File openssh-6.6p1-systemd-notify.patch of Package openssh.10219

# HG changeset patch
# Parent  2d306c284160f6d88c032e592f6cc56ea96f7e66
Send signals to systemd to prevent various race conditions
bsc#1048367

diff --git a/openssh-6.6p1/configure.ac b/openssh-6.6p1/configure.ac
--- a/openssh-6.6p1/configure.ac
+++ b/openssh-6.6p1/configure.ac
@@ -4169,16 +4169,40 @@ AC_ARG_WITH([kerberos5],
 		LIBS="$saved_LIBS"
 
 	fi
 	]
 )
 AC_SUBST([GSSLIBS])
 AC_SUBST([K5LIBS])
 
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+	[  --with-systemd          Enable systemd support],
+	[ if test "x$withval" != "xno" ; then
+		AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+		if test "$PKGCONFIG" != "no"; then
+			AC_MSG_CHECKING([for libsystemd])
+			if $PKGCONFIG --exists libsystemd; then
+				SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+				SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+				CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+				SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+				AC_MSG_RESULT([yes])
+				AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+				SYSTEMD_MSG="yes"
+			else
+				AC_MSG_RESULT([no])
+			fi
+		fi
+	fi ]
+)
+
+
 # Looking for programs, paths and files
 
 PRIVSEP_PATH=/var/empty
 AC_ARG_WITH([privsep-path],
 	[  --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
 	[
 		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
 		    test "x${withval}" != "xyes"; then
@@ -4970,16 +4994,17 @@ echo "                 KerberosV support
 echo "                   SELinux support: $SELINUX_MSG"
 echo "                 Smartcard support: $SCARD_MSG"
 echo "                     S/KEY support: $SKEY_MSG"
 echo "              TCP Wrappers support: $TCPW_MSG"
 echo "              MD5 password support: $MD5_MSG"
 echo "                   libedit support: $LIBEDIT_MSG"
 echo "  Solaris process contract support: $SPC_MSG"
 echo "           Solaris project support: $SP_MSG"
+echo "                   systemd support: $SYSTEMD_MSG"
 echo "       IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
 echo "           Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
 echo "                  BSD Auth support: $BSD_AUTH_MSG"
 echo "              Random number source: $RAND_MSG"
 echo "             Privsep sandbox style: $SANDBOX_STYLE"
 
 echo ""
 
diff --git a/openssh-6.6p1/sshd.c b/openssh-6.6p1/sshd.c
--- a/openssh-6.6p1/sshd.c
+++ b/openssh-6.6p1/sshd.c
@@ -79,16 +79,20 @@
 #include <openssl/rand.h>
 #include "openbsd-compat/openssl-compat.h"
 
 #ifdef HAVE_SECUREWARE
 #include <sys/security.h>
 #include <prot.h>
 #endif
 
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
 #include "xmalloc.h"
 #include "ssh.h"
 #include "ssh1.h"
 #include "ssh2.h"
 #include "rsa.h"
 #include "sshpty.h"
 #include "packet.h"
 #include "log.h"
@@ -325,16 +329,20 @@ sighup_handler(int sig)
 
 /*
  * Called from the main program after receiving SIGHUP.
  * Restarts the server.
  */
 static void
 sighup_restart(void)
 {
+#ifdef HAVE_SYSTEMD
+	/* Signal systemd that we are reloading */
+	sd_notify(0, "RELOADING=1");
+#endif
 	logit("Received SIGHUP; restarting.");
 	platform_pre_restart();
 	close_listen_socks();
 	close_startup_pipes();
 	alarm(0);  /* alarm timer persists across exec */
 	signal(SIGHUP, SIG_IGN); /* will be restored after exec */
 	execv(saved_argv[0], saved_argv);
 	logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
@@ -2006,16 +2014,21 @@ main(int ac, char **av)
 				error("Couldn't create pid file \"%s\": %s",
 				    options.pid_file, strerror(errno));
 			} else {
 				fprintf(f, "%ld\n", (long) getpid());
 				fclose(f);
 			}
 		}
 
+#ifdef HAVE_SYSTEMD
+		/* Signal systemd that we are ready to accept connections */
+		sd_notify(0, "READY=1");
+#endif
+
 		/* Accept a connection and return in a forked child */
 		server_accept_loop(&sock_in, &sock_out,
 		    &newsock, config_s);
 	}
 
 	/* This is the child processing a new connection. */
 	setproctitle("%s", "[accepted]");
openSUSE Build Service is sponsored by