Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch')
-rw-r--r--net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch156
1 files changed, 0 insertions, 156 deletions
diff --git a/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch b/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch
deleted file mode 100644
index 931d63360a12..000000000000
--- a/net-libs/libssh/files/libssh-0.7.5-fix-internal-algo-selection.patch
+++ /dev/null
@@ -1,156 +0,0 @@
-From 4893f9515da2696490e6bbe9aaf51f2ef9678b0f Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Thu, 24 Aug 2017 16:28:39 +0200
-Subject: [PATCH 2/2] ssh_options_set_algo: ensure we only set known algorithms
- internally
-
-That way, we will not fail later on key exchange phase when something
-unknown is negotiated.
-
-Fixes T37
-
-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Reviewed-by: Andreas Schneider <asn@samba.org>
-(cherry picked from commit 895055ab38e7716390019aae5e11771a88b99d26)
-Signed-off-by: Mihai Moldovan <ionic@ionic.de>
----
- include/libssh/kex.h | 1 +
- src/kex.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++
- src/options.c | 11 ++++----
- 3 files changed, 81 insertions(+), 6 deletions(-)
-
-diff --git a/include/libssh/kex.h b/include/libssh/kex.h
-index 1a5b6d41..23594985 100644
---- a/include/libssh/kex.h
-+++ b/include/libssh/kex.h
-@@ -41,6 +41,7 @@ void ssh_list_kex(struct ssh_kex_struct *kex);
- int set_client_kex(ssh_session session);
- int ssh_kex_select_methods(ssh_session session);
- int verify_existing_algo(int algo, const char *name);
-+char *keep_known_algos(int algo, const char *list);
- char **space_tokenize(const char *chain);
- int ssh_get_kex1(ssh_session session);
- char *ssh_find_matching(const char *in_d, const char *what_d);
-diff --git a/src/kex.c b/src/kex.c
-index 519d79ce..f0c9d067 100644
---- a/src/kex.c
-+++ b/src/kex.c
-@@ -281,6 +281,71 @@ char *ssh_find_matching(const char *available_d, const char *preferred_d){
- return NULL;
- }
-
-+static char *ssh_find_all_matching(const char *available_d,
-+ const char *preferred_d)
-+{
-+ char **tok_available, **tok_preferred;
-+ int i_avail, i_pref;
-+ char *ret;
-+ unsigned max, len, pos = 0;
-+
-+ if ((available_d == NULL) || (preferred_d == NULL)) {
-+ return NULL; /* don't deal with null args */
-+ }
-+
-+ max = MAX(strlen(available_d), strlen(preferred_d));
-+
-+ ret = malloc(max+1);
-+ if (ret == NULL) {
-+ return NULL;
-+ }
-+ ret[0] = 0;
-+
-+ tok_available = tokenize(available_d);
-+ if (tok_available == NULL) {
-+ SAFE_FREE(ret);
-+ return NULL;
-+ }
-+
-+ tok_preferred = tokenize(preferred_d);
-+ if (tok_preferred == NULL) {
-+ SAFE_FREE(ret);
-+ SAFE_FREE(tok_available[0]);
-+ SAFE_FREE(tok_available);
-+ return NULL;
-+ }
-+
-+ for (i_pref = 0; tok_preferred[i_pref] ; ++i_pref) {
-+ for (i_avail = 0; tok_available[i_avail]; ++i_avail) {
-+ int cmp = strcmp(tok_available[i_avail],tok_preferred[i_pref]);
-+ if (cmp == 0) {
-+ /* match */
-+ if (pos != 0) {
-+ ret[pos] = ',';
-+ pos++;
-+ }
-+
-+ len = strlen(tok_available[i_avail]);
-+ memcpy(&ret[pos], tok_available[i_avail], len);
-+ pos += len;
-+ ret[pos] = '\0';
-+ }
-+ }
-+ }
-+
-+ if (ret[0] == '\0') {
-+ SAFE_FREE(ret);
-+ ret = NULL;
-+ }
-+
-+ SAFE_FREE(tok_available[0]);
-+ SAFE_FREE(tok_preferred[0]);
-+ SAFE_FREE(tok_available);
-+ SAFE_FREE(tok_preferred);
-+
-+ return ret;
-+}
-+
- /**
- * @internal
- * @brief returns whether the first client key exchange algorithm or
-@@ -668,4 +733,14 @@ int verify_existing_algo(int algo, const char *name){
- return 0;
- }
-
-+/* returns a copy of the provided list if everything is supported,
-+ * otherwise a new list of the supported algorithms */
-+char *keep_known_algos(int algo, const char *list)
-+{
-+ if ((algo > 9) || (algo < 0)) {
-+ return NULL;
-+ }
-+
-+ return ssh_find_all_matching(supported_methods[algo], list);
-+}
- /* vim: set ts=2 sw=2 et cindent: */
-diff --git a/src/options.c b/src/options.c
-index aed2dda5..34fe9cc7 100644
---- a/src/options.c
-+++ b/src/options.c
-@@ -164,7 +164,10 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) {
-
- int ssh_options_set_algo(ssh_session session, int algo,
- const char *list) {
-- if (!verify_existing_algo(algo, list)) {
-+ char *p = NULL;
-+
-+ p = keep_known_algos(algo, list);
-+ if (p == NULL) {
- ssh_set_error(session, SSH_REQUEST_DENIED,
- "Setting method: no algorithm for method \"%s\" (%s)\n",
- ssh_kex_get_description(algo), list);
-@@ -172,11 +175,7 @@ int ssh_options_set_algo(ssh_session session, int algo,
- }
-
- SAFE_FREE(session->opts.wanted_methods[algo]);
-- session->opts.wanted_methods[algo] = strdup(list);
-- if (session->opts.wanted_methods[algo] == NULL) {
-- ssh_set_error_oom(session);
-- return -1;
-- }
-+ session->opts.wanted_methods[algo] = p;
-
- return 0;
- }
---
-2.15.1
-