summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>1999-12-14 10:47:15 +1100
committerDamien Miller <djm@mindrot.org>1999-12-14 10:47:15 +1100
commita34a28bf86c04eb35c522b1e31c32e94edf355d2 (patch)
treeb048bcbc954cae87930fe287a92197abccceb1de
parentc6b3bbe2b991f4f87ca1f8214f43c13a5a73f385 (diff)
- OpenBSD CVS Changes
- [canohost.c] fix get_remote_port() and friends for sshd -i; Holger.Trapp@Informatik.TU-Chemnitz.DE - [mpaux.c] make code simpler. no need for memcpy. niels@ ok - [pty.c] namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org fix proto; markus - [ssh.1] typo; mark.baushke@solipsa.com - [channels.c ssh.c ssh.h sshd.c] type conflict for 'extern Type *options' in channels.c; dot@dotat.at - [sshconnect.c] move checking of hostkey into own function. - [version.h] OpenSSH-1.2.1
-rw-r--r--ChangeLog19
-rw-r--r--canohost.c30
-rw-r--r--channels.c20
-rw-r--r--mpaux.c12
-rw-r--r--pty.c5
-rw-r--r--ssh.16
-rw-r--r--ssh.c5
-rw-r--r--ssh.h6
-rw-r--r--sshconnect.c246
-rw-r--r--sshd.c36
-rw-r--r--version.h2
11 files changed, 229 insertions, 158 deletions
diff --git a/ChangeLog b/ChangeLog
index 28032d24..07966017 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,22 @@
+19991214
+ - OpenBSD CVS Changes
+ - [canohost.c]
+ fix get_remote_port() and friends for sshd -i;
+ Holger.Trapp@Informatik.TU-Chemnitz.DE
+ - [mpaux.c]
+ make code simpler. no need for memcpy. niels@ ok
+ - [pty.c]
+ namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org
+ fix proto; markus
+ - [ssh.1]
+ typo; mark.baushke@solipsa.com
+ - [channels.c ssh.c ssh.h sshd.c]
+ type conflict for 'extern Type *options' in channels.c; dot@dotat.at
+ - [sshconnect.c]
+ move checking of hostkey into own function.
+ - [version.h]
+ OpenSSH-1.2.1
+
19991211
- Fix compilation on systems with AFS. Reported by
aloomis@glue.umd.edu
diff --git a/canohost.c b/canohost.c
index 4209b6ab..e61628b7 100644
--- a/canohost.c
+++ b/canohost.c
@@ -14,7 +14,7 @@
*/
#include "includes.h"
-RCSID("$Id: canohost.c,v 1.4 1999/11/25 00:54:58 damien Exp $");
+RCSID("$Id: canohost.c,v 1.5 1999/12/13 23:47:15 damien Exp $");
#include "packet.h"
#include "xmalloc.h"
@@ -143,6 +143,28 @@ check_ip_options:
static char *canonical_host_name = NULL;
static char *canonical_host_ip = NULL;
+/* Returns 1 if remote host is connected via socket, 0 if not. */
+
+int
+peer_connection_is_on_socket()
+{
+ struct sockaddr_in from;
+ int fromlen;
+ int in = packet_get_connection_in();
+ int out = packet_get_connection_out();
+
+ /* filedescriptors in and out are the same, so it's a socket */
+ if (in == out)
+ return 1;
+ fromlen = sizeof(from);
+ memset(&from, 0, sizeof(from));
+ if (getpeername(in, (struct sockaddr *) & from, &fromlen) < 0)
+ return 0;
+ if (from.sin_family != AF_INET && from.sin_family != AF_INET6)
+ return 0;
+ return 1;
+}
+
/*
* Return the canonical name of the host in the other side of the current
* connection. The host name is cached, so it is efficient to call this
@@ -157,7 +179,7 @@ get_canonical_hostname()
return canonical_host_name;
/* Get the real hostname if socket; otherwise return UNKNOWN. */
- if (packet_get_connection_in() == packet_get_connection_out())
+ if (peer_connection_is_on_socket())
canonical_host_name = get_remote_hostname(packet_get_connection_in());
else
canonical_host_name = xstrdup("UNKNOWN");
@@ -181,7 +203,7 @@ get_remote_ipaddr()
return canonical_host_ip;
/* If not a socket, return UNKNOWN. */
- if (packet_get_connection_in() != packet_get_connection_out()) {
+ if (!peer_connection_is_on_socket()) {
canonical_host_ip = xstrdup("UNKNOWN");
return canonical_host_ip;
}
@@ -232,7 +254,7 @@ get_remote_port()
* If the connection is not a socket, return 65535. This is
* intentionally chosen to be an unprivileged port number.
*/
- if (packet_get_connection_in() != packet_get_connection_out())
+ if (!peer_connection_is_on_socket())
return 65535;
/* Get client socket. */
diff --git a/channels.c b/channels.c
index 328a1178..8d6d87ae 100644
--- a/channels.c
+++ b/channels.c
@@ -16,7 +16,7 @@
*/
#include "includes.h"
-RCSID("$Id: channels.c,v 1.11 1999/12/07 05:47:28 damien Exp $");
+RCSID("$Id: channels.c,v 1.12 1999/12/13 23:47:15 damien Exp $");
#include "ssh.h"
#include "packet.h"
@@ -877,11 +877,10 @@ channel_open_message()
void
channel_request_local_forwarding(u_short port, const char *host,
- u_short host_port)
+ u_short host_port, int gateway_ports)
{
int ch, sock, on = 1;
struct sockaddr_in sin;
- extern Options options;
struct linger linger;
if (strlen(host) > sizeof(channels[0].path) - 1)
@@ -895,7 +894,7 @@ channel_request_local_forwarding(u_short port, const char *host,
/* Initialize socket address. */
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
- if (options.gateway_ports == 1)
+ if (gateway_ports == 1)
sin.sin_addr.s_addr = htonl(INADDR_ANY);
else
sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
@@ -983,9 +982,11 @@ channel_input_port_forward_request(int is_root)
if (port < IPPORT_RESERVED && !is_root)
packet_disconnect("Requested forwarding of port %d but user is not root.",
port);
-
- /* Initiate forwarding. */
- channel_request_local_forwarding(port, hostname, host_port);
+ /*
+ * Initiate forwarding,
+ * bind port to localhost only (gateway ports == 0).
+ */
+ channel_request_local_forwarding(port, hostname, host_port, 0);
/* Free the argument string. */
xfree(hostname);
@@ -1116,16 +1117,15 @@ fail:
*/
char *
-x11_create_display_inet(int screen_number)
+x11_create_display_inet(int screen_number, int x11_display_offset)
{
- extern ServerOptions options;
int display_number, sock;
u_short port;
struct sockaddr_in sin;
char buf[512];
char hostname[MAXHOSTNAMELEN];
- for (display_number = options.x11_display_offset;
+ for (display_number = x11_display_offset;
display_number < MAX_DISPLAYS;
display_number++) {
port = 6000 + display_number;
diff --git a/mpaux.c b/mpaux.c
index 7bc7c13b..24e9ce13 100644
--- a/mpaux.c
+++ b/mpaux.c
@@ -15,7 +15,7 @@
*/
#include "includes.h"
-RCSID("$Id: mpaux.c,v 1.7 1999/11/24 13:26:22 damien Exp $");
+RCSID("$Id: mpaux.c,v 1.8 1999/12/13 23:47:16 damien Exp $");
#include "getput.h"
#include "xmalloc.h"
@@ -35,17 +35,17 @@ compute_session_id(unsigned char session_id[16],
BIGNUM* host_key_n,
BIGNUM* session_key_n)
{
- unsigned int host_key_bits = BN_num_bits(host_key_n);
- unsigned int session_key_bits = BN_num_bits(session_key_n);
- unsigned int bytes = (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8 + 8;
+ unsigned int host_key_bytes = BN_num_bytes(host_key_n);
+ unsigned int session_key_bytes = BN_num_bytes(session_key_n);
+ unsigned int bytes = host_key_bytes + session_key_bytes;
unsigned char *buf = xmalloc(bytes);
MD5_CTX md;
BN_bn2bin(host_key_n, buf);
- BN_bn2bin(session_key_n, buf + (host_key_bits + 7) / 8);
- memcpy(buf + (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8, cookie, 8);
+ BN_bn2bin(session_key_n, buf + host_key_bytes);
MD5_Init(&md);
MD5_Update(&md, buf, bytes);
+ MD5_Update(&md, cookie, 8);
MD5_Final(session_id, &md);
memset(buf, 0, bytes);
xfree(buf);
diff --git a/pty.c b/pty.c
index c6c7363b..f7ef19ca 100644
--- a/pty.c
+++ b/pty.c
@@ -14,8 +14,9 @@
*/
#include "includes.h"
-RCSID("$Id: pty.c,v 1.8 1999/12/08 23:16:55 damien Exp $");
+RCSID("$Id: pty.c,v 1.9 1999/12/13 23:47:16 damien Exp $");
+#include <util.h>
#include "pty.h"
#include "ssh.h"
@@ -163,7 +164,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
*ptyfd = open(buf, O_RDWR | O_NOCTTY);
if (*ptyfd < 0)
continue;
- snprintf(namebuf, sizeof namebuflen, "/dev/tty%c%c",
+ snprintf(namebuf, namebuflen, "/dev/tty%c%c",
ptymajors[i / num_minors], ptyminors[i % num_minors]);
/* Open the slave side. */
diff --git a/ssh.1 b/ssh.1
index fb504448..25e81d6d 100644
--- a/ssh.1
+++ b/ssh.1
@@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
-.\" $Id: ssh.1,v 1.11 1999/12/06 00:47:29 damien Exp $
+.\" $Id: ssh.1,v 1.12 1999/12/13 23:47:16 damien Exp $
.\"
.Dd September 25, 1999
.Dt SSH 1
@@ -351,7 +351,7 @@ per-host basis in the configuration file.
Use a non-privileged port for outgoing connections.
This can be used if your firewall does
not permit connections from privileged ports.
-Note that this option turns of
+Note that this option turns off
.Cm RhostsAuthentication
and
.Cm RhostsRSAAuthentication .
@@ -720,7 +720,7 @@ The default is
.Dq yes .
Note that setting this option to
.Dq no
-turns of
+turns off
.Cm RhostsAuthentication
and
.Cm RhostsRSAAuthentication .
diff --git a/ssh.c b/ssh.c
index c0d61f82..447878f2 100644
--- a/ssh.c
+++ b/ssh.c
@@ -11,7 +11,7 @@
*/
#include "includes.h"
-RCSID("$Id: ssh.c,v 1.13 1999/12/06 00:47:29 damien Exp $");
+RCSID("$Id: ssh.c,v 1.14 1999/12/13 23:47:16 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -732,7 +732,8 @@ main(int ac, char **av)
options.local_forwards[i].host_port);
channel_request_local_forwarding(options.local_forwards[i].port,
options.local_forwards[i].host,
- options.local_forwards[i].host_port);
+ options.local_forwards[i].host_port,
+ options.gateway_ports);
}
/* Initiate remote TCP/IP port forwardings. */
diff --git a/ssh.h b/ssh.h
index facd88a0..86780c0f 100644
--- a/ssh.h
+++ b/ssh.h
@@ -13,7 +13,7 @@
*
*/
-/* RCSID("$Id: ssh.h,v 1.19 1999/12/07 04:38:32 damien Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.20 1999/12/13 23:47:16 damien Exp $"); */
#ifndef SSH_H
#define SSH_H
@@ -589,7 +589,7 @@ char *channel_open_message(void);
*/
void
channel_request_local_forwarding(u_short port, const char *host,
- u_short remote_port);
+ u_short remote_port, int gateway_ports);
/*
* Initiate forwarding of connections to port "port" on remote host through
@@ -633,7 +633,7 @@ char *x11_create_display(int screen);
* Returns a suitable value for the DISPLAY variable, or NULL if an error
* occurs.
*/
-char *x11_create_display_inet(int screen);
+char *x11_create_display_inet(int screen, int x11_display_offset);
/*
* This is called when SSH_SMSG_X11_OPEN is received. The packet contains
diff --git a/sshconnect.c b/sshconnect.c
index e6175f11..d96f8e02 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -8,7 +8,7 @@
*/
#include "includes.h"
-RCSID("$Id: sshconnect.c,v 1.17 1999/12/07 04:38:32 damien Exp $");
+RCSID("$Id: sshconnect.c,v 1.18 1999/12/13 23:47:16 damien Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
@@ -156,8 +156,10 @@ ssh_create_socket(uid_t original_real_uid, int privileged)
fatal("rresvport: %.100s", strerror(errno));
debug("Allocated local port %d.", p);
} else {
- /* Just create an ordinary socket on arbitrary port. We
- use the user's uid to create the socket. */
+ /*
+ * Just create an ordinary socket on arbitrary port. We use
+ * the user's uid to create the socket.
+ */
temporarily_use_uid(original_real_uid);
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock < 0)
@@ -209,9 +211,11 @@ ssh_connect(const char *host, struct sockaddr_in * hostaddr,
/* No host lookup made yet. */
hp = NULL;
- /* Try to connect several times. On some machines, the first time
- will sometimes fail. In general socket code appears to behave
- quite magically on many machines. */
+ /*
+ * Try to connect several times. On some machines, the first time
+ * will sometimes fail. In general socket code appears to behave
+ * quite magically on many machines.
+ */
for (attempt = 0; attempt < connection_attempts; attempt++) {
if (attempt > 0)
debug("Trying again...");
@@ -1087,39 +1091,21 @@ read_yes_or_no(const char *prompt, int defval)
}
/*
- * Starts a dialog with the server, and authenticates the current user on the
- * server. This does not need any extra privileges. The basic connection
- * to the server must already have been established before this is called.
- * User is the remote user; if it is NULL, the current local user name will
- * be used. Anonymous indicates that no rhosts authentication will be used.
- * If login fails, this function prints an error and never returns.
- * This function does not require super-user privileges.
+ * check whether the supplied host key is valid, return only if ok.
*/
+
void
-ssh_login(int host_key_valid,
- RSA *own_host_key,
- const char *orighost,
- struct sockaddr_in *hostaddr,
- uid_t original_real_uid)
+check_host_key(char *host,
+ struct sockaddr_in *hostaddr,
+ RSA *host_key)
{
- int i, type;
- struct passwd *pw;
- BIGNUM *key;
- RSA *host_key, *file_key;
- RSA *public_key;
- int bits, rbits;
- unsigned char session_key[SSH_SESSION_KEY_LENGTH];
- const char *server_user, *local_user;
- char *cp, *host, *ip = NULL;
+ RSA *file_key;
+ char *ip = NULL;
char hostline[1000], *hostp;
- unsigned char check_bytes[8];
- unsigned int supported_ciphers, supported_authentications, protocol_flags;
HostStatus host_status;
HostStatus ip_status;
int host_ip_differ = 0;
int local = (ntohl(hostaddr->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
- int payload_len, clen, sum_len = 0;
- u_int32_t rand = 0;
/*
* Turn off check_host_ip for proxy connects, since
@@ -1131,88 +1117,14 @@ ssh_login(int host_key_valid,
if (options.check_host_ip)
ip = xstrdup(inet_ntoa(hostaddr->sin_addr));
- /* Convert the user-supplied hostname into all lowercase. */
- host = xstrdup(orighost);
- for (cp = host; *cp; cp++)
- if (isupper(*cp))
- *cp = tolower(*cp);
-
- /* Exchange protocol version identification strings with the server. */
- ssh_exchange_identification();
-
- /* Put the connection into non-blocking mode. */
- packet_set_nonblocking();
-
- /* Get local user name. Use it as server user if no user name was given. */
- pw = getpwuid(original_real_uid);
- if (!pw)
- fatal("User id %d not found from user database.", original_real_uid);
- local_user = xstrdup(pw->pw_name);
- server_user = options.user ? options.user : local_user;
-
- debug("Waiting for server public key.");
-
- /* Wait for a public key packet from the server. */
- packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY);
-
- /* Get check bytes from the packet. */
- for (i = 0; i < 8; i++)
- check_bytes[i] = packet_get_char();
-
- /* Get the public key. */
- public_key = RSA_new();
- bits = packet_get_int();/* bits */
- public_key->e = BN_new();
- packet_get_bignum(public_key->e, &clen);
- sum_len += clen;
- public_key->n = BN_new();
- packet_get_bignum(public_key->n, &clen);
- sum_len += clen;
-
- rbits = BN_num_bits(public_key->n);
- if (bits != rbits) {
- log("Warning: Server lies about size of server public key: "
- "actual size is %d bits vs. announced %d.", rbits, bits);
- log("Warning: This may be due to an old implementation of ssh.");
- }
- /* Get the host key. */
- host_key = RSA_new();
- bits = packet_get_int();/* bits */
- host_key->e = BN_new();
- packet_get_bignum(host_key->e, &clen);
- sum_len += clen;
- host_key->n = BN_new();
- packet_get_bignum(host_key->n, &clen);
- sum_len += clen;
-
- rbits = BN_num_bits(host_key->n);
- if (bits != rbits) {
- log("Warning: Server lies about size of server host key: "
- "actual size is %d bits vs. announced %d.", rbits, bits);
- log("Warning: This may be due to an old implementation of ssh.");
- }
- /* Store the host key from the known host file in here so that we
- can compare it with the key for the IP address. */
+ /*
+ * Store the host key from the known host file in here so that we can
+ * compare it with the key for the IP address.
+ */
file_key = RSA_new();
file_key->n = BN_new();
file_key->e = BN_new();
- /* Get protocol flags. */
- protocol_flags = packet_get_int();
- packet_set_protocol_flags(protocol_flags);
-
- supported_ciphers = packet_get_int();
- supported_authentications = packet_get_int();
-
- debug("Received server public key (%d bits) and host key (%d bits).",
- BN_num_bits(public_key->n), BN_num_bits(host_key->n));
-
- packet_integrity_check(payload_len,
- 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
- SSH_SMSG_PUBLIC_KEY);
-
- compute_session_id(session_id, check_bytes, host_key->n, public_key->n);
-
/*
* Check if the host key is present in the user\'s list of known
* hosts or in the systemwide list.
@@ -1372,9 +1284,121 @@ ssh_login(int host_key_valid,
*/
break;
}
-
if (options.check_host_ip)
xfree(ip);
+}
+
+/*
+ * Starts a dialog with the server, and authenticates the current user on the
+ * server. This does not need any extra privileges. The basic connection
+ * to the server must already have been established before this is called.
+ * User is the remote user; if it is NULL, the current local user name will
+ * be used. Anonymous indicates that no rhosts authentication will be used.
+ * If login fails, this function prints an error and never returns.
+ * This function does not require super-user privileges.
+ */
+void
+ssh_login(int host_key_valid,
+ RSA *own_host_key,
+ const char *orighost,
+ struct sockaddr_in *hostaddr,
+ uid_t original_real_uid)
+{
+ int i, type;
+ struct passwd *pw;
+ BIGNUM *key;
+ RSA *host_key;
+ RSA *public_key;
+ int bits, rbits;
+ unsigned char session_key[SSH_SESSION_KEY_LENGTH];
+ const char *server_user, *local_user;
+ char *host, *cp;
+ unsigned char check_bytes[8];
+ unsigned int supported_ciphers, supported_authentications;
+ unsigned int server_flags, client_flags;
+ int payload_len, clen, sum_len = 0;
+ u_int32_t rand = 0;
+
+ /* Convert the user-supplied hostname into all lowercase. */
+ host = xstrdup(orighost);
+ for (cp = host; *cp; cp++)
+ if (isupper(*cp))
+ *cp = tolower(*cp);
+
+ /* Exchange protocol version identification strings with the server. */
+ ssh_exchange_identification();
+
+ /* Put the connection into non-blocking mode. */
+ packet_set_nonblocking();
+
+ /* Get local user name. Use it as server user if no user name was given. */
+ pw = getpwuid(original_real_uid);
+ if (!pw)
+ fatal("User id %d not found from user database.", original_real_uid);
+ local_user = xstrdup(pw->pw_name);
+ server_user = options.user ? options.user : local_user;
+
+ debug("Waiting for server public key.");
+
+ /* Wait for a public key packet from the server. */
+ packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY);
+
+ /* Get check bytes from the packet. */
+ for (i = 0; i < 8; i++)
+ check_bytes[i] = packet_get_char();
+
+ /* Get the public key. */
+ public_key = RSA_new();
+ bits = packet_get_int();/* bits */
+ public_key->e = BN_new();
+ packet_get_bignum(public_key->e, &clen);
+ sum_len += clen;
+ public_key->n = BN_new();
+ packet_get_bignum(public_key->n, &clen);
+ sum_len += clen;
+
+ rbits = BN_num_bits(public_key->n);
+ if (bits != rbits) {
+ log("Warning: Server lies about size of server public key: "
+ "actual size is %d bits vs. announced %d.", rbits, bits);
+ log("Warning: This may be due to an old implementation of ssh.");
+ }
+ /* Get the host key. */
+ host_key = RSA_new();
+ bits = packet_get_int();/* bits */
+ host_key->e = BN_new();
+ packet_get_bignum(host_key->e, &clen);
+ sum_len += clen;
+ host_key->n = BN_new();
+ packet_get_bignum(host_key->n, &clen);
+ sum_len += clen;
+
+ rbits = BN_num_bits(host_key->n);
+ if (bits != rbits) {
+ log("Warning: Server lies about size of server host key: "
+ "actual size is %d bits vs. announced %d.", rbits, bits);
+ log("Warning: This may be due to an old implementation of ssh.");
+ }
+
+ /* Get protocol flags. */
+ server_flags = packet_get_int();
+ packet_set_protocol_flags(server_flags);
+
+ supported_ciphers = packet_get_int();
+ supported_authentications = packet_get_int();
+
+ debug("Received server public key (%d bits) and host key (%d bits).",
+ BN_num_bits(public_key->n), BN_num_bits(host_key->n));
+
+ packet_integrity_check(payload_len,
+ 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
+ SSH_SMSG_PUBLIC_KEY);
+
+ check_host_key(host, hostaddr, host_key);
+
+ client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN;
+
+ compute_session_id(session_id, check_bytes, host_key->n, public_key->n);
/* Generate a session key. */
arc4random_stir();
@@ -1465,7 +1489,7 @@ ssh_login(int host_key_valid,
packet_put_bignum(key);
/* Send protocol flags. */
- packet_put_int(SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN);
+ packet_put_int(client_flags);
/* Send the packet now. */
packet_send();
diff --git a/sshd.c b/sshd.c
index 55608c0a..3e9ff907 100644
--- a/sshd.c
+++ b/sshd.c
@@ -11,7 +11,7 @@
*/
#include "includes.h"
-RCSID("$Id: sshd.c,v 1.37 1999/12/08 23:31:37 damien Exp $");
+RCSID("$Id: sshd.c,v 1.38 1999/12/13 23:47:16 damien Exp $");
#include <poll.h>
@@ -960,7 +960,7 @@ do_connection()
unsigned char check_bytes[8];
char *user;
unsigned int cipher_type, auth_mask, protocol_flags;
- int plen, slen;
+ int plen, slen, ulen;
u_int32_t rand = 0;
/*
@@ -1139,11 +1139,8 @@ do_connection()
packet_read_expect(&plen, SSH_CMSG_USER);
/* Get the user name. */
- {
- int ulen;
- user = packet_get_string(&ulen);
- packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
- }
+ user = packet_get_string(&ulen);
+ packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
/* Destroy the private and public keys. They will no longer be needed. */
RSA_free(public_key);
@@ -1646,15 +1643,22 @@ do_fake_authloop(char *user)
#ifdef SKEY
int dlen;
char *password, *skeyinfo;
- if (options.password_authentication &&
- options.skey_authentication == 1 &&
- type == SSH_CMSG_AUTH_PASSWORD &&
- (password = packet_get_string(&dlen)) != NULL &&
- dlen == 5 &&
- strncasecmp(password, "s/key", 5) == 0 &&
+ /* Try to send a fake s/key challenge. */
+ if (options.skey_authentication == 1 &&
(skeyinfo = skey_fake_keyinfo(user)) != NULL) {
- /* Send a fake s/key challenge. */
- packet_send_debug(skeyinfo);
+ if (type == SSH_CMSG_AUTH_TIS) {
+ packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
+ packet_put_string(skeyinfo, strlen(skeyinfo));
+ packet_send();
+ packet_write_wait();
+ continue;
+ } else if (type == SSH_CMSG_AUTH_PASSWORD &&
+ options.password_authentication &&
+ (password = packet_get_string(&dlen)) != NULL &&
+ dlen == 5 &&
+ strncasecmp(password, "s/key", 5) == 0 ) {
+ packet_send_debug(skeyinfo);
+ }
}
#endif
if (attempt > AUTH_FAIL_MAX)
@@ -1836,7 +1840,7 @@ do_authenticated(struct passwd * pw)
screen = packet_get_int();
else
screen = 0;
- display = x11_create_display_inet(screen);
+ display = x11_create_display_inet(screen, options.x11_display_offset);
if (!display)
goto fail;
diff --git a/version.h b/version.h
index 8d2fc5c2..9c7aa2a6 100644
--- a/version.h
+++ b/version.h
@@ -1 +1 @@
-#define SSH_VERSION "OpenSSH-1.2"
+#define SSH_VERSION "OpenSSH-1.2.1"