diff options
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 40 |
1 files changed, 16 insertions, 24 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 6e61a353d..f991f81d8 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.128 2003/10/26 16:57:43 avsm Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.129 2003/11/02 11:01:03 markus Exp $"); |
27 | 27 | ||
28 | #include "openbsd-compat/sys-queue.h" | 28 | #include "openbsd-compat/sys-queue.h" |
29 | 29 | ||
@@ -519,17 +519,11 @@ userauth_gssapi(Authctxt *authctxt) | |||
519 | 519 | ||
520 | packet_put_int(1); | 520 | packet_put_int(1); |
521 | 521 | ||
522 | /* Some servers encode the OID incorrectly (as we used to) */ | 522 | packet_put_int((gss_supported->elements[mech].length) + 2); |
523 | if (datafellows & SSH_BUG_GSSAPI_BER) { | 523 | packet_put_char(SSH_GSS_OIDTYPE); |
524 | packet_put_string(gss_supported->elements[mech].elements, | 524 | packet_put_char(gss_supported->elements[mech].length); |
525 | gss_supported->elements[mech].length); | 525 | packet_put_raw(gss_supported->elements[mech].elements, |
526 | } else { | 526 | gss_supported->elements[mech].length); |
527 | packet_put_int((gss_supported->elements[mech].length)+2); | ||
528 | packet_put_char(SSH_GSS_OIDTYPE); | ||
529 | packet_put_char(gss_supported->elements[mech].length); | ||
530 | packet_put_raw(gss_supported->elements[mech].elements, | ||
531 | gss_supported->elements[mech].length); | ||
532 | } | ||
533 | 527 | ||
534 | packet_send(); | 528 | packet_send(); |
535 | 529 | ||
@@ -560,20 +554,18 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) | |||
560 | /* Setup our OID */ | 554 | /* Setup our OID */ |
561 | oidv = packet_get_string(&oidlen); | 555 | oidv = packet_get_string(&oidlen); |
562 | 556 | ||
563 | if (datafellows & SSH_BUG_GSSAPI_BER) { | 557 | if (oidlen <= 2 || |
564 | if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen)) | 558 | oidv[0] != SSH_GSS_OIDTYPE || |
565 | fatal("Server returned different OID than expected"); | 559 | oidv[1] != oidlen - 2) { |
566 | } else { | 560 | debug("Badly encoded mechanism OID received"); |
567 | if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) { | 561 | userauth(authctxt, NULL); |
568 | debug("Badly encoded mechanism OID received"); | 562 | xfree(oidv); |
569 | userauth(authctxt, NULL); | 563 | return; |
570 | xfree(oidv); | ||
571 | return; | ||
572 | } | ||
573 | if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2)) | ||
574 | fatal("Server returned different OID than expected"); | ||
575 | } | 564 | } |
576 | 565 | ||
566 | if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2)) | ||
567 | fatal("Server returned different OID than expected"); | ||
568 | |||
577 | packet_check_eom(); | 569 | packet_check_eom(); |
578 | 570 | ||
579 | xfree(oidv); | 571 | xfree(oidv); |