From 014fe81ce37382cb0ab2e4d427dca0c04edf3241 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Apr 08 2013 21:45:04 +0000 Subject: fix several issues with empty MAC in openssh-6.2p1-audit.patch --- diff --git a/openssh-6.2p1-audit.patch b/openssh-6.2p1-audit.patch index 83a3914..9a5d23c 100644 --- a/openssh-6.2p1-audit.patch +++ b/openssh-6.2p1-audit.patch @@ -95,7 +95,7 @@ index 6135591..5160869 100644 +} #endif /* BSM */ diff --git a/audit-linux.c b/audit-linux.c -index b3ee2f4..115e2be 100644 +index b3ee2f4..43904ee 100644 --- a/audit-linux.c +++ b/audit-linux.c @@ -35,13 +35,24 @@ @@ -387,8 +387,8 @@ index b3ee2f4..115e2be 100644 + Cipher *cipher = cipher_by_name(enc); + char *s; + -+ snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d ", -+ direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, ++ snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d mac=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d ", ++ direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, mac, + (intmax_t)pid, (intmax_t)uid, + get_remote_port(), (s = get_local_ipaddr(packet_get_connection_in())), get_local_port()); + xfree(s); @@ -1464,7 +1464,7 @@ index 2caa469..1a15066 100644 }; diff --git a/monitor_wrap.c b/monitor_wrap.c -index 350c960..5f32844 100644 +index 350c960..8c3599d 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -431,7 +431,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) @@ -1504,6 +1504,15 @@ index 350c960..5f32844 100644 /* Export key state after authentication */ Newkeys * mm_newkeys_from_blob(u_char *blob, int blen) +@@ -480,7 +494,7 @@ mm_newkeys_from_blob(u_char *blob, int blen) + buffer_init(&b); + buffer_append(&b, blob, blen); + +- newkey = xmalloc(sizeof(*newkey)); ++ newkey = xcalloc(1, sizeof(*newkey)); + enc = &newkey->enc; + mac = &newkey->mac; + comp = &newkey->comp; @@ -640,12 +654,14 @@ mm_send_keystate(struct monitor *monitor) fatal("%s: conversion of newkeys failed", __func__); @@ -1589,7 +1598,7 @@ index 350c960..5f32844 100644 + buffer_init(&m); + buffer_put_int(&m, ctos); + buffer_put_cstring(&m, cipher); -+ buffer_put_cstring(&m, mac); ++ buffer_put_cstring(&m, (mac ? mac : "")); + buffer_put_cstring(&m, compress); + buffer_put_int64(&m, pid); + buffer_put_int64(&m, uid); @@ -1661,7 +1670,7 @@ index 0c7f2e3..f47c7df 100644 struct Session; diff --git a/packet.c b/packet.c -index a51c1f2..0756a59 100644 +index a51c1f2..faa3a85 100644 --- a/packet.c +++ b/packet.c @@ -60,6 +60,7 @@ @@ -1721,7 +1730,7 @@ index a51c1f2..0756a59 100644 } /* Sets remote side protocol flags. */ -@@ -729,6 +740,23 @@ packet_send1(void) +@@ -729,6 +740,25 @@ packet_send1(void) */ } @@ -1733,8 +1742,10 @@ index a51c1f2..0756a59 100644 + + xfree(newkeys->enc.name); + -+ mac_clear(&newkeys->mac); -+ xfree(newkeys->mac.name); ++ if (newkeys->mac.enabled) { ++ mac_clear(&newkeys->mac); ++ xfree(newkeys->mac.name); ++ } + + xfree(newkeys->comp.name); + @@ -1745,7 +1756,7 @@ index a51c1f2..0756a59 100644 void set_newkeys(int mode) { -@@ -754,21 +782,9 @@ set_newkeys(int mode) +@@ -754,21 +784,9 @@ set_newkeys(int mode) } if (active_state->newkeys[mode] != NULL) { debug("set_newkeys: rekeying"); @@ -1769,7 +1780,7 @@ index a51c1f2..0756a59 100644 } active_state->newkeys[mode] = kex_get_newkeys(mode); if (active_state->newkeys[mode] == NULL) -@@ -1971,6 +1987,47 @@ packet_get_newkeys(int mode) +@@ -1971,6 +1989,47 @@ packet_get_newkeys(int mode) return (void *)active_state->newkeys[mode]; } @@ -1817,7 +1828,7 @@ index a51c1f2..0756a59 100644 /* * Save the state for the real connection, and use a separate state when * resuming a suspended connection. -@@ -1978,18 +2035,12 @@ packet_get_newkeys(int mode) +@@ -1978,18 +2037,12 @@ packet_get_newkeys(int mode) void packet_backup_state(void) { @@ -1837,7 +1848,7 @@ index a51c1f2..0756a59 100644 } /* -@@ -2006,9 +2057,7 @@ packet_restore_state(void) +@@ -2006,9 +2059,7 @@ packet_restore_state(void) backup_state = active_state; active_state = tmp; active_state->connection_in = backup_state->connection_in; @@ -1847,7 +1858,7 @@ index a51c1f2..0756a59 100644 len = buffer_len(&backup_state->input); if (len > 0) { buf = buffer_ptr(&backup_state->input); -@@ -2016,4 +2065,10 @@ packet_restore_state(void) +@@ -2016,4 +2067,10 @@ packet_restore_state(void) buffer_clear(&backup_state->input); add_recv_bytes(len); }