forked from rpms/openssh
standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
This commit is contained in:
parent
cef0d582b6
commit
817071dc4d
76
openssh-6.6.1p1-NI_MAXHOST.patch
Normal file
76
openssh-6.6.1p1-NI_MAXHOST.patch
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
diff --git a/ChangeLog b/ChangeLog
|
||||||
|
index 928999d..3887495 100644
|
||||||
|
--- a/ChangeLog
|
||||||
|
+++ b/ChangeLog
|
||||||
|
@@ -1,3 +1,10 @@
|
||||||
|
+20140703
|
||||||
|
+ - OpenBSD CVS Sync
|
||||||
|
+ - djm@cvs.openbsd.org 2014/07/03 03:34:09
|
||||||
|
+ [gss-serv.c session.c ssh-keygen.c]
|
||||||
|
+ standardise on NI_MAXHOST for gethostname() string lengths; about
|
||||||
|
+ 1/2 the cases were using it already. Fixes bz#2239 en passant
|
||||||
|
+
|
||||||
|
20140420
|
||||||
|
- (djm) [bufaux.c compat.c compat.h sshconnect2.c sshd.c version.h]
|
||||||
|
OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519
|
||||||
|
diff --git a/gss-serv.c b/gss-serv.c
|
||||||
|
index 14f540e..29916d3 100644
|
||||||
|
--- a/gss-serv.c
|
||||||
|
+++ b/gss-serv.c
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-/* $OpenBSD: gss-serv.c,v 1.26 2014/02/26 20:28:44 djm Exp $ */
|
||||||
|
+/* $OpenBSD: gss-serv.c,v 1.27 2014/07/03 03:34:09 djm Exp $ */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||||
|
@@ -102,14 +102,14 @@ static OM_uint32
|
||||||
|
ssh_gssapi_acquire_cred(Gssctxt *ctx)
|
||||||
|
{
|
||||||
|
OM_uint32 status;
|
||||||
|
- char lname[MAXHOSTNAMELEN];
|
||||||
|
+ char lname[NI_MAXHOST];
|
||||||
|
gss_OID_set oidset;
|
||||||
|
|
||||||
|
if (options.gss_strict_acceptor) {
|
||||||
|
gss_create_empty_oid_set(&status, &oidset);
|
||||||
|
gss_add_oid_set_member(&status, ctx->oid, &oidset);
|
||||||
|
|
||||||
|
- if (gethostname(lname, MAXHOSTNAMELEN)) {
|
||||||
|
+ if (gethostname(lname, sizeof(lname))) {
|
||||||
|
gss_release_oid_set(&status, &oidset);
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
diff --git a/session.c b/session.c
|
||||||
|
index ba4589b..e4add93 100644
|
||||||
|
--- a/session.c
|
||||||
|
+++ b/session.c
|
||||||
|
@@ -49,6 +49,7 @@
|
||||||
|
#include <errno.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <grp.h>
|
||||||
|
+#include <netdb.h>
|
||||||
|
#ifdef HAVE_PATHS_H
|
||||||
|
#include <paths.h>
|
||||||
|
#endif
|
||||||
|
@@ -2669,7 +2670,7 @@ session_setup_x11fwd(Session *s)
|
||||||
|
{
|
||||||
|
struct stat st;
|
||||||
|
char display[512], auth_display[512];
|
||||||
|
- char hostname[MAXHOSTNAMELEN];
|
||||||
|
+ char hostname[NI_MAXHOST];
|
||||||
|
u_int i;
|
||||||
|
|
||||||
|
if (no_x11_forwarding_flag) {
|
||||||
|
diff --git a/ssh-keygen.c b/ssh-keygen.c
|
||||||
|
index 482dc1c..66198e6 100644
|
||||||
|
--- a/ssh-keygen.c
|
||||||
|
+++ b/ssh-keygen.c
|
||||||
|
@@ -165,7 +165,7 @@ int rounds = 0;
|
||||||
|
/* argv0 */
|
||||||
|
extern char *__progname;
|
||||||
|
|
||||||
|
-char hostname[MAXHOSTNAMELEN];
|
||||||
|
+char hostname[NI_MAXHOST];
|
||||||
|
|
||||||
|
/* moduli.c */
|
||||||
|
int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
|
@ -189,6 +189,8 @@ Patch908: openssh-6.6p1-CVE-2014-2653.patch
|
|||||||
# OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519 key exchange incorrectly
|
# OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519 key exchange incorrectly
|
||||||
# Disable the curve25519 KEX when speaking to OpenSSH 6.5 or 6.6
|
# Disable the curve25519 KEX when speaking to OpenSSH 6.5 or 6.6
|
||||||
Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch
|
Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch
|
||||||
|
# standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
|
||||||
|
Patch910: openssh-6.6.1p1-NI_MAXHOST.patch
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
@ -392,6 +394,7 @@ popd
|
|||||||
%patch907 -p1 -b .CLOCK_BOOTTIME
|
%patch907 -p1 -b .CLOCK_BOOTTIME
|
||||||
%patch908 -p1 -b .CVE-2014-2653
|
%patch908 -p1 -b .CVE-2014-2653
|
||||||
%patch909 -p1 -b .6.6.1
|
%patch909 -p1 -b .6.6.1
|
||||||
|
%patch910 -p1 -b .NI_MAXHOST
|
||||||
|
|
||||||
%patch200 -p1 -b .audit
|
%patch200 -p1 -b .audit
|
||||||
%patch700 -p1 -b .fips
|
%patch700 -p1 -b .fips
|
||||||
|
Loading…
Reference in New Issue
Block a user