dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Revert "Revert "openssh: security 7.3p1 -> 7.4p1""

Browse Source 
This reverts commit 661b5a9875.
This commit is contained in:
Graham Christensen 2016-12-28 19:14:24 -05:00
parent bbd03e236a
commit 11e8ed5ff4
No known key found for this signature in database
GPG Key ID: 06121D366FE9435C
3 changed files with 2 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch
View File

@ -1,37 +0,0 @@
diff --git a/kex.c b/kex.c
index 50c7a0f..823668b 100644
--- a/kex.c
+++ b/kex.c
@@ -419,6 +419,8 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt)
ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
if ((r = sshpkt_get_end(ssh)) != 0)
return r;
+ if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
+ return r;
kex->done = 1;
sshbuf_reset(kex->peer);
/* sshbuf_reset(kex->my); */
diff --git a/packet.c b/packet.c
index d6dad2d..f96566b 100644
--- a/packet.c
+++ b/packet.c
@@ -38,7 +38,7 @@
*/
#include "includes.h"
-
+
#include <sys/param.h> /* MIN roundup */
#include <sys/types.h>
#include "openbsd-compat/sys-queue.h"
@@ -1907,9 +1907,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
return r;
return SSH_ERR_PROTOCOL_ERROR;
}
- if (*typep == SSH2_MSG_NEWKEYS)
- r = ssh_set_newkeys(ssh, MODE_IN);
- else if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
+ if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
r = ssh_packet_enable_delayed_compress(ssh);
else
r = 0;

6
pkgs/tools/networking/openssh/default.nix
View File

@ -29,11 +29,11 @@ stdenv.mkDerivation rec {
# Please ensure that openssh_with_kerberos still builds when # Please ensure that openssh_with_kerberos still builds when
# bumping the version here! # bumping the version here!
name = "openssh-${version}"; name = "openssh-${version}";
version = "7.3p1"; version = "7.4p1";
src = fetchurl { src = fetchurl {
url = "mirror://openbsd/OpenSSH/portable/${name}.tar.gz"; url = "mirror://openbsd/OpenSSH/portable/${name}.tar.gz";
sha256 = "1k5y1wi29d47cgizbryxrhc1fbjsba2x8l5mqfa9b9nadnd9iyrz"; sha256 = "1l8r3x4fr2kb6xm95s7kjdif1wp6f94d4kljh4qjj9109shw87qv";
}; };
prePatch = optionalString hpnSupport prePatch = optionalString hpnSupport
@ -44,13 +44,11 @@ stdenv.mkDerivation rec {
patches = patches =
[ [
./RH-1380296-NEWKEYS-null-pointer-deref.patch
./locale_archive.patch ./locale_archive.patch
./fix-host-key-algorithms-plus.patch ./fix-host-key-algorithms-plus.patch
# See discussion in https://github.com/NixOS/nixpkgs/pull/16966 # See discussion in https://github.com/NixOS/nixpkgs/pull/16966
./dont_create_privsep_path.patch ./dont_create_privsep_path.patch
./fix-CVE-2016-8858.patch
] ]
++ optional withGssapiPatches gssapiSrc; ++ optional withGssapiPatches gssapiSrc;

11
pkgs/tools/networking/openssh/fix-CVE-2016-8858.patch
View File

@ -1,11 +0,0 @@
diff -u -r1.126 -r1.127
--- ssh/kex.c 2016/09/28 21:44:52 1.126
+++ ssh/kex.c 2016/10/10 19:28:48 1.127
@@ -461,6 +461,7 @@
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, &dlen);
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;