Date: Wednesday, July 1, 2015 @ 07:23:35 Author: bisson Revision: 241659
archrelease: copy trunk to testing-i686, testing-x86_64 Added: openssh/repos/testing-i686/ openssh/repos/testing-i686/PKGBUILD (from rev 241658, openssh/trunk/PKGBUILD) openssh/repos/testing-i686/dispatch.patch (from rev 241658, openssh/trunk/dispatch.patch) openssh/repos/testing-i686/error.patch (from rev 241658, openssh/trunk/error.patch) openssh/repos/testing-i686/install (from rev 241658, openssh/trunk/install) openssh/repos/testing-i686/sshd.conf (from rev 241658, openssh/trunk/sshd.conf) openssh/repos/testing-i686/sshd.pam (from rev 241658, openssh/trunk/sshd.pam) openssh/repos/testing-i686/sshd.service (from rev 241658, openssh/trunk/sshd.service) openssh/repos/testing-i686/sshd.socket (from rev 241658, openssh/trunk/sshd.socket) openssh/repos/testing-i686/sshd@.service (from rev 241658, openssh/trunk/sshd@.service) openssh/repos/testing-i686/sshdgenkeys.service (from rev 241658, openssh/trunk/sshdgenkeys.service) openssh/repos/testing-x86_64/ openssh/repos/testing-x86_64/PKGBUILD (from rev 241658, openssh/trunk/PKGBUILD) openssh/repos/testing-x86_64/dispatch.patch (from rev 241658, openssh/trunk/dispatch.patch) openssh/repos/testing-x86_64/error.patch (from rev 241658, openssh/trunk/error.patch) openssh/repos/testing-x86_64/install (from rev 241658, openssh/trunk/install) openssh/repos/testing-x86_64/sshd.conf (from rev 241658, openssh/trunk/sshd.conf) openssh/repos/testing-x86_64/sshd.pam (from rev 241658, openssh/trunk/sshd.pam) openssh/repos/testing-x86_64/sshd.service (from rev 241658, openssh/trunk/sshd.service) openssh/repos/testing-x86_64/sshd.socket (from rev 241658, openssh/trunk/sshd.socket) openssh/repos/testing-x86_64/sshd@.service (from rev 241658, openssh/trunk/sshd@.service) openssh/repos/testing-x86_64/sshdgenkeys.service (from rev 241658, openssh/trunk/sshdgenkeys.service) ------------------------------------+ testing-i686/PKGBUILD | 92 +++++++++++++++++++++++++++++++++++ testing-i686/dispatch.patch | 81 ++++++++++++++++++++++++++++++ testing-i686/error.patch | 25 +++++++++ testing-i686/install | 10 +++ testing-i686/sshd.conf | 1 testing-i686/sshd.pam | 6 ++ testing-i686/sshd.service | 17 ++++++ testing-i686/sshd.socket | 10 +++ testing-i686/sshd@.service | 8 +++ testing-i686/sshdgenkeys.service | 17 ++++++ testing-x86_64/PKGBUILD | 92 +++++++++++++++++++++++++++++++++++ testing-x86_64/dispatch.patch | 81 ++++++++++++++++++++++++++++++ testing-x86_64/error.patch | 25 +++++++++ testing-x86_64/install | 10 +++ testing-x86_64/sshd.conf | 1 testing-x86_64/sshd.pam | 6 ++ testing-x86_64/sshd.service | 17 ++++++ testing-x86_64/sshd.socket | 10 +++ testing-x86_64/sshd@.service | 8 +++ testing-x86_64/sshdgenkeys.service | 17 ++++++ 20 files changed, 534 insertions(+) Copied: openssh/repos/testing-i686/PKGBUILD (from rev 241658, openssh/trunk/PKGBUILD) =================================================================== --- testing-i686/PKGBUILD (rev 0) +++ testing-i686/PKGBUILD 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,92 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Aaron Griffin <aa...@archlinux.org> +# Contributor: judd <jvi...@zeroflux.org> + +pkgname=openssh +pkgver=6.9p1 +pkgrel=1 +pkgdesc='Free version of the SSH connectivity tools' +url='http://www.openssh.org/portable.html' +license=('custom:BSD') +arch=('i686' 'x86_64') +makedepends=('linux-headers') +depends=('krb5' 'openssl' 'libedit' 'ldns') +optdepends=('xorg-xauth: X11 forwarding' + 'x11-ssh-askpass: input passphrase in X') +validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30') +source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc} + 'sshdgenkeys.service' + 'sshd@.service' + 'sshd.service' + 'sshd.socket' + 'sshd.conf' + 'sshd.pam') +sha1sums=('86ab57f00d0fd9bf302760f2f6deac1b6e9df265' 'SKIP' + 'cc1ceec606c98c7407e7ac21ade23aed81e31405' + '6a0ff3305692cf83aca96e10f3bb51e1c26fccda' + 'ec49c6beba923e201505f5669cea48cad29014db' + 'e12fa910b26a5634e5a6ac39ce1399a132cf6796' + 'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f' + 'd93dca5ebda4610ff7647187f8928a3de28703f3') + +backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd') + +install=install + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + ./configure \ + --prefix=/usr \ + --sbindir=/usr/bin \ + --libexecdir=/usr/lib/ssh \ + --sysconfdir=/etc/ssh \ + --with-ldns \ + --with-libedit \ + --with-ssl-engine \ + --with-pam \ + --with-privsep-user=nobody \ + --with-kerberos5=/usr \ + --with-xauth=/usr/bin/xauth \ + --with-mantype=man \ + --with-md5-passwords \ + --with-pid-dir=/run \ + + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + + make tests || true + # hard to suitably test connectivity: + # - fails with /bin/false as login shell + # - fails with firewall activated, etc. +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + + make DESTDIR="${pkgdir}" install + + ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz + install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE" + + install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service + install -Dm644 ../sshd@.service "${pkgdir}"/usr/lib/systemd/system/sshd@.service + install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service + install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket + install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf + install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd + + install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh + install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id + install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1 + + sed \ + -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \ + -e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \ + -e '/^#UsePAM no$/c UsePAM yes' \ + -i "${pkgdir}"/etc/ssh/sshd_config +} Copied: openssh/repos/testing-i686/dispatch.patch (from rev 241658, openssh/trunk/dispatch.patch) =================================================================== --- testing-i686/dispatch.patch (rev 0) +++ testing-i686/dispatch.patch 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,81 @@ +From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001 +From: d...@openbsd.org <d...@openbsd.org> +Date: Fri, 01 May 2015 07:10:01 +0000 +Subject: upstream commit + +refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() + to better report error conditions. Teach sshpkt_fatal() about ECONNRESET. + +Improves error messages on TCP connection resets. bz#2257 + +ok dtucker@ +--- +diff --git a/dispatch.c b/dispatch.c +index afe6182..aac933e 100644 +--- a/dispatch.c ++++ b/dispatch.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */ ++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */ + /* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * +@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done, + { + int r; + +- if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) { +- switch (r) { +- case SSH_ERR_CONN_CLOSED: +- logit("Connection closed by %.200s", +- ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- case SSH_ERR_CONN_TIMEOUT: +- logit("Connection to %.200s timed out while " +- "waiting to read", ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- case SSH_ERR_DISCONNECTED: +- logit("Disconnected from %.200s", +- ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- default: +- fatal("%s: %s", __func__, ssh_err(r)); +- } +- } ++ if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) ++ sshpkt_fatal(ssh, __func__, r); + } +diff --git a/packet.c b/packet.c +index 4922573..a7727ef 100644 +--- a/packet.c ++++ b/packet.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */ ++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */ + /* + * Author: Tatu Ylonen <y...@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <y...@cs.hut.fi>, Espoo, Finland +@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) + logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh)); + cleanup_exit(255); + case SSH_ERR_CONN_TIMEOUT: +- logit("Connection to %.200s timed out while " +- "waiting to write", ssh_remote_ipaddr(ssh)); ++ logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh)); + cleanup_exit(255); ++ case SSH_ERR_DISCONNECTED: ++ logit("Disconnected from %.200s", ++ ssh_remote_ipaddr(ssh)); ++ cleanup_exit(255); ++ case SSH_ERR_SYSTEM_ERROR: ++ if (errno == ECONNRESET) { ++ logit("Connection reset by %.200s", ++ ssh_remote_ipaddr(ssh)); ++ cleanup_exit(255); ++ } ++ /* FALLTHROUGH */ + default: + fatal("%s%sConnection to %.200s: %s", + tag != NULL ? tag : "", tag != NULL ? ": " : "", +-- +cgit v0.9.2 Copied: openssh/repos/testing-i686/error.patch (from rev 241658, openssh/trunk/error.patch) =================================================================== --- testing-i686/error.patch (rev 0) +++ testing-i686/error.patch 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,25 @@ +From 4d24b3b6a4a6383e05e7da26d183b79fa8663697 Mon Sep 17 00:00:00 2001 +From: Damien Miller <d...@mindrot.org> +Date: Thu, 19 Mar 2015 22:11:59 +0000 +Subject: remove error() accidentally inserted for debugging + +pointed out by Christian Hesse +--- +diff --git a/monitor_wrap.c b/monitor_wrap.c +index b379f05..d39d491 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -153,10 +153,8 @@ mm_request_receive(int sock, Buffer *m) + debug3("%s entering", __func__); + + if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { +- if (errno == EPIPE) { +- error("%s: socket closed", __func__); ++ if (errno == EPIPE) + cleanup_exit(255); +- } + fatal("%s: read: %s", __func__, strerror(errno)); + } + msg_len = get_u32(buf); +-- +cgit v0.9.2 Copied: openssh/repos/testing-i686/install (from rev 241658, openssh/trunk/install) =================================================================== --- testing-i686/install (rev 0) +++ testing-i686/install 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,10 @@ +post_upgrade() { + if [[ $(vercmp $2 6.2p2) = -1 ]]; then + cat <<EOF + +==> The sshd daemon has been moved to /usr/bin alongside all binaries. +==> Please update this path in your scripts if applicable. + +EOF + fi +} Copied: openssh/repos/testing-i686/sshd.conf (from rev 241658, openssh/trunk/sshd.conf) =================================================================== --- testing-i686/sshd.conf (rev 0) +++ testing-i686/sshd.conf 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1 @@ +d /var/empty 0755 root root Copied: openssh/repos/testing-i686/sshd.pam (from rev 241658, openssh/trunk/sshd.pam) =================================================================== --- testing-i686/sshd.pam (rev 0) +++ testing-i686/sshd.pam 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,6 @@ +#%PAM-1.0 +#auth required pam_securetty.so #disable remote root +auth include system-remote-login +account include system-remote-login +password include system-remote-login +session include system-remote-login Copied: openssh/repos/testing-i686/sshd.service (from rev 241658, openssh/trunk/sshd.service) =================================================================== --- testing-i686/sshd.service (rev 0) +++ testing-i686/sshd.service 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,17 @@ +[Unit] +Description=OpenSSH Daemon +Wants=sshdgenkeys.service +After=sshdgenkeys.service +After=network.target + +[Service] +ExecStart=/usr/bin/sshd -D +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process +Restart=always + +[Install] +WantedBy=multi-user.target + +# This service file runs an SSH daemon that forks for each incoming connection. +# If you prefer to spawn on-demand daemons, use sshd.socket and sshd@.service. Copied: openssh/repos/testing-i686/sshd.socket (from rev 241658, openssh/trunk/sshd.socket) =================================================================== --- testing-i686/sshd.socket (rev 0) +++ testing-i686/sshd.socket 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,10 @@ +[Unit] +Conflicts=sshd.service +Wants=sshdgenkeys.service + +[Socket] +ListenStream=22 +Accept=yes + +[Install] +WantedBy=sockets.target Copied: openssh/repos/testing-i686/sshd@.service (from rev 241658, openssh/trunk/sshd@.service) =================================================================== --- testing-i686/sshd@.service (rev 0) +++ testing-i686/sshd@.service 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,8 @@ +[Unit] +Description=OpenSSH Per-Connection Daemon +After=sshdgenkeys.service + +[Service] +ExecStart=-/usr/bin/sshd -i +StandardInput=socket +StandardError=syslog Copied: openssh/repos/testing-i686/sshdgenkeys.service (from rev 241658, openssh/trunk/sshdgenkeys.service) =================================================================== --- testing-i686/sshdgenkeys.service (rev 0) +++ testing-i686/sshdgenkeys.service 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,17 @@ +[Unit] +Description=SSH Key Generation +ConditionPathExists=|!/etc/ssh/ssh_host_key +ConditionPathExists=|!/etc/ssh/ssh_host_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key +ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub + +[Service] +ExecStart=/usr/bin/ssh-keygen -A +Type=oneshot +RemainAfterExit=yes Copied: openssh/repos/testing-x86_64/PKGBUILD (from rev 241658, openssh/trunk/PKGBUILD) =================================================================== --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,92 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Aaron Griffin <aa...@archlinux.org> +# Contributor: judd <jvi...@zeroflux.org> + +pkgname=openssh +pkgver=6.9p1 +pkgrel=1 +pkgdesc='Free version of the SSH connectivity tools' +url='http://www.openssh.org/portable.html' +license=('custom:BSD') +arch=('i686' 'x86_64') +makedepends=('linux-headers') +depends=('krb5' 'openssl' 'libedit' 'ldns') +optdepends=('xorg-xauth: X11 forwarding' + 'x11-ssh-askpass: input passphrase in X') +validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30') +source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc} + 'sshdgenkeys.service' + 'sshd@.service' + 'sshd.service' + 'sshd.socket' + 'sshd.conf' + 'sshd.pam') +sha1sums=('86ab57f00d0fd9bf302760f2f6deac1b6e9df265' 'SKIP' + 'cc1ceec606c98c7407e7ac21ade23aed81e31405' + '6a0ff3305692cf83aca96e10f3bb51e1c26fccda' + 'ec49c6beba923e201505f5669cea48cad29014db' + 'e12fa910b26a5634e5a6ac39ce1399a132cf6796' + 'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f' + 'd93dca5ebda4610ff7647187f8928a3de28703f3') + +backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd') + +install=install + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + ./configure \ + --prefix=/usr \ + --sbindir=/usr/bin \ + --libexecdir=/usr/lib/ssh \ + --sysconfdir=/etc/ssh \ + --with-ldns \ + --with-libedit \ + --with-ssl-engine \ + --with-pam \ + --with-privsep-user=nobody \ + --with-kerberos5=/usr \ + --with-xauth=/usr/bin/xauth \ + --with-mantype=man \ + --with-md5-passwords \ + --with-pid-dir=/run \ + + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + + make tests || true + # hard to suitably test connectivity: + # - fails with /bin/false as login shell + # - fails with firewall activated, etc. +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + + make DESTDIR="${pkgdir}" install + + ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz + install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE" + + install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service + install -Dm644 ../sshd@.service "${pkgdir}"/usr/lib/systemd/system/sshd@.service + install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service + install -Dm644 ../sshd.socket "${pkgdir}"/usr/lib/systemd/system/sshd.socket + install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf + install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd + + install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh + install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id + install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1 + + sed \ + -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \ + -e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \ + -e '/^#UsePAM no$/c UsePAM yes' \ + -i "${pkgdir}"/etc/ssh/sshd_config +} Copied: openssh/repos/testing-x86_64/dispatch.patch (from rev 241658, openssh/trunk/dispatch.patch) =================================================================== --- testing-x86_64/dispatch.patch (rev 0) +++ testing-x86_64/dispatch.patch 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,81 @@ +From 639d6bc57b1942393ed12fb48f00bc05d4e093e4 Mon Sep 17 00:00:00 2001 +From: d...@openbsd.org <d...@openbsd.org> +Date: Fri, 01 May 2015 07:10:01 +0000 +Subject: upstream commit + +refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() + to better report error conditions. Teach sshpkt_fatal() about ECONNRESET. + +Improves error messages on TCP connection resets. bz#2257 + +ok dtucker@ +--- +diff --git a/dispatch.c b/dispatch.c +index afe6182..aac933e 100644 +--- a/dispatch.c ++++ b/dispatch.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */ ++/* $OpenBSD: dispatch.c,v 1.27 2015/05/01 07:10:01 djm Exp $ */ + /* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * +@@ -137,22 +137,6 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done, + { + int r; + +- if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) { +- switch (r) { +- case SSH_ERR_CONN_CLOSED: +- logit("Connection closed by %.200s", +- ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- case SSH_ERR_CONN_TIMEOUT: +- logit("Connection to %.200s timed out while " +- "waiting to read", ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- case SSH_ERR_DISCONNECTED: +- logit("Disconnected from %.200s", +- ssh_remote_ipaddr(ssh)); +- cleanup_exit(255); +- default: +- fatal("%s: %s", __func__, ssh_err(r)); +- } +- } ++ if ((r = ssh_dispatch_run(ssh, mode, done, ctxt)) != 0) ++ sshpkt_fatal(ssh, __func__, r); + } +diff --git a/packet.c b/packet.c +index 4922573..a7727ef 100644 +--- a/packet.c ++++ b/packet.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */ ++/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */ + /* + * Author: Tatu Ylonen <y...@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <y...@cs.hut.fi>, Espoo, Finland +@@ -1920,9 +1920,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) + logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh)); + cleanup_exit(255); + case SSH_ERR_CONN_TIMEOUT: +- logit("Connection to %.200s timed out while " +- "waiting to write", ssh_remote_ipaddr(ssh)); ++ logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh)); + cleanup_exit(255); ++ case SSH_ERR_DISCONNECTED: ++ logit("Disconnected from %.200s", ++ ssh_remote_ipaddr(ssh)); ++ cleanup_exit(255); ++ case SSH_ERR_SYSTEM_ERROR: ++ if (errno == ECONNRESET) { ++ logit("Connection reset by %.200s", ++ ssh_remote_ipaddr(ssh)); ++ cleanup_exit(255); ++ } ++ /* FALLTHROUGH */ + default: + fatal("%s%sConnection to %.200s: %s", + tag != NULL ? tag : "", tag != NULL ? ": " : "", +-- +cgit v0.9.2 Copied: openssh/repos/testing-x86_64/error.patch (from rev 241658, openssh/trunk/error.patch) =================================================================== --- testing-x86_64/error.patch (rev 0) +++ testing-x86_64/error.patch 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,25 @@ +From 4d24b3b6a4a6383e05e7da26d183b79fa8663697 Mon Sep 17 00:00:00 2001 +From: Damien Miller <d...@mindrot.org> +Date: Thu, 19 Mar 2015 22:11:59 +0000 +Subject: remove error() accidentally inserted for debugging + +pointed out by Christian Hesse +--- +diff --git a/monitor_wrap.c b/monitor_wrap.c +index b379f05..d39d491 100644 +--- a/monitor_wrap.c ++++ b/monitor_wrap.c +@@ -153,10 +153,8 @@ mm_request_receive(int sock, Buffer *m) + debug3("%s entering", __func__); + + if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { +- if (errno == EPIPE) { +- error("%s: socket closed", __func__); ++ if (errno == EPIPE) + cleanup_exit(255); +- } + fatal("%s: read: %s", __func__, strerror(errno)); + } + msg_len = get_u32(buf); +-- +cgit v0.9.2 Copied: openssh/repos/testing-x86_64/install (from rev 241658, openssh/trunk/install) =================================================================== --- testing-x86_64/install (rev 0) +++ testing-x86_64/install 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,10 @@ +post_upgrade() { + if [[ $(vercmp $2 6.2p2) = -1 ]]; then + cat <<EOF + +==> The sshd daemon has been moved to /usr/bin alongside all binaries. +==> Please update this path in your scripts if applicable. + +EOF + fi +} Copied: openssh/repos/testing-x86_64/sshd.conf (from rev 241658, openssh/trunk/sshd.conf) =================================================================== --- testing-x86_64/sshd.conf (rev 0) +++ testing-x86_64/sshd.conf 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1 @@ +d /var/empty 0755 root root Copied: openssh/repos/testing-x86_64/sshd.pam (from rev 241658, openssh/trunk/sshd.pam) =================================================================== --- testing-x86_64/sshd.pam (rev 0) +++ testing-x86_64/sshd.pam 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,6 @@ +#%PAM-1.0 +#auth required pam_securetty.so #disable remote root +auth include system-remote-login +account include system-remote-login +password include system-remote-login +session include system-remote-login Copied: openssh/repos/testing-x86_64/sshd.service (from rev 241658, openssh/trunk/sshd.service) =================================================================== --- testing-x86_64/sshd.service (rev 0) +++ testing-x86_64/sshd.service 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,17 @@ +[Unit] +Description=OpenSSH Daemon +Wants=sshdgenkeys.service +After=sshdgenkeys.service +After=network.target + +[Service] +ExecStart=/usr/bin/sshd -D +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process +Restart=always + +[Install] +WantedBy=multi-user.target + +# This service file runs an SSH daemon that forks for each incoming connection. +# If you prefer to spawn on-demand daemons, use sshd.socket and sshd@.service. Copied: openssh/repos/testing-x86_64/sshd.socket (from rev 241658, openssh/trunk/sshd.socket) =================================================================== --- testing-x86_64/sshd.socket (rev 0) +++ testing-x86_64/sshd.socket 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,10 @@ +[Unit] +Conflicts=sshd.service +Wants=sshdgenkeys.service + +[Socket] +ListenStream=22 +Accept=yes + +[Install] +WantedBy=sockets.target Copied: openssh/repos/testing-x86_64/sshd@.service (from rev 241658, openssh/trunk/sshd@.service) =================================================================== --- testing-x86_64/sshd@.service (rev 0) +++ testing-x86_64/sshd@.service 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,8 @@ +[Unit] +Description=OpenSSH Per-Connection Daemon +After=sshdgenkeys.service + +[Service] +ExecStart=-/usr/bin/sshd -i +StandardInput=socket +StandardError=syslog Copied: openssh/repos/testing-x86_64/sshdgenkeys.service (from rev 241658, openssh/trunk/sshdgenkeys.service) =================================================================== --- testing-x86_64/sshdgenkeys.service (rev 0) +++ testing-x86_64/sshdgenkeys.service 2015-07-01 05:23:35 UTC (rev 241659) @@ -0,0 +1,17 @@ +[Unit] +Description=SSH Key Generation +ConditionPathExists=|!/etc/ssh/ssh_host_key +ConditionPathExists=|!/etc/ssh/ssh_host_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub +ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key +ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub + +[Service] +ExecStart=/usr/bin/ssh-keygen -A +Type=oneshot +RemainAfterExit=yes