RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2001/04/18 23:43:26 

[auth2.c compat.c sshconnect2.c]
     more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
     (however the 2.1.0 server seems to work only if debug is enabled...)
This commit is contained in:
Ben Lindstrom 2001-04-19 20:40:45 +00:00
parent 4aa603c150
commit 671388f233
4 changed files with 20 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -12,6 +12,10 @@
- markus@cvs.openbsd.org 2001/04/18 22:48:26
[auth2.c]
no longer const
- markus@cvs.openbsd.org 2001/04/18 23:43:26
[auth2.c compat.c sshconnect2.c]
more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
(however the 2.1.0 server seems to work only if debug is enabled...)
20010418
- OpenBSD CVS Sync
@ -5174,4 +5178,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1143 2001/04/19 20:38:06 mouring Exp $
$Id: ChangeLog,v 1.1144 2001/04/19 20:40:45 mouring Exp $

20
auth2.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.54 2001/04/18 22:48:26 markus Exp $");
RCSID("$OpenBSD: auth2.c,v 1.55 2001/04/18 23:43:25 markus Exp $");
#include <openssl/evp.h>
@ -534,8 +534,7 @@ userauth_hostbased(Authctxt *authctxt)
{
Buffer b;
Key *key;
char *pkalg, *pkblob, *sig;
char *cuser, *chost;
char *pkalg, *pkblob, *sig, *cuser, *chost, *service;
u_int alen, blen, slen;
int pktype;
int authenticated = 0;
@ -571,21 +570,14 @@ userauth_hostbased(Authctxt *authctxt)
debug("userauth_hostbased: cannot decode key: %s", pkalg);
goto done;
}
service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
authctxt->service;
buffer_init(&b);
if (datafellows & SSH_OLD_SESSIONID) {
buffer_append(&b, session_id2, session_id2_len);
} else {
buffer_put_string(&b, session_id2, session_id2_len);
}
if (datafellows & SSH_BUG_HBSERVICE)
debug("SSH_BUG_HBSERVICE");
buffer_put_string(&b, session_id2, session_id2_len);
/* reconstruct packet */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->user);
buffer_put_cstring(&b,
datafellows & SSH_BUG_HBSERVICE ?
"ssh-userauth" :
authctxt->service);
buffer_put_cstring(&b, service);
buffer_put_cstring(&b, "hostbased");
buffer_put_string(&b, pkalg, alen);
buffer_put_string(&b, pkblob, blen);

5
compat.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: compat.c,v 1.46 2001/04/12 19:15:24 markus Exp $");
RCSID("$OpenBSD: compat.c,v 1.47 2001/04/18 23:43:25 markus Exp $");
#ifdef HAVE_LIBPCRE
# include <pcreposix.h>
@ -92,7 +92,8 @@ compat_datafellows(const char *version)
{ "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5 },
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
SSH_BUG_HBSERVICE },
{ "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|

16
sshconnect2.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect2.c,v 1.71 2001/04/18 22:03:45 markus Exp $");
RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@ -815,6 +815,7 @@ userauth_hostbased(Authctxt *authctxt)
Buffer b;
u_char *signature, *blob;
char *chost, *pkalg, *p;
const char *service;
u_int blen, slen;
int ok, i, len, found = 0;
@ -847,20 +848,15 @@ userauth_hostbased(Authctxt *authctxt)
xfree(chost);
return 0;
}
service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
authctxt->service;
pkalg = xstrdup(key_ssh_name(private));
buffer_init(&b);
if (datafellows & SSH_OLD_SESSIONID) {
buffer_append(&b, session_id2, session_id2_len);
} else {
buffer_put_string(&b, session_id2, session_id2_len);
}
/* construct data */
buffer_put_string(&b, session_id2, session_id2_len);
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->server_user);
buffer_put_cstring(&b,
datafellows & SSH_BUG_HBSERVICE ?
"ssh-userauth" :
authctxt->service);
buffer_put_cstring(&b, service);
buffer_put_cstring(&b, authctxt->method->name);
buffer_put_cstring(&b, pkalg);
buffer_put_string(&b, blob, blen);