lib/libssh2
1
0
Fork 0
mirror of https://github.com/libssh2/libssh2.git synced 2025-10-30 12:05:34 +03:00
Code Activity

userauth_hostbased_fromfile: packet length too short

Browse Source 
The packet length calculated in src/userauth.c's
userauth_hostbased_fromfile() function is too short by 4 bytes;
it forgets to add four bytes for the length of the hostname.
This causes hostbased authentication to fail, since the server
will read junk data.

verified against proftpd's mod_sftp module
This commit is contained in:
TJ Saunders
2010-06-22 23:34:21 +02:00
committed by Daniel Stenberg
parent 7dc2bfac94
commit 04f90b2265
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/userauth.c
View File

@@ -657,14 +657,14 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session,
return rc; return rc;
/* /*
* 48 = packet_type(1) + username_len(4) + servicename_len(4) + * 52 = packet_type(1) + username_len(4) + servicename_len(4) +
* service_name(14)"ssh-connection" + authmethod_len(4) + * service_name(14)"ssh-connection" + authmethod_len(4) +
* authmethod(9)"hostbased" + method_len(4) + pubkeydata_len(4) + * authmethod(9)"hostbased" + method_len(4) + pubkeydata_len(4) +
* local_username_len(4) * hostname_len(4) + local_username_len(4)
*/ */
session->userauth_host_packet_len = session->userauth_host_packet_len =
username_len + session->userauth_host_method_len + hostname_len + username_len + session->userauth_host_method_len + hostname_len +
local_username_len + pubkeydata_len + 48; local_username_len + pubkeydata_len + 52;
/* /*
* Preallocate space for an overall length, method name again, * Preallocate space for an overall length, method name again,