shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 18:50:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2025-14821 cmake: Fix global config location on Windows

Browse Source 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 6a7f19ec34)
This commit is contained in:
Andreas Schneider
2025-11-21 08:14:38 +01:00
committed by Jakub Jelen
parent f49b4442a9
commit c53b0ef3ec
3 changed files with 18 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
DefineOptions.cmake
View File

@@ -69,12 +69,22 @@ if (WITH_ABI_BREAK)
set(WITH_SYMBOL_VERSIONING ON)
endif (WITH_ABI_BREAK)
set(GLOBAL_CONF_DIR "/etc/ssh")
if (WIN32)
# Use PROGRAMDATA on Windows
if (DEFINED ENV{PROGRAMDATA})
set(GLOBAL_CONF_DIR "$ENV{PROGRAMDATA}/ssh")
else ()
set(GLOBAL_CONF_DIR "C:/ProgramData/ssh")
endif ()
endif ()
if (NOT GLOBAL_BIND_CONFIG)
set(GLOBAL_BIND_CONFIG "/etc/ssh/libssh_server_config")
set(GLOBAL_BIND_CONFIG "${GLOBAL_CONF_DIR}/libssh_server_config")
endif (NOT GLOBAL_BIND_CONFIG)
if (NOT GLOBAL_CLIENT_CONFIG)
set(GLOBAL_CLIENT_CONFIG "/etc/ssh/ssh_config")
set(GLOBAL_CLIENT_CONFIG "${GLOBAL_CONF_DIR}/ssh_config")
endif (NOT GLOBAL_CLIENT_CONFIG)
if (FUZZ_TESTING)

4
config.h.cmake
View File

@@ -8,6 +8,10 @@
#cmakedefine BINARYDIR "${BINARYDIR}"
#cmakedefine SOURCEDIR "${SOURCEDIR}"
/* Global configuration directory */
#cmakedefine USR_GLOBAL_CONF_DIR "${USR_GLOBAL_CONF_DIR}"
#cmakedefine GLOBAL_CONF_DIR "${GLOBAL_CONF_DIR}"
/* Global bind configuration file path */
#cmakedefine GLOBAL_BIND_CONFIG "${GLOBAL_BIND_CONFIG}"

4
src/options.c
View File

@@ -861,7 +861,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
SAFE_FREE(session->opts.global_knownhosts);
if (v == NULL) {
session->opts.global_knownhosts =
strdup("/etc/ssh/ssh_known_hosts");
strdup(GLOBAL_CONF_DIR "/ssh_known_hosts");
if (session->opts.global_knownhosts == NULL) {
ssh_set_error_oom(session);
return -1;
@@ -1900,7 +1900,7 @@ int ssh_options_apply(ssh_session session)
if ((session->opts.exp_flags & SSH_OPT_EXP_FLAG_GLOBAL_KNOWNHOSTS) == 0) {
if (session->opts.global_knownhosts == NULL) {
tmp = strdup("/etc/ssh/ssh_known_hosts");
tmp = strdup(GLOBAL_CONF_DIR "/ssh_known_hosts");
} else {
tmp = ssh_path_expand_escape(session,
session->opts.global_knownhosts);