fix several issues with empty MAC in openssh-6.2p1-audit.patch

This commit is contained in:
Petr Lautrbach 2013-04-08 18:44:17 +02:00
parent d3d59da0b5
commit 014fe81ce3

View File

@ -95,7 +95,7 @@ index 6135591..5160869 100644
+} +}
#endif /* BSM */ #endif /* BSM */
diff --git a/audit-linux.c b/audit-linux.c diff --git a/audit-linux.c b/audit-linux.c
index b3ee2f4..115e2be 100644 index b3ee2f4..43904ee 100644
--- a/audit-linux.c --- a/audit-linux.c
+++ b/audit-linux.c +++ b/audit-linux.c
@@ -35,13 +35,24 @@ @@ -35,13 +35,24 @@
@ -387,8 +387,8 @@ index b3ee2f4..115e2be 100644
+ Cipher *cipher = cipher_by_name(enc); + Cipher *cipher = cipher_by_name(enc);
+ char *s; + char *s;
+ +
+ snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d ", + snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d mac=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
+ direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, + direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, mac,
+ (intmax_t)pid, (intmax_t)uid, + (intmax_t)pid, (intmax_t)uid,
+ get_remote_port(), (s = get_local_ipaddr(packet_get_connection_in())), get_local_port()); + get_remote_port(), (s = get_local_ipaddr(packet_get_connection_in())), get_local_port());
+ xfree(s); + xfree(s);
@ -1464,7 +1464,7 @@ index 2caa469..1a15066 100644
}; };
diff --git a/monitor_wrap.c b/monitor_wrap.c diff --git a/monitor_wrap.c b/monitor_wrap.c
index 350c960..5f32844 100644 index 350c960..8c3599d 100644
--- a/monitor_wrap.c --- a/monitor_wrap.c
+++ b/monitor_wrap.c +++ b/monitor_wrap.c
@@ -431,7 +431,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) @@ -431,7 +431,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
@ -1504,6 +1504,15 @@ index 350c960..5f32844 100644
/* Export key state after authentication */ /* Export key state after authentication */
Newkeys * Newkeys *
mm_newkeys_from_blob(u_char *blob, int blen) mm_newkeys_from_blob(u_char *blob, int blen)
@@ -480,7 +494,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)
buffer_init(&b);
buffer_append(&b, blob, blen);
- newkey = xmalloc(sizeof(*newkey));
+ newkey = xcalloc(1, sizeof(*newkey));
enc = &newkey->enc;
mac = &newkey->mac;
comp = &newkey->comp;
@@ -640,12 +654,14 @@ mm_send_keystate(struct monitor *monitor) @@ -640,12 +654,14 @@ mm_send_keystate(struct monitor *monitor)
fatal("%s: conversion of newkeys failed", __func__); fatal("%s: conversion of newkeys failed", __func__);
@ -1589,7 +1598,7 @@ index 350c960..5f32844 100644
+ buffer_init(&m); + buffer_init(&m);
+ buffer_put_int(&m, ctos); + buffer_put_int(&m, ctos);
+ buffer_put_cstring(&m, cipher); + buffer_put_cstring(&m, cipher);
+ buffer_put_cstring(&m, mac); + buffer_put_cstring(&m, (mac ? mac : ""));
+ buffer_put_cstring(&m, compress); + buffer_put_cstring(&m, compress);
+ buffer_put_int64(&m, pid); + buffer_put_int64(&m, pid);
+ buffer_put_int64(&m, uid); + buffer_put_int64(&m, uid);
@ -1661,7 +1670,7 @@ index 0c7f2e3..f47c7df 100644
struct Session; struct Session;
diff --git a/packet.c b/packet.c diff --git a/packet.c b/packet.c
index a51c1f2..0756a59 100644 index a51c1f2..faa3a85 100644
--- a/packet.c --- a/packet.c
+++ b/packet.c +++ b/packet.c
@@ -60,6 +60,7 @@ @@ -60,6 +60,7 @@
@ -1721,7 +1730,7 @@ index a51c1f2..0756a59 100644
} }
/* Sets remote side protocol flags. */ /* Sets remote side protocol flags. */
@@ -729,6 +740,23 @@ packet_send1(void) @@ -729,6 +740,25 @@ packet_send1(void)
*/ */
} }
@ -1733,8 +1742,10 @@ index a51c1f2..0756a59 100644
+ +
+ xfree(newkeys->enc.name); + xfree(newkeys->enc.name);
+ +
+ mac_clear(&newkeys->mac); + if (newkeys->mac.enabled) {
+ xfree(newkeys->mac.name); + mac_clear(&newkeys->mac);
+ xfree(newkeys->mac.name);
+ }
+ +
+ xfree(newkeys->comp.name); + xfree(newkeys->comp.name);
+ +
@ -1745,7 +1756,7 @@ index a51c1f2..0756a59 100644
void void
set_newkeys(int mode) set_newkeys(int mode)
{ {
@@ -754,21 +782,9 @@ set_newkeys(int mode) @@ -754,21 +784,9 @@ set_newkeys(int mode)
} }
if (active_state->newkeys[mode] != NULL) { if (active_state->newkeys[mode] != NULL) {
debug("set_newkeys: rekeying"); debug("set_newkeys: rekeying");
@ -1769,7 +1780,7 @@ index a51c1f2..0756a59 100644
} }
active_state->newkeys[mode] = kex_get_newkeys(mode); active_state->newkeys[mode] = kex_get_newkeys(mode);
if (active_state->newkeys[mode] == NULL) if (active_state->newkeys[mode] == NULL)
@@ -1971,6 +1987,47 @@ packet_get_newkeys(int mode) @@ -1971,6 +1989,47 @@ packet_get_newkeys(int mode)
return (void *)active_state->newkeys[mode]; return (void *)active_state->newkeys[mode];
} }
@ -1817,7 +1828,7 @@ index a51c1f2..0756a59 100644
/* /*
* Save the state for the real connection, and use a separate state when * Save the state for the real connection, and use a separate state when
* resuming a suspended connection. * resuming a suspended connection.
@@ -1978,18 +2035,12 @@ packet_get_newkeys(int mode) @@ -1978,18 +2037,12 @@ packet_get_newkeys(int mode)
void void
packet_backup_state(void) packet_backup_state(void)
{ {
@ -1837,7 +1848,7 @@ index a51c1f2..0756a59 100644
} }
/* /*
@@ -2006,9 +2057,7 @@ packet_restore_state(void) @@ -2006,9 +2059,7 @@ packet_restore_state(void)
backup_state = active_state; backup_state = active_state;
active_state = tmp; active_state = tmp;
active_state->connection_in = backup_state->connection_in; active_state->connection_in = backup_state->connection_in;
@ -1847,7 +1858,7 @@ index a51c1f2..0756a59 100644
len = buffer_len(&backup_state->input); len = buffer_len(&backup_state->input);
if (len > 0) { if (len > 0) {
buf = buffer_ptr(&backup_state->input); buf = buffer_ptr(&backup_state->input);
@@ -2016,4 +2065,10 @@ packet_restore_state(void) @@ -2016,4 +2067,10 @@ packet_restore_state(void)
buffer_clear(&backup_state->input); buffer_clear(&backup_state->input);
add_recv_bytes(len); add_recv_bytes(len);
} }