diff options
Diffstat (limited to 'security/openssh/patches/patch-az')
| -rw-r--r-- | security/openssh/patches/patch-az | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/security/openssh/patches/patch-az b/security/openssh/patches/patch-az deleted file mode 100644 index ee002ae4158..00000000000 --- a/security/openssh/patches/patch-az +++ /dev/null @@ -1,36 +0,0 @@ -$NetBSD: patch-az,v 1.1 2006/09/27 16:10:59 taca Exp $ - -Secunia Advisory SA22091 + one more OpenBSD's CVS update 1.144-1.145 - ---- packet.c.orig Sat Nov 5 13:15:00 2005 -+++ packet.c -@@ -669,6 +669,9 @@ packet_enable_delayed_compress(void) - */ - after_authentication = 1; - for (mode = 0; mode < MODE_MAX; mode++) { -+ /* protocol error: USERAUTH_SUCCESS received before NEWKEYS */ -+ if (newkeys[mode] == NULL) -+ continue; - comp = &newkeys[mode]->comp; - if (comp && !comp->enabled && comp->type == COMP_DELAYED) { - packet_init_compression(); -@@ -978,9 +981,16 @@ packet_read_poll1(void) - * (C)1998 CORE-SDI, Buenos Aires Argentina - * Ariel Futoransky(futo@core-sdi.com) - */ -- if (!receive_context.plaintext && -- detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) -- packet_disconnect("crc32 compensation attack: network attack detected"); -+ if (!receive_context.plaintext) { -+ switch (detect_attack(buffer_ptr(&input), padded_len)) { -+ case DEATTACK_DETECTED: -+ packet_disconnect("crc32 compensation attack: " -+ "network attack detected"); -+ case DEATTACK_DOS_DETECTED: -+ packet_disconnect("deattack denial of " -+ "service detected"); -+ } -+ } - - /* Decrypt data to incoming_packet. */ - buffer_clear(&incoming_packet); |