diff options
| author | dinoex <dinoex@FreeBSD.org> | 2002-06-26 15:21:27 +0000 |
|---|---|---|
| committer | dinoex <dinoex@FreeBSD.org> | 2002-06-26 15:21:27 +0000 |
| commit | 812a4b6d6d5e28701200837aebc7138208750138 (patch) | |
| tree | 984b72a809c5b84d86bc1f7e56c519792eb75f70 /security/openssh/files | |
| parent | 637278e08105e7dae7eba8419c8737b22532bf46 (diff) | |
| download | FreeBSD-ports-812a4b6d6d5e28701200837aebc7138208750138.zip FreeBSD-ports-812a4b6d6d5e28701200837aebc7138208750138.tar.gz | |
Security FIX, Please update to this Version.
Options for both:
USE_OPENSSL_BASE=yes
uses an older opensssl in the base system.
Options for portable:
OPENSSH_OVERWRITE_BASE=yes
includes USE_OPENSSL_BASE=yes
installls in the paths of the base system
Diffstat (limited to 'security/openssh/files')
| -rw-r--r-- | security/openssh/files/patch-auth2-chall.c | 66 |
1 files changed, 63 insertions, 3 deletions
diff --git a/security/openssh/files/patch-auth2-chall.c b/security/openssh/files/patch-auth2-chall.c index 488bdf9..80470f7 100644 --- a/security/openssh/files/patch-auth2-chall.c +++ b/security/openssh/files/patch-auth2-chall.c @@ -1,6 +1,6 @@ --- auth2-chall.c.orig Wed Jun 19 02:27:55 2002 -+++ auth2-chall.c Mon Jun 24 06:54:04 2002 -@@ -40,19 +40,19 @@ ++++ auth2-chall.c Wed Jun 26 16:59:05 2002 +@@ -40,20 +40,20 @@ #ifdef BSD_AUTH extern KbdintDevice bsdauth_device; @@ -22,7 +22,67 @@ + &pam_device, +#elif defined(SKEY) &skey_device, --#endif #endif +-#endif NULL }; + +@@ -63,6 +63,7 @@ + char *devices; + void *ctxt; + KbdintDevice *device; ++ u_int nreq; + }; + + static KbdintAuthctxt * +@@ -90,6 +91,7 @@ + debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); + kbdintctxt->ctxt = NULL; + kbdintctxt->device = NULL; ++ kbdintctxt->nreq = 0; + + return kbdintctxt; + } +@@ -209,26 +211,26 @@ + KbdintAuthctxt *kbdintctxt; + char *name, *instr, **prompts; + int i; +- u_int numprompts, *echo_on; ++ u_int *echo_on; + + kbdintctxt = authctxt->kbdintctxt; + if (kbdintctxt->device->query(kbdintctxt->ctxt, +- &name, &instr, &numprompts, &prompts, &echo_on)) ++ &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on)) + return 0; + + packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); + packet_put_cstring(name); + packet_put_cstring(instr); + packet_put_cstring(""); /* language not used */ +- packet_put_int(numprompts); +- for (i = 0; i < numprompts; i++) { ++ packet_put_int(kbdintctxt->nreq); ++ for (i = 0; i < kbdintctxt->nreq; i++) { + packet_put_cstring(prompts[i]); + packet_put_char(echo_on[i]); + } + packet_send(); + packet_write_wait(); + +- for (i = 0; i < numprompts; i++) ++ for (i = 0; i < kbdintctxt->nreq; i++) + xfree(prompts[i]); + xfree(prompts); + xfree(echo_on); +@@ -256,6 +258,10 @@ + + authctxt->postponed = 0; /* reset */ + nresp = packet_get_int(); ++ if (nresp != kbdintctxt->nreq) ++ fatal("input_userauth_info_response: wrong number of replies"); ++ if (nresp > 100) ++ fatal("input_userauth_info_response: too many replies"); + if (nresp > 0) { + response = xmalloc(nresp * sizeof(char*)); + for (i = 0; i < nresp; i++) |
