summaryrefslogtreecommitdiff
path: root/auth2-passwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth2-passwd.c')
-rw-r--r--auth2-passwd.c32
1 files changed, 14 insertions, 18 deletions
diff --git a/auth2-passwd.c b/auth2-passwd.c
index b638e8715..5f7ba3244 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-passwd.c,v 1.12 2014/07/15 15:54:14 millert Exp $ */ 1/* $OpenBSD: auth2-passwd.c,v 1.14 2017/05/30 14:29:59 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -30,10 +30,10 @@
30#include <string.h> 30#include <string.h>
31#include <stdarg.h> 31#include <stdarg.h>
32 32
33#include "xmalloc.h"
34#include "packet.h" 33#include "packet.h"
34#include "ssherr.h"
35#include "log.h" 35#include "log.h"
36#include "key.h" 36#include "sshkey.h"
37#include "hostfile.h" 37#include "hostfile.h"
38#include "auth.h" 38#include "auth.h"
39#include "buffer.h" 39#include "buffer.h"
@@ -48,26 +48,22 @@
48extern ServerOptions options; 48extern ServerOptions options;
49 49
50static int 50static int
51userauth_passwd(Authctxt *authctxt) 51userauth_passwd(struct ssh *ssh)
52{ 52{
53 char *password, *newpass; 53 char *password;
54 int authenticated = 0; 54 int authenticated = 0, r;
55 int change; 55 u_char change;
56 u_int len, newlen; 56 size_t len;
57 57
58 change = packet_get_char(); 58 if ((r = sshpkt_get_u8(ssh, &change)) != 0 ||
59 password = packet_get_string(&len); 59 (r = sshpkt_get_cstring(ssh, &password, &len)) != 0 ||
60 if (change) { 60 (change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) ||
61 /* discard new password from packet */ 61 (r = sshpkt_get_end(ssh)) != 0)
62 newpass = packet_get_string(&newlen); 62 fatal("%s: %s", __func__, ssh_err(r));
63 explicit_bzero(newpass, newlen);
64 free(newpass);
65 }
66 packet_check_eom();
67 63
68 if (change) 64 if (change)
69 logit("password change not supported"); 65 logit("password change not supported");
70 else if (PRIVSEP(auth_password(authctxt, password)) == 1) 66 else if (PRIVSEP(auth_password(ssh->authctxt, password)) == 1)
71 authenticated = 1; 67 authenticated = 1;
72 explicit_bzero(password, len); 68 explicit_bzero(password, len);
73 free(password); 69 free(password);