Apple-2gs-SW
/
telnetd
mirror of https://github.com/sheumann/telnetd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Make sure the protocol actively rejects bad data rather than 

(potentially) not responding to an invalid SRA 'auth is' message.


git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@76696 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
This commit is contained in:
nsayer 2001-05-16 20:24:58 +00:00
parent e7c0163dfe
commit 74034d9846
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libtelnet/sra.c
View File

@ -132,7 +132,7 @@ int cnt;
Session_Key skey;
if (cnt-- < 1)
return;
goto bad;
switch (*data++) {
case SRA_KEY:
@ -154,7 +154,7 @@ int cnt;
memcpy(pkb,data,HEXKEYBYTES);
pkb[HEXKEYBYTES] = '\0';
common_key(ska,pkb,&ik,&ck);
break;
return;
case SRA_USER:
/* decode KAB(u) */
@ -166,7 +166,7 @@ int cnt;
auth_encrypt_user(user);
Data(ap, SRA_CONTINUE, (void *)0, 0);
break;
return;
case SRA_PASS:
if (cnt > 512) /* Attempted buffer overflow */
@ -205,16 +205,16 @@ int cnt;
printf("SRA user failed\r\n");
}
}
break;
return;
default:
if (auth_debug_mode)
printf("Unknown SRA option %d\r\n", data[-1]);
Data(ap, SRA_REJECT, 0, 0);
sra_valid = 0;
auth_finished(ap, AUTH_REJECT);
break;
}
bad:
Data(ap, SRA_REJECT, 0, 0);
sra_valid = 0;
auth_finished(ap, AUTH_REJECT);
}
extern char *getpass();