Resolve conflicts. Known issues:

- sshd fails to set TERM correctly. - privilege separation may break PAM and is currently turned off. - man pages have not yet been updated I will have these issues resolved, and privilege separation turned on by default, in time for DP2. Sponsored by: DARPA, NAI Labs
author: des <des@FreeBSD.org> 2002-06-23 16:09:08 +0000
committer: des <des@FreeBSD.org> 2002-06-23 16:09:08 +0000
commit: fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d (patch)
tree: cc93abce4a81ab84afa26d861b756d5c77818afa /crypto/openssh/sshconnect1.c
parent: e9f3540c66a76052e51a348bdd05a068d0855d3d (diff)
download: FreeBSD-src-fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d.zip
FreeBSD-src-fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d.tar.gz
1 files changed, 10 insertions, 6 deletions
diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c
index f021bec..3cb2d18 100644
--- a/crypto/openssh/sshconnect1.c
+++ b/crypto/openssh/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.48 2002/02/11 16:15:46 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.51 2002/05/23 19:24:30 markus Exp $");
 RCSID("$FreeBSD$");
 
 #include <openssl/bn.h>
@@ -460,6 +460,8 @@ try_krb4_authentication(void)
 
 		/* Get server's response. */
 		reply = packet_get_string((u_int *) &auth.length);
+		if (auth.length >= MAX_KTXT_LEN)
+			fatal("Kerberos v4: Malformed response from server");
 		memcpy(auth.dat, reply, auth.length);
 		xfree(reply);
 
@@ -844,7 +846,7 @@ try_challenge_response_authentication(void)
 			error("Permission denied, please try again.");
 		if (options.cipher == SSH_CIPHER_NONE)
 			log("WARNING: Encryption is disabled! "
-			    "Reponse will be transmitted in clear text.");
+			    "Response will be transmitted in clear text.");
 		response = read_passphrase(prompt, 0);
 		if (strcmp(response, "") == 0) {
 			xfree(response);
@@ -1091,7 +1093,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
  */
 void
 ssh_userauth1(const char *local_user, const char *server_user, char *host,
-    Key **keys, int nkeys)
+    Sensitive *sensitive)
 {
 #ifdef KRB5
 	krb5_context context = NULL;
@@ -1177,9 +1179,11 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
 	 */
 	if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) &&
 	    options.rhosts_rsa_authentication) {
-		for (i = 0; i < nkeys; i++) {
-			if (keys[i] != NULL && keys[i]->type == KEY_RSA1 &&
-			    try_rhosts_rsa_authentication(local_user, keys[i]))
+		for (i = 0; i < sensitive->nkeys; i++) {
+			if (sensitive->keys[i] != NULL &&
+			    sensitive->keys[i]->type == KEY_RSA1 &&
+			    try_rhosts_rsa_authentication(local_user,
+			    sensitive->keys[i]))
 				goto success;
 		}
 	}
author	des <des@FreeBSD.org>	2002-06-23 16:09:08 +0000
committer	des <des@FreeBSD.org>	2002-06-23 16:09:08 +0000
commit	fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d (patch)
tree	cc93abce4a81ab84afa26d861b756d5c77818afa /crypto/openssh/sshconnect1.c
parent	e9f3540c66a76052e51a348bdd05a068d0855d3d (diff)
download	FreeBSD-src-fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d.zip FreeBSD-src-fa8aa6dfe7e9aaab9f8fa1e3290e7242fc12d83d.tar.gz