Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/99-sha2-regression.patch
branchs11u3-sru
changeset 7946 165bf092aa9c 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssh/patches/99-sha2-regression.patch	Tue Apr 25 15:08:28 2017 -0700
@@ -0,0 +1,74 @@
+#
+# Temporary patch for 7.4p1 regression fixed in 7.5
+# From upstream
+# Remove when upgrading 
+#
+# https://bugzilla.mindrot.org/show_bug.cgi?id=2680
+# fix regression in 7.4 server-sig-algs,
+# accidentally excluding SHA2 RSA signature methods.
+#
+
+diff -rupN old/kex.c new/kex.c
+--- old/kex.c	2017-03-28 19:08:53.584501767 -0700
++++ new/kex.c	2017-03-28 19:22:26.034204047 -0700
+@@ -388,7 +388,7 @@ kex_send_ext_info(struct ssh *ssh)
+ 	int r;
+ 	char *algs;
+ 
+-	if ((algs = sshkey_alg_list(0, 1, ',')) == NULL)
++	if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL)
+ 		return SSH_ERR_ALLOC_FAIL;
+ 	if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
+ 	    (r = sshpkt_put_u32(ssh, 1)) != 0 ||
+diff -rupN old/ssh.c new/ssh.c
+--- old/ssh.c	2017-03-28 19:08:53.587726975 -0700
++++ new/ssh.c	2017-03-28 19:25:10.561309338 -0700
+@@ -697,11 +697,11 @@ main(int ac, char **av)
+ 			else if (strcmp(optarg, "kex") == 0)
+ 				cp = kex_alg_list('\n');
+ 			else if (strcmp(optarg, "key") == 0)
+-				cp = sshkey_alg_list(0, 0, '\n');
++				cp = sshkey_alg_list(0, 0, 0, '\n');
+ 			else if (strcmp(optarg, "key-cert") == 0)
+-				cp = sshkey_alg_list(1, 0, '\n');
++				cp = sshkey_alg_list(1, 0, 0, '\n');
+ 			else if (strcmp(optarg, "key-plain") == 0)
+-				cp = sshkey_alg_list(0, 1, '\n');
++				cp = sshkey_alg_list(0, 1, 0, '\n');
+ 			else if (strcmp(optarg, "protocol-version") == 0) {
+ #ifdef WITH_SSH1
+ 				cp = xstrdup("1\n2");
+diff -rupN old/sshkey.c new/sshkey.c
+--- old/sshkey.c	2017-03-28 19:08:53.590992687 -0700
++++ new/sshkey.c	2017-03-28 19:32:28.309848396 -0700
+@@ -235,14 +235,16 @@ sshkey_ecdsa_nid_from_name(const char *n
+ }
+ 
+ char *
+-sshkey_alg_list(int certs_only, int plain_only, char sep)
++sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
+ {
+ 	char *tmp, *ret = NULL;
+ 	size_t nlen, rlen = 0;
+ 	const struct keytype *kt;
+ 
+ 	for (kt = keytypes; kt->type != -1; kt++) {
+-		if (kt->name == NULL || kt->sigonly)
++		if (kt->name == NULL)
++			continue;
++		if (!include_sigonly && kt->sigonly)
+ 			continue;
+ 		if ((certs_only && !kt->cert) || (plain_only && kt->cert))
+ 			continue;
+diff -rupN old/sshkey.h new/sshkey.h
+--- old/sshkey.h	2017-03-28 19:08:53.594083865 -0700
++++ new/sshkey.h	2017-03-28 19:33:39.322046181 -0700
+@@ -157,7 +157,7 @@ int		 sshkey_ec_validate_private(const E
+ const char	*sshkey_ssh_name(const struct sshkey *);
+ const char	*sshkey_ssh_name_plain(const struct sshkey *);
+ int		 sshkey_names_valid2(const char *, int);
+-char		*sshkey_alg_list(int, int, char);
++char		*sshkey_alg_list(int, int, int, char);
+ 
+ int	 sshkey_from_blob(const u_char *, size_t, struct sshkey **);
+ int	 sshkey_fromb(struct sshbuf *, struct sshkey **);
upstream/oracle/userland-gate