vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Source Code
GIT

Blame openssh-4.3p2-allow-ip-opts.patch

c10s-sig-hyperscale c10s-sig-hyperscale-2 c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   546fdd9f47ae3ee05f2ae27a1bbca6a61fde9380
  2.   openssh-4.3p2-allow-ip-opts.patch
Blob History Raw
Tomáš Mráz ac4818 
From: Paul Moore <paul.moore@hp.com>
Tomáš Mráz ac4818 
Subject: OpenSSH: fix option handling on incoming connections
Tomáš Mráz ac4818
Tomáš Mráz ac4818 
OpenSSH rejects incoming connections if any IP options are present when the
Tomáš Mráz ac4818 
comments state that they are only concerned with source routing options.  This
Tomáš Mráz ac4818 
connection rejection causes problems with CIPSO which uses IP options to tag
Tomáš Mráz ac4818 
packets with security attributes.
Tomáš Mráz ac4818
Tomáš Mráz ac4818 
This patch modifies the check_ip_options() function to only fail if loose or
Tomáš Mráz ac4818 
strict source routing options are present, all other options are allowed.
Tomáš Mráz ac4818
Tomáš Mráz ac4818 
Signed-off-by: Paul Moore <paul.moore@hp.com>
Tomáš Mráz ac4818
Tomáš Mráz ac4818 
---
Tomáš Mráz ac4818 
 canohost.c |   23 +++++++++++++++++------
Tomáš Mráz ac4818 
 1 file changed, 17 insertions(+), 6 deletions(-)
Tomáš Mráz ac4818
Tomáš Mráz ac4818 
Index: openssh-4.3p2/canohost.c
Tomáš Mráz ac4818 
===================================================================
Tomáš Mráz ac4818 
--- openssh-4.3p2.orig/canohost.c
Tomáš Mráz ac4818 
+++ openssh-4.3p2/canohost.c
Tomáš Mráz ac4818 
@@ -146,6 +146,7 @@ check_ip_options(int sock, char *ipaddr)
Tomáš Mráz ac4818 
 	u_int i;
Tomáš Mráz ac4818 
 	int ipproto;
Tomáš Mráz ac4818 
 	struct protoent *ip;
Tomáš Mráz ac4818 
+	u_int opt_iter;
Tomáš Mráz ac4818
Tomáš Mráz ac4818 
 	if ((ip = getprotobyname("ip")) != NULL)
Tomáš Mráz ac4818 
 		ipproto = ip->p_proto;
Tomáš Mráz ac4818 
@@ -154,13 +155,23 @@ check_ip_options(int sock, char *ipaddr)
Tomáš Mráz ac4818 
 	option_size = sizeof(options);
Tomáš Mráz ac4818 
 	if (getsockopt(sock, ipproto, IP_OPTIONS, options,
Tomáš Mráz ac4818 
 	    &option_size) >= 0 && option_size != 0) {
Tomáš Mráz ac4818 
-		text[0] = '\0';
Tomáš Mráz ac4818 
-		for (i = 0; i < option_size; i++)
Tomáš Mráz ac4818 
-			snprintf(text + i*3, sizeof(text) - i*3,
Tomáš Mráz ac4818 
-			    " %2.2x", options[i]);
Tomáš Mráz ac4818 
-		fatal("Connection from %.100s with IP options:%.800s",
Tomáš Mráz ac4818 
-		    ipaddr, text);
Tomáš Mráz ac4818 
+		opt_iter = 0;
Tomáš Mráz ac4818 
+		do {
Tomáš Mráz ac4818 
+			/* Fail, fatally, if we detect either loose or strict
Tomáš Mráz ac4818 
+			 * source routing options. */
Tomáš Mráz ac4818 
+			if (options[opt_iter] == 131 ||
Tomáš Mráz ac4818 
+			    options[opt_iter] == 137)
Tomáš Mráz ac4818 
+				goto fail;
Tomáš Mráz ac4818 
+			opt_iter += options[opt_iter + 1] + 2;
Tomáš Mráz ac4818 
+		} while (opt_iter < option_size);
Tomáš Mráz ac4818 
 	}
Tomáš Mráz ac4818 
+	return;
Tomáš Mráz ac4818 
+
Tomáš Mráz ac4818 
+fail:
Tomáš Mráz ac4818 
+	text[0] = '\0';
Tomáš Mráz ac4818 
+	for (i = 0; i < option_size; i++)
Tomáš Mráz ac4818 
+		snprintf(text + i*3, sizeof(text) - i*3, " %2.2x", options[i]);
Tomáš Mráz ac4818 
+	fatal("Connection from %.100s with IP options:%.800s", ipaddr, text);
Tomáš Mráz ac4818 
 #endif /* IP_OPTIONS */
Tomáš Mráz ac4818 
 }
Tomáš Mráz ac4818

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation