- markus@cvs.openbsd.org 2003/11/02 11:01:03

[auth2-gss.c compat.c compat.h sshconnect2.c]
     remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk

ChangeLog

@@ -16,6 +16,9 @@
    - markus@cvs.openbsd.org 2003/10/28 09:08:06
      [misc.c]
      error->debug for getsockopt+TCP_NODELAY; several requests
+   - markus@cvs.openbsd.org 2003/11/02 11:01:03
+     [auth2-gss.c compat.c compat.h sshconnect2.c]
+     remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk
 
 20031021
  - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
@@ -1390,4 +1393,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.3090 2003/11/03 09:07:14 dtucker Exp $
+$Id: ChangeLog,v 1.3091 2003/11/03 09:09:03 dtucker Exp $

auth2-gss.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: auth2-gss.c,v 1.4 2003/10/21 09:50:06 markus Exp $	*/
+/*	$OpenBSD: auth2-gss.c,v 1.5 2003/11/02 11:01:03 markus Exp $	*/
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -78,19 +78,19 @@ userauth_gssapi(Authctxt *authctxt)
 		if (doid)
 			xfree(doid);
 
+		present = 0;
 		doid = packet_get_string(&len);
-		if (len <= 2)
-			packet_disconnect("Short OID received");
 
-		if (doid[0] != SSH_GSS_OIDTYPE || doid[1] != len-2) {
+		if (len > 2 && 
-			logit("Mechanism OID received using the old encoding form");
+		   doid[0] == SSH_GSS_OIDTYPE &&
-			oid.elements = doid;
+		   doid[1] == len - 2) {
-			oid.length = len;
+                        oid.elements = doid + 2;
+                        oid.length   = len - 2;
+			gss_test_oid_set_member(&ms, &oid, supported,
+			    &present);
 		} else {
-			oid.elements = doid + 2;
+			logit("Badly formed OID received");
-			oid.length   = len - 2;
 		}
-		gss_test_oid_set_member(&ms, &oid, supported, &present);
 	} while (mechs > 0 && !present);
 
 	gss_release_oid_set(&ms, &supported);
@@ -109,7 +109,7 @@ userauth_gssapi(Authctxt *authctxt)
 
 	packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
 
-	/* Return OID in same format as we received it*/
+	/* Return the OID that we received */
 	packet_put_string(doid, len);
 
 	packet_send();

compat.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.69 2003/08/29 10:03:15 markus Exp $");
+RCSID("$OpenBSD: compat.c,v 1.70 2003/11/02 11:01:03 markus Exp $");
 
 #include "buffer.h"
 #include "packet.h"
@@ -79,11 +79,7 @@ compat_datafellows(const char *version)
 		{ "OpenSSH_2.5.3*",	SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
 		{ "OpenSSH_2.*,"
 		  "OpenSSH_3.0*,"
-		  "OpenSSH_3.1*",	SSH_BUG_EXTEOF|SSH_BUG_GSSAPI_BER},
+		  "OpenSSH_3.1*",	SSH_BUG_EXTEOF},
-		{ "OpenSSH_3.2*,"
-		  "OpenSSH_3.3*,"
-		  "OpenSSH_3.4*,"
-		  "OpenSSH_3.5*",	SSH_BUG_GSSAPI_BER},
 		{ "Sun_SSH_1.0*",	SSH_BUG_NOREKEY|SSH_BUG_EXTEOF},
 		{ "OpenSSH*",		0 },
 		{ "*MindTerm*",		0 },

compat.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: compat.h,v 1.36 2003/08/29 10:03:15 markus Exp $	*/
+/*	$OpenBSD: compat.h,v 1.37 2003/11/02 11:01:03 markus Exp $	*/
 
 /*
  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
@@ -55,7 +55,6 @@
 #define SSH_BUG_EXTEOF		0x00200000
 #define SSH_BUG_PROBE		0x00400000
 #define SSH_BUG_FIRSTKEX	0x00800000
-#define SSH_BUG_GSSAPI_BER	0x01000000
 
 void     enable_compat13(void);
 void     enable_compat20(void);

sshconnect2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.128 2003/10/26 16:57:43 avsm Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.129 2003/11/02 11:01:03 markus Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -519,17 +519,11 @@ userauth_gssapi(Authctxt *authctxt)
 
 	packet_put_int(1);
 
-	/* Some servers encode the OID incorrectly (as we used to) */
+	packet_put_int((gss_supported->elements[mech].length) + 2);
-	if (datafellows & SSH_BUG_GSSAPI_BER) {
+	packet_put_char(SSH_GSS_OIDTYPE);
-		packet_put_string(gss_supported->elements[mech].elements,
+	packet_put_char(gss_supported->elements[mech].length);
-		    gss_supported->elements[mech].length);
+	packet_put_raw(gss_supported->elements[mech].elements,
-	} else {
+	    gss_supported->elements[mech].length);
-		packet_put_int((gss_supported->elements[mech].length)+2);
-		packet_put_char(SSH_GSS_OIDTYPE);
-		packet_put_char(gss_supported->elements[mech].length);
-		packet_put_raw(gss_supported->elements[mech].elements,
-		    gss_supported->elements[mech].length);
-	}
 
 	packet_send();
 
@@ -560,20 +554,18 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt)
 	/* Setup our OID */
 	oidv = packet_get_string(&oidlen);
 
-	if (datafellows & SSH_BUG_GSSAPI_BER) {
+	if (oidlen <= 2 ||
-		if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen))
+	    oidv[0] != SSH_GSS_OIDTYPE ||
-			fatal("Server returned different OID than expected");
+	    oidv[1] != oidlen - 2) {
-	} else {
+		debug("Badly encoded mechanism OID received");
-		if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) {
+		userauth(authctxt, NULL);
-			debug("Badly encoded mechanism OID received");
+		xfree(oidv);
-			userauth(authctxt, NULL);
+		return;
-			xfree(oidv);
-			return;
-		}
-		if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2))
-			fatal("Server returned different OID than expected");
 	}
 
+	if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2))
+		fatal("Server returned different OID than expected");
+
 	packet_check_eom();
 
 	xfree(oidv);