e8b9919265
- Fix preauth seccomp separation on mainframes (bsc#1016709) [openssh-7.2p2-s390_hw_crypto_syscalls.patch] [openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch] - enable case-insensitive hostname matching (bsc#1017099) [openssh-7.2p2-ssh_case_insensitive_host_matching.patch] - add CAVS tests [openssh-7.2p2-cavstest-ctr.patch] [openssh-7.2p2-cavstest-kdf.patch] - Adding missing pieces for user matching (bsc#1021626) - Properly verify CIDR masks in configuration (bsc#1005893) [openssh-7.2p2-verify_CIDR_address_ranges.patch] - Remove pre-auth compression support from the server to prevent possible cryptographic attacks. (CVE-2016-10012, bsc#1016370) [openssh-7.2p2-disable_preauth_compression.patch] - limit directories for loading PKCS11 modules (CVE-2016-10009, bsc#1016366) [openssh-7.2p2-restrict_pkcs11-modules.patch] - Prevent possible leaks of host private keys to low-privilege process handling authentication (CVE-2016-10011, bsc#1016369) [openssh-7.2p2-prevent_private_key_leakage.patch] - Do not allow unix socket forwarding when running without privilege separation (CVE-2016-10010, bsc#1016368) [openssh-7.2p2-secure_unix_sockets_forwarding.patch] - prevent resource depletion during key exchange (bsc#1005480, CVE-2016-8858) [openssh-7.2p2-kex_resource_depletion.patch] OBS-URL: https://build.opensuse.org/request/show/500279 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=117
73 lines
2.3 KiB
Diff
73 lines
2.3 KiB
Diff
# HG changeset patch
|
|
# Parent 9130c9e19c8a076a7f6f214070283cd3e0326894
|
|
Correctly parse DISPLAY variable for cases where it contains an IPv6 address
|
|
(which should - but not always is - in (square) brackets).
|
|
|
|
bnc#847710 - https://bugzilla.novell.com/show_bug.cgi?id=847710
|
|
|
|
diff --git a/openssh-7.2p2/channels.c b/openssh-7.2p2/channels.c
|
|
--- a/openssh-7.2p2/channels.c
|
|
+++ b/openssh-7.2p2/channels.c
|
|
@@ -4049,18 +4049,19 @@ x11_connect_display(void)
|
|
/* OK, we now have a connection to the display. */
|
|
return sock;
|
|
}
|
|
#endif
|
|
/*
|
|
* Check if it is a unix domain socket. Unix domain displays are in
|
|
* one of the following formats: unix:d[.s], :d[.s], ::d[.s]
|
|
*/
|
|
+ cp = strrchr(display, ':');
|
|
if (strncmp(display, "unix:", 5) == 0 ||
|
|
- display[0] == ':') {
|
|
+ (display[0] == ':' && ((cp - display) < 2)) ) {
|
|
/* Connect to the unix domain socket. */
|
|
if (sscanf(strrchr(display, ':') + 1, "%u", &display_number) != 1) {
|
|
error("Could not parse display number from DISPLAY: %.100s",
|
|
display);
|
|
return -1;
|
|
}
|
|
/* Create a socket. */
|
|
sock = connect_local_xsocket(display_number);
|
|
@@ -4068,30 +4069,39 @@ x11_connect_display(void)
|
|
return -1;
|
|
|
|
/* OK, we now have a connection to the display. */
|
|
return sock;
|
|
}
|
|
/*
|
|
* Connect to an inet socket. The DISPLAY value is supposedly
|
|
* hostname:d[.s], where hostname may also be numeric IP address.
|
|
+ * Note that IPv6 numberic addresses contain colons (e.g. ::1:0)
|
|
*/
|
|
strlcpy(buf, display, sizeof(buf));
|
|
- cp = strchr(buf, ':');
|
|
+ cp = strrchr(buf, ':');
|
|
if (!cp) {
|
|
error("Could not find ':' in DISPLAY: %.100s", display);
|
|
return -1;
|
|
}
|
|
*cp = 0;
|
|
/* buf now contains the host name. But first we parse the display number. */
|
|
if (sscanf(cp + 1, "%u", &display_number) != 1) {
|
|
error("Could not parse display number from DISPLAY: %.100s",
|
|
display);
|
|
return -1;
|
|
}
|
|
+
|
|
+ /* Remove brackets surrounding IPv6 addresses if there are any. */
|
|
+ if (buf[0] == '[' && (cp = strchr(buf, ']'))) {
|
|
+ *cp = 0;
|
|
+ cp = buf + 1;
|
|
+ } else {
|
|
+ cp = buf;
|
|
+ }
|
|
|
|
/* Look up the host address */
|
|
memset(&hints, 0, sizeof(hints));
|
|
hints.ai_family = IPv4or6;
|
|
hints.ai_socktype = SOCK_STREAM;
|
|
snprintf(strport, sizeof strport, "%u", 6000 + display_number);
|
|
if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) {
|
|
error("%.100s: unknown host. (%s)", buf,
|