Date: Mon, 12 Nov 2018 21:06:47 +0000 (UTC) From: Bryan Drewery <bdrewery@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r484825 - in branches/2018Q4/security/openssh-portable: . files Message-ID: <201811122106.wACL6lLq066908@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bdrewery Date: Mon Nov 12 21:06:47 2018 New Revision: 484825 URL: https://svnweb.freebsd.org/changeset/ports/484825 Log: MFH: r484765 r484823 r484824 Update to 7.9p1. - Fixes build on 12, head, and openssl-devel. - GSSAPI and HPN are currently marked BROKEN as I don't want to block the main update for anyone. http://www.openssh.com/txt/release-7.8 http://www.openssh.com/txt/release-7.9 - Fix HPN for 7.9p1 - DOCS is required for HPN but it's not exclusively a flavor so needs to be in the default list. - Fix a build-time OpenSSL version comparison [1] PR: 233157 [1] Reported by: Robert Schulze <rs@bytecamp.net> [1] Obtained from: upstream c0a35265907533be10ca151ac797f34ae0d68969 [1] - Update KERB_GSSAPI for 7.9p1 Approved by: portmgr (implicit) Added: branches/2018Q4/security/openssh-portable/files/patch-c0a35265907533be10ca151ac797f34ae0d68969 - copied unchanged from r484823, head/security/openssh-portable/files/patch-c0a35265907533be10ca151ac797f34ae0d68969 branches/2018Q4/security/openssh-portable/files/patch-serverloop.c - copied unchanged from r484765, head/security/openssh-portable/files/patch-serverloop.c Deleted: branches/2018Q4/security/openssh-portable/files/patch-341727df910e12e26ef161508ed76d91c40a61eb branches/2018Q4/security/openssh-portable/files/patch-85fe48fd49f2e81fa30902841b362cfbb7f1933b branches/2018Q4/security/openssh-portable/files/patch-868afa68469de50d8a43e5daf867d7c624a34d20 branches/2018Q4/security/openssh-portable/files/patch-b81b2d120e9c8a83489e241620843687758925ad branches/2018Q4/security/openssh-portable/files/patch-f5baa36ba79a6e8c534fb4e0a00f2614ccc42ea6 branches/2018Q4/security/openssh-portable/files/patch-misc.c Modified: branches/2018Q4/security/openssh-portable/Makefile branches/2018Q4/security/openssh-portable/distinfo branches/2018Q4/security/openssh-portable/files/extra-patch-hpn branches/2018Q4/security/openssh-portable/files/extra-patch-hpn-compat branches/2018Q4/security/openssh-portable/files/extra-patch-tcpwrappers branches/2018Q4/security/openssh-portable/files/patch-auth2.c branches/2018Q4/security/openssh-portable/files/patch-session.c Directory Properties: branches/2018Q4/ (props changed) Modified: branches/2018Q4/security/openssh-portable/Makefile ============================================================================== --- branches/2018Q4/security/openssh-portable/Makefile Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/Makefile Mon Nov 12 21:06:47 2018 (r484825) @@ -2,8 +2,8 @@ # $FreeBSD$ PORTNAME= openssh -DISTVERSION= 7.7p1 -PORTREVISION= 6 +DISTVERSION= 7.9p1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= OPENBSD/OpenSSH/portable @@ -26,20 +26,16 @@ CONFIGURE_ARGS= --prefix=${PREFIX} --with-md5-passwor ETCOLD= ${PREFIX}/etc -BROKEN_SSL= openssl-devel -BROKEN_SSL_REASON_openssl-devel= error: OpenSSL >= 1.1.0 is not yet supported - FLAVORS= default hpn default_CONFLICTS_INSTALL= openssl-portable-hpn hpn_CONFLICTS_INSTALL= openssh-portable hpn_PKGNAMESUFFIX= -portable-hpn -OPTIONS_DEFINE= PAM TCP_WRAPPERS LIBEDIT BSM \ +OPTIONS_DEFINE= DOCS PAM TCP_WRAPPERS LIBEDIT BSM \ HPN X509 KERB_GSSAPI \ LDNS NONECIPHER XMSS OPTIONS_DEFAULT= LIBEDIT PAM TCP_WRAPPERS LDNS .if ${FLAVOR:U} == hpn -OPTIONS_DEFINE+= DOCS OPTIONS_DEFAULT+= HPN NONECIPHER .endif OPTIONS_RADIO= KERBEROS @@ -70,10 +66,10 @@ HPN_CONFIGURE_WITH= hpn NONECIPHER_CONFIGURE_WITH= nonecipher # See http://www.roumenpetrov.info/openssh/ -X509_VERSION= 11.3.2 +X509_VERSION= 11.5 X509_PATCH_SITES= http://www.roumenpetrov.info/openssh/x509-${X509_VERSION}/:x509 X509_EXTRA_PATCHES+= ${FILESDIR}/extra-patch-x509-glue -X509_PATCHFILES= ${PORTNAME}-7.7p1+x509-${X509_VERSION}.diff.gz:-p1:x509 +X509_PATCHFILES= ${PORTNAME}-7.9p1+x509-${X509_VERSION}.diff.gz:-p1:x509 MIT_LIB_DEPENDS= libkrb5.so.3:security/krb5 HEIMDAL_LIB_DEPENDS= libkrb5.so.26:security/heimdal @@ -113,7 +109,7 @@ PATCHFILES+= openssh-7.7p1-gsskex-all-20141021-debian- # https://www.psc.edu/hpn-ssh https://github.com/rapier1/openssh-portable/tree/hpn-openssl1.1-7_7_P1 .if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MNONECIPHER} -#BROKEN= HPN: Not yet updated for ${DISTVERSION} and disabled in base +#BROKEN= HPN: Not yet updated for ${DISTVERSION} yet. PORTDOCS+= HPN-README HPN_VERSION= 14v15 HPN_DISTVERSION= 7.7p1 Modified: branches/2018Q4/security/openssh-portable/distinfo ============================================================================== --- branches/2018Q4/security/openssh-portable/distinfo Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/distinfo Mon Nov 12 21:06:47 2018 (r484825) @@ -1,7 +1,7 @@ -TIMESTAMP = 1524589531 -SHA256 (openssh-7.7p1.tar.gz) = d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f -SIZE (openssh-7.7p1.tar.gz) = 1536900 -SHA256 (openssh-7.7p1+x509-11.3.2.diff.gz) = f0549007b2bdb99c41d83e622b6504365a3fa0a5ac22e3d0755c89cb0e29a02f -SIZE (openssh-7.7p1+x509-11.3.2.diff.gz) = 492142 -SHA256 (openssh-7.7p1-gsskex-all-20141021-debian-rh-20171004.patch.gz) = c58f10ed5d9550e6e4ac09898a1aa131321e69c4d65a742ab95d357b35576ef4 -SIZE (openssh-7.7p1-gsskex-all-20141021-debian-rh-20171004.patch.gz) = 27251 +TIMESTAMP = 1541877994 +SHA256 (openssh-7.9p1.tar.gz) = 6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad +SIZE (openssh-7.9p1.tar.gz) = 1565384 +SHA256 (openssh-7.9p1+x509-11.5.diff.gz) = 1d15099ce54614f158f10f55b6b4992d915353f92a05e179a64b0655650c00bb +SIZE (openssh-7.9p1+x509-11.5.diff.gz) = 594995 +SHA256 (openssh-7.9p1-gsskex-all-20141021-debian-rh-20181020.patch.gz) = a9fe46bc97ebb6f32dad44c6e62e712b224392463b2084300835736fe848eabc +SIZE (openssh-7.9p1-gsskex-all-20141021-debian-rh-20181020.patch.gz) = 27612 Modified: branches/2018Q4/security/openssh-portable/files/extra-patch-hpn ============================================================================== --- branches/2018Q4/security/openssh-portable/files/extra-patch-hpn Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/files/extra-patch-hpn Mon Nov 12 21:06:47 2018 (r484825) @@ -1064,9 +1064,9 @@ diff -urN -x configure -x config.guess -x config.h.in #define SSHBUF_REFS_MAX 0x100000 /* Max child buffers */ #define SSHBUF_MAX_BIGNUM (16384 / 8) /* Max bignum *bytes* */ #define SSHBUF_MAX_ECPOINT ((528 * 2 / 8) + 1) /* Max EC point *bytes* */ ---- work/openssh-7.7p1/sshconnect.c.orig 2018-04-01 22:38:28.000000000 -0700 -+++ work/openssh-7.7p1/sshconnect.c 2018-06-26 15:55:19.103812000 -0700 -@@ -337,7 +337,32 @@ check_ifaddrs(const char *ifname, int af, const struct +--- work/openssh/sshconnect.c.orig 2018-10-16 17:01:20.000000000 -0700 ++++ work/openssh/sshconnect.c 2018-11-12 09:04:24.340706000 -0800 +@@ -327,7 +327,32 @@ check_ifaddrs(const char *ifname, int af, const struct } #endif @@ -1096,10 +1096,10 @@ diff -urN -x configure -x config.guess -x config.h.in +#endif + +/* - * Creates a (possibly privileged) socket for use as the ssh connection. + * Creates a socket for use as the ssh connection. */ static int -@@ -359,6 +384,11 @@ ssh_create_socket(int privileged, struct addrinfo *ai) +@@ -349,6 +374,11 @@ ssh_create_socket(struct addrinfo *ai) } fcntl(sock, F_SETFD, FD_CLOEXEC); @@ -1109,9 +1109,9 @@ diff -urN -x configure -x config.guess -x config.h.in +#endif + /* Bind the socket to an alternative local IP address */ - if (options.bind_address == NULL && options.bind_interface == NULL && - !privileged) -@@ -637,8 +667,14 @@ static void + if (options.bind_address == NULL && options.bind_interface == NULL) + return sock; +@@ -608,8 +638,14 @@ static void send_client_banner(int connection_out, int minor1) { /* Send our own protocol version identification. */ @@ -1128,8 +1128,8 @@ diff -urN -x configure -x config.guess -x config.h.in if (atomicio(vwrite, connection_out, client_version_string, strlen(client_version_string)) != strlen(client_version_string)) fatal("write: %.100s", strerror(errno)); ---- work/openssh-7.7p1/sshconnect2.c.orig 2018-04-01 22:38:28.000000000 -0700 -+++ work/openssh-7.7p1/sshconnect2.c 2018-06-27 17:11:17.543893000 -0700 +--- work/openssh/sshconnect2.c.orig 2018-10-16 17:01:20.000000000 -0700 ++++ work/openssh/sshconnect2.c 2018-11-12 09:06:06.338515000 -0800 @@ -81,7 +81,13 @@ extern char *client_version_string; extern char *server_version_string; @@ -1144,7 +1144,7 @@ diff -urN -x configure -x config.guess -x config.h.in /* * SSH2 key exchange */ -@@ -154,14 +160,17 @@ order_hostkeyalgs(char *host, struct sockaddr *hostadd +@@ -154,10 +160,11 @@ order_hostkeyalgs(char *host, struct sockaddr *hostadd return ret; } @@ -1154,16 +1154,18 @@ diff -urN -x configure -x config.guess -x config.h.in ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) { - char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; - char *s; + char *s, *all_key; struct kex *kex; int r; - -+ memcpy(&myproposal, &myproposal_default, sizeof(myproposal)); -+ +@@ -165,6 +172,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_shor xxx_host = host; xxx_hostaddr = hostaddr; -@@ -409,6 +418,30 @@ ssh_userauth2(const char *local_user, const char *serv ++ memcpy(&myproposal, &myproposal_default, sizeof(myproposal)); + if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL) + fatal("%s: kex_names_cat", __func__); + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s); +@@ -412,6 +420,30 @@ ssh_userauth2(const char *local_user, const char *serv if (!authctxt.success) fatal("Authentication failed."); Modified: branches/2018Q4/security/openssh-portable/files/extra-patch-hpn-compat ============================================================================== --- branches/2018Q4/security/openssh-portable/files/extra-patch-hpn-compat Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/files/extra-patch-hpn-compat Mon Nov 12 21:06:47 2018 (r484825) @@ -31,12 +31,12 @@ r294563 was incomplete; re-add the client-side options { NULL, oBadOption } }; ---- servconf.c.orig 2017-10-02 12:34:26.000000000 -0700 -+++ servconf.c 2017-10-12 12:20:19.089884000 -0700 -@@ -618,6 +618,10 @@ static struct { - { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, +--- servconf.c.orig 2018-10-16 17:01:20.000000000 -0700 ++++ servconf.c 2018-11-10 11:32:09.835817000 -0800 +@@ -645,6 +645,10 @@ static struct { { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, { "rdomain", sRDomain, SSHCFG_ALL }, + { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, + { "noneenabled", sUnsupported, SSHCFG_ALL }, + { "hpndisabled", sDeprecated, SSHCFG_ALL }, + { "hpnbuffersize", sDeprecated, SSHCFG_ALL }, Modified: branches/2018Q4/security/openssh-portable/files/extra-patch-tcpwrappers ============================================================================== --- branches/2018Q4/security/openssh-portable/files/extra-patch-tcpwrappers Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/files/extra-patch-tcpwrappers Mon Nov 12 21:06:47 2018 (r484825) @@ -85,11 +85,11 @@ index 0ade557..045f149 100644 laddr = get_local_ipaddr(sock_in); diff --git configure.ac configure.ac index f48ba4a..66fbe82 100644 ---- configure.ac -+++ configure.ac -@@ -1380,6 +1380,62 @@ AC_ARG_WITH([skey], - ] - ) +--- configure.ac.orig 2018-10-16 17:01:20.000000000 -0700 ++++ configure.ac 2018-11-10 11:29:32.626326000 -0800 +@@ -1493,6 +1493,62 @@ else + AC_MSG_RESULT([no]) + fi +# Check whether user wants TCP wrappers support +TCPW_MSG="no" @@ -150,11 +150,11 @@ index f48ba4a..66fbe82 100644 # Check whether user wants to use ldns LDNS_MSG="no" AC_ARG_WITH(ldns, -@@ -4803,6 +4859,7 @@ echo " KerberosV support: $KRB5_MSG" +@@ -5305,6 +5361,7 @@ echo " PAM support: $PAM_MSG" + echo " OSF SIA support: $SIA_MSG" + echo " KerberosV support: $KRB5_MSG" echo " SELinux support: $SELINUX_MSG" - echo " Smartcard support: $SCARD_MSG" - echo " S/KEY support: $SKEY_MSG" +echo " TCP Wrappers support: $TCPW_MSG" echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" - echo " Solaris process contract support: $SPC_MSG" + echo " libldns support: $LDNS_MSG" Modified: branches/2018Q4/security/openssh-portable/files/patch-auth2.c ============================================================================== --- branches/2018Q4/security/openssh-portable/files/patch-auth2.c Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/files/patch-auth2.c Mon Nov 12 21:06:47 2018 (r484825) @@ -5,31 +5,32 @@ Changed paths: Apply class-imposed login restrictions. ---- auth2.c.orig 2017-03-19 19:39:27.000000000 -0700 -+++ auth2.c 2017-03-20 11:52:27.960733000 -0700 -@@ -47,6 +47,7 @@ - #include "key.h" +--- auth2.c.orig 2018-10-16 17:01:20.000000000 -0700 ++++ auth2.c 2018-11-10 11:35:07.816193000 -0800 +@@ -48,6 +48,7 @@ + #include "sshkey.h" #include "hostfile.h" #include "auth.h" +#include "canohost.h" #include "dispatch.h" #include "pathnames.h" - #include "buffer.h" -@@ -217,6 +218,13 @@ input_userauth_request(int type, u_int32 - Authmethod *m = NULL; + #include "sshbuf.h" +@@ -258,7 +259,14 @@ input_userauth_request(int type, u_int32_t seq, struct char *user, *service, *method, *style = NULL; int authenticated = 0; + double tstart = monotime_double(); +#ifdef HAVE_LOGIN_CAP + login_cap_t *lc; + const char *from_host, *from_ip; -+ + + from_host = auth_get_canonical_hostname(ssh, options.use_dns); + from_ip = ssh_remote_ipaddr(ssh); +#endif - ++ if (authctxt == NULL) fatal("input_userauth_request: no authctxt"); -@@ -266,6 +274,27 @@ input_userauth_request(int type, u_int32 + +@@ -307,6 +315,27 @@ input_userauth_request(int type, u_int32_t seq, struct "(%s,%s) -> (%s,%s)", authctxt->user, authctxt->service, user, service); } @@ -55,5 +56,5 @@ Apply class-imposed login restrictions. +#endif /* HAVE_LOGIN_CAP */ + /* reset state */ - auth2_challenge_stop(authctxt); + auth2_challenge_stop(ssh); Copied: branches/2018Q4/security/openssh-portable/files/patch-c0a35265907533be10ca151ac797f34ae0d68969 (from r484823, head/security/openssh-portable/files/patch-c0a35265907533be10ca151ac797f34ae0d68969) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/security/openssh-portable/files/patch-c0a35265907533be10ca151ac797f34ae0d68969 Mon Nov 12 21:06:47 2018 (r484825, copy of r484823, head/security/openssh-portable/files/patch-c0a35265907533be10ca151ac797f34ae0d68969) @@ -0,0 +1,19 @@ +commit c0a35265907533be10ca151ac797f34ae0d68969 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Oct 22 11:22:50 2018 +1100 + + fix compile for openssl 1.0.x w/ --with-ssl-engine + + bz#2921, patch from cotequeiroz + +--- openbsd-compat/openssl-compat.c.orig 2018-11-12 12:52:26 UTC ++++ openbsd-compat/openssl-compat.c +@@ -76,7 +76,7 @@ ssh_OpenSSL_add_all_algorithms(void) + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); + +-#if OPENSSL_VERSION_NUMBER < 0x10001000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + OPENSSL_config(NULL); + #else + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | Copied: branches/2018Q4/security/openssh-portable/files/patch-serverloop.c (from r484765, head/security/openssh-portable/files/patch-serverloop.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/security/openssh-portable/files/patch-serverloop.c Mon Nov 12 21:06:47 2018 (r484825, copy of r484765, head/security/openssh-portable/files/patch-serverloop.c) @@ -0,0 +1,43 @@ +------------------------------------------------------------------------ +r181918 | des | 2008-08-20 05:40:07 -0500 (Wed, 20 Aug 2008) | 6 lines +Changed paths: + M /head/crypto/openssh/readconf.c + +Use net.inet.ip.portrange.reservedhigh instead of IPPORT_RESERVED. +Submitted upstream, no reaction. + +Submitted by: delphij@ +[rewritten for 7.4 by bdrewery@] + +--- serverloop.c.orig 2018-11-10 11:38:16.728617000 -0800 ++++ serverloop.c 2018-11-10 11:38:19.497300000 -0800 +@@ -55,6 +55,8 @@ + #include <unistd.h> + #include <stdarg.h> + ++#include <sys/sysctl.h> ++ + #include "openbsd-compat/sys-queue.h" + #include "xmalloc.h" + #include "packet.h" +@@ -109,7 +111,19 @@ bind_permitted(int port, uid_t uid) + { + if (use_privsep) + return 1; /* allow system to decide */ +- if (port < IPPORT_RESERVED && uid != 0) ++ int ipport_reserved; ++#ifdef __FreeBSD__ ++ size_t len_ipport_reserved = sizeof(ipport_reserved); ++ ++ if (sysctlbyname("net.inet.ip.portrange.reservedhigh", ++ &ipport_reserved, &len_ipport_reserved, NULL, 0) != 0) ++ ipport_reserved = IPPORT_RESERVED; ++ else ++ ipport_reserved++; ++#else ++ ipport_reserved = IPPORT_RESERVED; ++#endif ++ if (port < ipport_reserved && uid != 0) + return 0; + return 1; + } Modified: branches/2018Q4/security/openssh-portable/files/patch-session.c ============================================================================== --- branches/2018Q4/security/openssh-portable/files/patch-session.c Mon Nov 12 21:04:05 2018 (r484824) +++ branches/2018Q4/security/openssh-portable/files/patch-session.c Mon Nov 12 21:06:47 2018 (r484825) @@ -10,9 +10,9 @@ Reviewed by: ache Sponsored by: DARPA, NAI Labs ---- session.c.orig 2018-04-01 22:38:28.000000000 -0700 -+++ session.c 2018-04-03 13:56:49.599400000 -0700 -@@ -982,6 +982,9 @@ do_setup_env(struct ssh *ssh, Session *s, const char * +--- session.c.orig 2018-10-16 17:01:20.000000000 -0700 ++++ session.c 2018-11-10 11:45:14.645263000 -0800 +@@ -1020,6 +1020,9 @@ do_setup_env(struct ssh *ssh, Session *s, const char * struct passwd *pw = s->pw; #if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) char *path = NULL; @@ -22,7 +22,7 @@ Sponsored by: DARPA, NAI Labs #endif /* Initialize the environment. */ -@@ -1003,6 +1006,9 @@ do_setup_env(struct ssh *ssh, Session *s, const char * +@@ -1041,6 +1044,9 @@ do_setup_env(struct ssh *ssh, Session *s, const char * } #endif @@ -32,7 +32,7 @@ Sponsored by: DARPA, NAI Labs #ifdef GSSAPI /* Allow any GSSAPI methods that we've used to alter * the childs environment as they see fit -@@ -1020,11 +1026,21 @@ do_setup_env(struct ssh *ssh, Session *s, const char * +@@ -1058,11 +1064,21 @@ do_setup_env(struct ssh *ssh, Session *s, const char * child_set_env(&env, &envsize, "LOGIN", pw->pw_name); #endif child_set_env(&env, &envsize, "HOME", pw->pw_dir); @@ -58,7 +58,7 @@ Sponsored by: DARPA, NAI Labs #else /* HAVE_LOGIN_CAP */ # ifndef HAVE_CYGWIN /* -@@ -1044,15 +1060,9 @@ do_setup_env(struct ssh *ssh, Session *s, const char * +@@ -1082,14 +1098,9 @@ do_setup_env(struct ssh *ssh, Session *s, const char * # endif /* HAVE_CYGWIN */ #endif /* HAVE_LOGIN_CAP */ @@ -70,11 +70,10 @@ Sponsored by: DARPA, NAI Labs - if (getenv("TZ")) - child_set_env(&env, &envsize, "TZ", getenv("TZ")); -- - /* Set custom environment options from pubkey authentication. */ - if (options.permit_user_env) { - for (n = 0 ; n < auth_opts->nenv; n++) { -@@ -1331,7 +1341,7 @@ do_setusercontext(struct passwd *pw) + if (s->term) + child_set_env(&env, &envsize, "TERM", s->term); + if (s->display) +@@ -1389,7 +1400,7 @@ do_setusercontext(struct passwd *pw) if (platform_privileged_uidswap()) { #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811122106.wACL6lLq066908>