Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 2f29a8caba867a2b0c32772de705657de726dcca^! / . / sshconnect2.c
commit2f29a8caba867a2b0c32772de705657de726dcca[log] [tgz]
authorDarren Tucker <dtucker@zip.com.au>Sat Oct 24 11:47:58 2009 +1100
committerDarren Tucker <dtucker@zip.com.au>Sat Oct 24 11:47:58 2009 +1100
treee887e2c756a32dc65948ba5ac41624b1bd3c1a1c
parentdfb9b716500f777563a8f6f36072210fea167530 [diff] [blame]
   - djm@cvs.openbsd.org 2009/10/23 01:57:11
     [sshconnect2.c]
     disallow a hostile server from checking jpake auth by sending an
     out-of-sequence success message. (doesn't affect code enabled by default)

diff --git a/sshconnect2.c b/sshconnect2.c
index 260c630..1e0e9d5 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.171 2009/03/05 07:18:19 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.172 2009/10/23 01:57:11 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -210,6 +210,7 @@
 };
 
 void	input_userauth_success(int, u_int32_t, void *);
+void	input_userauth_success_unexpected(int, u_int32_t, void *);
 void	input_userauth_failure(int, u_int32_t, void *);
 void	input_userauth_banner(int, u_int32_t, void *);
 void	input_userauth_error(int, u_int32_t, void *);
@@ -427,12 +428,15 @@
 input_userauth_success(int type, u_int32_t seq, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
+
 	if (authctxt == NULL)
 		fatal("input_userauth_success: no authentication context");
 	if (authctxt->authlist) {
 		xfree(authctxt->authlist);
 		authctxt->authlist = NULL;
 	}
+	if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
+		authctxt->method->cleanup(authctxt);
 	if (authctxt->methoddata) {
 		xfree(authctxt->methoddata);
 		authctxt->methoddata = NULL;
@@ -440,6 +444,18 @@
 	authctxt->success = 1;			/* break out */
 }
 
+void
+input_userauth_success_unexpected(int type, u_int32_t seq, void *ctxt)
+{
+	Authctxt *authctxt = ctxt;
+
+	if (authctxt == NULL)
+		fatal("%s: no authentication context", __func__);
+
+	fatal("Unexpected authentication success during %s.",
+	    authctxt->method->name);
+}
+
 /* ARGSUSED */
 void
 input_userauth_failure(int type, u_int32_t seq, void *ctxt)
@@ -1709,6 +1725,8 @@
 	/* Expect step 1 packet from peer */
 	dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1,
 	    input_userauth_jpake_server_step1);
+	dispatch_set(SSH2_MSG_USERAUTH_SUCCESS,
+	    &input_userauth_success_unexpected);
 
 	return 1;
 }
@@ -1721,6 +1739,7 @@
 		jpake_free(authctxt->methoddata);
 		authctxt->methoddata = NULL;
 	}
+	dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
 }
 #endif /* JPAKE */