Bugzilla – Attachment 2242 Details for
Bug 2089
filter out bad host key algorithms
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
host_key_alg_filter.patch
file_2089.txt (text/plain), 2.13 KB, created by
Pierre Ossman
on 2013-04-15 18:52:09 AEST
(
hide
)
Description:
host_key_alg_filter.patch
Filename:
MIME Type:
Creator:
Pierre Ossman
Created:
2013-04-15 18:52:09 AEST
Size:
2.13 KB
patch
obsolete
>Index: key.c >=================================================================== >--- key.c (revision 27041) >+++ key.c (working copy) >@@ -1306,26 +1306,30 @@ > return -1; > } > >-int >-key_names_valid2(const char *names) >+const char * >+key_names_filter_invalid(const char *names) > { >- char *s, *cp, *p; >+ char *s, *cp, *p, *filtered; > > if (names == NULL || strcmp(names, "") == 0) >- return 0; >+ return xstrdup(""); > s = cp = xstrdup(names); >+ filtered = xmalloc(strlen(names) + 1); >+ *filtered = '\0'; > for ((p = strsep(&cp, ",")); p && *p != '\0'; > (p = strsep(&cp, ","))) { > switch (key_type_from_name(p)) { > case KEY_RSA1: > case KEY_UNSPEC: >- xfree(s); >- return 0; >+ error("Bad protocol 2 host key algorithm '%s'", p); >+ continue; > } >+ if (*filtered != '\0') >+ strcat(filtered, ","); >+ strcat(filtered, p); > } >- debug3("key names ok: [%s]", names); > xfree(s); >- return 1; >+ return filtered; > } > > static int >Index: key.h >=================================================================== >--- key.h (revision 27041) >+++ key.h (working copy) >@@ -132,7 +132,7 @@ > int key_to_blob(const Key *, u_char **, u_int *); > const char *key_ssh_name(const Key *); > const char *key_ssh_name_plain(const Key *); >-int key_names_valid2(const char *); >+const char *key_names_filter_invalid(const char *); > > int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int); > int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); >Index: readconf.c >=================================================================== >--- readconf.c (revision 27041) >+++ readconf.c (working copy) >@@ -741,11 +741,8 @@ > arg = strdelim(&s); > if (!arg || *arg == '\0') > fatal("%.200s line %d: Missing argument.", filename, linenum); >- if (!key_names_valid2(arg)) >- fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", >- filename, linenum, arg ? arg : "<NONE>"); > if (*activep && options->hostkeyalgorithms == NULL) >- options->hostkeyalgorithms = xstrdup(arg); >+ options->hostkeyalgorithms = key_names_filter_invalid(arg); > break; > > case oProtocol:
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2242">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2089
: 2242