--- a/components/openssh/patches/013-dtrace_sftp.patch	Fri Jan 27 11:50:56 2017 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,137 +0,0 @@
-#
-# This patch is to provide a SFTP DTrace provider which offers an administrator
-# some observability of SFTP data transfer. This was developed in-house. 
-# Because this is Solaris-specific and not suitable for upstream, we will not
-# contribute the changes to the upstream community.
-#
-diff -pur old/Makefile.in new/Makefile.in
---- old/Makefile.in
-+++ new/Makefile.in
-@@ -85,6 +85,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
- 	atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o utf8.o \
- 	monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
- 	msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
-+	sftp_provider.o \
- 	ssh-pkcs11.o smult_curve25519_ref.o \
- 	poly1305.o chacha.o cipher-chachapoly.o \
- 	ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
-@@ -107,7 +108,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
- 	monitor_mm.o monitor.o monitor_wrap.o auth-krb5.o \
- 	auth2-gss.o gss-serv.o gss-serv-krb5.o \
- 	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
--	sftp-server.o sftp-common.o \
-+	sftp-server.o sftp-common.o sftp_provider.o \
- 	sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
- 	sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
- 	sandbox-solaris.o
-@@ -187,8 +188,8 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
- ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
- 	$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
- 
--sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
--	$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-+sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o sftp_provider.o
-+	$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o sftp_provider.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
- 
- sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
- 	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
-@@ -225,9 +226,18 @@ umac128.o:	umac.c
- 	    -Dumac_update=umac128_update -Dumac_final=umac128_final \
- 	    -Dumac_delete=umac128_delete -Dumac_ctx=umac128_ctx
- 
-+# dtrace sftp
-+sftp_provider.h: $(srcdir)/sftp_provider.d
-+	/usr/sbin/dtrace -xnolibs -h -s $(srcdir)/sftp_provider.d \
-+	    -o $(srcdir)/sftp_provider.h
-+
-+sftp_provider.o: sftp_provider.d sftp_provider.h sftp-server.o
-+	/usr/sbin/dtrace -G -32 -xnolibs -s $(srcdir)/sftp_provider.d \
-+	    sftp-server.o -o sftp_provider.o
-+
- clean:	regressclean
- 	rm -f *.o *.a $(TARGETS) logintest config.cache config.log
--	rm -f *.out core survey
-+	rm -f *.out core survey sftp_provider.h
- 	rm -f regress/unittests/test_helper/*.a
- 	rm -f regress/unittests/test_helper/*.o
- 	rm -f regress/unittests/sshbuf/*.o
-diff -pur old/sftp-server.c new/sftp-server.c
---- old/sftp-server.c
-+++ new/sftp-server.c
-@@ -51,6 +51,9 @@
- 
- #include "sftp.h"
- #include "sftp-common.h"
-+#ifdef DTRACE_SFTP
-+#include "sftp_provider_impl.h"
-+#endif
- 
- /* Our verbosity */
- static LogLevel log_level = SYSLOG_LEVEL_ERROR;
-@@ -737,14 +740,17 @@ process_read(u_int32_t id)
- 	u_int32_t len;
- 	int r, handle, fd, ret, status = SSH2_FX_FAILURE;
- 	u_int64_t off;
-+	char *fpath;
- 
- 	if ((r = get_handle(iqueue, &handle)) != 0 ||
- 	    (r = sshbuf_get_u64(iqueue, &off)) != 0 ||
- 	    (r = sshbuf_get_u32(iqueue, &len)) != 0)
- 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
- 
--	debug("request %u: read \"%s\" (handle %d) off %llu len %d",
--	    id, handle_to_name(handle), handle, (unsigned long long)off, len);
-+	fpath = handle_to_name(handle);
-+ 
-+ 	debug("request %u: read \"%s\" (handle %d) off %llu len %d",
-+	    id, fpath, handle, (unsigned long long)off, len);
- 	if (len > sizeof buf) {
- 		len = sizeof buf;
- 		debug2("read change len %d", len);
-@@ -755,7 +761,13 @@ process_read(u_int32_t id)
- 			error("process_read: seek failed");
- 			status = errno_to_portable(errno);
- 		} else {
-+#ifdef DTRACE_SFTP
-+		        SFTP_TRANSFER_START_OP("read", fd, fpath, len);
-+#endif
- 			ret = read(fd, buf, len);
-+#ifdef DTRACE_SFTP
-+                        SFTP_TRANSFER_DONE_OP("read", fd, fpath, ret);
-+#endif
- 			if (ret < 0) {
- 				status = errno_to_portable(errno);
- 			} else if (ret == 0) {
-@@ -778,14 +790,16 @@ process_write(u_int32_t id)
- 	size_t len;
- 	int r, handle, fd, ret, status;
- 	u_char *data;
-+	char *fpath;
- 
- 	if ((r = get_handle(iqueue, &handle)) != 0 ||
- 	    (r = sshbuf_get_u64(iqueue, &off)) != 0 ||
- 	    (r = sshbuf_get_string(iqueue, &data, &len)) != 0)
- 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
- 
-+	fpath = handle_to_name(handle);
- 	debug("request %u: write \"%s\" (handle %d) off %llu len %zu",
--	    id, handle_to_name(handle), handle, (unsigned long long)off, len);
-+	    id, fpath, handle, (unsigned long long)off, len);
- 	fd = handle_to_fd(handle);
- 
- 	if (fd < 0)
-@@ -797,7 +811,14 @@ process_write(u_int32_t id)
- 			error("process_write: seek failed");
- 		} else {
- /* XXX ATOMICIO ? */
-+#ifdef DTRACE_SFTP
-+		        SFTP_TRANSFER_START_OP("write", fd, fpath, len);
-+#endif
- 			ret = write(fd, data, len);
-+#ifdef DTRACE_SFTP
-+			SFTP_TRANSFER_DONE_OP("write", fd, fpath, ret);
-+#endif
-+
- 			if (ret < 0) {
- 				error("process_write: write failed");
- 				status = errno_to_portable(errno);
branch	s11u3-sru
changeset 7620	c60efbddf9c8
parent 7619	4e1d20a92c16
child 7621	c11a68c3a63d