diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | auth2.c | 20 | ||||
-rw-r--r-- | compat.c | 5 | ||||
-rw-r--r-- | sshconnect2.c | 16 |
4 files changed, 20 insertions, 27 deletions
@@ -12,6 +12,10 @@ | |||
12 | - markus@cvs.openbsd.org 2001/04/18 22:48:26 | 12 | - markus@cvs.openbsd.org 2001/04/18 22:48:26 |
13 | [auth2.c] | 13 | [auth2.c] |
14 | no longer const | 14 | no longer const |
15 | - markus@cvs.openbsd.org 2001/04/18 23:43:26 | ||
16 | [auth2.c compat.c sshconnect2.c] | ||
17 | more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now | ||
18 | (however the 2.1.0 server seems to work only if debug is enabled...) | ||
15 | 19 | ||
16 | 20010418 | 20 | 20010418 |
17 | - OpenBSD CVS Sync | 21 | - OpenBSD CVS Sync |
@@ -5174,4 +5178,4 @@ | |||
5174 | - Wrote replacements for strlcpy and mkdtemp | 5178 | - Wrote replacements for strlcpy and mkdtemp |
5175 | - Released 1.0pre1 | 5179 | - Released 1.0pre1 |
5176 | 5180 | ||
5177 | $Id: ChangeLog,v 1.1143 2001/04/19 20:38:06 mouring Exp $ | 5181 | $Id: ChangeLog,v 1.1144 2001/04/19 20:40:45 mouring Exp $ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.54 2001/04/18 22:48:26 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.55 2001/04/18 23:43:25 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -534,8 +534,7 @@ userauth_hostbased(Authctxt *authctxt) | |||
534 | { | 534 | { |
535 | Buffer b; | 535 | Buffer b; |
536 | Key *key; | 536 | Key *key; |
537 | char *pkalg, *pkblob, *sig; | 537 | char *pkalg, *pkblob, *sig, *cuser, *chost, *service; |
538 | char *cuser, *chost; | ||
539 | u_int alen, blen, slen; | 538 | u_int alen, blen, slen; |
540 | int pktype; | 539 | int pktype; |
541 | int authenticated = 0; | 540 | int authenticated = 0; |
@@ -571,21 +570,14 @@ userauth_hostbased(Authctxt *authctxt) | |||
571 | debug("userauth_hostbased: cannot decode key: %s", pkalg); | 570 | debug("userauth_hostbased: cannot decode key: %s", pkalg); |
572 | goto done; | 571 | goto done; |
573 | } | 572 | } |
573 | service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : | ||
574 | authctxt->service; | ||
574 | buffer_init(&b); | 575 | buffer_init(&b); |
575 | if (datafellows & SSH_OLD_SESSIONID) { | 576 | buffer_put_string(&b, session_id2, session_id2_len); |
576 | buffer_append(&b, session_id2, session_id2_len); | ||
577 | } else { | ||
578 | buffer_put_string(&b, session_id2, session_id2_len); | ||
579 | } | ||
580 | if (datafellows & SSH_BUG_HBSERVICE) | ||
581 | debug("SSH_BUG_HBSERVICE"); | ||
582 | /* reconstruct packet */ | 577 | /* reconstruct packet */ |
583 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 578 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
584 | buffer_put_cstring(&b, authctxt->user); | 579 | buffer_put_cstring(&b, authctxt->user); |
585 | buffer_put_cstring(&b, | 580 | buffer_put_cstring(&b, service); |
586 | datafellows & SSH_BUG_HBSERVICE ? | ||
587 | "ssh-userauth" : | ||
588 | authctxt->service); | ||
589 | buffer_put_cstring(&b, "hostbased"); | 581 | buffer_put_cstring(&b, "hostbased"); |
590 | buffer_put_string(&b, pkalg, alen); | 582 | buffer_put_string(&b, pkalg, alen); |
591 | buffer_put_string(&b, pkblob, blen); | 583 | buffer_put_string(&b, pkblob, blen); |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: compat.c,v 1.46 2001/04/12 19:15:24 markus Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.47 2001/04/18 23:43:25 markus Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LIBPCRE | 28 | #ifdef HAVE_LIBPCRE |
29 | # include <pcreposix.h> | 29 | # include <pcreposix.h> |
@@ -92,7 +92,8 @@ compat_datafellows(const char *version) | |||
92 | { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 92 | { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
93 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 93 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
94 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 94 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
95 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5 }, | 95 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| |
96 | SSH_BUG_HBSERVICE }, | ||
96 | { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 97 | { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
97 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 98 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
98 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 99 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
diff --git a/sshconnect2.c b/sshconnect2.c index ac3ad013b..14e3d401a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.71 2001/04/18 22:03:45 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
@@ -815,6 +815,7 @@ userauth_hostbased(Authctxt *authctxt) | |||
815 | Buffer b; | 815 | Buffer b; |
816 | u_char *signature, *blob; | 816 | u_char *signature, *blob; |
817 | char *chost, *pkalg, *p; | 817 | char *chost, *pkalg, *p; |
818 | const char *service; | ||
818 | u_int blen, slen; | 819 | u_int blen, slen; |
819 | int ok, i, len, found = 0; | 820 | int ok, i, len, found = 0; |
820 | 821 | ||
@@ -847,20 +848,15 @@ userauth_hostbased(Authctxt *authctxt) | |||
847 | xfree(chost); | 848 | xfree(chost); |
848 | return 0; | 849 | return 0; |
849 | } | 850 | } |
851 | service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : | ||
852 | authctxt->service; | ||
850 | pkalg = xstrdup(key_ssh_name(private)); | 853 | pkalg = xstrdup(key_ssh_name(private)); |
851 | buffer_init(&b); | 854 | buffer_init(&b); |
852 | if (datafellows & SSH_OLD_SESSIONID) { | ||
853 | buffer_append(&b, session_id2, session_id2_len); | ||
854 | } else { | ||
855 | buffer_put_string(&b, session_id2, session_id2_len); | ||
856 | } | ||
857 | /* construct data */ | 855 | /* construct data */ |
856 | buffer_put_string(&b, session_id2, session_id2_len); | ||
858 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); | 857 | buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); |
859 | buffer_put_cstring(&b, authctxt->server_user); | 858 | buffer_put_cstring(&b, authctxt->server_user); |
860 | buffer_put_cstring(&b, | 859 | buffer_put_cstring(&b, service); |
861 | datafellows & SSH_BUG_HBSERVICE ? | ||
862 | "ssh-userauth" : | ||
863 | authctxt->service); | ||
864 | buffer_put_cstring(&b, authctxt->method->name); | 860 | buffer_put_cstring(&b, authctxt->method->name); |
865 | buffer_put_cstring(&b, pkalg); | 861 | buffer_put_cstring(&b, pkalg); |
866 | buffer_put_string(&b, blob, blen); | 862 | buffer_put_string(&b, blob, blen); |