diff options
author | Colin Watson <cjwatson@debian.org> | 2016-07-22 14:36:32 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-07-22 14:37:21 +0100 |
commit | 4e620d6d9ebe0eda9ceddb28134d1fc465dd925c (patch) | |
tree | 49d0d071456b5cf98beef530c365a873c676519b | |
parent | eb0633f934e5bd9d4d0c5ed9bd0b54951b8d9323 (diff) | |
parent | 751d1f6494fb3ffd75188de7390c28725a5b91a6 (diff) |
Backport upstream patch to close ControlPersist background process stderr when not in debug mode or when logging to a file or syslog (closes: #714526).
-rw-r--r-- | debian/.git-dpm | 4 | ||||
-rw-r--r-- | debian/changelog | 3 | ||||
-rw-r--r-- | debian/patches/control-persist-close-stderr.patch | 59 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rw-r--r-- | log.c | 2 | ||||
-rw-r--r-- | ssh.c | 6 |
6 files changed, 70 insertions, 5 deletions
diff --git a/debian/.git-dpm b/debian/.git-dpm index 8da19debc..782b862df 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm | |||
@@ -1,6 +1,6 @@ | |||
1 | # see git-dpm(1) from git-dpm package | 1 | # see git-dpm(1) from git-dpm package |
2 | abde8dda29c2db2405d6fbca2fe022430e2c1177 | 2 | 751d1f6494fb3ffd75188de7390c28725a5b91a6 |
3 | abde8dda29c2db2405d6fbca2fe022430e2c1177 | 3 | 751d1f6494fb3ffd75188de7390c28725a5b91a6 |
4 | f0329aac23c61e1a5197d6d57349a63f459bccb0 | 4 | f0329aac23c61e1a5197d6d57349a63f459bccb0 |
5 | f0329aac23c61e1a5197d6d57349a63f459bccb0 | 5 | f0329aac23c61e1a5197d6d57349a63f459bccb0 |
6 | openssh_7.2p2.orig.tar.gz | 6 | openssh_7.2p2.orig.tar.gz |
diff --git a/debian/changelog b/debian/changelog index 5aa526a6a..1e1229042 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -11,6 +11,9 @@ openssh (1:7.2p2-6) UNRELEASED; urgency=medium | |||
11 | LP #1588457). | 11 | LP #1588457). |
12 | * CVE-2016-6210: Mitigate user enumeration via covert timing channel | 12 | * CVE-2016-6210: Mitigate user enumeration via covert timing channel |
13 | (closes: #831902). | 13 | (closes: #831902). |
14 | * Backport upstream patch to close ControlPersist background process | ||
15 | stderr when not in debug mode or when logging to a file or syslog | ||
16 | (closes: #714526). | ||
14 | 17 | ||
15 | -- Colin Watson <cjwatson@debian.org> Sat, 30 Apr 2016 11:29:20 +0100 | 18 | -- Colin Watson <cjwatson@debian.org> Sat, 30 Apr 2016 11:29:20 +0100 |
16 | 19 | ||
diff --git a/debian/patches/control-persist-close-stderr.patch b/debian/patches/control-persist-close-stderr.patch new file mode 100644 index 000000000..f800c0d13 --- /dev/null +++ b/debian/patches/control-persist-close-stderr.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From 751d1f6494fb3ffd75188de7390c28725a5b91a6 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Fri, 29 Apr 2016 08:07:53 +0000 | ||
4 | Subject: upstream commit | ||
5 | |||
6 | close ControlPersist background process stderr when not | ||
7 | in debug mode or when logging to a file or syslog. bz#1988 ok dtucker | ||
8 | |||
9 | Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24 | ||
10 | |||
11 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=d2d6bf864e52af8491a60dd507f85b74361f5da3 | ||
12 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1988 | ||
13 | Bug-Debian: https://bugs.debian.org/714526 | ||
14 | Last-Update: 2016-07-22 | ||
15 | |||
16 | Patch-Name: control-persist-close-stderr.patch | ||
17 | --- | ||
18 | log.c | 2 +- | ||
19 | ssh.c | 6 ++++-- | ||
20 | 2 files changed, 5 insertions(+), 3 deletions(-) | ||
21 | |||
22 | diff --git a/log.c b/log.c | ||
23 | index e68b84a..6c59641 100644 | ||
24 | --- a/log.c | ||
25 | +++ b/log.c | ||
26 | @@ -343,7 +343,7 @@ log_change_level(LogLevel new_log_level) | ||
27 | int | ||
28 | log_is_on_stderr(void) | ||
29 | { | ||
30 | - return log_on_stderr; | ||
31 | + return log_on_stderr && log_stderr_fd == STDERR_FILENO; | ||
32 | } | ||
33 | |||
34 | /* redirect what would usually get written to stderr to specified file */ | ||
35 | diff --git a/ssh.c b/ssh.c | ||
36 | index 314dd52..af39e72 100644 | ||
37 | --- a/ssh.c | ||
38 | +++ b/ssh.c | ||
39 | @@ -1392,7 +1392,7 @@ static void | ||
40 | control_persist_detach(void) | ||
41 | { | ||
42 | pid_t pid; | ||
43 | - int devnull; | ||
44 | + int devnull, keep_stderr; | ||
45 | |||
46 | debug("%s: backgrounding master process", __func__); | ||
47 | |||
48 | @@ -1423,8 +1423,10 @@ control_persist_detach(void) | ||
49 | error("%s: open(\"/dev/null\"): %s", __func__, | ||
50 | strerror(errno)); | ||
51 | } else { | ||
52 | + keep_stderr = log_is_on_stderr() && debug_flag; | ||
53 | if (dup2(devnull, STDIN_FILENO) == -1 || | ||
54 | - dup2(devnull, STDOUT_FILENO) == -1) | ||
55 | + dup2(devnull, STDOUT_FILENO) == -1 || | ||
56 | + (!keep_stderr && dup2(devnull, STDERR_FILENO) == -1)) | ||
57 | error("%s: dup2: %s", __func__, strerror(errno)); | ||
58 | if (devnull > STDERR_FILENO) | ||
59 | close(devnull); | ||
diff --git a/debian/patches/series b/debian/patches/series index 363475c20..d8ea2890b 100644 --- a/debian/patches/series +++ b/debian/patches/series | |||
@@ -30,3 +30,4 @@ unbreak-certificate-auth.patch | |||
30 | CVE-2016-6210-1.patch | 30 | CVE-2016-6210-1.patch |
31 | CVE-2016-6210-2.patch | 31 | CVE-2016-6210-2.patch |
32 | CVE-2016-6210-3.patch | 32 | CVE-2016-6210-3.patch |
33 | control-persist-close-stderr.patch | ||
@@ -343,7 +343,7 @@ log_change_level(LogLevel new_log_level) | |||
343 | int | 343 | int |
344 | log_is_on_stderr(void) | 344 | log_is_on_stderr(void) |
345 | { | 345 | { |
346 | return log_on_stderr; | 346 | return log_on_stderr && log_stderr_fd == STDERR_FILENO; |
347 | } | 347 | } |
348 | 348 | ||
349 | /* redirect what would usually get written to stderr to specified file */ | 349 | /* redirect what would usually get written to stderr to specified file */ |
@@ -1392,7 +1392,7 @@ static void | |||
1392 | control_persist_detach(void) | 1392 | control_persist_detach(void) |
1393 | { | 1393 | { |
1394 | pid_t pid; | 1394 | pid_t pid; |
1395 | int devnull; | 1395 | int devnull, keep_stderr; |
1396 | 1396 | ||
1397 | debug("%s: backgrounding master process", __func__); | 1397 | debug("%s: backgrounding master process", __func__); |
1398 | 1398 | ||
@@ -1423,8 +1423,10 @@ control_persist_detach(void) | |||
1423 | error("%s: open(\"/dev/null\"): %s", __func__, | 1423 | error("%s: open(\"/dev/null\"): %s", __func__, |
1424 | strerror(errno)); | 1424 | strerror(errno)); |
1425 | } else { | 1425 | } else { |
1426 | keep_stderr = log_is_on_stderr() && debug_flag; | ||
1426 | if (dup2(devnull, STDIN_FILENO) == -1 || | 1427 | if (dup2(devnull, STDIN_FILENO) == -1 || |
1427 | dup2(devnull, STDOUT_FILENO) == -1) | 1428 | dup2(devnull, STDOUT_FILENO) == -1 || |
1429 | (!keep_stderr && dup2(devnull, STDERR_FILENO) == -1)) | ||
1428 | error("%s: dup2: %s", __func__, strerror(errno)); | 1430 | error("%s: dup2: %s", __func__, strerror(errno)); |
1429 | if (devnull > STDERR_FILENO) | 1431 | if (devnull > STDERR_FILENO) |
1430 | close(devnull); | 1432 | close(devnull); |