tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

20001204 

- (bal) More C functions defined in NeXT that are unaccessable without
   defining -POSIX.
 - (bal) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/03 11:29:04
     [compat.c]
     remove fallback to SSH_BUG_HMAC now that the drafts are updated
   - markus@cvs.openbsd.org 2000/12/03 11:27:55
     [compat.c]
     correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
   - markus@cvs.openbsd.org 2000/12/03 11:15:03
     [auth2.c compat.c compat.h sshconnect2.c]
     support f-secure/ssh.com 2.0.12; ok niels@
This commit is contained in:
Ben Lindstrom 2000-12-03 17:00:47 +00:00
parent b84815880e
commit d121f61370
6 changed files with 68 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ChangeLog
View File

@ -1,5 +1,19 @@
20001204
- (bal) More C functions defined in NeXT that are unaccessable without
defining -POSIX.
- (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/12/03 11:29:04
[compat.c]
remove fallback to SSH_BUG_HMAC now that the drafts are updated
- markus@cvs.openbsd.org 2000/12/03 11:27:55
[compat.c]
correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
- markus@cvs.openbsd.org 2000/12/03 11:15:03
[auth2.c compat.c compat.h sshconnect2.c]
support f-secure/ssh.com 2.0.12; ok niels@
20001203 20001203
- (bal) OpenBSD CVS updates: - (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/11/30 22:54:31 - markus@cvs.openbsd.org 2000/11/30 22:54:31
[channels.c] [channels.c]
debug->warn if tried to do -R style fwd w/o client requesting this; debug->warn if tried to do -R style fwd w/o client requesting this;

33
auth2.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.21 2000/11/12 19:50:37 markus Exp $"); RCSID("$OpenBSD: auth2.c,v 1.22 2000/12/03 11:15:02 markus Exp $");
#ifdef HAVE_OSF_SIA #ifdef HAVE_OSF_SIA
# include <sia.h> # include <sia.h>
@ -434,14 +434,27 @@ userauth_pubkey(Authctxt *authctxt)
return 0; return 0;
} }
have_sig = packet_get_char(); have_sig = packet_get_char();
pkalg = packet_get_string(&alen); if (datafellows & SSH_BUG_PKAUTH) {
debug2("userauth_pubkey: SSH_BUG_PKAUTH");
/* no explicit pkalg given */
pkblob = packet_get_string(&blen);
buffer_init(&b);
buffer_append(&b, pkblob, blen);
/* so we have to extract the pkalg from the pkblob */
pkalg = buffer_get_string(&b, &alen);
buffer_free(&b);
} else {
pkalg = packet_get_string(&alen);
pkblob = packet_get_string(&blen);
}
pktype = key_type_from_name(pkalg); pktype = key_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) { if (pktype == KEY_UNSPEC) {
log("bad pkalg %s", pkalg); /* this is perfectly legal */
log("userauth_pubkey: unsupported public key algorithm: %s", pkalg);
xfree(pkalg); xfree(pkalg);
xfree(pkblob);
return 0; return 0;
} }
pkblob = packet_get_string(&blen);
key = key_from_blob(pkblob, blen); key = key_from_blob(pkblob, blen);
if (key != NULL) { if (key != NULL) {
if (have_sig) { if (have_sig) {
@ -457,12 +470,16 @@ userauth_pubkey(Authctxt *authctxt)
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->user); buffer_put_cstring(&b, authctxt->user);
buffer_put_cstring(&b, buffer_put_cstring(&b,
datafellows & SSH_BUG_PUBKEYAUTH ? datafellows & SSH_BUG_PKSERVICE ?
"ssh-userauth" : "ssh-userauth" :
authctxt->service); authctxt->service);
buffer_put_cstring(&b, "publickey"); if (datafellows & SSH_BUG_PKAUTH) {
buffer_put_char(&b, have_sig); buffer_put_char(&b, have_sig);
buffer_put_cstring(&b, key_ssh_name(key)); } else {
buffer_put_cstring(&b, "publickey");
buffer_put_char(&b, have_sig);
buffer_put_cstring(&b, key_ssh_name(key));
}
buffer_put_string(&b, pkblob, blen); buffer_put_string(&b, pkblob, blen);
#ifdef DEBUG_PK #ifdef DEBUG_PK
buffer_dump(&b); buffer_dump(&b);

14
compat.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: compat.c,v 1.27 2000/10/31 09:31:58 markus Exp $"); RCSID("$OpenBSD: compat.c,v 1.30 2000/12/03 11:29:04 markus Exp $");
#include "ssh.h" #include "ssh.h"
#include "packet.h" #include "packet.h"
@ -64,17 +64,19 @@ compat_datafellows(const char *version)
} check[] = { } check[] = {
{ "^OpenSSH[-_]2\\.[012]", SSH_OLD_SESSIONID }, { "^OpenSSH[-_]2\\.[012]", SSH_OLD_SESSIONID },
{ "MindTerm", 0 }, { "MindTerm", 0 },
{ "^2\\.1\\.0 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID }, SSH_OLD_SESSIONID },
{ "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID| SSH_OLD_SESSIONID|
SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD }, SSH_BUG_PKSERVICE|SSH_BUG_X11FWD },
{ "^2\\.[23]\\.0 ", SSH_BUG_HMAC}, { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_PKAUTH|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD },
{ "^2\\.[23]\\.0", SSH_BUG_HMAC},
{ "^2\\.[2-9]\\.", 0 }, { "^2\\.[2-9]\\.", 0 },
{ "^2\\.4$", SSH_OLD_SESSIONID}, /* Van Dyke */ { "^2\\.4$", SSH_OLD_SESSIONID}, /* Van Dyke */
{ "^3\\.0 SecureCRT", SSH_OLD_SESSIONID}, { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID},
{ "^1\\.7 SecureFX", SSH_OLD_SESSIONID}, { "^1\\.7 SecureFX", SSH_OLD_SESSIONID},
{ "^2\\.", SSH_BUG_HMAC}, /* XXX fallback */
{ NULL, 0 } { NULL, 0 }
}; };
/* process table, return first match */ /* process table, return first match */

5
compat.h
View File

@ -21,7 +21,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
/* RCSID("$OpenBSD: compat.h,v 1.11 2000/10/14 12:16:56 markus Exp $"); */ /* RCSID("$OpenBSD: compat.h,v 1.12 2000/12/03 11:15:03 markus Exp $"); */
#ifndef COMPAT_H #ifndef COMPAT_H
#define COMPAT_H #define COMPAT_H
@ -32,10 +32,11 @@
#define SSH_PROTO_2 0x04 #define SSH_PROTO_2 0x04
#define SSH_BUG_SIGBLOB 0x01 #define SSH_BUG_SIGBLOB 0x01
#define SSH_BUG_PUBKEYAUTH 0x02 #define SSH_BUG_PKSERVICE 0x02
#define SSH_BUG_HMAC 0x04 #define SSH_BUG_HMAC 0x04
#define SSH_BUG_X11FWD 0x08 #define SSH_BUG_X11FWD 0x08
#define SSH_OLD_SESSIONID 0x10 #define SSH_OLD_SESSIONID 0x10
#define SSH_BUG_PKAUTH 0x20
void enable_compat13(void); void enable_compat13(void);
void enable_compat20(void); void enable_compat20(void);

4
next-posix.h
View File

@ -37,9 +37,11 @@
pid_t posix_wait(int *status); pid_t posix_wait(int *status);
#define wait(a) posix_wait(a) #define wait(a) posix_wait(a)
/* #ifdef POSIX wrapped functions that need defining */ /* #ifdef wrapped functions that need defining for clean compiling */
pid_t getppid(void); pid_t getppid(void);
void vhangup(void); void vhangup(void);
int innetgr(const char *netgroup, const char *host, const char *user,
const char *domain);
/* TERMCAP */ /* TERMCAP */
int tcgetattr(int fd, struct termios *t); int tcgetattr(int fd, struct termios *t);

21
sshconnect2.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: sshconnect2.c,v 1.29 2000/11/23 21:03:47 markus Exp $"); RCSID("$OpenBSD: sshconnect2.c,v 1.30 2000/12/03 11:15:04 markus Exp $");
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
@ -647,8 +647,10 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
int ret = -1; int ret = -1;
int have_sig = 1; int have_sig = 1;
debug3("sign_and_send_pubkey");
if (key_to_blob(k, &blob, &bloblen) == 0) { if (key_to_blob(k, &blob, &bloblen) == 0) {
/* we cannot handle this key */ /* we cannot handle this key */
debug3("sign_and_send_pubkey: cannot handle key");
return 0; return 0;
} }
/* data to be signed */ /* data to be signed */
@ -663,12 +665,16 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->server_user); buffer_put_cstring(&b, authctxt->server_user);
buffer_put_cstring(&b, buffer_put_cstring(&b,
datafellows & SSH_BUG_PUBKEYAUTH ? datafellows & SSH_BUG_PKSERVICE ?
"ssh-userauth" : "ssh-userauth" :
authctxt->service); authctxt->service);
buffer_put_cstring(&b, authctxt->method->name); if (datafellows & SSH_BUG_PKAUTH) {
buffer_put_char(&b, have_sig); buffer_put_char(&b, have_sig);
buffer_put_cstring(&b, key_ssh_name(k)); } else {
buffer_put_cstring(&b, authctxt->method->name);
buffer_put_char(&b, have_sig);
buffer_put_cstring(&b, key_ssh_name(k));
}
buffer_put_string(&b, blob, bloblen); buffer_put_string(&b, blob, bloblen);
/* generate signature */ /* generate signature */
@ -681,7 +687,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
#ifdef DEBUG_PK #ifdef DEBUG_PK
buffer_dump(&b); buffer_dump(&b);
#endif #endif
if (datafellows & SSH_BUG_PUBKEYAUTH) { if (datafellows & SSH_BUG_PKSERVICE) {
buffer_clear(&b); buffer_clear(&b);
buffer_append(&b, session_id2, session_id2_len); buffer_append(&b, session_id2, session_id2_len);
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
@ -689,7 +695,8 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
buffer_put_cstring(&b, authctxt->service); buffer_put_cstring(&b, authctxt->service);
buffer_put_cstring(&b, authctxt->method->name); buffer_put_cstring(&b, authctxt->method->name);
buffer_put_char(&b, have_sig); buffer_put_char(&b, have_sig);
buffer_put_cstring(&b, key_ssh_name(k)); if (!(datafellows & SSH_BUG_PKAUTH))
buffer_put_cstring(&b, key_ssh_name(k));
buffer_put_string(&b, blob, bloblen); buffer_put_string(&b, blob, bloblen);
} }
xfree(blob); xfree(blob);