- deraadt@cvs.openbsd.org 2001/03/10 15:31:00

[compat.c compat.h sshconnect.c]
     all known netscreen ssh versions, and older versions of OSU ssh cannot
     handle password padding (newer OSU is fixed)

ChangeLog

@@ -9,6 +9,10 @@
    - stevesk@cvs.openbsd.org 2001/03/10 15:02:05
      [ttymodes.c ttymodes.h]
      remove unused sgtty macros; ok markus@
+   - deraadt@cvs.openbsd.org 2001/03/10 15:31:00
+     [compat.c compat.h sshconnect.c]
+     all known netscreen ssh versions, and older versions of OSU ssh cannot
+     handle password padding (newer OSU is fixed)
 
 20010310
  - OpenBSD CVS Sync
@@ -4480,4 +4484,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.936 2001/03/10 17:17:28 mouring Exp $
+$Id: ChangeLog,v 1.937 2001/03/10 17:22:20 mouring Exp $

compat.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.37 2001/03/08 21:42:31 markus Exp $");
+RCSID("$OpenBSD: compat.c,v 1.38 2001/03/10 15:31:00 deraadt Exp $");
 
 #ifdef HAVE_LIBPCRE
 #  include <pcreposix.h>
@@ -84,13 +84,19 @@ compat_datafellows(const char *version)
 					SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 					SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
 					SSH_BUG_PKAUTH|SSH_BUG_PKOK },
-		{ "^2\\.[23]\\.0",	SSH_BUG_HMAC},
+		{ "^2\\.[23]\\.0",	SSH_BUG_HMAC },
 		{ "^2\\.[2-9]\\.",	0 },
-		{ "^2\\.4$",		SSH_OLD_SESSIONID}, /* Van Dyke */
-		{ "^3\\.0 SecureCRT",	SSH_OLD_SESSIONID},
-		{ "^1\\.7 SecureFX",	SSH_OLD_SESSIONID},
-		{ "^1\\.2\\.1[89]",	SSH_BUG_IGNOREMSG},
-		{ "^1\\.2\\.2[012]",	SSH_BUG_IGNOREMSG},
+		{ "^2\\.4$",		SSH_OLD_SESSIONID },	/* Van Dyke */
+		{ "^3\\.0 SecureCRT",	SSH_OLD_SESSIONID },
+		{ "^1\\.7 SecureFX",	SSH_OLD_SESSIONID },
+		{ "^1\\.2\\.1[89]",	SSH_BUG_IGNOREMSG },
+		{ "^1\\.2\\.2[012]",	SSH_BUG_IGNOREMSG },
+		{ "^SSH Compatible Server",			/* Netscreen */
+					SSH_BUG_PASSWORDPAD },
+		{ "^OSU_0",		SSH_BUG_PASSWORDPAD },
+		{ "^OSU_1\\.[0-4]",	SSH_BUG_PASSWORDPAD },
+		{ "^OSU_1\\.5alpha[1-3]",
+					SSH_BUG_PASSWORDPAD },
 		{ NULL,			0 }
 	};
 	/* process table, return first match */

compat.h

@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: compat.h,v 1.16 2001/03/08 21:42:32 markus Exp $"); */
+/* RCSID("$OpenBSD: compat.h,v 1.17 2001/03/10 15:31:00 deraadt Exp $"); */
 
 #ifndef COMPAT_H
 #define COMPAT_H
@@ -41,6 +41,7 @@
 #define SSH_BUG_BANNER		0x0080
 #define SSH_BUG_IGNOREMSG	0x0100
 #define SSH_BUG_PKOK		0x0200
+#define SSH_BUG_PASSWORDPAD	0x0400
 
 void    enable_compat13(void);
 void    enable_compat20(void);

sshconnect.c

@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.98 2001/03/04 17:42:28 millert Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.99 2001/03/10 15:31:00 deraadt Exp $");
 
 #include <openssl/bn.h>
 
@@ -777,6 +777,10 @@ ssh_put_password(char *password)
 	int size;
 	char *padded;
 
+	if (datafellows & SSH_BUG_PASSWORDPAD) {
+		packet_put_string(password, strlen(password));
+		return;
+	}
 	size = roundup(strlen(password) + 1, 32);
 	padded = xmalloc(size);
 	memset(padded, 0, size);