From 293c73c93a790c08b429f461ab30ab1b809152d6 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Mon, 27 Feb 2012 06:57:06 -0500
Subject: SSH: Use fchmod instead of chmod on known_hosts file

---
 src/responder/ssh/sshsrv_cmd.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index 40d9c5201..33f042a35 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -476,6 +476,7 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
 
     fd = mkstemp(filename);
     if (fd == -1) {
+        filename = NULL;
         ret = errno;
         goto done;
     }
@@ -547,10 +548,7 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
         dom = dom->next;
     }
 
-    close(fd);
-    fd = -1;
-
-    ret = chmod(filename, 0644);
+    ret = fchmod(fd, 0644);
     if (ret == -1) {
         ret = errno;
         goto done;
@@ -565,10 +563,8 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
     ret = EOK;
 
 done:
-    if (fd != -1) {
-        close(fd);
-        unlink(filename);
-    }
+    if (fd != -1) close(fd);
+    if (ret != EOK && filename) unlink(filename);
     talloc_free(tmp_ctx);
 
     return ret;
-- 
cgit