diff options
author | Damien Miller <djm@mindrot.org> | 2000-06-22 21:32:31 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-06-22 21:32:31 +1000 |
commit | 6536c7d3c9d0e794c5c85d4f1746b958d7e04343 (patch) | |
tree | 9551d0d84924d6a206130fb575df5d90f1cc7a28 /sshconnect2.c | |
parent | 099f505f9526311e48f828e95d90d488fe237219 (diff) |
- OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/06/18 18:50:11
[auth2.c compat.c compat.h sshconnect2.c]
make userauth+pubkey interop with ssh.com-2.2.0
- markus@cvs.openbsd.org 2000/06/18 20:56:17
[dsa.c]
mem leak + be more paranoid in dsa_verify.
- markus@cvs.openbsd.org 2000/06/18 21:29:50
[key.c]
cleanup fingerprinting, less hardcoded sizes
- markus@cvs.openbsd.org 2000/06/19 19:39:45
[atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
[buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
[clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
[deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
[kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
[nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
[rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
[ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
OpenBSD tag
- markus@cvs.openbsd.org 2000/06/21 10:46:10
sshconnect2.c missing free; nuke old comment
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 77b8652ea..ae96d534e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -28,7 +28,7 @@ | |||
28 | */ | 28 | */ |
29 | 29 | ||
30 | #include "includes.h" | 30 | #include "includes.h" |
31 | RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $"); | 31 | RCSID("$OpenBSD: sshconnect2.c,v 1.15 2000/06/21 16:46:10 markus Exp $"); |
32 | 32 | ||
33 | #include <openssl/bn.h> | 33 | #include <openssl/bn.h> |
34 | #include <openssl/rsa.h> | 34 | #include <openssl/rsa.h> |
@@ -295,6 +295,7 @@ ssh2_try_pubkey(char *filename, | |||
295 | unsigned char *blob, *signature; | 295 | unsigned char *blob, *signature; |
296 | int bloblen, slen; | 296 | int bloblen, slen; |
297 | struct stat st; | 297 | struct stat st; |
298 | int skip = 0; | ||
298 | 299 | ||
299 | if (stat(filename, &st) != 0) { | 300 | if (stat(filename, &st) != 0) { |
300 | debug("key does not exist: %s", filename); | 301 | debug("key does not exist: %s", filename); |
@@ -314,14 +315,22 @@ ssh2_try_pubkey(char *filename, | |||
314 | success = load_private_key(filename, passphrase, k, NULL); | 315 | success = load_private_key(filename, passphrase, k, NULL); |
315 | memset(passphrase, 0, strlen(passphrase)); | 316 | memset(passphrase, 0, strlen(passphrase)); |
316 | xfree(passphrase); | 317 | xfree(passphrase); |
317 | if (!success) | 318 | if (!success) { |
319 | key_free(k); | ||
318 | return 0; | 320 | return 0; |
321 | } | ||
319 | } | 322 | } |
320 | dsa_make_key_blob(k, &blob, &bloblen); | 323 | dsa_make_key_blob(k, &blob, &bloblen); |
321 | 324 | ||
322 | /* data to be signed */ | 325 | /* data to be signed */ |
323 | buffer_init(&b); | 326 | buffer_init(&b); |
324 | buffer_append(&b, session_id2, session_id2_len); | 327 | if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) { |
328 | buffer_put_string(&b, session_id2, session_id2_len); | ||
329 | skip = buffer_len(&b); | ||
330 | } else { | ||
331 | buffer_append(&b, session_id2, session_id2_len); | ||
332 | skip = session_id2_len; | ||
333 | } | ||
325 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 334 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
326 | buffer_put_cstring(&b, server_user); | 335 | buffer_put_cstring(&b, server_user); |
327 | buffer_put_cstring(&b, | 336 | buffer_put_cstring(&b, |
@@ -340,7 +349,6 @@ ssh2_try_pubkey(char *filename, | |||
340 | buffer_dump(&b); | 349 | buffer_dump(&b); |
341 | #endif | 350 | #endif |
342 | if (datafellows & SSH_BUG_PUBKEYAUTH) { | 351 | if (datafellows & SSH_BUG_PUBKEYAUTH) { |
343 | /* e.g. ssh-2.0.13: data-to-be-signed != data-on-the-wire */ | ||
344 | buffer_clear(&b); | 352 | buffer_clear(&b); |
345 | buffer_append(&b, session_id2, session_id2_len); | 353 | buffer_append(&b, session_id2, session_id2_len); |
346 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 354 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
@@ -357,9 +365,9 @@ ssh2_try_pubkey(char *filename, | |||
357 | xfree(signature); | 365 | xfree(signature); |
358 | 366 | ||
359 | /* skip session id and packet type */ | 367 | /* skip session id and packet type */ |
360 | if (buffer_len(&b) < session_id2_len + 1) | 368 | if (buffer_len(&b) < skip + 1) |
361 | fatal("ssh2_try_pubkey: internal error"); | 369 | fatal("ssh2_try_pubkey: internal error"); |
362 | buffer_consume(&b, session_id2_len + 1); | 370 | buffer_consume(&b, skip + 1); |
363 | 371 | ||
364 | /* put remaining data from buffer into packet */ | 372 | /* put remaining data from buffer into packet */ |
365 | packet_start(SSH2_MSG_USERAUTH_REQUEST); | 373 | packet_start(SSH2_MSG_USERAUTH_REQUEST); |