diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | sshconnect2.c | 21 |
2 files changed, 24 insertions, 1 deletions
| @@ -20,6 +20,10 @@ | |||
| 20 | [authfile.c] | 20 | [authfile.c] |
| 21 | switch from 3DES to AES-128 for encryption of passphrase-protected | 21 | switch from 3DES to AES-128 for encryption of passphrase-protected |
| 22 | SSH protocol 2 private keys; ok several | 22 | SSH protocol 2 private keys; ok several |
| 23 | - djm@cvs.openbsd.org 2009/10/23 01:57:11 | ||
| 24 | [sshconnect2.c] | ||
| 25 | disallow a hostile server from checking jpake auth by sending an | ||
| 26 | out-of-sequence success message. (doesn't affect code enabled by default) | ||
| 23 | 27 | ||
| 24 | 20091011 | 28 | 20091011 |
| 25 | - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for | 29 | - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for |
diff --git a/sshconnect2.c b/sshconnect2.c index 260c6307a..1e0e9d5e1 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshconnect2.c,v 1.171 2009/03/05 07:18:19 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.172 2009/10/23 01:57:11 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
| @@ -210,6 +210,7 @@ struct Authmethod { | |||
| 210 | }; | 210 | }; |
| 211 | 211 | ||
| 212 | void input_userauth_success(int, u_int32_t, void *); | 212 | void input_userauth_success(int, u_int32_t, void *); |
| 213 | void input_userauth_success_unexpected(int, u_int32_t, void *); | ||
| 213 | void input_userauth_failure(int, u_int32_t, void *); | 214 | void input_userauth_failure(int, u_int32_t, void *); |
| 214 | void input_userauth_banner(int, u_int32_t, void *); | 215 | void input_userauth_banner(int, u_int32_t, void *); |
| 215 | void input_userauth_error(int, u_int32_t, void *); | 216 | void input_userauth_error(int, u_int32_t, void *); |
| @@ -427,12 +428,15 @@ void | |||
| 427 | input_userauth_success(int type, u_int32_t seq, void *ctxt) | 428 | input_userauth_success(int type, u_int32_t seq, void *ctxt) |
| 428 | { | 429 | { |
| 429 | Authctxt *authctxt = ctxt; | 430 | Authctxt *authctxt = ctxt; |
| 431 | |||
| 430 | if (authctxt == NULL) | 432 | if (authctxt == NULL) |
| 431 | fatal("input_userauth_success: no authentication context"); | 433 | fatal("input_userauth_success: no authentication context"); |
| 432 | if (authctxt->authlist) { | 434 | if (authctxt->authlist) { |
| 433 | xfree(authctxt->authlist); | 435 | xfree(authctxt->authlist); |
| 434 | authctxt->authlist = NULL; | 436 | authctxt->authlist = NULL; |
| 435 | } | 437 | } |
| 438 | if (authctxt->method != NULL && authctxt->method->cleanup != NULL) | ||
| 439 | authctxt->method->cleanup(authctxt); | ||
| 436 | if (authctxt->methoddata) { | 440 | if (authctxt->methoddata) { |
| 437 | xfree(authctxt->methoddata); | 441 | xfree(authctxt->methoddata); |
| 438 | authctxt->methoddata = NULL; | 442 | authctxt->methoddata = NULL; |
| @@ -440,6 +444,18 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt) | |||
| 440 | authctxt->success = 1; /* break out */ | 444 | authctxt->success = 1; /* break out */ |
| 441 | } | 445 | } |
| 442 | 446 | ||
| 447 | void | ||
| 448 | input_userauth_success_unexpected(int type, u_int32_t seq, void *ctxt) | ||
| 449 | { | ||
| 450 | Authctxt *authctxt = ctxt; | ||
| 451 | |||
| 452 | if (authctxt == NULL) | ||
| 453 | fatal("%s: no authentication context", __func__); | ||
| 454 | |||
| 455 | fatal("Unexpected authentication success during %s.", | ||
| 456 | authctxt->method->name); | ||
| 457 | } | ||
| 458 | |||
| 443 | /* ARGSUSED */ | 459 | /* ARGSUSED */ |
| 444 | void | 460 | void |
| 445 | input_userauth_failure(int type, u_int32_t seq, void *ctxt) | 461 | input_userauth_failure(int type, u_int32_t seq, void *ctxt) |
| @@ -1709,6 +1725,8 @@ userauth_jpake(Authctxt *authctxt) | |||
| 1709 | /* Expect step 1 packet from peer */ | 1725 | /* Expect step 1 packet from peer */ |
| 1710 | dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1, | 1726 | dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1, |
| 1711 | input_userauth_jpake_server_step1); | 1727 | input_userauth_jpake_server_step1); |
| 1728 | dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, | ||
| 1729 | &input_userauth_success_unexpected); | ||
| 1712 | 1730 | ||
| 1713 | return 1; | 1731 | return 1; |
| 1714 | } | 1732 | } |
| @@ -1721,6 +1739,7 @@ userauth_jpake_cleanup(Authctxt *authctxt) | |||
| 1721 | jpake_free(authctxt->methoddata); | 1739 | jpake_free(authctxt->methoddata); |
| 1722 | authctxt->methoddata = NULL; | 1740 | authctxt->methoddata = NULL; |
| 1723 | } | 1741 | } |
| 1742 | dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); | ||
| 1724 | } | 1743 | } |
| 1725 | #endif /* JPAKE */ | 1744 | #endif /* JPAKE */ |
| 1726 | 1745 | ||