diff options
Diffstat (limited to 'sshconnect1.c')
-rw-r--r-- | sshconnect1.c | 22 |
1 files changed, 8 insertions, 14 deletions
diff --git a/sshconnect1.c b/sshconnect1.c index 166e392e7..240bdffe2 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect1.c,v 1.43 2001/12/27 18:22:16 markus Exp $"); | 16 | RCSID("$OpenBSD: sshconnect1.c,v 1.44 2001/12/27 20:39:58 markus Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | #include <openssl/evp.h> | 19 | #include <openssl/evp.h> |
@@ -109,8 +109,7 @@ try_agent_authentication(void) | |||
109 | type); | 109 | type); |
110 | 110 | ||
111 | packet_get_bignum(challenge, &clen); | 111 | packet_get_bignum(challenge, &clen); |
112 | 112 | packet_done(); | |
113 | packet_integrity_check(plen, clen, type); | ||
114 | 113 | ||
115 | debug("Received RSA challenge from server."); | 114 | debug("Received RSA challenge from server."); |
116 | 115 | ||
@@ -244,8 +243,7 @@ try_rsa_authentication(int idx) | |||
244 | if ((challenge = BN_new()) == NULL) | 243 | if ((challenge = BN_new()) == NULL) |
245 | fatal("try_rsa_authentication: BN_new failed"); | 244 | fatal("try_rsa_authentication: BN_new failed"); |
246 | packet_get_bignum(challenge, &clen); | 245 | packet_get_bignum(challenge, &clen); |
247 | 246 | packet_done(); | |
248 | packet_integrity_check(plen, clen, type); | ||
249 | 247 | ||
250 | debug("Received RSA challenge from server."); | 248 | debug("Received RSA challenge from server."); |
251 | 249 | ||
@@ -359,8 +357,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) | |||
359 | if ((challenge = BN_new()) == NULL) | 357 | if ((challenge = BN_new()) == NULL) |
360 | fatal("try_rhosts_rsa_authentication: BN_new failed"); | 358 | fatal("try_rhosts_rsa_authentication: BN_new failed"); |
361 | packet_get_bignum(challenge, &clen); | 359 | packet_get_bignum(challenge, &clen); |
362 | 360 | packet_done(); | |
363 | packet_integrity_check(plen, clen, type); | ||
364 | 361 | ||
365 | debug("Received RSA challenge for host key from server."); | 362 | debug("Received RSA challenge for host key from server."); |
366 | 363 | ||
@@ -467,7 +464,7 @@ try_krb4_authentication(void) | |||
467 | memcpy(auth.dat, reply, auth.length); | 464 | memcpy(auth.dat, reply, auth.length); |
468 | xfree(reply); | 465 | xfree(reply); |
469 | 466 | ||
470 | packet_integrity_check(plen, 4 + auth.length, type); | 467 | packet_done(); |
471 | 468 | ||
472 | /* | 469 | /* |
473 | * If his response isn't properly encrypted with the session | 470 | * If his response isn't properly encrypted with the session |
@@ -576,8 +573,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) | |||
576 | 573 | ||
577 | /* Get server's response. */ | 574 | /* Get server's response. */ |
578 | ap.data = packet_get_string((unsigned int *) &ap.length); | 575 | ap.data = packet_get_string((unsigned int *) &ap.length); |
579 | 576 | packet_done(); | |
580 | packet_integrity_check(payload_len, 4 + ap.length, type); | ||
581 | /* XXX je to dobre? */ | 577 | /* XXX je to dobre? */ |
582 | 578 | ||
583 | problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); | 579 | problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); |
@@ -842,7 +838,7 @@ try_challenge_response_authentication(void) | |||
842 | return 0; | 838 | return 0; |
843 | } | 839 | } |
844 | challenge = packet_get_string(&clen); | 840 | challenge = packet_get_string(&clen); |
845 | packet_integrity_check(payload_len, (4 + clen), type); | 841 | packet_done(); |
846 | snprintf(prompt, sizeof prompt, "%s%s", challenge, | 842 | snprintf(prompt, sizeof prompt, "%s%s", challenge, |
847 | strchr(challenge, '\n') ? "" : "\nResponse: "); | 843 | strchr(challenge, '\n') ? "" : "\nResponse: "); |
848 | xfree(challenge); | 844 | xfree(challenge); |
@@ -968,13 +964,11 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
968 | 964 | ||
969 | supported_ciphers = packet_get_int(); | 965 | supported_ciphers = packet_get_int(); |
970 | supported_authentications = packet_get_int(); | 966 | supported_authentications = packet_get_int(); |
967 | packet_done(); | ||
971 | 968 | ||
972 | debug("Received server public key (%d bits) and host key (%d bits).", | 969 | debug("Received server public key (%d bits) and host key (%d bits).", |
973 | BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); | 970 | BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); |
974 | 971 | ||
975 | packet_integrity_check(payload_len, | ||
976 | 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, | ||
977 | SSH_SMSG_PUBLIC_KEY); | ||
978 | if (verify_host_key(host, hostaddr, host_key) == -1) | 972 | if (verify_host_key(host, hostaddr, host_key) == -1) |
979 | fatal("Host key verification failed."); | 973 | fatal("Host key verification failed."); |
980 | 974 | ||