On 09/12/16 11:21 AM, Alexander Pyhalov wrote:
Hello.
Have user report about OpenSSH crash. We use OpenSSH with
https://github.com/joyent/illumos-extra/tree/master/openssh/ patches.
The user, experiencing this error, suggested the following fix:
http://witch.tambov.ru/~denis/openssh/patch_for_patch.diff
---
components/network/openssh/patches/0014-Solaris-Auditing-support.patch.orig
Thu Jul 28 11:58:21 2016
+++
components/network/openssh/patches/0014-Solaris-Auditing-support.patch
Mon Sep 12 15:59:29 2016
@@ -289,7 +289,7 @@
+audit_connection_from(const char *host, int port)
+{
+ int peer = packet_get_connection_in();
-+ adt_session_data_t *ah;
++ adt_session_data_t *ah = NULL;
+
+ if (adt_load_termid(peer, &tid) != 0) {
+ error("adt audit_connection_from: unable to load tid for %d:%s",
@@ -299,7 +299,7 @@
+ error("adt audit_connection_from: unable to start session "
+ "for %s:%d:%s", host, port, strerror(errno));
+ }
-+ if (adt_set_user(ah, ADT_NO_AUDIT, ADT_NO_AUDIT, 0,
++ if (tid != NULL && adt_set_user(ah, ADT_NO_AUDIT, ADT_NO_AUDIT, 0,
+ ADT_NO_AUDIT, tid, ADT_SETTID) != 0) {
+ error("adt audit_connection_from: unable to set user "
+ "for %s:%d:%s", host, port, strerror(errno));
This makes me wonder, why we check for adt_* return codes, but don't
return from function at
https://github.com/illumos/openssh-portable/blob/illumos-7.2p2/audit-solaris.c#L179
and in similar places.
--
Best regards,
Alexander Pyhalov,
system administrator of Southern Federal University IT department
-------------------------------------------
illumos-discuss
Archives: https://www.listbox.com/member/archive/182180/=now
RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be
Modify Your Subscription:
https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4
Powered by Listbox: http://www.listbox.com
