I submitted a patch. See https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=819361
Patch inline:
-----------------------------------------------------------------------------------------
--- sshconnect2.c.orig 2017-01-04 19:47:10.000000000 +0100
+++ sshconnect2.c 2017-01-05 04:13:08.977425272 +0100
@@ -222,7 +222,6 @@
orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
"%s,null", orig);
- free(gss);
}
}
#endif
@@ -273,6 +272,16 @@
/* remove ext-info from the KEX proposals for rekeying */
myproposal[PROPOSAL_KEX_ALGS] =
compat_kex_proposal(options.kex_algorithms);
+#ifdef GSSAPI
+ /* repair myproposal after it was crumpled by the */
+ /* ext-info removal above */
+ if (gss) {
+ orig = myproposal[PROPOSAL_KEX_ALGS];
+ xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
+ "%s,%s", gss, orig);
+ free(gss);
+ }
+#endif
if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
fatal("kex_prop2buf: %s", ssh_err(r));
-----------------------------------------------------------------------------------------
This patch should be merged with gssapi.patch (for obvious reasons).
Harald.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608965
Title:
ssh GSSAPI rekey failure
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1608965/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
