4 files changed, 21 insertions, 10 deletions

diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index e0dc179d3de..93fa96092da 100644
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -27,7 +27,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.10 2000/06/18 04:05:02 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.11 2000/06/19 00:50:11 markus Exp $");
 
 #include <openssl/dsa.h>
 #include <openssl/rsa.h>
@@ -277,8 +277,11 @@ ssh2_auth_pubkey(struct passwd *pw, char *service)
 			sig = packet_get_string(&slen);
 			packet_done();
 			buffer_init(&b);
-			buffer_append(&b, session_id2, session_id2_len);
-
+			if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) {
+				buffer_put_string(&b, session_id2, session_id2_len);
+			} else {
+				buffer_append(&b, session_id2, session_id2_len);
+			}
 			/* reconstruct packet */
 			buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
 			buffer_put_cstring(&b, pw->pw_name);
diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index fa3d27d512c..d534e8d394a 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: compat.c,v 1.15 2000/06/18 03:00:27 markus Exp $");
+RCSID("$Id: compat.c,v 1.16 2000/06/19 00:50:11 markus Exp $");
 
 #include "ssh.h"
 #include "packet.h"
@@ -61,7 +61,7 @@ compat_datafellows(const char *version)
 		char	*version;
 		int	bugs;
 	} check[] = {
-		{"2.2.0",	SSH_BUG_HMAC},
+		{"2.2.0",	SSH_BUG_HMAC|SSH_COMPAT_SESSIONID_ENCODING},
 		{"2.1.0",	SSH_BUG_SIGBLOB|SSH_BUG_HMAC},
 		{"2.0.1",	SSH_BUG_SIGBLOB|SSH_BUG_HMAC|SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD},
 		{NULL,		0}
diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h
index 9308a6df301..adec21a3c04 100644
--- a/usr.bin/ssh/compat.h
+++ b/usr.bin/ssh/compat.h
@@ -26,7 +26,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$Id: compat.h,v 1.7 2000/05/08 17:42:24 markus Exp $"); */
+/* RCSID("$Id: compat.h,v 1.8 2000/06/19 00:50:11 markus Exp $"); */
 
 #ifndef COMPAT_H
 #define COMPAT_H
@@ -40,6 +40,7 @@
 #define SSH_BUG_PUBKEYAUTH	0x02
 #define SSH_BUG_HMAC		0x04
 #define SSH_BUG_X11FWD		0x08
+#define SSH_COMPAT_SESSIONID_ENCODING		0x10
 
 void    enable_compat13(void);
 void    enable_compat20(void);
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index 77b8652ea7f..6b4747cc589 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.13 2000/06/02 02:00:19 todd Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.14 2000/06/19 00:50:11 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -295,6 +295,7 @@ ssh2_try_pubkey(char *filename,
 	unsigned char *blob, *signature;
 	int bloblen, slen;
 	struct stat st;
+	int skip = 0;
 
 	if (stat(filename, &st) != 0) {
 		debug("key does not exist: %s", filename);
@@ -321,7 +322,13 @@ ssh2_try_pubkey(char *filename,
 
 	/* data to be signed */
 	buffer_init(&b);
-	buffer_append(&b, session_id2, session_id2_len);
+	if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) {
+		buffer_put_string(&b, session_id2, session_id2_len);
+		skip = buffer_len(&b);
+	} else {
+		buffer_append(&b, session_id2, session_id2_len);
+		skip = session_id2_len; 
+	}
 	buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
 	buffer_put_cstring(&b, server_user);
 	buffer_put_cstring(&b,
@@ -357,9 +364,9 @@ ssh2_try_pubkey(char *filename,
 	xfree(signature);
 
 	/* skip session id and packet type */
-	if (buffer_len(&b) < session_id2_len + 1)
+	if (buffer_len(&b) < skip + 1)
 		fatal("ssh2_try_pubkey: internal error");
-	buffer_consume(&b, session_id2_len + 1);
+	buffer_consume(&b, skip + 1);
 
 	/* put remaining data from buffer into packet */
 	packet_start(SSH2_MSG_USERAUTH_REQUEST);