diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth2-gss.c | 22 | ||||
-rw-r--r-- | compat.c | 8 | ||||
-rw-r--r-- | compat.h | 3 | ||||
-rw-r--r-- | sshconnect2.c | 40 |
5 files changed, 34 insertions, 44 deletions
@@ -16,6 +16,9 @@ | |||
16 | - markus@cvs.openbsd.org 2003/10/28 09:08:06 | 16 | - markus@cvs.openbsd.org 2003/10/28 09:08:06 |
17 | [misc.c] | 17 | [misc.c] |
18 | error->debug for getsockopt+TCP_NODELAY; several requests | 18 | error->debug for getsockopt+TCP_NODELAY; several requests |
19 | - markus@cvs.openbsd.org 2003/11/02 11:01:03 | ||
20 | [auth2-gss.c compat.c compat.h sshconnect2.c] | ||
21 | remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk | ||
19 | 22 | ||
20 | 20031021 | 23 | 20031021 |
21 | - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords | 24 | - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords |
@@ -1390,4 +1393,4 @@ | |||
1390 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 1393 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
1391 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 1394 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
1392 | 1395 | ||
1393 | $Id: ChangeLog,v 1.3090 2003/11/03 09:07:14 dtucker Exp $ | 1396 | $Id: ChangeLog,v 1.3091 2003/11/03 09:09:03 dtucker Exp $ |
diff --git a/auth2-gss.c b/auth2-gss.c index a82b87f51..84fb384f9 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-gss.c,v 1.4 2003/10/21 09:50:06 markus Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.5 2003/11/02 11:01:03 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -78,19 +78,19 @@ userauth_gssapi(Authctxt *authctxt) | |||
78 | if (doid) | 78 | if (doid) |
79 | xfree(doid); | 79 | xfree(doid); |
80 | 80 | ||
81 | present = 0; | ||
81 | doid = packet_get_string(&len); | 82 | doid = packet_get_string(&len); |
82 | if (len <= 2) | ||
83 | packet_disconnect("Short OID received"); | ||
84 | 83 | ||
85 | if (doid[0] != SSH_GSS_OIDTYPE || doid[1] != len-2) { | 84 | if (len > 2 && |
86 | logit("Mechanism OID received using the old encoding form"); | 85 | doid[0] == SSH_GSS_OIDTYPE && |
87 | oid.elements = doid; | 86 | doid[1] == len - 2) { |
88 | oid.length = len; | 87 | oid.elements = doid + 2; |
88 | oid.length = len - 2; | ||
89 | gss_test_oid_set_member(&ms, &oid, supported, | ||
90 | &present); | ||
89 | } else { | 91 | } else { |
90 | oid.elements = doid + 2; | 92 | logit("Badly formed OID received"); |
91 | oid.length = len - 2; | ||
92 | } | 93 | } |
93 | gss_test_oid_set_member(&ms, &oid, supported, &present); | ||
94 | } while (mechs > 0 && !present); | 94 | } while (mechs > 0 && !present); |
95 | 95 | ||
96 | gss_release_oid_set(&ms, &supported); | 96 | gss_release_oid_set(&ms, &supported); |
@@ -109,7 +109,7 @@ userauth_gssapi(Authctxt *authctxt) | |||
109 | 109 | ||
110 | packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); | 110 | packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); |
111 | 111 | ||
112 | /* Return OID in same format as we received it*/ | 112 | /* Return the OID that we received */ |
113 | packet_put_string(doid, len); | 113 | packet_put_string(doid, len); |
114 | 114 | ||
115 | packet_send(); | 115 | packet_send(); |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: compat.c,v 1.69 2003/08/29 10:03:15 markus Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.70 2003/11/02 11:01:03 markus Exp $"); |
27 | 27 | ||
28 | #include "buffer.h" | 28 | #include "buffer.h" |
29 | #include "packet.h" | 29 | #include "packet.h" |
@@ -79,11 +79,7 @@ compat_datafellows(const char *version) | |||
79 | { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, | 79 | { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, |
80 | { "OpenSSH_2.*," | 80 | { "OpenSSH_2.*," |
81 | "OpenSSH_3.0*," | 81 | "OpenSSH_3.0*," |
82 | "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_BUG_GSSAPI_BER}, | 82 | "OpenSSH_3.1*", SSH_BUG_EXTEOF}, |
83 | { "OpenSSH_3.2*," | ||
84 | "OpenSSH_3.3*," | ||
85 | "OpenSSH_3.4*," | ||
86 | "OpenSSH_3.5*", SSH_BUG_GSSAPI_BER}, | ||
87 | { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, | 83 | { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, |
88 | { "OpenSSH*", 0 }, | 84 | { "OpenSSH*", 0 }, |
89 | { "*MindTerm*", 0 }, | 85 | { "*MindTerm*", 0 }, |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.h,v 1.36 2003/08/29 10:03:15 markus Exp $ */ | 1 | /* $OpenBSD: compat.h,v 1.37 2003/11/02 11:01:03 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. |
@@ -55,7 +55,6 @@ | |||
55 | #define SSH_BUG_EXTEOF 0x00200000 | 55 | #define SSH_BUG_EXTEOF 0x00200000 |
56 | #define SSH_BUG_PROBE 0x00400000 | 56 | #define SSH_BUG_PROBE 0x00400000 |
57 | #define SSH_BUG_FIRSTKEX 0x00800000 | 57 | #define SSH_BUG_FIRSTKEX 0x00800000 |
58 | #define SSH_BUG_GSSAPI_BER 0x01000000 | ||
59 | 58 | ||
60 | void enable_compat13(void); | 59 | void enable_compat13(void); |
61 | void enable_compat20(void); | 60 | void enable_compat20(void); |
diff --git a/sshconnect2.c b/sshconnect2.c index 6e61a353d..f991f81d8 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.128 2003/10/26 16:57:43 avsm Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.129 2003/11/02 11:01:03 markus Exp $"); |
27 | 27 | ||
28 | #include "openbsd-compat/sys-queue.h" | 28 | #include "openbsd-compat/sys-queue.h" |
29 | 29 | ||
@@ -519,17 +519,11 @@ userauth_gssapi(Authctxt *authctxt) | |||
519 | 519 | ||
520 | packet_put_int(1); | 520 | packet_put_int(1); |
521 | 521 | ||
522 | /* Some servers encode the OID incorrectly (as we used to) */ | 522 | packet_put_int((gss_supported->elements[mech].length) + 2); |
523 | if (datafellows & SSH_BUG_GSSAPI_BER) { | 523 | packet_put_char(SSH_GSS_OIDTYPE); |
524 | packet_put_string(gss_supported->elements[mech].elements, | 524 | packet_put_char(gss_supported->elements[mech].length); |
525 | gss_supported->elements[mech].length); | 525 | packet_put_raw(gss_supported->elements[mech].elements, |
526 | } else { | 526 | gss_supported->elements[mech].length); |
527 | packet_put_int((gss_supported->elements[mech].length)+2); | ||
528 | packet_put_char(SSH_GSS_OIDTYPE); | ||
529 | packet_put_char(gss_supported->elements[mech].length); | ||
530 | packet_put_raw(gss_supported->elements[mech].elements, | ||
531 | gss_supported->elements[mech].length); | ||
532 | } | ||
533 | 527 | ||
534 | packet_send(); | 528 | packet_send(); |
535 | 529 | ||
@@ -560,20 +554,18 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) | |||
560 | /* Setup our OID */ | 554 | /* Setup our OID */ |
561 | oidv = packet_get_string(&oidlen); | 555 | oidv = packet_get_string(&oidlen); |
562 | 556 | ||
563 | if (datafellows & SSH_BUG_GSSAPI_BER) { | 557 | if (oidlen <= 2 || |
564 | if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen)) | 558 | oidv[0] != SSH_GSS_OIDTYPE || |
565 | fatal("Server returned different OID than expected"); | 559 | oidv[1] != oidlen - 2) { |
566 | } else { | 560 | debug("Badly encoded mechanism OID received"); |
567 | if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) { | 561 | userauth(authctxt, NULL); |
568 | debug("Badly encoded mechanism OID received"); | 562 | xfree(oidv); |
569 | userauth(authctxt, NULL); | 563 | return; |
570 | xfree(oidv); | ||
571 | return; | ||
572 | } | ||
573 | if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2)) | ||
574 | fatal("Server returned different OID than expected"); | ||
575 | } | 564 | } |
576 | 565 | ||
566 | if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2)) | ||
567 | fatal("Server returned different OID than expected"); | ||
568 | |||
577 | packet_check_eom(); | 569 | packet_check_eom(); |
578 | 570 | ||
579 | xfree(oidv); | 571 | xfree(oidv); |