diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-10 17:22:20 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-10 17:22:20 +0000 |
| commit | d20d0f3e27884c7daf9d48d335168898e147b65b (patch) | |
| tree | 01bad8837c1f9fb0cde391f48a0833feaa6c706e | |
| parent | 00261540be24b71fcd5c2b62d4ee2a7edabe081c (diff) | |
- deraadt@cvs.openbsd.org 2001/03/10 15:31:00
[compat.c compat.h sshconnect.c]
all known netscreen ssh versions, and older versions of OSU ssh cannot
handle password padding (newer OSU is fixed)
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | compat.c | 20 | ||||
| -rw-r--r-- | compat.h | 3 | ||||
| -rw-r--r-- | sshconnect.c | 6 |
4 files changed, 25 insertions, 10 deletions
@@ -9,6 +9,10 @@ - stevesk@cvs.openbsd.org 2001/03/10 15:02:05 [ttymodes.c ttymodes.h] remove unused sgtty macros; ok markus@ + - deraadt@cvs.openbsd.org 2001/03/10 15:31:00 + [compat.c compat.h sshconnect.c] + all known netscreen ssh versions, and older versions of OSU ssh cannot + handle password padding (newer OSU is fixed) 20010310 - OpenBSD CVS Sync @@ -4480,4 +4484,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.936 2001/03/10 17:17:28 mouring Exp $ +$Id: ChangeLog,v 1.937 2001/03/10 17:22:20 mouring Exp $ @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.37 2001/03/08 21:42:31 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.38 2001/03/10 15:31:00 deraadt Exp $"); #ifdef HAVE_LIBPCRE # include <pcreposix.h> @@ -84,13 +84,19 @@ compat_datafellows(const char *version) SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKAUTH|SSH_BUG_PKOK }, - { "^2\\.[23]\\.0", SSH_BUG_HMAC}, + { "^2\\.[23]\\.0", SSH_BUG_HMAC }, { "^2\\.[2-9]\\.", 0 }, - { "^2\\.4$", SSH_OLD_SESSIONID}, /* Van Dyke */ - { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID}, - { "^1\\.7 SecureFX", SSH_OLD_SESSIONID}, - { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG}, - { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG}, + { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ + { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, + { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, + { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG }, + { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG }, + { "^SSH Compatible Server", /* Netscreen */ + SSH_BUG_PASSWORDPAD }, + { "^OSU_0", SSH_BUG_PASSWORDPAD }, + { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, + { "^OSU_1\\.5alpha[1-3]", + SSH_BUG_PASSWORDPAD }, { NULL, 0 } }; /* process table, return first match */ @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: compat.h,v 1.16 2001/03/08 21:42:32 markus Exp $"); */ +/* RCSID("$OpenBSD: compat.h,v 1.17 2001/03/10 15:31:00 deraadt Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -41,6 +41,7 @@ #define SSH_BUG_BANNER 0x0080 #define SSH_BUG_IGNOREMSG 0x0100 #define SSH_BUG_PKOK 0x0200 +#define SSH_BUG_PASSWORDPAD 0x0400 void enable_compat13(void); void enable_compat20(void); diff --git a/sshconnect.c b/sshconnect.c index 9962d49b..573ae76b 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.98 2001/03/04 17:42:28 millert Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.99 2001/03/10 15:31:00 deraadt Exp $"); #include <openssl/bn.h> @@ -777,6 +777,10 @@ ssh_put_password(char *password) int size; char *padded; + if (datafellows & SSH_BUG_PASSWORDPAD) { + packet_put_string(password, strlen(password)); + return; + } size = roundup(strlen(password) + 1, 32); padded = xmalloc(size); memset(padded, 0, size); |