upstream: Split per-connection sshd-session binary

This splits the user authentication code from the sshd-session
binary into a separate sshd-auth binary. This will be executed by
sshd-session to complete the user authentication phase of the
protocol only.

Splitting this code into a separate binary ensures that the crucial
pre-authentication attack surface has an entirely disjoint address
space from the code used for the rest of the connection. It also
yields a small runtime memory saving as the authentication code will
be unloaded after thhe authentication phase completes.

Joint work with markus@ feedback deraadt@

Tested in snaps since last week

OpenBSD-Commit-ID: 9c3b2087ae08626ec31b4177b023db600e986d9c

1 files changed, 1 insertions, 16 deletions

diff --git a/sandbox-darwin.c b/sandbox-darwin.c
index 59b4d286e..08f4315b0 100644
--- a/sandbox-darwin.c
+++ b/sandbox-darwin.c
@@ -37,7 +37,7 @@
 /* Darwin/OS X sandbox */
 
 struct ssh_sandbox {
-	pid_t child_pid;
+	int junk;
 };
 
 struct ssh_sandbox *
@@ -51,8 +51,6 @@ ssh_sandbox_init(struct monitor *monitor)
 	 */
 	debug3("%s: preparing Darwin sandbox", __func__);
 	box = xcalloc(1, sizeof(*box));
-	box->child_pid = 0;
-
 	return box;
 }
 
@@ -83,17 +81,4 @@ ssh_sandbox_child(struct ssh_sandbox *box)
 			__func__, strerror(errno));
 }
 
-void
-ssh_sandbox_parent_finish(struct ssh_sandbox *box)
-{
-	free(box);
-	debug3("%s: finished", __func__);
-}
-
-void
-ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
-{
-	box->child_pid = child_pid;
-}
-
 #endif /* SANDBOX_DARWIN */