[openssh-commits] [openssh] 03/08: upstream: It really looks like pledge "stdio dns" is possible

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 7c025c005550c86a40200a2bcdd355d09413d61a
Author: deraadt at openbsd.org <deraadt at openbsd.org>
Date:   Sat Nov 13 17:26:13 2021 +0000

    upstream: It really looks like pledge "stdio dns" is possible
    
    earlier. Discussed with mestre
    
    OpenBSD-Commit-ID: 610873de63a593e0ac7bbbcb7a0f2894d36f4c01
---
 ssh-keysign.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ssh-keysign.c b/ssh-keysign.c
index 8b3c9a29..6e118592 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.68 2021/11/10 06:25:08 djm Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.69 2021/11/13 17:26:13 deraadt Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -215,6 +215,9 @@ main(int argc, char **argv)
 		fatal("ssh-keysign not enabled in %s",
 		    _PATH_HOST_CONFIG_FILE);
 
+	if (pledge("stdio dns", NULL) != 0)
+		fatal("%s: pledge: %s", __progname, strerror(errno));
+
 	for (i = found = 0; i < NUM_KEYTYPES; i++) {
 		if (key_fd[i] != -1)
 			found = 1;
@@ -240,9 +243,6 @@ main(int argc, char **argv)
 	if (!found)
 		fatal("no hostkey found");
 
-	if (pledge("stdio dns", NULL) != 0)
-		fatal("%s: pledge: %s", __progname, strerror(errno));
-
 	if ((b = sshbuf_new()) == NULL)
 		fatal("%s: sshbuf_new failed", __progname);
 	if (ssh_msg_recv(STDIN_FILENO, b) < 0)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.