Recent Padlock changes break ssh
Patrick Lamaizière
patfbsd at davenulle.org
Thu Jul 31 10:32:50 UTC 2008
Le Tue, 22 Jul 2008 10:14:49 +0200,
Pawel Jakub Dawidek <pjd at FreeBSD.org> a écrit :
Hello,
> Could you try this patch? Those are the only changes that could
> eventually change the behaviour.
>
> http://people.freebsd.org/~pjd/patches/padlock.c.patch
>
I think that one problem is that the session id (ses->ses_id) is not
updated when a free session is reused. The session id is set to zero by
bzero() in padlock_freesession(). So we can have several active
sessions with the same ses->ses_id == 0 if the sessions are reused.
padlock_freession()
padlock_hash_free(ses);
bzero(ses, sizeof(*ses));
ses->ses_used = 0;
TAILQ_INSERT_HEAD(&sc->sc_sessions, ses, ses_next);
and in padlock_newsession()
/*
* Free sessions goes first, so if first session is used, we
need to
* allocate one.
*/
ses = TAILQ_FIRST(&sc->sc_sessions);
if (ses == NULL || ses->ses_used)
ses = NULL;
else {
TAILQ_REMOVE(&sc->sc_sessions, ses, ses_next);
ses->ses_used = 1;
+ ses->ses_id = sc->sc_sid++;
TAILQ_INSERT_TAIL(&sc->sc_sessions, ses, ses_next);
}
Regards.
More information about the freebsd-current
mailing list