diff options
author | semarie@openbsd.org <semarie@openbsd.org> | 2015-12-26 07:46:03 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-01-07 20:13:31 +1100 |
commit | d7d2bc95045a43dd56ea696cc1d030ac9d77e81f (patch) | |
tree | 6b808b8a88af0008df485d5ec8dc4faffa9419ae /mux.c | |
parent | 271df8185d9689b3fb0523f58514481b858f6843 (diff) |
upstream commit
adjust pledge promises for ControlMaster: when using
"ask" or "autoask", the process will use ssh-askpass for asking confirmation.
problem found by halex@
ok halex@
Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
Diffstat (limited to 'mux.c')
-rw-r--r-- | mux.c | 11 |
1 files changed, 4 insertions, 7 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.56 2015/12/03 17:00:18 semarie Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.57 2015/12/26 07:46:03 semarie Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -1851,9 +1851,6 @@ mux_client_request_session(int fd) | |||
1851 | mm_send_fd(fd, STDERR_FILENO) == -1) | 1851 | mm_send_fd(fd, STDERR_FILENO) == -1) |
1852 | fatal("%s: send fds failed", __func__); | 1852 | fatal("%s: send fds failed", __func__); |
1853 | 1853 | ||
1854 | if (pledge("stdio proc tty", NULL) == -1) | ||
1855 | fatal("%s pledge(): %s", __func__, strerror(errno)); | ||
1856 | |||
1857 | debug3("%s: session request sent", __func__); | 1854 | debug3("%s: session request sent", __func__); |
1858 | 1855 | ||
1859 | /* Read their reply */ | 1856 | /* Read their reply */ |
@@ -1892,6 +1889,9 @@ mux_client_request_session(int fd) | |||
1892 | } | 1889 | } |
1893 | muxclient_request_id++; | 1890 | muxclient_request_id++; |
1894 | 1891 | ||
1892 | if (pledge("stdio proc tty", NULL) == -1) | ||
1893 | fatal("%s pledge(): %s", __func__, strerror(errno)); | ||
1894 | |||
1895 | signal(SIGHUP, control_client_sighandler); | 1895 | signal(SIGHUP, control_client_sighandler); |
1896 | signal(SIGINT, control_client_sighandler); | 1896 | signal(SIGINT, control_client_sighandler); |
1897 | signal(SIGTERM, control_client_sighandler); | 1897 | signal(SIGTERM, control_client_sighandler); |
@@ -2165,9 +2165,6 @@ muxclient(const char *path) | |||
2165 | } | 2165 | } |
2166 | set_nonblock(sock); | 2166 | set_nonblock(sock); |
2167 | 2167 | ||
2168 | if (pledge("stdio sendfd proc tty", NULL) == -1) | ||
2169 | fatal("%s pledge(): %s", __func__, strerror(errno)); | ||
2170 | |||
2171 | if (mux_client_hello_exchange(sock) != 0) { | 2168 | if (mux_client_hello_exchange(sock) != 0) { |
2172 | error("%s: master hello exchange failed", __func__); | 2169 | error("%s: master hello exchange failed", __func__); |
2173 | close(sock); | 2170 | close(sock); |