зеркало из https://github.com/github/putty.git
Add SSH-1 password camouflage bug detection for version OSU_1.4alpha3 of the
OSU VMS SSH server <http://kcgl1.eng.ohio-state.edu/~jonesd/ssh/>. The changelog appears to indicate that the server was fixed for pwplain1 at 1.5alpha4, and for IGNORE and DEBUG messages at 1.5alpha6. However I'm going to go on the reports we've had as I haven't tested this; and they indicate only that 1.5alpha6 is known not to require any bug compatibility modes. (I wasn't sure whether to add this at all, given that upgrading to version OSU_1.5alpha6 is an easy way to fix the problem. However, there is precedent for adding detection for old versions of servers which have since been fixed.) [originally from svn r3359]
This commit is contained in:
Родитель
ef14e3959a
Коммит
d534d4e104
5
ssh.c
5
ssh.c
|
@ -1780,7 +1780,8 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
|
|||
(ssh->cfg.sshbug_ignore1 == AUTO &&
|
||||
(!strcmp(imp, "1.2.18") || !strcmp(imp, "1.2.19") ||
|
||||
!strcmp(imp, "1.2.20") || !strcmp(imp, "1.2.21") ||
|
||||
!strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25")))) {
|
||||
!strcmp(imp, "1.2.22") || !strcmp(imp, "Cisco-1.25") ||
|
||||
!strcmp(imp, "OSU_1.4alpha3")))) {
|
||||
/*
|
||||
* These versions don't support SSH1_MSG_IGNORE, so we have
|
||||
* to use a different defence against password length
|
||||
|
@ -1792,7 +1793,7 @@ static void ssh_detect_bugs(Ssh ssh, char *vstring)
|
|||
|
||||
if (ssh->cfg.sshbug_plainpw1 == FORCE_ON ||
|
||||
(ssh->cfg.sshbug_plainpw1 == AUTO &&
|
||||
(!strcmp(imp, "Cisco-1.25")))) {
|
||||
(!strcmp(imp, "Cisco-1.25") || !strcmp(imp, "OSU_1.4alpha3")))) {
|
||||
/*
|
||||
* These versions need a plain password sent; they can't
|
||||
* handle having a null and a random length of data after
|
||||
|
|
Загрузка…
Ссылка в новой задаче