- markus@cvs.openbsd.org 2001/04/18 23:43:26
[auth2.c compat.c sshconnect2.c] more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now (however the 2.1.0 server seems to work only if debug is enabled...)
This commit is contained in:
parent
4aa603c150
commit
671388f233
|
@ -12,6 +12,10 @@
|
|||
- markus@cvs.openbsd.org 2001/04/18 22:48:26
|
||||
[auth2.c]
|
||||
no longer const
|
||||
- markus@cvs.openbsd.org 2001/04/18 23:43:26
|
||||
[auth2.c compat.c sshconnect2.c]
|
||||
more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
|
||||
(however the 2.1.0 server seems to work only if debug is enabled...)
|
||||
|
||||
20010418
|
||||
- OpenBSD CVS Sync
|
||||
|
@ -5174,4 +5178,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1143 2001/04/19 20:38:06 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1144 2001/04/19 20:40:45 mouring Exp $
|
||||
|
|
18
auth2.c
18
auth2.c
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth2.c,v 1.54 2001/04/18 22:48:26 markus Exp $");
|
||||
RCSID("$OpenBSD: auth2.c,v 1.55 2001/04/18 23:43:25 markus Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
|
@ -534,8 +534,7 @@ userauth_hostbased(Authctxt *authctxt)
|
|||
{
|
||||
Buffer b;
|
||||
Key *key;
|
||||
char *pkalg, *pkblob, *sig;
|
||||
char *cuser, *chost;
|
||||
char *pkalg, *pkblob, *sig, *cuser, *chost, *service;
|
||||
u_int alen, blen, slen;
|
||||
int pktype;
|
||||
int authenticated = 0;
|
||||
|
@ -571,21 +570,14 @@ userauth_hostbased(Authctxt *authctxt)
|
|||
debug("userauth_hostbased: cannot decode key: %s", pkalg);
|
||||
goto done;
|
||||
}
|
||||
service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
|
||||
authctxt->service;
|
||||
buffer_init(&b);
|
||||
if (datafellows & SSH_OLD_SESSIONID) {
|
||||
buffer_append(&b, session_id2, session_id2_len);
|
||||
} else {
|
||||
buffer_put_string(&b, session_id2, session_id2_len);
|
||||
}
|
||||
if (datafellows & SSH_BUG_HBSERVICE)
|
||||
debug("SSH_BUG_HBSERVICE");
|
||||
/* reconstruct packet */
|
||||
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
|
||||
buffer_put_cstring(&b, authctxt->user);
|
||||
buffer_put_cstring(&b,
|
||||
datafellows & SSH_BUG_HBSERVICE ?
|
||||
"ssh-userauth" :
|
||||
authctxt->service);
|
||||
buffer_put_cstring(&b, service);
|
||||
buffer_put_cstring(&b, "hostbased");
|
||||
buffer_put_string(&b, pkalg, alen);
|
||||
buffer_put_string(&b, pkblob, blen);
|
||||
|
|
5
compat.c
5
compat.c
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: compat.c,v 1.46 2001/04/12 19:15:24 markus Exp $");
|
||||
RCSID("$OpenBSD: compat.c,v 1.47 2001/04/18 23:43:25 markus Exp $");
|
||||
|
||||
#ifdef HAVE_LIBPCRE
|
||||
# include <pcreposix.h>
|
||||
|
@ -92,7 +92,8 @@ compat_datafellows(const char *version)
|
|||
{ "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
|
||||
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
|
||||
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
|
||||
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5 },
|
||||
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
|
||||
SSH_BUG_HBSERVICE },
|
||||
{ "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
|
||||
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
|
||||
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: sshconnect2.c,v 1.71 2001/04/18 22:03:45 markus Exp $");
|
||||
RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $");
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/md5.h>
|
||||
|
@ -815,6 +815,7 @@ userauth_hostbased(Authctxt *authctxt)
|
|||
Buffer b;
|
||||
u_char *signature, *blob;
|
||||
char *chost, *pkalg, *p;
|
||||
const char *service;
|
||||
u_int blen, slen;
|
||||
int ok, i, len, found = 0;
|
||||
|
||||
|
@ -847,20 +848,15 @@ userauth_hostbased(Authctxt *authctxt)
|
|||
xfree(chost);
|
||||
return 0;
|
||||
}
|
||||
service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
|
||||
authctxt->service;
|
||||
pkalg = xstrdup(key_ssh_name(private));
|
||||
buffer_init(&b);
|
||||
if (datafellows & SSH_OLD_SESSIONID) {
|
||||
buffer_append(&b, session_id2, session_id2_len);
|
||||
} else {
|
||||
buffer_put_string(&b, session_id2, session_id2_len);
|
||||
}
|
||||
/* construct data */
|
||||
buffer_put_string(&b, session_id2, session_id2_len);
|
||||
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
|
||||
buffer_put_cstring(&b, authctxt->server_user);
|
||||
buffer_put_cstring(&b,
|
||||
datafellows & SSH_BUG_HBSERVICE ?
|
||||
"ssh-userauth" :
|
||||
authctxt->service);
|
||||
buffer_put_cstring(&b, service);
|
||||
buffer_put_cstring(&b, authctxt->method->name);
|
||||
buffer_put_cstring(&b, pkalg);
|
||||
buffer_put_string(&b, blob, blen);
|
||||
|
|
Loading…
Reference in New Issue