mirror of
https://github.com/sheumann/telnetd.git
synced 2024-06-04 06:29:32 +00:00
Make sure the protocol actively rejects bad data rather than
(potentially) not responding to an invalid SRA 'auth is' message. git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@76696 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
This commit is contained in:
parent
e7c0163dfe
commit
74034d9846
|
@ -132,7 +132,7 @@ int cnt;
|
||||||
Session_Key skey;
|
Session_Key skey;
|
||||||
|
|
||||||
if (cnt-- < 1)
|
if (cnt-- < 1)
|
||||||
return;
|
goto bad;
|
||||||
switch (*data++) {
|
switch (*data++) {
|
||||||
|
|
||||||
case SRA_KEY:
|
case SRA_KEY:
|
||||||
|
@ -154,7 +154,7 @@ int cnt;
|
||||||
memcpy(pkb,data,HEXKEYBYTES);
|
memcpy(pkb,data,HEXKEYBYTES);
|
||||||
pkb[HEXKEYBYTES] = '\0';
|
pkb[HEXKEYBYTES] = '\0';
|
||||||
common_key(ska,pkb,&ik,&ck);
|
common_key(ska,pkb,&ik,&ck);
|
||||||
break;
|
return;
|
||||||
|
|
||||||
case SRA_USER:
|
case SRA_USER:
|
||||||
/* decode KAB(u) */
|
/* decode KAB(u) */
|
||||||
|
@ -166,7 +166,7 @@ int cnt;
|
||||||
auth_encrypt_user(user);
|
auth_encrypt_user(user);
|
||||||
Data(ap, SRA_CONTINUE, (void *)0, 0);
|
Data(ap, SRA_CONTINUE, (void *)0, 0);
|
||||||
|
|
||||||
break;
|
return;
|
||||||
|
|
||||||
case SRA_PASS:
|
case SRA_PASS:
|
||||||
if (cnt > 512) /* Attempted buffer overflow */
|
if (cnt > 512) /* Attempted buffer overflow */
|
||||||
|
@ -205,16 +205,16 @@ int cnt;
|
||||||
printf("SRA user failed\r\n");
|
printf("SRA user failed\r\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
return;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
if (auth_debug_mode)
|
if (auth_debug_mode)
|
||||||
printf("Unknown SRA option %d\r\n", data[-1]);
|
printf("Unknown SRA option %d\r\n", data[-1]);
|
||||||
Data(ap, SRA_REJECT, 0, 0);
|
|
||||||
sra_valid = 0;
|
|
||||||
auth_finished(ap, AUTH_REJECT);
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
bad:
|
||||||
|
Data(ap, SRA_REJECT, 0, 0);
|
||||||
|
sra_valid = 0;
|
||||||
|
auth_finished(ap, AUTH_REJECT);
|
||||||
}
|
}
|
||||||
|
|
||||||
extern char *getpass();
|
extern char *getpass();
|
||||||
|
|
Loading…
Reference in New Issue
Block a user