diff --git a/ChangeLog b/ChangeLog index 91415641f..5810944b1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,10 @@ - stevesk@cvs.openbsd.org 2001/03/10 15:02:05 [ttymodes.c ttymodes.h] remove unused sgtty macros; ok markus@ + - deraadt@cvs.openbsd.org 2001/03/10 15:31:00 + [compat.c compat.h sshconnect.c] + all known netscreen ssh versions, and older versions of OSU ssh cannot + handle password padding (newer OSU is fixed) 20010310 - OpenBSD CVS Sync @@ -4480,4 +4484,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.936 2001/03/10 17:17:28 mouring Exp $ +$Id: ChangeLog,v 1.937 2001/03/10 17:22:20 mouring Exp $ diff --git a/compat.c b/compat.c index 38fc52605..5f0d7cd0c 100644 --- a/compat.c +++ b/compat.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.37 2001/03/08 21:42:31 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.38 2001/03/10 15:31:00 deraadt Exp $"); #ifdef HAVE_LIBPCRE # include @@ -84,13 +84,19 @@ compat_datafellows(const char *version) SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKAUTH|SSH_BUG_PKOK }, - { "^2\\.[23]\\.0", SSH_BUG_HMAC}, + { "^2\\.[23]\\.0", SSH_BUG_HMAC }, { "^2\\.[2-9]\\.", 0 }, - { "^2\\.4$", SSH_OLD_SESSIONID}, /* Van Dyke */ - { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID}, - { "^1\\.7 SecureFX", SSH_OLD_SESSIONID}, - { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG}, - { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG}, + { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ + { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, + { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, + { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG }, + { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG }, + { "^SSH Compatible Server", /* Netscreen */ + SSH_BUG_PASSWORDPAD }, + { "^OSU_0", SSH_BUG_PASSWORDPAD }, + { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, + { "^OSU_1\\.5alpha[1-3]", + SSH_BUG_PASSWORDPAD }, { NULL, 0 } }; /* process table, return first match */ diff --git a/compat.h b/compat.h index 9359d4b79..a1fdbe764 100644 --- a/compat.h +++ b/compat.h @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: compat.h,v 1.16 2001/03/08 21:42:32 markus Exp $"); */ +/* RCSID("$OpenBSD: compat.h,v 1.17 2001/03/10 15:31:00 deraadt Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -41,6 +41,7 @@ #define SSH_BUG_BANNER 0x0080 #define SSH_BUG_IGNOREMSG 0x0100 #define SSH_BUG_PKOK 0x0200 +#define SSH_BUG_PASSWORDPAD 0x0400 void enable_compat13(void); void enable_compat20(void); diff --git a/sshconnect.c b/sshconnect.c index 9962d49bd..573ae76b1 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.98 2001/03/04 17:42:28 millert Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.99 2001/03/10 15:31:00 deraadt Exp $"); #include @@ -777,6 +777,10 @@ ssh_put_password(char *password) int size; char *padded; + if (datafellows & SSH_BUG_PASSWORDPAD) { + packet_put_string(password, strlen(password)); + return; + } size = roundup(strlen(password) + 1, 32); padded = xmalloc(size); memset(padded, 0, size);