-remote-login
+account   include   system-remote-login
+password  include   system-remote-login
+session   include   system-remote-login

Copied: openssh/repos/testing-i686/sshd.service (from rev 258309, openssh/trunk/sshd.service)
===================================================================
--- testing-i686/sshd.service	                        (rev 0)
+++ testing-i686/sshd.service	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=OpenSSH Daemon
+Wants=sshdgenkeys.service
+After=sshdgenkeys.service
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sshd -D
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+
+# This service file runs an SSH daemon that forks for each incoming connection.
+# If you prefer to spawn on-demand daemons, use sshd.socket and sshd at .service.

Copied: openssh/repos/testing-i686/sshd.socket (from rev 258309, openssh/trunk/sshd.socket)
===================================================================
--- testing-i686/sshd.socket	                        (rev 0)
+++ testing-i686/sshd.socket	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+[Unit]
+Conflicts=sshd.service
+Wants=sshdgenkeys.service
+
+[Socket]
+ListenStream=22
+Accept=yes
+
+[Install]
+WantedBy=sockets.target

Copied: openssh/repos/testing-i686/sshd at .service (from rev 258309, openssh/trunk/sshd at .service)
===================================================================
--- testing-i686/sshd at .service	                        (rev 0)
+++ testing-i686/sshd at .service	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,8 @@
+[Unit]
+Description=OpenSSH Per-Connection Daemon
+After=sshdgenkeys.service
+
+[Service]
+ExecStart=-/usr/bin/sshd -i
+StandardInput=socket
+StandardError=syslog

Copied: openssh/repos/testing-i686/sshdgenkeys.service (from rev 258309, openssh/trunk/sshdgenkeys.service)
===================================================================
--- testing-i686/sshdgenkeys.service	                        (rev 0)
+++ testing-i686/sshdgenkeys.service	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=SSH Key Generation
+ConditionPathExists=|!/etc/ssh/ssh_host_key
+ConditionPathExists=|!/etc/ssh/ssh_host_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
+
+[Service]
+ExecStart=/usr/bin/ssh-keygen -A
+Type=oneshot
+RemainAfterExit=yes

Copied: openssh/repos/testing-x86_64/PKGBUILD (from rev 258309, openssh/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD	                        (rev 0)
+++ testing-x86_64/PKGBUILD	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,92 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Aaron Griffin <aaron at archlinux.org>
+# Contributor: judd <jvinet at zeroflux.org>
+
+pkgname=openssh
+pkgver=7.1p2
+pkgrel=1
+pkgdesc='Free version of the SSH connectivity tools'
+url='http://www.openssh.org/portable.html'
+license=('custom:BSD')
+arch=('i686' 'x86_64')
+makedepends=('linux-headers')
+depends=('krb5' 'openssl' 'libedit' 'ldns')
+optdepends=('xorg-xauth: X11 forwarding'
+            'x11-ssh-askpass: input passphrase in X')
+validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30')
+source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
+        'sshdgenkeys.service'
+        'sshd at .service'
+        'sshd.service'
+        'sshd.socket'
+        'sshd.conf'
+        'sshd.pam')
+sha1sums=('9202f5a2a50c8a55ecfb830609df1e1fde97f758' 'SKIP'
+          'cc1ceec606c98c7407e7ac21ade23aed81e31405'
+          '6a0ff3305692cf83aca96e10f3bb51e1c26fccda'
+          'ec49c6beba923e201505f5669cea48cad29014db'
+          'e12fa910b26a5634e5a6ac39ce1399a132cf6796'
+          'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f'
+          'd93dca5ebda4610ff7647187f8928a3de28703f3')
+
+backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd')
+
+install=install
+
+build() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	./configure \
+		--prefix=/usr \
+		--sbindir=/usr/bin \
+		--libexecdir=/usr/lib/ssh \
+		--sysconfdir=/etc/ssh \
+		--with-ldns \
+		--with-libedit \
+		--with-ssl-engine \
+		--with-pam \
+		--with-privsep-user=nobody \
+		--with-kerberos5=/usr \
+		--with-xauth=/usr/bin/xauth \
+		--with-mantype=man \
+		--with-md5-passwords \
+		--with-pid-dir=/run \
+
+	make
+}
+
+check() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	make tests || true
+	# hard to suitably test connectivity:
+	# - fails with /bin/false as login shell
+	# - fails with firewall activated, etc.
+}
+
+package() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	make DESTDIR="${pkgdir}" install
+
+	ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
+	install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
+
+	install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service
+	install -Dm644 ../sshd at .service "${pkgdir}"/usr/lib/systemd/system/sshd at .service
+	install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service
+	install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket
+	install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf
+	install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
+
+	install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
+	install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
+	install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
+
+	sed \
+		-e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
+		-e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \
+		-e '/^#UsePAM no$/c UsePAM yes' \
+		-i "${pkgdir}"/etc/ssh/sshd_config
+}

Copied: openssh/repos/testing-x86_64/dispatch.patch (from rev 258309, openssh/trunk/dispatch.patch)
===================================================================
--- testing-x86_64/dispatch.patch	                        (rev 0)
+++ testing-x86_64/dispatch.patch	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,81 @@
+From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001
+From: djm at openbsd.org <djm at openbsd.org>
+Date: Fri, 01 May 2015 07:10:01 +0000
+Subject: upstream commit
+
+refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
+ to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
+
+Improves error messages on TCP connection resets. bz#2257
+
+ok dtucker@
+---
+diff --git a/dispatch.c b/dispatch.c
+index afe6182..aac933e 100644
+--- a/dispatch.c
++++ b/dispatch.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */
++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */
+ /*
+  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
+  *
+@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done,
+ {
+ 	int r;
+ 
+-	if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) {
+-		switch (r) {
+-		case SSH_ERR_CONN_CLOSED:
+-			logit("Connection closed by %.200s",
+-			    ssh_remote_ipaddr(ssh));
+-			cleanup_exit(255);
+-		case SSH_ERR_CONN_TIMEOUT:
+-			logit("Connection to %.200s timed out while "
+-			    "waiting to read", ssh_remote_ipaddr(ssh));
+-			cleanup_exit(255);
+-		case SSH_ERR_DISCONNECTED:
+-			logit("Disconnected from %.200s",
+-			    ssh_remote_ipaddr(ssh));
+-			cleanup_exit(255);
+-		default:
+-			fatal("%s: %s", __func__, ssh_err(r));
+-		}
+-	}
++	if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0)
++		sshpkt_fatal(ssh, __func__, r);
+ }
+diff --git a/packet.c b/packet.c
+index 4922573..a7727ef 100644
+--- a/packet.c
++++ b/packet.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */
+ /*
+  * Author: Tatu Ylonen <ylo at cs.hut.fi>
+  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
+@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
+ 		logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh));
+ 		cleanup_exit(255);
+ 	case SSH_ERR_CONN_TIMEOUT:
+-		logit("Connection to %.200s timed out while "
+-		    "waiting to write", ssh_remote_ipaddr(ssh));
++		logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh));
+ 		cleanup_exit(255);
++	case SSH_ERR_DISCONNECTED:
++		logit("Disconnected from %.200s",
++		    ssh_remote_ipaddr(ssh));
++		cleanup_exit(255);
++	case SSH_ERR_SYSTEM_ERROR:
++		if (errno == ECONNRESET) {
++			logit("Connection reset by %.200s",
++			    ssh_remote_ipaddr(ssh));
++			cleanup_exit(255);
++		}
++		/* FALLTHROUGH */
+ 	default:
+ 		fatal("%s%sConnection to %.200s: %s",
+ 		    tag != NULL ? tag : "", tag != NULL ? ": " : "",
+--
+cgit v0.9.2

Copied: openssh/repos/testing-x86_64/error.patch (from rev 258309, openssh/trunk/error.patch)
===================================================================
--- testing-x86_64/error.patch	                        (rev 0)
+++ testing-x86_64/error.patch	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,25 @@
+From 4d24b3b6a4a6383e05e7da26d183b79fa8663697 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm at mindrot.org>
+Date: Thu, 19 Mar 2015 22:11:59 +0000
+Subject: remove error() accidentally inserted for debugging
+
+pointed out by Christian Hesse
+---
+diff --git a/monitor_wrap.c b/monitor_wrap.c
+index b379f05..d39d491 100644
+--- a/monitor_wrap.c
++++ b/monitor_wrap.c
+@@ -153,10 +153,8 @@ mm_request_receive(int sock, Buffer *m)
+ 	debug3("%s entering", __func__);
+ 
+ 	if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
+-		if (errno == EPIPE) {
+-			error("%s: socket closed", __func__);
++		if (errno == EPIPE)
+ 			cleanup_exit(255);
+-		}
+ 		fatal("%s: read: %s", __func__, strerror(errno));
+ 	}
+ 	msg_len = get_u32(buf);
+--
+cgit v0.9.2

Copied: openssh/repos/testing-x86_64/install (from rev 258309, openssh/trunk/install)
===================================================================
--- testing-x86_64/install	                        (rev 0)
+++ testing-x86_64/install	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+post_upgrade() {
+	if [[ $(vercmp $2 6.2p2) = -1 ]]; then
+		cat <<EOF
+
+==> The sshd daemon has been moved to /usr/bin alongside all binaries.
+==> Please update this path in your scripts if applicable.
+
+EOF
+	fi
+}

Copied: openssh/repos/testing-x86_64/sshd.conf (from rev 258309, openssh/trunk/sshd.conf)
===================================================================
--- testing-x86_64/sshd.conf	                        (rev 0)
+++ testing-x86_64/sshd.conf	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1 @@
+d /var/empty 0755 root root

Copied: openssh/repos/testing-x86_64/sshd.pam (from rev 258309, openssh/trunk/sshd.pam)
===================================================================
--- testing-x86_64/sshd.pam	                        (rev 0)
+++ testing-x86_64/sshd.pam	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,6 @@
+#%PAM-1.0
+#auth     required  pam_securetty.so     #disable remote root
+auth      include   system-remote-login
+account   include   system-remote-login
+password  include   system-remote-login
+session   include   system-remote-login

Copied: openssh/repos/testing-x86_64/sshd.service (from rev 258309, openssh/trunk/sshd.service)
===================================================================
--- testing-x86_64/sshd.service	                        (rev 0)
+++ testing-x86_64/sshd.service	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=OpenSSH Daemon
+Wants=sshdgenkeys.service
+After=sshdgenkeys.service
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sshd -D
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+
+# This service file runs an SSH daemon that forks for each incoming connection.
+# If you prefer to spawn on-demand daemons, use sshd.socket and sshd at .service.

Copied: openssh/repos/testing-x86_64/sshd.socket (from rev 258309, openssh/trunk/sshd.socket)
===================================================================
--- testing-x86_64/sshd.socket	                        (rev 0)
+++ testing-x86_64/sshd.socket	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,10 @@
+[Unit]
+Conflicts=sshd.service
+Wants=sshdgenkeys.service
+
+[Socket]
+ListenStream=22
+Accept=yes
+
+[Install]
+WantedBy=sockets.target

Copied: openssh/repos/testing-x86_64/sshd at .service (from rev 258309, openssh/trunk/sshd at .service)
===================================================================
--- testing-x86_64/sshd at .service	                        (rev 0)
+++ testing-x86_64/sshd at .service	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,8 @@
+[Unit]
+Description=OpenSSH Per-Connection Daemon
+After=sshdgenkeys.service
+
+[Service]
+ExecStart=-/usr/bin/sshd -i
+StandardInput=socket
+StandardError=syslog

Copied: openssh/repos/testing-x86_64/sshdgenkeys.service (from rev 258309, openssh/trunk/sshdgenkeys.service)
===================================================================
--- testing-x86_64/sshdgenkeys.service	                        (rev 0)
+++ testing-x86_64/sshdgenkeys.service	2016-01-14 15:51:48 UTC (rev 258310)
@@ -0,0 +1,17 @@
+[Unit]
+Description=SSH Key Generation
+ConditionPathExists=|!/etc/ssh/ssh_host_key
+ConditionPathExists=|!/etc/ssh/ssh_host_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
+
+[Service]
+ExecStart=/usr/bin/ssh-keygen -A
+Type=oneshot
+RemainAfterExit=yes



More information about the arch-commits mailing list