more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now

(however the 2.1.0 server seems to work only if debug is enabled...)

3 files changed, 15 insertions, 26 deletions

diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index 9b2aaba7d67..183fd6e8d19 100644
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.54 2001/04/18 22:48:26 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.55 2001/04/18 23:43:25 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -476,8 +476,7 @@ userauth_hostbased(Authctxt *authctxt)
 {
 	Buffer b;
 	Key *key;
-	char *pkalg, *pkblob, *sig;
-	char *cuser, *chost;
+	char *pkalg, *pkblob, *sig, *cuser, *chost, *service;
 	u_int alen, blen, slen;
 	int pktype;
 	int authenticated = 0;
@@ -513,21 +512,14 @@ userauth_hostbased(Authctxt *authctxt)
 		debug("userauth_hostbased: cannot decode key: %s", pkalg);
 		goto done;
 	}
+	service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
+	    authctxt->service;
 	buffer_init(&b);
-	if (datafellows & SSH_OLD_SESSIONID) {
-		buffer_append(&b, session_id2, session_id2_len);
-	} else {
-		buffer_put_string(&b, session_id2, session_id2_len);
-	}
-	if (datafellows & SSH_BUG_HBSERVICE)
-		debug("SSH_BUG_HBSERVICE");
+	buffer_put_string(&b, session_id2, session_id2_len);
 	/* reconstruct packet */
 	buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
 	buffer_put_cstring(&b, authctxt->user);
-	buffer_put_cstring(&b,
-	    datafellows & SSH_BUG_HBSERVICE ?
-	    "ssh-userauth" :
-	    authctxt->service);
+	buffer_put_cstring(&b, service);
 	buffer_put_cstring(&b, "hostbased");
 	buffer_put_string(&b, pkalg, alen);
 	buffer_put_string(&b, pkblob, blen);
diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index f6b9a597646..e0f9d8549bc 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.46 2001/04/12 19:15:24 markus Exp $");
+RCSID("$OpenBSD: compat.c,v 1.47 2001/04/18 23:43:25 markus Exp $");
 
 #include <regex.h>
 
@@ -84,7 +84,8 @@ compat_datafellows(const char *version)
 		{ "^2\\.0\\.1[3-9]",	SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
 					SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 					SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
-					SSH_BUG_PKOK|SSH_BUG_RSASIGMD5 },
+					SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
+					SSH_BUG_HBSERVICE },
 		{ "^2\\.0\\.",		SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
 					SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
 					SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index ac3ad013bbc..14e3d401a78 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.71 2001/04/18 22:03:45 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -815,6 +815,7 @@ userauth_hostbased(Authctxt *authctxt)
 	Buffer b;
 	u_char *signature, *blob;
 	char *chost, *pkalg, *p;
+	const char *service;
 	u_int blen, slen;
 	int ok, i, len, found = 0;
 
@@ -847,20 +848,15 @@ userauth_hostbased(Authctxt *authctxt)
 		xfree(chost);
 		return 0;
 	}
+	service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
+	    authctxt->service;
 	pkalg = xstrdup(key_ssh_name(private));
 	buffer_init(&b);
-	if (datafellows & SSH_OLD_SESSIONID) {
-		buffer_append(&b, session_id2, session_id2_len);
-	} else {
-		buffer_put_string(&b, session_id2, session_id2_len);
-	}
 	/* construct data */
+	buffer_put_string(&b, session_id2, session_id2_len);
 	buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
 	buffer_put_cstring(&b, authctxt->server_user);
-	buffer_put_cstring(&b,
-	    datafellows & SSH_BUG_HBSERVICE ?
-	    "ssh-userauth" :
-	    authctxt->service);
+	buffer_put_cstring(&b, service);
 	buffer_put_cstring(&b, authctxt->method->name);
 	buffer_put_cstring(&b, pkalg);
 	buffer_put_string(&b, blob, blen);