diff options
| -rw-r--r-- | .SRCINFO | 10 | ||||
| -rw-r--r-- | PKGBUILD | 8 | ||||
| -rw-r--r-- | dispatch.patch | 81 | ||||
| -rw-r--r-- | sshd.conf | 1 |
4 files changed, 96 insertions, 4 deletions
@@ -1,7 +1,7 @@ pkgbase = openssh-selinux pkgdesc = Free version of the SSH connectivity tools with SELinux support pkgver = 6.8p1 - pkgrel = 1 + pkgrel = 2 url = http://www.openssh.org/portable.html install = install arch = i686 @@ -16,8 +16,8 @@ pkgbase = openssh-selinux depends = libselinux optdepends = xorg-xauth: X11 forwarding optdepends = x11-ssh-askpass: input passphrase in X - provides = openssh=6.8p1-1 - provides = selinux-openssh=6.8p1-1 + provides = openssh=6.8p1-2 + provides = selinux-openssh=6.8p1-2 conflicts = openssh conflicts = selinux-openssh backup = etc/ssh/ssh_config @@ -26,18 +26,22 @@ pkgbase = openssh-selinux source = ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.8p1.tar.gz source = ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.8p1.tar.gz.asc source = error.patch + source = dispatch.patch source = sshdgenkeys.service source = sshd@.service source = sshd.service source = sshd.socket + source = sshd.conf source = sshd.pam sha1sums = cdbc51e46a902b30d263b05fdc71340920e91c92 sha1sums = SKIP sha1sums = 1b6b11efe9b20b9d1e51a59ac4b16eefb1dc84b8 + sha1sums = e629d45e899bbb2b3e702080f37cb40f3dc2b9b4 sha1sums = cc1ceec606c98c7407e7ac21ade23aed81e31405 sha1sums = 6a0ff3305692cf83aca96e10f3bb51e1c26fccda sha1sums = ec49c6beba923e201505f5669cea48cad29014db sha1sums = e12fa910b26a5634e5a6ac39ce1399a132cf6796 + sha1sums = c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f sha1sums = d93dca5ebda4610ff7647187f8928a3de28703f3 pkgname = openssh-selinux @@ -8,7 +8,7 @@ pkgname=openssh-selinux pkgver=6.8p1 -pkgrel=1 +pkgrel=2 pkgdesc='Free version of the SSH connectivity tools with SELinux support' url='http://www.openssh.org/portable.html' license=('custom:BSD') @@ -24,17 +24,21 @@ groups=('selinux') validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30') source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux}-${pkgver}.tar.gz"{,.asc} 'error.patch' + 'dispatch.patch' 'sshdgenkeys.service' 'sshd@.service' 'sshd.service' 'sshd.socket' + 'sshd.conf' 'sshd.pam') sha1sums=('cdbc51e46a902b30d263b05fdc71340920e91c92' 'SKIP' '1b6b11efe9b20b9d1e51a59ac4b16eefb1dc84b8' + 'e629d45e899bbb2b3e702080f37cb40f3dc2b9b4' 'cc1ceec606c98c7407e7ac21ade23aed81e31405' '6a0ff3305692cf83aca96e10f3bb51e1c26fccda' 'ec49c6beba923e201505f5669cea48cad29014db' 'e12fa910b26a5634e5a6ac39ce1399a132cf6796' + 'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f' 'd93dca5ebda4610ff7647187f8928a3de28703f3') backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd') @@ -44,6 +48,7 @@ install=install prepare() { cd "${srcdir}/${pkgname/-selinux}-${pkgver}" patch -p1 -i ../error.patch + patch -p1 -i ../dispatch.patch } build() { @@ -90,6 +95,7 @@ package() { install -Dm644 ../sshd@.service "${pkgdir}"/usr/lib/systemd/system/sshd@.service install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket + install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh diff --git a/dispatch.patch b/dispatch.patch new file mode 100644 index 000000000000..9350d8ff6efd --- /dev/null +++ b/dispatch.patch @@ -0,0 +1,81 @@ +From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001 +From: djm@openbsd.org <djm@openbsd.org> +Date: Fri, 01 May 2015 07:10:01 +0000 +Subject: upstream commit + +refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() + to better report error conditions. Teach sshpkt_fatal() about ECONNRESET. + +Improves error messages on TCP connection resets. bz#2257 + +ok dtucker@ +--- +diff --git a/dispatch.c b/dispatch.c +index afe6182..aac933e 100644 +--- a/dispatch.c ++++ b/dispatch.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */ ++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */ + /* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * +@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done, + { + int r; + +- if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) { +- switch (r) { +- case SSH_ERR_CONN_CLOSED: +- logit("Connection closed by %.200s", +- ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- case SSH_ERR_CONN_TIMEOUT: +- logit("Connection to %.200s timed out while " +- "waiting to read", ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- case SSH_ERR_DISCONNECTED: +- logit("Disconnected from %.200s", +- ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- default: +- fatal("%s: %s", __func__, ssh_err(r)); +- } +- } ++ if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) ++ sshpkt_fatal(ssh, __func__, r); + } +diff --git a/packet.c b/packet.c +index 4922573..a7727ef 100644 +--- a/packet.c ++++ b/packet.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */ ++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */ + /* + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland +@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) + logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh)); + cleanup_exit(255); + case SSH_ERR_CONN_TIMEOUT: +- logit("Connection to %.200s timed out while " +- "waiting to write", ssh_remote_ipaddr(ssh)); ++ logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh)); + cleanup_exit(255); ++ case SSH_ERR_DISCONNECTED: ++ logit("Disconnected from %.200s", ++ ssh_remote_ipaddr(ssh)); ++ cleanup_exit(255); ++ case SSH_ERR_SYSTEM_ERROR: ++ if (errno == ECONNRESET) { ++ logit("Connection reset by %.200s", ++ ssh_remote_ipaddr(ssh)); ++ cleanup_exit(255); ++ } ++ /* FALLTHROUGH */ + default: + fatal("%s%sConnection to %.200s: %s", + tag != NULL ? tag : "", tag != NULL ? ": " : "", +-- +cgit v0.9.2 diff --git a/sshd.conf b/sshd.conf new file mode 100644 index 000000000000..ca2a393542e7 --- /dev/null +++ b/sshd.conf @@ -0,0 +1 @@ +d /var/empty 0755 root root |