equal
deleted
inserted
replaced
|
1 # |
|
2 # Unregister the KEXINIT handler after message has been received. |
|
3 # |
|
4 # CVE-2016-8858 |
|
5 # |
|
6 # Patch source: upstream |
|
7 # https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe |
|
8 # |
|
9 # We will drop this patch when upgrading to OpenSSH 7.4 or later. |
|
10 # |
|
11 diff -pur old/kex.c new/kex.c |
|
12 --- old/kex.c |
|
13 +++ new/kex.c |
|
14 @@ -517,6 +517,7 @@ kex_input_kexinit(int type, u_int32_t se |
|
15 if (kex == NULL) |
|
16 return SSH_ERR_INVALID_ARGUMENT; |
|
17 |
|
18 + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); |
|
19 ptr = sshpkt_ptr(ssh, &dlen); |
|
20 if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) |
|
21 return r; |