diff options
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/control-persist-close-stderr.patch | 59 | ||||
-rw-r--r-- | debian/patches/series | 1 |
2 files changed, 60 insertions, 0 deletions
diff --git a/debian/patches/control-persist-close-stderr.patch b/debian/patches/control-persist-close-stderr.patch new file mode 100644 index 000000000..f800c0d13 --- /dev/null +++ b/debian/patches/control-persist-close-stderr.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From 751d1f6494fb3ffd75188de7390c28725a5b91a6 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Fri, 29 Apr 2016 08:07:53 +0000 | ||
4 | Subject: upstream commit | ||
5 | |||
6 | close ControlPersist background process stderr when not | ||
7 | in debug mode or when logging to a file or syslog. bz#1988 ok dtucker | ||
8 | |||
9 | Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24 | ||
10 | |||
11 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=d2d6bf864e52af8491a60dd507f85b74361f5da3 | ||
12 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1988 | ||
13 | Bug-Debian: https://bugs.debian.org/714526 | ||
14 | Last-Update: 2016-07-22 | ||
15 | |||
16 | Patch-Name: control-persist-close-stderr.patch | ||
17 | --- | ||
18 | log.c | 2 +- | ||
19 | ssh.c | 6 ++++-- | ||
20 | 2 files changed, 5 insertions(+), 3 deletions(-) | ||
21 | |||
22 | diff --git a/log.c b/log.c | ||
23 | index e68b84a..6c59641 100644 | ||
24 | --- a/log.c | ||
25 | +++ b/log.c | ||
26 | @@ -343,7 +343,7 @@ log_change_level(LogLevel new_log_level) | ||
27 | int | ||
28 | log_is_on_stderr(void) | ||
29 | { | ||
30 | - return log_on_stderr; | ||
31 | + return log_on_stderr && log_stderr_fd == STDERR_FILENO; | ||
32 | } | ||
33 | |||
34 | /* redirect what would usually get written to stderr to specified file */ | ||
35 | diff --git a/ssh.c b/ssh.c | ||
36 | index 314dd52..af39e72 100644 | ||
37 | --- a/ssh.c | ||
38 | +++ b/ssh.c | ||
39 | @@ -1392,7 +1392,7 @@ static void | ||
40 | control_persist_detach(void) | ||
41 | { | ||
42 | pid_t pid; | ||
43 | - int devnull; | ||
44 | + int devnull, keep_stderr; | ||
45 | |||
46 | debug("%s: backgrounding master process", __func__); | ||
47 | |||
48 | @@ -1423,8 +1423,10 @@ control_persist_detach(void) | ||
49 | error("%s: open(\"/dev/null\"): %s", __func__, | ||
50 | strerror(errno)); | ||
51 | } else { | ||
52 | + keep_stderr = log_is_on_stderr() && debug_flag; | ||
53 | if (dup2(devnull, STDIN_FILENO) == -1 || | ||
54 | - dup2(devnull, STDOUT_FILENO) == -1) | ||
55 | + dup2(devnull, STDOUT_FILENO) == -1 || | ||
56 | + (!keep_stderr && dup2(devnull, STDERR_FILENO) == -1)) | ||
57 | error("%s: dup2: %s", __func__, strerror(errno)); | ||
58 | if (devnull > STDERR_FILENO) | ||
59 | close(devnull); | ||
diff --git a/debian/patches/series b/debian/patches/series index 363475c20..d8ea2890b 100644 --- a/debian/patches/series +++ b/debian/patches/series | |||
@@ -30,3 +30,4 @@ unbreak-certificate-auth.patch | |||
30 | CVE-2016-6210-1.patch | 30 | CVE-2016-6210-1.patch |
31 | CVE-2016-6210-2.patch | 31 | CVE-2016-6210-2.patch |
32 | CVE-2016-6210-3.patch | 32 | CVE-2016-6210-3.patch |
33 | control-persist-close-stderr.patch | ||