*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.28 2000/11/12 19:50:38 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.30 2000/12/03 11:15:04 markus Exp $");
#include <openssl/bn.h>
#include <openssl/rsa.h>
Buffer *client_kexinit, *server_kexinit;
char *sprop[PROPOSAL_MAX];
- if (options.ciphers == NULL) {
- if (options.cipher == SSH_CIPHER_3DES) {
- options.ciphers = "3des-cbc";
- } else if (options.cipher == SSH_CIPHER_BLOWFISH) {
- options.ciphers = "blowfish-cbc";
- } else if (options.cipher == SSH_CIPHER_DES) {
- fatal("cipher DES not supported for protocol version 2");
- }
+ if (options.ciphers == (char *)-1) {
+ log("No valid ciphers for protocol version 2 given, using defaults.");
+ options.ciphers = NULL;
}
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
int ret = -1;
int have_sig = 1;
+ debug3("sign_and_send_pubkey");
if (key_to_blob(k, &blob, &bloblen) == 0) {
/* we cannot handle this key */
+ debug3("sign_and_send_pubkey: cannot handle key");
return 0;
}
/* data to be signed */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->server_user);
buffer_put_cstring(&b,
- datafellows & SSH_BUG_PUBKEYAUTH ?
+ datafellows & SSH_BUG_PKSERVICE ?
"ssh-userauth" :
authctxt->service);
- buffer_put_cstring(&b, authctxt->method->name);
- buffer_put_char(&b, have_sig);
- buffer_put_cstring(&b, key_ssh_name(k));
+ if (datafellows & SSH_BUG_PKAUTH) {
+ buffer_put_char(&b, have_sig);
+ } else {
+ buffer_put_cstring(&b, authctxt->method->name);
+ buffer_put_char(&b, have_sig);
+ buffer_put_cstring(&b, key_ssh_name(k));
+ }
buffer_put_string(&b, blob, bloblen);
/* generate signature */
#ifdef DEBUG_PK
buffer_dump(&b);
#endif
- if (datafellows & SSH_BUG_PUBKEYAUTH) {
+ if (datafellows & SSH_BUG_PKSERVICE) {
buffer_clear(&b);
buffer_append(&b, session_id2, session_id2_len);
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->service);
buffer_put_cstring(&b, authctxt->method->name);
buffer_put_char(&b, have_sig);
- buffer_put_cstring(&b, key_ssh_name(k));
+ if (!(datafellows & SSH_BUG_PKAUTH))
+ buffer_put_cstring(&b, key_ssh_name(k));
buffer_put_string(&b, blob, bloblen);
}
xfree(blob);