Fill fields in legacy certificates with random data (#784641)
This commit is contained in:
parent
9e4020a205
commit
10e85cd595
|
@ -0,0 +1,14 @@
|
||||||
|
diff --git a/key.c b/key.c
|
||||||
|
index 57ad9fd..5886d44 100644
|
||||||
|
--- a/key.c
|
||||||
|
+++ b/key.c
|
||||||
|
@@ -1517,8 +1517,8 @@ key_certify(Key *k, Key *ca)
|
||||||
|
buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
|
||||||
|
|
||||||
|
/* -v01 certs put nonce first */
|
||||||
|
+ arc4random_buf(&nonce, sizeof(nonce));
|
||||||
|
if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT) {
|
||||||
|
- arc4random_buf(&nonce, sizeof(nonce));
|
||||||
|
buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
|
||||||
|
}
|
||||||
|
|
|
@ -143,6 +143,8 @@ Patch81: openssh-5.6p1-clientloop.patch
|
||||||
Patch82:openssh-5.6p1-getaddrinfo.patch
|
Patch82:openssh-5.6p1-getaddrinfo.patch
|
||||||
#https://bugzilla.mindrot.org/show_bug.cgi?id=1838
|
#https://bugzilla.mindrot.org/show_bug.cgi?id=1838
|
||||||
Patch83:openssh-5.6p1-linux-oomkiller.patch
|
Patch83:openssh-5.6p1-linux-oomkiller.patch
|
||||||
|
#https://bugzilla.redhat.com//show_bug.cgi?id=784641
|
||||||
|
Patch84:openssh-5.6p1-legacy-certificate.patch
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
|
@ -328,6 +330,7 @@ popd
|
||||||
%patch81 -p1 -b .clientloop
|
%patch81 -p1 -b .clientloop
|
||||||
%patch82 -p1 -b .getaddrinfo
|
%patch82 -p1 -b .getaddrinfo
|
||||||
%patch83 -p0 -b .oomkiller
|
%patch83 -p0 -b .oomkiller
|
||||||
|
%patch84 -p1 -b .legacy
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
||||||
|
|
Loading…
Reference in New Issue