diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2000-12-03 17:00:47 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2000-12-03 17:00:47 +0000 |
commit | d121f613708c3c9c82465b0788550943a918d5c8 (patch) | |
tree | 2e1f2364b459a1a7003d4907f4abae63d069634f /auth2.c | |
parent | b84815880e453346667d6d2b3f02904674848a7a (diff) |
20001204
- (bal) More C functions defined in NeXT that are unaccessable without
defining -POSIX.
- (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/12/03 11:29:04
[compat.c]
remove fallback to SSH_BUG_HMAC now that the drafts are updated
- markus@cvs.openbsd.org 2000/12/03 11:27:55
[compat.c]
correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
- markus@cvs.openbsd.org 2000/12/03 11:15:03
[auth2.c compat.c compat.h sshconnect2.c]
support f-secure/ssh.com 2.0.12; ok niels@
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 33 |
1 files changed, 25 insertions, 8 deletions
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.21 2000/11/12 19:50:37 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.22 2000/12/03 11:15:02 markus Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_OSF_SIA | 28 | #ifdef HAVE_OSF_SIA |
29 | # include <sia.h> | 29 | # include <sia.h> |
@@ -434,14 +434,27 @@ userauth_pubkey(Authctxt *authctxt) | |||
434 | return 0; | 434 | return 0; |
435 | } | 435 | } |
436 | have_sig = packet_get_char(); | 436 | have_sig = packet_get_char(); |
437 | pkalg = packet_get_string(&alen); | 437 | if (datafellows & SSH_BUG_PKAUTH) { |
438 | debug2("userauth_pubkey: SSH_BUG_PKAUTH"); | ||
439 | /* no explicit pkalg given */ | ||
440 | pkblob = packet_get_string(&blen); | ||
441 | buffer_init(&b); | ||
442 | buffer_append(&b, pkblob, blen); | ||
443 | /* so we have to extract the pkalg from the pkblob */ | ||
444 | pkalg = buffer_get_string(&b, &alen); | ||
445 | buffer_free(&b); | ||
446 | } else { | ||
447 | pkalg = packet_get_string(&alen); | ||
448 | pkblob = packet_get_string(&blen); | ||
449 | } | ||
438 | pktype = key_type_from_name(pkalg); | 450 | pktype = key_type_from_name(pkalg); |
439 | if (pktype == KEY_UNSPEC) { | 451 | if (pktype == KEY_UNSPEC) { |
440 | log("bad pkalg %s", pkalg); | 452 | /* this is perfectly legal */ |
453 | log("userauth_pubkey: unsupported public key algorithm: %s", pkalg); | ||
441 | xfree(pkalg); | 454 | xfree(pkalg); |
455 | xfree(pkblob); | ||
442 | return 0; | 456 | return 0; |
443 | } | 457 | } |
444 | pkblob = packet_get_string(&blen); | ||
445 | key = key_from_blob(pkblob, blen); | 458 | key = key_from_blob(pkblob, blen); |
446 | if (key != NULL) { | 459 | if (key != NULL) { |
447 | if (have_sig) { | 460 | if (have_sig) { |
@@ -457,12 +470,16 @@ userauth_pubkey(Authctxt *authctxt) | |||
457 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 470 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
458 | buffer_put_cstring(&b, authctxt->user); | 471 | buffer_put_cstring(&b, authctxt->user); |
459 | buffer_put_cstring(&b, | 472 | buffer_put_cstring(&b, |
460 | datafellows & SSH_BUG_PUBKEYAUTH ? | 473 | datafellows & SSH_BUG_PKSERVICE ? |
461 | "ssh-userauth" : | 474 | "ssh-userauth" : |
462 | authctxt->service); | 475 | authctxt->service); |
463 | buffer_put_cstring(&b, "publickey"); | 476 | if (datafellows & SSH_BUG_PKAUTH) { |
464 | buffer_put_char(&b, have_sig); | 477 | buffer_put_char(&b, have_sig); |
465 | buffer_put_cstring(&b, key_ssh_name(key)); | 478 | } else { |
479 | buffer_put_cstring(&b, "publickey"); | ||
480 | buffer_put_char(&b, have_sig); | ||
481 | buffer_put_cstring(&b, key_ssh_name(key)); | ||
482 | } | ||
466 | buffer_put_string(&b, pkblob, blen); | 483 | buffer_put_string(&b, pkblob, blen); |
467 | #ifdef DEBUG_PK | 484 | #ifdef DEBUG_PK |
468 | buffer_dump(&b); | 485 | buffer_dump(&b); |