diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 1999-12-08 23:59:13 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 1999-12-08 23:59:13 +0000 |
| commit | 544ae526376cedc249d1de1a429d7b9392c0cc02 (patch) | |
| tree | b23f41715d0a0f7331e363a09f77627dbaa2fa3c /usr.bin/ssh | |
| parent | b8ded1cc8ae556b9cc62b5052c79c1558ffbf077 (diff) | |
repair fake-skey for AUTH_TIS
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/sshd.c | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index e1d806546a3..a1229676045 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.72 1999/12/08 04:36:41 deraadt Exp $"); +RCSID("$Id: sshd.c,v 1.73 1999/12/08 23:59:12 markus Exp $"); #include <poll.h> @@ -803,7 +803,7 @@ do_connection() unsigned char check_bytes[8]; char *user; unsigned int cipher_type, auth_mask, protocol_flags; - int plen, slen; + int plen, slen, ulen; u_int32_t rand = 0; /* @@ -982,11 +982,8 @@ do_connection() packet_read_expect(&plen, SSH_CMSG_USER); /* Get the user name. */ - { - int ulen; - user = packet_get_string(&ulen); - packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); - } + user = packet_get_string(&ulen); + packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); /* Destroy the private and public keys. They will no longer be needed. */ RSA_free(public_key); @@ -1431,15 +1428,22 @@ do_fake_authloop(char *user) #ifdef SKEY int dlen; char *password, *skeyinfo; - if (options.password_authentication && - options.skey_authentication == 1 && - type == SSH_CMSG_AUTH_PASSWORD && - (password = packet_get_string(&dlen)) != NULL && - dlen == 5 && - strncasecmp(password, "s/key", 5) == 0 && + /* Try to send a fake s/key challenge. */ + if (options.skey_authentication == 1 && (skeyinfo = skey_fake_keyinfo(user)) != NULL) { - /* Send a fake s/key challenge. */ - packet_send_debug(skeyinfo); + if (type == SSH_CMSG_AUTH_TIS) { + packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); + packet_put_string(skeyinfo, strlen(skeyinfo)); + packet_send(); + packet_write_wait(); + continue; + } else if (type == SSH_CMSG_AUTH_PASSWORD && + options.password_authentication && + (password = packet_get_string(&dlen)) != NULL && + dlen == 5 && + strncasecmp(password, "s/key", 5) == 0 ) { + packet_send_debug(skeyinfo); + } } #endif if (attempt > AUTH_FAIL_MAX) |