git: f931a32bcaf3 - stable/13 - openssh: Fix blacklistd sshd-session integration

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Jose Luis Duran <jlduran_at_FreeBSD.org>
Date: Wed, 26 Feb 2025 16:43:53 UTC

The branch stable/13 has been updated by jlduran:

URL: https://cgit.FreeBSD.org/src/commit/?id=f931a32bcaf3f86581d2dbe46f7809eb47d1b167

commit f931a32bcaf3f86581d2dbe46f7809eb47d1b167
Author:     Jose Luis Duran <jlduran@FreeBSD.org>
AuthorDate: 2025-02-24 14:38:52 +0000
Commit:     Jose Luis Duran <jlduran@FreeBSD.org>
CommitDate: 2025-02-26 16:42:45 +0000

    openssh: Fix blacklistd sshd-session integration
    
    In version 9.8, the server was split into a listener binary, sshd(8),
    and a per-session binary "sshd-session".
    
    Our blacklistd changes also have to be moved from sshd.c to
    sshd-session.c.
    
    Reviewed by:    emaste
    Approved by:    emaste (mentor)
    Fixes:  0fdf8fae8b56 ("openssh: Update to 9.8p1")
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D49116
    
    (cherry picked from commit 61d8af38bf1c5328c27ccfcd8a3b73e9e8604d16)
    (cherry picked from commit 707ac59c2b31bdf3a593bc545d2fe233598cb97c)
---
 crypto/openssh/sshd-session.c | 3 +++
 crypto/openssh/sshd.c         | 4 ----
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/crypto/openssh/sshd-session.c b/crypto/openssh/sshd-session.c
index 3092cd91242e..ee983176d3aa 100644
--- a/crypto/openssh/sshd-session.c
+++ b/crypto/openssh/sshd-session.c
@@ -109,6 +109,7 @@
 #include "sk-api.h"
 #include "srclimit.h"
 #include "dh.h"
+#include "blacklist_client.h"
 
 /* Re-exec fds */
 #define REEXEC_DEVCRYPTO_RESERVED_FD	(STDERR_FILENO + 1)
@@ -1316,6 +1317,8 @@ main(int ac, char **av)
 		fatal("sshbuf_new loginmsg failed");
 	auth_debug_reset();
 
+	BLACKLIST_INIT();
+
 	if (privsep_preauth(ssh) == 1)
 		goto authenticated;
 
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 68e48d75369a..fd48835ebd2a 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -101,7 +101,6 @@
 #include "sk-api.h"
 #include "addr.h"
 #include "srclimit.h"
-#include "blacklist_client.h"
 
 #ifdef LIBWRAP
 #include <tcpd.h>
@@ -1876,9 +1875,6 @@ main(int ac, char **av)
 	}
 #endif
 #endif
-
-
-	BLACKLIST_INIT();
 }
 
 /* server specific fatal cleanup */