Bugzilla – Attachment 1289 Details for
Bug 1290
sshd dies if passed host key with relative path on command line
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
better patch
sshdabspath.diff (text/plain), 2.42 KB, created by
Damien Miller
on 2007-05-18 17:18:56 AEST
(
hide
)
Description:
better patch
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2007-05-18 17:18:56 AEST
Size:
2.42 KB
patch
obsolete
>Index: sshd.c >=================================================================== >RCS file: /var/cvs/openssh/sshd.c,v >retrieving revision 1.363 >diff -u -p -r1.363 sshd.c >--- sshd.c 21 Mar 2007 09:38:53 -0000 1.363 >+++ sshd.c 18 May 2007 07:17:31 -0000 >@@ -1219,7 +1219,6 @@ server_accept_loop(int *sock_in, int *so > } > } > >- > /* > * Main program for the daemon. > */ >@@ -1337,7 +1336,11 @@ main(int ac, char **av) > break; > case 'h': > if (options.num_host_key_files >= MAX_HOSTKEYS) { >- fprintf(stderr, "too many host keys.\n"); >+ fprintf(stderr, "Too many host keys.\n"); >+ exit(1); >+ } >+ if (*optarg != '/') { >+ fprintf(stderr, "Host key path is not absolute\n"); > exit(1); > } > options.host_key_files[options.num_host_key_files++] = optarg; >@@ -1452,9 +1455,6 @@ main(int ac, char **av) > /* load private host keys */ > sensitive_data.host_keys = xcalloc(options.num_host_key_files, > sizeof(Key *)); >- for (i = 0; i < options.num_host_key_files; i++) >- sensitive_data.host_keys[i] = NULL; >- > for (i = 0; i < options.num_host_key_files; i++) { > key = key_load_private(options.host_key_files[i], "", NULL); > sensitive_data.host_keys[i] = key; >Index: servconf.c >=================================================================== >RCS file: /var/cvs/openssh/servconf.c,v >retrieving revision 1.162 >diff -u -p -r1.162 servconf.c >--- servconf.c 21 Mar 2007 09:38:53 -0000 1.162 >+++ servconf.c 18 May 2007 07:17:31 -0000 >@@ -773,12 +773,17 @@ parse_filename: > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >+ cp = tilde_expand_filename(arg, getuid()); >+ if (*cp != '/') >+ fatal("%s line %d: path is not absolute.", >+ filename, linenum); > if (*activep && *charptr == NULL) { >- *charptr = tilde_expand_filename(arg, getuid()); >+ *charptr = cp; > /* increase optional counter */ > if (intptr != NULL) > *intptr = *intptr + 1; >- } >+ } else >+ xfree(cp); > break; > > case sPidFile: >@@ -1157,7 +1162,12 @@ parse_flag: > charptr = (opcode == sAuthorizedKeysFile) ? > &options->authorized_keys_file : > &options->authorized_keys_file2; >- goto parse_filename; >+ arg = strdelim(&cp); >+ if (!arg || *arg == '\0') >+ fatal("%s line %d: missing file name.", >+ filename, linenum); >+ if (*activep && *charptr == NULL) >+ *charptr = tilde_expand_filename(arg, getuid()); > > case sClientAliveInterval: > intptr = &options->client_alive_interval;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1289">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1290
:
1288
|
1289
|
1290
|
1776