From 83a8cb1dc2343c00ddc26caea51cf7fa30ca1fd1 Mon Sep 17 00:00:00 2001
From: Graham Christensen <graham@grahamc.com>
Date: Thu, 6 Oct 2016 08:54:02 -0400
Subject: [PATCH] openssh: apply patch to fix
 https://bugzilla.redhat.com/show_bug.cgi?id=1380296

---
 ...H-1380296-NEWKEYS-null-pointer-deref.patch | 37 +++++++++++++++++++
 pkgs/tools/networking/openssh/default.nix     |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch

diff --git a/pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch b/pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch
new file mode 100644
index 00000000000..665eff86453
--- /dev/null
+++ b/pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch
@@ -0,0 +1,37 @@
+diff --git a/kex.c b/kex.c
+index 50c7a0f..823668b 100644
+--- a/kex.c
++++ b/kex.c
+@@ -419,6 +419,8 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt)
+ 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
+ 	if ((r = sshpkt_get_end(ssh)) != 0)
+ 		return r;
++        if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
++          return r;
+ 	kex->done = 1;
+ 	sshbuf_reset(kex->peer);
+ 	/* sshbuf_reset(kex->my); */
+diff --git a/packet.c b/packet.c
+index d6dad2d..f96566b 100644
+--- a/packet.c
++++ b/packet.c
+@@ -38,7 +38,7 @@
+  */
+ 
+ #include "includes.h"
+- 
++
+ #include <sys/param.h>	/* MIN roundup */
+ #include <sys/types.h>
+ #include "openbsd-compat/sys-queue.h"
+@@ -1907,9 +1907,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
+ 			return r;
+ 		return SSH_ERR_PROTOCOL_ERROR;
+ 	}
+-	if (*typep == SSH2_MSG_NEWKEYS)
+-		r = ssh_set_newkeys(ssh, MODE_IN);
+-	else if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
++	if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
+ 		r = ssh_packet_enable_delayed_compress(ssh);
+ 	else
+ 		r = 0;
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix
index 0c19822d37c..fabcda902be 100644
--- a/pkgs/tools/networking/openssh/default.nix
+++ b/pkgs/tools/networking/openssh/default.nix
@@ -44,6 +44,7 @@ stdenv.mkDerivation rec {
 
   patches =
     [
+      ./RH-1380296-NEWKEYS-null-pointer-deref.patch
       ./locale_archive.patch
       ./fix-host-key-algorithms-plus.patch