Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 655a5e0987b4bfab58994c3c5044c00b38f4a640^! / . / sshconnect2.c
commit655a5e0987b4bfab58994c3c5044c00b38f4a640[log] [tgz]
authorDarren Tucker <dtucker@zip.com.au>Mon Nov 03 20:09:03 2003 +1100
committerDarren Tucker <dtucker@zip.com.au>Mon Nov 03 20:09:03 2003 +1100
tree834e167e93b3e11bb29b1e777c668adddee92f49
parent6db8f936aed10e9aca2cf37126264c12e2021cb0 [diff] [blame]
   - markus@cvs.openbsd.org 2003/11/02 11:01:03
     [auth2-gss.c compat.c compat.h sshconnect2.c]
     remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk

diff --git a/sshconnect2.c b/sshconnect2.c
index 6e61a35..f991f81 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.128 2003/10/26 16:57:43 avsm Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.129 2003/11/02 11:01:03 markus Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -519,17 +519,11 @@
 
 	packet_put_int(1);
 
-	/* Some servers encode the OID incorrectly (as we used to) */
-	if (datafellows & SSH_BUG_GSSAPI_BER) {
-		packet_put_string(gss_supported->elements[mech].elements,
-		    gss_supported->elements[mech].length);
-	} else {
-		packet_put_int((gss_supported->elements[mech].length)+2);
-		packet_put_char(SSH_GSS_OIDTYPE);
-		packet_put_char(gss_supported->elements[mech].length);
-		packet_put_raw(gss_supported->elements[mech].elements,
-		    gss_supported->elements[mech].length);
-	}
+	packet_put_int((gss_supported->elements[mech].length) + 2);
+	packet_put_char(SSH_GSS_OIDTYPE);
+	packet_put_char(gss_supported->elements[mech].length);
+	packet_put_raw(gss_supported->elements[mech].elements,
+	    gss_supported->elements[mech].length);
 
 	packet_send();
 
@@ -560,20 +554,18 @@
 	/* Setup our OID */
 	oidv = packet_get_string(&oidlen);
 
-	if (datafellows & SSH_BUG_GSSAPI_BER) {
-		if (!ssh_gssapi_check_oid(gssctxt, oidv, oidlen))
-			fatal("Server returned different OID than expected");
-	} else {
-		if(oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen-2) {
-			debug("Badly encoded mechanism OID received");
-			userauth(authctxt, NULL);
-			xfree(oidv);
-			return;
-		}
-		if (!ssh_gssapi_check_oid(gssctxt, oidv+2, oidlen-2))
-			fatal("Server returned different OID than expected");
+	if (oidlen <= 2 ||
+	    oidv[0] != SSH_GSS_OIDTYPE ||
+	    oidv[1] != oidlen - 2) {
+		debug("Badly encoded mechanism OID received");
+		userauth(authctxt, NULL);
+		xfree(oidv);
+		return;
 	}
 
+	if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2))
+		fatal("Server returned different OID than expected");
+
 	packet_check_eom();
 
 	xfree(oidv);