Apple-2gs-SW/telnetd
1
0
Fork 0
mirror of https://github.com/sheumann/telnetd.git synced 2024-06-04 06:29:32 +00:00
Code Issues Projects Releases Wiki Activity

Make sure the protocol actively rejects bad data rather than

Browse Source 
(potentially) not responding to an invalid SRA 'auth is' message.


git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@76696 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
This commit is contained in:
nsayer 2001-05-16 20:24:58 +00:00
parent e7c0163dfe
commit 74034d9846
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libtelnet/sra.c
View File

@ -132,7 +132,7 @@ int cnt;
Session_Key skey; Session_Key skey;
if (cnt-- < 1) if (cnt-- < 1)
return; goto bad;
switch (*data++) { switch (*data++) {
case SRA_KEY: case SRA_KEY:
@ -154,7 +154,7 @@ int cnt;
memcpy(pkb,data,HEXKEYBYTES); memcpy(pkb,data,HEXKEYBYTES);
pkb[HEXKEYBYTES] = '\0'; pkb[HEXKEYBYTES] = '\0';
common_key(ska,pkb,&ik,&ck); common_key(ska,pkb,&ik,&ck);
break; return;
case SRA_USER: case SRA_USER:
/* decode KAB(u) */ /* decode KAB(u) */
@ -166,7 +166,7 @@ int cnt;
auth_encrypt_user(user); auth_encrypt_user(user);
Data(ap, SRA_CONTINUE, (void *)0, 0); Data(ap, SRA_CONTINUE, (void *)0, 0);
break; return;
case SRA_PASS: case SRA_PASS:
if (cnt > 512) /* Attempted buffer overflow */ if (cnt > 512) /* Attempted buffer overflow */
@ -205,16 +205,16 @@ int cnt;
printf("SRA user failed\r\n"); printf("SRA user failed\r\n");
} }
} }
break; return;
default: default:
if (auth_debug_mode) if (auth_debug_mode)
printf("Unknown SRA option %d\r\n", data[-1]); printf("Unknown SRA option %d\r\n", data[-1]);
Data(ap, SRA_REJECT, 0, 0);
sra_valid = 0;
auth_finished(ap, AUTH_REJECT);
break;
} }
bad:
Data(ap, SRA_REJECT, 0, 0);
sra_valid = 0;
auth_finished(ap, AUTH_REJECT);
} }
extern char *getpass(); extern char *getpass();