*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.60 2005/05/20 12:57:01 djm Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.62 2005/07/16 01:35:24 djm Exp $");
#include "xmalloc.h"
#include "rsa.h"
static int
auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen)
{
- int authenticated = 0;
+ int keybits, authenticated = 0;
u_int bits;
Key *client_host_key;
u_int ulen;
packet_get_bignum(client_host_key->rsa->e);
packet_get_bignum(client_host_key->rsa->n);
- if (bits != BN_num_bits(client_host_key->rsa->n)) {
+ keybits = BN_num_bits(client_host_key->rsa->n);
+ if (keybits < 0 || bits != (u_int)keybits) {
verbose("Warning: keysize mismatch for client_host_key: "
"actual %d, announced %d",
BN_num_bits(client_host_key->rsa->n), bits);
key_free(client_host_key);
snprintf(info, infolen, " ruser %.100s", client_user);
-
+
return (authenticated);
}
auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
{
char *challenge;
-
+
if ((challenge = get_challenge(authctxt)) == NULL)
return (0);
#ifdef HAVE_CYGWIN
if (authenticated &&
- !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,
+ !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,
authctxt->pw)) {
packet_disconnect("Authentication rejected for uid %d.",
authctxt->pw == NULL ? -1 : authctxt->pw->pw_uid);
size_t len;
error("Access denied for user %s by PAM account "
- "configuration", authctxt->user);
+ "configuration", authctxt->user);
len = buffer_len(&loginmsg);
buffer_append(&loginmsg, "\0", 1);
msg = buffer_ptr(&loginmsg);