diff options
author | nsayer <nsayer@FreeBSD.org> | 2001-05-16 20:24:58 +0000 |
---|---|---|
committer | nsayer <nsayer@FreeBSD.org> | 2001-05-16 20:24:58 +0000 |
commit | 02a47b1303f5c5b90496f1d36f977c797d9d479b (patch) | |
tree | ad3547a1612464023328b6d20290b09b53ebdda3 /crypto | |
parent | d10919aae8027c31da548db63ce102264b6d83e1 (diff) | |
download | FreeBSD-src-02a47b1303f5c5b90496f1d36f977c797d9d479b.zip FreeBSD-src-02a47b1303f5c5b90496f1d36f977c797d9d479b.tar.gz |
Make sure the protocol actively rejects bad data rather than
(potentially) not responding to an invalid SRA 'auth is' message.
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/telnet/libtelnet/sra.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/crypto/telnet/libtelnet/sra.c b/crypto/telnet/libtelnet/sra.c index a77b2f2..3f04799 100644 --- a/crypto/telnet/libtelnet/sra.c +++ b/crypto/telnet/libtelnet/sra.c @@ -132,7 +132,7 @@ int cnt; Session_Key skey; if (cnt-- < 1) - return; + goto bad; switch (*data++) { case SRA_KEY: @@ -154,7 +154,7 @@ int cnt; memcpy(pkb,data,HEXKEYBYTES); pkb[HEXKEYBYTES] = '\0'; common_key(ska,pkb,&ik,&ck); - break; + return; case SRA_USER: /* decode KAB(u) */ @@ -166,7 +166,7 @@ int cnt; auth_encrypt_user(user); Data(ap, SRA_CONTINUE, (void *)0, 0); - break; + return; case SRA_PASS: if (cnt > 512) /* Attempted buffer overflow */ @@ -205,16 +205,16 @@ int cnt; printf("SRA user failed\r\n"); } } - break; + return; default: if (auth_debug_mode) printf("Unknown SRA option %d\r\n", data[-1]); - Data(ap, SRA_REJECT, 0, 0); - sra_valid = 0; - auth_finished(ap, AUTH_REJECT); - break; } +bad: + Data(ap, SRA_REJECT, 0, 0); + sra_valid = 0; + auth_finished(ap, AUTH_REJECT); } extern char *getpass(); |