Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 26 Feb 2025 17:52:18 GMT
From:      Jose Luis Duran <jlduran@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: e8043c76e378 - releng/13.5 - openssh: Fix blacklistd sshd-session integration
Message-ID:  <202502261752.51QHqIli031049@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch releng/13.5 has been updated by jlduran:

URL: https://cgit.FreeBSD.org/src/commit/?id=e8043c76e3788c555f633a0de6395a4d10ea375b

commit e8043c76e3788c555f633a0de6395a4d10ea375b
Author:     Jose Luis Duran <jlduran@FreeBSD.org>
AuthorDate: 2025-02-24 14:38:52 +0000
Commit:     Jose Luis Duran <jlduran@FreeBSD.org>
CommitDate: 2025-02-26 17:16:16 +0000

    openssh: Fix blacklistd sshd-session integration
    
    In version 9.8, the server was split into a listener binary, sshd(8),
    and a per-session binary "sshd-session".
    
    Our blacklistd changes also have to be moved from sshd.c to
    sshd-session.c.
    
    Reviewed by:    emaste
    Approved by:    emaste (mentor)
    Fixes:  0fdf8fae8b56 ("openssh: Update to 9.8p1")
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D49116
    
    (cherry picked from commit 61d8af38bf1c5328c27ccfcd8a3b73e9e8604d16)
    (cherry picked from commit 707ac59c2b31bdf3a593bc545d2fe233598cb97c)
    (cherry picked from commit f931a32bcaf3f86581d2dbe46f7809eb47d1b167)
    
    Approved by:    re (cperciva)
---
 crypto/openssh/sshd-session.c | 3 +++
 crypto/openssh/sshd.c         | 4 ----
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/crypto/openssh/sshd-session.c b/crypto/openssh/sshd-session.c
index 3092cd91242e..ee983176d3aa 100644
--- a/crypto/openssh/sshd-session.c
+++ b/crypto/openssh/sshd-session.c
@@ -109,6 +109,7 @@
 #include "sk-api.h"
 #include "srclimit.h"
 #include "dh.h"
+#include "blacklist_client.h"
 
 /* Re-exec fds */
 #define REEXEC_DEVCRYPTO_RESERVED_FD	(STDERR_FILENO + 1)
@@ -1316,6 +1317,8 @@ main(int ac, char **av)
 		fatal("sshbuf_new loginmsg failed");
 	auth_debug_reset();
 
+	BLACKLIST_INIT();
+
 	if (privsep_preauth(ssh) == 1)
 		goto authenticated;
 
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 68e48d75369a..fd48835ebd2a 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -101,7 +101,6 @@
 #include "sk-api.h"
 #include "addr.h"
 #include "srclimit.h"
-#include "blacklist_client.h"
 
 #ifdef LIBWRAP
 #include <tcpd.h>
@@ -1876,9 +1875,6 @@ main(int ac, char **av)
 	}
 #endif
 #endif
-
-
-	BLACKLIST_INIT();
 }
 
 /* server specific fatal cleanup */

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202502261752.51QHqIli031049>