diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 36 |
1 files changed, 20 insertions, 16 deletions
@@ -11,7 +11,7 @@ | |||
11 | */ | 11 | */ |
12 | 12 | ||
13 | #include "includes.h" | 13 | #include "includes.h" |
14 | RCSID("$Id: sshd.c,v 1.37 1999/12/08 23:31:37 damien Exp $"); | 14 | RCSID("$Id: sshd.c,v 1.38 1999/12/13 23:47:16 damien Exp $"); |
15 | 15 | ||
16 | #include <poll.h> | 16 | #include <poll.h> |
17 | 17 | ||
@@ -960,7 +960,7 @@ do_connection() | |||
960 | unsigned char check_bytes[8]; | 960 | unsigned char check_bytes[8]; |
961 | char *user; | 961 | char *user; |
962 | unsigned int cipher_type, auth_mask, protocol_flags; | 962 | unsigned int cipher_type, auth_mask, protocol_flags; |
963 | int plen, slen; | 963 | int plen, slen, ulen; |
964 | u_int32_t rand = 0; | 964 | u_int32_t rand = 0; |
965 | 965 | ||
966 | /* | 966 | /* |
@@ -1139,11 +1139,8 @@ do_connection() | |||
1139 | packet_read_expect(&plen, SSH_CMSG_USER); | 1139 | packet_read_expect(&plen, SSH_CMSG_USER); |
1140 | 1140 | ||
1141 | /* Get the user name. */ | 1141 | /* Get the user name. */ |
1142 | { | 1142 | user = packet_get_string(&ulen); |
1143 | int ulen; | 1143 | packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); |
1144 | user = packet_get_string(&ulen); | ||
1145 | packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); | ||
1146 | } | ||
1147 | 1144 | ||
1148 | /* Destroy the private and public keys. They will no longer be needed. */ | 1145 | /* Destroy the private and public keys. They will no longer be needed. */ |
1149 | RSA_free(public_key); | 1146 | RSA_free(public_key); |
@@ -1646,15 +1643,22 @@ do_fake_authloop(char *user) | |||
1646 | #ifdef SKEY | 1643 | #ifdef SKEY |
1647 | int dlen; | 1644 | int dlen; |
1648 | char *password, *skeyinfo; | 1645 | char *password, *skeyinfo; |
1649 | if (options.password_authentication && | 1646 | /* Try to send a fake s/key challenge. */ |
1650 | options.skey_authentication == 1 && | 1647 | if (options.skey_authentication == 1 && |
1651 | type == SSH_CMSG_AUTH_PASSWORD && | ||
1652 | (password = packet_get_string(&dlen)) != NULL && | ||
1653 | dlen == 5 && | ||
1654 | strncasecmp(password, "s/key", 5) == 0 && | ||
1655 | (skeyinfo = skey_fake_keyinfo(user)) != NULL) { | 1648 | (skeyinfo = skey_fake_keyinfo(user)) != NULL) { |
1656 | /* Send a fake s/key challenge. */ | 1649 | if (type == SSH_CMSG_AUTH_TIS) { |
1657 | packet_send_debug(skeyinfo); | 1650 | packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); |
1651 | packet_put_string(skeyinfo, strlen(skeyinfo)); | ||
1652 | packet_send(); | ||
1653 | packet_write_wait(); | ||
1654 | continue; | ||
1655 | } else if (type == SSH_CMSG_AUTH_PASSWORD && | ||
1656 | options.password_authentication && | ||
1657 | (password = packet_get_string(&dlen)) != NULL && | ||
1658 | dlen == 5 && | ||
1659 | strncasecmp(password, "s/key", 5) == 0 ) { | ||
1660 | packet_send_debug(skeyinfo); | ||
1661 | } | ||
1658 | } | 1662 | } |
1659 | #endif | 1663 | #endif |
1660 | if (attempt > AUTH_FAIL_MAX) | 1664 | if (attempt > AUTH_FAIL_MAX) |
@@ -1836,7 +1840,7 @@ do_authenticated(struct passwd * pw) | |||
1836 | screen = packet_get_int(); | 1840 | screen = packet_get_int(); |
1837 | else | 1841 | else |
1838 | screen = 0; | 1842 | screen = 0; |
1839 | display = x11_create_display_inet(screen); | 1843 | display = x11_create_display_inet(screen, options.x11_display_offset); |
1840 | if (!display) | 1844 | if (!display) |
1841 | goto fail; | 1845 | goto fail; |
1842 | 1846 | ||