Date: Fri, 1 Aug 2008 13:45:52 +0200 From: Patrick =?ISO-8859-15?Q?Lamaizi=E8re?= <patfbsd@davenulle.org> To: current@freebsd.org Cc: Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: Recent Padlock changes break ssh Message-ID: <20080801134552.1a7930be@baby-jane-lamaiziere-net.local> In-Reply-To: <20080731174536.243579d1@baby-jane-lamaiziere-net.local> References: <E1KLA49-0000W2-I1@clue.co.za> <20080722081449.GA3241@garage.freebsd.pl> <20080731123246.365d0b1f@baby-jane-lamaiziere-net.local> <20080731132136.GC4088@garage.freebsd.pl> <20080731174536.243579d1@baby-jane-lamaiziere-net.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Le Thu, 31 Jul 2008 17:45:36 +0200, Patrick Lamaizière <patfbsd@davenulle.org> a écrit : > Le Thu, 31 Jul 2008 15:21:36 +0200, > Pawel Jakub Dawidek <pjd@FreeBSD.org> a écrit : > > Hello, > > > > I think that one problem is that the session id (ses->ses_id) is > > > not updated when a free session is reused. The session id is set > > > to zero by bzero() in padlock_freesession(). So we can have > > > several active sessions with the same ses->ses_id == 0 if the > > > sessions are reused. > > > > Great catch! What do you think about using old sessid? I think it's > > ok to do so and a bit safer, because session ID is only 32bit long > > so we may get collision once we start from 0 again. Sorry but i forget this : Since the free sessions are at the head of the TAILQ, i suggest to use a TAILQ_FOREACH_REVERSE instead TAILQ_FOREACH in freession() and process() to skip the free sessions. Regards.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080801134552.1a7930be>