diff options
author | des <des@FreeBSD.org> | 2002-06-23 16:09:08 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2002-06-23 16:09:08 +0000 |
commit | fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d (patch) | |
tree | cc93abce4a81ab84afa26d861b756d5c77818afa /crypto/openssh/sshconnect1.c | |
parent | e9f3540c66a76052e51a348bdd05a068d0855d3d (diff) | |
download | FreeBSD-src-fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d.zip FreeBSD-src-fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d.tar.gz |
Resolve conflicts. Known issues:
- sshd fails to set TERM correctly.
- privilege separation may break PAM and is currently turned off.
- man pages have not yet been updated
I will have these issues resolved, and privilege separation turned on by
default, in time for DP2.
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'crypto/openssh/sshconnect1.c')
-rw-r--r-- | crypto/openssh/sshconnect1.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c index f021bec..3cb2d18 100644 --- a/crypto/openssh/sshconnect1.c +++ b/crypto/openssh/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.48 2002/02/11 16:15:46 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.51 2002/05/23 19:24:30 markus Exp $"); RCSID("$FreeBSD$"); #include <openssl/bn.h> @@ -460,6 +460,8 @@ try_krb4_authentication(void) /* Get server's response. */ reply = packet_get_string((u_int *) &auth.length); + if (auth.length >= MAX_KTXT_LEN) + fatal("Kerberos v4: Malformed response from server"); memcpy(auth.dat, reply, auth.length); xfree(reply); @@ -844,7 +846,7 @@ try_challenge_response_authentication(void) error("Permission denied, please try again."); if (options.cipher == SSH_CIPHER_NONE) log("WARNING: Encryption is disabled! " - "Reponse will be transmitted in clear text."); + "Response will be transmitted in clear text."); response = read_passphrase(prompt, 0); if (strcmp(response, "") == 0) { xfree(response); @@ -1091,7 +1093,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) */ void ssh_userauth1(const char *local_user, const char *server_user, char *host, - Key **keys, int nkeys) + Sensitive *sensitive) { #ifdef KRB5 krb5_context context = NULL; @@ -1177,9 +1179,11 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, */ if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) && options.rhosts_rsa_authentication) { - for (i = 0; i < nkeys; i++) { - if (keys[i] != NULL && keys[i]->type == KEY_RSA1 && - try_rhosts_rsa_authentication(local_user, keys[i])) + for (i = 0; i < sensitive->nkeys; i++) { + if (sensitive->keys[i] != NULL && + sensitive->keys[i]->type == KEY_RSA1 && + try_rhosts_rsa_authentication(local_user, + sensitive->keys[i])) goto success; } } |