1 files changed, 34 insertions, 16 deletions
diff --git a/sshconnect1.c b/sshconnect1.c
index 440d7c5bd..fd07bbf74 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -13,28 +14,38 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.62 2005/10/30 08:52:18 djm Exp $");
+#include <sys/types.h>
+#include <sys/socket.h>
 #include <openssl/bn.h>
 #include <openssl/md5.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <signal.h>
+#include <pwd.h>
+#include "xmalloc.h"
 #include "ssh.h"
 #include "ssh1.h"
-#include "xmalloc.h"
 #include "rsa.h"
 #include "buffer.h"
 #include "packet.h"
+#include "key.h"
+#include "cipher.h"
 #include "kex.h"
 #include "uidswap.h"
 #include "log.h"
 #include "readconf.h"
-#include "key.h"
 #include "authfd.h"
 #include "sshconnect.h"
 #include "authfile.h"
 #include "misc.h"
-#include "cipher.h"
 #include "canohost.h"
+#include "hostfile.h"
 #include "auth.h"
 /* Session id for the current session. */
@@ -197,7 +208,7 @@ try_rsa_authentication(int idx)
        BIGNUM *challenge;
        Key *public, *private;
        char buf[300], *passphrase, *comment, *authfile;
-        int i, type, quit;
+        int i, perm_ok = 1, type, quit;
        public = options.identity_keys[idx];
        authfile = options.identity_files[idx];
@@ -243,15 +254,16 @@ try_rsa_authentication(int idx)
        if (public->flags & KEY_FLAG_EXT)
                private = public;
        else
-                private = key_load_private_type(KEY_RSA1, authfile, "", NULL);
+                private = key_load_private_type(KEY_RSA1, authfile, "", NULL,
-        if (private == NULL && !options.batch_mode) {
+                    &perm_ok);
+        if (private == NULL && !options.batch_mode && perm_ok) {
                snprintf(buf, sizeof(buf),
                    "Enter passphrase for RSA key '%.100s': ", comment);
                for (i = 0; i < options.number_of_password_prompts; i++) {
                        passphrase = read_passphrase(buf, 0);
                        if (strcmp(passphrase, "") != 0) {
                                private = key_load_private_type(KEY_RSA1,
-                                    authfile, passphrase, NULL);
+                                    authfile, passphrase, NULL, NULL);
                                quit = 0;
                        } else {
                                debug2("no passphrase given, try next key");
@@ -268,7 +280,7 @@ try_rsa_authentication(int idx)
        xfree(comment);
        if (private == NULL) {
-                if (!options.batch_mode)
+                if (!options.batch_mode && perm_ok)
                        error("Bad passphrase.");
                /* Send a dummy response packet to avoid protocol error. */
@@ -551,14 +563,20 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
         * the first 16 bytes of the session id.
         */
        if ((key = BN_new()) == NULL)
-                fatal("respond_to_rsa_challenge: BN_new failed");
+                fatal("ssh_kex: BN_new failed");
-        BN_set_word(key, 0);
+        if (BN_set_word(key, 0) == 0)
+                fatal("ssh_kex: BN_set_word failed");
        for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
-                BN_lshift(key, key, 8);
+                if (BN_lshift(key, key, 8) == 0)
-                if (i < 16)
+                        fatal("ssh_kex: BN_lshift failed");
-                        BN_add_word(key, session_key[i] ^ session_id[i]);
+                if (i < 16) {
-                else
+                        if (BN_add_word(key, session_key[i] ^ session_id[i])
-                        BN_add_word(key, session_key[i]);
+                            == 0)
+                                fatal("ssh_kex: BN_add_word failed");
+                } else {
+                        if (BN_add_word(key, session_key[i]) == 0)
+                                fatal("ssh_kex: BN_add_word failed");
+                }
        }
        /*

diff --git a/sshconnect1.c b/sshconnect1.c index 440d7c5bd..fd07bbf74 100644 --- a/sshconnect1.c +++ b/sshconnect1.c
@@ -1,3 +1,4 @@
		1	/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
1	/*	2	/*
2	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -13,28 +14,38 @@
13	*/	14	*/
14		15
15	#include "includes.h"	16	#include "includes.h"
16	RCSID("$OpenBSD: sshconnect1.c,v 1.62 2005/10/30 08:52:18 djm Exp $");	17
		18	#include <sys/types.h>
		19	#include <sys/socket.h>
17		20
18	#include <openssl/bn.h>	21	#include <openssl/bn.h>
19	#include <openssl/md5.h>	22	#include <openssl/md5.h>
20		23
		24	#include <stdarg.h>
		25	#include <stdio.h>
		26	#include <stdlib.h>
		27	#include <string.h>
		28	#include <signal.h>
		29	#include <pwd.h>
		30
		31	#include "xmalloc.h"
21	#include "ssh.h"	32	#include "ssh.h"
22	#include "ssh1.h"	33	#include "ssh1.h"
23	#include "xmalloc.h"
24	#include "rsa.h"	34	#include "rsa.h"
25	#include "buffer.h"	35	#include "buffer.h"
26	#include "packet.h"	36	#include "packet.h"
		37	#include "key.h"
		38	#include "cipher.h"
27	#include "kex.h"	39	#include "kex.h"
28	#include "uidswap.h"	40	#include "uidswap.h"
29	#include "log.h"	41	#include "log.h"
30	#include "readconf.h"	42	#include "readconf.h"
31	#include "key.h"
32	#include "authfd.h"	43	#include "authfd.h"
33	#include "sshconnect.h"	44	#include "sshconnect.h"
34	#include "authfile.h"	45	#include "authfile.h"
35	#include "misc.h"	46	#include "misc.h"
36	#include "cipher.h"
37	#include "canohost.h"	47	#include "canohost.h"
		48	#include "hostfile.h"
38	#include "auth.h"	49	#include "auth.h"
39		50
40	/* Session id for the current session. */	51	/* Session id for the current session. */
@@ -197,7 +208,7 @@ try_rsa_authentication(int idx)
197	BIGNUM *challenge;	208	BIGNUM *challenge;
198	Key public, private;	209	Key public, private;
199	char buf[300], passphrase, comment, *authfile;	210	char buf[300], passphrase, comment, *authfile;
200	int i, type, quit;	211	int i, perm_ok = 1, type, quit;
201		212
202	public = options.identity_keys[idx];	213	public = options.identity_keys[idx];
203	authfile = options.identity_files[idx];	214	authfile = options.identity_files[idx];
@@ -243,15 +254,16 @@ try_rsa_authentication(int idx)
243	if (public->flags & KEY_FLAG_EXT)	254	if (public->flags & KEY_FLAG_EXT)
244	private = public;	255	private = public;
245	else	256	else
246	private = key_load_private_type(KEY_RSA1, authfile, "", NULL);	257	private = key_load_private_type(KEY_RSA1, authfile, "", NULL,
247	if (private == NULL && !options.batch_mode) {	258	&perm_ok);
		259	if (private == NULL && !options.batch_mode && perm_ok) {
248	snprintf(buf, sizeof(buf),	260	snprintf(buf, sizeof(buf),
249	"Enter passphrase for RSA key '%.100s': ", comment);	261	"Enter passphrase for RSA key '%.100s': ", comment);
250	for (i = 0; i < options.number_of_password_prompts; i++) {	262	for (i = 0; i < options.number_of_password_prompts; i++) {
251	passphrase = read_passphrase(buf, 0);	263	passphrase = read_passphrase(buf, 0);
252	if (strcmp(passphrase, "") != 0) {	264	if (strcmp(passphrase, "") != 0) {
253	private = key_load_private_type(KEY_RSA1,	265	private = key_load_private_type(KEY_RSA1,
254	authfile, passphrase, NULL);	266	authfile, passphrase, NULL, NULL);
255	quit = 0;	267	quit = 0;
256	} else {	268	} else {
257	debug2("no passphrase given, try next key");	269	debug2("no passphrase given, try next key");
@@ -268,7 +280,7 @@ try_rsa_authentication(int idx)
268	xfree(comment);	280	xfree(comment);
269		281
270	if (private == NULL) {	282	if (private == NULL) {
271	if (!options.batch_mode)	283	if (!options.batch_mode && perm_ok)
272	error("Bad passphrase.");	284	error("Bad passphrase.");
273		285
274	/* Send a dummy response packet to avoid protocol error. */	286	/* Send a dummy response packet to avoid protocol error. */
@@ -551,14 +563,20 @@ ssh_kex(char host, struct sockaddr hostaddr)
551	* the first 16 bytes of the session id.	563	* the first 16 bytes of the session id.
552	*/	564	*/
553	if ((key = BN_new()) == NULL)	565	if ((key = BN_new()) == NULL)
554	fatal("respond_to_rsa_challenge: BN_new failed");	566	fatal("ssh_kex: BN_new failed");
555	BN_set_word(key, 0);	567	if (BN_set_word(key, 0) == 0)
		568	fatal("ssh_kex: BN_set_word failed");
556	for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {	569	for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
557	BN_lshift(key, key, 8);	570	if (BN_lshift(key, key, 8) == 0)
558	if (i < 16)	571	fatal("ssh_kex: BN_lshift failed");
559	BN_add_word(key, session_key[i] ^ session_id[i]);	572	if (i < 16) {
560	else	573	if (BN_add_word(key, session_key[i] ^ session_id[i])
561	BN_add_word(key, session_key[i]);	574	== 0)
		575	fatal("ssh_kex: BN_add_word failed");
		576	} else {
		577	if (BN_add_word(key, session_key[i]) == 0)
		578	fatal("ssh_kex: BN_add_word failed");
		579	}
562	}	580	}
563		581
564	/*	582	/*