diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-16 13:37:16 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-16 13:37:16 +1100 |
commit | 7e8e820153a620ab1dcd81857a7de0969c41d043 (patch) | |
tree | 226cc4185feae97f4069ad60b4c18d259aa5df2f /auth-rh-rsa.c | |
parent | 4874c79a3a05fc18678d7a85d7091f5139630fac (diff) |
- Merged OpenBSD CVS changes:
- [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
[mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
the keysize of rsa-parameter 'n' is passed implizit,
a few more checks and warnings about 'pretended' keysizes.
- [cipher.c cipher.h packet.c packet.h sshd.c]
remove support for cipher RC4
- [ssh.c]
a note for legay systems about secuity issues with permanently_set_uid(),
the private hostkey and ptrace()
- [sshconnect.c]
more detailed messages about adding and checking hostkeys
Diffstat (limited to 'auth-rh-rsa.c')
-rw-r--r-- | auth-rh-rsa.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index fa855a1a8..68e0b829e 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c | |||
@@ -15,7 +15,7 @@ authentication. | |||
15 | */ | 15 | */ |
16 | 16 | ||
17 | #include "includes.h" | 17 | #include "includes.h" |
18 | RCSID("$Id: auth-rh-rsa.c,v 1.4 1999/11/12 04:19:27 damien Exp $"); | 18 | RCSID("$Id: auth-rh-rsa.c,v 1.5 1999/11/16 02:37:16 damien Exp $"); |
19 | 19 | ||
20 | #include "packet.h" | 20 | #include "packet.h" |
21 | #include "ssh.h" | 21 | #include "ssh.h" |
@@ -27,7 +27,6 @@ RCSID("$Id: auth-rh-rsa.c,v 1.4 1999/11/12 04:19:27 damien Exp $"); | |||
27 | its host key. Returns true if authentication succeeds. */ | 27 | its host key. Returns true if authentication succeeds. */ |
28 | 28 | ||
29 | int auth_rhosts_rsa(struct passwd *pw, const char *client_user, | 29 | int auth_rhosts_rsa(struct passwd *pw, const char *client_user, |
30 | unsigned int client_host_key_bits, | ||
31 | BIGNUM *client_host_key_e, BIGNUM *client_host_key_n) | 30 | BIGNUM *client_host_key_e, BIGNUM *client_host_key_n) |
32 | { | 31 | { |
33 | extern ServerOptions options; | 32 | extern ServerOptions options; |
@@ -51,8 +50,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, | |||
51 | ke = BN_new(); | 50 | ke = BN_new(); |
52 | kn = BN_new(); | 51 | kn = BN_new(); |
53 | host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname, | 52 | host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname, |
54 | client_host_key_bits, client_host_key_e, | 53 | client_host_key_e, client_host_key_n, ke, kn); |
55 | client_host_key_n, ke, kn); | ||
56 | 54 | ||
57 | /* Check user host file unless ignored. */ | 55 | /* Check user host file unless ignored. */ |
58 | if (host_status != HOST_OK && !options.ignore_user_known_hosts) { | 56 | if (host_status != HOST_OK && !options.ignore_user_known_hosts) { |
@@ -70,8 +68,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, | |||
70 | /* XXX race between stat and the following open() */ | 68 | /* XXX race between stat and the following open() */ |
71 | temporarily_use_uid(pw->pw_uid); | 69 | temporarily_use_uid(pw->pw_uid); |
72 | host_status = check_host_in_hostfile(user_hostfile, canonical_hostname, | 70 | host_status = check_host_in_hostfile(user_hostfile, canonical_hostname, |
73 | client_host_key_bits, client_host_key_e, | 71 | client_host_key_e, client_host_key_n, ke, kn); |
74 | client_host_key_n, ke, kn); | ||
75 | restore_uid(); | 72 | restore_uid(); |
76 | } | 73 | } |
77 | xfree(user_hostfile); | 74 | xfree(user_hostfile); |
@@ -89,8 +86,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user, | |||
89 | /* A matching host key was found and is known. */ | 86 | /* A matching host key was found and is known. */ |
90 | 87 | ||
91 | /* Perform the challenge-response dialog with the client for the host key. */ | 88 | /* Perform the challenge-response dialog with the client for the host key. */ |
92 | if (!auth_rsa_challenge_dialog(client_host_key_bits, | 89 | if (!auth_rsa_challenge_dialog(client_host_key_e, client_host_key_n)) |
93 | client_host_key_e, client_host_key_n)) | ||
94 | { | 90 | { |
95 | log("Client on %.800s failed to respond correctly to host authentication.", | 91 | log("Client on %.800s failed to respond correctly to host authentication.", |
96 | canonical_hostname); | 92 | canonical_hostname); |