From b475e2b3e925d80e1b0d3c6b1efde0e1ed13fede Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Mon, 11 Jul 2016 21:38:13 +0000
Subject: [PATCH] Add missing "recvfd" pledge promise: Raf Czlonka reported ssh
 coredumps when Control* keywords were set in ssh_config. This patch also
 fixes similar problems with scp and sftp.

ok deraadt, looks good to millert
---
 usr.bin/ssh/clientloop.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index 7356ee2804e..67409643812 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.284 2016/02/08 10:57:07 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.285 2016/07/11 21:38:13 tb Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1500,7 +1500,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 	if (options.control_master &&
 	    ! option_clear_or_none(options.control_path)) {
 		debug("pledge: id");
-		if (pledge("stdio rpath wpath cpath unix inet dns proc exec id tty",
+		if (pledge("stdio rpath wpath cpath unix inet dns recvfd proc exec id tty",
 		    NULL) == -1)
 			fatal("%s pledge(): %s", __func__, strerror(errno));
 
-- 
2.20.1