diff options
Diffstat (limited to 'debian/patches/gssapi.patch')
-rw-r--r-- | debian/patches/gssapi.patch | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch index 6ce8a62bf..fd3b9b630 100644 --- a/debian/patches/gssapi.patch +++ b/debian/patches/gssapi.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 6dfd41bb6858c6446c1da47449e2108fbabf220e Mon Sep 17 00:00:00 2001 | 1 | From 8c27af53099b50387dda97c0aae36194197186f6 Mon Sep 17 00:00:00 2001 |
2 | From: Simon Wilkinson <simon@sxw.org.uk> | 2 | From: Simon Wilkinson <simon@sxw.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 |
4 | Subject: GSSAPI key exchange support | 4 | Subject: GSSAPI key exchange support |
@@ -17,7 +17,7 @@ have it merged into the main openssh package rather than having separate | |||
17 | security history. | 17 | security history. |
18 | 18 | ||
19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 | 19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 |
20 | Last-Updated: 2016-01-04 | 20 | Last-Updated: 2016-03-21 |
21 | 21 | ||
22 | Patch-Name: gssapi.patch | 22 | Patch-Name: gssapi.patch |
23 | --- | 23 | --- |
@@ -36,7 +36,7 @@ Patch-Name: gssapi.patch | |||
36 | kex.c | 16 +++ | 36 | kex.c | 16 +++ |
37 | kex.h | 14 +++ | 37 | kex.h | 14 +++ |
38 | kexgssc.c | 336 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ | 38 | kexgssc.c | 336 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
39 | kexgsss.c | 295 ++++++++++++++++++++++++++++++++++++++++++++++++ | 39 | kexgsss.c | 294 ++++++++++++++++++++++++++++++++++++++++++++++++ |
40 | monitor.c | 108 +++++++++++++++++- | 40 | monitor.c | 108 +++++++++++++++++- |
41 | monitor.h | 3 + | 41 | monitor.h | 3 + |
42 | monitor_wrap.c | 47 +++++++- | 42 | monitor_wrap.c | 47 +++++++- |
@@ -54,7 +54,7 @@ Patch-Name: gssapi.patch | |||
54 | sshd_config.5 | 10 ++ | 54 | sshd_config.5 | 10 ++ |
55 | sshkey.c | 3 +- | 55 | sshkey.c | 3 +- |
56 | sshkey.h | 1 + | 56 | sshkey.h | 1 + |
57 | 33 files changed, 1951 insertions(+), 46 deletions(-) | 57 | 33 files changed, 1950 insertions(+), 46 deletions(-) |
58 | create mode 100644 ChangeLog.gssapi | 58 | create mode 100644 ChangeLog.gssapi |
59 | create mode 100644 kexgssc.c | 59 | create mode 100644 kexgssc.c |
60 | create mode 100644 kexgsss.c | 60 | create mode 100644 kexgsss.c |
@@ -1637,10 +1637,10 @@ index 0000000..a49bac2 | |||
1637 | +#endif /* GSSAPI */ | 1637 | +#endif /* GSSAPI */ |
1638 | diff --git a/kexgsss.c b/kexgsss.c | 1638 | diff --git a/kexgsss.c b/kexgsss.c |
1639 | new file mode 100644 | 1639 | new file mode 100644 |
1640 | index 0000000..0847469 | 1640 | index 0000000..dd8ba1d |
1641 | --- /dev/null | 1641 | --- /dev/null |
1642 | +++ b/kexgsss.c | 1642 | +++ b/kexgsss.c |
1643 | @@ -0,0 +1,295 @@ | 1643 | @@ -0,0 +1,294 @@ |
1644 | +/* | 1644 | +/* |
1645 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. | 1645 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. |
1646 | + * | 1646 | + * |
@@ -1753,13 +1753,12 @@ index 0000000..0847469 | |||
1753 | + min = packet_get_int(); | 1753 | + min = packet_get_int(); |
1754 | + nbits = packet_get_int(); | 1754 | + nbits = packet_get_int(); |
1755 | + max = packet_get_int(); | 1755 | + max = packet_get_int(); |
1756 | + min = MAX(DH_GRP_MIN, min); | ||
1757 | + max = MIN(DH_GRP_MAX, max); | ||
1758 | + packet_check_eom(); | 1756 | + packet_check_eom(); |
1759 | + if (max < min || nbits < min || max < nbits) | 1757 | + if (max < min || nbits < min || max < nbits) |
1760 | + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", | 1758 | + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", |
1761 | + min, nbits, max); | 1759 | + min, nbits, max); |
1762 | + dh = PRIVSEP(choose_dh(min, nbits, max)); | 1760 | + dh = PRIVSEP(choose_dh(MAX(DH_GRP_MIN, min), |
1761 | + nbits, MIN(DH_GRP_MAX, max))); | ||
1763 | + if (dh == NULL) | 1762 | + if (dh == NULL) |
1764 | + packet_disconnect("Protocol error: no matching group found"); | 1763 | + packet_disconnect("Protocol error: no matching group found"); |
1765 | + | 1764 | + |