fix several issues with empty MAC in openssh-6.2p1-audit.patch
This commit is contained in:
Petr Lautrbach
parent
d3d59da0b5
commit
014fe81ce3
@ -95,7 +95,7 @@ index 6135591..5160869 100644
|
||||
+}
|
||||
#endif /* BSM */
|
||||
diff --git a/audit-linux.c b/audit-linux.c
|
||||
index b3ee2f4..115e2be 100644
|
||||
index b3ee2f4..43904ee 100644
|
||||
--- a/audit-linux.c
|
||||
+++ b/audit-linux.c
|
||||
@@ -35,13 +35,24 @@
|
||||
@ -387,8 +387,8 @@ index b3ee2f4..115e2be 100644
|
||||
+ Cipher *cipher = cipher_by_name(enc);
|
||||
+ char *s;
|
||||
+
|
||||
+ snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
|
||||
+ direction[ctos], enc, cipher ? 8 * cipher->key_len : 0,
|
||||
+ snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d mac=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
|
||||
+ direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, mac,
|
||||
+ (intmax_t)pid, (intmax_t)uid,
|
||||
+ get_remote_port(), (s = get_local_ipaddr(packet_get_connection_in())), get_local_port());
|
||||
+ xfree(s);
|
||||
@ -1464,7 +1464,7 @@ index 2caa469..1a15066 100644
|
||||
};
|
||||
|
||||
diff --git a/monitor_wrap.c b/monitor_wrap.c
|
||||
index 350c960..5f32844 100644
|
||||
index 350c960..8c3599d 100644
|
||||
--- a/monitor_wrap.c
|
||||
+++ b/monitor_wrap.c
|
||||
@@ -431,7 +431,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
|
||||
@ -1504,6 +1504,15 @@ index 350c960..5f32844 100644
|
||||
/* Export key state after authentication */
|
||||
Newkeys *
|
||||
mm_newkeys_from_blob(u_char *blob, int blen)
|
||||
@@ -480,7 +494,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)
|
||||
buffer_init(&b);
|
||||
buffer_append(&b, blob, blen);
|
||||
|
||||
- newkey = xmalloc(sizeof(*newkey));
|
||||
+ newkey = xcalloc(1, sizeof(*newkey));
|
||||
enc = &newkey->enc;
|
||||
mac = &newkey->mac;
|
||||
comp = &newkey->comp;
|
||||
@@ -640,12 +654,14 @@ mm_send_keystate(struct monitor *monitor)
|
||||
fatal("%s: conversion of newkeys failed", __func__);
|
||||
|
||||
@ -1589,7 +1598,7 @@ index 350c960..5f32844 100644
|
||||
+ buffer_init(&m);
|
||||
+ buffer_put_int(&m, ctos);
|
||||
+ buffer_put_cstring(&m, cipher);
|
||||
+ buffer_put_cstring(&m, mac);
|
||||
+ buffer_put_cstring(&m, (mac ? mac : ""));
|
||||
+ buffer_put_cstring(&m, compress);
|
||||
+ buffer_put_int64(&m, pid);
|
||||
+ buffer_put_int64(&m, uid);
|
||||
@ -1661,7 +1670,7 @@ index 0c7f2e3..f47c7df 100644
|
||||
|
||||
struct Session;
|
||||
diff --git a/packet.c b/packet.c
|
||||
index a51c1f2..0756a59 100644
|
||||
index a51c1f2..faa3a85 100644
|
||||
--- a/packet.c
|
||||
+++ b/packet.c
|
||||
@@ -60,6 +60,7 @@
|
||||
@ -1721,7 +1730,7 @@ index a51c1f2..0756a59 100644
|
||||
}
|
||||
|
||||
/* Sets remote side protocol flags. */
|
||||
@@ -729,6 +740,23 @@ packet_send1(void)
|
||||
@@ -729,6 +740,25 @@ packet_send1(void)
|
||||
*/
|
||||
}
|
||||
|
||||
@ -1733,8 +1742,10 @@ index a51c1f2..0756a59 100644
|
||||
+
|
||||
+ xfree(newkeys->enc.name);
|
||||
+
|
||||
+ mac_clear(&newkeys->mac);
|
||||
+ xfree(newkeys->mac.name);
|
||||
+ if (newkeys->mac.enabled) {
|
||||
+ mac_clear(&newkeys->mac);
|
||||
+ xfree(newkeys->mac.name);
|
||||
+ }
|
||||
+
|
||||
+ xfree(newkeys->comp.name);
|
||||
+
|
||||
@ -1745,7 +1756,7 @@ index a51c1f2..0756a59 100644
|
||||
void
|
||||
set_newkeys(int mode)
|
||||
{
|
||||
@@ -754,21 +782,9 @@ set_newkeys(int mode)
|
||||
@@ -754,21 +784,9 @@ set_newkeys(int mode)
|
||||
}
|
||||
if (active_state->newkeys[mode] != NULL) {
|
||||
debug("set_newkeys: rekeying");
|
||||
@ -1769,7 +1780,7 @@ index a51c1f2..0756a59 100644
|
||||
}
|
||||
active_state->newkeys[mode] = kex_get_newkeys(mode);
|
||||
if (active_state->newkeys[mode] == NULL)
|
||||
@@ -1971,6 +1987,47 @@ packet_get_newkeys(int mode)
|
||||
@@ -1971,6 +1989,47 @@ packet_get_newkeys(int mode)
|
||||
return (void *)active_state->newkeys[mode];
|
||||
}
|
||||
|
||||
@ -1817,7 +1828,7 @@ index a51c1f2..0756a59 100644
|
||||
/*
|
||||
* Save the state for the real connection, and use a separate state when
|
||||
* resuming a suspended connection.
|
||||
@@ -1978,18 +2035,12 @@ packet_get_newkeys(int mode)
|
||||
@@ -1978,18 +2037,12 @@ packet_get_newkeys(int mode)
|
||||
void
|
||||
packet_backup_state(void)
|
||||
{
|
||||
@ -1837,7 +1848,7 @@ index a51c1f2..0756a59 100644
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -2006,9 +2057,7 @@ packet_restore_state(void)
|
||||
@@ -2006,9 +2059,7 @@ packet_restore_state(void)
|
||||
backup_state = active_state;
|
||||
active_state = tmp;
|
||||
active_state->connection_in = backup_state->connection_in;
|
||||
@ -1847,7 +1858,7 @@ index a51c1f2..0756a59 100644
|
||||
len = buffer_len(&backup_state->input);
|
||||
if (len > 0) {
|
||||
buf = buffer_ptr(&backup_state->input);
|
||||
@@ -2016,4 +2065,10 @@ packet_restore_state(void)
|
||||
@@ -2016,4 +2067,10 @@ packet_restore_state(void)
|
||||
buffer_clear(&backup_state->input);
|
||||
add_recv_bytes(len);
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user