From e936694229354244eed3addad14a07f76614e67e Mon Sep 17 00:00:00 2001
From: Waldemar Brodkorb <wbx@openadk.org>
Date: Wed, 23 Sep 2009 18:58:04 +0200
Subject: convert bzero to memset, allow root login

---
 package/openssh/patches/patch-sshconnect2_c | 71 +++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 package/openssh/patches/patch-sshconnect2_c

(limited to 'package/openssh/patches/patch-sshconnect2_c')

diff --git a/package/openssh/patches/patch-sshconnect2_c b/package/openssh/patches/patch-sshconnect2_c
new file mode 100644
index 000000000..405989001
--- /dev/null
+++ b/package/openssh/patches/patch-sshconnect2_c
@@ -0,0 +1,71 @@
+--- openssh-5.2p1.orig/sshconnect2.c	2008-11-05 06:20:47.000000000 +0100
++++ openssh-5.2p1/sshconnect2.c	2009-09-18 12:30:37.000000000 +0200
+@@ -921,14 +921,14 @@ jpake_password_to_secret(Authctxt *authc
+ 	    &secret, &secret_len) != 0)
+ 		fatal("%s: hash_buffer", __func__);
+ 
+-	bzero(password, strlen(password));
+-	bzero(crypted, strlen(crypted));
++	memset(password, 0, strlen(password));
++	memset(crypted, 0, strlen(crypted));
+ 	xfree(password);
+ 	xfree(crypted);
+ 
+ 	if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL)
+ 		fatal("%s: BN_bin2bn (secret)", __func__);
+-	bzero(secret, secret_len);
++	memset(secret, 0, secret_len);
+ 	xfree(secret);
+ 
+ 	return ret;
+@@ -965,8 +965,8 @@ input_userauth_jpake_server_step1(int ty
+ 
+ 	/* Obtain password and derive secret */
+ 	pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt);
+-	bzero(crypt_scheme, strlen(crypt_scheme));
+-	bzero(salt, strlen(salt));
++	memset(crypt_scheme, 0, strlen(crypt_scheme));
++	memset(salt, 0, strlen(salt));
+ 	xfree(crypt_scheme);
+ 	xfree(salt);
+ 	JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__));
+@@ -981,8 +981,8 @@ input_userauth_jpake_server_step1(int ty
+ 	    &pctx->a,
+ 	    &x2_s_proof, &x2_s_proof_len);
+ 
+-	bzero(x3_proof, x3_proof_len);
+-	bzero(x4_proof, x4_proof_len);
++	memset(x3_proof, 0, x3_proof_len);
++	memset(x4_proof, 0, x4_proof_len);
+ 	xfree(x3_proof);
+ 	xfree(x4_proof);
+ 
+@@ -994,7 +994,7 @@ input_userauth_jpake_server_step1(int ty
+ 	packet_put_string(x2_s_proof, x2_s_proof_len);
+ 	packet_send();
+ 
+-	bzero(x2_s_proof, x2_s_proof_len);
++	memset(x2_s_proof, 0, x2_s_proof_len);
+ 	xfree(x2_s_proof);
+ 
+ 	/* Expect step 2 packet from peer */
+@@ -1034,7 +1034,7 @@ input_userauth_jpake_server_step2(int ty
+ 	    &pctx->k,
+ 	    &pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len);
+ 
+-	bzero(x4_s_proof, x4_s_proof_len);
++	memset(x4_s_proof, 0, x4_s_proof_len);
+ 	xfree(x4_s_proof);
+ 
+ 	JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
+@@ -1700,8 +1700,8 @@ userauth_jpake(Authctxt *authctxt)
+ 	packet_put_string(x2_proof, x2_proof_len);
+ 	packet_send();
+ 
+-	bzero(x1_proof, x1_proof_len);
+-	bzero(x2_proof, x2_proof_len);
++	memset(x1_proof, 0, x1_proof_len);
++	memset(x2_proof, 0, x2_proof_len);
+ 	xfree(x1_proof);
+ 	xfree(x2_proof);
+ 
-- 
cgit v1.2.3