The potential RCE only impacts x86_64, so only refuse to use it if we're
targetting a potentially impacted architecture. ok djm@
;;
101*) ;; # 1.1.x
200*) ;; # LibreSSL
- 3000004*) AC_MSG_ERROR([OpenSSL 3.0.4 has a potential RCE in its RSA implementation (CVE-2022-2274)]) ;;
300*)
# OpenSSL 3; we use the 1.1x API
CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L"
]
)
+ case "$host" in
+ x86_64-*)
+ case "$ssl_library_ver" in
+ 3000004*)
+ AC_MSG_ERROR([OpenSSL 3.0.4 has a potential RCE in its RSA implementation (CVE-2022-2274)])
+ ;;
+ esac
+ esac
+
# Sanity check OpenSSL headers
AC_MSG_CHECKING([whether OpenSSL's headers match the library])
AC_RUN_IFELSE(
fail "ssh-keyscan -t $t failed with: $r"
fi
done
+
+stop_sshd
+sleep 1
+
+trace "keyscan banner length"
+banner=""
+for i in `seq 245 256`; do
+ trace "keyscan length $i"
+ banner=`perl -le "print 'A'x$i"`
+ (printf "SSH-2.0-${banner}" | ${NC} -N -l $PORT >/dev/null) &
+ ${SSHKEYSCAN} -p $PORT 127.0.0.1
+ sleep 3
+done
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
- seed_rng();
-
if ((user_pw = getpwuid(getuid())) == NULL) {
fprintf(stderr, "No user found for uid %lu\n",
(u_long)getuid());
projects / thirdparty / openssh-portable.git / commitdiff
