dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0055-ssh-handle-binary-keys-correctly.patch

bb7cd1
From 3ba9f82ac428f509df33e509a39eb783480f5d19 Mon Sep 17 00:00:00 2001
bb7cd1
From: Sumit Bose <sbose@redhat.com>
bb7cd1
Date: Thu, 16 Mar 2017 12:38:08 +0100
bb7cd1
Subject: [PATCH 55/60] ssh: handle binary keys correctly
bb7cd1
bb7cd1
Related to https://pagure.io/SSSD/sssd/issue/3332
bb7cd1
bb7cd1
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
bb7cd1
---
bb7cd1
 src/responder/ssh/ssh_reply.c | 8 +++++++-
bb7cd1
 1 file changed, 7 insertions(+), 1 deletion(-)
bb7cd1
bb7cd1
diff --git a/src/responder/ssh/ssh_reply.c b/src/responder/ssh/ssh_reply.c
bb7cd1
index 807f4ee079128b4a3f1719de890ffac6e0d5b2e0..7093e47253b5687bab387feed5299c2d0841d43c 100644
bb7cd1
--- a/src/responder/ssh/ssh_reply.c
bb7cd1
+++ b/src/responder/ssh/ssh_reply.c
bb7cd1
@@ -32,6 +32,11 @@
bb7cd1
 #include "responder/common/cache_req/cache_req.h"
bb7cd1
 #include "responder/ssh/ssh_private.h"
bb7cd1
 
bb7cd1
+/* Locally used flag for libldb's ldb_message_element structure to indicate
bb7cd1
+ * binary data. Since the related data is only used in memory it is safe. If
bb7cd1
+ * should be used with care if libldb's I/O operations are involved. */
bb7cd1
+#define SSS_EL_FLAG_BIN_DATA (1<<4)
bb7cd1
+
bb7cd1
 static errno_t get_valid_certs_keys(TALLOC_CTX *mem_ctx,
bb7cd1
                                     struct ssh_ctx *ssh_ctx,
bb7cd1
                                     struct ldb_message_element *el_cert,
bb7cd1
@@ -148,7 +153,7 @@ static errno_t decode_and_add_base64_data(struct sss_packet *packet,
bb7cd1
     }
bb7cd1
 
bb7cd1
     for (d = 0; d < el->num_values; d++) {
bb7cd1
-        if (skip_base64_decode) {
bb7cd1
+        if (skip_base64_decode || (el->flags & SSS_EL_FLAG_BIN_DATA)) {
bb7cd1
             key = el->values[d].data;
bb7cd1
             key_len = el->values[d].length;
bb7cd1
         } else  {
bb7cd1
@@ -233,6 +238,7 @@ ssh_get_output_keys(TALLOC_CTX *mem_ctx,
bb7cd1
         }
bb7cd1
 
bb7cd1
         if (elements[i] != NULL) {
bb7cd1
+            elements[i]->flags |= SSS_EL_FLAG_BIN_DATA;
bb7cd1
             num_keys += elements[i]->num_values;
bb7cd1
             i++;
bb7cd1
         }
bb7cd1
-- 
bb7cd1
2.9.3
bb7cd1