upstream: make ssh hostbased authentication send the signature
algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type. This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on signature algorithm and not key type. spotted with dtucker@ ok markus@ OpenBSD-Commit-ID: 25bffe19f0326972f5728170f7da81d5f45c78c6
This commit is contained in:
parent
95eca1e195
commit
d1e578afe7
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshconnect2.c,v 1.342 2021/01/22 02:44:58 dtucker Exp $ */
|
/* $OpenBSD: sshconnect2.c,v 1.343 2021/01/25 06:00:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
* Copyright (c) 2008 Damien Miller. All rights reserved.
|
* Copyright (c) 2008 Damien Miller. All rights reserved.
|
||||||
|
@ -2177,7 +2177,7 @@ userauth_hostbased(struct ssh *ssh)
|
||||||
(r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 ||
|
(r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 ||
|
||||||
(r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
|
(r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
|
||||||
(r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 ||
|
(r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 ||
|
||||||
(r = sshbuf_put_cstring(b, sshkey_ssh_name(private))) != 0 ||
|
(r = sshbuf_put_cstring(b, authctxt->active_ktype)) != 0 ||
|
||||||
(r = sshbuf_put_string(b, keyblob, keylen)) != 0 ||
|
(r = sshbuf_put_string(b, keyblob, keylen)) != 0 ||
|
||||||
(r = sshbuf_put_cstring(b, chost)) != 0 ||
|
(r = sshbuf_put_cstring(b, chost)) != 0 ||
|
||||||
(r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) {
|
(r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) {
|
||||||
|
@ -2198,7 +2198,7 @@ userauth_hostbased(struct ssh *ssh)
|
||||||
(r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
|
(r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
|
||||||
(r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
|
(r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
|
||||||
(r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
|
(r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
|
||||||
(r = sshpkt_put_cstring(ssh, sshkey_ssh_name(private))) != 0 ||
|
(r = sshpkt_put_cstring(ssh, authctxt->active_ktype)) != 0 ||
|
||||||
(r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 ||
|
(r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 ||
|
||||||
(r = sshpkt_put_cstring(ssh, chost)) != 0 ||
|
(r = sshpkt_put_cstring(ssh, chost)) != 0 ||
|
||||||
(r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 ||
|
(r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 ||
|
||||||
|
|
Loading…
Reference in New Issue