diff options
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/auth2-gss.c | 22 | ||||
-rw-r--r-- | usr.bin/ssh/compat.c | 8 | ||||
-rw-r--r-- | usr.bin/ssh/compat.h | 3 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect2.c | 40 |
4 files changed, 30 insertions, 43 deletions
diff --git a/usr.bin/ssh/auth2-gss.c b/usr.bin/ssh/auth2-gss.c index a82b87f5111..84fb384f954 100644 --- a/usr.bin/ssh/auth2-gss.c +++ b/usr.bin/ssh/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.4 2003/10/21 09:50:06 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.5 2003/11/02 11:01:03 markus Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -78,19 +78,19 @@ userauth_gssapi(Authctxt *authctxt) if (doid) xfree(doid); + present = 0; doid = packet_get_string(&len); - if (len <= 2) - packet_disconnect("Short OID received"); - if (doid[0] != SSH_GSS_OIDTYPE || doid[1] != len-2) { - logit("Mechanism OID received using the old encoding form"); - oid.elements = doid; - oid.length = len; + if (len > 2 && + doid[0] == SSH_GSS_OIDTYPE && + doid[1] == len - 2) { + oid.elements = doid + 2; + oid.length = len - 2; + gss_test_oid_set_member(&ms, &oid, supported, + &present); } else { - oid.elements = doid + 2; - oid.length = len - 2; + logit("Badly formed OID received"); } - gss_test_oid_set_member(&ms, &oid, supported, &present); } while (mechs > 0 && !present); gss_release_oid_set(&ms, &supported); @@ -109,7 +109,7 @@ userauth_gssapi(Authctxt *authctxt) packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE); - /* Return OID in same format as we received it*/ + /* Return the OID that we received */ packet_put_string(doid, len); packet_send(); diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c index af1d14321cd..2fdebe7fa21 100644 --- a/usr.bin/ssh/compat.c +++ b/usr.bin/ssh/compat.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.69 2003/08/29 10:03:15 markus Exp $"); +RCSID("$OpenBSD: compat.c,v 1.70 2003/11/02 11:01:03 markus Exp $"); #include "buffer.h" #include "packet.h" @@ -79,11 +79,7 @@ compat_datafellows(const char *version) { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH_2.*," "OpenSSH_3.0*," - "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_BUG_GSSAPI_BER}, - { "OpenSSH_3.2*," - "OpenSSH_3.3*," - "OpenSSH_3.4*," - "OpenSSH_3.5*", SSH_BUG_GSSAPI_BER}, + "OpenSSH_3.1*", SSH_BUG_EXTEOF}, { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH*", 0 }, { "*MindTerm*", 0 }, diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h index 7a500445576..efa0f081ef9 100644 --- a/usr.bin/ssh/compat.h +++ b/usr.bin/ssh/compat.h @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.h,v 1.36 2003/08/29 10:03:15 markus Exp $ */ +/* $OpenBSD: compat.h,v 1.37 2003/11/02 11:01:03 markus Exp $ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. @@ -55,7 +55,6 @@ #define SSH_BUG_EXTEOF 0x00200000 #define SSH_BUG_PROBE 0x00400000 #define SSH_BUG_FIRSTKEX 0x00800000 -#define SSH_BUG_GSSAPI_BER 0x01000000 void enable_compat13(void); void enable_compat20(void); diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index e5e7726de65..c9bb49bb92d 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.128 2003/10/26 16:57:43 avsm Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.129 2003/11/02 11:01:03 markus Exp $"); #include "ssh.h" #include "ssh2.h" @@ -517,17 +517,11 @@ userauth_gssapi(Authctxt *authctxt) packet_put_int(1); - /* Some servers encode the OID incorrectly (as we used to) */ - if (datafellows & SSH_BUG_GSSAPI_BER) { - packet_put_string(gss_supported->elements[mech].elements, - gss_supported->elements[mech].length); - } else { - packet_put_int((gss_supported->elements[mech].length)+2); - packet_put_char(SSH_GSS_OIDTYPE); - packet_put_char(gss_supported->elements[mech].length); - packet_put_raw(gss_supported->elements[mech].elements, - gss_supported->elements[mech].length); - } + packet_put_int((gss_supported->elements[mech].length) + 2); + packet_put_char(SSH_GSS_OIDTYPE); + packet_put_char(gss_supported->elements[mech].length); + packet_put_raw(gss_supported->elements[mech].elements, + gss_supported->elements[mech].length); packet_send(); @@ -558,20 +552,18 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) /* Setup our OID */ oidv = packet_get_string(&oidlen); - if (datafellows & SSH_BUG_GSSAPI_BER) { - if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen)) - fatal("Server returned different OID than expected"); - } else { - if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) { - debug("Badly encoded mechanism OID received"); - userauth(authctxt, NULL); - xfree(oidv); - return; - } - if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2)) - fatal("Server returned different OID than expected"); + if (oidlen <= 2 || + oidv[0] != SSH_GSS_OIDTYPE || + oidv[1] != oidlen - 2) { + debug("Badly encoded mechanism OID received"); + userauth(authctxt, NULL); + xfree(oidv); + return; } + if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2)) + fatal("Server returned different OID than expected"); + packet_check_eom(); xfree(oidv); |