Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 1681 Details for
Bug 3990
Enhancement request concerning net-misc/openssh
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
/usr/portage/net-misc/openssh/files/openssh-3.2.3_p1.patch
openssh-3.2.3_p1.patch (text/plain), 4.89 KB, created by
phoen][x
on 2002-06-22 00:44:29 UTC
(
hide
)
Description:
/usr/portage/net-misc/openssh/files/openssh-3.2.3_p1.patch
Filename:
MIME Type:
Creator:
phoen][x
Created:
2002-06-22 00:44:29 UTC
Size:
4.89 KB
patch
obsolete
>diff -rcb openssh-3.2.3p1/channels.c openssh-3.2.3p1-patched/channels.c >*** openssh-3.2.3p1/channels.c Tue Apr 23 13:09:46 2002 >--- openssh-3.2.3p1-patched/channels.c Fri Jun 21 20:09:14 2002 >*************** >*** 2743,2749 **** > /* Allocate a buffer for the socket name, and format the name. */ > auth_sock_name = xmalloc(MAXPATHLEN); > auth_sock_dir = xmalloc(MAXPATHLEN); >! strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); > > /* Create private directory for socket */ > if (mkdtemp(auth_sock_dir) == NULL) { >--- 2743,2749 ---- > /* Allocate a buffer for the socket name, and format the name. */ > auth_sock_name = xmalloc(MAXPATHLEN); > auth_sock_dir = xmalloc(MAXPATHLEN); >! strlcpy(auth_sock_dir, "/var/run/ssh-XXXXXXXX", MAXPATHLEN); > > /* Create private directory for socket */ > if (mkdtemp(auth_sock_dir) == NULL) { >diff -rcb openssh-3.2.3p1/ssh-agent.0 openssh-3.2.3p1-patched/ssh-agent.0 >*** openssh-3.2.3p1/ssh-agent.0 Wed May 22 07:11:10 2002 >--- openssh-3.2.3p1-patched/ssh-agent.0 Fri Jun 21 20:10:01 2002 >*************** >*** 61,67 **** > agent, and the result will be returned to the requester. This way, priM-- > vate keys are not exposed to clients using the agent. > >! A unix-domain socket is created (/tmp/ssh-XXXXXXXX/agent.<pid>), and the > name of this socket is stored in the SSH_AUTH_SOCK environment variable. > The socket is made accessible only to the current user. This method is > easily abused by root or another instance of the same user. >--- 61,67 ---- > agent, and the result will be returned to the requester. This way, priM-- > vate keys are not exposed to clients using the agent. > >! A unix-domain socket is created (/var/run/ssh-XXXXXXXX/agent.<pid>), and the > name of this socket is stored in the SSH_AUTH_SOCK environment variable. > The socket is made accessible only to the current user. This method is > easily abused by root or another instance of the same user. >*************** >*** 84,90 **** > Contains the protocol version 2 RSA authentication identity of > the user. > >! /tmp/ssh-XXXXXXXX/agent.<pid> > Unix-domain sockets used to contain the connection to the authenM-- > tication agent. These sockets should only be readable by the > owner. The sockets should get automatically removed when the >--- 84,90 ---- > Contains the protocol version 2 RSA authentication identity of > the user. > >! /var/run/ssh-XXXXXXXX/agent.<pid> > Unix-domain sockets used to contain the connection to the authenM-- > tication agent. These sockets should only be readable by the > owner. The sockets should get automatically removed when the >diff -rcb openssh-3.2.3p1/ssh-agent.1 openssh-3.2.3p1-patched/ssh-agent.1 >*** openssh-3.2.3p1/ssh-agent.1 Fri Feb 8 12:02:17 2002 >--- openssh-3.2.3p1-patched/ssh-agent.1 Fri Jun 21 20:10:15 2002 >*************** >*** 135,141 **** > This way, private keys are not exposed to clients using the agent. > .Pp > A unix-domain socket is created >! .Pq Pa /tmp/ssh-XXXXXXXX/agent.<pid> , > and the name of this socket is stored in the > .Ev SSH_AUTH_SOCK > environment >--- 135,141 ---- > This way, private keys are not exposed to clients using the agent. > .Pp > A unix-domain socket is created >! .Pq Pa /var/run/ssh-XXXXXXXX/agent.<pid> , > and the name of this socket is stored in the > .Ev SSH_AUTH_SOCK > environment >*************** >*** 158,164 **** > Contains the protocol version 2 DSA authentication identity of the user. > .It Pa $HOME/.ssh/id_rsa > Contains the protocol version 2 RSA authentication identity of the user. >! .It Pa /tmp/ssh-XXXXXXXX/agent.<pid> > Unix-domain sockets used to contain the connection to the > authentication agent. > These sockets should only be readable by the owner. >--- 158,164 ---- > Contains the protocol version 2 DSA authentication identity of the user. > .It Pa $HOME/.ssh/id_rsa > Contains the protocol version 2 RSA authentication identity of the user. >! .It Pa /var/run/ssh-XXXXXXXX/agent.<pid> > Unix-domain sockets used to contain the connection to the > authentication agent. > These sockets should only be readable by the owner. >diff -rcb openssh-3.2.3p1/ssh-agent.c openssh-3.2.3p1-patched/ssh-agent.c >*** openssh-3.2.3p1/ssh-agent.c Fri Apr 5 22:23:37 2002 >--- openssh-3.2.3p1-patched/ssh-agent.c Fri Jun 21 20:10:23 2002 >*************** >*** 893,899 **** > parent_pid = getpid(); > > /* Create private directory for agent socket */ >! strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir); > if (mkdtemp(socket_dir) == NULL) { > perror("mkdtemp: private socket dir"); > exit(1); >--- 893,899 ---- > parent_pid = getpid(); > > /* Create private directory for agent socket */ >! strlcpy(socket_dir, "/var/run/ssh-XXXXXXXX", sizeof socket_dir); > if (mkdtemp(socket_dir) == NULL) { > perror("mkdtemp: private socket dir"); > exit(1); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1681">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3990
: 1681
