summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--auth2-gss.c22
-rw-r--r--compat.c8
-rw-r--r--compat.h3
-rw-r--r--sshconnect2.c40
5 files changed, 34 insertions, 44 deletions
diff --git a/ChangeLog b/ChangeLog
index 78e04928e..67a747560 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,6 +16,9 @@
16 - markus@cvs.openbsd.org 2003/10/28 09:08:06 16 - markus@cvs.openbsd.org 2003/10/28 09:08:06
17 [misc.c] 17 [misc.c]
18 error->debug for getsockopt+TCP_NODELAY; several requests 18 error->debug for getsockopt+TCP_NODELAY; several requests
19 - markus@cvs.openbsd.org 2003/11/02 11:01:03
20 [auth2-gss.c compat.c compat.h sshconnect2.c]
21 remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
19 22
2020031021 2320031021
21 - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords 24 - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
@@ -1390,4 +1393,4 @@
1390 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. 1393 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
1391 Report from murple@murple.net, diagnosis from dtucker@zip.com.au 1394 Report from murple@murple.net, diagnosis from dtucker@zip.com.au
1392 1395
1393$Id: ChangeLog,v 1.3090 2003/11/03 09:07:14 dtucker Exp $ 1396$Id: ChangeLog,v 1.3091 2003/11/03 09:09:03 dtucker Exp $
diff --git a/auth2-gss.c b/auth2-gss.c
index a82b87f51..84fb384f9 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-gss.c,v 1.4 2003/10/21 09:50:06 markus Exp $ */ 1/* $OpenBSD: auth2-gss.c,v 1.5 2003/11/02 11:01:03 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -78,19 +78,19 @@ userauth_gssapi(Authctxt *authctxt)
78 if (doid) 78 if (doid)
79 xfree(doid); 79 xfree(doid);
80 80
81 present = 0;
81 doid = packet_get_string(&len); 82 doid = packet_get_string(&len);
82 if (len <= 2)
83 packet_disconnect("Short OID received");
84 83
85 if (doid[0] != SSH_GSS_OIDTYPE || doid[1] != len-2) { 84 if (len > 2 &&
86 logit("Mechanism OID received using the old encoding form"); 85 doid[0] == SSH_GSS_OIDTYPE &&
87 oid.elements = doid; 86 doid[1] == len - 2) {
88 oid.length = len; 87 oid.elements = doid + 2;
88 oid.length = len - 2;
89 gss_test_oid_set_member(&ms, &oid, supported,
90 &present);
89 } else { 91 } else {
90 oid.elements = doid + 2; 92 logit("Badly formed OID received");
91 oid.length = len - 2;
92 } 93 }
93 gss_test_oid_set_member(&ms, &oid, supported, &present);
94 } while (mechs > 0 && !present); 94 } while (mechs > 0 && !present);
95 95
96 gss_release_oid_set(&ms, &supported); 96 gss_release_oid_set(&ms, &supported);
@@ -109,7 +109,7 @@ userauth_gssapi(Authctxt *authctxt)
109 109
110 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); 110 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
111 111
112 /* Return OID in same format as we received it*/ 112 /* Return the OID that we received */
113 packet_put_string(doid, len); 113 packet_put_string(doid, len);
114 114
115 packet_send(); 115 packet_send();
diff --git a/compat.c b/compat.c
index af1d14321..2fdebe7fa 100644
--- a/compat.c
+++ b/compat.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: compat.c,v 1.69 2003/08/29 10:03:15 markus Exp $"); 26RCSID("$OpenBSD: compat.c,v 1.70 2003/11/02 11:01:03 markus Exp $");
27 27
28#include "buffer.h" 28#include "buffer.h"
29#include "packet.h" 29#include "packet.h"
@@ -79,11 +79,7 @@ compat_datafellows(const char *version)
79 { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, 79 { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
80 { "OpenSSH_2.*," 80 { "OpenSSH_2.*,"
81 "OpenSSH_3.0*," 81 "OpenSSH_3.0*,"
82 "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_BUG_GSSAPI_BER}, 82 "OpenSSH_3.1*", SSH_BUG_EXTEOF},
83 { "OpenSSH_3.2*,"
84 "OpenSSH_3.3*,"
85 "OpenSSH_3.4*,"
86 "OpenSSH_3.5*", SSH_BUG_GSSAPI_BER},
87 { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, 83 { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
88 { "OpenSSH*", 0 }, 84 { "OpenSSH*", 0 },
89 { "*MindTerm*", 0 }, 85 { "*MindTerm*", 0 },
diff --git a/compat.h b/compat.h
index 7a5004455..efa0f081e 100644
--- a/compat.h
+++ b/compat.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.h,v 1.36 2003/08/29 10:03:15 markus Exp $ */ 1/* $OpenBSD: compat.h,v 1.37 2003/11/02 11:01:03 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
@@ -55,7 +55,6 @@
55#define SSH_BUG_EXTEOF 0x00200000 55#define SSH_BUG_EXTEOF 0x00200000
56#define SSH_BUG_PROBE 0x00400000 56#define SSH_BUG_PROBE 0x00400000
57#define SSH_BUG_FIRSTKEX 0x00800000 57#define SSH_BUG_FIRSTKEX 0x00800000
58#define SSH_BUG_GSSAPI_BER 0x01000000
59 58
60void enable_compat13(void); 59void enable_compat13(void);
61void enable_compat20(void); 60void enable_compat20(void);
diff --git a/sshconnect2.c b/sshconnect2.c
index 6e61a353d..f991f81d8 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: sshconnect2.c,v 1.128 2003/10/26 16:57:43 avsm Exp $"); 26RCSID("$OpenBSD: sshconnect2.c,v 1.129 2003/11/02 11:01:03 markus Exp $");
27 27
28#include "openbsd-compat/sys-queue.h" 28#include "openbsd-compat/sys-queue.h"
29 29
@@ -519,17 +519,11 @@ userauth_gssapi(Authctxt *authctxt)
519 519
520 packet_put_int(1); 520 packet_put_int(1);
521 521
522 /* Some servers encode the OID incorrectly (as we used to) */ 522 packet_put_int((gss_supported->elements[mech].length) + 2);
523 if (datafellows & SSH_BUG_GSSAPI_BER) { 523 packet_put_char(SSH_GSS_OIDTYPE);
524 packet_put_string(gss_supported->elements[mech].elements, 524 packet_put_char(gss_supported->elements[mech].length);
525 gss_supported->elements[mech].length); 525 packet_put_raw(gss_supported->elements[mech].elements,
526 } else { 526 gss_supported->elements[mech].length);
527 packet_put_int((gss_supported->elements[mech].length)+2);
528 packet_put_char(SSH_GSS_OIDTYPE);
529 packet_put_char(gss_supported->elements[mech].length);
530 packet_put_raw(gss_supported->elements[mech].elements,
531 gss_supported->elements[mech].length);
532 }
533 527
534 packet_send(); 528 packet_send();
535 529
@@ -560,20 +554,18 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt)
560 /* Setup our OID */ 554 /* Setup our OID */
561 oidv = packet_get_string(&oidlen); 555 oidv = packet_get_string(&oidlen);
562 556
563 if (datafellows & SSH_BUG_GSSAPI_BER) { 557 if (oidlen <= 2 ||
564 if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen)) 558 oidv[0] != SSH_GSS_OIDTYPE ||
565 fatal("Server returned different OID than expected"); 559 oidv[1] != oidlen - 2) {
566 } else { 560 debug("Badly encoded mechanism OID received");
567 if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) { 561 userauth(authctxt, NULL);
568 debug("Badly encoded mechanism OID received"); 562 xfree(oidv);
569 userauth(authctxt, NULL); 563 return;
570 xfree(oidv);
571 return;
572 }
573 if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2))
574 fatal("Server returned different OID than expected");
575 } 564 }
576 565
566 if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2))
567 fatal("Server returned different OID than expected");
568
577 packet_check_eom(); 569 packet_check_eom();
578 570
579 xfree(oidv); 571 xfree(oidv);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 02:42:00 +0000