diff options
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r-- | usr.bin/ssh/auth2.c | 9 | ||||
-rw-r--r-- | usr.bin/ssh/compat.c | 4 | ||||
-rw-r--r-- | usr.bin/ssh/compat.h | 3 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect2.c | 15 |
4 files changed, 21 insertions, 10 deletions
diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c index e0dc179d3de..93fa96092da 100644 --- a/usr.bin/ssh/auth2.c +++ b/usr.bin/ssh/auth2.c @@ -27,7 +27,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.10 2000/06/18 04:05:02 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.11 2000/06/19 00:50:11 markus Exp $"); #include <openssl/dsa.h> #include <openssl/rsa.h> @@ -277,8 +277,11 @@ ssh2_auth_pubkey(struct passwd *pw, char *service) sig = packet_get_string(&slen); packet_done(); buffer_init(&b); - buffer_append(&b, session_id2, session_id2_len); - + if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) { + buffer_put_string(&b, session_id2, session_id2_len); + } else { + buffer_append(&b, session_id2, session_id2_len); + } /* reconstruct packet */ buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, pw->pw_name); diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c index fa3d27d512c..d534e8d394a 100644 --- a/usr.bin/ssh/compat.c +++ b/usr.bin/ssh/compat.c @@ -28,7 +28,7 @@ */ #include "includes.h" -RCSID("$Id: compat.c,v 1.15 2000/06/18 03:00:27 markus Exp $"); +RCSID("$Id: compat.c,v 1.16 2000/06/19 00:50:11 markus Exp $"); #include "ssh.h" #include "packet.h" @@ -61,7 +61,7 @@ compat_datafellows(const char *version) char *version; int bugs; } check[] = { - {"2.2.0", SSH_BUG_HMAC}, + {"2.2.0", SSH_BUG_HMAC|SSH_COMPAT_SESSIONID_ENCODING}, {"2.1.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC}, {"2.0.1", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD}, {NULL, 0} diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h index 9308a6df301..adec21a3c04 100644 --- a/usr.bin/ssh/compat.h +++ b/usr.bin/ssh/compat.h @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$Id: compat.h,v 1.7 2000/05/08 17:42:24 markus Exp $"); */ +/* RCSID("$Id: compat.h,v 1.8 2000/06/19 00:50:11 markus Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -40,6 +40,7 @@ #define SSH_BUG_PUBKEYAUTH 0x02 #define SSH_BUG_HMAC 0x04 #define SSH_BUG_X11FWD 0x08 +#define SSH_COMPAT_SESSIONID_ENCODING 0x10 void enable_compat13(void); void enable_compat20(void); diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 77b8652ea7f..6b4747cc589 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -28,7 +28,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.14 2000/06/19 00:50:11 markus Exp $"); #include <openssl/bn.h> #include <openssl/rsa.h> @@ -295,6 +295,7 @@ ssh2_try_pubkey(char *filename, unsigned char *blob, *signature; int bloblen, slen; struct stat st; + int skip = 0; if (stat(filename, &st) != 0) { debug("key does not exist: %s", filename); @@ -321,7 +322,13 @@ ssh2_try_pubkey(char *filename, /* data to be signed */ buffer_init(&b); - buffer_append(&b, session_id2, session_id2_len); + if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) { + buffer_put_string(&b, session_id2, session_id2_len); + skip = buffer_len(&b); + } else { + buffer_append(&b, session_id2, session_id2_len); + skip = session_id2_len; + } buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, server_user); buffer_put_cstring(&b, @@ -357,9 +364,9 @@ ssh2_try_pubkey(char *filename, xfree(signature); /* skip session id and packet type */ - if (buffer_len(&b) < session_id2_len + 1) + if (buffer_len(&b) < skip + 1) fatal("ssh2_try_pubkey: internal error"); - buffer_consume(&b, session_id2_len + 1); + buffer_consume(&b, skip + 1); /* put remaining data from buffer into packet */ packet_start(SSH2_MSG_USERAUTH_REQUEST); |