Re: Configure option '--with-ssh1' breaks openssh-7.3p1

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, Aug 03, 2016 at 01:38:15PM +1000, Darren Tucker wrote:
> OK, with this additional information I can now reproduce it.
> 
> Based on some quick experiments it seems to be triggered when sshd is
> built --with-ssh1 and the config does not *load* a Protocol 1 host
> key.

Looks like it was introducted here:
https://anongit.mindrot.org/openssh.git/commit/?id=1a31d02b
wherein

- buffer_put_int(&m, 0);
+ if ((r = sshbuf_put_u32(m, 1)) != 0)

This patch should fix it:

diff --git a/sshd.c b/sshd.c
index 799c771..8f2b322 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1071,7 +1071,7 @@ send_rexec_state(int fd, struct sshbuf *conf)
 			fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	} else
 #endif
-		if ((r = sshbuf_put_u32(m, 1)) != 0)
+		if ((r = sshbuf_put_u32(m, 0)) != 0)
 			fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
 #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux