standardise on NI_MAXHOST for gethostname() string lengths (#1051490)

This commit is contained in:
Petr Lautrbach 2014-07-17 14:26:49 +02:00
parent cef0d582b6
commit 817071dc4d
2 changed files with 79 additions and 0 deletions

View File

@ -0,0 +1,76 @@
diff --git a/ChangeLog b/ChangeLog
index 928999d..3887495 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+20140703
+ - OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2014/07/03 03:34:09
+ [gss-serv.c session.c ssh-keygen.c]
+ standardise on NI_MAXHOST for gethostname() string lengths; about
+ 1/2 the cases were using it already. Fixes bz#2239 en passant
+
20140420
- (djm) [bufaux.c compat.c compat.h sshconnect2.c sshd.c version.h]
OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519
diff --git a/gss-serv.c b/gss-serv.c
index 14f540e..29916d3 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-serv.c,v 1.26 2014/02/26 20:28:44 djm Exp $ */
+/* $OpenBSD: gss-serv.c,v 1.27 2014/07/03 03:34:09 djm Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -102,14 +102,14 @@ static OM_uint32
ssh_gssapi_acquire_cred(Gssctxt *ctx)
{
OM_uint32 status;
- char lname[MAXHOSTNAMELEN];
+ char lname[NI_MAXHOST];
gss_OID_set oidset;
if (options.gss_strict_acceptor) {
gss_create_empty_oid_set(&status, &oidset);
gss_add_oid_set_member(&status, ctx->oid, &oidset);
- if (gethostname(lname, MAXHOSTNAMELEN)) {
+ if (gethostname(lname, sizeof(lname))) {
gss_release_oid_set(&status, &oidset);
return (-1);
}
diff --git a/session.c b/session.c
index ba4589b..e4add93 100644
--- a/session.c
+++ b/session.c
@@ -49,6 +49,7 @@
#include <errno.h>
#include <fcntl.h>
#include <grp.h>
+#include <netdb.h>
#ifdef HAVE_PATHS_H
#include <paths.h>
#endif
@@ -2669,7 +2670,7 @@ session_setup_x11fwd(Session *s)
{
struct stat st;
char display[512], auth_display[512];
- char hostname[MAXHOSTNAMELEN];
+ char hostname[NI_MAXHOST];
u_int i;
if (no_x11_forwarding_flag) {
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 482dc1c..66198e6 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -165,7 +165,7 @@ int rounds = 0;
/* argv0 */
extern char *__progname;
-char hostname[MAXHOSTNAMELEN];
+char hostname[NI_MAXHOST];
/* moduli.c */
int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);

View File

@ -189,6 +189,8 @@ Patch908: openssh-6.6p1-CVE-2014-2653.patch
# OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519 key exchange incorrectly
# Disable the curve25519 KEX when speaking to OpenSSH 6.5 or 6.6
Patch909: openssh-5618210618256bbf5f4f71b2887ff186fd451736.patch
# standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
Patch910: openssh-6.6.1p1-NI_MAXHOST.patch
License: BSD
Group: Applications/Internet
@ -392,6 +394,7 @@ popd
%patch907 -p1 -b .CLOCK_BOOTTIME
%patch908 -p1 -b .CVE-2014-2653
%patch909 -p1 -b .6.6.1
%patch910 -p1 -b .NI_MAXHOST
%patch200 -p1 -b .audit
%patch700 -p1 -b .fips