diff options
| author | Damien Miller <djm@mindrot.org> | 2000-06-22 21:32:31 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2000-06-22 21:32:31 +1000 |
| commit | 6536c7d3c9d0e794c5c85d4f1746b958d7e04343 (patch) | |
| tree | 9551d0d84924d6a206130fb575df5d90f1cc7a28 /sshconnect2.c | |
| parent | 099f505f9526311e48f828e95d90d488fe237219 (diff) | |
- OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/06/18 18:50:11
[auth2.c compat.c compat.h sshconnect2.c]
make userauth+pubkey interop with ssh.com-2.2.0
- markus@cvs.openbsd.org 2000/06/18 20:56:17
[dsa.c]
mem leak + be more paranoid in dsa_verify.
- markus@cvs.openbsd.org 2000/06/18 21:29:50
[key.c]
cleanup fingerprinting, less hardcoded sizes
- markus@cvs.openbsd.org 2000/06/19 19:39:45
[atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
[buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
[clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
[deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
[kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
[nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
[rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
[ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
OpenBSD tag
- markus@cvs.openbsd.org 2000/06/21 10:46:10
sshconnect2.c missing free; nuke old comment
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 77b8652ea..ae96d534e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -28,7 +28,7 @@ | |||
| 28 | */ | 28 | */ |
| 29 | 29 | ||
| 30 | #include "includes.h" | 30 | #include "includes.h" |
| 31 | RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $"); | 31 | RCSID("$OpenBSD: sshconnect2.c,v 1.15 2000/06/21 16:46:10 markus Exp $"); |
| 32 | 32 | ||
| 33 | #include <openssl/bn.h> | 33 | #include <openssl/bn.h> |
| 34 | #include <openssl/rsa.h> | 34 | #include <openssl/rsa.h> |
| @@ -295,6 +295,7 @@ ssh2_try_pubkey(char *filename, | |||
| 295 | unsigned char *blob, *signature; | 295 | unsigned char *blob, *signature; |
| 296 | int bloblen, slen; | 296 | int bloblen, slen; |
| 297 | struct stat st; | 297 | struct stat st; |
| 298 | int skip = 0; | ||
| 298 | 299 | ||
| 299 | if (stat(filename, &st) != 0) { | 300 | if (stat(filename, &st) != 0) { |
| 300 | debug("key does not exist: %s", filename); | 301 | debug("key does not exist: %s", filename); |
| @@ -314,14 +315,22 @@ ssh2_try_pubkey(char *filename, | |||
| 314 | success = load_private_key(filename, passphrase, k, NULL); | 315 | success = load_private_key(filename, passphrase, k, NULL); |
| 315 | memset(passphrase, 0, strlen(passphrase)); | 316 | memset(passphrase, 0, strlen(passphrase)); |
| 316 | xfree(passphrase); | 317 | xfree(passphrase); |
| 317 | if (!success) | 318 | if (!success) { |
| 319 | key_free(k); | ||
| 318 | return 0; | 320 | return 0; |
| 321 | } | ||
| 319 | } | 322 | } |
| 320 | dsa_make_key_blob(k, &blob, &bloblen); | 323 | dsa_make_key_blob(k, &blob, &bloblen); |
| 321 | 324 | ||
| 322 | /* data to be signed */ | 325 | /* data to be signed */ |
| 323 | buffer_init(&b); | 326 | buffer_init(&b); |
| 324 | buffer_append(&b, session_id2, session_id2_len); | 327 | if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) { |
| 328 | buffer_put_string(&b, session_id2, session_id2_len); | ||
| 329 | skip = buffer_len(&b); | ||
| 330 | } else { | ||
| 331 | buffer_append(&b, session_id2, session_id2_len); | ||
| 332 | skip = session_id2_len; | ||
| 333 | } | ||
| 325 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 334 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
| 326 | buffer_put_cstring(&b, server_user); | 335 | buffer_put_cstring(&b, server_user); |
| 327 | buffer_put_cstring(&b, | 336 | buffer_put_cstring(&b, |
| @@ -340,7 +349,6 @@ ssh2_try_pubkey(char *filename, | |||
| 340 | buffer_dump(&b); | 349 | buffer_dump(&b); |
| 341 | #endif | 350 | #endif |
| 342 | if (datafellows & SSH_BUG_PUBKEYAUTH) { | 351 | if (datafellows & SSH_BUG_PUBKEYAUTH) { |
| 343 | /* e.g. ssh-2.0.13: data-to-be-signed != data-on-the-wire */ | ||
| 344 | buffer_clear(&b); | 352 | buffer_clear(&b); |
| 345 | buffer_append(&b, session_id2, session_id2_len); | 353 | buffer_append(&b, session_id2, session_id2_len); |
| 346 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 354 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
| @@ -357,9 +365,9 @@ ssh2_try_pubkey(char *filename, | |||
| 357 | xfree(signature); | 365 | xfree(signature); |
| 358 | 366 | ||
| 359 | /* skip session id and packet type */ | 367 | /* skip session id and packet type */ |
| 360 | if (buffer_len(&b) < session_id2_len + 1) | 368 | if (buffer_len(&b) < skip + 1) |
| 361 | fatal("ssh2_try_pubkey: internal error"); | 369 | fatal("ssh2_try_pubkey: internal error"); |
| 362 | buffer_consume(&b, session_id2_len + 1); | 370 | buffer_consume(&b, skip + 1); |
| 363 | 371 | ||
| 364 | /* put remaining data from buffer into packet */ | 372 | /* put remaining data from buffer into packet */ |
| 365 | packet_start(SSH2_MSG_USERAUTH_REQUEST); | 373 | packet_start(SSH2_MSG_USERAUTH_REQUEST); |