Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d121f613708c3c9c82465b0788550943a918d5c8^! / . / auth2.c
commitd121f613708c3c9c82465b0788550943a918d5c8[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Sun Dec 03 17:00:47 2000 +0000
committerBen Lindstrom <mouring@eviladmin.org>Sun Dec 03 17:00:47 2000 +0000
tree2e1f2364b459a1a7003d4907f4abae63d069634f
parentb84815880e453346667d6d2b3f02904674848a7a [diff] [blame]
20001204
 - (bal) More C functions defined in NeXT that are unaccessable without
   defining -POSIX.
 - (bal) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/03 11:29:04
     [compat.c]
     remove fallback to SSH_BUG_HMAC now that the drafts are updated
   - markus@cvs.openbsd.org 2000/12/03 11:27:55
     [compat.c]
     correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
   - markus@cvs.openbsd.org 2000/12/03 11:15:03
     [auth2.c compat.c compat.h sshconnect2.c]
     support f-secure/ssh.com 2.0.12; ok niels@

diff --git a/auth2.c b/auth2.c
index 8e8edf9..030e28d 100644
--- a/auth2.c
+++ b/auth2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.21 2000/11/12 19:50:37 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.22 2000/12/03 11:15:02 markus Exp $");
 
 #ifdef HAVE_OSF_SIA
 # include <sia.h>
@@ -434,14 +434,27 @@
 		return 0;
 	}
 	have_sig = packet_get_char();
-	pkalg = packet_get_string(&alen);
+	if (datafellows & SSH_BUG_PKAUTH) {
+		debug2("userauth_pubkey: SSH_BUG_PKAUTH");
+		/* no explicit pkalg given */
+		pkblob = packet_get_string(&blen);
+		buffer_init(&b);
+		buffer_append(&b, pkblob, blen);
+		/* so we have to extract the pkalg from the pkblob */
+		pkalg = buffer_get_string(&b, &alen);
+		buffer_free(&b);
+	} else {
+		pkalg = packet_get_string(&alen);
+		pkblob = packet_get_string(&blen);
+	}
 	pktype = key_type_from_name(pkalg);
 	if (pktype == KEY_UNSPEC) {
-		log("bad pkalg %s", pkalg);
+		/* this is perfectly legal */
+		log("userauth_pubkey: unsupported public key algorithm: %s", pkalg);
 		xfree(pkalg);
+		xfree(pkblob);
 		return 0;
 	}
-	pkblob = packet_get_string(&blen);
 	key = key_from_blob(pkblob, blen);
 	if (key != NULL) {
 		if (have_sig) {
@@ -457,12 +470,16 @@
 			buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
 			buffer_put_cstring(&b, authctxt->user);
 			buffer_put_cstring(&b,
-			    datafellows & SSH_BUG_PUBKEYAUTH ?
+			    datafellows & SSH_BUG_PKSERVICE ?
 			    "ssh-userauth" :
 			    authctxt->service);
-			buffer_put_cstring(&b, "publickey");
-			buffer_put_char(&b, have_sig);
-			buffer_put_cstring(&b, key_ssh_name(key));
+			if (datafellows & SSH_BUG_PKAUTH) {
+				buffer_put_char(&b, have_sig);
+			} else {
+				buffer_put_cstring(&b, "publickey");
+				buffer_put_char(&b, have_sig);
+				buffer_put_cstring(&b, key_ssh_name(key));
+			}
 			buffer_put_string(&b, pkblob, blen);
 #ifdef DEBUG_PK
 			buffer_dump(&b);