[openssh-commits] [openssh] 02/04: upstream: don't try to resolve ListenAddress directives in the sshd
git+noreply at mindrot.org
git+noreply at mindrot.org
Sun Mar 20 19:54:52 AEDT 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 731087d2619fa7f01e675b23f57af10d745e8af2
Author: djm at openbsd.org <djm at openbsd.org>
Date: Fri Mar 18 04:04:11 2022 +0000
upstream: don't try to resolve ListenAddress directives in the sshd
re-exec path - we're never going to use the result and if the operation fails
then it can prevent connections from being accepted. Reported by Aaron
Poffenberger; with / ok dtucker@
OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
---
servconf.c | 9 +++++----
servconf.h | 4 ++--
sshd.c | 4 ++--
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/servconf.c b/servconf.c
index 90316962..9d9681f1 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.383 2022/02/08 08:59:12 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.384 2022/03/18 04:04:11 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -2520,7 +2520,7 @@ parse_server_match_config(ServerOptions *options,
initialize_server_options(&mo);
parse_server_config(&mo, "reprocess config", cfg, includes,
- connectinfo);
+ connectinfo, 0);
copy_set_server_options(options, &mo, 0);
}
@@ -2698,12 +2698,13 @@ parse_server_config_depth(ServerOptions *options, const char *filename,
void
parse_server_config(ServerOptions *options, const char *filename,
struct sshbuf *conf, struct include_list *includes,
- struct connection_info *connectinfo)
+ struct connection_info *connectinfo, int reexec)
{
int active = connectinfo ? 0 : 1;
parse_server_config_depth(options, filename, conf, includes,
connectinfo, (connectinfo ? SSHCFG_MATCH_ONLY : 0), &active, 0);
- process_queued_listen_addrs(options);
+ if (!reexec)
+ process_queued_listen_addrs(options);
}
static const char *
diff --git a/servconf.h b/servconf.h
index dd5cbc15..8a04463e 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.155 2021/07/02 05:11:21 dtucker Exp $ */
+/* $OpenBSD: servconf.h,v 1.156 2022/03/18 04:04:11 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -297,7 +297,7 @@ int process_server_config_line(ServerOptions *, char *, const char *, int,
void process_permitopen(struct ssh *ssh, ServerOptions *options);
void load_server_config(const char *, struct sshbuf *);
void parse_server_config(ServerOptions *, const char *, struct sshbuf *,
- struct include_list *includes, struct connection_info *);
+ struct include_list *includes, struct connection_info *, int);
void parse_server_match_config(ServerOptions *,
struct include_list *includes, struct connection_info *);
int parse_server_match_testspec(struct connection_info *, char *);
diff --git a/sshd.c b/sshd.c
index 30aeb806..0ee65b54 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.584 2022/03/01 01:59:19 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.585 2022/03/18 04:04:11 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1749,7 +1749,7 @@ main(int ac, char **av)
load_server_config(config_file_name, cfg);
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
- cfg, &includes, NULL);
+ cfg, &includes, NULL, rexeced_flag);
#ifdef WITH_OPENSSL
if (options.moduli_file != NULL)
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list