summaryrefslogtreecommitdiffstats
path: root/crypto/openssh/sshconnect2.c
diff options
context:
space:
mode:
authorgreen <green@FreeBSD.org>2001-03-20 02:06:40 +0000
committergreen <green@FreeBSD.org>2001-03-20 02:06:40 +0000
commite1c06db9614adac5dbc0db3be048e6d3bb916b61 (patch)
treefe71e102a08e22c9c3eee0426a45576c1899fff7 /crypto/openssh/sshconnect2.c
parent67cc54d757c106c29d0172b918a9dde0ffa3bddf (diff)
downloadFreeBSD-src-e1c06db9614adac5dbc0db3be048e6d3bb916b61.zip
FreeBSD-src-e1c06db9614adac5dbc0db3be048e6d3bb916b61.tar.gz
Make password attacks based on traffic analysis harder by requiring that
"non-echoed" characters are still echoed back in a null packet, as well as pad passwords sent to not give hints to the length otherwise. Obtained from: OpenBSD
Diffstat (limited to 'crypto/openssh/sshconnect2.c')
-rw-r--r--crypto/openssh/sshconnect2.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c
index 6ba23d4..fb7bff0 100644
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@@ -23,6 +23,7 @@
*/
#include "includes.h"
+RCSID("$FreeBSD$");
RCSID("$OpenBSD: sshconnect2.c,v 1.27 2000/10/19 16:45:16 provos Exp $");
#include <openssl/bn.h>
@@ -635,7 +636,7 @@ userauth_passwd(Authctxt *authctxt)
packet_put_cstring(authctxt->service);
packet_put_cstring(authctxt->method->name);
packet_put_char(0);
- packet_put_cstring(password);
+ ssh_put_password(password);
memset(password, 0, strlen(password));
xfree(password);
packet_send();
@@ -892,7 +893,7 @@ input_userauth_info_req(int type, int plen, void *ctxt)
response = cli_prompt(prompt, echo);
- packet_put_cstring(response);
+ ssh_put_password(response);
memset(response, 0, strlen(response));
xfree(response);
xfree(prompt);
OpenPOWER on IntegriCloud