~alpine/aports

[alpine-aports] [PATCH v2] testing/tinyssh: fix keepalive not implemented

Details
Message ID
<1437311614-106937-1-git-send-email-developer@it-offshore.co.uk>
Sender timestamp
1437311614
DKIM signature
missing
Download raw message
Patch: +93 -3
this fixes sessions being reset when a keepalive is sent
---
Changes v1 -> v2:

replaces message in docs with a patch to fix
---
 testing/tinyssh/APKBUILD                        | 12 +++-
 testing/tinyssh/keepalive-not-implemented.patch | 84 +++++++++++++++++++++++++
 2 files changed, 93 insertions(+), 3 deletions(-)
 create mode 100644 testing/tinyssh/keepalive-not-implemented.patch

diff --git a/testing/tinyssh/APKBUILD b/testing/tinyssh/APKBUILD
index f994e49..6f704cd 100644
--- a/testing/tinyssh/APKBUILD
+++ b/testing/tinyssh/APKBUILD
@@ -13,6 +13,7 @@ subpackages="$pkgname-doc"
source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
	$pkgname.initd
	$pkgname.confd
	keepalive-not-implemented.patch
	"

_builddir="$srcdir"/$pkgname-$pkgver
@@ -55,15 +56,20 @@ echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/s
rc-service inetd start

(3) Using runit with either (1) or (2)

Stealth SSH with FWKNOP: https://it-offshore.co.uk/security/53-stealth-your-ssh-port-ssh-into-lxc-containers
EOF
}

md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
78ec724804035bae29e1c47abec737d8  tinyssh.initd
83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
83e705f0f71db5ae0d8530edafa63497  tinyssh.confd
42cf023926c2b9472fa3d98a6f626db8  keepalive-not-implemented.patch"
sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470  tinyssh-20150501.tar.bz2
b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c  tinyssh.initd
c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd"
c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd
96ce731b29f76cba82047512a0c751370987fd51ff08d5bf124f10342f213251  keepalive-not-implemented.patch"
sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe  tinyssh-20150501.tar.bz2
d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478  tinyssh.initd
4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd"
4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd
9511d09d8a62e673e3e6b2ae9fc55e5b6ca7c33485c1834b4f53a1f06d84d34619a7f620c9862fb059d8a0d24a79d4172bd355185ceff5ac8acb381350e41d2e  keepalive-not-implemented.patch"
diff --git a/testing/tinyssh/keepalive-not-implemented.patch b/testing/tinyssh/keepalive-not-implemented.patch
new file mode 100644
index 0000000..19c21c1
--- /dev/null
+++ b/testing/tinyssh/keepalive-not-implemented.patch
@@ -0,0 +1,84 @@
diff --git a/tinyssh-tests/packet_uinmplementedtest.c b/tinyssh-tests/packet_uinmplementedtest.c
new file mode 120000
index 0000000..c1c5f9b
--- /dev/null
+++ b/tinyssh-tests/packet_uinmplementedtest.c
@@ -0,0 +1 @@
+emptytest.c
\ No newline at end of file
diff --git a/tinyssh/LIBS b/tinyssh/LIBS
index 7f1bcf5..9c1f27a 100644
--- a/tinyssh/LIBS
+++ b/tinyssh/LIBS
@@ -36,6 +36,7 @@ packetparser.o
 packet_put.o
 packet_recv.o
 packet_send.o
+packet_uinmplemented.o
 porttostr.o
 randommod.o
 readall.o
diff --git a/tinyssh/SOURCES b/tinyssh/SOURCES
index be77a5f..613535d 100644
--- a/tinyssh/SOURCES
+++ b/tinyssh/SOURCES
@@ -36,6 +36,7 @@ packetparser
 packet_put
 packet_recv
 packet_send
+packet_uinmplemented
 porttostr
 randommod
 readall
diff --git a/tinyssh/packet.h b/tinyssh/packet.h
index 891ede8..b2cba92 100644
--- a/tinyssh/packet.h
+++ b/tinyssh/packet.h
@@ -127,4 +127,7 @@ extern int packet_channel_send_windowadjust(struct buf *);
 extern void packet_channel_send_eof(struct buf *);
 extern int packet_channel_send_close(struct buf *, int, int);
 
+/* packet_uinmplemented.c */
+extern int packet_uinmplemented(struct buf *);
+
 #endif
diff --git a/tinyssh/packet_uinmplemented.c b/tinyssh/packet_uinmplemented.c
new file mode 100644
index 0000000..1ca82d6
--- /dev/null
+++ b/tinyssh/packet_uinmplemented.c
@@ -0,0 +1,18 @@
+/*
+20150719
+Jan Mojzis
+Public domain.
+*/
+
+#include "buf.h"
+#include "ssh.h"
+#include "packet.h"
+
+int packet_uinmplemented(struct buf *b) {
+
+    buf_purge(b);
+    buf_putnum8(b, SSH_MSG_UNIMPLEMENTED);       /* SSH_MSG_UNIMPLEMENTED */
+    buf_putnum32(b, packet.receivepacketid);     /* packeid */
+    packet_put(b);
+    return packet_sendall();
+}
diff --git a/tinyssh/tinysshd.c b/tinyssh/tinysshd.c
index ba44584..78677f5 100644
--- a/tinyssh/tinysshd.c
+++ b/tinyssh/tinysshd.c
@@ -300,8 +300,8 @@ int main(int argc, char **argv) {
                 case SSH_MSG_KEXINIT:
                     goto rekeying;
                 default:
-                    die_fatal("unknown message type", 0, 0);
-                    /* XXX TODO - send SSH_MSG_UNIMPLEMENTED */
+                    log_d1("unknown packet - sending SSH_MSG_UNIMPLEMENTED message");
+                    if (!packet_uinmplemented(&b1)) die_fatal("unable to send SSH_MSG_UNIMPLEMENTED message", 0, 0);
             }
         }
     }

-- 
2.4.6



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)