diff options
Diffstat (limited to 'auth2-hostbased.c')
-rw-r--r-- | auth2-hostbased.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 92758b38c..8996f7e05 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-hostbased.c,v 1.31 2017/06/24 06:34:38 djm Exp $ */ | 1 | /* $OpenBSD: auth2-hostbased.c,v 1.33 2018/01/23 05:27:21 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -62,7 +62,7 @@ userauth_hostbased(struct ssh *ssh) | |||
62 | Authctxt *authctxt = ssh->authctxt; | 62 | Authctxt *authctxt = ssh->authctxt; |
63 | struct sshbuf *b; | 63 | struct sshbuf *b; |
64 | struct sshkey *key = NULL; | 64 | struct sshkey *key = NULL; |
65 | char *pkalg, *cuser, *chost, *service; | 65 | char *pkalg, *cuser, *chost; |
66 | u_char *pkblob, *sig; | 66 | u_char *pkblob, *sig; |
67 | size_t alen, blen, slen; | 67 | size_t alen, blen, slen; |
68 | int r, pktype, authenticated = 0; | 68 | int r, pktype, authenticated = 0; |
@@ -118,15 +118,13 @@ userauth_hostbased(struct ssh *ssh) | |||
118 | goto done; | 118 | goto done; |
119 | } | 119 | } |
120 | 120 | ||
121 | service = ssh->compat & SSH_BUG_HBSERVICE ? "ssh-userauth" : | ||
122 | authctxt->service; | ||
123 | if ((b = sshbuf_new()) == NULL) | 121 | if ((b = sshbuf_new()) == NULL) |
124 | fatal("%s: sshbuf_new failed", __func__); | 122 | fatal("%s: sshbuf_new failed", __func__); |
125 | /* reconstruct packet */ | 123 | /* reconstruct packet */ |
126 | if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || | 124 | if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || |
127 | (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || | 125 | (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || |
128 | (r = sshbuf_put_cstring(b, authctxt->user)) != 0 || | 126 | (r = sshbuf_put_cstring(b, authctxt->user)) != 0 || |
129 | (r = sshbuf_put_cstring(b, service)) != 0 || | 127 | (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || |
130 | (r = sshbuf_put_cstring(b, "hostbased")) != 0 || | 128 | (r = sshbuf_put_cstring(b, "hostbased")) != 0 || |
131 | (r = sshbuf_put_string(b, pkalg, alen)) != 0 || | 129 | (r = sshbuf_put_string(b, pkalg, alen)) != 0 || |
132 | (r = sshbuf_put_string(b, pkblob, blen)) != 0 || | 130 | (r = sshbuf_put_string(b, pkblob, blen)) != 0 || |
@@ -144,7 +142,7 @@ userauth_hostbased(struct ssh *ssh) | |||
144 | authenticated = 0; | 142 | authenticated = 0; |
145 | if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && | 143 | if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && |
146 | PRIVSEP(sshkey_verify(key, sig, slen, | 144 | PRIVSEP(sshkey_verify(key, sig, slen, |
147 | sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0) | 145 | sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) |
148 | authenticated = 1; | 146 | authenticated = 1; |
149 | 147 | ||
150 | auth2_record_key(authctxt, authenticated, key); | 148 | auth2_record_key(authctxt, authenticated, key); |