userauth_hostbased_fromfile: packet length too short
The packet length calculated in src/userauth.c's userauth_hostbased_fromfile() function is too short by 4 bytes; it forgets to add four bytes for the length of the hostname. This causes hostbased authentication to fail, since the server will read junk data. verified against proftpd's mod_sftp module
This commit is contained in:
TJ Saunders
Daniel Stenberg
parent
7dc2bfac94
commit
04f90b2265
@ -657,14 +657,14 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session,
|
|||||||
return rc;
|
return rc;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* 48 = packet_type(1) + username_len(4) + servicename_len(4) +
|
* 52 = packet_type(1) + username_len(4) + servicename_len(4) +
|
||||||
* service_name(14)"ssh-connection" + authmethod_len(4) +
|
* service_name(14)"ssh-connection" + authmethod_len(4) +
|
||||||
* authmethod(9)"hostbased" + method_len(4) + pubkeydata_len(4) +
|
* authmethod(9)"hostbased" + method_len(4) + pubkeydata_len(4) +
|
||||||
* local_username_len(4)
|
* hostname_len(4) + local_username_len(4)
|
||||||
*/
|
*/
|
||||||
session->userauth_host_packet_len =
|
session->userauth_host_packet_len =
|
||||||
username_len + session->userauth_host_method_len + hostname_len +
|
username_len + session->userauth_host_method_len + hostname_len +
|
||||||
local_username_len + pubkeydata_len + 48;
|
local_username_len + pubkeydata_len + 52;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Preallocate space for an overall length, method name again,
|
* Preallocate space for an overall length, method name again,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user