From 671388f2338ddb335b01f1c3cf545caa9f90649e Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Thu, 19 Apr 2001 20:40:45 +0000 Subject: [PATCH] - markus@cvs.openbsd.org 2001/04/18 23:43:26 [auth2.c compat.c sshconnect2.c] more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now (however the 2.1.0 server seems to work only if debug is enabled...) --- ChangeLog | 6 +++++- auth2.c | 20 ++++++-------------- compat.c | 5 +++-- sshconnect2.c | 16 ++++++---------- 4 files changed, 20 insertions(+), 27 deletions(-) diff --git a/ChangeLog b/ChangeLog index c1bbc6a27..488b1e6a4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,10 @@ - markus@cvs.openbsd.org 2001/04/18 22:48:26 [auth2.c] no longer const + - markus@cvs.openbsd.org 2001/04/18 23:43:26 + [auth2.c compat.c sshconnect2.c] + more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now + (however the 2.1.0 server seems to work only if debug is enabled...) 20010418 - OpenBSD CVS Sync @@ -5174,4 +5178,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1143 2001/04/19 20:38:06 mouring Exp $ +$Id: ChangeLog,v 1.1144 2001/04/19 20:40:45 mouring Exp $ diff --git a/auth2.c b/auth2.c index 5db8f8d5d..1abb01d2a 100644 --- a/auth2.c +++ b/auth2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.54 2001/04/18 22:48:26 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.55 2001/04/18 23:43:25 markus Exp $"); #include @@ -534,8 +534,7 @@ userauth_hostbased(Authctxt *authctxt) { Buffer b; Key *key; - char *pkalg, *pkblob, *sig; - char *cuser, *chost; + char *pkalg, *pkblob, *sig, *cuser, *chost, *service; u_int alen, blen, slen; int pktype; int authenticated = 0; @@ -571,21 +570,14 @@ userauth_hostbased(Authctxt *authctxt) debug("userauth_hostbased: cannot decode key: %s", pkalg); goto done; } + service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : + authctxt->service; buffer_init(&b); - if (datafellows & SSH_OLD_SESSIONID) { - buffer_append(&b, session_id2, session_id2_len); - } else { - buffer_put_string(&b, session_id2, session_id2_len); - } - if (datafellows & SSH_BUG_HBSERVICE) - debug("SSH_BUG_HBSERVICE"); + buffer_put_string(&b, session_id2, session_id2_len); /* reconstruct packet */ buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, authctxt->user); - buffer_put_cstring(&b, - datafellows & SSH_BUG_HBSERVICE ? - "ssh-userauth" : - authctxt->service); + buffer_put_cstring(&b, service); buffer_put_cstring(&b, "hostbased"); buffer_put_string(&b, pkalg, alen); buffer_put_string(&b, pkblob, blen); diff --git a/compat.c b/compat.c index 4bdc6c6b3..f5eeda0eb 100644 --- a/compat.c +++ b/compat.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.46 2001/04/12 19:15:24 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.47 2001/04/18 23:43:25 markus Exp $"); #ifdef HAVE_LIBPCRE # include @@ -92,7 +92,8 @@ compat_datafellows(const char *version) { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| - SSH_BUG_PKOK|SSH_BUG_RSASIGMD5 }, + SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| + SSH_BUG_HBSERVICE }, { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| diff --git a/sshconnect2.c b/sshconnect2.c index ac3ad013b..14e3d401a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.71 2001/04/18 22:03:45 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $"); #include #include @@ -815,6 +815,7 @@ userauth_hostbased(Authctxt *authctxt) Buffer b; u_char *signature, *blob; char *chost, *pkalg, *p; + const char *service; u_int blen, slen; int ok, i, len, found = 0; @@ -847,20 +848,15 @@ userauth_hostbased(Authctxt *authctxt) xfree(chost); return 0; } + service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : + authctxt->service; pkalg = xstrdup(key_ssh_name(private)); buffer_init(&b); - if (datafellows & SSH_OLD_SESSIONID) { - buffer_append(&b, session_id2, session_id2_len); - } else { - buffer_put_string(&b, session_id2, session_id2_len); - } /* construct data */ + buffer_put_string(&b, session_id2, session_id2_len); buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, authctxt->server_user); - buffer_put_cstring(&b, - datafellows & SSH_BUG_HBSERVICE ? - "ssh-userauth" : - authctxt->service); + buffer_put_cstring(&b, service); buffer_put_cstring(&b, authctxt->method->name); buffer_put_cstring(&b, pkalg); buffer_put_string(&b, blob, blen);