20001204
- (bal) More C functions defined in NeXT that are unaccessable without
defining -POSIX.
- (bal) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/12/03 11:29:04
[compat.c]
remove fallback to SSH_BUG_HMAC now that the drafts are updated
- markus@cvs.openbsd.org 2000/12/03 11:27:55
[compat.c]
correctly match "2.1.0.pl2 SSH" etc; from pekkas@netcore.fi/bugzilla.redhat
- markus@cvs.openbsd.org 2000/12/03 11:15:03
[auth2.c compat.c compat.h sshconnect2.c]
support f-secure/ssh.com 2.0.12; ok niels@
diff --git a/sshconnect2.c b/sshconnect2.c
index 69d9c49..036519f 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.29 2000/11/23 21:03:47 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.30 2000/12/03 11:15:04 markus Exp $");
#include <openssl/bn.h>
#include <openssl/rsa.h>
@@ -647,8 +647,10 @@
int ret = -1;
int have_sig = 1;
+ debug3("sign_and_send_pubkey");
if (key_to_blob(k, &blob, &bloblen) == 0) {
/* we cannot handle this key */
+ debug3("sign_and_send_pubkey: cannot handle key");
return 0;
}
/* data to be signed */
@@ -663,12 +665,16 @@
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->server_user);
buffer_put_cstring(&b,
- datafellows & SSH_BUG_PUBKEYAUTH ?
+ datafellows & SSH_BUG_PKSERVICE ?
"ssh-userauth" :
authctxt->service);
- buffer_put_cstring(&b, authctxt->method->name);
- buffer_put_char(&b, have_sig);
- buffer_put_cstring(&b, key_ssh_name(k));
+ if (datafellows & SSH_BUG_PKAUTH) {
+ buffer_put_char(&b, have_sig);
+ } else {
+ buffer_put_cstring(&b, authctxt->method->name);
+ buffer_put_char(&b, have_sig);
+ buffer_put_cstring(&b, key_ssh_name(k));
+ }
buffer_put_string(&b, blob, bloblen);
/* generate signature */
@@ -681,7 +687,7 @@
#ifdef DEBUG_PK
buffer_dump(&b);
#endif
- if (datafellows & SSH_BUG_PUBKEYAUTH) {
+ if (datafellows & SSH_BUG_PKSERVICE) {
buffer_clear(&b);
buffer_append(&b, session_id2, session_id2_len);
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
@@ -689,7 +695,8 @@
buffer_put_cstring(&b, authctxt->service);
buffer_put_cstring(&b, authctxt->method->name);
buffer_put_char(&b, have_sig);
- buffer_put_cstring(&b, key_ssh_name(k));
+ if (!(datafellows & SSH_BUG_PKAUTH))
+ buffer_put_cstring(&b, key_ssh_name(k));
buffer_put_string(&b, blob, bloblen);
}
xfree(blob);