summaryrefslogtreecommitdiffstats
path: root/sshconnect.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshconnect.c')
-rw-r--r--sshconnect.c30
1 files changed, 17 insertions, 13 deletions
diff --git a/sshconnect.c b/sshconnect.c
index c4c9aee1..910548fa 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -8,7 +8,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.56 2000/02/18 08:50:33 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.57 2000/03/16 20:56:14 markus Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
@@ -638,6 +638,7 @@ try_kerberos_authentication()
char *realm;
CREDENTIALS cred;
int r, type, plen;
+ socklen_t slen;
Key_schedule schedule;
u_long checksum, cksum;
MSG_DAT msg_data;
@@ -680,16 +681,16 @@ try_kerberos_authentication()
/* Zero the buffer. */
(void) memset(auth.dat, 0, MAX_KTXT_LEN);
- r = sizeof(local);
+ slen = sizeof(local);
memset(&local, 0, sizeof(local));
if (getsockname(packet_get_connection_in(),
- (struct sockaddr *) & local, &r) < 0)
+ (struct sockaddr *) & local, &slen) < 0)
debug("getsockname failed: %s", strerror(errno));
- r = sizeof(foreign);
+ slen = sizeof(foreign);
memset(&foreign, 0, sizeof(foreign));
if (getpeername(packet_get_connection_in(),
- (struct sockaddr *) & foreign, &r) < 0) {
+ (struct sockaddr *) & foreign, &slen) < 0) {
debug("getpeername failed: %s", strerror(errno));
fatal_cleanup();
}
@@ -751,7 +752,7 @@ send_kerberos_tgt()
CREDENTIALS *creds;
char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
int r, type, plen;
- unsigned char buffer[8192];
+ char buffer[8192];
struct stat st;
/* Don't do anything if we don't have any tickets. */
@@ -772,11 +773,11 @@ send_kerberos_tgt()
debug("Kerberos V4 ticket expired: %s", TKT_FILE);
return 0;
}
- creds_to_radix(creds, buffer);
+ creds_to_radix(creds, (unsigned char *)buffer);
xfree(creds);
packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
- packet_put_string((char *) buffer, strlen(buffer));
+ packet_put_string(buffer, strlen(buffer));
packet_send();
packet_write_wait();
@@ -798,7 +799,7 @@ send_afs_tokens(void)
struct ClearToken ct;
int i, type, len, plen;
char buf[2048], *p, *server_cell;
- unsigned char buffer[8192];
+ char buffer[8192];
/* Move over ktc_GetToken, here's something leaner. */
for (i = 0; i < 100; i++) { /* just in case */
@@ -840,10 +841,10 @@ send_afs_tokens(void)
creds.pinst[0] = '\0';
/* Encode token, ship it off. */
- if (!creds_to_radix(&creds, buffer))
+ if (!creds_to_radix(&creds, (unsigned char*) buffer))
break;
packet_start(SSH_CMSG_HAVE_AFS_TOKEN);
- packet_put_string((char *) buffer, strlen(buffer));
+ packet_put_string(buffer, strlen(buffer));
packet_send();
packet_write_wait();
@@ -867,7 +868,9 @@ send_afs_tokens(void)
int
try_skey_authentication()
{
- int type, i, payload_len;
+ int type, i;
+ int payload_len;
+ unsigned int clen;
char *challenge, *response;
debug("Doing skey authentication.");
@@ -887,7 +890,8 @@ try_skey_authentication()
debug("No challenge for skey authentication.");
return 0;
}
- challenge = packet_get_string(&payload_len);
+ challenge = packet_get_string(&clen);
+ packet_integrity_check(payload_len, (4 + clen), type);
if (options.cipher == SSH_CIPHER_NONE)
log("WARNING: Encryption is disabled! "
"Reponse will be transmitted in clear text.");
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-27 09:10:13 +0000