/[pkgs]/devel/openssh/openssh-5.2p1-allow-ip-opts.patch
ViewVC logotype

Contents of /devel/openssh/openssh-5.2p1-allow-ip-opts.patch

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.1 - (show annotations) (download) (as text)
Tue Sep 1 18:51:41 2009 UTC (2 months, 3 weeks ago) by jfch2222
Branch: MAIN
CVS Tags: openssh-5_2p1-28_fc12, openssh-5_3p1-10_fc13, F-12-split, openssh-5_2p1-24_fc12, openssh-5_3p1-4_fc13, openssh-5_2p1-27_fc12, openssh-5_2p1-25_fc12, openssh-5_2p1-29_fc13, openssh-5_2p1-23_fc12, openssh-5_3p1-1_fc13, openssh-5_3p1-2_fc13, openssh-5_3p1-5_fc13, openssh-5_3p1-3_fc13, openssh-5_3p1-6_fc13, openssh-5_3p1-9_fc13, openssh-5_3p1-7_fc13, openssh-5_2p1-26_fc12, openssh-5_3p1-8_fc13, HEAD
File MIME type: text/x-patch 
add correct patch for ip-opts
1 diff -up openssh-5.2p1/canohost.c.ip-opts openssh-5.2p1/canohost.c
2 --- openssh-5.2p1/canohost.c.ip-opts 2009-02-14 06:28:21.000000000 +0100
3 +++ openssh-5.2p1/canohost.c 2009-09-01 15:31:29.000000000 +0200
4 @@ -169,12 +169,27 @@ check_ip_options(int sock, char *ipaddr)
5 option_size = sizeof(options);
6 if (getsockopt(sock, ipproto, IP_OPTIONS, options,
7 &option_size) >= 0 && option_size != 0) {
8 - text[0] = '\0';
9 - for (i = 0; i < option_size; i++)
10 - snprintf(text + i*3, sizeof(text) - i*3,
11 - " %2.2x", options[i]);
12 - fatal("Connection from %.100s with IP options:%.800s",
13 - ipaddr, text);
14 + i = 0;
15 + do {
16 + switch (options[i]) {
17 + case 0:
18 + case 1:
19 + ++i;
20 + break;
21 + case 131:
22 + case 137:
23 + /* Fail, fatally, if we detect either loose or strict
24 + * source routing options. */
25 + text[0] = '\0';
26 + for (i = 0; i < option_size; i++)
27 + snprintf(text + i*3, sizeof(text) - i*3,
28 + " %2.2x", options[i]);
29 + fatal("Connection from %.100s with IP options:%.800s",
30 + ipaddr, text);
31 + default:
32 + i += options[i + 1];
33 + }
34 + } while (i < option_size);
35 }
36 #endif /* IP_OPTIONS */
37 }
admin@fedoraproject.org
 ViewVC Help
Powered by ViewVC 1.1.2