Scott Rankin
2004-Jun-25 16:45 UTC
SSH_MSG_USERAUTH_PASSWD_CHANGEREQ and 3.1.0 F-SECURE SSH - Pr oces s Software SSH for OpenVMS
Darren,> -----Original Message----- > From: Darren Tucker [mailto:dtucker at zip.com.au] > Sent: Thursday, June 17, 2004 11:08 PM > To: Scott Rankin > Subject: Re: SSH_MSG_USERAUTH_PASSWD_CHANGEREQ and 3.1.0 > F-SECURE SSH - Pr oces s Software SSH for OpenVMS > > > Scott Rankin wrote: > >>That will depend on which versions exhibit the problems. Is it > >>specific to the VMS implementation? Can the vendor tell you? > > > > I have contacted Process Software to find out which > versions exhibit > > this behavior. I have no idea whether or not it is specific > to VMS. I > > assumed so since it looks like that is all Process Software does. I > > unfortunately don't have access to an F-Secure server on UNIX. > > Actually, this VMS system is a customer so it's not even mine... > > In the past I've gotten eval copies of other commercial SSH > implementations for evaluation (ie interop testing under the terms of > their evaluation license). I checked but F-Secure's is not readily > available and I won't jump through hoops to help debug someone else's > commercial software. > > If you get a good idea of which versions exhibit the problem, > we should > be able to add the workaround.Here is a reply I received from Process Software related to this issue. " Hi Scott, I just received this information from our engineer here. "I wouldn't be surprised if the 3.2.0 code base makes it "work". I think the SSHUCX V2 probably fixes what he's seeing. " Here are the answers to your original questions: 1. Is this a known bug? Is there a patch? No to both questions above. 2. 2. Do you know the versions of F-SECURE SSH - Process Software SSH for OpenVMS that are effected? We believe that the problem with fixed with Version 2 for both. " I'm not sure what "both" they are referring to and they didn't reply when I asked. I pasted the latest incantation of this patch below. I don't know how to determine how many prior versions they (Process) have for OpenVMS (another question I asked but didn't receive a reply to) or which of these exhibit this bug (other than this 3.1.0). I would guess this string may need to specifically include OpenVMS but I'm not certain?> > --[trim signature] Cheers, scott Index: compat.c ==================================================================RCS file: /cvs/openssh/compat.c,v retrieving revision 1.70 diff -d -u -r1.70 compat.c --- compat.c 3 Nov 2003 09:09:03 -0000 1.70 +++ compat.c 22 Jun 2004 22:22:40 -0000 @@ -134,6 +134,8 @@ "1.2.22*", SSH_BUG_IGNOREMSG }, { "1.3.2*", /* F-Secure */ SSH_BUG_IGNOREMSG }, + { "3.1.0 F-SECURE*",/* Process Software SSH for OpenVMS */ + SSH_BUG_PWDCHGREQ }, { "*SSH Compatible Server*", /* Netscreen */ SSH_BUG_PASSWORDPAD }, { "*OSU_0*," Index: compat.h ==================================================================RCS file: /cvs/openssh/compat.h,v retrieving revision 1.35 diff -d -u -r1.35 compat.h --- compat.h 3 Nov 2003 09:09:03 -0000 1.35 +++ compat.h 22 Jun 2004 22:22:40 -0000 @@ -55,6 +55,7 @@ #define SSH_BUG_EXTEOF 0x00200000 #define SSH_BUG_PROBE 0x00400000 #define SSH_BUG_FIRSTKEX 0x00800000 +#define SSH_BUG_PWDCHGREQ 0x01000000 void enable_compat13(void); void enable_compat20(void); Index: sshconnect2.c ==================================================================RCS file: /cvs/openssh/sshconnect2.c,v retrieving revision 1.127 diff -d -u -r1.127 sshconnect2.c --- sshconnect2.c 15 Jun 2004 00:30:09 -0000 1.127 +++ sshconnect2.c 22 Jun 2004 22:22:43 -0000 @@ -767,11 +767,13 @@ "no authentication context"); info = packet_get_string(NULL); - lang = packet_get_string(NULL); + if (!(datafellows & SSH_BUG_PWDCHGREQ)) { + lang = packet_get_string(NULL); + xfree(lang); + } if (strlen(info) > 0) logit("%s", info); xfree(info); - xfree(lang); packet_start(SSH2_MSG_USERAUTH_REQUEST); packet_put_cstring(authctxt->server_user); packet_put_cstring(authctxt->service);
Maybe Matching Threads
Wisdom of the Ancients
