Bug#495917: [openssh] netscreen complete fix patch

Wed, 19 Nov 2008 08:08:29 -0800 


Hi,

this is the complete fix from the OpenBSD cvs - applies with little
offsets, compiles and works for us (netscreen OS 5.4.x)

Flo

--- src/usr.bin/ssh/compat.c    2006/12/12 03:58:42     1.77
+++ src/usr.bin/ssh/compat.c    2008/09/11 15:22:37     1.78
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.77 2006/12/12 03:58:42 djm Exp $ */
+/* $OpenBSD: compat.c,v 1.78 2008/09/11 14:22:37 markus Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -89,7 +89,8 @@ compat_datafellows(const char *version)
                  "OpenSSH_3.1*",       SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR},
                { "OpenSSH_3.*",        SSH_OLD_FORWARD_ADDR },
                { "Sun_SSH_1.0*",       SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
-               { "OpenSSH*",           0 },
+               { "OpenSSH_4*",         0 },
+               { "OpenSSH*",           SSH_NEW_OPENSSH },
                { "*MindTerm*",         0 },
                { "2.1.0*",             SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
                                        SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
--- src/usr.bin/ssh/compat.h    2006/12/12 03:58:42     1.41
+++ src/usr.bin/ssh/compat.h    2008/09/11 15:22:37     1.42
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.h,v 1.41 2006/12/12 03:58:42 djm Exp $ */
+/* $OpenBSD: compat.h,v 1.42 2008/09/11 14:22:37 markus Exp $ */
 
 /*
  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
@@ -57,6 +57,7 @@
 #define SSH_BUG_FIRSTKEX       0x00800000
 #define SSH_OLD_FORWARD_ADDR   0x01000000
 #define SSH_BUG_RFWD_ADDR      0x02000000
+#define SSH_NEW_OPENSSH                0x04000000
 
 void     enable_compat13(void);
 void     enable_compat20(void);
--- src/usr.bin/ssh/ssh.c       2008/07/02 14:47:39     1.318
+++ src/usr.bin/ssh/ssh.c       2008/09/11 15:22:37     1.319
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.318 2008/07/02 13:47:39 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.319 2008/09/11 14:22:37 markus Exp $ */
 /*
  * Author: Tatu Ylonen <[EMAIL PROTECTED]>
  * Copyright (c) 1995 Tatu Ylonen <[EMAIL PROTECTED]>, Espoo, Finland
@@ -1181,7 +1181,8 @@ ssh_session2(void)
                id = ssh_session2_open();
 
        /* If we don't expect to open a new session, then disallow it */
-       if (options.control_master == SSHCTL_MASTER_NO) {
+       if (options.control_master == SSHCTL_MASTER_NO &&
+           (datafellows & SSH_NEW_OPENSSH)) {
                debug("Requesting [EMAIL PROTECTED]");
                packet_start(SSH2_MSG_GLOBAL_REQUEST);
                packet_put_cstring("[EMAIL PROTECTED]");


Flo
-- 
Florian Lohoff                  [EMAIL PROTECTED]             +49-171-2280134
        Those who would give up a little freedom to get a little 
          security shall soon have neither - Benjamin Franklin

Attachment: signature.asc
Description: Digital signature

Reply via email to