diff options
| author | Damien Miller <djm@mindrot.org> | 2000-06-22 21:32:31 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2000-06-22 21:32:31 +1000 |
| commit | 6536c7d3c9d0e794c5c85d4f1746b958d7e04343 (patch) | |
| tree | 9551d0d84924d6a206130fb575df5d90f1cc7a28 /sshconnect2.c | |
| parent | 099f505f9526311e48f828e95d90d488fe237219 (diff) | |
- OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/06/18 18:50:11
[auth2.c compat.c compat.h sshconnect2.c]
make userauth+pubkey interop with ssh.com-2.2.0
- markus@cvs.openbsd.org 2000/06/18 20:56:17
[dsa.c]
mem leak + be more paranoid in dsa_verify.
- markus@cvs.openbsd.org 2000/06/18 21:29:50
[key.c]
cleanup fingerprinting, less hardcoded sizes
- markus@cvs.openbsd.org 2000/06/19 19:39:45
[atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
[buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
[clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
[deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
[kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
[nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
[rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
[ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
OpenBSD tag
- markus@cvs.openbsd.org 2000/06/21 10:46:10
sshconnect2.c missing free; nuke old comment
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 77b8652e..ae96d534 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -28,7 +28,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.15 2000/06/21 16:46:10 markus Exp $"); #include <openssl/bn.h> #include <openssl/rsa.h> @@ -295,6 +295,7 @@ ssh2_try_pubkey(char *filename, unsigned char *blob, *signature; int bloblen, slen; struct stat st; + int skip = 0; if (stat(filename, &st) != 0) { debug("key does not exist: %s", filename); @@ -314,14 +315,22 @@ ssh2_try_pubkey(char *filename, success = load_private_key(filename, passphrase, k, NULL); memset(passphrase, 0, strlen(passphrase)); xfree(passphrase); - if (!success) + if (!success) { + key_free(k); return 0; + } } dsa_make_key_blob(k, &blob, &bloblen); /* data to be signed */ buffer_init(&b); - buffer_append(&b, session_id2, session_id2_len); + if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) { + buffer_put_string(&b, session_id2, session_id2_len); + skip = buffer_len(&b); + } else { + buffer_append(&b, session_id2, session_id2_len); + skip = session_id2_len; + } buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, server_user); buffer_put_cstring(&b, @@ -340,7 +349,6 @@ ssh2_try_pubkey(char *filename, buffer_dump(&b); #endif if (datafellows & SSH_BUG_PUBKEYAUTH) { - /* e.g. ssh-2.0.13: data-to-be-signed != data-on-the-wire */ buffer_clear(&b); buffer_append(&b, session_id2, session_id2_len); buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); @@ -357,9 +365,9 @@ ssh2_try_pubkey(char *filename, xfree(signature); /* skip session id and packet type */ - if (buffer_len(&b) < session_id2_len + 1) + if (buffer_len(&b) < skip + 1) fatal("ssh2_try_pubkey: internal error"); - buffer_consume(&b, session_id2_len + 1); + buffer_consume(&b, skip + 1); /* put remaining data from buffer into packet */ packet_start(SSH2_MSG_USERAUTH_REQUEST); |