summaryrefslogtreecommitdiffstats
path: root/security/hpn-ssh
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2003-09-17 16:07:48 +0000
committernectar <nectar@FreeBSD.org>2003-09-17 16:07:48 +0000
commit028b5a13793bb71c6e7c142efade429712866719 (patch)
tree639716dd229fa0b4959edd222091c8837a5e7b43 /security/hpn-ssh
parentea3a16f7c51d6249b252a362627f4df7dfcdb5dd (diff)
downloadFreeBSD-ports-028b5a13793bb71c6e7c142efade429712866719.zip
FreeBSD-ports-028b5a13793bb71c6e7c142efade429712866719.tar.gz
Add Solar Designer's additional fixes to buffer management.
Diffstat (limited to 'security/hpn-ssh')
-rw-r--r--security/hpn-ssh/Makefile2
-rw-r--r--security/hpn-ssh/files/patch-deattack.c17
-rw-r--r--security/hpn-ssh/files/patch-misc.c28
-rw-r--r--security/hpn-ssh/files/patch-session.c44
-rw-r--r--security/hpn-ssh/files/patch-ssh-agent.c44
5 files changed, 126 insertions, 9 deletions
diff --git a/security/hpn-ssh/Makefile b/security/hpn-ssh/Makefile
index 0694889..11edb8a 100644
--- a/security/hpn-ssh/Makefile
+++ b/security/hpn-ssh/Makefile
@@ -7,7 +7,7 @@
PORTNAME= openssh
PORTVERSION= 3.6.1p2
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/
diff --git a/security/hpn-ssh/files/patch-deattack.c b/security/hpn-ssh/files/patch-deattack.c
new file mode 100644
index 0000000..987f1d2
--- /dev/null
+++ b/security/hpn-ssh/files/patch-deattack.c
@@ -0,0 +1,17 @@
+--- deattack.c Tue Mar 5 01:53:05 2002
++++ deattack.c Wed Sep 17 00:18:30 2003
+@@ -100,12 +100,12 @@ detect_attack(u_char *buf, u_int32_t len
+
+ if (h == NULL) {
+ debug("Installing crc compensation attack detector.");
++ h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE);
+ n = l;
+- h = (u_int16_t *) xmalloc(n * HASH_ENTRYSIZE);
+ } else {
+ if (l > n) {
++ h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE);
+ n = l;
+- h = (u_int16_t *) xrealloc(h, n * HASH_ENTRYSIZE);
+ }
+ }
+
diff --git a/security/hpn-ssh/files/patch-misc.c b/security/hpn-ssh/files/patch-misc.c
new file mode 100644
index 0000000..b40e6d6
--- /dev/null
+++ b/security/hpn-ssh/files/patch-misc.c
@@ -0,0 +1,28 @@
+--- misc.c Mon Dec 23 02:44:36 2002
++++ misc.c Wed Sep 17 00:50:27 2003
+@@ -308,18 +308,21 @@ addargs(arglist *args, char *fmt, ...)
+ {
+ va_list ap;
+ char buf[1024];
++ int nalloc;
+
+ va_start(ap, fmt);
+ vsnprintf(buf, sizeof(buf), fmt, ap);
+ va_end(ap);
+
++ nalloc = args->nalloc;
+ if (args->list == NULL) {
+- args->nalloc = 32;
++ nalloc = 32;
+ args->num = 0;
+- } else if (args->num+2 >= args->nalloc)
+- args->nalloc *= 2;
++ } else if (args->num+2 >= nalloc)
++ nalloc *= 2;
+
+- args->list = xrealloc(args->list, args->nalloc * sizeof(char *));
++ args->list = xrealloc(args->list, nalloc * sizeof(char *));
++ args->nalloc = nalloc;
+ args->list[args->num++] = xstrdup(buf);
+ args->list[args->num] = NULL;
+ }
diff --git a/security/hpn-ssh/files/patch-session.c b/security/hpn-ssh/files/patch-session.c
index 251def2..c8baec2 100644
--- a/security/hpn-ssh/files/patch-session.c
+++ b/security/hpn-ssh/files/patch-session.c
@@ -1,5 +1,5 @@
---- session.c.orig Fri Mar 21 02:15:18 2003
-+++ session.c Mon Mar 31 16:10:35 2003
+--- session.c.orig Thu Mar 20 19:18:09 2003
++++ session.c Wed Sep 17 11:05:26 2003
@@ -64,6 +64,11 @@
#define is_winnt (GetVersion() < 0x80000000)
#endif
@@ -237,7 +237,35 @@
return 0;
}
-@@ -952,6 +1095,10 @@
+@@ -844,7 +987,7 @@
+ child_set_env(char ***envp, u_int *envsizep, const char *name,
+ const char *value)
+ {
+- u_int i, namelen;
++ u_int i, namelen, envsize;
+ char **env;
+
+ /*
+@@ -862,12 +1005,14 @@
+ xfree(env[i]);
+ } else {
+ /* New variable. Expand if necessary. */
+- if (i >= (*envsizep) - 1) {
+- if (*envsizep >= 1000)
++ envsize = *envsizep;
++ if (i >= envsize - 1) {
++ if (envsize >= 1000)
+ fatal("child_set_env: too many env vars,"
+ " skipping: %.100s", name);
+- (*envsizep) += 50;
+- env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
++ envsize += 50;
++ env = (*envp) = xrealloc(env, envsize * sizeof(char *));
++ *envsizep = envsize;
+ }
+ /* Need to set the NULL pointer at end of array beyond the new slot. */
+ env[i + 1] = NULL;
+@@ -952,6 +1097,10 @@
char buf[256];
u_int i, envsize;
char **env, *laddr;
@@ -248,7 +276,7 @@
struct passwd *pw = s->pw;
/* Initialize the environment. */
-@@ -959,6 +1106,9 @@
+@@ -959,6 +1108,9 @@
env = xmalloc(envsize * sizeof(char *));
env[0] = NULL;
@@ -258,7 +286,7 @@
#ifdef HAVE_CYGWIN
/*
* The Windows environment contains some setting which are
-@@ -1003,9 +1153,21 @@
+@@ -1003,9 +1155,21 @@
/* Normal systems set SHELL by default. */
child_set_env(&env, &envsize, "SHELL", shell);
@@ -282,7 +310,7 @@
/* Set custom environment options from RSA authentication. */
if (!options.use_login) {
-@@ -1219,7 +1381,7 @@
+@@ -1219,7 +1383,7 @@
setpgid(0, 0);
# endif
if (setusercontext(lc, pw, pw->pw_uid,
@@ -291,7 +319,7 @@
perror("unable to set user context");
exit(1);
}
-@@ -1382,7 +1544,7 @@
+@@ -1382,7 +1546,7 @@
* initgroups, because at least on Solaris 2.3 it leaves file
* descriptors open.
*/
@@ -300,7 +328,7 @@
close(i);
/*
-@@ -1412,6 +1574,31 @@
+@@ -1412,6 +1576,31 @@
exit(1);
#endif
}
diff --git a/security/hpn-ssh/files/patch-ssh-agent.c b/security/hpn-ssh/files/patch-ssh-agent.c
new file mode 100644
index 0000000..f50ae30
--- /dev/null
+++ b/security/hpn-ssh/files/patch-ssh-agent.c
@@ -0,0 +1,44 @@
+--- ssh-agent.c Sat Mar 15 00:37:09 2003
++++ ssh-agent.c Wed Sep 17 00:42:15 2003
+@@ -767,7 +767,7 @@ process_message(SocketEntry *e)
+ static void
+ new_socket(sock_type type, int fd)
+ {
+- u_int i, old_alloc;
++ u_int i, old_alloc, new_alloc;
+
+ if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
+ error("fcntl O_NONBLOCK: %s", strerror(errno));
+@@ -778,25 +778,26 @@ new_socket(sock_type type, int fd)
+ for (i = 0; i < sockets_alloc; i++)
+ if (sockets[i].type == AUTH_UNUSED) {
+ sockets[i].fd = fd;
+- sockets[i].type = type;
+ buffer_init(&sockets[i].input);
+ buffer_init(&sockets[i].output);
+ buffer_init(&sockets[i].request);
++ sockets[i].type = type;
+ return;
+ }
+ old_alloc = sockets_alloc;
+- sockets_alloc += 10;
++ new_alloc = sockets_alloc + 10;
+ if (sockets)
+- sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0]));
++ sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0]));
+ else
+- sockets = xmalloc(sockets_alloc * sizeof(sockets[0]));
+- for (i = old_alloc; i < sockets_alloc; i++)
++ sockets = xmalloc(new_alloc * sizeof(sockets[0]));
++ for (i = old_alloc; i < new_alloc; i++)
+ sockets[i].type = AUTH_UNUSED;
+- sockets[old_alloc].type = type;
++ sockets_alloc = new_alloc;
+ sockets[old_alloc].fd = fd;
+ buffer_init(&sockets[old_alloc].input);
+ buffer_init(&sockets[old_alloc].output);
+ buffer_init(&sockets[old_alloc].request);
++ sockets[old_alloc].type = type;
+ }
+
+ static int
OpenPOWER on IntegriCloud