summaryrefslogtreecommitdiff
path: root/sshconnect.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-03-17 23:40:15 +1100
committerDamien Miller <djm@mindrot.org>2000-03-17 23:40:15 +1100
commit7684ee17ee96426970c00cb44d9d00b6611b9a57 (patch)
treecb447b6e9d3fdc10b3e66a90b198092d7245447a /sshconnect.c
parentd6121d2972c1a6924f6d186ea04eefe9dab774ef (diff)
- OpenBSD CVS updates:
- [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] [sshd.c] pedantic: signed vs. unsigned, void*-arithm, etc - [ssh.1 sshd.8] Various cleanups and standardizations.
Diffstat (limited to 'sshconnect.c')
-rw-r--r--sshconnect.c30
1 files changed, 17 insertions, 13 deletions
diff --git a/sshconnect.c b/sshconnect.c
index c4c9aee1f..910548fac 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -8,7 +8,7 @@
8 */ 8 */
9 9
10#include "includes.h" 10#include "includes.h"
11RCSID("$OpenBSD: sshconnect.c,v 1.56 2000/02/18 08:50:33 markus Exp $"); 11RCSID("$OpenBSD: sshconnect.c,v 1.57 2000/03/16 20:56:14 markus Exp $");
12 12
13#ifdef HAVE_OPENSSL 13#ifdef HAVE_OPENSSL
14#include <openssl/bn.h> 14#include <openssl/bn.h>
@@ -638,6 +638,7 @@ try_kerberos_authentication()
638 char *realm; 638 char *realm;
639 CREDENTIALS cred; 639 CREDENTIALS cred;
640 int r, type, plen; 640 int r, type, plen;
641 socklen_t slen;
641 Key_schedule schedule; 642 Key_schedule schedule;
642 u_long checksum, cksum; 643 u_long checksum, cksum;
643 MSG_DAT msg_data; 644 MSG_DAT msg_data;
@@ -680,16 +681,16 @@ try_kerberos_authentication()
680 /* Zero the buffer. */ 681 /* Zero the buffer. */
681 (void) memset(auth.dat, 0, MAX_KTXT_LEN); 682 (void) memset(auth.dat, 0, MAX_KTXT_LEN);
682 683
683 r = sizeof(local); 684 slen = sizeof(local);
684 memset(&local, 0, sizeof(local)); 685 memset(&local, 0, sizeof(local));
685 if (getsockname(packet_get_connection_in(), 686 if (getsockname(packet_get_connection_in(),
686 (struct sockaddr *) & local, &r) < 0) 687 (struct sockaddr *) & local, &slen) < 0)
687 debug("getsockname failed: %s", strerror(errno)); 688 debug("getsockname failed: %s", strerror(errno));
688 689
689 r = sizeof(foreign); 690 slen = sizeof(foreign);
690 memset(&foreign, 0, sizeof(foreign)); 691 memset(&foreign, 0, sizeof(foreign));
691 if (getpeername(packet_get_connection_in(), 692 if (getpeername(packet_get_connection_in(),
692 (struct sockaddr *) & foreign, &r) < 0) { 693 (struct sockaddr *) & foreign, &slen) < 0) {
693 debug("getpeername failed: %s", strerror(errno)); 694 debug("getpeername failed: %s", strerror(errno));
694 fatal_cleanup(); 695 fatal_cleanup();
695 } 696 }
@@ -751,7 +752,7 @@ send_kerberos_tgt()
751 CREDENTIALS *creds; 752 CREDENTIALS *creds;
752 char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; 753 char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
753 int r, type, plen; 754 int r, type, plen;
754 unsigned char buffer[8192]; 755 char buffer[8192];
755 struct stat st; 756 struct stat st;
756 757
757 /* Don't do anything if we don't have any tickets. */ 758 /* Don't do anything if we don't have any tickets. */
@@ -772,11 +773,11 @@ send_kerberos_tgt()
772 debug("Kerberos V4 ticket expired: %s", TKT_FILE); 773 debug("Kerberos V4 ticket expired: %s", TKT_FILE);
773 return 0; 774 return 0;
774 } 775 }
775 creds_to_radix(creds, buffer); 776 creds_to_radix(creds, (unsigned char *)buffer);
776 xfree(creds); 777 xfree(creds);
777 778
778 packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); 779 packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
779 packet_put_string((char *) buffer, strlen(buffer)); 780 packet_put_string(buffer, strlen(buffer));
780 packet_send(); 781 packet_send();
781 packet_write_wait(); 782 packet_write_wait();
782 783
@@ -798,7 +799,7 @@ send_afs_tokens(void)
798 struct ClearToken ct; 799 struct ClearToken ct;
799 int i, type, len, plen; 800 int i, type, len, plen;
800 char buf[2048], *p, *server_cell; 801 char buf[2048], *p, *server_cell;
801 unsigned char buffer[8192]; 802 char buffer[8192];
802 803
803 /* Move over ktc_GetToken, here's something leaner. */ 804 /* Move over ktc_GetToken, here's something leaner. */
804 for (i = 0; i < 100; i++) { /* just in case */ 805 for (i = 0; i < 100; i++) { /* just in case */
@@ -840,10 +841,10 @@ send_afs_tokens(void)
840 creds.pinst[0] = '\0'; 841 creds.pinst[0] = '\0';
841 842
842 /* Encode token, ship it off. */ 843 /* Encode token, ship it off. */
843 if (!creds_to_radix(&creds, buffer)) 844 if (!creds_to_radix(&creds, (unsigned char*) buffer))
844 break; 845 break;
845 packet_start(SSH_CMSG_HAVE_AFS_TOKEN); 846 packet_start(SSH_CMSG_HAVE_AFS_TOKEN);
846 packet_put_string((char *) buffer, strlen(buffer)); 847 packet_put_string(buffer, strlen(buffer));
847 packet_send(); 848 packet_send();
848 packet_write_wait(); 849 packet_write_wait();
849 850
@@ -867,7 +868,9 @@ send_afs_tokens(void)
867int 868int
868try_skey_authentication() 869try_skey_authentication()
869{ 870{
870 int type, i, payload_len; 871 int type, i;
872 int payload_len;
873 unsigned int clen;
871 char *challenge, *response; 874 char *challenge, *response;
872 875
873 debug("Doing skey authentication."); 876 debug("Doing skey authentication.");
@@ -887,7 +890,8 @@ try_skey_authentication()
887 debug("No challenge for skey authentication."); 890 debug("No challenge for skey authentication.");
888 return 0; 891 return 0;
889 } 892 }
890 challenge = packet_get_string(&payload_len); 893 challenge = packet_get_string(&clen);
894 packet_integrity_check(payload_len, (4 + clen), type);
891 if (options.cipher == SSH_CIPHER_NONE) 895 if (options.cipher == SSH_CIPHER_NONE)
892 log("WARNING: Encryption is disabled! " 896 log("WARNING: Encryption is disabled! "
893 "Reponse will be transmitted in clear text."); 897 "Reponse will be transmitted in clear text.");
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-30 07:35:48 +0000