mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-25 11:22:10 +00:00
- markus@cvs.openbsd.org 2006/11/07 10:31:31
[monitor.c version.h] correctly check for bad signatures in the monitor, otherwise the monitor and the unpriv process can get out of sync. with dtucker@, ok djm@, dtucker@
This commit is contained in:
parent
0bc85579a9
commit
fbba735aa3
@ -6,6 +6,11 @@
|
|||||||
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
|
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
|
||||||
ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
|
ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
|
||||||
add missing checks for openssl return codes; with & ok djm@
|
add missing checks for openssl return codes; with & ok djm@
|
||||||
|
- markus@cvs.openbsd.org 2006/11/07 10:31:31
|
||||||
|
[monitor.c version.h]
|
||||||
|
correctly check for bad signatures in the monitor, otherwise the monitor
|
||||||
|
and the unpriv process can get out of sync. with dtucker@, ok djm@,
|
||||||
|
dtucker@
|
||||||
|
|
||||||
20061105
|
20061105
|
||||||
- (djm) OpenBSD CVS Sync
|
- (djm) OpenBSD CVS Sync
|
||||||
@ -2597,4 +2602,4 @@
|
|||||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.4585 2006/11/07 12:14:41 dtucker Exp $
|
$Id: ChangeLog,v 1.4586 2006/11/07 12:16:08 dtucker Exp $
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */
|
/* $OpenBSD: monitor.c,v 1.89 2006/11/07 10:31:31 markus Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||||
@ -350,7 +350,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
|
|||||||
/* The first few requests do not require asynchronous access */
|
/* The first few requests do not require asynchronous access */
|
||||||
while (!authenticated) {
|
while (!authenticated) {
|
||||||
auth_method = "unknown";
|
auth_method = "unknown";
|
||||||
authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
|
authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
|
||||||
if (authenticated) {
|
if (authenticated) {
|
||||||
if (!(ent->flags & MON_AUTHDECIDE))
|
if (!(ent->flags & MON_AUTHDECIDE))
|
||||||
fatal("%s: unexpected authentication from %d",
|
fatal("%s: unexpected authentication from %d",
|
||||||
@ -1217,7 +1217,7 @@ mm_answer_keyverify(int sock, Buffer *m)
|
|||||||
|
|
||||||
verified = key_verify(key, signature, signaturelen, data, datalen);
|
verified = key_verify(key, signature, signaturelen, data, datalen);
|
||||||
debug3("%s: key %p signature %s",
|
debug3("%s: key %p signature %s",
|
||||||
__func__, key, verified ? "verified" : "unverified");
|
__func__, key, (verified == 1) ? "verified" : "unverified");
|
||||||
|
|
||||||
key_free(key);
|
key_free(key);
|
||||||
xfree(blob);
|
xfree(blob);
|
||||||
@ -1232,7 +1232,7 @@ mm_answer_keyverify(int sock, Buffer *m)
|
|||||||
buffer_put_int(m, verified);
|
buffer_put_int(m, verified);
|
||||||
mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
|
mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
|
||||||
|
|
||||||
return (verified);
|
return (verified == 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/* $OpenBSD: version.h,v 1.47 2006/08/30 00:14:37 djm Exp $ */
|
/* $OpenBSD: version.h,v 1.48 2006/11/07 10:31:31 markus Exp $ */
|
||||||
|
|
||||||
#define SSH_VERSION "OpenSSH_4.4"
|
#define SSH_VERSION "OpenSSH_4.5"
|
||||||
|
|
||||||
#define SSH_PORTABLE "p1"
|
#define SSH_PORTABLE "p1"
|
||||||
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
|
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
|
||||||
|
Loading…
Reference in New Issue
Block a user