rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Properly allocate buffer for gsskex (#1624323)

Browse Source
This commit is contained in:
Jakub Jelen 2018-08-31 11:01:22 +02:00
parent 9409715f65
commit 90edc0cc1d
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openssh-7.8p1-gsskex.patch
View File

@ -28,7 +28,7 @@ diff -up openssh/auth2-gss.c.gsskex openssh/auth2-gss.c
#include "xmalloc.h"
#include "sshkey.h"
@@ -54,6 +55,41 @@ static int input_gssapi_mic(int type, u_
@@ -54,6 +55,44 @@ static int input_gssapi_mic(int type, u_
static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh);
static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
@ -49,6 +49,9 @@ diff -up openssh/auth2-gss.c.gsskex openssh/auth2-gss.c
+
+ packet_check_eom();
+
+ if ((b = sshbuf_new()) == NULL)
+ fatal("%s: sshbuf_new failed", __func__);
+
+ ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
+ "gssapi-keyex");
+
@ -2559,7 +2562,7 @@ diff -up openssh/sshconnect2.c.gsskex openssh/sshconnect2.c
ok = 1; /* Mechanism works */
} else {
mech++;
@@ -906,6 +1098,48 @@ input_gssapi_error(int type, u_int32_t p
@@ -906,6 +1098,51 @@ input_gssapi_error(int type, u_int32_t p
free(lang);
return r;
}
@ -2581,6 +2584,9 @@ diff -up openssh/sshconnect2.c.gsskex openssh/sshconnect2.c
+ return (0);
+ }
+
+ if ((b = sshbuf_new()) == NULL)
+ fatal("%s: sshbuf_new failed", __func__);
+
+ ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service,
+ "gssapi-keyex");
+