search for: ssh_agent_old_signature

...ing(e->request, &blob, &blen)) != 0 || (r = sshbuf_get_string(e->request, &data, &dlen)) != 0 || (r = sshbuf_get_u32(e->request, &flags)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (flags & SSH_AGENT_OLD_SIGNATURE) compat = SSH_BUG_SIGBLOB; if ((r = sshkey_from_blob(blob, blen, &key)) != 0) { error("%s: cannot parse key blob: %s", __func__, ssh_err(r)); goto send; } However, in 7.6p1, this changed to: if ((r = sshkey_from...

I'm not on the mailing list, so I'd appreciate it if you could cc: me, though I will keep an eye on the archives. I am running openssh 2.2.0p1 on Debian GNU/Linux. I was pleased to see that 2.2.0p1 had support for DSA keys in the agent, and I have successfully used the v2 protocol to another openssh server with the agent providing authentication. I am also able to successfully connect

...,13 @@ Buffer msg; Key *key; + odatafellows = datafellows; datafellows = 0; blob = buffer_get_string(&e->request, &blen); data = buffer_get_string(&e->request, &dlen); flags = buffer_get_int(&e->request); - odatafellows = datafellows; if (flags & SSH_AGENT_OLD_SIGNATURE) datafellows = SSH_BUG_SIGBLOB;

...&flags)) != 0) > - fatal("%s: buffer error: %s", __func__, ssh_err(r)); > + (r = sshbuf_get_u32(e->request, &flags)) != 0) { > + error("%s: couldn't parse request: %s", __func__, ssh_err(r)); > + goto send; > + } > + > if (flags & SSH_AGENT_OLD_SIGNATURE) > compat = SSH_BUG_SIGBLOB; > if ((id = lookup_identity(key)) == NULL) { Thanks Damien, but I?m not sure this is a good fix. Now both cases turn into an error(), but if there is a problem reading the initial pair of strings and u32 value, you really can?t safely keep the connection open...

...blob = buffer_get_string(&e->request, &blen); - data = buffer_get_string(&e->request, &dlen); + blob = buffer_get_binary(&e->request, &blen); + data = buffer_get_binary(&e->request, &dlen); flags = buffer_get_int(&e->request); if (flags & SSH_AGENT_OLD_SIGNATURE) @@ -319,7 +319,7 @@ buffer_init(&msg); if (ok == 0) { buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE); - buffer_put_string(&msg, signature, slen); + buffer_put_binary(&msg, signature, slen); } else { buffer_put_char(&msg, SSH_AGENT_FAILURE); } @@ -354,7 +354,7 @...