Package: rssh / 2.3.2-13squeeze3

Metadata

Package Version Patches format
rssh 2.3.2-13squeeze3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
fixes/config parse fatal.diff p1 | (download)

main.c.in | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 [patch] abort if config file could not be parsed

Previously, if the configuration could not be parsed, rssh would continue
on with its defaults.  This meant that if there were an error in a
per-user configuration line, the global options would be applied, even
if they shouldn't be for that user.

Instead, exit after any failure to parse the configuration, turning a
syntactically invalid configuration file into a fatal error for all
users.  This is safer and makes it more likely that the problem will be
corrected and not lead to unintended consequences.

Signed-off-by: Russ Allbery <rra@debian.org>


fixes/fail logging.diff p1 | (download)

util.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] fix allocation of buffer for fail log message

The failure log message when the user isn't permitted to run the
command they're attempting includes a summary of the commands the
user is allowed to run.  The allocation for that string was not
reserving space for the nul byte at the end of the string, causing
a one-byte overwrite past the end of the string.

Signed-off-by: Russ Allbery <rra@debian.org>


fixes/info to debug.diff p1 | (download)

rsshconf.c | 20 10 + 10 - 0 !
1 file changed, 10 insertions(+), 10 deletions(-)

 [patch] lower priority of syslog messages to debug

Lower priority of all of the routine syslog messages from info to debug
to cut down on log noise.

Signed-off-by: Russ Allbery <rra@stanford.edu>


fixes/man page hyphen.diff p1 | (download)

rssh.1 | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 [patch] command-line switches in man pages should be minuses

Hyphens used for command-line switches in manual pages should be minus
signs, not hyphens.

Signed-off-by: Russ Allbery <rra@stanford.edu>


fixes/man page spelling.diff p1 | (download)

rssh.1 | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] fix spelling errors in manual pages

Fix spelling errors such as seperate for separate.

Signed-off-by: Russ Allbery <rra@debian.org>


fixes/missing config.diff p1 | (download)

rsshconf.c | 9 6 + 3 - 0 !
1 file changed, 6 insertions(+), 3 deletions(-)

 [patch] avoid segfault on missingn configuration file

Avoid a segfault when logging is disabled and the configuration file
doesn't exist.  Thanks, Thomas Liske.

Debian Bug#458563

Signed-off-by: Russ Allbery <rra@stanford.edu>


fixes/mkchroot.diff p1 | (download)

mkchroot.sh | 84 61 + 23 - 0 !
1 file changed, 61 insertions(+), 23 deletions(-)

 [patch] fixes and improvements to mkchroot.sh

Debian wants libnss_compat* in addition to libnss_files* for UID lookups
to work properly, and doesn't have a libnss1_files*.

Create the /dev/null device in the chroot, needed by sftp-server.  Create
the /dev/log device in the chroot, for one less step.

Update the code to copy over libraries to be able to parse the new output
from ldd.

Update file paths for Debian.

Add better error handling.

Warn that /etc/passwd is being copied into the chroot jail and that the
user may wish to edit out some users and remove any sensitive
information.  (Debian Bug#366655)

Thanks to proctor mcduff for his contributions.

Signed-off-by: Russ Allbery <rra@stanford.edu>


fixes/command line checking.diff | (download)

main.c.in | 6 4 + 2 - 0 !
util.c | 119 66 + 53 - 0 !
util.h | 3 2 + 1 - 0 !
3 files changed, 72 insertions(+), 56 deletions(-)

 [patch] fix command line security parsing

Henrik Erkkonen has discovered that, through clever manipulation of
environment variables on the ssh command line, it is possible to
circumvent rssh.  This patch would constitute the upstream 2.3.4
release if upstream had a chance to make a new release.

Signed-off-by: Russ Allbery <rra@debian.org>


fixes/command line error.diff p1 | (download)

util.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] fix error message from invalid options

Don't refer to all invalid options as invalid scp options.

Signed-off-by: Russ Allbery <rra@debian.org>


fixes/rsync protocol.diff p1 | (download)

util.c | 80 73 + 7 - 0 !
1 file changed, 73 insertions(+), 7 deletions(-)

 [patch] handle the rsync v3 -e option for protocol information

As of rsync 3, rsync reused the -e option to pass protocol information
from the client to the server.  We therefore cannot reject all -e
options to rsync, only ones not sent with --server or containing
something other than protocol information as an argument.

Also scan the rsync command line for any --rsh option and reject it as
well.  This replaces and improves the upstream strategy for rejecting
that command-line option, taking advantage of the parsing added to
check the -e option.

Based on work by Robert Hardy.

Debian Bug#471803

Signed-off-by: Russ Allbery <rra@stanford.edu>


features/subversion.diff | (download)

conf_convert | 48 48 + 0 - 0 !
conf_convert.sh | 45 0 + 45 - 0 !
configure.ac | 22 20 + 2 - 0 !
main.c.in | 5 4 + 1 - 0 !
pathnames.h.in | 1 1 + 0 - 0 !
rssh.conf | 28 15 + 13 - 0 !
rssh.conf.5 | 17 11 + 6 - 0 !
rssh.conf.5.in | 17 11 + 6 - 0 !
rssh.h | 13 7 + 6 - 0 !
rssh_chroot_helper.c | 3 3 + 0 - 0 !
rsshconf.c | 47 43 + 4 - 0 !
util.c | 35 26 + 9 - 0 !
util.h | 3 2 + 1 - 0 !
13 files changed, 191 insertions(+), 93 deletions(-)

 [patch] add support for subversion (svnserve)

Adds support for svn access via svnserve.  This adds an additional
field to the bitmask in /etc/rssh.conf that's used to control Subversion
access.  Users authorized to run svnserve may run only svnserve -t
exactly.

Patch from Davide Scola <davide.scola@gmail.com>

Debian Bug#284756

Signed-off-by: Russ Allbery <rra@stanford.edu>